Archive for September, 2011

Browsers tackle the ‘BEAST’ Web security problem

Friday, September 30th, 2011

Browser makers are devising ways to protect people from a security protocol weakness that could let an attacker eavesdrop on or hijack protected Internet sessions. Potential solutions include a Mozilla option to disable Java in Firefox.

The problem–considered theoretical until a demonstration by researchers Juliano Rizzo and Thai Duong at a security conference in Argentina last week–is a vulnerability in SSL (Secure Sockets Layer) and TLS (Transport Layer Security) 1.0, encryption protocols used to secure Web sites that are accessed using HTTPS (Secure Hypertext Transfer Protocol).

The researchers created software called BEAST (Browser Exploit Against SSL/TLS) that can decrypt parts of an encrypted data stream and can be used in what is known as a “man-in-the-middle” (MITM) type of attack. BEAST uses JavaScript running in the browser and can let an attacker snoop on traffic, as well as impersonate a Web surfer by compromising session cookie data used to authenticate a Web surfer with a site. More details and a video of the demo are on Duong’s blog.

Here are responses from representatives of the major browsers:

“We are currently evaluating the feasibility of disabling Java universally in Firefox installs and will update this post if we do so,” a Mozilla Security blog post says. “Firefox itself is not vulnerable to this attack. While Firefox does use TLS 1.0 (the version of TLS with this weakness), the technical details of the attack require the ability to completely control the content of connections originating in the browser, which Firefox does not allow. The attackers have, however, found weaknesses in Java plugins that permit this attack. We recommend that users disable Java from the Firefox Add-ons Manager as a precaution.”

Internet Explorer
“We consider this to be a low risk issue for customers, but we released Security Advisory (2588513) to provide guidance and protection for customers with concerns,” Jerry Bryant, group manager of Response Communications at Microsoft Trustworthy Computing, said in an e-mail. To be clear, Internet Explorer depends on the Windows implementation of these protocols, so our mitigations and workarounds apply to the operating system and not the browser. We are looking at other ways to address the issue both in our products and within the industry and will update our guidance as it becomes available.”

A Google representative referred CNET to a blog post from late last week written by Adam Langley, a member of the Chrome team, that said the company was preparing and testing a workaround. “The attack is still a difficult one; the attacker has to have high-bandwidth MITM access to the victim. This is typically achieved by being on the same wireless network as the victim,” the post says. “Nonetheless, it’s a much less serious issue than a problem which can be exploited by having the victim merely visit a Web page. (Incidentally, we pushed out a fix to all Chrome users for such a Flash bug only a few days ago.)”

Opera developed a fix and tried shipping it in Opera 11.51 but found that changes made to how the browser connects to servers were “incomprehensible to thousands of servers around the world,” Opera’s Sigbjorn Vik wrote in a blog post. “This issue will have to be solved in close cooperation between browser vendors and Webmasters. Since this cannot be directly exploited in Opera, we decided to wait until we have an industry agreement on how to move forward. We have test systems in place which can connect to millions of secure sites around the world and detect how these sites will react to changes to the protocol. We will be sharing our results from these test runs with other browser vendors and affected parties, to give us a good basis for finding the best solution to the issue.”

Apple representatives did not respond to e-mail or telephone requests for comment about the Safari browser.

Just upgrading to TLS 1.1, which is not vulnerable to the threat, won’t work because nearly all SSL connections use TLS 1.0, according to a Qualys study reported on by Dan Goodin at The Register, which broke the BEAST story. In addition, “upgrading TLS is proving surprisingly difficult, mostly because almost every fix breaks widely used applications or technologies,” he wrote.

Source:  CNET

Cisco, Microsoft cooperation on virtual switching gives customers new option

Tuesday, September 27th, 2011

Cisco support will make Microsoft’s Hyper-V environment more attractive to corporate customers, but it remains to be seen whether that’s enough for Hyper-V to give VMware’s ESXi a run for its money.

Cisco says it will offer virtual switch support for Hyper-V that is similar to what it already offers to VMware environments via its Nexus 1000v virtual switch, meaning a richer network layer view of what’s going on among virtual machines.

The collaboration of Cisco and Microsoft will give customers better monitoring and control of the virtual environment than they would get with the current option — using the native virtual switch that ships with Hyper-V, says Mike Spanbauer, principal analyst with Current Analysis. “There’s simply more features than within the [Cisco] switch,” he says. “There are more network features to support a more manageable environment.”

Spanbauer says it’s not clear what effect Cisco’s support for Microsoft will have on the percentage of customers that choose Hyper-V over ESXi, a battle that currently is pretty convincingly being won by ESXi. “This will further extend visibility and control so the network team can manage and influence data flows and have some handle on the performance of the entire environment,” Spanbauer says.

But customers using VMware instead will have similar improved visibility. “My guess is that it will be close if not equitable,” he says.

How big a deal this will be when it comes time for enterprises to pick a virtual environment isn’t clear. “It’s hard to determine how influential network insight is to virtual-platform choice,” he says. Customers ultimately will decide based on whether the Hyper-V option solves specific problems they are having managing cloud deployments, he says.

The decision won’t be made just based on that, though. Factors such as storage, memory and licensing issues will all weigh into what customers ultimately choose, he says.

Cisco’s support for Hyper-V will come next year only after Microsoft releases Windows Server 8, which includes Hyper-V 3.0 and its augmented virtual-switch capabilities.

Cisco says it will offer two ways to peek inside Hyper-V physical machines to mine network-layer information about Hyper-V virtual machines and to extend Cisco network-layer monitoring, management and configuration to them.

The first is a version of Cisco’s Nexus 1000V Series switch designed to support Hyper-V. It is a distributed virtual switch that fits Hyper-V virtual machines with virtual Ethernet cards that can be managed via another component of the switch, Cisco’s Virtual Supervisor Module.

The supervisor module is tightly integrated with Microsoft System Center Virtual Machine Manager, Cisco says, which will enable customers to set separate privileges for different classes of administrators. The Virtual Supervisor Module can be deployed on a physical appliance or on a virtual machine. The entire distributed switch can be hosted on a Cisco physical appliance called Nexus 1010 Virtual Services Appliance.

The combination gives current administrators in Cisco shops easier management of the virtual machines because they can deal with them via Cisco NX-OS software that they are already familiar with, Cisco says. The virtual machines seem as if they are extensions of the physical network, making it easier to enforce policies, to provision and to diagnose problems on the virtual machines, Cisco says. Rather than deal with the virtual environment separately, it is brought under one umbrella.

Nexus 1000V is also integrated with other Cisco products so their features can be applied to virtual machines. The virtual switch will support three virtual network services products at launch. First, Virtual Security Gateway provides zoned security policies for multi-tenant virtual environments. Second, Virtual Wide Area Application Services supports accelerated application performance for applications hosted on virtual servers in data centers and private clouds. Third, Network Analysis Module grants visibility into the virtual environment for troubleshooting performance problems.

The second alternative Cisco will offer for gaining better visibility into Hyper-Vis a new version of Cisco Unified Computing System Virtual Machine Fabric Extender, which extends Cisco management to virtual environments. The benefit is similar to that of Nexus 1000V in that it gives a network-layer view and controls of the virtual environment, Cisco says.

With UCS VM-FEX administrators can treat the physical and virtual elements of their networks as a single infrastructure for provisioning, configuration, management, monitoring and troubleshooting.

The new products will work with Windows Server 8 but not earlier versions of Windows Server. Existing versions of Nexus 1000V and UCS VM-FEX already work with Hyper-V competitor VMware’s virtual environments.

Cisco says pricing isn’t available yet for the new products.


10 Killer Windows Server 8 Features for IT Pros

Tuesday, September 27th, 2011

There so many new features and capabilities in Windows Server 8—it’s enough to make any IT pro’s head spin. It’s such a dizzying offering that I anticipate doing an overall general review of key features (when I receive the code) and then taking a closer look at separate components: Active Directory, Networking, Storage Spaces, Hyper-V and so very, very much more.

Windows Server 8 represents arguably one of the biggest changes to the Windows Server OS since Windows Server 2000 went RTM in 1999. Server 2000 was a significant upgrade to the previous Windows NT 4.0 Server—not only in feature set (in particular, with the introduction of Active Directory services), but cosmetically. Server 2000 offered the same Web-style folders view that was available in the Windows 2000 client. The overall look of Server 2000 was a modernization of the classic Windows 3.1 and NT interfaces.

While Windows Server 8’s interface negligibly deviates from Server 2008 R2, except for an updated Server Manager and Active Directory Administrative Center, the capabilities and features that have been added are far-reaching and affect every facet of the server OS including, storage, networking, virtualization, performance, and management. Yet, among all that extended functionality are some killer features that IT departments should get acquainted with first and foremost.

Although different IT departments and datacenters have varying needs for certain technologies and tools, there are several new capabilities in Windows Server 8 that most system administrators will appreciate. There is so much that is new or tweaked in Windows Server 8, it is really easy to get lost in the noise of the vast feature set. Here, I name the most impressive and critical among them. These are features most IT departments across the board can benefit from, no matter what their size or industry:

NIC Teaming: This is a much desired feature in datacenters: the ability to team multiple network adapters to aggregate bandwidth and provide failover. Previously, in order to deploy this feature in Windows Servers, sys admins had to rely on third-party vendors. For example, for fault tolerant NIC teaming, Microsoft had advised that network adapter vendors were the ones to go to for support. In Windows Server 2008 R2 NIC teaming is also achieved by installing the Microsoft Failover Cluster Virtual Adapter. However, based on demos Microsoft previewed, this is the first time Microsoft offers in-the-box NIC teaming of up to 32 NICs (theoretically) with no dependency on the type of network cards installed.

Live Migration: Windows Server 8’s Hyper-V VM Mobility migrates virtual machines between hosts within a datacenter or on separate networks. Migrations happen with no downtime and no disruption of connected clients. Sys admins can perform migrations without having to implement clustering or without any shared infrastructure.

AD Recycle Bin: The Active Directory Recycle Bin is a new GUI add-on with the Active Directory Administrative Center. With it, admins can view and restore any deleted AD objects. Objects can be restored to their original location or to a new container. Although the ability to restored deleted AD objects is not a new capability, it was done in 2008 R2 with scripting. Now, admins can quickly get accidently deleted items restored with the AD Recycle Bin.

Intellisense Powershell: Microsoft is advocating sys admins using PowerShell to manage Windows environments. A few advantages include the ability to manage remotely, and being able to manage tasks at a very granular level—more so that with the GUI. Plus, scripting allows admins to perform batch runs and schedule tasks. The problem is there are sys admins who are unfamiliar with PowerShell. Microsoft has incorporated Intellisense in PowerShell, which auto fills-in appropriate command line syntax as admins type, taking a lot of the guess work out of what appropriate PowerShell syntax should be.

DC replication: Windows Server 8 allows for fast deployment of Domain Controllers (DC) with virtual DC cloning. You can create replicas of DCs by cloning an existing one. DC can also be physical or virtual. DC replication is a great disaster recovery option—you can quickly recover an entire forest. A new option, “Allow this DC to create a clone,” makes a machine replicable. Admins can also run a PowerShell cmdlet to check if there are any unrecognized services running on a DC that cannot be cloned.

Cluster Aware Updating: Another feature implemented due to customer demand, Cluster Aware Updating (CAU), provides much management relief for system admins. Previously, when performing Windows updates on clustered machines, all or some of those machines typically had to be taken offline. Updating clusters involved much planning and possible scheduled downtime. Windows Server 8 updating tools now feature cluster-awareness. CAU updates all nodes in a cluster in an automated way with no downtime of machines in the cluster.

Claim Definitions: Claim definitions are used in Windows Server 8 for controlling access and auditing information. With this feature, files can be identified to have sensitive information—for example, documents that contain the word “confidential” or have social security numbers. Admins can use Group Policy and Active Directory to setup the users who should or should not have access to these sensitive files.

Storage across Remote SMB 2.2 File Shares: In Windows Server 8 access to shared storage is done by accessing file shares. The latest Windows OS does not employ logical unit numbers (LUNs) to identify logical units in a storage system. By using shared storage across SMB 2.3, admins have easier provisioning and management of shared storage by using regular file shares. This means you can have sophisticated shared storage of data from a variety of file servers—client files, VMs, databases—without a storage guru.

Hyper-V Network Switch: Hyper-V now has a virtual switch that handles traffic between VMs, the external network, and the host machines. It’s more than that, though. It’s extensible, which means extensions and solutions can (and very likely, will) be created to offer extra Hyper-V functionality, such as content security and filtering, customized management interfaces, traffic monitoring, and more.

Flexible Deployment: With Windows Server 2008, admins had the option to install a full version of the OS, or a more lightweight core version. Once you chose one install mode, you had to do a complete reinstall to get the server into another mode. Not so with Windows Server 8. Install modes can switch from full, to core, to full server without parts of the graphical shell. You can move back and forth between these modes without having to do a reinstall of the OS. This is ideal if, for example, the server is in core mode but you need the full GUI to install a third-party application.


Mac trojan pretends to be Flash Player Installer to get in the door

Tuesday, September 27th, 2011

Hot on the heels of last week’s Mac malware posing as a PDF is a new piece of malware posing as something even more insidious: a Flash player installer. Security firm Intego was the first to post about the new malware on its blog, noting that although the company has only received one report so far from a user who downloaded it, the malware does exist in the wild and may trick Mac users who don’t yet have Flash installed.

The malware in question is a trojan horse called Flashback (OSX/flashback.A); users may end up acquiring it by clicking a link on a malicious website to download or install Flash player. If those users also have their Safari settings to automatically open safe files (which .pkg and .mkpg files are considered to be), an installer will show up on their desktops as if they are legitimately installing Flash.

Continuing through the installation process will result in the trojan deactivating certain types of security software (Intego specifically noted that the popular Little Snitch would be affected) and installing a dynamic loader library (dyld) with that can auto-launch, “allowing it to inject code into applications the user launched.” The trojan then reports back to a remote server about the user’s MAC address and allows the server to detect whether the Mac in question has been infected or not.

The threat is currently marked as “low,” but Mac users are advised to follow safe security practices—don’t open files or attachments that you don’t remember downloading, and turn off Safari’s setting for opening safe files automatically. It’s also worth noting that Apple now updates its malware definition file on a daily basis, and has already updated it to address the PDF trojan discussed last week. If you haven’t already scoured the Internet for a malicious version of the Flash installer, then it’s likely Apple will have added the new malware to the file by the time you run into it.


Hacked used to serve Windows malware

Tuesday, September 27th, 2011

The MySQL site, whose open-source repository serves some of the most popular Web sites, has been hacked and was being used to serve malware to visitors running Windows before it was cleaned up today, a security firm said.

Armorize Chief Executive Wayne Huang and some of his firm’s researchers warned about the attack in a blog post today. acted quickly to remove the malware so computers would stop getting infected, but Huang told CNET he did not know how long site visitors were vulnerable or how many may have been infected. Armorize estimated that gets more than 100,000 page views a day and more than 34,000 unique daily visitors.

“The infection rate tends to be high for these types of attacks,” he said. “They handled it very quickly but that doesn’t mean they cleaned up the backdoors the attackers left” on the site.

Huang said he did not know how dangerous an infection would be to a computer that was hit with one, except to say that the malware would be very difficult to clean up and would still be running on the machine even after a reboot.

“We haven’t gone in depth in analyzing what this particular piece of malware does,” he said. “We know it changes some of your Windows .dlls (Dynamic-link libraries), probably to make sure it is permanently installed and running all the time. You may be able to clean it up, but it won’t be a trivial process.” representatives could not be reached for comment this afternoon. Representatives from Oracle, which owns, did not immediately respond to e-mails and calls seeking comment.

Before the infection was removed, the compromise redirected traffic to a BlackHole exploit pack that forces the browser to install a piece of malware on the machine, according to the Armorize Malware Blog.

“It exploits the visitor’s browsing platform (the browser, the browser plugins like Adobe Flash, Adobe PDF, etc, Java,…), and upon successful exploitation, permanently installs a piece of malware into the visitor’s machine, without the visitor’s knowledge,” the blog says. “The visitor doesn’t need to click or agree to anything; simply visiting with a vulnerable browsing platform will result in an infection.”

The Armorize blog also has a video showing how a visitor’s machine could have gotten infected from the site. Only 4 out of 44 vendors on VirusTotal site can detect the malware, Armorize said.

Meanwhile, Brian Krebs of the Krebs on Security blog said he had noticed someone selling administrative access to on an exclusive Russian underground hacker forum a few days ago for $3,000.

“I think it’s very likely that it’s related, esp with these Russian forums,” said Huang.

Source:  CNET

Mac trojan poses as PDF to open botnet backdoor

Saturday, September 24th, 2011

Malware continues to be a minimal threat to most Mac users, but that doesn’t mean attackers aren’t constantly trying to come up with new ways to steal information or turn users’ machines into botnet drones. The latter appears to be the case with a new Mac trojan posing as a PDF file, discovered by security researchers at F-Secure.

The malware in question has been identified as Trojan-Dropper:OSX/Revir.A, which installs a backdoor, Backdoor:OSX/Imuler.A, onto the user’s Mac. Currently, however, the backdoor doesn’t communicate with anything. The command-and-control center for this particular malware is apparently a bare Apache installation, which has been sitting at its current domain since May of this year. Because of this, users who might fall victim to this attack aren’t likely to see many ill effects for the time being, but that could change if the files end up spreading to a wider audience.

As mentioned earlier, this trojan spreads by masking itself as a PDF, which displays a Chinese-language document on the screen in an attempt to hide its background activity. This isn’t a new strategy on the surface, as F-Secure notes, but some deeper digging indicates that it might be stealthier than its Windows counterparts.

“This malware may be attempting to copy the technique implemented by Windows malware, which opens a PDF file containing a ‘.pdf.exe’ extension and an accompanying PDF icon,” reads the post on F-Secure’s blog. “The sample on our hand does not have an extension or an icon yet. However, there is another possibility. It is slightly different in Mac, where the icon is stored in a separate fork that is not readily visible in the OS. The extension and icon could have been lost when the sample was submitted to us. If this is the case, this malware might be even stealthier than in Windows because the sample can use any extension it desires.”

As for how this trojan is spreading, that’s a bit of a mystery. The researchers noted that they’re not yet sure of the methods it uses to propagate, but they believe the most likely explanation is that it’s circulating via e-mail attachment.


Windows 8 to offer built-in malware protection

Thursday, September 15th, 2011

Microsoft is including a beefier version of its malware protection in Windows 8.

The company is tweaking its Windows Defender tool, which has been part of the last few versions of Windows, by essentially adding some of the more robust features from its free Security Essentials product. Launched in 2009, Security Essentials has garnered generally positive reviews but requires a separate download, while the built-in Windows Defender has lacked certain key elements as a defense against malware.

At a demo of Windows 8’s security at Microsoft’s Build conference on Tuesday posted by The Register, Steven Sinofsky, president of the Windows and Windows Live division, said that “we’ve taken Defender, and we’ve actually built a whole new range of protection, all the way up through anti-malware, antivirus, all that is built into Defender.”

Beyond strengthening Defender, Microsoft is working to improve security from the boot level.

The demo at Build revealed a new feature called Secured Boot. Michael Angiulo, corporate vice president of Windows Planning and Ecosystem, showed off the feature by trying to boot up a computer with an infected USB stick. Instead of loading Windows, the computer detected the malware, stopped the boot process, and displayed a warning message that the system had been compromised.

Depending on the effectiveness of the new Defender and the other security measures, the news could be good for Windows 8 users but not so good for third-party antivirus vendors, according to Sophos consultant Graham Cluley. In a blog post yesterday, Cluley acknowledged that anything encouraging people to protect their PCs with the latest antivirus software is a plus, especially since too many home computers are still being assimilated into botnets.

But if PC owners have effective, built-in malware protection, will they still shell out their hard-earned dough for security software from Symantec, McAfee, and others? If not, Cluley doesn’t sound like he’d be too sorry.

“Frankly, it’s their own fault,” he said in his blog. “The two big security hippopotamuses have had years of opportunity to gobble up the end-user market, and yet still millions of home users were infected by malware, spyware and pop-ups each year.”

Cluley believes that third-party vendors may react to the new security in Windows 8 by cutting the prices on their own products or even accusing Microsoft of “anti-competitive practices.”

Source:  CNET

White Space database system to face its first trial

Thursday, September 15th, 2011

One of the database networks that will manage unlicensed broadband devices across the country will face its first public test beginning this Monday at 8:30am, and it will be a long one. The Federal Communications Commission’s Office of Engineering Technology says that for 45 days it will facilitate a public trial of vendor Spectrum Bridge’s database—designed to identify “white space” television band channels authorized for unlicensed use by broadband devices.

“We encourage all interested parties to test the database and provide appropriate feedback to Spectrum Bridge,” the announcement explains. The challenge is whether the Spectrum Bridge system properly registers TV channels available for use and those not available, protecting the latter from interference from white space gadgets that can sniff for and identify temporarily free TV bands.

Three database components

Spectrum Bridge provides software and support for wireless networks. Participants will be encouraged to test three key components of its white space database: the channel availability calculator, the registration utilities for cable headend and auxiliary broadcast sites, and the wireless microphone registration utility.

The FCC’s Spectrum Bridge site is up, but its links aren’t live yet. When they are, interested parties such as broadcasters and cable operators will be able to register their sites and presumably test the accuracy of their input. Meanwhile Spectrum Bridge itself has posted a set of white space related tools, including a national white space search app which has been around for several years, and a locator that identifies spectrum available for unlicensed wireless microphone operations.

The agency’s rules expect these databases to protect full-power broadcast TV stations, auxiliary service links, low-power TV stations, private mobile services, cable vendors, offshore telephone services, radio astronomy systems, and licensed or approved unlicensed microphone sites.

Multi-Video Programming Distributors (cable operators) and wireless microphone users will have to register their sites to gain protection from TV band devices. The coordinators of sites where large numbers of unlicensed wireless microphones will be used can also ask for protection, although the FCC hasn’t determined how that bit will work yet. In the meantime, Spectrum Bridge has set up a test registration system for wireless mics.

Help wanted

The Spectrum Bridge test is expected to last through November 2, but it could last longer if the Commission’s OET decides that more testing is needed. “During the trial, Spectrum Bridge may apply any corrective measures it determines are needed and will advise participants of such measures through the trial’s website,” the announcement notes.

This is only the first of a series of white space related tests that the Commission’s OET is expected to run. In November 2009, the agency posted a “help wanted” sign for white space database administrators. Lots of companies applied, and seven months ago, the agency announced the winners: Comsearch, Frequency Finder, Google, KB Enterprises LLC and LS Telcom, Key Bridge Global LLC, Neustar, Spectrum Bridge, Telcordia Technologies, and WSdb LLC.

“As part of its authorization process for TV band database systems, the Commission stated that each database will be subject to a public trial period of not less than 45 days to ensure that the database is providing accurate results before it is allowed to be made available for regular public use,” the FCC says.

If that means that each of these companies has to be tested, at 45 days a cycle, we are talking about over three hundred tryout days for the whole white space database team—and that doesn’t include the evaluation periods in between each trial. Even if it doesn’t take that long, clearly we are quite a ways from the hoped for or dreaded moment when unlicensed broadband devices are ready to go to market.


Hoax Email Purporting to Be FTC Spreads Malware

Friday, September 2nd, 2011

A malicious email is circulating that purports to come from the U.S. Federal Trade Commission and leaves computers infected with malware. The FTC began receiving reports of the viral scam Thursday afternoon.

David Torok, the FTC’s associate director for planning and information, says the FTC can’t yet tell the frequency of the email or confirm any trends among the recipients. Several callers have been small business owners who could be more likely to click on the links as the message is addressed “Dear business owner.”

The email’s subject line says “URGENT: Pending Consumer Complaint!” The body reads:

“Dear business owner, A consumer complaint has been filled against your company. Your company is being accused of trying to commit fraud against the complaint’s filling party. The full text of the complaint file can be viewed on the FTC website, in PDF format, by visiting the following link.”

After a malicious link, the reader is urged to call a FTC help hotline, use a secure online complaint form or email complaints to the FTC. It’s likely that people worried about their business’s supposed fraudulent activity would be most likely to respond to the message.

“One business owner said when they clicked on the link their computer immediately froze — that’s never a good sign.” Torok says, demanding a careful examination.

The FTC posted advisories on its phone line, social accounts and blog, saying the email message is a scam and warning recipients not to open the message.


Ofcom progresses with new wireless technology

Friday, September 2nd, 2011

Ofcom has today progressed plans for the introduction of White Space technology in the UK – the first country in Europe to do so. The technology uses signals that can travel large distances and easily through walls. This makes it suitable for a wide range of new consumer applications that could include rural broadband and Wi-Fi with up to twice the range of today’s technology.

The technology works by searching for unused areas of the airwaves or gaps called ‘White Spaces’ that exist in bands that have been reserved for TV broadcasts. These White Spaces are used to transmit and receive wireless signals. Recycling airwaves – or “spectrum” – in this way is a highly efficient use of what is a very limited resource.

White Spaces offer significant capacity to help alleviate pressures on wireless networks. To put the scale of this capacity into perspective, we expect the amount of white space to be comparable to spectrum that is currently available for 3G services, and significantly more in some locations.

Compared with other forms of wireless technology, such as Bluetooth and Wi-Fi, White Space devices are being designed to use lower frequencies that have traditionally been reserved for TV.

Ed Richards, Ofcom Chief Executive, said: “At an early stage Ofcom identified the potential of White Spaces, which are currently lying vacant all around us. Within Europe, we have been leading the way to try to harness this capacity without causing harmful interference to existing users of the spectrum. The solution we have devised creates the opportunity to maximise the efficient use of spectrum and open the door to the development of a new and exciting range of consumer and business applications.”

These applications include:

Enhanced Wi-Fi: The majority of current Wi-Fi devices operate in spectrum at 2.4GHz. White Spaces could provide new capacity, while boosting the range of devices, potentially enabling Wi-Fi networks that stretch across towns and cities. This is thanks to the lower frequency of TV White Spaces (typically between 470 and 790MHz).

Rural broadband: White Spaces could be used to provide rural locations with broadband services. In practice, this could be achieved by building a network of transmitters that use White Spaces to link remote houses and villages to larger towns that are already connected to the internet. Trials are currently being undertaken by industry to test this on the island of Bute, Scotland.

Machine-to-Machine Communications: A relatively new area of innovation called Machine-to-Machine Communications allows information to be exchanged between devices. Many experts believe that in the coming years billions of devices will be able to connect wirelessly and via the internet for a range of applications. White spaces could be used to wirelessly transmit this information, using its additional range to reach deep inside buildings. This could be especially useful for wirelessly measuring utility meters in consumers’ homes – just one of a wide number of potential applications. Other examples include using White Spaces to keep an inventory of stock owned by a business, or making it easier for scientists to conduct research by automating the measurement of different readings.

How white spaces devices will work in the UK

White Space technology will work in a similar way to Wi-Fi, which uses a wireless router to send and receive information to other wireless devices.  The main difference is that the White Space router – or “master” device as it is known technically – will first need to consult a list of databases hosted online. It will notify one of these databases of its location and update it on a regular basis. The database will then return details of the radio-frequencies and power levels it is allowed to use. This will ensure that the devices do not interfere with existing licensed users of the spectrum, which include Digital Terrestrial Television and wireless microphone users.

Ofcom has decided to allow multiple third-party providers to develop databases, which will create a competitive marketplace and incentivise operators to provide the best database service to consumers.

Licence exempt

Ofcom has decided to make White Space devices licence exempt. This means that they will be allowed to operate without the need for an Ofcom licence on the condition that they do not cause harmful interference to existing users of the spectrum.

Next steps

The next step is for Ofcom to consult on a draft Statutory Instrument to make white space devices licence exempt. Ofcom also plans to work with stakeholders to make information about existing licensed services that operate in the TV band available to prospective database providers. Ofcom will also specify and potentially consult further on the database requirements and the providers that wish to be accredited by Ofcom.

Ofcom expects that White Space technology could be launched in the UK in 2013.

Ofcom is also considering the future use of other White Spaces – such as those in the band currently used by FM radio services.


Building Windows 8: Accessing data in ISO and VHD files

Thursday, September 1st, 2011

From the Microsoft Windows 8 Development Blog:

In continuing with the improvements in core Windows functionality and also oft-requested features, we are adding native Explorer support for ISO and VHD files in Windows 8. While terabytes of storage are available to all of us, managing disk (or disc) image formats remains important for a number of mission-critical operations in many organizations and among power users. We know even more support for VHD is a big request, so stay tuned. Rajeev Nagar authored this post. He is a group program manager on our Storage & File Systems team. –Steven

The trend of incredibly large and small form-factor hard disks means we can store ever increasing amounts of data without worrying about running out of capacity. Windows 8 enables easy access to the contents of two important storage formats, ISO and VHD files. While we generally think of these formats when they appear on media, they are also very useful as files within a file system and that is where native support in Explorer comes in handy.

Working with ISO files

While optical discs continue to be useful in many situations, large hard disks allow us to decrease our dependence on them. Personally, I’ve spent a load of my time (legally) ripping about 900 GB worth of music, and more recently almost 1TB of home video DVDs into my collection. I know that my backup of our photos and home movies is probably the most important data in my house. Together with backups, storing the most basic things in my house now requires terabytes of space. Just a couple of years ago that was an unimaginable amount of storage. These days, however, I know I can buy a 3TB hard disk for less than $200.

Given cheap hard disks and our mobile lifestyle, we have little interest in carting around collections of discs. Also, we expect to be able to receive content as well as share and collaborate with friends, family, and colleagues in an instant – typically through online file transfers. Last but not least, our desire for thin and light form factors such as slates and ultra-mobile laptops often leaves no room for vendors to add optical disc drives. This is exactly the feedback we received from many of you who used Windows 7 – the ability to directly use ISO files (also known as ISO images) without requiring a physical CDROM or DVD drive is very important.

A quick refresher on ISO files might be helpful. ISO refers to the International Organization for Standardization which is an international standard-setting body, and a world leader in developing and publishing international standards. For the purpose of this blog entry, our interests lie in a couple of standards published by ISO, namely ISO-9660 and ISO-13346. Simply stated, these two standards each describe a method by which photos, video, applications, documents or other content (excluding CD audio) are organized on CDROM or DVD optical media. The reason for the popularity of these standards is they allow CDROM and DVD media content to be easily interchanged across systems from different vendors e.g. you can create a DVD on a Windows PC and read it in your living room DVD player. An ISO file is simply a disc image stored as a file, composed of all of the contents of a CDROM or DVD disc. You can also think of an ISO file as a full-fidelity image (digital copy) of the optical disc.

ISO files are used by vendors to distribute software. Backup applications also store content in the ISO format and many utilities allow creation of an ISO file from existing CDROM or DVD media. Once created, these files can be sent around, downloaded, and stored just like any other file – however, before you can access the photos, video, applications, documents, or other content contained within the ISO file, you either have to “burn” the ISO file to a writable optical disc or download and install software that allows you to “mount” and access the ISO file contents directly (i.e. without burning). With Windows 8, we have eliminated this last step – you can simply access the contents of the ISO file without needing either needing to burn a new disc or needing to find/download/install additional software just to logically access the ISO.

So how does this work in Windows 8? It’s quite simple – just “mount” the ISO file (you can select mount from the enhanced Explorer ribbon or double-click or right-click on the file), and a new drive letter appears, indicating that the contents are now readily accessible. Underneath the covers, Windows seamlessly creates a “virtual” CDROM or DVD drive for you on-the-fly so you can access your data. Let’s walk through the flow that will enable you to access such an ISO file.

As you see in the figure below, we have three ISO files in a local folder. The one we will work with contains the (legally obtained) Office application suite. To mount the ISO, you can either double click the file or click Mount on the Actions tab.

Mounting a new ISO

Once you mount the ISO, a new drive letter appears for the virtual CDROM/DVD drive that Windows seamlessly creates. The contents of the ISO are accessible just as they would have been had you inserted the CD/DVD media into a physical optical drive. Only, operating on the contents happens at the speed of your hard drive, not an optical drive.

The mounted ISO appears as a new drive letter

Once you are done using the ISO, you can (virtually) “eject” it, and the virtual drive disappears.

Virtually ejecting an ISO

In case you need a utility to create ISO images from existing optical media, there are many tools that give you that capability. One I use is the Oscdimg command line tool that is available as part of our automated deployment kit.

That is it! Accessing ISO files has now become a snap with Windows 8. Regardless of whether you have an optical drive accessible to you or not, accessing your data is never a problem.

Working with VHD files

Another place we’ve simplified access is with Virtual Hard Disk files. Virtual Hard Disks are the format used by Virtualization software Hyper-V or Virtual PC. In a future blog post, we’ll talk more about the enhancements to Windows Virtualization technology, Hyper-V.

The Virtual Hard Disk (VHD) format is a publicly-available image format specification that allows encapsulation of the hard disk into an individual file for use by the operating system as a virtual disk in all the same ways physical hard disks are used. The VHD format is used by Hyper-V to store information for Virtual Machines. In Windows7 & Windows Server 2008 r2 we have the ability to boot the system off a VHD file, and we had command line and MMC plugins for managing them. VHDs are handy for portability of system settings or to play back what has been saved as a snapshot of a system.

Accessing a VHD in Windows 8 is as simple as what we’ve done with ISO files, but there is one important difference: rather than appearing as a removable drive (as is the case with ISO), VHDs appear as new hard drives.

Accessing a VHD

Underneath the covers, Windows provides a virtual drive letter pointing to the volume within the VHD. You’ll notice that the icon for the drive G: below is the same as the icon for a VHD file.

The VHD appears as a hard drive

You can then work with the virtual hard disk just like any other file storage in your system, whether you are modifying, adding or removing files.

Ejecting the VHD

Once you’ve finished working with the VHD, like an ISO, you can right-click it and click Eject (or just use the Eject button on the ribbon). Any changes you’ve made remain saved within the file.

Here’s a quick demo to show you what it looks like to mount ISOs and VHDs on a new “Windows 8” system.

Download this video to view it in your favorite media player:
High quality MP4 | Lower quality MP4