6 C
London
Monday, November 20, 2017
Home Tags Rome

Tag: Rome

Fantasy still works wonders for the strategy hybrid, but DLC could make it a classic.
Ancient lead pollution in a Roman harbor shows the cityrsquo;s fortunes grew with its pipes.
Microsoft has made major strides to take its development tools out of a Windows-only world, both for the applications you can create and the platforms they run on.

The open source .Net development tools that Microsoft got when it acquired Xamarin two years ago are key to Microsoftrsquo;s cross-platform transformation.That transformation is very much evident today, with much of the Xamarinrsquo;s tools folded into Microsoftrsquo;s Visual Studio development platform over the last year, and its MacOS Xamarin Studio rebranded as Visual Studio for Mac with additional features for working with Azure and .Net Core.[ Review: Visual Studio 2017 is the best ever. | First look: Visual Studio for Mac. | Keep up with hot topics in programming with InfoWorldrsquo;s App Dev Report newsletter. ]To support Microsoft CEO Satya Nadellarsquo;s focus on an “intelligent cloud and intelligent edgerdquo; mission, Xamarinrsquo;s cross-platform development strategy is key to delivering the edge elements of that vision. Microsoftrsquo;s mobile strategy has pivoted away from its own Windows Mobile OS (at least for now), and the company is now concentrating on delivering applications for the previously alien platforms iOS and Android.
Itrsquo;s a shift that also means bringing its developer ecosystem to new platforms – especially if itrsquo;s to deliver on its Project Rome vision of applications and content that migrate from device to device, letting your work follow you wherever you go.To read this article in full or to leave a comment, please click here
Microsoftrsquo;s Cortana voice-based personal assistant has always seemed a little out of place in the enterprise.
Itrsquo;s a useful tool for search, for reminders, and for letting you know when you need to leave to get to that meeting on time.

But compared to Amazon Alexarsquo;s growing list of skills, itrsquo;s lagging in the personal assistant race.Yes, it connects to Office 365 and LinkedIn to give you some insight into your work, but then again so does Alexa.

But if Microsoft delivers the Windows promises made last week at its Build 2017 developer conference, thatrsquo;s all going to change.[ Put itnbsp;all together: Microsoftrsquo;s plan to one-up Applersquo;s Handoff. • Inside the Microsoft Graph APIs. • How to build Microsoft bots. • Reinventingnbsp;Microsoft Teams with private bots. • How to use Azure Functions. • Just what is Project Rome? ]As part of Microsoft CEO Satya Nadellarsquo;s rearticulation of his original “mobile first, cloud firstrdquo; vision as one of “an intelligent cloud and an intelligent edge,” Cortana is getting a promotion. More than a basic piece of personal assistant software, with the next release of Windows 10 it will be the face of the intelligent agents that will populate Microsoftrsquo;s new blurring of the cloud and PC worlds.To read this article in full or to leave a comment, please click here
As Remedy goes multi-platform, Microsoft's exclusive slate looks worse and worse.
A backpack with wireless charging, Bluetooth tracking is neat—but they're lazily implemented.
EyePyramid operation targeted politicians and business leaders A hacking operation featuring the EyePyramid trojan successfully compromised the systems of numerous high-profile Italian targets, including two former prime ministers, say Italian police. High-profile targets were targeted by a spear-phishing campaign that served a remote-access trojan codenamed "EyePyramid" as a malicious attachment. Targets of the spying included bankers, businessmen and even several cardinals.

The president of the European Central Bank, Mario Draghi, and two former Italian prime ministers, Matteo Renzi and Mario Monti, were among targets of the campaign, according to a copy of an Italian arrest warrant obtained by Politico. The malware was used to successfully exfiltrate over 87 gigabytes worth of data – including usernames, passwords, browsing data, and other files – from compromised systems. Federico Maggi, a senior threat researcher at Trend Micro, has published a blog post here and in a technical summary (on GitHub) here. Brother and sister Giulio Occhionero, 45, and Maria Occhionero, 48, were arrested in Rome on Tuesday and detained over hacking and espionage charges related to the EyePyramid campaign, Reuters reports.
Investigators appear to be proceeding on the basis that the hacking operation was used to harvest insider intelligence as part of a criminally tainted investment strategy rather than politically motivated cyber-espionage. The "stolen data was stored in servers in Prior Lake, Minnesota, and Salt Lake City, Utah," according to a court document seen by Reuters. The FBI has seized the servers and will ship them to Italy, the head of Italy's cyber crime unit told the news agency. Hackers behind the spear-phishing campaign used the compromised email accounts of attorneys and associates in several law firms as a platform to launch the second stage of the attacks, targeting businessmen and politicians, according to Trend Micro's Maggi. ® Bootnote Grazie molto to Milan-based reader Alex for the heads-up on this interesting case, which is unsurprisingly getting a lot of coverage in the Italian press. Sponsored: Want to know more about Privileged Access Management? Visit The Register's hub
Mouse-over-on-mobile feature intentionally allows data-stealing overlay attacks That took a while: Android's had Hover since Ice Cream, but boffins have taken until now to work out how to attack it. Hover is a set of interface calls that let application designers imitate mouse-over behaviours people know from PCs, and it only needs to be implemented on a phone or tablet to be vulnerable - whether or not a particular app supports it. The researchers, from ETH Zurich and the Sapienza University of Rome, figured out that “any Android application running with a common SYSTEM_ALERT_WINDOW permission” can ”record all touchscreen input into other applications”. Their paper is here at Arxiv. In other words, it's an overlay attack.
Such things aren't new – The Register has reported on attacks that include overlay exploits in May, June and September of this year alone – but the researchers reckon their “Hoover” attack is more accurate. Even worse, because SYSTEM_ALERT_WINDOW is a common permission, Hoover attackers don't need to phish the users, and it's transparent. Did we mention it gets even worse? The obvious exploit of Hoover is to grab PINs and passwords, but the boffins who wrote the paper have the kind of devious mind you more easily imagine inhabiting an island fortress than a prim academia. They note that a Hover-based attack can also watch what apps someone is using (and therefore could redirect them to malicious lookalike apps as updates); or could build a biometric profile of the user, to bypass biometric authentication. So let's take a look at how it works. Hover isn't much different from a touch-screen interface: it detects the user's finger or stylus as x-y coordinates, with suitable system calls to Hover events, and it interacts with the UI's View Objects building blocks. If you can create a transparent overlay, it's easy to capture the user's interaction, but in most similar vulnerabilities the attacker has to trick the user into installing a malicious app. That's where the SYSTEM_ALERT_WINDOW permission comes in. People routinely allow apps to use this permission, because it lets them get a popup when a new text message arrives – or a new Facebook notification. In other words, users have been socially engineered into saying “yes” to notifications.

The paper notes that on Google Play, “there are more than 600 apps with hundreds of millions of downloads each that require SYSTEM_ALERT_WINDOW to be installed”. In Android, malware is blocked from observing other applications' clicks – but the researchers found that a malicious, invisible window raised by SYSTEM_ALERT_WINDOW can watch Hover events, and use those to infer the user's clicks. The malicious app generates a fully-transparent alert window overlay which covers the entire screen.

The overlay is placed by the system on top of any other window view, including that of the app that the user is using.

Therefore, the malware, thanks to the overlay, can track the hover events. However, the malicious view should go from active (catch all events) to passive (let them pass to the underneath app) in a “smart way” in time, so that the touch events go to the real app while the hovering coordinates are caught by the malware.

The malware achieves this by creating and removing the malicious overlay appropriately, through the WindowManager APIs, in a way that it does not interfere with the user interaction. In other words, the Hoover attack pops up its window long enough to catch a Hover event, “guesses” from Hover what the click is going to be, hides the overlay so the user can interact with their application, and raises it again to catch the next input. A bit of machine learning was required to train the attack, after which the researchers claim accuracy up 79 per cent for finger interactions, and up to 98 per cent for stylus users. The researchers note this isn't going to be easy to mitigate: Google will have to balance how to restrict Hover's permissions without crippling legitimate apps. ® Sponsored: Customer Identity and Access Management
Hackers can use a botnet to attack you from anywhere in the world. Image: iStock According to new data from cybersecurity researchers at Symantec, Turkey plays host to the highest botnet population in EMEA, with its most populous urban centre of Istanb...
D-Link routers contain buffer overflow vulnerability Original Release date: 11 Aug 2016 | Last revised: 12 Aug 2016 Overview D-Link DIR routers contain a stack-based buffer overflow vulnerability, which may allow a remote attack to execute arbitrary ...
Historical supplier of the Armed Forces Italtel is awarded the contract for new Italian Army Data Center worth more than €2.5 millionMilan, October 07, 2014 - Italtel, in partnership with Cisco, has been awarded a €2.5 million contract by the Telematics and Informatics Advanced Technologies Division of the Ministry of Defense to create a new data center for the Italian Army. The main objectives of the program are to develop and modernize the Italian Army's hardware and data network, complete the hardware and software infrastructure of the virtualization/concentration nodes and support the continued operation of such nodes. By the end of the project, Italtel will have installed a new data center to run homogeneously to the army's existing data centers network in terms of virtualization and concentration features, thus creating a functional and cutting edge ICT network. The army's data center network, which has two main centers in Rome and Padua, supplies IT services to all military bases throughout the Italian territory and has to meet very stringent security and continuity standards due to the highly strategic activity it is used for."We are proud to be able to provide our skills and ability to the Italian Army," said Stefano Pileri, Italtel CEO. "We have always had a deep knowledge of telecommunications networks and we have been able to apply this knowledge to develop leading ICT networks. Being able to enrich the technological equipment of such a significant customer is a source of pride for us and reconfirms Italtel as an established supplier to the Italian Army."This project is just the latest stage in the modernization of the Italian Army's infrastructure, network equipment and computer services. The process, supported by Italtel and Cisco, started a few years ago, with the creation of two new-generation data centers that simplified the technological infrastructure within the Army through the reduction of physical servers and simplification of the network elements. Following this, the project was integrated with the creation of eleven other 'mini data centers', distributed throughout the country. As a result, the Italian Army now has the benefits of cloud computing, including the strengthening and virtualization of computer applications while also ensuring the needs of network reliability and security of data.Ends***Italtel GroupItaltel designs, develops, implements solutions for NGN and NGS; Professional Services dedicated to the design and maintenance of networks; IT System Integration Services; Network Integration and migration activities. Italtel counts among its customers more than 40 of the world's top TLC Operators and SPs. In Italy Italtel is also reference partner of Enterprises and Public Sector for the deployment of IP Next-Generation Networks and for the development of multimedia convergent services for their customers. Italtel is present in 25 countries including France, UK, Spain, Germany, Belgium, Poland, United Arab Emirates, Saudi Arabia, Oman, Argentina, Brazil. www.italtel.com. Contact details: Laura Borlenghi Tel.: +39 02 4388 5275; Mobile: +39 335 769 4240; E-mail: laura.borlenghi@italtel.com Source: RealWire
In the latest round of Google’s privacy battles in Europe, the Italian data protection watchdog has given the company 18 months to change the way it processes and stores user data. In January 2014, France’s privacy watchdog, CNIL, fined Google €150,000 for failing to conform to local law regarding tracking and storing user information within the three-month deadline it had set. The Rome-based Italian Data Protection Authority (DPA) said in a statement that Google must ask users for permission to use personal data and make it clear this data may be used for commercial profiling. Profiling is typically used by advertisers to target individuals with specific offers tailored to browsing and purchasing patterns. The watchdog said Google also has to honour requests to delete data within two months, but the firm will have up to six months to remove the content from backups. Google's disclosure to users remains inadequate, despite the steps it has taken to follow local law, the statement said. A Google spokesman said: "We've engaged fully with the Italian DPA throughout this process to explain our privacy policy and how it allows us to create simpler, more effective services, and we'll continue to do so. We'll be reading their report closely to determine next steps." Google has also agreed to present a roadmap to the Italian DPA by the end of September, showing how the company will comply with privacy requirements. The Italian DPA order follows a pan-European investigation that found that Google was in breach of the EU’s privacy laws. The investigation was prompted by Google’s January 2012 consolidation of 60 of its privacy policies into one policy that covered a broad range of services without giving users the ability to opt out. Privacy groups are concerned that personal data is being stored in the US, reducing the control that European citizens have over their personal information. These concerns have increased in the wake of claims by whistleblower Edward Snowden that US intelligence services have access to material stored in US-based cloud services. The EU investigation concluded that Google was in breach of European privacy laws, and in July 2013, the UK’s privacy watchdog joined data protection authorities in France, Spain, Germany, Italy and the Netherlands in demanding a rewrite of Google’s privacy policy. The Italian DPA said that while Google has made some progress towards complying with EU privacy laws, it is does not yet fully comply in areas such as seeking prior consent in profiling for commercial purposes or how long personal data is stored. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK