Rundown

Dell EMC Unifies Midrange Storage with PowerStore | Gestalt IT Rundown: May 13, 2020

Dell EMC releases PowerStore to unify its midrange storage options, Windows and Linux PCs have a big Thunderbolt vulnerability, and Google unifies the leadership for its messaging products. Tom Hollingsworth and Rich Stroffolino discuss all of this and more this week.

This week on the Rundown:


Black Hat and Defcon Cancelled

Defcon organizers announced that the annual Las Vegas conference that takes place in August is canceled this year due to uncertainty about the COVID-19 pandemic. Black Hat, which precedes Defcon each year, is also canceled. Both will instead host online conferences including research talks and social events. Founder Jeff Moss, AKA the Dark Tangent, said in a forum post that the 28th Defcon will be known as “Safe Mode.”

Zoom Buys Keybase

Zoom has acquired Keybase which makes secure file sharing and collaboration tools. As soon as Keybase is incorporated, Zoom will offer an end-to-end encrypted mode for all paid accounts. Keybase will become a subsidiary of Zoom and Keybase co-founder Max Krohn will lead Zoom’s security engineering team, reporting to CEO Eric Yuan. Zoom will work with Keybase to determine the fate of its existing products. Keybase makes a key directory that maps social media identities to encryption keys for identity verification.

Microsoft Reply-All Protection

Microsoft began rolling out a reply-all protection feature for Office 365 and Exchange Online. Designed for larger organizations, the feature will detect 10 reply-all emails to over 5,000 recipients within 60 minutes. Once triggered, users won’t be able to reply-all on the thread for four hours and will receive a notification that “The conversation is too busy with too many people.”

LinkedIn Virtual Events

LinkedIn unified its LinkedIn Events and Live products into LinkedIn Virtual Events. This lets users livestream to a LinkedIn Page or event, and supports third-party stream integrations with Restream, Wirecast, Streamyard and Socialive. Streamed content can be saved to a new Video tab on LinkedIn Pages. LinkedIn Live was always a little confusion, does this change rank as news or nah?


Backblaze S3 API Beta

Salesforce unveiled Work.com, a suite of apps to help organizations manage the return to offices from COVID-19. Most components have yet to be released, with an Emergency Response Management platform available at launch. Other tools coming include private contact tracing apps, employee wellness assessments, workforce reskilling, and a workplace command center to centralize information related to employee and organizations health. Each component on work.com is a la carte paid service


Is Thunderspy a Problem?

Eindhoven University of Technology researcher Björn Ruytenberg demonstrated Thunderspy, a vulnerability on some Thunderbolt equipped Windows and linux PCs, that would allow an attack to bypass logins. The attack works on Thunderbolt-enabled devices made before 2019 and bypasses the “security levels” feature that can prevent access from untrusted devices, or force a Thunderbolt port to only use USB connectivity. Thunderspy requires accessing the Thunderbolt controller, aften by removing a computer’s backplate, and flashing the firmware with a SPI programmer device to remove all security states, which takes about two minutes. Intel’s Kernel Direct Memory Access Protection prevents the attack but Ruytenberg said that the feature isn’t standard, isn’t supported by devices made before 2019, and that major OEMs like Dell do not appear to offer it yet.


STAMINA Malware Detection

Intel and Microsoft released details on a new malware detection project called STAtic Malware-as-Image Network Analysis, or STAMINA. This project takes a binary input file and converts it into a stream of raw pixel data, with black or white pixels based on the binary values. This one-dimensional stream of pixels is then turned into a 2d image by assigning a width based on the overall pixel file size. A pre-trained deep neural network trained on 2.2 million infected portable executable files scans the images, and was able to achieve 99.07% accuracy in identifying and classifying malware, with a 2.58% false positive rate. Microsoft said the system works best with smaller files.


Google Messaging Leadership

Google announced that it would bring its “collective communication products” under the oversight of VP and GM of G Suite Javier Soltero. This now includes Messages, Duo, and the phone app on Android, with Google Meet and Google Chat already part of G Suite. Speaking to The Verge, Soltero said there are no immediate plans to change or integrate any of Google’s messaging apps, and that the company believes people chose Google’s messaging products for specific purposs. Soltero joined Google back in October, previously the co-founder of Acompli and VP for Microsoft’s Office Group.


Dell EMC PowerStore

Dell EMC launched PowerStore, a new unified block/file storage array line that cleans up their somewhat confusion midrange lineup. What once spanned from SC, Unity and XtremIO lines is now all under PowerStore, largely cleaning up the product lines both Dell and EMC acquired over the years. This now puts Dell EMC in line with a lot of storage rivals in offering single OS all-flash product lines, with only HPE among the big players keeping disparate Primera, 3PAR and Nimble. The lineup uses a typical dual controller arragement, with the five models offering the same capacity range, but differentiating on compute cores and memory. Effective capacity is up to 1,536TB effective with a both a fast NVMe tier and slower SAS SSDs. The array also features a ESXi hypervisor runs on the bare controller metal and the PowerStoreOS runs as a VM inside it, with the ability to run applications in other VMs alongside the PowerStoreOS VM.


The Gestalt IT Rundown is a live weekly look at the IT news of the week. It broadcasts live on YouTube every Wednesday at 12:30pm ET. Be sure to subscribe to Gestalt IT on YouTube for the show each week.

About the author

Rich Stroffolino

Rich has been a tech enthusiast since he first used the speech simulator on a Magnavox Odyssey². Current areas of interest include ZFS, the false hopes of memristors, and the oral history of Transmeta.

Leave a Comment