FBI 'concerned' by phone encryption

26 September 2014 Last updated at 12:39

Plans by Apple and Google to do more to protect customers' privacy have made the FBI "very concerned".

Speaking to reporters, FBI boss James Comey said the plans to enable encryption by default could thwart law enforcement investigations.

Lives could depend on police forces continuing to get access to the data on devices used by criminals and terrorists, he said.

The FBI was talking to both Apple and Google about its fears, said Mr Comey.

Protect privacy

The conversations with tech firms needed to be had before the day when police forces lost access to those devices, he said.

"I'd hate to have people look at me and say, 'Well how come you can't save this kid?' 'How come you can't do this thing?'" said Mr Comey in a briefing.

His comments came in reaction to a decision by Apple to enable a file encryption system on its iOS 8 software for which it has no keys. This means it would not be able to comply with any official request to help police get at the data on those devices.

Google has said it too is planning to enable a similar encryption system by default on the next version of Android.

Mr Comey said he was "very concerned" about these plans because of what they would allow people to do.

"What concerns me about this is companies marketing something expressly to allow people to place themselves beyond the law," he said.

"I am a huge believer in the rule of law, but I am also a believer that no-one in this country is beyond the law," he added.

Apple and Google have yet to respond to Mr Comey's comments.

Ten days prior to Mr Comey's press statement, iOS data forensics expert Jonathan Zdziarski pointed out that Apple's encryption system would not stop police getting at data on portable devices.

Specifically weakening security systems just to aid the police was a bad decision, he said.

"For the sake of privacy and overall security, the only logical solution is to make products as secure as possible, and let good detective work do the crime solving, rather than an easy button," he wrote in a blogpost.

23.22 | 0 komentar | Read More

Yahoo prodigy opts for university

24 September 2014 Last updated at 14:08 By Leo Kelion Technology desk editor

The British teenager who sold his app for millions of pounds to Yahoo has decided to go to university in the UK rather than work full-time for the tech firm in California.

Nick D'Aloisio said he would, however, still continue to work on its news app.

The 18-year-old had previously managed to combine development of the service with his A-level studies.

Yahoo News Digest has been downloaded more than two million times, according to analytics firm Xyo.

"I am thrilled to be attending Oxford University in England where I will study computer science and philosophy," Mr D'Aloisio said.

"I'm excited to simultaneously complete my college degree while continuing part-time to manage Yahoo News Digest - especially at such an exciting time for summarisation, artificial intelligence and wearables."

Mr D'Aloisio told the BBC earlier this month that the team he managed at Yahoo was developing a version of the news summary app for both Apple Watch and smartwatches running Google's Android Wear.

The Londoner was only 16 years old when he secured a $250,000 (£154,000) investment in his text summary software from Hong Kong billionaire Li Ka-Shing.

A few months later Yahoo acquired the technology and his services, in a deal reported to be worth £20m.

Since taking up the role of project manager for the news app, the teenager has spoken at several high-profile public events including Yahoo's keynote address at the Consumer Electronics Show in January and O2's Campus Party in September.

A spokeswoman for Yahoo said he should now be able to get involved in the BBC's computer coding initiative - a series of television shows and other events designed to encourage people to learn to program - next year, "time permitting".

23.22 | 0 komentar | Read More

Blackberry rethinks the keyboard

24 September 2014 Last updated at 15:00 By Leo Kelion Technology desk editor

Please turn on JavaScript. Media requires JavaScript to play.

WATCH: Rory Cellan-Jones tries out the Blackberry Passport

Blackberry has launched a distinctive handset featuring a square screen and a keyboard that offers both physical keys and touch-enabled gesture controls.

It said work-focused users in particular should benefit from the Blackberry Passport's innovations.

Sales of the company's handsets - which are powered by its own operating system - have been in decline.

Analysts said the new device should appeal to existing Blackberry owners but might struggle to win over others.

The Canadian company's chief operating officer said the handset's release was part of a broader turnaround strategy led by John Chen, who became chief executive in November.

"You're going to see us be very focused," Marty Beard told the BBC.

"Potentially, in the past we got a little too broad a little too aggressively.

"Our target segment is more enterprise-focused. It's the power professional. It's someone who wants to be productive.

"Those users tend to be in regulated industries like banking or healthcare or government. We know those segments really well - in a way it's getting back to the Blackberry roots."

Push and swipe

The Passport got its name because its dimensions resemble a thick version of the travel document.

It has a 4.5in (11.4cm) touchscreen with a resolution of 453 pixels per inch - higher than Apple's iPhone 6 Plus, but lower than Samsung's Galaxy Note 4.

Blackberry suggests documents are easier to edit because of the extra width provided by having a square screen, even if it is less suited for watching video.

The keyboard buttons are also touch-sensitive. This allows gesture-based shortcuts that were previously restricted to Blackberry's all-screen devices.

For example, swiping a finger quickly leftwards along the keys deletes the previous word, while sliding a thumb along them more slowly moves the cursor in the same direction.

In addition, users can select from three anticipated words - shown near the bottom of the screen - by flicking upwards beneath the desired one. This saves having to type the text in full.

"In some cases it takes a while to learn it, because even if you're familiar with a Blackberry it's a little bit different because it's that combination of physical plus virtual," acknowledged Mr Beard.

"So there may be that learning curve in the beginning, but it's well worth it, and once people learn it they are flying."

One expert who has tested the handset supported the claim.

"It certainly made me respond more eloquently to emails rather than just triaging them with a 'Yes, no, I'll call you back or see you later'," said Shaun Collins, founder of the telecoms consultancy CCS Insight.

"However, it's going to divide opinion - it gives you the Blackberry experience on steroids. But for a broader audience it will be a curiosity."

The phone is being sold at an "introductory rate" of $599/£529/649 euros.

Sales slump

Blackberry's own figures indicate it sold about 1.6 million smartphones over the three months to June.

That compares poorly with the 6.8 million handsets it sold in the same quarter in 2013, and 13.2 million over the corresponding period in 2011.

Its fortunes contrast with the wider smartphone market, which has expanded.

Having pioneered the sector, the company now accounts for only 1% of sales in the UK, according to research firm Kantar Worldpanel.

Even so, one company watcher said Blackberry still had appeal to certain organisations, even if they had not purchased its other recent releases in large numbers.

"The key markets it holds are financial services and security-oriented industries," said Martin Bradley from Strategy Analytics.

"Blackberry continues to offer the most secure end-to-end communications architecture in the mobile market, and its devices provide business users with that reassurance."

Voice commands

Other features introduced by the handset and its new operating system - Blackberry 10 OS 10.3 - include:

• Access to the Amazon Appstore - the phone can run the 240,000 Android apps it contains. But the store lacks some popular products, including photo-sharing network Instagram, and newly released games, such as Fifa 15, both found on Google Play
• Blackberry Blend - this allows certain tasks on the phone to be controlled by a wi-fi-connected PC or tablet that does not store the data involved, letting users take advantage of bigger screens when available
• Blackberry Assistant - a facility that recognises voice commands and speaks back in English, French, German, Spanish and Italian
• A 3,450 mAh battery - this is bigger than most of its rivals, and allows the Passport to promise up to 25 hours of mixed use

The company has also added a new, tougher level of encryption to messages sent via its BBM messaging app to protect them from eavesdropping and manipulation.

"We've already got a lead - we're not going to sit on our laurels," said Mr Beard.

He added that Blackberry also intended to add encryption to voice calls made between its devices in the future but it was "still to be decided" if this function would come to the Passport.

23.22 | 0 komentar | Read More

BT claims big broadband speed boost

25 September 2014 Last updated at 12:52

BT is claiming to have made a "big breakthrough" with fibre broadband, which could see homes and businesses see speeds rise to 1Gbps (gigabit per second).

A trial of so-called G-Fast technology has managed download speeds of 800Mbps (megabits) and upload speeds of 200Mbps.

The trial is significant because it utilises existing technology.

BT has been criticised for its continued use of copper lines.

So-called Fibre to the Cabinet (FTTC), which uses a combination of fibre and copper lines, is BT's preferred technology for broadband rollout.

It is significantly slower than Fibre to the Premises technology (FTTP) but is much cheaper to deploy.

FTTC also gets slower over distance because it relies on copper for the last part of the connection.

It means homes that are further away from BT's green street cabinets will have slower speeds.

BT claims that the new technology can achieve good speeds over longer lines of 66m (216ft), which it said encompasses 80% of connections.

G-Fast technology has been tested at BT's research laboratory at Adastral Park in Ipswich. It is due to open a new ultrafast broadband lab where it will continue to test its potential.

BT said commercial equipment could be available from manufacturers by December 2015, but the company has made no decisions about rolling the technology out yet.

The new technology could also be useful to businesses which currently rely on dedicated lines that run on ethernet.

"We see G-Fast as a very promising technology with significant potential," said Dr Tim Whitley, managing director of research at BT.

"BT has a long history of pushing the boundaries in telecommunications, from the earliest days of the electric telegraph to today's global fibre networks, and it's crucial that we stay ahead of the curve for the benefit of our customers and shareholders."

Rival Virgin Media is also experimenting with new ways to boost speed - including a trial in a Cambridgeshire village, using narrow-trenching.

The method means engineers can lay the cable faster and the trial to 100 houses in the area achieved 1Gb speeds.

Need for speed

Ovum analyst Matthew Howett thinks the technology could be beneficial to both consumers and businesses.

"Given the huge costs involved in a full fibre solution, and the challenging economic environment, it's important to make the most of, and extend the life of technologies already deployed - in the most cost effective way," he said.

"This should result in quicker wins for consumers and businesses at a favourable price."

The debate about how much speed consumers and businesses need has grown louder in recent months.

The Federation of Small Businesses (FSB) recently said that the government's target to have superfast speeds of at least 24Mbps in 90% of homes by 2017 lacked ambition and needed a rethink.

It called for a minimum of 100Mbps by 2030.

Labour has also jumped on the speed bandwagon and pledged to increase broadband speeds if it wins the next election.

23.22 | 0 komentar | Read More

Facebook drones the size of planes?

By Anna Doble Newsbeat online editor

Facebook is considering flying giant drones above us as the social network "figures out how to connect the world".

Not flying overhead just yet... this is a Chinese stealth drone

The idea to develop huge unmanned aircraft comes from Facebook's Connectivity Lab, set up by company founder Mark Zuckerberg.

The aim is to make the internet available to two-thirds of the world's population who can't currently get online.

They say expanding internet access would create another 140 million jobs.

And they say it could help lift 160 million people out of poverty, and reduce child mortality.

The lab's engineering director Yael Maguire revealed the drone plan at the 2014 Social Good Summit in New York.

Yael Maguire at the 2014 Social Good Summit

He didn't actually use the word "drone" but said that unmanned "planes roughly the size of a commercial aircraft, like a 747" would serve as huge connectivity hubs and could one day stay up in the air for months, even years, at a time.

Maguire explained: "In order for us to fly these planes we actually have to fly above the weather, above all airspace. That's between 60,000 and 90,000 feet. Routinely, planes don't fly there, and certainly not drones."

He said the aircraft will be much lighter, adding that one of the models being worked on by the Connectivity Lab is the length of "about six or seven Priuses, but is the weight of four of the tires of a Prius".

To continuously provide wi-fi coverage the planes will be powered by the sun.

Maguire added that the aircraft could be tested in the US as early as next year, although the strict rules around unmanned aircraft could slow down that process.

How one of Facebook's drones could look

Facebook is not the only tech firm exploring the use of drones.

Google is known to be building and testing autonomous aerial vehicles to use for goods deliveries at its secret development centre, Google X, in California.

Google is also looking at balloons to bring internet access to remote parts of the world.

DHL has begun delivering by drone to a remote island in Germany.

And Amazon has created "Octocopters" to deliver parcels to its customers in the US.

Follow @BBCNewsbeat on Twitter and Radio1Newsbeat on YouTube

23.22 | 0 komentar | Read More

Apple says bent iPhones are 'rare'

25 September 2014 Last updated at 20:31 By Leo Kelion Technology desk editor

Please turn on JavaScript. Media requires JavaScript to play.

WATCH: Marc Cieslak puts the iPhone 6 Plus through some stress tests, in an unscientific experiment

Apple has responded to claims that its new handsets are prone to bending by saying such damage would be "rare" during normal use.

Media outlets across the globe had reported that several iPhone 6 owners had complained of handsets becoming misshapen after being carried in trousers pockets without a case.

Several of the US firm's rivals have also helped publicise the claims.

Apple said nine customers had told it their iPhone 6 Plus phones had bent.

In a statement the company noted that the handsets' shells had been constructed out of "anodised aluminium, which is tempered for extra strength" and also featured stainless steel and titanium parts to reinforce the areas of the phones likely to experience the most stress.

"We chose these high-quality materials and construction very carefully for their strength and durability," it added.

"We also perform rigorous tests throughout the entire development cycle.

"iPhone 6 and iPhone 6 Plus meet or exceed all of our high quality standards to endure everyday, real life use.

"With normal use a bend in iPhone is extremely rare and through our first six days of sale, a total of nine customers have contacted Apple with a bent iPhone 6 Plus. As with any Apple product, if you have questions please contact Apple."

The BBC understands that one of the checks that Apple had carried out before launching the models was a "sit test", which is designed to simulate the effects of a user sitting down on a hard surface with the phone in their back pocket thousands of times over the course of several years.

Please turn on JavaScript. Media requires JavaScript to play.

Russell Holly, who works for tech site geek.com, told the BBC on Wednesday that his iPhone 6 had bent

The company also carried out a torsion test, which involved clamping a phone at both ends and then applying a twisting force 8,000 times.

Stock drop

Apple's share price has fallen following the publicity generated by users posting photos of bent iPhones to the internet.

News that it had also pulled an iOS 8 operating system update after iPhone 6 users complained it made their phones unable to make or receive calls had also caused concern.

However, one analyst highlighted that the company had been much quicker to respond to reports about bending than it had back in 2010, when customers complained about the iPhone 4 dropping calls when gripped on its left-hand side.

"It took too long in the antenna case - I don't know if this is organisational memory or not, but here Apple is going out and saying it did do tests and is stating the facts," said Ken Dulaney, who covers the mobile phone sector for the research firm Gartner.

"But this is probably something Apple has to look into more.

"It probably did all the tests it said it did - I don't ever find that Apple really lies about anything - but I think the people reporting the problem aren't lying either."

Apple's competitors have taken advantage of its troubles.

The official Twitter accounts of LG, HTC and Samsung have all posted messages alluding to the controversy, with LG going so far as to use the hashtag "bendgate", which other members of the public had used to refer to the claims.

Record demand

Apple had previously announced that it had sold more than 10 million units of the iPhone 6 and its larger sibling the iPhone 6 Plus.

"While our team managed the manufacturing ramp better than ever before, we could have sold many more iPhones with greater supply and we are working hard to fill orders as quickly as possible," its chief executive Tim Cook said in a press release on Monday.

It highlighted the "all-new dramatically thin" design of the handsets - a factor some users had speculated might be the cause of them bending.

However, it has also been pointed out that handsets by Sony, Samsung, Blackberry and others have also bent in the past, and several analysts have cautioned that it was too early to say if the incidents involving the new iPhones were more widespread.

23.22 | 0 komentar | Read More

Skills boost for creative industries

26 September 2014 Last updated at 00:37 By Judith Burns Education reporter, BBC News

The creative industries and government have pledged cash to fill a skills gap and train "work ready" games designers, animators and visual effects artists.

The Next Gen Skills Academy will provide "cutting edge training" in a sector worth at least £71bn a year to the UK economy.

Ed Vaizey, Minister for Culture and the Digital Economy, made the announcement at the EGX games show at Earls Court.

Mr Vaizey said the aim was to "continue to grow this industry".

He described the creative sector as "a powerhouse within the UK economy" but said employers often found it hard to recruit staff who were up-to-speed with the latest technologies.

Skills gap

He said the academy would "work on the skills gap in a constantly changing industry".

Some of the UK's leading visual effects, animation and games employers have pledged money and resources worth £3.6m over three years towards the project, with government funding bringing the total to £6.5m.

Industry backers include Framestore, Pinewood Studios, Sony Computer Entertainment Europe, Centroid, Double Negative, Ubisoft Reflections and Moving Picture Company.

Jo Twist, chief executive of the games industry trade body, UK Interactive Entertainment (Ukie) said the industry-led academy would ensure "courses will be kept immediately up-to-date".

From next year, the academy will design and deliver a range of new courses up to degree level in the skills the creative industries need.

Initially the aim is to train some 1,320 people to degree level, including 150 higher level apprentices.

It will also deliver more than 1,000 short courses for people who need to update and extend their skills.

The courses will be delivered online and by a network of further education colleges, headed by Amersham and Wycombe College, a specialist in the field.

Ms Twist called for better careers advice specifically relating to the games industry which employs an estimated 1.7m people throughout the UK.

"We need to make sure that parents, teachers and students know they can have a career in this country in games.

"It's not just a hobby."

Michael Davis, chief executive of the UK Commission for Employment and Skills said: "When employers work in partnership they can accomplish great things.

"This academy is an example of how, by getting together and discussing their skills needs, businesses have managed to create something bigger and better than they could have achieved on their own."

Business Secretary Vince Cable said: "Visual effects and games in particular are a great British success story. But if we're to maintain our cutting-edge position, we need to make sure that we have the talent and skills the industry needs."

Meanwhile, new figures specifically for the games industry suggest it alone may be worth more than double the government's current estimate.

A report from Ukie and the innovation charity Nesta, suggests that there are currently some 1,900 games businesses in the UK with a total economic value that "could be as much as £1.72bn - double previous estimates".

In 2012, the Department of Culture, Media and Sport estimated the value of the industry at £946m.

23.22 | 0 komentar | Read More

US allows use of drones for filming

26 September 2014 Last updated at 04:46

Please turn on JavaScript. Media requires JavaScript to play.

A look at the BBC's 'Hexacopter'

The US Federal Aviation Administration (FAA) has granted permission to six television and movie firms, allowing them to use drones to shoot scenes.

The groundbreaking ruling reverses previously tight restrictions on the commercial use of unmanned aircraft systems (UAS) - also known as drones, within US airspace.

But there are restrictions.

The UAS cannot operate at night, and the aircraft need to be inspected before each flight.

Continue reading the main story

We are thoroughly satisfied these operations will not pose a hazard to other aircraft or to people and property on the ground"

End Quote Michael Huerta FAA

The US Transportation Secretary Anthony Foxx said: "Today's announcement is a significant milestone in broadening commercial UAS use while ensuring we maintain our world-class safety record in all forms of flight.

"These companies are blazing a trail that others are already following, offering the promise of new advances in agriculture and utility safety and maintenance."

The six companies had asked the FAA to grant them exemptions from regulations which address general flight rules, pilot certificate requirements, manuals, maintenance and equipment mandates.

In their applications the firms said the operators will hold private pilot certificates, keep the UAS within line of sight at all times and restrict flights to the "sterile area" on the set.

"The applicants submitted UAS flight manuals with detailed safety procedures that were a key factor in our approval of their requests," said FAA Administrator Michael Huerta in a statement.

He added, "We are thoroughly satisfied these operations will not pose a hazard to other aircraft or to people and property on the ground."

The FAA is currently working on an approval process for a seventh company, Flying-Cam, which filed for exemptions in June.

Approved by FAA: Using drones for filming

• Astraeus Aerial
• Aerial MOB
• HeliVideo Productions
• Pictorvision Inc
• RC Pro Productions Consulting
• Snaproll Media

Drone mania

Usually confined to military use, drones are increasingly being integrated into the strategies of companies outside the area of defence.

Late last year US online retailer Amazon announced the company was testing unmanned drones to deliver goods to customers.

The drones, called Octocopters, could deliver packages weighing up to 2.3kg to customers within 30 minutes of them placing the order, according to Amazon chief executive Jeff Bezos.

However, he added that it could take up to five years for the service to start.

Meanwhile Google has built and tested autonomous aerial vehicles, which it believes could be used for goods deliveries.

The project is being developed at Google X, the company's clandestine tech research arm, which is also responsible for its self-driving car.

Project Wing has been running for two years. Google said that its long-term goal was to develop drones that could be used for disaster relief by delivering aid to isolated areas.

23.22 | 0 komentar | Read More

Web attacks exploit Shellshock bug

26 September 2014 Last updated at 11:39

Please turn on JavaScript. Media requires JavaScript to play.

Liam O'Murchu, Symantec: "US government has rated this 10 out of 10 from severity point of view"

A series of attacks on websites and servers using the serious Shellshock bug has been spotted.

Millions of servers use software vulnerable to the bug, which lets attackers run commands on that system.

So far, thousands of servers have been compromised via Shellshock and some have been used to bombard web firms with data, said experts.

The number of attacks and compromises was likely to grow as the code used to exploit the bug was shared.

The Shellshock bug was discovered in a tool known as Bash that is widely used by the Unix operating system and many of its variants, including Linux open source software and Apple's OSX.

Apple said it was working on a fix for its operating system and added that most users would not be at risk from Shellshock.

Attackers have been spotted creating networks of compromised machines, known as botnets, that were then put to other uses.

Honeypots

One group used their Shellshock botnet to bombard machines run by Akamai with huge amounts of junk data to try to knock them offline. Another group used its botnet to scan for more machines that are vulnerable.

Evidence of the scanning and attacks came from honeypots run by security companies. These are computers that have been set up to look vulnerable but which catch information about attackers.

Jaime Blasco, a researcher at security firm AlienVault, said its honeypot had seen scans and attacks that used Shellshock. The scans simply informed attackers that a server was vulnerable, he wrote, but others attempted to install malware to put that machine under an attacker's control.

The control that Shellshock gave to attackers made it potentially more of a problem than the serious Heartbleed bug discovered in April this year, said security researcher Kasper Lindegaard from Secunia.

Continue reading the main story

"This is going to unfold over the coming weeks and months"

End Quote Marc Maiffret BeyondTrust

"Heartbleed only enabled hackers to extract information," he told tech news site The Register. "Bash enables hackers to execute commands to take over your servers and systems."

The seriousness of the bug has also led governments to act quickly. The UK government said its cybersecurity response team had issued an alert to its agencies and departments giving Shellshock the "highest possible threat ratings".

It had this rating, said the alert, because vulnerable systems would "inevitably" include machines that formed part of the UK's critical national infrastructure.

The US and Canada are believed to have issued similar alerts and told technology staff to patch systems as quickly as possible. Amazon, Google, Akamai and many other tech firms have also issued advisories to customers about the bug.

As well as software patches for vulnerable systems, security firms and researchers are also producing signatures and filter lists to help spot attacks based around it.

Early reports suggest up to 500 million machines could be vulnerable to Shellshock but, wrote Jen Ellis from security firm Rapid7, this figure was now being revised downwards because of the "number of factors that need to be in play for a target to be susceptible".

"This bug is going to affect an unknowable number of products and systems, but the conditions to exploit it are fairly uncommon for remote exploitation," said Ms Ellis.

Marc Maiffret, chief technology officer at security firm BeyondTrust, expressed a similar view.

"There is a lot of speculation out there as to what is vulnerable, but we just don't have the answers," he said. "This is going to unfold over the coming weeks and months."

23.22 | 0 komentar | Read More

Google urged to change privacy rules

26 September 2014 Last updated at 16:30

European data privacy regulators have put renewed pressure on Google to alter its privacy policy.

It follows changes to the policy two years ago which regulators felt breached European rules.

Among other things, it says Google must tell users exactly what data is collected and with whom it is shared.

Google said it was working with regulators to "explain its privacy policy changes".

The dispute has been running since March 2012 when Google consolidated its 60 privacy policies into one and started combining data from YouTube, Gmail and Google Maps.

Users were given no means to opt out of the changes.

Although Google has not been directly accused of acting illegally, it has been accused of providing "incomplete and approximate" details raising "deep concerns about data protection and the respect of the European law".

Google did make some changes to its privacy policy in March this year, linking to individual services from its main privacy document.

"It has made some changes but our investigation won't end until we believe it is fully compliant," said a spokesman for the UK's information commissioner's office (ICO).

In a letter addressed to Google's chief executive Larry Page, the European Union's data protection working party wrote: "Google must meet its obligations with respect to the European and national data protection legal frameworks and has to determine the means to achieve these legal requirements."

A spokesman for Google told the Reuters news agency that it was looking forward to discussing the new guidelines.

"We have worked with different data protection authorities across Europe to explain our privacy policies," he said.

'Shameful'

Regulators in Italy, France, Spain, Germany, Britain and the Netherlands have launched investigations into Google's privacy policies and, in January, France fined Google 150,000 euros (£117,000) for failure to comply with its privacy rules.

"It is disappointing that two years of deliberation has led to the preparation of a document that is the equivalent of selling cucumbers to the gardener," said Anna Fielder, chairwoman of trustees at campaign group Privacy International.

"The guidelines are fundamental basics that Google should have implemented years ago, and the weakness of the language used in framing this will mean Google will do nothing to comply.

"These guidelines are doing nothing more than stating the obvious, and it is shameful that it took the Article 29 Working Party two years to come up with something that Google should already have been complying with," she said.

23.22 | 0 komentar | Read More

US military contractors hit by hacks

18 September 2014 Last updated at 13:54

Hackers associated with the Chinese government broke into the computers of airlines and military contractors over 20 times in a single year, according to the US Senate.

The attacks were allegedly targeted at systems that move troops and equipment.

They included breaking in to computers on a commercial ship and uploading malicious software on to an airline's computers, the Senate report alleged.

Chinese officials denied the allegations.

A year-long investigation was concluded in March, but the findings have only just been made public.

In a 12-month period from June 2012, it found evidence of about 50 cyber-attacks on military contractors.

Of those, 20 were attributed to "an advanced persistent threat", a term associated with attacks on governments. All were attributed to China.

The report did not disclose the names of the affected contractors.

"These peacetime intrusions into the networks of key defence contractors are more evidence of China's aggressive actions in cyberspace," senator Carl Levin, chairman of the committee, said.

Chinese embassy officials in Washington questioned the report, calling the accusations "groundless".

The row between China and the US over cyber-attacks has been a long-running one.

The Chinese government has previously accused US spies of infiltrating its computer networks.

In May the US government accused five Chinese military members of hacking into and stealing trade secrets from the computers of several large US companies.

Clearinghouse

The latest report revealed that officials had only been told about two of these incidents. It also found that US government agencies had failed to share the information about the attacks among themselves.

This lack of transparency from contractors has raised questions and prompted calls for new procedures about how such hacks are reported.

Senator Jim Inhofe, who sits on the committee, called for a central clearinghouse to make it easier for contractors to report suspicious cyber-activity.

According to the report, contractors are only required to report network-level cyber-intrusions.

Paul Dignan, from security firm F5 Networks, said: "A lot of attacks target end-users with malware so that they can piggyback on legitimate access to the network.

"Firms use lots of security vendors but there are also lots of gaps and, without adequate integration, it is these gaps that will be exploited."

23.22 | 0 komentar | Read More

eBay attack puts its buyers at risk

17 September 2014 Last updated at 15:32 By Leo Kelion Technology desk editor

EBay has been compromised so that people who clicked on some of its links were automatically diverted to a site designed to steal their credentials.

The spoof site had been set up to look like the online marketplace's welcome page.

The US firm was alerted to the hack on Wednesday night but removed the listings only after a follow-up call from the BBC more than 12 hours later.

One security expert said he was surprised by the length of time taken.

"EBay is a large company and it should have a 24/7 response team to deal with this - and this case is unambiguously bad," said Dr Steven Murdoch from University College London's Information Security Research Group.

The security researcher was able to analyse the listing involved before eBay removed it.

He said that the technique used was known as a cross-site scripting (XSS) attack.

It involved the attackers placing malicious Javascript code within product listing pages. This code in turn automatically redirected affected users through a series of other websites, so that they ended up at the page asking for their eBay log-in and password.

Users only had to click the original listing to have their browser hijacked.

"The websites the user is being redirected to are almost certainly compromised by the attacker to hide his or her traces," Dr Murdoch explained.

He added that the fake page the users were ultimately delivered to contained code that had the potential to carry out further malicious actions.

"EBay is pretty competent, but obviously it has been caught out here," he said.

"Cross-site scripting is well within the top 10 vulnerabilities that website owners should be concerned about."

A spokesman for eBay played down the scope of the attack.

"This report relates only to a 'single item listing' on eBay.co.uk whereby the user has included a link which redirects users away from the listing page," he said.

"We take the safety of our marketplace very seriously and are removing the listing as it is in violation of our policy on third-party links."

However, the BBC identified that a total of three listings had been posted by the same account involved.

At least two of them produced the same redirect behaviour. The third was removed by eBay, along with the other two, before it could be checked.

Delayed reaction

The issue was originally identified by Paul Kerr, an IT worker from Alloa in Clackmannanshire who is also an "eBay PowerSeller".

He called the firm shortly after he had clicked on a listing for an iPhone and been redirected.

"The advert had been up for 35 minutes," he told the BBC.

"When I spoke to the lassie on the phone, she said: 'I'm going to report that to the highest level of security to get it looked into.' And she did emphasise that.

"They should have nailed that straight away, and they didn't."

Mr Kerr identified the problem because the web address of the page he was sent to was unusual. He screen-grabbed a video of the attack, which he uploaded to YouTube as evidence.

He added that other less tech-aware users might not have realised the danger they were in.

"It's guaranteed - you can bet your bottom dollar that somebody's going to click on that and be redirected to a third-party site and they're going to enter their details and be compromised," he said.

"You don't know how many of the hundreds of thousands of people who use eBay will have done that."

This is not the first technical setback eBay has suffered in recent months.

The site has experienced several periods when members have been unable to sign into their accounts and have received incorrect password alerts.

In May, the firm made users change their passwords after revealing that a database containing encrypted passwords and other non-financial data had been compromised.

In addition, it announced in July that 1,600 accounts on its StubHub ticket resale site had been broken into resulting in a scam that defrauded the service of about $1m (£600,000).

23.22 | 0 komentar | Read More

Users frustrated by Apple iOS update

18 September 2014 Last updated at 16:27

Apple iPhone and iPad users have taken to social media to express their frustration over installing the company's latest software update.

Many have resorted to deleting photos, videos and other files in order to free up space for the new version of Apple's mobile operating system, iOS8, which requires up to 5.8GB of storage.

Apple has also removed apps for its new health software because of a bug.

One expert said Apple's updates were often prone to "teething problems".

Some vexed Apple users took to Twitter to express their annoyance, at one point causing the subject to be trending above the Scottish referendum.

David Roberts tweeted: "This update would be great... If you didn't have to delete half of the stuff on your phone just to install it."

Daniel Zennon took a more humorous approach, tweeting: "So Apple put the #U2 album on everybody's phone and then tell them they don't have enough space for the #iOS8 upgrade".

This is not the first time Apple users have had trouble with iOS updates.

In 2012, the iOS6 update caused some users to lose their apps, and others lost photos and messages when updating to iOS7 last year.

As well as requiring a lot of storage, the latest version, iOS8, does not include apps that run with Apple's new HealthKit service, which is designed to work with third-party wearable health devices.

The software was originally scheduled for release in iOS8, but has been pulled while Apple works on fixing a bug.

David Price, online editor at Macworld UK, told the BBC the issues were not "really a surprise".

"There's always a rush on the servers on launch day, some delays, and usually some teething problems," he said.

"That's why we always recommend that people wait a day or two before updating."

Apple users can avoid the need to free up storage space for the latest update by upgrading their software via iTunes on a Mac or PC, instead of through the phone or tablet itself.

Additionally, much of the free space required by the update is made available again once the installation process has completed.

Privacy pledge

In a separate development, Apple has taken steps to reassure users that it takes privacy seriously, by vowing that it would not hand over data to government authorities.

In an open letter, the firm's chief executive, Tim Cook, underlined that Apple's philosophy was "great customer experience shouldn't come at the expense of your privacy".

The message came as Apple's iCloud storage service continued to come under intense scrutiny following the leaks of private pictures belonging to celebrities such as Jennifer Lawrence.

"I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services," said Tim Cook.

"We have also never allowed access to our servers. And we never will."

The firm also emphasised that protected data stored on devices running iOS8 cannot be handed over to law enforcement agencies, as Apple does not have the option of overriding a user's own passcode.

23.22 | 0 komentar | Read More

Skin printer and bee probe win award

17 September 2014 Last updated at 23:10 By Leo Kelion Technology desk editor

A sun-powered cooker, a printer that 3D prints "skin", a wheelchair that lets disabled people stand upright and a bee prober are among the latest winners of the James Dyson Awards.

The inventions are among those picked to represent various nations in the engineering prize.

Their makers were challenged to "design something that solves a problem".

More than 600 entries from 18 countries were entered into this year's competition.

It was open to university level students and recent graduates.

The contest is run by the James Dyson Foundation, a charity created by the vacuum cleaner creator to help young people develop engineering skills.

In an age when crowdfunding sites, such as Kickstarter and Indiegogo, exist to champion inventions that have yet to go on the market, such competitions still serve a valuable purpose, said one expert.

"The James Dyson Award provides a platform to showcase some of the very best new innovations in science, engineering and technology," Dr William Webb, deputy president of the Institution of Engineering and Technology, told the BBC.

"Whilst some of the entries might not make it beyond the prototype stage, the award provides a crucial role in encouraging new engineering talent, which the UK and other countries around the world so desperately need."

Below are a selection of the winners, which along with some of the runners-up will compete for a cash prize to be announced on 6 November.

Bump Mark (UK):

Please turn on JavaScript. Media requires JavaScript to play.

WATCH: Solveiga Pakstaite shows off Bump Mark to BBC's Spencer Kelly

Food labels filled with gelatine become bumpy to signal if the food inside has spoiled.

Current expiration dates are not always accurate - for example they do not take account of the fact that the meat, juice or vegetables inside might not have been refrigerated properly.

Bump Mark tackles the problem by allowing the producer to set the gelatine to decay at the same rate as the package's contents - the higher the concentration, the longer it takes to turn from a solid into a liquid.

Once the gelatine has changed state, bumps built into the plastic underneath can be felt, providing a tactile safety check.

Mima (Germany):

Kit to inspect a beehive without having to open it up.

The measuring instrument is inserted into the hive, and then a pneumatic system allows the apiarist to select a single bee, which can be examined in isolation at length.

The idea is that this minimises disruption to the hive's climate, reducing the risk that the other insects will stop work.

The creators suggest Mima could be used to understand the increase in bee colony collapses.

PrintAlive BioPrinter (Canada):

A device to 3D print complex structures that mimic the epidermal and dermal layers of human skin.

These can be used to close the wounds of severe burn victims in order to help them recover.

The machine works by placing two types of human cell - keratinocytes and fibroblasts - layer-by-layer into a hydrogel to create the desired patterns.

The designers say early tests suggest that the resulting 3D-printed "skin" can be used to reduce the amount of time doctors need to wait before attempting to graft on real skin taken from a different part of the victim's body.

Miito (Netherlands):

A device that heats liquid in a glass or other container, helping reduce wastage and cleaning.

The product consists of an induction base that plugs into the mains, which heats a rod placed inside the vessel.

Miito does not have an on/off button - instead it powers down when the base detects that the rod is not present or that the liquid has boiled.

Caturix (Switzerland):

A new fastening mechanism for backpacks that is designed to be safer than existing alternatives for mountaineers.

The system places the straps of the bag into a cross, with a buckle at the centre that can be split to allow the bag to be taken off with just one hand.

The idea is to minimise the risk involved in unpacking food, drink and emergency equipment when the climber is at a precarious spot.

Solari (Italy):

Offering an alternative to barbeque and camping stoves, Solari promises to be an eco-friendly way to cook food outdoors.

The portable device is designed to use solar power to heat meals for between four to six people within a few hours.

It works by letting in light through its transparent lid, which then passes through a lens that directs it around an aluminium shell.

The design also incorporates a temperature gauge that transmits information about the food's progress to a smartphone app.

Qolo (Japan):

A vehicle for people with disabled lower limbs that allows them to move while both sitting down and standing up, and to move between the two positions.

Rather than rely on expensive and heavy motors, the machine uses the person's upper body motion to transfer them from one position to the other.

Qolo also uses a similar mechanism to help them move location: by tilting their upper-body forward they start travelling forward, and if they twist to one side the chair turns that way.

TipTapTop (France):

A tap gadget designed to encourage children to wash their hands, which also saves water in the process.

TipTapTop contains an infrared sensor that starts the water flow when it detects a hand underneath and also triggers a "jolly" music jingle.

When the child removes their hands to add soap, the water stops but the music continues playing to remind them they need to follow up the initial rinse.

Only after they have returned their hands, wiped off the soap and removed them again to dry their skin will the music and water switch off, ending the cycle.

Oralux (Austria):

A device that combines a doctor's tongue stick with a light source.

The light is automatically switched on by attaching a disposable, sterile stick to the handle, and is deactivated when the stick is subsequently discarded.

The idea is that Oralux frees up one of the doctor's hands and allows them to avoid touching the stick while it is in use.

Uplift (US):

A personal shopping trolley that can be collapsed and loaded into a car's boot without having to remove the goods carried inside.

Uplift's aluminium frame helps it remain lightweight, while its bright silicone handles both protect the kit and make the owner more visible.

The designer says it would be targeted at aging adults.

Vax ID (Belgium):

A device intended to make it easier to administer vaccinations to a specific layer of skin.

The designers say medical staff often struggle to find the right depth and angle when using existing syringes to carry out intradermal vaccinations, which are less painful and can obtain an improved immune response when compared to intramuscular or subcutaneous injections.

After Vax ID's plunger is used to deliver a dose of antigens, the needle returns to the body of the device and cannot be reused.

This reduces the risk of needlestick injuries to staff, and prevents medics transmitting diseases from one patient to another.

Remora (Spain):

A biodegradable fishing net system.

An additive added to the net causes it to start breaking apart after four years, to address the problem of abandoned "ghost nets" that pose a threat to the marine environment.

Remora also incorporates RFID (radio-frequency identification) tags. These are scanned when the net is retrieved so that the fishermen can get an instant report from an associated app about whether parts have ripped off.

This tells them if they need to search the surrounding sea to find the lost parts.

Home Hydroponic System (Russia):

Five levels of LED-lit, water-and-nutrient-fed containers that provide a way to grow vegetables and fruits in the home or at schools.

The wires and hoses are hidden inside the apparatus, which is intended to be visually pleasing so that it can be left out in view.

The owner can opt to combine different parts of the Home Hydroponic System to suit how much space they have and the amount of produce they want to grow.

The designers suggest that tomatoes, peppers, strawberries and herbs are some of the fresh produce that could be grown up to three times faster than in soil outdoors.

Nutria (Ireland):

A system to connect a feeding tube to a patient's face without using tape, which can become an irritant.

Nutria also makes use of a terahertz radiation microchip to display the exact position of the tube inside the person's body on a smartphone app.

If the nurse or doctor who fits the patient with the apparatus takes a scan each time, software can then be used to highlight if any of the medics commonly fit the tube incorrectly.

23.22 | 0 komentar | Read More

Microsoft cuts more than 2,000 jobs

18 September 2014 Last updated at 20:52

Microsoft has confirmed another 2,100 redundancies as part of a plan to cut 18,000 jobs, some 14% of its workforce.

The software giant said 747 jobs will go in the Seattle area, with the rest spread across its global operations.

Microsoft had already cut 13,000 jobs, with the bulk at the Nokia phone division bought by the US company.

In July, chief executive Satya Nadella announced radical plans to move Microsoft away from software to online services, apps and devices.

Microsoft, which has about 127,000 people on its payroll, will take a charge of between $1.1bn (£672m) and $1.6bn for costs related to the cuts.

Microsoft said in a statement that the latest cuts "are spread across many different business units, and many different countries".

In an email to staff in July, Mr Nadella said that the "difficult but necessary" cuts are part of a plan to bring a new direction to the technology company.

"The first step to building the right organisation for our ambitions is to realign our workforce," he said.

Microsoft completed its takeover of Nokia's phone division in April in a move that strengthened its position in mobile devices. The cost was around $7.5bn.

23.22 | 0 komentar | Read More

Oracle boss Larry Ellison steps down

19 September 2014 Last updated at 00:14

Oracle boss Larry Ellison is stepping aside as chief executive after 37 years at the helm of the software giant.

Mr Ellison, estimated to be the world's fifth wealthiest man, becomes chairman and chief technology officer, remaining an influential presence at the company.

Mark Hurd and Safra Catz have been named as successors, and become co-chief executives.

Mr Ellison, 70, co-founded what would become Oracle with Bob Miner and Ed Oates in 1977.

In a statement, Oracle board president Michael Boskin said: "Larry has made it very clear that he wants to keep working full time and focus his energy on product engineering, technology development and strategy.

"Safra and Mark are exceptional executives who have repeatedly demonstrated their ability to lead, manage and grow the company. The directors are thrilled that the best senior executive team in the industry will continue to move the company forward into a bright future."

Ms Catz will run the manufacturing, legal and finance operations at Oracle, while Mr Hurd will be in charge of the sales, service and business units.

The software and hardware engineering teams will continue to report to Mr Ellison.

Fortune

"The three of us have been working well together for the last several years, and we plan to continue working together for the foreseeable future," said Mr Ellison.

The shake-up comes at a critical time for Oracle, which is trying to adapt to technological upheaval in the business software market.

Many corporate customers are shifting to cloud computing instead of paying licensing fees to install programs on machines kept in their own offices.

FBR Capital Markets analyst Daniel Ives said: "While there was some speculation Larry could step down, the timing is a bit of a head scratcher in our opinion."

Forbes magazine has put Mr Ellison's fortune at $51.3bn, with much of it tied up in Oracle, where he owns about 25% of the company. He co-founded the firm with $1,200 of his own money.

A close friend of the late Apple co-founder Steve Jobs, Mr Ellison antics away from Oracle kept him in the news. This included his personal financing of the winning team in last year's dramatic America's Cup yacht race in San Francisco.

23.22 | 0 komentar | Read More

'Artificial eye' to detect particles

19 September 2014 Last updated at 01:12 By Melissa Hogenboom Science reporter, BBC Radio Science

The human eye has inspired physicists to create a processor that can analyse sub-atomic particle collisions 400 times faster than currently possible.

In these collisions, protons - ordinary matter - are smashed together at close to light speeds.

These powerful smash-ups could yield new particles and help scientists understand matter's mirror, antimatter.

The experimental processor could speed up the analysis of data from the collisions.

Published in the pre-print arXiv server, the algorithm has been proposed for possible use in Large Hadron Collider (LHC) experiments at Cern in 2020. It could also be useful in any field where fast, efficient pattern recognition capabilities are needed.

The processor works in a similar way to the retina's incredible ability to recognise patterns extremely quickly.

Snapshots in time

That is, individual neurons in our retinas are specialised to respond to particular shapes or orientations, which they do automatically before our brain is even consciously aware of what we are processing.

Cern physicist Diego Tonelli, one of a team of collaborators of the work, explained that the "artificial retina" detects a snapshot of the trajectory of each collision which is then immediately analysed.

These snapshots are then mapped into an algorithm that can run on a computer, automatically scanning and analysing the charged particle trajectories, or tracks. Exposing the detector to future collisions will then allow teams sift out the interesting events.

Data crunching

Speed is of the essence here. There are roughly 40 million collisions per second and each can result in hundreds of charged particles.

The scientists then have to plough through an incredible amount of data. It's spotting the deviations from the norm that may give hints of new physics.

An algorithm like this could therefore provide a useful way of crunching through this vast amount of data, in real time.

"It's 400 times faster than anything existing or foreseen for high energy physics applications. If implemented in a real experiment it will allow us to collect more interesting data more quickly," Dr Tonelli told the BBC.

Flavour physics

The LHC has been switched off since February 2013 but is due to begin its hunt for new physics in 2015 when the giant machine will once again begin smashing together protons.

As this happens, they break down and free up a huge amounts of energy that forms many neutral and charged particles. It's the trajectories of the charged ones that can be observed.

The new algorithm is not aimed at the type of physics used to find the famous Higgs boson, instead it's intended to be used for "flavour physics" which deals with the interaction of the basic components of matter, the quarks.

Commenting on the work, Tara Shears a Cern particle physicist from the University of Liverpool, said it could be extremely useful to automatically "give us most information about what we want to study - Higgs, dark matter, antimatter and so on. The artificial retina algorithm looks like it does this brilliantly".

"When our detectors take these snapshots of the collisions - to us that's like the picture that your eye sees and when your brain is scanning that picture and making sense of it, well we try and codify those rules into an algorithm that we run on computers that do the job for us automatically," Prof Shears told the BBC's Inside Science programme.

"When the LHC continues... we will start to operate with a more intense beam of protons getting a much higher data rate, and then this problem of sifting out what you really want to study becomes really really pressing," she added.

"This artificial retinal algorithm is one of the latest steps in our mission to [understand the Universe], and it's really good, it does the job vast banks of computers normally do."

The algorithm has been developed with the 2020 upgrade of the LHC in mind, which will have even more powerful collisions.

Follow Melissa on Twitter

• The LHC Beauty (LHCb) detector is designed to answer a specific question: where did all the antimatter go?
• Antimatter is a mirror image of the matter that makes up the world we are familiar with. "Normal" matter consists of particles, while antimatter is made up of antiparticles, identical in mass but with opposite electric charge
• The theory goes that equal amounts were forged during the intense heat of the Big Bang but today we find no evidence of, for example, antimatter galaxies or stars
• LHCb investigates the slight differences between matter and antimatter by studying a type of particle called the "beauty (b) quarks"
• 'b' and 'anti-b' quarks are unstable and short-lived, they rapidly decay into a range of other particles. Physicists believe that by comparing these decays, they may be able to gain useful clues as to why the Universe is dominated by matter rather than antimatter
• To do this LHCb produces many different types of quark when the particle beams collide
• In order to catch the beauty quarks, LHCb has developed sophisticated movable tracking detectors close to the path of the beams circling in the Large Hadron Collider

23.22 | 0 komentar | Read More

3D printer telescope snaps moon pics

19 September 2014 Last updated at 09:21

A university has shown the first photographs taken by a £100 telescope built from parts made by a 3D printer.

The University of Sheffield researchers behind the project claim the image quality from the PiKon telescope compares to models costing 10 times as much.

Plans are available online allowing anyone to download and print the components needed to build the device.

The telescope's images were unveiled as part of a science festival in the city.

It captured numerous pictures of the moon's surface during its first use.

One of the Pikon's developers, physicist Mark Wrigley, said he hoped the new telescope would be a "game changer".

'Democratising technology'

"We hope that one day this will be seen on a par with the famous Dobsonian 'pavement' telescopes, which allowed hobbyists to see into the night skies for the first time," he said.

"This is all about democratising technology, making it cheap and readily available to the general public."

At the heart of the telescope is the camera module of a Raspberry Pi, the cheap, barebones, British built computer.

Based on Isaac Newton's reflecting telescope design, a concave mirror focuses an image directly onto the Pi camera sensor, which is mounted onto components created by 3D printing.

Other parts such as the lens and the mirror can be bought from online suppliers.

Because of the small size of the Raspberry Pi camera, it is possible to mount it directly in front of the mirror.

The PiKon telescope has a magnification of times 160, which means that on a cloudless night it will allow detailed views of the moon's surface, as well as galaxies, star clusters and some planets.

Mr Wrigley said that the designers would use public feedback to improve the telescope and develop new products.

Other events in the university's Festival of the Mind, include a live musical performance by 150 musicians of Gustav Holst's symphony The Planets in a pop-up planetarium and an interactive video game art gallery.

23.22 | 0 komentar | Read More

Google and Apple encrypt by default

19 September 2014 Last updated at 12:55 By Joe Miller Technology Reporter

Google has announced that its next mobile operating system, Android L, will encrypt users' data by default.

The measure will make it more difficult for private information to be hacked or handed to law enforcement agencies.

On Thursday, Apple said that devices running its new iOS8 software would be encrypted by default, with even the company itself unable to gain access.

Both firms have offered encryption for some time, but many users were unaware of its existence or had not enabled it.

Earlier this week, Apple's boss Tim Cook posted an online message assuring users the company's philosophy was that a "great customer experience shouldn't come at the expense of your privacy".

Swipe

As well as announcing default encryption for all devices running the new iOS8 software, Mr Cook took a thinly veiled swipe at Google, saying that Apple would not use its customers' information to sell things to them.

"We don't 'monetise' the information you store on your iPhone or in iCloud," he wrote, "and we don't read your email or your messages to get information to market to you."

He added that although Apple does have an advertising business, called iAd, the function can be disabled by users.

Shortly after, Google announced its stance on privacy, also embracing default encryption. A spokesman said: "For over three years, Android has offered encryption, and keys are not stored off of the device, so they cannot be shared with law enforcement.

"As part of our next Android release, encryption will be enabled by default out of the box, so you won't even have to think about turning it on."

Both Apple and Google follow in the footsteps of the now somewhat beleaguered Blackberry, which has encrypted data by default for some time.

The firms' focus on privacy comes after nude photos of celebrities were leaked online earlier this month.

The breach, which affected actress Jennifer Lawrence, among others, was linked by some security experts to vulnerabilities in Apple's iCloud storage service.

Law enforcement

The introduction of default encryption also protects US firms from having to hand over data to law enforcement agencies.

As the companies themselves do not have access to users' passwords, which unlock the encryption, they are not actually in possession of the data concerned.

Several of the largest US tech firms have been fighting government requests for their users' private data, including Microsoft, Google, Twitter, Facebook and Dropbox.

David Emm, a senior researcher at security firm Kaspersky Lab, told the BBC that automatic encryption was "probably more about privacy than about protection".

"Customers will find some reassurance in the fact that their data can't routinely fall into third-party hands," he said.

However he added that the measure only "applies to stuff on a [Apple or Android] device, but not necessarily to stuff you put in the cloud, which could still be accessible to law enforcement agencies".

23.22 | 0 komentar | Read More

eBay flaw has existed for months

19 September 2014 Last updated at 15:38 By Dave Lee Technology reporter, BBC News

A flaw that has exposed eBay customers to malicious websites has been affecting the site since at least February, the BBC has found.

Earlier this week it was revealed how clicking on some listings automatically redirected users to the harmful sites.

EBay removed several posts, but said it was an isolated incident.

But the BBC has since found multiple listings, from multiple users, exploiting the same vulnerability.

Furthermore, several readers contacted the BBC detailing complaints they had made to the site.

In a statement, eBay said it had a dedicated team working on security, but that criminals "intentionally adapt their code and tactics to try to stay ahead of the most sophisticated security systems".

'Big problem'

A transcript from February this year showed user Paul Castle explaining the issue, in detail, to eBay support staff.

"I was just browsing in Digital Cameras and came across a password-harvesting scam," wrote Mr Castle during the online chat with eBay support staff.

Clicking on the listing link, Mr Castle explained, "transfers immediately to a password harvest scam page".

"This is potentially a big security problem for eBay users," he said, adding: "There could be hundreds."

EBay staff told Mr Castle that the problem had been escalated to "higher authorities".

Other users got in touch with the BBC to outline how they too had found listings that, when clicked on, behaved in the same way.

'Abusive ways'

EBay's search function allows users to find only completed auctions that are no more than 15 days old.

However, a brief search by the BBC uncovered 64 listings from the past 15 days that posed a danger to users.

In each case, it appears cross-site scripting (XSS) has been used to hijack the user's browsing - placed in the listings page using Javascript.

In a statement on Friday, a spokeswoman for eBay said: "This is not a new type of vulnerability on sites such as eBay.

"This is related to the fact that we allow sellers to use active content like Javascript and Flash on our site.

"Many of our sellers use active content like Javascript and Flash to make their eBay listings more attractive. However, we are aware that active content may also be used in abusive ways."

She added: "Cross-site scripting is not allowed on eBay and we have a range of security features designed to detect and then remove listings containing malicious code."

'A bad thing'

Ebay has been criticised by security experts for not responding to the vulnerability quickly enough.

While some listings were removed after being reported, the underlying issue has yet to be fixed.

Ilia Kolochenko, XSS expert and chief executive of security firm High-Tech Bridge, said it was difficult for "large complicated sites to be completely free of XSS vulnerabilities".

But he said that once a particular XSS exploit was being used for malicious purposes - as demonstrated by the redirects to harmful websites - companies must act quickly to not just remove offending content, but to prevent the flaw being exploited again.

He said: "If someone has reported an issue to eBay, and the vulnerability was not fixed promptly, this is a bad thing."

Dr Steven Murdoch, from University College London's Information Security Research Group, agreed.

He told the BBC: "EBay should as a matter of priority have looked for all the other links which exploited the same vulnerability and removed these too, as well as closing off the vulnerability from future attackers.

"It's clear they need to be more careful about what they allow - particularly when it comes to Javascript."

Follow Dave Lee on Twitter @DaveLeeBBC

23.22 | 0 komentar | Read More

'Largest ever' SD memory card

12 September 2014 Last updated at 13:19

Memory specialist SanDisk has created an SD card with 512 gigabytes (GB) of storage space - the highest capacity ever released.

The card, which is the size of a postage stamp, will go on sale for $800 (£490).

The launch comes a decade after the firm released a 512-megabyte (MB) SD card with one-thousandth of the space.

Experts believe SD cards could eventually hold up to 2 terabytes (TB) of data, about 2,000GB.

The new card is aimed at film-makers shooting in the high-quality 4K format.

The 4K format - which is four times the resolution of HD - requires large file storage. Depending on compression, a single minute of 4K shooting will typically take around 5GB of storage space.

"4K Ultra HD is an example of a technology that is pushing us to develop new storage solutions capable of handling massive file sizes," said Dinesh Bahal, vice-president of product marketing at SanDisk.

The SD card format is one of the most widely used standards of flash storage, popular with digital cameras, camcorders and other mobile devices.

While camera types, resolutions and settings vary - a 512GB card could potentially hold around 30 hours of HD video.

Cloud worries

John Delaney, a senior mobile analyst from IDC, said innovation in physical storage was critical to the future of our devices - even if a lot of people are turning to cloud storage instead.

"The thing that is driving cloud storage is multiple devices usage - which solves the, 'Where's my stuff?' problem: if you use cloud storage for everything, whatever device you have with you can be used to access your content."

But he added: "So far there's still a strong preference for local storage.

"People just feel more in control and more able to rely on being able to access the content when they literally know where it is.

"Storing in the cloud means you literally don't know where it is."

Mr Delaney added that recent high-profile security issues around cloud storage - such as the celebrity picture leak last week - would play on the minds of consumers.

Follow Dave Lee on Twitter @DaveLeeBBC

23.22 | 0 komentar | Read More

Twitch malware spends users' money

12 September 2014 Last updated at 18:18 By Joe Miller Technology Reporter

Malicious software spread via chat forums on the video games streaming site Twitch can spend users' money without authorisation, it has emerged.

The Finnish security firm F-Secure said clicking on the malware links also enabled infiltrators to wipe accounts on the gaming shop, Steam.

Twitch is advising users not to use links from unknown sources.

The site, which was recently bought by Amazon for $970m (£597m) has more than 55 million unique monthly viewers.

The vulnerability originates from an automated account which, according to F-Secure, "bombards channels and invites viewers to participate in a weekly raffle for a chance to win things such as 'Counter-Strike: Global Offensive' items".

If viewers take the bait, they are invited to fill in their name and email address which then allows the malicious software to gain control, allowing it to:

• Take screenshots
• Add new friends in Steam (a gaming shop and community commonly linked to Twitch accounts)
• Accept pending friend requests in Steam
• Initiate trading with new friends in Steam
• Buy items, if user has money
• Send a trade offer
• Accept pending trade transactions

A spokesman for Twitch told the BBC that the vulnerability was the "first instance" he had seen, but that the site would "remind our community about not clicking on links from unknown sources just like they wouldn't on other social media sites".

He added: "Please note that we give all broadcasters the option to disable links in their chat which can easily prevent this."

23.22 | 0 komentar | Read More

Microsoft is 'set to buy Minecraft'

10 September 2014 Last updated at 14:02 By Leo Kelion Technology desk editor

The video games studio behind Minecraft is in talks to be taken over by Microsoft, according to reports.

It has been suggested that Mojang might sell for more than $2bn (£1.2bn).

In June, the Swedish studio said it had sold about 54 million copies of its hit world-building game. Since then it has also been released for the Xbox One and PlayStation 4, further boosting sales.

Mojang's founder, Markus "Notch" Persson has previously publicly criticised Microsoft.

Ahead of the release of the Windows 8 operating system, he had claimed that the company was "trying to ruin the PC as an open platform" because it had wanted to certify third-party titles before their release.

He had also been a vocal supporter of independent studios, saying in 2012 that: "The more studios that can remove themselves from the publisher system, the more games that will be made out of love rather than for profit."

But, according to Bloomberg news agency, it was Mr Persson who "reached out" to Microsoft a few months ago.

It said that a source suggested that if the deal went through, Mr Persson would help with the transition, but was unlikely to stay on afterwards.

The New York Times also reported that a person briefed on the talks had said that Mr Persson was expected to leave within six months, but added that Mojang was keen to hold on to its younger developers.

A spokesman for Microsoft said: "We don't comment on rumour and speculation."

Mojang also declined to comment. Mr Persson did not respond to the BBC's questions.

Virtual world

Minecraft was first released in 2011, and has since become the third bestselling game of all time and something of a cultural phenomenon.

The Victoria and Albert Museum in London has hosted an evening that explored its design culture, Lego has made spin-off toys, Ordnance Survey has created a version of mainland Great Britain within the game, and Denmark's government has also built a scale model of its country.

The title is set in a virtual world made of cubes of different materials, including dirt, rock and lava. Most of these can be used as building blocks and/or refined into usable raw materials.

Player use the blocks to build a shelter and to create weapons to defend their character against the game's zombies and other monsters.

They can also engage in huge construction projects to flex their creative skills.

One extreme recent example involved the creation of a working virtual hard drive.

Mojang has worked on other titles, but they have either fallen short of Minecraft's success - such as the role-playing game (RPG) Scrolls - or been shelved before completion - such as 0x10c, a space-themed game that Mr Persson had been working on until last year.

'Worried gamers'

The Wall Street Journal was first to report negotiations between Mojang and Microsoft, saying that the deal could be finalised this week.

It noted that this would be the first multibillion acquisition by Microsoft's chief executive, Satya Nadella, since he took charge of the company.

Harry Bradshaw, who has interviewed Mr Persson on the Twitch video site, said that many gamers would be concerned by the news.

"There have been cases in the past of big corporations taking someone else's game and turning it into a huge money-flip, just to see what they can make out of it," he said.

"Gamers will naturally be worried about this.

"And it does confuse me why Mojang would sell up, bearing in mind it is the bestselling PC game of all time and still sells thousands of copies a day."

One market watcher said that it was unlikely that Microsoft would pull existing Minecraft games from sale for the PlayStation, Mac, Android, Linux and other rival platforms.

However, he added that Microsoft's various systems might be given preference when it came to future products.

"Minecraft is one the leading IPs [intellectual properties] within the games space that is potentially acquirable," said Piers Harding-Rolls, lead games analyst at the consultancy IHS.

"The brand has the potential to continue for the next 10 years,

"So, as an investment - even one at a very high price - it still represents something of value to larger companies that are looking to acquire exclusivity around a highly-engaged franchise."

23.22 | 0 komentar | Read More

Google worker lived a year on campus

10 September 2014 Last updated at 18:57 By Leo Kelion Technology desk editor

An ex-Google worker has revealed how he lived at the firm's campus in Mountain View, California, for 54 weeks between 2005 and 2006, kicking off a trend.

Matthew Weaver told the BBC that he had been dared to spend a year based out of a campervan parked on one of the company's lots.

He added that while he believed he was the first to do so, several others later followed his lead.

Google and other major tech firms are renowned for the perks they give staff.

"They had three meals a day at the cafeteria and there were showers at the gym that were also on campus, so I would shower at the gym, eat at the office," Mr Weaver recalled.

"There was a free laundromat on campus, so I could wash my clothes.

"There were all sorts of rooms with pianos and foosball tables [table football], and all these kinds of things, so I had plenty to do when I was taking a break from work.

"And we had places in the parking structure where I could work on and maintain my bicycle."

Security approved

The former Google staff site ecologist explained that rather than try to hide his presence, he placed a white picket fence and astroturf in front of his vehicle for a time.

"Security didn't mind," he added. "This was all the way back in 2005 and Google was a much smaller company then. A little bit more closely knit.

"Once security figured out it was me, they knew who I was, and they basically kept an eye on the place for me.

"I'm pretty sure I was the first. Towards the end of those 54 weeks and the two or three years that followed people would come and ask me questions.

"They would be like, 'I'm thinking about living on campus, do you have any advice?'"

He added that he had been comfortable with the lifestyle, but eventually moved out because it had become "a bit weird" to explain it to women he was dating.

Mr Weaver's unusual residency came to prominence after he wrote about his time at the firm on a forum on discussion site Quora.

Snack stations

Another ex-worker at the search giant also posted about living on campus for what was a briefer but more recent stay, and also agreed to speak to the BBC.

Brandon Oxendine - who helped design the way Google Profiles work - said that when he lived on site between June and September 2012, he had to do surreptitiously.

"A friend who had been at Google for five or six years told me there's actually a thing in the Google handbook that says you're not allowed to be on campus for more than 72 hours, or something like that," he said.

Mr Oxendine slept on a twin mattress kept in a station wagon parked in the garage below the building he worked in.

"I had told everyone I had moved into San Francisco, but I was always coming up in the same outfit from the parking garage," he recalls.

Like his predecessor, he said that there was never a need to go hungry.

"I think there's some sort of policy that Google has that no employee can be too far from a snack station.

"I worked a tonne, so I didn't really get bored... I loved it. I'd like to do it again."

Sleeping pods

But the person who may hold the record for the longest stint living at work is Ben Discoe, who was based in a van parked on campus for just over 60 weeks across much of 2011 and 2012.

"I did cheat slightly," he acknowledged. "I got a girlfriend who had an apartment in Mountain View, so I'd go there sometimes."

He recalled that by the time he joined the firm, an internal wiki website called Living At Google had been created by another employee.

"He enumerated the many perks they give you - free access to washing machines and this and that," he told the BBC.

"The only thing they don't give you was shampoo. He said, 'Maybe they'll give you shampoo if the stock price hits $300.' And then that was crossed out and it said, '$400', and that was crossed out and it said, '$500'."

"I believe it's the equivalent of about $1,200 now, and there's still no shampoo."

Mr Discoe added that Google had provided its own rest facilities for workers, but they had proved impractical for deep sleep.

"I did not care for the sleeping pods. They were are much hyped... but I found they were just as noisy as trying to sleep at your desk.

"And they were kind of mocked."

Google declined to comment.

The BBC understands that the company does not encourage living at work, but it is not something it actively polices against.

23.22 | 0 komentar | Read More