Diberdayakan oleh Blogger.

Popular Posts Today

MtGox chief refuses to travel to US

Written By andika jamanta on Rabu, 16 April 2014 | 23.59

15 April 2014 Last updated at 11:31

MtGox's founder has refused a US court's demand that he testify this week about the collapse of what was the world's biggest Bitcoin exchange.

Mark Karpeles had been asked to attend a hearing in Washington on Friday.

MtGox reported in February that it may have lost nearly $500m (£300m) worth of the virtual currency and subsequently filed for bankruptcy protection in Japan and the US.

It later said it had "found" about a quarter of the missing sum.

A US judge ordered Mr Karpeles to travel from Japan to appear in front of the US Department of Treasury's Financial Crimes Enforcement Network to answer questions about the affair.

But a court filing by MtGox's lawyers said the France-born chief executive - who has not been charged with any crime - would not comply.

"Mr Karpeles is now in the process of obtaining counsel to represent him with respect to the FinCen subpoena," it said.

"Until such time as counsel is retained and has an opportunity to 'get up to speed' and advise Mr Karpeles, he is not willing to travel to the US."

The lawyers also asked the court to delay Mr Karpeles' deposition until 5 May, but added that they could not guarantee he would attend on that date either.

In the meantime MtGox's site continues to tell out-of-pocket investors that a "method for filing claims will be published on this site as soon as we will be in [a] situation to announce it".

One bitcoin is currently trading for about $500, down from its high of more than $1,100 last year.


23.59 | 0 komentar | Read More

US Airways apologises for porn tweet

15 April 2014 Last updated at 11:27

US Airways has apologised after an explicit photo was sent from its official Twitter account in response to a customer complaint.

It said in a statement that it was trying to flag the image as inappropriate but instead mistakenly included it in a message.

The tweet was deleted after approximately an hour but not before it had been retweeted hundreds of times.

The airline said it regretted the error and was reviewing its processes.

The image, which featured a naked woman and a toy plane, had originally been sent to the company's Twitter account by another user, it said.

It was then attached to a tweet that was sent to a US Airways customer who had taken to the social network to express her frustration that her flight was delayed.

Once the mistake had been realised US Airways deleted the offending tweet and issued an apology.

"We apologise for an inappropriate image recently shared as a link in one of our responses. We've removed the tweet and are investigating," it said on its Twitter feed.

The company has more than 420,000 followers on its Twitter account and has not tweeted since.

US Airways is merged with American Airlines, who were also caught up in a Twitter controversy on Monday after a 14-year old Dutch girl sent a tweet to the airline implying she was part of al-Qaeda group and planning an attack.

American Airlines responded via Twitter saying that her details would be passed to the FBI for investigation.

Both tweets have now been deleted and the girl's Twitter account has been suspended.

Dutch police said that Twitter had disclosed to them the internet address that the tweet was written from and that they had questioned a 14-year-old girl who had now been released pending further enquiries.

However, other copycat tweets now appear to be being sent to American Airlines from other teenagers' Twitter accounts, according to the Washington Post.


23.59 | 0 komentar | Read More

City to get ultra-fast broadband

15 April 2014 Last updated at 13:14

A new fibre optic network is to be created in York to provide ultra-fast broadband speeds throughout the city.

The one gigabit (1,000 Mbps) network will be delivered directly to homes and businesses, with the first customers expected to be connected in 2015.

It is being created as a joint venture between Sky, TalkTalk and CityFibre.

The Labour leader of City of York Council, James Alexander, said it meant York would become the "digital infrastructure capital of the UK".

"I'm delighted that York has been chosen as the first city," Mr Alexander said. "Gaining ultra-fast broadband across the city is a huge boost for our economy."

The companies have not yet announced a launch date for the service, and said they planned to roll it out to two more cities "in due course".

About 78% of households and businesses in York currently have access to superfast broadband, according to Ofcom.


23.59 | 0 komentar | Read More

Heartbleed may 'slow' web speeds

15 April 2014 Last updated at 14:13

The struggle to fix problems caused by the Heartbleed bug may slow browsing speeds, warns analysis firm Netcraft.

The sheer number of sites refreshing key credentials may trigger delays, reported the Washington Post.

The updates could force browsers to keep downloading and checking long lists of safe sites which would slow attempts to reach those destinations.

The updates will help stop attackers posing as well-known sites using stolen security credentials.

Security check

About 500,000 websites were thought to be vulnerable to the Heartbleed bug which, if exploited, would let attackers slowly steal data from web servers.

Many sites, including Google, Facebook, DropBox and OKCupid, have now patched the version of the security software they ran, called OpenSSL, that was vulnerable to Heartbleed.

However, said Paul Mutton, a security analyst at Netcraft, sites also had to take action to change a separate security measure if they wanted to be sure that visitors' data did not go astray.

This separate measure is known as a security certificate and is a guarantee of a site's identity.

Heartbleed raised questions about the worth of the guarantee security certificates offered, said Mr Mutton. Using the Heartbleed bug attackers could seize secret keys used in conjunction with security certificates as an identity check.

"It would be safest to assume that all of the 500,000 certificates have been compromised," he told the BBC. "Most Certificate Authorities are offering to reissue and revoke for free, so there is no excuse not to take action."

However, he said, the revoking and reissuing of hundreds of thousands of certificates could have a knock-on effect on web browsing speeds.

When a user visits a site, their browsing program typically checks to see if the security certificate for that site has been revoked, said Mr Mutton. Under normal circumstances, this rarely causes a delay as relatively few certificates are revoked every day.

Now, said Mr Mutton, the numbers of revocations were growing, thanks to Heartbleed, with thousands more every day being revoked and reissued.

Robin Alden, chief technology officer at certificate authority Comodo, told PC World that its renewal rates had gone up by a factor between 15 and 30 since news about Heartbleed broke.

It said it was providing tools to customers to help them check if sites were vulnerable to the Heartbleed bug.

"Certificate revocation has always been a bottleneck since SSL was invented," said Dr Mark Manulis, a senior lecturer at the University of Surrey's computing department who specialises in cryptography.

If Heartbleed led to large scale revocations that could cause problems, said Dr Manulis, as not all browsers downloaded lists and there were potentially hundreds of certification authorities to contact,

"Each browser would have to contact each of those authorities and download the lists because those lists are not shared," he said.

Mr Mutton from Netcraft said an added complication was being introduced by firms that issued new certificates but had not revoked the older potentially vulnerable ones.

"This is dangerous," he said. "If the old certificates had been compromised, they could still be spoofed and used for man-in-the-middle attacks even if the affected sites are now using new certificates."

Dr Dan Page, a lecturer in cryptography from the University of Bristol, said updating certificates and issuing new ones can take time.

"It takes time for the revocations to filter through the system," he said.

"Previously there have been breaches but not across everyone," added Dr Page. "That's definitely different here and is much more worrying."

Code check

Also struggling to cope with its workload is the organisation behind the OpenSSL software in which the Heartbleed was found.

In an open letter Steve Marquess, president of the OpenSSL Software Foundation, issued a plea for more donations and funding to recruit more people to help maintain the widely used software.

"While OpenSSL does 'belong to the people' it is neither realistic nor appropriate to expect that a few hundred, or even a few thousand, individuals provide all the financial support," he wrote in a blogpost.

"The ones who should be contributing real resources are the commercial companies and governments who use OpenSSL extensively and take it for granted," he added.

Annual donations typically amounted to about $2,000 (£1,195), he said, though this had briefly spiked following publicity about Heartbleed.

More money would help the Foundation hire enough staff to cope with all the requests it gets for help and to maintain the core code.

"There should be at least a half dozen full time OpenSSL team members, not just one, able to concentrate on the care and feeding of OpenSSL without having to hustle commercial work," he said.

"If you're a corporate or government decision-maker in a position to do something about it, give it some thought," he said.


23.59 | 0 komentar | Read More

Privacy fears over FBI database

15 April 2014 Last updated at 15:33

Campaigners have raised privacy concerns over a facial recognition database being developed by the FBI that could contain 52m images by 2015.

The civil liberties group Electronic Frontier Foundation (EFF) obtained information about the project through a freedom of information request.

It said it was concerned that images of non-criminals would be stored alongside those of criminals.

The FBI say the database will reduce terrorist and criminal activities.

The facial recognition database is part of the bureau's Next Generation Identification (NGI) programme which is a large biometric database being developed to replace the current Integrated Automated Fingerprint Identification System (IAFIS).

The programme, which is being rolled out over a number of years, will offer "state of the art biometric identification services" according to the bureau's website.

As well as facial recognition images the programme is being developed to include the capture and storage of finger prints, iris scans and palm prints.

'Increasing risks'

EFF said that the records it had seen showed the facial recognition element of the NGI already contained 16m images by 2013 and had the capability to contain as many as 52m by 2015.

In the current system, the fingerprints of criminals and non-criminals are kept in separate databases. Non-criminals may have their prints stored by the FBI if they have applied for a job that requires fingerprints for a background check.

However, under the new system if a candidate is asked by an employer to submit a photo along with their fingerprints this will now be stored by the FBI, too. The difference is that all photos will be stored on the same database regardless of whether someone has been arrested for a crime.

"This means that even if you have never been arrested for a crime, if your employer requires you to submit a photo as part of your background check, your face image could be searched - and you could be implicated as a criminal suspect, just by virtue of having that image in the non-criminal file," said the EFF.

It says documents from the FBI show that 4.3m photos contained in the database by 2015 will be for non-criminal purposes.

The group also cites research that shows the risk of falsely identifying someone increases as the size of the dataset being examined increases.

"This means that many people will be presented as suspects for crimes they didn't commit."

At a US senate subcommittee meeting held in 2012 to discuss the privacy implications of facial recognition technology, the official in charge of the NGI programme at the time said the the FBI intended to limit the system to criminal information.

It was also stressed that annual audits of local agencies' systems will be carried out to "detect any type of misuse" and that the FBI would back this up with their own audits.

The EFF points out that the Privacy Impact Assessment for the facial recognition element of NGI has not been updated since 2008.

"This is not how our system of justice was designed and should not be a system that Americans tacitly consent to move towards," the EFF said.


23.59 | 0 komentar | Read More

Yahoo shares jump despite profit fall

15 April 2014 Last updated at 21:59

Shares in struggling internet search giant Yahoo jumped 9% despite a 20% fall in first-quarter earnings.

The company's profits of $312m (£187m) still beat expectations.

Yahoo also said revenue from display advertising increased by 2% to $409m, the first rise in some time. Overall, first quarter revenue was $1.1bn, the best since 2010.

"I am really pleased by our first-quarter performance," said chief executive Marissa Mayer in a statement.

Yahoo also reported that it had 430 million monthly mobile users who accessed Yahoo products, a crucial measure as the firm seeks to catch up with Facebook and Google to attract mobile advertising.

Continue reading the main story

It also increased its total workforce by 8% to 12,400 global employees.

Alibaba

In contrast to Yahoo's earnings fall, Chinese internet giant Alibaba, of which Yahoo owns a 24% share, reported surging revenues.

These increased by 66% in the fourth quarter of 2013 to $3.06bn, compared with $1.84bn during the same period a year earlier.

Profits increased 110% to $1.4bn, compared with $642m a year earlier.

Alibaba's fourth quarter earnings were released as part of Yahoo's report.

Alibaba, China's largest internet company, is expected to complete a public share sale sometime this summer on a US exchange.

The share float could raise as much as $15bn, making it the biggest technology company debut since Facebook's stock sale in 2012.


23.59 | 0 komentar | Read More

Hard-disk firm warns of data breach

16 April 2014 Last updated at 11:43 By Leo Kelion Technology desk editor

French computer storage specialist LaCie has said credit card details and passwords of shoppers who used its site may have been stolen.

The hard-disk maker said the FBI had alerted it to "indications" of a hacker having used malware to copy details entered into its online store.

It added that the suspected breach was thought to have lasted from 27 March 2013 to 10 March this year.

Experts said it was unusual for such a problem to go unnoticed for so long.

"It is a major breach," Ron Austin, senior lecturer in computer security at Birmingham City University, told the BBC.

"LaCie is a fairly big company and you would question their information security policies.

"No expert can guarantee 100% security, but it goes back to compliance and ensuring that if you're offering services out on to the web that you are carrying out regular checks."

LaCie was taken over by US tech company Seagate in 2012, but still sells goods using its name.

The attack, if confirmed, could be particularly damaging for LaCie as the brand has security products among its wares.

Independent tech consultant Graham Cluley said the company had been left with "egg on its face".

"In an ideal world, attacks get prevented in the first place and you have done enough work to secure your website and maybe hired some penetration testers to see if there are vulnerabilities," he said.

"If you can't prevent it in the first place, hopefully you can pick it up while it's occurring and deflect it.

"Clearly LaCie did fail in some way. They should have spotted something was happening."

Adobe flaw

A statement on LaCie's website said that shoppers should check their bills for fraudulent charges and that they would need to change their logins when its store reopened.

"The information that may have been accessed by the unauthorised person may include customers' names, addresses, email addresses, and payment card numbers and card expiration dates," it said.

"Customers' LaCie website user names and passwords could also have been accessed, which is why we required a reset of all passwords."

The statement said that LaCie was alerted to the problem by the FBI on 19 March.

However, security blogger Brian Krebs had warned the company earlier that month that its site might have had credit card data stolen by a criminal gang exploiting vulnerabilities in Adobe's ColdFusion web application development software.

On 17 March Mr Krebs reported that LaCie had told him that its preliminary investigation had found no indication that customer data had been compromised.

But in a follow-up article, Mr Krebs said that LaCie had now acknowledged there were "indications" that someone had used malware that exploited the flaws in Adobe's code.

Mr Krebs added that other companies that had fallen victim to related attacks included the US credit card processor SecurePay and the jam-maker Smuckers.

For its part, Adobe has urged owners of its software to make sure they are using the latest release.

"We have no information regarding this incident outside of published reports," said a spokeswoman.

"However, the majority of attacks we see are exploiting software not up-to-date on the latest security updates.

"Adobe therefore strongly recommends that users install the latest security updates as the best possible defence against those with malicious intent."


23.59 | 0 komentar | Read More

MtGox exchange put in administration

16 April 2014 Last updated at 12:38

MtGox, once the world's biggest Bitcoin exchange, has been placed in administration by a Japanese court.

The exchange announced in February that hackers had stolen hundreds of thousands of bitcoins from it, worth about $500m (£300m).

It later said that it had found a substantial number of the bitcoins and had hoped to find a way to continue as a business and pay back customers.

But the court dismissed this plan and appointed an administrator.

In a statement on the exchange's website the administrator said that bankruptcy proceedings were likely to follow.

This would involve MtGox customers being asked to make any claims through the court, although the administrator pointed out that there was no time frame for this process at the moment.

Customers can continue to check the balance of any bitcoins they have with MtGox but are warned that this is not necessarily the amount they would receive as the result of a claim.

MtGox said at the time it went offline that the bitcoins had been stolen from its system by hackers who exploited a loophole in the software that oversaw the Bitcoin system. The administrator said that it plans to investigate the missing bitcoins as part of its role.

The founder of MtGox, Mark Karpeles, refused a request by a US court to attend a hearing this week to answer questions about the collapse of the exchange. He has not been charged with any crime.

The bitcoin is currently trading for around $500, down from a high of more than $1,100 last year.


23.59 | 0 komentar | Read More

Galaxy S5 fingerprint sensor hacked

16 April 2014 Last updated at 14:08

The fingerprint sensor on Samsung's Galaxy S5 handset has been hacked less than a week after the device went on sale.

Berlin-based Security Research Labs fooled the equipment using a mould it had previously created to spoof the sensor on Apple's iPhone 5S.

The researchers said they were concerned that thieves could exploit the flaw in Samsung's device to trigger money transfers via PayPal.

The payments firm played down the risk.

"While we take the findings from Security Research Labs [SRL] very seriously, we are still confident that fingerprint authentication offers an easier and more secure way to pay on mobile devices than passwords or credit cards," it said.

It added that even if users were hacked it would cover their losses.

A spokesman for Samsung was unable to comment.

Reject pile

SRL created its hack by lifting a real fingerprint from a smartphone screen and then carrying out a fairly elaborate process to create a mould out of glue and graphite spray. This was then swiped across the sensor that sits in the phone's home button.

"The fingerprint mould was actually one I made for the Apple device back in September," project manager Ben Schlabs told the BBC.

"All I had to do was take it out of the reject pile as it wasn't one of the ones that ended up working on the iPhone 5S for whatever reason.

"It was the first one I tried and it worked immediately on the S5."

Although the fake fingerprint proved easy to use, Mr Schlabs added that he was concerned that Samsung's software would not lock out thieves who had less luck, allowing them to make repeated attempts.

"Samsung could have enforced a password [lock-out] after five failed swipe attempts," he said.

"But the way it works is that if it fails five times and asks for a password, if you just turn the screen off and back on again you can have another try."

This is not true of the iPhone 5S.

Reveal transactions

While Apple currently limits its fingerprint scanner to unlocking the iPhone and verifying purchases in its own online store, Samsung has allowed its sensor to be used by third-party apps that add its Pass API (application program interface) to their code.

PayPal's mobile app is the first to take advantage of this. The software can be used to send and request money and reveal past transactions.

SRL acknowledged that the fingerprint scanner made it simpler to access, but criticised the company for not requiring a second form of authentication, such as a Pin code.

However, PayPal said Galaxy S5 users should not be deterred from using the feature.

"The scan unlocks a secure cryptographic key that serves as a password replacement for the phone," it said.

"We can simply deactivate the key from a lost or stolen device, and you can create a new one.

"PayPal also uses sophisticated fraud and risk management tools to try to prevent fraud before it happens. However, in the rare instances that it does, you are covered by our purchase protection policy."

S5

Please turn on JavaScript. Media requires JavaScript to play.

Rory Cellan-Jones tests out the Samsung S5

Tech blog Engadget agreed that users should not be too concerned.

"The odds are low that a street thief will get past your phone's defences, or that a talented hacker will get in before you've had a chance to remotely wipe your content," it reported.

But Mr Schlabs said that did not mean the risk of fingerprint hacks could be ignored.

"If you think into the future, once ATMs have fingerprint scanners and once heads of state start using fingerprint authentication it's going to become a lot more attractive," he said.

"Our method is pretty rudimentary and has been around for at least a decade and it worked on a phone that was only released last week.

"Once people develop better or faster methods, or once there are fingerprint databases of images that get leaked, it's definitely a concern."


23.59 | 0 komentar | Read More

Bungie 'fires' Halo games composer

16 April 2014 Last updated at 16:56 By Leo Kelion Technology desk editor

The composer of the original Halo soundtracks says he has been fired from his job at the video games' creator.

Marty O'Donnell revealed the news in a tweet: "I'm saddened to say that Bungie's board of directors terminated me without cause on April 11, 2014."

Bungie has confirmed the move but suggested they remained "friends".

Mr O'Donnell had been working on music for the firm's forthcoming title Destiny in collaboration with Sir Paul McCartney.

In an interview about the tie-up for Edge magazine last year, Mr O'Donnell commented: "It's hard for me - and some of the guys get impatient about it, like 'Hey Marty, quick just write an iconic theme and show it to us'.

"But that's not what I did with Halo. I like to write music... [and] we have this really great start on many, many pieces of music that all seem to work together well."

A spokesman for Sir Paul said he was "unable to pass comment".

Huge expectations

Marty O'Donnell's relationship with Bungie stretches back to the 1990s when he worked on its Myth series.

However, he first came to prominence in 1999 when the developer unveiled its first trailer for Halo at the MacWorld convention, which prominently featured Mr O'Donnell's stirring theme.

The composer subsequently worked on Halo's sequels up until Halo: Reach. He was not involved in Halo 4, which was developed by a different studio.

Since 2011 Mr O'Donnell has been working on Destiny, a role-playing, first-person shooter that will be Bungie's first title since ending a tie-up with Microsoft. Part of the score was recorded at London's Abbey Road Studios.

The game is due to be released by Activision in September.

The publisher's chief executive, Bobby Kotick, has described the title as the first in "a major new potential franchise".

"We expect that Destiny will become the best-selling new video game IP [intellectual property] in history," he told bank analysts last year.

It is unclear what effect Mr O'Donnell's departure will have on the game or its subsequent add-on downloadable content (DLC).

"For more than a decade, Marty O'Donnell filled our worlds with unforgettable sounds and soundtracks, and left an indelible mark on our fans," wrote Bungie's community manager David Dague on its site.

"Today, as friends, we say goodbye. We know that wherever his journey takes him, he will always have a bright and hopeful future. We wish him luck in all his future endeavours."

'Best assets'

The news prompted a backlash from visitors to Bungie's site.

"Bungie just lost half of its magic," wrote one, nicknamed Apotheosis.

"You just fired one of your best assets. What in the world is wrong with you?" asked Avenger I32.

But others were more measured in their responses.

"It is sad to see someone so great at what they do leave but let's not hate on Bungie for doing so. They must have a good reason," wrote Kanzanian 117.

Although the details surrounding Mr O'Donnell's departure may never be made public, one games industry watcher said that rival developers would be keen to employ him.

"Halo defined a whole era of video games when the first Xbox came out, and when people hear its iconic theme they have an emotional connection to the series and a time in their lives," said Keza MacDonald, UK editor of the news site Kotaku.

"You can see a similar effect with Nintendo's Koji Kondo and his music for Mario and Legend of Zelda.

"But it's relatively rare, and people will be very interested to see what Marty O'Donnell does next, especially if it's for a rival games company."


23.59 | 0 komentar | Read More
Techie Blogger