Microsoft releases fix-it for Internet Explorer 8 vulnerability

Microsoft has released a temporary fix for a zero-day vulnerability in Internet Explorer 8, which was used by hackers in a prominent attack against the U.S. Department of Labor's website.

The problem is particularly dangerous since it can allow an attacker to install malware merely by visiting a tampered webpage. Microsoft is still working on a patch, wrote Dustin Childs, group manager for the company's Trustworthy Computing division.

"Customers should apply the Fix it or follow the workarounds listed in the advisory to help protect against the known attacks," Childs said in a statement.

The vulnerability is described as a problem in the way IE "accesses an object in memory that has been deleted or has not been properly allocated." IE versions 6, 7, 9 and 10 are not affected.

Microsoft calls the fix "CVE-2013-1347 MSHTML Shim Workaround." The company normally issues updates for its products on the second Tuesday of the month, but will issue an out-of-schedule patch if the problem is deemed serious enough.

Security vendors Invincea and AlienVault found that hackers planted attack code within a U.S. Labor Department webpage with information on toxic substances at U.S. Department of Energy facilities.

The code redirected people to another infected page within the site, which then attempted to exploit the IE 8 vulnerability. AlienVault said the hacking campaign appeared similar to a known China-based one called "DeepPanda," which installed remote-access trojans (RATs).

A large Fortune 500 company was attacked in December 2011 by DeepPanda, AlienVault said.

16.00 | 0 komentar | Read More

New boot firmware a step toward 64-bit Windows RT

A standards organization has created a boot environment for tablets and PCs that could potentially run a 64-bit version of Windows RT.

The UEFI (Unified Extensible Firmware Interface) Forum on Wednesday announced that its boot firmware specifications will now support ARMv8, a 64-bit processor architecture announced by ARM in 2011. ARM's processors are used in most smartphones and tablets, and chip makers such as Nvidia and Samsung are expected to release 64-bit processors for smartphones and tablets in the future.

Microsoft on Windows 8 and RT requires PCs and tablets to carry a feature called Secure Boot, which prevents a system from being hijacked. The Secure Boot environment is based on UEFI firmware and ARM has already said it is working with Microsoft to develop a 64-bit version of Windows for ARM-based devices. However, it is not yet clear when the OS will come out.

ARM expects 64-bit processors to start shipping later this year or early next year. Most smartphones and tablets today use 32-bit ARM processors.

The UEFI support for ARM 64-bit could be one more step to bringing Windows RT to 64-bit, though the benefits could be invisible to end users, said Dean McCarron, principal analyst at Mercury Research.

"We can have a standardized firmware interface that can be used across PCs and other devices rather than having legacy BIOS," McCarron said.

UEFI has been widely adopted on PCs, so there could be a higher uptake by device makers making x86-compatible Windows tablets, McCarron said.

Only a handful of Windows RT tablets are available, although Acer is expected to release a tablet with the next version of the OS, due out in the second half of this year.

The UEFI specification supports a wide number of OSes and is used on Apple Macs. A large number of Android smartphones and tablets use customized bootloaders based on the kernels and specifications of devices. UEFI is desirable as it may bring some flexibility in mobile-device configurations, McCarron said.

16.00 | 0 komentar | Read More

Sony profitable again, but core electronics still struggling

Sony made good on a promise to return to profitability after offloading a number of valuable assets last year, but its core electronics business is still losing money.

The Tokyo-based company said Thursday it booked a profit of ¥43 billion (US$440 million) for its fiscal year through March, a year after it posted a ¥457 billion loss, the largest since its founding. The company also increased revenue by 5 percent to ¥6.8 trillion.

The return to profit, a key promise under new CEO Kazuo Hirai, was expected after the company sold off billions of dollars worth of assets during the fiscal period, including its U.S. headquarters, a large Tokyo office complex and share holdings. A lingering worry is the company's failure to generate profit on its consumer electronics.

For the current fiscal year, the company promised a similarly modest profit of ¥50 billion, less than one percent of its projected sales of ¥7.5 trillion.

Sony has launched a new offensive in phones and tablets in recent months, with products such as its high-end Xperia Z smartphone and super-thin Xperia Tablet Z. But the company said its newly formed mobile computing division, its largest in terms of sales, had a deep operating loss. Sony did set an aggressive target for smartphones for the current year at 4.2 million, almost 30 percent higher than the 3.3 million it sold last fiscal year, in line with its goal to capture the number three spot globally behind Samsung and Apple.

The company said it hit its goal of selling 7 million PlayStation portable and Vita consoles, though it cut its goal for the current year to 5 million. This year Sony is gearing up to launch its PlayStation 4 home console, a process that could be costly as game hardware is often sold at a loss early on.

The company also failed to turn a profit in its Bravia TV business, an area it has long struggled and that is now personally managed by Hiria, although it made progress, cutting its operating loss in half from the earlier period.

While the company's electronics businesses continued to struggle, Sony got a lift from other areas of its portfolio. Its movie business increased profits on titles like "007 Skyfall" and "The Amazing Spider-Man," as well as selling rights to related merchandise, overcoming a poor showing for the remake of "Total Recall." Its financial division booked a large operating profit as the Japanese stock market continued to recover.

Sony booked a profit for the January to March quarter, in which it recorded profit for several deals to sell of holdings. Sales were up 8.3 percent from a year ago. The company's fiscal year runs from March through April.

16.00 | 0 komentar | Read More

Microsoft extends revenue per search agreement with Yahoo

Microsoft has extended a search revenue guarantee agreement with Yahoo for one more year, amid reports that the Internet company is trying to break its 10-year agreement with Microsoft.

The Redmond, Washington, software company, has agreed to extend the guarantee for an additional 12 months starting April 1, 2013, but only in the U.S., Yahoo said in a regulatory filing on Tuesday. Microsoft had in 2011 agreed to extend the guarantee in the U.S. and Canada through March 2013.

Under a 2009 search agreement for which implementation began in February 2010, Microsoft guaranteed Yahoo's revenue per search on its properties for 18 months after the transition of its paid search services to Microsoft's platform in each market, to protect Yahoo from the impact of the transition. It was part of a broader deal by which Yahoo moved its search backend to Microsoft's Bing and its paid search services to Microsoft's platform.

The so-called RPS Guarantee was calculated based on the difference in revenue per search between the pre-transition and post-transition periods and certain other factors, as Yahoo transitioned its paid search to Microsoft platforms. "To date, there has been a gap in revenue per search between pre-transition and post-transition periods in most markets and Microsoft has been making payments under the RPS Guarantee to compensate for the difference," Yahoo said in the filing.

Yahoo said that in line with the 2009 agreement, it had completed the transition of its search to the Microsoft platform in all markets, and also transitioned paid search in several markets.

The transition of its paid search platform to Microsoft's platform and the migration of paid search advertisers and publishers are expected to continue through 2013, and possibly into 2014, Yahoo said in the filing.

Yahoo under new CEO Marissa Mayer is, however, unhappy with the progress of the deal with Microsoft, and is hoping to end the contract, if it finds a way, reported The Wall Street Journal, citing an unnamed source. The newspaper outlined various options for Yahoo, including a mid-term termination of the deal in mid-2015, when either party can potentially opt out.

Yahoo and Microsoft were both expecting to benefit from the deal in terms of economies of scale in various areas including backend search technology and advertising. There has been considerable speculation previously that the alliance between Microsoft and Yahoo was in trouble. Mayer, who was formerly a top Google executive, signed an advertising deal in February with Google that would result in Google ads appearing on some of Yahoo's websites.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com

16.00 | 0 komentar | Read More

Stealthy Web server malware spreads further

A stealthy malicious software program is taking hold in some of the most popular Web servers, and researchers still don't know why.

Last week, security companies Eset and Sucuri found Apache servers infected with Linux/Cdorked. If that malware is running on a Web server, victims are redirected to another website that tries to compromise their computer.

Eset said on Tuesday it has now found versions of Linux/Cdorked engineered for the Lighttpd and Nginx Web servers, both widely used across the Internet.

Marc-Etienne M. Leveille of Eset wrote that the company has found 400 Web servers infected so far, of which 50 are ranked in Web analytics company Alexa's top 100,000 websites.

"We still don't know for sure how this malicious software was deployed on the web servers," Leveille wrote. "One thing is clear, this malware does not propagate by itself and it does not exploit a vulnerability in a specific software."

Linux/Cdorked has been active since at least December. It redirects visitors to another compromised website hosting the Blackhole exploit kit, which is a malicious program that tests computers for software vulnerabilities.

The redirect is only served to computers using Internet Explorer or Firefox on Microsoft's XP, Vista or 7 operating systems, Leveille wrote. People using an iPad or iPhone are not directed to the exploit kit but instead to pornography sites.

The pattern of the domain names where people are redirected suggests the attackers have also compromised some DNS (Domain Name System) servers, Leveille wrote.

The malware also will not serve up the attack if a person is in certain IP ranges or if "the victim's internet browser's language is set to Japanese, Finnish, Russian and Ukrainian, Kazakh or Belarusian," Leveille wrote.

"We believe the operators behind this malware campaign are making significant efforts to keep their operation under the radar and to hinder monitoring efforts as much as possible," Leveille wrote. "For them, not being detected seems to be a priority over infecting as many victims as possible."

Linux/Cdorked is stealthy but is not impossible to detect. It leaves a modified httpd binary on the hard drive, which can be detected.

But commands sent by the attackers to Linux/Cdorked are not logged in the normal Apache logs, and the redirect -- which sends people to a malicious website -- runs only in memory and not on the hard drive, Eset wrote last week.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

16.00 | 0 komentar | Read More

Passwords: You're doing it wrong. Here's how to make them uncrackable.

For years now I've harangued relatives about their shoddy password practices. Either they use easily-hacked passwords or forget the passwords they've created—sometimes both.

If you won't take it from me, beloved family, consider this Password Day (yes, apparently it's a thing) statement from McAfee's Robert Siciliano: "74% of Internet users use the same password across multiple websites, so if a hacker gets your password, they now have access to all your accounts. Reusing passwords for email, banking, and social media accounts can lead to identity theft and financial loss."

What's the fix? It's easier than you might think. For starters, head to Intel's Password Grader to see just how easily cracked your current password is. (The site promises not to retain any information, though still recommends that you not use your actual password—so maybe just use somethings similar.)

From there you can scroll down to see a simple step-by-step process for making your "hackable" password "uncrackable." (There's a longer and more informative version of this infographic on Sicilian's blog—and it doesn't require you to use the Password Grader if you'd prefer not to.)

The key takeaway here is to avoid the usual mix of letters, numbers, and punctuation you're often advised to use, and instead opt for an easier-to-remember passphrase.

So, for example, if your PC World password is something like "PCW0rldD4ve," you'd actually be better off with "I Love Reading PC World!" Sounds crazy, but as McAfee and Intel note, it's not about complexity, it's about length.

And you could adapt a similar passphrase to every other site you visit: "I Love Reading Facebook!", for example, and so on. Now you've got both diversity and simplicity in your corner. The only catch is that some sites won't allow you to use spaces, and others may limit password length.

How'd you fare on the Password Grader, and what other methods have you employed to create a hack-proof password system? I know some folks are big fans of tools like LastPass, which can auto-generate (and auto-fill) complex passwords for you. Your thoughts?

Contributing Editor Rick Broida writes about business and consumer technology. Ask for help with your PC hassles at hasslefree@pcworld.com, or try the treasure trove of helpful folks in the PC World Community Forums. Sign up to have the Hassle-Free PC newsletter e-mailed to you each week.

16.00 | 0 komentar | Read More

Senate passes Internet sales tax

The U.S. Senate has voted to allow states to collect sales tax from online retailers, making it more difficult to buy tax-free products online.

The Senate's vote of 69-27 for the Marketplace Fairness Act late Monday sends the bill to the House of Representatives, where it may face opposition from many antitax Republicans. U.S. President Barack Obama has voiced support for the bill, meaning he would sign it into law if the House passed it.

The bill would allow states to collect sales tax on large Internet sellers that have no presence within their borders, curtailing the ability of Internet shoppers to avoid sales tax. Now, online retailers only have to collect taxes in states where they have a physical presence, including retail stores and warehouses.

A bipartisan group of senators voted for the bill, with many Republicans, often against new taxes, voting for it.

Supporters argue the Internet sales tax would not be a new tax because the 45 states that levy sales taxes require residents to report their Internet purchases and pay taxes on them. More than 90 percent of people ignore the requirement or don't know about it, and states have not enforced those rules.

The bill would protect small Main Street businesses from unfair competition from Internet sellers and would allow states to collect sales tax that's already owed, said Senator Lamar Alexander, a Tennessee Republican. "This is common sense," he said. "This is fairness. This is states' rights."

Small brick-and-mortar businesses, because of state and local sales taxes, have to charge 5 percent to 10 percent more than Internet competitors, supporters argued.

But lawmakers shouldn't create new regulations for small online businesses when the U.S. economy is still sluggish, said Senator Ted Cruz, a Texas Republican. Lawmakers should focus on creating economic growth, he said.

"This bill goes in the exact opposite direction," Cruz said. "It would be a mistake to do anything to impinge the entrepreneurial growth of the Internet."

Savvy Internet shoppers would still be able to avoid paying sales taxes, because businesses with less than $1 million in annual Internet sales would be exempt from collecting the taxes. More than 90 percent of Internet sellers would be exempt from collecting the taxes, according to bill supporters.

Lawmakers have been fighting for more than a decade to pass Internet sales tax legislation, and some businesses have called on Congress to fix the problem since a 1992 Supreme Court case that prohibited states from collecting sales tax from sellers that have no physical presence within their borders.

The court, however, left an opening for Congress to streamline sales tax collection and allow out-of-state sales tax collection.

NetChoice, an e-commerce trade group, called the bill "a massive new tax regime on all forms of e-commerce." The legislation will expose Internet sellers to tax audits from 45 states, the group said.

"The Senate's new Internet tax may be cause for celebration in the boardrooms of the big box stores that supported it, but everyone else is in for a rude awakening when hundreds of state auditors are turned loose on thousands of small and mid-sized employers nationwide," NetChoice Executive Director Steve DelBianco said in an email. "We now look to the House of Representatives to fix the catastrophic flaws in this bill, and to protect the Internet economy as it continues to drive our fragile economic recovery."

Among the groups supporting the Marketplace Fairness Act are the American Conservative Union, Consumer Electronics Association, the National Retail Federation, the Retail Industry Leaders Association, Amazon.com, Best Buy, the American Booksellers Association and the Alliance for Main Street Fairness.Opposing the bill are several trade groups and Internet companies, including TechAmerica, the Financial Services Roundtable, the Competitive Enterprise Institute, eBay, Etsy, the Information Technology Industry Council, the National Taxpayers Union and TechNet.

16.01 | 0 komentar | Read More

Microsoft's Windows Blue to be available later this year

Microsoft's update of its Windows 8 operating system, code-named Windows Blue, will be available later this year, supporting a variety of form factors and display sizes, and providing more options for both businesses and consumers.

"The Windows Blue update is also an opportunity for us to respond to the customer feedback that we've been closely listening to since the launch of Windows 8 and Windows RT," said Tami Reller, Microsoft's chief marketing officer and chief financial officer in a post on Tuesday on the progress of Windows 8.

Microsoft shipped Windows RT for ARM-based devices and Windows 8 for devices based on Intel processors in October last year. The update to Windows 8 comes in the wake of sometimes adverse user feedback about the operating system, which is said to have failed to boost flagging PC sales.

First quarter PC shipments, for example, totaled 76.3 million units, down 13.9 percent compared to the same quarter last year, in part because Windows 8 failed to boost sales, and also because of the popularity of alternative computing devices like tablets, research firm IDC said in April.

Reller did not provide details on the features of the upcoming version of Windows 8.

Microsoft has recently crossed the 100 million licenses sold mark for Windows 8, about six months after its general availability, which includes Windows licenses that ship on a new tablet or PC, as well as upgrades to Windows 8. "This is up from the 60 million license number we provided in January," Reller said.

The company has also seen the number of certified devices for Windows 8 and Windows RT grow to 2,400, and is seeing more and more touch devices in the mix, she added.

"While we realize that change takes time, we feel good about the progress since launch, including what we've been able to accomplish with the ecosystem and customer reaction to the new PCs and tablets that are available now or will soon come to market," Reller said.

The decline in the PC market in the first quarter was worse than the 7.7 percent drop previously forecast, and the market could be headed into further contraction, IDC said in April. Reller, however, continues to be optimistic about the PC business.

"The PC is very much alive and increasingly mobile," she said. The PC part of the market is evolving fast to include "new convertible devices and amazing new touch laptops, and all-in-ones," she added. Some of these PCs are coming into the market now, and they are more affordable than ever, Reller said. The Microsoft executive said Windows 8 was also built to address a broader market consisting of devices like tablets.

Microsoft has also seen the number of apps in its Windows Store grow six-fold since launch. Over 250 million apps were downloaded from the store in the first six months, with almost 90 percent of its app catalog downloaded every month.

The company claims to be doing well in some of its other services too. It announced Monday that over 250 million people are now using its SkyDrive online file hosting service. Microsoft now has 400 million active accounts for its Outlook.com webmail, after completing the transition of Hotmail users to the new service. The company plans to add more features to Outlook.com, which started with the integration of Skype which is being phased in throughout the world. It now has over 700 million active Microsoft accounts using its services, Reller said.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com

16.00 | 0 komentar | Read More

China's Baidu expands online video business with $370 million acquisition

China's largest search engine Baidu is getting closer to becoming the country's largest online video provider with a new US$370 million acquisition.

Baidu is spending the money to buy the online video business of PPS, a popular video sharing company in China, it said Tuesday. The acquisition is expected to close in the second quarter of this year.

Following the acquisition, the online video business of PPS will be merged into Baidu's own video platform, known as iQiyi. The search giant claims this will turn iQiyi into China's largest online video platform by number of mobile users and video viewing time.

The acquisition by Baidu points to further consolidation of China's online video sector. Last year, two of the country's leading video sites, Youku and Tudou, joined forces in a major merger. The companies re-branded themselves as Youku Tudou.

The country's online video sector, however, is still fragmented and no video site yet dominates the market. Chinese censors have blocked Google's YouTube.

Baidu's acquisition is expected to help its iQiyi platform better compete with Youku Tudou. Both are licensing TV shows and movies from local and foreign production studios to attract users, but also adding to their operating costs. Last year, Youku Tudou spent $118 million on content costs.

iQiyi's CEO Gong Yu said in a statement Tuesday that the acquisition will help the video site improve user experience and content offerings. The country has over 371 million Internet users who frequent online video sites, according to the China Internet Network Information Center.

16.00 | 0 komentar | Read More

Google plans video subscription service on YouTube

Google plans to offer a video subscription service on YouTube, which according to a newspaper report, the company may announce this week.

YouTube is "looking into creating a subscription platform that could bring even more great content to YouTube for our users to enjoy and provide our creators with another vehicle to generate revenue from their content, beyond the rental and ad-supported models we offer," a YouTube spokesman said in an email on Monday.

There has been speculation previously that Google may launch a subscription service for premium content on YouTube, which is known mainly for advertisement-sponsored free content. The company has been offering some partners in select countries the opportunity to offer their content on rental. Viewers can pay to watch rental video, ad-free, for a designated time period, offered by YouTube on a revenue-sharing basis.

The new model to be offered by YouTube will apply to as many as 50 YouTube channels, and viewers will be charged US$1.99 a month, reported The Financial Times, citing people familiar with the plan. The company has nothing to announce at this time, the YouTube spokesman said.

A subscription service will put YouTube in competition with players like Netflix which offers ad-free streaming video for a subscription. Netflix users can watch unlimited TV shows and movies for a monthly subscription. It claims 36 million users over 40 countries on its website.

Google said in March that YouTube had over 1 billion unique monthly visitors, watching more than 6 billion hours of video each month on the video site.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com

16.00 | 0 komentar | Read More

McAfee to acquire firewall maker Stonesoft

McAfee plans to acquire Stonesoft, a Helsinki-based maker of firewalls, for US$389 million in cash, the companies said Monday.

The Intel subsidiary said firewalls are one of the fastest growing products in network security, which it plans to grow, according to a news release. Stonesoft's products will be integrated with McAfee's products, and its technology will stand alongside McAfee's IPS Network Security Platform and Firewall Enterprise products.

Stonesoft, which has 6,500 customers, also make evasion prevention systems and SSL (Secure Sockets Layer) VPN software. The company additionally does research into what it terms "advanced evasion techniques," or methods used by hackers to prevent their intrusions from being detected.

Government and companies are increasingly under pressure from hackers who seek to infiltrate networks and steal intellectual property. Detecting sophisticated attacks suspected to be sponsored by nation states are posing an increasing challenge.

In 2012, Stonesoft reported €40.1 million (US$52.5 million) in net sales, up from €30.6 in 2011, according to the company's annual report. Its operating profit in 2012 was €451,000. In 2011, it reported an operating loss of €1.1 million. The company had 251 employees at the end of last year.

Stonesoft CEO Ilkka Hiidenheimo -- also the company's founder -- is its biggest shareholder, with 16.3 percent of the shares and votes.

The offer per share is €4.50, which is a premium of 142 percent compared to the volume-weighted average trading price of Stonesoft's shares on the Nasdaq OMX in Helsinki for the year prior to the offer, according to Stonesoft.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

16.00 | 0 komentar | Read More

Amazon's new China app store could help pave way for Kindle products

Amazon.com has updated its mobile app store to include support for its Chinese customers, in a sign that the U.S. company could be preparing to sell its Kindle e-readers and tablets in the country.

The update effectively launches a new version of Amazon's app store built in the Chinese language. The store comes in the form of an Android app, and the company has been promoting it since this past weekend.

The arrival of the new store comes just months after Amazon launched its Kindle e-book service in China last December. Both are key platforms for bringing content to the company's Kindle devices in the U.S. market. But in China, Amazon has yet to start selling its tablet and e-reader hardware, and its local offices have been mum on a future release date. The company on Monday did not immediately respond for comment.

Despite the absence of official sales, the Chinese market is showing some "pent-up demand" for Amazon's e-readers, said Mark Natkin, managing director of Beijing-based Marbridge Consulting. Research data from last year showed that Chinese consumers were increasingly buying the e-readers from overseas markets, he added.

Amazon's Kindle Fire tablets could also sell well in the country, Natkin said. Apple currently dominates the nation's tablet sector, but the company largely focuses on the higher-end market. Amazon's Kindle Fire products, which start at US$159, could appeal to many consumers wanting a lower-priced device from a well-known brand, he added.

Lenovo became the country's second largest tablet vendor after Apple, with a 14 percent market share, by its focus on budget tablets, according to analysts.

Though a big name in the U.S., Amazon is, however, a small player in China's e-commerce market. It faces fierce competition from the local rivals, including Alibaba Group's Taobao sites and 360buy, another major online shopping mall. Both Taobao and 360buy also sell e-books.

China's market is also already saturated with local app stores, some of which are operated by handset makers and telecom operators. Amazon's new Chinese app store has been designed to include more local products. Software from Chinese social networking site Sina Weibo and video-sharing hub Youku Tudou are listed, but U.S. apps including Netflix and Twitter are not.

16.00 | 0 komentar | Read More

Cyberattack affected US defense contractor over three-year period

CSO

• Newsletters
• Dashboard
• RSS
• Solution Centers
  • SailPoint: Identity and Access Management
  • View All Solution Centers
• White Papers
• Webcasts
• Video
• Events
• Magazine
  • Latest Issue
  • Subscribe
  • Subscriber Services
• Twitter
  LinkedIn
  Facebook

• News
• Blogs
• Tools & Templates
• Security Jobs
• Basics
• Data Protection
  • Application Security
  • Network Security
  • Cloud Security
  • Social Networking Security
  • Wireless/Mobile Security
  • Malware/Cybercrime
  • Data Privacy
  • PCI and Compliance
  • IT Audit
  • Social Engineering
• Identity & Access
  • Access Control
  • Identity Management
  • Federated Identity
  • Identity Theft Prevention
• Business Continuity
  • Emergency Preparedness
  • Disaster Recovery
  • Supply Chain Security
  • Pandemic Preparedness
• Physical Security
  • Video Surveillance
  • Employee Protection
  • Fraud Prevention
  • Loss Prevention
  • Investigations/Forensics
  • Critical Infrastructure
• Security Leadership
  • Compliance
  • Executive Communication
  • Security Awareness
  • Strategic Planning/ERM
  • Metrics/Budgets
  • Security Industry
  • Global Security
  • Security Career/Staffing

16.00 | 0 komentar | Read More

Windows RT tablets already may be doomed, analysts say

Skip the navigation

Computerworld

• White Papers
• Webcasts
• Newsletters

• Solution Centers

  • BlackBerry: Build up your BlackBerry® 10 knowledge
  • BMC Control-M Workload Automation
  • View all Solution Centers
• Events

• Magazine

  • Latest Issue
  • Magazine Index
  • Subscribe
  • Subscriber Services
• Twitter
• Facebook
• Google+
• LinkedIn
• RSS

• Topics
  • Applications
  • Cloud Computing
  • Consumerization of IT
  • Data Center
  • Data Storage
  • Government/Industries
  • Hardware
  • Internet
  • Management
  • Mobile/Wireless
  • Networking
  • Operating Systems
  • Security
  • All Topics
• News
• In Depth
• Reviews
• Blogs
  • Featured Blogs
  • IT Blogwatch
  • Jonny Evans
  • JR Raphael
  • Michael Horowitz
  • Preston Gralla
  • Richi Jennings
  • Robert L. Mitchell
  • Shark Tank
  • All Bloggers
• Opinion
• Shark Tank
• IT Jobs

• More

  • Enterprise IT
  • Hot Topics
  • IDGE CEO Interviews
  • Insider Articles
  • QuickPoll Center
  • Slideshows
  • Video

• IT Verticals

  • Financial IT
  • Government IT
  • Healthcare IT

Consumerization of IT

• Bring Your Own Device (BYOD)|
• Location-Based Services|
• Personal Technology|
• Smartphones|
• Tablets|

16.00 | 0 komentar | Read More

Twitter needs to grow up and take responsibility, some say

Network World - Twitter, the increasingly popular micro-blogging service, has come under quite a bit of criticism in the past few weeks. Users of the platform, which describes itself as an "information-sharing network" are struggling with what to do about false information being spread around.

It may not sound like a big deal for individual users to let a white lie slip about some status update. But during the past few weeks there have been some more concerning examples of misinformation spreading across the social forum.

For example, Twitter users (as well as those on other popular sites such as Reddit.com) were quick to identify certain individuals as possible culprits of the Boston Marathon bombings days after the attacks, including a Brown University student who had been missing and was later found dead with no connection to the Boston incident. Rumors about whether suspects had been captured or arrested streamed through Twitter users' timelines as breaking news unfolded after the attacks, some of it true and some not.

After the commotion of the marathon incident seemed to have settled down a week later, another black eye for Twitter popped up when the Associated Press's Twitter account was hacked, and perpetrators sent out fabricated updates from the venerable news agency's Twitter feed reporting that the White House had been attacked and President Obama injured.

With such misinformation spewing out from the firehose that is Twitter, it begs the question: Is Twitter broken?

[WHO CAN BE TRUSTED? EFF: Trust Twitter -- but not Apple or Verizon -- to protect your privacy]

Twitter may have answered that question somewhat. The company is reportedly looking into adding a two-factor authentication system to the free service, according to Wired Magazine, which security experts say would make it harder for hackers to gain access to Twitter accounts, and could have possibly prevented the AP's incident.

"It's a great idea," to implement two-factor authentication, says Scott Behrens, an application security expert at security consultancy Neohapsis Labs. The administrative and technical challenges of rolling out a two-factor system will likely be some hurdles to implementing a system, he says because Twitter integrates with so many other services, apps and web sites.

Despite some developers of third-party Twitter apps being upset by recent changes to "clamp down" on Twitter APIs, Behrens says those changes could actually make it easier to ensure third-party apps are playing by Twitter's rules, including the potential roll-out of a two-factor system.

Two-factor authentication seems like a natural fit for the company though, especially in light of the recent incidents such as high-profile accounts like the AP being hacked. Others like the Burger King and Major League Baseball accounts have also been victims of hackings.

Two-factor systems, such as the ones sold from vendors like Symantec, RSA and others, usually require both a password that a user knows and some randomly-generated code that is supplied to them, and are an industry-accepted best practice security technique.  Google already has an optional two-factor system, but Behrens says there's a careful line. "Usability is the biggest question," Behrens said; Twitter still wants to keep it easy for Tweeters to use – especially non-technical savvy ones, which is why he believes an opt-in approach would likely be best. Behrens wonders if Facebook and LinkedIn follow in Twitter and Google's footsteps in exploring two-factor authentication?

16.00 | 0 komentar | Read More

Amazon accidentally leaks world's first small-screen Windows 8 tablet

The first-ever small-screen Windows tablet made a brief appearance on Amazon.com today, before quickly being yanked from the online retailer's e-shelves.

While Acer was busy showing off a smattering of large-screen Windows devices in New York Friday, the 8.1-inch Acer Iconia W3-810-1600 was briefly available for perusal in the digital realm. Why does that matter? Because all Windows 8 tablets released thus far have packed 10-inch or larger displays, as Microsoft's operating system was engineered before diminutive tablets like the Nexus 7 and Kindle Fire became all the rage.

Oops! (Click to enlarge.)

Microsoft has tweaked a bevy of features and specs since the release of Windows 8 to create a friendlier environment for smaller slates. The OS's hardware certification program recently dropped the minimum allowable screen resolution for Windows 8 tablets from 1366-by-768 down to 1024-by-768, while leaked builds of the impending Windows Blue update sported a Snap feature that works just fine on tiny tablets. (Previously, Snap only worked on displays with that 1366-by-768 resolution.)

The Acer Iconia W3's tech specs, according to Amazon. (Click to enlarge)

As far as Acer's Iconia W3 goes, rumors of the 8-inch slate first surfaced in late April. It's still yet to make an official debut, but the Amazon page revealed that the tablet packs a dual-core Atom processor, along with numerous other technical details you can see in the image to the right.

A few key details stand out about the Iconia W3. First of all, it definitely takes advantage of the reduced screen resolution spec, with a Nexus 7-matching 1280-by-800 display.

Second, the inclusion of an x86 processor means the 1.1-pound slate will run the full-blown version of Windows 8, rather than the neutered Windows RT operating system. We still have some reservations about using the full-blown version of Windows 8 on such a small screen, but hey, 7-inch tablets are what people are buying. Microsoft needs to be there to be competitive.

The most notable part of the Acer Iconia W3's Amazon listing, however, is the price. Small screen Windows tablets have had one major question hovering over their heads since the concept was first floated: How low can they go?

The rear of the Acer Iconia W3.

Android tablets hit such rock-bottom prices because Google doesn't force manufacturers to pay a license fee for the OS, whereas OEMs need to pay Microsoft for each and every Windows tablet built. Microsoft is rumored to be offering Windows and Offices at highly reduced costs to spur small slate development, however.

Amazon's early leak of the Acer tablet gives us an unofficial price barometer. The e-tailer had the Iconia W3 listed at a $379.99 That's more than a dirt-cheap Android tablet, but far from outrageous—basically, it offers the full Windows 8 experience for just $50 more than the cost of the iPad mini.

Not too shabby. We'll undoubtedly hear more about the Acer Iconia W3—and presumably, a multitude of other small-screen Windows slates—in the weeks and months to come.

16.00 | 0 komentar | Read More

A telecom landmark gets wired for the cloud

The Pacific Bell tower in San Francisco, the high-rise headquarters of the phone company through eight decades and several name changes, was a monument to copper.

When the 26-story skyscraper was built, Pac Bell's business was connecting people through a technology that many were starting to use for the first time. Phones were catching on all over the West Coast, particularly in San Francisco, and Pac Bell was buying up small carriers as part of the budding nationwide Bell System. The communications arteries that fed this growing trend were thick trunks of copper wires, each with a capacity that seems positively petite by today's standards.

But when the tower reopens later this year after a nearly two-year restoration, it will be the newest office hub for a booming local tech scene that worships at the altars of fiber and wireless. And the technology advances that have revolutionized telecommunications over the past century have allowed the building's new owner to pave the way for almost limitless connectivity to each tenant. Watch an IDG News Service video of the building, here.

Stockbridge Capital Group and developer Wilson Meany acquired the building and an adjacent garage from AT&T in 2007 for US$117 million. A plan to convert it to condominiums fell through, but soon San Francisco's commercial real estate market boomed and the strategy shifted to office space. The graceful Art Deco tower, designed by famed architects James Rupert Miller and Timothy Pflueger, will house up-to-date office space with historic features such as exposed brick walls and opening windows.

San Francisco-based Yelp has leased about half of the building as its future headquarters and, as of last week, 70 percent of the total space is leased, according to Wilson Meany. Two restaurants are already lined up for the ground floor, and the building should be fully occupied and functioning by next April, said Wilson Meany project manager Josh Callahan.

To bring the building up to date, Wilson Meany gutted it, ripping out interior walls that were covered with generations of office decor layered on top of each other, Callahan said. The building had been office space for about 2,000 rank-and-file PacBell workers and a few high-ranking executives, but it wasn't a switching hub.

Yet in the basement, Wilson Meany found several times the network capacity of a typical office tower. There were 8,000 pairs of copper wire and six or seven fiber cables coming in from the street, compared with about 1,500 copper lines and one fiber cable in most buildings, said Keith Burrows, executive vice president of Decker Electric, the project's electrical subcontractor.

Most of that wiring is no longer needed. With traditional copper lines, each phone needed its own pair of wires. Designed just for voice calls, they topped out at 56Kbps (bits per second). Later, T-1 lines (1.5Mbps) let companies link 24 phones to the outside world over just two pairs. But Wilson Meany expects most of the phones at 140 New Montgomery to use VoIP (Voice over Internet Protocol), which sends calls over an Ethernet LAN and then onto fiber. One fiber cable, which can bundle together hundreds of strands of fiber, can carry almost unlimited amounts of voice and data traffic. To meet traditional phone needs, Wilson Meany will keep one copper trunk with 1,800 to 2,400 pairs and give each floor enough wire for 24 individual phone lines.

The developer is using one fiber cable for its own use and will allow tenants to deploy their own cables. There are eight conduits up through the building, each four inches in diameter, for just this purpose.

"The biggest thing is to get the pathways in. That's what we've done. That gives everybody the ability to get what they want in the future," Burrows said. Even Yelp, which might have as many as 1,000 employees in the building, would only need one fiber cable to the outside world for all its voice and data traffic, he said. "To get an amazing fiber service, it's one fiber the size of your finger."

Tenants can bring that fiber to a wiring closet on each floor and connect it to an Ethernet LAN with wiring laid in trays hung from the exposed cement ceilings. That's typical today, but it's a departure from the wiring system that Pacific Bell installed when it built the building. PacBell ran its phone lines down pipes in the concrete floor, pulling it up to employees' desk phones through holes in the floor spaced every few feet. That system was on the cutting edge in 1925 and became common in later decades, but now internal wiring is typically laid above a dropped ceiling or in trays hung below an exposed ceiling, which 140 New Montgomery's tenants are expected to do.

Ensuring good wireless signals in a building built at the dawn of the radio age may be more of a challenge. The exterior walls of 140 New Montgomery are concrete, with brick filler on the inside, originally covered but now exposed for a historic look. Neither material is very friendly to wireless networks, and in retrofitting the structure for seismic safety, Wilson Meany added more concrete and 2 million pounds of reinforcing bars in the core of the building.

The developer is still evaluating how Wi-Fi will perform in that setting. It will provide Wi-Fi on the first floor and in a private courtyard, but any additional networks will be the tenants' responsibility. Repeaters should allow them to cover the L-shaped floorplans, Callahan said. With the phone company's original hollow-tile interior walls gone, any new office walls can be built with plasterboard, which doesn't block signals as much.

Cellular coverage is fairly good at 140 New Montgomery now, partly because the floors are fairly narrow and a tall window is never far away. But the building is also still empty, Callahan pointed out. Relying on conventional macro cells outside may work for a while, but Wilson Meany plans to have some form of cellular repeater or distributed antenna system installed by either an existing carrier or a neutral host provider, he said.

One place where the landmark building will scrape the cutting edge of technology is in the building management network. Elevator controls, building security, mechanical controls, per-floor power meters and HVAC (heating, ventilation and air conditioning) systems will all be linked over an Ethernet LAN running up the central riser of the building, Callahan said. That linkage will allow for better overall management, including remote Web-based management, and for automating some tasks. For example, when an employee arrives and flashes an identity badge, he or she can be directed to an elevator that will go right to the correct floor.

But in most ways, the point of 140 New Montgomery is not to break new ground as much as to put current technology in a massive Art Deco jewel box. "It's taking a building of this architectural quality and size and bringing it up to those same standards that a new building would have," Callahan said. The developers, architects and subcontractors want to let tenants create future technologies in a space that says something about the past, and maybe a bit about an earlier communications boom.

Stephen Lawson covers mobile, storage and networking technologies for The IDG News Service. Follow Stephen on Twitter at @sdlawsonmedia. Stephen's e-mail address is stephen_lawson@idg.com

16.00 | 0 komentar | Read More

Google and Adobe beautify fonts on Linux, iOS

Users of Android, Chrome OS, Linux, and iOS devices may not realize it, but FreeType open source software is used to render fonts on more than a billion such devices. Not only that, but the FreeType project this week got a significant update from none other than Adobe and Google.

Specifically, Google and Adobe on Wednesday released into beta the Adobe CFF engine, an advanced Compact Font Format (CFF) rasterizer that "paves the way for FreeType-based platforms to provide users with richer and more beautiful reading experiences," as Google put it in an online announcement on the Google Open Source Blog.

The new rasterizer is now included in FreeType version 2.4.12. Though it's currently off by default, the technology is "vastly superior" to the old CFF engine and will replace it in the next FreeType release, the project says.

'Very high quality display'

CFF is a descendant of the PostScript font format developed by Adobe. CFF fonts have been popular on the desktop over the last decade, but TrueType, developed by Apple, has typically dominated the Web and mobile devices.

"This reflects the legacy of low-resolution monochrome displays, an area where 'superhinted' TrueType fonts could produce better results," Adobe explained in a blog post.

"Hinting" refers to the adjustment in the display of an outline font so that it lines up with a rasterized grid.

GoogleThe new Adobe CFF rasterizer produces more even blackness, fewer blobs, more even and consistent character heights, and fewer dropouts.

In any case, with the addition of high-quality CFF font support, mobile developers now will have more fonts to choose from. CFF offers a smaller file as well as a method of hinting that "ensures excellent rendering across a wide range of environments and devices," Adobe added.

More faithful to typeface design

CFF fonts are "capable of very high quality display, but the technology places the burden for this display quality on the text rasterizer instead of on the font as is done in TrueType," Google engineers Stuart Gill and Brian Stell explained. "The new Adobe CFF engine brings that high quality rasterizer support to FreeType."

In fact, the new Adobe CFF engine is also considerably more faithful to typeface design, Google added. Among the improvements included are better stem widths and placement, fewer dropouts, dramatic reduction in the 'blobbiness' of Chinese, Japanese, and Korean, and more even visual weight.

The code is now in "mature" beta and available for testing, according to the Git announcement.

'Easier to read'

Users of devices that incorporate the new version of FreeType will now be able to enjoy the same font rendering experience for CFF fonts that they have had for years on Windows and OS X, Adobe noted.

Indeed, "while all of this may sound somewhat technical, the advantages are not, and will benefit technical and non-technical users alike," Google added, "These improvements lead to more beautiful looking text that is easier to read."

The new beta is available for download from the Git repository.

16.00 | 0 komentar | Read More

Lawsuit halts US bitcoin exchange partnership

A partnership that sought to make it easy for Americans and Canadians to buy the virtual currency bitcoin has dissolved into a US$75 million lawsuit.

Bitcoin startup CoinLab alleges that the largest bitcoin exchange, Mt. Gox in Tokyo, breached a November 2012 agreement that would connect the companies' IT systems for North American bitcoin purchases.

The suit, filed Thursday in U.S. District Court for the Western District of Washington, alleges Mt. Gox failed to transfer the account of North American users, including login and password information, to CoinLab. Gawker posted a copy of the lawsuit which was not yet available on online court records.

The suit also contends that despite an exclusivity agreement with CoinLab, Mt. Gox continued to court North American customers and accept new business.

CoinLab, based in Seattle, had been strangely quiet in recently weeks in regards to its Mt. Gox partnership. In late February, CoinLab said the cooperation with Mt. Gox would begin around March 22, but it didn't appear to take off.

Mt. Gox runs the largest exchange for bitcoin, which allows people to purchase the currency on an open electronic market. Mt. Gox holds a large majority of the market for bitcoin exchange services, but according to the lawsuit, has no established banking relationships in the U.S. or Canada.

CoinLab CEO Peter Vessenes wrote on a company blog that the delays caused by Mt. Gox left him apologizing to customers.

"What tipped us into filing was our complete inability to get Mt. Gox to deliver on the few simple things left that were needed for customers to move over en-masse," Vessenes wrote.

Mt. Gox spokesman Gonzague Gay-Bouchery said the company's lawyers were checking into the lawsuit and did not have an immediate comment.

"We will update people shortly on this," he wrote in an email.

Mt. Gox has suffered problems in recent weeks with distributed denial-of-service attacks that have disrupted trading and caused bitcoin's price to wildly fluctuate. As of 3:20 AM UTC time on Friday, a bitcoin traded for around US$98.50.

The Bitcoin network was launched in 2009. It is the creation of Satoshi Nakamoto, a presumed pseudonym for an expert cryptographer who described the system in a nine-page white paper. The electronic currency can be transferred using one of the many software clients that implement its protocol.

It takes about an hour or less for a transaction to be confirmed anywhere in the world. Transfers incur either a very low fee or are free.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

16.00 | 0 komentar | Read More

Barnes & Noble boosts content on Nook with Google Play

Barnes & Noble is adding the Google Play store to HD versions of its Nook tablet, in a bid to counter slowing sales of its devices.

Nook HD and Nook HD+ customers will be able to access over 700,000 Android apps and games, millions of songs and more, besides the Chrome browser, Gmail, YouTube, Google Search and Google Maps, the bookseller said Friday.

The Nook Store will also continue to be available to users. It continues to feature books, magazines and Nook apps tailored for the devices including educational apps for kids, the company said.

By including Google Play on the Nook, Barnes & Noble may be bowing to user pressure to open up its devices to more content. The company did not disclose the revenue it would share with Google in its release.

In its fiscal third quarter ended Jan. 26, Barnes & Noble said its Nook business had revenue of US$316 million, down 26 percent year-on-year, mainly because of "lower device unit volume." The company said it would focus on digital content, which saw sales increase 6.8 percent over a year earlier.

Barnes & Noble is providing software update version 2.1.0 that provides access to Google Play and the other Google services. The software update will be available to new and existing Nook HD and Nook HD+ customers in the U.S. and U.K. at no cost through an automatic over-the-air update, starting Friday for users connected to Wi-Fi. The software can also be updated manually.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com

16.00 | 0 komentar | Read More

China cracks down on Internet bird flu rumors

Chinese authorities have detained two Internet users for allegedly spreading rumors about the new bird flu virus on the nation's top Twitter-like microblogging site, Sina Weibo.

The two Internet users, surnamed Li and Gong, deliberately created the online rumors as a way to draw attention, according to a Thursday posting from China's State Internet Information Office.

Chinese police will detain Li for five days, and Gong for 10. In addition, authorities have shut down over 20 accounts on Sina Weibo belonging to the two Internet users and several others.

Sina Weibo is one of China's most popular social networking sites, with over 503 million registered accounts. But authorities regularly censor information on the site, deleting posts that deal with anti-government topics or cover sensitive subjects. In some instances, Chinese police have gone as far as arresting users for spreading alleged online rumors.

Currently, a small number of users are spreading rumors on Sina Weibo in the guise of dispelling lies, according to the China's State Internet Information Office. In response, authorities are increasing efforts to crack down on the rumors.

Both Li and Gong are from China's Guizhou province, located in the country's southwest. No confirmed bird flu cases have yet to be reported in the province as of May 1, according to the World Health Organization. In total, more than 126 bird flu cases have been found in China, mostly in the eastern part of the country. 24 deaths have been recorded.

16.00 | 0 komentar | Read More

Australia mulls data breach notification law, but details are secret

Australia's government is keeping a tight hold on proposed data breach notification legislation that could become law before a federal election in September.

The country does not have a data breach notification law. Instead, the federal government recommends that organizations notify the Office of the Australian Information Commissioner (OAIC) if a breach poses a "real risk of serious harm."

Earlier this month, the Attorney-General's Department privately shared a draft bill with some stakeholders that outlines the government's thoughts on data breach notification and what would be required of companies and organizations.

A spokesman for the attorney general said Thursday the draft bill hasn't been publicly released. The document, titled "Exposure Draft -- Privacy Amendment (Privacy Alerts) Bill 2013," was obtained by SC Magazine but not published.

However, some organizations and companies have publicly published their responses to the draft legislation. Roger Clarke, chairman of the Australian Privacy Foundation (APF), said the attorney general shared the draft bill with the APF on the condition it be held in confidence.

Clarke said the draft bill, which he believes should be publicly released, could be stronger and needs some tightening.

"We think there's a number of things that need to be changed," Clarke said. "I don't think it needs to be rewritten."

The APF argued in its April 22 response to the Attorney General that determining when an organization should report a breach -- which it said is defined in the draft bill as a "real risk of serious harm" -- is too high. Any breach should be subject to notification when there is any risk of harm, the APF said.

Under the draft bill, "notification would generally remain voluntary, except in the case of some very serious breaches, and the result would be that the bill would "only have a very limited impact on organizations that have inadequate safeguards," the APF wrote.

Organizations should be subject to "substantial penalties" for failing to secure their data, he said.

"We are arguing for criminal, not just civil liability," Clarke said.

A spokeswoman for the OAIC said on Thursday that Privacy Commissioner Timothy Pilgrim in general supports a data breach notification law.

Last November, the OAIC said current data breach notification arrangements are insufficient. New legislation, the OAIC suggested, should be an amendment to the Privacy Act 1988.

In December, Australia's Parliament passed a bill that amended the Privacy Act, which included giving Pilgrim the power to seek civil penalties for serious data breaches. But the bill stopped short of mandating that organizations notify consumers of data leaks.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

16.00 | 0 komentar | Read More

D-Link publishes beta patches for IP camera vulnerabilities

D-Link has published beta patches for vulnerabilities in the firmware of many of its IP surveillance cameras, which could allow a hacker to intercept a video stream.

The company said on its support forum that it will publish a full release of the upgraded firmware within a month. Some of D-Link's consumer IP cameras in its Cloud product line will automatically receive the updates.

"We are releasing beta firmware with the security patch for customers who want to manually update their cameras immediately," a D-Link administrator wrote on the company's support forum.

The administrator also posted instructions for how to upgrade the firmware. Users should not upgrade over a wireless connection, as an error could break the camera.

Identical notices were published on the pages for other affected products. The updates come after Core Security published on Monday details of five vulnerabilities in D-Link's firmware, which is used in more than a dozen of its products.

D-Link's IP video cameras can take stills and record video and can be managed through web-based control panels or mobile devices. Core found a range of problems, including hard-coded credentials and authentication issues that could allow an attacker access via the RTSP (real time streaming protocol).

The technical details were posted in the Full Disclosure section of Seclists.org. Some of the products have been phased out by D-Link, according to the company's website.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

16.00 | 0 komentar | Read More

Dish chairman says Sprint modernization has to be done from the US

Dish Network chairman Charlie Ergen said Wednesday that his is an American company, and the modernization of Sprint Nextel's network will have to be done from the U.S. with operations control in the country, and English speaking staff.

The remarks in an interview to USA Today come after SoftBank Chairman and CEO Masayoshi Son, which has a rival bid for Sprint, took a swing at Dish.

"We're offering a higher price. That's just math," Ergen said in the interview. It's insulting to managers of Sprint to say that the only team that knows how to build a network is in Japan, he added.

Dish, a satellite TV service provider, made a US$25.5 billion bid to acquire Sprint last month. SoftBank in Tokyo announced in October last year that it had reached an agreement to acquire a 70 percent stake in Sprint for $20 billion.

Dish has previously also focused on its advantages as a U.S. company for clinching the Sprint deal. In filings to the Federal Communications Commission, it has argued that its merger proposal was better for U.S. national security than the proposal from SoftBank. It also said that the proposed merger would put more U.S. spectrum than anyone else holds in the hands of a single, foreign-owned company.

Son on Tuesday criticized the offer made by Dish in Englewood, Colorado, claiming it is based on "imaginary" numbers and would create a company with "insane" levels of debt. SoftBank did not plan to increase its bid for Sprint, as it was already offering a better deal than Dish, he said in Tokyo. Dish's proposal includes a large payment in stock, and some of the payment would be delayed for a year, while SoftBank would pay immediately in cash, he added.

Countering claims that Dish was an amateur in the mobile business, Ergen said that Dish grew without previous experience in the satellite business, much the way SoftBank evolved from technology investor to wireless carrier.

Son claimed that as SoftBank and Sprint are both mobile operators, their merger would create one of the largest operators in the world with clout in procurement and other deals. Both companies are rolling out high-speed LTE networks for smartphones, while Dish is in a different business as a satellite provider, he added.

SoftBank received support for its bid earlier this week from chip maker Intel, which described Son's plan to build a high-speed competitive third national network as "very compelling." In a letter to FCC Chairman Julius Genachowski, Intel CEO Paul Otellini said he preferred that SoftBank rather than Dish acquired Sprint, as competition in the wireless space is needed as the model provided by AT&T and Verizon Wireless is not giving that to consumers at this time.

Sprint has also received clearance from SoftBank to enter into a non-disclosure agreement with Dish to get further information from it regarding its offer. Sprint is, however, barred from disclosing any non-public information to Dish or to negotiate terms for a future deal.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com

16.00 | 0 komentar | Read More

Report: Yahoo drops Dailymotion deal in face of French opposition

Yahoo has scrapped plans to invest in French online video site Dailymotion, after the French government opposed the Internet giant acquiring a majority stake in the company, according to reports.

French Industry Minister Arnaud Montebourg told Yahoo chief operating officer Henrique de Castro and France Telecom chief financial officer Gervais Pellissier during a meeting in April that he did not want a 75 percent stake in one of France's best startups to be sold to a U.S. Internet giant, The Wall Street Journal reported, citing people briefed on the meeting.

The deal would have valued Dailymotion at US$300 million, according to the newspaper.

Earlier, French news reports had also indicated that the French government was opposed to Yahoo acquiring a majority stake in the company.

France Telecom bought 49 percent of Dailymotion in 2011, to meet increasing demand from customers for video content on mobile devices. The agreement provided for a progressive capital increase to 100 percent in 2013, which was completed earlier this year, and "the integration of new business partners."

To save the deal, France Telecom executives and government officials tried to turn it into a 50:50 partnership, which the U.S. company declined last week, WSJ reported.

16.01 | 0 komentar | Read More

Aging networking protocols abused in DDoS attacks

Aging networking protocols still employed by nearly every Internet-connected device are being abused by hackers to conduct distributed denial-of-service (DDoS) attacks.

Security vendor Prolexic found that attackers are increasingly using the protocols for what it terms "distributed reflection denial-of-service attacks" (DrDos), where a device is tricked into sending a high volume of traffic to a victim's network.

"DrDos protocol reflection attacks are possible due to the inherent design of the original architecture," Prolexic wrote in a white paper. "When these protocols were developed, functionality was the main focus, not security."

Government organizations, banks and companies are targeted by DDoS attacks for a variety of reasons. Hackers sometimes use DDoS attacks to draw attention away from other mischief or want to disrupt an organization for political or philosophical reasons.

One of the targeted protocols, known as Network Time Protocol (NTP), is used in all major operating systems, network infrastructure and embedded devices, Prolexic wrote. It is used to synchronize clocks among computers and servers.

A hacker can launch at attack against NTP by sending many requests for updates. By spoofing the origin of the requests, the NTP responses can be directed at a victim host.

It appears the attackers are abusing a monitoring function in the protocol called NTP mode 7 (monlist). The gaming industry has been targeted by this style of attack, Prolexic said.

Other network devices, such as printers, routers, IP video cameras and a variety of other Internet-connected equipment use an application layer protocol called Simple Network Management Protocol (SNMP).

SNMP communicates data about device components, Prolexic wrote, such as measurements or sensor readings. SNMP devices return three times as much data as when they're pinged, making them an effective way to attack. Again, an attacker will send a spoofed IP request to an SNMP host, directing the response to a victim.

Prolexic wrote there are numerous ways to mitigate an attack. The best advice is to disable SNMP if it is not needed.

The U.S. Computer Emergency Readiness Team warned administrators in 1996 of a potential attack scenario involving another protocol, Character Generator Protocol, or CHARGEN.

It is used as a debugging tool since it sends data back regardless of the input. But Prolexic wrote that it "may allow attackers to craft malicious network payloads and reflect them by spoofing the transmission source to effectively direct it to a target. This can result in traffic loops and service degradation with large amounts of network traffic."

CERT recommended at that time to disable any UDP (User Datagram Protocol) service such as CHARGEN if it isn't needed.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

16.00 | 0 komentar | Read More

Electricity zaps gamers' muscles for force feedback

A research project on show at the Computer Human Interaction conference in Paris uses a small electrical current to give the sensation of force feedback while gaming.

The system, developed by researchers at Germany's Hasso Plattner Institute, involves sticking electrodes on gamers' forearms and then delivering a small pulse of electricity from a 9-volt battery. The pulse makes the muscle contract and it's the fighting of that contraction that delivers the feeling of force feedback.

To see the prototype in action, watch a video on YouTube.

"Traditionally I think people are going to remember arcades in the 80s or 90s and playing with force feedback," said Pedro Lopes, a Ph.D. student at the Hasso Plattner Institute. "Your car was drifting on gravel or something like that and you would feel physical forces."

With the advent of mobile gaming, force feedback has all but gone away, he said at the CHI conference Tuesday. Some other research projects have experimented with delivering force feedback, but they typically involved "motors or exoskeletons or a crazy actuator."

"We just deliver a little medically compliant current which causes your muscle to actuate and you feel like you're being actuated," Lopes said.

Muscle contractions usually happen at about 12 volts and 20 milliamps, or less, according to Lopes. He built the prototype system with off-the-shelf parts including a medical grade signal generator to produce the current.

IDG News Service had a chance to try the system in Paris. There's no pain in the muscle, just a contraction, but the skin feels the current a bit different; not a painful sensation, just slightly uncomfortable.

The prototype is quite bulky, but Lopes wants to slim it down and make it wireless.

"I'd just have a bracelet with electrodes inside," he said. "[It would be] all Bluetooth communication and you can just have two gaming bracelets with force feedback."

Zapping conference attendees is becoming more commonplace at CHI. Last year, students from Japan's Meiji University added electricity to food to change its taste. Their idea is that electricity can mimic the taste of salt allowing people to consume less of it. They were back this year with more electric food.

Both groups made conference attendees sign medical waivers before wiring up.

Nick Barber covers general technology news in both text and video for IDG News Service. E-mail him at Nick_Barber@idg.com and follow him on Twitter at @nickjb.

16.00 | 0 komentar | Read More