Tag Archives: Encryption

Microsoft to auto encrypt all Windows 11 devices with BitLocker!

Microsoft is set to automatically encrypt all Windows 11 computers with BitLocker! Here is what you need to know!

 

Microsoft to auto encrypt all Windows 11 devices with BitLocker!

Microsoft is set to automatically encrypt all computers with BitLocker device encryption, in the next major update of Windows 11.

Microsoft began making BitLocker device encryption enabled by default on new PCs with the Windows 11 23H2 update. That will be expanded to include clean installs of Windows 11, and Microsoft is also reducing the hardware requirements for automatic device encryption.

Starting with Windows 11 24H2, BitLocker encryption will be open to PCs running the Home edition, and it will no longer require features like Hardware Security Test Interface (HSTI), or Modern Standby. BitLocker encryption will also be enabled even if untrusted direct memory access (DMA) buses / interfaces are detected.

In short – if you buy a new Windows 11 PC, which comes with version 24H2 installed, or you do a clean installation of Windows 11 version 24H2 when it is made available in late September 2024 (or so), device encryption will be enabled by default.

Recommended : Microsoft / CrowdStrike: Who is responsible for global IT outage?

Automatic BitLocker encryption in Windows 11 : Good or bad?

BitLocker isn’t a new feature – Microsoft introduced it in Windows Vista in 2004. But like Windows Vista, it was rather terrible at that time – slow and buggy, and could only encrypt the system partition.

But it has come a long way since then, and now, many people choose to use BitLocker to securely protect their data. Encrypting a drive, or drive partition, with BitLocker ensures that even if someone steals the drive, they cannot access the encrypted data.

That said, encrypting data using BitLocker has some computational cost, which can be significant for older PCs. Newer processors support hardware acceleration for the AES algorithm that BitLocker uses, so any performance deterioration is greatly reduced.

While Tom’s Hardware says BitLocker can reduce SSD performance by up to 45% for certain workloads, but that is frankly not a big concern for most users, who cannot “feel” the difference on SSDs that are already super fast these days.

After all, Android and iOS smartphones and tablets have long implemented device encryption using slower processors and slower eMMC / UFS flash storage, and no one complained, right? Unless you are comparing an encrypted device with one that isn’t, you can’t tell the difference.

The biggest concern is, arguably, the danger of losing all of your data if you get locked out (by a Windows 11 bug, for example), and lose your BitLocker recovery key.

Recommended : Will Microsoft Disable Your Computer If You Share Fake News?!

Windows saves the BitLocker recovery key in your Microsoft account, so you can retrieve it if you ever get locked out for any reason. That solves the problem for people who sign up for, or log into, their Microsoft account when they setup a new Windows 11 PC.

However, those who choose to use a local account will have to either print the recovery key, or save it to a USB drive, which could get lost. That could explain why Microsoft is so adamant about getting people to register for, and sign into, a Microsoft account when you setup a new Windows 11 PC.

Of course, you can always prevent the loss of important data even in that rare circumstance, by regularly backing up your data. That’s good practice even if you prefer to leave your computer unencrypted.

But here’s the good news for those who insist on not encrypting their computers – you can avoid automatic BitLocker device encryption by using a local account. When you set up Windows 11 to use a local account for the first time, you will be asked to log into a Microsoft account to encrypt the machine. If you skip that, your Windows 11 computer will remain unencrypted.

Techies can also disrupt the automatic device encryption during the Windows 11 installation wizard by using the Command Prompt (Shift + F10) and using the Registry to change the BitLocker “PreventDeviceEncryption” key to 1.

Of course, even after your machine is encrypted, you can also manually disable BitLocker device encryption in Settings under Privacy & Security -> Device encryption.

But if you ask me – it’s time to get on with the rest of the world, and encrypt your Windows 11 systems. There is really no reason to leave your data unencrypted, even if you have “nothing to hide”.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Software | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

IBM To Fuel AI Digital Transformation In Malaysia!

IBM is offering IT infrastructure with a new level of security and reliability to fuel Malaysia’s AI digital transformation!

 

AI Digital Transformation In Malaysia Needs Better IT Infra!

Malaysia is at a pivotal point in its digital journey, with businesses future-proofing their organisations by leveraging AI and automation.

The digital economy is now a cornerstone of Malaysia’s economy, contributing 23.2% of the nation’s gross domestic product in 2021. The Malaysia Minister of Communications and Digital, Fahmi Fadzil, anticipates that this will increase to 25.5% by 2025, with a value of RM382 billion. The National Tech Association of Malaysia is even more optimistic, and believes that the digital economy will hit that economic contribution much earlier.

The increased urgency in adopting cutting-edge technologies like AI is driving demand for better IT infrastructure. Better not just in terms of performance and availability, but also security and reliability.

An IDC report forecasted that AI spending in the Asia Pacific region alone will skyrocket to US$78 billion by 2027. And these AI investments are predominantly being funnelled into infrastructure provisioning. That’s because ultimately, digital transformation in any nation is reliant on its IT infrastructure.

Recommended : IBM Expands Power10 Server Line With New Models!

 

IBM To Fuel AI Digital Transformation In Malaysia!

There is no one-size-fits-all approach to AI infrastructure. Organisations must provision the right infrastructure for the AI task at hand.

They have to not only look at the size and scale of the AI models and tasks, they also have to consider security and privacy issues, as well as regulatory compliance. A resilient infrastructure by design is also critical, with AI workloads becoming essential backbones to mission critical applications and workloads.

To that end, IBM Power Systems offer a secure and reliable platform for enterprises to perform inference, and run AI algorithms on their most sensitive data and transactions.

IBM Power Systems run on the Power10 core, which is designed for AI acceleration. Each Power10 core on the IBM Power S1022 can process up to 42% more batch queries per second than a comparable x86 server with a peak load of 40 concurrent users, while running large language AI models.

IBM Power10 systems also offers enterprise out-0f-the-box low-latency transactional capabilities and throughput, resiliency, continuous availability (99.999%) and concurrent replace and repair.

The IBM Power10 is also designed for greater efficiency. The Power E1080, for example, offers 3X the capacity with 52% lower power consumption for the same workload, compared to the Power E880C. It also offers 33% lower power consumption than the Power E980 for the same workload.

IBM claims that, in general, Power10 systems offer 6X more throughput per container cluster, and 40% to 50% lower cost than comparable x86 solutions.

On top of that, the IBM Power Systems are built to be secure by design, with a fully-integrated secured stack from processor chip to operating system, offering quantum-safe encryption and fully homomorphic encryption (FHE).

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

[/su_note]

 

Recommended Reading

Go Back To > Business | MoneyTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Free TNG RFID Bar Code Scam Fact Check!

Will your phone get hacked if you scan the TNG RFID bar code?! Take a look at the viral claim, and find out what the facts really are!

Updated @ 2023-11-17 : Added new version, and more details.
Originally posted @ 2023-05-10

 

Claim : Scanning TNG RFID Bar Code Can Hack Your Phone!

This warning about an RFID bar code scam has gone viral on WhatsApp, and social media, claiming that scammers are sending people free TNG RFID stickers, and asking them to scan the bar code.

Allegedly, scanning the TNG RFID bar code will cause your phone to be hacked by these scammers!

They send the RFID to you. When you scan the bar code they hack your hp
It’s a scam

他们将 RFID 发送给您。 当您扫描条形码时,他们会入侵您
这是一个骗局

Mereka menghantar RFID kepada anda. Apabila anda mengimbas kod bar mereka menggodam anda
Ia satu penipuan ☠️👻💩😱😰

If you get this free RFID card via courier, please throw away. Another scam.

Recommended : Bank Letter QR Code Scam : What You Need To Know!

 

Truth : Scanning TNG RFID Bar Code Will NOT Hack Your Phone!

This is yet another example of FAKE NEWS circulating on WhatsApp and social media, and here are the reasons why…

Fact #1 : TNG RFID Bar Code Cannot Hack Your Phone

First of all – let me just say that the TNG RFID bar code cannot hack your phone. In fact, no one can hack your phone just because you scan an RFID bar code.

The bar code is nothing more than a series of numbers, which you can readily see printed under the bar code. These numbers cannot possibly hack your phone / smartphone.

Fact #2 : TNG Bar Code Is Used To Register RFID Sticker

The bar code visible in the clear window of the TNG RFID self-fitment kit is merely the serial number for the RFID sticker (also known as an RFID tag).

This serial number is used to register the RFID sticker, by scanning scan the bar code using the TNG eWallet mobile app. All it does is link the RFID sticker to your TNG eWallet account, so that all toll charges are automatically deducted from that account.

Fact #3 : TNG RFID Swapping Can Be Easily Detected

One of our readers suggested that the scammer might have swapped out the bar code, to trick you into registering a different TNG RFID sticker owned by the scammer.

This would allow the scammer to use his/her TNG RFID sticker to go through highway tolls for free, while you would be charged for his/her travels.

While that is plausible, it would be quickly detected by the victim who would not be able to use the RFID sticker to get through the toll. The victim would also be able to detect the illegal charges to his/her TNG eWallet account.

Read more : TNG RFID Self-Fitment Guide : How To Do It Yourself

Fact #4 : TNG RFID Is Unique To Each Chip

One of our readers suggested that the scammer may be trying to trick people into scanning the barcode of a duplicated RFID sticker. The scammer can then use the duplicate RFID sticker to go through tolls, which would be charged to the victims’ TNG eWallet accounts.

Now, Touch ‘n Go has not revealed much about how it is protecting its RFID stickers, only saying that each TNG RFID sticker has an embedded radio-frequency chip that makes every sticker “unique to each customer”.

But that suggests that the RFID stickers are not only encrypted, the chip has a private key that prevents duplication, which makes a lot of sense. Without such encryption and private key, anyone can literally just read the number off any RFID sticker in a parking lot, and duplicate it in a programmable RFID sticker.

Unless the scammer has somehow stolen the private keys, and can perfectly duplicate the RFID stickers, this seems like an improbable scam. More so when the scammers would be limited to using the tolls for free. Hardly worth the effort, if you ask me.

Fact #5 : There Are Easier + Cheaper Ways To Hack Your Phone

Truth be told – there are far easier and cheaper ways to hack your phone, than send you a free RFID sticker and ask you to scan the bar code.

These scammers will have to put in considerable expense and technical expertise into hacking the TNG eWallet app, and inserting their malware that the fake RFID number would trigger.

But why bother? If they can hack the TNG eWallet, they don’t even need to send you any fake RFID bar code to scan!

Making fake RFID stickers (tags) that look like genuine TNG RFID self-fitment kits costs money. Sending these fake kits also put them at risk, because deliveries can be traced.

There are many other ways to compromise your smartphone. There is simply no reason why scammers to waste time and money on such a convoluted scheme.

Recommended : WhatsApp Block Button Scam : What You Need To Know!

Fact #6 : Packages Do Get Delivered Wrongly

The most plausible explanation for receiving a free TNG RFID sticker out of the blue is that it was wrongly delivered to you. If you receive one, check the name and address on the package. It may not be meant for you. In that case, contact the delivery company and have them resend it to the right person.

I have also personally experienced receiving packages that I did not order, some of which appear to be sent due to a database error of some sort – my name and phone number are on the package, but the address was wrong or non-existent.

Out of an abundance of caution, just don’t install any RFID sticker that you did not order. Or you can call up TNG to verify that the RFID sticker is legitimate.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Fact Check : New WhatsApp Cyber Crime Rules?!

Did WhatsApp just implement new cyber crime rules to help the government monitor and record your calls and messages?! Find out what the facts really are!

Updated @ 2023-10-08 : Updated after message went viral again.
Originally posted @ 2023-07-03

 

Claim : WhatsApp Has New Cyber Crime Rules!

People are sharing this warning about WhatsApp implementing new cyber crime rules, to help the government monitor and record all calls and messages!

Tʜᴇ ɴᴇᴡ ᴄᴏᴍᴍᴜɴɪᴄᴀᴛɪᴏɴ ʀᴜʟᴇs ғᴏʀ WʜᴀᴛsAᴘᴘ ᴀɴᴅ WʜᴀᴛsAᴘᴘ Cᴀʟʟs (Vᴏɪᴄᴇ ᴀɴᴅ Vɪᴅᴇᴏ Cᴀʟʟs) ᴡɪʟʟ ʙᴇ ɪᴍᴘʟᴇᴍᴇɴᴛᴇᴅ ғʀᴏᴍ ᴛᴏᴍᴏʀʀᴏᴡ: –

Recommended : How To Block Facebook Ads + Pay Scammers!

 

Truth : WhatsApp Does Not Have New Cyber Crime Rules!

And here is why this is nothing more than yet another Internet hoax :

Fact #1 : Only China Can Do This

The only country that has accomplished most of what was shared above is China, but it took them decades to erect the Great Firewall of China.

It’s not just the massive infrastructure that needs to be created, it also requires legislation to be enacted, and considerable manpower and resources to maintain such a system.

That’s why China is leaning heavily on AI and cloud computing capabilities to automatically and quickly censor information it deems “sensitive”.

However, no other country has come close to spending the money and resources on a similar scale, although Russia, Cuba, Vietnam, Zimbabwe and Belarus have imported some surveillance technology from China.

Fact #2 : WhatsApp, Instagram + Facebook Messenger Have End-to-End Encryption

All three Facebook-owned apps now run on the same common platform, which provides end-to-end encryption.

End-to-end encryption protects messages as they travel through the Internet, and specifically prevents anyone (bad guys or your friendly government censor) from snooping into your conversations.

That is also why all three apps are banned in China…

Recommended : Can SIM swap attack empty bank account without warning?!

Fact #3 : Governments Generally Have No Control Over Those Apps

Outside of authoritarian countries like China and Russia, governments generally have little to no control over social media and instant messaging apps. Even then, their control is generally limited to banning access if they don’t get their way.

The ability to keep conversations and messages safe and private is key to the success of instant messaging apps, in particular. So WhatsApp, Telegram and Signal would never allow governments access to user messages or voice calls, never mind record and monitor them for governments!

In fact, by implementing end-to-end encryption, these companies themselves do not have access to your messages and calls.

Fact #4 : WhatsApp Does Not Have Three Check Marks!

WhatsApp messages only have two ticks / check marks to notify users about the status of their messages:

: The message was successfully sent.
: The message was successfully delivered to the recipient’s phone or any of their linked devices.
: The recipient has read your message.

There is no third check mark, as claimed by the viral message.

Fact #5 : Governments Won’t Tip You About Investigations

It is illogical for WhatsApp to inform you when the government is checking your information, or when it has started proceedings against you.

In fact, it doesn’t make sense for any government to inform you by instant messaging check marks! If the government is charging you with a crime, it will send police officers, not check marks on WhatsApp!

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > InternetFact Check | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Is WhatsApp Forcing Us To Share Data With Facebook In February 2021?

Many websites are claiming that WhatsApp is forcing us to share our data with Facebook in February 2021.

Find out what’s going on, and what the FACTS really are!

 

WhatsApp Sharing Data With Facebook : What’s Going On?

We wrote about this earlier, but it looks like many websites (including very influential ones) are still peddling the claim that WhatsApp is going to force us to share data with Facebook in February 2021.

It all started with this pop-up alert that started appearing on WhatsApp a few days ago, alerting us to a change in its terms and privacy policy.

You must accept this new privacy policy to continue using WhatsApp from 8 February 2021 onwards. Otherwise, the alert subtly suggests, you should “delete your account”.

Since then, numerous articles have been written about how this new privacy policy is forcing us to share our WhatsApp data with Facebook.

This has led to many people switching to alternatives like Telegram and Signal, in fear that the new privacy policy would allow Facebook to access and read all of their WhatsApp messages.

 

No, WhatsApp Is Not Forcing You To Share Data With Facebook

As we shared earlier, NO, the new WhatsApp privacy policy does not force you to share data with Facebook, because…

Fact #1 : It Has Been A Requirement Since September 2016!

It is perplexing why so many websites claim that this new privacy policy forces us to let WhatsApp share data with Facebook. After all, this has been a requirement since September 2016!

Back in August 2016, WhatsApp announced that they would start sharing data with Facebook. At that time, they gave existing users 30 days to opt-out.

This was a one-time offer that has never been repeated. Since then, every new and current user MUST agree to let WhatsApp share data with Facebook.

Fact #2 : WhatsApp Will Still Honour The Opt-Out

If you are a WhatsApp veteran who opted out of data sharing in August 2016, WhatsApp will still honour that opt-out.

You can safely agree to the new privacy policy – your data opt-out will remain active.

Fact #3 : WhatsApp Will Share MORE Information With Facebook

The new WhatsApp privacy policy is mainly focused on enabling Businesses on WhatsApp.

So while they DO NOT need your permission to continue sharing data with Facebook, they still need your permission to SHARE MORE data with Facebook.

This is the list of additional data that we must agree to let WhatsApp share with Facebook :

  • Status Information. You may provide us your status if you choose to include one on your account. Learn how to use status on Android, iPhone, or KaiOS.
  • Transactions And Payments Data. If you use our payments services, or use our Services meant for purchases or other financial transactions, we process additional information about you, including payment account and transaction information. Payment account and transaction information includes information needed to complete the transaction (for example, information about your payment method, shipping details and transaction amount). If you use our payments services available in your country or territory, our privacy practices are described in the applicable payments privacy policy.
  • Location Information. We collect and use precise location information from your device with your permission when you choose to use location-related features, like when you decide to share your location with your contacts or view locations nearby or locations others have shared with you. There are certain settings relating to location-related information which you can find in your device settings or the in-app settings, such as location sharing. Even if you do not use our location-related features, we use IP addresses and other information like phone number area codes to estimate your general location (e.g., city and country). We also use your location information for diagnostics and troubleshooting purposes.
  • User Reports. Just as you can report other users, other users or third parties may also choose to report to us your interactions and your messages with them or others on our Services; for example, to report possible violations of our Terms or policies. When a report is made, we collect information on both the reporting user and reported user.
  • Businesses On WhatsApp. Businesses you interact with using our Services may provide us with information about their interactions with you. We require each of these businesses to act in accordance with applicable law when providing any information to us.When you message with a business on WhatsApp, keep in mind that the content you share may be visible to several people in that business. In addition, some businesses might be working with third-party service providers (which may include Facebook) to help manage their communications with their customers. For example, a business may give such third-party service provider access to its communications to send, store, read, manage, or otherwise process them for the business. To understand how a business processes your information, including how it might share your information with third parties or Facebook, you should review that business’ privacy policy or contact the business directly.

Fact #4 : WhatsApp + Facebook Cannot Read Your Messages

WhatsApp finished implementing end-to-end encryption on 5 April 2016, about 4.5 months before instituting the requirement to share data with Facebook.

Since then, WhatsApp nor Facebook can no longer read your messages, as they are encrypted. Only the sender and receiver(s) can read them.

WhatsApp shares a considerable amount of data and metadata that Facebook can use to identify and track your movements and activities. But not the content of your messages.

Fact #5 : Telegram Is Less Secure!

For those who are fleeing to Telegram, you should note that Telegram does not encrypt messages (only Secret Chats).

In fact, all of your data – messages, photos, videos, documents – are stored in Telegram servers. Even though they are encrypted in storage, Telegram holds the encryption keys, NOT YOU.

In contrast, WhatsApp data is only stored in your devices. WhatsApp also does not retain messages in their servers after they are delivered, and will only store files (like photos and videos) and undelivered messages for 30 days.

WhatsApp will, however, store the time and date of the messages you send and receive.

Fact #6 : Signal Is The Most Secure Alternative

Those who want a more private and secure messenger should opt for Signal, instead of Telegram.

It offers end-to-end encryption using the open-source Signal protocol, the same protocol which WhatsApp uses in its own proprietary format.

On top of that, it offers a Sealed Sender feature which prevents everyone – including Signal – from knowing the sender and recipient of a message.

But best of all, Signal does not share your data with any third-party company. In fact, the only metadata it collects is your phone number, and even that is not linked to your identity.

That said, Signal lacks features found in WhatsApp and Telegram, so we cannot call it the best alternative, only the most secure alternative.

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

VMware vSphere 7 Now Supports AMD SEV-ES Encryption!

VMware just announced that vSphere 7 Update 1 will add support for AMD SEV-ES encryption!

Find out what this means for enterprise security, and the future of AMD EPYC processors!

 

AMD SEV-ES Encryption : What Is It?

SEV-ES, short for Secure Encrypted Virtualization-Encrypted State, is a hardware-accelerated encryption capability in AMD EPYC processors.

Leveraging both the AMD Secure Processor and the AES-128 encryption engine built into every AMD EPYC processor, SEV-ES encrypts all CPU register contents when a virtual machine stops running.

This prevents the leakage of information from the CPU registers to components like the hypervisor. It can even detect malicious modifications to a CPU register state.

 

VMware vSphere 7 Now Supports AMD SEV-ES Encryption!

VMware vSphere 7 Update 1 adds support for both AMD SEV-ES and AMD EPYC processors.

The AMD Secure Processor in the first-generation EPYC processors can handle up to 15 encryption keys.

That increases to more than 500 encryption keys with the second-generation EPYC processors.

ESXi has many layers of isolation within its virtualised infrastructure, but all of that is implemented in software. They still require a level of trust in the hardware, which is where AMD SEV-ES comes in.

A guest operating system that supports SEV can ask the AMD Secure Processor to issue it an encryption key, for full in-memory, in-hardware encryption.

SEV-ES extends that protection to CPU registers, so that the data inside the CPU itself is encrypted. This protects the data from being read or modified when the virtual machine stops running.

Even a compromised hypervisor that accesses the register data cannot make use of it, because it is now encrypted.

Needless to say, adding support for AMD SEV-ES in vSphere 7 will spur the uptake of AMD EPYC processors in the datacenter.

 

Recommended Reading

Go Back To > Enterprise IT | CybersecurityHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Google Cloud Confidential VM With 2nd Gen AMD EPYC!

Google recently introduced Confidential Computing, with Confidential VM as the first product, and it’s powered by 2nd Gen AMD EPYC!

Here’s an overview of Confidential Computing and Confidential VM, and how they leverage the 2nd Gen AMD EPYC processor!

 

Google Cloud Confidential Computing : What Is It?

Google Cloud encrypts customer data while it’s “at-rest” and “in-transit“. But that data must be decrypted because it can be processed.

Confidential Computing addresses that problem by encrypting data in-use – while it’s being processed. This ensures that data is kept encrypted while in memory and outside the CPU.

 

Google Cloud Confidential VM, Powered By 2nd Gen AMD EPYC

The first product that Google is unveiling under its Confidential Computing portfolio is Confidential VM, now in beta.

Confidential VM basically adds memory encryption to the existing suite of isolation and sandboxing techniques Google Cloud uses to keep their virtual machines secure and isolated.

This will help customers, especially those in regulated industries, to better protect sensitive data by further isolating their workloads in the cloud.

Google Cloud Confidential VM : Key Features

Powered By 2nd Gen AMD EPYC

Google Cloud Confidential VM runs on N2D series virtual machines powered by the 2nd Gen AMD EPYC processors.

It leverages the Secure Encrypted Virtualisation (SEV) feature in 2nd Gen AMD EPYC processors to keep VM memory encrypted with a dedicated per-VM instance key.

These keys are generated and managed by the AMD Secure Processor inside the EPYC processor, during VM creation and reside only inside the VM – making them inaccessible to Google, or any other virtual machines running on the host.

Your data will stay encrypted while it’s being used, indexed, queried, or trained on. Encryption keys are generated in hardware, per virtual machine and are not exportable.

Confidential VM Performance

Google Cloud worked together with the AMD Cloud Solution team to minimise the performance impact of memory encryption on workloads.

They added support for new OSS drivers (name and gvnic) to handle storage traffic and network traffic with higher throughput than older protocols, thus ensuring that Confidential VM will perform almost as fast as non-confidential VM.

Easy Transition

According to Google, transitioning to Confidential VM is easy – all Google Cloud Platform (GCP) workloads can readily run as a Confidential VM whenever you want to.

Available OS Images

In addition to the hardware-based inline memory encryption, Google built Confidential VM on top of Shielded VM, to harden your OS image and verify the integrity of your firmware, kernel binaries and drivers.

Google currently offers images of Ubuntu v18.094, Ubuntu 20.04, Container Optimized OS (COS v81), and RHEL 8.2.

They are currently working with CentOS, Debian and other distributors to offer additional OS images for Confidential VM.

 

Recommended Reading

Go Back To > Computer | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


FB Messenger, Instagram + WhatsApp Integration Clarified!

Since the story broke about the Facebook Messenger, Instagram and WhatsApp integration plan, the world exploded in a mixture of shock, apoplexy, and righteous indignation.

Take a DEEP BREATH and CALM DOWN. Let us tell you exactly what the FB Messenger + Instagram + WhatsApp integration plan is really about, and what it really means for Facebook and all of us…

 

The FB Messenger + Instagram + WhatsApp Integration Plan Clarified!

What Is Going On?

The New York Times broke the story on 25 January 2019, that Facebook CEO Mark Zuckerberg is working to integrate the messaging services that power Facebook Messenger, Instagram and WhatsApp.

Essentially, he wants all three platforms to use the same messaging platform or protocol to communicate.

Are The Three Apps Being Merged?

NO.

Some reports (looking at your, Forbes and BBC!) have claimed that WhatsApp is merging with Facebook Messenger and Instagram, or that WhatsApp and Instagram will be integrated with Facebook Messenger. That is NOT TRUE.

Facebook is not going to combine all three apps into a single mega-app – the one app to rule them all. WhatsApp, Instagram and Facebook Messenger will continue to be separate apps.

What Exactly Has Changed?

NOTHING at the moment. This FB Messenger + Instagram + WhatsApp integration project is scheduled to be completed by the end of 2019, or early 2020.

Until the new unified messaging protocol is complete and implemented in all three apps, nothing will change. At the moment, all three apps continue to use their existing messaging protocols.

What We Know About The Messenger + Instagram + WhatsApp Integration Plan So Far

Let’s enumerate what we know about the FB Messenger + Instagram + WhatsApp integration plan :

  1. All three apps will still function independently
  2. All three apps will use the same messaging protocol
  3. The new unified messaging protocol will support end-to-end encryption

Why Does Facebook Want To Do This?

Migrating all three apps to a unified messaging protocol or platform has some real advantages for Facebook :

  • far less work is needed to maintain a single platform or set of protocols, than three different platforms or sets of protocols
  • it will extend the reach of their three apps, helping to “encourage” users of one app to use the other two apps.
  • it will make it easier for them to harvest more information, to create more accurate user profiles.
  • it should make it easier to introduce or extend new features into all three apps, e.g. time-limited Stories.

Is This Good Or Bad For Users?

There are some potential advantages for users…

  • users of any one of those three apps will be able to communicate with each other, without installing the other apps.
  • users of any one of those three apps will be able to share data (photos, videos, files, etc.) with each other, without installing the other apps.
  • it will introduce end-to-end encryption to Instagram, which does not yet support it.
  • potentially, it could mean end-to-end encryption will be enabled by default for Facebook Messenger (which currently only supports end-to-end encryption if you turn on Secret Conversations).
  • it could promote greater accountability and transparency, with a reduction in fake accounts and profiles.

On the other hand, the tighter integration has some serious potential ramifications…

  • it will be harder to obfuscate or separate your profile in one app, from your profiles in the other two apps.
  • any bug or vulnerability in the unified messaging protocol will affect all three apps.
  • any successful attack will cause far greater damage, with far more data lost or stolen.
  • it does not address serious privacy concerns – even if end-to-end encryption is enabled by default for all three apps in the new unified messaging protocol, the metadata isn’t.
  • it may make it more difficult for users to consider alternative apps or services.
  • abusing one app (intentional or otherwise) could get you banned or blocked on all three apps.

How Serious Are These Concerns?

The New York Times reported that Mark Zuckerberg’s “championing” of the FB Messenger + Instagram + WhatsApp integration plan led to “internal strife” over privacy concerns. How bad?

Apparently, it led to the founders of both Instagram (Kevin System and Mike Krieger) and WhatsApp (Jan Koum and Brian Acton) leaving Facebook. Dozens of WhatsApp employees also clashed with Mark Zuckerberg over this integration plan.

But Don’t Panic Just Yet…

There is no need to be one of those headless chickens running around, screaming that the world has ended or is about to end. The WhatsApp Messenger you have come to rely on has not changed, or will change for many more months to come.

The project is still in its infancy. Facebook is internally planning to complete the project by the end of 2019, and probably early 2020. There is still the better part of the year to consider alternative messaging apps out there.

 

Recommended Reading

[adrotate group=”2″]

Go Back To >  Software | Business | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Kingston IronKey D300S Encrypted USB Drive Launched!

Kingston Technology just introduced an improved version of their D300 encrypted USB drive – the Kingston IronKey D300S. Find out what’s new and improved in the Kingston D300S encrypted USB drive!

 

The Kingston IronKey D300S Encrypted USB Drive Launched!

The new Kingston IronKey D300S encrypted USB drive introduces two new features to enhance its advanced level of security and ability to safeguard sensitive data.

Serialised Drive

IronKey D300S will have a unique serial number and bar code on the drive itself that allows network administrators to read or scan the code instead of plugging it into the drive.

When a drive is deployed, returned or during any physical auditing or asset management of hardware, this feature will make the process more efficient and streamlined.

Virtual Keyboard

The second feature, a virtual keyboard will enable users to enter a password with clicks of the mouse instead of a physical keyboard. It provides a greater level of protection against any possible keylogging when using D300S on other computers.

“We’re not content on standing pat with any of our products, no matter how good they are,” said Kingston “The data protection provided by IronKey D300 is already top notch, and we’ve listened to requests from our customers. These two enhancements in the D300 series add to its industry-leading data-protection capabilities. With Kingston’s 30-plus years of expertise in quality technology solutions behind it, along with the latest NAND Flash memory and controller technology, users of any D300 drive can rest assure that their confidential data and information are well protected from the risks and threats associated with loss, theft, or stolen digital devices.”

 

Kingston IronKey D300S Price + Availability

[adrotate group=”2″]

The new Kingston IronKey D300S drives will also be available as a Managed model (D300SM) that requires IronKey EMS or SafeConsole by DataLocker , allowing central management of drive access and usage across thousands of drives.

This will be the first IronKey drive that will be supported on SafeConsole, thus enabling it to be used by customers who already have it installed.

IronKey D300SM will be available in the first quarter of 2019.

 

Recommended Reading

 

Go Back To > Computer Systems + Hardware | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

My Knox Is Dead. Long Live Samsung Secure Folder!

Samsung announced in June 2017 that they were killing off My Knox, replacing it with Samsung Secure Folder that ships with the Samsung Galaxy S8 / S8 Plus and Galaxy Note8 smartphones.

Secure Folder is compatible with the Samsung Galaxy S7 and Galaxy S7 edge smartphones that have been upgraded to Android 7.0 Nougat.

Updated @ 2017-12-22 : Revamped the article, adding a migration guide, and a final email from Samsung.

Updated @ 2017-11-16 : Added a new email from Samsung with a confirmed end-of-service date for My Knox.

Originally posted @ 2017-06-07

 

Samsung Kills My Knox

In early June 2017, Samsung announced that they’re killing My Knox, and replacing it with Secure Folder. The end-of-life date was set for 19 December 2017.

Beginning 20 December 2017, the My Knox app would no longer be available to download from the Google Play Store. The My Knox portal will also be disabled – you won’t be able to login.

Samsung replaced My Knox with their new Secure Folder solution. They promise that it is a superior solution.

 

Samsung Secure Folder

Samsung Secure Folder is a new security solution that leverages the defense-grade Samsung Knox security platform to create a private, encrypted space on a Samsung Galaxy smartphone running on Android 7.0 Nougat or better.

It is available in the Samsung Galaxy S8 / S8 Plus and Galaxy Note8 smartphones, but can be downloaded and installed in the Samsung Galaxy S7 and Galaxy S7 edge smartphones that have been upgraded to Android 7.0 Nougat.

As no Mobile Device Management (MDM) is required, it is suitable for both personal and business usage. Here are additional details :

  • Apps and data can be installed or created within Secure Folder, or moved there from outside.
  • Apps and data moved to Secure Folder are kept separate, leveraging SE for Android – preventing unauthorized communication between apps inside and outside.
  • Application data and files are encrypted with defense-grade Sensitive Data Protection (SDP) technology – using 256-bit AES cipher algorithm to secure data.
  • Data remains encrypted even after the user has exited Secure Folder or has turned off the device, and is decrypted when a user successfully authenticates himself / herself.

It can also be used alongside Knox Workspace, enabling two Knox container solutions at the same time.

This allows users to have access to both a dedicated work environment (Knox Workspace), as well as a secure personal area (Secure Folder).

[adrotate group=”1″]

 

How To Migrate From My Knox To Secure Folder

Fortunately, Samsung made it easy to migrate your private data from My Knox to Secure Folder. Here are the steps :

  • Log into the My Knox app
  • Go to My Knox Settings, and select Backup and restore.
  • Backup your My Knox data (you’ll need a Samsung account to do this).
  • Install and setup Secure Folder, if you have not already done so.
  • Log into Secure Folder.
  • Go to Secure Folder Settings, and select Backup and restore.
  • Select Restore (using the same Samsung account), and you’re done!

if you are worried about the dangers of backing up your encrypted data to the cloud (it is encrypted!), you can use this alternative method :

  • Log into the My Knox app.
  • Copy the data out into the Samsung smartphone, or a secure computer
  • Install and setup Secure Folder, if you have not already done so.
  • Move the data into Secure Folder.

 

Samsung My Knox Termination Chronology

In early June 2017, Samsung sent out this email to all registered Samsung users :

First Samsung warning about terminating My Knox

My Knox will no longer be available on new Samsung devices in 2017. You may continue your secure space experience by setting up Secure Folder, available now from Galaxy Apps.

Secure Folder runs on Android N OS or higher versions only. It leverages the defence-grade Samsung Knox security platform to create a private, encrypted space on your Samsung Galaxy phone. Applications and data moved to Secure Folder are partitioned separately on the device and gain an additional layer of security and privacy.

To seamlessly transfer your private content between solutions, please back up your My Knox data and restore it to Secure Folder. To back up your My Knox data, go to My Knox settings > Backup and restore. Remember, a Samsung account is required to use this feature.

You can restore the backup data after setting up Secure Folder. Go to Secure Folder settings > Backup and restore > Restore.

You may use My Knox until its end-of-service date (which will be announced soon). However, be aware that we will not be actively maintaining the service or adding new features.

This was followed by this email on 15 November 2017, revealing its end-of-service date as 19 December 2017.

Samsung confirms end-of-life date for the My Knox service

Dear customers,

Thank you for using My Knox.

As previously announced, we will end support for My Knox on 19th December 2017. You will not be able to download My Knox from any app store after the end-of-service date.

You may use My Knox on your mobile device until you uninstall the application. However, you will be unable to log in to the My Knox portal to remotely manage your device (e.g. to reset your My Knox password or unlock My Knox).

If you have a phone that runs the Android N OS, we recommend transferring your private data in My Knox to Secure Folder, available at Google Play or Galaxy Apps, and on new Samsung phones such as the Galaxy Note 8. We also recommend backing up your My Knox data first, and restoring the data after you set up Secure Folder.

To back up My Knox data, go to My Knox Settings > Backup and restore > Back up My Knox data. Please note that a Samsung account is required to use the My Knox backup and restore feature.

If your phone does not support Secure Folder, then please back up the content to outside My Knox (e.g. using the Move to Personal mode feature).

For more information regarding My Knox termination, please visit My Knox FAQ .

We hope you have enjoyed your experience with My Knox. Samsung is committed to continuous innovation to provide you with the highest-quality products and services.

This final email was sent on 20 December 2017, noting that My Knox is now terminated :

The final Samsung email on the termination of the My Knox service

Dear customers,

Thank you for using My Knox.

As previously announced, we will terminate the My Knox service on 19th December 2017. You will not be able to download My Knox from any app store from then on. You will also be unable to log in to the My Knox portal to remotely manage your device.

You may use My Knox on your mobile device until you uninstall the application. However we highly recommend you to back up your data or move it to outside My Knox.

If your phone supports Secure Folder, we recommend transferring your private data in My Knox to Secure Folder, available at Google Play or Galaxy Apps, and on new Samsung phones such as the Galaxy Note 8. We also recommend backing up your My Knox data first, and restoring the data after you set up Secure Folder.

To back up My Knox data, go to My Knox Settings > Backup and restore > Back up My Knox data. Please note that a Samsung account is required to use the My Knox backup and restore feature.

However, if your phone does not support Secure Folder, then please back up the content to outside My Knox (e.g. using the Move to Personal mode feature).

We hope you have enjoyed your experience with My Knox. Thank you for using our service.

 

Recommended Reading

Go Back To > Mobile Devices | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


The Logitech M238 Party Pack Unboxed!

Logitech recently sent us a mysterious package. It had a large notice on top saying “It’s A Mouse Party and Everyone’s Invited“, and it rattles when you shake it. Interesting!

It was not your typical Logitech parcel, of course. There were all sorts of party stuff inside, together with the star of the party – the new Logitech M238 Party Collection wireless mouse! Check it out!

 That was awesome, right? Thanks for the party pack, Logitech!

 

Logitech M238 Party Collection

The Logitech M238 Party Collection is the fun version of the Logitech M238 family of wireless mouse. It comes in 6 quirky designs – Flamingo, Popsicles, Cocktail, Spaceman, Toucan and Gorilla.

Don’t let its small, cutesy design fool you though. The Logitech M238 Party Collection mouse boasts an advanced 2.4 GHz wireless transmission link that is secured with 128-bit AES encryption. It is also so power-efficient, you can use it for up to 12 months on a single AA battery!

 

Logitech M238 Party Collection Specifications

SpecificationsLogitech M238 Party Collection
Sensor TechnologyOptical, 1000 dpi
Wireless Connectivity2.4 GHz wireless connectivity with USB receiver
- Secured with 128-bit AES (Advanced Encryption Standard)
- Wireless range : 10 meters / 33 feet (typical)
Buttons & Switches2 mouse buttons + scroll wheel + Connect / Power switch
Logitech Unifying Technology SupportNo
BatterySingle AA battery
- 12 months battery life (typical)
Mouse Dimensions & Weight57 mm wide x 95 mm long x 39 mm high
93 g (including battery)
Nano Receiver Dimensions19 mm wide x 14 mm long x 6 mm tall
Supported Operating SystemsMicrosoft Windows Vista, or newer
Mac OS X 10.5 or newer
Google Chrome OS
Linux kernel 2.6+, or newer
Package ContentsOne Logitech M238 Party Collection wireless mouse
One USB 2.4 GHz nano receiver
One AA non-rechargeable battery (pre-installed)
User documentation
Warranty1 Year Limited Hardware Warranty
Available DesignsFlamingo / Popsicles / Cocktail / Spaceman / Toucan / Gorilla

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!