Diberdayakan oleh Blogger.

Popular Posts Today

NSA chief asks tech firms to team on cybesecurity

Written By Unknown on Senin, 30 September 2013 | 16.01

Gen. Keith Alexander, head of the embattled National Security Agency (NSA), says he is willing to share cyberattack information with the private sector—an offer seen as a Trojan horse by at least one expert.

keith_alexander_nsaGen. Keith Alexander

Last week, Alexander told attendees of his keynote at the Billington Cybersecurity Summit that the NSA, the FBI, the Department of Homeland Security (DHS), and the CIA are ready to pass information back and forth with a select group of private organizations, provided they get the authorization from Congress.

"We need the authority for us to share with them and them to share with us," Alexander said, reported Kaspersky Labs' ThreatPost security website.

Alexander's comments came a day after U.S. Sen. Dianne Feinstein, chairwoman of the Senate Intelligence Committee, told The Hill newspaper that she planned to move forward with a draft of the Senate's version of the Cyber Intelligence Sharing and Protection Act (CISPA). The House version passed in April.

In general, CISPA would remove the threat of privacy lawsuits companies face in sharing cyberattack data with each other and the government. The legislation would also set the rules for the government to share sensitive information.

Sharing data for greater security

Most experts agree that information-sharing would bolster the defenses of the nation's financial institutions and critical infrastructure providers, such as utilities, water facilities, and oil and gas pipelines. The disagreement is over how the transfer of data to the government can be done without compromising privacy.

Revelations of massive NSA data gathering from telecom and Internet companies has sparked a fierce national debate on whether the spy agency's antiterrorism activities have gone too far in collecting information on innocent Americans.

In claiming the NSA has done nothing illegal, Alexander blamed calls from Capitol Hill to restrict government surveillance on "sensationalized" reporting and "media leaks," Politico reported he said in his speech.

Instead of less information, the NSA needs more from the private sector to stop cyberattacks against key industries before they start. "Right now, what happens is the attack goes on and we're brought in after the fact," ThreatPost reports Alexander as saying. "And I can guarantee you 100 percent of the time we cannot stop and attack after the fact."

Security experts urge caution

However, Jerry Brito, senior research fellow with the Mercatus Center at George Mason University, said the NSA already had the authority to share data if it really wanted to. The agency could declassify information on its own and pass it along to companies.

nsa

"There's nothing stopping them today from sharing data from the NSA to these companies," said Brito, who heads Mercatus' Technology Policy Program. "What they really want is more information about the communications of Americans under the rubric of cybersecurity information sharing."

Kevin Coleman, strategic management consultant at SilverRhino, was supportive of Alexander, saying information from the NSA and other federal agencies would help companies take the "proactive approach" needed to improve their cyberdefenses.

"This is a great step forward and if properly used by the nation's critical infrastructure providers will substantially improve their ability to defend against cyber threats that are growing in frequency and complexity," Coleman said. SilverRhino provides cybersecurity services to government agencies.

Alexander defended U.S. Internet companies including Google, Facebook, and Microsoft, whose images have been tainted by media reports of them sharing user information with the NSA. While referring to the companies only as the "industry," he said they "have taken a beating on this, and it's wrong."


16.01 | 0 komentar | Read More

IBM to pay $44,000 fine over online job listings

IBM will pay a US$44,000 fine to settle a case alleging it violated anti-discrimination law by placing online job listings seeking software developers with specific visas, the U.S. Department of Justice said Friday.

The company sought people holding F-1 and H1-B visas for positions that would have required the candidates to relocate outside the U.S, the agency said in a news release.

The Immigration and Nationality Act does not allow employers to express a preference for visa holders over U.S. citizens and permanent residents unless required to comply with another law, an executive order or a government contract, the agency said.

F-1 visas are issued to foreign students who are studying in the U.S., while H1-B visas are six-year visas for people with technical expertise.

IBM also agreed to revise its hiring and recruiting procedures, including training human resources employees about INA complications. The company will be required to report on its process for a two-year period.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk


16.00 | 0 komentar | Read More

Apple beats Coca-Cola to emerge as most valuable global brand

Apple has emerged as the most valuable brand in the world, passing Coca-Cola which held the top position for 13 years, according to a report released by brand consultancy Interbrand.

The maker of high-profile products like the iPad and iPhone, which was ranked second last year, saw its brand value grow 28 percent this year to US$98.3 billion. Other tech companies that figured in the top five rankings for 2013 were Google at number two and IBM and Microsoft at fourth and fifth place, respectively. Google was number four in 2012, while IBM was third and Microsoft held the fifth position last year.

"Few brands have enabled so many people to do so much so easily, which is why Apple has legions of adoring fans," Interbrand said in the report released Monday. Apple has set a high bar for aesthetics, simplicity and ease of use that other tech brands have to match, and Apple itself will have to continually exceed, the report said.

Competitor Samsung Electronics, at number eight, saw its brand value go up 20 percent to $39.6 billion, as the brand continues to strengthen its position globally, spending more than $4 billion in marketing last year, and launching innovative products such as the Galaxy S4 and Galaxy Note II, according to the Interbrand report.

The challenge for Apple is to slow "Samsung's momentum and capture the booming Chinese mobile market." As significantly, the world is awaiting another innovative product from Apple, which could be perhaps the iWatch wearable computer or something completely unexpected, Interbrand said. The company's reputation has, meanwhile, taken some hits after it was found guilty of conspiring with five large book publishers to fix e-book prices, and faced allegations about worker conditions in China at its supplier Foxconn, and ongoing patent disputes with Samsung.

The going is getting tougher for Apple, which reported that revenue was flat at about $35.3 billion in its fiscal third quarter ended June 29, while net profit dipped to $6.9 billion from $8.8 billion in the same quarter last year. Its smartphone market share dropped in the second quarter to its lowest level in three years of 13.6 percent compared to Samsung's over 33 percent, according to research firm Strategy Analytics. Apple was, however, ahead of Samsung in tablets in the second quarter of 2013, with a 32 percent share of the market to Samsung's 18 percent, according to IDC.

Interbrand's rankings, first introduced in 2000, covers global brands that have at least 30 percent of their revenues from outside the brand's home region. The brands must also have a presence in at least three major continents, and broad geographic coverage in emerging markets. Brands are rated on the financial performance of the branded products or services, the role they play in influencing customer choice, and ability of the brand to command a premium price or secure earnings for the company, Interbrand said in a statement.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com


16.00 | 0 komentar | Read More

Google's redesigned tab page annoys some Chrome users

Written By Unknown on Minggu, 29 September 2013 | 16.01

Google last week started rolling out a redesigned new tab page for Chrome, making good on a promise from last month when it offered the revamp to users running rougher-edged versions of its browser.

Most users gave the new look a failing grade. "Fail, fail, fail," said Philip Wright, one of those who commented on the announcement.

Google characterized the addition as a way to speed up search.

"We're rolling out a feature that can make searching faster and simpler with a streamlined New Tab page," said the Chrome team on its Google+ page. "If you use Google as your default search engine, the next time you open a new tab in Chrome the search bar will be front and center ... [and] you'll also be able to check out current Google Doodles."

chrome

The new tab page appears when users press Ctrl-T (Windows) or Command-T (OS X) in Chrome. All browsers offer a similar new tab page that, at a minimum, shows thumbnails of the user's most visited websites. The feature, which debuted on Opera, has been copied by all its rivals, including Chrome, Microsoft's Internet Explorer, Mozilla's Firefox, and Apple's Safari.

Firefox was the last to acquire a graphical new tab page when in June 2012 Mozilla released Firefox 13.

Chrome's new tab page redesign sports a prominent Google search field as the only real difference between it and its predecessor. The page still displays eight thumbnails of the user's most-called-on sites.

But Chrome users just didn't get it.

"If you're on Chrome, why wouldn't you just use the omnibar?" asked commenter Neil Slater, using an alternate name for "omnibox," Google's label for the combined search-address bar at the top of the browser window. "To use this new search box it takes an extra mouse click to put the cursor into the box. The cursor's already by default in the omnibar on opening a new tab."

Many commenters dismissed the change as useless, with some asking how to revert to the previous design. Others were dismayed that Google moved the Chrome Apps button—which calls up a display of the browser's installed Web apps—to the bookmark bar.

Google has faced resistance from Chrome users before when it has proposed redesigns of the new tab page. In April, Google backtracked from a refreshed new tab page that had reduced the number of thumbnails from eight to four, inserted a large Google search box, shifted the Web apps view to a button, and dumped other features, including the ability to view recently closed tabs, from the page.

Most of those changes, however, were implemented in the final new tab page that began reaching users Tuesday. The most visible that did not was the four-thumbnail view.

Users who want to restore the previous design should type "chrome://flags" in the omnibox—minus the quotation marks—locate the "Enable Instant Extended API" setting in the long list, and change it from "Enable" to "Disable."

\
16.01 | 0 komentar | Read More

Internet Explorer hackers use same tools as Bit9 attack

A criminal group exploiting the recently discovered Internet Explorer browser zero-day vulnerability has been linked to the Chinese hackers who compromised the Bit9 security platform earlier this year.

The connection between the two groups is in the command and control infrastructure used, says security vendor FireEye. Within the two infrastructures were similar malware, IP addresses, and email addresses used to register domains.

The latest attack, which FireEye has dubbed Operation DeputyDog, appears to target manufacturers, government entities and media organizations in Japan, said Darien Kindlund, manager of FireEye Threat Intelligence. The group hid IE exploits on three Japanese news sites, hoping to compromise visitors' PCs.

The compromised sites recorded more than 75,000 page views before the exploits were discovered. The attackers apparently were casting a wide net in looking for systems belonging to the desired targets. The exploit would have worked on all versions of IE, starting with IE 6.

"Maybe only a fraction of those compromised systems are really their true intended targets," Kindlund said. "The others are considered collateral damage."

Microsoft acknowledged September 17 that there was a previously unknown vulnerability in IE that was being exploited by cybercriminals on the Internet. The attack in Japan was discovered two days after Microsoft disclosed the flaw, which enables criminals to execute code on victims' computers.

Researchers have said that nearly 70 percent of Windows business users are open to attack. The threat is serious enough that experts believe Microsoft will release a fix before its scheduled monthly patch release set for October 8.

Bit9 revealed in February that its code-signing certificates had been stolen, making it possible for the thieves to bypass the vendor's security platform and run malware on customer's systems.

The certificates are used to identify trusted applications on customers' whitelists of approved software. The hackers apparently figured out a way to go around this normally effective system by going after the vendor first.

In a report released last week, Symantec identified the Bit9 attackers, dubbed the Hidden Lynx group, as a professional team of hackers for hire who have operated since at least 2009.

The group is able to run multiple campaigns at once and has breached some of the "world's best-protected organizations," Symantec said. The infrastructure and tools used by the hackers originate from network infrastructure in China.

The hackers typically use Trojans designed specifically for a pay-to-order attack to steal intellectual property.


16.01 | 0 komentar | Read More

Woz recalls his hacking pranks and online shenanigans

Apple co-founder Steve Wozniak admits he has enjoyed many adventures in hacking often for the sake of pranks on friends and family, especially back in his college days and during the early years of working on computers and the Internet.

"I like to play jokes," Wozniak said jovially as he addressed his audience of thousands of security professionals attending the ASIS Conference in Chicago last week. The famed inventor at Apple admitted he also had some fun with lighthearted forays into hacking computer and telecommunications networks several decades ago back in his college years and while learning about electronics and computers.

Curious but cautious

People with imagination in engineering are naturally drawn to the idea of finding ways to bypass security controls as part of the process of discovering how things work, and Wozniak said this was especially true of himself.

"But I never once hacked a computer for real," he told his audience, meaning his break-ins and intrusions were done in the spirit of exploration, never for profit or malice. One youthful prank involved some experimentation into a shared computer system several where he left nine pages of Polish jokes that were dumped on users.

As a young man in college, when he read an article about how tone signaling techniques could be used to manipulate telephone networks to set up calls, he said he became intrigued and had to find out more and even try it himself.  He learned more about the exact frequencies and tried them out on the telephone system. "I wanted to explore the network," he said. It was all a form of "White Hat hacking" he says he did, but never for purposes of stealing or avoiding paying bills.

As to his famous partnership with Steve Jobs, Wozniak said the two "became best friends instantly" and they shared a fascination with finding out how networks worked in sometimes unorthodox ways.

woz_jobsAppleSteve Wozniak and Steve Jobs during Apple's early days.

In pursuit of knowledge

Circumventing the controls placed by authority was sometimes part and parcel of satisfying the enormous drive he had as a budding computer engineer to experiment and grow in knowledge, he points out. Wozniak said he had a friend with the key to the college computing room and he sneaked in during the middle of the night to run his computing programs on punch cards. He admitted he also used to sneak into at least one eminent Stanford institution's lab every Sunday when it was supposed to be closed to find electronics and science manuals so he could learn more. It all just shows you "the brightest people in the world tend of leave their doors unlocked," Wozniak said.

Wozniak said many of his break-in stunts were often combined with a prank, such as when he guessed his stepson's password for the Macintosh and made the files he found hard to access, while also scheming with his wife to leave a folder marked "from Mom." "He was livid," said Wozniak about the prank.

Wozniak said one of his favorite pranks was coming up with a TV jammer that he secretly used to convince friends their TV sets were malfunctioning, while at the same time instructing them in outlandish ways to "fix" the problems—until he secretly stopped jamming their sets.

All of this youthful exuberance at the time may have occurred "because I was a geek, and had little hope of finding a girlfriend or a wife," Wozniak says.


16.01 | 0 komentar | Read More

Nokia enslaves God of Thunder, charges phone with lightning

Written By Unknown on Sabtu, 28 September 2013 | 16.00

Imagine a rain-slicked parapet, thunder roaring like the shouts of gods—and a Nokia smartphone, whose battery has run dry. Now imagine holding that phone to the sky, screaming defiance, as a bolt hurtles itself at your outstretched hand. BOOM—and you walk away unscathed, with the phone charged to maximum.

Today, that's a pretty great way to get yourself killed. Tomorrow, too. But Nokia, together with the University of Southampton, has taken the first steps to "harnessing the power of lightning for personal use."

Check out the video below, where Nokia creates an artificial high-voltage arc to demonstrate how a smartphone could eventually be charged by lightning. "That the Nokia Lumia 925 could withstand this sort of experiment is testament to the renowned high quality and durability of Nokia's devices and the company's continuing research to increase the already outstanding reliability of its products," the company said.

Quite frankly, the Lumia 925 doesn't have much to recommend it; it's essentially an update to the Lumia 920 with a bit of added panache, like a thinner body to fit your hand better and a suite of extra software features. Inside, the Lumia 925 features the same 1.5Ghz dual-core Qualcomm Snapdragon S4 processor and 1GB of RAM as its predecessor, the Lumia 920, and Nokia's most recent release, the Lumia 1020.And no, this charge-by-lightning feature won't be built in to the smartphone any time soon.

But maybe one day we'll be able to hook a metal wire to the top of our houses and instantly charge our (Microsoft) Lumia phones? Why? Because it's awesome, that's why.

Then again, Apple would probably like to point out that it's been charging phones with Lightning (the connector, not the weather phenomenon) for more than a year.

Image: Strange-Lands.com


16.00 | 0 komentar | Read More

Microsoft received 37,000 end-user data requests in first half of year

Judges and police investigators are on track to submit about the same number of requests to Microsoft for end user data this year as they did in 2012, according to figures released Friday.

Microsoft received 37,196 such requests worldwide in the first six months of the year, meaning it's on track to field about the same number of requests as last year, when just over 75,000 were submitted.

Microsoft disclosed the figures in its Law Enforcement Requests Report for the first half of 2013.

Five countries accounted for almost three-quarters of the requests: the U.S., the U.K., France, Germany and Turkey.

Microsoft said the report, which breaks down the requests by country and shows how Microsoft responded, is "valuable and useful to the community" in debating the balance between privacy and law enforcement needs.

The report doesn't include information about national security-related requests from the U.S. government, such as those made under the Foreign Intelligence Surveillance Act (FISA). It's illegal for Microsoft and other online firms to report detailed information about the type and volume of national security orders they receive.

Microsoft and other companies are suing the U.S. for permission to reveal that data, which is in the spotlight after disclosures that the National Security Agency (NSA) has collected and reviewed massive amounts of information about law-abiding citizens.

The requests potentially impacted about 66,500 Microsoft online accounts altogether, the company said. Microsoft provided "non-content data" in response to 77 percent of the requests. This can include people's names, billing addresses and IP connection data.

The company disclosed actual customer content in response to 2.2 percent, or just over 800, of the requests. That may have included photos, email messages and other documents. Most of these instances were in response to U.S. agencies, it said.

The requests affected "less than 0.01 percent" of accounts across all its services, Microsoft said. In 21 percent of the cases it did not hand over any data, the company said.

Most requests were for consumer accounts. Microsoft received 19 requests for enterprise email accounts. In four of those cases it disclosed customer data, and in one case it disclosed non-customer data. All those enterprise requests originated in the U.S.

To disclose non-content data, Microsoft requires a subpoena or equivalent order, and it must have a court order or warrant before handing over user content.


16.00 | 0 komentar | Read More

Iran accused of hacking into U.S. Navy computers

Hackers backed by Iran have penetrated an unclassified U.S. Navy network in one of the most serious incidents of cybercrime yet by the Middle East nation, according to a report Friday.

The U.S. doesn't believe important data was stolen, but the attacks showed a new level of Iranian hacking power, including the ability to access military data, U.S. officials told The Wall Street Journal. Either agents working directly for the Iranian government or an outside group with Iran's approval allegedly carried out the attacks.

The attacks came just as U.S. and Iranian officials tried to restart negotiations over Iran's alleged nuclear weapons program. President Barack Obama and Iranian President Hasan Rouhani spoke by phone on Friday.

Cybersecurity experts have said China and Russia have more sophisticated hacking abilities than Iran or North Korea but the smaller countries are more volatile threats, seeking retaliation rather than economic gain.

The U.S. carries out its own share of cyberwarfare, according to reports in the Washington Post based on documents leaked by former NSA employee Edward Snowden. Those documents showed the U.S. engaged in 231 attacks on foreign targets in 2011, the Post said.


16.00 | 0 komentar | Read More

Microsoft announces Xbox Fitness: Now get off your flabby butt and go...play Xbox?

Written By Unknown on Jumat, 27 September 2013 | 16.00

Gamers are a slothful, portly bunch, prone to chronic acne and poor hygiene—or so the stereotype goes. In reality, the hundreds of millions of gamers across the globe come in all flavors, including fitness nuts. Microsoft's announcement of Xbox Fitness late Thursday should be music to their ears.

Kinect tracks your form and pace, measuring your workout.

Xbox Fitness is an online service exclusively for the upcoming Xbox One console, and it aims to get gamers into shape. Stop me if you've heard of these big fitness names:  Tony Horton (P90X) and ShaunT (Insanity), Jillian Michaels, and Tracy Anderson.

The service is free to Xbox Live Gold members through December 2014. More precisely, it requires an Xbox Fitness Pass, which is included free to Gold members. What happens after December, or what the Fitness Pass would cost non-Gold members, has yet been revealed.

The service provides interactive workouts with the famous names and brands listed above, among others. The new Kinect reads micro-fluctuations in your skin to track your pulse without even wearing a sensor, and it watches your movements to ensure proper form and evaluate your workout. Social Challenges pit you against your friends. Screenshots show something called "FP" ("Fitness Points" perhaps?) which seems like an analog to Gamerscore, but for sweating instead of shooting.

Microsoft has partnered with the biggest names in fitness.

Beyond that, the details are slim. Are all the fitness programs included for free, or are some of them free and some available for purchase? Will you earn Achievements for reaching workout milestones? Will the workouts be expanded throughout the year? Microsoft has set up an Xbox Fitness site, but it doesn't provide much info.

With the Xbox One, Microsoft is attempting to position its living room box as something not just for core gamers, but for everyone who uses the TV. It's insistence on including Kinect with the new console (thus raising its price), has drawn the ire of core gamers. If the Xbox One can also be a sophisticated workout machine with some of the biggest names in fitness attached, it help make the case that the body- and voice-tracking device is worth the $100 premium over Sony's PlayStation 4. Xbox Fitness will be available this holiday season.


16.00 | 0 komentar | Read More

NSA admits employees spied on loved ones

Employees of the U.S. National Security Agency spied on "unfaithful" husbands, boyfriends and girlfriends using surveillance technology of the agency, according to a letter from the NSA to a U.S. Senator.

The letter from NSA Inspector General George Ellard, released Thursday by Senator Charles E. Grassley, cites 12 "substantiated instances" of the intentional misuse of the signals intelligence (SIGINT) powers of the NSA.

The misuse of NSA authorities for romantic purposes, popularly known as Loveint, was cited in various media reports as an instance of widespread compromise of people's privacy by the NSA. The Wall Street Journal reported in August that NSA officers had used the agency's "enormous eavesdropping power to spy on love interests." But General Keith Alexander, director of the NSA, on Thursday described the "claimed evidence of thousands of privacy violations" as false and misleading.

"According to NSA's independent inspector general, there have been only 12 substantiated cases of willful violation over 10 years -- essentially one per year," Alexander told a hearing on Foreign Intelligence Surveillance Authorities of the U. S. Senate Select Committee on Intelligence. "Several of these cases were referred to the Department of Justice for potential prosecution, appropriate discipline action in other cases. We hold ourselves accountable very day."

Among the cases cited in the NSA letter to Grassley is one of an employee who spied from about 1998 to 2003 nine telephone numbers of female foreign nationals without a "valid foreign intelligence purpose," and listened to collected phone conversations while assigned to foreign locations. The employee also collected the communications of a U.S. person on two occasions.

In another instance in 2004, an employee of the NSA tried "out of curiosity" a query of his home phone number and the phone number of his girlfriend, a foreign national. Although he was blocked by the system from collecting information on his phone as it was made on a U.S. person, he managed to retrieve metadata of his girlfriend's calls.

The NSA is under scrutiny after former contractor Edward Snowden disclosed that the agency was collecting records in bulk of Verizon phone customers and also had real-time access to the servers of Internet companies, a charge the companies have denied. Such dragnet surveillance is likely to lead to misuse of privacy, privacy groups have argued.

Grassley wrote in August to Ellard for details about intentional and wilful abuse of NSA surveillance powers.


16.00 | 0 komentar | Read More

Multifactor authentication available on Windows Azure

Microsoft has announced the general availability of multifactor authentication on its Windows Azure cloud platform.

Besides using a user name and password, users can authenticate through an application on their mobile device, automated voice call, and a text message with a passcode, Microsoft said Thursday.

Windows Azure multifactor authentication can be used for applications that require additional security, including on-premises VPNs and Web applications. Users have to run the multifactor authentication server on existing hardware or in a Windows Azure Virtual Machine. Users can synchronize with their Windows Server Active Directory for automated user set up.

The authentication can also be used for cloud applications like Windows Azure, Office 365, and Dynamics CRM. Users have to enable multifactor authentication for Windows Azure AD identities "with the flip of a switch," and will be prompted to set up multifactor the next time they sign-in, Microsoft said. Users can also use the Azure SDK (software development kit) to build multifactor authentication phone call and text message authentication into their application's sign-in or transaction processes.

Competitor Amazon Web Services already offers multifactor authentication free to its users for use with their AWS account. Customers are however charged if they use a physical authentication device that will need to be purchased from Gemalto.

The Microsoft service on Azure is charged at two pricing options: US$2 per user per month for unlimited authentications or $2 for 10 authentications. A promotional offer cuts the price by half until Oct. 31.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com


16.00 | 0 komentar | Read More

Stanford researchers develop first computer using only carbon nanotube transistors

Written By Unknown on Kamis, 26 September 2013 | 16.01

Researchers at Stanford University have demonstrated the first functional computer built using only carbon nanotube transistors, according to an article published Wednesday on the cover of scientific journal Nature.

Scientists have been experimenting with transistors based on carbon nanotubes or CNTs as successors to silicon transistors, as silicon is expected to meet its physical limits in delivering the increasingly smaller transistors required for higher performance in smaller and cheaper computing devices that are less power-consuming. Digital circuits based on the long chains of carbon atoms are expected to be more energy-efficient than silicon transistors.

The rudimentary CNT computer, developed by the researchers at Stanford, is said to run a simple operating system that is capable of multitasking, according to a synopsis of the article.

Made of 178 transistors, each containing between 10 and 200 carbon nanotubes, the computer can do four tasks summarized as instruction fetch, data fetch, arithmetic operation and write-back, and run two different programs concurrently.

As a demonstration, the researchers performed counting and integer-sorting simultaneously, according to the synopsis, besides implementing 20 different instructions from the MIPS instruction set "to demonstrate the generality of our CNT computer," according to the article by Max Shulaker and other doctoral students in electrical engineering. The research was led by Stanford professors Subhasish Mitra and H.S. Philip Wong.

"People have been talking about a new era of carbon nanotube electronics moving beyond silicon," said Mitra, an electrical engineer and computer scientist in a press release issued by Stanford University. "But there have been few demonstrations of complete digital systems using this exciting technology. Here is the proof."

Carbon nanotubes still have imperfections. They do not, for example, always grow in parallel lines, which has led researchers to devise techniques to grow 99.5 percent of CNTs in straight lines, according to the press release. But at billions of nanotubes on a chip, even a small misalignment of the tubes can cause errors. A fraction of the CNTs also behave like metallic wires that always conduct electricity, instead of acting like semiconductors that can be switched off.

The researchers describe a two-pronged approach called an "imperfection-immune design". They passed electricity through the circuits, after switching off the good CNTs, to burn up the metallic nanotubes, and also developed an algorithm to work around the misaligned nanotubes in a circuit.

The basic computer was limited to 178 transistors, which was the result of the researchers using the university's chip-making facilities rather than an industrial fabrication process, according to the press release.

Other researchers are also working on CNTs as they worry about silicon hitting its physical limits. IBM said last October its scientists had developed a way to place over 10,000 transistors made from the nano-sized tubes of carbon on a single chip, up from a few hundred carbon nanotube devices at a time previously possible. This density was, however, far below the density of commercial silicon-based chips, but the company said the breakthrough opened up the path for commercial fabrication of "dramatically smaller, faster and more powerful computer chips."


16.01 | 0 komentar | Read More

'Viceroi' algorithm improves detection of click fraud

A group of researchers have devised an algorithm they say could help advertising networks better detect fraudulent clicks.

Fraudsters have developed sophisticated ways to perpetrate click fraud, which involves using various methods to generate fake clicks on advertisements, defrauding advertisers. Digital marketing revenues are rapidly growing and exceeded US$36 billion in 2012 in the U.S., according to the Interactive Advertising Bureau.

Advertising networks are secretive about the technologies they use to stop click spam. Often, it involves filtering out attacks, such as if thousands of clicks on an advertisement are coming from a single IP address. But defensive moves still miss attacks, wasting advertisers' money.

The researchers' algorithm, called Viceroi, is free and can be used by advertising networks. Viceroi looks for publishers who have abnormally high per-user revenues, which may be an indication of fraud. For their experiment, Viceroi was tested with a major ad network, flagging several hundred publishers as suspects out of tens of thousands, according to their research paper.

Vacha Dave, a post-doctoral researcher at the University of California at San Diego and co-author of the paper, said in interview Thursday that per-user revenue rates at some publishers were way higher than those collected by Google or Microsoft.

Viceroi works because of the economics of click spam. In one variation of the fraud, a click spammer may pay someone else a per-install fee to distribute a dodgy search toolbar designed to direct people to their advertisements.

The toolbar's search results page is stuffed with advertisements since the click spammer wants to exploit the user as much as possible before the tool is uninstalled. But the rising per-user revenue on a publisher's site would be spotted by Viceroi.

To beat Viceroi, the "click spammers must reduce their per-user revenue to that of an ethical publisher. At which point, without the economic incentive to offset the risk of getting caught, the net effect is a disincentive to commit click spam," the paper said.

Not all publishers are necessarily at fault if they have abnormally high per-user revenues. There is a lot of traffic brokering on the Internet, and it is often hard to tell where user traffic originated from, said Saikat Guha of Microsoft Research India, who co-authored the paper. Advertising networks learn from Viceroi which publishers to investigate.

"Some of the publishers are definitely being take advantage of," Guha said. "Our job is to help them find the bad traffic."

The research paper, also authored by Yin Zhang of the University of Texas at Austin, will be presented at the ACM Conference on Computer and Communications Security in Berlin, which will be held Nov. 4-8.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk


16.01 | 0 komentar | Read More

New US bill aims to curb NSA collection of phone and other records

A bipartisan group of four U.S. lawmakers has introduced legislation that will prohibit bulk collection of phone records of Americans.

Called the Intelligence Oversight and Surveillance Reform Act, the bill introduced by Democratic Senators Ron Wyden, Mark Udall and Richard Blumenthal, and Republican Senator Rand Paul will also provide for the creation of a "constitutional advocate" to argue against the government in significant cases before the secret Foreign Intelligence Surveillance Court. It will also set up a process for making significant FISC decisions public.

Former National Security Agency contractor, Edward Snowden, disclosed through newspaper reports in June that the NSA was collecting phone metadata from Verizon customers in the U.S. as part of its surveillance, which was said to also include collection of data from Internet companies. The Internet companies denied reports that the NSA had real-time access to content on their servers for its surveillance.

Under the proposed amendments in the new bill to the Foreign Intelligence Surveillance Act, the government would still be able to obtain records of anyone suspected of terrorism or espionage, or anyone in contact with a suspected terrorist or spy. But the bulk collection of "records of law-abiding Americans with no connection to terrorism or espionage will no longer be legal," according to an explanatory brief of the proposed legislation.

An amendment to section 702 of FISA also aims to close a "back-door searches" loophole by prohibiting the government from searching through communications collected under the section to deliberately conduct warrantless searches for the emails and other communications of specific Americans. Section 702 of FISA is designed "to facilitate the acquisition of foreign intelligence information concerning non-U.S. persons located outside the United States," according to the government.

The bill also aims to strengthen a prohibition against "reverse targeting," the alleged ruse employed by surveillance agencies of targeting a foreigner in order to acquire without warrant the communications of an American who is known to be communicating with the foreigner.

The bill is just one of a number that aim to curb NSA's powers in the wake of Snowden's revelations. The U.S. House of Representatives narrowly defeated in July an amendment to a defense spending bill that would limit spending on mass surveillance by the NSA.

The amendment, proposed by Rep. Justin Amash, a Republican from Michigan, would limit spending only to orders by the FISC that collect phone and other data only of a person who is the subject of an investigation. The administration of President Barack Obama had earlier said that it opposed the "effort in the House to hastily dismantle one of our Intelligence Community's counterterrorism tools." Obama has appointed a panel of experts to review NSA surveillance.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com


16.01 | 0 komentar | Read More

Hands-on with Kindle Fire HDX, Amazon's next-generation 7 and 9-inch tablets

Written By Unknown on Rabu, 25 September 2013 | 16.00

Two years ago, Amazon introduced the Kindle Fire. It was the first affordable color tablet offered by a major hardware manufacturer, and certainly the first respectable tablet that fit in a coat pocket.

But it was also a Version 1. The first Fire was thick and heavy, and poor responsiveness was a common complaint—even among long-time Android users, who were already used to a certain gap between Thought and Action where multitouch was concerned.

On Tuesday, Amazon announced the Kindle Fire HDX. "We've learned a lot in the past two years," I was told by an Amazon rep during an afternoon of demos. And that learning is reflected in the feature sets of two Fire HDX versions, shipping in the middle of October.

Not only are Amazon's tablets faster and prettier than ever before, they're also loaded with nifty new features for "second screen" video viewing, as well as a real-time video tech support feature that must be seen to be believed.

More pixels than you'll know what to do with

The 7-inch edition has a 1920-by-1200 display boasting 323 pixels per inch, and will sell for $229 for the base 16GB model. The 8.9-inch version will run you $379, and sports a 2560-by-1600, 339 ppi display. The new screens are easier to read in harsh sunlight thanks to brighter displays, as well as a new dynamic contrast control that kicks in to increase the brightness of shadow areas in onscreen images (it works in both photos and HD video).

image: amazonBoth new Kindle Fire HDX models pack insane pixel density.

Alas, my hardware hands-on took place in Amazon's Seattle HQ, where bright sunlight was not in abundance. But shining an ultra-bright flashlight into the light sensor while a photo of the Grand Canyon was on the display caused the highlights of the image to remain steady while the HDX increased the levels of the shadows.

Another welcome addition: True, 100 percent sRGB color accuracy. I wasn't able to load my own content on the sample devices, but I'm familiar with the color performance of the 2012 Kindle, and I saw an immediate improvement. Amazon also reduced the distance between the pixels and the top cover. Put it all together, and the result is a crisp, saturated, lively screen with plenty of detail and no visible pixels to be found anywhere, even in web content.

Faster CPU, 11 hour claimed battery life

Both of the HDX models use the new quad-core Snapdragon 800 mobile CPU, running at 2.2GHz. Amazon says that the new Fires' overall performance is three times faster than that of the previous-generation hardware. The company also doubled the tablet's application memory to 2GB, which speeds multitasking.

Amazon says the HDX has the lowest touch latency of any Android tablet. That's a hard claim to prove, but I'm not inclined to scoff at it. The improvements were immediately obvious the moment I took the 8.9 incher for my first spin. Between the Snapdragon CPU and the tablet's OS upgrade to Android Jelly Bean, the Fire's touch latency issues have disappeared. The interface was zippy, even when scrolling through carousels of HD images.

It's clear that Amazon wanted to kill the latency problem with weapons far more substantial than harsh language.

Despite the pixel-packed display and faster CPU, the Fire HDX still delivers roughly 11 hours of mixed-use operation, according to Amazon. The company has also optimized the book reader app for low-power consumption by using only a single CPU core, and by shoving content into special low-power memory. Result: 17 hours of battery life as an e-reader, Amazon says.

The 8.9-inch HDX gets a new 8-megapixel, f2.2 rear-facing camera that shoots stills and video, enhanced with an LED illuminator. A new custom camera app supports HDR shooting and panoramas. Though one's expectations of a tablet camera ought to be low-ish, the component on the 8.9-inch HDX seemed to take decent, smartphone-grade photos, based on my observation of Amazon's sample pix.

(That said, their gallery didn't include any images of squirrels. Clearly, the jury is still out.)

Sharper edges, but feels great in the hand

Amazon has traded the conventional rounded-edges motif of last year's Fires for sharper angles. The engineers have also thankfully decided that the Fire's power and volume buttons should no longer be closely guarded secrets. Those buttons are now big, clearly labeled, and mounted on the back plate of the tablet, where my fingers instantly found them.

The styling of the HDX tablets reminded me of the old Motorola XOOM tablet—but much, much slimmer and more stylish.

image: andy ihnatkoNew origami-style covers are available for both Fire HDX models.

One element of the physical design made such an impression on me that I ended the word on my notebook page with an exclamation mark and embellished it with a circle: LIGHT! The 8.9-inch HDX feels almost bafflingly lightweight at 13.2 ounces. That makes it almost 10 ounces lighter than the 9.7-inch iPad, and only barely heavier than the 10.88 ounce iPad Mini.

It feels great in the hand. No doubt some people will think it feels "cheap," but anybody who spends hours reading books or watching movies on a tablet will love the overall lack of the sensation of heft. The HDX is "gloriously, unapologetically plastic," to steal a line from someone getting a lot of press this month.

Amazon is also rolling out a set of Origami-style covers for both Kindle HDX models. These are ultra-slim cases that can be folded and re-folded into portrait and landscape-type stands with deep or shallow angles, thanks to embedded magnets that hold the various folds together.

Software renovation

Amazon claims to have given the Fire's software a floor-to-ceiling rehab. You might say that the Fire team uses Android as inspiration for its own work instead of as a library of code that must be ported. Its made substantial back-end improvements, particularly in the graphics pipeline: It's clear that Amazon wanted to kill the latency problem with weapons far more substantial than harsh language.

And, yes, now "Fire" is a formally named OS, not "the operating system formerly known as 'whatever it is that Amazon does to Android'."

Many long-desired features are now part of Fire OS 3.0. And, yes, now "Fire" is a formally named OS, not "the operating system formerly known as 'whatever it is that Amazon does to Android'." Its carousel view is backed up by an additional grid view for speeding through apps and content. A future update will allow you to group content into collections. New accessibility features make the Fire's interface and content available to people with impaired vision.

The now-iconic hamburger button has spread to the Fire, revealing a slide-out tray for menus and system settings.

And Fire 3.0 has been enterprise-hardened with new support for VPN services, Kerberos authentication, and remote device management. Keyboards and other input devices are easier to use. Enterprise email and on-device encryption are here in 3.0, and wireless printing is coming soon.

Seeing the content behind the content

The signature ginchiness of the Fire has always been its focus on content. To the Fire design team, the users' focus should be on the books they want to read, the TV shows they want to watch, and the documents that they want to edit. That's why the content items are always presented front-and-center—instead of the apps the user needs to launch in order to use them.

Amazon has upped its already considerable game by introducing big enhancements to the Kindle's X-Ray feature. X-Ray is a collection of tools intended to help users see and appreciate the content behind the content. When it showed up as a feature for the Kindle book reader, it made it easier to follow the many characters in a sprawling novel. For example, if you saw a familiar name in a George R. R. Martin novel and thought "I thought he was dead already," X-Ray could clear everything up for you right then and there.

image: andy ihnatkoWant to buy the soundtrack of a show or movie you're watching? X-Ray makes that easy.

On the Fire HDX, X-Ray adds canonical song lyrics to the music player. Lyrics scroll in time with playback, and can be searched, and also used as links to scrub to specific spots in the tune.

X-Ray enhancements to the Fire's video player are way more ambitious. But first, let's talk about second screens. Amazon Instant Video now works intimately between the Fire HDX and Amazon Instant connected devices. Instead of just being able to continue watching a movie on your living room TV from the point you left off on your Fire earlier in the day, you can also "throw" the content from the Fire and use the tablet as a dedicated second screen for X-Ray-fueled supplemental content.

Caveat: The feature doesn't work with all TVs and streaming boxes. Amazon announced support for the Xbox 360 and One, PlayStation, and certain Samsung TVs, with other compatible devices to be announced. Nonetheless, once you've managed to get it working, it works the same way: Your TV is now responsible for streaming your program, leaving your tablet's CPU and battery free from anything taxing.

During my hands-on demo, Amazon opened up an episode of "Boardwalk Empire" and threw it from the Fire. The tablet's screen shifted to X-Ray mode, with multiple tabs representing different kinds of content.

image: andy ihnatkoX-ray also shows you who's playing whom, in real-time as you're watching content on the big screen.

Second-screen data in a flash

As I watched, the screen kept pace with the scenes unfolding on the TV. Who are those characters? Thumbnails appeared, properly labeled. No, actually, I meant who are those actors? The character thumbnails were replaced with IMDB headshots. (And now, for the first time, I have seen what Michael Shannon looks like with hair. His head is buzzed when he's Agent Nelson Van Alden or General Zod.)

image: andy ihnatkoThe second-screen experience in action.

"Boardwalk Empire" is a music-heavy show. Sure enough, every time a new tune appeared on the soundtrack, the Fire HDX told me what it was, and who composed it.

It also offered me a handy link to where I could buy the track or the album on Amazon, of course. Typically, I would make a testy comment about how Amazon probably wrote the "Always Be Closing" speech from the beginning of "Glengarry Glen Ross." And I probably should. But the fact is that I'm always buying music that I first heard on shows like this.

X-Ray also pulls data from the Trivia section of your movie or TV show's IMDB page. As with the rest of the added content, it also throws it onto the Fire's screen at the appropriate moment. Now, as a lover of film, I'm supposed to write a long screed about how this sort of intrusion is emblematic of how unworthy our species is of the art that's all around us. But again, I must be honest and say that I almost always visit the IMDB page of a movie for more information.

Mayday, mayday!

X-Ray is an interesting feature, even a useful one. But the Kindle HDX's new "Mayday" button is by far its most intriguing.

You'll find it in the main system tray, right next to the Home button. Push it. A little floating window appears above your content. And less than 14 seconds later, the window contains live video chat with an Amazon tech support person, who's now asking you what he or she can help you with today.

Jeff Bezos showed me the Mayday feature in a conference room. It appeared to be one of those "pride and joy" moments that you sometimes see from a CEO when he finally gets to talk publicly about something that genuinely excites him.

There are things I've heard during my various tech briefings that have led me to believe I've misheard something. "Every Kindle HDX comes with free, 24/7 live video support" was one of those things. My live demo took place a month before the HDX even goes on sale. I realize this. But if this is the best that the feature can do, then its best is very, very good.

The helper—yes, a real live person, not an avatar—could hear me but couldn't see me. I could ask him how to connect my Bluetooth keyboard to the Fire HDX. He could see my screen and could draw on it to guide me through the steps. The helper could also (with my approval) take control and operate my device, setting the keyboard up for me as I watch.

Jeff Bezos showed me the Mayday feature in a conference room. It appeared to be one of those "pride and joy" moments that you sometimes see from a CEO when he finally gets to talk publicly about something that genuinely excites him. He ran through an extended demo and even asked the remote helper for esoteric recommendations: "What game should I get?"

"I am so terrified for your people when this feature goes live," I said, thinking about every tech support session I've given to every friend, family member, and friend of a family member ever.

Live video support in less than 14 seconds

Press a button. Get connected to a live person (again, the target time is less than 14 seconds). Ask him or her anything. It would appear that these people will field questions of a "what game should I get?" nature by helping them find and use the Kindle's built-in features for producing personalized recommendations. This rather than talking about personal adventures playing Angry Birds Star Wars 2.

Amazon already has a battle-tested international support system. Yes, it will have specialists ready to cover the whole spectrum of languages, and the Mayday feature will be available in every country where the Fire HDX is sold.

Still, it seems like an open-ended invitation for the angry, the insane, the lonely, and every other incidental character appearing in Randy Newman's song catalog to come out and dance.

Amazon CEO Jeff Bezos is a tech-support aficionado.

And then there are the inevitable privacy concerns. Let's say that you're having a problem exporting the photos you took using your 8.9-inch HDX's spiffy new camera. You don't want this stranger at Amazon to see photos of your kids at the beach.

I asked about this scenario—while a helper was onscreen, actually. Well, it turns out you can ask the helper to close his or her view of your screen while you do whatever you need to do (like enter a password, or hide some personal messages from your Inbox).

It seems like a half-solution. A user is going to want to feel as though he or she has full privacy controls. I would have been more pleased to see a big, angry-looking toggle switch that I could tap at any time to shut the helper's eyes.

It's worth pointing out that Mayday features only activate when a session has been initiated by the user. Otherwise, it's not possible for Amazon to observe your screen or hear anything going on around your device.

Of course, it would be incredible if Amazon were lying about something so… actionable. The reality isn't the problem, anyway: It's the perception, and Mayday is of no use to anybody who's afraid to engage it.

The last new product Amazon announced on Tuesday is something we've seen before but it's well worthy of mention: A 7-inch Kindle Fire with last year's hardware specs is now just $139.

I appreciate the nod toward the budget-minded consumer. One kind of elegance and innovation involves adding new power and features while maintaining the old price point.

Another kind involves delivering great performance to a group of users who had previously been shut out of the latest tech revolution due to economic circumstances. I'm glad to see both types represented in today's news.


16.00 | 0 komentar | Read More

Indian biometric ID project faces court hurdle

A controversial biometric project in India, which could require people to produce their biometric IDs to collect government subsidies, has received a significant setback from the country's Supreme Court.

The court ruled this week in an interim order that people cannot be required to have the controversial Aadhaar identification to collect state subsidies, even as the Unique Identification Authority of India (UIDAI), the government agency that manages the project, has been trying to promote the Aadhaar number as proof of identity for a variety of services including banking.

The UIDAI has said that the scheme is voluntary, but some states and agencies have attempted to link the identification to the implementation of programs such as cash subsidies for cooking gas that benefit even the middle and richer classes.

"I signed up for Aadhaar only to ensure that I continue to get a gas cylinder at reasonable rates," said an executive in Bangalore who had queued up a few months ago for an Aadhaar number. The state of Maharashtra, for example, aims to be the first state in the country to roll out Aadhaar-linked subsidy transfers to LPG (liquified petroleum gas) consumers across all the districts in the state.

Pending a final order, the court ruled that "....no person should suffer for not getting the Adhaar card inspite of the fact that some authority had issued a circular making it mandatory...."

UIDAI Chairman Nandan Nilekani did not immediately agree to discuss the court order.

The Aadhaar project is the result of an executive order, and is not backed by a law passed by India's Parliament, so its legality can be in question, said Pavan Duggal, a cyberlaw expert who practices before India's Supreme Court. The project could be in violation of the country's Information Technology Act and rules which cover collection, handling and processing of sensitive personal data, he added.

Aadhaar, though said to be voluntary, could also be in violation of fundamental rights of the Indian constitution relating to right to life and privacy, as a perception is being created that the ID will be required for subsidies and benefits, Duggal added.

The government should have considered getting an enabling law passed by Parliament for the data collection as also a strong privacy law to prevent misuse of Aadhaar related data and collation of multiple databases using Aadhaar, because of the privacy issues involved and its implications on fundamental rights, said Pranesh Prakash, Policy Director at the Centre for Internet and Society in Bangalore.

The biometric project, which collects 10 fingerprints, iris scan and other information such as name, date of birth and address, has been criticized by a number of privacy groups who worry that the data could at some point be misused by the government. There is also a risk that such large databases could be hacked, putting at risk information of people. It is not clear what are the measures taken by UIDAI to protect the authenticity and correctness of the biometric information, and prevent access by foreign powers, Duggal said.

The Aadhaar number now allows different agencies including private organizations to collect and exchange data between them, which may be useful to marketers, for example, Prakash said. Previously, it wasn't practical as the agencies would have difficulty ensuring that the information was about the same person, he added.

The Supreme Court has also ruled that illegal immigrants should not be enrolled under the Aadhaar program, which is meant to facilitate subsidized services to Indian citizens. The Aadhaar, which does not collect citizenship information, is likely to be misused by illegal migrants, activists have said.

One of the many challenges facing the Aadhaar program is that village-level politicians and influence peddlers cook up data to enroll under subsidy schemes people who are not eligible for benefits, or people who are nonexistent. The traditional paper ration card scheme and voter rolls are usually stuffed with nonexistent people or people who do not typically qualify for benefits.

Aadhaar was expected to remove these discrepancies by more accurate collection of data on people who enrolled under the scheme. But a number of users have complained that the Aadhaar cards they have received have errors in their names, addresses and other details. One newspaper reported that an Aadhaar applicant received a card that had the face of a dog in place of his photograph.

UIDAI aims to provide 600 million Aadhaar numbers to residents by 2014.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com


16.00 | 0 komentar | Read More

Roku channels its efforts into updated hardware, new content options

It's that time of year again. The leaves begin falling from the trees. The air gets a little crisper. You start looking silly wearing your summer clothes. And, of course, consumer electronics get refreshed for the wait-what-it's-here-already holiday season.

On Wednesday, Roku updated three-quarters of its streaming set-top models with designs that match the Roku 3, improved features, and a new content partner that's important enough to garner a coveted button spot on the Roku remote—all at the same prices as before.

Roku1, 2, 3…and LT!

Joining the existing $100 Roku 3 are a new version of the $50 Roku LT, the new $60 Roku 1 (replacing the 2 HD), and the new $80 Roku 2 (replacing the 2 XD). The new models all take on the indented-hockey-puck look of the Roku 3. Feature-wise, the Roku 2 gains a headphone jack on the remote for private listening, as well as dual-band W-Fi, both previously available only on the top-of-the-line Roku 3. The Roku 1 supports 1080p video, lowering the bar for higher HD resolution to the $60 point in Roku's lineup—and leaving the Roku LT as the only model that tops out at 720p. The Roku 3 remains the premier model with a faster processor, ethernet and USB ports, and a motion-control remote for gaming.

RokuThe new face of remote control.

The other new feature, preloaded on the LT, 1, and 2 models, is the addition of the M-Go channel, an on-demand movie and TV show rental/purchase service from DreamWorks and Technicolor. The M-Go channel will roll out to the other models—Roku LT (models 2400 and 2450), HD (model 2500), 2 HD, 2 XD, 2 XS, and 3, as well as the Roku Streaming Stick—starting in October. As with many other channels, billing will be tied to your Roku account, so you won't need to set up a separate account for M-Go content. M-Go customers on Roku will also get two free movie rentals to try out the service. (Note that M-Go is available only in the U.S.)

To show how serious M-Go and Roku are about the partnership, M-Go is getting a dedicated launch button on the new Roku remotes, alongside Netflix, Amazon, and Blockbuster. M-Go tries to distinguish itself from other non-subscription video services (Vudu, iTunes Store, Amazon, and so on) by focusing on features related to personal relevance: custom lists (Cards) for quick access to favorite shows, movies, actors, and directors; the capability to fine-tune recommendations; and even links to other services that offer the content you're looking for. M-Go is currently available on a number of smart TVs, certain Google TV hardare, Android devices, and via a Web browser.

RokuM-Go finds a new friend in Roku.

All three new Roku models will be available in October in the U.S., Canada, the U.K., and Ireland. Roku also announced that the Roku 3 will be available in the same non-U.S. markets starting Wednesday.

Although the Apple TV recently gained several new channels, Roku remains the undisputed king of content with more than 1000 channels in the U.S., and more than 450 in Canada, the U.K., and Ireland. According to the company, Roku customers streamed a staggering 1 billion hours of content in 2012, at an average of 13 hours per week per user.


16.00 | 0 komentar | Read More

BlackBerry messenger for Android and iPhone will not roll out this week

Written By Unknown on Selasa, 24 September 2013 | 16.01

BlackBerry's messenger app for Android and iPhone will not roll out this week as the company struggles to block an unreleased version of the Android app that affected its system.

The smartphone maker said Saturday it had paused the global rollout of Android and iPhone versions of its BBM app after the unreleased version of BBM for Android was leaked on numerous file-sharing sites.

"This older version resulted in volumes of data traffic orders of magnitude higher than normal for each active user and impacted the system in abnormal ways," wrote Andrew Bocking, head of BBM at BlackBerry, in a blog post on Monday. The version the company was planning to release on Saturday addressed the issues, but BlackBerry could not block users of the unreleased version if it went ahead with the launch, Bocking wrote.

As active users of the unreleased app neared 1 million, and were increasing, BlackBerry decided that the only way to address the issue was to pause the rollout for both Android and iPhone versions of the app. Besides modifying the system to completely block the unreleased version of the Android app when it goes live with the official BBM for Android app, the company also wants to reinforce its system to handle similar scenarios in future, Bocking wrote.

"This will take some time and I do not anticipate launching this week," he added.

BlackBerry said Saturday that customers who had already downloaded BBM for iPhone will be able to continue to use the service, while the unreleased Android app would be disabled. The company said earlier this month that BBM, once exclusively available to users of BlackBerry phones, would start rolling out to iPhone and Android phone users worldwide from Saturday.

A consortium led by Canada's Fairfax Financial Holdings offered Monday to acquire BlackBerry in a deal that values the company at US$4.7 billion. The proposal is backed by BlackBerry's board of directors.

The crisis in the rollout of the BBM for iPhone and Android is just one of many problems affecting the company which last week said it would take almost $1 billion in charges mainly on unsold BlackBerry Z10 handsets, and lay off around 4,500 staff and reduce the number of phone models it sells from six to four.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com


16.01 | 0 komentar | Read More

US FDA to regulate only medical apps that could be risky if malfunctioning

The U.S. Food and Drug Administration intends to regulate only mobile apps that are medical devices and could pose a risk to a patient's safety if they do not function as intended.

Some of the risks could be unique to the choice of the mobile platform. The interpretation of radiological images on a mobile device could, for example, be adversely affected by the smaller screen size, lower contrast ratio and uncontrolled ambient light of the mobile platform, the agency said in its recommendations released Monday. The FDA said it intends to take the "risks into account in assessing the appropriate regulatory oversight for these products."

The nonbinding recommendations to developers of mobile medical apps only reflects the FDA's current thinking on the topic, the agency said. The guidance document is being issued to clarify the small group of mobile apps which the FDA aims to scrutinize, it added.

The recommendations would leave out of FDA scrutiny a majority of mobile apps that could be classified as medical devices but pose a minimal risk to consumers, the agency said.

The FDA said it is focusing its oversight on mobile medical apps that are to be used as accessories to regulated medical devices or transform a mobile platform into a regulated medical device such as an electrocardiography machine.

"Mobile medical apps that undergo FDA review will be assessed using the same regulatory standards and risk-based approach that the agency applies to other medical devices," the agency said.

It also clarified that its oversight would be platform neutral. Mobile apps to analyze and interpret EKG waveforms to detect heart function irregularities would be considered similar to software running on a desktop computer that serves the same function, which is already regulated.

"FDA's oversight approach to mobile apps is focused on their functionality, just as we focus on the functionality of conventional devices. Our oversight is not determined by the platform," the agency said in its recommendations.

The FDA has cleared about 100 mobile medical applications over the past decade of which about 40 were cleared in the past two years. The draft of the guidance was first issued in 2011.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com


16.01 | 0 komentar | Read More

Twitter fixes Tweet button issue that downloaded a torrent file

Some Twitter users were surprised Monday when they clicked a button to share content from third-party websites but instead downloaded a mysterious torrent file.

Twitter said the problem, which users said affected websites including TechCrunch.com, FT.com and Businessinsider.com, has been fixed, and the Tweet buttons are now functioning normally.

As is the case when something strange happens, users suspected either Twitter or one of its technology partners had been compromised. Twitter uses several content delivery networks (CDNs) to serve content and improve the site's performance.

Twitter did not indicate the cause of the issue but said in a statement "to our knowledge, the torrent file was not malicious."

A torrent is a small information file that coordinates the download of content on the BitTorrent peer-to-peer file-sharing system. Torrent files are not malicious, but hackers have been known to disguise malware by making their program looks like legitimate files in the hope that people will launch them.

Twitter's sharing buttons are widely used across websites and allow users to easily share a link to content on a website by posting a link to their Twitter feed.

When a Tweet button is clicked, a JavaScript file is requested. The Tweet button isn't actually hosted on Twitter.com but instead on CDNs, according to the company.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk


16.01 | 0 komentar | Read More

Oracle's Ellison promises 'ungodly' database speed with new in-memory option

Written By Unknown on Senin, 23 September 2013 | 16.01

Oracle CEO Larry Ellison has thrown his gauntlet down in the burgeoning market for in-memory computing, announcing a new option for Oracle's flagship database at the OpenWorld conference in San Francisco. The in-memory option delivers "ungodly" performance improvements, Ellison claimed, and targets both transactional and analytic workloads. "When you put data in memory, one of the reasons you do that is to make it go faster," Ellison said Sunday. Oracle had a goal of 100 times faster queries for analytics and a doubling in throughput for transaction processing with the in-memory option, Ellison said. Transactions run better in a row-store database, while analytics are much faster when the system uses a column-based store, Ellison said. Oracle Database 12c stores data in both formats simultaneously, and the information is consistent, he added. "When you update one you always update the other," Ellison said. "The data is consistent between those two formats." "There's actually very little overhead in maintaining the column store in-memory in addition to Oracle's traditional row store," he added. While it has been known for some time that Oracle would be making an in-memory announcement at OpenWorld, the specific details were vague until Ellison's speech on Sunday. He stressed that it would be quite easy for Oracle database users to turn on the in-memory option. "You say how much memory you want to use in the computer, tell me what partitions or tables to be in memory, and drop your analytic indexes," Ellison said. "Queries run 100 times faster and updates, inserts run two, three times faster." Customers who choose to keep their Oracle database for transaction processing and then use a specialized columnar database for analytics would have to rewrite their applications, retrain staffers and then hope everything works, he added. "The alternative is [Oracle's in-memory option]," Ellison said "Flip a switch and all of your applications run much, much faster. Every application you wrote, every application you bought, runs without a single change." What Ellison's speech strangely lacked was any of his traditional attacks directed at competitors, particularly SAP, which has been pushing its own HANA in-memory database as an alternative for customers now using Oracle underneath their SAP installations. Microsoft and IBM are also rolling out in-memory database technologies. Still, the fact that Ellison stressed that customers would face little disruption, along with major benefits, if they use the in-memory option was no accident, as he'd obviously rather keep those customers in the fold rather than lose them to competing in-memory technologies. Continuing the in-memory theme, Ellison also announced a new member of Oracle's "engineered system" family dubbed the M6-32 Big Memory Machine. It contains 32TB of DRAM, uses new SPARC M6 chips that have double the cores of the M5 chips they replace, and is available now, Ellison said. "It's the fastest machine in the world for databases stored in memory," he claimed. The Big Memory Machine costs US$3 million, a sum Ellison termed as "a fraction" of what competitors charge. But what Ellison didn't mention is that Oracle's engineered systems must be loaded with many expensive Oracle software licenses, particularly its database, which carry lucrative ongoing annual maintenance fees for the vendor and bring the total system cost much higher than that for the hardware. Ellison ended his talk by announcing another new product called the Oracle Database Backup, Logging, Recovery appliance. "You're probably asking me who is the genius who named that product," Ellison said of the dry, albeit self-explanatory moniker. "I did. That's why they pay me the big bucks."

Oracle is also offering the product as a cloud service through its public cloud, Ellison said. More than 60,000 people are expected to attend OpenWorld, which runs through Thursday.


16.01 | 0 komentar | Read More

LinkedIn denies harvesting user email accounts without permission

LinkedIn denied over the weekend charges that the company breaks into the email accounts of its members without permission to harvest contacts' addresses.

A class action complaint by four users has charged the professional networking site with hacking into their external email accounts and downloading addresses of their contacts for monetary gain by repeatedly promoting its services to these contacts.

Paul Perkins, Pennie Sempell, Ann Brandwein, and Erin Eggers charged LinkedIn with breaking into "its users' third party email accounts, downloading email addresses that appear in the account, and then sending out multiple reminder emails ostensibly on behalf of the user advertising LinkedIn to non-members."

The so-called hacking of the user's email account and download of addresses is done without "clearly notifying the user or obtaining his or her consent," which is likely to emerge as the crux of the case.

LinkedIn does not access a user's email account without the user's permission, and claims that it hacks or breaks into members' accounts are false, Blake Lawit, senior director of litigation at LinkedIn wrote in a blog post on Saturday. LinkedIn never deceives by "pretending to be you" in order to access the user's email account, Lawit wrote.

"We never send messages or invitations to join LinkedIn on your behalf to anyone unless you have given us permission to do so," he added.

New users signing in to LinkedIn are asked for the external email address as their user name, though they aren't told what it will be used for, according to the complaint filed last week in U.S. District Court for the Northern District of California.

If a LinkedIn user leaves an external email account open, LinkedIn is said to pretend to be that user and downloads the email addresses in that account to LinkedIn servers, according to the complaint. Linkedln is able to download the addresses without requesting the password for the external email accounts or obtaining users' consent, according to the complaint.

If the LinkedIn user has logged out from his email applications, the network requests the user name and password of an external email account to ostensibly verify the identity of the user, and then, without notice or consent, attempts to access the user's external email account to download email addresses, according to the complaint.

Linkedln does not inform its users that email addresses harvested from a user's external email account will be sent multiple emails inviting the recipient to join Linkedln with the user's endorsement, the complaint said. Users have complained to Linkedln about its "unethical harvesting" of email addresses and repeated spamming of those addresses, according to the complaint, which asks the court for damages and an order prohibiting LinkedIn from continuing its "wrongful and unlawful acts."

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com


16.00 | 0 komentar | Read More

German hackers say old technique can bypass Apple's Touch ID

Apple's Touch ID authentication system can be defeated using a well-honed technique for creating a latex copy of someone's fingerprint, according to a German hacking group.

The Chaos Computer Club (CCC), which hosts an annual hacking conference and publishes computer security research, wrote on its blog that their experiment shows that fingerprint authentication "should be avoided."

Apple introduced Touch ID with its latest high-end iPhone 5S on Sept. 10. A person's "fingerprint is one of the best passcodes in the world. It's always with you, and no two are exactly alike," according to the company's website.

A hacker who goes by the name Starbug found that while Touch ID scans at a higher resolution, it can be beaten by increasing the resolution of the victim's fingerprint.

The CCC posted a video of what it wrote is a successful attack. Faking the print involves photographing the victim's fingerprint at 2400 DPI. The image is inverted and laser printed at 1200 DPI onto a transparent sheet using a "thick toner setting," according to the CCC.

Pink latex milk or white wood glue is smeared into the pattern created the toner. After it cures, a sliver of latex is lifted from the sheet, and blowing on it gives a bit of moisture like that on a human finger. It then can be placed on the iPhone's fingerprint sensor, the CCC wrote.

The technique is not new. "This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market," the CCC wrote. Apple officials did not have an immediate comment on the CCC's findings.

Security experts have long warned that fingerprint authentication should not be solely relied upon, but rather used in concert with other technologies. Photos of fingerprints and molds have successfully bypassed fingerprint checks.

Touch ID is intended to reduce the number of times a person must enter a passcode, but Apple still requires a passcode in some circumstances, such as restarting the phone and if the devices hasn't been unlocked in two days.

Changes to the fingerprint settings also require a passcode, which can be configured to be longer and more complex than four digits.


16.00 | 0 komentar | Read More

Symantec identifes 'Hidden Lynx' as hackers co-op

Written By Unknown on Minggu, 22 September 2013 | 16.01

Symantec believes it has connected the dots to link a single Chinese hacking group dubbed "Hidden Lynx" to a series of high-profile APT-driven cyberattacks on U.S. interests, including the infamous Aurora hacks of 2009 as well as this year's compromise of security firm Bit9.

The firm's white paper (PDF) about the group describes a large team of between 50 and 100 professionals working on a professional hacker-for-hire basis. This would make the group even more significant than the APT1/Comment Crew hacking group that has become the media face of Chinese state-sponsored hacking.

According to Symantec, since 2009 Hidden Lynx has targeted hundreds of organizations around the world, focusing more than half its effort on the U.S., with smaller campaigns against targets in Taiwan, Hong Kong, Japan, and even mainland China itself.

This is a group that seems to do a bit of everything, picking off organizations in every sector with a particular interest in corporate espionage against finance, government, ICT, education, and healthcare.

"This broad range of targeted information would indicate that the attackers are part of a professional organization," said Symantec in its white paper. "They are methodical in their approach and they display a skillset far in advance of some other attack groups also operating in that region, such as the Comment Crew."

A recent incident Symantec connects them to in forensic detail is the February attack on a code-signing certificate server inside the network of whitelisting firm Bit9, conducted using the stealthy Backdoor.Hikit Trojan, one from a clutch of such malware favored by the group.

A second prominent campaign was what became known as the VOHO watering hole attacks publicized by RSA in 2012 before mentioning its "affiliation" to the Aurora attacks on Google and several others in late 2009.

Symantec

Symantec lays out evidence that the group worked in departments, each responsible for different elements of attacks, commanding different Trojans to individual ends, sometimes requiring large numbers of people to control attacks. It is also able to access advanced zero-day vulnerabilities, the sort saved up by black hats for a rainy day.

If Hidden Lynx is a business it has certainly been busy.

"From the evidence seen, it's clear that Hidden Lynx belongs to a professional organization. They operate in a highly efficient manner. They can attack on multiple fronts. They use the latest techniques, have access to a diverse set of exploits and have highly customized tools to compromise target networks," Symantec concluded.

The revelation, if that's the right way to describe Symantec's insight, is that it sheds some intriguing light on the different groups that seem to operate from inside China, possibly in competition with one another. The warning served by Hidden Lynx is that this group appeared to be a successful business model likely to be copied by others, Symantec said.

If Symantec is correct that Hidden Lynx is connected to the Aurora attacks, they have traced the group that kicked off the U.S. vs China age of advanced persistent threats (APTs) in the first days of 2010. It was at that moment that the scale what had been occurring became apparent to the world. It also dragged the US business world and public opinion into an awareness of what cyberattacks could mean in geo-political and economic terms.


16.01 | 0 komentar | Read More
techieblogger.com Techie Blogger Techie Blogger