TechByter Worldwide

Speak softly and carry a large microphone

 

Jun 21, 2015

A Surprise that Wasn't from LastPass

LastPass is the password management tool that I've recommended for many years. The free version is powerful, but for about one dollar per month, users have access to additional useful features. This week LastPass notified users that its site had been hacked. That's not the story, though. The story is that nobody should be surprised and why users shouldn't be overly concerned.

Press ESC to close.On June 12th, LastPass system administrators discovered suspicious activity on the network and blocked it. I have been expecting a message such as this for years. As one of the larger repositories of passwords, LastPass would have to be the kind of target that would make crime dogs salivate. There's been no small amount of panic among users and some of the responses have been little short of silly.

After finding and blocking the intrustion, LastPass system administrators looked for evidence about what hackers might have been able to see. They found no indication that any encrypted data was compromised. What hackers were able to obtain, however, was information about e-mail addresses, password reminders, and some other details.

Although master passwords were not exposed, LastPass is encouraging users to change these. The master password is the one that provides access to each user's account. Needless to say, I did that immediately. And that should be the end of the story because encrypted user data was not taken and so there is no need to change passwords associated with individual accounts.

LastPass should be recognized for its prompt notification of users. E-mail notices were sent to users on Monday, just 3 days after the breach was noticed. System administrators doubtless spent many hours on Saturday and Sunday investigating so that the message sent on Monday would be accurate.

Additional measures have been instituted to ensure that users' passwords will remain safe even if the investigation missed something. Any user who attempts to log on with a device that LastPass hasn't seen before or from a new IP address will be challenged. Before being allowed to log on from a new device or a new IP address, users will need to receive an e-mail message from LastPass and respond to it. The only exception will be for users who have already enabled multifactor authentication.

Press ESC to close.LastPass is confident that master passwords weren't exposed and I share that conficence. The system hashes both the username and master password on the user’s computer with 5000 rounds of PBKDF2-SHA256 to create a key and then the system performs a second round of hashing to generate the master password authentication hash. This all happens on the user's PC and the resulting key is sent to the LastPass server where it is used to perform an authentication check when users log in. Once the key is on the LastPass server, a "salt" is added and another 100,000 rounds of hashing are performed. "Salt", by the way, simply refers to a random string that's added to make the process more secure.

The key point is that LastPass noticed the intrusion promply, blocked it, and notified users without delay. This is the way the system should have worked. The decision to require additional validation for a user who signs on from a new device or an unfamiliar IP address is a clever additional step.

LastPass is also cautioning users to be wary of phishing e-mails asking for your master password, payment information, or any other personal information. "Never disclose your master password or any confidential information, even to someone claiming to work for LastPass," is the last word from LastPass.

And I still recommend it.

Adobe's 3rd Iteration of Creative Cloud Packs More Features

If you're a designer, an editor, or a photographer, Adobe changed your world on Tuesday morning. As of midnight Tuesday morning, Creative Cloud 2015 became availab le for download on subscribers' computers. Some of the changes are big and flashy and others just sit quietly in the background waiting to be discovered. Let's take a quick look as some of the stand-outs.

In brief ...

Taking Stock

Press ESC to close.Adobe is now in the stock photography business with Adobe Stock, another stragetic acquisition designed to add value to the toolbox that designers already would be hard pressed to do without. Prior to its acquisition, Adobe Stock was known as Fotolia. Now the Fotolia logo shares space with the Adobe logo. Creative Cloud subscribers have access to the 40,000,000 images that make up the Fotolia library. Not for free, of course, but on highly favorable terms.

For those who need just an occasional image, stock photos are priced at $10, but those who need more images can sign up for the $50 per month plan and pay just $30 per month and download 10 images, dropping the price per image to $3. Large shops can choose a plan that allows 750 dowloads per month at $200. Yes, that's 26 cents per image.

One question that remains concerns the DollarPhoto division of Fotolia. Adobe also own it, but no decision has been made regarding its future. All DollarPhoto images cost, as the name suggests, $1 with a basic $10 per month plan allowing 10 downloads.

Purple Haze

Press ESC to close.If you've ever taken a photograph on a hazy day and wished to a way to cut through the haze, an addition to Lightroom makes the process easy. It's not a new capability, but a way of making an existing function easier to use.

Here's a view from a cemetery in Wheeling across the Ohio river to a hill in Ohio. I'd like the image better if the hill in the background had more detail.

Press ESC to close.Photoshop and Lightroom users have been able to remove (or add) haze (purple or otherwise) for a long time, but the process involved numerous modifications that could be somewhat confusing even in Lightroom. Now there's a single slider in the Effects panel that appears to remove haze by sharpening the image, adding contrast, and boosting colors. Or, if you push the slider the other way, turns a bright, sunny day into a foggy day.

Here I've used the new single-slider adjustment to remove haze.

Press ESC to close.Or I could go the other way and increase the amount of haze if I wanted to make it apear that the day was foggy.

Artboards Come to Photoshop

Press ESC to close.Designers who use Illustrator and Photoshop once had to complain about each application's inability to have more than a single workspace in any file. Illustrator gained that capability a couple of versions ago and now it's Photoshop's turn.

The ability to have multiple artboards in a single file will undoubtedly be a very welcome addition. Operationally, the're nearly identical to the artboards in Illustrator. Each artboard can be a different size and laying these out side by side makes it possible for deigners and their clients to see a high-level view of related items -- website designs featuring various screen sizes, for example, or a series of printed items such as letterheads, envelopes, and business cards.

Nearly every new version of Creative Cloud applications features expanded capabilities for the Mercury rendering engine, the background application that interprets the user's commands and displays the resulting image on screen. This time around, Adobe has improved the performance of the Healing Brush, Spot Healing Brush, and Patch tool. Adobe says that the rendering speed is more than 100 times faster than it was in CS6. Note, though, that a comparison with Creative Cloud 2015 would be considerably less impressive. Still, anything that can keep people from waiting on the computer is development effort well spent.

Illustrator Users Can Count the Angels Dancing on the Head of a Pin

Press ESC to close.When you need to make a small change to a tiny area, it's helpful to be able to enlarge that tiny area so you can see what's in it. Previously, Illustrator users had to make do with a top magnification rate of "only" 6400% -- yes, only 64 times actual size.

Note the period out there at the end of the sentence.

Press ESC to close.Now the magnification goes all the way to 64,000% -- 640 times actual size. So if you have a circle the size of a period in 10-point type, that circle might be something like 1/30 of an inch across. Magnified to 64,000%, that tiny circle would more than fill a 19-inch monitor.

Here's the period again, magnified a bit.

Some Love for Android

Press ESC to close.Every time I'm on a call with one of the Adobe product managers, I whine about the lack of support for Android devices. Although I can still do that, I'll have to tone it down a bit. The mobile apps that have been introduced over the past couple of years have been updated and several of them are now available for Android phones.

Not all of the apps have yet been ported to Android, but Adobe it committed to finishing the job. Unfortunately, though, these will be apps designed only for Android phones. Unlike Ipad owners, Android tablet users shouldn't expect that the apps will work on their tablets anytime soon. And maybe never.

Installation Changes

Press ESC to close.Adobe has instituted a change in how the installer works for this version of Creative Cloud. By default, previous versions of Creative Cloud will be removed when the 2015 version is installed. If you have a version of Creative Suite installed, it will not be removed, but the original version and the 2014 version of Creative Cloud will be removed unless you specify otherwise.

Press ESC to close.In most cases, removing the previous versions makes sense because most people will want to use the latest version. Exceptions might be people who teach Adobe applications or support users of Adobe applications.

To retain the older versions, open the Advanced installation option dialog and deselect the Remove option.

Short Circuits

Big Irony: IBM Promotes Open Source

In the days of "big iron" computers, IBM carefully guarded their proprietary hardware, operating systems, and software. For several years, IBM has championed open source software and now the company has committed itself to Apache Spark, calling it potentially the most significant open source project of the coming decade.

IBM plans to embed Spark into its Analytics and Commerce platforms and to offer Spark as a service on IBM Cloud. The company also plans to have more than 3500 IBM researchers and developers work on Spark-related projects at more than a dozen labs worldwide, to donate its machine learning technology to the Spark open source ecosystem, and to educate more than one million data scientists and data engineers on Spark.

Spark isn't something you'll see at home, though. It's technology designed for large-scale data processing. IBM says that Spark improves the performance of data dependent apps and that it simplifies the process of developing intelligent apps that are fueled by data.

IBM's Watson Health Cloud will leverage Spark as a key underpinning for its insight platform that's intended to improve response time for medical providers and researchers as they access new analytics that reference population health data.

Spark will become a Cloud service on IBM Bluemix to make it possible for app developers to quickly load data, model it, and derive the predictive artifact to use in their app.

Press ESC to close.IBM says that it has been a leader in open-source innovation for decades. IBM also said, in the early 1980s, that it had been in the personal computer business for many years, prompting Apple to run an ad "welcoming" IBM to the business of making personal computers. Beth Smith, General Manager at IBM Analytics says the company believes strongly in the power of open source as the basis to build value for clients. IBM, she says, is "fully committed to Spark as a foundational technology platform for accelerating innovation and driving analytics across every business in a fundamental way." Smith says that IBM's clients will benefit as they "embrace Spark to advance their own data strategies to drive business transformation and competitive differentiation." (Or maybe that's just what IBM's PR department decided she should say. Does anyone really talk like this?)

IBM, NASA, and the SETI Institute are collaborating to analyze terabytes of complex deep-space radio signals using Spark's machine learning capabilities in a hunt for patterns that might indicate the presence of intelligent extraterrestrial life and IBM is one of four founding members of the UC Berkeley AMPLab, where Spark was invented in 2009.

Spark is charactgerized as agile, fast, and easy to use. For more information, see IBM's website.

Duqu is Back and It's Nasty

Kaspersky Labs says that it has seen a new version of Duqu, malware that has been used to target high-level world leaders. Among the targeted meetings are those of what's called "P5+1", a group of six world powers that joined the diplomatic efforts with Iran in 2006 to negotiate and end to Iran's nuclear program.

The term "P5+1" refers to the 5 permanent members of the UN Security Council (China, France, Russia, the United Kingdom, and the United States) and Germany, the +1.

Kaspersky Lab detected a cyber-intrusion affecting several of its internal systems earlier this year and the company then launched an investigation that led to the discovery of a new malware platform from one of the most skilled, mysterious, and powerful threat actors in the advanced persistent threat (APT) world: Duqu.

Kaspersky researchers say they believe the attackers felt that their attack would be undetectable. It included some features that hadn't been seen before and was nearly invisible. After exploiting zero-day vulnerabilities that allowed the malware to elevate its privileges to domain administrator, it spreads through the network via Microsoft Software Installer (MSI) files. Files of this type are commonly used by system administrators to deploy software on remote Windows computers.

The attack removed all of its files and modified no system settings, which made detection difficult. Kaspersky researchers say that this kind of malware is "a generation ahead of anything seen in the APT world."

Kaspersky wasn't the only target. Other victims have been identified in the United States, the Middle East, and Asia. Attacks targeting the P5+1 meetings apparently were launched at locations where the talks were scheduled to occur. A similar attack appears to have been related to the 70th anniversary event of the liberation of the World War II concentration camp at Auschwitz. The commemoration was attended by many politicians from around the world.

Kaspersky Lab set up a security audit that included source code verification and checking of the corporate infrastructure. The audit is expected to be complete within a few eeeks. The attack appears to have been intended to obtain documents and otherwise left the computers untouched.

A document from Kaspersky Labs lists the preliminary conclusions:

  1. The attack was carefully planned and carried out by the same group that was behind the infamous 2011 Duqu APT attack. Kaspersky Lab believes this is a nation-state sponsored campaign.
  2. Kaspersky Lab strongly believes the primary goal of the attack was to acquire information on the company's newest technologies. The attackers were especially interested in the details of product innovations including Kaspersky Lab's Secure Operating System, Kaspersky Fraud Prevention, Kaspersky Security Network and Anti-APT solutions and services. Non-R&D departments (sales, marketing, communications, legal) were out of attackers' interests.
  3. The information accessed by the attackers is in no way critical to the operation of the company's products. Armed with information about this attack Kaspersky Lab will continue to improve the performance of its IT security solutions portfolio.
  4. The attackers also showed a high interest in Kaspersky Lab's current investigations into advanced targeted attacks; they were likely aware of the company's reputation as one of the most advanced in detecting and fighting complex APT attacks.
  5. The attackers seem to have exploited up to three zero-day vulnerabilities. The last remaining zero-day (CVE-2015-2360) has been patched by Microsoft on June 9th, 2015 (MS15-061) after Kaspersky Lab experts reported it.

"The people behind Duqu are one of the most skilled and powerful APT groups and they did everything possible to try to stay under the radar," said Costin Raiu, Director of Kaspersky Lab's Global Research and Analysis Team. Calling the attach "highly sophisticated", he noted that it exploited as many as 3 zero-day faults. "To stay hidden, the malware resides only in kernel memory, so anti-malware solutions might have problems detecting it," Raiu said. "It also doesn't directly connect to a command-and-control server to receive instructions. Instead, the attackers infect network gateways and firewalls by installing malicious drivers that proxy all traffic from the internal network to the attackers' command and control servers."

You Can Order a Microsoft Surface Hub Starting on July 1

Just in time for Independence Day, you can order one of the giant Surface Hub wall-mounted computers from Microsoft on the first of July. If you have a spare $7000 lying around. The Surface Hub is intended primarily for corporate conference rooms, but Microsoft may sell some of a few one percenters.

Press ESC to close.Microsoft calls it a "large-screen collaboration device". The Surface Hub, unlike most electronic devices, is being manufactured in the United States. Oh, and the $7000 I cited will be for the smallest unit, just 55 inches across. The true one percenters will want the 84-inch Hub for $20,000.

The Surface Hub is more than just a display screen. It's a white board with intelligence because it runs on Windows 10 and houses Skype for Business, Office, OneNote, and a bunch of Universal Windows apps.

Hub computers can be used for white-boarding and videoconferencing, but the real power comes from placing a gigantic touch-enabled computer screen on the wall and including One Note to share content. At the end of the meeting, people will no longer have to pull out their phones to capture what's on the screen. Instead, the on-screen diagrams can be distributed as One Note files.

The Surface Hub's screen can respond to "ink", something tablet users already have expience with, so drawing should be easy. Both versions of the Surface Hub include the ability to record upt to 3 simultaneous pen inputs. They also have 2 1080p front-facing video cameras and a 4-element microphone array designed to provide clear sound while eliminating background noise when it's used in videoconference mode.

More information on the Surface Hub is on Microsoft's website.