6 C
Tuesday, November 21, 2017
Home Tags Microsoft Windows 10

Tag: Microsoft Windows 10

Microsoft really, really wants everyone to dump Windows XP, Windows 7, and Windows 8 in favor of Windows 10.
It's been aggressively urging users to upgrade to Windows 10, even preinstalling the Windows 10 update on PCs unasked.

This week, it provided a new incentive to encourage Windows 10 updates, especially in businesses: enhanced security. The company announced a new service built into Windows 10 called Windows Defender Advanced Threat Protection that helps IT detect and make suggestions on how respond to attacks that have made it into the network. Windows Defender ATP does not yet actually remediate any breaches that it detects, though Microsoft plans to add such capabilities in the future. (Don't confuse Windows Defender APT with Exchange Online ATP, a for-pay add-on to Office 365. Windows Defender APT complements Exchange Online ATP, not serves as an alternative to it.) Windows Defender APT is one of several security features that Microsoft has brought to Windows 10 in hopes of upping the appeal to enterprise IT departments. Others include: Credential Guard: Built into Windows 10 Enterprise and Education editions, this tool stores credentials (NTLM hashes and Kerberos tickets) with the LSASS process that manages them in an isolated Hyper-V virtualized container. Device Guard: This tool prevents untrusted apps from running on Windows 10 Enterprise PCs.
Via virtualization, it isolates the Code Integrity services from the Windows kernel.

For this to work, you have to go through and sign your apps and determine their trustworthiness.  Windows Hello: This is a biometric authentication feature built into Windows, using fingerprint matching and facial recognition. Enterprise Data Protection: This tool works with Microsoft's Intune and Configuration Manager servers, as well as with third-party mobile management servers, to encrypt enterprise data and remotely wipe enterprise data from devices. Other mobile management tools offer similar capabilities, but Microsoft's stands apart in its integration with Azure Active Directory for access management to cloud and other sevices.  Windows 10 also provides security tools included in previous Windows versions, such as a software firewall, BitLocker drive encryption, and the Windows Defender antimalware tool.
Windows Defender APT – no, not that type of APT RSA 2016 Microsoft will be rolling out a new form of security system for enterprises later this year aimed at stopping attacks as soon as they happen. Dubbed Windows Defender Advanced Threat Protection, the system will monitor a company's computer systems looking for signs that an attack is occurring.
If someone starts trying to break in, the software will alert the IT manager and give a detailed rundown on the best way to mitigate the attack and lock down data. "Deploying Windows Defender Advanced Threat Protection gave us incredible awareness about several critical security vulnerabilities in our network, which we've already taken immediate action to address, along with updating our security policies," said Henrik Pedersen, IT Manager at TDC Hosting in a canned statement. Microsoft is already trialing the system with 500,000 enterprise users and is fine-tuning the release before launch.
It'll only be available for Windows 10 users and will be turned off by default and activated on a subscription fee basis, although pricing hasn't been announced as yet. Youtube Video Tim Rains, director of security at Microsoft, told The Register that there was no technical reason why the software couldn't run on Windows 7 or 8.1, but that it has been developed for Windows 10 primarily so that it could take advantage of the more advanced security features of the newer operating system. To develop the attack plans, he explained, the new system takes information from Microsoft's 1.2 billion sensors – primarily on computers round the world running its software – and then feeds them into a central console run by its best security bods. We'll have to see how well the system works in practice, since this is the kind of code that could drive IT managers nuts with false positives.

But Redmond is confident that the system works well and, if so, it could give rival security vendors some serious problems. ® Sponsored: Four ways to achieve more efficient and effective vulnerability management
Windows Defender Advanced Threat Protection firstly aims at detecting advanced attacks. Not a day goes by when we don't hear about another hack.

To ensure that your business is not next, Microsoft has announced Windows Defender Advanced Threat Protection, which it says "provides a new post-breach layer of protection to the Windows 10 security stack." Windows Defender Advanced Threat Protection firstly aims at detecting advanced attacks.

According to Microsoft, it employs "sophisticated threat intelligence" that can determine who may have conducted the attack, how it was done, and why it happened.

The company crunches that data with help from behavioral sensors, cloud-based security analytics, and other data compiled by Microsoft's security team. "This data is then augmented by expertise from world-class security experts and advanced threat protection Hunters from across the globe, who are uniquely equipped to detect attacks," according to Microsoft. Once the basics of the attack have been identified, Microsoft's new platform provides companies with recommendations on how they should respond.

The tool will find the files and machines that were affected and allow users to quarantine them from the network. Microsoft says it will offer "remediation tools for affected endpoints" at some point in the future to help companies eliminate the flawed data. Finally, Microsoft says that its Windows Defender Advanced Threat Protection will be continually updated and since it's based in the cloud, will not require "on-premise server infrastructure or ongoing maintenance." It will also work in tandem with Microsoft's other security solutions, including Advanced Threat Analytics. Looking ahead, Microsoft hopes to sign on more companies.

As of this writing, the company has rolled out Advanced Threat Protection to "early adopter customers." It's currently protecting 500,000 endpoints, which includes the entire Microsoft network. The launch could prove important to the growing number of companies that are adopting Windows 10, including the Department of Defense.
A new offering, called Windows Defender Advanced Threat Protection, alerts administrators if attackers gain a foothold on a network. Suffered a network breach? Microsoft's latest cloud-based data security service can help administrators prevent their Windows devices from giving up the goods.Using as a backdrop this week's RSA Conference—when the IT industry turns its attention to information security—the software giant on March 1 announced Windows Defender Advanced Threat Protection.

Borrowing the name of Windows' built-in anti-malware software, the upcoming product helps make Windows 10 systems less susceptible to data leaks, even if an attacker has already managed to breach a corporate network."To help protect our enterprise customers, we are developing Windows Defender Advanced Threat Protection, a new service that will help enterprises to detect, investigate and respond to advanced attacks on their networks," Terry Myerson, executive vice president of Microsoft's Windows and Devices group, said in a March 1 announcement. "Building on the existing security defenses Windows 10 offers today, Windows Defender Advanced Threat Protection provides a new post-breach layer of protection to the Windows 10 security stack."While businesses experienced fewer breaches in 2015 than the year before, they remain a major concern. Last year, organizations reported a total of 1,673 breaches, 46 of which involved a million records or more. On average, the total cost for a data breach rings up at $3.8 million, according to Ponemon Institute's 2015 Cost of Data Breach Study.

Generally, it takes just over 200 days to detect a breach. Windows Defender Advanced Threat Protection is Microsoft's bid to keep its customers, or at least their Windows systems, from becoming one of those statistics. "With a combination of client technology built into Windows 10 and a robust cloud service, it will help detect threats that have made it past other defenses, provide enterprises with information to investigate the breach across endpoints, and offer response recommendations," Myerson continued. The product can detect advanced attacks, courtesy of security analytics performed by Microsoft.

The company claims to gather anonymized information from over a billion Windows devices and 2.5 trillion indexed URLs, along with "detonating" a million suspicious files each day, to inform its threat intelligence system.When a threat is detected, the product can offer security administrators recommendations on how to proceed."With time travel-like capabilities, Windows Defender Advanced Threat Protection examines the state of machines and their activities over the last six months to maximize historical investigation capabilities and provides information on a simple attack timeline," Myerson said. "Simplified investigation tools replace the need to explore raw logs by exposing process, file, URL and network connection events for a specific machine or across the enterprise." The company is also working on baking remediation tools into the offering.In its current pre-release state, the product is already helping safeguard 500,000 endpoints, Myerson revealed. "Windows Defender Advanced Threat Protection is already live with early adopter customers that span across geographies and industries, and the entire Microsoft network, making it one of the largest running advanced threat protection services."
February 12th, 2016 Leicester, UK - 10ZiG Technology is proud to announce their new look Dual and Quad Core Thin & Zero Client hardware range. The devices have been developed to provide the highest level of performance in VDI, DaaS and Application Delivery environments, and to provide the desktop of choice for all types of users and their varied requirements. The introduction of the 10ZiG AMD powered 2.4GHz Quad Core 7800q Series complements their existing Intel powered 2GHz Quad Core 5800q Series and their Intel powered 1.33GHz Dual Core 4400 Series. “It is still a common misbelief that Thin Clients provide the same performance to its user regardless of specification, as it’s the server side components of VDI which perform the grunt of the work. However, an increase in users requiring support for HD video/audio, Flash/HTML5, video conferencing, 3D, CAD and resolutions of up to 3840 x 2160 (4K), places a much greater demand on the Thin Client hardware. The Thin Client is ultimately responsible for decoding this display information in addition to its other tasks. This local processing demand increases with additional resolution and also where screen content changes regularly, such as in multimedia/3D and Imaging use cases. Supplying a Thin Client with the capability to decode this, regardless of screen size and resolution is essential to the combined success of a VDI deployment,” stated Robert Fitzer, Head of Research and Development, 10ZiG Technology. Leading the line in the 10ZiG product offering is their 7800q Series. Powered by the industry leading AMD GX-424CC 2.4GHz Steppe Eagle processor, it offers the perfect Thin Client endpoint for technology solutions including VMware Horizon, Citrix and Microsoft environments. The device supports single screen resolutions of up to 3840 x 2160 @ 30Hz (4K), Twin Display Ports for Dual Screen requirements and optional PCI expansion to offer Quad Screen support. A total of 8 x USB ports are available on the 7800q Series, including USB 3.0, with additional connectivity options such as legacy Serial and Parallel ports. Windows Trusted Platform Model Management (TPM) is also supported. The 10ZiG 5800q Series provides the most versatile hardware option amongst the 10ZiG product range. Powered by an Intel 2GHz Quad Core processor, capable of speeds up to 2.42GHz with Intel Turbo Boost Technology, this hardware series provides support for Citrix HDX, Citrix HDX 3D Pro (5848qc), VMware Horizon and Microsoft environments. Offering Dual DVI ports as standard, 7 x USB ports (including USB 3.0), optional VESA mounting and/or wireless support, the 5800q Series caters for a vast range of use cases. Last but not least, the 10ZiG 4400 Series provides a reliable and flexible lower powered option for those with non CPU intensive requirements such as support for Microsoft Office or text based browsing. Powered by an Intel 1.33GHz Dual Core processor, the 4400 Series offers Dual DVI ports as standard, 4 x USB ports, including USB 3.0 and the option of VESA mounting and wireless. The device offers support for Citrix, VMware Horizon and Microsoft.The 10ZiG Manager is a cost free management utility supplied with the 7800q, 5800q and 4400 Series providing an intuitive solution for automatic configuration, firmware updates, shadowing, power options and troubleshooting. This cuts out the need for additional IT administration, lowering the total cost of ownership. The 10ZiG Manager has an unlimited user license and there are no hidden upgrade costs so you get access to all of its features. What’s more, you can try any of the hardware above, along with 10ZiG Manager using our free, flexible, no-obligation product evaluation.In addition to the hardware above, 10ZiG also provide the widest range of Teradici Tera2 PCoIP Zero Client devices on the market for VMware Horizon and Amazon WorkSpaces environments, including Dual Screen, Quad Screen and All-in-One hardware. Part of the 10ZiG customer service pledge is to deliver devices that are developed to meet their customer’s requirements. This includes 10ZiG Manager, their Operating Systems and their Thin & Zero Client hardware. “Through working with users and partners and identifying changes in the types of users and sectors who are now being considered for VDI, we are recognizing more and more users who require higher resolution displays to carry out their work,” says Kevin Greenway, Managing Director, 10ZiG Technology. "The addition of the 7800q series complements our existing family of thin clients and is perfectly placed at targeting 'Power' users whom are not prepared to sacrifice on screen size, resolution and performance dealing with 3D/CAD/Imaging work related tasks in a vGPU enabled VDI environment such as Citrix XenDesktop and VMware Horizon." added Greenway.To learn more, or to arrange your FREE evaluation device, please contact the relevant office below.10ZiG Technology Inc. (Corporate Headquarters, US)1 (866)-865-5250sales(at)10zig(dot)comwww.10zig.com @10zigtechnology10ZiG Technology Inc. (EU Headquarters, UK)+44 (0) 116 214 8660sales(at)10zig(dot)euhttp://www.10zig.com/ @10zigtechnologyAbout 10ZiG TechnologyFocused solely in the development of Thin and Zero Clients for the latest desktop solutions, 10ZiG Technology has long-standing partnerships with industry leaders such as Citrix, VMware and Microsoft. These partnerships are all with the aim of providing the best performance possible by supporting the full feature sets of acceleration protocols such as HDX, HDX 3D Pro, PCoIP and RDP 8.1. 10ZiG offers traditional dual screen Thin and Zero Clients, including the widest range of TERA2-based PCoIP devices on the market, including Dual Screen, Quad Screen and All-in-One hardware. 10ZiG devices come with a variety of OS options, including NOS (Zero), PEAKos (Linux), Windows Embedded 7 (WES7), Windows Embedded 8 (WE8S) and Windows 10 IoT (W10 IoT). 10ZiG is committed to taking the complexity out of Desktop Virtualization, Application Delivery and The Cloud by providing Thin and Zero Clients with components that simplify implementation, improve management and visibility of devices and enhance the user experience. To further this commitment, all 10ZiG devices are accompanied by the 100% FREE enterprise class 10ZiG Manager Utility, enabling centralized configuration, maintenance and control of all 10ZiG Software Zero, Linux and Windows devices. The 10ZiG product range is underpinned by the most personal Sales and Support service on the market, and 10ZiG are willing to put it to the test through their no-obligation, no-hassle, flexible 30 day evaluation offer.Source: RealWire
Over a half million dollars in prize money is up for grabs as the Zero Day Initiative browser hacking contest continues even as corporate ownership shifts. The annual Pwn2Own browser hacking competition that takes place at the CanSecWest conference is one of the premier security events in any given year, as security researchers attempt to demonstrate in real time zero-day exploits against modern Web browsers. This year there was initial concern that the event wouldn't happen, as the Zero Day Initiative (ZDI), which is the primary sponsor of Pwn2Own, is currently in a state of transition. ZDI currently is part of Hewlett Packard Enterprise (HPE), but that will change this year, as the TippingPoint division of HPE, which includes ZDI, is being sold to security vendor Trend Micro in a deal first announced in October 2015 for $300 million. Since ZDI is in transition, HPE and Trend Micro will jointly sponsor the 2016 Pwn2Own event taking place March 16-17. "Bringing both HPE and Trend Micro together for Pwn2Own has been a lot of fun," Brian Gorenc, manager of Vulnerability Research at HPE, told eWEEK. Since Trend Micro's acquisition of TippingPoint has not yet officially closed, it was determined that the best course of action was to do a joint sponsorship of the event, Gorenc said. As such, no matter who owns TippingPoint when the Pwn2Own contest starts, both Trend Micro and HPE will have an interest in what's going on at the event. At the 2015 event, HP awarded a total of $557,500 in prize money to researchers for exploiting previously unknown vulnerabilities in Web browsers. The prize pool for the 2016 event will be in the same range, though at this point it's not entirely clear which vendor will pay for the prizes. "We don't discuss publicly how the sponsorship works, but the money is all accounted for and we're ready to give it all away if the exploits come in," Gorenc said. For the 2016 event, Pwn2Own will award $65,000 for exploits against Google Chrome running on fully patched versions of Windows 10, running Microsoft's Enhanced Mitigation Experience Toolkit (EMET). The same amount will be paid for an exploit on Microsoft's new Edge browser. Pwn2Own will award an additional $60,000 for Adobe Flash exploits running Microsoft Edge. Finally on Mac OS X, there is a $40,000 award for exploiting Apple's Safari browser. There are a number of additional opportunities to win even more prize money. One award will go to a researcher who is able to execute a hypervisor escape from the VMware Workstation virtual machine on which the Windows-based browsers will be running. The promise of using a virtual machine is that it isolates the running application and does not allow processes to "escape" and impact other processes that could be running on the same system host. "This year we also added the Master of Pwn idea, which is the person that will be the grand champion of the entire event," Gorenc said. In the past, he said, whoever won the most money was unofficially understood to be the grand champion. This year, Pwn2Own will formalize the process to crown the Master of Pwn by having a point system for vulnerabilities disclosed at the event. The winner will earn 65,000 ZDI reward points, which is worth approximately $25,000. One change in the 2016 event is that the Mozilla Firefox Web browser is no longer part of the contest. "We wanted to focus on the browsers that have made serious security improvements in the last year," Gorenc said. Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.
Addressing a major sticking point for IT administrators tasked with maintaining end-user systems, Microsoft is now publishing Windows 10 update details. Microsoft is finally lifting the veil of secrecy surrounding Windows 10 patches. Starting Feb. 9, the company began publishing a Windows 10 update history online. In an email statement, a Microsoft spokesperson told eWEEK the following: "After listening to feedback regarding the level of disclosure for Windows 10 updates, we decided to implement a new system for communicating updates to the operating system. Today we are rolling out the Windows 10 update history site, a hub for the release notes that will accompany each update and serve as a historical record of prior release notes." Though Windows 10 has generally been met with a warm reception since its July 29 launch, one of the major criticisms levied on the operating system is the lack of patch notes. Without visibility into the changes introduced by a new update, many IT professionals balked at the prospect of deploying an OS that may unexpectedly render their users' devices and applications unusable due to an incompatibility. In the wake of the Windows 10 launch, Susan Bradley, a security specialist and Microsoft MVP, kicked off a Change.org petition calling on Microsoft to provide visibility into patches and more controls over the update process. "People that care about their PCs have to know what is included in the updates, especially admins who need to validate and confirm updates. Then we have numerous examples of where firmware and drivers have caused issues. We can't just have control over after they update; we need control before they install," Bradley told eWEEK. Hosting industry watchers at its Redmond, Wash., headquarters last summer, Microsoft pledged to provide enterprise customers with information on Windows 10 updates. "We've heard that feedback from enterprise customers, and so we're actively working on how we provide them with the information to understand what's changing and what new capabilities and new value they're getting with these updates," Jim Alkove, former corporate vice president of Microsoft Enterprise and Security, said at the time. (Alkove has since moved to Nest, owned by Google's parent company Alphabet.) Today, all Windows 10 users can review the bug fixes and added functionality included in an update. "We're currently delivering updates to two distinct Windows 10 branches. The July initial launch branch (build 10240), and the November update branch (build 10586). We introduced new operating system features in November after having previewed, or 'flighted,'  them with our Windows Insiders between July and November," states the online Windows 10 update history support document. In the summary for the Feb. 9 cumulative update, Microsoft reveals that the latest patch contained a fix for an Edge caching issue affecting visited URLs in the browser's privacy-enhancing mode along with a bug that prevented remote server configuration on Windows 10. Microsoft published the patch's security updates to a separate online document (KB3135173). They include fixes to .NET framework and NPS RADIUS Server vulnerabilities that could potentially enable denial-of-service attacks.
Fixes for critical flaws in Adobe Flash running on Microsoft's Internet Explorer and Edge web browsers are among a slew of "important" security updates in Microsoft's latest Patch Tuesday.  This month's package isn't as bad as the one before it when there were a lot of serious vulnerabilities to deal with, but it will still top many a sys admins daily to-do list. Microsoft notes that all versions of Windows are affected, and says that users of Windows Vista and later, including Windows 10, need to get patching immediately.  Wolfgang Kandek, chief technology officer at security firm Qualys, noted that after a busy January, things had more-or-less returned to normal. "We are back to normal numbers on Patch Tuesday. After a light start with nine bulletins in January we are getting 12 bulletins (five critical) in February, which is in line with the average count for last year of 12.25 a month. Actually it is 13, but the last one this month, MS16-022, is more of a packaging change," he said. He continued: "It concerns Adobe Flash, a software package where updating has already been handled by Microsoft for the last three-and-a-half years in the Internet Explorer 10 and 11 browsers. "The highest priority item is MS16-022, which contains fixes for 22 vulnerabilities for Adobe Flash, all of them rated as 'critical' and capable of handing the attacker complete control over the target machine." The Flash update was also singled out by Tyler Reguly, manager of software development at Tripwire, who said that this is "one of the best changes" that February has to offer. In case you missed it, no one likes Flash these days". He added: "One of the best changes this month is that Adobe Flash Player, embedded in Microsoft IE and Edge, has finally received its own bulletin. Previously, Microsoft updated the same Knowledge Base on a month-by-month basis with no defining elements," he said. "This is a welcome change and hopefully bodes well for other areas where Microsoft continues to do this." A large chunk of the Microsoft fixes provide protection against remote code execution (RCE) threats. One of these applies to Windows Journal, which has piqued the interested of Craig Young, a security researcher at Tripwire. "Today marks the 12th RCE bug Microsoft is patching in Windows Journal in just 10 months. This is particularly interesting because Windows Journal vulnerabilities were basically unheard of before 2015," he said. "While the increased scrutiny of Windows Journal may be an indication of Microsoft's successes in the tablet space, it is important to remember that the flaw is not limited to tablets. "In fact, every piece of software installed on a computer adds to the potential attack surface even if that software is not frequently used," he said.
[unable to retrieve full-text content]How cool is it to draw on a picture to log into your Windows 10 PC? It's a lot cooler than remembering a bunch of letters and numbers. Here's how to set it up.
Microsoft has patched 41 CVE-listed security vulnerabilities in its software this month. The second Patch Tuesday monthly update of the year brings with it fixes for security flaws in both Internet Explorer and Edge that could allow remote-code-execution attacks simply by visiting a webpage. Also fixed are remote-code-execution holes in the Windows PDF Viewer and Microsoft Office. The full list is as follows: MS16-009 A cumulative update for Internet Explorer 9 through 11. The update includes fixes for 13 CVE-listed issues, including remote-code-execution flaws and information disclosure vulnerabilities. As with all IE updates, the fixes are considered a lower risk for Windows Server installations. MS16-011 An update for the Edge browser in Windows 10 comprising six fixes for CVE-listed issues, four of which are remote-code-execution vulnerabilities. MS16-012 A fix for two remote-code-execution vulnerabilities in Windows PDF Library and Reader for Windows 8.1, Server 2012 and Windows 10. MS16-013 A memory-corruption vulnerability in Windows Journal potentially allowing remote code execution in Windows Vista, Server 2008, Windows 7, Windows 8.1, Server 2012 and Windows 10. MS16-014 Five security holes in Windows, including two remote-code-execution holes and a denial-of-service condition in Windows DLL Loading. Also fixed were an elevation-of-privilege error in Windows and a Kerberos security bypass flaw. MS16-015 Six memory-corruption vulnerabilities in Office, each of which could allow for remote code execution. The update covers Office 2007, 2010, 2013, 2013 RT, and Office 2016 as well as Office for Mac 2011 and 2016. MS16-016 One elevation-of-privilege flaw in WebDAV for Windows Vista, Server 2008, Windows 7, Server 2008 R2, Windows 8.1, Server 2012, Windows RT 8.1 and Windows 10. MS16-017 An elevation-of-privilege flaw in Remote Desktop Protocol that could allow an attacker to log in to systems that have enabled Remote Desktop, which is turned off by default. The issue affects Windows 7, Windows 8.1, Server 2012 and Windows 10. MS16-018 An elevation-of-privilege flaw in the Win32k component for Windows Vista, Server 2008 and 2008 R2, Windows 7, Windows 8.1 and 8.1 RT, Server 2012 and 2012, and Windows 10. MS16-019 Updates for a denial-of-service flaw in .NET Framework and an information disclosure hole in Windows Forms. The fix covers Windows Vista, Server 2008 and 2008 R2, Windows 7, Windows 8.1 and 8.1 RT, Server 2012 and 2012 R2, and Windows 10. MS16-020 A fix for one denial-of-service vulnerability in Windows Server 2012 R2. Other versions of Windows and Windows Server are not affected. MS16-021 A denial-of-service vulnerability in the Network Policy Server Radius Implementation on Windows Server 2008, Server 2008 R2 and Server 2012. After installing the Microsoft updates, users and administrators would be wise to install monthly fixes issued Tuesday by Adobe for Flash Player. The updates cover a total of 22 CVE-listed flaws for Flash, all of which could potentially be targeted for remote-code-execution attacks. The Flash Player update also affects versions for OS X and Linux boxes. ® Sponsored: Building secure multi-factor authentication
Exclusive Microsoft researchers, in partnership with academia, have published a paper detailing how they have dramatically increased the speed of homomorphic encryption systems. With a standard encryption system, data is scrambled and then decrypted when it needs to be processed, leaving it vulnerable to theft. Homomorphic encryption, first proposed in 1978 but only really refined in the last decade thanks to increasing computing power, allows software to analyze and modify encrypted data without decrypting it into plaintext first. The information stays encrypted while operations are performed on it – provided you have the correct key, of course. This has major advantages from a security standpoint. Hospital records can be examined without compromising patient privacy, financial data can be analyzed without opening it up to theft, and it's perfect for a computing environment where so much data is cloud-based on someone else's servers. There is, of course, a problem. The first fully working homomorphic encryption system, built by Craig Gentry (now an IBM Research cryptographer), was incredibly slow, taking 100 trillion times as long to perform calculations of encrypted data than plaintext analysis. IBM has sped things up considerably, making calculations on a 16-core server over two million times faster than past systems, and has open-sourced part of the technology. But, in a new paper [PDF], Microsoft thinks it's made a huge leap forward in applying the encryption system to deep learning neural networks. Professor Kristin Lauter, principle research manager at Microsoft, told The Register that the team has developed CryptoNets that process the encrypted data. The team claims that its optical recognition system is capable of making 51,000 predictions per hour with 99 per cent accuracy. The key to Redmond's approach is in the pre-processing work. The researchers need to know in advance the complexity of the arithmetic circuit that is to be applied to the data. They need to structure the neural network appropriately and keep data loads small enough so the computer handling them isn't over-worked. To make this possible, the team developed the Simple Encrypted Arithmetic Library (SEAL) – code which it revealed last November. Detailed parameters have to be set up before the data run is attempted, to keep multiplication levels low. In testing, the team used 28 x 28-pixel images of handwritten words taken from the Mixed National Institute of Standards and Technology (MNIST) database and ran 50,000 samples through to train the system. They then tried a full run on an additional 10,000 characters to test accuracy. The test rig was a PC with a single Intel Xeon E5-1620 CPU running at 3.5GHz, with 16GB of RAM, running Windows 10. They structured the data in parallel, and the computer ran 51,739 predictions per hour with an accuracy rate of 99 per cent. There's still a lot of work to be done, Lauter said, but the initial results look very promising and could be used for a kind of machine learning-as-a-service concept, or on specialist devices for medical or financial predictions. "I'm not in that part of the company's decision-making process, so can't guarantee when Microsoft will have a product using this technology," she said. "But from a research point of view, we are definitely going towards making it available to customers and the community." ® Sponsored: Application release and deployment for dummies
The browser is now hardened against some classic Windows security flaws.