Saturday 11 February 2012

International Scores

International Scores: Get the latest scores of all the international cricket matches from Cricinfo. Add the Cricinfo International Scores widget now!

Friday 10 February 2012

iPhone apps Path and Hipster offer address-book apology

Path Path says it helps you "share life with the ones you love"
The makers of two iPhone apps have apologised after it emerged they had uploaded users address-book information without explicit permission.
Path and Hipster both sent contact data to company servers in order to help users find friends who were also using the apps.
Both companies said they had now updated their apps to fix the problem.
But there is concern the practice may be more widespread. Hipster has called for a "summit" to discuss app privacy.
Path is a social media app which bills itself as "the smart journal that helps you share life with the ones you love".
Arun Thampi, a software developer, first drew attention to the issue with Path in a blog post after he discovered that his phone's address book was being sent to the company's servers without his permission.
The company has since apologised. "We made a mistake," Path chief executive David Morin said in a blog post.
"Through the feedback we've received from all of you, we now understand that the way we had designed our 'Add Friends' feature was wrong," he wrote.
According to the company, contact information was encrypted before being sent to its servers. However, Mr Morin said Path had now "deleted the entire collection of uploaded contact information from our servers".
Path updated its app with a feature which asks users whether they want the service to use personal contact list information.

We blew it, we're sorry, and we're going to make it right”
Doug Ludlow Hipster chief executive
Hipster howler
The discovery of the Path issue was quickly followed by news of a similar problem with Hipster.
Hipster says it allows users to "easily share where you are and what you're doing with postcards of your photos".
Like Path, the Hipster app was revealed to be uploading address book information to the company's servers without explicit permission.
"We blew it, we're sorry, and we're going to make it right," wrote contrite Hipster boss Doug Ludlow in a guest post on the blog Techcrunch.
"When we built our 'Find Friends' feature for iOS, we clearly dropped the ball when it comes to protecting our users' privacy," he added.
Hipster has, like Path, made an updated version of the app available which makes sharing contact information an opt-in.
Friend-sharing forum
Mr Ludlow invited other developers to attend an "application privacy summit" at its San Francisco headquarters.
The aim, he wrote, would be to create a "privacy pledge - one that

AA to launch sat-nav tech tracked insurance policy

The AA's black box device The black box device is fitted to the policy holder's car
The AA is set to launch a new insurance policy which uses sat-nav technology to track driver performance.
The firm said the system would allow its better drivers to receive cheaper premiums.
It follows similar efforts by smaller insurers. Larger rival Direct Line has told the BBC it is also piloting its own "black box" scheme.
Critics of the technology said that data should not be used as a reliable measure of a driver's ability.
The system involves the installation of a small black box into the driver's car which records how they drive.
The measures include monitoring speed, braking severity, cornering and the types of roads used during certain times of day.
This information is transmitted remotely to the insurers, and can also be accessed by users via a website which gives information on overall performance, warning them if they are likely to be moved to a higher premium.
"The reports are pretty detailed," AA spokesman Ian Crowder told the BBC ahead of Wednesday's formal announcement.
"The point is that these sorts of devices firmly put in the hands of the driver a responsibility for driving safely. It makes you think."

Start Quote

What we are totally against is people who don't give their consent being penalised”
Keith Peat Association of British Drivers
The information could be used to prove who was at fault in accidents, Mr Crowder added, but such detailed information would only be disclosed with a court order.
'Stern email'
He added that the system could also detect sudden hard braking so assistance could be sent.
Extreme speeds would be greeted with "a stern email" to the driver.
He said the "pay-how-you-drive" system, which is aimed primarily at young drivers, could save customers up to £850 per year.
"All the anecdotal evidence suggests that people who have installed the system have about a 30% better claims experience - in other words, less crashes - than those who don't," he added.
The technology, known as "telematics" or "black box insurance" has for several months been utilised by smaller insurance firms such as Co-Op and Coverbox.
Welsh insurance firm Motaquote has just launched a partnership with leading sat-nav manufacturer TomTom to offer real-time feedback on driver performance.
AA driving dashboard Drivers can check on their data via an online dashboard
Other major insurers are expected to launch policies soon. Direct Line told the BBC it had begun a pilot using its own technology - called Tracker - which it hoped to implement by the end of the year.
Elsewhere, car hire firm Avis said telematics is "one to watch", and said it might consider using the technology in its vehicles.
'Spy in the car'
Malcolm Tarling, from the Association of British Insurers, said it is an approach which is likely to become commonplace.
"It's particularly important for young drivers who have high premiums," he said.
"You may say you don't want a 'spy in the car' as some call them, but others may say that if this is one way of making my premiums reflect my safety on the road, this will be of interest."
But Keith Peat, a spokesman for the Association for British Drivers, told the BBC he was worried that drivers who did not want to allow telematics in their vehicle would face higher costs.
"Providing the drivers give their consent it is OK," he said.
"But what we are totally against is people who don't give their consent being penalised."

Thursday 9 February 2012

Steve Jobs The late Steve Jobs reportedly said he wanted to "destroy" Android for "copying" his firm's ideas

Apple seeks change to 'essential' patent licence rules

Apple has asked for more clarity over how patents deemed crucial to industry standards should be handled.
The firm wrote a letter to the European Telecommunications Standards Institute (ETSI) in November, which has now been reported by the Wall Street Journal.
The iPhone maker called for "more consistent and transparent" application of rules designed to ensure that such intellectual properties were licensed.
Both Samsung and Motorola Mobility have sued Apple over "essential" patents.
The document has since been published in full on the Foss Patents blog.
It centres on what are termed Frand principles - an agreement to license technologies critical to a recognised standard, such as 3G networks or MP3 files, under fair, reasonable and non-discriminatory terms.
Companies that sign up to the rules agree that they cannot discriminate who gets to use their invention so long as they are paid a fee, which cannot be excessive.
Three-step plan
Apple notes that it committed itself to the agreement in 2007 - although it has launched numerous lawsuits concerning its rivals' alleged infringements of its non-Frand innovations.
The company's request lists three specific points:
  • Parties should only be able to claim an "appropriate royalty rate", both at the start and end of negotiations.
  • There should be a "common royalty base" - in other words, the patent's value should be determined as a percentage of the cost of the relevant components rather than the device as a whole.
  • Patent owners should commit to a "no injunction" policy under which they do not seek to block the sale or shipments of rivals' equipment on the basis of a Frand-patent dispute.
"Apple is committed to this framework, provided that other parties reciprocate," said Bruce Watrous, the firm's chief intellectual property counsel.
Foss Patents' author, consultant Florian Mueller, links the letter to 9 To 5 Mac's revelation last September that Samsung had sought 2.4% of Apple's sales prices for each of a series of 3G-related Frand-type patents that it contested last year. The case was rejected by a Dutch court.
The European Commission has subsequently notified Samsung that it is investigating whether the firm had used its rights to "distort competition in European mobile device markets".
Blame game
Mr Mueller also notes that Motorola Mobility sought 2.25% of Apple 3G-enabled iPhone and iPad sale prices when Apple sought to license the Razr phonemaker' s GPRS-related Frand-innovations.
Apple had to briefly remove several of its devices from its German online store last week because of the dispute with Motorola.
However, one patent lawyer suggested that Apple was not blameless in the spate of recent lawsuits.
"Steve Jobs effectively declared war on Samsung and Android - so the litigation has been emotionally charged," said Ilya Kazi from the UK's Chartered Institute of Patent Attorneys.
"It is fair to say that most manufacturers are in favour of Frand-type agreements - at least when they are on the receiving end of a lawsuit.
"The issue is whether this letter has a great deal of legal significance. Frand is a great principle but there is also the underlying principle of letting patent holders enforce their rights."

Regional cybercrime hubs launched across England

Keyboard
Three police cybercrime teams have been launched as part of a £6m regional effort to combat growing threats.
Yorkshire and the Humber, the Northwest and East Midlands will each get its own dedicated unit.
They will work alongside the Metropolitan Police Centre e-crime Unit which deals with national online security.
The funding is part of £30m targeted at bolstering e-crime prevention nationally over the next four years.
The new centres will consist of three members of staff - a detective sergeant and two detective constables.
The initiative was announced at the Association of Chief Police Officers (ACPO) e-crime conference in Sheffield on Wednesday.
'Critical role'
A training period is required before the hubs will be fully operational, Deputy Assistant Commissioner Janet Williams, who heads ACPO's e-crime efforts, said.
"These three additional policing units are going to play a critical role in our ability to combat the threat," she added.

Start Quote

It seems to me to be a positive move towards enhancing the national response to cybercrime”
David Emm Security researcher
"It is anticipated the hubs will make a significant contribution to the 'national harm reduction' target of £504m."
Harm reduction is calculated using a "harm matrix" - a system which factors in costs such as how much the criminal stood to gain, how much money was invested in the crime, and the potential cost to the victim.
"In the first six months of the new funding period alone we have already been able to show a reduction of £140m with our existing capability," Ms Williams said.
Britain's e-crime efforts were exposed last week after a conference call in which Met officers discussed operations against hackers with the FBI was itself intercepted by hackers.
Details about active investigations into hackers who identified themselves with the activist collective Anonymous were posted online.
At one point in the tape, a British detective can be heard saying: "We're here to help. We've cocked things up in the past, we know that."
'Positive move'
The move to increase funding and reach of e-crime prevention efforts has been praised by security professionals.
"It seems to me to be a positive move towards enhancing the national response to cybercrime," said David Emm, a security researcher for Kaspersky.
"Until now, most of the police's expertise in computer-based crime has been concentrated in the Serious Organised Crime Agency and the Met.
"Clearly, the government is keen to widen the field of expertise, and this is part of that initiative."

Tuesday 7 February 2012

 

Trendnet security cam flaw exposes video feeds on net

Trendnet stills

Feeds from thousands of Trendnet home security cameras have been breached, allowing any web user to access live footage without needing a password.
Internet addresses which link to the video streams have been posted to a variety of popular messageboard sites.
Users have expressed concern after finding they could view children's bedrooms among other locations.
US-based Trendnet says it is in the process of releasing updates to correct a coding error introduced in 2010.
It said it had emailed customers who had registered affected devices to alert them to the problem.
However, a spokesman told the BBC that "roughly 5%" of purchasers had registered their cameras and it had not yet issued a formal media release despite being aware of the problem for more than three weeks.
"We first became aware of this on 12 January," said Zak Wood, Trendnet's director of global marketing.
"As of this week we have identified 26 [vulnerable] models. Seven of the models - the firmware has been tested and released.
"We anticipate to have all of the revised firmware available this week. We are scrambling to discover how the code was introduced and at this point it seems like a coding oversight."
Mr Wood added that the California-based firm estimated that "fewer than one thousand units" might be open to this threat in the UK, but could not immediately provide an exact global tally beyond saying that it was "most likely less than 50,000".
Feed links
An internet blog first publicised the vulnerability on 10 January.
The author discovered that after setting-up one of the cameras with a password its video stream became accessible to anyone who typed in the correct net address.
Trendnet camera Trendnet says it is in the process of releasing firmware updates for its devices
In each case this consisted of the user's IP addresse followed by an identical sequence of 15 characters.
The writer then showed how the Shodan search engine - which specialises in finding online devices - could be used to discover cameras vulnerable to the flaw.
"Last I ran this there was something like 350 vulnerable devices that were available," the author wrote at the time.
However, it appears that others then took advantage of the technique to expose other links and uploaded them to the net.
Within two days a list of 679 web addresses had been posted to one site, and others followed - in some cases listing the alleged Google Maps locations associated with each camera.
Messages on one forum included: "someone caught a guy in denmark (traced to ip) getting naked in the bathroom." Another said: "I think this guy is doing situps."
One user wrote "Baby Spotted," causing another to comment "I feel like a pedophile watching this".
Some screenshots have also been uploaded.
Warning users
At the time of writing Trendnet's home page and its press release section made no mention of the problem.
However, its downloads page does list a number of "critical" updates with a brief release note saying that the code offers "improved security".
The firm - whose slogan is "networks that people trust" - said that it had halted shipments of affected products to retailers and that any delivery received since the start of this month should be safe. However, it said that items delivered at an earlier date might need a firmware update.
"We are just getting to that point to be able to succinctly convey more information to the public who would be concerned," added Mr Wood.
"We are planning an official release of information to the public concerning this, but in advance I can tell you that this week we are targeting to have firmware to all affected models."

Friday 3 February 2012


Apple overturns Motorola's iPad and iPhone sales bans


Motorola Mobility had forced Apple to remove several iPad 
and iPhone models from its online store earlier today after 
enforcing a patent infringement court ruling delivered in December.

An appeals court lifted the ban after Apple made a new licence payment offer.
However, Germany-based users may still face the loss of 
their push email iCloud service after a separate ruling.
Patent consultant Florian Mueller, who attended the review, 
said that the suspension may only last a few days or weeks - 
but that Apple's revised proposal had been enough to allow it to restart sales.
"The Karlsruhe higher regional court believes that Apple's new 
offer needs to be evaluated before this injunction can enter into 
force again,"he wrote on his blog.
"A suspension like this is available only against a bond, but Apple is
 almost drowning in cash and obviously won't have had a problem 
with obtaining and posting a bond."
He said that the bond amount was likely to have been about 120m 
euros ($158m, £100m).
Unresolved
A statement from Apple said: "All iPad and iPhone models will be
 back on sale through Apple's online store in Germany shortly.
"Apple appealed this ruling because Motorola repeatedly refuses to
 license this patent to Apple on reasonable terms, despite having
 declared it an industry standard patent seven years ago."
However, Motorola signalled that it would try to restore the ban.
"We are pleased that the Mannheim court has recognized the
 importance of our intellectual property and granted an enforceable 
injunction in Germany against Apple Sales International," a statement said.
"Although the enforcement of the injunction has been temporarily 
suspended, Motorola Mobility will continue to pursue its claims against Apple."
Pulled products
The sales ban relates to Motorola's patent for a "method for performing a 
countdown function during a mobile-originated transfer for a packet radio system".
Motorola licenses the patent to other companies on Frand (fair, reasonable and non-discriminatory) terms.
Frand-type patents involve technologies that are deemed to be part 
of an industry standard. In this case Motorola's innovation is deemed 
crucial to the GPRS data transmission standard used by GSM cellular 
networks across the world.
Companies must offer Frand-type patents for 
a reasonable fee to anyone willing to pay.
Apple had previously said it would be willing
 to pay the fee going forward, but the two firms
 dispute how much Apple should pay for failing to
 license the technology up until now. Missed payments 
are not covered by the "reasonable" rule, and Motorola 
is able to demand a more expensive price.
Apple's iPhone 3G, iPhone 3GS and iPhone 4 had all 
been affected - but not its newer iPhone 4S. All 3G 
models of the iPad were involved, but not their wi-fi-only counterparts.
Email technology
The separate push email ban would only come into 
effect if Motorola decided to enforce a second
 judgement that Apple's iCloud and MobileMe
 infringed another of its innovations.
The patent relates to two-way communications
 between pagers and other devices and was granted in 2002.
If Motorola decides to enforce the judgement some iPhone users
 in Germany would lose the ability to automatically receive 
emails as soon as they have been sent. Instead they would either have to manually check their accounts or set their devices to periodically check for updates.
This patent is not deemed to be critical to an industry standard, so the firm does not have to license the technology to Apple even if the iPhone-maker offered to pay.

Megaupload co-founder's bail 

appeal rejected by court



Megaupload founder Kim Dotcom'
s bail application appeal has been rejected in New Zealand.
The High Court in Auckland said it agreed with an earlier 
ruling that Mr Dotcom - a German national - might try to flee the country.
The file-sharing site creator is accused of profiting 
from the copying and distribution of pirated content.
Mr Dotcom's lawyers said that he denied the charge 
and would fight an extradition application by the US.
Prosecutors had said Mr Dotcom - also known as Kim Schmitz 
- posed an extreme flight risk, noting that he had passports and 
bank accounts in three names and a history of fleeing criminal
 charges. They said measures, such as electronic monitoring, 
were likely to prove ineffective.
'Go to hell'
Lawyers representing the US authorities also said that a man 
with a history of making fake travel documents had 
unsuccessfully asked to visit Mr Dotcom following his arrest.
Mr Dotcom's said he had no intention of running away. 
He said he wanted to be with his pregnant wife and fight
 to get his assets unfreezed. He also denied all knowledge 
of the rejected visitor.
"If people were to approach me and to offer such a service, 
I would tell them to go to hell," Mr Dotcom said.
He added that he had also been contacted by a man claiming 
to be a prosecutor, who had said he could organise a favourable 
bail hearing in return for a payment.
He also complained that he had been sent letters from female
 prison inmates asking to become his pen pals.
Mr Dotcom's next court appearance is scheduled for 22 February, 
when his extradition hearing is planned.
Data deletion
Megaupload has been offline since 19 January, when the US 
government forced its shutdown and executed search warrants 
on two companies that provided it with file hosting services - 
Cogent Communications and Carpathia Hosting.
Megaupload lawyer Ira Rothken tweeted earlier this week
 that the hosting firms had agreed to preserve consumers' 
data until at least mid-February.
The US-based digital rights group Electronic Frontier 
Foundation has since written a letter hinting it might 
begin its own legal action if the service providers
 consequently tried to wipe the data, now that they 
were no longer being paid by Megaupload to store it.
"Many innocent third parties... used Megaupload for 
wholly legal purposes and have since lost access to their data,"
 wrote the organisation's legal director, Cindy Cohn.
"Many of these materials are property of the individuals 
involved, and they are legally entitled not only to access
 but to preservation and privacy.
"We are hopeful that our client and other third parties 
can obtain access to their material without resorting to
 legal action, but if that is not the case, we intend to take
 the necessary steps to ensure the return of their materials."

International Scores

International Scores: Get the latest scores of all the international cricket matches from Cricinfo. Add the Cricinfo International Scores widget now!

Thursday 2 February 2012

Blogger A Google spokesperson said it believed that 'access to information is the foundation of a free society'

Google changes enable 'per country' blog take downs

Blogger sites can now be blocked on a "per country" basis after a change 
to its web address system.
Google will now be able to block access in individual
countries following a legal removal request.
The new system means blocking will not require restricting 
world-wide access to a blog.
The changes apply in Australia, New Zealand and India, 
but the BBC understands Google plans to roll it out globally.
The news follows Twitter's announcement that it could 
selectively block tweets on a country-by-country basis - 
news that attracted criticism from 
free speech campaigners.
However, Joss Wright, research fellow at the Oxford 
Internet Institute, said he felt the changes to Blogger were a positive step.
"Google's new approach to supporting country-level takedown
requests in Blogger strikes a good balance between free 
speech, legality and practical issues for end users.
"By allowing per-country takedown requests, Google can meet
local laws without blocking content at a global level."
Change of address
Under the new system, a blog reader will, in the first instance,
be directed to a website address using a "country-code top level domain".
For example, for users based in Australia, Blogger's servers will
automatically direct them to blogname.blogspot.com.au.
"If you visit a blog that does not correspond to your 
current location as determined by your IP address, the
blogspot servers will redirect you to the
domain associated with your country," Google said in a Q&A the
company posted about the changes.
Google believes this will allow it to comply with local law 
enforcement requests, while keeping content available in other jurisdictions.
Additionally users will also able to tell Google to direct them to a 
different country web address by adding "/ncr" - ncr stands for "No Country Redirect".
In order to read a blog via a US web address users outside America 
would type " blogname.blogspot.com/ncr".
"Blog readers may request a specific country version of the blogspot
content by entering a specially formatted 'NCR' URL, " the company wrote in the Q&A.
It is not clear, however, if this would work for requests to access 
blocked blogs made from the jurisdiction in which the removal notice originated.
Keeping it local
The company has in the past taken a similar local approach
to blocking content in other products.
For example, Google has said it removes all Nazi-related 
content from Google.de, the address for its German services.
In a 2007 blog post, which the BBC understands still reflects
the firm's position, Google said that "dealing with controversial 
content is one of the biggest
challenges we face as a company".
In the same post the company noted that different national 
laws on free speech "create real technical challenges, for example, 
about how you restrict
one type of content in one country but not another".
With this system Google may have, for Blogger at least, 
answered its own question.

Hackers

A selection of security devices provided by banks  
Since banks brought in "two-factor" authentication, official figures have shown fraud fell significantly

Hackers outwit online banking identity security systems

 
Criminal hackers have found a way round the latest generation of online 
banking security devices given out by banks, the BBC has learned.
After logging in to the bank's real site, account holders are being tricked 
by the offer of training in a new "upgraded security system".
Money is then moved out of the account but this is hidden from the user.
Experts say customers should follow banks' official advice, use up-to-date 
anti-virus software and be vigilant.
Devices like PINSentry from Barclays and SecureKey from
HSBC - which look a lot like calculators - ask users to insert a 
card or a code to create a 
unique key at each login, 
valid for around 30 seconds, that cannot be used again.
This brought a new level of online banking security against password theft.
The additional line of defence provided security even if a user's 
computer along with any password information was hacked.
While these chip and pin devices make the hackers' job more difficult, 
the hackers themselves have raised their game.
'Man in the Browser' attack
A test witnessed as part of a BBC Click investigation suggests even those
with up-to-date anti-virus software could be at risk.
There is no specific risk to any one individual bank.
In the test the majority of web security software on standard settings did 
not spot that a previously unseen piece of malware created in the software 
testing lab was behaving suspiciously.
The threat does not strike until the user visits particular websites.
Called a Man in the Browser (MitB) attack, the malware lives in the web 
browser and can get between the user and the website, altering what is
seen and changing details of what is being entered.

How to spot if you have been infected

  • If your transaction seems to be taking longer than normal, there is a 
  • chance it is going via a fraudster's system
  • If you are asked for more information than normal, especially entire 
  • passwords where previously you were only asked for part, your
  • machine may have been infected
  • Computers that have been infected often slow down while 
  • malware monopolises both the processor and the internet connection
Some versions of the MitB will change payment details and amounts 
and also change on-screen balances to hide its activities.
With the additional security devices, the risk of fraud is only present 
for one transaction, and only if the customer falls for the "training exercise".
"The man in the browser attack is a very focused, very specific, 
advanced threat, specifically focused against banking," said Daniel Brett, 
of malware testing lab S21sec.
"[Although] many products won't pick this up, they've got a
much bigger scope, they're having to defend against all the viruses since
the beginning of time."
Every time a new update to the malware is released, it takes 
the security companies a number of weeks to learn how to spot it - to 
learn its common features.

Wednesday 1 February 2012

iPhone

iPhone battery fix coming 'in a few weeks'

APPLE

November 03, 2011|By Doug Gross, CNN
 
 
 
 


Apple has acknowledged a problem with battery life on the iPhone 4S and other devices running its new operating system. The company says a software update coming "in a few weeks" will address the problem.
The company previously had not publicly acknowledged complaints about battery life on the phone, which surfaced soon after it was released October 14 and continued to grow in the weeks since.
"A small number of customers have reported lower than expected battery life on iOS 5 devices," Apple said in a statement to AllThingsD, a part of the Wall Street Journal network. "We have found a few bugs that are affecting battery life and we will release a software update to address those in a few weeks."
Apple has admitted a problem with battery life on the iPhone 4S,
saying a software fix is coming.

  • Battery Disconnect SwitchFactory Direct Top Post & 
  • Side Post Battery Master Disconnect Switches 
  • Software Testing ServiceGet tips and tricks for
  • analyzing, debugging and tuning your apps. Go! 
Comments on a thread started October 15 in Apple's support forums to
complain about battery life had grown to 217 pages by Thursday morning.
Apple has declined to comment beyond its basic statement. Messages
from CNN requesting information about the complaints were not returned.
The poorer-than-expected battery life has largely been attributed to
location-based apps and other power-draining features of the iOS 5
system. Some users have reported improvements when they disable
time-zone and GPS features, while others have said the improvements
were minimal.
The apparent glitch is the second time in a row that a popular
iPhone has experienced a highly publicized problem in its early days.
And the responses, so far, have been similar.
The iPhone 4 suffered from what some called the death grip,
causing users who held the phone in a certain way to lose phone calls.
Apple denied that there was a problem before eventually saying that it did,
in fact, affect a small number of customers.
The company eventually offered free cases, which improved the phone's reception.
Neither time has the problem affected sales in a major way.
The iPhone 4 is the most popular smartphone in the world,
and the 4S is on track to perform just as well, starting with
a reported 4 million sales in its first three days on the market.

Labels