Author: Nick Farrell

Gmail a doddle to hack

Posted on August 25, 2014 by - News

black holeA hole in Android, Windows, and iOS makes Gmail a doddle to hack to steal personal information.

Researchers at the California Riverside Bourns College of Engineering and the University of Michigan have identified a weakness they believe to exist across Android, Windows, and iOS operating systems that could allow malicious apps to obtain personal information.

So far the attack has been tested only on an Android phone, but it is believed that the method could be used across all three operating systems because all three can access a mobile device’s shared memory.

Zhiyun Qian, an associate professor at UC Riverside aid that one app can in fact significantly impact another and result in harmful consequences for the user.”

First, a user must download an app that appears benign, such as a wallpaper, but actually contains malicious code. Once installed, the researchers can use it to access the shared memory statistics of any process, which does not require any special privileges.

The researchers monitored changes in this shared memory and can correlate see if someone is logging into Gmail, H&R Block, or taking a picture of a cheque to deposit it online via Chase Bank. They managed to hack with a success rate of 82 to 92 percent. Using a few other side channels, the team was able to accurately track what a user was doing in real-time.

It is not that easy. The attack needs to take place at the exact moment that the user is performing the action. Second, the attack needs to be conducted in such a way that the user is unaware of it.

Of the seven apps tested, Amazon was the hardest to crack, with a 48 percent success rate. This is because the app allows one activity to transition to another activity, making it harder to guess what the user will do next.

The team will present its paper, “Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks” (PDF), at the USENIX Security Symposium in San Diego on August 23. You can watch some short videos of the attacks in action below.

Microsoft keeps its cash offshore

Posted on August 25, 2014 by - News

bahmasSoftware giant Microsoft is storing pots of cash away from the US government tax man.

According to disclosures in the company’s most recent annual filings with the Securities and Exchange Commission Redmond is sitting on almost $29.6 billion it would owe in US tax collector if it bought $92.9 billion it has stored in its off-shore bank accounts.

The cash would amount to almost the entire two-year operating budget of the company’s home state of Washington.

Microsoft insists that it is not avoiding tax and that the money it keeps out of the US is “reinvested outside the US.

However, it does look more as if the company is using tax shelters to dodge the taxes it owes as a company domiciled in the United States.

Microsoft’s SEC filing is turning up just when the US government is under pressure to do something about the fairness of U.S.-based multinational corporations using offshore subsidiaries and so-called “inversions” to avoid paying American taxes. Such manoeuvres although often legal threaten to reduce US corporate tax receipts during an era marked by government budget deficits. However if US politicians do anything about it, they are almost certain to lose all their campaign contributions from big corporates.

 

Monkey selfie is public domain

Posted on August 22, 2014 by - News

Picture thanks to Wiki Commons

Picture thanks to Wiki Commons

It looks like Wikipedia was right, and the “ape selfie” photo really is public domain.

The US Copyright Office has ruled  against David Slater the photographer, who has claimed ownership snap saying that images taken by animals, including the 2011 primate self-shot, could not be registered for copyright by a human.

“The Office will not register works produced by nature, animals, or plants,” the US copyright authority said.

While we can see that a camera could be struck by lightning and take a pic, we are not sure how a tree could take a picture, but it is clear that the USOP is covering all its bases here.  We notice that if a lump of a satellite falls on your camera and takes a picture that would technically be covered, because it is not nature.

However the copyright office will not register anything which is claimed to have been created by divine or supernatural beings, although the Office may register a work where the states that the work was inspired by a divine spirit.

So if I claim that my novel Sex Slaves of Babylon was inspired by the God Marduk it could be copyrighted, but if I claimed Marduk actually wrote it, then it could not be.

The copyright office specifically cites the monkey snap which has been the source of a legal battle between the Wikimedia Foundation and Slate when a macaque nicked his camera and pressed the shutter button a number of times.

 

Ebay may change mind on Paypal

Posted on August 22, 2014 by - News

janus1Online auction outfit Ebay has changed its mind about Paypal and might spin off the fast growing unit.

For a while now it has been suggested that Ebay should off-load Paypal to make a fast buck. In fact, activist investor Carl Icahn has said as much. But EBay CEO John Donahoe said that PayPal was important to eBay’s business and a split would not make sense.

However, EBay told potential candidates for the position of PayPal chief executive officer, a post that David Marcus vacated in June, about a possible spinoff of the payments unit.

EBay spokeswoman Amanda Miller clearly did not get the memo and insisted that that board will continue to “assess all alternatives to create that long-term value and to enhance the growth and competitive positions of both eBay and PayPal.” This position has not changed said.

It is a little odd that Ebay is thinking about it. Donahoe won Icahn  over to his point of view. Ichan backed off from his demand in April, saying that while he supported a PayPal split in the near future, now was not the time. Although that was April and thinks might have changed by the end of the year.

Ebooks worse than paper

Posted on August 21, 2014 by - News

kindle-waterBad news for readers of ebooks, a team of boffins have worked out that if you read information on a tablet you are less likely to take it in.

A new study which found that readers using a Kindle were “significantly” worse than paperback readers at recalling when events occurred in a mystery story.

The study gave 50 readers the same short story by Elizabeth George to read. Half read the 28-page story on a Kindle, and half in a paperback, with readers then tested on aspects of the story including objects, characters and settings.

Anne Mangen of Norway’s Stavanger University, a lead researcher on the study, was looking for differences in the immersion facilitated by the device, and in emotional responses.

What she found was that Kindle readers performed significantly worse they were asked to place 14 events in the correct order.

The researchers think that “the haptic and tactile feedback of a Kindle does not provide the same support for mental reconstruction of a story as a print pocket book does”.

Mangen said that When you read a paper book, it is possible to make sense of the flow of the book because your fingers feel a pile of pages on the left growing, and shrinking on the right.  This gives the reader a tactile sense of progress.

A similar test in Norway gave kids texts to read in print, or in PDF on a computer screen, followed by comprehension tests. She and her fellow researchers found that “students who read texts in print scored significantly better on the reading comprehension test than students who read the texts digitally.”

What is worrying is that “research shows that the amount of time spent reading long-form texts is in decline, and due to digitisation, reading is becoming more intermittent and fragmented”, with evidence indicating that the use of devices might negatively impact cognitive and emotional aspects of reading..

Mangen said that there needed to be research and evidence-based knowledge provided to publishers on what kind of devices should be used for what kind of content; what kinds of texts are likely to be less hampered by being read digitally, and which might require the support of paper.

 

 

Half of users share their passwords

Posted on August 21, 2014 by - News

face-palmMore than half of users risk their computer being hacked because they share their passwords or sign up for automatic log on to mobile apps and services.

Research by security outfit Intercede said that while more than half of users thought security was important they putting their personal data at risk by sharing usernames and passwords with friends, family and colleagues.

The survey of 2,000 consumers also questioned whether these passwords are strong enough to protect consumers’ applications and the data they hold.

Half of respondents stated that they try and remember passwords rather than writing them down or using password management solutions, suggesting that consumers are relying on easy to remember combinations and using the same password across multiple sites and devices.

Richard Parris, CEO of Intercede said that we need so many passwords today, for social networking, email, online banking and a whole host of other things, that it’s not surprising consumers are taking shortcuts with automatic log ins and easy to remember passwords.

The research revealed that consumers are not only sharing passwords but also potentially putting their personal and sensitive information at risk by leaving themselves logged in to applications on their mobile devices, with over half of those using social media applications and email admitting that they leave themselves logged in on their mobile device.

Parris said that consumers are also compromising their bank and credit card details by selecting ‘Remember me’ or ‘Keep me signed in’ options.

Of those that use Amazon and other shopping sites, 21 per cent said they were automatically logged in, while the figures stood at 16 per cent for mobile banking and 12 per cent for PayPal.

Apple’s smart watch launch slips

Posted on August 20, 2014 by - News

stop-watchThe Duke Nukem  of mobile products , Apple’s Smartwatch is set to be delayed yet again, according to the latest report from KGI Securities analyst Ming-Chi Kuo.

Kuo has been telling anyone who will listen that Apple is having production issues surrounding its new smartwatch.

“We reiterate our view that iWatch, as compared to existing products, and as Apple’s (US) first attempt at a wearable device, represents a much higher level of difficulty for the company as regards component and system design, manufacturing and integration between hardware and software,” says Kuo.

The problem is that Apple wants the iWatch’s to be small and have a flexible AMOLED display which is new territory for a smartwatch.  Apple is also having difficulty water proofing the gizmo which is an area which Jobs’ Mob has not had to worry about much before.

He said that if the reports are correct that Apple will use sapphire glass for the iWatch display that could also put a spanner in the works. Sapphire glass is much tougher and flexible than the kind of toughened glass used in smartphones, but also a lot more difficult to produce.

All of this is why Kuo said that “While we are positive on iWatch and believe that the advantages of the design and business model behind it are difficult to copy, we think, given the aforementioned challenges, that the launch could be postponed to 2015.”

He said that Apple might show off the watch at an October event, but will delay the immediate release.

Jobs’ Mob is already in trouble with the project. It is so late getting the product to market the ground has well and truly been picked over by rivals.  The only real takers for smartwatches are the sporting types, which is not exactly Apple’s target market.

 

Ballmer quits Microsoft board

Posted on August 20, 2014 by - News

ballmerThe shy and retired CEO of Microsoft Steve “there is a kind of hush” Ballmer has announced that he is leaving the company completely.

Ballmer was Microsoft’s 30th employee, its first business manager and was the top Vole for over a decade. Now, after 34 years with the company, Ballmer is leaving behind his last foot hold in the company — a seat on the board.

In a letter to Satya Nadella, Microsoft’s new CEO, Ballmer explained that he’s leaving the company’s board of directors effective immediately because he has become a little too busy playing with his NBA team.

Ballmer wrote that he saw a combination of Clippers, civic contribution, teaching and study taking up a lot of time.

He will still me keeping his fortune tied up in Voleware and most of the letter is spent encouraging Nadella and giving advice.

“Microsoft will need to be bold and make big bets to succeed in this new environment,” he told Nadella. “Our board must also support and encourage that fearlessness for shareholders to get the best performance from Microsoft. You must drive that.”

He also worried about Microsoft’s stock performance: outside of index funds, probably because he still owns more Microsoft shares than anyone.

“I bleed Microsoft, have for 34 years and I always will,” he concluded. “I promise to support and encourage boldness by management in my role as a shareholder in any way I can.”

Nadella wrote back that Microsoft will thrive in “the mobile-first, cloud-first world”.

Sadly the place will be a lot quieter now that Steve has gone.

Hackers accessed nuclear power watchdog

Posted on August 20, 2014 by - News

 

Picture thanks to Wiki Commons

Picture thanks to Wiki Commons

Hackers managed to gain access to the US Nuclear Regulatory Commission three times, according to a Nextgov report.

The hackers on two occasions were foreigners and the last was an unknown person or group.  The US Nuclear Regulatory Commission governs America’s nuclear power providers. Ironically making sure that they are secure.

Apparently an investigation into the source of the third hack was scuppered because logs of the incident had been destroyed.

Intruders used basic hacking techniques to get at the NRC’s computers. One attack linked to a foreign country or individual involved phishing emails that coerced NRC employees into submitting their login credentials. The second one linked to a foreign government or individual used spearphishing, or emails targeted at specific NRC employees, to convince them to click a link that led to a malware site hosted on Microsoft’s cloud storage site SkyDrive, now called OneDrive.

The third attack involved breaking into the personal account of a NRC employee. After sending a malicious PDF attachment to 16 other NRC employees, one person was infected with malware.

NRC spokesman David McIntyre insisted that the NRC computer security team “detects and thwarts” most hacking attempts.

Sony bemused at PS4 success

Posted on August 20, 2014 by - News

PS4Even the marketing people at Sony can’t work out why its PS4 is selling so well.

Sony is cleaning Microsoft’s clock in the console wars despite the fact that the two products are pretty much the same spec with the same price.

It has sold more than 10 million PS4 consoles have been sold in the nine months since launch. It’s a bigger number than anyone anticipated, and even  the president of Sony’s Worldwide Studios, Shuhei Yoshida, doesn’t know why.

He was a bit nervous because he did not completely understand what’s happening. Sony has had marketing people look into this early success, and have found that a lot of PS4 owners did not own a PS3, or any last-gen console at all.

He said that normally when you see a great sales number, instinct tells us we should be concerned about future sales. If Sony sold this number of units at this stage in the game there would be no more consumers it can sell to in the future.

It seems that is not the case and a lot of the PS4s are being flogged to those who have never owned one of Sony’s consoles in the past.

It does not answer the question why, but according to our nephew it is because the Xbox does not have as many good games as the PS4 yet.

Chinese hackers steal 4.5 million hospital data

Posted on August 19, 2014 by - News

snap dragonA top US hospital operator has admitted that Chinese hackers broke into its computer systems and stole data on 4.5 million patients.

Community Health Systems sheepishly said that the attack occurred in April and June of this year, but it was not until July that it was finally spotted.

It told the US Securities and Exchange Commission that the attack was carried out by a group based in China that used “highly sophisticated malware” to attack its systems.

The attacker was able to bypass the company’s security measures and successfully copy and transfer certain data outside the company.

The group is apparently known to US federal law enforcement authorities, which are now investigating.

Stolen were patient names, addresses, birthdates, telephone numbers and Social Security numbers of the 4.5 million people who were referred to or received services from doctors affiliated with the company in the last five years.

However the stolen data did not include patient credit card, medical or clinical information, but still ranks as the second largest disclosed attack to hit the US medical industry in the last few years.

What is still not clear is why the Chinese government would want the medical details of 4.5 million, it is not really as if it could benefit from any ID fraud. However it might be a Chinese criminal gang.

Boffins may make a quantum breakthrough

Posted on August 19, 2014 by - News

fatter catA team of boffins at the University of Chicago has announced it has developed a way to observe, control, and manipulate the behaviour of a single electron with the help of lasers.

In terms of quantum physics, this is a way of telling if Schrodinger’s cat is really dead or alive, or just has escaped the box and is asleep on a soft bed somewhere.

An electron is an elementary subatomic particle that is a fundamental constituent of matter, having a negative charge. It is found in all atoms and acts as the primary carrier of electricity in solids.

To manipulate a single electron at the quantum level the researchers used a laser light in ultra-fast pulses which in turn managed the quantum state of an electron inside a nanosecond defect, which is naturally found in diamonds.

The method used was also able to observe and track the properties of the single electron, as well as how the electron changes over a set period of time.

David Awschalom, who led the project, said that his research was a precursor for creating and developing semiconductor “quantum bits” and other microscopic technology and molecular powered computing which would increase computer speeds dramatically.

It would also mean that scientists will finally be able to find that pesky cat.

Blackberry turns back on phones

Posted on August 19, 2014 by - News

ripeunripeThe other fruity company which once had the world in the palm of its hand, Blackberry, is now turning its back on handsets and created a new business unit that will combine some of its most brilliant ideas and patents.

Dubbed BlackBerry Technology Solutions the outfit will be headed by Sandeep Chennakeshu, the former president of Ericsson Mobile Platforms and former chief technology officer of Sony-Ericsson.

John Chen, BlackBerry’s executive chairman and chief executive officer said that by combining all these assets into a single business unit will work rather well and open new revenue streams.

Chen has already stripped out much of Blackberry’s consumer-oriented businesses, sold property and laid off employees.

Analysts say that the new unit reinforces the fact that Blackberry’s days as a handset vendor are behind it as it moves “very aggressively” toward a different business.

Blackberry has not had much luck flogging its gear in the consumer market. It could not get its products out on time and faced stiff competition from other smartphone.

Chennakeshu, who has 73 patents to his name,  is well known in the wireless, electronics and semiconductor industries.

BlackBerry Technology Solutions includes QNX, the company that BlackBerry bought and used to develop the operating system that became the platform for its new smartphones, and Certicom, a former independent Toronto-area company with advanced security software.

BlackBerry Technology Solutions will also include BlackBerry’s Project Ion, which is an application platform focused on machine-to-machine Internet technology, Paratek antenna tuning technology and about 44,000 patents.

 

Azure fails

Posted on August 19, 2014 by - News

cloud (264 x 264)Microsoft has fixed a worldwide outage on its Azure cloud computing service, which occurred across multiple regions.

Partial disruptions began as of 1.40pm on Aug. 18, the company said on the Azure website.

This is bad news for Microsoft which is touting its cloud-based platform for creating, deploying and maintaining online applications and services such as websites and web-hosted applications. As such, it has to work 24/7 or customers will be severely put out.

Azure is used by governments and corporations around the world, supports various programming languages, tools and frameworks.

Microsoft said that Azure services such as virtual machines, cloud services, mobile services, service bus, site recovery, HDInsight, websites and Storsimple were down during the outage.

However, Vole insisted that the core platform components were working properly throughout and only a small subset of customers were affected by the outage.

Still reports of outages might make many firms question if moving to the cloud is such a good idea, or if they can get the same levels of reliability on-site.

IBM gets thumbs up for Lenovo sale

Posted on August 18, 2014 by - News

thumbs-up-or-downUS regulators have approved the sale of IBM’s server business to the Chinese outfit, Lenovo.

There had been fears that the deal would be put on ice because the US is currently going through a McCarthy era paranoia over all things Chinese. The NSA was scared that the Chinese would start installing backdoors into their servers, probably because that is just the sort of thing that they would do.

IBM has already divested $16 billion in annual revenue over the past decade from low-margin businesses like personal computers and printers.

However, despite the fact that there was some concern about the deal by the Committee on Foreign Investment agreed that it was probably safe.

Lenovo has been through the secretive CFIUS process three times before and has won approval each time. In this case, it is believed that it argued that all the top-secret server operations would remain under the control of IBM.

CFIUS, an interagency group chaired by the Treasury Secretary, reviews deals that could bring U.S. businesses under foreign ownership and is required by law to assess any transaction involving a state-owned firm.

Lenovo said in a statement that it remains on track to close the IBM server deal by the end of the year.

In fact the deal is more likely to help Lenovo sell its gear in China and the company is less concerned about its US sales. Lenovo has many contacts to sell goods to Chinese companies and Beijing is trying to localize its IT purchases in the wake of revelations about US spying.