Fact or Fiction: Common Misperceptions of Database Encryption
In a recent blog on facts and fiction in database encryption, the author attempts to debunk some common misperceptions that occur. Here we round them up for your consideration.
Fiction:
Encryption is rendered null and void, if an authorized user account itself is compromised.
Rationale:
Just because someone has compromised data (e.g., lost a USB drive containing PII), that doesn’t mean that they or anyone who finds the device has the credentials or know how to decrypt the data. Both the database and the encryption key/application user credentials for this must be compromised, in order to make such a pat statement accurate.
Scenario One:
An individual user creates a key in MS SQL Server, they then protect it with a password or encrypt it with another. Even if someone compromises the database account with the password “Password1”, they still have not obtained the decryption keys. Potential hackers would have to gain access to the key or guess the password. And given that there are likely to be many users’ keys within the context of the query operations, it would take several keys before the correct one is found.
Scenario Two:
In the case of IBM DB2, the database requires one set of credentials, while encryption key access uses another set. Database access requires both. This is particularly the case with Transparent Encryption. Once a user is validated to access the database, their session is supplied with the encryption key and then encryption operations are mapped to relevant/issued queries.
Fiction: encrypting data in any layer (except the application layer) renders your data insecure.
Explanation:
From the standpoint of protecting data in a compromised database, this can be true. However, within the application layer, encryption credentials are safe. Application users can expect the same type of opacity as Transparent Encryption provides database users, so if an application account is breached, it will bypass encryption credentials and access a portion of the data stored in the database.
Sources:
http://blog.formstack.com/2013/3-facts-about-database-encryption/
Comcast and Time Warner Cable’s $45 billion merger puts 30 million customers under one roof
It’s official: Confirming the leaks from last night, Comcast has announced it will acquire Time Warner Cable. This combination of the country’s #1 and #2 cable companies will stretch from coast to coast, as TWC controls markets like New York City, LA and Texas, while Comcast strongholds include Philadelphia and Washington DC. TV isn’t the only medium in play either, since as Gigaom points out, the two companies together cover not only 30 million+ cable TV subscribers, but also around the same number of internet connections, and about 15 million phone lines. So, what’s the likely impact for customers as a result of the deal? For several reasons the answer right away is “not much.”
It will take time for the combo to gain regulatory approval from the FCC and Justice Department, like the lengthy acquisition process we saw when Comcast snatched up NBCUniversal a few years ago. Despite that, both parties expect the deal to close by the end of this year. As part of the announcement, Comcast says it’s “prepared to divest systems serving approximately 3 million managed subscribers,” and expects to gain about 8 million net subscribers with the move. Comcast is still trying to roll out its new X1 TV platform including cloud DVR access, while Time Warner Cable brings its own setup, complete with StartOver and LookBack VOD features that let viewers go back in time without a DVR.
Just like Charter with its failed bid for TWC, Comcast thinks it can negotiate better rates with the studios and channels that provide it content with a larger customer base. Another benefit is the ability to efficiently deliver highly profitable high-speed internet and phone service, although we’d be shocked to see our bills go down at all as a result. Bloomberg reports Charter and Comcast had been working on a combined offer for TWC, but that’s rumored to have fallen apart last week. Surprisingly, TWC has an even lower reputation with customers than the much-maligned home of Xfinity, so in that respect, perhaps things can’t get much worse?
The other issue comes back to the control of internet access, with network neutrality and metered service hanging in the balance — while Comcast has experimented with various levels of data caps, Time Warner Cable has not, and the two also differ in their treatment of HBO Go on Roku and Samsung devices. Several conference calls are scheduled today so the companies can make their case — public interest groups like Free Press are already opposing the move — we’ll be listening intently for explanations on why moving from “cartel partners” to a single offering is a good thing for anyone.
Filed under: Home Entertainment, Internet, HD
Source: Comcast, Time Warner Cable
Netflix’s first taste of ‘Star Wars’ coming with exclusive ‘Clone Wars’ series in March
Sure, Netflix has a multi-billion dollar deal with Disney, but Star Wars content has been noticeably missing from its sizeable catalog. That’s about to change, however, after the streaming giant announced it has signed an exclusive agreement to bring the final series of The Clone Wars, dubbed “The Lost Missions,” to all 44 million of its subscribers on March 7th. Netflix says the 13-episode season will be accompanied by all five director’s cuts of the previous five Clone Wars seasons and the feature film, making it the only subscription service to offer such content. Netflix has slowly added more Disney content in recent months, but it’ll ramp up significantly when first-run live-action and animated films come to the service in 2016. There’s no word on whether we’ll see the Star Wars feature films later down the line — we’ll make sure to enjoy the multiple new Marvel mini-series while we wait.
Filed under: Home Entertainment, Internet
Source: Star Wars
Meizu MWatch concept may be the most impressive smartwatch concept Yet
Smartwatches and wearables in general are definitely in the technology area to be keeping an eye on this year, but while there are plenty of impressive devices showing their faces now and then, few have truly captured our imagination of what a smartwatch can truly be or look like. A Senior Manager at Meizu has other ideas, today unveiling a so-called Meizu MWatch concept, something which I think certainly looks close to where smartwatches may end up in the future, or at least, where we want them to end up.
Meizu says the MWatch would have a fully flexible 2.4-inch resolution screen, a metal bracelet, 5MP camera, NFC, Wi-Fi, Bluetooth and significant app support. While I’ve never been a fan of watches with cameras on them, this Meizu MWatch concept is definitely an impressive one, though Meizu has made no comment on whether they’ll ever put this into actual development.
Meizu, one of China’s most successful Android phone manufacturers, has been on top of their game lately, particularly with their smartphone releases like the Meizu MX3 which we got to take a look at CES 2014. It’s almost painful to see all these smartwatch concepts come out and tease us with what could be possible, but perhaps one of these days, someone will listen and make the smartwatch that we’ve all be dreaming of.
What do you think about this Meizu MWatch concept? Let us know your opinion on the comments below.
Source: GizChina via Phones Review
[LEAK] Nokia X gets priced in Vietnam for $110 USD
Looks like somebody’s been a little trigger happy. According to a thread in Techrum, the Nokia X, AKA the Nokia Normandy, has been priced on an online retailer in Vietnam, showing the price for the unannounced Nokia phone to be between 2.2 to 2.5 million Vietnamese Dong. Don’t freak out at those numbers though; that amount equates to about $110 USD, which is right about where you’d expect a phone with its specs to be.
As per the rumours we’ve been hearing, we’re expecting the Nokia X to be announced as a low-end Asha device at MWC 2014 followed by a launch in March in multiple markets around the world. We also most recently heard that Nokia may continue to have unhindered development control over the Asha line of phones, letting it potentially create a higher end model of the Nokia X, which I think will appeal a lot more to Android fans, though there is also the issue of it running a forked version of Android. It does seem like the Nokia X has multiple things working against it despite finally adopting an Android OS, though with this low price and Nokia’s lauded reliability, perhaps there is still light at the end of the tunnel.
What do you think about this price for the Nokia X? Does this make it look any more attractive? Let us know what your opinion is in the comments.
Source: Techrum via Phone Arena
Google and VMware team up to put your Windows desktop on Chromebooks
So, your bosses have replaced most of the office computers with Chromebooks, but you need those old Windows apps to keep you sane. If the IT folks aren’t on top of it already, you may want to tell them about a remote access solution developed by Google and VMware called Horizon Desktop as a Service (DaaS). According to VMware (known for its Fusion desktop clients), DaaS gives you secure access to all your Windows apps and data by storing sensitive info on remote servers instead of devices carried around by forgetful employees. The product’s only available as a subscription-based offering right now, but folks at home who can’t live without their trusty Windows applications may want to hold off on doing a protest — it’s also slated to hit the Chrome App Store sometime soon.
Via: TechCrunch
Source: Google Enterprise, VMware
Steam’s new user-tagging feature matches the best games to your tastes
The next time you get a specific urge to play a certain type of real-time strategy game, with a sci-fi theme, base-building and large quantities of blood for the blood god, Steam will have you covered. Instead of just browsing its catalog by genre, the Steam client now lets all users add their own tags to product pages — tags which then become searchable by everyone else. The community seems to be embracing the feature quite quickly, with plenty of eclectic labels already visible. As a result, the store should steadily become more fun to navigate, especially with added features like automatic, tag-based game recommendations. Spess Mahreens, for the Emprah!
Filed under: Gaming
Via: Joystiq
Source: Steam
LG G Pro 2 is now official, boasts 4K, 120fps and slow motion video recording Chops
Today was D-Day for the unveiling of LG’s latest smartphone and they didn’t disappoint: the LG G Pro 2 is now official and it might even have its main competitor, the Samsung Galaxy Note 3, quivering in its shoes. The successor to the LG Optimus G Pro upgrades its screen size to a massive 5.9-inches, behind which it packs a Qualcomm Snapdragon 800, 3GB RAM, either 16 or 32GB storage (with additional microSD slot) and a 3,200mAh battery.
Also running Android 4.4 KitKat, the G Pro 2 also features a 2.1MP front camera, and crucially a 13MP rear camera which LG says is capable of recording 4K video. This 13MP camera, which utilizes LG’s proprietary OIS+ technology, can also capture HD video at 120fps as well as being able to edit videos into 4 different speeds which include slow motion. LG also brings its KnockON feature over from the LG G2 which allows you to unlock your phone using just a light knock against the screen. The full list of features for the LG G Pro 2 include:
- Chipset: Qualcomm® Snapdragon™ 800 (2.26 GHz Quad-Core)
- GPU: Qualcomm Technologies’ Adreno™ 330
- Display: 5.9-inch Full HD IPS (1920 x 1080), Slim Bezel
- Memory: 3GB DDR3 RAM / 16GB/32GB eMMC ROM / microSD slot
- Camera: Rear 13.0MP OIS+ / Front 2.1MP
- Battery: 3,200mAh (removable)
- Operating System: Android 4.4 KitKat
- Size: 157.9 x 81.9 x 8.3mm
- Weight: 172g
- Network: LTE / HSPA+
- Connectivity: Bluetooth Smart Ready (BT 4.0) / USB / WiFi (802.11 a/b/g/n/ac) / NFC / SlimPort
- Colors: Titan, White, Silver
- Other: Knock Code™, 1W Hi-Fi Sound, Content Lock
The LG G Pro 2 is available now in Korea in Titan, White and Black, though no price has been named, and while LG has not specifically said where the phone would be headed outside of Korea, it’s hard to imagine that it wouldn’t be available in every major market very soon. I’m still disappointed LG didn’t include a stylus with its phablet, which could be a key area that the Note 3 has a monopoly over in the phablet space, but I think the impressive camera firmly puts it as one of the best devices available on the market right now.
What do you think about the LG G Pro 2? Any designs on getting one? Let us know what you think in the comments.
Source: LG Newsroom via engadget
Motorola Mobility CEO, Dennis Woodside, rumoured to be moving to Dropbox
It’s not unusual to see upper management in companies get shaken up when acquisitions happen, and whether it was instigated by acquirer Lenovo or not, Motorola Mobility‘s CEO, Dennis Woodside, is rumoured to be following this familiar path. The Wall Street Journal has reported that Woodside will be leaving Motorola to take up the position of Chief Operations Officer at cloud storage giant Dropbox, and yes, this move might be considered by some to be a step backwards.
Woodside’s time at Motorola wasn’t without its downsides, most obvious of which was the fact Motorola was still floundering in the smartphone market despite a very innovative release in the Moto X and a surprisingly impressive device in the Moto G. I personally thought that Woodside was a very good leader, at least in the talks and interviews I’d seen him in and appeared to be genuinely interested and active in all of Motorola’s projects including its modular phone project, Project Ara.
If it is true, whatever the reasons for Woodside’s move, we wish him the best at Dropbox. What do you make of Dennis Woodside’s rumoured departure from Motorola Mobility? Let us know what you think in the comments.
Source: Wall Street Journal via engadget
Apple says most iPhone metal suppliers conflict-free, pushes the rest to get in line
It’s easy to forget that the wondrous, tiny computer in your pocket is built from components sourced all over the world, and sometimes, those building blocks come from not-so-nice origins. War-torn regions of the world often use resource and mineral sales to fund local conflict, creating a moral dilemma for gadget consumers and hardware manufactures alike. Naturally this issue has gotten some attention, and Apple says it’s doing its part to ensure that its products are built from conflict-free materials.
In the company’s 2014 Supplier Responsibility report, Cupertino confirmed that as of January 2014, all of the smelters that provided tantalum metal to its supply chain were verified as conflict-free by third-party auditors. The company couldn’t quite say the same for the other metals used in consumer electronics, however: several of its gold, tin and tungsten suppliers won’t openly verify compliance with the Conflict-Free Smelter Program (CFSP). Apple hasn’t cut ties with these manufactures, but it has pledged to publish a quarterly report of the names, countries and CFSP status of all its suppliers to help “drive accountability” and promote participation. With any luck, Cupertino will be able to shame the rest of its supply chain into boycotting conflict-minerals — delivering on its 2011 promise to build guilt-free iPhones.
Source: Apple, Wall Street Journal
AIVAnet 