Posts from 2018-01

All the passwords in the world will not protect our data now

The only way to fully fix the microchip flaw would be a mass recall of almost every device on the planet

For years, computer experts have given us a baffling list of things we have to do to ensure our most precious data is kept safe: Use passwords with numbers and capital letters; no wait, use longer ones, and don’t forget to come up with different codes for each account. We’re now encouraged to use techniques such as two-factor authentication and fingerprint scanners to ward off hackers, and the companies we trust with our photos and messages go to even greater lengths, employing military-grade security and secrecy around the huge data centres where they are stored.

Last week, we learnt that all this is not enough. A critical flaw in billions of microchips that power everything from our mobile phones to corporate supercomputers has emerged, allowing hackers to gain access to private files when we do something as innocuous as visiting the wrong website. At first, it was believed that the bug covered merely computers using chips designed by American giant Intel and would be solved by a technical update; but it has since emerged that the problem is far more widespread, extending to the devices in our pockets, and not fixed as easily as hoped.

The hack, which takes advantage of the way microchips process instructions from computer programmes, affects computers that date back two decades. Even products made by Apple  which is known for priding itself on security  are vulnerable.

The fact that there are no known examples of cybercriminals exploiting the “Meltdown” and “Spectre” bugs is little consolation. As soon as the existence of the flaws emerged, hackers will have begun working on a way to exploit them. It is possible that such weapons have been in the works for months, since the bugs were first uncovered in June last year.

Although they have been kept under wraps by tight-knit security teams since then, selling this knowledge to the right bidder — a rogue state, for example — could be worth millions.

The last 12 months have seen major cyber attacks mounted with growing frequency, from the “WannaCry” outbreak launched from Pyongyang that crippled parts of the National Health Service in Britain last March, to the hack of Uber’s servers that stole the data of 57 million people. It may be only a matter of time until we see this flaw exploited.

The tech companies we entrust with increasing amounts of data are rushing to introduce software updates. Apple said some of the issues had already been patched, and it would come out with further updates in future.

But  and this is the crucial point  these solutions are mere sticking plasters. The startling, and unprecedented, thing about this bug is that there is almost no way to defend against it. By going to the core of our computers, it renders the defences we have come to trust  passwords, anti-virus programmes, encryption useless. Follow all expert advice and you are still vulnerable. The only way to fully fix it would be a mass recall of almost every device on the planet.

The microchip companies that sacrificed security for speed are rightly suffering from this outbreak. But the lesson to take is this: The things we store on our computers, that we photograph on our phones or that we send to others, are all potentially compromised. No matter how much we keep up our guard, a digital paper trail exists somewhere, and it can be located with the right tools. It is a trade-off we may be willing to accept for all the benefits that digital technology brings us, but this latest security scare is a wake-up call. It should reset our understanding of what is safe, and more crucially, what is not.



Microsoft introduces a free new tool to get another edge in the cloud war with Amazon

·         Microsoft Azure Migrate is a free tool, launching Nov. 27th, that will make it easy for VMware customers to bring their applications to the cloud.

·         It'll help boost Microsoft's big advantage versus Amazon in the cloud war: Microsoft's wealth of experience selling to even the largest businesses.


On Tuesday, Microsoft is expected to unveil Azure Migrate — a free tool to make it easy for customers to bring their existing applications and data from their own servers up into the Microsoft Azure supercomputing cloud. 

At its November 27th launch, Azure Migrate will support shunting up VMware-based applications. VMware is very popular in the Fortune 500 and beyond, giving Azure Migrate a broad audience right off the bat. And it fits well with Microsoft's big cloud edge, which is that it has so much experience selling into even the largest businesses.

The Microsoft Azure cloud, like its key rival at Amazon Web Services, gives customers access to fundamentally unlimited supercomputing power on a pay-as-you-go basis. Large and small companies alike are drawn to these so-called "public clouds" for the cost-savings and performance improvements they often bring.

There are other cloud migration tools on the market, including from startups like Racemi and Cloudreach. However, Microsoft's Corey Sanders, head of product for Azure Compute, tells Business Insider that where other solutions bring over one server at a time, Azure Migrate brings over a whole bunch at once.

That's clutch, says Sanders, because modern applications are a hodgepodge of different servers, running different pieces of the application all at once.

"There are no applications that consist of a single server," says Sanders. 

Once the data is actually moved over, Sanders says that Microsoft provides tools for "rightsizing," or precisely managing your usage of the Microsoft Azure cloud. With proper rightsizing, says Sanders, some customers are saving 84% versus the costs of keeping their VMware infrastructure running in their data center.

And if a customer isn't ready to fully use the Azure cloud, Microsoft is also unveiling a service where, essentially, Microsoft will run their VMware infrastructure in its own data centers. It's not formally a part of the Azure cloud, meaning you lose out on some of the scalability. But it means the customer doesn't have to keep data centers.

For Microsoft, the strategic imperative behind Azure Migrate is multifaceted. First, there's the obvious: Making it easy for companies to go up to the Azure cloud could result in more companies using the Azure cloud. Notably, VMware itself wasn't consulted to build this tool, says Sanders, meaning this isn't an official partnership.

The other thing, though, is that Microsoft is a big fan of the so-called "hybrid cloud," whereby companies keep some of their software and data in Azure, and some of their software and data in their own servers. Sanders points out that Azure Migrate lets companies bring over some, but not necessarily all, of their software — meaning that, down the line and at their own pace, they could adopt that hybrid cloud model.

As for the future, Sanders says that Azure Migrate won't necessarily stay a VMware-specific tool, and that the company is listening to customer demand. The overall goal, says Sanders, is to make sure that Azure stays as business-friendly as possible.

"Azure is the choice for enterprises," says Sanders.