company-data-protection:-berners-lee-and-inrupt-bring-enterprise-solid-server

Company data protection: Berners-Lee and Inrupt bring Enterprise Solid Server

The Inrupt team around the web inventor Tim Berners-Lee has published an Enterprise Solid Server. This ESS is the existing Solid platform, but it is tailored to corporate use. The aim of the platform is to give users back control of their data and for this purpose chooses a technical and not a regulatory approach PODs: Each Personal Online Data Store stores the user information and can be used to grant read and write rights for the desired services and applications. Data does not flow into separate silos in which the user would lose track of them.

Functions especially for companies At the start of the project in the year 2018, server software was already available, but the ESS adds further security functions such as OIDC / OAuth authentication and E2E TLS encryption added. It also offers monitoring and data backup tools and offers 24 / 7 support. Interested companies can find more information on inrupt.com.

The ESS was created together with the first professional users, including the BBC and Bank NatWest, the National Health System of Great Britain (NHS) and the Government of Flanders. While Inrupt announced these pilot projects in the second half of the year, the team has been working on the corporate use of their platform for two years.

Although companies provide details on the ESS If you have to make an abrupt request, you can try out the server software and the PODs yourself: the former is available as open source software on GitHub, and a personal online data store can also be provided on your own system or obtained free of charge from a provider. (fo)

bitdefender-is-struggling-with-serious-security-problems

Bitdefender is struggling with serious security problems

A computer science student immediately discovered 10 errors in the memory management of Bitdefender’s antivirus software. Most of them should be easy to use to inject and execute your own code. It then runs with the rights of the anti-virus software on the Windows computer concerned – i.e. with SYSTEM rights and without sandbox. In plain language: If you take advantage of these loopholes, you can get a system completely under your control with little effort.

Computer science student David L. has Bitdefender’s code analyzed for unpacking UPX-compressed files and found critical errors in almost every step. All of the bugs are not really hard to find gaps, but rather bread and butter gaps for security researchers, as can be easily found with fuzzing, for example. Almost half caused the lack of the important length check in memory operations. Tavis Ormandy, who himself has already uncovered several such gaps in AV software, promptly commented that it was “irresponsible to deliver code in this way” The finds once again confirm the fact that heise Security has already 2007 in antivirus software as a gateway that actually whenever a security researcher “knocks on anti-virus software”, critical security gaps tumble out below. That illustrated researcher 2014 again and it doesn’t seem to have fundamentally changed. Antivirus software is a potential security problem. This is all the more true the further one moves away from the mainstream – i.e. Windows Defender AV. At least Ormandy and others have already shaken it up violently and should not have such easy to find and trivial exploitable gaps.

The basic problem is that AV software has to analyze and unpack countless file formats. In many cases, the code of simple tools, such as an open source unpacker, is simply used; David L. was able to trace many of the loopholes he discovered back to the original UPX tools. But they were not written for the highest security requirements. Who, as an administrator on a productive system, will unpack a Trojan on the command line?

But that is exactly what antivirus software does: not on the command line, but automatically in the background, it unpacks every suspicious data record that passes her. With system rights! And in the case of Bitdefender, without additional shielding, such as a sandbox. An attacker only has to push his exploit code roughly in the direction of his victim – the rest happens almost automatically.

Safe after several attempts No glory either: Bitdefender often required several attempts to properly close the reported security holes. In one case, it didn’t work until the fourth patch. After all, these holes in Bitdefender have all been fixed since the beginning of November. It’ll start all over again when someone performs the next analysis function for an obscure file format.

(ju)

honor-10x-lite:-new-mid-range-cell-phone-for-230-euros

Honor 10X Lite: New mid-range cell phone for 230 euros

Huawei sells a new Honor cell phone in Germany: The Honor 10 X Lite is a mid-range cell phone with a Price of 230 euros. It is equipped with a quad camera on the back and has a 6, 67 inch screen with a resolution of 1080 x 2400 pixels. In addition to the display, the battery with its capacity of 5000 mAh is also quite large. The new Honor smartphone is powered by a Kirin 710 A with eight cores. Huawei also installs 4 GB of RAM.

The internal flash memory of the Honor 10 X Lite measures 128 GByte and can be expanded using a microSD card. The main camera on the back takes photos with therefore both rem rem rem organized here, there is an ultra-wide angle camera with 8 megapixels and a macro camera and a depth sensor with two megapixels each . The Honor 10 X Lite comes onto the market without a licensed Android due to the US sanctions against Huawei. Instead, the Honor OS is based on the open source version of Android – Google services such as the Play Store are missing on it.

Honor is about to be sold The future of Honor is currently open: According to media reports, the Huawei brand is about to be sold. After the sale of its smartphone subsidiary, Huawei could concentrate on its own upper-class smartphones, reports the Reuters news agency.

Huawei is negotiating with a consortium led by the distributor Digital China and the government of the Shenzhen Special Economic Zone a possible Honor sale. The tech company is hoping for a sum of 100 billion yuan (12, 8 billion euros), reports Reuters.

The US government has cut off important resources for the Chinese manufacturer, which, among other things, affects the production of smartphones. Even the production of its own Kirin chips is made more difficult because the contract manufacturer TSMC is no longer allowed to produce for Huawei.

(dahe)

4x-xe-lp-migrate-to-the-server-for-game-streaming

4x Xe-LP migrate to the server for game streaming

As expected, Intel has to make an announcement in the server area shortly before the end of the year. However, this is not the new Xeon generation based on Ice Lake, but an Intel server GPU. This has also been announced in the recent past, because like the integrated graphics unit of the Tiger Lake processors and the dedicated Iris-Xe-Max-GPU, it is based on the Xe-LP architecture.

With the initially meaningless server GPU, Intel is targeting the market for video and game streaming on the Internet. High growth rates are expected in this area in the coming years and in addition to Google Stadia, NVIDIA, Sony and Microsoft have also started corresponding services.

The server GPU now presented goes by the name of H3C XG 310. It is actually not a GPU, instead there are three Xe-LP GPUs on the PCI Express card. In addition to the hardware, Intel offers the associated software ecosystem, which consists of the necessary drivers, APIs and developer tools. Intel relies on a mixture of open source and licensed software.

For rendering, the focus is initially on services that offer Android games in the cloud. The games are rendered on the execution units of the GPU via Android in Container (AIC). An interface called Intel Cloud Rendering (ICR) receives the inputs of the Game Service Streamer – the rendered frames of the AIC are brought together and an audio and video stream is created from this, which is then delivered via the Game Service Stream.

On the video stream side, the GPUs or the server GPU support AVC, HEVC, MPEG2, VP9 (encode and decode) and AV1 (decode) as expansion cards. Intel can also offer a corresponding FFMPEG package with corresponding hardware acceleration for Xeon processors and the server GPU.

While the Iris-Xe-Max-GPU with 4 GB LPDDR4 on a 128 Bit wide memory interface, the Xe-GPU offers the server GPU an 8 GB LPDDR4 memory. Four of these GPUs are located on the XG 310 from H3C, which is a 3/4 Length – Full Height PCI-Express card that supports PCIe 3.0 and 16 Lanes is connected. The card or GPU is cooled passively and via the air flow from the server. The additional power supply is provided via an 8-pin connector. Four of these cards can be used per server / Xeon processor.

In a demo, Intel showed an Android RPG or the streaming of the same 60 Instances each with 30 FPS. Initially, only one XG 310 with four GPUs is used. With two XG 310 cards 120 instances / streams can be executed. Depending on the game and server configuration, 100 to 160 users can work on one server with a Xeon processor and two servers at the same time -GPUs play. This is of course particularly interesting for the operators of cloud streaming services.

One of the first customers for Intel’s server GPU is Tencent in China.

Another outlook on the Xe roadmap

Intel also gave another outlook on the Xe roadmap. The Xe-LP architecture is already used in the integrated and dedicated GPUs for notebooks. The server GPU is now the third area in which it is used.

In the coming year, the next generation of dedicated graphics solutions is expected with the Xe-HPG architecture, aimed at gamers and desktop systems. Intel has already announced that the first samples of this GPU will work in the laboratory. Xe-HP is the data center variant that is already delivered to partners in the form of samples. We are still working on Ponte Vecchio based on the Xe-HPC architecture, but we have already received the first revision of all chip sets for Ponte Vecchio from production.