Tuesday, April 22, 2014

Nokia Will become Microsoft Mobile

Nokia, Microsoft Mobile

Microsoft reported that they will close the $7.9 billion purchase of Nokia's handset business this coming Friday. Microsoft general counsel Brad Smith said that the deal was delayed by a month because they needed to clear regulatory clearances in Asia and that it will be completed on April 25.

"This acquisition will help Microsoft accelerate innovation and market adoption for Windows Phones," he said.

Nokia was the top mobile maker before it was overtaken in recent years by Samsung and Apple. A leaked online said that Nokia brand will be renamed as Microsoft Mobile according to an article on the site NokiaPowerUser.

The leaked letter seems to be a letter to Nokia's devices and services business suppliers.

    "Under the terms of the sale, Microsoft will assume all rights, benefits and obligations of the Nokia Devices and Services business, including Nokia’s agreements with suppliers, customers and partners which pertain to the Devices and Services business. Therefore, the purpose of this letter is to update you that the current terms and conditions that you have with the Devices and Services business will not change.

    Please note that upon the close of the transaction between Microsoft and Nokia, the name of Nokia Corporation/Nokia Oyj will change to Microsoft Mobile Oy. Microsoft Mobile Oy is the legal entity name that should be used for VAT IDs and for the issuance of invoices."

The letter also stated that Microsoft Mobile Oy will be creating new bank accounts, however they will not change the invoice sending method.

Nokia have said that they expect to complete the sale of its Devices and Services Business to Microsoft Corp. this month.

Last September 2013, Microsoft divulge their plans to acquire Nokia for $7.2 billion, and Nokia shareholders agreed to the deal in November.

Wednesday, April 9, 2014

Internet Data Security at Risk because of a bug called "Heartbleed"

Heartbleed, bug, SSL Codenomicon, Internet Data Security

A major security bug has been recently discovered that put millions of usernames, passwords and credit card numbers at risk from hackers. The bug has been exploited by hackers and NSA who snoop at everyone for more than two years. The bug is called "CVE-2014-0160" or "Heartbleed."

This is a different kind of breach, it is not like a web site getting hacked. It is a major bug, the code that suppose to keep servers secure has a flaw. Servers that keep data for thousands of sites. Experts say that this is the worst bug yet and everyone who uses the internet, do business using the internet should be worried.

It is like forgetting to unlock your car or your home, you may never know if a burglar will help themself stealing your stuff.

A Finnish security firm Codenomicon conducted a test exploiting the "Heartbleed" bug to try and steal data here how it goes:

"We have tested some of our own services from attacker’s perspective. We attacked ourselves from outside, without leaving a trace. Without using any privileged information or credentials we were able steal from ourselves the secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication."

"Heartbleed" bug was discovered in a type of software called OpenSSL. OpenSSL is used on servers to encrypt sensitive information to protect people’s privacy. More than 500,000 servers were reportedly vulnerable.

Last March, another open-source encryption library "GnuTLS" discovered a bug that fails to correctly validate certificates. Now it's OpenSSL turn.

Administrators and vendors are scrambling to patch this bug since OpenSSL is used by millions of websites and it has affected almost everyone. The only way you website is not affected by this bug is if your website is not using SSL or you have an outdated versions of OpenSSL which are also equally risky.

As for Amazon, they are working to patch "Heartbleed" memory-leak vulnerablities in their Amazon Web Services hosting infrastructure.



Here are Online Tests that you can use:
http://possible.lv/tools/hb/
https://www.ssllabs.com/ssltest/
http://filippo.io/Heartbleed/