news

Most Cities Would Welcome a Tech Billionaire, But Peter Thiel?

Slashdot - Sun, 18/02/2018 - 00:00
Sarah McBride, writing for Bloomberg: Tech billionaire Peter Thiel is moving to Los Angeles from San Francisco, adding another dose of legitimacy to a burgeoning startup scene in Southern California -- along with some controversy. The co-founder of PayPal and an early investor in Facebook, Thiel runs Founders Fund, one of the more-respected venture capital firms in Silicon Valley. He comes with a little baggage, though, including his staunch support for President Donald Trump, his secretive funding of the legal battle between Hulk Hogan and Gawker.com, and comments some people say have been derogatory toward women. "I'm not sure why Peter Thiel believes he'll receive a warmer reception on the L.A. tech scene than he's had in Silicon Valley," said Tracy DiNunzio, chief executive officer of Tradesy, a fashion-reselling company based in Santa Monica, California. "Our venture and startup ecosystem is fairly left-leaning."

Read more of this story at Slashdot.

Categories: Geeky Stuff

How Does Chinese Tech Stack Up Against American Tech?

Slashdot - Sat, 17/02/2018 - 23:00
The Economist: China's tech leaders love visiting California, and invest there, but are no longer awed by it [Editor's note: the link may be paywalled]. By market value the Middle Kingdom's giants, Alibaba and Tencent, are in the same league as Alphabet and Facebook. New stars may float their shares in 2018-19, including Didi Chuxing (taxi rides), Ant Financial (payments) and Lufax (wealth management). China's e-commerce sales are double America's and the Chinese send 11 times more money by mobile phones than Americans, who still scribble cheques. The venture-capital (VC) industry is booming. American visitors return from Beijing, Hangzhou and Shenzhen blown away by the entrepreneurial work ethic. Last year the government decreed that China would lead globally in artificial intelligence (AI) by 2030. The plan covers a startlingly vast range of activities, including developing smart cities and autonomous cars and setting global tech standards. Like Japanese industry in the 1960s, private Chinese firms take this "administrative guidance" seriously.

Read more of this story at Slashdot.

Categories: Geeky Stuff

Inside the MSRC– The Monthly Security Update Releases

Microsoft Security Response Blog - Thu, 15/02/2018 - 02:21

For the second in this series of blog entries we want to look into which vulnerability reports make it into the monthly release cadence.

It may help to start with some history.  In September 2003 we made a change from a release anytime approach to a mostly predictable, monthly release cadence.  October 2003 ushered in what became known as Update Tuesday.  How and when Microsoft releases new products and services in market products has changed over the years, but the monthly delivery of security content has remained steady.

So how do we decide what goes into a monthly security release?  That decision largely rides on required customer action and risk.  Required customer action is realized through products where customers need to take action to protect themselves against a vulnerability.  For consumers, protection is accomplished through automatic updates.  Not all of Microsoft’s offerings require customer action and are accordingly not part of the monthly cadence.  In the next blog entry we will talk about online services cases which are the main class of reports not addressed on Update Tuesday.  To assess risk, we utilize our security bug bar as established by the Security Development Lifecycle (SDL).  Every vulnerability report is triaged against that bar and assigned a severity – critical, important, moderate, low, or defense in depth.  We prioritize critical and important class vulnerabilities to be addressed in our monthly update cycle. 

Lower severity vulnerabilities are typically considered for next version (v.Next) releases.  Those may or may not be backported to platforms currently in support depending on their impact.  On occasion lower severity vulnerabilities will be addressed in a monthly update, but those are more opportunistic updates where additional fixes for higher severity vulnerabilities were already releasing that month.  For more information on what is in support and our support lifecycle, please visit https://microsoft.com/lifecycle. Later in this blog series we will discuss the v.Next process, how that has evolved over the years of our release cadence, and what researchers can expect from reports that fall into these classes.

The combination of all of these processes are what customers experience as our Update Tuesday cadence.  The releases represent the highest risk vulnerabilities.  We document the fixes with the risk information so customers can better make informed decisions for their environments.  More information on how we create security updates can be found here: https://technet.microsoft.com/en-us/security/dn436305.  For security researchers, these releases show their research and collaboration with Microsoft to better protect customers together.

In our next blog entry, we will explore vulnerability reports and resolution in our online services space.

 

Phillip Misner,

Principal Security Group Manager

Microsoft Security Response Center

Categories: IT

February 2018 security update release

Microsoft Security Response Blog - Tue, 13/02/2018 - 20:43

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice.

More information about this month's security updates can be found in the Security Update Guide.

Categories: IT
Syndicate content