Jump to content

Search the Community

Showing results for tags 'ibm'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 28 results

  1. BRUSSELS (Reuters) - U.S. tech giant International Business Machines Corp is set to secure unconditional EU approval for its $34 billion bid for software company Red Hat, people familiar with the matter said on Wednesday. IBM is seeking to expand its subscription-based software offerings via the deal, its biggest to date, to counter slowing software sales and waning demand for mainframe servers. It would also help it catch up with Amazon, Alphabet Inc and Microsoft in the fast growing cloud computing business. The European Commission, which is scheduled to decide on the deal by June 27, and IBM declined to comment. Founded in 1993, Red Hat specializes in Linux operating systems, the most popular type of open-source software and an alternative to proprietary software made by Microsoft. U.S. regulatory authorities gave the green light to the deal last month without demanding concessions. Source
  2. IBM: We've made world's most powerful commercial supercomputer French energy giant Total now has the world's 11th most powerful supercomputer in the Pangea III HPC from IBM. The IBM-built Pangea III supercomputer has come online for French energy giant Total, bringing 31.7 petaflops of processing power and 76 petabytes of storage capacity. It's now the world's most powerful supercomputer outside government-owned systems. Total's Pangea III is based on IBM's Power9 CPUs and will be used to improve and accelerate the energy company's oil and gas exploration missions, which start with crunching massive amounts of seismic data and use modeled seismic images to spot resource locations. While Pangaea III is ranked 11th overall among the world's top supercomputers, IBM boasts that Total's new supercomputer uses the "same IBM Power9 AI-optimized, high-performance architecture" as the world's two highest-performing supercomputers, Summit and Sierra, which are owned by the US Department of Energy. "[Pangea III] enables Total to reduce geological risks in exploration and development, accelerate project maturation and delivery, and increases the value of our assets through optimized field operations, with all this at lower cost," said Arnaud Breuillac, president of Total's Exploration & Production division. To build Pangea III, IBM worked with Nvidia to enhance the supercomputer with GPUs, in this case its Tesla V100 Tensor Core units, which connect with Power9 CPUs over high-speed links. The arrival of Pangea III follows Total's partnership with Google Cloud to jointly develop AI algorithms for analyzing subsurface data for oil and gas exploration and production. The pair are exploring the use of computer vision algorithms to decipher images from seismic studies and natural language processing to analyze technical documents. Total intends to use Pangea III to test its new algorithms. Total says the new algorithms and supercomputer will help it process seismic data more accurately and at a higher resolution, improving its avidity to reliably find hydrocarbons below ground, such as resources trapped under salt in Brazil, the Gulf of Mexico, Angola, and the Eastern Mediterranean. The new supercomputer will help it develop better predictive production models and improve its ability to assess the value of exploration space, allowing it to be more selective about where it extracts resources. Source
  3. IBM India to Help the Indian Government in Securing Data Servers on Cloud IBM India will reportedly offer its enterprise-grade cybersecurity solutions to help the Indian government secure its cloud servers. IBM India will reportedly offer its enterprise-grade cybersecurity solutions to help the Indian government secure its cloud servers. As chorus in India grows to safeguard key defence installations and organisations from nation-state cyber criminals, IBM with its enterprise-grade security solutions is ready to partner the government on cyber-proofing sensitive data on Cloud. According to Vikas Arora, IBM Cloud and Cognitive Software Leader, IBM India/South Asia, the company is ready with a very comprehensive portfolio of products that provides end-to-end security. "We already provide a lot of security relations to both the enterprises and the government. We are more than willing to partner with enterprises and government on the security initiatives," Arora told IANS. A new IBM-Ponemon Institute study last week revealed that nearly 79 per cent of Indian firms do not have a computer security incident response plan (CSIRP) in place that is applied consistently across operations. In the past two years, 51 per cent of Indian organisations surveyed experienced a data breach and 56 per cent experienced a cyber-security incident. "Security is no longer an IT issue. It's an issue that is being discussed, deliberated and reviewed at the board level. This is because the time it takes to resolve a cyber-attack incident has gone up in India. The cost of an incident has also gone up in India," the IBM Executive emphasised. While studies show that companies who can respond quickly and efficiently to contain a cyber-attack within 30 days save over $1 million on the total cost of a data breach on average, shortfalls in proper cyber-security incident response planning have remained consistent for several years. IBM has cyber ranges of its own that simulates incidents to better prepare for a quick and efficient response. "The focus of IBM cyber ranges is to create environment, scenarios and use cases to essentially better prepare organisations to deal with situations they have to respond to," noted Arora. Not just the government, industries across the spectrum - retail, banking automotive, telecom, manufacturing - are aiming to have a secure environment when it comes to both security and application of cognitive technologies like Artificial Intelligence (AI) and Machine Learning (ML) in perceiving real-time cyber threats. According to a recent report by the New Delhi-based Vivekananda International Foundation (VIF), India also urgently requires to enhance the cyber capabilities of its armed forces, including the operationalisation of a Defence Cyber Agency. "Whenever there is a security incident, it is not just responding it from the technology perspective. There is a PR response, there is a marketing response, there is obviously a senior-level executive response and there is a legal response. "Our cyber ranges keep all these in mind as we prepare enterprises to gauge internal and external threat intelligence and mitigate cyber threats," said Arora. Global professional services firm EY early this year announced the launch of advanced Security Operations Centres (SOCs) in India along with IBM. Part of EY's Managed Services offerings and powered by IBM's "QRadar" platform, these SOCs are designed to detect, respond and address advanced cyber-attacks and risks. "This combination will help EY customers secure their organisations more effectively," said Arora. Source
  4. IBM looks to enhance retail stores with 'Smart Mirror' technology Offline retailers face increasing competition from new-age rivals like Amazon and the Walmart-owned Flipkart. This has been the primary reason that offline retailers have been investing in their technology capabilities. Tech giant IBM is working on a technology, referred to as ‘Smart Mirror’, through which it plans to tie up with offline retailers. The company will launch the technology in fashion retail Vero Moda’s stores and is in talks with other retailers as well. Smart Mirror is expected to enhance customers’ offline shopping experience through interactive fitting rooms which will connect retailers and customers digitally. The mirror will assist customers in understanding what product features are suiting them and can recommend changes. “The plan is to convert more footfalls into actual sales at these stores,” said Kamal Singhani, managing partner, Global Business Services, IBM India and South Asia. The company is also integrating artificial intelligence into its supply chain to improve efficiency. “We are building fashion taxonomy by analysing current fashion trends from multiple sources (catalogs, articles, blogs, images, social media) and predict future fashion trends. It currently categorizes colours, print and style,” Singhani said. “The technology will bridge the gap between the customer and merchandiser, which will help in improvising the inventory for the retailer.” According to the company’s estimate, 50-60% of designs sell well while rest are marked down. Hence, with the sales data, the company looks to analyse why a particular product did not sell well and guide the designers. Offline retailers face increasing competition from new-age rivals like Amazon and the Walmart-owned Flipkart. This has been the primary reason that offline retailers have been investing in their technology capabilities. ET recently reported that Future Group has hired senior talent from online-first firms. The company is looking to build credit platform, last-mile delivery capabilities, and a rural distribution model, and is also developing its AI capabilities. According to Forrester’s Online Retail forecast, India’s ecommerce sales are expected to grow 29% annually over the next five years. Source
  5. Severe Java bugs found in IBM Watson and its components A total of five vulnerabilities affected several components of IBM Watson. One of the critical bugs (CVE-2018-2633) can allow attackers to remotely control Watson systems. Watson, IBM’s trademark artificial intelligence(AI) system, was found to be riddled with critical security vulnerabilities in its platform. The bugs were identified in the IBM Runtime Environment Java Technology Edition, which is used by Watson Explorer and Content Analytics. IBM has addressed the five vulnerabilities by providing a fix to all the affected components. The big picture The Java components with vulnerabilities were JRockit Libraries, JRockit LDAP, JRockit JNDI, and I18n. These flaws could enable attackers to steal sensitive information, conduct denial of service attacks and have control over the infected systems. They are designated as CVE-2018-2579, CVE-2018-2588, CVE-2018-2602, CVE-2018-2603, and CVE-2018-2633. CVE-2018-2633 was the most severe among the identified vulnerabilities, which would allow cybercriminals to completely take over Watson. “An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit JNDI component could allow an unauthenticated attacker to take control of the system.” described the bulletin. Altogether, 18 IBM Watson products were discovered to be affected. Update published Following the disclosure of the security flaws, IBM released updates for the affected components. Users are advised to upgrade to the required version of IBM Java Runtime to remediate the five vulnerabilities. All these flaws were actually addressed in the Oracle January 2018 advisory but still impacted IBM Watson due to lack of a fix until now. Regarding the affected products, Watson Explorer Foundational Components and Watson Explorer Analytical Components versions formed the major chunk. Source
  6. IBM sends Blockchain World Wire for global payments into limited production Big Blue's latest blockchain play sees cross-border payments being sent via digital tokens in near real-time. How IBM Blockchain World Wire works (Image: IBM) IBM has announced that its blockchain-based global payments network has been sent into limited production, with the company touting it as the "new financial rail" that clears and settles cross-border payments in near real-time. IBM Blockchain World Wire, Big Blue claims, is the first blockchain-based network that integrates payment messaging, clearing, and settlement on a single network. "The concept of money is 2,000 years old. The world has been using the same network to process financial transactions for 50 years. And even though globalisation has changed the world, payment fees and other financial barriers remain the same. But now there's a new way to move money," the company pitches. "We've created a new type of payment network designed to accelerate remittances and transform cross-border payments to facilitate the movement of money in countries that need it most," IBM Blockchain general manager Marie Wieck added. "By creating a network where financial institutions support multiple digital assets, we expect to spur innovation and improve financial inclusion worldwide." World Wire uses the Stellar protocol -- an open-source, decentralised protocol for digital currency to fiat currency transfer -- to transmit monetary value in the form of digital currency. The blockchain-based network will support settlement using Stellar Lumens (XLM) and the US dollar stable coin through IBM's existing partnership with Stronghold. IBM said that pending regulatory approvals and other reviews, six international banks, including Banco Bradesco, Bank Busan, and Rizal Commercial Banking Corporation (RCBC), have signed letters of intent to issue their own stable coins on World Wire. If successful, this will see the addition of the euro, Korean won, Brazilian real, Indonesian rupiah, and Philippine peso stable coins to the network. According to IBM, World Wire has enabled payment locations in 72 countries, with 47 currencies and 44 banking endpoints. "Local regulations will continue to guide activation, and IBM is actively growing the network with additional financial institutions globally," the company said. Source
  7. Symantec partners with IBM, Microsoft and others to cut cyber security cost San Francisco: California-headquartered global cybersecurity company Symantec said it had forged partnerships with 120 companies including Amazon Web Services (AWS), IBMSecurity, Microsoft and Oracle among others to drive down the cost and complexity of cyber security. The enterprise partners are now building or delivering more than 250 products and services that integrate with Symantec's Integrated Cyber Defense (ICD) Platform, the company said on Wednesday. Symantec's ICD Platform provides a unified framework for information protection, threat protection, identity management and compliance across endpoints, networks, applications and clouds. "There's a seismic shift happening in cyber security," Art Gilliland, Executive Vice President and General Manager, Enterprise Products, Symantec, said in a statement. "The old way of fighting cyber-attacks using fragmented tools has become too complex and expensive to manage. Integrated platforms are the future," Gilliland added. Symantec started building ICD two and a half years ago with its acquisition of Blue Coat Systems, which added web and Cloud security technologies to Symantec's endpoint, email and data loss prevention (DLP) technologies. Source
  8. IBM sets forth with a strong cybersecurity message IBM has a strong cybersecurity message, but there's a gap between IBM security and its corporate vision. If IBM can bridge this gap, it can carve out a unique market position. Stephen Lawson/IDG I just got back from attending IBM Think in San Francisco. Though it was a quick trip across the country, I was inundated with IBM’s vision, covering topics from A (i.e. artificial intelligence) to Z (i.e. System Z) and everything in between. Despite the wide-ranging discussion, IBM’s main focus was on three areas: 1) hybrid cloud, 2) advanced analytics, and 3) security. For example, IBM’s hybrid cloud discussion centered on digital transformation and leaned heavily on its Red Hat acquisition, while advanced analytics included artificial intelligence (AI), cognitive computing (Watson), neural networks, etc. To demonstrate its capabilities in these areas, IBM paraded out customers such as Geico, Hyundai Credit Corporation, and Santander Bank, who are betting on IBM for game-changing digital transformation projects. [ Keep up with 8 hot cyber security trends (and 4 going cold). | Sign up for CSO newsletters. ] IBM's cybersecurity plans As for cybersecurity, here are a few of my take-aways about IBM's plans: Not surprisingly, IBM is all-in on cybersecurity services, which now account for more than 50 percent of its cybersecurity revenue. According to ESG research (and lots of other industry sources), cybersecurity services growth will continue to outpace products due to the global cybersecurity skills shortage. (Note: I am an employee of ESG.) IBM is banking on this trend by adding staff, investing in backend systems and processes, and rolling out new service offerings. For example, IBM is working with partners on a managed services program where local partners benefit from IBM’s global resources, analytics, and threat intelligence. Overall, IBM has a unique opportunity to separate itself from the pack and could become the de facto enterprise cybersecurity services leader. Most cybersecurity professionals think of IBM QRadar as a SIEM, competing with the likes of ArcSight, LogRhythm, and Splunk. While this perspective is true, it minimizes its value. QRadar is really a security operations and analytics platform architecture (SOAPA). Customers can use QRadar as a security operations nexus, adding functionality such as network traffic analysis (NTA), vulnerability management (VM), and user behavior analytics (UBA) to the core system. What’s more, QRadar offers several helper applications, such as DNS analytics, most of which are free. Finally, QRadar has thousands of customers around the world. IBM has some work ahead here – it needs to gain cybersecurity street cred by marketing QRadar as a SOAPA offering and global cybersecurity community, rather than a plain old SIEM. IBM is embracing security “from the cloud.” For example, QRadar on cloud (QROC) revenue grew over 20 percent, demonstrating that customers want the value of QRadar without the infrastructure baggage of on-premises collectors, databases, servers, etc. IBM is also poised to roll out its IBM Security Connected (ICS) platform in Q2. In keeping with its minimalist communications, IBM hasn’t trumpeted the ICS initiative, but in my humble opinion, it represents a major change in direction. For ICS, IBM rewrote its security applications as microservices to build a foundation of cloud integration and scale. Thus, ICS applications will grow from discrete SaaS offerings to an integrated cloud-scale cybersecurity architecture over time. Oh, and ICS will come with lots of services options for everything from staff augmentation to outsourcing. ICS has the potential to be a big deal for overwhelmed CISOs with global responsibilities and the need for massive cybersecurity scale. Resilient is an enterprise-class security operations platform. When IBM acquired Resilient Systems a few years ago, it gained a technology leader but sort of ceded the SOAR buzz to other vendors. This is a shame. Resilient may require a bit more work than some of its competitors, but I find that customers are using Resilient to re-architect their security operations processes and establish real and measurable security operations metrics. To me, this is where security operations platforms must go – beyond quick automation and orchestration wins to anchoring security process re-engineering. 4 ways IBM can improve its cybersecurity game IBM’s security portfolio is pretty solid, and the company seems to be more energized than in the past. After attending IBM Think, I do have a few cybersecurity recommendations for folks in Armonk and Cambridge, Massachusetts: While IBM Think has a strong hybrid cloud theme, the IBM security hybrid cloud story remains disjointed – an identity story here, a data security story there, etc. This leads to IBM being outflanked by cloud-savvy security startups. IBM needs a cohesive, tightly integrated product offering and messaging framework here. IBM’s risk management services are solid but somewhat hidden. According to recent ESG research, there is a growing cyber risk management gap between what business executives need and what cybersecurity professionals can deliver. Given its industry knowledge and relationships, IBM should be doing more in the cyber risk management space – at the product and services level. Closely related to #2, cybersecurity is truly a boardroom-level issue – especially for traditional IBM customers. I find that there is a disconnect between IBM’s corporate focus on digital transformation, industry solutions, and hybrid clouds and its cybersecurity go-to-market, which remains centered within the bits and bytes. Again, IBM is in a unique position to figure out a more top-down approach (i.e. from the business down to the technology) and deliver business-centric cybersecurity solutions to customers. IBM spent millions of dollars on a Watson for a cybersecurity advertising campaign, but few cybersecurity professionals have a clue about what Watson for cybersecurity is. The suits in Armonk should pump the advertising brakes and dedicate more toward market education by working with professional organizations such as ISSA, ISC2, SANS, the Infosec Institute, etc. In general, Armonk must understand that the IBM brand is a marketing obstacle when competing for mindshare with vendors like CrowdStrike, FireEye, Palo Alto Networks, etc. Thus, IBM security must work harder and smarter to get the word out. Many thanks to IBM for hosting me in San Francisco this week. I’ll be back at the Moscone Center for RSA in the blink of an eye. Source
  9. IBM Warns of Apple Siri Shortcut Scareware Risk "Hey Siri" is supposed to be a voice command that enables Apple's digital assistant, but in the wrong hands the new Siri Shortcuts feature could potentially be abused by an attacker. Apple's Siri voice assistant is intended to help users, but according to new research published by IBM on Jan. 31, attackers could potentially abuse the Siri Shortcuts feature. Apple introduced Siri Shortcuts with iOS 12, enabling users and developers to use Siri to automate a series of tasks. IBM's X-Force security division discovered that it is possible to use a Siri Shortcut for malicious purposes, including tricking a user into paying a fee to avoid having his or her information stolen in an attack known as scareware. In a proof-of-concept Siri Shortcuts scareware attack developed by IBM, a malicious shortcut is able to read information from an iOS device and then demand a fee from the user, all with the native Siri voice. "IBM X-Force has not seen evidence of attacks carried out using this method, but we developed the proof of concept to warn users of the potential dangers," John Kuhn, senior security threat researcher for IBM X-Force IRIS, told eWEEK. The IBM disclosure of the Siri Shortcuts risk comes during a particularly challenging week for Apple as the company struggles to deal with a critical FaceTime vulnerability that could enable an attacker to eavesdrop on an unsuspecting user. Unlike the FaceTime vulnerability, however, the Siri Shortcuts issue is not an explicit vulnerability in Apple's technology. "IBM X-Force conducted all of the research using native functionality of the Shortcuts app, so no exploitation of vulnerabilities was needed," Kuhn said. "We highly suggest that every user reviews Shortcuts before adding them to their devices." Kuhn added that IBM worked with Apple since the initial research discovery to share all the details. How It Works Siri Shortcuts provides powerful capabilities to users and developers. IBM's concern is that a hacker could abuse that power and trick a user with scareware. There is also the potential, according to IBM, for a Siri Shortcut to be configured to spread to other devices by messaging everyone on the victim’s contact list, expanding the impact of an attack. "Siri Shortcuts gives native capability to potentially send messages to contacts if the appropriate permissions are enabled," Kuhn said. "In theory, this could be manipulated by an attacker to spread a link to other contacts." There are, however, several caveats before a Siri Shortcut attack can spread. Kuhn noted that such an attack would require each user to install and run the Shortcut, which is more reminiscent of malware that uses email to propagate. The Siri Shortcut risk is also not a "drive-by" risk—that is, it isn't something that a user can get simply by visiting a malicious site. The user must install the Siri Shortcuts app as well as the malicious shortcut, he said. However, he noted that attackers could easily entice users to do so by socially engineering the intended victim. "This tactic is commonly used by attackers to get victims to install malware via email phishing attempts," Kuhn said. "Basically, the attacker needs to offer anything enticing enough to get the user to comply with installing an otherwise suspect piece of software." In terms of what data Siri Shortcuts is able to access and then send to an attacker, there are limits in place by default. "Siri Shortcuts does allow access to some system files on the phone. However, it does not allow access files with PII [personally identifiable information] as far as our research has determined," Kuhn said. "Siri Shortcuts does have native functionality to give the victim's physical address, IP address, photos, videos and more." So what should Apple users do? IBM suggests that users be careful when downloading third-party Siri Shortcuts and only install from a trusted source. IBM also suggests that users be mindful when running a Siri Shortcut and only enable actions that are needed. Source
  10. Meet IBM's bleeding edge of quantum computing With the Q System One, the tech titan's grand promise of super-powerful computing takes a big step forward. The Q System One model at the CES 2019 tech show. Sarah Tew/CNET The IBM Q System One model doesn't look like a computer. It looks like a conceptual art series of plates being held together with fishing lines suspended from a ceiling. The whole contraption is encased in half-inch-thick glass created by Milan-based Goppion, which made the protective displays for the Mona Lisa and the Crown Jewels. Bob Sutor, an IBM veteran who leads the Q System One team, directed me to look at the bottom of this quantum computer -- an experimental machine with potentially massive computing power -- where there was a tiny silver rectangle in the middle of a tangle of golden wires. That's the home of the machine's quantum bits, or qubits, which are tiny, fragile particles that make the whole system work. I asked him how much such a computer costs. He declined to say, adding: "It's not lunch." We were standing in the middle of the Las Vegas Convention Center during the CEStech show earlier this month. A jostling crowd around us angled to snag pictures of the model. IBM was at the show to publicly present this replica of the Q System One, its first quantum computer that fits into one neat package. Past designs were more like "backroom experiments," Sutor said, with jumbles of components strewn about a room. The real Q System One was completed in November and is in IBM's Yorktown Heights, New York, offices. The machine represents a big step toward quantum computingbecoming a commercial reality, after IBM has toiled for decades with the computing concept. Inside a quantum computer is one of the coldest places on Earth. Bob Sutor, IBM Creating a fully functional system makes quantum computers more reliable and easier to upgrade. Beyond those practical uses, these computers have the potential to create more effective antibiotics, help scientists better understand chemistry and nature and improve power grids. The machines could do that by providing businesses and scientists the ability to crunch extremely complex calculations that can't be digested by classical computers. But beyond that hype, there's years more work to do to prove quantum computers are up to the task. Also, it's possible a different type of computer will lead to the next breakthroughs, instead of quantum designs. "That's a big step, but it's one step in a journey that's 1,000 miles long." Brian Hopkins, a Forrester analyst focused on quantum computers, said of the new Q System One. Super cold computing In a classical computer, data is crunched by processing bits, designated as either 0 or 1. In quantum computing, qubits are used instead. These qubits have more complex properties that allow them to become combinations of 0 and 1 at the same time and also to interact with each other. Bob Sutor standing by the quantum computer model. Sarah Tew/CNET With each additional qubit that's added, the amount of information a quantum computer can hold doubles. That capability may help a quantum computer become a far more powerful way to process certain kinds of problems that classical computers can't handle. Using these qubits could help scientists unlock ways of developing new medicines at the molecular level or creating stronger security codes or processing the mountains of data being created at CERN's Large Hadron Collider. The Q System One currently uses 20 qubits. "By the time you get up to around 280 [qubits], that number -- two to the 280th power -- is approximately the number of atoms in the observable universe," Sutor said, offering a hint at just how powerful these computers may someday become. Seeing the potential of these computers, startups such as Rigetti and D-Wave, and the research arms of Microsoft, Intel and Google are developing quantum computing, too. IBM has also partnered with ExxonMobil, Daimler, Samsung, Barclays and major corporations to kick the tires on what's possible with its quantum computers. But using quantum computers is an excruciatingly delicate task. The Q System One's thick glass housing is used to cut down on vibrations and radiation, and helps keep the computer at near absolute zero. Inside the real computer in New York, quick blasts of super-cold air are used to keep the qubits inside at 10 millikelvins, colder than outer space. "So inside a quantum computer is one of the coldest places on Earth," said Sutor, 60, whose 6-foot-4 frame, graying beard, deep voice and cheery disposition give him the air of an IBM Santa Claus. That extreme cold and thick glass are needed to protect the qubits inside the machine, which are so fragile that a single photon of light or a rap of someone's knuckles could destroy their computation, Sutor said. Because these machines are so delicate, any future quantum computing will likely be done over the internet to allow IBM to carefully maintain the machines at its own facilities. A long way to go To be sure, the promise of quantum computers remains just that -- promise, and not yet reality. "Quantum computers are not a magical solution for all problems that classical computers can't solve," Forrester's Hopkins said. "They are a potential solution for some of the problems that classical computers can't solve." He added that the tech industry today is in the middle of discovering what quantum computers can do. Answering those questions will take a few more years, and achieving the ultimate promise of quantum computers could take a decade or two, Hopkins said. But thanks to the new Q System One, researchers and the general public now have a notable milestone by which to judge the advance of quantum computing. That system will help cut down on upgrade times for these machines to hours or days, instead of days or weeks. It should also make it easier for IBM to build more of these machines to support a future quantum computing business. "We set out to build something which was highly functional, but beautiful," Sutor said, "and would give us a way to look at what we were doing in the future." Sutor wasn't under any misconceptions that his work is nearly finished. When I asked him what the next steps are for his project, he said: "What do we have to do? Everything." Source
  11. At CES, IBM today announced its first commercial quantum computer for use outside of the lab. The 20-qubit system combines into a single package the quantum and classical computing parts it takes to use a machine like this for research and business applications. That package, the IBM Q system, is still huge, of course, but it includes everything a company would need to get started with its quantum computing experiments, including all the machinery necessary to cool the quantum computing hardware. While IBM describes it as the first fully integrated universal quantum computing system designed for scientific and commercial use, it’s worth stressing that a 20-qubit machine is nowhere near powerful enough for most of the commercial applications that people envision for a quantum computer with more qubits — and qubits that are useful for more than 100 microseconds. It’s no surprise then, that IBM stresses that this is a first attempt and that the systems are “designed to one day tackle problems that are currently seen as too complex and exponential in nature for classical systems to handle.” Right now, we’re not quite there yet, but the company also notes that these systems are upgradable (and easy to maintain). “The IBM Q System One is a major step forward in the commercialization of quantum computing,” said Arvind Krishna, senior vice president of Hybrid Cloud and director of IBM Research. “This new system is critical in expanding quantum computing beyond the walls of the research lab as we work to develop practical quantum applications for business and science.” More than anything, though, IBM seems to be proud of the design of the Q systems. In a move that harkens back to Cray’s supercomputers with its expensive couches, IBM worked with design studios Map Project Office and Universal Design Studio, as well Goppion, the company that has built, among other things, the display cases that house the U.K.’s crown jewels and the Mona Lisa. IBM clearly thinks of the Q system as a piece of art and, indeed, the final result is quite stunning. It’s a nine-foot-tall and nine-foot-wide airtight box, with the quantum computing chandelier hanging in the middle, with all of the parts neatly hidden away. If you want to buy yourself a quantum computer, you’ll have to work with IBM, though. It won’t be available with free two-day shipping on Amazon anytime soon. In related news, IBM also announced the IBM Q Network, a partnership with ExxonMobil and research labs like CERN and Fermilab that aims to build a community that brings together the business and research interests to explore use cases for quantum computing. The organizations that partner with IBM will get access to its quantum software and cloud-based quantum computing systems. Source
  12. HPE and IBM were attacked by hackers working on behalf of the Chinese government, multiple sources have claimed. News of the attack, thought to be part of a long-running campaign known as Cloudhopper, was reported to Reuters by five sources, and targeted secrets both the tech giants themselves and their customers. Cloudhopper targets the companies known as managed service providers (MSPs) tasked by the likes of IBM and HPE with managing their IT operations remotely. The attack was able to successfully target the MSPs used by IBM and HPE to gain access to their client networks, and then steal customer information. The MSPs targeted by the attack have not been named, but could cover a range of roles with either firm, from networking to hardware such as servers or storage. Cloudhopper Reuters' sources have claimed that other major technology firms could also have been affected, as Cloudhopper has been in operation for several years. Neither HPE nor IBM have commented on the specific details of the attack, but did provide statements. “IBM has been aware of the reported attacks and already has taken extensive counter-measures worldwide as part of our continuous efforts to protect the company and our clients against constantly evolving threats,” IBM said. “We take responsible stewardship of client data very seriously, and have no evidence that sensitive IBM or client data has been compromised by this threat.” HPE noted that it had spun out its MSP operations to form a new business, DXC Technology, as part of the 2017 merger with Computer Sciences Corp. “The security of HPE customer data is our top priority,” HPE said. “We are unable to comment on the specific details described in the indictment, but HPE’s managed services provider business moved to DXC Technology in connection with HPE’s divestiture of its Enterprise Services business in 2017.” source
  13. By Joey Sneddon Wondering what Mark Shuttleworth thinks about IBM buying Red Hat? Well, wonder no more. The Ubuntu founder has shared his thoughts on IBM’s game-changing purchase in a short but pointed blog post. And, few of you will be surprised to learn, the space-faring free-software fan thinks the deal marks a “significant moment in the progression of open source to the mainstream”. And rightly so: there was a time when open source was viewed as the outside option. Now, thanks to companies like Red Hat and Canonical, it’s the de-facto option. Naturally Shuttleworth is also feeling bullish about Ubuntu’s position as a Red Hat rival, particularly in the area of cloud computing (the main market motivator behind IBM’s $34 billion buy). And, he adds, the world has moved on — even from Red Hat. “The decline in RHEL growth contrasted with the acceleration in Linux more broadly is a strong market indicator of the next wave of open source,” he writes. “Public cloud workloads have largely avoided RHEL. Container workloads even more so. Moving at the speed of developers means embracing open source in ways that have led the world’s largest companies, the world’s fastest moving startups, and those who believe that security and velocity are best solved together, to Ubuntu.” Shuttleworth says theres an ‘accelerated momentum’ behind Ubuntu within the enterprise space, in all areas, from IoT, public cloud and Kubernetes to machine learning and AI — all sectors IBM and Red Hat will be hoping its combined clout can carve more marketshare from. Companies aren’t just using Ubuntu. They’re choosing Ubuntu. It’s a confidence that won’t be knocked by IBM’s deal: “We are determined that Ubuntu is judged as the world’s most secure, most cost-effective and most faithful vehicle for open source initiatives. We look forward to helping [companies…] deliver the innovation on which their future growth depends.” While Mark Shuttleworth’s statement doesn’t strictly relate to desktop matters (the primary focus of this site) his take is worth hearing all the same. It’s reassuring to know that far from being intimated or downbeat about the biggest deal in open-source history, they feel Ubuntu still has plenty to offer. In a game of who can be the biggest, best and most bountiful open-source software company, can the wider FOSS community ever lose? Source
  14. steven36

    IBM’s Old Playbook

    The best way to understand how it is Red Hat built a multi-billion dollar business off of open source software is to start with IBM. Founder Bob Young explained at the All Things Open conference in 2014: Yesterday Young’s story came full circle when IBM bought Red Hat for $34 billion, a 60% premium over Red Hat’s Friday closing price. IBM is hoping it too to can come full circle: recapture Gerstner’s magic, which depended not only on his insight about services, but also a secular shift in enterprise computing. How Gerstner Transformed IBM I’ve written previously about Gerstner’s IBM turnaround in the context of Satya Nadella’s attempt to do the same at Microsoft, and Gerstner’s insight that while culture is extremely difficult to change, it is impossible to change nature. From Microsoft’s Monopoly Hangover: A strategy predicated on providing solutions, though, needs a problem, and the other thing that made Gerstner’s turnaround possible was the Internet. By the mid-1990s businesses were faced with a completely new set of technologies that were nominally similar to their IT projects of the last fifteen years, but in fact completely different. Gerstner described the problem/opportunity in Who Says Elephants Can’t Dance: Those of you my age or older surely remember what soon became IBM’s ubiquitous ‘e’: IBM went on to spend over $5 billion marketing “e-business”, an investment Gerstner called “one of the finest jobs of brand positions I’ve seen in my career.” It worked because it was true: large enterprises, most of which had only ever interacted with customers indirectly through a long chain of wholesalers and distributors and retailers suddenly had the capability — the responsibility, even — of interacting with end users directly. This could be as simple as a website, or e-commerce, or customer support, not to mention the ability to tap into all of the other parts of the value chain in real-time. The technology challenges and the business possibilities — the problem set, if you will — were immense, and Gerstner positioned IBM as the company that could solve these new problems. It was an attractive proposition for nearly all non-tech companies: the challenge with the Internet in the 1990s was that the underlying technologies were so varied and quite immature; different problem spaces had different companies hawking products, many of them startups with no experience working with large enterprises, and even if they had better products no IT department wanted to manage and integrate a multitude of vendors. IBM, on the other hand, offered the proverbial “one throat to choke”; they promised to solve all of the problems associated with this new-fangled Internet stuff, and besides, IT departments were familiar and comfortable with IBM. It was also a strategy that made sense in its potential to squeeze profit out of the value chain: \ The actual technologies underlying the Internet were open and commoditized, which meant IBM could form a point of integration and extract profits, which is exactly what happened: IBM’s revenue and growth increased steadily — often rapidly! — over the next decade, as the company managed everything from datacenters to internal networks to external websites to e-commerce operations to all the middleware that tied it together (made by IBM, naturally, which was where the company made most of its profits). IBM took care of everything, slowly locking its customers in, and once again grew fat and lazy. When IBM Lost the Cloud In the final paragraph of Who Says Elephants Can’t Dance? Gerstner wrote of his successor Sam Palmisano: Palmisano failed miserably, and there is no greater example than his 2010 announcement of the company’s 2015 Roadmap, which was centered around a promise of delivering $20/share in profit by 2015. Palmisano said at the time: Amazon Web Services, meanwhile, had launched a full four years and two months before Palmisano’s declaration; it was the height of folly to not simply mock the idea of the cloud, but to commit to a profit number in the face of an existential threat that was predicated on spending absolutely massive amounts of money on infrastructure. Gerstner identified exactly what it was that Palmisano got wrong: he was “inward-looking and self-absorbed” such that he couldn’t imagine an enterprise solution better than IBM’s customized solutions. That, though, was to miss the point. As I wrote in a Daily Update back in 2014 when the company formally abandoned the 2015 profit goal: The company has spent the years since then claiming it is committed to catching up in the public cloud, but the truth is that Palmisano sealed the company’s cloud fate when he failed to invest a decade ago; indeed, one of the most important takeaways from the Red Hat acquisition is the admission that IBM’s public cloud efforts are effectively dead. IBM’s Struggles So what precisely is the point of IBM acquiring Red Hat, and what if anything does it have to do with Lou Gerstner? Well first off, IBM hasn’t been doing very well for quite some time now: last year’s annual revenue was the lowest since 1997, part-way through Gerstner’s transformation; of course, as this ZDNet article from whence this graph comes points out, $79 billion in 1997 is $120 billion today. The company did finally return to growth earlier this year after 22 straight quarters of decline, only to decline again last quarter: IBM’s ancient mainframe business was up 2%, and its traditional services business, up 3%, but Technology Services and Cloud Platforms were flat, and Cognitive Solutions (i.e. Watson) was down 5%. Meanwhile, the aformentioned commitment to the cloud has mostly been an accounting fiction derived from re-classifying existing businesses; the more pertinent number is the company’s capital expenditures, which in 2017 were $3.2 billion, down from 2016’s $3.6 billion. Charles Fitzgerald writes on Platformonomics: The Red Hat Acquisition This is where the Red Hat acquisition comes in: while IBM will certainly be happy to have the company’s cash-generating RHEL subscription business, the real prize is Openshift, a software suite for building and managing Kubernetes containers. I wrote about Kubernetes in 2016’s How Google is Challenging AWS: This is exactly what IBM is counting on; the company wrote in its press release announcing the deal: This is the bet: while in the 1990s the complexity of the Internet made it difficult for businesses to go online, providing an opening for IBM to sell solutions, today IBM argues the reduction of cloud computing to three centralized providers makes businesses reluctant to commit to any one of them. IBM is betting it can again provide the solution, combining with Red Hat to build products that will seamlessly bridge private data centers and all of the public clouds. IBM’s Unprepared Mind The best thing going for this strategy is its pragmatism: IBM gave up its potential to compete in the public cloud a decade ago, faked it for the last five years, and now is finally admitting its best option is to build on top of everyone else’s clouds. That, though, gets at the strategy’s weakness: it seems more attuned to IBM’s needs than potential customers. After all, if an enterprise is concerned about lock-in, is IBM really a better option? And if the answer is that “Red Hat is open”, at what point do increasingly sophisticated businesses build it themselves? The problem for IBM is that they are not building solutions for clueless IT departments bewildered by a dizzying array of open technologies: instead they are building on top of three cloud providers, one of which (Microsoft) is specializing in precisely the sort of hybrid solutions that IBM is targeting. The difference is that because Microsoft has actually spent the money on infrastructure their ability to extract money from the value chain is correspondingly higher; IBM has to pay rent: Perhaps the bigger issue, though, goes back to Gerstner: before IBM could take advantage of the Internet, the company needed an overhaul of its culture; the extent to which the company will manage to leverage its acquisition of Red Hat will depend on a similar transformation. Unfortunately, that seems unlikely; current CEO Ginni Rometty, who took over the company at the beginning of 2012, not only supported Palmisano’s disastrous Roadmap 2015, she actually undertook most of the cuts and financial engineering necessary to make it happen, before finally giving up in 2014. Meanwhile the company’s most prominent marketing has been around Watson, the capabilities of which have been significantly oversold; it’s not a surprise sales are shrinking after disappointing rollouts. Gerstner knew turnarounds were hard: he called the arrival of the Internet “lucky” in terms of his tenure at IBM. But, as the Louis Pasteur quote goes, “Fortune favors the prepared mind.” Gerstner had identified a strategy and begun to change the culture of IBM, so that when the problem arrived, the company was ready. Today IBM claims it has found a problem; it is an open question if the problem actually exists, but unfortunately there is even less evidence that IBM is truly ready to take advantage of it if it does. Source
  15. Speculation that running joint venture with shipping giant Maersk might be off-putting to rivals IBM has admitted that its blockchain-based trade platform, set up with shipping giant Maersk, is struggling to gain traction with other carriers. The joint venture began about 10 months ago with the aim of simplifying the cost, complexity and size of global shipping networks, while offering more transparency and cutting the costs and time involved. The platform, named TradeLens, was officially launched in August. The product uses distributed ledger technology to establish a shared, immutable record of all the transactions that take place in the network, so the various trading parties can gain, with permissions, access to that data in real-time. Maersk’s Michael White said in a blogpost at the launch that this would tackle industry issues such as inconsistent data, “complex, cumbersome and often expensive peer-to-peer messaging” and “inefficient clearance processes”. IBM and Maersk began collaborating on blockchain in June 2016, and the reason for launching the joint venture was to allow them to commercialise the product. TradeLens – which is sold as an “open and neutral platform” – has had some successes in signing up port operators and customs authorities: in the summer, it named a group of almost 100 adopters, and just last week added the Port of Montreal to that list. It also announced that the Canada Border Services Agency, which processes more than 14,400 trucks and 127,400 courier shipments and collects more than CDN$88,200,000 in duty and taxes a day, was trialling TradeLens. However, if the platform is to be a success it needs to convince more container carriers to join, as this will allow traders to manage inventory across different carriers. And, with just one carrier – Asian firm Pacific International Lines – signed up, it is struggling. Even IBM is reported to have acknowledged the problem it is facing. As head of TradeLens at IBM Blockchain, Marvin Erdly, told blockchain publication CoinDesk: “We do need to get the other carriers on the platform. Without that network, we don't have a product. That is the reality of the situation.” There appears to be broad support for the principle of an industry-wide blockchain standard that can be used for ocean shipping, and so the companies are concerned that the prominent role of Maersk – the world’s largest container shipping company – is putting off rivals. "Obviously the fact that Maersk is driving this is both a really good thing and a worrying thing because they are such a big player in the industry,” Erdly is reported to have said. “As you can imagine that's going to be a factor." Indeed, Shipping Watch reported in May that execs at carrier giants Hapag Lloyd and CMA CGM had warned against platforms that one firm controlled, calling for wider governance. "Technically the solution (by Maersk and IBM) could be a good platform, but it will require a governance that makes it an industry platform and not just a platform for Maersk and IBM,” Hapag Lloyd CEO Rolf Jansen is reported to have told a conference. “This is the weakness we're currently seeing in many of these initiatives, as each individual project claims to offer an industry platform that they themselves control. This is self-contradictory.” IBM and Maersk do seem aware of the issue: Maersk has established an operational subsidiary to manage staff on the project, which the pair say “ensures TradeLens’ independence from other Maersk business units”. In addition, the duo say they are in the process of setting up an advisory board to work with TradeLens leaders “to address key issues such as the use of open and fair standards”. But the IP created from the work is jointly owned by IBM and Maersk – so the creation of a subsidiary and an advisory board could well be seen by the rest of the industry as sticking plasters not solutions. The Reg has asked IBM for further details on plans for the advisory board and any other measures it might have planned, and will update this article if we hear back. Updated - 30 October, 15.59GMT An IBM spokeswoman told us the company is taking the concerns about equity and governance on board and has worked with carriers to address them. “As a result, a range of carriers on both the global and regional level recognize the TradeLens solution,” she said. “Currently, discussions are progressing regarding potential pilots or full network participation with several of them.” The advisory board, the spokeswoman added, “will provide guidance and feedback to help drive open and fair standards for the TradeLens platform” Source
  16. A patent suit between IBM and Groupon that has been underway for over two years has finally been settled. Today, the two companies announced that Groupon will pay IBM $57 million both to settle infringement claims, as well as to license e-commerce patents from IBM in the future. On IBM’s side, the company said it will “consider” offering Groupon products to employees as part of the company’s corporate benefits package. “The license we have acquired to IBM’s patent portfolio will enable Groupon to continue to build amazing products for consumers and small businesses around the world. We look forward to sharing these products directly with IBM employees,” said Bill Roberts, Groupon vice president of Global Communications, in a statement. The $57 million is a fair bit lower than the initial $83 million that IBM was initially awarded when it had won the case against Groupon in July, and significantly lower than the $167 million that it had originally asked for in damages. Groupon had always argued that it wasn’t guilty because it believed the patents that were in question were too old, and so in July it had said it would consider appealing or applying for a lower sum (which it appears to have achieved). The news puts to rest a case that has been ongoing since March 2016, when IBM filed a case against Groupon alleging that the daily deals site was violating four patents. IBM — one of the world’s biggest technology patent holders, with more than 45,000 now credited to it — is no stranger to litigating against other companies that it believes infringes on them, with other suits involving Twitter, Amazon, Expedia and more. IBM made nearly $1.2 billion in intellectual property licensing and royalties in 2017 according to its annual report. Notably, this was down about 14 percent from 2016’s $1.4 billion, so it seems that the company might look to get more aggressive to bring back growth to that area. “IBM invests over $5 billion annually in research and development,” said Dr. William Lafontaine, IBM’s general manager of intellectual property, in a statement. “This agreement further demonstrates the value of our intellectual property that results from this innovation. We’re pleased this matter has been resolved.” Groupon has a market cap of about $2.2 billion and its stock is up by over three percent today, although overall has been on a downward trend for the last year, as the company continues to struggle to regain some of the momentum it had in its early days around deals for local goods, services and experiences. Source
  17. In the decade after the 9/11 attacks, the New York City Police Department moved to put millions of New Yorkers under constant watch. Warning of terrorism threats, the department created a plan to carpet Manhattan’s downtown streets with thousands of cameras and had, by 2008, centralized its video surveillance operations to a single command center. Two years later, the NYPD announced that the command center, known as the Lower Manhattan Security Coordination Center, had integrated cutting-edge video analytics software into select cameras across the city. The video analytics software captured stills of individuals caught on closed-circuit TV footage and automatically labeled the images with physical tags, such as clothing color, allowing police to quickly search through hours of video for images of individuals matching a description of interest. At the time, the software was also starting to generate alerts for unattended packages, cars speeding up a street in the wrong direction, or people entering restricted areas. Over the years, the NYPD has shared only occasional, small updates on the program’s progress. In a 2011 interview with Scientific American, for example, Inspector Salvatore DiPace, then commanding officer of the Lower Manhattan Security Initiative, said the police department was testing whether the software could box out images of people’s faces as they passed by subway cameras and subsequently cull through the images for various unspecified “facial features.” While facial recognition technology, which measures individual faces at over 16,000 points for fine-grained comparisons with other facial images, has attracted significant legal scrutiny and media attention, this object identification software has largely evaded attention. How exactly this technology came to be developed and which particular features the software was built to catalog have never been revealed publicly by the NYPD. Now, thanks to confidential corporate documents and interviews with many of the technologists involved in developing the software, The Intercept and the Investigative Fund have learned that IBM began developing this object identification technology using secret access to NYPD camera footage. With access to images of thousands of unknowing New Yorkers offered up by NYPD officials, as early as 2012, IBM was creating new search features that allow other police departments to search camera footage for images of people by hair color, facial hair, and skin tone. IBM declined to comment on its use of NYPD footage to develop the software. However, in an email response to questions, the NYPD did tell The Intercept that “Video, from time to time, was provided to IBM to ensure that the product they were developing would work in the crowded urban NYC environment and help us protect the City. There is nothing in the NYPD’s agreement with IBM that prohibits sharing data with IBM for system development purposes. Further, all vendors who enter into contractual agreements with the NYPD have the absolute requirement to keep all data furnished by the NYPD confidential during the term of the agreement, after the completion of the agreement, and in the event that the agreement is terminated.” In an email to The Intercept, the NYPD confirmed that select counterterrorism officials had access to a pre-released version of IBM’s program, which included skin tone search capabilities, as early as the summer of 2012. NYPD spokesperson Peter Donald said the search characteristics were only used for evaluation purposes and that officers were instructed not to include the skin tone search feature in their assessment. The department eventually decided not to integrate the analytics program into its larger surveillance architecture, and phased out the IBM program in 2016. After testing out these bodily search features with the NYPD, IBM released some of these capabilities in a 2013 product release. Later versions of IBM’s software retained and expanded these bodily search capabilities. (IBM did not respond to a question about the current availability of its video analytics programs.) Asked about the secrecy of this collaboration, the NYPD said that “various elected leaders and stakeholders” were briefed on the department’s efforts “to keep this city safe,” adding that sharing camera access with IBM was necessary for the system to work. IBM did not respond to a question about why the company didn’t make this collaboration public. Donald said IBM gave the department licenses to apply the system to 512 cameras, but said the analytics were tested on “fewer than fifty.” He added that IBM personnel had access to certain cameras for the sole purpose of configuring NYPD’s system, and that the department put safeguards in place to protect the data, including “non-disclosure agreements for each individual accessing the system; non-disclosure agreements for the companies the vendors worked for; and background checks.” Civil liberties advocates contend that New Yorkers should have been made aware of the potential use of their physical data for a private company’s development of surveillance technology. The revelations come as a city council bill that would require NYPD transparency about surveillance acquisitions continues to languish, due, in part, to outspoken opposition from New York City Mayor Bill de Blasio and the NYPD. Skin Tone Search Technology, Refined on New Yorkers IBM’s initial breakthroughs in object recognition technology were envisioned for technologies like self-driving cars or image recognition on the internet, said Rick Kjeldsen, a former IBM researcher. But after 9/11, Kjeldsen and several of his colleagues realized their program was well suited for counterterror surveillance. “After 9/11, the funding sources and the customer interest really got driven toward security,” said Kjeldsen, who said he worked on the NYPD program from roughly 2009 through 2013. “Even though that hadn’t been our focus up to that point, that’s where demand was.” IBM’s first major urban video surveillance project was with the Chicago Police Department and began around 2005, according to Kjeldsen. The department let IBM experiment with the technology in downtown Chicago until 2013, but the collaboration wasn’t seen as a real business partnership. “Chicago was always known as, it’s not a real — these guys aren’t a real customer. This is kind of a development, a collaboration with Chicago,” Kjeldsen said. “Whereas New York, these guys were a customer. And they had expectations accordingly.” The NYPD acquired IBM’s video analytics software as one part of the Domain Awareness System, a shared project of the police department and Microsoft that centralized a vast web of surveillance sensors in lower and midtown Manhattan — including cameras, license plate readers, and radiation detectors — into a unified dashboard. IBM entered the picture as a subcontractor to Microsoft subsidiary Vexcel in 2007, as part of a project worth $60.7 million over six years, according to the internal IBM documents. In New York, the terrorist threat “was an easy selling point,” recalled Jonathan Connell, an IBM researcher who worked on the initial NYPD video analytics installation. “You say, ‘Look what the terrorists did before, they could come back, so you give us some money and we’ll put a camera there.” A former NYPD technologist who helped design the Lower Manhattan Security Initiative, asking to speak on background citing fears of professional reprisal, confirmed IBM’s role as a “strategic vendor.” “In our review of video analytics vendors at that time, they were well ahead of everyone else in my personal estimation,” the technologist said. According to internal IBM planning documents, the NYPD began integrating IBM’s surveillance product in March 2010 for the Lower Manhattan Security Coordination Center, a counterterrorism command center launched by Police Commissioner Ray Kelly in 2008. In a “60 Minutes” tour of the command center in 2011, Jessica Tisch, then the NYPD’s director of policy and planning for counterterrorism, showed off the software on gleaming widescreen monitors, demonstrating how it could pull up images and video clips of people in red shirts. Tisch did not mention the partnership with IBM. During Kelly’s tenure as police commissioner, the NYPD quietly worked with IBM as the company tested out its object recognition technology on a select number of NYPD and subway cameras, according to IBM documents. “We really needed to be able to test out the algorithm,” said Kjeldsen, who explained that the software would need to process massive quantities of diverse images in order to learn how to adjust to the differing lighting, shadows, and other environmental factors in its view. “We were almost using the video for both things at that time, taking it to the lab to resolve issues we were having or to experiment with new technology,” Kjeldsen said. At the time, the department hoped that video analytics would improve analysts’ ability to identify suspicious objects and persons in real time in sensitive areas, according to Conor McCourt, a retired NYPD counterterrorism sergeant who said he used IBM’s program in its initial stages. “Say you have a suspicious bag left in downtown Manhattan, as a person working in the command center,” McCourt said. “It could be that the analytics saw the object sitting there for five minutes, and says, ‘Look, there’s an object sitting there.’” Operators could then rewind the video or look at other cameras nearby, he explained, to get a few possibilities as to who had left the object behind. Over the years, IBM employees said, they started to become more concerned as they worked with the NYPD to allow the program to identify demographic characteristics. By 2012, according to the internal IBM documents, researchers were testing out the video analytics software on the bodies and faces of New Yorkers, capturing and archiving their physical data as they walked in public or passed through subway turnstiles. With these close-up images, IBM refined its ability to search for people on camera according to a variety of previously undisclosed features, such as age, gender, hair color (called “head color”), the presence of facial hair — and skin tone. The documents reference meetings between NYPD personnel and IBM researchers to review the development of body identification searches conducted at subway turnstile cameras. “We were certainly worried about where the heck this was going,” recalled Kjeldsen. “There were a couple of us that were always talking about this, you know, ‘If this gets better, this could be an issue.’” According to the NYPD, counterterrorism personnel accessed IBM’s bodily search feature capabilities only for evaluation purposes, and they were accessible only to a handful of counterterrorism personnel. “While tools that featured either racial or skin tone search capabilities were offered to the NYPD, they were explicitly declined by the NYPD,” Donald, the NYPD spokesperson, said. “Where such tools came with a test version of the product, the testers were instructed only to test other features (clothing, eyeglasses, etc.), but not to test or use the skin tone feature. That is not because there would have been anything illegal or even improper about testing or using these tools to search in the area of a crime for an image of a suspect that matched a description given by a victim or a witness. It was specifically to avoid even the suggestion or appearance of any kind of technological racial profiling.” The NYPD ended its use of IBM’s video analytics program in 2016, Donald said. Donald acknowledged that, at some point in 2016 or early 2017, IBM approached the NYPD with an upgraded version of the video analytics program that could search for people by ethnicity. “The Department explicitly rejected that product,” he said, “based on the inclusion of that new search parameter.” In 2017, IBM released Intelligent Video Analytics 2.0, a product with a body camera surveillance capability that allows users to detect people captured on camera by “ethnicity” tags, such as “Asian,” “Black,” and “White.” Kjeldsen, the former IBM researcher who helped develop the company’s skin tone analytics with NYPD camera access, said the department’s claim that the NYPD simply tested and rejected the bodily search features was misleading. “We would have not explored it had the NYPD told us, ‘We don’t want to do that,’” he said. “No company is going to spend money where there’s not customer interest.” Kjeldsen also added that the NYPD’s decision to allow IBM access to their cameras was crucial for the development of the skin tone search features, noting that during that period, New York City served as the company’s “primary testing area,” providing the company with considerable environmental diversity for software refinement. “The more different situations you can use to develop your software, the better it’s going be,” Kjeldsen said. “That obviously pertains to people, skin tones, whatever it is you might be able to classify individuals as, and it also goes for clothing.” The NYPD’s cooperation with IBM has since served as a selling point for the product at California State University, Northridge. There, campus police chief Anne Glavin said the technology firm IXP helped sell her on IBM’s object identification product by citing the NYPD’s work with the company. “They talked about what it’s done for New York City. IBM was very much behind that, so this was obviously of great interest to us,” Glavin said. Day-to-Day Policing, Civil Liberties Concerns The NYPD-IBM video analytics program was initially envisioned as a counterterrorism tool for use in midtown and lower Manhattan, according to Kjeldsen. However, the program was integrated during its testing phase into dozens of cameras across the city. According to the former NYPD technologist, it could have been integrated into everyday criminal investigations. “All bureaus of the department could make use of it,” said the former technologist, potentially helping detectives investigate everything from sex crimes to fraud cases. Kjeldsen spoke of cameras being placed at building entrances and near parking entrances to monitor for suspicious loiterers and abandoned bags. Donald, the NYPD spokesperson, said the program’s access was limited to a small number of counterterrorism officials, adding, “We are not aware of any case where video analytics was a factor in an arrest or prosecution.” Campus police at California State University, Northridge, who adopted IBM’s software, said the bodily search features have been helpful in criminal investigations. Asked about whether officers have deployed the software’s ability to filter through footage for suspects’ clothing color, hair color, and skin tone, Captain Scott VanScoy at California State University, Northridge, responded affirmatively, relaying a story about how university detectives were able to use such features to quickly filter through their cameras and find two suspects in a sexual assault case. “We were able to pick up where they were at different locations from earlier that evening and put a story together, so it saves us a ton of time,” Vanscoy said. “By the time we did the interviews, we already knew the story and they didn’t know we had known.” Glavin, the chief of the campus police, added that surveillance cameras using IBM’s software had been placed strategically across the campus to capture potential security threats, such as car robberies or student protests. “So we mapped out some CCTV in that area and a path of travel to our main administration building, which is sometimes where people will walk to make their concerns known and they like to stand outside that building,” Glavin said. “Not that we’re a big protest campus, we’re certainly not a Berkeley, but it made sense to start to build the exterior camera system there.” Civil liberties advocates say they are alarmed by the NYPD’s secrecy in helping to develop a program with the potential capacity for mass racial profiling. The identification technology IBM built could be easily misused after a major terrorist attack, argued Rachel Levinson-Waldman, senior counsel in the Brennan Center’s Liberty and National Security Program. “Whether or not the perpetrator is Muslim, the presumption is often that he or she is,” she said. “It’s easy to imagine law enforcement jumping to a conclusion about the ethnic and religious identity of a suspect, hastily going to the database of stored videos and combing through it for anyone who meets that physical description, and then calling people in for questioning on that basis.” IBM did not comment on questions about the potential use of its software for racial profiling. However, the company did send a comment to The Intercept pointing out that it was “one of the first companies anywhere to adopt a set of principles for trust and transparency for new technologies, including AI systems.” The statement continued on to explain that IBM is “making publicly available to other companies a dataset of annotations for more than a million images to help solve one of the biggest issues in facial analysis — the lack of diverse data to train AI systems.” Few laws clearly govern object recognition or the other forms of artificial intelligence incorporated into video surveillance, according to Clare Garvie, a law fellow at Georgetown Law’s Center on Privacy and Technology. “Any form of real-time location tracking may raise a Fourth Amendment inquiry,” Garvie said, citing a 2012 Supreme Court case, United States v. Jones, that involved police monitoring a car’s path without a warrant and resulted in five justices suggesting that individuals could have a reasonable expectation of privacy in their public movements. In addition, she said, any form of “identity-based surveillance” may compromise people’s right to anonymous public speech and association. Garvie noted that while facial recognition technology has been heavily criticized for the risk of false matches, that risk is even higher for an analytics system “tracking a person by other characteristics, like the color of their clothing and their height,” that are not unique characteristics. The former NYPD technologist acknowledged that video analytics systems can make mistakes, and noted a study where the software had trouble characterizing people of color: “It’s never 100 percent.” But the program’s identification of potential suspects was, he noted, only the first step in a chain of events that heavily relies on human expertise. “The technology operators hand the data off to the detective,” said the technologist. “You use all your databases to look for potential suspects and you give it to a witness to look at. … This is all about finding a way to shorten the time to catch the bad people.” Object identification programs could also unfairly drag people into police suspicion just because of generic physical characteristics, according to Jerome Greco, a digital forensics staff attorney at the Legal Aid Society, New York’s largest public defenders organization. “I imagine a scenario where a vague description, like young black male in a hoodie, is fed into the system, and the software’s undisclosed algorithm identifies a person in a video walking a few blocks away from the scene of an incident,” Greco said. “The police find an excuse to stop him, and, after the stop, an officer says the individual matches a description from the earlier incident.” All of a sudden, Greco continued, “a man who was just walking in his own neighborhood” could be charged with a serious crime without him or his attorney ever knowing “that it all stemmed from a secret program which he cannot challenge.” While the technology could be used for appropriate law enforcement work, Kjeldsen said that what bothered him most about his project was the secrecy he and his colleagues had to maintain. “We certainly couldn’t talk about what cameras we were using, what capabilities we were putting on cameras,” Kjeldsen said. “They wanted to control public perception and awareness of LMSI” — the Lower Manhattan Security Initiative — “so we always had to be cautious about even that part of it, that we’re involved, and who we were involved with, and what we were doing.” (IBM did not respond to a question about instructing its employees not to speak publicly about its work with the NYPD.) The way the NYPD helped IBM develop this technology without the public’s consent sets a dangerous precedent, Kjeldsen argued. “Are there certain activities that are nobody’s business no matter what?” he asked. “Are there certain places on the boundaries of public spaces that have an expectation of privacy? And then, how do we build tools to enforce that? That’s where we need the conversation. That’s exactly why knowledge of this should become more widely available — so that we can figure that out.” This article was reported in partnership with the Investigative Fund at the Nation Institute. Source
  18. IBM has banned its staff from using removable storage devices. In an advisory to employees, IBM global chief information security officer Shamla Naidoo said the company “is expanding the practice of prohibiting data transfer to all removable portable storage devices (eg: USB, SD card, flash drive).” The advisory stated some pockets of IBM have had this policy for a while, but “over the next few weeks we are implementing this policy worldwide.” Big Blue’s doing this because “the possible financial and reputational damage from misplaced, lost or misused removable portable storage devices must be minimised.” IBMers are advised to use Big Blue’s preferred sync ‘n’ share service to move data around. But the advisory also admitted that the move may be “disruptive for some.” She’s not wrong: The Register understands that frontline IBM staff sometimes need to download patches so they can be installed on devices they manage for clients and that bootable USB drives are one means of installing those patches. Indeed, IBM offers advice on how to install Linux on its own POWER 9 servers using a USB key. ® UPDATE: Since publishing this story we've heard whispers that IBM has taken note of staff objections to the removable storage ban, especially when doing software updates, and is considering making a few exemptions. Source
  19. DATA BREACHES AND exposures all invite the same lament: if only the compromised data had been encrypted. Bad guys can only do so much with exfiltrated data, after all, if they can't read any of it. Now, IBM says it has a way to encrypt every level of a network, from applications to local databases and cloud services, thanks to a new mainframe that can power 12 billion encrypted transactions per day. The processing burden that comes with all that constant encrypting and decrypting has prevented that sort of comprehensive data encryption at scale in the past. Thanks to advances in both hardware and software encryption processing, though, IBM says that its IBM Z mainframe can pull off the previously impossible. If that holds up in practice, it will offer a system that's both accessible for users, and offers far greater data security than currently possible. According to IBM, hackers have compromised around nine billion digital data records since 2013, a third of them medical. A meager four percent of that data was encrypted, though, meaning those credit card numbers, user names and passwords, and social security numbers passed easily onto dark-web criminal exchanges. Even encrypted data often ends up compromised, because companies don't always opt for hacker-proof cryptography. Cybercriminals don't mind putting in the effort; the data people bother to encrypt tends to be valuable, which means putting resources into decrypting it usually pays off. A system that encrypts virtually all data, though, makes it much more difficult for criminals to identify worthwhile targets. Enter IBM Z. All it takes is a massive amount of computing power. The IBM Z mainframe locks data down with public 256-bit AES encryption—the same robust protocol used in the ubiquitous SSL and TLS web encryption standards, and trusted by the US government for protecting classified data. But the company's breakthrough lies less in quality than it does quantity. Thanks to some proprietary on-chip processing hardware, IBM Z can encrypt up to 13 gigabytes of data per second per chip, with roughly 24 chips per mainframe, depending on the configuration. "This represents a 400 percent increase in silicon that’s dedicated specifically to cryptographic processes—over six billion transistors dedicated to cryptography," says Caleb Barlow, vice president of threat intelligence at IBM Security. "So for any type of transaction system we can now get the safety that we’re all after, which just hasn’t really been attainable up to this point." For a better sense of why that all-encompassing encryption matters, compare it to something like a typical banking website interaction. The service likely encrypts your browsing session on the site, but that encryption may not endure in the backend of the application and the network operating system. Some point in the workflow lacks encryption, and that's where your data becomes vulnerable. IBM Z, by contrast, keeps data encrypted at all times unless it is being actively processed, and even then it is only briefly decrypted during those actual computations, before being encrypted again. "It can process 12 billion transactions per day on one machine. If you take something like Cyber Monday there’s probably about 30 million transactions that go on," says Barlow. "So one of these machines can process that kind of crazy workload without even breaking a sweat in less than a day." The system also drastically cuts down on the number of administrators who can access raw, readable data. That means hackers have fewer fruitful targets to go after in their attempts to gain privileged credentials to access a system. And IBM Z offers granularity so users can access the data they need for day to day work without exposing large swaths of data they don't need. IBM says breakthroughs in its ability to do large-scale cryptographic processing let it take the leap. The company also has full component control in its mainframes, increasing efficiency and system control. The company says that large-scale cryptographic implementation is a "natural extension of the architecture." Big questions remain, though. IBM Z's "pervasive" encryption may stymie many current methods of attack, but there's no such thing as perfect security; researchers and bad actors will almost certainly find weaknesses, given the chance. IBM developers anticipate this as well; they've added a feature in which the mainframe stores its decryption keys in a tamper-resistant way. At any sign of an intrusion, the system can automatically invalidate all of its keys until the breach is mitigated. The other question about a system like the IBM Z is how widely it will be adopted. It would have potential economic benefits for companies in terms of easily allowing them to comply with increasingly stringent international data retention regulations, like US Federal Information Processing Standards. But for organizations that don't already rely on mainframes, the IBM Z may not seem like a relevant option. "The established mainframe-based clients will jump all over this," says Joe Clabby, an analyst at the independent technology assessment firm Clabby Analytics. "As for new clients, that’s a hard one to answer. A lot of clients have a strong Intel bias. But encrypting all data, that’s a huge step. It’s pretty exciting given what a mess the world is without it." Source
  20. IBM has issued a security alert last week, warning customers that some USB flash drives shipped with IBM Storwize products may contain malicious code. The USB flash drive is said to store the Initialization Tool for IBM Storwize, a big data storage system (rack-based disks system) for data centers. The part number of the infected flash drives is 01AC585. IBM says these USB sticks have been shipped with products such as: IBM Storwize V3500 - 2071 models 02A and 10A IBM Storwize V3700 - 2072 models 12C, 24C and 2DC IBM Storwize V5000 - 2077 models 12C and 24C IBM Storwize V5000 - 2078 models 12C and 24C IBM Initialization Tool USB (left); IBM Storwize rack (right) "Neither the IBM Storwize storage systems nor data stored on these systems are infected by this malicious code," said IBM. Furthermore, USB flash drives used for Encryption Key management, which also ship with Storwize equipment, are not affected by this issue. Malicious code is copied, but not executed According to IBM, when users run the IBM Storwize Initialization Tool, the malicious code is copied, along with the rest of the Initialization Tool, on the user's device. The location where this data is copied is: On Windows systems: %TMP%\initTool On Linux and Mac systems: /tmp/initTool IBM says the malicious code is only copied to user devices, but not executed. The company didn't provide details about the nature of this malicious code, or how it got on its USB flash drives, but based on current detections on antivirus engines, this appears to be a basic malware downloader. The MD5 hash of the malicious file is 0178a69c43d4c57d401bf9596299ea57, and most antivirus vendors already detect it under various names. Engine Signature Version Update AhnLab-V3 Win32/Pondre 20170330 ESET-NOD32 Win32/TrojanDropper.Agent.PYF 15180 20170331 Kaspersky Trojan.Win32.Reconyc.hvow 20170331 McAfee PWSZbot-FIB!0178A69C43D4 20170331 McAfee-GW-Edition PWSZbot-FIB!0178A69C43D4 v2015 20170331 Microsoft VirTool:Win32/Injector.EG 1.1.13601.0 20170331 Qihoo-360 Virus.Win32.WdExt.A 20170331 Symantec W32.Faedevour!inf 20170330 Tencent Trojan.Win32.Daws.a 20170331 TrendMicro PE_WINDEX.A 9.740.0.1012 20170331 TrendMicro-HouseCall PE_WINDEX.A 9.900.0.1004 20170331 ZoneAlarm Trojan.Win32.Reconyc.hvow 1 20170331 IBM recommends formatting USB sticks The company recommends that Storwize customers scan their system for the aforementioned folders and remove the directories. Once the malicious code has been removed from infected devices, IBM recommends that users format their USB flash drive, download a safe copy of the Storwize Initialization Tool, and unzip its content on the original USB flash drive. Source
  21. IBM Research Zurich THE LIQUID BATTERY FUNCTIONS AS ITS OWN COOLING SYSTEM Managing heat is one of the biggest enemies of processor speed. It’s why overclocking your processor can literally result in burning out your computer, and why serious gaming PC rigs can have hundreds of dollars in liquid cooling to try and siphon away the extra heat. Researchers at ETH Zurich and IBM Research Zurich have developed a tiny liquid flow battery that could solve that problem, by both generating electricity to power the chip as well as siphoning off the excess heat through the liquid electrolytes, via Engadget. Flow batteries are a type of rechargeable battery which essentially function as rechargeable fuel cells. Typically, they’ve only tended to be used for larger scale applications, like storing power from solar panels or wind turbines for later use. The new battery design from the research team is dramatically smaller, measuring in at 1.5mm thick, and generates 1.4 watts of energy per square centimeter of battery surface (0.4 watts of which goes toward pumping the liquid to the battery), which the team claims is a record relative to the battery’s size. But the biggest advantage to the flow battery is that the same electrolyte liquid that’s used to generate the charge is also capable of dissipating heat, which in essence allows the battery to function as its own cooling system. Unfortunately for anyone hoping to replace their processor with a new flow battery-equipped chip, the current prototype isn’t quite powerful enough to actually run a computer chip. But as a proof-of-concept, the micro-flow battery seems a lot more viable than most future battery tech ideas. The team hopes that with future development that the battery could reach high enough yields for more practical real-world uses. Source
  22. ARM Has A New Weapon In Race To Build World's Fastest Computers ARM's new supercomputer chip design with vector extensions will be in Japan's Post-K computer, which will be deployed in 2020 ARM conquered the mobile market starting with Apple's iPhone, and now wants to be in the world's fastest computers. A new ARM chip design being announced on Monday is targeted at supercomputers, a lucrative market in which the company has no presence. ARM's new chip design, which has mobile origins, has extensions and tweaks to boost computing power. The announcement comes a few weeks after Japanese company Softbank said it would buy ARM for a mammoth $32 billion. With the cash, ARM is expected to sharpen its focus on servers and the internet of things. ARM's new chip design will help the company on two fronts. ARM is sending a warning to Intel, IBM, and other chip makers that it too can develop fast supercomputing chips. The company will also join a race among countries and chip makers to build the world's fastest computers. The chip design is being detailed at the Hot Chips conference in Cupertino, Calif., on Monday. Countries like the U.S., Japan, and China want to be the first to reach the exascale computing threshold, in which a supercomputer delivers 1 exaflop of performance (a million trillion calculations per second). Intel, IBM, and Nvidia have also been pushing the limits of chip performance to reach that goal. Following Softbank's agreement to buy ARM, it should come as no surprise that the first supercomputer based on the new chip design will be installed in Japan. The Post-K supercomputer will be developed by Fujitsu, which dropped a bombshell in June when it dropped its trusty Sparc architecture in favor of ARM for high-performance computers. Fujitsu aided ARM in the development of the new chip. Post-K will be 50 to 100 times speedier than its predecessor, the K Computer, which is currently the fifth fastest computer in the world. The K Computer delivers 10.5 petaflops of peak performance with the Fujitsu-designed SPARC64 VIIIfx processor. The new ARM processor design will be based on the 64-bit ARM-v8A architecture and have vector processing extensions called Scalable Vector Extension. Vector processors drove early supercomputers, which then shifted over to less expensive IBM RISC chips in the early 1990s, and on to general-purpose x86 processors, which are in most high-performance servers today. In 2013, researchers said less expensive smartphone chips, like the ones from ARM, would ultimately replace x86 processors in supercomputers. But history has turned, and the growing reliance on vector processing is seeing a resurgence with ARM's new chip design and Intel's Xeon Phi supercomputing chip. The power-efficient chip design from ARM could crank up performance while reducing power consumption. Supercomputing speed is growing at a phenomenal rate, but the power consumption isn't coming down as quickly. ARM's chip design will also be part of an influx of alternative chip architectures outside x86 and IBM's Power entering supercomputing. The world's fastest supercomputer called the Sunway TaihuLight has a homegrown ShenWei processor developed by China. It offers peak performance of 125.4 petaflops. ARM has struggled in servers for half a decade now, and the new chip design could give it a better chance of competing against Intel, which dominates data centers. Large server clusters are being built for machine learning, which could use the low-precision calculations provided by a large congregation of ARM chips with vector extensions. ARM servers are already available, but aren't being widely adopted. Dell and Lenovo are testing ARM servers, and said they would ship products when demand grows, which hasn't happened yet. ARM server chip makers are also struggling and hanging on with the hope the market will take off someday. AMD, which once placed its server future on ARM chips, has reverted back to x86 chips as it re-enters servers. Qualcomm is testing its ARM server chip with cloud developers, and won't release a chip until the market is viable. AppliedMicro scored a big win with Hewlett Packard Enterprise, which is using the ARM server chips in storage systems. Other ARM server chip makers include Broadcom and Cavium. Source
  23. Why IBM wants to hack you IBM wants to help businesses avoid a DNC-style hack attack For companies looking to avoid an embarrassing DNC-style attack, a devastating Sony Pictures-level hack or career-ending Target-type breach, IBM is proposing a solution: Let us try to hack you. IBM's X-Force Red team of ethical hackers-for-hire will perform stress tests of corporate networks to pinpoint vulnerabilities before criminal hackers — with less worthy intentions — discover those holes. "The bad guys are testing your systems right now, the only difference is you don't get the report," said Charles Henderson, global head of X-Force Red. The team is a new division of IBM Security, part of a broader strategy aimed at capturing more of the market for end-to-end security solutions. The worldwide security software market grew 3.7 percent in 2015, and totaled $22.1 billion, according to a Gartner global security software report for 2015. Security information and event management was the fastest-growing segment, with 15.8 percent growth. IBM was the only one of the top five security vendors to grow in 2015, which Gartner attributed to its strong performance in this segment. IBM's security software revenue grew 2.5 percent to $1.45 billion in 2015, said Gartner. The two biggest security software vendors — Symantec and Intel — saw their multibillion dollar businesses contract 6.2 and 4.1 percent, respectively. X-Force Red will focus on testing four areas that are considered the most vulnerable: applications, networks, hardware and employees. The service is tailored to customers' needs, and findings are delivered via a report, an online application and in person. The team then makes recommendations on how to remedy any issues. IBM will offer the service at various pricing levels — starting at under $10,000 for a specific project, scaling to multimillion dollar managed service agreements, Henderson said. The number of security incidents reported in 2015 was 64 percent higher than in 2014, according to the X-Force IBM Cyber Security Intelligence Index, published in April. "In thinking like an attacker, you start to realize that software flaws are not industry specific," Henderson said. "We have clients from major financials to video gaming." IBM Security falls under IBM's Strategic Imperatives group, which reported $31 billion in revenue for the 12 months preceding the second quarter. The security division grew 18 percent year over year. Despite numerous recent headline-grabbing breaches, most recently disrupting the U.S. presidential campaign, security remains an afterthought at many organizations, said Henderson. For example, 33 percent of companies do not test mobile apps for vulnerabilities, according to IBM's The State of Mobile Application Insecurity published in March 2015. The rise of things like ransomware and continued success of email phishing scams puts company employees unwittingly at the center of many breaches. There is no point deploying sophisticated security software without also educating employees about security best practices, said Henderson. "We can optionally spoof people at the company to see who falls for it," he said. "A criminal would try and steal something when they click, we might try and educate someone when they click." The goal is to encourage employees to scrutinize messages more carefully, rather than simply accepting them at face value, said Henderson. http://www.cnbc.com/2016/08/02/ibm-wants-to-help-businesses-avoid-a-dnc-style-hack-attack.html
  24. Extends QRadar platform's advanced analytics to protect against compromised credentials and malicious insiders ARMONK, N.Y., July 27, 2016 /PRNewswire/ -- IBM Security (NYSE: IBM) today announced a new app for IBM QRadar which analyzes the usage patterns of insiders, including employees, contractors and partners, to determine if their credentials or systems have been compromised by cybercriminals. IBM QRadar User Behavior Analytics, available for free via the IBM Security App Exchange, extends IBM QRadar's security intelligence platform to provide early visibility into potential insider threats before they can do further damage to a business. Insider threats are currently responsible for 60 percent of attacks facing businesses, but roughly a quarter of these attacks are the result of users' credentials falling into the hands of hackers via employees, contractors or partners who are tricked by malware-laden phishing attacks or other techniques[1]. For example, the new user behavior analytics app would alert analysts to a user logging into a high value server for the first time, from a new location, while using a privileged account. This change in pattern would be identified because the IBM QRadar User Behavior Analytics solution created a baseline of normal user behavior for this employee and detected a significant deviation. "Organizations need a better way to protect themselves against insider threats – whether they be from inadvertent actors or malicious cybercriminals with access to an organization's inner workings and technology systems," said Jason Corbin, Vice President of Strategy and Offering Management, IBM Security. "This new app provides analysts with the ability to quickly pivot by using existing cybersecurity data to see the early warning signs that are often buried in suspicious user activities, ultimately helping them more consistently address breaches before they occur." IBM QRadar User Behavior Analytics leverages data from customers' existing QRadar investment giving them a single platform to analyze and manage security events and data. This integration saves security analysts from having to reload and curate data from multiple platforms to identify and investigate user behavior side-by-side with other indicators of compromise QRadar detects. The solution helps security professionals guard against malicious threats through: Risk Analysis Profiles – the app analyzes risky user actions and applies a score to anomalous behaviors helping to identify both potential rogue insiders and suspected cybercriminals using compromised credentials. Prioritized Behavioral Analysis Dashboard – analysts can gain better visibility and understanding of actions that lead a user to open up a malicious document or how they gained escalated privileges. A single mouse click, or an attachment or link in a phishing email, for example, can add suspicious user activity to a watch list or permit a text-based annotation to explain the analyst's observations. Enhancing Existing QRadar Security Data – with user information pulled from the entire IT environment, security teams will be able to tap into the existing broad set of data sources and threat intelligence in QRadar to detect threats across users and assets. With the recent acquisition of Resilient Systems, IBM has added the capability to easily respond to incidents elevated in the QRadar platform via the new User Behavior Analytics app. Available for free download on the IBM Security App Exchange, the QRadar User Behavior Analytics application is part of IBM's open approach to developing security tools that can be leveraged in the fight against cybercrime. Over the past two years, IBM has made significant moves to help security professionals worldwide collaborate to achieve an advantage over cybercriminals, including opening its 700 TB of threat data to the public with the launch of IBM X-Force Exchange. Built on X-Force Exchange intelligence, the IBM Security App Exchange has developed into an expansive online marketplace for partners and customers to share and download apps based on IBM Security technologies, such as IBM QRadar. The marketplace features dozens of 3rd party solutions to further clients' ability to customize their security environment using IBM's open platform approach. About IBM Security IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force® research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world's broadest security research, development and delivery organizations, monitors 20 billion security events per day in more than 130 countries, and holds more than 3,000 security patents. For more information, please visit www.ibm.com/security, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence blog. Article source
  25. IBM has demonstrated a new type of memory technology that the company believes could one day be a replacement for NAND flash. The company’s Theseus Project (conducted in cooperation with the University of Patras in Greece) is the first attempt to combine phase change memory, conventional NAND, and DRAM on a single controller. The result? A hybridized storage solution that outperforms PCIe-based SSDs by between 12 and 275 times. The physics of phase change Phase change memory is one of a number of alternative memory structures that’s beenproposed as a replacement for NAND. Phase change memory works by rapidly heating chalcogenide glass, shifting it between its crystalline and amorphous state. In its amorphous state (read as a binary 0), the structure has very high resistance, while in its crystalline state (binary 1) resistance is quite low. Phase change memory can quickly shift between the two states, plus research from Intel and Micron have demonstrated the feasibility of intermediate states, which allows two bits of information to be stored per cell. Phase change memory has much lower latency than NAND, much faster read/write times (in theory), and it can withstand millions of write cycles as compared to 30,000 with high-end SLC NAND and as few as 1,000 with TLC NAND. Even better, it’s well positioned compared to other theoretical memory devices. Even so, NAND flash has enormous economies of scale and billions invested in fab plants across the world. What IBM has done with Theseus is to incorporate a small amount of PCM into a hybrid structure where its ultra-low-latency characteristics can be effectively leveraged. This chart shows the various areas where IBM believes phase change memory could be useful. Note that in many cases, the PCM is being integrated either as a cache solution or as an additional tier of storage between NAND and DRAM, just as NAND is often integrated between DRAM and a conventional hard drive. Project Theseus is an aggregate controller featuring what appears to be 2.8GB of PCM (36 128Mbit cells per card, 5 cards total). IBM calls this its PSS (Prototype Storage Solution). The advantages of PCM are illustrated in the slides above. These graphs show the total latency for various types of requests. Note that the PSS solution (that’s the PCM card) completes the overwhelming majority of its requests in under 500 microseconds. The two MLC solutions top out at 14,000 and 20,000 microseconds compared to 2,000 microseconds for the PSS, while the TLC NAND is an order of magnitude slower, topping out at 120,000 microseconds. In short, these early PCMs, built on 90nm CMOS and at extremely low density (modern NAND flash is now available in 512Gbit sizes compared to 128Mbit for PCM) is a full order of magnitude faster than commercial NAND, with vastly superior write performance and data longevity. There’s just one little problem IBM makes a point of noting that its PSS solution uses 90nm memory produced by Micron. The only problem? Micron gave notice earlier this year that it was cancelling all of its PCM production and pulling out of the industry. While it left open the door to revisiting the memory tech at some point in the future, it indicated that the superior scaling of 3D NAND was a better option (despite the numerous problems identified with that technology in the short term). Where does this leave PCM? The 2013 ITRS report notes that NAND performance isn’t actually expected to increase much from present levels — in fact, it’s going to be difficult to maintain current NAND performance while improving density and holding write endurance constant. Right now, PCM is the most promising next-generation memory technology on the market — but if no one steps forward to manufacture it, it’s going to be a tough sell. Source
  • Create New...