Lock firm offering security fix

28 November 2012 Last updated at 09:50 ET

The firm that makes door locks with a well-publicised security vulnerability has said it is offering a fix.

Onity makes locks for hotel rooms around the world, but a hacker revealed in July that a security flaw meant burglars could easily access the code to unlock them.

A series of thefts in hotel rooms in Texas has been traced to a burglar believed to have used the technique.

One security expert said Onity had a "big problem" on its hands.

In a statement to the BBC, the company said: "Immediately following the hacker's public presentation of illegal methods of breaking into hotel rooms, Onity engineers quickly developed both mechanical and technical solutions to address the issue.

"These solutions have been tested and validated by two independent security firms, and are available to customers worldwide. All requests for these solutions have already been fulfilled, or are in the process of being fulfilled."

The company declined to give further details about what these solutions were.

An earlier statement detailed how a mechanical cap could be fitted to the lock, but that statement has since been removed from Onity's website.

It has also offered a more permanent fix that involves an upgraded circuit board or new lock, but these must be fitted at the hotel owners' cost.

Some hotels are simply gluing the holes.

Onity is advising customers concerned about insecure locks to call its helpline, which it said was staffed with specialists "who can immediately help select and implement the best possible solution for that customer's specific property".

Master key

Onity locks are believed to be fitted on about 10 million doors worldwide.

In July security researcher Cody Brocious detailed a method for unlocking them using a digital tool that once inserted into a small hole in the door allowed an intruder to discover the combination for the lock.

The hole is described by the company as a power port although it also contains a chip to allow hotels to control which master keys open which doors.

Alan Woodward, a security consultant, told the BBC that the most widespread means used to secure the doors so far was to seal the hole shut.

"I read in various security forums that Onity said they are working on some form of cap, but more temporary fixes could easily be broken by using a penknife or similar," he said.

"With so many locks installed, it has a big problem on its hands."

23.58 | 0 komentar | Read More

Anti-Israel group hacks UN server

28 November 2012 Last updated at 02:30 ET

The UN nuclear agency has acknowledged that one of its computer servers was hacked by an anti-Israeli group.

The IAEA said a previously unknown group called Parastoo had posted contact details for more than 100 nuclear experts on the group's website.

Parastoo asked those listed to sign a petition calling for an IAEA investigation into Israel's undeclared nuclear weapons programme.

The IAEA is investigating Iran's controversial nuclear programme.

Israel is widely believed to have nuclear weapons but neither confirms nor denies this under a "strategic ambiguity" policy.

International Atomic Energy Agency (IAEA) spokeswoman Gill Tudor said the agency "deeply regrets this publication of information stolen from an old server".

She said the server had been shut down "some time ago" and experts had been trying to eliminate any "possible vulnerability" in it even before it was hacked.

"The IAEA's technical and security teams are continuing to analyse the situation and do everything possible to help ensure that no further information is vulnerable," she added.

The word Parastoo is Farsi for the bird species the swallow and an Iranian girl's name.

The Vienna-based IAEA said the theft concerned "some contact details related to experts working" with the agency.

The names include physicists at US, British, European and Japanese universities as well as researchers at Japan's Atomic Energy Agency, the US government's Los Alamos National Laboratory and Russia's Space Research Institute.

A Western diplomat quoted by Reuters news agency said the stolen data was not believed to include information related to confidential work carried out by the IAEA.

Israel, the US and other Western nations accuse Iran of secretly trying to develop nuclear weapons, a charge Tehran strongly denies.

Earlier this month, the IAEA said that Iran was ready to double the output at its underground uranium enrichment facility at Fordo.

In a report, it said it was unable to conclude that all nuclear material in Iran was for peaceful activities.

23.58 | 0 komentar | Read More

US piracy accused strikes deal

28 November 2012 Last updated at 07:30 ET

A student facing trial and possible imprisonment in the United States has struck a deal to avoid extradition, the High Court has been told.

Richard O'Dwyer, from Sheffield, is accused of breaking copyright laws.

The US authorities claimed the 24-year-old's TVShack website hosted links to pirated films and TV programmes.

The High Court was told Mr O'Dwyer had signed a "deferred prosecution" agreement which would require him paying a small sum of compensation.

Mr O'Dwyer will travel to the US voluntarily in the next few weeks for the deal to be formally ratified, it is understood.

'Satisfactory outcome'

The Sheffield Hallam student could have faced jail if convicted of the allegations, which were brought following a crackdown by the US Immigration and Customs Enforcement agency.

A High Court judge was told that Mr O'Dwyer was expected to travel to the US in the next 14 days to complete the agreement, pay a small sum in compensation and give undertakings not to infringe copyright laws again.

Continue reading the main story

It would be very nice for everyone if this was resolved happily before Christmas"

End Quote Sir John Thomas President of the Queen's Bench Division

His extradition application is then expected to return to the High Court so it can formally be disposed of.

Judge Sir John Thomas said: "It would be very nice for everyone if this was resolved happily before Christmas."

Sir John, president of the Queen's Bench Division, said it was a "very satisfactory outcome".

Home Secretary Theresa May approved Mr O'Dwyer's extradition after a court ruling in January.

In May, Mr O'Dwyer was told his appeal against the decision, which was due to take place in July at the High Court, would be delayed.

The High Court heard as a result of the deal struck by Mr O'Dwyer, an appeal would no longer be necessary.

The case was brought by the US Immigration and Customs Enforcement agency, which claimed the TVShack.net website earned more than $230,000 (£147,000) in advertising revenue.

The US authorities obtained a warrant and seized the domain name in June 2010.

'Copyright cops'

Human rights campaign group Liberty welcomed the proposed settlement of Mr O'Dwyer's case, but warned there was still need for reform of extradition laws.

Isabella Sankey, Liberty's director of policy, said: "This will be a huge relief for Richard, but how appalling that he had to wait so long for the US authorities to make this decision.

"Case after case shows that our extradition arrangements must be overhauled to allow people who have never left these shores to be dealt with here at home," she said.

Loz Kaye, leader of Pirate Party UK, a political party which wants to legalise non-commercial file-sharing, said the deal struck by Mr O'Dwyer showed the US extradition request had been "disproportionate and unnecessary".

"It does not remove the underlying problem, though. The US cannot be allowed to be the copyright cops of the world," he said.

23.58 | 0 komentar | Read More

Spam text message pair are fined

28 November 2012 Last updated at 08:06 ET By Tom Symonds Home Affairs correspondent, BBC News

Two men who sent millions of spam text messages have been fined £440,000 as the authorities step up the fight against the trade.

Christopher Niebel and Gary McNeish were part of a growing industry that sends texts to promote compensation claims for personal injury or payment protection mis-selling.

The information commissioner is trying to stop spammers and blaggers.

It says they are fuelling the trade by selling information without permission.

It is the first time the watchdog has used its powers to levy fines for this sort of case.

'Distressed and annoyed'

The Information Commissioner, Christopher Graham, said: "The public have told us that they are distressed and annoyed by the constant bombardment of illegal texts and calls and we are currently cracking down on the companies responsible, using the full force of the law.

"The two individuals we have served penalties on today made a substantial profit from the sale of personal information. They knew they were breaking the law and the trail of evidence uncovered by my office highlights the scale of their operations."

The case centres on Tetrus Telecoms, based in Greater Manchester, which offered to send out more than 800,000 texts a day on behalf of its clients, who are claims management companies looking for compensation cases to pass on to lawyers.

The messages, or variations of them, will be familiar to mobile phone users across Britain: "CLAIM TODAY, you may be entitled to £3500 for the accident you had. To CLAIM free reply CLAIM to this message. To opt out text STOP".

The information commissioner's office (ICO) says handwritten notes found in one of the company's offices suggested Tetrus had been using 70 mobile phone sim cards a day.

These would be inserted in a card reader connected to a computer, and SMS messages would be sent until each card's text message limit had been reached.

The company's directors, Mr Niebel and Mr Neish, have been fined £440,000 between them for breaching the Privacy and Electronic Communications Regulations 2003.

These require that marketing companies sending SMS messages must identify themselves and offer a way for recipients to opt out.

Records seized by the ICO suggest the company was making sales of more than £7,000 a day and its directors were earning tens of thousands of pounds.

'We had consent'

Mr Niebel told the BBC the company had permission to send out texts because the users on the lists they were using had given their "consent" to be contacted.

In a statement, Mr Niebel said he had not been provided with evidence from the ICO to support the allegations against him and they had not been examined in a court. He said intended to challenge the fine.

He also said he was a minor shareholder in the company and he said the majority was owned by Mr McNeish, who now lives in Thailand.

Mr Niebel claimed the ICO was concentrating on him because it had no legal jurisdiction over his partner.

The case has thrown a rare spotlight on the trade in potential clients for compensation claims, and the private data that enables them to be contacted.

Spammers sometimes send out messages to random numbers in the hope that they link to active mobile phones. They also buy black market lists of numbers on the internet.

For those receiving unwanted messages, replying can lead to the number being marked as active, making it more valuable to so-called 'list brokers'. Each proven number can be worth £5.

The ICO recommends the messages are deleted.

Mr Graham said: "Our message to the public is, if you don't know who sent you a text message then do not respond, otherwise your details may be used to generate profits for these unscrupulous individuals."

Rising premiums

However should a phone-user respond positively to a message offering compensation for a road accident or mis-sold Payment Protection Insurance (PPI) they will be passed to a claims management company which can then sell their case to a solicitor for a commission of around £500.

Critics says the process drives a "compensation culture" which the insurance industry says is pushing up premiums for everyone.

The ICO is also actively investigating cases of so called 'blagging' where the private details of potential insurance claimants are illegally collected and passed to claim management companies.

The details of those involved road accidents are often passed on by insurance companies, courtesy car providers, or even medical staff.

The ICO is considering taking action against three other companies believed to be acting in breach of the privacy and electronic communications regulations.

23.58 | 0 komentar | Read More

US military train in cyber-city

28 November 2012 Last updated at 08:24 ET

A miniature "cyber-city" has been created in New Jersey, complete with a bank, hospital, water-tower, train system, power grid and a coffee shop.

The buildings are tiny - fitting into an area 6ft (1.8m) by 8ft - but the underlying computer systems mimic those in the real world.

The aim is to train US government "cyber-warriors" to fend off attacks.

Experts believe attacks on critical infrastructure are likely to become more widespread.

Real-world damage

Developed in response to a challenge from the US military, the NetWars CyberCity was created by security training organisation the Sans Institute.

It will send government hackers on various missions, starting in December.

These will include fending off attacks on the city's power company, hospital, water system and transportation services.

CyberCity director Ed Skoudis said: "We've built over 18 missions, and each of them challenges participants to devise strategies and employ tactics to thwart computer attacks that would cause significant real-world damage."

The missions will typically last between a few hours and a few days.

Lose control

Sans Institute director Eric Bassel said Greater understanding of a city's vulnerabilities could be critical as computer attacks from nation states became increasingly frequent and sophisticated.

"When you lose control of cyberspace, you lose control of the physical world," he said.

"We have seen detailed evidence of foreign nations deep inside the computer networks of our financial services companies, manufacturing companies and critical infrastructure," Mr Bassel added.

Such attacks had been going on for many years, he said, but efforts to fight them off had been limited.

"With NetWars CyberCity we hope to turn the tables by providing our first-line cyber-defenders with the necessary skills and hands-on training to fend off online attacks and regain control of cyberspace," he added.

For security consultant Alan Woodward, such cities perform a vital job.

"Dotted around Salisbury Plain there are loads of deserted villages that the army now uses for training, and this is the cyber-equivalent," he said.

He said such mock-ups would become increasingly sophisticated but would always be limited.

"All it will do is teach you have to defend and respond to a situation but it will never prevent attacks," he said.

23.58 | 0 komentar | Read More

Nokia seeks Blackberry sales bans

28 November 2012 Last updated at 08:41 ET

Nokia has asked courts in the US, UK and Canada to block sales of rival Blackberry smartphones.

It follows a patent dispute between the Finnish company and Blackberry's parent, Research In Motion (RIM).

Nokia says an earlier ruling means RIM is not allowed to produce devices that offer a common type of wi-fi connectivity until it agrees to pay licence fees.

All current Blackberries would be affected. RIM had no comment.

It is the latest legal distraction for the Canadian company as it prepares to launch an operating system that could determine its survival.

Share drop

Nokia's action comes two months after an arbitration ruling by the Stockholm Chamber of Commerce in Sweden.

The organisation had been asked to act as an arbitrator in a dispute over RIM's use of handsets and tablets featuring wireless active network (WLAN) connections to the internet.

RIM had argued that an earlier licensing deal with Nokia meant it should not have to pay a separate fee for the technologies. However, the tribunal disagreed.

After news of Nokia's latest action was revealed by Computerworld magazine, RIM's shares fell more than 10% in after-hours trading in New York.

When contacted by the BBC, Nokia confirmed it had taken action "with the aim of ending RIM's breach of contract", adding it would also continue to pursue a separate case against RIM in Germany involving antenna, email and navigation technologies.

Nokia noted it had licensed its intellectual property rights to more than 40 other companies. The revenue from such deals helps justify its current $11.8bn (£7.4bn) market valuation.

Patent wars

RIM is also fighting several other patent lawsuits at this time.

They include a dispute with Washington-based patent portfolio owner SoftVault Systems, which alleges RIM has infringed its anti-piracy DRM (digital rights management) technologies.

RIM is also involved in a case against California-based Lochner, which is suing a number of big-name tech firms over the way their devices play videos streamed over the internet.

Please turn on JavaScript. Media requires JavaScript to play.

RIM chief executive Thorsten Heins talks through the Blackberry 10 system

RIM has itself sued others in the past over patents, including Motorola - before the handset division was bought by Google - and the instant message software Kik,

However, the timing of the clash with a big-player like Nokia could be particularly troubling as it comes less than three months before RIM plans to release its first Blackberry 10 handsets.

"RIM has had a tough time losing market segment to other smartphones. And the future of the business is now going to be based on the success of its new operating system, which itself has been delayed," said UK-based patent attorney Andrew Alton, from Urquhart-Dykes & Lord, who has previously acted for Apple.

"Anything else that diverts attention from getting that out there and products shipped and bought is going to be detrimental for the business."

23.58 | 0 komentar | Read More

Facebook tackles groups glitch

28 November 2012 Last updated at 09:21 ET

Facebook says it is investigating a fault which has seen some of its members re-registered to groups that they had quit.

One administrator of "secret" groups on the network raised concerns that old members would be able to access "highly sensitive" information.

Others have complained of having to leave the groups, one-by-one, again.

Facebook says the glitch would not give access to users' personal details if they were hidden via its settings.

The firm advertises the groups facility as a "private space" where updates, polls and chat messages can be shared between family, co-workers and pupils in a school class.

It adds that a group can be made "secret" to ensure that not only are messages limited to those within it, but that those outside cannot see who else is a member.

"Some users appear to have been re-added to groups that they have left in the past," the firm said in a statement.

"We are investigating the issue."

The problem comes at a time the company is involved in a separate privacy controversy.

It wants to be able to share information between its social network and its other businesses such as recently acquired photo service Instagram, and to stop its members having the right to vote on further changes to its privacy policy.

The move is opposed by campaign groups including the Electronic Privacy Information Center and the Center for Digital Democracy.

23.58 | 0 komentar | Read More

TV channel 'sorry' over Hatton fight

28 November 2012 Last updated at 09:28 ET By Rajeev Gupta BBC Reporter

Pay per view TV channel Primetime has apologised after hundreds of customers were unable to watch Ricky Hatton's comeback fight after the channel suffered 'technical issues.'

People who tried to order the fight between the peak times of 7.10pm and 9.50pm on Saturday were unable to do so and say they were left trying to go through the automated system before being cut off.

Other customers complained of being faced with a blank blue screen having paid £14.95 to watch the event and have told BBC Radio 4's You and Yours programme they've had trouble speaking to anyone from the company.

Primetime has said it will deal with each complaint on an individual basis and will refund any paying customers who were unable to watch the fight.

It's not the first time Primetime or other pay TV platforms have had problems. In 2009 the channel had major issues during its broadcast of Carl Froch vs Andre Dirrell. Sky Box office and Frank Warren's Box Nation have also suffered similar issues.

Primetime says a technical fault meant it was unable to process orders and it couldn't handle the volume of calls which followed. It denies being understaffed on the night.

Adam Taylor, Head of Sales and Customer Services for Portland TV, which owns Primetime, said: "This fight was retailed on the largest number of outlets we've ever used so it was only Sky customers who may have had problems".

"At the moment we've experienced 700 complaints which we are working to resolve. Customers who we didn't send a signal to would not have been charged."

"We had our largest ever customer operations service on for this event and we will be hoping to get all complaints resolved by the end of this week".

23.58 | 0 komentar | Read More

Bungie game details leak online

28 November 2012 Last updated at 11:40 ET

Details of Bungie's first game since quitting the best-selling Halo franchise have been leaked online.

The gaming website IGN has obtained marketing materials revealing it is called Destiny, and aims to create a universe "as deep" as the Star Wars franchise,

The project had been one of publisher Activision's most closely guarded secrets.

It has a 10-year exclusive arrangement with the development studio.

Activision has previously told investors that the game would be "genre-defining" and prove to be one of its two "largest growth opportunities" over coming years, alongside the Call of Duty series.

Following IGN's exclusive, Bungie reproduced one of the images on its own site and confirmed the leak's authenticity.

Sci-fi fight

According to IGN the game will be set 700 years in the future, and feature battles with aliens to protect the "last city on Earth" after the collapse of mankind's efforts to colonise the Solar System.

A screenshot suggests the first title in the expected series will run on the PlayStation 3 and Xbox 360. Bungie's most recent releases had only run on Xbox systems.

A decision to build another sci-fi franchise will see Destiny compete with the developer's original series.

Microsoft has said it has plans for at least another two Halo games. Its most recent sequel, Halo 4, was created by its own subsidiary 343 Industries. The series as a whole has generated more than $3.4bn (£2.1bn) in revenues to date.

"You can never have sure bets and the risks involved with creating new IP [intellectual property] are always relatively high, but to have a studio like Bungie involved reduces the risk considerably for Activision due to its incredible track record," Pier Harding-Rolls, head of games research at IHS Screen Digest, told the BBC.

But he added that the publisher was unlikely to be happy about the way news of its game had become available.

"I don't think any company that wants to manage and control the promotion of their material would want to see it leaked through the back door," he said. "But a lot of leaks do go on in the industry.

"I'm sure we'll see a lot more of it at E3 [games conference] in June where games like this can be shown in a satisfying way."

23.58 | 0 komentar | Read More