Lenovo offers fix for hidden adware

21 February 2015 Last updated at 15:55

Chinese computer maker Lenovo is offering customers a tool to help them remove pre-installed software that experts warned was a security risk.

The Superfish adware program - which offered shopping tips - was shipped on some of the company's notebook devices.

Lenovo said on Thursday it had disabled it because of customer complaints.

But a later statement said the company was also aware of a security risks about the software, and the company was "focused on fixing it".

"We apologise for causing these concerns among our users - we are learning from this experience and will use it to improve what we do and how we do it in the future," the company said.

Lenovo said it had acted "swiftly and decisively" and that users could download a patch to remove Superfish.

Superfish was designed to help users find products by visually analysing images on the web to find the cheapest ones.

Users had initially complained about intrusive pop-up ads appearing on their browsers.

Computer experts later warned that the software was potentially compromising their security.

Superfish appears to work by substituting its own security key for the encryption certificates used by many websites.

This would allow it - or anyone who hacked Superfish - to collect data over secure web connections.

08.10 | 0 komentar | Read More

London Formula E track revealed

19 February 2015 Last updated at 18:09

The route for the London race of the first Formula E season has been announced.

The world's first fully electric motor racing series will finish in London with two rounds held on 27 and 28 June.

A specially created 15 turn, 3km circuit will be created to run through Battersea Park in south London.

British racing driver Sam Bird said the track had "fast straights, high-speed bends, as well as some challenging chicanes and braking zones."

Bird, who competes for the UK-based Virgin Racing team, added: "The track is in the beautiful Battersea Park, right next to the River Thames, just across from Chelsea and with some of the most famous features of London's skyline in the background.

"I think the London ePrix spectators will be treated to some close, fast racing with plenty of action and overtaking."

The FIA Formula E Championship began last September in China and the season will include races in Argentina, Monaco and Germany.

Alejandro Agag, CEO of Formula E, said: "Having two races in London - the final two of the season - was an option we discussed at length with Wandsworth Council and means that London could well be where the inaugural champion is crowned, making it a fantastic spectacle for the city and a great platform to showcase sustainable mobility and clean energy.

"We will now begin preparations for bringing urban electric racing to London but of course that means working closely with all parties and local residents' groups to ensure that we remain sympathetic to all park users."

08.10 | 0 komentar | Read More

'Revenge porn' mogul pleads guilty

Ringkasan ini tidak tersedia. Harap klik di sini untuk melihat postingan.

08.10 | 0 komentar | Read More

Oscars films see online piracy surge

19 February 2015 Last updated at 15:09 By Leo Kelion Technology desk editor

American Sniper would win best picture and Birdman's Alejandro Inarritu best director if the Oscars were determined by online piracy rates, a study says.

It suggests being nominated in one of the four major categories has a particularly profound effect on illegal downloads of indie and art house films.

The authors suggest that producers of such movies become more flexible about how and when their titles are released.

But one industry expert said that was easier said than done.

The report was carried out by Irdeto, a Netherlands-based company that sells piracy controls to the pay-TV sector.

It used "crawler" software to monitor downloads via Bittorrent peer-to-peer file-sharing services around the world and says its figures represent the minimum number of illegal downloads.

As part of the study, the company compared the amount of piracy in the week before nominations with the week after.

Selma, Wild, American Sniper, Still Alice and Birdman saw some of the biggest swings in popularity, and each accounted for more than 100,000 downloads.

By contrast, two other films that had been tipped for the awards but failed to secure nominations in the major categories did not experience similar demand: Mr Turner has been downloaded 9,086 times since 15 January, and Inherent Vice has been downloaded 53,008 times, according to the study.

Title	Illegal downloads since nomination	Piracy rate increase	Major nominations
Source: Irdeto, covering the period running up to 14 February
American Sniper	1,389,819	230%	Picture, actor
Gone Girl	1,252,074	83%	Actress
Birdman	796,697	192%	Picture, director, actor
The Theory of Everything	776,239	161%	Picture, actress, actor
The Grand Budapest Hotel	636,292	41%	Picture, director
The Imitation Game	467,700	175%	Picture, director, actor
Whiplash	325,782	171%	Picture
Boyhood	244,270	23%	Picture, director
Wild	163,652	(pre-nomination piracy not detected)	Actress
Selma	144,075	1033%	Picture
Foxcatcher	118,323	78%	Director, actor
Still Alice	108,660	194%	Actress
Two Days, One Night	85,166	73%	Actress

For comparison's sake, the study also provided download figures for three big-budget mainstream films over the same post-nomination period:

• Interstellar - 1.4 million downloads
• The Hobbit: The Battle of the Five Armies - 1.3 million downloads
• John Wick - 1.3 million downloads

Collapsed windows

Irdeto suggests the Oscar nominations and resulting media coverage drove many users to search for the films on illegal sites, and it noted the DVDs used to let Academy Awards voters watch and judge the movies sometimes became the source of the pirated files.

The company acknowledged that not every download represented a lost sale, but it suggested the activity was particularly damaging to films that would not be classed a conventional "blockbusters".

"The Oscars are traditionally a time for independent and less mainstream movies to generate significant revenues," said Rory O'Connor, the company's vice-president of services.

"In the past, such high quality movies could be funded through the Oscars mechanism by reaching a broader public - [distributors] might not have had such a big budget to publicise the films first time round, but they could then piggyback the Oscars media campaign.

"But that mechanism is breaking down because of piracy."

He added that a solution would be for "windows" - used to stagger a film's initial cinema release and its later screenings in other countries and sale on other formats - to be "collapsed".

So, if a film was nominated, it could be offered for rent or sale around the world shortly after, to provide an alternative to piracy.

"People are willing to pay premium pricing for good quality and early availability [on their home TV], so I think there is an opportunity to compensate for the revenue that may be lost from a cinematic release," Mr O'Connor said.

'Caught in a bind'

However, an adviser to the Independent Film and Television Alliance said its members had less latitude to act than the major studios, which control their own films' releases.

Bertrand Moullier said smaller movies often relied on funding from local distributors who bought the release rights before filming started.

These distributors might be unwilling to suddenly change their plans, he said, because of concerns the films would then clash with others coming out locally at the same time.

"We are caught in a bit of a bind because [the idea of] beating piracy by releasing a movie everywhere in a saturation-release pattern to beat the peer-to-peer sharers is logically right," said Mr Moullier.

"Unfortunately, it also goes against the grain of how independent films must be assembled and put together.

"But [relying on local distributors] is also a very effective way of making sure a film gets the right adapted marketing strategy in each of the cultures where it's shown."

08.10 | 0 komentar | Read More

Google Street View maps Greenland

19 February 2015 Last updated at 17:11

Google has extended its Street View feature to take in the scenes of sparsely populated Greenland.

The internet giant has published immersive images of some of the island's most impressive landscapes, including the Ilulissat Icefjord and the Nuutoqaq harbour.

The country is the 66th to be incorporated into the feature.

One of the images was taken from the top of a hill in Kujalleq, southern Greenland.

The images are immersive, meaning the user can rotate them in any direction. Another was of Brattahlid, the settlement founded by Erik the Red, who set up the first Viking colony on Greenland.

Erik the Red was a Norwegian, who discovered Greenland after being banished from Iceland.

He is said to have spread word of "the green land" among people living in Iceland on his return there in 985. Some Icelanders subsequently made the trip and decided to settle in Greenland.

His son Leif Eriksson later voyaged to North America - 500 years before Christopher Columbus.

Another centuries-old human site to be documented was the Hvalsey church, in the south of Greenland.

Alex Starns, Street View's technical program manager, wrote in a blog post: "At the abandoned settlement Hvalsey, you can visit Hvalsey church, the best preserved Norse ruins in Greenland. The church was also the location of the last written record of the Greenlandic Norse in 1408."

The Street View team also used boats to capture images of Ilulissat Icefjord.

"Floating by Ilulissat, you can see why the breathtaking Ilulissat Icefjord is the country's most popular tourist destination. Also an Unesco World Heritage site, the stunning ice wall seems to defy gravity as it reaches up into the clear, blue sky," wrote Mr Starns.

Another image was of the statue of Hans Egede, the Danish-Norwegian explorer who founded the town of Nuuk.

08.10 | 0 komentar | Read More

Glitch trips up top computer school

19 February 2015 Last updated at 17:27

Carnegie Mellon University has apologised after it mistakenly sent out 800 admission letters via email to its prestigious computer science programme.

Applicants to the top-ranked graduate programme received the erroneous email that they were "one of the select few" admitted, on Monday morning.

Emails correcting the computer glitch went out almost seven hours later.

The US university said the error was the "result of serious mistakes" in generating acceptance letters.

Carnegie Mellon said it was "currently reviewing our notification process to help ensure this does not happen in the future".

Based in Pittsburgh, Pennsylvania, Carnegie Mellon ranks alongside the Massachusetts Institute of Technology and Stanford University in California as one of the top schools for computer engineering in the US.

"We understand the disappointment created by this mistake, and deeply apologise to the applicants for this miscommunication."

Ben Leibowitz said he called up his relatives to share the good news when he got the initial email, then went out to dinner to celebrate with his parents.

But hours later, he got a second email, informing him he was not actually among one of 100 students accepted to the computer science programme.

"It was brutal. I didn't get much sleep last night,'' Mr Leibowitz told the Associated Press news agency. "Now I have to clean up the mess. I'm calling all my relatives, I'm going, 'I'm sorry it's not happening.'"

The university is not the first to send out acceptance letters to those not actually admitted to competitive programmes.

In December, Johns Hopkins University mistakenly sent nearly 300 undergraduate applicants welcome messages when they were actually rejected or deferred.

And in 2009, the University of California at San Diego sent acceptance emails to their entire applicant pool that year - 46,000 students.

08.10 | 0 komentar | Read More

YouTube to launch kids' app

20 February 2015 Last updated at 12:21

YouTube will launch a new app specifically for children on Monday in a bid to make using the service safer.

It is understood that YouTube Kids will have parental controls and restrictions on who can upload content.

The app will run separately to the main YouTube service and it will initially be available in the US only, but it is understood that it will be rolled-out in the UK later.

The move has been welcomed by the NSPCC child protection charity.

A spokesman for the charity said: "Keeping children safe online is the biggest child protection challenge of this generation. So it's good to hear about the launch of YouTube Kids.

"I'm sure it will be embraced by parents wanting increased reassurance that their younger children won't be exposed to inappropriate material."

The parental controls will include the ability to limit the amount of time children can spend watching videos, as well as a tool allowing the search function to be switched off, it is understood.

YouTube Kids will have channels and playlists organised into four categories: Shows, Music, Learning and Explore. Users will also be able to search for individual topics.

The app will be free, but it will be available on Google's Android devices only.

DreamWorks TV, Jim Henson TV and Mother Goose Club will be some of the content providers, the BBC understands.

YouTube Kids product manager Shimrit Ben-Yair said: "Parents were constantly asking us, can you make YouTube a better place for our kids.

"We've seen 50% growth year over year in viewing time on YouTube, but for our family entertainment channels, it's more like 200%."

08.10 | 0 komentar | Read More

US and UK 'hacked Sim card firm'

20 February 2015 Last updated at 14:32

US and British intelligence agencies hacked into a major manufacturer of Sim cards in order to steal codes that facilitate eavesdropping on mobiles, a US news website says.

The Intercept says the revelations came from US intelligence contractor turned whistleblower Edward Snowden.

The Dutch company allegedly targeted - Gemalto - says it is taking the allegations "very seriously".

It operates in 85 countries and has more than 40 manufacturing facilities.

The Intercept says that "the great Sim heist" gave US and British surveillance agencies "the potential to secretly monitor a large portion of the world's cellular communications, including both voice and data".

It says that among the clients of the Netherlands-based company are AT&T, T-Mobile, Verizon, Sprint and "some 450 wireless network providers around the world".

Full investigation

The Intercept alleges that the hack organised by Britain's GCHQ and the US National Security Agency (NSA) began in 2010, and was organised by operatives in the "Mobile Handset Exploitation Team". Neither agency has commented directly on the allegations.

However GCHQ reiterated that all its activities were "carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate".

How does the hack work?

Each Sim card has an individual encryption key, installed by the chip manufacturer, that secures communications between the handset in which it inserted and mobile phone masts.

This means that if anyone were to snoop on conversations or text messages, they would receive garbled, unintelligible data.

That is, of course, unless those carrying out the surveillance get hold of the encryption key. With that information, they can even decrypt previously intercepted communications.

However, this tactic only works for phone conversations and text messages. Communications through mobile applications such as Whatsapp, iMessage and many email services have separate encryption systems.

The stolen encryption allowed the agencies to decode data that passes between mobile phones and cell towers. They were able to decrypt calls, texts or emails intercepted out of the air.

A Gemalto spokeswoman said the company was unable to verify whether there had indeed been a breach, and highlighted that other Sim manufacturers could also have been targeted.

She added: "We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such highly sophisticated techniques to try to obtain Sim card data".

Global ripples

Reacting to The Intercept's revelations, Eric King, deputy director of the campaign group Privacy International, said the NSA and GCHQ had "lost sight of what the rule of law means and how to weigh what is necessary and proportionate".

He said trust in the security of our communications systems is "essential for our society and for businesses to operate with confidence". And the impact of these latest revelations will have "ripples all over the world."

Privacy International is currently engaged in legal action against GCHQ over its alleged hacking practices.

Gemalto makes Sim cards for mobile phones and furnishes service providers with encryption codes to keep the data on each phone private.

The Intercept claims that by first cyber-stalking employees at Gemalto and then penetrating their emails, the spy agencies were able to steal thousands of encryption keys at source.

This would allow them to eavesdrop easily on phone calls and texts without seeking permission from telecoms companies or foreign governments, and without leaving a trace.

The Intercept cites as its source documents leaked by Edward Snowden, the former NSA contractor who is currently living in Russia.

'Weakest link'

Karsten Nohl, a security researcher who has exposed previous Sim card vulnerabilities, told the BBC the leak showed that "it is still not terribly difficult" to circumvent encryptions on mobile phone communications.

He added that since it was Gemalto, and not the mobile providers, which sets Sim encryption codes, this makes the Dutch firm the "weakest link of the security chain".

Other Gemalto clients, such as passport agencies, buy blank chips and set the codes themselves.

"A lot of telecom companies will be scrambling to find out what went wrong," said Mr Nohl.

Analysis: Joe Miller, BBC technology reporter

If The Intercept's report is to be believed, the most striking discovery is how easily those wanting to engage in mass surveillance can eavesdrop on our mobile communications.

Gemalto, the company which was allegedly targeted, manufactures an estimated 30% of all Sim cards worldwide. And crucially, it creates the security key for each item. All security agencies needed to do was obtain (by hacking, allegedly) the list of security keys from the firm. Then, as security expert Karsten Nohl says, they could snoop on phone calls with a "few hundred dollars worth of radio equipment in strategically important locations".

This contrasts with security procedures used, for example, for chips in passports. Many are are also manufactured by Gemalto. These are delivered to the relevant authorities as a blank chip, and the Passport Office - not the company - creates the security key.

Many of Edward Snowden's allegations have shone a light on complex surveillance tactics by the NSA. But perhaps this latest leak has done more to highlight how a single company is in control of millions of people's private data.

08.10 | 0 komentar | Read More

Google-backed genetic test approved

20 February 2015 Last updated at 17:05 By Joe Miller Technology reporter

A Californian start-up will be allowed to advertise a mail order DNA test that screens for a rare genetic condition, after a U-turn by the US regulator.

The Food and Drug Administration (FDA), said the 23andMe product would "provide people with information about possible mutations in their genes that could be passed on to their children".

It had previously banned similar tests.

The 23andMe kit screens for Bloom syndrome, an inherited disease that is most common among Ashkenazi Jews.

It can detect whether a healthy person is a carrier of the genetic variant that causes the disorder, and therefore at risk of passing it on to their offspring.

'No test is perfect'

In a statement, the FDA also said it would provide the "least burdensome regulatory path" for future projects from 23andMe and similar companies.

"In many circumstances it is not necessary for consumers to go through a licensed practitioner to have direct access to their personal genetic information," the regulator added.

The decision contrasts with the FDA's stance in 2013, when it ordered 23andMe to "immediately discontinue" selling its saliva collection tests after failing to provide information to back its marketing claims.

The $99 test had offered users a readout of their genetic code, including a detailed analysis of their health risks.

However, despite giving the Bloom syndrome kit a green light, the FDA cautioned that "no test is perfect" and suggested that the kit should only be used by those likely to carry a relevant gene.

Informative labelling and information on how to follow up with a medical professional must be provided by 23andMe, the FDA said.

Please turn on JavaScript. Media requires JavaScript to play.

Anne Wojcicki, of 23andMe: "We're really partnering with the consumer"

'Major milestone'

While welcoming the FDA's decision, 23andMe said it would "not return health results on individually cleared reports" until it had a "comprehensive product offering" in place.

The health tech company, which is backed by Google, has been operating since 2006 and was co-founded by Anne Wojcicki, its chief executive, who married Google co-founder Sergey Brin in 2007.

"This is a major milestone for our company and for consumers who want direct access to genetic testing," she said in a blog post.

"We have more work to do, but we remain committed to pursuing a regulatory path for additional tests and bringing the health reports back to the US market.

08.10 | 0 komentar | Read More

Phones can be tracked by battery use

23 February 2015 Last updated at 12:41 By Zoe Kleinman Technology reporter, BBC News

Android phones can be tracked without using their GPS or wi-fi data by studying their power use over time, a study has found.

A smartphone uses more power the further away it is from a cellular base and the more obstacles are in its way as it reaches for a signal.

Additional power use by other activities could be factored out with algorithms, the researchers found.

They created an app designed to collect data about power consumption.

"The malicious app has neither permission to access the GPS nor other location providers (eg cellular or wi-fi network)," the team - Yan Michalevsky, Dan Boneh and Aaron Schulman, from the computer science department at Stanford University, along with Gabi Nakibly, from Rafael Ltd - wrote in their paper.

"We only assume permission for network connectivity and access to the power data.

"These are very common permissions for an application, and are unlikely to raise suspicion on the part of the victim."

There are 179 apps currently available on Android app store Google Play that request this information, the team add.

Activity such as listening to music, activating maps, taking voice calls or using social media all drain the battery but this can be discounted due to "machine learning", the report says.

"Intuitively the reason why all this noise does not mislead our algorithms is that the noise is not correlated with the phone's location," it says.

"Therefore a sufficiently long power measurement (several minutes) enables the learning algorithm to 'see' through the noise."

The tests were carried out on phones using the 3G network but did not measure signal strength as that data is protected by the device.

'Stuffed with sensors'

"With mobile devices now becoming ubiquitous, it is troubling that we are seeing so many ways in which they can be used to track us," said cyber-security expert Prof Alan Woodward, from Surrey University.

"I think people sometimes forget that smartphones are stuffed full of sensors from gyroscopes and GPS to the more obvious microphones and cameras.

"This latest work shows that even that basic characteristics (power consumption) has the potential to invade privacy if monitored in the right way," he added.

"We are approaching the point where the only safe way to use your phone is to pull the battery out - and not all phones let you do that."

08.10 | 0 komentar | Read More