Most people are happy to give their neighbours a spare house key in case of emergencies, but you probably wouldn’t want to give them your digital passwords. Now security researchers have shown that you may not have a choice, at least when it comes to cloud computing.
Cloud servers let users run simulations of an ordinary computer, called virtual machines (VMs), on remote hardware. A VM performs exactly as an ordinary computer would, but because it is entirely software-based, many of them can run on a single hardware base. Yinqian Zhang of the University of North Carolina, Chapel Hill, and colleagues have discovered that it is possible for one VM to steal cryptographic keys – used to keep your data secure – from another running on the same physical hardware, potentially putting cloud-computing users at risk.
The attack exploits the fact that both VMs share the same hardware cache, a memory component that stores data for use by the computer’s processor. The attacking VM fills the cache in such a way that the target VM, which is processing a cryptographic key, is likely to overwrite some of the attacker’s data. By looking at which parts of the cache are changed, the attacking VM can learn something about the key in use.
Zhang and team did not test the attack in the cloud for real, but used hardware similar to that employed by Amazon’s cloud service to try stealing a decryption key. They were able to reconstruct a 4096-bit key in just a few hours, as reported in a paper presented at the Computer and Communications Security conference in Raleigh, North Carolina, last month.
This attack won’t apply in all situations, as an attacker would have to establish a VM on the same hardware as yours, which isn’t always possible. What’s more, an attack would not work on hardware running more than two VMs. Still, those looking to use cloud services for high-security applications may want to reconsider.
Image by David Malan/Getty
New Scientist reports, explores and interprets the results of human endeavour set in the context of society and culture, providing comprehensive coverage of science and technology news.
Starbucks is making a bunch of modifications to its My Starbucks Rewards program.
The changes kick in on October 16th.
Here’s a breakdown for Gold level members:
- Gold members will receive a reward every 12 transactions, instead of every 15.
- You’ll be able to redeem the reward for a drink or food item. The food benefit applies to almost all the food Starbucks offers.
- Rewards will be digital (via email notification), so you won’t have to wait for a postcard. The reward will be loaded directly onto your Starbucks Card.
Benefits that are going away
- Syrups and soy milk will no longer be on the house.
- You won’t get a free tall beverage when you buy a pound of coffee.
Everything else — like birthday drinks and refills — is sticking around.
Starbucks explains how the redemption process works:
1. Visit any participating company-operated store
2. Tell the barista you have a free reward that you want to use (that way you get to choose when you redeem your reward)
3. Present your registered Starbucks Card (or scan your registered Card on the Starbucks Card mobile app).
And here’s handy side-by-side graphic from Starbucks:
The head of Groupon’s national sales, Lee Brown, is leaving the company.
The memo was written by Groupon’s head of operations, Kal Raman.
Raj Ruparell, head of Groupon Goods, will be taking over Brown’s position.
Brown joined Groupon in 2010 from Yahoo and formed Groupon’s first national sales division. The memo did not say where Brown is headed next, but AllThingsD says his leaving may be Raman’s doing. Raman was recently appointed to his SVP role and is reportedly “cleaning house.”
Brown is the second top sales executive to depart Groupon this week. Jayna Cooke’s departure was made known three days ago; she was one of the company’s top salespeople who led the charge on major corporate accounts like Gap.
“Under Lee’s management, the team has secured a number of key customers, and I’d like to personally thank Lee for his contributions and wish him the best in his next opportunity,” Raman wrote.
There’s fascinating disconnect between which advertisers the media thinks did well on last night’s Super Bowl and what the research says was effective.
But it didn’t even show up in the Ace Metrix Top 10. Ace Metrix measures a panel of 500 consumers who watch ads and rate them for effectiveness. That research says Doritos’ sling baby ad won the night.
It was also a big night for dogs. Volkswagen’s much anticipated follow-up to its little Darth Vader spot from last year used an obese dog getting in shape to gets its revenge on a VW it wanted to chase down the street (and then somehow ended up in the Star Wars cantina scene).
Skechers used a dog — Mr. Quiggly — in a greyhound race.
As did Bud Light, whose appeal with Weego, a rescue dog, was heartwarming.
So did Doritos, in another comedic appeal revolving around the whole Dogs v. Cats war.
Chase ran an ad that for the life of me I can’t recall even though I am paid to remember these things. And TaxACT’s ad, featuring a kid who urinates in a swmming pool, was disgusting.
Later today — much later — we’ll take a look at how B.I.’s readers judged the ads with the results of our Super Bowl ad readers’ poll. Vote early, and often!
- VOTE HERE: For The Best And Worst Super Bowl Ads
- SUPER BOWL ADS LIVE BLOG: Instant Reaction From Our Man With The Nachos!
- Here Are All Of This Year’s Super Bowl Ads
Earlier in the week we asked how you tune into live television that you’re subscribed to on your mobile device or when you’re not in front of the big screen. You responded, and now we’re back to take a look at the top five, based on your nominations.
Photo by IK’s World Trip.
When you need to stream audio or video around the house, to your mobile device, or across the globe when you’re away from home, Orb can certainly deliver. We mentioned Orb several times, and it’s still a great way to stream your media from your computer to other devices in your home, or, if you’re willing to pay for an Orb appliance to connect to your cable box or HTPC, stream live TV or recorded TV to any other device on or off of your home network. Orb supports video up to 720p, and gives you the flexibility to watch live sports, prime time TV shows, or anything else that’s currently airing in your living room on your mobile phone, tablet, or laptop over Wi-Fi, 3G, or 4G when you can’t be in the living room to enjoy it. Pricing varies depending on whether you need hardware (between $79-$99 for the set-top box) to connect to your TV and home network, or you already have a TV tuner in your HTPC (the Orb Live and Orb Caster software are both free, but the mobile apps are $9.99.)
Where other live TV streaming solutions offer complexity, Slingbox offers elegant simplicity. The Slingbox from Sling Media is a set-top box that connects to your TV and your cable or satellite receiver that makes it easy for you to effectively log in to your TV at home and watch live TV on your computer or mobile device as though you were sitting in front of your TV. You can change channels, browse TV listings, and even set your home DVR to record TV that you won’t make it home in time to watch. The Slingbox comes in two flavors, the Slingbox Solo and the Slingbox Pro-HD (which predictably supports HD and additional devices connected to it) and will set you back $179.99 to $299.99 (not including extended support options). You’ll also need to drop $29.99 for the SlingPlayer app to control your Slingbox from your smartphone or tablet, but the price buys you one of the most feature-rich and hassle-free live TV streaming solutions on the market.
Elgato’s EyeTV line of TV tuners and live TV software were, for a long time, the only option for Mac users who were looking for an easy way to use their Macs as TV tuners or HTPCs. They’re not the only options anymore, but they’re certainly one of the best, and if you plug a TV source in to an EyeTV and then the EyeTV into your Mac via USB, you want watch live TV right there on your computer screen. Combine an EyeTV tuner or DVR with the EyeTV app on your mobile device, and you can stream live or pre-recorded TV on your mobile device when you’re out of the house. The EyeTV app will set you back $4.99 in the iTunes App Store for any iOS device, and the tuners vary in price from $99 to $199 depending on whether you need a DTV tuner, a DTV and HD tuner, a tuner with a DVR inside, or a Wi-Fi enabled tuner that can wirelessly stream TV to other devices in your home.
The Vulkano Flow may not be one of the most well known set-top tuners on the market, but it’s definitely one of the most powerful. For $99.99, the Vulkano Flow is an easy to install and set up device that connects to your cable or satellite tuner, supports HD video, and your home network to allow you to wirelessly watch live TV on your iOS or Android device on your home network or when you’re away via 3G or 4G. You get complete control over your home TV, so you can switch channels, browse a built-in programming guide (that you don’t have to pay extra to view), and even connect to other video inputs like a DVR or HTPC and control that as well. Vulkano offers desktop players for Mac OS and Windows (Free), and mobile players for iOS, Android, and BlackBerry ($12.99.)
Hauppage is an old name in TV tuners, and the company is still going strong by offering a range of products to HTPC enthusiasts who want to build their own devices to stream, save, and watch live and recorded television and to people who would rather buy a set-top box to handle the streaming for them. Those of you who nominated the WinTV mentioned that you can easily install a WinTV tuner in your HTPC and download the WinTV application on your HTPC and iOS or Android device to stream TV from your HTPC to your device. Pricing varies depending on which tuner you’d like, whether you want HD video, and whether you want an internal or USB tuner to install at all or you’d just prefer a set-top box like the Hauppage Broadway ($199), but the WinTV Extend app you’ll need to stream from your Tuner will set you back $9.95, and the mobile apps are free (although they only support Wi-Fi.)
Now that you’ve seen the top five, it’s time to put them to an all out vote for the winner.
Honorable mentions this week go out to streaming TV sites like Justin.tv, which many of you said you use to stream your own TV shows to the web so you can catch them when you’re away from home, and to The NFL’s website, which many of you noted is indeed streaming the big game on their own. Finally, since we mentioned that the Department of Homeland Security had shut down FirstRowSports‘ primary domain, many of you made note of the fact that the site is still up and running on a different URL.
Have a favorite method that didn’t get the nominations needed to make the top five? Want to make a case for it, or for your favorite of the nominees above? Sound off in the comments below.
See? Congress does listen to the will of the people on occasion—especially when that will is wielded as a blunt instrument. As this infographic from ProPublica illustrates, yesterday’s blackout protests not only culled the official SOPA supporters by 15 congressmen, it actually added 70 opponents.
In all, official supporters for the House’s anti-piracy bill dropped from 80 members to 65 over Wednesday night, while the bill’s opponents swelled from just 30 members to 101 with another 41 polling as “leaning no.” Granted the “leaning no” crowd hasn’t ruled out voting for an amended version of the bill at a later date, doubling opposition to the bill overnight is a promising start. It’s amazing what 24 hours without Wikipedia will do. [Propublica]
Dr. Augustine Fou is Digital Consigliere to marketing executives, advising them on digital strategy and Unified Marketing(tm). Dr Fou has over 17 years of in-the-trenches, hands-on experience, which enables him to provide objective, in-depth assessments of their current marketing programs and recommendations for improving business impact and ROI using digital insights.
- Netflix vs Blockbuster - Perfect example of an industry replaced by a more efficient version of itself
- Coke vs Pepsi vs Dr Pepper
- Marketing Costs Normalized to CPM Basis for Comparison
- 3G calling, no registration, and totally free
- The Top Endorsement Earners In Each Sport
- AOL's Plan To Steal TV Ad Dollars Is Totally Working
- Groupon launches Breadcrumb iPad app, vows to not be a typical POS
- HP Mini 311 Nvidia ION Netbook Hackintosh'ed
- Flash Sale Sites Have A Social Media Problem
- #SESNY: Toward a Performance Mindset for All Advertising
- Tips for Marketers Selecting a Digital Agency
- Context Is Not King or Queen; It's Just Necessary
- 2013 New Year's Digital Marketing Resolutions
- The Good, Bad, and Ugly of Online Campaign Ratings and eGRPs
- Why You Should Banish the Net Promoter Score Immediately
- Digital Strategy To-MAY-to vs. To-MAH-to
- The Agency-Client Relationship is Forever Changed
- Targeting vs. Privacy - Who Will Win?
- Digital + Traditional = Unified Marketing
- May 2013 (55)
- April 2013 (70)
- March 2013 (114)
- February 2013 (89)
- January 2013 (136)
- December 2012 (96)
- November 2012 (130)
- October 2012 (147)
- September 2012 (94)
- August 2012 (92)
- July 2012 (112)
- June 2012 (71)
- May 2012 (82)
- April 2012 (80)
- March 2012 (122)
- February 2012 (114)
- January 2012 (129)
- December 2011 (60)
- November 2011 (54)
- October 2011 (29)
- September 2011 (17)
- August 2011 (30)
- July 2011 (18)
- June 2011 (19)
- May 2011 (23)
- April 2011 (23)
- March 2011 (52)
- February 2011 (69)
- January 2011 (108)
- December 2010 (82)
- November 2010 (67)
- October 2010 (68)
- September 2010 (44)
- August 2010 (101)
- July 2010 (61)
- June 2010 (28)
- May 2010 (28)
- April 2010 (26)
- March 2010 (33)
- February 2010 (21)
- January 2010 (12)
- December 2009 (4)
- November 2009 (2)
- October 2009 (14)
- September 2009 (6)
- August 2009 (19)
- July 2009 (34)
- June 2009 (11)
- May 2009 (4)
- April 2009 (6)
- March 2009 (13)
- February 2009 (32)
- January 2009 (25)
- December 2008 (1)
- October 2008 (1)
- June 2008 (1)
- November 2007 (1)