17 C
London
Friday, September 22, 2017
Home Tags Rome

Tag: Rome

Ancient lead pollution in a Roman harbor shows the cityrsquo;s fortunes grew with its pipes.
Microsoft has made major strides to take its development tools out of a Windows-only world, both for the applications you can create and the platforms they run on.

The open source .Net development tools that Microsoft got when it acquired Xamarin two years ago are key to Microsoftrsquo;s cross-platform transformation.That transformation is very much evident today, with much of the Xamarinrsquo;s tools folded into Microsoftrsquo;s Visual Studio development platform over the last year, and its MacOS Xamarin Studio rebranded as Visual Studio for Mac with additional features for working with Azure and .Net Core.[ Review: Visual Studio 2017 is the best ever. | First look: Visual Studio for Mac. | Keep up with hot topics in programming with InfoWorldrsquo;s App Dev Report newsletter. ]To support Microsoft CEO Satya Nadellarsquo;s focus on an “intelligent cloud and intelligent edgerdquo; mission, Xamarinrsquo;s cross-platform development strategy is key to delivering the edge elements of that vision. Microsoftrsquo;s mobile strategy has pivoted away from its own Windows Mobile OS (at least for now), and the company is now concentrating on delivering applications for the previously alien platforms iOS and Android.
Itrsquo;s a shift that also means bringing its developer ecosystem to new platforms – especially if itrsquo;s to deliver on its Project Rome vision of applications and content that migrate from device to device, letting your work follow you wherever you go.To read this article in full or to leave a comment, please click here
Microsoftrsquo;s Cortana voice-based personal assistant has always seemed a little out of place in the enterprise.
Itrsquo;s a useful tool for search, for reminders, and for letting you know when you need to leave to get to that meeting on time.

But compared to Amazon Alexarsquo;s growing list of skills, itrsquo;s lagging in the personal assistant race.Yes, it connects to Office 365 and LinkedIn to give you some insight into your work, but then again so does Alexa.

But if Microsoft delivers the Windows promises made last week at its Build 2017 developer conference, thatrsquo;s all going to change.[ Put itnbsp;all together: Microsoftrsquo;s plan to one-up Applersquo;s Handoff. • Inside the Microsoft Graph APIs. • How to build Microsoft bots. • Reinventingnbsp;Microsoft Teams with private bots. • How to use Azure Functions. • Just what is Project Rome? ]As part of Microsoft CEO Satya Nadellarsquo;s rearticulation of his original “mobile first, cloud firstrdquo; vision as one of “an intelligent cloud and an intelligent edge,” Cortana is getting a promotion. More than a basic piece of personal assistant software, with the next release of Windows 10 it will be the face of the intelligent agents that will populate Microsoftrsquo;s new blurring of the cloud and PC worlds.To read this article in full or to leave a comment, please click here
As Remedy goes multi-platform, Microsoft's exclusive slate looks worse and worse.
A backpack with wireless charging, Bluetooth tracking is neat—but they're lazily implemented.
EyePyramid operation targeted politicians and business leaders A hacking operation featuring the EyePyramid trojan successfully compromised the systems of numerous high-profile Italian targets, including two former prime ministers, say Italian police. High-profile targets were targeted by a spear-phishing campaign that served a remote-access trojan codenamed "EyePyramid" as a malicious attachment. Targets of the spying included bankers, businessmen and even several cardinals.

The president of the European Central Bank, Mario Draghi, and two former Italian prime ministers, Matteo Renzi and Mario Monti, were among targets of the campaign, according to a copy of an Italian arrest warrant obtained by Politico. The malware was used to successfully exfiltrate over 87 gigabytes worth of data – including usernames, passwords, browsing data, and other files – from compromised systems. Federico Maggi, a senior threat researcher at Trend Micro, has published a blog post here and in a technical summary (on GitHub) here. Brother and sister Giulio Occhionero, 45, and Maria Occhionero, 48, were arrested in Rome on Tuesday and detained over hacking and espionage charges related to the EyePyramid campaign, Reuters reports.
Investigators appear to be proceeding on the basis that the hacking operation was used to harvest insider intelligence as part of a criminally tainted investment strategy rather than politically motivated cyber-espionage. The "stolen data was stored in servers in Prior Lake, Minnesota, and Salt Lake City, Utah," according to a court document seen by Reuters. The FBI has seized the servers and will ship them to Italy, the head of Italy's cyber crime unit told the news agency. Hackers behind the spear-phishing campaign used the compromised email accounts of attorneys and associates in several law firms as a platform to launch the second stage of the attacks, targeting businessmen and politicians, according to Trend Micro's Maggi. ® Bootnote Grazie molto to Milan-based reader Alex for the heads-up on this interesting case, which is unsurprisingly getting a lot of coverage in the Italian press. Sponsored: Want to know more about Privileged Access Management? Visit The Register's hub
Mouse-over-on-mobile feature intentionally allows data-stealing overlay attacks That took a while: Android's had Hover since Ice Cream, but boffins have taken until now to work out how to attack it. Hover is a set of interface calls that let application designers imitate mouse-over behaviours people know from PCs, and it only needs to be implemented on a phone or tablet to be vulnerable - whether or not a particular app supports it. The researchers, from ETH Zurich and the Sapienza University of Rome, figured out that “any Android application running with a common SYSTEM_ALERT_WINDOW permission” can ”record all touchscreen input into other applications”. Their paper is here at Arxiv. In other words, it's an overlay attack.
Such things aren't new – The Register has reported on attacks that include overlay exploits in May, June and September of this year alone – but the researchers reckon their “Hoover” attack is more accurate. Even worse, because SYSTEM_ALERT_WINDOW is a common permission, Hoover attackers don't need to phish the users, and it's transparent. Did we mention it gets even worse? The obvious exploit of Hoover is to grab PINs and passwords, but the boffins who wrote the paper have the kind of devious mind you more easily imagine inhabiting an island fortress than a prim academia. They note that a Hover-based attack can also watch what apps someone is using (and therefore could redirect them to malicious lookalike apps as updates); or could build a biometric profile of the user, to bypass biometric authentication. So let's take a look at how it works. Hover isn't much different from a touch-screen interface: it detects the user's finger or stylus as x-y coordinates, with suitable system calls to Hover events, and it interacts with the UI's View Objects building blocks. If you can create a transparent overlay, it's easy to capture the user's interaction, but in most similar vulnerabilities the attacker has to trick the user into installing a malicious app. That's where the SYSTEM_ALERT_WINDOW permission comes in. People routinely allow apps to use this permission, because it lets them get a popup when a new text message arrives – or a new Facebook notification. In other words, users have been socially engineered into saying “yes” to notifications.

The paper notes that on Google Play, “there are more than 600 apps with hundreds of millions of downloads each that require SYSTEM_ALERT_WINDOW to be installed”. In Android, malware is blocked from observing other applications' clicks – but the researchers found that a malicious, invisible window raised by SYSTEM_ALERT_WINDOW can watch Hover events, and use those to infer the user's clicks. The malicious app generates a fully-transparent alert window overlay which covers the entire screen.

The overlay is placed by the system on top of any other window view, including that of the app that the user is using.

Therefore, the malware, thanks to the overlay, can track the hover events. However, the malicious view should go from active (catch all events) to passive (let them pass to the underneath app) in a “smart way” in time, so that the touch events go to the real app while the hovering coordinates are caught by the malware.

The malware achieves this by creating and removing the malicious overlay appropriately, through the WindowManager APIs, in a way that it does not interfere with the user interaction. In other words, the Hoover attack pops up its window long enough to catch a Hover event, “guesses” from Hover what the click is going to be, hides the overlay so the user can interact with their application, and raises it again to catch the next input. A bit of machine learning was required to train the attack, after which the researchers claim accuracy up 79 per cent for finger interactions, and up to 98 per cent for stylus users. The researchers note this isn't going to be easy to mitigate: Google will have to balance how to restrict Hover's permissions without crippling legitimate apps. ® Sponsored: Customer Identity and Access Management
Hackers can use a botnet to attack you from anywhere in the world. Image: iStock According to new data from cybersecurity researchers at Symantec, Turkey plays host to the highest botnet population in EMEA, with its most populous urban centre of Istanb...
D-Link routers contain buffer overflow vulnerability Original Release date: 11 Aug 2016 | Last revised: 12 Aug 2016 Overview D-Link DIR routers contain a stack-based buffer overflow vulnerability, which may allow a remote attack to execute arbitrary ...
Historical supplier of the Armed Forces Italtel is awarded the contract for new Italian Army Data Center worth more than €2.5 millionMilan, October 07, 2014 - Italtel, in partnership with Cisco, has been awarded a €2.5 million contract by the Telematics and Informatics Advanced Technologies Division of the Ministry of Defense to create a new data center for the Italian Army. The main objectives of the program are to develop and modernize the Italian Army's hardware and data network, complete the hardware and software infrastructure of the virtualization/concentration nodes and support the continued operation of such nodes. By the end of the project, Italtel will have installed a new data center to run homogeneously to the army's existing data centers network in terms of virtualization and concentration features, thus creating a functional and cutting edge ICT network. The army's data center network, which has two main centers in Rome and Padua, supplies IT services to all military bases throughout the Italian territory and has to meet very stringent security and continuity standards due to the highly strategic activity it is used for."We are proud to be able to provide our skills and ability to the Italian Army," said Stefano Pileri, Italtel CEO. "We have always had a deep knowledge of telecommunications networks and we have been able to apply this knowledge to develop leading ICT networks. Being able to enrich the technological equipment of such a significant customer is a source of pride for us and reconfirms Italtel as an established supplier to the Italian Army."This project is just the latest stage in the modernization of the Italian Army's infrastructure, network equipment and computer services. The process, supported by Italtel and Cisco, started a few years ago, with the creation of two new-generation data centers that simplified the technological infrastructure within the Army through the reduction of physical servers and simplification of the network elements. Following this, the project was integrated with the creation of eleven other 'mini data centers', distributed throughout the country. As a result, the Italian Army now has the benefits of cloud computing, including the strengthening and virtualization of computer applications while also ensuring the needs of network reliability and security of data.Ends***Italtel GroupItaltel designs, develops, implements solutions for NGN and NGS; Professional Services dedicated to the design and maintenance of networks; IT System Integration Services; Network Integration and migration activities. Italtel counts among its customers more than 40 of the world's top TLC Operators and SPs. In Italy Italtel is also reference partner of Enterprises and Public Sector for the deployment of IP Next-Generation Networks and for the development of multimedia convergent services for their customers. Italtel is present in 25 countries including France, UK, Spain, Germany, Belgium, Poland, United Arab Emirates, Saudi Arabia, Oman, Argentina, Brazil. www.italtel.com. Contact details: Laura Borlenghi Tel.: +39 02 4388 5275; Mobile: +39 335 769 4240; E-mail: laura.borlenghi@italtel.com Source: RealWire
In the latest round of Google’s privacy battles in Europe, the Italian data protection watchdog has given the company 18 months to change the way it processes and stores user data. In January 2014, France’s privacy watchdog, CNIL, fined Google €150,000 for failing to conform to local law regarding tracking and storing user information within the three-month deadline it had set. The Rome-based Italian Data Protection Authority (DPA) said in a statement that Google must ask users for permission to use personal data and make it clear this data may be used for commercial profiling. Profiling is typically used by advertisers to target individuals with specific offers tailored to browsing and purchasing patterns. The watchdog said Google also has to honour requests to delete data within two months, but the firm will have up to six months to remove the content from backups. Google's disclosure to users remains inadequate, despite the steps it has taken to follow local law, the statement said. A Google spokesman said: "We've engaged fully with the Italian DPA throughout this process to explain our privacy policy and how it allows us to create simpler, more effective services, and we'll continue to do so. We'll be reading their report closely to determine next steps." Google has also agreed to present a roadmap to the Italian DPA by the end of September, showing how the company will comply with privacy requirements. The Italian DPA order follows a pan-European investigation that found that Google was in breach of the EU’s privacy laws. The investigation was prompted by Google’s January 2012 consolidation of 60 of its privacy policies into one policy that covered a broad range of services without giving users the ability to opt out. Privacy groups are concerned that personal data is being stored in the US, reducing the control that European citizens have over their personal information. These concerns have increased in the wake of claims by whistleblower Edward Snowden that US intelligence services have access to material stored in US-based cloud services. The EU investigation concluded that Google was in breach of European privacy laws, and in July 2013, the UK’s privacy watchdog joined data protection authorities in France, Spain, Germany, Italy and the Netherlands in demanding a rewrite of Google’s privacy policy. The Italian DPA said that while Google has made some progress towards complying with EU privacy laws, it is does not yet fully comply in areas such as seeking prior consent in profiling for commercial purposes or how long personal data is stored. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK
Italian regulators have told Google that it must get into compliance with their rules about data privacy or face fines of up to $1.35 million. Italy is the latest European Union nation that is telling Google to change its data privacy practices or face large fines. Italy's data protection agency, The Italian Data Protection Authority, has given the company 18 months to comply with the rules that will protect that nation's residents or face fines of up to $1.35 million (1 million euros), according to a July 21 report by Reuters. The Italian Data Protection Authority "said Google's disclosure to users on how their data was being treated remained inadequate, despite the company having taken steps to abide by local law," according to the report. "The Rome-based regulator said Google would not be allowed to use the data to profile users without their prior consent and would have to tell them explicitly that the profiling was being done for commercial purposes. It also demanded that requests from users with a Google account to delete their personal data be met in up to two months." In addition, Google "also agreed to present a document by the end of September that will set a roadmap of steps to comply fully with the Italian regulator's decision," according to Reuters. "A source familiar with the regulator said should Google not comply it could risk fines of up to about 1 million euros, a tiny fraction of Google's income, as well as possible criminal proceedings." "We've engaged fully with the Italian DPA throughout this process to explain our privacy policy and how it allows us to create simpler, more effective services, and we'll continue to do so," a Google spokesperson told eWEEK in an email reply. "We'll be reading their report closely to determine next steps." Google has been involved in similar data privacy compliance cases in several nations throughout the EU in recent years.  In January 2014, Google was hit with a $204,200 fine by France's National Commission for Computing and Civil Liberties (CNIL) in connection with changes Google made to its data policies in 2012 that continue to be in conflict with the French Data Protection Act. The CNIL's decision relates to Google's move back in March 2012 to merge many of the company's privacy policies into one over-arching policy for some 60 Google services, including Google Search, YouTube, Gmail, Picasa, Google Drive, Google Docs and Google Maps. Google merged the 60 privacy policies to help break down the identity barriers between some of its services to accommodate its then-new Google+ social network, according to an earlier eWEEK report. Google's streamlining came as regulators continued to criticize Google, Facebook and other Web service providers for offering long-winded and legally gnarled privacy protocols. The Google privacy policy changes went into effect March 1, 2012. The CNIL action to fine Google was taken because Google did not sufficiently inform its users of the conditions in which their personal data are processed, nor of the purposes of this processing, according to the agency. That lack of information about why data is collected means that residents are not able to exercise their rights to object or seek deletion of such information, the agency stated. In May 2012, French regulators accused Google of not being cooperative with investigators looking into privacy issues concerning the company and its practices there. The CNIL had sent Google a questionnaire about the new privacy policy in March 2012, but the agency complained that Google's answers were "often incomplete or approximate." A follow-up survey also left questions remaining. Then in June 2013, French regulators gave Google 90 days to amend its policies about how the company deals with users' data or face large fines. Five other EU nations made similar threats to Google. In a statement, the CNIL told Google that it was taking the action because the company was not yet in compliance with French law. In April 2013, Google was hit with a $189,167 fine in Germany for collecting user data without fully disclosing the practice as Google Street View vehicles combed German streets collecting information for its maps from 2007 to 2010. A similar case in the United States was resolved in March 2013 when a $7 million settlement was reached between Google and the U.S. government to end a probe into the Street View imaging program, which for three years collected personal information on users wirelessly as the Street View vehicles drove around taking photographs. The $7 million fine against Google was designed to resolve investigations that were under way by some 30 state attorneys general over the controversial Street View program. Google's progress on developing clearer, better-known policies regarding how it will use any of the personal data belonging to its users has become a sore point with many governments around the world, which say that the search giant is not moving quickly enough to address such privacy concerns. Google could potentially be fined about $1 billion for shortcomings in its data privacy policies in Europe.