Massachusetts ~ Corporate Income Tax: Interest and Liability Deductions Based on Deferred Stock Subscription Arrangements Rejected

first_imgThe Massachusetts Appeals Court has affirmed the Appellate Tax Board (Board) and rejected a claim for an abatement of corporate excise tax liability by a British multinational utility company and its U.S. subsidiaries because a series of complex deferred stock subscription arrangements between the taxpayers did not reflect true debt that qualified for an interest expense deduction from taxable income or a liability deduction from taxable net worth. The taxpayers argued that the Deferred Subscription Arrangements (DSAs) were agreements to sell and repurchase shares of stock and that the repurchase clause of the agreement was drafted to mandate repurchase if the DSAs were not repaid. According to the taxpayers, the mandatory nature of the clause created an unqualified obligation to repay the debt and amounted to true debt under Massachusetts corporate tax law. The taxpayers maintained on appeal that the Board did not apply the correct legal standard in interpreting the repurchase clause or in the weight given to evidence from the taxpayers’ employees and tax advisers about the meaning of the clause. The court rejected this argument and agreed with the Board’s finding that the clause was ambiguous. In ruling the clause was ambiguous, the Board was entitled to rule against the taxpayers, based on its findings concerning the circumstances surrounding the DSAs, the taxpayers’ intentions, and the Board’s assessment of the witnesses’ credibility. It was the taxpayers’ burden to prove that the DSAs created an unqualified obligation to repay, and the Board could find that the taxpayers’ burden was not met with documents, drafted by them, that were ambiguous on that very point. An ambiguous contract is construed against its author because the drafter had the capacity and opportunity for clear expression and should bear the detriment of unclear expression. The court also rejected the taxpayers’ alternative argument that, even if not mandatory, the right to repurchase the shares on a fixed date was sufficient, in itself, to establish an unconditional obligation to repay. Since the DSAs were not true debt, the taxpayers were not entitled to the claimed interest expense deduction in computing the taxable income portion of the excise tax. They also were not entitled to deduct the DSAs as a liability in computing the taxable net worth portion of the tax. Finally, the taxpayers were not allowed to claim a deduction in computing taxable net worth for U.K. stamp tax paid on the acquisition of a subsidiary because the taxpayers failed to prove that the tax was paid by the taxpayers or was the taxpayers’ liability.National Grid Holdings, Inc. v. Massachusetts Commissioner of Revenue, Massachusetts Appeals Court, No. 14-P-1662, June 8, 2016, ¶401-583last_img read more

Path Forward for Critical Spending Bill Remained Unclear but Encouraging at Press Time

first_imgCCH Tax Day ReportAt press time, the Senate had yet to vote on a continuing resolution (CR) that would keep the federal government, including the IRS, funded past December 9. The House passed the CR on December 8 by a 326-to-96 vote.The current stop-gap spending bill was set to expire on December 9 (TAXDAY, 2016/09/30, C.1). The Further Continuing and Security Assistance Appropriations Bill of 2017, introduced on December 6, passed quickly in the House but has faced obstacles in the Senate. The bill would provide funding for the government, including the IRS, through April 28, 2017.At press time, passing the measure on December 9 and averting a government shutdown seemed increasingly likely but not certain. Otherwise, the Senate, procedurally, would be able to vote on cloture to the CR in the early morning on Saturday, December 10. A vote on the resolution could then be expected on Sunday.“This continuing resolution is a responsible compromise, making only limited adjustments where required to preserve the security of this nation to prevent serious lapses in government services and to ensure the careful expenditure of taxpayer dollars,” House Appropriations Committee Chairman Hal Rogers said on the House floor after introducing the short-term funding bill. According to Rogers, the CR is an undesirable last resort but the only path forward.House Minority Leader Nancy Pelosi, D-Calif., expressed criticism of the CR for not extending coal miners’ health benefits beyond the first four months of 2017. “The CR does nothing to solve the critical pension problem that threatens the future of these miners and their families,” she said in a statement.Sen. Joe Manchin, D-W.Va., has been championing the effort on the Senate side, promising to block the CR until the Miners Protection Bill is passed. The measure would secure more extended pension and healthcare benefits for thousands of miners and their families, according to Manchin. He pledged to block passing the CR by unanimous consent, a path for which many Senate Republicans had been hopeful in order to adjourn on December 9.Senate Majority Leader Mitch McConnell, R-Ky., took to social media on December 9 to weigh in on the matter. “While some Senate Democrats may want to delay into a shutdown, House Democrats overwhelmingly rejected that approach,” he said. McConnell urged the passage of the CR, saying, otherwise, many of the constituents that Senate Democrats are trying to help will lose their benefits at the end of the month because the House cannot approve further measures. “The House is gone. They are through for this session,” McConnell said.A number of bipartisan tax-related measures were left awaiting Senate consideration at press time, although it remains unclear whether some or all of them will need to await consideration by the next Congress, rather than be approved by either roll call vote or unanimous consent at this time. These tax bills include, among others: the Emergency Citrus Disease Response Bill (HR 3957); the Combat-Injured Veterans Tax Fairness Bill (HR 5015); the Veterans TRICARE Choice Bill (HR 5458); and the Empowering Employee through Stock Ownership Bill (HR 5719).By Jessica Jeane, Wolters Kluwer News Stafflast_img read more

Tax Cuts and Jobs Act Awaits Trump’s Signature

first_imgThe Tax Cuts and Jobs Act (HR 1) is on its way to the White House for President Trump’s expected signature before the weekend. The Senate approved the bill, 51 to 48, a little after midnight on December 20. The House re-voted the same day, passing the bill, 224 to 201. The president’s imminent signing of HR 1 sets in motion a flurry of activity by the IRS, especially to update withholding guidance for 2018.RevoteThe House voted as expected on December 19 to approve HR 1 (TAXDAY, 2017/12/20, C.1). However, the Senate parliamentarian announced that several provisions violated the reconciliation rules (the so-called “Byrd rule”). The Senate GOP removed the offending language and the Senate approved the bill along party-lines. The bill returned to the House for a revote, where again it passed.Reaction“Delivering #TaxReform to the middle class is what this bill is all about. It’s time Americans keep more of their hard-earned money,” Senate Majority Leader Mitch McConnell, R-Ky., tweeted. “I’m incredibly proud of our work to move tax reform legislation for the first time in more than 30 years,” Sen. Dean Heller, R-Nev., tweeted.“The middle class is getting the short end of the stick while the super-rich and big corporations get a windfall,” Sen. Bob Casey, D-Pa., tweeted. “This is the worse piece of legislation we have passed since I arrived in the Senate,” Sen. Mark Warner, D-Va., said.Similar reactions took place after the House vote. “With the passage of the Tax Cuts & Jobs Act, it now pays for companies to stay in America—to make things in right here in America. That’s how we get economic growth,” House Speaker Paul Ryan, R-Wis., tweeted. “This tax legislation was a missed opportunity to achieve meaningful, positive change for middle class families,” Ways and Means Committee ranking member Richard Neal, D-Mass., said in a statement.White House CelebrationImmediately after the House vote on December 20, President Trump invited GOP leaders to the White House, where he thanked them for the tax package Among the high points in addressing the members, the president emphasized that “the typical family of four earning $75,000 will see an income tax cut of more than $2,000; in my opinion, that will be less than the average…. Companies will be coming back; they will stay in our country.… We will be bringing at least $4 trillion back [from overseas] and…the passthroughs and small businesses will be big beneficiaries.”WithholdingThe IRS had earlier announced that it is preparing updated withholding guidance (Notice 1036) to reflect HR 1. The bill revises the individual income tax rates, repeals the personal exemption, and makes other changes. “We anticipate issuing the initial withholding guidance (Notice 1036) in January reflecting the new legislation, which would allow taxpayers to begin seeing the benefits of the change as early as February,” the IRS posted on its website.Payroll professionals have cautioned lawmakers about potential hurdles. “HR 1 will turn much of the system, especially the payroll withholding infrastructure that is the underpinning of our entire economy, upside down,” the American Payroll Association (APA), told lawmakers on December 13. “With the elimination of personal exemptions under the tax code in favor of doubling the standard deduction, while at the same time providing an “as if there were an exemption” amount to use in determining employee withholding allowances, the bill would make it nearly impossible for employees to complete their Forms W-4 so they could properly calculate their annual federal tax liabilities.”Briefing AvailableFor more details about the newly enacted tax bill, see the special tax briefing, Congress Approves Sweeping Tax Overhaul, available here.By George Jones and George L. Yaksick, Jr., Wolters Kluwer News StaffLogin to read more tax news on CCH® AnswerConnect or CCH® Intelliconnect®.Not a subscriber? Sign up for a free trial or contact us for a representative.last_img read more

House Debates Delay of Medical Device, Other ACA Taxes

first_imgAt press time, House Republicans appeared to be moving to a floor vote on a temporary spending bill that would delay some Patient Protection and Affordable Care Act (ACA) (P.L. 111-148) taxes. House Speaker Paul Ryan, R-Wis., predicted the bill would pass despite opposition from Democrats and some members of his own party.ACA TaxesHouse Republicans have proposed to delay three ACA taxes: the medical device tax; the health insurance provider fee; and the excise tax on high-dollar health plans. Temporary delays of the medical device and health insurance provider fee expired after 2017. The excise tax on high dollar health plans is scheduled to take effect after 2019. All three taxes would be delayed as part of a temporary spending bill to keep the federal government open through mid-February (TAXDAY, 2018/01/18, C.1).“While the excise tax on high-dollar health plans does not officially penalize employer-provided health plans until 2020, it is already having a negative impact in the marketplace as many employers plan and negotiate their health care benefits on a multi-year basis,” the Employers Council on Flexible Compensation, said in a statement released before the expected House vote. The trade group called the proposed delay a “good first step” to ultimately repealing the tax.HurdlesSome House Republicans appear unwilling to keep funding the federal government with temporary spending bills. “At what point are we going to have a plan on where we’re going to land or are we just going to hope February 16 is better than January 19 because it’s in a different month,” Rep. Mark Meadows, R-N.C., said. The current temporary spending bill runs out January 19.House Democrats have also voiced their opposition to the temporary spending bill. “This bill does not provide disaster funding, address protection for DREAMers, extend additional health access for veterans, provide funding to combat the opioid epidemic, protect pensions, or any of the additional priorities which have mounted up,” House Minority Whip Steny Hoyer, D-Md., said.Ryan, however, expressed hope that the temporary spending bill would pass. “I have confidence we’ll pass this bill. Members understand: “why would we want a government shutdown,”” Ryan said.SenateSens. Angus King, I-Me., and Mike Rounds, R-S.D., expressed frustration with the temporary spending bills and urged Congress to pass a fiscal year (FY) 2018 budget. “We’ve got to close this escape hatch and stop voting for temporary bills,” King said. “It’s a matter of defense and it’s a matter of trying to make sure that in the future, we get our work done on time,” Rounds said. Senate Republicans need at least 60 votes to pass a spending bill. They have 51 votes if all Republicans are on board.Sens. Tim Kaine, D-Va., and Mark Warner, D-Va., floated the idea of a very short term spending bill. “We will support a short-term bill for a few days to keep the government open while we stay in town and conclude our negotiations,” Kaine and Warner said.Meanwhile, Sens. Ed Markey, D-Mass., and Elizabeth Warren, D-Mass., proposed legislation to repeal the medical device excise tax. Several of their Democratic colleagues in the Senate are expected to support their proposal.By George L. Yaksick, Jr., Wolters Kluwer News StaffLogin to read more tax news on CCH® AnswerConnect or CCH® Intelliconnect®.Not a subscriber? Sign up for a free trial or contact us for a representative.last_img read more

2019 Tax Filing Season Begins (IR-2019-07)

first_imgThe 2019 tax filing season has begun. The IRS issued IR-2019-7 giving taxpayers information on the filing season. In addition, the IRS has started accepting and processing 2018 federal individual income tax returns.The deadline to submit 2018 tax returns and pay any taxes due is Monday, April 15, 2019 for most taxpayers.However, taxpayers living in Maine and Massachusetts will have until April 17 to file. This is because of the Patriots’ Day holiday on April 15, and the Emancipation Day holiday on April 16.Tax Filing Season for 2019Despite the changes in the Tax Cuts and Jobs Act, the Service was able to open this year’s tax-filing season one day earlier than the 2018 tax-filing season. The IRS expects 90% of the returns to be filed electronically. Efiling and direct deposit remain the fastest and safest way to file an accurate income tax return and receive a refund.Taxpayers should check “Where’s My Refund?” after filing a return for updates on their refund’s status. Moreover, before calling the IRS for help, taxpayers should consult two online resources:Publication 5307, Tax Reform: Basics for Individuals and Families, andPublication 5318; Tax Reform What’s New for Your Business.Qualified taxpayers who still need assistance may visit one of the 12,000 community-based tax help sites that participate in the Volunteer Income Tax Assistance and Tax Counseling for the Elderly programs.Delayed RefundsLike last year, the Service expects refunds to be available by direct deposit as of February 27, 2019 , if the refunds are associated with:the Earned Income Tax Credit, orthe Additional Child Tax Credit.Expired TINsMany Individual Taxpayer Identification Numbers (ITINs) expired on December 31, 2018. The expired ITINs include any ITIN:not used on a tax return at least once in the past three years, andITIN with middle digits of 73, 74, 75, 76, 77, 81 and 82An example of an expired ITIN is 9NN-73-NNNN.ITINs with middle digits 70, 71, 72 or 80 expired on December 31, 2017, but taxpayers can still renew them.Affected taxpayers should act soon to avoid refund delays and possible loss of eligibility for some key tax benefits.Signing Electronic Tax ReturnsFinally, taxpayers can learn more about how to verify their identity and electronically sign tax returns at Validating Your Electronically Filed Tax Return.IR-2019-7Login to read more tax news on CCH® AnswerConnect or CCH® Intelliconnect®.Not a subscriber? Sign up for a free trial or contact us for a representative.last_img read more

Philly 360° Rewind: Philly Invades SXSW 2014

first_imgPhilly Invades Austin for SXSW(m. Edlow for Visit Philadelphia / Philly 360) Philly 360° hit the road and headed to Austin, Texas for the 2014 South by Southwest (SXSW) Festival. The Philly takeover was in full effect at this year’s festival. From March 7-16, the entire city of Austin is taken over by brands, musical artists, tech geeks, indie filmmakers, entertainment industry reps, celebrities, media and massive amounts of creatives and hipsters looking to check out new talent, trends and brand experiences — and Philly definitely played a major part in the Austin takeover.  Reppin’ Philly Music:  Philly’s local music scene repped hard at SXSW, and we were there to capture it all. Philly bands, artists and musicians played all across Austin — from large-scale stages to intimate spaces. Philly talent was everywhere. Sought after drummer and Philly’s own Spanky McCurdy played with Lady Gaga on the Doritos #BoldStage for her now infamous SXSW performance. Rising hip-hop artist Chill Moody performed on six stages with local R&B singer Beano and DJ Ricochet on the ones and twos.  Also on the hip-hop tip for the SXSW Philly takeover, Philly’s own hip-hop legend Freeway, plus rising emcees Gilbere Forte, Knxwledge, Eshon Burgundy, Da Truth and Chynna all held down Philly’s presence with shows during SXSW. And, at one of Okayplayer’s events, DJ Qool Marv had a 2-hour set dedicated to Philly hip-hop icons The Roots, plus a new mix from our very own DJ legend DJ Jazzy Jeff. Indie soulstress Res showed Austin how Philly lays it down in the R&B scene. And, emerging indie bands like Cheers Elephant, The Districts, Kurt Vile, Far-Out Fangtooth, Modern Inventors, Pattern is Movement and Cheerleader also showcased the Philly indie music scene.  Reppin’ Philly Brands:  Philly 360° also caught up with some Philly brands while there, including local radio station WXPN that was live broadcasting from SXSW. Our friends at Mitchell & Ness were also there as they launched a new reflective snapback hat. They had had some star power in their space at Woven House, including Kendrick Lamar, Wiz Khalifa, Lady Gaga, Diddy and Taboo. SInce Philly is the “City of Brotherly Love”, Philly 360° and Visit Philly also made sure to spread some of our own Philly love by giving out swag and gifts that were Philly-made, including: Phillyosphy shirts designed by Chill Moody and Curran Swint of Kings Rule Together, Jeantrix love pins, Philly 360° wristbands (shameless plug), Stacey Flygirrl Wilson’s jawn shirts and posters, DJ Jazzy Jeff Summertime 2 CDs, Uber Philly cards, 611 apparell, WXPN/World Cafe Live CDs, Victory Brewing Summer Love Ale beer koozies, Side Project Jerkey, Rival Bros. coffee and some Philly giveaways like a trip to Philly for the Roots Picnic and a Fuji Feather Bike.  The Official Behind-the-Scenes Video:  Like we said, the Philly takeover was in full effect during SXSW and all the talent held it down for their hometown. We hit the streets to connect with some of our homegrown talent and friends while we were there, and to also check in with SXSW goers to test their Philly knowledge. Be on the lookout for our Official Philly SXSW video to see exactly how things went down in Austin.  Stay tuned for more!last_img read more

Boris Johnson wins race to be UK prime minister

first_img(AP) Brexit hardliner Boris Johnson has won the race to lead Britain’s governing Conservative Party, and will become the country’s next prime minister.He defeated his rival Jeremy Hunt overwhelmingly in a vote of Conservative Party members.He will be installed as prime minister in a formal handover from Theresa May on Wednesday.The victory is a triumph for the 55-year-old Johnson, an ambitious but erratic politician whose political career has veered between periods in high office and spells on the sidelines.Johnson has vowed that Britain will quit the European Union, “come what may,” on the scheduled Brexit departure date of Oct. 31 even if it means leaving without a divorce dealBut he faces a rocky ride from a Parliament determined to prevent him from taking the U.K. out of the bloc without a withdrawal agreement.last_img read more

Data Center Crisis – How to Survive

first_imgInfoWorld recently published some pretty scary data on the data center crunch: exerpt: “Forty-two percent of the respondents said their datacenters would exceed power capacity within 12 to 24 months unless they carried out expansion. Another 23 percent said it would take 24 to 60 months to run out of power capacity. The managers reported similar figures for cooling: 39 percent said they would exceed cooling capacity in 12 to 24 months, and 21 percent said it would take 24 to 60 months. “I have done a series of blog entries on the topic: and Big Numbers in the Data Center – The Data TsunamiIn these I have focused the solution ( or at least treatment) for data center pain on three strategies – Refresh, Virtualize, and Densification. I don’t think I have used the word densification in a sentence before, but spell-check says it is real… For those who prefer a mixed media message, I agreed to record a series of short videos talking about the each approach and benefits for these strategies. Starting with the video on refresh. The next two – virtualization and densification, will be posted soon. Thanks for tuning in.last_img read more

Critical Usage Defect with AMT Reflector

first_imgLastly, the server reports that multiple connections have been made. It records hundreds of in-packets, but 0 out-pakcets. I’ve provided all the relevant information I can think of that would affect this usage situation. If anyone can think of a reason why this would not work in our specific network, please let me know. Overall, I’m interested by the potential of this tool, but disappointed by its non-functionality. No LuckThe listen and communication ports have been configured correctly. The server app is started, and begins listening. When I attempt to start the client application, I receive a notification: Upon testing Intel’s new AMT Reflector tool I was greeted with a cryptic error message. When attempting to connect to the server, the client failed with error code -4 (The AMT device is unprovisioned or provisioned in Enterprise Mode). But first, my setup. My test configuration consists of two Intel whitebox machines, each with Windows XP SP2 installed, AMT configured and provisioned in small-medium business mode running AMT 3.0. The entire network is isolated (no outside internet) and is administered by a DHCP server running on Windows Server 2003. I’m at a loss, because all other signs indicate that I am correctly provisioned in SMB mode. I tried unprovisioning and resetting to factory defaults and then setting up the ME from scratch.And now it gets stranger…When I attempt to run the reflector client on the same machine as the server (after reconfiguring the ports for localhost listening), I get some strange behavior. This is further confirmed by remoting into the client machine’s BIOS: The left machine (hostname: gbit-vpro-01) is running the server application and the right machine (hostname: gbit-vpro-02) is attempting to run the client application (although both machines should be able to run either component). The right machine is provisioned in SMB mode, which is confirmed by accessing it through SyAM Provisioning Server The client program is started. At this point, there is no response (no windows opens, no error, etc). But when the server is stopped, the same error message as before appears (and if the client was started multiple times while the server was running, the messages will stack.) The server is run, configured, and startedlast_img read more

Altiris and Intel vPro Use Cases – Part 5 – Tightening AMT Security

first_imgEND Part 5This concludes Part 5. This cliff-hanger will be continued in an even more unbelievable conclusion, Part 6. Now that the competitor has breached the office once again, can Might Modern Marketing’s IT staff protect their infrastructure, data, and themselves from this all out attack? Learning from previous mistakes, CSO Dan Williams discusses what they can do to better secure the powerful AMT functionality. Since the human factor is the biggest weakness, what can they do to strengthen this? Obviously they can’t remove it altogether; might as well shut the company down. In Intel vPro the human factor can be minimized due to available strong security technologies. AMT can be made more secure, but the continuing threats are emphasized when a computer is hijacked. What can be done to regain control? NOTE: If you have not read parts 1 through 4, please read these before reading this part as this is a continuation of the story begun in the previous sections. Altiris and Intel vPro Use Casescenter_img Mighty Modern Marketing HQ – Boston, MassachusettsBright sunlight filtered through the distant windows , overshadowing the bland fluorescent lights lit above. Jessica Langley watched the distant pedestrians seen in a narrow view near the street moving past with varying degrees of enthusiasm. The hot summer held to the south temporarily by a low pressure that brought in the cool Atlantic breezes. She imagined being able to hear the conversations of those passing, wondering what they spoke of, and if any of them had as crazy a life as her.”Ah, this is the life,” Tevita said as he leaned back. He placed his hands behind his head and stretched out his legs, pushing his office chair as far back as possible. With what looked like a deliberately casual gesture he tossed his headset onto his desk.”You should be worried,” Jessica commented dryly.”Worried? Why?”Jessica gestured sharply at her phone. “No one can call us with the phones down, so our work is just piling up while we sit here.””Hey, we have our mobile phones. If it’s not important enough for them to look up our numbers, then why worry about it?””You know that’s not how it’ll happen. As soon as the phones get up… WHAM! We’re here until the sun drops below the trees in the west.”Tevita’s smile lessened, but only a little. “They’ve been down for two hours. Perhaps they’ll be down all day, and we can leave early.””Right.”The Tongan shrugged, and Jessica briefly envied his ability to shove aside problems when they weren’t directly in front of him. He could have two amazingly nasty issues to work on, and he’d easily concentrate on one at a time as if the other issue didn’t exist. She wished she could compartmentalize in that manner, but when she had two critical issues to work on they hung over her like a dark shroud. Usually the one she wasn’t currently working pressed down as if to accuse her of negligence, but she couldn’t do two things at once. It wasn’t like knitting while watching TV.Like now, when she knew issues piled up while their phones remained down. She reached down and pulled up her mobile phone in case she’d missed an incoming call, but nothing showed. She sighed, standing up and stretching. Tevita frowned at her.”You aren’t going to bug the phone people again, are you?” he asked, as if accusing her of turning him in for some crime.”No,” she said. “Daniel Williams wanted to talk to me today so I’m heading up to his office.””Good. Don’t mention the phone issue to the CSO…”She rolled his eyes at him, but he only smiled, large hands moving deftly across the keyboard. Without phone call interruptions Tevita would clear out the email queue in no time.She took the stairs, hoping to work off the donut she’d eaten earlier that morning. It seemed no matter how resolute she thought she was to eat healthier, as soon as someone brought in free goodies her willpower vanished and she indulged. She doubted the climb from the first floor to the third made any real difference, but at least her husband wouldn’t get on her case about taking the elevator when she had two perfectly working legs.The door to Daniels office sat closed, and she peeked into the glass valance to the side. Daniel stared at his computer screen, his brows drawn low. He didn’t touch the keyboard and mouse, eyes moving across his monitor as if trying to puzzle something out. He just reached for the mouse when she knocked quietly on the window.He turned, a smile easing his expression. He waved her in, and she quickly hurried through the door.””You wanted to see me?” she inquired.”Yes, please sit down,” he said, gesturing to one of the empty chairs across his desk. She sat while he turned back to his computer.”Please watch,” he said as he launched Internet Explorer. “I’m going to talk you through what I’m doing, and I don’t want you to interrupt until I’m done. Okay?”Jessica felt a twinge of uneasiness stiffen her spine. “Of course,” she responded, trying to instill confidence in her voice. “What are you doing?”He only smiled. “First, I’ve discovered what password I can use to access AMT on all our vPro enabled computers…”She stood up. “What…?”He held up his hand, not unkindly. “Please humor me.”She sat back down, her unease blooming. She clasped her hands in her lap so she wouldn’t fidget, usually in the form of smoothing down her already crisp and wrinkle-free dress jacket. She couldn’t sit completely still, and found herself tapping her toe. Fortunately the carpet, however uninviting bland, muffled the sound.”Okay,” Daniel continued. “I don’t have access to Altiris though I have tried to gain it, unofficially of course.””Of course,” she said, and quickly clamped her teeth together before she asked another question.Daniel continued, “In light of that I’ve done some Googling and found that AMT has a web-interface that anyone can access using a browser. I haven’t figured out how yet, but I don’t think it’ll take me long. Let’s see… how to access AMT via a browser… This first hit talks about someone who is unable to access it.”Url: ().”Ah, in his post he says, “When I try to access the Web Interface (localhost:16992 or name:16992)… that means I can access my test in the same manner. Let’s watch.”Jessica bit her lip to keep from saying anything, determined to keep quiet until he’d finished his demonstration. She really wanted to ask him how he acquired the password, but she supposed she should wait until he validated that claim first. Plus, he’d asked her to keep quiet, and she didn’t want the CSO annoyed with her.Daniel clicked on the address bar, deleting the current address. He then typed in MMMAMT0043:16992 in the address bar. When he hit Enter the page refreshed, showing him the initial AMT login screen. He clicked the ‘Log On’ button, which provided a standard Windows security prompt. He entered in Admin as the username, and then typed in a password. Jessica’s stomach dropped. She didn’t see exactly what he put it, but it did look like he put in the right password.The Intel Active Management Technology web interface appeared, giving Daniel full access to the system. Jessica reached up and rubbed at her eyes.”Please tell me you simply asked Tevita for it,” she said when he turned to her.”No, but no need for you or Tevita to worry about that,” he said with what Jessica assumed was a reassuring smile. It didn’t help. “I believe I used the same methods our traitorous employee working in cahoots with Nifty Networks used to gain these powerful credentials. I’ll be conducting security training for our employees soon to try and plug that method.””So how did you do it?”Daniel nodded. “Good question, but the better question I’m posing to you is this: how can we better secure the AMT technology? See here under Remote Control? I can remotely reboot this person’s system and boot it up into an application I can use to wreak havoc. Nifty, no?”She swallowed hard. “No, not nifty.””Good. You see the issue. I’m tempted to not tell you how I did it. Mystery lends me an air of the supernatural, or at least my uber-geekness. Why reveal how? That’s like a magician revealing his secrets. Once the how is known, it isn’t so magical anymore. Okay, so I’m taking far too much pleasure out of this. I simply watched you and Tevita closely and caught you entering the password. It took several tries before I finally got it right.”The beginning of a migraine colored Jessica’s vision. “Great. I thought we had that password locked down…””As I said before, don’t worry about it. Everyone is too trusting when entering passwords. I’ll address that in our upcoming security meeting. What I want to discuss is how we can rectify this situation? Specifically I want to remedy the fact that anyone who does a smidgen of research will know that the administrative username for AMT is admin. We’ve handed any potential hacker one half of the credential equation.”Jessica nodded. “Yes, I see your point. Luckily I already know how to fix that. It’s as simple as making the admin password random on each system and using Kerberos to use our Domain credentials for access.””Good. The second point is I noticed that I can use a non-secure web address to access this. Can you get SSL enabled for all AMT communication?”Jessica nodded again. “Yes, specifically AMT uses TLC, the successor to SSL. I believe I saw an article on how to enable that on Symantec Juice.””Even better. Get those measures in place, and let me know when it’s completed.”She nodded, shaking his hand when he offered it. She left his office and headed back down, taking the stairs despite the throbbing in her head. When she reached her cube she noted that Tevita had his headset on, his previous smile absent from his face. She gave him a grin when he glanced over, and this time he rolled his eyes. She should get onto the phones, but she wanted to get those changes implemented as soon as possible so that even Daniel couldn’t crack the system… as long as Tevita and she carefully entered their passwords so others couldn’t eyeball them.She sat down and pulled up the Altiris Console. Both of her actions required a new vPro Profile to be pushed down to all the AMT systems, but that was the easy part. She started by enabling TLS on the server. Until she pushed down the new profile the AMT functions would not work. She leaned over to Tevita, and he glanced at her as she rolled closer in her chair.”AMT will be available for a time,” she said.Tevita reached up and muted his headset. “Why?””I’m enabling TLS. You know, encryption. When I enable it on the server side the clients will not be able to communicate back with the server until I update the profile and they have the right certificates.”He shivered. “Is that such a good idea? Certificates are tricky… we could easily mess up the whole thing and have no AMT access…””Tevita, it isn’t that complicated. I have all the Altiris documentation on how to do it. Besides, there’s a specific article on how to do it after the installation, here: . Piece of cake.””If you say so…””Trust me. If we had a hierarchal structure of certificate authorities, it might get a bit dodgy, but I’m just setting up the one root.””Yeah, and the flux capacitor needs just such and such gigawatts of power…””Just read up on it! It’s not that hard.”Tevita spoke for a moment into his headset, and took it off. “I don’t know anyone who understands it all that well.”She planted her hands on her hips. “It’s really simple. We give the root CA, aka the King, the credentials that are acceptable. Secondly, the Altiris server gets the credentials so it can work with the CA and the clients. We then load the matching credentials on the clients via the Provisioning Profile. Now everyone has the credentials.”He smiled. “What about client-side and server-side certificates?””Again, simple. Communication is unidirectional for a given parent/child certificate set. With basic TLS in vPro, all the clients have server certificates. The Altiris Server uses a client certificate to authenticate with the client so that the client machine will accept the AMT commands sent it.””Alright. That sounds simple enough, but what about the CA? What’s that for?”Jessica looked at him, her eyes narrowing. “What’s with the third degree? ‘Tell me Master Qui-Gon. What are midichlorians’?”Tevita burst out laughing. “Am I that transparent? I didn’t know you liked Starwars…””I don’t. Like that movie quote, your questions are contrived…””Hehe, yeah. I’m just trying to prove a point. It’s not that simple…””But it isn’t that complex, either. The CA tells the server-side component (the AMT Client) if the client connection (from the Altiris Server) is to be trusted. I know having the AMT clients act as the server seems a bit backwards, but since we want AMT functionality to be secure, it makes sense. The Altiris Server that tells AMT what to do needs to prove itself. This ensures a rogue server can’t just initiate any AMT functionality without having the proper certificate. So the server provides a client certificate, which the AMT system authenticates with the CA before allowing the Altiris Server ‘in’.””Okay, okay. That sounds simple enough. I’ll be sure to avoid AMT until next week when you get TLS finally working… kidding! Take it easy, I’m just joking.”She wanted to keep the stern look on her face, but a smile cracked through. “You just watch it, Mister.”Jessica turned her attention back to the Altiris Console. She opened up a browser on her second monitor and pulled up the Juice article she’d shown Tevita. She walked through the steps, sometimes checking back on the Altiris Administrator’s Guide for Out of Band Management, found at . She finished the processes except for updating the profile since she needed to also update the Admin password settings.She browsed in the Altiris Console under View, Solutions, Out of Band Management, Configuration, Provisioning, Configuration Service Settings, and clicked on Provision Profiles. She highlighted her active profile and clicked the pencil icon in the icon bar to edit it. Under the General tab, to the right of the window, she changed the Intel® AMT 2.0 password: setting from Manual to Random creation. She then clicked on the TLS tab and, using the previous directions, enabled TLS within the profile.She sat back as she clicked OK. Now that the Altiris Server was setup properly, she needed to push the new profile out. From her place in the console she backed up into the Provisioning folder, and then expanded the Intel AMT Systems folder and highlighted the Intel AMT Systems node. All Intel AMT Systems showed within the right pane. She clicked on the top one, scrolled down, and, while holding shift, clicked on the bottom one. She right-clicked and selected the ‘reprovision’ option.With a sly smile she glanced over at Tevita. He wore his headset again, though he looked less stressed than before. She rolled over and wrote on his whiteboard “AMT back up in a few hours”. For the time being they could rely on the Runtime Profile for authentication. Since Altiris knew all the random passwords for the Admin account, via Altiris they should have no problems with security. However she needed to quickly implement AD integration with Kerberos authentication just in case.She got up to take a quick break. She stretched, looking out over the cubes. She froze in mid stretch for a moment, before quickly pulling down her arms, her eyes widening. Two men in blue jumpsuits walked nonchalantly through the building, one holding a sheaf of what looked like generic forms and the other with a nondescript box. Despite their “non”-threatening postures, something about them bothered her. At first she simply watched them, trying to figure it out.The man in front emanated confidence like a shiny sword and shield, his smile infectious and full of perfectly white and straight teeth. His strong features seemed chiseled from brilliant marble, as if he’d been carved amid the statues of Rome. Not one of the rich brown hairs on his head stood out of place, his hazel eyes roving over the office as if memorizing all the details. He didn’t act suspicious, but his very manner belied the blue-collar worker outfit he wore.Right behind him strode the other man. He wore a beard, a hat pulled low over his eyes. She squinted, hunching down a little so she didn’t rise so high above the cube walls. He carried the box, his muscles tensed. He walked jerkily, each step seeming just a little unsteady. Sweat beaded on what little she could see of his forehead.”Tevita,” she whispered. “Does that guy look familiar to you?”He appeared beside her. “Who? Those two delivery guys?””Yes. The one carrying the box.”Tevita turned to stare at her. “It’s the ninja!”She shook her head, though the sudden clenching in her stomach belied the action. “No way, he’s in jail, right?””Probably not. He didn’t threaten anyone or do any actual damage, and the price of the hard drives he tried to steal doesn’t equal enough to be a felony, especially since he claims he was only after the hardware…””But why come back here? We know who he is…”He just shrugged. “Maybe he’s turning a new leaf…”She gestured at the other man just as they disappeared into the stairwell. “Maybe, but that other guy gives me the creeps. I wouldn’t be surprised if his name happens to be Lex Luther.”Tevita nodded. “Let’s follow them.”She shook her head. “No way! Let’s just call security and let them deal with it.”The Tongan only shook his head slowly. “The security company might be too slow to respond. Heck, they took forever to show up when our ninja friend showed up the first time. You go tell Bobby and I’ll shadow these two shifty guys.”Before she could respond he hurried away, surprisingly quiet for his bulky, muscled size. She clenched her teeth together, torn by indecision for a few precious seconds. She then turned and hurried towards the server rooms, hopping Tevita wouldn’t get himself into too much trouble.last_img read more

Companies Benefiting Today from Server Refresh

first_imgWinning: AlvotechAlyotech turns to Intel® Xeon® processor 5500 series to deliver insightful design improvementsRead about it hereThe results: ·          Alyotech benchmarked the new processor, developed on 45nm Hi-k next generation Intel® Core™ Microarchitecture, and increased performance by 65 percent over the previous generations, dual-core servers Winning: Atos OriginIntel® Xeon® processor 5500 series helps Atos Origin lower total cost of ownership of its data centre environment. Read about it hereOpens in a new window.The results:Atos Origin compared the performance of      the Intel Xeon processor 5500 series with four cores to that of the previous-generation      with just two cores. It found, on average, 2.4x greater      transaction throughput running a web server, 1.75x running a database server and 1.25x running an email      server. Winning: Société d’Exploitation des Transports de l’Agglomération Orléanaise (SETAO) SETAO turns to Intel® Xeon® processor 5500 series to strengthen and build on its service offerings.Read about it hereThe results: ·          Thanks to the Intel® Xeon® processor 5500 series and VMware hypervisor, SETAO is now able to provide mainframe-class quality of service and ensure easy deployment of new virtual machines and applications while reducing total cost of ownership.” Olivier Parcollet, Chief Technology Officer, SET ·          SETAO estimated that it could save approximately 40 percent on energy costs due to the higher server consolidation ratio and greater CPU energy consumption management. Winning: BMW Migration to Intel® Xeon® processor 5500 series lowers total cost of ownership and increases flexibilityRead about it hereThe results: ·          BMW Group is deploying Dell PowerEdge* servers powered by the Intel® Xeon® processor 5500 series, which will replace a RISC-based infrastructure that has much higher costs, lower performance and less flexibility ·          This allowed BMW Group to increase the workload to more than 80 percent and to significantly decrease the total cost of ownership (TCO). Winning: Rheinisch-Westfälische Technische Hochschule (RWTH)Leading German university turns to Intel® Xeon® processor 5500 series for high-performance computingRead about it hereThe results: ·          Implemented small server farm. Intel Xeon processor series performed more powerfully than RISC architectures. ·          2010 scale out. In 2010, the university plans to implement some 400 more systems with over 20,000 cores powered by the upcoming Intel Xeon processors code-named Nehalem EX Winning: Business and Decision GroupBusiness and Decision Group powers forward with huge virtualization project underpinned by the Intel® Xeon® processor 5500 series. Read about it hereOpens in a new window The results:Early results showed that      with the Intel Xeon processor 5500 series they could gain virtualization rates      of 20:1 and with a processor load slightly below 55 percent. Power consumption was reduced by approximately 30 percent compared to the previous generation of processors. About Hugh Mercer: I am a sales development manager in Intel’s Enterprise Solution Sales group. One of my responsibilities is working with Intel’s Server Platforms Group to indentify, develop and highlight success stories around Intel’s server platforms and technologies. Every day, Intel® technology and platforms help companies solve business problems and challenges. Here are a few of the growing number of stories and reasons for choosing Intel processors and technology. Winning: Onkosh.com Intel® Xeon® processor 5500 series boots performance of unique Arabic search engine Onkosh.comRead about it hereThe results: ·          Onkosh.com already witnessed an increase of around 20% in performance. This performance increase was possible due to the new micro-architecture with Intel Turbo Boost ·          Onkosh.com is now able to grow about 300% in terms of the ability to crawl and parse new Arabic content automatically discovered on the World Wide Web.last_img read more

Beta CIRA support in the 3.1 Intel vPro PowerShell module

first_imgNow call any Intel vPro PowerShell script.Important notes -The MPS informtaion is on a per session basis,So each time a PowerShell console is opened, the MPS information must be set.The MPS information is only available to scripts called in that console.Your feedback is welcome! I am planning on adding native CIRA support into the next Intel vPro Module release. Next add the conenction  information for your mps proxy. In my environment the proxy is mps.vprodemo.com. I will add both the http and socks proxy info. Beta CIRA support has been added to the 3.1 version of the Intel vPro PowerShell module. All of the Powershell cmdlets transparently communicate to the CIRA connected client through an MPS. First the CIRA proxy and client list must be registered with the Intel vPro PowerShell module. Afterwards, just call your normal scripts.I did not include native scripts to perform this fucntionality since I are planning that for the next release. Threfore we need some way to test that CIRA works and to explore the usage. To do this I wrote some test scripts and attached them to this blog. The next release of the Intel vPro module will include native CIRA support.I have three scripts:get-MPSStatus.ps1set-MPS.ps1manage-MPSClient.ps1First, lets ensure that no proxy is setup: Typeget-MPSStatuscenter_img Finally add your connected CIRA clients using the manage-MPSCLient script:manage-MPSClient.ps1 -hostname vproClient1 -action ADDmanage-MPSClient.ps1 -hostname vproClient2 -action ADDmanage-MPSClient.ps1 -hostname vproClient3 -action ADDlast_img read more

Data Center Innovation: Software-Defined Anything

first_imgIn a recent blog, I described software-defined networking (SDN) as a potential cure for network pains, providing a way to automate and dynamically manage network traffic for greater efficiency and better resource utilization. The key to SDN is the separation of network control and decision making from the hardware, automation of management tasks, and the pooling of network resources. SDN provides the roots for SDI. By applying this same principle, data centers can also use a programmable approach to infrastructure overall, automating and orchestrating memory, compute, storage, security, and energy requirements. Software-defined infrastructure (SDI)—also referred to as software-defined data center (SDDC) or software-led infrastructure—promises to expand software control to all areas of the data center by dynamically and efficiently adapting to changing workload requirements from across the organization. Managing the Changing IT Landscape: Software-Defined InfrastructureGartner recently released its 2014 top ten strategic technologies with software-defined anything (SDx) as one of the major disruptive technologies to watch. Why? Because four powerful trends—social, mobile, cloud, and information—are driving demand for a programmable infrastructure that automates the data center and executes at hyperscale. New architectures demand innovationThe IT imperative for SDI comes from the business. Demands for more flexible architectures to support the rapidly changing and dynamic needs of cloud computing, enterprise mobility, big data, and social computing are leading the way. Traditional IT provisioning and resource management tools are more labor intensive and simply can’t cope efficiently with the heavier performance demands of today’s applications and data-driven workloads. Plus, data center infrastructure is increasingly heterogeneous and therefore more complex to manage, increasing IT operational costs.SDI has the potential to overcome these challenges by delivering a new way to systematically automate relevant IT processes. SDI promises to extend the agility and efficiency benefits of cloud computing under a single management entity across all data center components. I believe SDI will be a positively disruptive force because in order to achieve these benefits, a company’s enterprise infrastructure will need to be re-evaluated from architecture to engineering to operations.SDI adoption expected to grow quicklyAnalysts from Research and Markets estimate the global SDI market at $396.1 million dollars this year.  However, by 2018, market growth is projected to reach $5.41 billion. That’s a 13 times increase over the next five years, driven in large part by the increasing demand for cloud computing. IT adoption is in the early stages, with new vendors and solutions emerging now. I’m looking forward to watching the promise of SDI unfold. Intel executive Diane Bryant recently discussed Intel’s commitment to re-architecting the data center, pinpointing SDI as a strategic foundation. Check out our SDI infographic for an overview on this technology.Chris Chris Peters is a business strategist with more than 21 years of experience ranging from Information Technology, manufacturing, supply chain, nuclear power and consumer products.Find him on LinkedInOpens in a new window.Follow him on TwitterOpens in a new window (@Chris_P_Intel)Check out his previous posts and discussions#ITCenter #SDI #Cloudlast_img read more

Intel Gateway Solution Is at the Center of Internet of Things Deployments

first_imgExpediting Intelligent SolutionsAvailable since early 2014, Intel Gateway Solution is a scalable, flexible family of integrated options that include the Intel Quark SoC X1000, Intel Quark SoC X1020D, and Intel Atom E3826 processors. The Intel Gateway Solution has the ability to connect legacy and new systems, ensuring that data generated by devices can flow securely from the edge to the cloud.“It’s really about bringing together all the critical elements and really accelerating our customer’s time to market,” states Adam Burns, director of IoT Solutions Group at Intel. “We’ve put all the security elements in there so they can start out with a secure system…we’ve got the application environment, so their investment is really focusing on building their value-added applications and services, not creating the wheel on a bunch of foundational building blocks.”Intel Gateway Solution is commercially ready, integrated with Wind River and McAfee software, and suitable for quick implementation into your own IoT infrastructure — something no one else on the market can currently claim.Built-In SecuritySecurity is a key building block in IoT. Without security integrated on every level, IoT deployment can go seriously awry. In addition, IoT will never achieve high levels of adoption if people don’t trust that data transferring is secure.Intel Gateway Solution, coupled with McAfee Embedded Control and Wind River Intelligent Device Platform XT 2.1, provides rich enterprise-grade security features — including secure boot, GRSecurity, and IMA, to name a few — for strong support and end-to-end security protection.The Internet-connected, data-driven era has arrived. Embedded sensors and devices have the ability to transform the enterprise, allowing for greater intelligence, cost efficiency, and value — Intel Gateway Solution is an essential component for any IoT business model, providing endless potential for innovation.If you’re interested in learning more about what I’ve discussed in this blog, tune in to the festivities and highlights from CeBit 2015Opens in a new window.To continue this conversation, use #ITCenter. The true potential of the Internet of Things (IoT) can only be reached when smart, embedded devices can interact and share data with the cloud, unlocking useful data that can provide new, invaluable insights to an organization. With enterprise embedded IoT demand on the rise, however, organizations are facing challenges of increasing separation, interoperability, and security risks.To combat this, Intel has created unique, fully integrated hardware and software building blocks designed to connect devices, aggregate information, analyze data locally, and open the communication channel so secure data can flow into the cloud.last_img read more

Intel and VMware Launch Hybrid Cloud Solution for AI

first_imgHybrid cloud opens the door to extract more value from data when new silicon-enabled artificial intelligence (AI) technologies are paired with software-defined infrastructure (SDI) that operates seamlessly from the edge to the data center core to the cloud. Intel and VMware are further strengthening their strategic partnership to make this hybrid cloud vision a reality with a new set of Intel AI resources that are delivered on the VMware Cloud Foundation (VCF), making it easier for customers to deploy AI. The Hybrid Cloud Data Analytics Solution from Intel and VMware serves both traditional, virtualized SQL/NoSQL workloads and newer, containerized compute and memory-hungry artificial intelligence applications.Together Intel and VMware are showcasing an AI platform that is a unique combination of Intel’s latest hardware innovations and VMware’s broad portfolio of hybrid cloud, hyperconverged infrastructure, and virtualization software products, container orchestration, and AI tools.AI ReadyIntel and VMware are delivering and easy-to-deploy AI inferencing solution with integrated AI optimizations. The Hybrid Cloud Data Analytics Solution includes the Deep Learning Reference Stack, the Intel® Distribution for Python, and the Intel® Math Kernel Library (Intel® MKL). The Deep Learning Reference Stack includes additional optimized building blocks such as the Intel® Distribution of OpenVINO™ toolkit, which can help accelerate the development of high-performance deep learning inference algorithms, and a version of TensorFlow optimized for Intel architecture. Industry-leading, open source, machine-learning software, such as H2O.ai, has been optimized for Intel architecture in the solution.Hybrid Cloud InfrastructureVCF delivers a fully software-defined infrastructure experience with a common operation model on-premises and in the public cloud. VCF recently added support for automated deployment and provisioning of Kubernetes clusters built on software-defined compute, storage and networking resources which can be used by Intel AI resources to glean more data insights faster. This combination of VCF, Intel technologies, and optimized AI software can help an enterprise looking to unleash insights from its data and get more out of its platform.“We are working with Intel to introduce AI value for both data and infrastructure,” says Lee Caswell, Vice President of Marketing for VMware HCI BU. “Intel AI delivers more insight into data trends while VMware pursues a self-driving infrastructure experience. Both companies are helping customers capitalize on the promise of AI in real-world environments.”Proven ResultsThe jointly developed Hybrid Cloud Data Analytics Solution helps enterprises operationalize analytics and AI on familiar infrastructure and speed time to market for applications. The VCF hyperconverged solution has a scalable infrastructure that is fully certified for the latest Intel® Xeon® Scalable processers and Intel® Optane™ technologies to handle the most demanding, business-critical applications.Each component of the solution has been optimized to run on 2nd Generation Intel Xeon Scalable processors, which are designed specifically to run performance-hungry AI applications alongside more traditional data center and cloud applications. Intel Xeon Scalable processors feature built-in inferencing acceleration through Intel® Deep Learning Boost (Intel® DL Boost) with Vector Neural Network Instructions (VNNI), offering 14x faster inference workload performance over the previous generation of processors.1Learn MoreThe Hybrid Cloud Data Analytics Solution from Intel and VMware is an easy-to-deploy and comprehensive solution that gives enterprises the ability to quickly unlock the insights hidden in their data—and scale the solution as future needs dictate. We’re proud to partner with our OEM partners, including Dell, to bring this solution to market soon. For more information, read the solution brief and contact your Intel representative to arrange a demonstration. 1 For more complete information about performance and benchmark results, visit www.intel.com/benchmarks.last_img read more