Latest NewsGlobal cyber standards aren't enough to secure central banksTony CampbellIT News
September 23, 2016 - It took the theft of US$81 million earlier this year from Bangladesh’s central bank before others across the world felt compelled to take action to tighten security.
Months of investigations have revealed weaknesses all across the banking industry, while revelations of insiders being directly involved in the heist have now led to the banks setting up a taskforce that will creat[e] a set of standards to bolster the banking network against the threat of cyberattack.
While this sounds at face value like a good outcome, the question is whether standards are enough when other standards and legislation don't seem to be preventing successful attacks in other industries....while standards and legislation certainly help to focus a business on which controls are needed to protect their information, unless the business intrinsically follows these standards at every layer of its operations, not just in a few key high-profile areas of focus, then the extreme complexity of a modern organisation will almost certainly ensure that the security they feel is nothing more than a platonic relationship with the standard....
Businesses need to stop kidding themselves that compliance and standards are the answer to the cybersecurity problem. Start by focusing on what’s important: looking into the depths of your technical systems for the vulnerabilities that, if discovered by an attacker, will be the chink in your armour.
No standard will tell the banks how to attain this level of visibility in their security. Don't hide behind the façade of standards and legislation and tackle the problem head on. ...Full Story
NIST Seeks Comments on Cybersecurity Reports
EE Times September 22, 2016 - The US National Institute of Standards and Technology (NIST) has recently issued two draft reports on cybersecurity issues of interest to industrial IoT users, and is seeking industry comment before making their final revisions. One report describes the proposed manufacturing profile for NIST's Cybersecurity Framework. The other addresses cryptography standards and practices for resource-constrained processors....The recently-released draft Manufacturing Profile focuses on the desired cybersecurity outcomes for manufacturing systems and provides an approach for achieving those outcomes. It defines specific cybersecurity activities and outcomes for the protection of the manufacturing system, its components, facility, and environment....The second cybersecurity report, DRAFT NISTIR 8114 -- Report on Lightweight Cryptography, outlines NIST's effort to develop a strategy for the standardization of lightweight cryptographic primitives such as block ciphers, hash functions, and message authentication codes. Such primitives can help developers achieve a better balance between security, performance, and resource requirements in specific resource-constrained environments than the more general-purpose conventional cryptographic standards.... ...Full Story
CEN and CENELEC position on Standard Essential Patents and Fair, Reasonable and Non-Discriminatory (FRAND) commitments
CEN/CENELEC September 21, 2016 - ...In this position paper, CEN and CENELEC also present their first reply to the call by the European Commission to enhance the collaboration with the European Standardization Organizations, the European Patent Office and European industry to find suitable solutions regarding the use of essential patents in standards. This request was made in the recently published communication on "ICT Standardization Priorities for the Digital Single Market"....As per the main findings of this Paper, CEN and CENELEC:
- consider as indispensable that patent holders commit to grant a licence under FRAND conditions;
- consider that it is not in their role to undertake the assessment of patent essentiality, scope, validity and strength;
- insist that standardization organizations shall never interfere with licensing negotiations;
- do not support initiatives to provide guidance on, or impose compliance with, FRAND pricing, valuation and rate-setting methodologies;
- stress that FRAND has no precise pricing content, but instead is a “comity device” designed to promote good faith negotiation between patent owners and prospective licensees;
- welcome the EU Commission Communication’s and promote an open, strong and effective disclosure policy.... ...Full Story
Open Source and Open Standards
OMA September 20, 2016 - The traditional means of innovating the mobile network has been through the thoughtful and consensus-based efforts of technologists working in a standards setting environment. However, the maturation of the Internet as an application platform and the related rise of Internet-enabled device and service providers, especially on the Web, have helped renew a focus on innovation and differentiation. The development of 5G networks and the Internet of Things (IoT) will employ a process likely to be dominated by agile development of technology and platform prototypes often in Open Source, collaborative projects, which put a premium on “code first”. In light of this industry shift, the Open Mobile Alliance has embarked on a survey of mobile and IoT industry professionals to shed light on trends towards cooperation between the Open Standards and Open Source communities....As the results of this survey show, Open Source software is a growing trend in the next generation mobile and IoT industries and standardization will continue to be the foundation on which interoperable products and services are built. The vitality of the wireless ecosystem demands that the standards development community and the Open Source community bridge the gap in work practices and deliverables to ensure efficiency and interoperability across the mobile value chain. ...Full Story
Qualcomm Follows Ericsson’s Lead in Joint Patent Licensing
Wall Street Journal September 19, 2016 - Five big holders of cellular patents, including Qualcomm Inc., are joining an effort proposed by Ericsson AB to jointly license patents in an emerging field called the Internet of Things....
Companies that hold such “standard essential” patents, as they are called in the industry, have at times gotten into disputes over licensing policies at industry forums or lawsuits with other technology giants. Ericsson and Apple Inc., for example, engaged in almost a year of patent litigation in several countries before reaching a settlement in December. ...Full Story
New standard instructs on acceptance of classifying machine vision systems
Vision Systems Design September 16, 2016 - Liquid lenses can be used to maximize imaging system flexibility across a wide variety of applications requiring rapid focusing. By integrating a liquid lens, the imaging system can change the plane of focus in milliseconds in order to provide sharp images, regardless of the object’s distance from the camera....The standard, which uses examples from industrial inspection technology as a guideline and is intended for users and suppliers alike, discusses the advantages and disadvantages of different acceptance concepts, such as acceptance involving sample catalogues and acceptance on the basis of products from current production.... ...Full Story
NFC Forum Forms Partnerships with Three Industry Consortia
NFC Forum September 14, 2016 - The NFC Forum announced today the signing of liaison agreements with the Car Connectivity Consortium (CCC), the FIDO (Fast IDentity Online) Alliance, and the Smart Ticketing Alliance. The goal of the alliances is to collaborate on joint projects to advance the adoption and usability of Near Field Communication (NFC) in key markets and technology sectors, including automotive, public transportation, and digital identity.
All of the collaborations are focused on educating the market, unleashing innovation, and removing barriers to interoperability. For consumers, they will help ensure that NFC's benefits of greater ease, simplicity and enhanced security will be available in more places and more ways -- when driving in their cars, taking public transport, or seeking to engage in secure online activity.... ...Full Story
CompactFlash Association aims for a comeback with another new card format
Imaging Resource September 15, 2016 - A decade or two ago, CompactFlash cards were where it was at. The flash card format won out over rivals thanks to a tradeoff that allowed -- by the standards of the time -- generous capacity and relatively compact dimensions....Then the cost of flash memory went through the floor, capacities for the rival -- and far more compact -- SD and Micro SD card formats soared, and CompactFlash suddenly found itself to be something of a relic, consigned only to a handful of cameras that were mostly aimed at pros....Now, the CF Association is back for another try, promoting its new CFexpress format as the answer.... ...Full Story
The King is Dead/Long Live the King Long ago, back in the 1990s, a German company called StarOffice developed an office suite to compete with Microsoft Office. Later, Sun Microsystems acquired the code and released its OpenOffice open source suite, based on the StarOffice code. The biggest standards war of the last twenty years eventually ensued between ODF, instantiated in OpenOffice and elsewhere, and OOXML, instantiated in Word. Later, Oracle acquired Sun and abandoned support of OpenOffice, eventually contributing it to the Apache Foundation. Community developers subsequently forked OpenOffice, and over time the developer community migrated to the fork - LibreOffice - maintained by the newly formed OpenDocument Foundation. That brings you up to date for what follows in the two items below. For much, much more, see my hundreds of blog entries on this saga, which you can find here: http://bit.ly/2cF1cYd
Italian military move first 8000 PCs to LibreOffice
EU Joinup September 13, 2016 - The Italian military have switched the first 8000 PC workstations to Libreoffice, an open source office productivity suite, reports Sonia Montegiove, a software analyst working for the Italian province of Perugia who is helping the military with the switch to LibreOffice.
Over the next four years, the LibreDifesa project aims to migrate all of the Italian military’s well over 100,000 desktops PCs to LibreOffice. This would make it the largest free software transition involving desktop PCs by a European public administration. The LibreDifesa project should help save EUR 26 to 29 million.
For the military, the main motives for the switch include interoperability and long-term accessibility of documents and information.... ...Full Story
Apache OpenOffice VP discusses exit strategies as volunteers jump ship
The Register September 13, 2016 - OPENOFFICE could be about to fall under a bus of disinterest as its contributors leave in droves.
The Sun Microsystems open source productivity suite, now in the hands of the Apache Foundation, has suffered, at least in part, from the more organised LibreOffice forked from the original but being run on a more formalised release schedule.
The result is that OpenOffice has fallen behind and is in a potentially inescapable spiral. Meanwhile, LibreOffice has attracted corporate customers and the UK government....Hamilton then goes on to outline possible options for retirement, ranging from protecting the codebase to the stopping of social media interaction. It suggests that OpenOffice could release a final version that would be definitive, to all intents and purposes, and leave a final point of contact for anyone interested in the brand....the last major release for OpenOffice was in October 2015. ...Full Story