SEARCH CLINIC

Search engine online marketers
Subscribe Twitter Facebook Linkedin

Archive for April, 2014

Microsoft profits from cloud services

April 25, 2014 By: Dr Search Principal Consultant at the Search Clinic Category: Cloud Computing, Computers, Microsoft, Technology Companies, Uncategorized

Microsoft has announced a increase in it’s profits- grown by increased use of cloud services.

Microsoft profits from cloud servicesMicrosoft earnings were buoyed by new CEO Satya Nadella’s cloud vision as these earnings are the first Microsoft has released with new chief executive in charge.

Microsoft reported net profits of £3.37 billion in the first quarter of 2014- which was better than finance markets had estimated.

The software maker’s efforts to move further into cloud computing – a move championed by new chief executive Satya Nadella – seem to be paying off.

Azure, a cloud computing product, saw revenue grow 150%, Microsoft.

The company also said it added 1 million users to its subscription-based Office programme for personal users.

Microsoft sold in 2 million Xbox consoles, including 1.2 million Xbox Ones during the period.

“We are making good progress in our consumer services like Bing and Office 365 Home, and our commercial customers continue to embrace our cloud solutions,” said chief executive Satya Nadella, who replaced Steve Ballmer in February.

However, Microsoft was hurt by declining personal computer sales, as users continue to shift to other technologies.

Overall, profits declined by 6.5% compared to the same period last year.

Microsoft shares rose close to 3% in after-hours trading.

Black market for stolen smartphones grows

April 22, 2014 By: Dr Search Principal Consultant at the Search Clinic Category: mobile phones, smart phones, Technology Companies, Telecommunications Companies, Uncategorized

A black market of shops and traders willing to deal in stolen smartphones has been exposed.

Black market for stolen smartphones growsMore than 30,000 phones have been stolen in London alone in 2014.

They were then all blocked or reported stolen to the networks

All the phones used had ‘find-my-phone’ style blocks activated, and in theory their IMEI numbers mean they are not useable once reported stolen.

But it is simple it was to get around such features – using only a laptop.

By giving a device a new IMEI number – effectively changing the phone’s fingerprint – it means that the phone could be used as normal again.

And restoring the phone’s default software removes “find-my-phone” protection.

In just a few mouse clicks and the phone is turned from a paperweight back to a useable device again.

Over the past 12 months:

  • 30,430 phones taken in thefts – down 12% on previous year
  • 13,724 phones taken in robberies
  • Equivalent to 80 phones a day being taken
  • More than half of all the thefts on the Tube are of mobile phones

Source: Metropolitan Police and British Transport Police

A phone stolen this morning could be back on the streets by this afternoon, packaged up as a second hand legitimate phone.

A fundamental redesign of smartphones to place the IMEI number on a ‘read-only’ part of the device would prevent this. But Mr Roughley said manufacturers have been reluctant to do this.

So beware you so called smart phone- isn’t that clever if it is lost or stolen.

Police warn on cyber crime threats

April 18, 2014 By: Dr Search Principal Consultant at the Search Clinic Category: Cyber Security, data security, Hackers, Personal Security, Search Clinic, Telecommunications Companies, Uncategorized

Only three out of 43 police forces in England and Wales have a comprehensive plan to deal with a large scale cyber attack, new research has found.

Police warn on cyber crime threatsHer Majesty’s Inspectorate of Constabulary (HMIC) warned only Derbyshire, Lincolnshire and West Midlands had sufficient plans in place.

It also found only 2% of police staff across 37 forces had been trained on investigating cybercrime.

The report examined how prepared police are for a series of national threats.

Last year, the government identified five threats as priorities for police to prepare for. These are:

  • Terrorism
  • Civil emergencies
  • Organised crime
  • Public order threats
  • Large-scale cyber-attacks

As part of its Strategic Policing Requirement (SPR), the Home Office called for a nationally required policing response to counter each of the threats.

The report is the first in a series of inspections looking at how individual forces have responded to the guidelines.

HMIC inspectors said they were “struck by how incomplete the police service’s understanding of the national threats was” and that more needs to be done “collectively by all forces”.

The report called for “much greater attention” from police leaders.

“The capacity and capability of the police to respond to national threats is stronger in some areas than others – with the police response to the cyber-threat being the least well developed,” HMIC’s Stephen Otter said.

Police plans to deal with counter-terrorism, public order, civil emergencies and organised crime were in “stark contrast” with the capabilities for cyber-related threats.

Inspectors found the ability to deal with cyber-threats remains “largely absent” in some forces and that some senior officers across England and Wales are still “unsure of what constituted a large-scale cyber-incident”.

They found forces were “silent” when it came to preventing cybercrime and protecting people from the harm it causes, despite the fact it is “fast becoming a dominant method in the perpetration of crime.

“The police must be able to operate very soon just as well in cyberspace as they do on the street,” the report said.

According to the government’s definition, a large-scale cyber-incident could be “a criminal attack on a financial institution to gather data or money” or an “aggregated threat where many people or businesses across the UK are targeted”.

It also includes “the response to a failure of technology on which communities depend and which may also be considered a civil emergency”.

Basically- despite cybercrime costing the UK ecomony billions of Pounds, our plods are light years from being able to cope- let alone help us.

Moral of the story is make sure that you are as secure as you can be- because the state isn’t capable of nannying you.

Passwords- how to set and remember them

April 15, 2014 By: Dr Search Principal Consultant at the Search Clinic Category: Cyber Security, data security, Dr Search, Hackers, Personal Security, Search Clinic, Uncategorized

With the heightened risk of password hacking Search Clinic thought that it is a good time to refresh your memory on how to set- and remember your secure passwords.

Passwords- how to set and remember themDr Search of the Search Clinic visited the Cheltenham Science Festival a few years ago and attended a lecture by Toby of GCHQ on security in the computer age and posted a post at: top common passwords.

Your starter for ten is to make sure that you don’t use any of them. If you do- then you are already in trouble.

Changing passwords is something many people avoid at all costs- because they fear they will forget the new password.

However, you can make something memorable by simply using the power of association and location. In order to remember a string of online passwords, all you have to do is associate each individual letter and number with a known or fixed item, calling on your imagination throughout.

The more you stimulate and use your imagination, the more connections you will be able to make, and the more you will be able to memorise.

Memory expert Tony Buzan gives tips on how to remember new ones, which should be a long jumble of randomly generated letters and numbers.

No pet’s names- Hackers can find out a lot about you from social media

No dictionary words- Hackers can precalculate the encrypted forms of whole dictionaries and easily reverse engineer your password.

Mix unusual characters- Try a word or phrase where characters are substituted -Whyd03s1talw&ysr*in?

Have multiple passwords- If hackers compromise one system, they won’t be able to access other accounts.

Keep them safely- Don’t write them down – use a secure password vault on your phone. If you must worte them down label the file someother OTHER than passwords.

Tom from GCHQ suggested using a combination of the above, by using multiple words and numbers- with a few symbols thrown in for good measure:

wh1te-rabbt)*m0nth

Good Luck- and safe browsing.

Heartbleed bug- what you need to know

April 11, 2014 By: Dr Search Principal Consultant at the Search Clinic Category: Cyber Security, data security, Dr Search, Hackers, Search Clinic, Uncategorized

A major security flaw at the heart of the internet may have been exposing users’ personal information and passwords to hackers for the past two years.

Heartbleed bug- what you need to knowThe Heartbleed bug exists in a piece of open source software called OpenSSL which is designed to encrypt communications between a user’s computer and a web server, a sort of secret handshake at the beginning of a secure conversation.

It was dubbed Heartbleed because it affects an extension to SSL (Secure Sockets Layer) which engineers dubbed Heartbeat.

It is one of the most widely used encryption tools on the internet, believed to be deployed by roughly two-thirds of all websites. If you see a little padlock symbol in your browser then it is likely that you are using SSL.

Half a million sites are thought to have been affected.

In his blog chief technology officer of Co3 Systems Bruce Schneier said: “The Heartbleed bug allows anyone to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the name and passwords of the users and the actual content,” he said.

“This allows attackers to eavesdrop communications, steal data directly from the services and users and to impersonate services and users,” he added.

The bug is so serious it has its own website Heartbleed.com which outlines all aspects of the problem.

Some security experts are saying that it would be prudent to change your passwords- although there is a degree of confusion as to when and if this needs to be done.

Some point out that there will be plenty of smaller sites that haven’t yet dealt with the issue and with these a password reset could do more harm than good, revealing both old and new passwords to any would-be attacker.

But now the bug is widely known even smaller sites will issue patches soon so most people should probably start thinking about resetting their passwords.

The exploit was not related to weak passwords but now there are calls for a mass reset of existing ones, many are reiterating the need to make sure they are as secure as possible.

There are half a million websites believed to be vulnerable so too many to list but there is a glut of new sites offering users the chance to check whether the online haunts they use regularly are affected.

The bad news, according to a blog from security firm Kaspersky is that “exploiting Heartbleed leaves no traces so there is no definitive way to tell if the server was hacked and what kind of data was stolen”.

Security experts say that they are starting to see evidence that hacker groups are conducting automated scans of the internet in search of web servers using OpenSSL.

And Kaspersky said that it had uncovered evidence that groups believed to be involved in state-sponsored cyber-espionage were running such scans shortly after news of the bug broke.

Search Clinic will soon post a blog on how to set and remember passwords- so please subscribe to the Search Clinic newsfeed.