Shorter .uk net domain plan revived

20 November 2013 Last updated at 06:11 ET By Leo Kelion Technology reporter

UK websites will soon be able to use shorter addresses despite concerns the move could cause confusion.

The plan will allow owners to buy a "name.uk" web address to use instead of or in addition to "name.co.uk", "name.org.uk" and other alternatives.

Nominet, the organisation responsible, had previously shelved the idea after acknowledging it would confuse people.

But after making some changes and carrying out a second consultation it said it now planned to proceed.

The decision will affect more than 10 million customers who currently use domains ending in .uk when it begins in the middle of next year.

Nominet's French and German equivalents have already carried out a similar move.

"We think internet users are pretty savvy and will take this in their stride," Nominet's chief executive, Lesley Cowley, told the BBC.

'Low prices'

Many businesses might feel compelled to purchase the new shorter addresses as well as continuing to run their existing ones in order to prevent others buying them to hijack traffic - something that will add to their running costs.

But Ms Cowley played down the scale of the problem.

She noted that the price it would charge to middlemen domain registrars would be £3.50 for single-year contracts and £2.50 a year for multi-year ones. The organisation had originally proposed charging £20 a year for the new addresses.

"Our wholesale prices are among the lowest in the world," she said. "A Starbucks coffee is almost more expensive."

Ms Cowley added that during the most recent consultation, business leaders had been more concerned about the fact they would feel forced to fund address rebrands at a time that might not suit them.

As a consequence Nominet has extended the amount of time its customers have to decide whether they want to pay for a shorter name before it will be offered to others.

The original plan was to offer a six-month "first dibs" window, but the right-of-refusal period will now last up to five years.

Competitive threat

Nominet acknowledges there is still the "theoretical risk" of confusion among the general public.

For example, people might become confused about which domain name to use in emails, leading some messages to be misdirected.

However, it said this was a risk to any change in the internet's naming system. And it noted that another - potentially bigger - change was happening anyway.

Icann (Internet Corporation for Assigned Names and Numbers) is in the process of creating about 1,400 new generic top-level domains (gTLDs). These include creating addresses ending in .camera, .singles and .london. There had previously been only 22, including .com and .net.

Some of the new ones are in non-Latin scripts. Among those already approved are شبكة. - the Arabic equivalent of .web - and 游戏 - the Chinese for .game.

Although Nominet is a non-profit organisation, it was worried that Icann's move meant it would lose business.

"Absent any credible competitive strategy, Nominet would be bound to lose significant market share in the future," the organisation said in a statement.

"We also note that the benefits of maintaining .uk relevance accrue not just to Nominet or its registrars but to all users of the .uk namespace who benefit from the high profile and positive perception of .uk."

One other change to the original plan is that applicants will no longer have to have a verified UK presence in order to qualify.

This had initially been proposed to help ensure consumers had a "high level of confidence" in sites that had switched to the shorter name.

However, fears that this would be too stringent mean the rule has been relaxed, and applicants will now only need to have a physical address in the country that the police or others can use to reach them.

23.58 | 0 komentar | Read More

Google to remove dead teenager image

19 November 2013 Last updated at 07:14 ET

Google has agreed to remove from its Maps service a satellite image that shows a dead teenager.

Kevin Barrera was shot in 2009. His body was found near a railway line in Richmond, California.

Jose Barrera told KTVU-TV he had asked Google to remove the image, which appears to show a police car and officers surrounding a body, out of respect for his son.

It said replacing the image could take eight days.

Please turn on JavaScript. Media requires JavaScript to play.

Jose Barrera: "I'm never going to forget my son you know. He's always in my mind."

Mr Barrera said: "When I see this image, that's still like that happened yesterday. And that brings me back to a lot of memories."

Google Maps vice-president Brian McClendon said: "Since the media first contacted us about the image, we've been looking at different technical solutions.

"Google has never accelerated the replacement of updated satellite imagery from our maps before, but given the circumstance we wanted to make an exception in this case."

Google Maps uses a selection of images collected by satellite and at street level by cameras mounted on vehicles.

The satellite images tend to be between one and three years old.

Unlike for the pictures in its StreetView service, there is no facility to report satellite images.

The search giant takes a number of steps to protect privacy of individuals when collecting images for StreetView, including blurring faces and number plates.

23.58 | 0 komentar | Read More

Yahoo to encrypt all users' data

19 November 2013 Last updated at 07:31 ET

Yahoo has announced it will encrypt all user information that moves between its data centres by the end of March 2014.

The internet provider said it had taken this step after allegations the US government had secretly accessed users' data without the company's knowledge.

In October the Washington Post obtained documents from former National Security Agency contractor Edward Snowden.

They alleged the agency had broken in to the main communication links that connect Yahoo's data centres.

The company had already revealed plans to encrypt email communications from January 2014 after previous allegations of government agencies accessing email traffic.

In a statement released on the company's Tumblr account on Monday, chief executive Marissa Mayer said: "I want to reiterate what we have said in the past - Yahoo has never given access to our data centres to the NSA or to any other government agency. Ever.

"There is nothing more important to us than protecting our users' privacy."

Users will also be given the option to encrypt communications between themselves and Yahoo.

Google encrypts

Mark Manulis, associate professor of applied cryptography and network security at the University of Surrey, told the BBC: "We'll see more of this.

"[Yahoo] is moving along with other companies in this direction. This is better than no encryption but is it enough?"

"It makes it harder for the average hacker, but it still could be possible for government agencies [to access] depending on what encryption is used," he said.

Google already encrypts its email service and has been speeding up the implementation of its encryption between data centres since June.

According to the documents leaked by Mr Snowden, the NSA's programme for accessing companies' data links is known as Muscular and is operated jointly with UK spy agency GCHQ.

The documents indicate Yahoo and Google had been targeted in this way.

More than 181 million records were processed in the month prior to January 2013, according to the Washington Post.

A separate programme known as Prism, also run by the NSA, reportedly allows the agency to access users' emails and a range of other data with the permission of a court order.

The NSA has requested access to information from Microsoft and its Skype division, Google and its YouTube division, Yahoo, Facebook, AOL and Apple, according to a leaked presentation from April 2013.

23.58 | 0 komentar | Read More

US watchdog probes Tesla after fires

19 November 2013 Last updated at 08:56 ET

Battery fires in Tesla Model S electric cars have prompted an investigation by the US government's auto safety agency.

Fires broke out in two cars in the US after debris hit the undercarriage, said the National Highway Traffic Safety Administration (NHTSA).

The car warned drivers meaning they escaped unhurt, reports said.

NHTSA's probe will look at more than 13,000 Teslas, which counts the Porsche 911 and BMW M5 among its competitors.

Shares in the California-based company fell by 10% as markets closed on Monday.

Tesla has sold more than 19,000 of the 2013 models worldwide, which are worth between $70,000 and $100,000.

NHTSA said it would "examine the potential risks associated with undercarriage strikes" with the cars.

Although a recall is a possibility. a decision is months away, reports said.

In a blog, Tesla chief executive, Elon Musk, said the company asked the government to investigate, even though its cars catch fire at a far lower rate than gas-powered vehicles.

He posted: "While we think it is highly unlikely, if something is discovered that would result in a material improvement in occupant fire safety, we will immediately apply that change to new cars and offer it as a free retrofit to all existing cars."

Mr Musk added that Tesla had updated the car to give it more ground clearance at highway speeds.

23.58 | 0 komentar | Read More

Nokia Microsoft deal gets approval

19 November 2013 Last updated at 13:02 ET

Shareholders of the phonemaker Nokia have agreed to sell their mobile phone business to technology giant Microsoft for 5.4bn euros ($7.2 bn; £4.5bn).

The deal goes ahead despite objections from some investors who opposed the sale of a Finnish asset.

Regulators must clear the sale, but is expected to close early next year.

In September, Microsoft agreed to buy the mobile phone business and licence patents from Nokia.

Nokia has seen its share of the smartphone market shrink as competitors such as Apple and Samsung have risen in popularity.

'Feels good'

Tuesday's deal was approved by 99.5% of Nokia's 3,900 investors at a meeting for shareholders in the Finnish capital of Helsinki.

At the five-hour-long shareholder meeting, Chairman Risto Siilasmaa said he believed the sale would "raise deep feelings" among Finns, who regard the phone company as a national success.

But one shareholder told the Reuters news agency he was happy with the vote.

"Now it feels good again. This is a really good result," said Hannu Ryyppo. "It's a new beginning for Nokia."

When the sale was first announced, Nokia said it would also make changes to its leadership.

Stephen Elop, the former president chief executive of Nokia Corporation, was to step down and resign from the company's board under the terms of the deal.

Nokia has faced criticism over the 18.8m euro pay-out Mr Elop is set to receive when he leaves the company. He is due to move over to Microsoft when the sale is completed.

Mr Elop left Microsoft to join Nokia in 2010, and has been cited by some as one of the frontrunners to replace Microsoft's outgoing chief executive Steve Ballmer.

Mr Ballmer is expected to leave the company in 2014.

23.58 | 0 komentar | Read More

How UK banks contain cyber-threats

19 November 2013 Last updated at 19:16 ET By Mark Ward Technology correspondent, BBC News

The UK's banks are regularly being caught out by cybercriminals, BBC research suggests.

Data from three sources indicates that spam, viruses and other malicious messages regularly emerge from machines sitting on banks' corporate networks.

It is likely that the computers were compromised when bank staff and contractors were caught out by booby-trapped email attachments.

They may also have visited sites seeded with code that infected their PCs.

Some of those infected machines are also likely to have been enrolled in a botnet - a large network of hijacked computers that are used by cybercriminals to distribute spam and viruses, attack other websites or as a source of saleable personal data.

But, say experts, banks are doing a better job than most at protecting their machines from malware.

Sending junk

The BBC found that in 2013 there were more than 20 incidents involving UK bank networks indicative of malicious activity. Similar, though lower, numbers were seen in 2012 and 2011. Some incidents involved addresses that have been sending junk for months but others were addresses seen sending spam for the first time.

Continue reading the main story

Botnet basics

For its research project the BBC compiled a list of the internet address blocks used by a dozen of the UK's largest and best known financial institutions.

Everything connected to the net needs one of these addresses, an IP address, to ensure data reaches its destination.

Junk mail or spam is typically routed through a botnet because this helps spammers conceal its true origins and means it is delivered free.

Tracing the source IP address of spam can be a guide to which machines have been compromised.

The BBC asked those running spam databases to see if any bank IP address featured in that corpus of information.

Further analysis revealed that some of the junk was benign in that it was the banks' own marketing messages arriving at email addresses set up to capture spam. In most of the other cases the spam was distributing malware, involved in phishing or "pump and dump" scams or sought to trick people into visiting dangerous sites.

A separate dataset for 2012/13 shows fewer incidents year-on-year but revealed that seven corporate bank networks are regularly sending out junk, five are home to machines that are part of the well known Conficker botnet and eight are regular sources of malicious activity.

In addition, sources inside UK banks told the BBC that they deal with up to a dozen incidents a month of employees' machines getting infected with malware.

James Lyne, global head of security research at security firm Sophos, said evidence of a botnet on a bank network would be "exceptionally concerning".

"It would give attackers a foothold that they can exploit," he said.

The BBC was aided in its research project by an organisation that runs a huge collection of "spam traps" that log the sources of junk mail and also by researchers at Delft University of Technology, in the Netherlands, who study botnets. Anti-spam firm Cloudmark provided corroboration of some of the BBC's findings.

"There should be no spam coming out of these networks," said Prof Michel van Eeten from Delft who leads the team gathering data on botnets, adding that some of the bank networks studied had a "relatively consistent" problem with infections.

He was also worried about the continuing presence of machines that were part of the Conficker botnet because the exploit used to create that network has been known about and fixable for five years.

"If they are vulnerable to that you have to wonder what else they are vulnerable to," said Prof van Eeten. "This might show they can fall victim to a targeted attack more easily because those are much harder to avoid falling into."

One example of the types of targeted attack finance firms have to deal with is malware that only springs to life when it spots that it has infected a machine sitting on a bank network.

"It's a constant battle," said Matt Allen, director of financial crime at the British Bankers' Association, adding that the UK's banks had some of the strongest systems and controls in the world to defend themselves against cybercriminals.

Continue reading the main story

"Start Quote

Complexity is the enemy of security"

End Quote James Lyne Sophos

"The criminal use of cyber-techniques is an integral part of financial crime offending," he said.

Banks' defence mechanisms operated both within and between individual institutions, he said, and involved them pooling information about recent attacks, tactics and methods.

"The challenge in this area is that as banks develop their controls in line with new criminal methodologies, new techniques will emerge," he said.

"We're not complacent," said Mr Allen. "We know it's changing and evolving quickly."

Most of the UK banks and building societies contacted by the BBC about its findings declined to comment. Most said they never talked publicly on security matters to avoid the accidental release of operational details.

Those that did respond said the net addresses appearing to send out spam were on corporate networks isolated from the systems that handled customer data and online banking transactions.

Bank check

Statistics gathered by security firm OpenDNS suggest that up to 900 botnets are active in late 2013. These crime networks typically involve many tens of thousands of machines. The biggest count millions of PCs as victims.

Botnets have become the standard tool of the cybercrime underground, said Mr Lyne from Sophos.

"Botnets used to do something very specific and were just associated with spam," said Mr Lyne. "Now what we are seeing is that from these botnets attackers will jump in and look for other opportunities."

Now compromised machines sitting on botnets tended to be more actively managed, he said. Some botnet owners would probably analyse addresses that machines report in from seeking out high value targets such as banks and government departments.

Often access to compromised PCs sitting on business networks are sold off on underground marketplaces to thieves who specialise in using those machines as a way to delve deeper into a corporate's computer systems.

Mr Lyne added that it was not surprising that banks were regularly having to find and flush out infected machines as they typically ran systems serving tens of thousands of users and a similar number of computers. Defending all those people and PCs against the 250,000 novel malware variants produced every day was a herculean task, he said.

"Complexity is the enemy of security," he said.

Despite finding that many UK bank networks were regularly sending out spam, Prof van Eeten from Delft said the data showed that banks were doing a good job of defending themselves.

"Retail ISPs have infection rates that are several orders of magnitude higher," he said. "This is peanuts compared to that."

23.58 | 0 komentar | Read More

E-Sports settles Bitcoin hijack case

20 November 2013 Last updated at 06:59 ET

A video games company has agreed to settle a case in which it was accused of hijacking its customers' computers to create Bitcoins.

It had been alleged about 14,000 of its customers' PCs had been used to generate the virtual currency in April.

E-Sports Entertainment has agreed to pay the State of New Jersey $1m (£620,000) to resolve the case.

However, it can avoid handing over $675,000 of that if it does not break the law for 10 years.

Continue reading the main story

Bitcoin is often referred to as a new kind of currency.

But it may be best to think of its units being virtual tokens rather than physical coins or notes.

However, like all currencies its value is determined by how much people are willing to exchange it for.

To process Bitcoin transactions, a procedure called "mining" must take place, which involves a computer solving a difficult mathematical problem with a 64-digit solution.

For each problem solved, one block of bitcoins is processed. In addition the miner is rewarded with new bitcoins.

This provides an incentive for people to provide computer processing power to solve the problems.

To compensate for the growing power of computer chips, the difficulty of the puzzles is adjusted to ensure a steady stream of about 3,600 new bitcoins a day.

There are currently about 11 million bitcoins in existence.

To receive a bitcoin a user must have a Bitcoin address - a string of 27-34 letters and numbers - which acts as a kind of virtual postbox to and from which the bitcoins are sent.

Since there is no registry of these addresses, people can use them to protect their anonymity when making a transaction.

These addresses are in turn stored in Bitcoin wallets which are used to manage savings.

They operate like privately run bank accounts - with the proviso that if the data is lost, so are the bitcoins owned.

New Jersey's acting attorney general said the settlement served as a message that the authorities would protect citizens against anyone who invaded their computer privacy.

"These defendants illegally hijacked thousands of people's personal computers without their knowledge or consent, and in doing so gained the ability to monitor their activities, mine for virtual currency that had real dollar value, and otherwise invade and damage their computers," said John Hoffman in a statement.

E-Sports said that it had fired the employee responsible for the incident and would submit to regular privacy audits by a third party. But it stressed that it had not admitted to breaking the law.

"The settlement that was signed makes explicitly clear that we do not agree, nor do we admit, to any of the State of New Jersey's allegations," it said on its blog.

"The press release issued by the attorney general about our settlement represents a deep misunderstanding of the facts of the case, the nature of our business, and the technology in question."

Bitcoin mining

E-Sports charges gamers a subscription to allow them to play supported games - such as Counter-Strike and League of Legends - against each other safe in the knowledge that it has installed anti-cheat software on their PCs.

New Jersey had alleged the company had generated about $3,500 over a fortnight in April by adding code to its product that created a "botnet" - a network of computers controlled through malware - to generate Bitcoins.

Bitcoins can be created by using a PC's processors to solve complicated mathematical problems in a technique called "mining". This allows Bitcoin transactions to be processed, and acts as an incentive for third parties to provide the necessary computing power.

The matter came to light in May when a user noticed unusually high usage of his PC's graphics processing unit (GPU) at times when he was not using the computer.

E-Sports' co-founder Eric Thunberg initially dismissed the affair as an April Fools joke gone wrong.

However, following a user backlash - he later acknowledged "this is way more shady than I originally thought" and blamed the "unauthorised" use of the Bitcoin mining code on a rogue employee who had acted for "personal gain".

Affected members were subsequently offered a free month's subscription and the company promised to help anyone whose processors might have overheated and been damaged as a result of its software.

23.58 | 0 komentar | Read More

Inflatable 1km solar chimney planned

20 November 2013 Last updated at 08:36 ET By Dave Lee Technology reporter, BBC News

Plans for a 1km (3,280ft) inflatable solar chimney have been outlined by a leading balloon specialist.

Per Lindstrand, who crossed the Pacific in a balloon with Sir Richard Branson in 1991, said the technology could offer more efficient green power generation in remote areas.

It could help in areas with high seismic activity, where maintenance of solid structures is difficult.

He told The Engineer magazine the project could cost about $20m (£12m).

Several companies are experimenting with "solar updraft" technology, which is seen as preferable to flat solar panels. And Lindstrand Tech specialises in developing "lighter than air" technology.

Mr Lindstrand told the magazine there was a need, particularly from research centres based in deserts, to have a cleaner alternative to diesel and gas power, but without the fallibility associated with existing solar technology.

"The problem in this part of the world is the sand is very fine and would very quickly clog up solar panels, so you have a very big cleaning job in a place that has no water," he said.

Making the tower an inflatable structure would bring the cost of the project down dramatically, Mr Lindstrand said, saving hundreds of millions of dollars compared with similar towers made of concrete.

Floating

Research into the technology is being carried out at the Urban Sustainability and Resilience centre at University College London.

While one application is in desert conditions, the team also said it believed building the chimney on water was another option - one which would allow it to support its own weight.

Continue reading the main story

We are daring to think big"

End Quote Patrick Cottam Research engineer

Engineer Patrick Cottam told the BBC that the idea was in its early stages - but work had begun on building a lab-based test model, measuring 3.5m.

"We're getting the first prototype of the floating chimney made by the end of the year," Mr Cottam said.

"I also have some additional funding that will allow me to build another one in the region of 20m tall."

Race to the sky

Using large, thin towers to harvest energy using solar updraft is an idea that is over a century old - a concept first mooted in 1903.

At the base of the tower, a large area of solar panelling collects energy from the Sun's rays. The resulting hot air is sucked up through the chimney, driving wind turbines that generate electricity.

However, the technology has been slow to be develop, thanks in part to the high financial risks in backing a technology that, at scale, might not work.

Past experiences with solar updraft have faced mishaps - one experimental chimney erected in 1982 was decommissioned after cables supporting it were weakened by rust, putting it at risk of falling over.

Ongoing projects include efforts by Australian firm Enviromission, which said it planned to build a tower in Arizona, US.

Mr Cottam said the increasing necessity of developing more efficient renewable energy - coupled with recent super-tall structure success like the Burj Khalifa hotel in Dubai - meant projects such as this could now quite literally get off the ground.

"We are daring to think big," he said. "The financial landscape is changing."

For now, the research is being funded in part by the UK's Engineering and Physical Sciences Research Council.

Mr Cottam has also been awarded money from the 1851 Royal Commission - a body that gives grants to researchers and engineers.

Follow Dave Lee on Twitter @DaveLeeBBC

23.58 | 0 komentar | Read More

LG investigates 'spying' Smart TVs

20 November 2013 Last updated at 09:32 ET By Leo Kelion Technology reporter

LG is investigating allegations that some of its TVs send details about their owners' viewing habits back to the manufacturer even if the users have activated a privacy setting.

It follows a blog by a UK-based IT consultant who detailed how his Smart TV was sending data about which channels were being watched.

His investigation also indicated that the TVs uploaded information about the contents of devices attached to the TV.

It could mean LG has broken the law.

The Information Commissioner's Office told the BBC it was looking into the issue.

"We have recently been made aware of a possible data breach which may involve LG Smart TVs," said a spokesman.

"We will be making enquiries into the circumstances of the alleged breach of the Data Protection Act before deciding what action, if any, needs to be taken."

When the consultant - Hull-based Jason Huntley - contacted the South Korean company he was told that by using the TV he had accepted LG's terms and conditions, and that any remaining concerns should be directed to the retailer who had sold him the screen.

But when the BBC contacted LG, it indicated it was looking into the complaint.

"Customer privacy is a top priority at LG Electronics and as such, we take this issue very seriously," said a spokesman.

"We are looking into reports that certain viewing information on LG Smart TVs was shared without consent.

"LG offers many unique Smart TV models which differ in features and functions from one market to another, so we ask for your patience and understanding as we look into this matter."

Security fears

Mr Huntley said he had first come across the issue in October when he had begun researching how his Smart TV had been able to show his family tailored adverts on its user interface.

Digging into the TV's menu system, he had noticed that an option called "collection of watching info" had been switched on by default, he said.

After switching it off, he had been surprised to find evidence that unencrypted details about each channel change had still been transmitted to LG's computer servers, but this time a flag in the data had been changed from "1" to "0" to indicate the user had opted out.

"That's a terrible implementation of the idea," Mr Huntley told the BBC.

"It still sends the traffic but labels it saying I didn't want it to be sent.

""It's actually worse, I think, than if they'd not offered the optout in the first place since it allows the user to believe nothing is being sent."

He had then attached an external hard drive to the TV's USB slot, expecting that the screen might simply report that he had been watching material from an external device, he said.

Instead he had found the name of each media file stored on the drive - including photos labelled with his children's names - had been sent back to LG.

He had confirmed this had been the case by creating a mock video clip that he had named "midget porn", which had then showed up in unencrypted traffic sent back to LG, he said.

Mr Huntley suggested that even if LG had never inspected the data, it could still pose a security risk as hackers could take advantage of the practice.

"I can't prove that this was being actively logged by LG, but nevertheless it was being transmitted in the clear across the internet's backbone to wherever the servers are located," he said.

A spokesman for LG said the company intended to comment further "shortly".

23.58 | 0 komentar | Read More

Toyota eyes fuel cell car by 2015

20 November 2013 Last updated at 11:24 ET

Japanese carmaker Toyota has said it is looking to start commercial sales of fuel cell-powered cars by 2015.

Toyota set the target as it unveiled a concept fuel cell powered car, called the FCV, at the Tokyo Motor Show.

Its cells can be recharged within minutes and it can cover about 500km (300 miles) on a single charge, according to the firm.

Earlier this week, rival Hyundai said it plans to start mass production of such cars as early as next year.

The South Korean company has announced plans to start commercial sales of a fuel cell-powered version of its sports utility vehicle, the Tucson, in the US market.

Honda Motor is also expected to unveil its latest concept version of a fuel cell-powered vehicle later this week.

Infrastructure concerns

Continue reading the main story

Frankly, I don't know how they are going to do it"

End Quote Carlos Ghosn Nissan

Many carmakers have been looking to develop the fuel cell technology further and bring it to mass production.

One of the main reasons is that it is emission-free.

The technology uses hydrogen to generate electricity to power the engine and the waste products are heat and harmless water.

At the same time, fuel cells charge much faster and travel a longer distance after being charged, compared with battery-operated electric cars.

However, there are concerns over the demand for such vehicles, not least because there are not enough hydrogen filling stations.

Carlos Ghosn, chief executive of Nissan, said that worries over infrastructure were the key reason for his firm to put some of their plans on hold.

"Frankly, I don't know how they are going to do it, because knowing all the problems we have, to have a charging system with electricity, where is the hydrogen infrastructure?" Mr Ghosn was quoted as saying by the Reuters news agency.

"That's why we have postponed, in a certain way, some of our ambitions in terms of fuel cells."

23.58 | 0 komentar | Read More