More stories

  • in

    How to boost your browser's privacy with DuckDuckGo Privacy Essentials

    Privacy has become an issue for nearly every person on the planet. Given how many people depend on web browsers every day for work, communication, connection, and entertainment, the security of those tools has become tantamount to the privacy of user information.Unfortunately, not every browser is capable of handling security in a way that can keep our data out of the hands of those who should not see it.What can you do?Thanks to DuckDuckGo, there’s an add-on available for every major browser on the market, and it can greatly enhance built-in security measures. That add-on is called DuckDuckGo Privacy Essentials.What does DuckDuckGo Privacy Essentials do? Here’s the shortlist:Shows you at-a-glance information on how much a site can be trusted.Forces sites to use encrypted connections (when available).Blocks nearly all trackers.Keeps your search history private.If you know anything about privacy, you should immediately understand how important that list is. And if you’re not sure if you can trust your desktop web browser of choice, it’s time you give it a much-needed privacy boost.Also: How to use confidential mode in Gmail to protect sensitive informationSo, how do you add the DuckDuckGo Privacy Essentials add-on to your web browser of choice? It’s actually much easier than you might think. And given the benefit you gain from the extension, this should be a no-brainer for everyone.Let’s install DuckDuckGo Privacy Essentials.Installing DuckDuckGo Privacy Essentials More

  • in

    VMware looks to tap growing APAC need for multi-cloud management

    The next phase of cloud development will revolve around multi-cloud management and security, as businesses in Asia-Pacific want options but struggle to cope with the complexities of managing different platforms. Vendors such as VMware are hoping to step in and help customers do so with a range of products. While they talk about being “interconnected”, the reality today is that hyperscalers currently operate like isolated operating systems, according to Simon Piff, IDC’s Asia-Pacific vice president. This presents a significantly challenging piece for organisations in the region, Piff told ZDNet. It would fuel the need for multi-cloud management and cross-cloud security strategies as the next phase of development in the market, he said. This would result in tremendous opportunities for systems integrators and software vendors able to remove the complexities and offer the integration tools necessary to make multi-cloud management seamless, the analyst said. Charlie Dai, Forrester’s vice president and research director, noted that Asia-Pacific enterprises were looking to transition from being cloud-first to cloud-native so they could leverage future technologies. This involved the transformation of their cloud infrastructure into multi-cloud and hybrid cloud environments with technologies such as containers, Kubernetes, IaC (infrastructure as code), and SRE (site reliability engineering), said Dai, who leads Forrester’s research team in China. It also encompassed the modernization of applications at scale using microservices, service mesh, and DevOps automation, he said in an email interview. In addition, Kubernetes was fuelling platform-driven business innovation in key areas such as machine learning and artificial intelligence (AI), data management, IoT, 5G, and blockchain, he noted. Piff said organisations would need to have the right understanding of how to get the most of their cloud deployment. “Apps need to be cloud-native to take full advantage of the underlying cloud [infrastructures],” he said. “Simply moving an app to the cloud, without redesigning or refactoring, does not give the best value at all.”Dai added that organisations would need to focus on three pillars–encompassing platforms, practices, and partners–to drive their transformation towards being cloud-native. Organisations would face several challenges impacting key roles in their IT teams, he said. For instance, he explained that open source components in cloud-native infrastructures had different architectures, maturity, dependencies, roadmap, and requirements in terns of technical expertise. They also required enhancements in scalability, reliability, and performance for enterprise deployment and microservice applications in distributed environments.Hence, developers could find it tough to manage the complex service dependency and identify root causes of issues on the application layer, he said. In addition, cloud-native technologies not only expanded the attack surface across the container lifecycle, spanning design to runtime, but also introduced added risks from emerging technologies powered by Kubernetes.Opportunities to manage app, cloud sprawlOrganisations realise the need to optimise their application for speed, resilience, and security, but face challenges doing so across the development lifecycle. This spans building, deploying, running, managing, and securing their applications, according to Ajay Patel, VMware’s senior vice president and general manager of modern applications and management business group, which encompasses the vendor’s Tanzu and Aria portfolios. The vendor announced a host of product releases at its Explore conference in San Francisco this week, including Tanzu Application Platform, Tanzu for Kubernetes Operations, and multi-cloud management platform, VMware Aria.Patel said: “Platform teams must focus on delivering a great developer experience and path to production to speed velocity, while also providing a solution for deploying and running apps more securely, reliably, and at scale on any and many clouds.”With the multitude of choices available, though, managing their application and multi-cloud infrastructures has become highly complex, he said. Developers and IT teams have to control costs, ensure performance, and manage consistent security policies across their diverse environments. VMware CEO Raghu Raghuram said businesses deployed varying platforms and technologies over time, leading to cloud and application sprawl. They typically start their cloud journey on one platform, but would move some workloads to another for licensing or pricing gains offered by other cloud vendors. Speaking at the conference, Raghuram said 75% of organisations today operated two or more public clouds. Doing so also enabled then to access best-of-breed services and innovation across different cloud players, so they could differentiate the applications they were building, he explained, In addition, businesses looked for greater choice and flexibility, allowing them to avoid vendor lock-in, he said. This, however, drove up complexity and application development had become slow and cumbersome, he added. Managing applications across disparate clouds also was difficult and costly, with each cloud vendor requiring administrators to use proprietary tools that were siloed and did not interoperate. The need to resolve this was driving towards being “cloud smart”, Raghuram said, where organisations had the ability to select the right cloud for the right app, based on the needs of individual app. Pointing to Aria, he said the multi-cloud management platform was designed to provide real-time cost analysis and recommendations on optimising their workload deployment.Core to Aria is Aria Graph, a graph-based data store that captures the resources and relationships of a multi-cloud environment. According to VMware, the graph is built for cloud-native applications and provides a single source of truth that is updated “near real-time”. The vendor added that Aria’s graph data store and API services could be integrated with third-party tools, such as observability and application performance management applications. The multi-cloud management platform would enable developers as well as site reliability engineering (SRE) and platform engineering teams to pull relevant data for analysis and debugging. It also provided visibility of cost, performance, and configuration of applications and workloads across cloud environments, VMware said.Piff said: “Arguably, cost optimisation is an area that need deep focus and will become a financial differentiator between organisations. If an end-user does not need an application 24 by 7, then [the ability to] only pay for the times when it is in use will be a huge advantage. If capacity can be bought only when needed, then organisations should see some interesting savings, but it will take time and a mindset shift.”According to the IDC analyst, VMware was in a good position to be a neutral party that could help ease the management of multi-cloud environments for organisations. He explained that much of the automation the software vendor had driven into its platform, around provisioning and performance, could be used to create de-provisioning and to manage costs–alongside the management of security, to a certain degree. Paul Simos, VMware’s Southeast Asia and Korea service president and managing director, noted that organisations in the region had the frameworks and understanding to deploy cloud and application modernisation at small scale. To drive their cloud transformation to the next phase, they now needed to know how to do this at scale, he told ZDNet. Key to this, Simos said, was frictionless developer experience and automation Sylvian Cazard, VMware’s Asia-Pacific Japan senior vice president and general manager, added that these organisations also were adopting cloud-native applications and using Kubernetes to manage and scale these apps. With extensive cloud deployment fuelled by the pandemic, Cazard added that multi-cloud management and the need to control costs from operating as well as securing these environments had become a focus of IT leaders. Ensuring control, consistency, and security were top priorities, he said, alongside meeting regulatory requirements for data sovereignty. Sovereign clouds increasingly were a major topic in Asia-Pacific, he added. Simos said VMware, with its product portfolio including Aria, aimed to help enterprises scale their cloud deployment, establish service consistency, and enrich cloud-native developer experience.Dai said VMware had a long track record serving enterprise customers in the cloud era powered by virtual machines. The vendor also was making substantial progress in the cloud-native era to help enterprises address challenges with its Tanzu portfolio.Specifically, he said VMware Tanzu Application Platform was touted to improve developer productivity and simplify DevSecOps in distributed cloud environments, while VMware Tanzu for Kubernetes Operations was designed to give operators a “consistent, secure, and simplified” container and virtual machine lifecycle management experience, with multi-cloud observability.The Forrester analyst, though, noted in a previous ZDNet report that VMware would need to work on a “clear and solid” go-to-market strategy, while its Broadcom acquisition was being firmed up. Piff also noted that the vendor should assure customers the impending acquisition would not go the way of Broadcom’s previous acquisitions of CA Technologies and Symantec. Asked about feedback from its Asia-Pacific customers on the Broadcom acquisition, Cazard said it still was “very much business as usual”. He noted that most clients had been with VMware for a decade and already had seen the software vendor function through previous acquisitions with EMC and Dell.He said there had been no change in customer spending, adding that VMware also was continuing to expand its product portfolio, as evident at the Explore conference. Broadcom and VMware have up to a year, until October 2023, to close the acquisition.Asked for his comments on customers that might choose to wait before forking out more spend in VMware, Raghuram said CIOs who chose to wait a year before making any investment decisions to drive their digital initiatives would be in trouble. Based in Singapore, Eileen Yu reported for ZDNet from VMware Explore 2022 in San Francisco, USA, on the invitation of VMware.RELATED COVERAGE More

  • in

    Microsoft: This bug in TikTok's Android app could have allowed one-click account hijack

    Image: Getty Images/iStockphoto Microsoft has detailed a high-severity flaw in the TikTok Android app that could have allowed an attacker to hijack an account when users click on a link.  Fortunately, developers at TikTok parent ByteDance quickly fixed the flaw after Microsoft researchers reported the issue to it in February through its bug bounty program, […] More

  • in

    Linux devices 'increasingly' under attack from hackers, warn security researchers

    Image: Getty There’s been a big rise in ransomware attacks targeting Linux as cyber criminals look to expand their options and exploit an operating system that is often overlooked when businesses think about security. According to analysis by cybersecurity researchers at Trend Micro, Linux servers are “increasingly coming under fire” from ransomware attacks, with detections […] More

  • in

    Malicious Google Chrome extensions affect 1.4 million users

    Imagw: Black_Kira/Shutterstock Google Chrome extensions are meant to make your life easier. With Chrome browser extensions that help you get discounts, correct your grammar, take screenshots, and watch shows with friends, downloading an extension can be very tempting. However, malicious extensions are mimicking the appearance of popular ones to put your privacy at risk. Malicious […] More

  • in

    Microsoft: Take these three steps to protect your systems from ransomware

    Image: Getty/NoSystem Defending against ransomware attacks and other cyber threats takes more than just setting up detection measures to identify potential malicious activity. Cybersecurity teams need to ensure that the network is made unattractive to cyber criminals by making it difficult to break into in the first place.  Ransomware is a major cybersecurity problem facing […] More

  • in

    VMware must assure APAC customers Broadcom acquisition won't repeat history

    VMware should actively work to assure customers in Asia-Pacific that the Broadcom merger will not follow in the footsteps of previous acquisitions with CA Technologies and Symantec. And while the integration of key assets from the three companies can potentially create a viable multi-cloud player, it remains to be seen if Broadcom can succeed in doing so. Broadcom in May said it was seeking to purchase an 88% stake in VMware for $61 billion, prompting concerns over what that might mean for the latter’s brand. Following the announcement, Forrester analysts said VMware customers should be anxious if Broadcom applied the same treatment it did with its CA and Symantec acquisitions. Customers of the two vendors saw price hikes, dipping support, and stalled development. Forrester added that Symantec shifted its focus to its biggest customers and resellers, prioritising the top 2,000 of its clientele of 100,000. Existing and new customers would want to monitor VMware’s actions, which would serve as early indications of any potential shift in how the vendor engaged with its clientele, Simon Piff, IDC’s Asia-Pacific vice president told ZDNet. He said the acquisition should prompt questions about whether VMware would continue with its current customer path in Asia-Pacific for now as well as in the future, or whether it would result in similar consequences with the CA and Symantec acquisitions. VMware would need to be vocal and active with its customers in the region to assure them that what happened with the two previous acquisitions would not occur again, Piff said.”Broadcom may not have planned for the apparent evaporation of CA and Symantec in Asia-Pacific, but it happened. If they want to assure customers this won’t happen, they need to be vocal and seen to be doing the right things. Any slip-up here and they will spend a lot of cycles recovering, which will not be good for anyone,” the IDC analyst said. While Broadcom or VMware had yet to offer a clearly defined organisation from the impending merger, Piff noted that a combination of critical assets from VMware, Symantec, and CA would create a compelling partner for organisations looking to manage their multi-cloud environments. The merged entity could help accelerate the “effective, secure, and more easily managed adoption” of multi-cloud, he added. Whether Broadcom would be able to do so, though, remained to be seen, he said. During a media Q&A at VMware’s Explore conference Tuesday in San Francisco, ZDNet asked the vendor’s CEO Raghu Raghuram if he saw potential for both CA and Symantec’s technologies to be integrated with VMware’s portfolio and drive the latter’s pitch as the market player to help companies manage their multi-cloud deployment. Raghuram declined to comment, saying that the vendor could not discuss activities related to the impending acquisition that still were under consideration, including product integration and synergies. At the conference, where Broadcom CEO Hock E. Tan was amongst the attendees, Raghuram said VMware currently was helping its future parent understand the “depth and breadth” of its products and business. He added that the company was in its next major transition and “on track” to close the acquisition by the end of Broadcom’s fiscal 2023, which spanned November 2022 to October next year. For now, he said, VMware continued to operate as a standalone company. Adding that details about the merger would be revealed once the acquisition was finalised, Raghuram said the overall message from the union was that its partners would see greater and broader opportunities to support customers of both companies. Until then, VMware will need to work on a “clear and solid” go-to-market strategy.This should encompass its business and financial structures, product and development roadmap, and partner ecosystem, said Charlie Dai, Forrester’s vice president and research director, who leads the team in China. This should serve to demonstrate the vendor’s continued commitment along the journey, he told ZDNet. Based in Singapore, Eileen Yu reported for ZDNet from VMware Explore 2022 in San Francisco, USA, on the invitation of VMware.RELATED COVERAGE More