Blog - Page 11 of 144 - Advantage Computers NJ

Spearphishing targets in Latin America – Week in security with Tony Anscombe

ESET’s analysis of cybercrime campaigns in Latin America reveals a notable shift from opportunistic crimeware to more complex threats, including those targeting enterprises and governments

October 20, 2023/by Advantage Computer Inc.

Uncategorized

Strengthening the weakest link: top 3 security awareness topics for your employees

Knowledge is a powerful weapon that can empower your employees to become the first line of defense against threats

October 19, 2023/by Advantage Computer Inc.

Uncategorized

Better safe than sorry: 10 tips to build an effective business backup strategy

How robust backup practices can help drive resilience and improve cyber-hygiene in your company

October 18, 2023/by Advantage Computer Inc.

Uncategorized

Operation King TUT: The universe of threats in LATAM

ESET researchers reveal a growing sophistication in threats affecting the LATAM region by employing evasion techniques and high-value targeting

October 17, 2023/by Advantage Computer Inc.

Uncategorized

Staying on top of security updates – Week in security with Tony Anscombe

Why keeping software up to date is a crucial security practice that should be followed by everyone from individual users to SMBs and large enterprises

October 13, 2023/by Advantage Computer Inc.

Uncategorized

Virus Bulletin – building digital armies

Security researchers, global organizations, law enforcement and other government agencies need to have the right conversations and test potential scenarios without the pressure of an actual attack

October 11, 2023/by Advantage Computer Inc.

Uncategorized

6 steps to getting the board on board with your cybersecurity program

How CISOs and their peers can better engage with boards to get long-term buy-in for strategic initiatives

October 11, 2023/by Advantage Computer Inc.

Uncategorized

Scaling BeyondCorp with AI-Assisted Access Control Policies

Ayush Khandelwal, Software Engineer, Michael Torres, Security Engineer, Hemil Patel, Technical Product Expert, Sameer Ladiwala, Software Enginner

In July 2023, four Googlers from the Enterprise Security and Access Security organizations developed a tool that aimed at revolutionizing the way Googlers interact with Access Control Lists – SpeakACL. This tool, awarded the Gold Prize during Google’s internal Security & AI Hackathon, allows developers to create or modify security policies using simple English instructions rather than having to learn system-specific syntax or complex security principles. This can save security and product teams hours of time and effort, while helping to protect the information of their users by encouraging the reduction of permitted access by adhering to the principle of least privilege.

Access Control Policies in BeyondCorp

Google requires developers and owners of enterprise applications to define their own access control policies, as described in BeyondCorp: The Access Proxy. We have invested in reducing the difficulty of self-service ACL and ACL test creation to encourage these service owners to define least privilege access control policies. However, it is still challenging to concisely transform their intent into the language acceptable to the access control engine. Additional complexity is added by the variety of engines, and corresponding policy definition languages that target different access control domains (i.e. websites, networks, RPC servers).

To adequately implement an access control policy, service developers are expected to learn various policy definition languages and their associated syntax, in addition to sufficiently understanding security concepts. As this takes time away from core developer work, it is not the most efficient use of developer time. A solution was required to remove these challenges so developers can focus on building innovative tools and products.

Making it Work

We built a prototype interface for interactively defining and modifying access control policies for the BeyondCorp access control engine using the PaLM 2 Large Language Model (LLM). using the PaLM 2 Large Language Model (LLM). We used Google Colab to provide the model with a diverse, highly variable, dataset using in-context learning and fine-tuning. In-context learning allows the model to learn from a dataset of examples that are relevant to the task at hand, which we provided via few-shot learning. Fine-tuning allows the model to be adapted to a specific task by adjusting its parameters. Tuning the model with a diverse labeled dataset that we curated for this task allowed us to improve its ability to generate ACLs that are both syntactically accurate and adhered to the principle of least privilege.

With SpeakACL, and other tools leveraging AI in security, it is always recommended to take a conservative approach with the autonomy you give an AI agent. To ensure our model outputs are correct & safe to use, we combined our tool with existing safeguards that exist at Google for all access policy modifications:

Request LGTM from a teammate to ensure that the intent of the proposed change is correct.

Automated Risk Assessment occurs on proposed security policy at Google.
Manual Review by Security Engineers is performed on changes not assessed as low risk to ensure compliance with security policies and guidelines.
Linting, unit tests, and integration tests ensure that the access control language syntax is correct, and that the change does not break any expected access or permit unexpected access.

Looking to the future

While progress in AI is impressive, it is crucial we as an industry continue to prioritize safety while navigating the landscape. Other than adding checks to syntactically and semantically verify access policies produced by our model, we also designed safeguards for sensitive information disclosure, data leaking, prompt injections, and supply chain vulnerabilities to make sure our model is performing at the highest level of security.

SpeakACL is an ACL Generation tool that has the potential to revolutionize the way access policies are created and managed. The efficiency, security, and ease of use achieved by this AI-powered ACL Generation Engine reflects Google’s ongoing commitment to leveraging AI across domains to develop cutting-edge products and infrastructure.

October 10, 2023/by Advantage Computer Inc.

Uncategorized

Virus Bulletin PUA – a love letter

Late nights at VB2023 featured intriguing interactions between security experts and the somewhat enigmatic world of grayware purveyors

October 10, 2023/by Advantage Computer Inc.

Android, Uncategorized

Bare-metal Rust in Android

Posted by Andrew Walbran, Android Rust Team

Last year we wrote about how moving native code in Android from C++ to Rust has resulted in fewer security vulnerabilities. Most of the components we mentioned then were system services in userspace (running under Linux), but these are not the only components typically written in memory-unsafe languages. Many security-critical components of an Android system run in a “bare-metal” environment, outside of the Linux kernel, and these are historically written in C. As part of our efforts to harden firmware on Android devices, we are increasingly using Rust in these bare-metal environments too.

To that end, we have rewritten the Android Virtualization Framework’s protected VM (pVM) firmware in Rust to provide a memory safe foundation for the pVM root of trust. This firmware performs a similar function to a bootloader, and was initially built on top of U-Boot, a widely used open source bootloader. However, U-Boot was not designed with security in a hostile environment in mind, and there have been numerous security vulnerabilities found in it due to out of bounds memory access, integer underflow and memory corruption. Its VirtIO drivers in particular had a number of missing or problematic bounds checks. We fixed the specific issues we found in U-Boot, but by leveraging Rust we can avoid these sorts of memory-safety vulnerabilities in future. The new Rust pVM firmware was released in Android 14.

As part of this effort, we contributed back to the Rust community by using and contributing to existing crates where possible, and publishing a number of new crates as well. For example, for VirtIO in pVM firmware we’ve spent time fixing bugs and soundness issues in the existing virtio-drivers crate, as well as adding new functionality, and are now helping maintain this crate. We’ve published crates for making PSCI and other Arm SMCCC calls, and for managing page tables. These are just a start; we plan to release more Rust crates to support bare-metal programming on a range of platforms. These crates are also being used outside of Android, such as in Project Oak and the bare-metal section of our Comprehensive Rust course.

Training engineers

Many engineers have been positively surprised by how productive and pleasant Rust is to work with, providing nice high-level features even in low-level environments. The engineers working on these projects come from a range of backgrounds. Our comprehensive Rust course has helped experienced and novice programmers quickly come up to speed. Anecdotally the Rust type system (including the borrow checker and lifetimes) helps avoid making mistakes that are easily made in C or C++, such as leaking pointers to stack-allocated values out of scope.

One of our bare-metal Rust course attendees had this to say:

"types can be built that bring in all of Rust's niceties and safeties and 
yet still compile down to extremely efficient code like writes
of constants to memory-mapped IO."

97% of attendees that completed a survey agreed the course was worth their time.

Advantages and challenges

Device drivers are often written in an object-oriented fashion for flexibility, even in C. Rust traits, which can be seen as a form of compile-time polymorphism, provide a useful high-level abstraction for this. In many cases this can be resolved entirely at compile time, with no runtime overhead of dynamic dispatch via vtables or structs of function pointers.

There have been some challenges. Safe Rust’s type system is designed with an implicit assumption that the only memory the program needs to care about is allocated by the program (be it on the stack, the heap, or statically), and only used by the program. Bare-metal programs often have to deal with MMIO and shared memory, which break this assumption. This tends to require a lot of unsafe code and raw pointers, with limited tools for encapsulation. There is some disagreement in the Rust community about the soundness of references to MMIO space, and the facilities for working with raw pointers in stable Rust are currently somewhat limited. The stabilisation of offset_of, slice_ptr_get, slice_ptr_len, and other nightly features will improve this, but it is still challenging to encapsulate cleanly. Better syntax for accessing struct fields and array indices via raw pointers without creating references would also be helpful.

The concurrency introduced by interrupt and exception handlers can also be awkward, as they often need to access shared mutable state but can’t rely on being able to take locks. Better abstractions for critical sections will help somewhat, but there are some exceptions that can’t practically be disabled, such as page faults used to implement copy-on-write or other on-demand page mapping strategies.

Another issue we’ve had is that some unsafe operations, such as manipulating the page table, can’t be encapsulated cleanly as they have safety implications for the whole program. Usually in Rust we are able to encapsulate unsafe operations (operations which may cause undefined behaviour in some circumstances, because they have contracts which the compiler can’t check) in safe wrappers where we ensure the necessary preconditions so that it is not possible for any caller to cause undefined behaviour. However, mapping or unmapping pages in one part of the program can make other parts of the program invalid, so we haven’t found a way to provide a fully general safe interface to this. It should be noted that the same concerns apply to a program written in C, where the programmer always has to reason about the safety of the whole program.

Some people adopting Rust for bare-metal use cases have raised concerns about binary size. We have seen this in some cases; for example our Rust pVM firmware binary is around 460 kB compared to 220 kB for the earlier C version. However, this is not a fair comparison as we also added more functionality which allowed us to remove other components from the boot chain, so the overall size of all VM boot chain components was comparable. We also weren’t particularly optimizing for binary size in this case; speed and correctness were more important. In cases where binary size is critical, compiling with size optimization, being careful about dependencies, and avoiding Rust’s string formatting machinery in release builds usually allows comparable results to C.

Architectural support is another concern. Rust is generally well supported on the Arm and RISC-V cores that we see most often, but support for more esoteric architectures (for example, the Qualcomm Hexagon DSP included in many Qualcomm SoCs used in Android phones) can be lacking compared to C.

The future of bare-metal Rust

Overall, despite these challenges and limitations, we’ve still found Rust to be a significant improvement over C (or C++), both in terms of safety and productivity, in all the bare-metal use cases where we’ve tried it so far. We plan to use it wherever practical.

As well as the work in the Android Virtualization Framework, the team working on Trusty (the open-source Trusted Execution Environment used on Pixel phones, among others) have been hard at work adding support for Trusted Applications written in Rust. For example, the reference KeyMint Trusted Application implementation is now in Rust. And there’s more to come in future Android devices, as we continue to use Rust to improve security of the devices you trust.

October 9, 2023/by Advantage Computer Inc.

Advantage Computer Solutions

4.9

Based on 80 reviews

review us on

Dank F

22:39 15 Apr 24

Amazing people helped me with all my problems great work on my machine I’m definitely coming back !!!

Manoj Bhagat

18:44 28 Mar 24

Great service, they revived my old notebook and made it fast again.. Very reasonable prices. Thank you

Berman Taylor

15:34 17 Mar 24

They have taken care of my computers for years! I can't imagine getting anything done without them. I appreciate their calm, good humor and advice.

Orelvis Redwoods

14:26 27 Feb 24

My computer didn't want to turn on, display anything at all, etc. Took it to these gentlemen and they fixed it for a reasonable price, totally recommend them.

Ashley Aguirre

22:26 19 Feb 24

Good prices they have everything and provide great service.

Laura H

12:50 17 Feb 24

The best computer support for a small business.

moira crabtree

19:15 17 Aug 22

I want to praise this company to the heavens! They are so very good. If your computer has ANY problem, particularly a difficult problem, THIS IS THE COMPANY TO CALL! They come quickly (eases any computer anxiety whether it's a business or personal situation). They are so smart (and you need someone smart enough to solve your issue), thorough (you do not need a half-baked job done), and so very pleasant to deal with (in a time when most service people are cranky.). This company was recommended by a business that needs flawlessly running systems. I was told they were good and reliable. They are so much better than that. I will never use anyone else. Once I have found the best, why look anywhere else? Save your sanity. Just call Advantage Computer Solutions. You won't regret it.

Amy Neustein

18:10 13 Jul 22

From Today --July 13, 2022I just had my computer serviced at Advantage Computer Solutions and again I couldn't be more pleased!! Al and Zack were fantastic! Not only did they diagnose the problem, and jump in immediately to help me, but they did it in record time!!! Al gave me a new SSD which makes my computer work at record speed. In addition, he cleaned out my fan to help with the freezing of the computer when the fan overheated. The concern and care afforded by Advantage Computer Solutions are extraordinary. This is a family-owned business that truly treats each client like a family member! I wholeheartedly recommend this place over the chain repair shops. I have complete confidence in Advantage Computer Solutions, which is a blessing indeed!!!Amy Neustein, Ph.D.Fort Lee, NJFrom six years agoI don't have enough words to express my appreciation for Nassar and Paul, and the other members of Advantage Computer Solutions. I live in Bergen County and travel to Passaic County because of the trust I have in the competence and honesty of Advantage Computers. What a blessing to have such seasoned and caring professionals available to service my computer. The company has deep respect for its customers. I am very pleased as I have been using their services successfully since 2010.

MikSchlag

13:46 15 Mar 22

Quickly attuned and all options presented within minutes. I was back up and running within 20 minutes ( on main computer) and it cost me 1/3rd of an office visit (they had everything (memory and SSD and didn't push options) in stock for my older computers)! Outstanding... or you could be standing out in the cold. They kept my business running!!

Steve Walden

14:00 10 Feb 22

I never leave reviews, but I have to give a shout out to Al and Advantage Computers because they do terrific work. Had my house wired with ethernet cable and they worked quickly, efficiently, were pleasant to deal with. Everything was cleaned up and done professionally. Among the best service I've had as a homeowner. Would highly recommend!

Dmitry Kreslavskiy

19:31 04 Jan 22

Had a great experience here. Nice, very polite and highly professional people and very reasonable charges as well.A laptop died suddenly for no apparent reason, occasionally allowing you to peek into BIOS setup, but not always, and always ending up with a black screen without going into Windows.Microcenter people told me to wait a week because of COVID, Nasser here took it and had good quality research results for me the morning after, - it was a dead motherboard, and he even explained the likely reasons for its failure.He salvaged the data for us to a USB stick and he let us spend all the time we needed picking the data we wanted copied.He spent a ton of time on us and only charged us about $50 for the research and another $50 for data copying, very reasonable, - Best Buy and Microcenter wouldn't been more pricey.Happy to recommend and come back again as well. Thank you so much for a great service!

RICHARD DEMAYO

14:45 22 Jan 21

The best guys in the business bring them any problem and give them a little time and they will give you a solution.

PRO AUTO BROKERS

23:50 11 Jan 21

These guys are the best in the business, very knowledgeable and easy going. Highly recommended, top notch in the computer business. My main man Al took care of us efficiently and fast, also great prices.Ed

Carlos Santos

23:24 26 Oct 19

I’ve known the Advantage Team for years. They are the absolute best techs in the field, bar none. I couldn’t tell you how many tens thousands of dollars they saved us over the years; they can be trusted to never scam anyone even though they would do so very easily. The turnaround time is also excellent, even if they don’t have a particular part in stock. They work fast and they work smart. In the decade I’ve known them, I’ve never had to return a computer because something wasn’t fixed. I believe that they’re one of the industries’ best kept secret.

D Lobiondo

18:07 30 Apr 19

They're true problem solvers for anyone with computer issues. We received expert help and courtesy at a reasonable price. We trust them and will return!

Sonya G

03:01 06 Aug 18

I had an excellent experience with Advantage. Aside from being extremely professional and pleasant generally, Zack was incredibly responsive and helpful, even before and after my appointment, and really resolved IT issues in my home office that had been plaguing me for years. I am so relieved to not have to think about this anymore! I will definitely call Zack again should I have any more IT needs.

Camp Sparkles

02:18 05 Aug 18

Al and Zack were so nice and knowledgeable. They figured out immediately what the problem was but instead of fixing it they let me know that my computer was still under warranty and that I should send it back to Dell. I stood in their store for 50 min on the phone with Dell and Al and Zack walked me through the process. I will definitely tell all my friends about their honesty and refer them. Thank you!

Mary Ann Adams

01:23 23 Mar 18

Very professional, excellent work, reasonable price. They definitely know their business.

Clemons Kunkel

06:16 07 Jan 18

Has worked on my computer for years.. Al does a great job and very Friendly. Have brought 3 computer because ever thing Changes. Thanks

Gennady Lager

18:04 17 Aug 17

I hired Advantage Computers to install an access point and improve the wifi signal at my home office. Zack took the time to understand my problem, communicate via email and phone, come up with a proposed solution, and schedule the work. He showed up on time and was very fair on price. The quality of the work is solid. I would hire him for all of my IT needs that I cannot resolve on my own.

Holly Kaplansky

13:09 02 Feb 16

Advantage Computer Solutions is absolutely great. They show up, do what they say they are going to, complete the job without issues (my other computer companies had to keep coming back to fix things they "forgot" to do....) and are fairly priced. Zack is awesome, reliable, dependable, knowledgeable....everything you want in a computer solutions vendor.

trudy holt

19:47 20 Nov 14

Excellent service! I am the administrator for a busy medical office which relies heavily on our computer system. We have used Advantage Computer Solutions for installation, set-up and for service. The response time is immediate and the staff is often able to provide help remotely. Very affordable and honest.... A++!!! Essex Surgical relies on Advantage Computer Solutions.

More reviews

Testimonials

Amazing!

Zack is amazing! I have gone to him with computer issues for the past few years now and he always finds a way to fix… Read more “Amazing!”

Amanda Tolve

Professional, smart & sensitive

Cannot say enough good things about Zack Rahhal and his team. Professional, smart, sensitive to small biz budgets and a helluva good guy. Could not… Read more “Professional, smart & sensitive”

Karen Schloss

AMAZINGLY WONDERFUL STAFF

stars indeed. So reliable and helpful and kind and smart. We call Al and he is “on it” immediately and such a FABULOUS teacher, patient… Read more “AMAZINGLY WONDERFUL STAFF”

Nancy Alberga

Whatever my need, unfailingly helpful

I’ve been a customer of the staff at Advantage for many years now. They have never let me down! Whatever my need, however big or… Read more “Whatever my need, unfailingly helpful”

Michael Lesher

Best Kept Secret

I’ve known the Advantage Team for years. They are the absolute best techs in the field, bar none. I couldn’t tell you how many tens… Read more “Best Kept Secret”

Carlos Santos

Excellent Experience

Sonya G

Simply The Best!

Simply The Best! Our company has been working with Advantage Computer Solutions for a few years, Zack and his Team are AWESOME! They are super… Read more “Simply The Best!”

Kara Steible

Advanced Technology Search

Awesome

The engineering team at Advantage Computers is the best in the business. They are nothing short of technical… Read more “Awesome”

Susannah Rubenstein

It’s like having a cousin in the business.

Al, Nasser and Zack have been keeping our operations going for over a decade, taking care of our regular upgrades and our emergency system problems.… Read more “It’s like having a cousin in the business.”

lenny steinbach

Lucille Laundry - Monroe St Passaic NJ

Exceptional People

In many cases, exceptional people do not receive recognition for their hard work and superior customer service. We do not want this to be one of those… Read more “Exceptional People”

John Belly

Cambridge Paving Stones and Wall Systems, Inc

Highly Recommended

I became a customer about 6-7 months and I can say nothing but great things about this business. Zack takes care of me. I am… Read more “Highly Recommended”

Nick T.

West New York, NJ

Life Savers

THANK GOD for this local computer repair business who saved me hundreds, my hard drive was messed up, i called the company with warranty they… Read more “Life Savers”

Desirée A.

East Rutherford, NJ

I don’t have enough words to express my appreciation

I don’t have enough words to express my appreciation for Nassar and Paul, and the other members of Advantage Computer Solutions. I live in Bergen… Read more “I don’t have enough words to express my appreciation”

Amy Neustein

Minuteman Press Newark

Advantage Computer Solutions is absolutely great. They show up, do what they say they are going to, complete the job without issues (my other computer… Read more “Minuteman Press Newark”

Holly Kaplansky

Minuteman Press Newark

Knowledgeable, Reliable, Reasonable

Knowledgeable, Reliable, Reasonable Working with Advantage Computers since 1997 for both personal and business tech support has been a rewarding and enjoyable experience. Rewarding, in… Read more “Knowledgeable, Reliable, Reasonable”

Ben Rowner

MR Capital Group, Inc

Excellent service!

Excellent service! I am the administrator for a busy medical office which relies heavily on our computer system. We have used Advantage Computer Solutions for… Read more “Excellent service!”

Trudy Holt

Essex Surgical

Great Advice and Service

Advantage offers great advice and service I bought parts for my gaming pc online and they put it together in a day for a great… Read more “Great Advice and Service”

Jose

Clifton NJ

Great Service, Support and Sales

Our company has been using the services of Advantage Computers since 2006. It was important to find a reliable company to provide us with the technical… Read more “Great Service, Support and Sales”

John Mezzina

Synatech, Inc.

Extremely Professional and Passionate

Our company has been working with Advantage since the 1990’s and have been a loyal client ever since. Advantage does not make it very difficult… Read more “Extremely Professional and Passionate”

Cherie Avinger

RCL Agencies, Inc. Clifton, NJ

Handles all our Office IT

Advantage Computer Solutions has handled all of our computer and IT needs for the past 2 years. The staff is always professional and the service… Read more “Handles all our Office IT”

Jennifer Raspanti

Optimum Orthopedics

Passaic Housing Authority

Since 1996 the Housing Authority of the City of Passaic has been a client of Advantage Computer Solutions. Our Agency has utilized their outstanding services… Read more “Passaic Housing Authority”

Michael S. O’Hara

Passaic Housing Authority

They made sure EVERYTHING was working

“When the computer I use to run my photography business started acting erratically and kept shutting down, I was in a panic. I depend on… Read more “They made sure EVERYTHING was working”

Phil Cantor

Phil Cantor Photography

Access Control Policies in BeyondCorp

Making it Work

Looking to the future

Training engineers

Advantages and challenges

The future of bare-metal Rust

Easy Contact

Company

Services

Testimonials

Amazing!

Professional, smart & sensitive

AMAZINGLY WONDERFUL STAFF

Whatever my need, unfailingly helpful

Best Kept Secret

Excellent Experience

Simply The Best!

Awesome

It’s like having a cousin in the business.

Exceptional People

Highly Recommended

Life Savers

I don’t have enough words to express my appreciation

Minuteman Press Newark

Knowledgeable, Reliable, Reasonable

Excellent service!

Great Advice and Service

Great Service, Support and Sales

Extremely Professional and Passionate

Handles all our Office IT

Passaic Housing Authority

They made sure EVERYTHING was working