techvirtuoso.com

Snow Leopard lacks security features present in Windows Vista/7

View Comments September 17, 2009 : By Michael Stanclift · Category : News

Random_Access_MemoryNoted Apple security analyst Charlie Miller, author of The Mac Hackers Handbook and two-time winner of the Pwn2Own hacking contest has said, in an interview with TechWorld, that the latest version of Apple OS X (10.6 AKA Snow Leopard) lacks full and proper implementation of memory address space layout randomization (ASLR). ALSR is a technology, present in Windows Vista and Windows 7, that randomly assigns data to memory to make it difficult for attackers to determine the address of critical operating system functions being stored in memory, and therefore making it harder for them to create exploits.

“It’s the exact same ASLR as in Leopard, which means it’s not very good,” Miller said, “Apple didn’t change anything. I don’t understand why they didn’t. But Apple missed an opportunity with Snow Leopard.”

When OS X 10.5 (Leopard) was released, Miller and others were critical of Apple not fully implementing ASLR. While there is ASLR present in both Leopard and Snow Leopard, they fail to the heap, the stack and the dynamic linker, the parts of the operating system that are most open to attack. Linux also has what many consider a weak implementation of ASLR since kernel version 2.6.12, although some distributions include better ASLR then the stock kernel based on third party code.

Miller did say that there are elements of Snow Leopard that show Apple did do some things to improve security, most notably the inclusion of data execution prevention or DEP, which utilizes both processor-hardware and software based security programming to help prevent buffer overflow attacks by blocking code from running in memory spaces that’s supposed to contain only data.

However, Apple may be late to the game with implementation of DEP, as it has been present in Windows operating systems since Windows XP Service Pack 2, with further refinements made in Windows Vista and Windows 7.

By incorporating both technologies, Miller says it becomes extremely difficult to craft memory attack exploits. “If you don’t have either, or just one of the two [ASLR or DEP], you can still exploit bugs, but with both, it’s much, much harder. Snow Leopard’s more secure than Leopard, but it’s not as secure as Vista or Windows 7.”

AT&T, Intel collaborate to strengthen remote PC support for SMB

View Comments September 17, 2009 : By Don Smith · Category : News

Intel_logoAT&T and Intel have announced a collaboration which will see the former introduce AT&T Tech Support 360SM, an affordable IT virtual helpdesk that provides live, permission-based remote technical service for small and midsize businesses.

The upcoming option will enable them to simply enter a keystroke sequence on a failed computer – even if its operating system is down – to directly connect the system with technicians over the Internet via an encrypted connection. The Tech Support 360 technicians will then address the PC remotely, even when it has become inoperable due to problems such as hardware or operating system failure, or corruption by a virus or malware. This is made possible by the use of the Intel Remote PC Assist Technology (Intel RPAT), a feature of Intel’s vPro.

“As a result of the current economic conditions, small businesses are even more focused on controlling costs,” said David Tuhy, a general manager in the Intel Business Client Group. “AT&T’s Tech Support 360 in conjunction with Intel vPro technology opens the door for new managed services to address these concerns. By adding support for Intel Remote PC Assist Technology, AT&T will be able to deliver a higher level of service to customers by improving PC troubleshooting and reducing support costs using an encrypted connection over the Internet.”

Those interested can get more info about AT&T’s Tech Support 360 service via tech360.att.com.

Canon extends partnership with Adobe

View Comments September 17, 2009 : By Don Smith · Category : News

Canon_logoCanon told the press today that they will be extending the partnership with Adobe with a new software agreement designed to boost security and usability of the company’s products.

Canon and Adobe formed said partnership back in 2005 for various projects, with the printing giant now planning to offer integration with the Adobe LiveCycle Rights Management ES system into all of its new imageRunner Advance series of products, allowing users to apply security policies to scanned documents on the fly.

Canon’s European marketing manager, Paul Rowntree, gave a demonstration of how the system works, and showed how certain policies will do things such as prevent unauthorised users printing a certain document.

“This type of security is unique to Canon and shows how our printers fit with a secure document management system,” Rowntree said.

Users will also be able to assemble documents with material from multiple sources using easy drag-and-drop functionality, according to the firm. Now that Canon holds a niche feature set with combined document security and compilation software, it will be interesting to see if this helps them recover from the economic struggles of the first two quarters of this year.

New business desktop PC portfolio announced by HP

View Comments September 15, 2009 : By Don Smith · Category : News

HP-Compaq-6000-Pro-Desktop-PC-series-APJ_190x170HP today introduced the HP Compaq 6000 Pro and HP Compaq 6005 Pro desktop PC portfolio for businesses ranging from mid market, education and healthcare customers to corporate enterprises.

The portfolio offers proven technology, flexible productivity tools and security features that are easy to deploy and manage.

“HP continues to see strong and steady customer demand for reliable, secure and full-featured desktop PCs,” said Alan Reed, vice president and general manager, Desktop PCs, HP. “Featuring the right blend of productivity and manageability solutions, the HP Compaq 6000 Pro and HP Compaq 6005 Pro desktop PCs offer businesses the essential PC security, reliability and energy efficiency they need at a competitive price.”

The series features an array of energy-saving components to help businesses monitor and reduce energy use. Both models are EPEAT® Gold registered(2) and offer an optional(3) 89 percent efficient power supply -  the highest percentage of power savings HP offers on its desktop PCs – which helps lower energy consumption and costs. HP Power Manager software maximizes energy savings, default S3 sleep settings conserve power after periods of inactivity, and a holistic thermal design enables these PCs to last longer.

Both models include two independent audio streams that allow Voice over IP (VoIP)(4) calls to be routed to the headset while restricting other audio playback to PC speakers.

Featuring a new industrial design with a sleek black, modern chassis with silver accents, the HP Compaq Pro series boasts a 12 month-plus product lifecycle and global SKUs to meet global business deployment needs.  Available in a traditional microtower for expandability or the space saving small form factor, the series also features internal and external bays for removable media options or a second hard drive, and PCIe slots to expand capabilities. Simplified serviceability is a snap with a new, simplified tool-less hood removal, quick release latches, and color-coded connectors and wires. HP will also be the one of the first in the industry to offer 100 percent recycled single packaging expanded polyethylene (EPE) cushions across the 6000 Pro series, available in NA and LA.

HP Compaq 6000 Pro Desktop PC
The HP Compaq 6000 Pro now offers integrated dual-monitor capability and improved video and 3D graphics support with Intel Graphics Media Accelerator 4500, which enables integrated graphics with Microsoft® DirectX-10 support. (5) High-definition multi-streaming and four-channel audio with echo-cancellation features provide rich sound quality with increased audio flexibility, performance and noise reduction. DDR3 SDRAM memory technology provides higher bandwidth and performance while using less power.

Equipped with a choice of Intel® processors(6) and the Intel Q43 express chipset, the HP Compaq 6000 Pro desktop provides solid computing for businesses that need flexible management capabilities for office and remote workers. Integrated Intel Standard Manageability enables remote PC access so IT departments can quickly identify and resolve issues. The Intel Stable Image Platform Program helps reduce costs by providing components that support a standardized, common and stable software image across the series.

HP Compaq 6005 Pro Desktop PC
New HP RapidDrive technology, which pairs a solid state drive and regular serial ATA hard drive, is an optional(7) configuration on the HP Compaq 6005 Pro that provides customers with quicker boot-up and response times with extended storage capability. High-end features such as integrated dual-display capability and DDR3 memory raise productivity while optional(3) RAID technology with data mirroring minimizes disruptions and protects critical business documents.

The HP Compaq 6005 features integrated DASH 1.1 for expedited remote access to security patches, troubleshooting, and automated system startup and shutdown. All HP Compaq 6005 Pro PC configurations are ENERGY STAR® 5.0 qualified, and a new integrated sideport memory interface helps reduce system power. Businesses will appreciate that the HP Compaq 6005 Pro PC idle quad core processor power measurements show an average of 25 percent improvement over the current HP Compaq dc5850 PC. In addition, a solenoid hood lock and sensor help protect the unit from theft or tampering.

AMD Business Class technology and the new AMD 785G chipset along with Athlon™ II Dual Core and Phenom™ II Dual/Triple/Quad Core processors(7) provide stability with  exceptional multi-tasking processing power and an excellent integrated graphics experience which supports Microsoft DirectX-10.1.

For more information, please visit HP.com

Google Apps Directory Sync tool now supports suspending users

View Comments September 8, 2009 : By Frank Owen · Category : News

Google Apps SmallAccording to the Google Apps Official Blog they have released version 1.6.7 of their Directory Sync tool.   This tool allows Administrators to link up Active Directory (or other LDAP servers) to their Google Apps enviroment.

In older versions of the Google Apps Directory Sync the tool will provision new users/groups and sync LDAP directory information. With this new update it will automatically suspend Google accounts if the account is suspended inside the LDAP directory.  The Google Apps Directory Sync tool is a one way sync.  It only reads information from the directory to replace information inside of Google Apps, it will not sync back to the LDAP directory.

Eight new VMWare ESX 3.5 patches released

View Comments September 1, 2009 : By Michael Stanclift · Category : News

vmware_infrastructure_scVMWare has released eight patches for ESX 3.5, four of the eight patches are rated as critical from VMWare. There are no updates for VMWare ESXi. The updates can be downloaded from the VMWare ESX 3.5 Support website and installed manually by the using esxupdate from the command line of the host, or they can be automatically applied through VMWare Update Manager. For most of these patches, all virtual machine guests must be migrated to another host or shutdown before the patch is applied. The host server will then require a reboot.

Due to the critical nature of many of these patches, VMWare recommends quick evaluation and application of these patches.

ESX350-200908401-BG, Updates forcedeth driver
The forcedeth driver installed on the ESX hosts causes the NVIDIA nForce Network Controller NICs to lose network connectivity until the forcedeth driver is reloaded. This patch addresses the issue.

The affected NICS are:

  • NVIDIA nForce Professional 2200 MCP 1Gbe NIC
  • NVIDIA nForce Professional 2050 I/O companion chip 1Gbe NIC
  • NVIDIA nForce Professional 3600 1Gbe NIC

ESX350-200908402-BG, Updates VMware Tools
After performing VMotion between ESX 3.0.x and ESX 3.5 hosts, virtual machines running on ESX 3.5 hosts are restarted in order to upgrade to the latest version of VMware Tools. After applying this fix, VMware Tools function as expected.

ESX350-200908403-BG, Updates megaraid and mptscsi drivers
This patch fixes the following issues:

  • When the ESX host boots, the megaraid_sas driver heap gets depleted when claiming 4 LSI SAS RAID controllers on IBM System x3950 M2 Athena servers. This issue might cause the ESX host to stop booting. The fix increases the heap size for the megaraid_sas driver from 8 MB to 16 MB.
  • The mptscsi_2xx driver limits the discovery of targets to 63 SAS devices per LSI Serial Attached SCSI (SAS) host bus adapter (HBA). This fix increases the number of targets to the value returned by the HBA firmware.

ESX350-200908404-BG, Updates vmkctl
When N-Port ID Virtualization (NPIV) enabled virtual machines are powered on on ESX hosts, a rescan issued from the VI Client results in an error message stating that the rescan failed, even if the rescan is successful.

ESX350-200908405-BG, Updates vmkernel
Running the esxtop command on the service console of the ESX hosts lists high values for the max limited (%MLMTD) parameter for virtual machines when no max limited parameter is set. When the high values are listed, the performance of the virtual machines might be affected. In the VI Client, the max limited parameter is set in the Resources tab for CPU in Virtual Machine properties.

ESX350-200908406-BG, Updates vmx
This patch provides the following:

  • Adds support for new SCSI-3 status values in the SCSI emulation for virtual machines.
  • Fixes an issue where powering on customized versions of Ubuntu virtual machines from the ESX hosts might cause the ESX hosts to stop responding.

ESX350-200908407-BG, Updates kernel source and vmnix
This patch updates the service console kernel for the following fixes:

The forcedeth driver installed on the ESX hosts causes the NVIDIA nForce Network Controller NICs to lose network connectivity under certain circumstances. The affected NICS are:

  • NVIDIA nForce Professional 2200 MCP 1Gbe NIC
  • NVIDIA nForce Professional 2050 I/O companion chip 1Gbe NIC
  • NVIDIA nForce Professional 3600 1Gbe NIC

A bnx2x firmware dump issue.

The mptscsi_2xx driver limits the discovery of targets to 63 SAS devices per LSI Serial Attached SCSI (SAS) host bus adapter (HBA). This fix increases the number of targets to the value returned by the HBA firmware.

ESX350-200908408-BG, Updates bnx2x driver
This patch fixes a bnx2x firmware dump issue.

Source: Boche

Apple Snow Leopard, Exchange (in)capable?

View Comments September 1, 2009 : By Shane Pitman · Category : News

MC223With the recent launch of Apple’s latest OS iteration, Snow Leopard, many users were anxiously anticipating a more feature rich and integrated experience in corporate networks that employ a Microsoft Exchange server, or as Apple puts it, Out-of-the-box support for Microsoft Exchange. While that may technically be true, it’s not as cut and dry as Apple claims it to be.

Freelance technology journalist Tim Anderson digs into the Exchange capabilities of Snow Leopard in its out-of-the-box state, and reveals that it’s not a full featured Exchange experience, but may be more reminiscent of Mail support pre-Snow Leopard. While previously Apple OS versions only supported basic e-mail connections to an Exchange server via IMAP, Snow Leopard offers support for Exchange Web Services. However, EWS is not a feature complete service, and is only available to those connecting to an Exchange Server 2007  with Service Pack 1, Update Rollup 4. Even then, some features, such as public folder support will require an Exchange Server 2007 with Service Pack 2.

As Tim points out, there are many Snow Leopard users experiencing a myriad of difficulties in connecting their systems to Exchange servers. The saving grace looks like it will come from Microsoft, who in it’s next version of Microsoft Office for Mac, will be replacing Entourage with Outlook for Mac, which promises to deliver a more complete Exchange experience for Mac users.

VMware introduces VMware Go, designed to ease virtual migration

View Comments September 1, 2009 : By Michael Stanclift · Category : News

VMware_esx_server3i_Single_ServerYesterday at VMworld 2009, VMware announced a beta version of VMware Go, a free web-based service that is designed to allow small businesses to make the jump to virtualization by simplify and automating the installation and configuration of VMware ESXi. VMWare claims it will allow IT to get ESXi up and running with just a few mouse clicks.

VMWare ESXi is also a free product, but lacks some of the features and management abilities of the VMWare’s flagship server virtualization hypervisor product, ESX.

“Nearly every SMB stands to benefit tremendously from virtualization. VMware Go will simplify virtualization for SMBs to a few easy online steps and was designed with SMBs in mind. We want SMBs who may be sitting on the fence to realize all the benefits of virtualization without burdening their limited IT resources,” said Dan Chu, vice president, emerging products and markets at VMware.

VMware Go was developed in partnership with Shavlik Technologies, and is available now as a beta offering on at http://www.vmware.com/go/vmware-go-beta. The final version should be available in 2010.

Manage your thin clients from an iPhone

View Comments September 1, 2009 : By Michael Stanclift · Category : News

Straight from VMWorld.com, Christian Mairitsch from LISCON shows the latest version of the LISCON Management Console with iPhone support. LISCON claims this is the thin client management software worldwide which provides a optimized interface for smartphones.

The LISCON branded thin client from HP with LISCON OS starts a VMware View session. After moving it into another group the thin client inherits the configuration to open a published application in the seameless mode. This only takes a few moments and a Excel Window pops-up at the LISCON Desktop. Instead of a typical Windows task bar, a Mac-like dock appears.

LISCON Informationstechnologie GmbH is an Austria based company founded in 2000 that specializes in thin client management. Their Liscon OS is a customized version of Ubuntu 8.04 LTS that is stripped down and designed to run as a thin client operating system supporting VMWare View, Citrix ICA and Microsoft RDP.

« Newer Posts

© 2010 techvirtuoso.com, LLC. All trademarks are property of their respective owners.