Dalai Lama's Chinese website hacked

13 August 2013 Last updated at 06:44 ET By Joe Miller BBC News

The Chinese-language website of the Tibetan government-in-exile, whose spiritual head is the Dalai Lama, has been hacked and infected with viruses.

Experts at computer security company Kaspersky Lab warned that the Central Tibetan Administration (CTA) site had been compromised.

It is believed the malicious software could be used to spy on visitors.

Technical evidence suggests the hackers carried out previous cyber-attacks on human rights groups in Asia.

Tibet.net is the official website of the CTA, which is based in Dharamshala, northern India.

The organisation's spiritual leader is the 14th Dalai Lama, who fled Tibet in 1959 after a failed anti-Chinese uprising, and set up a government-in-exile. China considers the Dalai Lama a separatist threat.

Constant threat

Kaspersky says the CTA website has been under constant attack from the same group of hackers since 2011, but previous breaches have been quietly identified and repaired before attracting significant attention.

Other Tibetan organisations, such as the International Campaign for Tibet, have also been targeted.

Kaspersky Lab researcher Kurt Baumgartner says the hackers used a method known as a "watering-hole attack".

A security bug in Oracle's Java software might have been exploited, giving hackers a "back door" into browsers' computers.

"This is the initial foothold," Mr Baumgartner said. "From there they can download arbitrary files and execute them on the system."

Kaspersky's education manager Ram Herkanaidu said the discovery of the attack came after an "email account of a prominent Tibetan activist was hacked".

Mr Herkanaidu added: "The likely actors behind the sustained campaign against Tibetan sites are Chinese speaking, as in many cases we have seen log files written in Chinese."

23.58 | 0 komentar | Read More

North Korea 'makes own smartphone'

13 August 2013 Last updated at 07:24 ET By Dave Lee Technology reporter, BBC News

North Korea says it has produced its first home-grown smartphone, but experts have disputed its origins.

The Arirang handset, described as a "hand phone" in state media, was shown to leader Kim Jong-un during a factory tour.

The country has had a mobile network since 2008, but activity is heavily monitored and restricted.

Last year the country launched a tablet, but it later emerged it was likely to have been made in China.

Clues to the tablet's origin were uncovered by Martyn Williams, an expert on North Korean technology, who noted that parts of the tablet's software code suggested links to a manufacturer in Hong Kong.

The Arirang smartphone, named after a popular folk song, was unlikely to have been made in the country, Mr Williams added.

He noted that no actual manufacturing was shown, and that the device was "probably made to order by a Chinese manufacturer and shipped to the May 11 Factory where they are inspected before going on sale".

The leader was accompanied by the Korean Workers' Party propaganda chief and the head of the Korean Central News Agency (KCNA), a hint that the devices could be used for widespread dissemination of government information.

Illegally owned mobiles

Mr Kim was seen to be demoing the device, which appeared to be running a version of Google's Android mobile operating system.

There are no further details available about the smartphone's exact specifications, but the KNCA reported that the leader praised the "high pixels" of the built-in camera.

The article said Mr Kim had high hopes for the "educational significance in making people love Korean things".

He advised that factory workers should "select and produce shapes and colours that users like".

Mobile phones in the secretive country have been available since 2008. The national network is maintained thanks to a joint operation by the North Korean government and Egyptian telecoms company Orascom.

Phones on the network are heavily restricted. They cannot access the internet and can only make calls within North Korea.

For a short time, foreigners in the country were able to use mobile internet, but this access was later revoked.

It is believed that many in North Korea, particular those near the borders, use illegally owned mobiles to contact people outside the country.

One man, a 28-year-old who left North Korea in November 2010, told a research paper: "In order to make sure the mobile phone frequencies are not being tracked, I would fill up a washbasin with water and put the lid of a rice cooker over my head while I made a phone call."

Being found in possession of a foreign phone would be a very serious crime, the paper's authors said.

Follow Dave Lee on Twitter @DaveLeeBBC

23.58 | 0 komentar | Read More

Twenty hurt at LG promotional stunt

13 August 2013 Last updated at 10:37 ET

Twenty people were injured, with seven sent to hospital, when a promotional stunt in Seoul for LG's G2 smartphone went wrong, the company has said.

LG has cancelled a series of events promoting the handset as a result of the incident in Seoul on Friday.

People arrived with BB guns and knives on sticks for a race to grab smartphone vouchers hanging from helium balloons.

LG has taken responsibility for the situation and said it would cover related medical costs.

"LG Electronics deeply regrets that a number of Korean participants were injured during an outdoor promotional event in Seoul, Korea," a statement from the firm said.

"We can confirm that seven participants were hospitalised and, although none of the injuries were serious, LG takes full responsibility for the unfortunate situation and has offered to cover all related medical expenses.

"LG is investigating the incident to ensure that such an occurrence can be avoided in the future."

The company added that other planned events had been called off because of safety concerns.

Surge of people

LG released 100 helium balloons, each with a free smartphone voucher, at the so-called G in the Cloud event, which took place in an outdoor park in the South Korean capital city.

The phones, which sell for KRW 950,000 in South Korea ($851; £550), would be given to people in possession of the voucher, the company said.

Customers arrived with BB guns to shoot down the balloons and surged forward when they were released.

One person carried a pointed staff to the event.

One regional TV channel has dubbed the scrum "World War G" - a comparison to the film World War Z in which zombies scramble over each other to climb over a wall.

The handset was released in New York last week, after weeks of build-up on social media.

It is expected to be available globally with more than 130 carriers within several weeks.

23.58 | 0 komentar | Read More

British Library wi-fi blocks Hamlet

13 August 2013 Last updated at 11:12 ET By Joe Miller BBC News

A man using the British Library's wi-fi network was denied access to an online version of Shakespeare's Hamlet because the text contained "violent content".

Author Mark Forsyth was writing his book in the library, and needed to check a line from the famous play.

The British Library said the fault was caused by a newly installed wi-fi service from a third-party provider.

One security expert said the incident highlighted the "dysfunction" of internet filters.

Mr Forsyth revealed on his blog that the filter had logged his attempt to access the page.

A spokesperson for the British Library said Hamlet had since been made accessible.

"The upgraded service has a web filter to ensure that inappropriate content cannot be viewed on-site," he added.

Continue reading the main story

One of the functions of deposit libraries is to keep everything, including smut"

End Quote Prof Ross Anderson

"We've received feedback from a number of users about sites which were blocked, but shouldn't have been. We're in the process of tweaking the service to unblock these sites."

Filters 'pointless'

Internet filters have recently come under increased scrutiny, after the government announced that pornography will be automatically blocked by UK internet providers, unless customers choose otherwise.

Digital rights activists raised concerns about the move, fearing that the lists of "banned" sites could be expanded to include pages that should be publicly available.

Prof Ross Anderson, a security expert at Cambridge University, told the BBC that internet filters were "pointless" and that it was "completely inappropriate" to have one in the British Library.

He added: "Everything that is legal should be available over the library's wi-fi network. The only things they should block are the few dozen books against which there are court judgements in the UK.

"One of the functions of deposit libraries is to keep everything, including smut."

The British Library defended its position, saying that it wanted to protect children visiting the building from content "such as pornography and gambling websites".

23.58 | 0 komentar | Read More

Samsung faces labour law allegations

13 August 2013 Last updated at 16:11 ET

Public prosecutors in Brazil have begun legal action against South Korean electronics giant Samsung, alleging that it has been violating labour laws at its factory in the Amazon region.

Prosecutors accuse the company of making its employees work long, tiring shifts without sufficient breaks.

The prosecutors' office in the city of Manaus said one worker reported packing nearly 3,000 phones a day.

Samsung said it would take action "as soon as they are officially notified".

In a statement, the company said it would analyse the process and fully co-operate with the Brazilian authorities.

"We are committed to offering our collaborators around the world a work environment that ensures the highest standards when it comes to safety, health and well-being," the statement said.

Health accusations

The plant, located at the Manaus Free Trade zone, employs some 6,000 people.

A worker at the Amazonas state factory has only 32 seconds to fully assemble a mobile phone and 65 seconds to put together a television set, prosecutors allege.

In evidence given to prosecutors, employees say shifts can last 15 hours and some say they suffer from back ache and cramps as they are forced to stand for up to 10 hours a day.

The prosecutors' office is claiming more than 250m reais ($108m; £70m) in damages from the company for serious violations of labour legislation.

The legal suit was filed on Friday, but has only now been made public.

23.58 | 0 komentar | Read More

Icahn invests in 'undervalued' Apple

13 August 2013 Last updated at 19:43 ET

Billionaire investor Carl Icahn says he has built up a "large" stake in Apple.

Mr Icahn says Apple shares are "extremely undervalued" and wants Apple to carry out a bigger share buyback.

In April, Apple said it would return $100bn (£65bn) to shareholders by the end of 2015, by raising its dividend and buying back shares.

Mr Icahn said he had a "nice" conversation with Apple's chief executive Tim Cook and plans to speak to him again shortly.

In response Apple said in a statement: "We appreciate the interest and investment of all our shareholders.

Continue reading the main story

Mr Icahn's investment in Apple is a vote of confidence in chief executive Tim Cook, and underscores a belief that the tech giant will return to the dizzy heights it enjoyed under Steve Jobs.

But his investment is not without significant risk. Recently the company has faced accusations of failing to innovate and being overpriced in the face of stiff competition - notably from the Korean consumer electronics giant Samsung in hardware, and from Google's Android, which now commands a dominant lead in smartphone operating systems.

The billionaire is betting that the next hardware and software cycle will prove Apple's reversal of fortunes to be temporary. But it is clear that Apple after Steve Jobs has lost some of its mystique for consumers - and regaining mind share is no mean feat.

"Tim had a very positive conversation with Mr Icahn today."

A US media report said that Mr Icahn's stake is worth well over $1bn, making it one of his biggest shareholdings.

Since hitting a record of $702 in September 2012, Apple shares have fallen 30%.

The announcement helped to boost those shares, and they closed up 4.75% at $489.57.

In an interview with Reuters Mr Icahn said the shares could reach $700 again, if Apple carries out a $150bn share buyback.

Activist investor

Mr Icahn is known for his aggressive investment style, which involves taking large stakes in firms and pushing managers to change direction.

He is currently involved in a high profile battle to prevent Michael Dell buying back the company he founded.

Mr Icahn claims his plan offers better value for Dell shareholders.

Not all of Mr Icahn's investments become confrontational.

He owns a 10% stake in the internet video service, Netflix and has been happy with the company's performance.

23.58 | 0 komentar | Read More

Bruce Willis Sky advert banned

14 August 2013 Last updated at 04:41 ET

A TV advert for Sky broadband featuring Die Hard star Bruce Willis has been banned for being misleading.

The ad showed Willis complaining about the speed of his current provider, with a character telling him to "try Sky Broadband, it's totally unlimited".

A voice-over then said the service was £7.50 a month, however on-screen text stated the deal was only for existing Sky TV customers.

The Advertising Standards Authority said the ad was not sufficiently clear.

Earlier in the advert, on-screen text stated consumers needed to purchase Sky Talk, calls and line rental - costing £14.50 a month - to obtain Sky's broadband service, while Sky TV prices started at £21.50 per month.

One viewer complained to the advertising watchdog, saying the commercial did not make clear the extent of the commitment customers had to make in order to receive the service advertised for £7.50.

'Significantly less prominent'

Sky said it believed it had made its pricing clear and the average consumer would understand from the on-screen small print it was necessary to commit to its line rental and be a Sky customer.

However, it admitted it was not a requirement to be a Sky TV customer to receive the broadband package, which non-subscribers could obtain for £10 a month.

The ASA said as the advert was "clearly not directed at existing Sky customers", line rental and Sky TV would have been relevant charges to those interested in subscribing to the broadband service and it was therefore important for the information to have been stated prominently.

It said the small print at the bottom of the screen "would by its nature be significantly less prominent than a claim made in a voice-over, and was therefore not an appropriate method of communicating material information relating to the £7.50 price claim".

The watchdog added the cost associated with the TV element of the package was presented even less clearly, having disappeared from the screen 15 seconds before the voice-over.

The ASA ruled the advert must not appear in its current form again.

23.58 | 0 komentar | Read More

Toddler verbally abused via baby cam

14 August 2013 Last updated at 07:17 ET By Dave Lee Technology reporter, BBC News

Please turn on JavaScript. Media requires JavaScript to play.

Marc Gilbert heard expletives being directed at his two-year-old daughter Allyson

A hacker was able to shout abuse at a two-year-old child by exploiting a vulnerability in a camera advertised as an ideal "baby monitor".

ABC News revealed how a couple in Houston, Texas, heard a voice saying lewd comments coming from the camera, made by manufacturer Foscam.

Vulnerabilities in Foscam products were exposed in April, and the company issued an emergency fix.

Foscam said it was unable to provide a statement at this time.

ABC reported that Marc Gilbert and wife Lauren were left shaken when they heard a "British or European accent" coming from the camera.

Mr Gilbert said the voice directed offensive, sexualised words at their daughter Allyson, who was asleep in bed.

The family believed the hacker was able to call the child by her name because it was spelt out on the bedroom's wall.

Continue reading the main story

Using monitoring equipment to ensure the safety of children can be very valuable.

However, if you do wish to use such devices you should exercise caution before using something that attaches to the internet as it increases the potential vulnerability.

There are forums and dedicated search engines that look for vulnerable devices on the web - so if yours is susceptible there is a good chance it will be found, and could be abused.

Regardless of the security you think you may have on your PC each device can be separately vulnerable.

If you do use a web-connected device then you must ensure software is always up-to-date.

This is not just the operating system on your PC but also applications you use and the built-in software - known as firmware - built into the devices.

Many attacks use security holes found in such firmware.

Most vendors send out updates monthly: the secondTuesday of each month having become known as Patch Tuesday when many release their software.

However, urgent updates may be distributed as soon as possible so vigilance is the key.

The two-year-old is deaf, something the couple described as "something of a blessing" in the circumstances.

It is not clear whether the family had updated the camera with the latest software.

'Kids room'

The BBC has found evidence of hackers sharing information on how to access insecure Foscam cameras via several widely-used forums.

Using specialist search engines, people can narrow their results by location.

On one forum, internet addresses for cameras - not all made by Foscam - were listed with descriptions such as "school/daycare?" and "kids room".

In April, security firm Qualys uncovered a weakness in Foscam's devices.

The company said that various attack techniques exposed the camera's remote monitoring access - the simplest of which was simply scraping Foscam's website for unique identifying codes for each customer.

Around two out of every 10 Foscam cameras monitored by the researchers were insecure, Qualys said - using just "admin" to log in, and requiring no password.

Foscam is not the only company to find itself the target of hackers. Last year, camera company Trendnet had to rush out an update to fix a security hole that left thousands of cameras exposed.

Fix issued

In June, Foscam issued a fix for some of the issues raised by Qualys. In a blog post, the company said it appreciated the "constructive criticisms and advice".

Visitors to the firm's homepage do not see any notice of the critical upgrade.

The company did however publish a blog post to publicise the patch, and users who had signed up to a firmware update newsletter should have been informed by email.

Discussion forums on the Foscam website show several other customers having security problems with their devices.

User pianomama00 wrote: "My husband heard something in babies room.

"He went in and a guy started talking to him and said he wasn't a neighbour and lived in a different state! Be careful everyone!"

Another user criticised the firm's customer service, saying: "I can't call, can't chat online and I've sent email with no response."

A technical support number listed on the UK website remained on hold for 30 minutes when contacted by the BBC. A separate sales number gave an estimate of a "47-minute" wait to speak to an advisor.

A link to find out more information about the company and its location led to a broken page.

Foscam products in the UK are also sold under the trading name of GadgetFreakz - as well as being sold through Amazon.

A sales number on the GadgetFreakz website was also unanswered - instead redirecting to a mobile voicemail mailbox.

Follow Dave Lee on Twitter @DaveLeeBBC

23.58 | 0 komentar | Read More

Illegitimate YouTube adverts exposed

14 August 2013 Last updated at 09:25 ET

A London-based team of security researchers has exposed a scheme which inserted unauthorised adverts into Google's YouTube.

Spider.io discovered two programmes which placed ads on YouTube's website when viewed by affected PCs. It said the plug-in had been promoted as tools to download videos from the service. It said some directed users to malware.

This was in breach of YouTube's rules.

The firm responsible has been named as California-based Sambreel.

The company did not respond to BBC requests for comment.

However, one of its subsidiaries, Yontoo, told Forbes magazine: "The Best Video Downloader and Easy YouTube Downloader products have been discontinued."

The Financial Times reported that this only happened after Sambreel was alerted to Spider.io's findings.

Injected ads

The security firm - founded by Imperial College London computer scientist PhD graduates - reported that some of the added advert slots had been sold on through exchanges to well-known brands including Amazon, Blackberry, Kellogg's and Toyota. These firms would be highly unlikely to have been aware of this.

However, it added, that others had been bought by "malvertisers" (malicious online advertisers).

"When a user who has installed these plug-ins visits youtube.com multiple display ad slots are injected across the YouTube homepage, channel pages, video pages and search results pages," Spider.io said.

"[One example] shows a fake alert, which suggests to the user that a Java update is required.

"If the user clicks the OK button, then the user is taken to the disreputable site.

"This sort of malvertising would be unlikely to impact YouTube users without Sambreel's involvement. Google has strict ad-quality processes, and Sambreel's plug-ins bypass these."

Spider.io said it had identified 3.5 million installations of the YouTube-focused plug-ins but believed there could be many more.

YouTube's terms of service ban users from downloading, rather than streaming its clips. Google also made it clear that it would tackle other instances of unauthorised ad placements.

"Applications that change users' experiences in unexpected ways and provide no value to publishers are bad for users and bad for the web," said a spokeswoman

"We're continuing to look into these types of bad actors and have banned them from using Google's monetisation and marketing tools."

This is not the first time Sambreel has been accused of using programmes to change the adverts that appear on third-party websites.

Last year news site Paidcontent reported Sambreel was offering programmes which promised to customise web pages and provide special deals that also allowed the US firm to replace publishers' adverts with those it served.

It said that AOL, the BBC and the New York Times were among the firms affected.

Prior to that Sambreel attempted to sue Facebook in 2011 when the social network prevented the firm from placing adverts on its site via a tool advertised as a way to let members change the look of their profile page.

However, a judge ruled that Facebook had the right to require that its users disable certain products before using its service.

23.58 | 0 komentar | Read More

New York Times website goes offline

14 August 2013 Last updated at 12:34 ET

The New York Times says it is investigating why its internet site has gone offline.

"The New York Times website is experiencing technical difficulties. We expect to be back up shortly," it said in a tweet.

Emails sent to the business have been returned as undeliverable.

Broadcaster Fox Business has said that sources told it the paper was under "cyber attack" but the report has not been confirmed.

23.58 | 0 komentar | Read More