Apple threatened Intel with 'wake-up call' over chip power consumption

Officials at Apple were at at one point so unsatisfied with power consumption levels of Intel's processors that they threatened to end their partnership with the chipmaker, if the problems were not addressed.

The revelation was shared by Greg Welch, director of Intel's Ultrabook group, with The Wall Street Journal. He said that Apple gave Intel a "real wake-up call" when the Mac maker threatened to end their business relationship.

Apple officials told Intel that the chipmaker needed to "drastically slash its power consumption," or else Apple would turn elsewhere for chips. The threats were said to have helped spur Intel's interest in creating its new Ultrabook specification.

As announced earlier this week, Intel Capital, the strategic investment arm of the world's largest chipmaker, will invest $300 million in a new "Ultrabook fund" to invest in new technologies. Intel is pushing manufacturers to build thin-and-light notebooks that aim to challenge Apple's MacBook Air.

As Intel has pushed to get its Ultrabook specification off the ground, the chipmaker's partners are said to have struggled keeping their ultraportable notebooks under a price of $1,000. Apple's entry-level 11.6-inch MacBook Air sells for $999, and is one of the company's most popular notebooks.

For years, rumors suggested that Apple would transition the iPhone to the Atom architecture, but the change failed to materialize as Intel struggled with managing power consumption. The Atom processor was also said to be utilized in early prototypes of the iPad as far back as 2008.

Unsatisfied with the power consumption levels of Intel's Atom platform, Apple instead turned to ARM for its iPhone and iPad processors. The company also bought ARM design companies PA Semi and Intrinsity, both key acquisitions that allowed Apple to create the custom A4 processor found in the iPhone 4 and first-generation iPad, as well as the dual-core A5 processor found in the iPad 2.

As for its Mac lineup, as recently as 2010 there were indications that Apple and Intel's rival AMD were engaged in initial discussions about the possibility of Apple adopting AMD chips. More recently, there has even been speculation that Apple could merge iOS with Mac OS X with Macs based on an anticipated A6 processor starting in 2012.
Read More >>

Read More

Vodafone suspends sales of blocked Galaxy Tab 10.1

Vodafone, the telecoms giant, has suspended pre-orders of the tablet computer after the Regional Court of Dusseldorf issued a temporary ban on any sales or marketing of the device in every country bar the Netherlands.

The court made its ruling on the basis that the Galaxy Tab 10.1 infringed Apple's intellectual property by copying elements of the iPad 2.

Vodafone has already begun contacting customers who have placed orders for the device and giving them the opportunity to cancel, amid expectations that the preliminary injunction will be made permanent across most of Europe.

A spokesman said: "We are aware of legal proceedings [and] we're in discussions with Samsung about the position in the UK. In the meantime, we will be suspending pre-orders."

O2 has also said it will not supply the tablet to customers, although it put this down to Samsung's inability to supply the device rather than it cancelling orders.
Read More >>

Read More

Department of Defense tries to court hackers

Las Vegas, Nevada (CNN) -- Dear hackers: The U.S. government wants you.

Or, at the very least, the Department of Defense's research wing wants to pay you to help it block cyber threats, a project manager at the Defense Advanced Research Projects Agency said Thursday.

Former hacker Peiter Zatko announced the start of a fund-the-hackers program, called Cyber Fast Track, in a keynote talk at the Black Hat conference, which is aimed at hackers and computer security experts. The program began officially late Wednesday, he said.

Experts say the government has done a lousy job in the past of getting money to security researchers quickly enough for them to actually help mitigate cyber threats. Or the feds have avoided dealing with hackers entirely.

"One of the ways I see fixing it is bridging the gap between the government and the hacker community," said Zatko, who goes by the handle "Mudge."

By "hacker," he doesn't mean criminal. He's referring to people who try to break computer systems with the goal of making them more secure. These people are sometimes referred to in the security industry as "white hats," as opposed to nefarious "black hats."

"We have all sorts of other criminals, be it in politics or finance, and those elements may be bigger than the criminal element in the hacker community," he said.

Other wings of the government appear to be courting the hacker community as well. The Federal Bureau of Investigation and the Internal Revenue Service both have booths set up on the expo floor here at Caesars Palace. Federal agents are so commonplace at this hacker conference -- and at another, called DEF CON, which happens later this week -- that some of the hackers have held a "Spot the Fed" contest, with T-shirts as prizes.

Law enforcement and hackers don't always play well in these arenas. Speakers at past Black Hat and DEF CON conferences have been threatened with injunctions aimed at stopping them from explaining how to hack into certain systems.

The hackers say they're making public such exploits for the public's own good. If they can find the bugs, then bad guys who want to steal information and make money could, too.

In an interview after his talk, Zatko declined to say how much money DARPA will put into the new program, or how big the individual grants will be.

The goal is to fund independent security researchers, who currently do much of their work on nights and weekends without pay, in hopes that they will help make the Internet safer.

One of those hacker-researchers is Dino Dai Zovi, who says his girlfriend gets annoyed that he spends almost all of his free time on his computer.

"Look at the bags under my eyes -- I never stop working," he said.

Dai Zovi said the DARPA program will help hackers actually get paid for their work.

The stakes for the new program are also high.

Zatko, the hacker-turned-DARPA official, said the number of malware attacks continues to increase even as government agencies spend more money to stop them.

In 2000, he said, there were about 1,400 "incidents of malicious cyber activity." Nine years later, that number had jumped to more than 71,000.

Current computer systems are needlessly complicated, he said, which leaves them more open to malicious hacking. He suggested that researchers work, for example, to simplify Microsoft Word with its list of 3,000 fonts and many potential exploits.

Zatko, whose notable life as a hacker has been the inspiration for fictional characters, said he's trying to change how the government works from the inside.

"I hope the old Mudge of 1999 is looking at the current Mudge of 2011 and saying, 'Yeah, you're wearing a pocket square and you don't have long hair,' " he said, " 'but, yeah, you're still remaining true to the cause.' "
Read More >>

Read More

'Shady RAT' hacking claims overblown, say security firms

Computerworld - Two security companies are questioning claims that a cyber espionage campaign uncovered by a rival firm was sophisticated or even extraordinary.

On Tuesday, antivirus vendor McAfee described a five-year hacker operation that infiltrated more than 70 U.S. and foreign government agencies, defense contractors and international organizations to plant malware that in some cases hid on networks for years.

In its report, McAfee said it was "surprised by the enormous diversity of the victim organizations" and "taken aback by the audacity of the perpetrators."

News stories about the report seized on the word "unprecedented" in the McAfee report to characterize the scale of the intrusions.

"What we have witnessed over the past five to six years has been nothing short of a historically unprecedented transfer of wealth," said McAfee, referring to the now-nearly-constant attacks on Western companies and organizations by campaigns like Shady RAT.

Moscow-based Kaspersky Lab on Thursday begged to differ, saying that McAfee has simply not provided enough information to justify the claims being bandied about.

"The report contains nothing on what particular data has been stolen or how many computers in each organization were hit by the attacks," said Alex Gostev, Kaspersky's chief security expert, in an emailed statement. "Until the information in the McAfee report is backed up by evidence, to talk about the biggest cyber attack in history is premature."

Although McAfee's report on what it dubbed "Operation Shady RAT" (download PDF) was filled with details -- it noted how long the malware had remained hidden on each of the 72 victims, and provided a timeline on the various compromises -- it did not, in fact, explicitly claim that data had been stolen.

Other security researchers have chimed in as well to rebut claims that the Shady RAT attacks were sophisticated or even out of the ordinary.

"Is the attack described in Operation Shady RAT a truly advanced persistent threat?" asked Symantec researcher Hon Lau in a Thursday blog post. "I would contend that it isn't."

Advanced persistent threat, or APT, is the term that's been widely used to describe targeted attacks against specific companies or organizations that try to burrow into a computer network and pillage information.

The word "advanced" is a misnomer, said Lau in a write-up of Symantec's own analysis of Shady RAT, which filled in many of the details omitted by McAfee, including the type of malware involved, the techniques hackers used to plant their attack code on PCs and the exploits they used.

Lau popped the "advanced" balloon by citing the sloppiness of the attackers, who left their own command-and-control (C&C) servers open to probing, and for their use of "relatively non-sophisticated malware and techniques."
Read More >>

Read More

DIY Spy Drone Sniffs Wi-Fi, Intercepts Phone Calls

LAS VEGAS — What do you do when the target you’re spying on slips behind his home-security gates and beyond your reach?

Launch your personal, specially equipped WASP drone — short for Wireless Aerial Surveillance Platform — to fly overhead and sniff his Wi-Fi network, intercept his cellphone calls, or launch denial-of-service attacks with jamming signals.

These are just a few of the uses of the unmanned aerial vehicle that security researchers Mike Tassey and Richard Perkins demonstrated at the Black Hat security conference here Wednesday.

At a cost of about $6,000, the two converted a surplus FMQ-117B U.S. Army target drone into their personal remote-controlled spy plane, complete with Wi-Fi and hacking tools, such as an IMSI catcher and antenna to spoof a GSM cell tower and intercept calls. It also had a network-sniffing tool and a dictionary of 340 million words for brute-forcing network passwords.

The GSM hack was inspired by a talk given at last year’s DefCon hacker conference by Chris Paget, who showed how to create a cellphone base station that tricks nearby handsets into routing their outbound calls through it instead of through commercial cell towers.

That routing allows someone to intercept even encrypted calls in the clear. The device tricks phones into disabling encryption, and records call details and content before they’re routed to their intended receiver through voice-over-internet protocol or redirected to anywhere else the hacker wants to send them.

The drone takes that concept and gives it flight. The plane weighs 14 pounds and is 6 feet long. Per FAA regulations, it can legally fly only under 400 feet and within line of sight. But the height is sufficient to quiet any noise the drone might produce, which the researchers said is minimal, and still allow the plane to circle overhead unobtrusively.

It can be programmed with GPS coordinates and Google maps to fly a predetermined course, but requires remote control help to take off and land.

The two security researchers created the spy plane as a proof of concept to show what criminals, terrorists and others might also soon be using for their nefarious activities.

Tassey, a security consultant to Wall Street and the U.S. intelligence community, told the conference crowd that if the two of them could think up and build a personal spy drone, others were likely already thinking about it, too.

The spy drones have multiple uses, both good and bad. Hackers could use them to fly above corporations to steal intellectual property and other data from a network, as well as launch denial-of-service or man-in-the-middle attacks. They could also transmit a cellphone jamming signal to frustrate an enemy’s communications.

“It’s hard to keep something that’s flying from getting over your facility,” Tassey said.

A drone could also be used to single out a target, using the target’s cellphone to identify him in a crowd, and then follow his movements. And it would be handy for drug smuggling, or for terrorists to trigger a dirty bomb.

But the drones don’t just have malicious uses. The researchers point out that they would be great for providing emergency cellular access to regions hit by a disaster.

The drones could also be outfitted with infrared cameras and shape-recognition technology to run search-and-rescue missions for lost hikers. The military could use them for electronic countermeasures to jam enemy signals or as communication relays flown over remote areas to allow soldiers on two sides of a mountain, for example, to communicate.

“You don’t need a PhD from MIT to do this,” Perkins said.
Read More >>

Read More

Honda recalls 2.5m cars over auto bearing bust-up

Honda has been forced to recall several of the models in its range, including the 2005-2010 Accord, across US, China and elsewhere after issues with the automatic transmission that could see the engine cut out unexpectedly. Although Honda says neither injuries nor deaths have been caused by the issue, it will nonetheless be forced to bring 2.49m vehicles in and reprogram the transmission control module so as to be more gentle with the gears.

The issue, Honda says, can occur when drivers quickly shift between reverse, neutral and drive, something that could take place if the car is stuck in grass or mud as the owner attempts to rock themselves out. That frequent changing can damage the automatic transmission secondary shaft bearing, prompting difficulties engaging park or, potentially more dangerous, leaving the engine prone to stalling.

Approximately 1.5m of the affected cars are in the US, while 760,515 are in China. In the US, certain 2005-2010 4-cylinder Accord, 2007-2010 CR-V and 2005-2008 Element vehicles will be brought back in; select Odyssey and Spirior models are also at risk. Owners can check their car’s status in the recall here.
Read More >>

Read More