Tag Archives: According

For Sale – MSI GL72M 7RDX 844UK gaming laptop

I’ve bought this laptop for my son last week. Unfortunately according to him, is not good enough. So there we have it for sale MSI gaming laptop in perfect condition. Model number is GL72M 7RDX 844UK. Boxed, comes with the msi mouse and a charger.
Spec:
17.3″ FHD, i7 7700HQ, 8GB DDR4, 256GB M.2 SATA SSD+1TB HDD, 2GB GTX 1050, USB 3.0 Type-C, Win10
I’d prefer cash on collection or meet up with someone half way. Will reduce the price accordingly.

Price and currency: 560
Delivery: Delivery cost is included within my country
Payment method: BT, PPG
Location: Manchester
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – MSI GL72M 7RDX 844UK gaming laptop

I’ve bought this laptop for my son last week. Unfortunately according to him, is not good enough. So there we have it for sale MSI gaming laptop in perfect condition. Model number is GL72M 7RDX 844UK. Boxed, comes with the msi mouse and a charger.
Spec:
17.3″ FHD, i7 7700HQ, 8GB DDR4, 256GB M.2 SATA SSD+1TB HDD, 2GB GTX 1050, USB 3.0 Type-C, Win10
I’d prefer cash on collection or meet up with someone half way. Will reduce the price accordingly.

Price and currency: 560
Delivery: Delivery cost is included within my country
Payment method: BT, PPG
Location: Manchester
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – MSI GL72M 7RDX 844UK gaming laptop

I’ve bought this laptop for my son last week. Unfortunately according to him, is not good enough. So there we have it for sale MSI gaming laptop in perfect condition. Model number is GL72M 7RDX 844UK. Boxed, comes with the msi mouse and a charger.
Spec:
17.3″ FHD, i7 7700HQ, 8GB DDR4, 256GB M.2 SATA SSD+1TB HDD, 2GB GTX 1050, USB 3.0 Type-C, Win10
I’d prefer cash on collection or meet up with someone half way. Will reduce the price accordingly.

Price and currency: 560
Delivery: Delivery cost is included within my country
Payment method: BT, PPG
Location: Manchester
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Researchers discover Android apps spying on users’ screens

The good news, according to academic researchers, is that your phone most likely isn’t secretly listening to your conversations. The bad news is that fears of Android apps spying on users aren’t totally unfounded.

Computer science researchers at Northeastern University in Boston conducted a massive study of 17,260 Android apps from the Google Play store, as well as third-party marketplaces AppChina, Mi.com and Anzhi. The study, which was published this week in a research paper titled “Panoptispy: Characterizing Audio and Video Exfiltration from Android Applications,” found no evidence that apps were secretly enabling device microphones to record and exfiltrate audio data. However, the research team did find evidence of “several” Android apps spying on users by recording video and images of users’ screens.

“Our study reveals several alarming privacy risks in the Android app ecosystem, including apps that over-provision their media permissions and apps that share image and video data with other parties in unexpected ways, without user knowledge or consent,” the researchers wrote. “We also identify a previously unreported privacy risk that arises from third-party libraries that record and upload screenshots and videos of the screen without informing the user and without requiring any permissions.”

The research team, which used a combination of static and dynamic code analysis, didn’t specify the number of Android apps found spying on users, but the paper did say it was “few” compared to the total number of apps reviewed. “On the one hand, this is good news: a very large fraction of apps are not abusing the ability to record media,” the researchers wrote. “On the other hand, it could also indicate that our analysis missed other cases of media leaks.”

The Northeastern University team cited several examples of popular apps that engaged in unauthorized recording of users’ screens, including GoPuff, a food delivery app. The researchers discovered the app sent captured video via the internet to a domain belonging to web analytics firm Appsee, and that the video recording could include personally identifiable information such as ZIP codes. The researchers said that Appsee’s software required no permissions to record the video and did not issue notifications to users.

The researchers noted that GoPuff was notified of the issue and has since removed the Appsee SDK from its iOS and Android apps and revised its privacy policy, which previously did not disclose any recording or exfiltration of video. The researchers also notified Google, which, according to the paper, said it “took the appropriate actions.” Google Play’s privacy policy requires that app developers disclose to users how their data is collected, shared and used.

Northeastern University’s “Panoptispy” research comes as Google has increased its efforts to curb potential Android app spying. The company previewed the security features of Android P, the newest version of the mobile OS, at the Google I/O conference in May. Android P will only grant access to device sensors such as microphones and cameras to apps in the foreground, preventing potentially harmful apps from running covertly in the background and using sensors to spy on users. However, that particular feature wouldn’t prevent apps like GoPuff from performing unauthorized video exfiltration.

In other news

  • A former employee of NSO Group Technologies, an Israeli company that specializes in spyware and iPhone hacking tools, has reportedly landed in hot water. According to an indictment, Israeli authorities claim an unnamed NSO employee stole the company’s Pegasus spyware product and tried to sell it for $50 million in cryptocurrency. According to reports, the indictment states the disgruntled employee began working for NSO last year as a senior programmer and was granted access to the company’s source code. The indictment also claims the employee posed as a hacker and tried to sell the Pegasus code to other hackers on the dark web; one potential buyer notified NSO of the matter, which investigated the individual with the assistance of law enforcement.
  • Computer scientists from the University of California, Irvine, published research regarding a new attack technique they call “Thermanator,” which records thermal residue on keyboard keys to determine users’ passwords and other sensitive information such as PINs. According to the researchers, a midrange thermal imaging camera could allow threat actors to observe and record keystroke. “Results show that entire sets of key-presses can be recovered by non-expert users as late as 30 seconds after initial password entry, while partial sets can be recovered as late as 1 minute after entry,” the research paper states. While attackers would need to have a clear view of a target’s keyboard, the researchers say the Thermanator attack shows that “using external keyboards to enter (already much-maligned) passwords is even less secure than previously recognized.”
  • A newly discovered update of malware descended from an old Trojan is now equipped with a downloader that can decide whether to mine cryptocurrencies or encrypt files for ransom on victim systems. Kaspersky Lab researchers Egor Vasilenko and Orkhan Mamedov wrote that the new version of the malware, which is related to the Rakhni family of ransomware that Kaspersky Lab uncovered in 2013, checks system attributes before downloading its malicious payload, specifically looking at whether there is a folder named %AppData%Bitcoin. If the folder is present, then the downloader selects the ransomware cryptor; “If the folder doesn’t exist and the machine has more than two logical processors, the miner will be downloaded. If there’s no folder and just one logical processor, the downloader jumps to its worm component,” to continue propagating the malware locally, the researchers wrote. The cryptomining malware mines for the Monero, Monero Original and Dashcoin cryptocurrencies.

Three capabilities all leaders of innovation possess

Being a leader is never an easy job, but the job is getting harder, according to Linda Hill. To be a leader today, traditional management is not enough, you also have to help foster company-wide innovation — or risk being left in the dust.

Hill, the Wallace Brett Donham professor of business administration at the Harvard Business School and co-author of the book Collective Genius: The Art and Practice of Leading Innovation, is in a good position to know that. She and her colleagues have spent the last decade observing leaders of innovation around the globe, trying to understand what makes them successful and searching for commonalities.

Speaking to an audience of IT leaders at the recent LiveWorx event in Boston, Mass., Hill said that even though there’s a lot of research on leadership and a lot of research on innovation, there’s actually very little research that looks at the connections between the two.

In her research on leaders of innovation — studying successful people at companies like Google, HCL Technologies, Volkswagen and Pixar, to name a few — Hill and her team certainly found differences in how these people went about their work, including cultural differences, organizational differences and varying leadership styles, she said. But they also found real commonalities in what these people did and why they did it.

Whether these leaders of innovation were working at an Islamic bank in Dubai, a social enterprise in east Africa or a luxury product brand in Korea — they all championed three types of creativity that became part of their organizations’ cultures and a key to their organizations’ capacity to innovate. Hill dubbed them “creative abrasion,” “creative agility” and “creative resolution.”

Hill detailed these three capabilities and encouraged IT leaders to find ways to incorporate them into their own organizational cultures to foster innovation.

linda hill, liveworx, innovation
Leadership expert Linda Hill speaks to IT leaders at the recent LiveWorx event in Boston, Mass.

Creative abrasion

The ability to generate a marketplace of ideas through discourse and debate.

“You rarely get innovation without diversity and conflict,” Hill said.

Organizations may do brainstorming sessions in which people can say whatever is on their mind without judgment, but it can’t all be sunshine, rainbows and pleasantries. You need some abrasion and pushback to not only refine ideas but also develop a robust pipeline of ideas, Hill said.

“What you see in these [innovation-forward] organizations is people know how to inquire and they know how to actively listen, but, guess what — they also know how to advocate for their point of view,” Hill said. One of the organizations she and her team looked at actually taught their employees how to advocate for their point of view to help push creative abrasion.

Good leaders of innovation also understand that one of their key roles is to make sure that they — and everyone else — hear the minority voice, Hill said. “That does not mean you do what that minority voice says, but if you don’t know what it is, then you haven’t been doing things properly.”

Creative agility

The ability to test and refine ideas through quick pursuit, reflection and adjustment.

In order to refine your pipeline of ideas even more, Hill said you need to go through the process of actually testing it, getting feedback and making the necessary adjustments — and in a timely manner. Hill finds that many companies put in place lean startup or design thinking approaches to help organizations become better at being agile.

One of the organizations Hill observed decided not to run pilots anymore because if you run a pilot and it doesn’t work, someone or something was “wrong.” Instead, they run experiments.

“When you run an experiment, you learn something one way or the other and you move on to the next one,” Hill said. “But if you do a pilot and it doesn’t work, then usually there are politics around that. People often ignore the feedback they’re getting or somebody pays the price because it ‘failed.'”

Creating a culture that makes people feel comfortable running experiments and putting themselves out there without fear of retribution is crucial.

“So many people report feeling that they are, in fact, punished when they speak out, fail or have a misstep,” Hill said. “If that is the case, there is not enough psychological safety in that environment for you to unleash the kinds of conversations necessary to hone your ideas.”

Creative resolution

The ability to make integrative decisions.

Most innovations are really a combination of ideas; very rarely is the innovation all new, Hill said. It could be a new idea and an old idea combined to solve an old problem, or two old ideas that together solve a new problem, or some other amalgam of new and old.

“Unless you do decision-making in a way that you can actually combine ideas, you rarely get the innovative solution,” Hill said.

As a result, what Hill sees in these innovation-forward organizations is they’re very clear about who has decision-making rights, but they still do it in a more “inclusive and patient” way. By that she means they won’t allow one group to dominate. They won’t let the experts dominate — something she notes Steve Jobs was particularly worried about because he often felt that this group was the least likely to want to see change because then their expertise wouldn’t be as valuable as it was before. And these organizations don’t let the bosses dominate either.

“They will also not compromise, which is what we often do in these situations — go along to get along,” Hill said. “Instead, they will have, if you will, a fight. They will actually go through the creative abrasion process again and they will design the next experiment to get more data in order to move forward.”

Microsoft making progress on quantum computer ‘every day’

Microsoft is “all-in” on building a quantum computer and is making advancements “every day”, according to one of the company’s top experts on the technology.

Julie Love (above), Director of Quantum Computing, called the firm’s push to build the next generation of computer technology “one of the biggest disruptive bets we have made as a company”.

Quantum computing has the potential to help humans tackle some of the world’s biggest problems in areas such as materials science, chemistry, genetics, medicine and the environment. It uses the physics of qubits to create a way of computing that can work on specific kinds of problems that are impossible with today’s computers. In theory, a problem that would take today’s machines billions of years to solve could be completed by a quantum computer in minutes, hours or days.

While Microsoft has noted that no one has yet built a working quantum computer, Love said the company has the right team in place to make progress and eventually create a system and software that can tackle real-world issues. Over the past decade, Microsoft has built a team comprised of some of the greatest minds in quantum physics, mathematics, computer science and engineering. It is also working with some of the leading experts in universities across the world.

“Quantum computers could solve a set of problems that are completely intractable to humans at this time, and it could do so in 100 seconds,” she said during a speech at London Tech Week. “Microsoft’s enterprise customers are interested in changing their businesses using this technology, and we have set our sights beyond the hype cycle. We have a good understanding of what’s needed.

“Microsoft is working on the only scalable solution, one that will run seamlessly on the Azure cloud, and be much more immune to errors. The truth is that not all qubits are equal; most are inherently unstable and susceptible to error-creating noise from the environment. Our approach uses topological qubits specifically for their higher accuracy, lower cost and ability to perform long enough to solve complex real-world problems.”

Microsoft is the only major company attempting to build topological qubits, which aims to significantly reduce any interference at a subatomic level that might affect the machine. With this approach, the computational qubits will be “corrected” by the other qubits.

“When we run systems, there are trade-offs in power, because they have to be very cold. However, we get higher compute capabilities,” said Love, who started studying quantum computing in the late-1990s.

Last year, Microsoft released a Quantum Development Kit, which includes its Q# programming language for people who want to start writing applications for a quantum computer. These can be tested in Microsoft’s online simulator. Q# is designed for developers who are keen to learn how to program on these machines whether or not they are experts in the field of quantum physics.

“We have released the Quantum Development Kit so developers can learn to program a quantum computer and join us on this journey,” Love added.

Tags: , , , ,

Versa SD-WAN counts progress in customer wins, not ‘dollars’

Success in the software-defined WAN market means more than revenue, at least according to one SD-WAN exec, who backs his claim by touting the number of licenses his firm has obtained since 2012.

“While others are talking about their progress in dollars, we’ve been quietly progressing in winning service providers and enterprises and getting them under contract,” said Kelly Ahuja, CEO and president of Versa Networks, based in San Jose, Calif.

Versa counts more than 150,000 global contract licenses since the firm was founded six years ago. Versa SD-WAN customers include enterprises, as well as more than 50 service providers, including Verizon, Comcast Business, CenturyLink and China Telecom.

Yet “progress in dollars” remains a key metric, according to market watcher IHS Markit, which reported 2018 second quarter SD-WAN revenues reaching $162 million, a 12% jump from over a year ago.

The IHS Markit report ranked VeloCloud — acquired by VMware in 2017 — as segment leader, with 19% market share. Aryaka and Silver Peak trailed, recording shares of 18% and 12%, respectively.

Kelly Ahuja, CEO of Versa NetworksKelly Ahuja

Versa SD-WAN wasn’t listed in the IHS report, which included appliances and control and management software as part of the revenue numbers. But Ahuja said revenue is just one dimension of market traction, as vendor products and offerings widely vary. Versa numbers and revenue, for example, don’t include hardware, as the company is subscription only, he added.

“Our traction in terms of the number of licenses [we have] should speak for itself about how well we’re doing in the market,” Ahuja said.

Our traction in terms of the number of licenses [we have] should speak for itself about how well we’re doing in the market.
Kelly Ahujapresident and CEO of Versa Networks

Versa Networks offers three types of license tiers: standard, advanced and secure SD-WAN. The secure SD-WAN service comes with a next-generation firewall and unified threat management and accounted for about 70% of the 150,000 licenses, Ahuja added. Further, customers can purchase Versa SD-WAN licenses based on throughput requirements, which ranges depending on customer type.

“A lot of our business is business to business — to service providers that then sell to enterprises,” he said. “Their customers are typically financial, transportation, retail, hospitality and healthcare.”

Ahuja said the majority of enterprises Versa serves consists of organizations with large internal IT teams that can deploy and manage the service themselves. These include global oil and gas companies, brand-name technology vendors, retailers, and banks and financial firms such as Capital One.

Threat hunting technology is on the rise, so are threats

More companies are adopting threat hunting functions, according to a recent survey from Crowd Research Partners, but detection of advanced threats remains elusive.

Threat hunting typically involves human security analysts identifying impending incidents or attacks that automated threat detection systems may have missed. The frequency of threats and the potential damage and impact of security incidents continue to outpace the capabilities of security operations centers (SOC), Crowd Research Partners’ “2018 Threat Hunting Report” found.

Fifty-eight percent of IT security professionals said cyberthreats against their organizations had doubled during the past 12 months; only 8% indicated threats decreased. SOCs, on average, missed 39% of threats, with the majority of attacks discovered in one to seven days for 58% of organizations. The average dwell time for attackers was 30 days.

The top challenges facing SOCs, according to those surveyed, included the following:

  • detection of advanced cyberthreats — hidden, unknown and emerging threats (55%);
  • lack of skilled personnel (43%);
  • lack of confidence in threat detection technologies (36%);
  • too much time wasted on false alerts (35%);
  • slow response time to find or detect advanced threats (31%);
  • outdated SIEM and SOC infrastructure (29%); and
  • lack of proper reporting tools (28%).

In order to offset some of these challenges, the report found that approximately one-third of the organizations surveyed had outsourced threat hunting to a managed security service provider.

Crowd Research Partners conducted an online survey of more than 461 security and IT professionals in the Information Security Community group on LinkedIn. The survey features respondents from industries such as technology (17%); financial services, banking and insurance (14%); telecommunications (6%); and healthcare (5%). Government cybersecurity professionals represented 20% of those surveyed.

Mix of analysts and tools

According to the survey, 40% of respondents reported that security analysts at their organizations used threat hunting platforms, up 5 percentage points from a similar survey in 2017. Benefits ranged from improved detection of advanced threats to less time spent coordinating events. The top indicators of compromise most frequently investigated by security analysts included behavior anomalies (67%), IP addresses (58%), domain names (46%), denied or flagged connections (46%) and file names (32%).

Security operations centers had more analysts hunting in 2018, at 17%, compared with 14% in 2017. More than half, however, have five or fewer analysts in their SOCs dedicated to threat hunting, the report found.

While security operations centers at some organizations are maturing, along with a greater awareness of threat hunting, 33% of those surveyed indicated limited SOC capabilities when it came to emerging threats; 28% said their SOC was advanced; 24% reported it was compliant, but behind the curve; and only 15% said their SOC was cutting-edge. 

Companies used a variety of tools for threat hunting. The top technologies included the following:

  • next-generation firewalls, intrusion prevention systems and antivirus software (55%);
  • SIEM (50%);
  • antiphishing or other messaging security software (49%);
  • threat intelligence platforms (39%);
  • enrichment and investigation tools (34%); and
  • vulnerability management (32%).

The majority of threat hunting was performed in-house (56%). Some companies used a hybrid of in-house and service provider (22%); others outsourced threat hunting (11%). Meanwhile, 11% of survey respondents reported that their organizations did “no proactive threat hunting.”

Security analysts at 60% of the organizations said they do not currently use threat hunting platforms or techniques. However, six out of 10 organizations indicated plans to build a threat hunting program in the next three years, according to the “2018 Threat Hunting Report,” which is produced in partnership with multiple vendors.

Barriers to adoption ranged from lack of budget (45%) to untrained personnel (7%). The tools desired most often for threat hunting included threat intelligence (69%), user and entity behavior analytics (57%), automatic detection (56%), and machine learning and automated analytics (56%).

According to proponents of threat hunting programs, such as David Bianco, who served as a technology adviser for Sqrrl Data Inc., before the startup company was acquired by Amazon Web Services earlier this year, one of the benefits is security teams can take what they find and use it to improve automated detection.

Allo Sparky Single Board Computer

New Boxed Allo Sparky. According to Allo this sets the standard for SBCs to be used as audio players.
Lots of audio HATS available from Allo.
New and Boxed No PSU but uses any 5v micro usb PSU like the pi
Sparky SBC (Motherboard) – EU

Price and currency: £35
Delivery: Delivery cost is included within my country

Location: leeds
Advertised elsewhere?: Not advertised elsewhere
Prefer goods…

Allo Sparky Single Board Computer

Allo Sparky Single Board Computer

New Boxed Allo Sparky. According to Allo this sets the standard for SBCs to be used as audio players.
Lots of audio HATS available from Allo.
New and Boxed No PSU but uses any 5v micro usb PSU like the pi
Sparky SBC (Motherboard) – EU

Price and currency: £35
Delivery: Delivery cost is included within my country

Location: leeds
Advertised elsewhere?: Not advertised elsewhere
Prefer goods…

Allo Sparky Single Board Computer