Microsoft has yet to patch its latest critical Internet Explorer zero-day security flaw, but an advisory about the bug now offers two temporary solutions.
And the potential reach of the bug could be widespread. Estimates of IE usage range from about 22 percent of people browsing the Web (StatCounter) to more than half of the desktop browser market (NetMarketShare).
So what does Microsoft suggest for people who still need to use Internet Explorer? Turn on a feature called Enhanced Protected Mode. Introduced in IE 10, this mode adds an extra layer of protection by preventing malware attacks from infecting your system.
Microsoft explains how to enable Enhanced Protected Mode (EPM) in the "suggested actions" sectionof its advisory. The steps are outlined as follows:
To enable EPM in IE 10 or 11, click the Tools menu and then click Internet options.
In the Internet Options window, click the Advanced tab.
Scroll down the list of options until you see the Security section.
Look for the option to Enable Enhanced Protected Mode and click its checkbox to turn it on.
If you're running IE 11 in a 64-bit version of Windows, you also need to click the checkbox to Enable 64-bit processes for Enhanced Protected Mode.
Restart IE to force the new setting to take effect.
EPM is saddled with a couple of limitations. The feature supports only IE 10 and 11 and only 64-bit versions of Windows. And some websites and add-ons won't work with EPM enabled.
How do you protect yourself if you're running an older version of IE or use a site that doesn't play nicely with EPM? You can unregister an associated IE DLL file called VGX.DLL. Microsoft explains how to unregister this file in the suggested actions section.
Until Microsoft can patch this bug, the best option is to use an alternate browser such as Firefox or Google Chrome. But those of you stuck on IE can at least better protect yourself by following Microsoft's suggestions.
Jack Maher, a senior market manager for AT&T's U-verse with GigaPower service shows off one of the company's fiber-to-the-home utility cabinets in Austin, Texas.Marguerite Reardon/CNET
AUSTIN, Texas -- Dallas Miller's virtual soldier needed more firepower, and he couldn't think of a better weapon than Google Fiber.
The 28-year-old Austin, Texas, native is an avid player of the shooter game Battlefield. But he was frustrated by the spotty performance of the 20Mbps connection available through his AT&T U-Verse Internet service. In the middle of an online match, his game often froze, leaving his avatar unable to move or shoot. Other times, the game would pause or buffer as he fired, his opponent suddenly popping up in another location as the game lurched forward in real time.
"I had the maximum U-verse service at 20Mbps," he said. "But I never really got that speed. It was always slower."
Miller was among the first in Austin to sign-up online for Google Fiber when it was announced in April 2013. His hope: that Google's $70 faster 1-Gbps service would be the answer to his problems.
But then he got a call from AT&T with an offer for its new GigaPower service. Even though the 1Gbps service wasn't yet available, AT&T offered Miller 300Mbps -- more than 15 times the speed he was paying for. The best news was that the cost of his service would drop from $208 a month to $120. When AT&T finishes upgrading the electronics on the network later this year, he expects to see a 50-fold improvement. With network speeds this fast, Miller could stream without buffering at least five high-definition videos at the same time and still have enough to play his games and surf the Web.
"It was a no-brainer," he said of the switch.
Call it the Google Fiber effect. Google makes a splashy announcement that it intends to build a super high-speed network in a city. Competition follows, which translates into higher-speed services and lower prices for consumers.
"When you say to a community, 'Who wants fiber and a chance to have the most advanced network in the country and possibly the world?' you get a whole bunch of hands going up."
Within a week of Google's declaration last spring that it planned to build a fiber network in the city of Austin, AT&T, which is based a few hours' drive away in Dallas, announced its own Austin fiber network. And in less than a year's time, AT&T and local cable operator Grande Communications have beaten Google to market with their own ultra-high speed services using newly built fiber networks.
Like Google, which offers service over its fiber network in two cities today, these companies are striving for 1Gbps speeds at affordable prices -- less than $100 a month -- making ultra high-speed broadband a much more attractive offering for consumers, who stream lots of video, play online games and want to upload photos and other files in seconds rather than hours. Even slow-moving incumbent cable operator Time Warner Cable has increased speeds on its traditional copper cable infrastructure.
"Google Fiber has been the biggest driver of the fiber-to-the home movement," said Blair Levin, executive director of the Gig.U project and head of the committee that wrote the 2010 National Broadband Plan for the Federal Communications Commission.
In 2008, the Organization for Economic Co-operation and Development (OECD) ranked the US as No. 15 out of 30 countries when it came to broadband penetration and speeds. With the US in the midst of a massive recession back then, prospects for investment in new broadband infrastructure looked dismal. But Google Fiber seems to have lit a fire under the feet of the broadband industry.
"In 2009 when we were writing the National Broadband Plan it looked like the US was headed toward a significant under-investment in broadband infrastructure by 2020," Levin said. "Other countries were well ahead of us. But I have to say since Google's announcements, things are a whole lot better than what we had predicted five years ago."
Google says that it has also noticed an uptick in gigabit projects throughout the US, as broadband providers recognize that people have a "need for speed."
The 4-foot-high utility cabinet can serve up to about 400 customers with ultra high-speed broadband.Marguerite Reardon/CNET
"The truth is, people across America want access to faster Internet," Jenna Wandres, a spokeswoman for Google Fiber said in an email. "There's a growing demand for speed from folks, who don't want to wait for videos to buffer, and who don't want to fight their family members for bandwidth. This was really the main reason we decided to build Fiber back in 2009."
Google is still going through Austin's permitting process before it begins its initial fiber deployment. Currently, Kansas City and Provo, Utah are the only cities in which Google Fiber is available. Earlier this year, the company listed 34 cities in nine metro markets that it was considering for deployment.
An ideal city
Austin, a city of about 865,000 people, might be the luckiest city in the country when it comes to Internet access.
Proud Austinites will rattle off a list of reasons why their city is ripe for massive capital investments in new, speedier Internet infrastructure.
The once small college town, which is also home to the Texas state legislature, often makes it onto top 10 lists of best places to live in the US. This, coupled with the city's thriving tech and arts scene, has made it one of the fastest-growing cities in the country. Whole Foods and Dell are headquartered here, and Apple, Samsung, Facebook, and DropBox are opening offices. SXSW, the popular music and tech festival, also makes its home here.
As a result, Austinites are particularly tech-savvy, according to AT&T's executives. Not only did the city have a higher concentration of Apple iPhone users compared to big cities like Chicago or New York when the smartphone was released in 2007, but broadband consumers in Austin often use 15 percent to 20 percent more data than the average AT&T U-verse customer, according to Dave Nichols, AT&T state president of Texas, who is a key lobbyist for the company in Texas.
"Since Google Fiber came on the scene, we've seen a significant shift in how municipalities view network operators."
Eric Boyer, senior vice president, AT&T U-verse
"When we decided to launch our fiber service, we couldn't think of a better place than Austin," he said. "When it comes to technology it's very forward-looking."
AT&T maintains it has been planning this fiber upgrade for a long time, and that Google's announcement didn't affect the timing of its network.
But Rondella Hawkins, the telecommunications and regulatory affairs officer for the city of Austin, said she had never heard about AT&T's plans before Google's news came out. Hawkins was part of the original committee that put together Austin's application to become the first Google Fiber city. The city ultimately lost out to Kansas City.
"Our application for Google would have been a good tip-off to the incumbents that we were eager as a community to get fiber built," Hawkins said in an interview. "But we never heard from them. Until Google announced that it was going to deploy a fiber network in Austin, I was unaware of AT&T's plans to roll out gigabit fiber to the home."
Grande Communications' CEO Matt Murphy admits that without Google in the market, his company wouldn't have moved so aggressively on offering gigabit speeds. It also wouldn't be offering its service at the modest price of $65 a month, considering that the average broadband download speed sold in the US is between 20Mbps and 25Mbps for about $45 to $50 a month.
"1 gigabit per second is such a leap in terms of speeds," Murphy said. "It's nothing we would have even considered doing yet without Google in the market."
Grande Communications' 1Gbps broadband service costs $65 a month and delivers speeds that are very close to 1Gbps.Marguerite Reardon/CNET
Even with such a tech-centric crowd, it's hard to imagine that three companies -- AT&T, Grande and Google -- decided at roughly the same time this city should be among the first to get ultra high-speed broadband. It's even harder to believe that all three players would decide to offer service that is more than 50 to 100 times faster than what they're currently offering at a cost that's only about $20 to $30 more than their average broadband package.
This is a huge leap in speed for a very small price increase, considering that AT&T currently offers 6Mbps DSL service for $35 a month. In markets where it offers its regular U-verse broadband service, AT&T charges $45 a month for 18Mbps service and $65 for a 45Mbps service.
While it's clear that Google Fiber is not coming to every community, the pressure is on.
It's not surprising, then, that in every city in AT&T's 22-state footprint where Google is considering deploying fiber, AT&T also plans to bring GigaPower. That's a total of 14 markets, including Austin, theTriangle region of North Carolina, and Atlanta, home to AT&T's mobility division.
Major cities not on the Google roadmap include San Francisco and Los Angeles.
While AT&T refuses to acknowledge that its gigabit fiber plans are answering the competitive challenge posed by Google Fiber, others say that Kansas City may have been a wake-up call.
"I think all the providers have learned some valuable lessons from Google's Kansas City deployment," said Julie Huls, president and CEO of the Austin Technology Council. Kansas City went live with Google Fiber in November 2012. "Speed to market and speed to deployment really matters and will determine the winners in a market. So it doesn't pay to be a laggard."
The lessons of Google Fiber
Google wasn't the first company to use fiber to deliver high-speed broadband, but it was the first company to offer such high speeds at $70 a month. It was also the first to come up with a business plan that requires participation from the city government and community.
Google specifically asked cities to cut the red tape required to make deployment more efficient and economical. And it asked communities to rally support and commit residents to subscribe to the service before it agreed to install the expensive infrastructure.
"What Google recognized that others didn't is that Americans want to have the best communications infrastructure," Gig.U's Levin said. "When you say to a community, 'Who wants fiber and a chance to have the most advanced network in the country and possibly the world?' you get a whole bunch of hands going up."
AT&T's executives admit that Google has made it easier for AT&T and others to work with cities where it wants to deploy its own Gigabit fiber service.
"Since Google Fiber came on the scene, we've seen a significant shift in how municipalities view network operators," said Eric Boyer, senior vice president of U-verse. "They see how Kansas City was able to work with Google and now, they're willing to do that with other providers."
Specifically, cities such as Austin are trying to speed up the permit and inspections processes.
"In the past, certain permitting processes cost us millions of dollars," said Eric Small, vice president of Fiber broadband planning for AT&T. "But now the city is interested in working with us to reduce those expenses."
Cable operator Grande Communications is running fiber directly into subscribers' homes to deliver 1Gbps Internet service.Marguerite Reardon/CNET
Need for speed? Maybe yes, maybe no
Other broadband operators have built networks capable of delivering 1Gbps service. Cable operators, which use a different network technology, have already demonstrated download speeds at that level. Verizon Communications, which was the first major broadband provider to install a full fiber network, has stopped short of delivering 1Gbps service, even though it is capable of delivering such speeds.
"We're continuing to see a growing interest for faster broadband among our customer base," Bill Kula, a spokesman for Verizon, said in an email. "However, widespread adoption of 1Gbps is not evident as of yet."
Indeed, today very few Americans have connections at that speed, but demand for broadband itself is increasing. Pew Research found in its most recent survey, conducted in September, that about 70 percent of Americans have broadband service, which is up from 66 percent the previous year. But Pew and the Federal Communications Commission have a very low benchmark for what constitutes broadband: download speeds of 4Mbps and uploads of 1Mbps.
To put this in perspective: a single DVD-quality Netflix movie requires a broadband connection of about 3Mbps. You need speeds of at least 5Mbps if you want to stream that movie in high-definition. With a 1Gbps connection you could stream at least five HD videos at the same time and still have plenty of bandwidth to surf the web, check email, and upload pictures to Facebook. Also, with a 1Gbps connection you can simply do things much faster. For instance, you could download an entire HD movie in about 33 seconds.
But cable operators and Verizon are skeptical about whether consumers really need to be streaming five HD movies at once. And speeds that are a tenth as fast as the gigabit service (100 Mbps) can also offer speedy downloads.
These companies have a point. Even Grande CEO Murphy admits that most consumers don't need to go that fast. He added that even if they subscribe to such a service, the equipment and devices in the home aren't capable of delivering those full speeds. Few customers even subscribed to the company's highest tier of service, which previously topped out at 100Mbps, before it introduced the 1Gbps service.
David Noonan, who covers broadband for consultancy IBB, said that most families couldn't consume enough online media to justify a 1Gbps connection.
"But it doesn't mean that they don't want it," he said. What Google and other broadband providers are doing, then, when they tout gigabit services is this: marketing.
Murphy admits that going to such speeds has been great publicity. "We've gotten an unbelievable amount of PR from raising the speeds," he said. "As a small provider we rarely have something as new and noteworthy."
Getting the price right
Even if 1Gbps is overkill for most consumers, speeds of 100Mbps or even 300Mbps may not be. Incumbent providers such as Comcast and Verizon offer such speeds in certain markets, but the pricing on these services is often well over $100. For example, Comcast and Verizon each charge more than $300 a month for their 500Mbps services, which are available only in certain markets.
It's little surprise that Comcast and Verizon have seen few customers sign up for these services, which has led executives, such as Brian Roberts, the CEO of Comcast, to conclude that consumers don't really see a need for these speeds.
But the reality is that consumers likely don't see a need that justifies exorbitant prices.
Google, however, entered the market at $70 a month, which is $20 to $25 above the average price that most customers are comfortable spending on Internet service, said Murphy. Even with that difference, some consumers may find the pricing a stretch. But the overwhelmingly higher speed can often entice customers into a higher-priced package.
That's exactly what happened to Austin local David Greene. Greene, who for the past 12 years has gone without cable TV, agreed to take the U-verse TV package on top of $70 a month broadband service simply because it was only $50 more a month.
Greene said he is willing to pony up the extra money for AT&T's video package because he is getting such a great deal on his 1Gbps broadband service. Even though he's paying $65 more per month, he said it's worth it for the nearly 100-fold increase in broadband speed.
Execs at AT&T agree that the prices on other top-tier broadband speeds have been too high.
"People aren't willing to spend five times more for the higher-speed service," said AT&T's Small. "They might spend 50 percent more, but not the multiple it has been in the last few years."
Even at the $70 price point, AT&T may have to fight to retain customers once Google Fiber is up and running in Austin. Greene says he is satisfied with AT&T's GigaPower service and has been more than happy with the company's customer support, but he could be persuaded to make a change.
"I'm no brand loyalist," he said. "I'd absolutely switch if Google offered a better deal."
For
the visually impaired, navigating through neighborhoods can be a
struggle, but apps aim to shed light on places, people, and obstacles
that lie in their paths.There are 285 million visually impaired
people worldwide, about 39 million of whom are blind, according to the
World Health Organization. Guide Dots, a free app for Android,
detects a person's location and uses audio voice-overs to announce
nearby attractions, including restaurants, shops - and even friends.
"We
let people know what's around them more than a cane can, broadening
their horizon more than a six foot circle around them," said Deborah
Vandeven, global chief creative officer at VML, based in Kansas City,
Missouri, which created the app.
With the app, users tap the
Nearby button to hear a voiceover of places around them. They can also
tag walkway obstructions, restrooms, and places with good service, and
share this feedback with other users of the app.
If they feel like meeting a friend, they can find out if any Facebook friends are around.
While
the app is meant complement a guide dog or cane, Vandeven said it's
about giving more independence to the visually impaired. By leveraging
Android's TalkBack feature, a screen reader, people can hear the
different options on the screen read aloud, and double-tap to choose
one.
The app gets location data about people and places from
Google Maps and Facebook Places. However, because GPS is only accurate
to approximately 15 meters, the company plans to use beacon technology,
bluetooth sensors that communicate location and other data to a person's
smartphone, to increase accuracy.
"This will help move you those
last couple feet that for a visually impaired person could be the size
of the Grand Canyon, so beacons are definitely a good use case for
that," she added. BlindSquare for iOS is another app designed for
the visually impaired to find places nearby. Users can, for example, ask
for the most popular cafe within a 200 meter radius, or to find a post
office. The app, which costs $23.99 and is available in over 15
languages, gets location data from Foursquare. It can also read out
intersections while travelling.
John Corneille, director of gift
planning at Foundation Fighting Blindness, a non-profit based in
Maryland, is visually impaired as a result of a condition called
retinitis pigmentosa. He said that if the apps can deliver on their
claims, then they might be the tools he's been looking for.
"GPS
on cars can be set to announce what street you're approaching, or points
of interest as you go, but I haven't found an app that does those
things accurately enough when you're walking," he said.
Corneille,
who also practices law, said that he uses many apps daily, including
the VoiceOver function on his iPhone, which does text-to-speech, and
Siri to dictate emails and texts.
"My assessment is that there are
a lot of apps available and most of them are very good. They really
have a practical use and function for the visually impaired, and I'm
thrilled that they're being offered," he said.
"If you're visually impaired there's no better time to be that way," he added.
Among
other apps available for the visually impaired, TapTapSee, free for iOS
and Android, allows people to snap a photo of an object to determine
what it is. For iOS, LookTel Money Reader, $9.99, speaks out currencies
in different denominations, and Color ID, free, can help them figure out
the color of a shirt or pair of socks.
Google's self-driving cars see the world as a collection of wireframe objects -- pink cars, red cyclists, yellow pedestrians. They erect virtual fences around each one and won't proceed until the obstacle has moved out of the way. Here, a car waits for pedestrians and cyclists (including one coming from behind) to cross at an intersection.screenshot by Stephen Shankland/CNET
Google on Monday said that it has made major progress in how well its self-driving cars can handle not just relatively straightforward freeways but also the more complicated leafy suburbs of Mountain View, Calif., where Google is based.
"We still have lots of problems to solve, including teaching the car to drive more streets in Mountain View before we tackle another town, but thousands of situations on city streets that would have stumped us two years ago can now be navigated autonomously," said Chris Urmson, director of Google's self-driving car project, in a blog post.
In an accompanying YouTube video, Google demonstrates some of the circumstances its self-driving cars now can handle: bicyclists signaling to move across a lane of traffic, railroad crossings, parked cars protruding into the lane of traffic, multiple pedestrians and cyclists entering an intersection, and orange traffic cones around a construction zone.
"A mile of city driving is much more complex than a mile of freeway driving, with hundreds of different objects moving according to different rules of the road in a small area," Urmson said. "We've improved our software so it can detect hundreds of distinct objects simultaneously -- pedestrians, buses, a stop sign held up by a crossing guard, or a cyclist making gestures that indicate a possible turn. A self-driving vehicle can pay attention to all of these things in a way that a human physically can't -- and it never gets tired or distracted."
Google has shouldered a lot of the publicity burdens of self-driving cars, trying to convince the public, regulators, and insurance companies of the technology's positive effects on safety and convenience. It's not yet clear how exactly the company hopes to profit from these sorts of machines -- though one benefit no doubt will be freeing millions of drivers from the duties of driving so they can watch videos, check e-mail, post social-network updates, and do other things that mean more profits for the Internet company.
One new trick for Google's autonomous vehicles is detecting when a cyclist is signaling a left turn. Cyclists don't always signal, but when they do, Google's cars have a better idea what to do.screenshot by Stephen Shankland/CNET
Although plenty of people are eager for self-driving cars to arrive, there will be resistance, too, from people who don't trust the technology, who don't want to relinquish the feeling of control, or depending on how much of a premium is charged, who can't afford it.
"Accident rates will plunge to near zero for self-driving cars [SDCs], although other cars will crash into SDCs, but as the market share of SDCs on the highway grows, overall accident rates will decline steadily. Traffic congestion and air pollution per car should also decline because SDCs can be programmed to be more efficient in their driving patterns," said IHS analyst Egil Juliussen, principal analyst, in a statement.
Google is a pioneer, but it's far from alone now in making the sales pitch for self-driving cars.
There are innumerable complications, though, and not all of them are technological. For example, if a self-driving car gets into an accident, who is to blame -- the owner or the manufacturer? And will the insurance company therefore pay for damages? It's one reason that today's prototypes typically have a responsible human driver behind the wheel.
"The United States has a robust products liability law framework that, while certainly not perfect, will be well equipped to address and adapt to the autonomous vehicle liability questions that arise in the coming years," Brookings said.
Microsoft’s technical support or security patches and updates for the Windows XP operating system, which the company introduced in 2001, expired on April 8, 2014.
Users of Microsoft Windows XP have been given two options — either switch over to later versions of the operating system or seek Microsoft’s extended support for an additional period of 15 months.
Microsoft’s extended security update option is not low-cost for most organisations.
The UK government recently signed such a deal that cost almost £5.6 million.
Beyond the cutoff date, those who continue to rely upon Windows XP will do so at their own peril.
According to Microsoft’s notification, it is very important for customers and partners to migrate to a modern operating system.
The available Microsoft options are Windows 7 or Windows 8.1.
The notification adds that support for Office 2003 will also end by the same date.
Microsoft goes on to say that systems running Windows XP after April 8, 2014 should be considered as not protected.
In other words, persisting with the use of Windows XP beyond the deadline could result in increasing the cyber security risks, as no new security patches for vulnerabilities would be available.
A report in ComputerWeekly.Com quotes Tim Rains, director of Trustworthy Computing at Microsoft, as saying that between July 2012 and July 2013, 30 vulnerabilities were discovered in the operating systems that were common to Windows XP.
This highlights the inherent high risks to all users of information technology systems and especially to critical infrastructure industries and segments.
The implied meaning is, either upgrade to a newer operating system or buy a new computer.
Challenges of migration
However, there are challenges in migrating to a new system, especially in the case of critical infrastructure control systems.
Compared to enterprise applications where potential disruptions are manageable, the challenges of migrating to a new computer or upgrading the operating system to Windows 7 or 8.1 are more serious, especially in industrial control applications, which demand low downtime.
Often, migrations would call for redeveloping control applications involving extensive efforts, interoperability testing to ensure that the software works and is compatible with legacy subsystems and unbudgeted expenses.
Continuing to depend on Windows XP beyond the support cutoff date has serious implications, as without support, the system may become easier to hack in, resulting in potential disruptions in service or other serious consequences.
The other caveats are additional need for hardware upgrades, if existing hardware does not meet system requirements, and the possibility of hardware manufacturers stopping support to Windows XP on existing or new hardware.
This could mean non-availability of drivers required to run Windows XP on new hardware.
The announcement that Windows 7 mainstream support and extended support end by January 13, 2015 and January 14, 2020 respectively adds further pain to end users.
According to Net Applications.com, Windows XP accounts for more than 30 per cent of all operating systems deployed.
Critical infrastructure industries and sectors such as electric and water utilities, oil and gas pipelines, transportation, banking (including ATM machines) and others rely extensively on Windows XP.
Hackers may discover and exploit some such or other vulnerabilities in unsupported systems.
Such a possibility is real; according to some reports, almost 95 per cent of bank ATM machines globally stand exposed to potential hacking. Windows XP has codes similar to Windows 7 and Windows 8.
Therefore, some of the bugs that Microsoft may identify in future as part of its technical support could possibly exist in Windows XP.
Hackers could exploit those potential vulnerabilities and such a possibility would leave Windows XP users defenceless. Microsoft’s Timothy Rains has corroborated this.
In its report “End of Windows XP support puts ATMs at risk”, the Financial Times quotes Timothy Rains of having said at a recent computer security conference in San Francisco “The probability of attackers using security updates for Windows 7, Windows 8, Windows Vista to attack Windows XP is about 100 per cent.”
A recent alert issued by the Federal Financial Institutions Examination Council highlights the enormity of the problem ATMs face.
The FFIEC alert says that in a recent attack, nicknamed 'Unlimited Operations', hackers netted more than $40 million with the use of just 12 debit card accounts.
According to the alert, cyber attacks against banks that use Web-based ATM control panels are on the rise and thieves are changing the controls on ATMs that enables practically unlimited withdrawals.
Shifting the focus from ATM and financial sector applications, there are control systems operating critical infrastructure industries, such as electric utilities and others, which extensively use Windows XP as the operating system.
Even though recent versions such as Windows 7 and Windows 8.1 have made their entry into control system applications, Windows XP has remained the dominating operating system for almost a decade.
Industrial control applications have long lifecycles of 15-20 years and if it isn’t broke, don't fix it is the common practice.
Possibility of cyber attacks
The extent of damage cyber attacks can wreak on industrial control systems has been spelt out by US President Barack Obama in an article in the Wall Street Journal: "In a future conflict, an adversary unable to match our military supremacy on the battlefield might seek to exploit our computer vulnerabilities here at home." ….
"Taking down vital banking systems could trigger a financial crisis.
The lack of clean water or functioning hospitals could spark a public health emergency… the loss of electricity can bring businesses, cities and entire regions to a standstill."
Subsequently, the President issued Executive Order 13636 on February 12, 2013 for improving Critical Infrastructure Cyber Security.
Section 1 of the Executive Order relating to policy says, “The cyber threat to critical infrastructure represents one of the most serious national security challenges we must confront. The national and economic security of the United States depends on the reliable functioning of the nation’s critical infrastructure in the face of such threats.”
While hacking relating to privacy issues, ATMs and credit card frauds, and such others are widely known, the same thing is not true of industrial control system cyber attacks.
Lack of awareness persists among stakeholders. Even though less widely known, the ramifications of ICS cyber attacks on critical infrastructure industries are far more critical, especially from the national perspectives.
US Defense Secretary Leon E Panetta, highlighting the destructive possibilities of such attacks, said, “An aggressor nation or extremist group could use these kinds of cyber tools to derail passenger trains, contaminate water supply in major cities, or shut down the power grid across large parts of the country.”
Stuxnet is a computer malware that targeted industrial sites in Iran – a uranium enrichment plant — that uses Microsoft Windows machines and networks as part of industrial control systems and caused them to malfunction.
Stuxnet is the first known malware to explicitly attack industrial control systems and in the reported case of an Iranian nuclear facility, it destroyed centrifuges.
Duqu, on the other hand, gathers information rather than interfere with industrial operations.
Flame targets computers running the Microsoft Windows operating system and can record audio, screenshots, keyboard activities, and network traffic.
According to experts, this data along with locally stored documents is sent to one of several command and control servers scattered around the world.
The program then awaits further instructions from these servers.
A virus called Shamoon attacked computer Saudi Aramco’s computer systems that resulted in shutdown of the company’s internal corporate network, disabling employee e-mails and Internet access.
This decision to withdraw support and nudge loyal customers either to migrate to new operating systems or to seek extended support at additional cost may make perfect sense to Microsoft from a business perspective.
However, it must be disappointing for Microsoft customers.
They would have expected Microsoft’s former chairman, who had earlier sent out a message about software security, emphasising that the way forward is ‘Trustworthy Computing’, to live up to his promise.
Undiscovered vulnerabilities
Besides, Microsoft customers would be wondering why an operating system which has been in the market for well over a decade should continue to have serious undiscovered vulnerabilities.
On the one hand, many users are not able to place the liability on software suppliers for vulnerabilities in their offerings, while on the other, suppliers do not care to address the question.
Information technology suppliers almost assume that they by right can introduce software products into the market with inherent vulnerabilities to be fixed later through patches and security upgrades.
Ironically, Microsoft issued an Advance Notification on April 3, 2014, according to which the company plans to release four vulnerability bulletins for Windows XP and Office 2003 on April 8, with two of them rated critical and the other two as important.
Such liberties are not available for brick and mortar industrial companies, such as automobile suppliers or pharmaceutical.
A recent Bloomberg report ‘GM Widens Ignition Recall by 971,000 to 2.59 Million Cars’, is a good example of how they are held liable.
Mary Barra, chief executive officer of GM, is set to appear in congressional hearings to explain and fix responsibility for faulty ignition switches in GM cars.
Contrast this with the way Microsoft makes repeated announcements about vulnerabilities in its products.
Miley Cyrus has done many things recently, but I think my favourite among them is elevating the “selfie” photo to something like a modern art form.
I love selfies. Be honest: I bet you, too, have held your smartphone at arm’s length, grinned awkwardly and snapped a self-portrait or two for Instagram, à la Miley.
Odds are that you’ve relied on your phone’s standard apps to snap these pictures.
That’s a shame, because there are many other apps that can take selfies to the next level.
Frontback is my favourite selfie app because it’s unique.
It takes two shots, one from the phone’s main camera and one from the camera that faces the user.
Then it combines them into a single image. The result is a self-portrait in context, with a sense of the scene around you.
The app’s interface is simple, and there are only a few extra options.
For example, before you snap your two images - one at a time - the screen shows you a preview and you can choose a self-timed option or use the flash.
That’s all: No filters, no frames, no fuss.
Once you’ve taken the two images, you can save the final product to use in another app, like Twitter.
Or you can share it through Frontback’s own social system. Using this option does mean you’re joining yet another social network, but it’s not required to use the app.
The free Frontback app won lots of praise when it was solely on iOS, and now it’s newly available on Android.
Selfie Cam, free on iOS, is more traditional. It offers a number of image options through an easy-to-use dial interface.
You can dial up a square or rectangular photo, turn on the flash or choose an on-screen grid to help line up the shot, among other features.
When you’ve set up your selfie to your satisfaction, you either press the shutter button in the middle of the dial, select a timed shot or choose the so-called smile detection option.
With that feature, the app won’t take a photo unless you smile; it’s great, and can help you create a nice image. But this feature took a little fiddling to get right.
CamMe is a similar app on iOS that helps create selfies without your outstretched phone-holding arm appearing in the photo.
CamMe detects when you hold your hand up to start the photographing process, and waits for you to make a fist before it starts a countdown.
So prop your phone up somewhere, step back and follow the on-screen prompts to take a selfie that looks a little more natural than others.
CamMe has an easy-to-use interface, and it is fairly good at detecting your gestures. It has some neat options, like funny photo frames to surround the images, but they cost about a dollar.
The app itself is free, though, so it is definitely worth trying.
Facetune may be just a bit controversial for the same reasons Photoshopped photos of models in magazines are.
The app lets you make small but important adjustments to pictures to improve how you look.
The interface is slick and easy to use. Each of the different effects has on-screen advice, and it’s easy to apply and undo effects.
You can smooth out wrinkles, patch spots, whiten your teeth, narrow your cheeks and make many other small alterations, most of which are impressive.
The trick, I’d say, is not to get too vain and overrefine your photo so it looks weirdly artificial.
I prefer the warts-and-all natural look, but of course your mileage may vary. Facetune costs $3 (Rs 182) on iOS.
There’s no Android edition of Facetune yet, but for a great alternative, check out Perfect365.
This app automatically detects your eyes, nose and mouth and uses the information to apply effects like adding color to your cheeks, tweaking your eyelashes or even applying fake lipstick.
Its interface isn’t quite as easy to use as Facetune, and I often had to adjust the app’s automatically identified data points to, for example, properly line up with the edges of my mouth. It’s fun to play with, though, and it’s free.
There’s also an iOS version.
For a simple but effective app that’s all about special filters, look no further than Retrica.
This $2 (Rs 121) iOS and Android app has a clean, minimalist interface and takes pictures as nicely as many rivals do.
But it stands out because of its image effects.
There are 80-plus filters to choose from, as well as effects like blurring the background, adding borders and more.
It’s fun to use, if sometimes a little confusing, and there’s a free edition that has embedded ads and more limited features, including a reduced number of filters.
Good luck using these apps: Stick your tongue out, and be proud of your selfies!
Dick Loizeaux recently found himself meandering through a noisy New York nightclub. This was unusual; Loizeaux, a 65-year-old former pastor, began suffering hearing loss nearly a decade ago, and nightclubs are not really his scene.
“They’re the absolute worst place to hear anybody talk,” he said.
But this time was different. Loizeaux had gone to the club to test out the GN ReSound Linx, one of two new models of advanced hearing aids that can be adjusted precisely through software built into Apple’s iPhone.
When he entered the club, Loizeaux tapped on his phone to switch his hearing aids into “restaurant mode.”
The setting amplified the sound coming from the hearing aids’ forward-facing microphones, reducing background noise.
To play down the music, he turned down the hearing aids’ bass level and bumped up the treble.
Then, as he began chatting with a person standing to his left, Loizeaux tapped his phone to favour the microphone in his left hearing aid, and to turn down the one in his right ear.
The results were striking. “After a few adjustments, I was having a comfortable conversation in a nightclub,” Loizeaux told me during a recent phone interview - a phone call he would have had difficulty making with his older hearing aids.
“My wife was standing next to me in the club and she was having trouble having the same conversation, and she has perfect hearing.”
It’s only a slight exaggeration to say that the latest crop of advanced hearing aids is better than the ears most of us were born with.
The devices can stream phone calls and music directly to your ears from your phone.
They can tailor their acoustic systems to your location; when the phone detects that you have entered your favourite sports bar, it adjusts the hearing aids to that environment.
The hearing aids even let you transform your phone into an extra set of ears.
If you’re chatting with your co-worker across a long table, set the phone in front of her, and her words will stream directly to your ears.
When I recently tried out the Linx and the Halo, another set of iPhone-connected hearing aids made by the U.S. hearing aid company Starkey, I was floored. Wearing these hearing aids was like giving my ears a software upgrade.
For the first time, I had fine-grain control over my acoustic environment, the sort of bionic capability I never realised I had craved.
I’m 35 and I have normal hearing. But if I could, I’d wear these hearing aids all the time.
IPhone-connected hearing aids are just the beginning.
Today most people who wear hearing aids, eyeglasses, prosthetic limbs and other accessibility devices do so to correct a disability.
But new hearing aids point to the bionic future of disability devices.
As they merge with software baked into our mobile computers, devices that were once used simply to fix whatever ailed us will begin to do much more.
One day all of us, not just those who need to correct some physical deficit, may pick up a bionic accessory or two.
“There is a way in which this technology will give people with hearing loss the ability to outperform their normal-hearing counterparts,” said Dave Fabry, Starkey’s vice president for audiology and professional relations.
Hearing aids are the natural place to begin our bionic quest.
About 36 million American adults report some degree of hearing loss, according to the National Institute on Deafness and Other Communication Disorders, but only about a fifth of the people who would benefit from a hearing aid use one.
That’s because hearing aids, as a bit of technology, have long seemed stuck in the past.
“Most people picture large, clunky bananas that fit behind your ears and show everyone you’re getting old,” said Ken Smith, an audiologist in Castro Valley, Calif., who has fitted more than two dozen patients with the Linx.
Until recently, many hearing aids were also difficult to use. For lots of potential users, especially people with only mild or moderate hearing loss, they didn’t do enough to improve sound in noisy environments.
In 2012, Apple announced the Made for iPhone Hearing Aid program, which would let the company’s mobile operating system connect directly to hearing aids using a low-power version of Bluetooth wireless technology.
Representatives of both Starkey and GN ReSound say they saw the iPhone as a way to correct many of the tech problems that had hampered hearing aids.
The phone could act as a remote control, a brain and an auxiliary microphone for hearing aids, and it would finally let people make phone calls and listen to music without carrying a wireless dongle.
But more than that, the companies say, the iPhone could do something potentially revolutionary for hearing aids.
“A lot of the people who could benefit from wearing a hearing aid now don’t have any excuse - they can’t say it’s too clunky or not cool,” said Morten Hansen, GN ReSound’s vice president for partnerships and connectivity.
Fabry, of Starkey, was blunter: “We thought we could make hearing aids cool.”
Aesthetically, both companies seemed to have pulled off something close.
The GN ReSound and Starkey hearing aids are fantastically tiny and attractive; each is just a fraction of the size of a conventional Bluetooth headset, and when they’re set behind your ears, they’re virtually invisible.
They are also quite comfortable. A few minutes after fitting each model into my ears, I had forgotten they were there.
On the other hand, neither is cheap.
Starkey’s Halo starts around $2,000 (Rs 1,21,640) a hearing aid, while GN ReSound’s Linx begins at more than $3,000 (Rs 1,82,460) each.
Few health insurance plans cover the cost of hearing aids; Medicare does not.
Some people who have used them, though, said the new hearing aids were well worth the price.
“I fell in love with them in the first 30 seconds,” said Todd Chamberlain, who recently began using a pair of Halos.
Chamberlain, who is 39 and works as an industrial safety officer in Ephrata, Washington, has worn hearing aids since he was 3 years old.
“I’m surprised they haven’t done this earlier - putting it all in an app, that seems so obvious these days,” he said.
Soon, we might be saying the same about all of our senses.
