With Windows 10 coming in about two weeks, the amount of news from OEMs is ramping up as they prepare for the Windows 10 rollout. HP has some new devices and services they have put together for the launch, which fall under their business line of products.

HP’s first announcement is HP Sure Start, which was first launched in 2013, and HP is making the push to let prospective buyers know that they are the only company with this technology at the moment. HP Elite line of notebooks, as well as HP ZBooks will offer Sure Start, which protects against BIOS malware by performing a check on the BIOS before the system boots, and if it finds that the BIOS has been tampered with it overwrites it to the original state. Checking the BIOS before launch is certainly not a new idea, and Windows Secure Boot already does this, however HP’s new addition of having a clean copy of the BIOS to re-write if needed is something that is not part of the Secure Boot process, which will perform the check but if it fails the test, the system will just not boot.

Beginning in August, HP will begin to offer Windows 10 pre-installed on commercial offerings. Not all devices will have an image ready on day one, and HP expects all existing commercial devices to have a Windows 10 image available by October.

Some of the new Windows 10 devices are a limited edition version of the HP EliteBook Folio 1020, and the HP Pro Tablet 608. The Elitebook actually launched in December, and HP is launching a limited edition of it called the Bang & Olufsen limited edition, which will be available in the fall. HP’s EliteBook is the thinnest and lightest business class notebook offered today, at 2.2 lbs or 1 kg for the “special edition” version, and just 0.6 inches or 15.7 mm thick. It’s a Core M powered notebook with the Core M-5Y51 and 5Y71 offerings and a 12.5-inch display with 1920×1080 or 2560×1440, with touch optional on the normal version. The new model will offer a new color, in addition to the Bang & Olufsen audio, with an ash silver and copper finish which looks quite attractive.

The other device HP is a tablet which apparently slipped through the cracks here as I had not seen it before. The HP Pro Tablet 608 which they announced on June 18th. This is an 8-inch tablet powered by the Intel Atom-Z8500 Cherry Trail processor with up to 4 GB of memory and 128 GB of eMMC storage. Something different in the Windows space is the tablet’s 4:3 aspect ratio for the 2048×1536 display, and the tablet will feature a USB-C port for charging and data transfer. There will be an option pen and of course a full line of business accessories such as docks and keyboards. The tablet starts at $479 with the Windows 10 version coming in August.

The countdown to Windows 10 is certainly on and HP’s business offerings have stepped up with some nice hardware.

 

Throughout my career I have seen many Windows releases with minimum requirements that were a little bit deceiving. Sure, the machines would boot, but you would sometimes have enough time to brew a fresh pot of coffee before the computer was in a usable state.

That usable state excluded any applications you wanted to run on top of the OS. Around the Windows 95 and 98 era, this experience wasn’t pleasant if the hardware was close to the minimum requirements.

You quickly found out how patient your users were if you didn’t give them a PC that worked at a reasonable speed. In current times, with even the most lowly machines having multiple cores and running at multiple gigahertz, it shouldn’t be a problem… right?

So with Windows 10 round the corner, and Microsoft doling it out as a free (for now) upgrade to users of Windows 7 and 8, everyone should be able to upgrade to Windows 10 with no problems… right?

Setting aside the actual usability of Windows 10 itself, the answer to the question from the hardware perspective at least is: “Probably, with caveats.” What can you, as the administrator, do before Windows 10 lands to make sure you and your company are prepared?

Even machines four or five years old will meet the minimum specs. The hardware minimums are:

2. 1GB for 32 bit version, 2GB for 64 bit

Microsoft has defined the minimum specifications for Windows 10 on their website. Alongside the minimum requirements is a statement that any machine running Windows 8.1 should be capable of running Windows 10. That is quite a bold statement to make. Only time will tell if this statement turns out to be true.

To those people who, by choice or need, are still running Windows 7, no such guarantee or statement has been made. As long as the machine – or machines – in question meet the minimum specifications, it will be the long-used “suck it and see” approach. If the upgrade doesn’t go as planned, however, Microsoft has provided a roll back mechanism. It should prove useful for those machines that don’t work as expected or for users who decide Windows 10 is not for them.

One problem that I suspect a lot of Windows 7 upgraders may face is the fact that the hardware or peripherals that were purchased when Windows 7 came out almost six years ago will have little to no chance of having the correct Windows 10 drivers available, given the speed with which add-on hardware becomes obsolete. Sure, some Windows 8 drivers may work but even then it would be touch-and-go as to whether they work as expected.

Bill Gates is said to have described drivers for Windows NT as “mother’s milk” in terms of being essential to get people on board with a new operating systems. I can quite easily foresee a number of users complaining when their off-brand sound card or some other component of their off-brand PC no longer works as intended on Windows 10, as the drivers have changed or are unavailable for download.

Sponsored: RAID: End of an era?

The Mother of All Hacks

Barely a day goes by without some company or government agency announcing that hackers have compromised or attacked one of its systems.

These attacks can take many forms. The most common is a distributed denial of service, or DDOS. In this type of attack, a system is overwhelmed with malicious message traffic so that legitimate users of a website cannot gain access. A DDOS attack does not actually penetrate the system or steal information. It simply obstructs normal access so that the target site is effectively shut down.

Attacks that penetrate firewalls and get inside a system are more serious.

These are often conducted by criminal cybergangs who steal credit card and password information that they can then use to conduct unauthorised purchases of goods and services.

This is a more serious kind of breach, but the damage is usually limited by cancelling compromised credit cards or accounts and issuing new ones to affected customers. This can be annoying, time-consuming and somewhat costly, but not life-threatening to the parties involved.

In addition to financial losses, such attacks can cause enormous reputational damage to the entity whose systems were breached.

Criminals executed the 2013 hack of Target Corporation [NYSE:TGT] just ahead of the Thanksgiving-to-Christmas shopping season. They stole 40 million credit card numbers and 70 million pieces of personal information, such as customer addresses and phone numbers.

Target’s stock price crashed and the company was subject to over 90 lawsuits alleging negligence. Target spent over US$60 million in damage control immediately following the attack, but final damages will total in the billions. Many customers closed their Target accounts and refuse to make further purchases there. The reputational damage to the Target brand continues to this day.

Similar attacks have been launched against JPMorgan Chase, Home Depot and Anthem, America’s second-largest health insurer.

Many more have happened, and many more are yet to come.

The most damaging attacks are not those launched by criminal gangs seeking financial gain. The most dangerous are those launched by the military and intelligence agencies of Iran, China, Russia and other rivals of the United States. Their aim is to damage national security and critical infrastructure.

These attacks may involve the theft of secret military, intelligence and diplomatic files. Some attacks seek to gain control of critical infrastructure and involve the use of sleeper viruses. These lie dormant until hackers switch them on to disrupt a system at a particularly opportune time for an enemy.

For example, a virus implanted in the control system of a hydroelectric dam could open floodgates to inundate downstream targets, killing thousands by drowning and destroying bridges, roads and agriculture. Other viruses could shut down major stock and commodity exchanges.

In 2010, the FBI and US Department of Homeland Security discovered an attack virus in the computer systems of the NASDAQ stock exchange. That virus was disabled, but others may remain.

On 22 August 2013, the NASDAQ mysteriously shut down for over three hours, disrupting trading in Apple Inc [NASDAQ:AAPL], Google Inc [NASDAQ:GOOG], Facebook Inc [NASDAQ:FB] and other investor favourites.

No detailed explanation for the outage has ever been offered except for vague comments about ‘connectivity’. A malicious attack by Russia has not been ruled out.

Military planners make use of a fighting doctrine called the ‘force multiplier’. The idea is that any given weapon can be used with greater-than-normal effect when combined with some other state or condition that gives the weapon greater impact.

For example, if Russia wanted to disrupt a US stock exchange, they might wait until the market is down over 3%, say, for reasons unrelated to the cyberattack.

Launching the attack on a day when the market is already nervous would ‘multiply’ the impact of the attack and possibly result in a drop of 4,000 Dow points or more. That would compare in percentage terms to the one-day drop on 19 October 1987.

All of these scenarios are worrying enough. But the US government has just suffered a cyberattack even worse than shutting a stock exchange or opening the floodgates on a dam.

Last month, it came to light that Chinese hackers had gained access to the files of the US Office of Personnel Management (OPM). The exact number of files stolen is not clear, but estimates of individuals affected range from 4 million up to 32 million. The Chinese hackers actually obtained credentials to gain access to the system, and once inside systematically downloaded the database.

If the stolen information were limited to names, addresses, Social Security numbers and the like, the damage would be immense and the affected individuals would be at constant risk of harassment and identity theft. But the damage was far worse.

Many of the files consisted of responses to a questionnaire called Standard Form 86, or SF-86. This is the form used to apply for security clearances up to and including the top-secret level.

The form itself is 127 pages long, which is daunting enough. But the attachments and documentation required to support the information on the form include tax returns, personal net worth statements and explanations of answers to sensitive questions. It can run to hundreds of pages.

The government requests this information in order to evaluate the fitness and loyalty of those applying for security clearances. Here’s a typical question:

‘Have you EVER been a member of an organisation dedicated to the use of violence or force to overthrow the United States government, and which engaged in activities to that end with an awareness of the organisation’s dedication to that end or with the specific intent to further such activities?’

The US government also requests extensive personal financial information. The reason is that someone with a security clearance who is in personal financial distress can be compromised by a foreign intelligence agency that offers that individual cash to betray his country. Treason for money was the motivating factor in the notorious cases of Aldrich Ames at the CIA and Robert Hanssen at the FBI.

Since the US uses SF-86 to identify vulnerabilities in our intelligence agents, the Chinese can do the same. By gaining access to the SF-86 files in the OPM computers, the Chinese have a virtual playbook on how to identify and compromise those entrusted with America’s most sensitive top-secret information.

Many observers believe that such cyberwarfare and criminal cyberhacking is inevitable and there is not much that computer systems operators can do to fight it.

This is not true. In fact, there are effective firewall, encryption, compartmentalisation, verification and other cybersecurity techniques that companies and governments can use to safeguard their information.

The problem is that such solutions are expensive, and so far, companies and government agencies have been unwilling or simply slow to take the needed measures to protect critical data.

This mindset is changing. The costs of data breaches, both financially and in terms of national security, are simply too high. Suddenly, solutions that used to seem expensive now seem cost-effective compared with the damage that system compromises can cause.

A massive multi-billion dollar tidal wave of spending on software and systems security is about to be unleashed. A relatively small number of firms stand to benefit the most because of their talent, track records and trustworthiness. The time to look at this space is now.

PS. If you haven’t heard, I’ve just released a new book called The Big Drop. It wasn’t a book I was intending to write. But it warns of a few critical dangers that every Australian should begin preparing for right now.

Here’s the catch — this book is not available for sale. Not anywhere in the world. Not online through Amazon. And not in any bricks-and-mortar bookstore.

Instead, I’m on a campaign to spread the book far and wide — for free. Because every Aussie deserves to know the truth about the imminent dangers facing their wealth.

That’s why I’ve gone ahead and reserved a free copy of my new book in your name. It’s on hold, waiting for your response. I just need your permission (and a valid Australian postal address) to drop it in the mail.

Click here to fill out your address and contact info. If you accept the terms, the book will arrive on your doorstep in the next few weeks.

“Last month, it came to light that Chinese hackers had gained access to the files of the US Office of Personnel Management (OPM).”

Let friends in your social network know what you are reading about.

Expert says hundreds of people who clicked on the bogus $100 savings offer may have become marketing targets, or worse.

A link has been sent to your friend’s email address.

To find out more about Facebook commenting please read the Conversation Guidelines and FAQs

Hundreds of people thought that a legitimate-looking coupon, complete with a Publix logo, coupon code, and even an expiration date, was the real thing.(Photo: WTSP)

Tampa, FL — Cybersecurity experts say it’s possible people who have fallen for an online scam involving a bogus coupon from supermarket giant Publix, may have opened themselves up to identity theft.

Publix says a $100 discount offer making its way around social media sites is not real.

“It looks exactly like the four and five dollar coupons that I usually get,” said Rebecca Sedita, a loyal Publix customer who opened the fake coupon link on Facebook this past Sunday.

Hundreds of people thought that a legitimate-looking coupon, complete with a Publix logo, coupon code, and even an expiration date, was the real thing.

ID thieves might be behind fake Publix coupon WTSP

“I looked it up on Facebook,” said Sedita, “And I tried to do it, and was saddened to see that it was a scam.”

The bogus promise of $100 off $120 worth of groceries, is now circulating on several websites and Facebook. It seems too good to be true, and it is.

But it’s been spreading so rapidly, that Publix has taken to social media on its legitimate site to issue its own warning.

“Our recommendation to our customers is to not participate in the promotion or provide their personal information,” said Brian West, a spokesperson for Publix.

To get to the fake coupon, users have to visit a listed website and then share that on Facebook.

At that point, customers say they have been asked a series of questions that start out harmless but eventually become more personal.

“These guys are getting smarter and more sophisticated because they want your information,” said Brett Kappes, owner of performance computer group in Tampa.

Kappes helps people who have been victimized by such scams. And that personal info, he says, maybe sold to marketers.

In some cases, however, Kappes says social media accounts maybe hijacked. Viruses, planted.

“And in some cases, they can get so much information that it can become an identity theft thing,” he said.

Cybersecurity experts say when it comes to social media, people are often far too willing to post or handover sensitive, personal information.

They suggest having an up-to-date antivirus program, and running it on your computer to check for — and remove — potential problems.

For more important advice in securing your identity online and identifying potential pitfalls, click here.