A look back at 10 years of CES

The content below is taken from the original ( A look back at 10 years of CES), to continue reading please visit the site. Remember to respect the Author & Copyright.

So, here we are on the eve of CES 2020 — the supersized buffet of an annual consumer electronics show in Las Vegas, where we not only get a sneak peek of what to expect from tech companies this year, but also to take the pulse of how people are responding to what’s out there.

CES is all about “the future,” and we’ll be here this week covering all the big stories and themes. But what about the past? In the spirit of 2020 hindsight, here are some of the most notable headlines and trends of last 10 years of CES.

Take a look and let us know what you think have been the biggest themes coming out of the event in the comments below.

CES 2010

Palm’s ‘turnaround’. The mobile upstart launched its first smartphones, the Pre and Pixel, in 2009, and found a hardcore group of fans that loved the look of the devices, and all the features that set it apart from Android and iOS. 2010 was about gaining momentum. Palm CEO Jon Rubenstein (one of the early pioneers at Apple making the iPod) made some waves onstage by claiming that he had never used an iPhone. Bullish talk that helped cement the company’s independent image. Palm also saw its stock rise by 10% after it announced at a press conference that it would sell its devices through a lucrative deal with Verizon Wireless (which now owns TechCrunch). (All proved to be short-lived, and many lamented that Palm was probably too ahead of its time.)

Meanwhile, the battle between iOS and Android raged on. In 2010 the story was about how AT&T was finally adding its first Android-based smartphones to its lineup (remember that it was the exclusive carrier of the iPhone as its first foray into the new generation of touchscreen smartphones). Motorola “Backflip” smartphones, and tablets and smartbooks from Dell, were among the other mobile devices announced that year.

Natural User Interface.Here’s a prescient article by then-CEO of Microsoft Steve Ballmer written on the heels of CES about the new ways we will be interacting with devices in the way ahead, covering touch, gesture and voice, and very dependent on the cloud. He gave a specific nod to Project Natal, which Microsoft showed off at CES and eventually became Microsoft’s Kinect gesture technology. Ballmer was absolutely on the money, although I’d be interested to know if he suspected just how big of a role his neighbor Amazon would play in that new era.

Other themes in the year included the usual boost in TV technology, this time around 3D; and some early signals of a smart car future with news from the likes of Nvidia and Ford.

CES 2011

RealNetworks and cloud-based music. This was absolutely the direction music would be going. RealNetworks would not ultimately be the top dog in this game, but back in 2011 it was the one leading the charge with a service called Unifi, lauded at the time for being first to market before Apple and Google — and Spotify — in presenting a way to merge what you buy online with what you might already own in terms of digital files. Alas, being an early mover does not always pay off, a theme of its own. Real Unifi quietly died a death and its URL is particularly iffy now.

4G. 2011 was also the year of LTE and 4G announcements from many carriers, from T-Mobile announcing sales of 900,000 4G handsets, to HTC unveiling its first 4G device.

The year of many phones (and specifically phone brands) that did not stand the test of time. Sister site Engadget (a monster when it comes to comprehensive CES coverage) highlighted its list of the best tablets and smartphones, a selection including Motorola, Notion Ink, BlackBerry, and Vizio — a veritable graveyard of brands. It was also the year of Android tablets set up for the future using Honeycomb… another dud, as it turned out.

Vroom vroom. We might take for granted that cars are a major component of CES today — after all, they are essentially very large, mobile pieces of hardware — but that wasn’t always the case (not least because the mammoth Detroit Auto Show is just around the corner in the convention calendar). In 2011, Ford unveiled its first foray into electric cars at the show, setting up a decade of major car advances getting launched at CES.

CES 2012

Remember when Nokia was the world’s biggest mobile handset maker? This was the year that it made some critical shifts in its downturn. CES 2012 was the event where the company unveiled its first Windows Phone-powered smartphone for the US market, to ship exclusively via AT&T.  This proved to be a step along the road to Microsoft buying Nokia’s handset business outright, an ill-fated move that ultimately left both brands in a ditch as far as that market was concerned. But in 2012, there was still a lot of hope and enthusiasm for both.

More smart TV advances: Today we take integrated services and very light hardware like Fire TV sticks and Chrome Casts for granted. That was not the story in 2012, though, where a Samsung TV that integrated DirectTV without a box made headlines.

Steve Ballmer gave his last Microsoft keynote at CES (because Microsoft pulled out of the show keynote roster after that year) and announced a date for the Kinect (some two years after highlighting gesture as something that was going to be coming at us fast).

CES 2013

Hoppin’ mad! This was the year that big media took a bite out of streaming media. CNET, which had been running ‘best of’ awards on behalf of CES for years, was asked to remove the ‘best of show’ award that had been given to Dish’s Hopper with Sling (which let you watch programs recorded on your Dish DVR on your iPad) after the legal team of its parent, CBS, intervened. The interference was nefarious: CBS was embroiled in a lawsuit with Dish, tainting the whole business of then bestowing the award upon Razer. The whole thing was uncovered, criticized even by CNET itself. Then, Dish was awarded Best of Show some weeks later. As with so much else in the question about the best way to move content from one device to another, the answer was coming from somewhere else altogether: the cloud — that is to say, streaming services have trumped both the Dish Hopper and whatever else was competing against it.

Nvidia Shield. A big leap for Nvidia, the company that had already made its name with graphics and other processors used in high-performance computing devices and connected cars for gaming, artificial intelligence applications and more. 2013 was the year it revealed its own hardware in the form of a gaming device called Project Shield, powered by its newest processors. Shield has continued to grow over the years.

Oculus Rift. It was still going to be another year and a bit before Oculus got snapped up by Facebook for $2 billion, and the Rift virtual reality headset didn’t actually launch at CES, but this was a kind of coming-out party for it nonetheless, since it was the first time that the company had set up a stand to provide demos to any and all comers. The result was a lot of buzzy exposure (reported on by multiple outlets) to build up interest in the device. This in itself was a stage two media strategy: The company had launched on Kickstarter with a lot of fanfare prior to this — another notable trend for CES this year, where another crowdfunded blockbuster, the Pebble Smartwatch, exhibited for the first time, too.

CES 2014

oculus

Wearing thin… Wearable tech was everywhere at CES this year and definitely became a bigger theme as the year went on. Indeed Google did the wide launch of Google Glass as a consumer product just a few months later, although it took Apple until April 2015 to launch its first Watch. (That Watch, incidentally, has been one of the most successful of all wearable efforts…. There’s that late mover advantage again). Many voices were already crying foul: Just because you can build something to put on your wrist, or head, or finger, or on your jacket, or wherever… does that mean you necessarily should? And if you do, will anyone want to buy it, or will it collapse into history books as a novelty?

Honk honk. After a couple of fallow years where cars were more certainly present but not previewing blockbuster changes, 2014 was the year they changed gears. Google announced the Open Automotive Alliance, including partnerships with GM, Audi and Honda, Hyundai and Nvidia for Android-powered in-car systems.

Netflix and streaming. The streaming wars really didn’t kick off until the year after this, but for a little taster of how OTT services like Netflix’s would soon dominate the conversation about video at CES and elsewhere: this was the year that Netflix CEO Reed Hastings took to the stage to announce an exclusive 4K (high resolution) version of hit series House of Cards that would stream on 4K-capable LG TVs.

VR expansion. Oculus (still yet to be acquired by Facebook but easily emerging as a power player in the VR space) released a new version of its headset. Sony followed suit and others like Meta, working in the area of VR meeting augmented reality, also showed off their new kit. The momentum wouldn’t last: Meta and several more efforts are now defunct, others are struggling, and many are wondering what the mainstream market for VR and AR headsets will be longer term. (We’re still waiting to see whether Apple will launch a device here, too.)

CES 2015

 

http://bit.ly/2ZYALCE

Smart Home gets smarter. Google still hadn’t closed its deal to acquire Nest when CES 2015 rolled around, but the latter company’s momentum spoke a lot to why it got snapped up and integrated and continues to be a central part of the company’s home strategy. It announced a number of new partners at the show through its “works with Nest” program.

Meanwhile, Apple — long without an official presence at the show — continued to make itself a part of the conversation, specifically in the area of the connected home. The ecosystem for Apple’s HomeKit platform for managing connected smart devices by way of your iPhone grew by some way during CES with the announcement of a number of new partners.

Robots and spycams and drones, oh my! The rise of improvements in AI-based technology such as computer vision, voice recognition and more led to a wave of devices aimed at helping people see and do our bidding, and ultimately than they’d be able to on their own. This bigger trend expanded to creepy humanoids, as well as camera-equipped drones and security devices. The huge swing we’ve seen toward an awareness of our privacy in recent times was not so apparent in 2015, so I wonder how this theme would be handled today.

Mercedes Benz F 015 – concept autonomous car. This is just one vehicle — literally speaking. It’s a prototype that may never see the light of day on a production line, at least not for a long time. But I’m highlighting it here as a sign of the times. 2015 saw yet more vehicles, yet more automonous demos, and yet more moves from a range of players to plant their flags in the self-driving market. We’re still far from seeing any wide-scale commercial products or services for a number of reasons, but the amount of investment in this area continues to grow, with the hope and expectation that the tech, the consumer appetite, and regulations will all align in its favor. Other big news in automotive included Nvidia’s new car platforms.

Plus, too many selfie sticks.

CES 2016

GettyImages 948027492

Coming to a screen near you. Netflix has both spearheaded and in many ways led the focus on streamed video in the world of entertainment, and this year it used the show as a platform to announce a huge shift: It was expanding its service to 130 countries, a massive international push. While there are a lot of localized  players, and I’d argue that Netflix doesn’t have quite the right mix of local and general content abroad as it does in its home market (where the catalog is genuinely far bigger), this was a huge move that continues to set Netflix up for more growth in the future, perhaps via consolidation.

As automotive tech continued to be a major theme at CES, there was a new twist this year. One of the huge automotive giants, GM, used the event not just to unveil a new electric car model, but also a $500 million investment in one of the on-demand transportation giants, Lyft. The rationale: to tap into what might be a new market to supply with its future autonomous vehicles, and to get a stake in one of the bigger startups transforming how people get from A to B (which will ultimately have an impact on how, and if, they buy cars).

CES 2017


Alexa, Everywhere. While the Echo was launched back in 2015, and we saw the beginnings of Alexa-integrated devices and Echo-based hardware the year before by way of Amazon’s platform plays, it was really in 2017 that this trend became nearly all-pervasive, appearing not just in speakers made by third parties, but refrigerators and more. Given the strong recurring theme of home gadgets at the show, this has made Amazon a big presence at the huge event. It still raises the question, though, of how successful any of these integrations have been. We may have a lot of “connected” devices in our homes, including smart speakers, but how much are we really using them?

CES 2018

Google assistant, Everywhere. Not to be outdone by Amazon or Apple in years before, 2018 was the year that Google permeated CES with its own voice — or more specifically its voice bot, the Google Assistant. In addition to blanketing trains, billboards and more with Google slogans, slides and gumball machines, the company’s name and Assistant were brought up in connection with most of the event’s biggest hardware and software splashes, by way of integrations. It’s not a guarantee that this will actually get people to use it, but having the ubiquity makes it ever more convenient for those who do want to go that route. Will be interesting to see how and if this continues as a theme in 2020 and beyond. My guess is that simple messages of “it’s there” will not be enough to hold interest longer term.

CES 2019

LAS VEGAS, NEVADA – JANUARY 08: An attendee walks by the Huawei booth at CES 2019 at the Las Vegas Convention Center on January 8, 2019 in Las Vegas, Nevada. CES, the world’s largest annual consumer technology trade show, runs through January 11 and features about 4,500 exhibitors showing off their latest products and services to more than 180,000 attendees. (Photo by David Becker/Getty Images)

Bull in a China shop. The theme of how Chinese companies grow and operate in the US and other Western markets — two major vectors that are being buffeted by large political questions around tariffs and national security — has been a big one in the tech world for a while now. It was interesting to see it play out at CES last year. The event benefits from a massive amount of visitors from China, and also exhibitors, and so many eyes were on both. It played out in some big ways: Huawei downplayed its presence, and ZTE didn’t come at all. And Gary Shapiro, head of the Consumer Technology Association, which organizes CES, came out on the side of doing business with China, criticizing President Trump’s strategy. Given that Trump’s daughter Ivanka will be a keynote speaker this year, all will be watching how and if this theme will continue to develop or simply get swept under the rug.

Other themes last year included more advanced media streaming that moved further away from being tied to large and expensive middleware (the only expensive hardware that matters being the big TV screens), and a kind of truce in the voice assistant matrix: support for multiple assistants on single devices.

CES 2020 coverage - TechCrunch

Steampunk Motorcycle Runs On Compressed Air, Is Pure Hacking Art

The content below is taken from the original ( Steampunk Motorcycle Runs On Compressed Air, Is Pure Hacking Art), to continue reading please visit the site. Remember to respect the Author & Copyright.

Sometimes it’s ok to sacrifice some practicality for aesthetics, especially for passion projects. Falling solidly in this category is [Peter Forsberg]’s beautiful, barely functional steam punk motorcycle. If this isn’t hacker art, then we don’t know what is.

The most eye-catching part of the motorcycle is the engine and drive train, with most of the mechanical components visible. The cylinders are clear glass tubes with custom pistons, seals, valves and push rods. The crank mechanism is from an old Harley and is mounted inside a piece of stainless steel pipe. Because it runs on compressed air it cools down instead of heating up, so an oil system is not needed.

For steering, the entire front of the bike swings side to side on hinges in the middle of the frame, which is quite tricky to ride with a top speed that’s just above walking speed. It can run for about 3-5 minutes on a tank, so the [Peter] mounted a big three-minute hour glass in the frame. The engine is fed from an external air tank, which he wears on his back; he admits it’s borderline torture to carry the thing for any length of time. He plans to build a side-car to house a much larger tank to extend range and improve riding comfort.

[Peter] admits that it isn’t very good as a motorcycle, but the amount of creativity and resourcefulness required to make it functional at all is the mark of a true mechanical hacker. We look forward to seeing it in its final form.

For more inspiration check out the DIY electric motorcycle, and the flying motorcycle that the Dubai police is testing.

HP’s Elite Dragonfly lappie to let Tile gadget-trackers stalk it till they’re Blue in the tooth

The content below is taken from the original ( HP’s Elite Dragonfly lappie to let Tile gadget-trackers stalk it till they’re Blue in the tooth), to continue reading please visit the site. Remember to respect the Author & Copyright.

Or find it under a crap-pile in your pigsty of a desk… let’s be real, that is what you’d use it for

HP and Tile plan to hook up some of their kit, with the the latter’s gadget-tracking tech shoved into the upcoming HP Elite Dragonfly laptops.…

Otterbox made a ‘bacteria-killing’ screen protector for your phone

The content below is taken from the original ( Otterbox made a ‘bacteria-killing’ screen protector for your phone), to continue reading please visit the site. Remember to respect the Author & Copyright.

Face it, your phone screen is filthy. Think about all those times you texted from the toilet or scrolled through Instagram while riding the subway — those streaks on your screen aren't just schmutz, they're breeding grounds for bacteria. But that's…

BlackBerry and Amazon team up to make connected cars more secure

The content below is taken from the original ( BlackBerry and Amazon team up to make connected cars more secure), to continue reading please visit the site. Remember to respect the Author & Copyright.

The more connected cars get, the more we'll need to depend on high-quality security — especially when dealing with the cloud. BlackBerry, which is more into cars than smartphones these days, is addressing that issue with a new connected vehicle soft…

Office 365 Has Changed Enormously Since 2011

The content below is taken from the original ( Office 365 Has Changed Enormously Since 2011), to continue reading please visit the site. Remember to respect the Author & Copyright.

Costs of Office 365 Enterprise Plans in 2011
Costs of Office 365 Enterprise Plans in 2011

The Unlovable Nature of BPOS

At the start of the decade, Microsoft’s cloud offering was the deservedly maligned Business Online Productivity Services (BPOS: a name only its inventor could love). BPOS was unreliable and didn’t work particularly well. Because BPOS used software designed for on-premises use, it struggled to cope with cloud operations.

Thankfully, Microsoft transformed its cloud office system with the introduction of Office 365 on 28 June 2011. After a slow start, Office 365 has gathered pace and overcome G Suite, its major rival to become the leader in cloud office systems. In this article, I look back at the roots of Office 365 and discuss the three major issues that initially spooked customers about the cloud. In the next, I describe some of the Office 365 successes and failures in the last decade.

From Limited Beginnings

Looking back from today’s perspective, it’s hard to remember just how limited Office 365 was in 2011. The software was based on the 2010 on-premises versions of Exchange, SharePoint, and Lync knitted together with a licensing and administration portal. Microsoft’s engineering groups were still working out how to transform the on-premises software to work at cloud scale, and it’s fair to say that this process didn’t finish until a few years later.

The Office 365 ecosystem also needed to be built out. Where Microsoft had three datacenter regions in 2011, it now delivers Office 365 services from 17, a development that resolved the initial fears some customers had about data sovereignty. The datacenters are connected by a dark fiber network linked to a huge set of local connection points to make it easy for users to work no matter where they are. Tenants can run a multi-geo configuration for Exchange Online, SharePoint Online, and OneDrive for Business, and Microsoft is steadily moving app data closer to customers as it builds out its datacenters.

The Office 365 datacenters store enormous amounts of user data. Microsoft has increased quotas for Exchange Online and SharePoint Online (for instance, the standard enterprise mailbox is now 100 GB instead of 25 GB) and many ISVs make products to help customers move data from on-premises apps into the cloud. We’re now at the point where the majority of Exchange and SharePoint activity is cloud-based, and the number of on-premises customers for Office servers continues to fall year over year.

Office 365 Plans

At launch, Microsoft offered Office 365 plans for kiosk (now frontline) and enterprise workers. A set of slides posted by Mary-Jo Foley includes how Microsoft positioned Office 365 enterprise (Figure 1) when they started to talk to customers about the new cloud office suite.

Figure 1: Positioning Office 365 Enterprise in 2011

The Price of Office 365

Access to Blackberry Enterprise Server was important in 2011, but the list of advantages Microsoft touted for Office 365 was short (possibly because no one realizes how good cloud office could be then). What’s interesting is the pricing Microsoft set for Office 365 (Figure 2). Plan E3 was $24/month then, and it’s $20/month now.

Costs of Office 365 Enterprise Plans in 2011
Costs of Office 365 Enterprise Plans in 2011 Figure 2: Costs of Office 365 Enterprise Plans in 2011

The point here is that companies were scared that Microsoft would get them onto Office 365 and then hike the prices, something that simply hasn’t happened. In fact, Office 365 is a relative bargain now because all its plans include more and better functionality than they did in 2011.

Instead of bumping plan prices up, Microsoft has concentrated on growing the numbers of Office 365 accounts and increasing the Average Revenue Per User (APRU) by upselling add-ons and higher-priced plans to customers or moving them to Microsoft 365. Office 365 now has over 200 million monthly active users and has grown at between 3 and 4 million users per month since 2015 and Office 365 is responsible for the bulk of Microsoft’s cloud revenues, so their tactics have worked.

Office 365 Availability

Being price-gouged was one customer fear in 2011. Not trusting cloud services to deliver highly available services was another. Microsoft launched Office 365 with a financially-backed guarantee that the 99.9% Service Level Agreement (SLA) would be reached. Since then, Microsoft hasn’t had to pay out all that often. In fact, I can only remember one instance in September 2011 when the infrastructure was still maturing, and Microsoft’s automated datacenter management processes were not as extensive or as tightly controlled as they are today.

Given the size of Office 365, it’s inevitable that something is going wrong at any time you care to look. But the number of tenants, distribution across multiple regions, and the way the software is deployed and managed mean that it’s a rare incident that comes anywhere close to budging the SLA needle (an example of one that did is the MFA outages in 2018). This has been the case for several years, which begs the question whether the Office 365 SLA is relevant today.

Security and the Cloud

A perceived lack of security was the last of the triple whammy used to justify not going to the cloud. When you think about it, this is a laughable notion for most organizations because they don’t possess the experience, knowledge, skills, and resources that Microsoft dedicates to protecting Office 365 against a world of threat. Microsoft says that 3,500 security professionals protect customer data, all of whom probably know more about security than I do. I lost the fear of having my data in the cloud a long time ago and like the idea that dedicated personnel are responsible for protecting the service.

Attacks happen all the time, but I can’t recall reports of any Office 365 tenant being penetrated solely because of a Microsoft failure. Maybe no-one highlights big security breaches because they do not want to embarrass their company, or I am just not listening. In whatever case, it’s still true that the responsibility for basic security remains with tenants. In this respect, the low percentage of sensitive Office 365 accounts protected with multi-factor authentication is an ongoing scandal.

Moving into a new Decade of Cloud Office

Microsoft’s commercial cloud products have grown to an annual revenue run rate of well over $40 billion. Office 365 is a big part of that success. To its credit, Microsoft has overcome many technical, organizational, and business challenges to attain that success. The trick now is to keep customers happy, ahead of the competition, and deliver the same quality of service over the next decade.

The post Office 365 Has Changed Enormously Since 2011 appeared first on Petri.

Your excess server resources are wanted in the cloud

The content below is taken from the original ( Your excess server resources are wanted in the cloud), to continue reading please visit the site. Remember to respect the Author & Copyright.

Although not a new concept, we are now looking at the opportunity for those who have private servers with excess capacity to rent that capacity to a cloud service provider that can dole out those compute and storage systems on demand to anyone who needs them.

If you’re thinking ride-sharing for servers, you’re not far off. In this scenario the cloud service provider is really just a broker sitting between those needing cloud services and those who have servers that can be shared. You may be leveraging servers that have excess capacity in Las Vegas on Monday and perhaps servers in London on Tuesday. You don’t care since you’re abstracted away from the physical servers, not even knowing location and true ownership.

To read this article in full, please click here

Behold Schrödinger’s Y2K, when software went all quantum

The content below is taken from the original ( Behold Schrödinger’s Y2K, when software went all quantum), to continue reading please visit the site. Remember to respect the Author & Copyright.

Patched or not patched? You won’t know until the box marked “2000” is opened

Y2K Welcome to Y2K, The Register’s collection of ramblings from readers tasked with dealing with what almost happened – but didn’t – during those halcyon days of two decades past.…

36C3: SIM Card Technology From A to Z

The content below is taken from the original ( 36C3: SIM Card Technology From A to Z), to continue reading please visit the site. Remember to respect the Author & Copyright.

SIM cards are all around us, and with the continuing growth of the Internet of Things, spawning technologies like NB-IoT, this might as well be very literal soon. But what do we really know about them, their internal structure, and their communication protocols? And by extension, their security? To shine some light on these questions, open source and mobile device titan [LaForge] gave an introductory talk about SIM card technologies at the 36C3 in Leipzig, Germany.

Starting with a brief history lesson on the early days of cellular networks based on the German C-Netz, and the origin of the SIM card itself, [LaForge] goes through the main specification and technology parts of each following generation from 2G to 5G. Covering the physical basics, I/O interfaces, communication protocols, and the file system located on the SIM card, you’ll get the answer to “what on Earth is PIN2 for?” along the way.

Of course, a talk like this, on a CCC event, wouldn’t be complete without a deep and critical look at the security side as well. Considering how over-the-air updates on both software and — thanks to mostly running Java nowadays — feature side are more and more common, there certainly is something to look at.

Image Sensor from Discrete Parts Delivers Glorious 1-Kilopixel Images

The content below is taken from the original ( Image Sensor from Discrete Parts Delivers Glorious 1-Kilopixel Images), to continue reading please visit the site. Remember to respect the Author & Copyright.

Chances are pretty good that you have at least one digital image sensor somewhere close to you at this moment, likely within arm’s reach. The ubiquity of digital cameras is due to how cheap these sensors have become, and how easy they are to integrate into all sorts of devices. So why in the world would someone want to build an image sensor from discrete parts that’s 12,000 times worse than the average smartphone camera? Because, why not?

[Sean Hodgins] originally started this project as a digital pinhole camera, which is why it was called “digiObscura.” The idea was to build a 32×32 array of photosensors and focus light on it using only a pinhole, but that proved optically difficult as the small aperture greatly reduced the amount of light striking the array. The sensor, though, is where the interesting stuff is. [Sean] soldered 1,024 ALS-PT19 surface-mount phototransistors to the custom PCB along with two 32-bit analog multiplexers. The multiplexers are driven by a microcontroller to select each pixel in turn, one row and one column at a time. It takes a full five seconds to scan the array, so taking a picture hearkens back to the long exposures common in the early days of photography. And sure, it’s only a 1-kilopixel image, but it works.

[Sean] has had this project cooking for a while – in fact, the multiplexers he used for the camera came up as a separate project back in 2018. We’re glad to see that he got the rest built, even with the recycled lens he used. One wonders how a 3D-printed lens would work in front of that sensor.

Microsoft Plans to Disable SMTP AUTH in Exchange Online

The content below is taken from the original ( Microsoft Plans to Disable SMTP AUTH in Exchange Online), to continue reading please visit the site. Remember to respect the Author & Copyright.


The Need to Eliminate Basic Authentication (and use MFA)

There are two things certain in Office 365 security. First, multi-factor authentication (MFA) is a very good thing and will block 99.9% of account compromise attacks. Second, basic authentication is an invitation for an attacker to probe for weakly secured accounts using multiple connection protections, including SMTP.

The message about the need to secure accounts with MFA is slowly getting through. Too slowly, but at least we see some progress. Eliminating basic authentication is high on the agenda of the Exchange Online team. They own protocols like IMAP4, POP3, SMTP, and so on. The introduction of protocol authentication policies in 2018 was a good step forward. Tenant administrators can deploy authentication policies to restrict the number of connection protocols that can be used with basic authentication for mailboxes.

Basic Authentication Deprecation for Multiple Connection Protocols

In March 2018, Microsoft flagged the need for tenants to move away from basic authentication by announcing that support for basic authentication for Exchange Web Services will cease on October 13, 2020. This means that anyone using code built with EWS must upgrade to OAuth 2.0 and use that for authentication. EWS has a limited lifespan and it is a good idea at this point to consider moving code to a Graph-based implementation.

Microsoft then increased the pace in September 2019 by announcing that they will turn off basic authentication for Exchange ActiveSync (EAS), POP3, IMAP4 and Remote PowerShell in October 2020. Microsoft has already enabled OAuth (modern) authentication for EAS and is doing so for POP3 and IMAP4 to give tenants a path forward. Those using Remote PowerShell can connect using the Exchange Online Management module, which only supports OAuth and includes both the old (Remote PowerShell) and new (REST-based) cmdlets.

The SMTP Exception

An interesting detail in the announcement was:

“this change does not affect SMTP AUTH – we will continue supporting Basic Authentication for the time being. There is a huge number of devices and appliances that use SMTP for sending mail, and so we’re not including SMTP in this change – though we are working on ways to further secure SMTP AUTH”

This note is a sober realization that many multifunction devices are configured to connect to Exchange Online to send messages via SMTP (authenticated submission) when printing or copying jobs complete or scripts run to report on different operational conditions. Retrofitting devices to use OAuth is a challenging proposition, so Microsoft is choosing to leave the situation as is for SMTP for now.

Disabling SMTP Authenticated Submissions

Two months later, Microsoft shared some extra detail about their direction to control SMTP authenticated submissions at the Microsoft Ignite 2019 conference. Microsoft noted that the ability to disable this feature on a per-user basis via PowerShell and the Office 365 Admin Center (Figure 1) and at the organization level already exists.

Using the Office 365 Admin Center to disable SMTP authenticated submissions for a mailbox
Using the Office 365 Admin Center to disable SMTP authenticated submissions for a mailbox Figure 1:Using the Office 365 Admin Center to disable SMTP authenticated submissions for a mailbox (image credit: Tony Redmond)

To disable SMTP authenticated submissions for all mailboxes in a tenant with PowerShell, run this command:

Get-CasMailbox | ? {$_.SmtpClientAuthenticationDisabled -eq $Null -or $_.SmtpClientAuthenticationDisabled -eq $False }| Set-CasMailbox –SmtpClientAuthenticationDisabled $True

When a mailbox is blocked from SMTP authenticated submissions, it can’t be used to submit email to Exchange Online by running the PowerShell Send-Message cmdlet (using SMTP AUTH client submission). Attempts to send messages by an unauthorized account see this error:

Send-MailMessage : The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.57 SMTP; Client was not authenticated to send anonymous mail during MAIL FROM

As it’s unlikely that any tenant can stop using PowerShell to send email, they should instead seek to minimize the set of mailboxes that can submit email via PowerShell.

Next Step is at Tenant Level

Microsoft also said that:

“…we’re going to better secure this protocol (disable it) by default, first for new organizations onboarding onto Office 365, then later for tenants with no SMTP authenticated submission usage. We also expect in the future to deliver more tools, reports, and optics to help email admins gain better insight into SMTP authenticated submission usage in their organizations.”

This statement underlines the seriousness of Microsoft’s intent to reduce the attack surface available through SMTP. Soon, new Office 365 tenants will not be able to use SMTP authenticated submission for devices or users. Afterwards, Microsoft will move to disable SMTP authenticated submission for tenants that don’t use the feature. Both these steps make sense. After all, if you don’t use something or have never used something, you won’t miss that thing when it is taken away.

Where SMTP Authenticated Submission Might Go in the Future

Microsoft clearly intends that tenants should protect themselves by limiting SMTP authenticated submissions to as small a set of accounts as possible. What Microsoft is not saying (yet) is when they will disable SMTP authenticated submissions across Office 365. In fact, this probably won’t happen because of likely customer pushback. Apart from devices set up to send email, there are too many PowerShell scripts in use that call the Send-Message cmdlet to send email for Microsoft to be able to disable SMTP authenticated submissions completely. At least, not in the short term.

What I think is more likely is that Microsoft will figure out how best to secure SMTP submissions for devices and scripts in a way that’s easy for tenants to adopt. When they do, I expect Microsoft to set a deadline for tenants to upgrade devices and scripts to use whatever the new mechanism is. Hopefully that limit is reasonable enough to give tenants enough time to do the necessary work.

Tenants should understand that Microsoft is moving in this direction to secure tenant data and operations. With that in mind, it’s a good idea to create an inventory of devices and scripts in use today so that tenants know what work might need to be done in the future. Insecure connectivity protocols are on their way out. The only question now is when this will happen.

The post Microsoft Plans to Disable SMTP AUTH in Exchange Online appeared first on Petri.

Update: ChromePass v1.47

The content below is taken from the original ( Update: ChromePass v1.47), to continue reading please visit the site. Remember to respect the Author & Copyright.

Added new file format to export the passwords: Chrome CSV File. It’s the same file format that Chrome Web browser exports the passwords from chrome://settings/passwords

How to write your own annual cycling training plan

The content below is taken from the original ( How to write your own annual cycling training plan), to continue reading please visit the site. Remember to respect the Author & Copyright.

Make a training and recovery plan that suits you. Photo: Jesse Wild

January is the month of new resolutions. However, without a plan most new ambitions won’t go much further than the Facebook meme stage. ‘A goal is a dream with a plan’, or so such memes might proclaim (the original quote comes from motivational speaker, Greg Reid, we believe). There’s truth in that – provided your dream […]

Track suspicious login activities in your tenant!!

The content below is taken from the original ( Track suspicious login activities in your tenant!!), to continue reading please visit the site. Remember to respect the Author & Copyright.

submitted by /u/Kathy_Cooper1012 to r/usefulscripts
[link] [comments]

The Ultimate Guide to Building REST APIs with PowerShell

The content below is taken from the original ( The Ultimate Guide to Building REST APIs with PowerShell), to continue reading please visit the site. Remember to respect the Author & Copyright.

submitted by /u/l33t_d0nut to r/PowerShell
[link] [comments]

IBM’s cobalt-free EV battery uses materials extracted from seawater

The content below is taken from the original ( IBM’s cobalt-free EV battery uses materials extracted from seawater), to continue reading please visit the site. Remember to respect the Author & Copyright.

Electric vehicles will play an important role in reducing greenhouse gas emissions, but they are not yet a perfect solution. Today, most EVs run on lithium-ion batteries made with heavy metals like cobalt, of which there is a limited supply and less…

Carbon will print parts for Lamborghini’s Sián FKP 37 hybrid sports car

The content below is taken from the original ( Carbon will print parts for Lamborghini’s Sián FKP 37 hybrid sports car), to continue reading please visit the site. Remember to respect the Author & Copyright.

Carbon today announced the expansion of its partnership with Lamborghini. The white-hot 3D-printing startup will manufacture central and lateral dashboard air vents for the carmaker’s Sián FKP hybrid sports car.

The move follows the deal announced earlier this year that found Carbon printing a fuel cap and an air duct clip for Lamborghini’s Urus SVU. Baby steps, honestly, but important ones nonetheless. Lamborghini follows in Ford’s footsteps with the Carbon partnership.

It’s clear that automotive companies are interested in introducing custom 3D-printed parts, and Carbon has proven a degree of scalability with partnerships with companies like Adidas. It was clear from the outset, however, that such a deal would need to begin with smaller pieces, before injection molding could be replaced outright.

According to Carbon, the addition of 3D printing reduced the time to production by 12 weeks over more traditional manufacturing tools. The units were put through the paces, too, subjecting the EPX 82 material to a battery of stress tests.

“With the Carbon Digital Manufacturing Platform, we were able to go from an initial concept to showing the final part on a show car in only three weeks, passing through many different design iterations to get the best result,” Lamborghini CTO Maurizio Reggiani said in a release. “Just three months later, we were able to move into production.”

In a recent conversation with TechCrunch, Carbon’s new CEO Ellen Kullman noted the company’s push toward developing existing partnerships before rushing into new ones. “[T]here’s a lot of building out to do of what we’ve already committed to,” she told the site.

Admin Essentials: know your options for Modern Enterprise Browser Management

The content below is taken from the original ( Admin Essentials: know your options for Modern Enterprise Browser Management), to continue reading please visit the site. Remember to respect the Author & Copyright.

As more applications move to the cloud, without question, the browser is becoming more important. As an IT admin, you have to manage and ensure working in the cloud is seamless for your users. 

Here at Google, the Chrome Browser enterprise team has been working hard to open up new and easier management options to help you do just that. For example, we’re expanding existing Group Policy templates within Active Directory, enabling support for applying policies to Mac, and even providing a central console to help you  manage Chrome Browser from the cloud. 

When it comes to management, it’s important to take a close look at options to see what works best for you, your team and your endpoints. In this post, we’ll take a look at some of the many management options available in Chrome Browser today.  

1. Chrome Browser Cloud Management
Earlier this year, we announced the availability of Chrome Browser Cloud Management, which makes it possible to centrally enroll and manage browsers, as well as gain visibility into your browser deployments, right from within the Google Admin console. You can unify the management of Chrome Browser across Windows, Mac and Linux environments, and get a single view into extension, policies, versions and more. Check out our website to learn how to get started or watch this demo video:

See how Chrome Browser Cloud Management helps make managing and securing browsers fast and easy in your enterprise. Learn more, and get started at g.co/chromecloudmanagement.

2. Microsoft Endpoint Manager
Another option to consider is to manage Chrome Browser through Microsoft Intune (now part of Microsoft Endpoint Manager) on your Windows 10 devices, where you can use the same useful Chrome Browser ADMX templates. You can define and apply rules for hundreds of policies right from within the Microsoft management console. One benefit to this option is that if you are using Microsoft System Center Configuration Manager to manage Chrome’s installation and/or updates, it can be easier to handle from the same view. This is especially helpful if you are starting to use Microsoft Intune to manage your mobile devices and mobile apps.

You can also manage the popular Legacy Browser Supportcapability right from the Intune console, pre-defining sites to open in alternate browser outside of Chrome. This capability is used to help seamlessly redirect your users to legacy browsers when older web apps are unable to run in a modern browser. 

3. VMware Workspace ONE Unified Endpoint Management
If your organization uses Workspace ONE as a primary management tool, you can also manage your Chrome Browser instances within the Unified Endpoint Management console for both desktop and Androiddevices. Just apply Chrome’s ADMX templates and push policies out to your Windows machines. Since Chrome Browser is optimized for virtual environments, you can determine and apply settings across your physical and virtual desktops using Chrome’s policy templates.  

With Workspace ONE, you can use a single tool to manage Chrome Browser in your Windows environments, as well as provide basic management on your users mobile devices, without impacting a user’s personal Chrome app installation, if they have one. And for Workspace ONE customers with Chrome OS in their environments, they can also centrally manage their Chrome devices from one panel.

Manage Chrome your Way
Chrome continues to invest in making it possible for you and your team to use existing technology to manage browsers. In the near future, we plan to expand the capabilities available in Chrome Browser Cloud Management and to provide even more options. 

If your enterprise is exploring different management options for endpoints, consider the browser as part of that conversation. With so many options available, managing your user’s Chrome Browser has never been so flexible. Learn more on our website.

Roland’s Alexa-powered keyboard is available for $500

The content below is taken from the original ( Roland’s Alexa-powered keyboard is available for $500), to continue reading please visit the site. Remember to respect the Author & Copyright.

It took nearly an entire year, but Roland's voice-savvy GO:PIANO keyboard is now available. Spend $500 (and enable a Roland skill) and you can use Alexa to choose sounds, turn on the metronome and control numerous other settings while you play — yo…

How to Install Office Web apps as PWA on Windows 10

The content below is taken from the original ( How to Install Office Web apps as PWA on Windows 10), to continue reading please visit the site. Remember to respect the Author & Copyright.

In today’s post, we will show you how you can install Office Web Apps (Word, Excel, PowerPoint, Outlook) on Windows 10 as Progressive Web Apps for a more traditional experience. PWAs are just a combination of a traditional browser and […]

This post How to Install Office Web apps as PWA on Windows 10 is from TheWindowsClub.com.

Google adds spam detection and verified business SMS to Messages

The content below is taken from the original ( Google adds spam detection and verified business SMS to Messages), to continue reading please visit the site. Remember to respect the Author & Copyright.

Businesses often send one-time passwords, account alerts and appointment confirmations via text. But if you've ever received one of those, you know they tend to come from a random number, and bad actors can take advantage of that by disguising phishi…

The next Xbox is called Series X and it looks like a PC tower

The content below is taken from the original ( The next Xbox is called Series X and it looks like a PC tower), to continue reading please visit the site. Remember to respect the Author & Copyright.

The Game Awards kicked off with a bang as Microsoft offered a first proper look at gave a glimpse of the next Xbox and revealed the console’s its name: Xbox Series X. Previously known as Project Scarlett, the next-generation Xbox resembles a PC tower and it arrives holida… holiday 2020.

YSK: Drag and drop YouTube links to VLC to play them without ads

The content below is taken from the original ( in /r/ YouShouldKnow), to continue reading please visit the site. Remember to respect the Author & Copyright.

Drag-drop youtube links to VLC and it will play them without ads and with the great player features included in VLC

Google Chrome will check for leaked credentials every time you sign in anywhere

The content below is taken from the original ( Google Chrome will check for leaked credentials every time you sign in anywhere), to continue reading please visit the site. Remember to respect the Author & Copyright.

Double-encrypted. That said, if you’re worried about over-sharing, what are you doing on Chrome?

A new feature in Google’s Chrome browser will warn you if your username and password matches a known combination in a security data breach every time you type credentials into any website.…

Microsoft’s Offering a ‘Free’ Cyber Security Checkup to SMBs

The content below is taken from the original ( Microsoft’s Offering a ‘Free’ Cyber Security Checkup to SMBs), to continue reading please visit the site. Remember to respect the Author & Copyright.

Microsoft 365
Microsoft 365

Microsoft 365Microsoft 365

In about a month from now, Windows 7 will reach its end of support timeline which means unless you are willing to pay up, you are going to be sitting on the sidelines when it comes to securing your environment. While large companies are likely able to swallow the fees associated with extended support, the most vulnerable group will be the small and medium business (SMB).

An SMB is typically a company that is 300 or fewer employees and according to Microsoft, these companies are targeted more than half the time when it comes to cyber-attacks. Why? It’s primarily because they have fewer resources to help secure their environments and as we all know, IT shops typically have budgets that are stretched to the limits as they do not grow at the same rate as the rest of the organization.

Back at Ignite 2019, I was able to sit down with Brad Anderson, Corp. Vice President, Microsoft 365, and while we talked about many aspects of Microsoft 365, one point that he drilled down on was that, candidly, the company needed to do more to help address the smaller business of the world and not just the enterprise operations.

Today, Microsoft is announcing a new collaboration with AXA XL and Slice Labs to offer free cybersecurity health checks and support AXA XL’s provision of cyber insurance for qualified customers that use Microsoft 365 Business, Office 365 Business, and Office 365 Business Premium.

The idea here is simple, for customers willing to move to or are already using one of the above services, you can receive a ‘free’ audit of your operations and also have access to cybersecurity insurance as well. And at first, I was skeptical of this but I think there is actual merit to this offer.

Primarily because this comes as a benefit to already using those services, not as a carrot to get you to jump into new hoops. And for the SMBs of the world where budgets are tight, taking advantage of an external audit of your environment is a serious proposition. Of course, this is also useful to customers who may be on the fence about subscribing to these services too, as it may get them to finally sign up.

For many organizations, security is something you deal with to check a few boxes of compliance and is often only thought about after a breach has occurred. But the truth is that in a world where your operational availability is closely linked to your reputation, security needs to be significantly more proactive, than reactive.

What Microsoft is trying to offer here is to move your needle slightly more towards the proactive side of the equation but keep in mind, nothing is truly free.

The post Microsoft’s Offering a ‘Free’ Cyber Security Checkup to SMBs appeared first on Petri.