Posts

HTML5 is done, but two groups still wrestle over Web’s future

The following blog is an excerpt from the Cnet.com article ‘HTML5 is done, but two groups still wrestle over Web’s future’ by   

The World Wide Web Consortium finishes an update to this seminal Internet technology, but with two organizations in charge of the same Web standard, charting the Web’s future is a mess.

After a nearly 15-year gap, the World Wide Web Consortium said Tuesday it’s done standardizing the new version 5 of HTML, one of the two fundamental technologies that makes the Web work.

But while HTML5 is finished, a tug-of-war over how to set such standards — and therefore how to chart the future of the Web — is far from over. That’s because a second organization, the Web Hypertext Applications Technology Working Group, is also in charge of HTML, and a rift between the two appears to be widening instead of closing.

The tension between the W3C and the WHATWG has been present for years, but it’s got new consequences now: anything that slows the improvement of the Web means programmers are more likely to devote their energies to writing apps for smartphones and tablets running on Apple’s iOS and Google’s Android operating systems instead of HTML5. When making their mobile operating systems, Google and Apple aren’t held back by the slower consensus-building processes used to make industry standards like HTML appeal to the broadest range of parties.

The Web isn’t dying, but slow development lets the world of mobile apps claim the initiative. The Web’s accomplishments — a computing system bigger than any one company working on it, and one with an impressive reach across the computing industry — diminish as its shortcomings rise to prominence.

In the meantime, the Web world must adjust to the differences between the two camps. The W3C, with a broader range of participants, uses a formally structured, deliberate, drawn-out process in which a series of drafts gradually become final standards released relatively infrequently. The WHATWG, born of browser makers’ cooperation when the W3C spurned their desire to improve HTML, produces a “living document” that’s continuously updated with the latest features and bug fixes. Where the W3C’s standard is fixed and stable, the WHATWG’s is fluid.

“It’s absolutely right that those different interest groups slug it out,” said Bruce Lawson, co-author of a book on HTML5 and an open standards advocate with browser maker Opera Software. “The Web is the biggest platform we’ve ever had. Therefore, it has more constituencies and competing interests than we’ve ever seen.”

W3C: The Web will win

W3C Chief Executive Jeff Jaffe acknowledges that the mobile app world is attracting a lot of developer interest. But in his view, the Web will prevail in the long run because it can span so many devices.

“There’s plenty of time for us to catch up,” Jaffe said. “The power and promise of interoperability across platforms is extraordinarily powerful. The mobile app was just the for the phone, but now it’s not. It’s going to be the e-book reader, the automobile, the TV. And all the sudden, the promise of interoperability is going to become even more important than when it was just the phone.”

To that end, Jaffe posted a blog earlier this month on application foundations. It calls for improvements in eight areas to make Web technologies more competitive with Android and iOS when it’s time for developers to write apps.

“What I’m trying to do is change the culture of the Web community to also think about what the developers need,” Jaffe said — not just nuts and bolts but functions like security, payments and tools that work even if a device isn’t connected to the Net.

Redmonk analyst Stephen O’Grady, who follows programmer issues, agrees that life is too hard for Web developers. “Native development” — writing apps for a specific operating system rather than for a Web browser on all operating systems — “is much more straightforward.”

Jaffe hopes to tackle these future standards issues this week in Santa Clara, Calif., at the W3C’s annual Technical Plenary Advisory Committee (TPAC) conference. Alex Russell — a Google employee who’s trying to improve the W3C through work on its Technical Architecture Group (TAG) — said TPAC also is a place to wrestle with the conflict around the best way to make standards.

“I think anyone trying to understand how screwed up this situation is really should come to W3C’s TPAC,” Russell said. “All of the agitators…will be there.”

HTML5 and W3C’s patent protections

For the W3C, the release of the final version of HTML5 — a step formally called a “recommendation” — is immensely significant. The nonprofit group was founded precisely to do such work, but the last version it released — HTML 4.01 — came in December 1999. The biggest change for average users of the Web, far and away, is video that becomes as ordinary as text and still images were before. That helps free the Web from browser plugins like Adobe Systems’ Flash Player that extend browser abilities but which also open them to new security and performance risks.

 

Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City, Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City, Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City, Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City

 

Russian hackers tap Windows flaw to hit NATO, Ukraine

From the Cnet.com Article by Charlie Osborne

Security firm iSight says the “Sandworm” team has targeted NATO, the European Union, Ukraine and industry through a previously unrecognized Windows zero-day exploit.

Russian hackers have exploited a bug in Microsoft’s Windows operating system in order to target computers used by NATO, the European Union, Ukraine and the telecommunications and energy sectors, according to security firm iSight.

In a blog post Tuesday, Dallas-based iSight, in collaboration with Microsoft, said the zero-day vulnerability impacts all supported versions of Microsoft Windows and Windows Server 2008 and 2012. The software giant is readying a patch for the CVE-2014-4114 vulnerability, used for the “Sandworm” cyberattack.

The automatic fix will be part of today’s Patch Tuesday release.

The exploit has been used as part of a five-year cyberespionage campaign, according to iSight. The hackers, dubbed the “Sandworm team” — based on coded references to the science fiction series ‘Dune” — have been monitored by iSight from late 2013 to the present day, although the campaign appears to have been in action since 2009. Spear phishing with malicious files attached is one of the favored methods of infiltrating computer systems, and other exploit methods include the use of BlackEnergy crimeware, as well as Microsoft’s Windows zero-day flaw.

The Windows CVE-2014-4114 vulnerability has been in use since August last year, mainly through weaponized PowerPoint documents.

iSight says that the team previously launched campaigns targeting the US and EU intelligence communities, military establishments, news organizations and defense contractors — as well as jihadists and rebels in Chechnya. However, focus has turned towards the Ukrainian conflict with Russia, energy industries and political issues concerning Russia based on evidence gleaned from phishing emails.

The cybersecurity experts do not know what data has been lifted throughout the Sandworm campaign, however, “the use of this zero-day vulnerability virtually guarantees that all of those entities targeted fell victim to some degree.”

The security team notified government agencies and private sector companies that have been targeted, and began working with Microsoft to patch the zero-day vulnerability, which allows the remote execution of arbitrary code. iSight says:

Although the vulnerability impacts all versions of Microsoft Windows — having the potential to impact an enormous user population — from our tracking it appears that its existence was little known and the exploitation was reserved to the Sandworm team.

By disclosing the security flaw on the eve of Patch Tuesday, iSight believes that the possibility of other hacking teams exploiting the zero-day vulnerability has been minimized.

 

 

Cell Phone Repair Kansas City, Cell Phone Repair Kansas City, Cell Phone Repair Kansas City, Cell Phone Repair Kansas City, Iphone Repair Kansas City, Iphone Repair Kansas City, Iphone Repair Kansas City, Iphone Repair Kansas City, Cell Phone Repair Overland Park, Cell Phone Repair Overland Park, Cell Phone Repair Overland Park, Cell Phone Repair Overland Park, Iphone Repair Overland Park, Iphone Repair Overland Park, Iphone Repair Overland Park, Iphone Repair Overland Park

 

iOS Scores As Most Secure Mobile OS in Spyware Report

From Cnet.com’s Lanc Whitney (@lancewhit)

Apple’s iOS has emerged as the most spyware-proof mobile operating system in a test conducted by a surveillance software and hardware vendor.

Detailed in a leaked document apparently from the Gamma Group, a piece of its spyware called FinSpy was used to determine whether various mobile platforms could withstand snooping attempts on phone calls, contacts, and other data. In the document seen by the Washington Post and noted by Cult of Mac, FinSpy is “designed to help Law Enforcement and Intelligence Agencies to remotely monitor mobile phones and tablet devices.”

FinSpy can gain full access to phone calls, text messages, the address book, and even the microphone via silent phone calls. It can also trace a device to determine its location. Used by law enforcement and government agencies, FinSpy has earned a reputation for itself as a powerful but controversial tool for sneaking into mobile devices. That’s why iOS’s ranking in the Gamma Group’s document from April is a nod to Apple security.

Among the major mobile platforms cited in a chart in the document, all of them were susceptible to FinSpy. The spyware was able to bully its way into andorid (all versions from 2.x.x to 4.4.x), BlackBerry (versions 5.x, 6.x., and 7.x), Symbian, and Windows Mobile 6.1 and 6.5 (Windows Phone 8 is not yet supported by the software).

And what of iOS? Apple’s mobile OS did make the list but only in jailbroken mode. According to the Gamma team, iOS versions 4.3.x, 5.x, 6.x, and 7.0.x are vulnerable to FinSpy but an untethered jailbreak is required. As the document explains: “The iOS target (meaning the FinSpy software itself) can be installed only under iOS jailbroken devices.”

Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City,

CTP Locker

CTP-LOCKER: The Hits Keep Coming

Yet another Ransomware virus is out called CTP-Locker. Sold on the Deep Web as a turnkey business available for purchase for a paltry $3000 USD. CTP works like other Ransomware it encrypts all of your data on both internal and external hard drives including mapped network drives. Unlike the crypto family of virus/malware that “deletes” the key after its 72 hour timer expires, CTP instead doubles the ransom as to punish its victims for not paying immediately. As of this article, the recommended cost to decrypt data is .5 bitcoins or $320USD.

Currently CTP is only impacting the world of Windows but Android may be next on the target list as we have seen previous Ransomware make its way to handheld devices. It would seem that this is only the beginning of Android user community’s headaches.

Unfortunately CTP-Locker is very new and there aren’t a lot of reports on how it spreads and from what analysts can tell there isn’t just one way it does attack your PC so user beware. As we have said in previous posts always have a backup of your data and NEVER PAY THE RANSOM!

For more in-depth information about CTP is available HERE

 

Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City,

 

 

Windows 8 Refresh

Windows 8 Refresh = Bad, Windows System Restore = Good

So your computer is running a bit sluggish or you started getting errors after an update but you don’t know what to do…  When it comes to troubleshooting your computer problems don’t get yourself in to unfamiliar territory and don’t panic. First and foremost, Do not use Windows Refresh unless you intend to reinstall all of your applications and downloaded apps. First give a system Restore (not Recovery or Refresh, there’s a big difference between the three) a try to see if you can correct the bombed updates or underlying issues. Unless you are ready to start from Day 1, application and updates gone, avoid Refresh and Recovery options.

If after attempting a system restore and you’re still having issues give us here at Computer Medics of Kansas City a call and schedule an appointment.