Snowden says 'mission accomplished'

24 December 2013 Last updated at 11:34 ET

Please turn on JavaScript. Media requires JavaScript to play.

Edward Snowden will deliver a Christmas message on UK TV, as Simeon Paterson reports

Former National Security Agency (NSA) contractor Edward Snowden, who leaked details of US electronic surveillance programmes, says he achieved his aim.

"In terms of personal satisfaction, the mission's already accomplished," he told the Washington Post.

"I already won," said Mr Snowden, whose extensive leaks have caused a reassessment of US surveillance policy.

The 30-year-old was interviewed in Russia, where he was granted temporary asylum on 1 August.

Mr Snowden fled the US in late May, taking a huge cache of secret documents with him. He faces espionage charges in the US.

Continue reading the main story

How intelligence is gathered

• Accessing internet company data
• Tapping fibre optic cables
• Eavesdropping on phones
• Targeted spying

"As soon as the journalists were able to work, everything that I had been trying to do was validated. Because, remember, I didn't want to change society. I wanted to give society a chance to determine if it should change itself," he told the newspaper.

"All I wanted was for the public to be able to have a say in how they are governed," Mr Snowden said.

Last week, a federal judge declared the mass collection of telephone data unconstitutional and a presidential advisory panel suggested reforms.

Both the judge and the panel said there was little evidence that any terrorist plot had been thwarted by the programme.

A few days later, in his end-of-year news conference, US President Barack Obama suggested there might be a review of surveillance by the NSA.

In light of "disclosures that have taken place" and public concerns about the programmes, there might be "another way of skinning the cat", he said.

However, he accused Mr Snowden of causing "unnecessary damage" by leaking documents.

President Obama said he would make a "definitive statement" in January about recommendations by the White House panel.

Continue reading the main story

"Start Quote

A child born today will... never know what it means to have a private moment to themselves, an unrecorded, unanalysed thought"

End Quote Edward Snowden

'Going in blind'

The NSA, accustomed to watching without being watched, faces scrutiny it has not endured since the 1970s, or perhaps ever, the Washington Post reports.

Mr Snowden told the newspaper he had no way of knowing whether the public would share his views.

"You recognise that you're going in blind... But when you weigh that against the alternative, which is not to act, you realise that some analysis is better than no analysis."

Later, the UK's Channel 4 revealed that Mr Snowden would deliver its "Alternative Christmas Message" on Wednesday - the broadcaster's answer to Queen Elizabeth II's message to the nation.

In his first TV interview since arriving in Moscow, Mr Snowden would talk about "why privacy matters", it said.

"A child born today will grow up with no conception of privacy at all. They'll never know what it means to have a private moment to themselves, an unrecorded, unanalysed thought," he was quoted as saying.

"The conversation occurring today will determine the amount of trust we can place both in the technology that surrounds us and the government that regulates it. Together we can find a better balance, end mass surveillance and remind the government that if it really wants to know how we feel, asking is always cheaper than spying."

More details of people and institutions targeted by UK and US surveillance were published last week by The Guardian, The New York Times and Der Spiegel.

The papers said the list of about 1,000 targets included an EU commissioner, humanitarian organisations and Israeli officials including a prime minister.

US technology giants including Google, Microsoft and Yahoo are taking steps to block the collection of data by their government.

In October, news that the NSA had monitored the phone of German Chancellor Angela Merkel triggered a diplomatic row between Berlin and Washington.

Brazil's President Dilma Rousseff was also angered by revelations that the NSA had hacked the computer network of Brazil's state-run oil company Petrobras to collect data on emails and telephone calls.

23.58 | 0 komentar | Read More

RSA denies 'secret deal' with NSA

23 December 2013 Last updated at 06:16 ET

Security firm RSA has strongly denied reports it signed a "secret contract" with the NSA spying agency.

On December 21, a Reuters report said the NSA paid RSA to use a random number generator now known to be flawed.

In a blogpost RSA "categorically" denied the allegation that this opened a backdoor into any product in which it was used.

In September 2013, RSA told users to avoid using the code when its flaws were confirmed.

Bad numbers

The Reuters report said the NSA paid RSA $10m (£6.1m) to use a random number generator that has since been discovered to open a backdoor into any software in which it was used.

Documents released by whistleblower Edward Snowden have confirmed the existence of backdoors in some technologies RSA, and other firms, used in their products.

The random number generator, known as the "Dual Elliptic Curve Deterministic Random Bit Generator" (Dual EC DRBG), became a standard part of some RSA products in 2004.

In 2007 academic research revealed that the number generator had serious weaknesses that, if exploited, could let eavesdroppers get at data it was supposed to help protect. In its blogpost, RSA explained that it continued to rely on the system in 2007 following advice from the US standards body that oversaw development of such systems.

It also followed the advice of this body when it told users to stop using the module earlier this year.

In addition, RSA added, the Dual EC DRBG was one of several different random number generators available and customers were "free to choose whichever one best suited their needs".

It concluded: "We also categorically state that we have never entered into any contract or engaged in any project with the intention of weakening RSA's products, or introducing potential 'backdoors' into our products for anyone's use."

In response, Reuters reporter Joseph Menn who broke the story said in a tweet: "We stand by our RSA story."

23.58 | 0 komentar | Read More

Google robot wins Pentagon contest

23 December 2013 Last updated at 08:26 ET

Please turn on JavaScript. Media requires JavaScript to play.

Schaft won this round of Darpa's competition by a wide margin

A robot developed by a Japanese start-up recently acquired by Google is the winner of a two-day competition hosted by the Pentagon's research unit Darpa.

Team Schaft's machine carried out all eight rescue-themed tasks to outscore its rivals by a wide margin.

Three of the other 15 teams that took part failed to secure any points at the event near Miami, Florida.

Schaft and seven of the other top-scorers can now apply for more Darpa funds to compete in 2014's finals.

Continue reading the main story

1. Schaft (27 points)

2. IHMC Robotics (20 points)

3. Tartan Rescue (18 points)

4. MIT (16 points)

5. Robosimian (14 points)

6. Traclabs / Wrecs (11 points)

8. Trooper (9 points)

9. Thor / Vigir / Kaist (8 points).

12. HKU / DRC-Hubo (3 points)

14. Chiron / Nasa-JSC / Mojavaton (0 points)

Darpa said it had been inspired to organise the challenge after it became clear robots were only capable of playing a very limited role in efforts to contain 2011's Fukushima nuclear reactor meltdown in Japan.

"What we realised was ... these robots couldn't do anything other than observe," said Gill Pratt, programme manager for the Darpa Robotics Challenge.

"What they needed was a robot to go into that reactor building and shut off the valves."

In order to spur on development of more adept robots the agency challenged contestants to complete a series of tasks, with a time-limit of 30 minutes for each:

• Drive a utility vehicle along a course
• Climb an 8ft-high (2.4m) ladder
• Remove debris blocking a doorway
• Pull open a lever-handled door
• Cross a course that featured ramps, steps and unfastened blocks
• Cut a triangular shape in a wall using a cordless drill
• Close three air valves, each controlled by a different-sized wheel or lever
• Unreel a hose and then screw its nozzle into a wall connector

More than 100 teams originally applied to take part, and the number was whittled down to 17 by Darpa ahead of Friday and Saturday's event.

Please turn on JavaScript. Media requires JavaScript to play.

Humanoid robots drove cars, climbed ladders - and often fell - in the competition sponsored by the US Department of Defense

Some entered their own machines, while others made use of Atlas - a robot manufactured by another Google-owned business, Boston Dynamics - controlling it with their own software.

One self-funded team from China - Intelligent Pioneer - dropped out at the last moment, bringing the number of contestants who took part at the Homestead-Miami Speedway racetrack to 16.

Continue reading the main story

Schaft's 1.48m (4ft 11in) tall, two-legged robot entered the contest the favourite and lived up to its reputation.

It makes use of a new high-voltage liquid-cooled motor technology that uses a capacitor, rather a battery, for power. Its engineers say this lets its arms move and pivot at higher speeds than would otherwise be possible, in effect giving it stronger "muscles".

The machine was developed by a spin-off from the University of Tokyo's Jouhou System Kougaku lab, which Google recently revealed it had acquired.

The team scored 27 points out of a possible 32, putting it seven points ahead of second-placed IHMC Robotics, which used Atlas.

Scores were based on a system that awarded three points for completing a task's primary objectives, and then a bonus point for doing so without any human intervention.

Schaft's robot behaved nearly perfectly, but lost points because "the wind blew a door out of their robot's hold and because their robotic creation was not able to climb out of a vehicle after it successfully navigated an obstacle course," reported the Japan Daily Press.

'Reality check'

Videos posted online by Darpa illustrate that the robots remain much slower than humans, often pausing for a minute or more between actions while they carried out the calculations needed to make each movement.

Several proved unsteady on their feet and were only saved from falls by attached harnesses.

Three of the teams which entered self-designed machines - including Nasa's Johnson Space Center and its robot Valkyrie - failed to complete any of the challenges.

The event was described as a "reality check" by Jyuji Hewitt, who attended on behalf of the US Army's Research, Development and Engineering Command.

But Darpa's Mr Pratt added that the competition, and the finals that will be held in December, would help bring forward a time the machines could be used in real-world situations.

"Today's modest progress will be a good next step to help save mankind from disasters," he said.

The top eight teams can now apply for up to $1m (£611,000) of Darpa investment before the finals to improve their robots' skills. The winner will get a $2m prize.

Lower scorers in last weekend's round can stay in the contest but will have to fund their own efforts,

23.58 | 0 komentar | Read More

Twitter's Dorsey to join Disney

24 December 2013 Last updated at 05:38 ET

Twitter founder, Jack Dorsey, has been nominated as an independent board director at Walt Disney.

Shareholders will be able to vote on his selection at the company's annual meeting on 18 March.

Aged 37, Mr Dorsey would become the youngest member of Disney's board, the majority of whom are in their 50s.

Over the last few years he has been running Square, a company which offers credit card payments service for small businesses.

"Jack Dorsey is a talented entrepreneur who has helped create groundbreaking new businesses in the social media and commerce spaces," said Robert Iger, Disney's chairman and chief executive.

"The perspective he brings to Disney and its board is extremely valuable."

Twitter sold shares on the stock market for the first time in November and Mr Dorsey's near 5% stake in Twitter is worth around $1bn.

He founded Twitter along with Ev Williams, Biz Stone and Noah Glass.

Mr Dorsey sent Twitter's first tweet in 2006: "just setting up my twttr".

23.58 | 0 komentar | Read More

Cash limits follow Target data theft

23 December 2013 Last updated at 11:28 ET

Debit card limits are being cut for two million Americans following a hack attack on US retailer Target.

Details of more than 40 million cards were stolen by thieves who compromised card swipe systems at Target's tills.

Bank JP Morgan Chase said it was reducing limits on all cards used at Target while thieves had been scooping up data.

Security researchers said the stolen card numbers had been seen on underground markets.

Card losses

The thieves managed to grab the key details for so many cards by getting malware onto the computer systems at the checkout desks in almost 1,800 Target stores in the US. It is still not clear how the thieves managed to get their malware onto the systems.

The thieves had access to card data read at the tills for almost three weeks, said Target in a statement released after it realised it had been under attack.

JP Morgan Chase said it had lowered daily spending limits to $300 (£183) and daily cash withdrawal limits to $100 on potentially vulnerable cards as a "precaution".

Reuters reported that other US banks are also believed to be putting stringent precautions in place that would help to spot if cards were being used fraudulently. In addition, Target said it would offer free credit monitoring for customers affected by fraud.

On 20 December, security researcher Brian Krebs said there was evidence that card numbers stolen in the Target attack had shown up on underground markets where such details are traded.

Writing on his blog, Mr Krebs said security investigators had first confirmed card details had been stolen from Target by buying a "dump" of credit card numbers and matching them to those known to have been used at stores during the breach.

A huge batch of numbers had shown up on one site that traded in good quality dumps, he said, adding that cards from non-US banks used at Target stores were now fetching premium prices.

23.58 | 0 komentar | Read More

German 'streamed porn' case reviewed

23 December 2013 Last updated at 07:29 ET

A German court that told an ISP to hand over details of users who had allegedly been illegally streaming porn online is reviewing its decision.

The names and addresses of those identified were used by a law firm to send letters asking for a one-off fee.

The firm, Urmann, acting on behalf of Swiss copyright company Archive, targeted users it said had viewed content on porn-streaming site Redtube.

More than 10,000 people are thought to have been affected.

It was one of the first cases to target people accused of streaming rather than downloading pornography.

Now, the court in Cologne says it has examined complaints from dozens of people who received the copyright infringement warning letters, which demanded a 250 euro (£210) payment.

'Victory for users'

In a statement the court said the complaints had raised "considerable" doubts about the legal procedure.

It also said the laws on "streaming" were not clear enough.

Urmann issued a strongly worded statement defending itself against claims it had issued a false affidavit to the court. The firm called on the court to withdraw the allegation.

A final decision on the case is not expected until January.

In a separate court in Hamburg, a temporary injunction has been issued against Urmann and Archive preventing them from sending warning letters to Redtube users alleging copyright infringement.

In a statement Redtube said that the allegations that its site broke copyright laws were "a thinly disguised attempt to extort money from its users".

Commenting on the injunction Alex Taylor, vice president of Redtube, said: "This ruling is a victory not just for Redtube users, but for anyone who accesses a streaming website.

"It sends a clear message that the exploitation of personal information and the violation of privacy for financial gain will not be tolerated," he said.

Redtube also stressed that it had not passed on users information to third parties.

23.58 | 0 komentar | Read More

Apple shares rise on Chinese deal

23 December 2013 Last updated at 11:00 ET

Shares in US technology giant Apple have jumped 3% after it signed a deal to supply its iPhone to China Mobile.

The Chinese firm is the world's largest carrier and was one of three networks to be awarded China's first 4G licences earlier this month.

Apple has been looking to boost its sales in China, the world's largest smartphone market, but has struggled amid growing competition from rivals.

The latest deal is expected to help it increase its market share.

Continue reading the main story

"China is an extremely important market for Apple," Tim Cook, Apple chief executive, said in a statement.

"Our partnership with China Mobile presents us the opportunity to bring iPhone to the customers of the world's largest network."

Earlier this year, Mr Cook said he expected China to replace North America as Apple's largest source of revenue. The iPhone is the firm's most important product in terms of earnings power.

China Mobile has more than 760 million subscribers.

The country's two other major phone carriers, China Unicom and China Telecom, already offer iPhones to their subscribers.

Cheaper rivals

China is the world's biggest smartphone-using country, with 1.2 billion users.

Continue reading the main story

Apple's "imminent" deal with China Mobile has been a long running soap opera. Back in September when a separate launch event for the iPhone 5C and 5S was held in Beijing, it was assumed that an agreement had already been reached.

But fixing terms between the world's biggest mobile operator and a company which has always played hardball when it comes to pricing, was never going to be simple.

Apple has long been a highly prized brand in China, with fake Apple stores springing up all over the country. But even with access to China Mobile's 700 million customers, don't expect it to grab a big share of the market.

Samsung is the biggest overseas brand - the Chinese market was quick to see the attractions of the oversized Galaxy Note "phablet" - and home-grown brands like Xiaomi are giving consumers the smartphone experience at a much keener price than Apple can offer.

Nevertheless, China has a big appetite for luxury brands - for Rolls Royce it vies with the USA as its biggest market.

Apple does not have to be number one in China to make huge amounts of money there, so don't expect the company to follow the advice of some analysts and launch cut price models. It will settle for being the Rolls Royce of the mobile market.

But Chinese sales of previous iPhone models have slumped recently, as consumers have turned to cheaper rival handsets from Samsung, and domestic Chinese developers.

China's three bestselling smartphone makers are Samsung, Lenovo and Coolpad, according to a recent report by the consultants IDC.

Apple's sales have also been impacted by the fact that unlike in developed markets, many phone carriers in emerging markets do not subsidise smartphones.

That means that subscribers have to pay the full amount for the phone upfront, making Apple's products relatively expensive for some buyers.

In an attempt to take on the low-cost rivals Apple unveiled a relatively cheaper version of the iPhone, the 5c, earlier this year.

Analysts said the firm was hoping that a cheaper handset combined with a deal with the biggest mobile carrier in the world may help it take on rivals.

However, Apple is yet to announce how much Chinese customers will have to pay for the iphone 5s and 5c models sold via China Mobile.

'Biggest partnership'

Nevertheless, analysts say the deal has huge potential. Cantor Fitzgerald Research estimates that Apple could sell 24 million iPhones next year to China Mobile customers alone.

Apple sold 102.4 million iPhones globally in the nine months to September this year.

Previously, China Mobile subscribers have not been able to use Apple's iPhone, because the firm's 3G technology was not compatible with Apple handsets.

However, its 4G network will work with the iPhone 5s and 5c.

Manufacturer	Marketshare
Source: IDC
Samsung	18.3%
Lenovo	12.6%
Coolpad	11%
ZTE	8.8%
Huawei	8.7%
Others	41%

"This is one of the biggest partnership announcements Apple has made in the past several years," Manoj Menon, managing director of consulting firm Frost & Sullivan, told the BBC.

"It gives them access to more than 10% of the global mobile phone users. It is an incredible growth opportunity for Apple."

However, he added that in order to fully realise the potential of the deal, Apple may need to introduce even more affordable phone models.

The iPhone 5s and 5c will be available to China Mobile subscribers from 17 January.

23.58 | 0 komentar | Read More

Butterfly botnet 'mastermind' jailed

24 December 2013 Last updated at 06:25 ET

A hacker accused of masterminding one of the biggest ever botnets has been sentenced to just under 5 years in jail.

Matjaz Skorjanc was arrested in 2010 after a two-year investigation into malware that had hijacked about 12.7 million computers around the world.

The 27-year-old was found guilty of creating the Mariposa botnet software, assisting others in "wrongdoings" and money laundering.

His lawyer said he would appeal.

In addition to the 58-month jail term, Skorjanc was also ordered to pay a 4,000 euro ($4,100; £2,510) fine and give up a flat and car he was alleged to have bought with money he had received from a Spanish criminal syndicate.

The prosecutors in the case have said they also intended to challenge the Slovenian court's ruling because they had wanted a tougher jail sentence of seven-and-a-half-years.

The former medical student's ex-girlfriend Nusa Coh was also sentenced to eight months probation for money laundering.

Identity revealed

Mariposa is the Spanish for butterfly.

The botnet got its name because it was created with software called ButterFly Flooder that was alleged to have been written by Skorjanc and advertised on the net as a way to "stress test" computer networks and remotely control Windows and Linux PCs.

Computers in more than 190 countries were infected by Mariposa, which spread by a variety of methods including via instant messages, peer-to-peer file-sharing systems and removable storage devices.

Once installed its operators could command the compromised machines to carry out their instructions including sending back copies of data they stored.

The scale of the problem led the FBI to team up with European law enforcement agencies, the Georgia Tech Information Security Center and other security experts to track down the perpetrators.

This proved difficult to do because the hackers only connected to the net via a virtual private network (VPN), which hid their locations.

On 23 December 2009 the authorities managed to gain control of the botnet; which they believe rattled one of its operators, who went by the nickname Netkairo.

The operator subsequently managed to take back control of the infected computers and then used them to attack Defence Intelligence, a Canadian security firm helping the FBI.

However, in doing so Netkairo appeared to have revealed his identity by accidentally connecting to the botnet directly from his home computer rather than the VPN.

On 3 February 2010 the Spanish Civil Guard arrested Florencio Carro Ruiz, who they identified as Netkairo, and two other Spaniards.

Five months later the Slovenian police arrested Skorjanc, who they said had used the alias Iserdo and had written the code.

Officials said the botnet had been used to send spam emails, stage distributed denial of service (DDoS) attacks to overwhelm targets' servers with traffic, and harvest information including credit card details and log-ins.

"I think the sentence is significant and will be remembered as a milestone in the prosecution of cybercrimes," Keith Murphy, chief executive of Defence Intelligence told the BBC.

"It reflects that authorities have realised the damage that can be wrought by a piece of code, and are now starting to equate it to physical theft. The 'wild west' days of cybercrime are over, even in smaller countries."

23.58 | 0 komentar | Read More

Royal pardon for codebreaker Turing

24 December 2013 Last updated at 07:48 ET

Please turn on JavaScript. Media requires JavaScript to play.

Computer pioneer and codebreaker Alan Turing has been given a posthumous royal pardon, as Danny Shaw reports

Computer pioneer and codebreaker Alan Turing has been given a posthumous royal pardon.

It addresses his 1952 conviction for homosexuality for which he was punished by being chemically castrated.

The conviction meant he lost his security clearance and had to stop the code-cracking work that had proved vital to the Allies in World War Two.

The pardon was granted under the Royal Prerogative of Mercy after a request by Justice Minister Chris Grayling.

'Appalling' treatment

"Dr Alan Turing was an exceptional man with a brilliant mind," said Mr Grayling.

He said the research Turing carried out during the war at Bletchley Park undoubtedly shortened the conflict and saved thousands of lives.

Continue reading the main story

Turing centenary

2012 saw a series of events that celebrated the life and work of Alan Turing. The events were held to mark the 100th anniversary of his birth

Turing's work helped accelerate Allied efforts to read German Naval messages enciphered with the Enigma machine. He also contributed some more fundamental work on codebreaking that was only released to public scrutiny in April 2012.

"His later life was overshadowed by his conviction for homosexual activity, a sentence we would now consider unjust and discriminatory and which has now been repealed," said Mr Grayling.

"Turing deserves to be remembered and recognised for his fantastic contribution to the war effort and his legacy to science. A pardon from the Queen is a fitting tribute to an exceptional man."

The pardon comes into effect on 24 December.

Turing died in June 1954 from cyanide poisoning and an inquest decided that he had committed suicide. However, biographers, friends and other students of his life dispute the finding and suggest his death was an accident.

Many people have campaigned for years to win a pardon for Turing.

Please turn on JavaScript. Media requires JavaScript to play.

Dr Sue Black, a computer scientist, was one of the key figures in the campaign.

She told the BBC that she hoped all the men convicted under the anti-homosexuality law would now be pardoned.

"This is one small step on the way to making some real positive change happen to all the people that were convicted," she said.

"It's a disgrace that so many people were treated so disrespectfully."

Some have criticised the action for not going far enough and, 59 years after Turing's death, little more than a token gesture.

"I just think it's ridiculous, frankly," British home computing pioneer Sir Clive Sinclair told the BBC.

"He's been dead these many years so what's the point? It's a silly nonsense.

"He was such a fine, great man, and what was done was appalling of course. It makes no sense to me, because what's done is done."

'It's very wrong'

Lord Sharkey, a Liberal Democrat peer who wrote a private member's bill calling for a royal pardon in July 2012, said the decision was "wonderful news".

"This has demonstrated wisdom and compassion," he said. "It has recognised a very great British hero and made some amends for the cruelty and injustice with which Turing was treated."

Vint Cerf, the computer scientist known as one of the founding fathers of the internet, also welcomed the development.

"The royal pardon for Alan Turing rights a long-standing wrong and properly honours a man whose imagination and intellect made him legendary in our field," he told the BBC.

Technology entrepreneur Mike Lynch added: "Society didn't understand Alan Turing or his ideas on many levels but that was a reflection on us, not on him - and it has taken us 60 years to catch up."

Human rights campaigner Peter Tatchell said: "I pay tribute to the government for ensuring Alan Turing has a royal pardon at last but I do think it's very wrong that other men convicted of exactly the same offence are not even being given an apology, let alone a royal pardon.

"We're talking about at least 50,000 other men who were convicted of the same offence, of so-called gross indecency, which is simply a sexual act between men with consent."

Mr Tatchell said he would like to see Turing's death fully investigated.

"While I have no evidence that he was murdered, I do think we need to explore the possibility that he may have been killed by the security services. He was regarded as a high security risk," he said.

'Not entirely comfortable'

Glyn Hughes, the sculptor of the Alan Turing Memorial in Manchester, said it was "very gratifying" that he had finally been pardoned.

"When we set out to try and make him famous - get him recognised - it was really difficult to collect money," he said.

Continue reading the main story

Big screen

Turing's life is the subject of upcoming Hollywood movie The Imitation Game, which focuses on the cracking of the Enigma code. Starring Sherlock actor Benedict Cumberbatch as Turing, the film is due for release next year.

Channel 4's TV film Codebreaker, about the highs and lows of Turing's life, was aired in 2011.

And during the 2012 celebrations of the centenary of Turing's birth, a Welsh digital arts festival - the Abandon Normal Devices (AND) Festival - featured a laser image of Turing projected from Conwy Castle into the sky.

Although Turing was born in London, he had strong connections with north Wales.

The Italianate village of Portmeirion in Gwynedd was one of Turing's favourite places.

But it was in northern England where Turing spent the last six years of his life, working at Manchester University in various specialist fields including mathematical logic and philosophy.

"None of the big computer companies would stump up a penny for a memorial. They perhaps would now - we've come a very long way."

But he said he was "not entirely comfortable" that Turing had been pardoned while thousands of other gay men had not.

"The problem is, of course, if there was a general pardon for men who had been prosecuted for homosexuality, many of them are still alive and they could get compensation."

In December 2011, an e-petition was created on the Direct Gov site that asked for Turing to be pardoned. It received more than 34,000 signatures but its request was denied by the then justice secretary, Lord McNally, who said Turing was "properly convicted" for what was at the time a criminal offence.

Prior to that in August 2009, a petition was started to request a pardon. It won an official apology from the prime minister at the time, Gordon Brown, who said the way Turing was persecuted over his homosexuality was "appalling".

23.58 | 0 komentar | Read More

Cryptolocker 'infects 250,000 PCs'

24 December 2013 Last updated at 08:38 ET By Leo Kelion Technology reporter

A virulent form of ransomware has now infected about quarter of a million Windows computers, according to a report by security researchers.

Cryptolocker scrambles users' data and then demands a fee to unencrypt it alongside a countdown clock.

Dell Secureworks said that the US and UK had been worst affected.

It added that the cyber-criminals responsible were now targeting home internet users after initially focusing on professionals.

The firm has provided a list of net domains that it suspects have been used to spread the code, but warned that more are being generated every day.

Ransomware has existed since at least 1989, but this latest example is particularly problematic because of the way it makes files inaccessible.

"Instead of using a custom cryptographic implementation like many other malware families, Cryptolocker uses strong third-party certified cryptography offered by Microsoft's CryptoAPI," said the report.

"By using a sound implementation and following best practices, the malware authors have created a robust program that is difficult to circumvent."

Ransom dilemma

The first versions of Crytpolocker appear to have been posted to the net on 5 September.

Early examples were spread via spam emails that asked the user to click on a Zip-archived extension identified as being a customer complaint about the recipient's organisation.

Later it was distributed via malware attached to emails claiming there had been a problem clearing a cheque. Clicking the associated link downloaded a Trojan horse called Gameover Zeus, which in turn installed Cryptolocker onto the victim's PC.

By mid-December, Dell Secureworks said between 200,000 to 250,000 computers had been infected.

It said of those affected, "a minimum of 0.4%, and very likely many times that" had agreed to the ransom demand, which can currently only be paid in the virtual currencies Bitcoin and MoneyPak.

Top 10 infected countries	Number of infected systems identified using test "sinkhole" servers between 9-16 December	Percentage of total
Source: Dell SecureWorks
US	1,540	23.8%
Great Britain	1,228	19.0%
Australia	836	12.9%
France	372	5.8%
Brazil	309	4.8%
Italy	204	3.2%
Turkey	182	2.8%
Spain	145	2.2%
China	138	2.1%
Canada	135	2.1%

"Anecdotal reports from victims who elected to pay the ransom indicate that the Cryptolocker threat actors honour payments by instructing infected computers to decrypt files and uninstall the malware," added the security firm.

"According to reports from victims, payments may be accepted within minutes or may take several weeks to process."

However, Trend Micro, another security firm, has warned that giving into the blackmail request only encouraged the further spread of Cryptolocker and other copycat schemes, and said that there was no guarantee of getting the data back.

Safety steps

Dell suggested PCs be blocked from communicating with the hundreds of domains names it had flagged as being linked to the spread of Cryptolocker, and it suggested five further steps the public and businesses could take to protect themselves:

• Install software that blocks executable fields and compressed archives before they reach email inboxes
• Check permissions assigned to shared network drives to limit the number of people who can make modifications
• Regularly back-up data to offline storage such as Blu-ray and DVD-Rom disks. Network-attached drives and cloud storage does not count as Cryptolocker can access and encrypt files stored there
• Set each PC's software management tools to prevent Cryptolocker and other suspect programs from accessing certain critical directories
• Set the computer's Group Policy Objects to restrict registry keys - databases containing settings - used by Cryptolocker so that the malware is unable to begin the encryption process

23.58 | 0 komentar | Read More

Google opens first Asia data centres

11 December 2013 Last updated at 01:37 ET

Google has opened its first ever data centres in Asia as it looks to boost its growth further in the region.

The move comes as a growing number of people in Asia - which is home to more than half of the world's population - are getting connected to the internet.

Google said that having data centres in Asia will help it to provide faster and "more reliable" access to its tools and services to users in the region.

The two new centres are based in Taiwan and Singapore.

"The growth in Asia's Internet has been amazing," Joe Kava, vice president of data centres at Google, said in a blogpost.

"Between July and September of this year alone, more than 60 million people in Asia landed on the mobile internet for the first time. That's almost two Canadas, or three Australias.

"And this growth probably won't slow for some time, since the majority of people that have yet to come online also happen to live in Asia," he added.

The rapid speed at which internet users in the region have been growing, has turned Asia into a key market for internet firms.

China - Asia's largest economy - has more 500 million internet users, making its the world's biggest internet market.

Meanwhile, India - the world's second most populous country after China - has seen the number of users double to 200 million just in the last two years.

It took six years to achieve a similar growth in the US, according to Google.

The firm said it plans to invest $600m (£365m) in the long run in the Taiwan data centre - the bigger of the two facilities in the region.

23.59 | 0 komentar | Read More

Four arrests over '£1m cyber theft'

11 December 2013 Last updated at 10:19 ET

Four people have been arrested and £80,000 in cash seized following the suspected theft of £1m from two banks.

Some customers had inadvertently downloaded software enabling their money to be siphoned off, police said.

During raids at properties in Enfield and Islington on Tuesday, police also removed a live hand grenade.

Two men, aged 31, and two women aged 24 and 27, were arrested on suspicion of conspiracy to defraud and conspiracy to launder money.

Customers 'hoodwinked'

They have also been arrested on suspicion of possessing an explosive following searches at an address in Stadium Mews, Islington and Bowes Road in Enfield.

The men are currently in custody while the women have been bailed until early next year.

Officers from the Met's cyber crime unit carried out the operation after being alerted by two UK banks that a number of customers had downloaded complex malware on to their computer by opening emails claiming to be from their bank.

A total of £1m was siphoned off from their bank accounts and transferred to a series of other accounts, to be laundered and withdrawn as cash, police said.

During the searches, computers, smart phones and other media devices were collected to be forensically examined.

Luxury goods including designer jewellery and a Range Rover were also seized.

Officers have served restraint requests to several banks for a number of accounts linked to the investigation to be frozen.

Det Ch Insp Jason Tunn said: "The victims have been hoodwinked by malware-carrying emails purporting to be from their banks, and subsequently had money taken from their accounts."

23.59 | 0 komentar | Read More

Several plead guilty to Paypal hack

10 December 2013 Last updated at 17:47 ET

Thirteen people have pleaded guilty to disabling Paypal's servers in an attack US authorities say was orchestrated by hacking collective Anonymous.

The defendants acknowledged taking part in protests organized by Anonymous in December 2010 against Paypal, after the payment site cut ties to Wikileaks.

By pleading guilty, they will be hit with minor misdemeanour charges, as long as they stay out of trouble.

Paypal had urged leniency by prosecutors.

Lawyers for the defendants had argued that they were taking part in protests that should be protected by the US Constitution - specifically the First Amendment that guarantees free speech.

However, the US Department of Justice accused them of intentionally damaging a protected computer.

Paypal, which is owned by eBay, said it received attacks from thousands of computers during the 2010 protest.

Anonymous termed the attacks "Operation Paycheck" and targeted not just Paypal, but also larger credit card firms like Mastercard and Visa.

The targeted firms had stopped processing payments to Wikileaks, the anti-secrecy site, in the wake of the publication of 700,000 classified US documents and diplomatic cables.

23.59 | 0 komentar | Read More

Coach crash eye tracker tested

10 December 2013 Last updated at 03:05 ET By Leo Kelion Technology reporter

Coach drivers' eye movements and blinks are to be tracked by computers as part of a test to see whether the tech could be used to prevent accidents on long distance trips.

Five firms have each fitted the product to two coaches as part of a trial taking place across continental Europe.

Seeing Machines' Fatigue Monitoring System is already used by miners.

However, one expert cautioned it was unclear whether it would improve safety in the coach industry.

The Australian firm's product uses special cameras installed inside a vehicle to monitor the driver's gaze.

If it detects they are distracted or taking "microsleeps" - naps that can last less than a second and take place without the person's knowledge - it activates a vibration motor built into their seat.

In addition it triggers an alarm in the co-driver's sleeping compartment to alert them to the fact they should take over control of the vehicle.

The patented technology uses invisible infrared light to detect the driver's eyes in the dark without distracting them, and can be used even if they are wearing glasses.

Seeing Machines' chief executive suggested the system could detect the risk of an accident at an earlier point than alternative products such as lane detection cameras and steering wheel monitoring sensors.

"Coach accidents aren't that frequent, but when they do happen they are so catastrophic that they make the [newspaper] front pages and in a lot of cases it is almost the end of the coach company involved as no-one wants to ride with them anymore," Ken Kroeger told the BBC.

"The way the technology works is that it tracks your head position and your eye aperture.

"If you turn your head beyond a certain angle for a specified duration while moving over a certain speed, it will remind you your eyes should be on the road.

"Then for fatigue it looks at the frequency of blinking, the velocity of the eyelid when it's opening and the duration of the eye closure to determine if it's a microsleep."

Seeing Machines has teamed up with the coach operator Royal Beuk to hold the trial.

The Dutch firm has installed the tech on two of its vehicles and has recruited a further four coach firms to do likewise.

Over the winter months the vehicles will travel from the Netherlands to ski resorts in Austria, Switzerland and Italy. Then, in the summer, they will travel to southern parts of France, Italy and Spain.

"There are competitor products on the market and we evaluated a few of them," Royal Beuk's research manager Marc Beuk said.

"But all of the others required something from the driver. One system required them to wear a special hat, another involved special glasses hooked up to wires.

"This was the only device that we know of that didn't give the driver something to do - once he turns the ignition key the system boots up and it starts monitoring him."

He added that if the nine-month test was a success, his firm intended to install the kit across its 60-vehicle fleet and act as its European distributor.

Coach crashes

In recent years driver fatigue has been blamed for several accidents.

US investigators said it was a factor in a bus crash in which 15 passengers died in New York in 2011, as well as another similar incident which killed four people in Virginia last year.

In the UK, a coroner cited it as the reason a coach veered off the M25 motorway near Slough, Berkshire, in 2003, resulting in the deaths of six people.

However, one expert warned it was unclear exactly how common the problem was.

"Crashes are very rare when measured per kilometre, nevertheless they do occur and some of these may be related to fatigue, although very little is known about the precise numbers," said Prof Pete Thomas, head of the Transport Safety Research Centre at Loughborough University.

"The trial of a driver-fatigue detection system for coach drivers will provide useful further information to help improve coach safety, although it is important the trials are properly scientifically controlled.

"Other factors such as speed and alcohol may also be important causes of coach crashes and bus operators should continue to reduce all types of risks."

It currently costs the mining industry about £10,000 to install Seeing Machines' equipment in each vehicle on top of a continuing licence fee.

But the firm said that if the trial was a success it intended to offer coach firms a "less rugged" version that would be about a quarter of the cost.

It added it was also in early-stage talks to introduce its products to the airline industry.

23.59 | 0 komentar | Read More

Sensors used to monitor obesity

10 December 2013 Last updated at 12:10 ET

A range of hi-tech sensors that can measure food intake and activity in order to assess obesity risks is to be funded by the European Union.

Dubbed Splendid, the project aims to persuade youngsters to adopt healthier lifestyles and be more aware of their eating and exercise habits.

It is part of a push to use technology to create preventative healthcare.

Obesity causes an estimated 2.8 million deaths among adults around the world every year.

"The idea is that we try to investigate ways to prevent obesity and eating disorders," said Prof Anastasios Delopoulos, the project co-ordinator who works for the department of electrical and computer engineering at the Aristotle University of Thessaloniki in Greece.

The system will be tested on around 200 secondary school students in Sweden and another set of children in the Netherlands.

Sensors will be used to measure the speed at which food is eaten as well as how food is chewed.

The time taken to consume food is one of the risk factors in obesity, according to Prof Delopoulos.

It will be measured using a mandometer, from Swedish firm AB Mando, which is currently used in a handful of clinics set up to treat eating disorders.

The sensor comprises a scale connected to a portable computer or a smartphone. A plate of food is put on the scale and the rate at which it leaves the plate is recorded, with an audible warning if it is being eaten too quickly for the person to realise they are full.

Swiss firm CSEM is developing the other two sensors that will be used in the project. ActiSmile is a wearable sensor, which rewards the wearer with a smiley face when enough exercise has been done.

The firm is also designing an acoustic sensor, which will take the form of a wearable microphone, and record how the user chews food.

Users will also input their own data, including how full they feel after a meal as well as daily intake and activity logs.

All the data will be processed and run through algorithms which will assess the risks for obesity and eating disorders.

In the later stages of the trial, the system will be used to help change the way at-risk youngsters eat and exercise.

"The goal is to modify eating and activity behaviour of individuals in a personalised way," said Prof Delopoulos.

"A medical expert will assign goals, such as to eat more slowly or adopt more activity and the sensors will monitor whether the individual succeeds," he added.

Daniel Kraft is a doctor and executive director of FutureMed, a healthcare education programme aimed at teaching medical professionals about new technologies.

He thinks that sensors will increasingly be integrated into healthcare.

"From connected scales to sensors that can track heart rate and activity levels... the patient can be empowered to understand their healthcare data," he said.

"It brings you to an era of healthcare rather than sick care," he added.

23.59 | 0 komentar | Read More

Crooks 'seek ransomware making kit'

10 December 2013 Last updated at 19:04 ET By Mark Ward Technology correspondent, BBC News

Cyber-thieves are seeking to mass-produce new forms of ransomware, the security company Sophos has suggested.

It said there were discussions on underground forums about ways to produce a "kit" that criminals could use to craft their own variants.

Scammers try to extort cash by using ransomware to encrypt data, preventing access, or falsely accusing people of possessing illegal material.

Sophos said the problem had become much more widespread in 2013.

It said this was partly because Microsoft had protected Windows against other types of attack.

Continue reading the main story

Ransomware has existed since at least 1989 when malware called the PC Cyborg Trojan scrambled the filenames on a computer's C-drive, making it unusable, and then demanded payment to rectify the problem.

A particularly dangerous type emerged in 2013 called Cryptolocker, which used a very strong type of encryption to lock away files on a Windows computer.

The 2048-bit key that would free the data is so complex that researchers have suggested it would take a standard PC more than a million years to crack it.

But Windows was not ransomware's only target in 2013.

In June, researchers highlighted the emergence of malware called Android Defender Platinum, which demanded $100 (£60) to restore access to handsets or tablets running Google's operating system.

Apple Mac users were not immune to the problem either. Ransomware written in Javascript told Safari browser users that they had been detected to have been looking at illicit content, and attempted to blackmail them.

This particular variant, however, was easy to remove by selecting Reset Safari in the program's menu.

But, said others, there were still millions of machines running versions of Windows vulnerable to older attacks.

Crypto crime

Ransomware was on the way to becoming the "market leader" in malicious code, said James Lyne, global head of security research at Sophos, who co-wrote the company's annual report into cyber-crime and emerging threats.

Worryingly, he said, there was evidence that many cyber-thieves were keen to cash in on the success of ransomware programs such as Cryptolocker.

Documents had been seen circulating online looking for criminally minded software developers to write a "kit" that anyone could use to create their own version of this type of malware.

Cybercrime kits have fuelled the huge rise in the number of malicious programs circulating online and have helped many people get involved in hi-tech crime for the first time.

The kits remove the need for any technical skill and some offer technical support numbers for those that need advice on how to craft their own malicious programs.

Thanks to these kits Sophos and other security firms saw about 250,000 novel variants of malware every day, said Mr Lyne.

Thieves were keen to emulate Cryptolocker because of the success it has had in making people pay up. One study of a handful of the servers run by the criminals behind Cryptolocker indicated 12,000 victims a week were being hit.

A separate attempt to shut down the network supporting Cryptolocker found almost 150 separate systems gathering responses from infected machines. Although the systems found were shut down, the sophisticated networking software built in to the malware meant the malicious network quickly recovered.

Blackmail by bitcoin

Cryptolocker demands payment in bitcoins - a virtual currency - and many paid the ransom it demanded in the hope that the data it had encrypted would be unscrambled. No-one who paid the ransom, which in some cases ran to hundreds of pounds, got their data back.

The prevalence of Cryptolocker has also prompted warnings from national anti-cybercrime agencies in the UK and US.

"Cryptolocker is very much a deviation from the norm," said Mr Lyne, "and I actually think it is a sign of things to come."

Before now, he said, most cyber-thieves had tried to avoid detection and slip their malicious programs on to victims' machines without being detected.

Typically, he added, once a machine was infected it then got searched for saleable data and enrolled onto a botnet so it could act as a proxy for sending spam or mounting other attacks.

By contrast, he said, Cryptolocker and its ilk were "noisy" and made their presence known almost instantly.

By adopting this approach criminals got their money straight away and also did not need to find and assess the worth of data stolen from compromised machines or launder cash stolen via credit cards, said Mr Lyne.

Ransomware was on the rise in 2013, just as fake anti-virus and other "security" programs had gained popularity in 2012, he added.

He speculated that changes Microsoft had introduced with Windows 8 and 8.1 were partly behind this. These changes, involving better memory management and erecting virtual walls around some applications, made it technically more difficult to find vulnerabilities that could help compromise a machine, causing the criminals to change tactics.

"There could be a lot more mainstream cybercriminals looking to go 'noisy'," said Mr Lyne.

Adrian Culley, a technical consultant at a security firm who was formerly a Scotland Yard cyber-cop, said Microsoft may have beefed up defences in the latest version of Windows but other factors often left people vulnerable.

"It assumes that people will have applied all the latest updates to their Windows machine," he said. "And that's not true."

He said there were still millions of Windows machines connected to the web that ran very old and vulnerable versions of the operating system.

In particular, Windows XP, he said, had "horrendous issues" with vulnerabilities.

23.59 | 0 komentar | Read More

Zavvi threatens PlayStation shoppers

11 December 2013 Last updated at 07:20 ET By Leo Kelion Technology reporter

Online retailer Zavvi has warned customers to whom it accidentally sent a video games console that they could face legal action if they have not arranged the machines' return.

The UK firm mistakenly delivered PlayStation Vitas to shoppers who had ordered a £20 game released last month.

It subsequently warned those who did not voluntarily return them that it might take "legal remedies".

One expert warned the move could damage its brand.

News of the issue was first covered by the games blog Dark Zero.

It published a "final notice" letter sent to one Zavvi customer who had originally ordered a copy of the platform game Tearaway.

"As you are aware, as a result of a technical error, you were not sent Tearaway (priced at approximately £19.99) and instead were sent a PS Vita (priced at approximately £169.99). This was an error on our part and we apologise for any inconvenience this has caused you," it said.

"We have tried to contact you on numerous occasions to give you the opportunity to return this item to us (at our cost and no inconvenience to yourself), but to date you have refused to do so.

"This is our final notice to politely remind you that you did not order, or pay for, a PS Vita and if you fail to contact us by 5pm (UK time) on 10 December 2013 to arrange a convenient time for the PS Vita to be collected we reserve the right to enforce any and/or all legal remedies to us."

A spokeswoman for The Hut Group - which owns Zavvi - confirmed that the letter was genuine, but declined to say how many had been sent out or to comment further.

The BBC understands that the majority of customers contacted by the firm have complied with its request.

Legal argument

The Hut Group based its threat of legal action on its understanding of the UK's distance selling regulations.

Although they state that "unsolicited goods" can be treated as unconditional gifts that do not need to be returned, and that it is illegal for the sender to threaten legal action - the legislation they are based adds the qualification that this only applies if there was no "prior request made by or on behalf of the recipient".

In the case of orders that were made but mixed up, the Citizens Advice Bureau suggests consumers should indeed return the items.

"If goods are sent to you by mistake, you need to contact whoever sent them to let them know and ask them to collect the goods," it says on its website.

"You might get goods sent by mistake if they are meant for someone else or you've been sent duplicate or extra items on top of what you ordered."

Machiavellian customers

Comments left by gamers on Eurogamer's discussion forum indicated that many sympathised with Zavvi's request that the consoles be returned.

"Not sending them back is just pure thievery and nothing else," wrote one nicknamed megatronx.

However, several objected to the way the firm had handled the affair.

"I don't deny that they are within reason to get back those Vitas, as they were clearly sent out in error. However, I've described them as scumbags on the basis of the using the 'law' as a justification for the threatening tone of the letter," wrote karaokequeen3.

One consumer goods expert said that the firm risked damaging its brand during the crucial Christmas shopping season.

"Whether or not a customer has the legal right to keep goods, or indeed must return them, they will feel that the responsibility for the inconvenience caused sits squarely with the business who wrongly delivered them," Aidan Bocci, chief executive of the Commercial Advantage consultancy, told the BBC.

"That business must tread very carefully.

"A heavy handed approach to ensure mistakenly delivered goods are returned will at best bring out a Machiavellian streak in a small group of people and at worst damage the reputation of the business to loyal honest customers - its core source of profit - who are now being told by the business that 'we don't trust you'".

23.59 | 0 komentar | Read More

'Revenge porn' site owner arrested

11 December 2013 Last updated at 08:08 ET

A 27-year-old man has been arrested in connection with the running of a "revenge porn" website.

Kevin Bollaert is accused of being behind UGotPosted, a site that published intimate photographs of people against their wishes.

It would link to relevant social networks of the subjects pictured.

Prosecutors said the website also sought to extort money from the people featured on the site by charging a fee to have pictures taken down.

"This website published intimate photos of unsuspecting victims and turned their public humiliation and betrayal into a commodity with the potential to devastate lives," California Attorney General Kamala Harris said in a statement.

"Online predators that profit from the extortion of private photos will be investigated and prosecuted for this reprehensible and illegal internet activity."

The authorities alleged that Mr Bollaert also ran changemyreputation.com, a site that offered services to have pictures from UGotPosted removed for a fee of about $300 (£180).

According to court documents, he is said to have made "around $900 per month from advertising on the site and records obtained from his changemyreputation.com PayPal account indicate that he received payments totalling tens of thousands of dollars".

More than 10,000 images had been posted to the site, arranged by location, police said.

In addition to the photographs, each entry would display a range of contact details - including links to Facebook, Twitter, LinkedIn, places of work and other personal information.

Mr Bollaert is being held in a San Diego jail on $50,000 (£30,000) bail. He has not yet entered a plea.

Distress

As part of the investigation, a search warrant was obtained to look through emails sent to ugotposted@gmail.com - the address used by the site administrator.

"Please help!" read one email. "I am scared for my life!"

The woman - named in court only as Jane Doe #6 - said she felt unable to go back to work as people who had seen the picture had then called her office.

Jane Doe #6 also noted that she may have been under 18 years old when the pictures in question had been taken.

Another victim said over 100 people had tried to contact her after her pictures appeared on the website.

ID theft

Revenge porn sites have typically been difficult to shut down thanks to what many see as outdated laws surrounding the publishing of images.

A common hurdle for law enforcement is the Communications Decency Act, which has been used as a defence for website owners who have found their services being used for hosting or distributing illegal material.

The crime - the defendants have repeatedly successfully argued - is perpetrated by the user who uploaded the images, not the owner of the website.

Another closed revenge porn site, IsAnyoneUp.com, was targeted by campaigners who said it was a gross invasion of privacy.

However, in this case the most effective way to see the content removed, at least from Google search results, was by using copyright law.

If the person in a picture also took it - a "selfie" - then a copyright claim can be made to search engines under the Digital Millennium Copyright Act, known as DMCA, designed to make it easier to stop pirated content from spreading online.

In targeting UGotPosted, prosecutors used a different approach - pressing charges of ID theft and extortion.

Law makers in several US states are looking at ways to crack down on revenge porn.

In October, California enacted a new law that made posting explicit images of someone without permission punishable with six months in prison.

23.59 | 0 komentar | Read More

Spy agencies 'track Google cookies'

11 December 2013 Last updated at 09:24 ET By Leo Kelion Technology reporter

The latest Snowden leak suggests US and UK cyberspies are taking advantage of Google's proprietary cookie technology in an effort to track suspects.

Documents published by the Washington Post refer to the NSA and GCHQ's use of "GooglePrefIDs" - files containing a numeric code placed on computers to help the search firm remember users.

The paper said the US and UK spy agencies piggybacked the files to "home in" on targets already under suspicion.

Google has not commented.

However, the news may add to existing tensions between the firm and the authorities.

Google's chairman Eric Schmidt said last week that the company had considered moving its servers outside of the US following the publication of earlier leaks, before deciding it was impractical.

"Google's position is we are outraged on this," he said in reference to claims that the NSA and GCHQ had taken data from communication links used by his firm.

"It's government overreach, is the best way to explain it."

The cookie surveillance technique is the latest in a series of alleged spy agency activities described by papers released to journalists by the whistleblower Edward Snowden, a former NSA contractor now living in Russia.

Ad trackers

Google says it uses "preferences" cookies to enhance people's use of the internet.

"These cookies allow our websites to remember information that changes the way the site behaves or looks, such as your preferred language or the region you are in," it explains on its site.

"The Pref cookie may store your preferences and other information, in particular your preferred language (eg English), how many search results you wish to have shown per page (eg 10 or 20), and whether or not you wish to have Google's SafeSearch filter turned on."

Continue reading the main story

Cookies are small files that allow a website to recognise and track users. The Information Commissioner's Office divides them into three overlapping groups:

Session cookies

Files that allow a site to link the actions of a visitor during a single browser session. These might be used by an internet bank or webmail service. They are not stored long-term and are considered "less privacy intrusive" than persistent cookies.

Persistent cookies

These remain on the user's device between sessions and allow one or several sites to remember details about the visitor. They may be used by marketers to target advertising or to avoid the user having to provide a password during each visit.

First- and third-party cookies

A cookie is classed as being first-party if it is set by the site being visited. It might be used to study how people navigate a site.

It is classed as third-party if it is issued by a different server from that of the domain being visited. It could be used to trigger a banner advert based on the visitor's viewing habits.

The file - which contains a randomly-generated numeric code, rather than the name of the user - is also used by the firm to personalise the adverts shown to people who are not signed into its service.

Since many other firms make use of Google's technologies to place ads, a user may have PrefIDs on their computer even if they have never visited the search firm's own services.

There are tools on the internet with which users can reset the cookie's numeric code to make themselves anonymous. One expert said the company would be concerned if the leaks encouraged more people to use them.

"The last thing that Google wants is for people to tamper with or otherwise mess with its tools, disabling its ability to track them," said Chris Green, a tech analyst at the consultancy Davies Murphy Group.

"Cookies are a very valuable part of its business."

A document published by the Washington Post suggests the spy agencies also track other types of cookies, but does not specify which.

It is not clear how the authorities would have obtained the information, although the paper notes that it is among the data the NSA can demand through a Foreign Intelligence Surveillance Act (Fisa) court order.

A spokesman for GCHQ said he could neither confirm nor deny the agency's involvement in the alleged activity.

"All GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that its activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Intelligence and Security Committee," he said.

The NSA added that it was "within its lawful mission to collect foreign intelligence to protect the United States, use intelligence tools to understand the intent of foreign adversaries and prevent them from bringing harm to innocent Americans".

23.59 | 0 komentar | Read More

Spotify offers 'free' mobile service

11 December 2013 Last updated at 11:38 ET

Spotify is to extend its "free" ad-supported music service to mobile devices.

Smartphone users will be able to build playlists of songs and then hear them played back in a random order. Tablet users will have more control, letting them select specific tracks.

The Swedish firm also announced it was expanding to a further 20 countries, taking its total reach to 55.

Experts said it needed to make the moves to combat growing competition.

Until now Spotify has offered a free-to-use product only on PCs, and had restricted its mobile apps to paying subscribers.

But its founder, Daniel Ek, said bringing a free service to Android and iOS devices would tempt more people to eventually switch to the premium version where they could access higher-quality audio, no adverts and the ability to listen to songs offline.

"Our very clear mission is getting more people to access and discover more great music," he told a press conference in New York.

"Along with more free users there will be more subscribers, and that means more revenue back to the industry."

The firm is dropping the 10-hours-a-month cap it previously placed on long-term users of its free services.

Mobile YouTube

Over the past year Google has rolled out its own subscription Play Music service in several countries, Apple has launched iTunes Radio in the US and Bloom.fm has begun offering subscription packages at cheaper rates than Spotify in the UK.

In addition Rdio has expanded its music-streaming service to 51 countries, while France's Deezer has announced its intention to begin offering tracks in the US next year.

Mr Ek suggested Spotify would gain an advantage over its rivals by offering a product that was free to use and gave device owners control over exactly which songs they listened to.

But one expert pointed out that YouTube already did that.

"YouTube is available on all smartphones with absolutely no premium fee at all, and you get video, social features and lyrics as well," said Mark Mulligan, editor of the Music Industry Blog.

"The labels have always been very keen to keep a separation between the free tier being locked to the PC and premium to mobile, but YouTube has never played by those rules.

"This is about making the playing field more level."

Please turn on JavaScript. Media requires JavaScript to play.

Newsnight's Jim Reed asks whether music-streaming service Spotify is good for musicians

Andy Malt, editor of the industry news site, CompleteMusicUpdate.com. said there had been reports that YouTube had secured licences to begin its own paid music subscription service early next year with ad-free, offline-use features.

"In January we're expecting YouTube to launch its own music service, which may well have a strong mobile offering," he said.

"Also, the long-awaited Beats Music service, from Dr Dre's company will launch in the US the same month and offer strong competition.

"I suspect at this stage Spotify is trying to move ahead of its competitors to try to maintain its dominance in the streaming market ahead of extreme competition. Next year will be a make-or-break time for many."

Spotify also announced it was adding Led Zeppelin's tracks to its library as a streaming "exclusive" and had teamed up with speaker manufactures to allow its premium members to send music wirelessly to their systems.

23.59 | 0 komentar | Read More

Launch of world's biggest 'ship'

4 December 2013 Last updated at 09:03 ET

Please turn on JavaScript. Media requires JavaScript to play.

Shell has published this footage of Prelude's hull being tested at a shipyward in Geoje, South Korea

A floating vessel that is longer than the Empire State Building is high has taken to the water for the first time.

The hull of Shell's Prelude was floated in South Korea.

When fully built, Prelude will be the largest floating facility ever created, weighing more than 600,000 tonnes.

It would be used to help in the production of natural gas from 2017, Shell said, and would operate for 25 years off Australia's north-west coast.

The area has a yearly cyclone season from November to April, but Prelude has been designed to withstand such conditions. It is hoped the facility will be able to produce enough gas to power a city the size of Hong Kong.

Despite appearances, Prelude cannot strictly be described as a ship as it needs to be towed to its destination rather than travelling under its own power.

Shell has not disclosed how much the vessel will cost, but industry analysts told Reuters that it would be likely to command a price of between $10.8bn and $12.6bn (£6.6bn - £7.7bn).

Not content with Prelude's record-breaking size, Shell said it had already started work on an even bigger facility.

23.59 | 0 komentar | Read More

Roaming offer extended by 3 to US

4 December 2013 Last updated at 05:35 ET

Customers of mobile operator 3 are now able to use their UK allowance of data, texts and calls in the US and 10 other countries.

The offer means that UK users can avoid high roaming charges that often occur when travelling overseas.

The extension to the scheme, which was announced on Wednesday, means the US, Indonesia, Sri Lanka and Macau have all been added to the list.

The company is also planning to provide 4G mobile services for customers.

Frustration

Roaming charges are a significant gripe among mobile users, most of whom are forced to turn off the function - reducing the effectiveness of a smartphone - when on their travels.

The European Commission is proposing to scrap mobile phone roaming charges across Europe.

Now, 3 has negotiated a deal with two US networks that reduces the charges they levy. It also ensures any 3 customer travelling to the US will be forced onto those networks, allowing these customer to use their UK allowance, and avoiding any unintended bill shocks.

"We want customers to get the most out of their devices at home or abroad," said Dave Dyson, chief executive of 3.

"Adding the USA to the mix is great news for our customers and shows our commitment to giving them the best experience in what is a popular destination."

He added that he was "comfortable" with the fact that 3 was the last of the major operators to introduce 4G mobile services.

He said the company would not charge a premium for this service. All customers with a 4G device would be connected automatically by the end of March, he added.

On Tuesday, 3 was among four operators to sign an agreement with the UK government to protect customers from "sky-high bills" if their phones are stolen.

EE, Virgin Media and Vodafone joined 3 in agreeing to a new cap on the maximum customers would be expected to pay.

The firms will also tell people of mid-contract price rises, and phone users will then have the option of breaking off the contract without penalty.

23.59 | 0 komentar | Read More

Two million stolen passwords online

4 December 2013 Last updated at 07:44 ET

More than two million stolen passwords used for sites such as Facebook, Google and Yahoo and other web services have been posted online.

The details had probably been uploaded by a criminal gang, security experts said.

It is suspected the data was taken from computers infected with malicious software that logged key presses.

It is not known how old the details are - but the experts warned that even out-dated information posed a risk.

"We don't know how many of these details still work," said security researcher Graham Cluley. "But we know that 30-40% of people use the same passwords on different websites.

"That's certainly something people shouldn't do."

Criminal botnet

The site containing the passwords was discovered by researchers working for security firm Trustwave.

In a blog post outlining its findings, the team said it believed the passwords had been harvested by a large botnet - dubbed Pony - that had scooped up information from thousands of infected computers worldwide.

A botnet is a network of machines controlled by criminals thanks to malicious software being installed on to computers without the owner's knowledge.

Often, criminal gangs will use botnets to steal large amounts of personal data, which can then be sold on to others or held to ransom.

In this instance, it was log-in information for popular social networks that featured most heavily.

The site - written in Russian - claimed to offer 318,121 username and password combinations for Facebook. Other services, including Google, Yahoo, Twitter and LinkedIn, all had entries in the database.

Russian-language sites VKontakte and Odnoklassniki also featured.

Chocolate teapot passwords

Trustwave said it had notified the sites and services hit prior to posting the blog entry.

Facebook highlighted that it was not at fault, and that this security risk was due to infected user machines.

"While details of this case are not yet clear, it appears that people's computers may have been attacked by hackers using malware to scrape information directly from their web browsers," a spokesman said in an email.

Continue reading the main story

• Bot - one of the individual computers in a botnet; bots are also called drones or zombies
• Botnet - a network of hijacked home computers, typically controlled by a criminal gang
• Malware - an abbreviation for malicious software ie a virus, trojan or worm that infects a PC
• DDoS (Distributed Denial of Service) - an attack that knocks out a computer by overwhelming it with data; thousands of PCs can take part, hence the "distributed"
• Drive-by download - a virus or trojan that starts to install as soon as a user visits a particular website
• IP address - the numerical identifier every machine connected to the net needs to ensure data goes to the right place

"People can help protect themselves when using Facebook by activating Login Approvals and Login Notifications in their security settings.

"They will be notified when anyone tries to access their account from an unrecognized browser and new logins will require a unique passcode generated on their mobile phone."

The social network said all of the users found in the database had been put through a password reset process.

Analysis of the passwords by Trustwave showed a familiar picture - the most popular password, found in the database over 15,000 times, was "123456".

Such predictable combinations made passwords completely ineffective, said Mr Cluley.

"It's as much use a chocolate teapot," he said. "Absolutely useless."

23.59 | 0 komentar | Read More

US gene testing firm halts marketing

3 December 2013 Last updated at 16:46 ET

US genetic testing firm 23andMe, which is backed by Google, has stopped marketing its at-home kit, a company spokeswoman has said.

It halted television, radio and online advertising for its $99 (£60) personal genome analysis product last week.

The move follows a warning letter filed by the US Food and Drug Administration (FDA) last month.

The spit test is supposed to provide details about a person's health risks based on gene variants they carry.

The FDA ordered 23andMe to "immediately discontinue" its Saliva Collection Kit and Personal Genome Service (PGS) because it had failed to provide adequate information to support the claims made in the company's marketing.

In a blog post last week, the company's co-founder Anne Wojcicki responded to the FDA letter.

"We have worked extensively with our lab partner to make sure that the results we return are accurate," she wrote.

"We stand behind the data that we return to customers - but we recognize that the FDA needs to be convinced of the quality of our data as well."

She said 23andMe had been speaking to the FDA since 2008 and had submitted an application for clearance in July 2012, following on with another submission in August.

Ms Wojcicki added: "This is new territory for both 23andMe and the FDA. This makes the regulatory process with the FDA important because the work we are doing with the agency will help lay the groundwork for what other companies in this new industry do in the future."

The FDA said it was particularly concerned about the potential health consequences of false positive or false negative assessments by the PGS for genetic risk related to breast cancer and to adverse drug responses.

It said consumers might make important health decisions based on inaccurate information. Likewise, a false negative could result in a failure to recognise and act on an actual risk.

In September, 23andMe said that the number of people in its genetic database had reached 400,000 people, and the kits could still be purchased on its website.

The embattled firm, based in Mountain View, has also been hit with a class action lawsuit filed in California, which alleges there is "no analytical or clinical validation for the PGS for its advertised uses".

23.59 | 0 komentar | Read More