Sony gives up on selling e-readers

5 August 2014 Last updated at 15:44

Sony has given up selling its line of Reader devices for e-books after failing to find a big enough market.

"We do not have plans to develop a successor Reader model at this time," the Japanese firm told the BBC.

The PRS-T3 was the last version made and will exist as long as supplies remain in Europe.

Earlier this year, Sony pulled out of selling e-books and directed its users in the US and Europe to the e-bookstore of rival Kobo.

North American customers using Sony Readers have been directed to buy books from Kobo since February this year, and European and Australian customers since May, a Sony spokeswoman said.

But users in Japan, Sony's home country, can continue to still get its line of Readers and access Sony's Reader Store.

The news was first reported by German site Lesen.

The dominance of Amazon's range of Kindles and the growing smartphone, tablet and so-called phablet market have made it hard for Sony's suite of e-readers and rivals like Nook to carve out a niche for themselves. According to The Bookseller, Amazon has around 90% of the dedicated e-reader market in the UK.

Canadian firm Kobo was bought by Japanese e-commerce company Rakuten, which is looking to grow its business globally in a bid to challenge Amazon.

The global market in dedicated e-readers peaked in 2011 with 23 million devices sold, but is expected to fall to 10 million by 2017 as phones and tablets eat into the overall market, according to the research consultancy Gartner.

Still, the sale of printed books will be outstripped by e-books by 2018, a report by Pricewaterhouse Coopers suggested.

23.59 | 0 komentar | Read More

Google pulls more Gaza-Israel games

5 August 2014 Last updated at 21:09

Google has expanded its list of banned Android video games linked to the Gaza-Israel conflict.

The US-based firm has now removed Rocket Pride by Best Arabic Games, in which players attempt to outmanoeuvre Israel's Iron Dome missile defence system, from its Google Play app store.

It also deleted Iron Dome by Gamytech, which challenged players to "intercept the rockets launched by Hamas".

Other titles that do not name the "enemy" remain online.

Advocacy groups have criticised the emergence of the genre.

"It is both deplorable and dangerous to glorify Israelis killing Arabs or Arabs killing Israelis," Morton Klein, president of the Zionist Organization of America, told the BBC.

Chris Doyle, director of the Council for Arab-British Understanding, added: "Games that glorify violence or normalise conflict when referring to an actual conflict that is happening as we speak are deeply problematic and deeply distasteful.

"Google, Facebook or any other company that hosts such games, should be reviewing their policies and making absolutely all efforts to ensure that such games are not hosted on their platforms."

Amnesty International UK has also declared that such titles are "in highly questionable taste".

Drone bombs

The Daily Dot was one of the first news sites to bring attention to the phenomenon, on Monday, when it named several Android games relating to the conflict.

Google later blocked three titles as part of its initial response to user complaints:

• Bomb Gaza, in which the player attempts to kill militants but avoid civilian casualties, while listening to "Israel's theme music"
• Gaza Assault: Code Red, in which the player controls an Israeli drone that drops bombs on people and buildings from above
• Whack the Hamas, in which the gamer is told to target members of Hamas as they emerge from tunnels and is described by its developer as "for fun and relaxation, for the people who are being killed every day by a terrorist group"

A playable Bomb Gaza app was also subsequently removed from Facebook - the BBC understands that the social network decided to take it offline.

The site, however, still has a page promoting the game, which describes it as "very addictive and fun" to play.

Iron Dome games

Google Play and Apple's iOS store continue to host another title: Iron Dome - Missile Defense, by Shy Rosenzweig, co-founder of Meetey.com.

Released on July 21, it tasks the player with defending "your city against endless enemy's missiles and rockets".

Mr Rosenzweig told the BBC he deliberately avoided naming the enemy as being Hamas or fighters from Gaza.

"I wish not to see apps that support hate in any way," he said.

"I believe that many apps have been removed simply because people reported them, mostly because the app name or description related directly to the conflict.

"I anticipated this scenario and made sure to publish my game within the acceptable boundaries of Apple and Google."

The Android store also offers other recently uploaded Iron Dome-themed titles in which the adversaries are described as "terrorists".

It also contains Gaza Hero - a game in which the player taps Israeli army characters to turn them into food and medicine, which states "curse Israel" on its introduction screen - as well as Gaza Defender, which involves firing at aircraft above.

A spokeswoman for Google would not discuss specific apps, but said: "We remove apps from Google Play that violate our policies."

The firm's developer's terms and conditions ban apps that advocate "against groups of people based on their race or ethnic origin", and/or are judged to threaten other users.

Device owners wishing to alert Google to an app they believe breaks its rules can do so by tapping a "flag as inappropriate" link.

23.59 | 0 komentar | Read More

Ransomware victims given free fix

6 August 2014 Last updated at 09:01 By Mark Ward Technology correspondent, BBC News

All 500,000 victims of Cryptolocker can now recover files encrypted by the malware without paying a ransom.

The malicious program encrypted files on Windows computers and demanded a substantial fee before handing over the key to the scrambled files.

Thanks to security experts, an online portal has been created where victims can get the key for free.

The portal was created after security researchers grabbed a copy of Cryptolocker's database of victims.

"This time we basically got lucky," said Michael Sandee, principal analyst at Fox-IT - one of the security firms which helped tackle the cyber-crime group behind Cryptolocker.

Cash call

In late May, law enforcement agencies and security companies seized a worldwide network of hijacked home computers that was being used to spread both Cryptolocker and another strain of malware known as Gameover Zeus.

This concerted action seems to have prompted an attempt by the gang to ensure one copy of their database of victims did not fall into police hands, said Mr Sandee.

What the criminals did not know, he said, was that police forces and security firms were already in control of part of the network and were able to grab the data as it was being sent.

The action also involved the FBI charging a Russian man, Evgeniy Bogachev, aka "lucky12345" and "slavik", who is accused of being the ring leader of the gang behind Gameover Zeus and Cryptolocker.

The Gameover Zeus family of malware targets people who bank online, and is thought to have racked up millions of victims.

Cryptolocker was created by a sub-group inside the larger gang, said Mr Sandee, and first appeared in September 2013, since when it has amassed about 500,000 victims.

Those infected were initially presented with a demand for $400 (£327), 400 euros ($535; £317) or an equivalent amount in the virtual Bitcoin currency. Victims had 72 hours to pay up or face the keys that would unlock their files being destroyed.

Analysis of the back-up database indicates that only 1.3% of all the people hit by the malware paid the ransom.

Despite the low response rate, the gang is believed to have netted about $3m from Cryptolocker. Many of those caught out did not pay because they were able to restore files from back-ups.

However, others are believed to have lost huge amounts of important files and business documents to the cyber-thieves.

"There's a bit of guesswork in that figure because some of it was paid in bitcoins and that does not have a fixed exchange rate," said Mr Sandee.

Now, security firms Fox-IT and FireEye - which aided the effort to shut down the Gameover Zeus group - have created a portal, called Decrypt Cryptolocker, via which any of the 500,000 victims can find out the key to unlock their files.

"All they have to do is submit a file that's been encrypted from that we can figure out which encryption key was used," said Greg Day, chief technology officer at FireEye.

Mr Day said people wishing to use the portal should submit a file that did not contain sensitive information to help it verify which key they needed.

23.59 | 0 komentar | Read More

Facebook sued by 25,000 members

6 August 2014 Last updated at 15:56

A data privacy campaigner has signed up 25,000 people to a "class action lawsuit" being taken against Facebook.

Max Schrems alleges that the way the social network monitors its members' activity on and off the site puts it in breach of EU laws.

As part of the claim, he also alleges that the company co-operated with Prism, a US surveillance scheme.

Facebook has previously denied knowing about Prism before it was mentioned in leaked US government documents.

The company has, however, acknowledged complying with national security requests from US government agencies.

Facebook has not commented on the wider case being brought against it.

Continue reading the main story

We complain, then go home and drink beer"

End Quote Max Schrems Europe versus Facebook

The BBC understands it does not plan to respond until it has been served the relevant papers.

Facebook search

Mr Schrems asked Facebook users based outside the US and Canada who wished to take part in the case to sign up via an app.

The case is targeted against the company's Irish subsidiary, which is responsible for all accounts belonging to users outside of North America. It has been filed with the Commercial Court for Vienna, the 26 year old's home city.

Among the allegations are that Facebook broke EU privacy laws by introducing:

• Graph Search - a facility allowing users to find out about other members' activities on the social network
• External website tracking - monitoring members through the Like buttons embedded into third-party webpages
• Big data analysis - the ability to gain insights into Facebook members' by data-crunching the billions of interactions people have with the site every year

Model case

Mr Schrems is demanding 500 euros ($667, £396) in damages for each of the first 25,000 people who signed up to the case.

While the Austrian legal system does not make provision for US-style class actions, Mr Schrems is working round this by getting the other participants to transfer their financial claims to him, which is permitted.

If he wins he intends to share the money after delivering a 20% cut to a German firm that is funding the case.

While the promised payout might have helped him attract support, Mr Schrems says the money is a side-issue.

Instead, he explains, the dispute with Facebook is intended to be a "model case" that sets a precedent addressing the wider problem of tech firm developing products that comply with US laws, but are not adapted for other countries' rules.

"It is not an epic fight with Facebook but more of a general question of where we are going and if we respect our fundamental rights in Europe," he told the BBC.

"Right now I have the feeling that we love to point the finger at the US in Europe, and say they are not respecting our privacy. But the reality is that we don't really do anything about it - we complain, then go home and drink beer."

Risk to reputation

This is not the first action Mr Schrems has taken against the social network.

In 2011 he forced the firm to reveal all the information it was holding on him.

When he discovered the 1,222 pages of information included details he thought he had deleted or had not consented to being shared, he lodged a complaint with the Irish data protection commissioner.

The case has since been referred to the European Court of Justice, but has already resulted in the firm restricting its use of facial recognition software and making it easier for members to find out more about the data held on them.

One of the UK's leading data protection lawyers, who is not involved in the case, suggested the latest action could deliver a landmark ruling.

"The current climate of data protection enforcement in the EU in the courts and by the data protection regulators, coupled with an increasing awareness by consumers of their rights means that this case could well run its course in the Court in Vienna and achieve a result for Max Schrems and Facebook users," said Robert Bond, a partner at the law firm Speechly Bircham.

"Of course it remains to be seen whether or not Facebook will try to settle as reputational damage may be worse than a financial penalty."

Mr Schrems has limited the number of people involved in the case to 25,000 because each participant's submissions must be vetted.

However, he says other Facebook users wishing to take part can still register their interest in case he later decides to expand the legal action.

23.59 | 0 komentar | Read More

Apple and Samsung drop non-US cases

6 August 2014 Last updated at 05:08

Apple and Samsung have agreed to withdraw all legal cases against each other outside the United States.

The two rivals have sued each other over a range of patent disputes in nine countries outside the US, including the UK, South Korea, Japan and Germany.

A joint statement said the agreement "does not involve any licensing arrangements", and they would continue to pursue existing cases in US courts.

The two firms are the biggest players in the smartphone and tablet PC market.

But they have been involved in a bitter legal battle, spread across various countries, which has escalated in recent years.

Multiple disputes

The legal wrangling between the two companies began in 2011 after Apple sued Samsung in the US.

It claimed that the South Korean firm's Galaxy range of phones and tablets "slavishly" copied its iPhone and iPad.

The South Korean firm has since taken Apple to court in various countries, accusing it of infringing its patents.

These included patents on a way to synchronise photos, music and video files across several devices, and a method to capture and send video over the internet.

For its part, Apple filed counter claims in some of those countries - disputes which the two firms have now agreed to withdraw.

Focus on US

However, the main legal battle between the two companies is being fought in the US courts.

Apple has won two verdicts in the US against Samsung in recent years.

In May, a US court ordered Samsung to pay $119.6m (£71m) to Apple for infringing two of its patents. The amount was way less than the $2.2bn that Apple had sought.

But the court also ruled that Apple infringed Samsung's patents and awarded $158,000 in damages.

However, Samsung denied any wrongdoing and sought $6m after arguing Apple infringed two of its smartphone patents related to camera use and video transmission.

Two years ago, a separate jury ordered Samsung to pay Apple $1.05bn in damages for infringing intellectual property.

The jury decided several Samsung devices had infringed iPhone-maker Apple's software and design patents, but rejected counter-claims by Samsung.

That verdict is still being challenged by Samsung.

23.59 | 0 komentar | Read More

UK weighs Bitcoin risks - Osborne

6 August 2014 Last updated at 14:49

The government is to explore the role that digital currencies such as Bitcoin could play in the financial system and whether they need to be regulated.

Chancellor George Osborne has set out measures he said would make Britain the "global centre of financial innovation".

Bitcoin is not controlled by a central bank but is growing in popularity.

Other measures include plans to make it easier for businesses to get loans from sources other than banks.

Speaking at the Innovate Finance conference in London, Mr Osborne said the measures would help firms to "grow and succeed".

How Bitcoins work

Bitcoin is often referred to as a new kind of currency.

But it may be better to think of its units as being virtual tokens that have value because enough people believe they do and there is a finite number of them.

Each bitcoin is represented by a unique online registration number.

These numbers are created through a process called "mining", which involves a computer solving a difficult mathematical problem with a 64-digit solution.

Each time a problem is solved the computer's owner is rewarded with bitcoins.

To receive a bitcoin, a user must also have a Bitcoin address - a randomly generated string of 27 to 34 letters and numbers - which acts as a kind of virtual postbox to and from which the bitcoins are sent.

Since there is no registry of these addresses, people can use them to protect their anonymity when making a transaction.

These addresses are in turn stored in Bitcoin wallets, which are used to manage savings. They operate like privately run bank accounts - with the proviso that if the data is lost, so are the bitcoins contained.

'Stimulate innovation'

The chancellor said that it was "only by harnessing innovations in finance, alongside our existing world class knowledge and skills in financial services, that we'll ensure Britain's financial sector continues to meet the diverse needs of businesses and consumers here and around the globe".

As part of the drive, he announced a government investigation into the potential for virtual and digital currencies such as Bitcoin to encourage innovation in the UK's financial sector, while also examining their potential risks.

More than 60,000 online retailers now accept virtual currencies worldwide and the growing popularity has seen backers of the currencies push for greater mainstream adoption. However, their use has also been linked to illegal activity online.

BBC technology correspondent Rory Cellan-Jones said: "Enthusiasts say it is the future of money, detractors claim that it is extremely volatile and is used mainly by drug dealers and money launderers.

"Now the government says it will examine whether this and other virtual currencies should be regulated, how they could help stimulate innovation - and their potential risks."

Small businesses

Mr Osborne also outlined plans to introduce legislation to help small and medium-sized businesses access alternative sources of finance if they have been turned down for finance by their bank.

He said the government would encourage the growth of "alternative finance providers" - a major part of the financial and technology, or FinTech sector.

Business Secretary Vince Cable said small businesses often "give up" applying for finance if they have been turned down by a bank.

Stuart Law, chief executive of the alternative finance provider Assetz Capital, said: "Part of the problem with banks is that they often take several months to approve or reject a loan application.

"As a result, many rejected businesses will have wasted three months already, and will often have missed the opportunity that they needed the money for.

"What is needed is greater awareness of alternative sources of finance at the application stage."

The government will publish a strategy document later this year setting out how it intends to make the UK the global centre of financial innovation.

23.59 | 1 komentar | Read More

Blood app 'can detect diseases'

5 August 2014 Last updated at 14:46

A team has developed an app and small lens add-on that allows blood-cell analysis via a smartphone

The app, called Athelas, won a prize at a coding event held by the prestigious start-up hub Y Combinator.

The team says it can detect diseases such as malaria and cancers in seconds, through so-called predictive cell counting.

But experts warned of the difficulty of reproducing the quality of medical labs results using just a smartphone.

Users take a picture of their blood using the lens attachment, which is then sent to the app's servers, and the results are then sent back to them.

Team leader Tanay Tandon said in his submission: "For more than two centuries, cell morphology - or the practice of viewing/analysing a person's blood in order to diagnose conditions - has been the primary way to approach medicine.

"Yet, despite the critical nature of blood analysis to the medical industry - the process has hardly changed from its long, expensive form for 150 years."

Mr Tandon added that in "rural areas, the tech will really shine, providing previously unavailable diagnostic skills through the power of artificial intelligence and computer vision".

'Create more confusion'

But experts in the field are not so convinced by the reality of using a smartphone to detect and diagnose.

"This app will create more confusion then alleviate anxiety," Dr Amar Safdar, the director of transplant medical diseases at New York University's Langone Medical Center, told the BBC.

"The major limitation for this approach is that most viruses require electron microscopic exams to see them."

Using the example of the current outbreak of Ebola - which has killed more than 800 people in western Africa and is spreading partly through air travel - Dr Safdar said that patients in the early stages of illness might not have large enough quantities of the Ebola virus in their peripheral blood to be diagnosed.

The threat of false positives, or incorrect results, was another concern.

"I've no problem with it in principle - but in reality, these need to be carefully calibrated around the right type of diseases," Dr Mike Chapman, of the University of Cambridge's Department of Haematology, told the BBC, adding that some diseases were easier to detect than others.

"In a laboratory diagnosis, there is a lot of regulation that goes on behind the scenes to make sure that your results are meaningful."

Dr Chapman added that he was aware of instances where people took a smartphone picture of a microscopic image of their blood and sent it to an expert.

The Athelas app won a prize as Y Combinator held its first "hackathon" last weekend, where teams come together and are invited to create software together in a limited amount of time.

Mr Tandon won an interview with YC to be in its next batch of start-ups. The California-based accelerator counts billion-dollar start-ups such as Airbnb, Reddit, and Dropbox among its alumni.

23.59 | 0 komentar | Read More

Bitcoin crashes tied to search surge

6 August 2014 Last updated at 01:32

A spike in searches for Bitcoins can be a good predictor of an imminent crash in its value, suggests research.

The conclusion emerged from a study of the web activity and social media chatter surrounding the virtual currency by Swiss computer scientists.

Their analysis of who was taking part in this activity helped to explain the meteoric rise in the value of bitcoins.

It might also offer insights into how online communities adapt and grow, suggested the research team.

Key variable

Bitcoin was a great candidate for research because so much of the activity surrounding it takes place online, wrote the team in a paper published in the Journal of the Royal Society. Bitcoins are a virtual currency which depend on people using their computers to both generate the cyber coins and to verify transactions carried out with them.

Currently one bitcoin can be exchanged for $585 (£347).

Studying the "digital traces" of this activity could help lay bare the variables that govern the way the virtual currency behaves said the team.

The four key variables that emerged from the analysis were:

• the size of the user base
• the number of searches for information
• the amount of information shared
• price

From this the team at the Federal Institute of Technology in Zurich managed to find two positive feedback loops that steadily influence how much each bitcoin was worth.

The first "reinforcement cycle" involves an increase in the amount of searching for information about bitcoins, which leads to more chatter about the currency and prompts a rise in its value.

"The successive price surges in the Bitcoin economy are largely due to its growing public attention," said the team.

The second feedback loop involves a rise in search volume which makes more people download the software and join in the mining pools that generate coins. This too tends to lead to a rise in the nominal value of Bitcoins.

"Our analysis suggests that the successive waves of growth of the Bitcoin economy were driven by corresponding waves of new users from public circles gradually opening to the currency" wrote the researchers.

In addition, they found found that search spikes were early indicators of an imminent drop in its value but added that this did not act as a good predictor of the biggest falls in the value of bitcoins.

23.59 | 0 komentar | Read More

Wikipedia names deleted search links

6 August 2014 Last updated at 13:11

Wikipedia has begun naming links to its online encyclopaedia that have been removed from EU search results under "right to be forgotten" rules.

The deleted links include pages about European criminals, a musician and an amateur chess player.

The Wikimedia Foundation, which operates the site, said the internet was being "riddled with memory holes" as a result of such takedowns.

The action follow a European Court of Justice ruling in May.

The judges involved decided that citizens had the right to have links to "irrelevant" and outdated data erased from search engine results.

A fortnight ago Google briefed data regulators that it had subsequently received more than 91,000 requests covering a total of 328,000 links that applicants wanted taken down, and had approved more than 50% of those processed.

The search engine is critical of the court's decision, but has set up a page that people can use to request removals.

At a press conference in London, the Wikimedia Foundation revealed that Google had notified it of five requests involving Wikipedia that it had acted on, affecting more than 50 links to its site.

A dedicated page on Wikipedia states that they include:

"We only know about these removals because the involved search engine company chose to send notices to the Wikimedia Foundation," the organisation's lawyers wrote in a blog.

"Search engines have no legal obligation to send such notices. Indeed, their ability to continue to do so may be in jeopardy.

"Since search engines are not required to provide affected sites with notice, other search engines may have removed additional links from their results without our knowledge. This lack of transparent policies and procedures is only one of the many flaws in the European decision."

EU regulators have expressed concern that Google is notifying website administrators of the links it removes, suggesting this undermines the point of the law.

While the links do not appear on Google.co.uk and other versions of the search engine created for specific EU countries, they do still appear on Google.com, which can be accessed in Europe.

Data requests

The Wikimedia Foundation has also published its first transparency report - following a similar practice by Google, Twitter and others.

It reveals that the organisation received 304 general content removal requests between July 2012 and June 2014, none of which it complied with.

They included a takedown request from a photographer who had claimed he owned the copyright to a series of selfies taken by a monkey.

Gloucestershire-based David Slater had rotated and cropped the images featured on the site.

But the foundation rejected his claim on the grounds that the monkey had taken the photo, and was therefore the real copyright owner.

The foundation also revealed it had received 56 requests for data about its users.

It said it had complied with eight of these requests, affecting 11 accounts. All of these resulted in information being passed to US-based bodies.

"If we must produce information due to a legally valid request, we will notify the affected user before we disclose, if we are legally permitted and have the means to do so," the foundation said.

"In certain cases, we may help find assistance for users to fight an invalid request."

23.59 | 0 komentar | Read More

Russia gang in 'largest data breach'

6 August 2014 Last updated at 16:39

A Russian group has hacked 1.2 billion usernames and passwords belonging to more than 500 million email addresses, according to Hold Security - a US firm specialising in discovering breaches.

Hold Security described the hack as the "largest data breach known to date".

It claimed the stolen information came from more than 420,000 websites, including "many leaders in virtually all industries across the world".

Hold Security did not give details of the companies affected by the hack.

"They didn't just target large companies; instead, they targeted every site that their victims visited," Hold Security said in its report.

"With hundreds of thousands of sites affected, the list includes many leaders in virtually all industries across the world, as well as a multitude of small or even personal websites."

Continue reading the main story

These databases were used to attack e-mail providers, social media, and other websites to distribute spam to victims and install malicious redirections on legitimate systems"

End Quote Hold Security

The New York Times, which first reported the findings, said that on its request "a security expert not affiliated with Hold Security analysed the database of stolen credentials and confirmed it was authentic".

"Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information," the paper said.

The paper added: "Hold Security would not name the victims, citing nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable."

The Wall Street Journal later revealed that Hold Security intended to offer website owners the ability to check whether they had been affected, but only if they paid a fee.

The firm has since posted a message on its site saying it will charge $120 (£71) a month for a "breach notification service".

One computer security expert said he was surprised by this approach.

"This situation is quite unusual in that the company has decided to charge for this information," Dr Steven Murdoch from University College London's computer science department told the BBC.

"Usually they would do an initial disclosure [of who had been affected] for free and then offer their services for a fee at a later stage.

"The company rightly points out that there is going to be a huge amount of work to securely contact all the affected websites, but a common solution to this is to partner with a government or industry-funded organisation to help with that."

Despite the large amount of credentials said to have been compromised, Dr Murdoch added that it would be premature to advise the public to reset all their passwords.

"Although there's a large amount of passwords involved, a lot of them could be irrelevant and many of the websites tiny," he said.

"It's not necessarily the case that a large proportion of internet users have been affected. Until we get more statistics we won't know that.

"So, there's no reason to panic now, but perhaps it's a good reminder to follow best practice of not using the same password on multiple websites, because this will not be the last time such a breach happens."

Multi-pronged attack?

Hold Security, which has previously reported about hacks on Adobe and Target, said it took more than seven months of research to discover the extent of the latest hack.

The firm claimed the gang initially acquired databases of stolen credentials from fellow hackers on the black market.

"These databases were used to attack e-mail providers, social media, and other websites to distribute spam to victims and install malicious redirections on legitimate systems," Hold Security said.

The hackers also got access to data from botnets - a network of computers infected with malware to trigger online fraud.

Hold Security said the botnets helped the hacking group - which it dubbed CyberVor - identify more than 400,000 websites that were vulnerable to cyber attacks.

"The CyberVors used these vulnerabilities to steal data from these sites' databases," the firm said.

"To the best of our knowledge, they mostly focused on stealing credentials, eventually ending up with the largest cache of stolen personal information, totalling over 1.2 billion unique sets of e-mails and passwords."

The firm is now marketing its breach notification service as a way to "stay ahead of the hackers ".

But one of its rivals expressed surprise at this approach.

"For a long time the security industry has freely shared information on breaches within its own community," said Vanja Svajcer, principal security researcher at Sophos.

"Researchers discovering credentials breaches usually help end users either by making the information about compromised accounts public or by working with the company whose servers were compromised to inform all affected users.

"In this case, the credentials were harvested from thousands of servers and it would be difficult to work with every server owner to inform the compromised users. Nevertheless, it is reasonable to expect the company to make the information freely available so everybody can check that none of their email addresses have been compromised."

Password tips

The University of Surrey's Prof Alan Woodward suggests the following rules should be observed when picking a new password.

Don't choose one obviously associated with you

Hackers can find out a lot about you from social media so if they are targeting you specifically and you choose, say, your pet's name you're in trouble.

Choose words that don't appear in a dictionary

Hackers can precalculate the encrypted forms of whole dictionaries and easily reverse engineer your password.

Use a mixture of unusual characters

You can use a word or phrase that you can easily remember but where characters are substituted, eg, Myd0gha2B1g3ars!

Have different passwords for different sites and systems

If hackers compromise one system you do not want them having the key to unlock all your other accounts.

Keep them safely

With multiple passwords it is tempting to write them down and carry them around with you. Better to use some form of secure password vault on your phone.

23.59 | 0 komentar | Read More