Sunday, September 22, 2013

Russia Boosts Security For Sochi Olympics With Pantsir-S Systems

Six Pantsir-S short-range air defense systems have been delivered to the Russian military ahead of schedule to ensure security during the Sochi Winter Olympics in 2014, a senior defense ministry official said.

The XXII Olympic Winter Games are scheduled to take place from February 7 to 23 in the Russian Black Sea resort city of Sochi. The first Winter Olympics to be held in Russia are widely regarded as an opportunity for the country to showcase its economic achievements under President Vladimir Putin.

"We will do everything possible to accomplish the task of protecting the Russian airspace along the southern borders and to ensure security during the Winter Olympics," Maj. Gen. Viktor Gumenny, the commander of air defense troops of the Russian Air Force, said Saturday.

The general said the Pansir-S air defense systems would initially be sent to the Ashuluk firing range in southern Russia to ensure the proper training of their crews during the next two months.

The Pantsir-S is a combined gun-missile system featuring a wheeled vehicle mounting a fire-control radar and electro-optical sensor, two 30-mm cannons and up to 12 57E6 radio-command guided short-range missiles.

The system is designed to take on a variety of targets flying at low level including cruise missiles and aircraft, and can effectively engage targets at up to 20 kilometers.

The Defense Ministry has reportedly ordered 100 Pantsir-S units for Russia's Aerospace Defense Forces.

A maneuverable track-bearing variant is currently being developed by Russia's High Precision Weapons corporation, to be put in service with the Russian Ground Forces and Airborne Troops in the near future.

Source: Themoscowtimes

The iPhone 5S's Touch ID feature, which allows users to unlock the device with a fingerprint scanner, sounds cool - or annoying, depending on whom you ask - but is it any more secure than an old-fashioned passcode? Maybe, but some Berlin-based hackers are claiming to have already outsmarted the technology, just two days after it was made available to the public. A video posted to the website of the Chaos Computer Club seems to show someone registering their fingerprint with a new iPhone and then unlocking it with a piece of latex placed over that same finger.

In the accompanying announcement, the hackers explained that they took a high-resolution photo of a glass surface bearing the owner's fingerprint, cleaned up the image, and laser printed it onto a "transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, [and] breathed on to make it a tiny bit moist," like a real, clammy finger.

According to the CCC, this method has been successfully used to foil "the vast majority of fingerprint sensors on the market." While Apple's sensor does read at a higher resolution than other sensors, that just means that the hackers had to "ramp up the resolution of our fake." Robert David Graham, whose website Is Touch ID Hacked Yet? is offering at least $20,000 in cash, bitcoin, and other prizes to whoever breaks into the 5S first, told Forbes's Andy Greenberg that he is "communicating with confirm that their trick works." But, according to Greenberg, the CCC "has a reputation as one of the oldest and most well-respected group of hackers and security researchers in the world," which means it's "likely a legitimate hack." If true, it is a little embarrassing for Apple, but we're pretty sure it won't affect 5S sales, if only because the thing is available in gold.

Source: Nymag

The Inspector is an offline discovery tool, taking a network feed from a mirror port on a switch, and examining traffic for patterns matching suspicious behaviour. Trend Micro identifies this "listen-only inspection of all network traffic" as a key feature of its system as it reduces strain on devices, which can occur with in-line products and end-point security programs.

It features seven 1Gpbs network ports and an extra port solely for management. This gives a considerable amount of throughput for such a complex device, but larger networks may need to consider several device for more complete coverage, including separating the devices into different parts of the network. Multiple devices can be connected when combined with Trend Micro's management products, and results can be aggregated using the Trend Micro Deep Discovery Advisor.

The appliance itself is well stocked with standard components including redundant power supply, USB, a serial port for management and dual VGA slots for a monitor. There is space for up to six hard drives, coming with two 500Gb SATA drives running at 7200rpm. In addition, the device comes with 8GB of ram. A small LCD screen on the front displays the current IP address of the device, as well as providing access to a limited amount of configuration options.

The appliance is available for a wide set of hardware, providing the ability for the Inspector to be used in anything from small networks through to very large corporate network backbones. This also provides an option for growing networks, which would be able to connect more devices as they grown without over-covering the network or needing to dispose of smaller devices.

The Inspector focuses on three layers of analysis to perform threat discovery and analysis. The three layers are initial network level detection, sandbox simulation and finally a cross-correlation focusing on latent and evasive attacks. Together, this reflects Trend Micro's methodology-identifying suspicious activity and then honing in to discover more information as needed.

The detection component initially analyses network traffic looking for malicious behaviour. Pattern matching is performed against a researched set of threats maintained by Trend Micro through the Smart Protection Network. This is a continuously updated set of patterns, much like a traditional anti-virus product however, the patterns are designed for network level, rather than end-point level security. This allows for attacks that are spreading to be discovered instead of simply relying on endpoint protection products to pick them up. in OEM environments, if one endpoint fails to stop a threat, it can often propagate quickly as all devices are protected using the same program and configuration.

In contrast, at the network layer these fast moving threats are often easier to discover, even if they are zero-day attacks. Ultimately, a combination of the two; end-point security and network level detection, provides a robust option.

The next layer of analysis is sandbox simulation and correlation. At this level, a sandbox simulation is used to perform forensic analysis on identified threats. This level is used to reduce false positives, as well as providing more detail on the threats. These include customer-centric profiles of threats. Sandboxing is a critical task in zero-day analysis, as unknown malware cannot be easily understood without running it.

Finally, we have the cross-correlation layer, focusing on discovery of latent and evasive attacks, such as Advanced Persistent Threats (APTs) and other persistent malicious behaviour. This form of analysis looks for long term malicious trends, indicative of more passive monitoring and attacking used by APTs. The appliance also performs threat tracking, including being able to analyse specific threats in more detail.

The Inspector has the ability to perform per-device risk assessments, through its "Watch List" feature, increasing the level of monitoring for some devices. This can be used if, for example, a device has been acting weirdly; the Inspector can monitor this device more closely, with a higher degree of analysis. Additionally, more sensitive areas of the network can be analysed with a higher priority level than other parts.

The Inspector's main role is to collect data and perform analysis, with another product in the line, the Trend Micro Advisor, responsible for in-depth reporting. That said, the Inspector contains a number of reporting tools, including integration with Threat Connect, a service providing more intelligence on attacks through Trend Micro's intelligence portal. The information gathered through here includes strategies to contain the malware, as well as providing remediation advice specific to any threats discovered. This also links with signature updates for the threats, for end-point protection. In addition, the threat console provides a number of tools for visualising threats and attack behaviours. Another visualisation tool, GeoTrack, identifies the origins of malicious communication but is naturally limited to the attacking computer and not the origin of the attack. Enterprise level management of the device is available. All important events can be reported to a nominated SIEM.

The device is relatively easy to configure, with a text-based menu option available straight from the device as well as SSH and serial port options. The text based menu has some quirks, like lacking a number lock and a relatively short time-out period, which can be annoying if the administrator is reviewing documents during the set-up phase. That said, its web-based interface is well laid out and intuitive.

There are a number of widgets that display graphs of infections and exploits, allowing for a quick analysis of the health of a network. In addition, there are other widgets for graphing the geographic location of incoming attacks. Overall, this gives a great interface for showing the overall status of the network. This doesn't mean that details are lacking from the reports; comprehensive details of attacks are available, and the reporting tools contain both manager level summary style reports and low level technical information.

As mentioned earlier, this can be focused on a particular computer or network if, for example, there is a higher risk of infection in these areas. The aim of the Trend Micro Deep Discovery Inspector is data collation and attack analysis, in-depth analysis of the attacks is left to the Advisor application.

Overall, this system provides an intuitive and easy to understand method for setting up and running a sandboxing system. The three layered approach offers good coverage for testing infections. The device aggregates a substantial amount of information and the reporting options allow for a quick understanding of the health of the network.

Source: Cso

By ROBERT EVATT World Business Writer on Sep 21, 2013, at 6:58 AM Updated on 9/21/13 at 8:54 AM

Apple Inc., always the innovator, decided to double the fun with its latest iPhone release Friday. The company gave its legion of fans a chance to upgrade with the iPhone 5S, already famous for its fingerprint technology, while also reaching out to budget-conscious consumers with the 5C.

We took both for a test drive, and here's what we found:

iPhone 5S

Apple's smartphone naming system previously gave people an idea of what to expect. A higher digit? That's a major upgrade. A new letter behind the same digit? Just a series of tweaks.

The iPhone 5S throws a monkey wrench into the system. Though the phone looks nearly identical to the iPhone 5, there are enough new features to make it a much-improved experience.

I'm glad the iPhone 5S comes in gray, silver or gold, because otherwise you'd think Apple slipped last year's model in new packaging. Nearly everything about it is the same as the 5, down to the screen size, shape, weight and color borders. The only real difference is a slightly elongated flash panel and a blank home button.

Incidentally, the gold and silver models appear to be sold out in the Tulsa area.

The phone comes loaded with iOS 7, the new operating system that seeks to dazzle you with bright colors and flatness. I wrote a full review of iOS 7 two days ago, but here's the gist - besides the new look, an easily accessible Control Center gathers frequently used functions, multitasking is better, iTunes Radio gives you free streaming music, and dozens of smaller adjustments make for a significantly improved system.

Keep in mind iOS7 can be installed on the iPhone 4 and up and the iPad 2 and up, so it's not necessary to get a new device just for that.

There are three main changes reserved for the iPhone 5S.

The marquee change is a fingerprint sensor embedded into the home button that can record up to 10 digits.

Fingerprint technology has been tried before with middling results, so I kept my expectations low. I shouldn't have. The sensor is so quick and accurate that I had to keep trying it to ensure I wasn't imagining what I was seeing.

Simply place a finger on the home button, and the phone will recognize it in half a second at most and unlock. It works in any direction - I kept trying to fool the sensor by putting my finger at all kinds of different angles, but it was always recognized.

Finally, you can secure your phone without having to take the time to type in a security code. Scanning is even a little faster than the swipe-to-open method. You can also use a thumbprint rather than a password to buy apps or media - a convenience that could be a little dangerous. If fingerprint scanning isn't your thing, don't worry - you can still use security codes and an opening swipe.

Next up is a camera that proves that megapixels aren't everything. Though it's the same 8 megapixels as the 5, I consistently took better pictures on the 5S.

The secret comes in a camera lens with a larger aperture, as well as a paired white and amber flash. Rather than bathe the scene with the same light in every situation, the 5S quickly determines which of more than 1,000 combinations of the two will bring out the best color in the current light. The tradeoff is a somewhat slower shutter speed in low-light situations, but it's well worth it.

We also have a faster, 64-bit processor. That kind of improvement is frankly an unexciting prerequisite for nearly all smartphone upgrades, though it really does make a difference in the speed of app launches, data downloads and video streaming.

Smartphones are a mature technology, and we should no longer expect regular revolutions. Even so, the 5S is a more robust and interesting upgrade than we've seen from Apple in some time.

iPhone 5C

You've probably heard the joke by now - the "C" stands for "cheap."

Yes, it's true the iPhone 5C is less expensive, with the base model starting at $99. And yes, unlike the standard anodized aluminum body the others have, the iPhone 5C is plastic.

Yet it doesn't feel like a cheap phone at all.

Let's start with that plastic body. It's actually a polycarbonate plastic, similar to what you might have on a high-end appliance. It's molded handsomely and has a nice, solid feel in the hand.

Each of the five colors is bright and pleasing, plus they're paired with a specific background in the operating system when you turn it on.

Put side-by-side with the now-discontinued iPhone 5 and there are few differences in the dimensions. The 5C looks to be a few millimeters thicker and maybe a hair or two heavier, but it's not anything that's obvious

The only other real change is in the volume buttons, which are rounded rectangles rather than small circles. That tweak might prevent some cases made for the iPhone 5 from fitting perfectly.

Compared to other smartphones in the $99 range, the 16GB iPhone 5C outperforms the majority of them. But there are plenty more phones that can outperform the $199 32GB version of the 5C, and if you're an Apple fan who really needs 64GB of smartphone storage, it seems like a waste to spend $299 on the 5C when an extra $100 will get you the significantly improved 5S.

But if you're looking for the iPhone experience on a tighter budget, the 5C is a solid experience that won't leave you feeling like you're using an antique.

Original Print Headline: iPhone 5S offers robust upgrade

Source: Tulsaworld

The great Dodgers-Diamondbacks pool controversy entered its second day Friday. The short version: The D-backs are still steamed.

Arizona managing partner Ken Kendrick blasted the Dodgers for celebrating their NL West championship in the outfield swimming pool at Chase Field. Kendrick called out LA management for claiming there was misunderstanding about whether the players could be on the field after they retired to the clubhouse.

"We asked that they not return to the field from the clubhouse after their celebration so that we could clear the stands. We didn't want their fans hanging around long after the game," Kendrick told Fox Sports Arizona in a text message.

"That plan was discussed with their GM (Ned Colletti) at the beginning of the series, and he agreed. Only the Dodgers would blame us for their lack of class."

While Kendrick was taking his shots, the obligatory Twitter back-and-forth between partisans raged on.

U.S. Sen. John McCain, R-Ariz., called the Dodgers "spoiled brats," among other unpleasant things. New Dodgers reliever Brian Wilson then jabbed at McCain for losing the 2008 presidential election to Barack Obama.

Senator McComplain knows a thing or two about coming in second and watching someone take a plunge in the pool (I mean poll) #POoLITICS

- Brian Wilson (@BrianWilson38) September 20, 2013

Good times.

Source: Sportingnews