It works as an always-on display for the whole family by showing notifications from smart home devices and allowing anyone to control them with the click of a button. LaMetric Time eliminates the need to check multiple apps or news sites for the information you need.
Instead, you receive key information at a glance, all in one place.
The possibilities are endless.
It also shows real-time notifications from IFTTT-connected services. LaMetric Time is standalone Wi-Fi device, iPhone or Android smartphone is needed for setting it up and configuration only.
The interface is easy to use: left and right buttons for navigation between the apps, middle button for taking related actions.
The form factor is sized to fit well on a table, shelf, shop-front or a counter. Wake up to your favourite Internet radio station or stream music from services like Spotify, iTunes, Pandora via Bluetooth.
The typical list price on this one-of-a-kind gadget has been reduced 15% from $199 to $169 for a limited time.
See this deal on Amazon.To read this article in full or to leave a comment, please click here
VMworld Europe 2016 was an opportunity for these experts to meet and share best practices.
Shavlik and AppSense used it to collect data from these frontline experts, to highlight patch management and security concerns in corporations. Shavlik and AppSense Infographic Key figures:- 80% of IT professionals have implemented a patch policy to enhance their organisation’s security.- 77% said that Microsoft OS represents the biggest challenge in terms of patching operating systems, and 59% indicated that Oracle is the most challenging 3rd party application.- 55% of IT professionals believe that the visibility they have into their company’s IT security posture is insufficient.- 55% of the companies surveyed give employees’ administrator rights, substantially increasing security risk.- Patch management takes more than 8 hours per month for two-thirds of the companies. A whopping 178 professionals responded to the survey.
For 76.5% of them, the Microsoft OS poses the biggest patch challenges for their company.
This figure is down from last year’s 86%, so Microsoft seems to be improving. Linux (19.1%) and Mac (4.2%) are also mentioned but to a lesser extent, which can be explained, at least in part, by the smaller number of devices using these operating systems, and fewer patches released for them each month. Patching the OS is only a small part of the equation when it comes to an effective patch management strategy. When asked about the challenges of patching applications, Java was mentioned as the most difficult application to update by 59% of respondents, followed by Adobe Reader/Flash Player - 38%, Google Chrome - 21%, Firefox - 18% and Apple iTunes - 10%. 79.7% of IT managers have implemented a policy to manage patching, which is good news. However, while 37.2% report spending fewer than 8 hours a month on patching, 29.6% spend more than 16 hours a month, and 14% spend more than 48! This amounts to a day and a half on average for most organisations, which is far from efficient. Finally, 54.7% of companies grant full administrative rights to their employees, making their systems more vulnerable to malware.
This approach increases risk in the event of a malware attack, since there is no way to limit the damage by restricting user rights to infected devices. Andy Baldin, VP EMEA Shavlik, comments: “The results of this survey show that the need to establish a patch management policy is recognised by an increasing number of IT departments.
Despite this, many companies spend too much time on patch management issues, and manage the rights of their employees in a way that unknowingly promotes risk.
This confirms the importance of our work in supporting companies in managing their patches, enabling them to reduce costs, save time and minimise risks to the security of their IT assets.”Baldin emphasises the importance of facilitating companies’ work to secure and manage their patching: "The results of our study shows that 7% of respondents do not have IT security systems in place or do not know if there is one, 3% have only one backup system, 13% just have antivirus, 7% a firewall and 10% an antivirus coupled with a firewall.
This means, 40% of respondents could easily improve their endpoint security.
To help organisations, Shavlik publishes a monthly report each Patch Tuesday: we watch and provide our analysis of the latest patches, to help companies prioritise the allocation of their IT security resources. " About ShavlikShavlik is a recognised leader in patch management, and a pioneer in agentless patching technology, virtual machine (VM) patching and third-party application patching.
Shavlik solutions include Shavlik Protect, Shavlik Patch for Microsoft System Center and Shavlik Empower.
Shavlik's combination of premise- and cloud-based solutions enables organizations of all sizes to begin improving organizational security in as little as 30 minutes.
For in-depth Patch Tuesday analysis, see: http://www.shavlik.com/patch-tuesday http://www.shavlik.com/ About AppSenseAppSense is the leading provider of User Environment Management solutions for the secure endpoint.
The technology allows IT to secure and simplify workspace control at scale across physical, virtual and cloud-delivered desktops.
AppSense solutions have been deployed by 3,600 enterprises worldwide to nine million endpoints.
AppSense is now a part of the LANDESK family with offices around the world.
For more information, please visit http://www.appsense.com/. Copyright © 2017, Shavlik.
All rights reserved.
The company is still investigating the extent of the hack, but it has advised all its customers to change their passwords. The biz says the database is an old one – it has migrated to a new system – but warned that basic contact information for people that were registered to receive notifications from the company has been accessed. Reportedly, as much as 900GB of information was taken. Such a database could prove valuable given Cellebrite's line of work: it specializes in mobile forensics.
In that capacity, the FBI apparently approached it in an effort to crack the iPhone of San Bernardino shooter Syed Farook. Farook was running version 9 of the iOS mobile software, which encrypted the phone's data and required a four-digit pin to access it.
Too many wrong tries effectively render the phone inoperable.
The FBI decided to use the case to have a very public fight with Apple over its security features, demanding that the iTunes giant give the FBI access to the phone. Apple refused, stating that it was effectively being told to break its own product, and the impasse became national news, with politicians dragged into the argument.
In the end, in a face-saving exercise, the FBI said it had found a third-party vendor that could access the phone, and backed down from what had by then become a legal challenge. Although neither the FBI nor Cellebrite ever confirmed the forensics company was the source of the hack, neither denied reports, either. Whatever biz bypassed the smartphone's security, it received as much as $1m for its troubles. With that amount of money flying about, it was inevitable that hackers would try to get into Cellebrite's systems. "Cellebrite actively maintains an ongoing information security program and is committed to safeguarding sensitive customer information using best-in-class security countermeasures," the company assured customers. "Once the investigation of this attack is complete, the company will take any appropriate steps necessary to harden its security posture to mitigate the risk of future breaches." The outfit, which is a subsidiary of the Japanese Sun Corporation but is based in Israel, said it was working with the authorities to try to track down the hackers. ® Sponsored: Flash enters the mainstream.
Visit The Register's storage hub
Apple said that "when the situation changes, the App Store will once again offer The New York Times app for download in China," but it declined to cite the specific regulations violated or who had contacted Apple about it in the first place.
The apps were removed from the store on December 23. According to the Times, the Chinese government has been taking steps to block the publication in the country since a series of articles in 2012 highlighted the hidden wealth of then-Prime Minister Wen Jiabao and his family. Legislation called "The Provisions on the Administration of Mobile Internet Application Information Services" passed in June of 2016 prohibits apps from publishing "prohibited" information among other things, and the Times suspects this is the rule that got its news apps pulled. “The request by the Chinese authorities to remove our apps is part of their wider attempt to prevent readers in China from accessing independent news coverage by The New York Times of that country, coverage which is no different from the journalism we do about every other country in the world,” said NYT spokesperson Eileen Murphy. China has become a very important territory for Apple's bottom line in the last couple of years, though 2016's sales were far below the heights of 2015's.
The country also plays a large part in the manufacturing of Apple's hardware—the Times detailed last week the billions of dollars in benefits and subsidies that China and the city of Zhengzhou have provided to Apple's manufacturing partner Foxconn.
These reasons make it beneficial for Apple to play ball with Chinese authorities and make investments in China and Chinese companies.
But there have been other censorship-related clashes, like when China shut down the Chinese iTunes movie and book stores just a few months after allowing them to open.
Apple has also refused to give its operating systems' source code to the country. When contacted for comment, Apple Director of Corporate Communications Fred Sainz told Ars that Apple had no statements beyond what was already printed in the Times article. Readers in China can still access the Times' reporting using a VPN or other software that circumvents the country's so-called "Great Firewall."
The Glass Room is a collection of art pieces designed to make you think of how you're selling yourself.
The National Security Agency can read your email. Verizon knows where you are at all times. Amazon is confident you're in the market for a new printer. We know these things about the weird world we live in, but few of us ever stop to think about what they really mean. Recently, a group of artists got together in New York City to change that.
Apple doesn't have a retail store on Mulberry Street in New York City, but at a glance, you might think it does. The Glass Room exhibit borrows heavily from the Apple Store design aesthetic: white walls, white ceiling, white podium, and even helpful "inGenious" staffers in matching white hoodies (see the photo below). But nothing is for sale in The Glass Room. It's a collection of art pieces designed to make you think of how you're selling yourself, maybe without even knowing it.
The exhibit is curated by Tactical Technology Collective along with The Mozilla Foundation, maker of the Firefox browser. The subjects addressed in The Glass Room are digital: online privacy, location tracking, psychographic profiling, the gamification of security, and so on. But the pieces themselves are grounded in the real world; you can see them, touch them, and in one case, smell them. Here are a few that stood out to me.
Forgot Your Password? (Aram Bartholl): We're so used to massive password hacks that we barely even notice them. In fact, Yahoo recently disclosed that it had compromised at least 1 billion more of its users' passwords. Back in 2012, LinkedIn held the record for the biggest password hack—a paltry 4.6 million. For this exhibit, Bartholl printed all 4.6 million of those passwords alphabetically and bound them into volumes. (I looked for mine; it wasn't in there.)
Subscribe today to the PC Magazine Digital Edition for iOS devices.
Random Darknet Shopper (!Medien-gruppe Bitnik): This artist collective created an online shopping bot and gave it a budget of $100 in bitcoins. They set it loose on the dark Web to make random purchases and have them mailed to the exhibition space. No drugs or pornography arrived; just random stuff. A copy of Mastering the Art of French Cooking, a Hungarian passport photo, and—featured in the Glass Room—a pair of fake Kanye West Nike Air Yeezy 2 sneakers.
Online Shopping Center (Sam Levigne): Amazon does a great job of identifying what you want to buy and getting it to your quickly. As a logical (perhaps inevitable) next step, in 2014, the company was granted a patent for "predictive shopping." Levigne's art takes the concept even further. As a Glass Room "shopper," you strap on a brainwave monitor and allow an algorithm to determine what your brain looks like when you're shopping. When Levigne first conducted this experiment, he had his bot shop for him on Amazon and Alibaba whenever his brain was in the "shopping state." I tried it, but so far, Amazon hasn't sent me anything.
Not all the exhibits at The Glass Room are art. Some are demos of real-world products and services. The Texas Virtual BorderWatch, for example, was a real-time camera system (live from 2008 to 2012) that let volunteers monitor the United States–Mexico border from their homes and alert authorities of infractions. Another, the Silver Mother ($299), is a monitoring solution for seniors that gives medication reminders, tracks sleep, and gives front-door alerts. And then there's Churchix, a facial-recognition system that enables churches to track attendance automatically—a whole new meaning for "witnessing."
Finally, at the back of the room was a "data detox" center. For those who were moved by the exhibit and wanted to make a change in their digital lifestyle, experts at the counter explained their options. We've reviewed a lot of the tools used to manage your privacy, including Signal, Ghostery, Tor, and more.
If The Glass Room made anything clear, it is that technology is the dominant force for change in the world right now. It is affecting our jobs, our home lives, our relationships, our environment, and even our bodies. I'm a big believer in technological progress, but not all of these changes are for the better. PC Magazine is committed to getting you the tools, techniques, and information you need to thrive in this new world.
Now, if you'll excuse me, I need to go clear my browsing history.
For more, check out the January issue of the PC Magazine Digital Edition, available now via Apple iTunes.
It addresses 11 flaws that could allow remote code execution and information disclosure. MS16-146 is a patch for the Microsoft Graphics Component in Windows.
It addresses three CVE-listed flaws that would allow for a malformed webpage or document to remotely execute code and harvest user information. MS16-147 fixes a bug in Windows Uniscribe that allows web pages and documents to perform remote code execution via an error in the handling of objects in memory. MS16-148 remedies 13 CVE-listed flaws in Office, including remote code execution, information disclosure, and security bypass holes.
The update is being posted for Office 2007, 2010, 2013, 2013 RT, 2016, and both versions of Office for Mac. MS16-149 covers an information disclosure hole in Windows Crypto Driver and an elevation of privilege vulnerability in the Windows Installer component.
To exploit the flaws, the victim would need to run either a specially crafted application or load an insecure library. MS16-150 addresses a single elevation of privilege flaw in the Windows Secure Kernel that could allow a malicious application to circumvent virtual trust level protections. MS16-151 fixes two elevation of privilege flaws in the Windows Kernel-Mode Driver. MS16-152 is an information disclosure bug in Windows Kernel that could allow a malicious application to harvest personal data. MS16-153 patches a single CVE-listed flaw in the Windows Common File Log system that could allow information disclosure to a malicious application. MS16-154 is Microsoft's release of the Adobe Flash Player update for Edge and Internet Explorer.
It addresses a total of 17 CVE-listed flaws. MS16-155 patches an information disclosure vulnerability in the .NET Framework. Meanwhile, in Cupertino... Apple has kicked off the week with a bundle of security updates on consecutive days.
The releases address flaws in iOS and macOS, as well as a number of Apple products for Windows. iOS 10.2 update brings with it fixes for 64 different CVE-listed vulnerabilities in the core components of iOS itself, as well as the built-in Safari browser and the WebKit browser engine.
The update can be downloaded from the iOS Software Update tool. macOS Sierra 10.12.2 includes patches to address 72 flaws, including the WebKit and Safari vulnerabilities. Safari 10.0.2 will be released for those Macs not yet on Sierra.
It contains fixes for 23 vulnerabilities in the WebKit engine and a patch for a cross-site scripting bug in the Safari reader. tvOS 10.1 will be pushed out for the AppleTV set-top box and contains patches for 49 CVE-listed flaws, 23 of those being WebKit fixes. iTunes 12.5.4 for Windows PCs brings with it 23 patches for WebKit. iCloud for Windows 6.1 remedies the 23 WebKit vulnerabilities as well as an information disclosure hole in the iCloud desktop software for Windows 7 and later. And who can forget Adobe? The media software giant chose to deliver nine updates of its own to close out the year, including its monthly Flash Player bug fix parade. Adobe Flash Player, also known as "the internet's screen door," will see 17 CVE-listed bugs patched this month for Windows, macOS, and Linux versions.
Systems running Google Chrome, Microsoft Edge, and Internet Explorer 11 or later should get the update automatically through their browser. Adobe Animate has been updated to plug a single memory corruption flaw. Adobe Experience Manager Forms will get fixes for a pair of cross-site scripting vulnerabilities. Adobe DNG Converter on Windows and Mac has been patched for a critical memory corruption vulnerability. Adobe Experience Manager is updated to protect against four cross-site scripting vulnerabilities. Adobe InDesign is now protected from a critical memory corruption vulnerability in Windows and macOS. ColdFusion Builder on Windows, macOS and Linux has been updated to address an information disclosure vulnerability. Adobe Digital Editions has been patched to address two information disclosure leaks on the Windows, macOS and Android versions of the reader software. Adobe RoboHelp has received an update to remedy a single cross-site scripting vulnerability. Users and administrators are advised to test and apply the updates as soon as possible. ® Sponsored: Flash enters the mainstream.
Visit The Register's storage hub