Monday, January 31, 2011
UK EMEA Lab Notes - December 2010 - Ian Hyndman
Most modern day cyber attacks tend to target organisations and governments with the explicit purpose of stealing information and causing disruption. As a consequence, governments have had to reassess their stance on cyber crime, and many are attempting to tackle the problem directly.
In the latest budget, the UK government announced an estimated £500 million will be made available to help fight the war on cyber crime. This is a substantial allocation, suggesting that cyber crime is a bigger problem than the average person might be aware of. It is refreshing to see that the threat is being taken seriously.
Recently, Symantec and Websense (among many others) have announced they expect an increase in attacks in during 2011. This has been backed up with the UK’s intelligence centre (CESG) saying that it has seen a massive rise in the number of attempts made to infiltrate UK government and industrial targets over the past year.
The types of attacks occurring are very advanced, with viruses/worms such as Zeus, Aurora and Stuxnet deliberately targeted at infiltrating businesses and key infrastructure.
These malware are specifically designed to hide from detection devices and software, making them significantly harder to manage. They also mutate into different strains, allowing them to survive far longer in the wild. The Stuxnet worm is said to be one of the most advanced pieces of malware seen to date. Iit is a sophisticated worm that has the ability to actually change its code and hide these changes afterwards. Currently, this type of technology infects thousands of computers worldwide. It is the sort of cyber-attacks seen in sci-fi films through the 80’s and 90’s, they really may be becoming a reality.
Last month (November 2010) the UK Intellectual Property Office was hit by a cyber attack which took down its website and services for several days. It was almost certainly a targeted attack due to the ferocity and damage it caused. And this is but one of the many attacks that take place worldwide on a daily basis.
Most of the current targets are generally big business and government - organisations that hold information worth a lot of money. But, as this kind of malicious technology spread, my fear is that it will begin to be used against any company holding useful data – big or small. Even a list of email addresses can be valuable to the right customer.
To combat such attacks, all businesses have to enforce strict security policies. That isn’t to say they need to have expensive equipment, but they do need to ensure that all employees are being vigilant. A good security policy should contain instructions on acceptable internet use along with guidance on the correct use of memory sticks and personal equipment brought in to the work place. Nothing should be plugged in to a PC that hasn’t been virus checked.
One of the most important defences against attack is to ensure that all PCs, workstations and servers are fully patched with the latest security updates (operating system and anti-malware solutions). Usually, it is vulnerabilities in operating systems and security that most attackers look to exploit.
Even though malware is becoming more advanced, the best ways to combat it continues to be much the same. It is probably true that the Stuxnet worm outbreak was cause by unchecked laptops and memory sticks being used on the corporate network.
If a user is vigilant (scan all files before opening, don’t open email attachments from unknown senders, and keep your anti-malware solution up to date) you are about as safe as you can be whilst still being connected to the internet.
Just like anything in the world of IT, malware is evolving. It is always up to users to ensure they take the precautions necessary to safe guard themselves until anti-malware vendors catch up with what’s being found in the wild.
Australian Lab Notes - November 2010 - Steve Turvey
In this month’s example, our customer, a large car accessory store, was investigating opportunities to purchase a new line of car stereos from China to rebrand and sell through their local stores. While many of the respected industry brand names already hale from Chinese production lines, the units on this particular shortlist were completely unknown in the West.
The questions the Lab was tasked to solve were simply: “Is the audio quality up to scratch?” Are these units going to be reliable on Australian roads”?
Testing of the audio quality is not complicated, although the units required DVD video, SD cards, USB thumb drives and MP3 CD media options to be tested.
In the past, we’ve evaluated players that are capable of playing MP3s from various media, but at times the navigation ranged from poor to “the unit completely ignores any music that is not sitting in the root of the device or disc”. Happily all these stereos were very capable, both in terms of audio quality and the ability to correctly read different media formats.
Testing for reliability, including how these devices behave on rough roads, including corrugated, outback dirt roads was not such a simple task. We considered purchasing an off–the-shelf vibration table - but what fun is that? We also really preferred to test vibrations in all three axes to truly simulate a car jolting around - I had some truly terrible stretches of road in mind.
Fearlessly, or perhaps recklessly, we therefore embarked on constructing our own test custom vibration test rig. This rig consisted of several large concrete blocks (foundations) a sub-woofer amplifier, a Jaycar Response Power Bass Rocker (PBR) and other ancillary bits and pieces. If you’re not familiar with the PBR, it’s an interesting device which began as an early, but unsuccessful, gaming accessory. The PBR was originally an integral part of a shock vest, worn when playing a video game. Each contact or shot that hit a player triggers a thump in the chest from the vest.
In effect, the PBR is a heavy duty speaker, but instead of the beefy voice coil being connected to a paper cone to produce sound, it is instead connected to a large slug of metal that produces substantial vibrations as it is driven back and forth.
Jaycar, the distributors of the technology, suggest you attach a couple of the units to the underside of your lounge chair, hook them up to your cinema sound system so that any sound produced by your sub-woofer is also translated as a vibration through your chair.
In our custom made, fully controllable, measurable, triple-axis vibration rig, we mounted the car stereos into a cradle connected directly to the PBR. The PBR was hooked up to a 150W sub-woofer amplifier which, in turn, was linked to a programmable audio frequency generator. This enabled us to simulate a vast range of vibration frequencies.
I have to admit we thought the rig would destroy the car stereos, particularly when playing back CDs. To our amazement, all-but-one of the units performed perfectly - without a single glitch or stutter. Only one unit experience any problems at all, skipping just three times. The vibrations it was managing were the most violent we could produce.
We shook the living daylights out of those stereos. It is, when you think about it, a touch ironic - we shook them all night long.
Australian Lab Notes - August 2010 - Steve Turvey
It was easy to manage a Lab and a small team of techies back in those days but more than 21 years later is it anything but easy. Don’t get me wrong I’m certainly not complaining, the work is certainly far more interesting, it would have to be as I’m still here, oh and I also wanted to see the fledgling Lab “grow up”.
Even if we look under just the IT banner there is such a wide range of technology that we now test with the likes of Smartphones, Tablet PCs, MP3 players, VoIP phones, Video Conferencing, Broadband, 3D TV, Video Games, Blue Ray, Alarm Systems and the list goes on. Not only has our range of IT testing expanded it has been accompanied by an increase in the range of test categories here at the Lab.
To be fair some of the categories we have plucked out of the general buzz of IT so we can concentrate expertise and resources to these niches such as Security and Penetration testing, Software testing, Usability and Accessibility testing to name just three. However we have also headed into new territories with our Gaming, Wagering, Lotteries and Casino testing, arguably this has to some extent grown out of the IT sector but I have left the best for last.
Physical and materials testing, and boy does this category cover a lot of ground. We have built test rigs to measure the brittleness and drawing life of Crayons, a Passport wear testing rig, Vibration rigs to test Alarm sensor and car radio susceptibility to vibration, we have tested 50 ton mobile cranes in China for a client in the Middle East but one of my favourites, I have to admit, is testing buses in China.
Not just any old bus of course, no diesel engines in these vehicles, instead an obviously grunty electric motor and a large bank of batteries. The aim is to determine if the eBus really does meet the needs of a typical diesel bus fleet and when you stop to think about it there is more to it than reaching acceptable speed and passenger loads.
With any electric vehicle there is the general concern – where do we charge it? Although this is a lot easier for a suburban bus company as their buses plie known routes and return back to base at the end of each day where a dedicated charger at the Depot can feed them over night.
But what about a tour bus? It can be called upon to go just about anywhere and you can be quite certain that at the end of each day it will probably be a long way from the Depot. So at the end of a Tour bus’s day it must at least be able to plug into a conventional electrical outlet and charge fully in eight hours or less. A plainly impossible task as any back of a dinner napkin quick calc shows that on a 15Amp feed it would take around 6 full days to charge. So I guess a tour bus role is out of the question until dedicated charging stations are available country wide – a long way off.
You might think the role as a suburban route bus is right up the alley of an eBus, at least the bus returns to the Depot for the high powered charger. But did you realise that many route buses are out for 19 to 20 hours a day before they return to the Depot, it’s a big ask for a battery powered bus to last this long on a charge and then it may only have 4 hours to recharge at the depot.
Saturday, January 8, 2011
A Tender Farewell to 2010
Welcome to 2011, and it’s already looking frenetic. Enex TestLab finished 2010 with a flurry of tenders and 2011 has started much the same. Governments and Commercials are ramping up contracts and Enex TestLab is right in the thick of them all. “The end of the year has been all about tenders, tenders and more tenders,” says Matt Tett, Director, Enex TestLab. Of particular note has been a contract signed between Enex TestLab and the Department from Broadband, Communcations and the Digital Economy (DBCDE) establishing a standing agreement for Enex TestLab to provide technical advice and support to the department. This is a critical alignment, Enex TestLab’s vast technical experience and independent perspective will provide continued valuable support for the department’s decision making process.
2011 also welcomes the prospect of the first major project for Enex TestLab to be undertaken with its China-based affiliate. Digital broadcasting is an exciting emerging area for us to be working in – more news will follow.
In a string of announcements, we are also proud to confirm our affiliation in
Enex TestLab Gaming, Wagering, Lotteries and Casino Testing Division has been a major source of activity through 2010. We have recently completed our ISO 17025 gaming accreditation, meaning that Enex TestLab can now be an Accredited Test Facility (ATF) for the UK Gambling Commission, adding this jurisdiction to an already impressive list of licences held by Enex TestLab including all of Australia, New Zealand and Macau. Enex TestLab had a significant presence at the AGE (Australian Gaming Expo) held in Sydney in Q4 2010, and marks our aggressive growth in this market. Enex TestLab is bringing a welcome increase in choice, value and independence to this industry. You will see an ongoing ramping up of our presence and activity in this sector for 2011.
As we mentioned briefly last newsletter Matthew Hackling has joined Enex TestLab as General Manager of our Australian Security testing division. Matt is the first of what will be a number of management announcements for Enex TestLab. We look forward to revealing a number of new additions in 2011. With the expansion of our physical and materials testing division, and our ever growing work in media and communications, new additions to these will see Enex TestLab’s local senior headcount rise significantly.