Saturday, June 18, 2011
It's being suggested that Google's "Suggest," also known as autocomplete, could be used to let spies send hidden messages.a
Wojciech Mazurczyk, of the Warsaw University of Technology in Poland, and a specialist in steganography — the art of hiding one message within another — believes that spies or terrorists could use the Google search feature to sneak communiques to one another.a
Mazurczyk and his team of researchers tested it out. Most of us know how autocomplete works. Type in a few letters, and Google offers up some suggested words or phrases that might be the ones you want, using an algorithm that predicts and displays search queries based on other users' searches.a
For example, I started to type in the word "test," as shown in the photo above. By the time I got to "tes," Google offered up the results shown, including "testosterone" and "test Internet speed." Google autocomplete can offer up to 10 suggested search phrases.a
Mazurczyk's team infected a "target computer" with malware known as StegSuggest, according to New Scientist. The malware intercepts the autocomplete lists "exchanged between Google and the infected computer, and adds a different word to the end of each of the 10 suggestions in the list on that particular machine. The added words are chosen from the 4,000 most used words in English to make sure they do not appear too outlandish."a
Then, the receiver of the message "types in a random search term and notes down the additional word in each suggestion."a
Those 10 extra words are looked up in a "codebook" that is shared by the receiver and sender, with each of the 4,000 words having a 10-bit binary number. "The numbers are linked together into a chain which is converted into text using a separate program on the receiver's home PC, revealing the hidden message."a
Mazurczyk shared the findings at a recent security conference in Prague. Not everyone agrees with them, though, in terms of invincibility. Ross Anderson, a cryptography/security specialist at the University of Cambridge, said in the New Scientist piece that he thinks law enforcement would pick up the scent because of the amount of traffic between sender and receiver.a
— Via The Next Weba
Google image search can't tell Obama from Bush You 'autocomplete' me wrong: Irish hotel sues Google Next for Google Docs: offline support, better presentations
Check out Technolog, Gadgetbox, Digital Life and In-Game on Facebook, and on Twitter, follow Suzanne Choney.a
By Todd BishopGeekwirea
The rise of free online alternatives to traditional cable television means the big cable operators will need to roll out user-experience innovations to keep those users in the fold. Cable giant Comcast this week showed where it’s headed — demonstrating a next-generation Xfinity TV interface that incorporates and tries to improve upon approaches from the traditional online world.a
One of them: Facebook integration, including a feature called "Friend Trends," showing the content most popular among the viewer's Facebook friends on Hulu, Netflix, the web and television. It’s part of a broader trend in the tech industry toward using Facebook "likes" to improve search results. (See also Microsoft Bing.)a
"The guide becomes what your friends tell you to watch, not what the linear alphabet tells you your options are,” says Comcast CEO Brian Roberts in the video below, from the National Cable & Telecommunications Show in Chicago yesterday.a
The demo starts at 3:30. Also see notes from presentation below.a
Watch Brian L. Roberts, Chairman and CEO of Comcast, demonstrate our next-gen products and innovations at NCTA.a
Simpler remote uses RF (radio frequency) vs. the traditional infrared to transmit signals, which eliminates the need to be in the direct line of sight of the signal receiver in the cable box.a
Cloud-based model means the interface can be "innovated and changed on the fly, in the cloud, and then it changes all over the country, instantaneously." Also means the system is running on "today’s computer, not yesterday’s box." System includes apps including weather, traffic and Pandora, in addition to Facebook. Search across live television and on-demand content. Search uses letters corresponding to numbers, as on a phone keypad. Searches not only program titles but program details — finding not only Cubs games, for example, but also a TV program in which the Cubs management was featured. Best line from the chief of the Philadelphia-based cable giant, as he’s conducting a hypothetical search: “We’re sitting here in Chicago. Gee, I’m interested in the Cubs. By the way, not really.”
The system is currently in testing in Augusta, Ga. We checked with the company, but there's no official word yet on when it will be rolled out nationally.a
Todd Bishop of GeekWire can be followed on Twitter and Facebook.a
Also on GeekWirea
Your TV is ringing: Comcast to offer Skype video calls in HD Comcast Xfinity app expands video on demand to iPhone, iPod Teenager sells his cloud-computing startup
Apple on Thursday amended the complaint it filed against Samsung in April. Apple still maintains that the mobile-device maker is using too many Apple ideas in its products. But Apple has found something more to beef about.
In April, Apple flat-out accused Samsung of stealing ideas from the iPad and the iPhone. Apple filed suit in U.S. District Court in Northern California alleging Samsung trespassed on its patents and its trademark with the Galaxy product line, which includes the Galaxy S smartphone and the Galaxy Tab tablet .
More Devices, More Infringements
Now Apple is adding more trespasses to the list, focusing on Samsung's Nexus 4G, Sidekick, Galaxy Tab 10.1, Droid Charge, and eight other devices. In all, Apple said 15 of Samsung's devices "slavishly" copy the iPhone and iPad. Apple added three new violated patents to the suit, including a touchscreen-related patent, a UI-related patent, and a multi-touch hardware patent.
Apple is also accusing Samsung of unfair competition. The iPad maker seeks injunctions as well as actual and punitive damages against its one-time ally. Apple also wants the court to rule that the alleged infringement was willful. Samsung hasn't responded to the latest accusations, but previously said it would "respond actively to this legal action taken against us through appropriate legal measures to protect our intellectual property."
Earlier this week, Apple settled a patent dispute with Nokia. Apple signed a license agreement with Nokia to settle all litigation between the companies. Apple will make an undisclosed one-time payment to Nokia and pay ongoing royalties.
Will Apple, Nokia Team Up?
"Apple is under the belief that pretty much the entire Android ecosystem was stolen from them. The belief is founded in the fact that much of the iPhone development occurred while (former Google CEO) Eric Schmidt was on Apple's board and Steve Jobs was mentoring the Google founders," said Rob Enderle, principal analyst at the Enderle Group. "Google has no deep IP portfolio. So it certainly looks like they copied somebody, and Apple is pretty convinced it was them."
In terms of Apple's willingness to settle with Nokia, Enderle warned not to look at the deal in terms of the Android patent wars. Nokia has a deep patent portfolio, for one, and Microsoft is already in a cross-licensing deal with the company. Neither Apple nor Nokia believe the other cheated to find success in the technology market, Enderle said.
"Both companies seem to agree that if anyone cheated, it was Google. Nokia and Apple are of one common mind, and that is that Google is stealing from both of them," Enderle said. "So I think you are going to see some coordinated efforts from Nokia and Apple going forward."
LulzSec, whose name suggests the hackers are laughing at the cybersecurity of their victims, has been on a month-long binge attacking game sites, government agencies -- including the CIA -- media outlets, and others and posting what it says is stolen data.
Dial a Hack
On Wednesday the group offered to take requests.
Inviting calls to a 614 area-code number that led to the voice mail of a Pierre Dubois, LulzSec told its followers to "pick a target and we'll obliterate it. Nobody wants to mess with The Lulz Cannon -- take aim for us, Twitter."
It later claimed "5,000 missed calls and 2,500 voice mails from today. The Lulz Boat must sail off and organize itself. Hope you enjoyed."
PC magazine said the hacked e-mail accounts were from Comcast, Yahoo Mail, Hotmail and Gmail. Gizmodo set up a tool to check if your information was made public.
One LulzSec follower claimed via Twitter to have accessed profiles for dating sites using the posted passwords and added obscene photos to the users' profiles.
The flippant LulzSec, whose logo features a caricature with a monocle, top hat, mustache and a glass of wine, vowed to continue hacking.
"These folks are trying to make a massive statement that security isn't adequate," said technology analyst Rob Enderle of the Enderle Group. "I think their subtle point is that most [other] thieves would go in, steal the stuff, and no one would know they were there." He said LulzSec's activities suggest these sites aren't as secure as they need to be and can't identify hackers.
"The thing most folks don't seem to get is the implication that these sites likely have been compromised for some time and no one has known, or done anything about that," said Enderle. "Call it an 'emperor has no clothes exercise.'"
Long Arm of the Law
How likely is the LulzSec bunch to get caught?
"Sadly, the chance of getting away with cybercrookery is fairly high," said Paul Ducklin, head of technology for the Asia-Pacific office of the cybersecurity firm Sophos in Sydney. "Jurisdictional issues alone make it hard to work out who's responsible for investigating, and who's responsible for prosecuting."
But there are some notable exceptions.
"You'd think that the chance of a cyberscammer in Nigeria getting busted for taking money off someone on the other side of the world in an e-mail fraud would be impossibly small," Ducklin noted. "But here in Australia, the cops occasionally manage to do just that. Criminal complaints laid in Queensland, for example, have been relayed to Nigeria and Ghana, perpetrators found, arrested, charged and convicted, and even (though admittedly very rarely) restitution extracted. So it can be done."
Ducklin said it's likely that law enforcement in several countries are working together to find LulzSec. But he said the hackers are likely encouraged to show off their skills by fans who egg them on.
A recent Sophos poll found that 40 percent of respondents see LulzSec as fun and worthwhile, and a further 17 percent said that although what LulzSec did was bad, it was still fun.
Apple recently filed a patent application for an app which would in theory help you find new friends — or a hot date. Will our iPhones soon turn into matchmakers?a
FastCompany suggests that Apple has realized just how much information about your personality is contained within your iPhone — from shared photos to downloaded songs — and that this data could be used to pair people up:a
Apple imagines that this data could be automatically scanned, or curated by a user intending to portray a particular public image, and then used as a wireless "beacon" to generate an ad-hoc social network of similar-minded folk.a
So exactly how would Apple's matchmaking app work? Based on what we're able to gather from the patent application, it would use your current location as well as your public data — which could include downloaded songs, shared photos, places traveled, or more — to pair you up with seemingly compatible nearby individuals. The process sounds like it would be opt-in — meaning that you would specifically allow the app to share and seek out information — and strictly policed by Apple.a
Now of course this is all speculation and it may be a long time before we ever discover if we're hitting the nail on the head — if we ever discover it. After all, Apple is prone to filing a lot of patent applications to simply protect ideas — many of which never turn into actual products.a
Don't use these passcodes on your iPhone! Apple to inform users of cell network security? Apple bans passcode-collecting app
Rosa Golijan writes about tech here and there. She's obsessed with Twitter and loves to be liked onFacebook.a
Friday, June 17, 2011
Photo from Julian Assange's forgotton OKCupid profile.a
By Helen A.S. Popkin
We know he's a terrible house guest, isn't afraid to own the dance floor, and that he can't keep a secret to save Bradley Manning's life, but how is WikiLeaks founder Julian Assange as a lunch date?a
Now, for more than $3,000 you could find out. That's how much you'll have to outbid in the current eBay auction that offers lunch with Assange and Slovenian philosopher, Slavoj Å½iÅ¾ek.a
Eight lucky winners of the auction — which ends in three days and currently has 30 bids — can look forward to this, according to the auction discription:a
The lunch will be from 12 - 3pm on Saturday 2nd July at one of London's finest restaurants. The meal will be followed by a Frontline Club event. from 4pm - 6pm at The Troxy in East London where these two formidable forces will be discussing the impact of WikiLeaks on the world and what it means for the future.a
Also, desperate. It seems that online shop WikiLeaks launched on the e-commerce platform Spreadshirt — to sell various WikiLeaks-branded merchandise — isn't payin' the bills.a
He should've gone with Cafe Press. Sigh. And with 30 bids and three days left to the auction, it seems eBay isn't working out so well for our International bad boy, either. How soon we forget.a
"Seriously, there have been so many transgressors since the rape accusations against Assange dragged down the public debate on rape and victim blaming, aided by Assange's own douchey pronouncements, that we'd almost forgotten about our pale-haired friend," reminds Jezebel's Irin Carmon, who compiled this "refresher on some of his most memorable utterances":a
His OKCupid profile advertised a "passionate, and often pig headed activist intellectual" who "seeks siren for love affair, children and occasional criminal conspiracy." He also likes "women from countries that have sustained political turmoil. Western culture seems to forge women that are valueless and inane. OK. Not only women!" He referred to Sweden as "the Saudi Arabia of feminism." (You can ask him whether Saudi Arabia is, in fact, the Saudi Arabia of feminism.) He once wrote of one encounter, "This conversational brutality took her breath away and she swooned. I was exactly what she secretly longed for; a man willing to openly disagree with her father." "I'm wearing you." Ugh.
Break open those piggy bank, gals!a
More on the annoying way we live now:a
WikiLeaks: Bradley Manning's forgotten Facebook page WikiLeaks people defect to Openleaks Mostly everything from WikiLeaks in 3 minutes
Helen A.S. Popkin goes blah blah blah about the Internet. Tell her to get a real job on Twitter and/or Facebook. a
This is a really fun project and one that can generate tons of money, goodwill and innovation that Microsoft can lay claim to inspiring, noted Al Hilwa, director of applications software development at IDC.
"It was great for Microsoft to pivot and open this technology up for developers," Hilwa said. "It is also very important in that audiovisual body gestures and sounds may be to television screens what touch was for telephone screens."
Microsoft's motion-sensing Kinect controllers have already become popular accessories among gaming enthusiasts. More than 10 million units were sold between the product's commercial launch last November and March. Now the company is moving the technology into the Windows PC environment on an experimental basis.
The free SDK should help further analysts' predictions about the transformation already under way where the traditional mouse/keyboard paradigm for PC interaction is replaced by a new model that fully integrates the user's physical movements and speech. Hilwa thinks the SDK will pay dividends in many ways, including generating revenue in the TV-app wars that are likely coming soon.
"It is up to Microsoft to move quickly and leverage its presence with Xbox today -- [as well as] new and existing assets like Skype and Zune -- into this market," Hilwa said. "Clearly bringing developers into the realm is what will allow the platform to take off."
However, a key question is how Microsoft might leverage its Kinect technology to make its next-generation Windows 8 operating system truly revolutionary. This may be one of the reasons why Microsoft is releasing a noncommercial Kinect SDK to academics and enthusiasts for now -- even as the software giant applies finishing touches to the architecture for Windows 8.
Under the Hood
The Kinect SDK beta incorporates audio-processing capabilities, such as sophisticated acoustic noise suppression and echo cancellation. The SDK also includes a beam formation that will enable Kinect to identify the current sound source. Additionally, the SDK includes a Windows speech-recognition API.
Other SDK elements include device drivers, rich APIs for raw sensor streams and natural user interfaces, together with installation documents and other resource materials. The goal is to provide a complete set of Kinect capabilities to developers capable of building apps in Microsoft Visual Studio 2010 based on the C++, C# or Visual Basic programming languages.
"The SDK includes not only drivers, but also APIs, device interfaces, installer documents and resource materials," noted Microsoft blogger Steve Clayton. "It's another exciting milestone for a technology that has captured the imagination of millions and has become the fastest-selling computer electronics device of all time."
What's more, the amount of time users devote to social networking has grown dramatically. Users spend an average of 16.6 percent of their online time at social-networking sites, up from 8.3 percent in 2007, noted Andrew Lipsman, senior director of marketing and industry analysis at comScore.
Though the increase in time is no big surprise, what's very interesting is the rapidly changing dynamics of the market, Lipsman observed. "For a long time, the social-networking story was almost exclusively the horse race between Facebook and MySpace," he wrote in a blog. "Tumblr is clearly experiencing a viral adoption curve right now."
On a Roll
Tumblr may be nearing the critical-mass threshold that has propelled other social-media sites to more widespread adoption, Lipsman noted. "It still has a ways to go before we can mention it in the same breath as LinkedIn or Twitter, but it just might get there if it maintains its current trajectory," he wrote.
Though Facebook continued to lead the field by attracting 157.2 million U.S. visitors in May, comScore noted that Tumblr (10.7 million visitors) and other leading social-networking players also reached all-time U.S. audience highs last month, including LinkedIn (33.4 million) and Twitter (27 million).
"There is definite underlying strength in LinkedIn's user-adoption curve at the moment," Lipsman observed. "In fact, it has reached all-time U.S. audience highs in seven of the past 12 months and has grown 58 percent overall in the past year."
Moreover, the number of visitors at Twitter has increased 13 percent year over year, which Lipsman attributed in part to the "exceptionally buzz-worthy news story of Osama Bin Laden's death" as well as an ongoing discussion of the royal wedding. However, the most impressive gains during the past year have been made by Tumblr, which racked up 166 percent growth.
Though MySpace continues to be the second most popular social-networking site for U.S. users after Facebook, its audience has declined nearly 50 percent during the past year. Moreover, the length of the average user engagement at MySpace has dropped 85 percent, Lipsman observed.
According to Pew, 92 percent of all U.S. social-network users were on Facebook when the survey was conducted in October and November of 2010. Only 29 percent used MySpace, followed by LinkedIn (18 percent) and Twitter (13 percent).
However, only seven percent of MySpace users and six percent of LinkedIn users said they accessed these sites on a daily basis, Pew reported. By contrast, 52 percent of Facebook users and 33 percent of Twitter users reported daily access.
Compared with Internet users in general, Facebook users accessing the site multiple times per day were 250 percent more likely to attend a political rally or meeting . Moreover, 57 percent were more likely to have tried to convince someone to vote for a specific candidate, and 43 percent were more likely to say they would vote.
By contrast, those who use MySpace have a significantly higher ability to consider multiple points of view. "The average adult scored 64/100 on a scale of perspective taking," Pew researchers noted. "A MySpace user who uses the site a half-dozen times per month tends to score about eight points higher on the scale."
Thursday, June 16, 2011
We've heard that Facebook can make teens depressed, wreck marriages, even kill couples' sex lives. But a new study finds the users of the social networking site are more trusting in general, have closer relationships and are more "politically engaged" than those who aren't busy friending others and sharing the activities and emotions of day-to-day life.a
The "use of social networking sites is growing" and "those who use these sites, especially Facebook users, have higher measures of social well-being," said the Pew Research Center’s Internet & American Life Project in a report, "Social networking sites and our lives."a
Pew also found that "the average Facebook user has 229 Facebook friends, with many of them being high school acquaintances and pals that they've either stayed in touch with, or with whom they've re-connected.a
"There has been a great deal of speculation about the impact of social networking site use on people’s social lives, and much of it has centered on the possibility that these sites are hurting users’ relationships and pushing them away from participating in the world,” said Keith Hampton, lead author of the report and assistant professor at the Annenberg School for Communication at the University of Pennsylvania, in a statement.a
“We’ve found the exact opposite — that people who use sites like Facebook actually have more close relationships and are more likely to be involved in civic and political activities.”a
Pew surveyed 2,255 American adults last fall. More people — 47 percent — are now using social networking sites, including Twitter, LinkedIn and MySpace, than in 2008, when only 26 percent said they did so. The average age of adult social networking sites was 38 in 2010, compared to 33 in 2008, Pew said; more than half of all adult users of such site are now over age 35.a
While 92 percent of those surveyed said they're on Facebook, 29 percent said they use MySpace; 18 percent, LinkedIn; and 13 percent, Twitter.a
Among the organization's findings about Facebook users:a
They're "more trusting than others." A Facebook user "who uses the site multiple times per day is 43 percent more likely than other Internet users and more than three times as likely as non-internet users to feel that most people can be trusted." They have "more close relationships." A person who uses Facebook "several times per day averages 9 percent more close, core ties in their overall social network compared with other Internet users." They are "much more politically engaged." As Pew notes, its survey was done during election season last fall. "Compared with other Internet users, and users of other social networking platforms, a Facebook user who uses the site multiple times per day was an additional two and half times more likely to attend a political rally or meeting, 57 percent more likely to persuade someone on their vote, and 43 percent more likely to have said they would vote." MySpace users, in contrast, "are the least politically active" among social networking site users; "only 9 percent" said they attended a political rally, 18 percent said they "attempted to influence someone's vote and 57 percent voted or intended to vote." They "get more social support." A Facebook user who "uses the site multiple times per day receives more emotional support and companionship" than those who aren't on the site. "For Facebook users, the additional boost is equivalent to about half the total support that the average American receives as a result of being married or cohabitating with a partner." Facebook helps users "retain high school ties and it revives dormant relationships." "In our sample, the average Facebook user has 229 Facebook friends," Pew said. Their friends' list breaks down this way: 22 percent are people from high school; 12 percent are extended family; 10 percent are co-workers; 9 percent are college friends; 8 percent are immediate family; 7 percent are connections made through voluntary groups; 2 percent are neighbors.
But, Pew noted, the remaining 30 percent or so of Facebook friends "cannot be classified" into any of those categories. And 3 percent of Facebook friends are people users say they have never met in person, while 7 percent are people they have met only once.a
"The remainder is friends-of-friends and social ties that are not currently active relationships, but 'dormant' ties that were meaningful once and have been at least somewhat maintained through use of Facebook," Pew found.a
The research organization also gauged what specific Facebook activities users do daily. On an average day:a
15 percent of Facebook users update their own status. 22 percent comment on another's post or status. 20 percent comment on another user's photos. 26 percent add the notation "like" to another user's content. 10 percent send another user a private message, one that is not shared on Facebook's site.
While some view Facebook a virtual meeting place for those with a certain viewpoint, Pew said that's not the case.a
"MySpace users are more likely to be open to opposing points of view," but "there is no evidence that (social networking site) users, including those who use Facebook, are any more likely than others to cocoon themselves in social networks of like-minded and similar people, as some have feared."a
And among the stats about users of all social networks, Pew found:a
"As with the use of most social media, (social networking site) users are disproportionately female (56 percent)." Women also comprise the majority of email users (52 percent), users of instant messaging (55 percent), bloggers (54 percent) and those who use a photo-sharing service (58 percent), such as Flickr or Picasa. Facebook and Twitter are "used much more frequently by their users than LinkedIn and MySpace. Some 52 percent of Facebook users and 33 percent of Twitter users engage with the platform daily, while only 7 percent of MySpace users and 6 percent of LinkedIn users do the same. By comparison, 62 percent of MySpace users, 40 percent of Twitter users and 44 percent of LinkedIn users engage" on those sites less than once a month. Only 6 percent of Facebook users say they're involved with the site less than once a month. Nearly twice as many men (63 percent) as women (37 percent) use LinkedIn, a professional social networking site. The average adult MySpace user is younger (32), and the average adult LinkedIn user older (40), than the average Facebook user (38), Twitter user (33) and users of other SNS users (35). MySpace users tend to have fewer years of formal education than users of other social network services, whereas most LinkedIn users have at least one university degree.
No matter which social networking site people use, the sites have "become increasingly important to people as they find ways to integrate check-ins and updates into the rhythms of their lives,” said Lee Rainie, Pew Internet Project director, and a co-author of the report.a
"People use them now to stay in touch with their best friends and distant acquaintances alike. But the story hasn’t ended. It’s clear that the world of networked individuals will continue to change as the platforms and populations of users continue to evolve."a
Related stories about Facebook:a
Red Tape: Should 10-year-olds use Facebook? What's your policy? Facebook: Marriage killer? Contemplating divorce? Beware social networks Docs warn about teens and 'Facebook depression' Your mom — and grandma — are probably on Facebook
Check out Technolog, Gadgetbox, Digital Life and In-Game on Facebook, and on Twitter, follow Suzanne Choney.a
Hacking collective LulzSec has struck its biggest target yet – the Central Intelligence Agency.a
The loose-knit organization has claimed via its Twitter feed that it is responsible for the outage of the CIA.gov website.a
A visit to the site of the CIA's public website confirms that it is, indeed, offline for the time being.a
"We are looking into these reports," a CIA spokeswoman told Reuters.a
LulzSec announced what is likely a DDoS (distributed denial-of-service) attack shortly before 6 p.m. East Coast time.a
"Tango down," the group Tweeted, pointing to www.cia.gov.a
This follows weeks of attacks by the group that have taken out multiple gaming websites as well as an FBI website, a porn site and a Senate website as well.a
For more LulzSec news, please see:a
Hackers again break into U.S. Senate website Bethesda is latest game company hit by hackers LulzSec goes on hacking rampage against game sites
"Now accepting calls from true lulz fans -- let's all laugh together at butthurt gamers. 614-LULZSEC, accepting as many as we can, let's roll," read the tweet.
Security Is 'Drab'
Our call to that number produced only a standard outgoing voice-mail message from "Pierre Dubois." A reverse lookup of the number was unsuccessful, as it appears to be unlisted.
LulzSec first emerged last month with attacks on a wide range of targets. "We're ... a small team of lulzy individuals who feel the drabness of the cyber community is a burden on what matters: fun," the group posted in its own web site, which on Wednesday featured a long list of links to internal data LulzSec says it retrieved from the U.S. Senate, Sony Pictures, Nintendo, Fox and PBS.
"We don't like the U.S. government very much," reads the post with the Senate data, a long list of programming code. "Their boats are weak, their lulz are low, and their sites aren't very secure. In an attempt to help them fix their issues, we've decided to donate additional lulz in the form of owning them some more! This is a small, just-for-kicks release of some internal data from Senate.gov -- is this an act of war, gentlemen? Problem?"
Despite the playful tone -- the LulzSec site greets visitors with the theme from the Love Boat TV show -- the breaches are serious business to cybersecurity experts.
Flirting with Jail
"They are definitely breaking the law," said Graham Cluley, senior technology consultant at U.K.-based Sophos Security and author of its Naked Security blog. "In most countries around the world, it is illegal to access a computer system without authorization -- and they have clearly done that by exposing users' information and sensitive data. Furthermore, they have launched denial-of-service attacks against web sites, which has seen other hackers go to prison in the past."
Can they be traced and stopped?
"I would imagine that the authorities are looking into that," Cluley said. "However, my guess is that LulzSec is being careful to cover its tracks and hide their location. The danger for LulzSec, of course, is that they may get cocky and make a stupid mistake."
Cluley said despite the brazenness, LulzSec should quit while it's ahead. "They've gained a lot of attention from the media, and the computer-crime authorities will be very keen to identify them," he said.
Last September, Edwin Andres Pena, 27, was sentenced to 10 years in prison for hacking Internet phone networks to make unauthorized calls. And in March 2010, Albert Gonzalez, 28, who used the code name Soup Nazi, got 20 years for hacking credit accounts and stealing as much as $200 million.
But LulzSec doesn't appear to be interested in hacking for profit, only for fun, and, it claims, to expose security weaknesses.
"The slew of Internet Explorer vulnerabilities presents a significant attack surface for cybercriminals to poke at," said Joshua Talbot, security intelligence manager at Symantec Security Response. "None of these are being exploited in the wild yet, but you can bet they will be in the near future. Given that at least one of the recent high-profile data breaches exploited a similar previously patched vulnerability, these should be a high priority."
IE9 Remains Vulnerable
Talbot said some IT administers might be feeling safe because they recently updated their systems to the new Internet Explorer 9. But, he noted, with several critical vulnerabilities being patched in the newest version of the browser, they should avoid being lulled into a false sense of security.
"The only vulnerability already being exploited is the Ancillary Function Driver issue. This is a privilege-escalation issue, which means it can be used in conjunction with another exploit to increase an attacker's access to a targeted system," Talbot said.
"For example, the Internet Explorer vulnerabilities patched today only give an attacker user-level privileges. Combined with this vulnerability, however, they could gain complete system access."
Chum in the Water
Andrew Storms, director of security operations at nCircle, said there's plenty of chum in the water to attract attackers in this month's release. Seven of the nine bulletins rated critical also come with an exploit index of one, indicating it's very likely an exploit will be developed within the next 30 days.
"As usual, Internet Explorer is at the top of the critical list. This is the first IE9 patch since it was released in April, and it has to be uncomfortable for Microsoft to have to patch their brand-new browser so quickly," Storms said.
Storms said anyone using older versions of Office should use the Office file-validation tools Microsoft released in April. That, he noted, is because these tools will significantly reduce the security risks associated with older versions of Microsoft Office.
"There are going to be some long days and longer nights for most security teams over the next few days," Storms said. "Today's hefty Patch Tuesday release of 16 bulletins and 34 bug fixes is just the beginning. Security teams also expect a large Adobe security release today."
The Adobe Factor
Tyler Reguly, technical manager of security research and development for nCircle, figured most IT admins probably have the patch drill down to a science at this point: Patch Internet Explorer first, your client software second, and obscure software third.
"While enterprises should be patching Internet Explorer as quickly as possible, I'll be digging into SMB Server Denial of Service and Active Directory Certificate Server Cross Site Scripting issues," Reguly said. "With the patches from both Microsoft and Adobe expected today, system administrators will have their hands full for the next couple of weeks."
We recently told you about how a developer used information gathered from his app's users to reveal the 10 most frequently used iPhone passcodes. Unfortunately for him, it seems that as soon as Apple got wind of his "research," it decided to ban his app.a
BGR reports that despite the fact that Daniel Amitay's app Big Brother Camera Security was not collecting users' actual iPhone lockscreen passcodes or information which could be traced back to individual users, Apple's security conscious side felt the need to ban the app. Amitay elaborated on his blog:a
Big Brother has been removed from the App Store. I’m certainly not happy about it, but considering the concerns a few people have expressed regarding the transfer of data from app to my server, it is understandable.not the actual iPhone lockscreen passcodes. Second, when the app sends this data to my server, it is literally sending only that number (e.g. “1234”) and nothing else. I have no way of identifying any user or device whatsoever. a
I think I should clarify exactly what data I was referring to, and how I was obtaining it. First, these passcodes are those that are input into Big Brother, a
He proceeded to express that he hopes the ban can be reversed and offered to remove the offending code from his app.a
Don't use these passcodes on your iPhone! Apple to inform users of cell network security? Android app hacks Facebook and Twitter accounts in seconds
Rosa Golijan writes about tech here and there. She's obsessed with Twitter and loves to be liked on Facebook.a
Wednesday, June 15, 2011
The unlocked device cannot easily be used on Verizon Wireless, Sprint Nextel or other CDMA-based carriers, since that requires a different chipset. Hacking the phone to use those networks, known as jailbreaking, voids Apple's warranty.
Without a subsidy from AT&T -- worthwhile for the carrier since voice and data plans more than recoup the difference -- the unlocked iPhone, available in black or white, costs $649 for the 16-gigabyte version and $749 for the 32GB version.
That's more than the cost of buying the subsidized phone at $199, jailbreaking it (if you're able) and paying AT&T's $325 termination fee to switch to another carrier, something the majority of customers won't do.
But the high cost may be worthwhile to some users, said Michael Gartenberg of Gartner Research.
"While most consumers are going to be best served by just buying a subsidized phone, there are cases where this makes sense. For example, users who travel overseas and want to use local SIMs for cheaper costs, or, in the U.S., T-Mobile customers who want an iPhone and are willing to put up with using it at much slower speeds on EDGE as opposed to 3G."
The iPhone isn't compatible with T-Mobile's standard data network . And switching from AT&T to T-Mobile could be irrelevant if regulators approve a merger that would make the combined company the nation's largest wireless provider.
Not for the Mass Market
"For the most part, it's not a mass-market product; it's not even clear that Apple will sell this in their retail stores -- but for consumers who do need it, they will appreciate the availability," said Gartenberg.
Rumors of an unlocked iPhone, which has been offered in the past for older models, began with a tweet Monday from Chronic Wire, a self-described tech enthusiast, that "Unlocked iPhones headed to Apple Stores for Wednesday: MC603 (16GB, Black) MC604 (16GB, White) MC605 (32GB, Black) MC606 (32GB, White)."
The report was met with skepticism in the tech media and among analysts, who noted that Apple prefers to control the user environment by dealing with select carriers rather than have the iPhone perform differently on various networks (although the performance of iPhone on AT&T has been less than stellar).
There's no indication whether Apple will release an unlocked CDMA iPhone or a version that can switch between networks. The CDMA iPhone for Verizon began shipping in February. Apple didn't respond to our requests for comment.
The iPhone 5 is expected to be available this fall.
By Winda Benedetti
Microsoft was unusually quiet at last week's annual video game extravaganza known as the Electronic Entertainment Expo. But if the rumor mill is to be believed, that won't be the case at next year's E3 when Microsoft will reportedly announce the successor to the Xbox 360.a
This rumor comes courtesy of game site VideoGamer.com. According to the site, "a high-ranking industry source at Crytek" who has worked with the machine, told them Microsoft wants to make its new console announcement ahead of rival Sony and will do so in the next 12 months and likely at next year's E3.a
The unnamed source also told VideoGamer that Crytek is already developing a new "TimeSplitters" game for the next generation of consoles. According to Videogamer.com...a
The source reports that the graphics on TimeSplitters 4 are noticeably improved over current generation technology ... As for the game itself, the new TimeSplitters is reported to focus on the series' branching paths and exploratory nature, with sandbox-style gameplay elements a big priority. The current goal is for levels to feature multiple routes that lead to the same overall conclusion.a
Though Microsoft has declined to comment on the rumors, the timing of this alleged forthcoming announcement certainly does make some sense.a
At this year's E3, Microsoft revealed a couple of new "Halo" games and talked up its Xbox Live TV plans. But compared to Nintendo and Sony — who grabbed all kinds of attention with their forthcoming Wii U and PlayStation Vita game gadgets — Microsoft played it low-key. Certainly it won't do that two years in a row.a
Meanwhile, this newest Xbox successor scuttlebutt arrives following last month's rumor that Microsoft's new Xbox machine had been spotted in the Electronic Arts offices. In fact, that rumor had inspired even more rumors that Microsoft would unveil its new machine at last week's E3.a
But it just goes to show you how reliable the rumor mill is. Microsoft said not a single thing about what's to come after the Xbox 360 during last week's trade show.a
Then again, it did confirm the rumor that "Halo 4" was in the works. So the question is — will "Halo 4" be made for the Xbox 360? Or perhaps for the Xbox 720?a
(Thanks to VideoGamer for the heads up.)a
For more gaming news, check out:a
Why 2011 is an epic year for video games The zombies of 'Dead Island' will hunt and haunt you 'Dance Central 2' delivers more dancers, music, laughs Seven things to love about PlayStation Vita Hands on with Nintendo's Wii U
Winda Benedetti writes about games for msnbc.com. You can follow her tweets about games and other things right here on Twitter.a
So Verizon will soon be offering data -download speeds of five to 12 megabits per second in 74 metropolitan areas across the United States, and speeds of two to five Mbps for uplinks, noted Verizon Wireless Chief Technology Officer David Small.
"We are aggressively expanding our 4G LTE network," Small said. "By the end of 2013 we plan to bring 4G LTE mobile broadband to our entire 3G coverage area."
LTE Upgrade Choices
Verizon subscribers who wish to upgrade to LTE's faster speeds have a selection of hardware options from which to choose. On the smartphone side, Verizon currently offers the HTC Thunderbolt, the LG Revolution, and the Samsung Droid Charge.
New LTE modem cards from Novatel, Pantech and LG are available for purchase by laptop users, and also on tap are 4G-compatible mobile hot-spot products. On the downside, fans of Apple's iPhone and iPad will need to stick with 3G for a while yet.
Some analysts are predicting that Apple will roll out a new iPhone 5 in September. "Given iOS 5 will be available this fall, we believe implies new iPhone hardware in September," observed Piper Jaffray analysts Gene Munster and Andrew Murphy earlier this month.
Still, this doesn't necessarily mean Apple intends to integrate superfast LTE capabilities into its next-generation iPhone. Verizon's LTE network operates on a different set of frequencies than the current 3G system, which means Apple's engineers would need to design, test and perfect a new antenna design for LTE's 700-MHz spectrum. Given Apple's past history of antenna problems, the company's engineers are sure to be very careful this time around.
"We believe the fifth-generation iPhone, possibly branded the iPhone 4S, will have a similar form factor to the iPhone 4 but a faster A5 chip, no LTE support, and possibly a larger four-inch display," Munster and Murphy wrote last month.
The Risk of Falling Behind
On the other hand, Apple may not wish to "risk falling behind" the latest 4G devices running Google 's Android platform, especially since Android has been classified more as a "fast follower" than a "tech leader," noted Lisa Pierce, an independent wireless analyst with the Strategic Network Group. "I can't imagine Apple would want to lose the [tech leader] moniker," she said.
If Apple doesn't introduce an LTE-compatible iPhone this year, the device maker could dampen any significant jump in sales of 4G handsets running Android "by talking about its upcoming 3G/4G phone," Pierce observed. "And provide customers with other reasons to remain with and use Apple [devices] -- for instance, the iCloud."
Apple recently said it continues to see Wi-Fi as a very important wireless service that helps AT&T -- but Wi-Fi doesn't help Verizon, Pierce noted. "In terms of competition, Verizon's moves are primarily designed to win AT&T customers because of AT&T's lag in focusing on LTE until recently," she said.
The deal will help American enhance the in-flight experience for premium passengers. For Samsung, the agreement will boost its quest to familiarize traveling business executives with the entertainment and enterprise -ready capabilities of the new Galaxy Tab, which sports a 10.1-inch touchscreen.
Time is precious to an executive, so Samsung's deal is a natural fit for a captive audience like this, noted Gartner Vice President David Willis. "It's a good way to get their devices in the hands of both high-value customers and corporate influencers," he said.
A Good Marketing Technique
Samsung is trying to use the 'front-of-the-airplane' bias to its advantage, noted Forrester Research analyst Sarah Rotman Epps. "Executives who ride at the front of planes get a skewed perception of technology adoption," she explained. "First-class fliers see everyone with iPads and think everyone has one, but still less than five percent of U.S. consumers do."
She thinks Samsung's deal is a good marketing technique that gets outside the bottleneck of Best Buy, where there's lots of competition for consumers' attention. "But ultimately the product will need to speak for itself, and no Android tablet measures up to the iPad so far," she added.
Though American Airlines didn't say exactly when the Samsung tablet will be available to passengers, U.S. consumers will be able to purchase Samsung's new device beginning Friday. For Samsung Mobile, the new offering with a larger touchscreen is an opportunity to grow market share.
According to IDC, Samsung held 17 percent of the media tablet market during the fourth quarter of 2010, when the company's seven-inch Galaxy Tab was the only brand-name alternative to Apple's iPad. However, it will be tough for Samsung to retain the same level of market share this year due to the launch of the iPad 2 as well as a large number of rival offerings. (continued...)
|1 | 2 | Next Page >|
L to R - Jeff, DJ, Scott, and Teresa, with Ronald on video cameraa
By Athima Chansanchai
Rather than get weighed down by the usual rigmarole of a big Q&A to-do, five members of the Google Docs team went on Reddit recently and did an "Ask Me Anything" with users, who bombarded them with questions about the app, but also about working at Google, the company's master plan and how being Google employees makes them very date-able.a
But first, the news about what's coming down the pike for Google Docs, the Word-friendly suite of programs in the cloud that have been increasingly tailored to be more collaborative-friendly, more mobile-friendly and more lithe as it evolves. Here are the highlights:a
Introducing offline support so you can continue to work without having to be online Making Google spreadsheets friendly to the power user, recently launching pivot tables and autofilter Native editing on an improved Android app (thanks Business Insider for the sharp eye on that one!) Better presentations through upgrades to the preso editor Improvements to page numbers, file organization and formatting Cloud print beyond Chrome OS Preview for .txt files Working on: custom styles ("#1 missing feature in documents right now"); making Docs that are designed just for the screen, not for printing; tablet-friendly adjustments; tighter Blogger integration
The Googlers who stepped into the fire to answer questions included three product managers (Scott Johnston aka happyinwater, Jeff Harris aka jeffsharris and Ronald Ho aka ronaldho), an engineer (DJ Lee aka ergobibliophile) and community manager Teresa Wu (aka teresawu). All but Ho, who works out of the Mountain View, Ca. headquarters, are based in New York.a
Harris elaborated on the offline support, which will roll out later this summer:a
We used to have offline with Google Gears, but it became pretty clear that plugins weren't the right approach. We've been reimplementing offline using HTML5 standards like AppCache, File API, and IndexDB. We're some of the first webapps that are really putting those standards to the test, so it's taken a while to iron out the kinks.a
But the long term direction is if you access a Doc URL while offline, it should open the local copy of the doc and let you edit. When you go online all your edits get synced in the background. You should also be able to see a list of your docs while offline.We'll need to work through all the tricky problems with how to merge conflicting edits. It's fun stuff.a
From the users, like epiphy, who flooded the session, it seems Google Docs is an extremely useful, though frustrating tool:a
I work at an animation studio where we use Google docs spreadsheets to mark down when certain things have been completed. It has become a major part of our workflow. I was the one who suggested we use google docs instead of writing down checkmarks on a piece of paper we pass around!One of the features I wish you guys had was the ability to add an image or file or hyperlink as a comment in spreadsheets the same way you can add text as a comment. This would allow us to upload current renders or edits to each of the various tasks at hand. Can't think of anything else. Google docs is responsible for many commercials being released on time and on budget :) Thanks!a
Some, like user sodypop, were effusive in their praise of Docs:a
I just wanted to let you all know how much Google Docs has helped improve the lives of hundreds of redditors, literally. I've been using a calendar, a spreadsheet, and apps scripts to help me manage a subreddit for helping people quit smoking. Currently I have a script that pulls all of the calendar entries into a spreadsheet, each entry being a username added on the date they quit smoking. The spreadsheet then calculates the number of days since each user quit, then an additional script runs to create a subreddit CSS stylesheet which assigns an icon next to each user signifying the number of weeks or months that since they quit.The only problem I've had is with the script exceeding the 5 minute timeout, and the occasional "Service error: DocsList" which is probably my fault for crummy script design. The combination of calendar, spreadsheet, and scripting capabilities has simplified an otherwise tedious chore of updating about 500 user icons on a daily basis. High fives to all of you!a
But some, like user 93829020, have written it off completely:a
Google Docs sucks so hard, I really hate it. I set up a site. I wanted to allow anyone to post docs and create docs. Also the docs should be shared with everyone else automatically who has an account. Those docs should always show up to everyone the first time they sign in. The equivalent to a shared folder. Why can't I do this? ... It's just not going to meet my needs.a
And still other users couldn't help themselves and asked all about if Google is hiring, how much money the team made, what they were having for lunch and if the fetching Wu was available, dating-wise. Now you can see why some chat Q&As are moderated.a
Coming soon: edit Google Docs on your iPad & Android mobile devices Plug-in syncs Microsoft Office with Google Docs Forget Groups, Google says. Use Docs or Sites.
Check out Technolog on Facebook, and on Twitter, follow Athima Chansanchai, who is consistently on Google Docs for one thing or another.a
Tuesday, June 14, 2011
It was a bad week for news outlets, Internet users and especially 44-year-old Texas trucker Joe Bankson, who told the Houston Chronicle "I ain't killed nobody," after news quickly spread from Reuters, The New York Times, CNN, msnbc.com's Twitter account Breaking News, that 30 dismembered bodies (some of them children) were found on his property near Houston. "We've had the cops out at our house, but never for nothing like that. Somebody called the police on my dogs one time."a
On last Thursday's visit, cops did come upon the smell of rotten meat (from a broken freezer), and blood on the door (from Bankson's daughter's boyfriend, who cut his wrist). They showed up after receiving a tip from a psychic (now under investigation). By that time however, even International news agencies were covering the non-existent story with growing detail including headlines such as, "Dozens of bodies' found in mass Texas grave," that were tweeted and retweeted hundreds of time. a
As the dust settles, and "Texas authorities find up to 30 bodies" is still at the top of Internet news searches, area TV station KPRC (which seems to be Ground Zero for the Twitter outbreak) blames the Liberty Police Department for the media frenzy. Meanwhile, the Liberty Police Department blames social media. So who is to blame? Various news outlets attempted to scrub the original false story from their websites and Twitter feeds, but NPR's "On The Media" managed to find a trail.a
If the stress monkeys weren't circling KPRC news director Deborah Collura's head, it certainly sounded so in her voice as she affirmed to OTM host Bob Garfield that there was no way, no how such an outrageous story would even get mentioned on her news broadcast unless she had reporters onsite reporting first person. That story came from one of the KPRC website's 30 employees, somebody who "obviously got overly aggressive with the story and tweeted something that did not go through the checks and balances," Collura said.a
Why the distinction between the TV newscast, the website or Twitter, Garfield asked. "This is 2011, aren't they all the same?"a
Not at KPRC, where all employees have access to KPRC's official Twitter account, a policy which is no doubt about to change. It's that tweet — sent out by a party who has yet to be identified — that was picked up by Reuters, and then the rest of the world. The original news tip to KPRC — about the 30 dismembered bodies which weren't — came from the cops, Collura said.a
"The way the events unfolded, probably around 3:30 or 3:45 p.m., we received a call from the Liberty County Sheriff's Department (Public Information Officer) Rex Evans, so it did not start with a tweet with us," Collura told Garfield. "So I can set the record straight." Curiously, PIO Evans didn't mention the cops got their tip from a psychic.a
For his part, PIO Evans didn't seem interested in placing blame ... or accepting it. He pretty much just spread it around, letting us all off the hook, or hanging us on it. "I believe not only mainstream media but social media played an integral part in," the non-news frenzy. Adding that you can't really pin it on anyone in particular, PIO Evans offered this timely observation: "In social media, nobody stops to verify anything." Be it Facebook, emails or Twitter, "you can disseminate any information you want. Problem is, people don't stop and think what they are releasing or putting out there could actually be harmful for someone else."a
"Perhaps the more innocent among us are fooled by the fact that the Internet has also increased the amount of ridiculous but true news," writes TechCrunch's Alexia Tsotsis in his piece, If Something On Twitter Seems Too Bad To Be True, It Probably Is. "Media frenzies like #Weinergate and Sarah Palin’s description of Paul Revere’s ride remind us that there is plenty of bona fide news that people wish was fake, making the tech media landscape pretty much a crapshoot for bloggers focused on speed."a
So what have we learned from this —or any of the other specious info that rocketed around the Interwebs last week?a
Just as up to 30 dismembered bodies (some of them children), weren't found near Houston, some girl doesn't face painful laser tattoo removal everytime she unfriends (or is unfriended), the kidnapped lesbian Syrian blogger is safe and some married guy in Scotland and "African-American customers" are not required to pay an additional fee of $150 per transaction. We learned that, just like "War of the Worlds," we are suckers for a racy tale. These days, we just fall for 'em not at the speed of radio waves, but the Internet.a
More on the annoying way we live now:a
Facebook loses 6 million US users, continues to conquer globe Just because it’s on Twitter, it (still) isn’t true New York City is Twitter capital of the world
Helen A.S. Popkin goes blah blah blah about the Internet. Tell her to get a real job on Twitter and/or Facebook. a
If Apple does refresh its MacBook Air lineup anytime soon, it won't be because of slipping notebook sales. Apple's mobile PC growth in the first quarter was 52 percent, compared with the same quarter last year, and the MacBook Air has been shipping very well since its last refresh, noted Mika Kitagawa, a principal analyst at Gartner .
"We estimated that Air growth was in triple digits in the first quarter of 2011 compared to the first quarter of 2010, when I think some people waited to buy a Mac notebook [so] they could see what iPad looked like," she explained. "But the bottom line is that Apple is doing exceptionally well compared to other PC vendors."
A MacBook Air refresh could add the hardware to fully harness the power of Apple's forthcoming Mac OS X Lion, which will have an upgrade price of just $29.99. The low price is part of the company's new strategy to give Mac users access to the iCloud storage capabilities built into the forthcoming iOS 5 platform for mobile devices.
"By Apple having its Mac user base running upgraded software, [this] will expose the Mac base to new features and increase the likelihood they remain on Mac," Piper Jaffray analysts Gene Munster and Andrew Murphy said.
Apple plans to leverage the value that consumers will see in having the ability to automatically share contacts, calendars, messages, photos, apps and music purchased on iTunes across all of Apple's devices. The goal is to increase the likelihood that the company's growing base of iPhone and iPad users will end up buying multiple devices from Apple, according to Munster and Murphy.
Moving forward, PCs will no longer be a market by themselves, but part of a larger device market within which consumers and professionals will increasingly use the combination of devices that best suits their particular needs, noted Gartner Research Director Ranjit Atwal. "The key is to deliver applications [and the overall] experience onto the optimal device for the user -- not tie the user to one particular device," Atwal said in an e-mail Monday. (continued...)
|1 | 2 | Next Page >|