Apple has added a Do-Not-Track tool to a test version of its latest Web browser that would potentially keep customers' online activities from being monitored by marketers. This tool is within Lion, a version of Apple's Mac OS X operating system that is currently only available to developers. The final version of this operating system is expected to be released to the public this summer. Mentions of this do-not-track feature in Apple's Safari browser began to appear in online discussion forums and on Twitter recently. Adding this feature leaves Google Inc. being the only major browser that has not yet committed to supporting a do-not-track capability in its browser, Chrome. A Google spokesperson said that the company will continue to be involved closely in industry discussions about do-not-track features. For now, they offer an add-on program for Chrome that users can download called, "Keep my Opt-Outs" that will let users request that their data not be used for targeted advertising.
Do-not-track tools in browsers automatically send out messages to websites and online advertising networks requesting that users' movements around the Web not be tracked. The system will only work if Web companies agree to respect people's tracking preferences. Apple's Safari browser currently accounts for approximately 6.6% of Web browser use on the Internet, while Microsoft's Internet Explorer accounts for 55.9% and Mozilla's FireFox accounts for 21.8%, according to estimates from NetApplications.com (a firm that tracks browser market share). Of the four major browsers, Google's Chrome is growing the quickest. They have rose from 6.73% to 11.57% just this last April.
Representative Cliff Stearns introduced privacy legislation that would encourage these companies to offer more information about how their consumers are being track. They feel that they all have the right to know. The bill requires firms to create privacy policies that tell the consumers about the collection, sale, and use of their data. Currently, these types of Federal laws do not exist. The bill calls for the data-collection industry to develop a policing program that would be approved by the Federal Trade Commission.
Some people make it seem that this type of thing takes too much time and energy out of these companies to do, to simply be able to assure their consumers that they are safe and their information is not being collected. It really can't be that hard to come up with such tool. Especially when the benefits of doing so have to be so great, compared to what type of downfalls their might be. Everything has its pros and cons, but clearly adding the do-not-track tool would not only protect their consumers, but would almost guarantee the trust of their consumers, which should be most important.
Article Name: Apple Adds Do-Not-Track Tool to New Browser
by Nick Wingfield
http://online.wsj.com/article/SB10001424052748703551304576261272308358858.html
Tuesday, April 19, 2011
How to Kill Web Data About You
As we already know, anytime you do anything on the internet: shop online, date online, or conduct friendships through social networks, we leave behind a large, and growing, amount of our personal data. Employers, marketers and even thieves are piecing together general mosaics of who we are. Spokeo.com gives a little glimpse of what these mosaics do with our personal information. Here, you can see estimates of your age, home value, marital status, home address/phone number, and sometimes even a photo of your house. There are other services just like this, too. And these services sometimes ask you to pay a mere $15 a month to see other information such as your hobbies/interests, financial information, etc. People who have this information, sometimes simply can just snoop on Facebook or such sites for information about your political views, health challenges, office tribulations, party mishaps, which could affect your chances of getting into a school or landing a good job. Many privacy experts fear that companies will use this data against users to maybe deny insurance coverage or to assign a higher interest rate on loans. But how do we fix this problem?
If you want to try to manage privacy, the first thing you should do is check major search engines such as Yahoo!, Bing and Google. This is where most people would first go to check you out. Run keyword searches on your name, address, phone number, and other data and see what turns up. But don't stop here. Look for online accounts you once opened but don't use anymore, especially on social networking sites or dating sites, where you would have provided extensive personal information. Not only could dig up information about you on these sites, but the site itself could change its privacy settings or be acquired by a different company with different policies. If you have issues with doing all of this yourself, there are programs and companies that will do it for you, but sometimes costing up to $99 a year for quarterly reports detailing the information found about you online. To some, this would be extremely beneficial.
The hardest part is masking the information. Sometimes you are able to get into these accounts and just delete it yourself, but this could be very time consuming. So, begin by removing extreme personal information such as your full date of birth or home address, and then delete continue by deleting or deactivating social networking accounts that you no longer use. If someone else posted information about you, you would have to go to them. Getting a friend to delete a photo of you would be easy. But getting an online publisher or data broker (a company that buys data from other companies and sells it to companies that collect it) to remove content, can be tricky. Many data brokers will let you opt out of their databases, but you would need to contact each one individually. This usually requires waiting a set amount of time, and it is not always guaranteed to be down forever. Usually, after doing this, your information should be out of search engines within a week, though.
All of this seems like one big headache, but it is a little price to pay, when so many people have had their identity stolen. Getting your identity stolen is even more frustrating, and for some people, it ruins their lives. It seems to be a small portion of the headache that that would end up causing. Most people aren't aware of the information that is out on the Web about you, so if you aren't sure of what is public currently, you should check it out. I had searched my parents information on Spokeo.com, and it is amazing how much of their information is now out on the Web on this one site. Some of it wasn't true, but it was weird how much of the little details that they had up there that was true. It becomes somewhat scary, too. So if you aren't aware of what is going on with your information that you are letting sit on the Web, get it removed as soon as you can.
Article Name: How to Fix (Or Kill) Web Data About You
by Riva Richmond
http://www.nytimes.com/2011/04/14/technology/personaltech/14basics.html?_r=1&src=me&ref=technology
If you want to try to manage privacy, the first thing you should do is check major search engines such as Yahoo!, Bing and Google. This is where most people would first go to check you out. Run keyword searches on your name, address, phone number, and other data and see what turns up. But don't stop here. Look for online accounts you once opened but don't use anymore, especially on social networking sites or dating sites, where you would have provided extensive personal information. Not only could dig up information about you on these sites, but the site itself could change its privacy settings or be acquired by a different company with different policies. If you have issues with doing all of this yourself, there are programs and companies that will do it for you, but sometimes costing up to $99 a year for quarterly reports detailing the information found about you online. To some, this would be extremely beneficial.
The hardest part is masking the information. Sometimes you are able to get into these accounts and just delete it yourself, but this could be very time consuming. So, begin by removing extreme personal information such as your full date of birth or home address, and then delete continue by deleting or deactivating social networking accounts that you no longer use. If someone else posted information about you, you would have to go to them. Getting a friend to delete a photo of you would be easy. But getting an online publisher or data broker (a company that buys data from other companies and sells it to companies that collect it) to remove content, can be tricky. Many data brokers will let you opt out of their databases, but you would need to contact each one individually. This usually requires waiting a set amount of time, and it is not always guaranteed to be down forever. Usually, after doing this, your information should be out of search engines within a week, though.
All of this seems like one big headache, but it is a little price to pay, when so many people have had their identity stolen. Getting your identity stolen is even more frustrating, and for some people, it ruins their lives. It seems to be a small portion of the headache that that would end up causing. Most people aren't aware of the information that is out on the Web about you, so if you aren't sure of what is public currently, you should check it out. I had searched my parents information on Spokeo.com, and it is amazing how much of their information is now out on the Web on this one site. Some of it wasn't true, but it was weird how much of the little details that they had up there that was true. It becomes somewhat scary, too. So if you aren't aware of what is going on with your information that you are letting sit on the Web, get it removed as soon as you can.
Article Name: How to Fix (Or Kill) Web Data About You
by Riva Richmond
http://www.nytimes.com/2011/04/14/technology/personaltech/14basics.html?_r=1&src=me&ref=technology
Thursday, April 14, 2011
Former Teen Stock Swindler Sentenced to Three Years on New Hack
Van T. Dinh, now 27, once served time for an online stock-trading scheme when he was 19. During this time he hacked into another trader’s account and bought the options with his own account. This act made Dinh the first person charged by the Securities and Exchange Commission with a fraud that involved both computer hacking and identity theft. This led him to serve 13 months in prison in 2004. After his previous attacks and after being released from prison, he was just recently sentenced to three years in prison in New York on new charges of cracking a New York-based currency exchange service and gifting himself with more than $100,000. Dinh was ordered to pay $125,000 in restitution for the scam and to serve three years of federal supervised release. In 2003, Dinh found himself to be the unhappy owner of Cisco “put” options that were very close to expiring without a payoff. Instead of absorbing the losses, he had used a Trojan horse program that was disguised as a stock charting tool to take control of an innocent person’s online stock account. After doing this, he then had the victim’s account buy $37,000 worth of his options, shaving his losses.
After his first release, Dinh’s probation officer had concluded that he was not seriously applying himself to secure employment. Then in December of 2008, he had set up a real account with an online currency exchange serviced that was based in New York. Two weeks after this, he had logged into his account using an administrative password and added $55,000 to his account. He had soon done the same and added another $55,000 two days later. According to an FBI agent, Dinh then used his access to make currency trades on two different customer accounts, and then gave one of them $140,326.75. This hacking was traced by the FBI to an IP address that was assigned to a home in Phoenixville, Pennsylvania, where Dinh shared a home with his mother. Dinh was arrested and was held in jail, without bail, at the Metropolitan Correctional Center in New York. He was labeled as being a danger to the community by hacking activities, along with other reasons. Dinh then pleaded guilty to computer fraud and identity theft.
Dinh also thought that he had a sense of humor, and believed that what he had done was funny in many different expenses. At his sentencing hearing at his earlier case, prosecutors read from an electronic diary found on Dinh’s computer. It read, “I am so proud of myself for my ‘hacking business’ – I will never regret what I did. I am the best of the best trickster. I laugh often when Mom says she worries … Even if I go to jail, big deal; I will learn something there. Hahaha.”
Article Name: Former Teen Stock Swindler Sentenced to Three Years on New Hack
by Kevin Poulsen
Wednesday, April 13, 2011
Facebook: Our Comments PlugIn Increases Publisher Traffic Up to 45%
About a month ago, Facebook released its commenting solution for third parties, which had been extremely feared. Between then and now, Facebook comments have made its way to more than 50,000 sites. Some of these sites included Vevo, Funny or Die, and the Los Angeles Times. Facebook, today, has announced a set of improved features for both users and publishers, as well as a bunch of statistics that say that the commenting system actually increases instead of decreasing discussion and Facebook referrals. The biggest change that this will cause for users is being able to login using Hotmail. Thoughts had come up about when users will see Google or Twitter as a login option, but there has been no mentioning of this by any Facebook spokes people. One spokesperson for Facebook did say, though, that they are always looking for new ways to improve their product, and they are hoping to add as many login options as possible.
Changes for publishers/bloggers include the ability to link directly to individual comments, generate larger News Feed objects, and access comments using the API. Generating larger News Feed objects shows that user interaction will dramatically increase. Facebook is saying that two sites have seen this increase after using Facebook Comments. Examiner.com says that they continue to see growth with the Facebook Comment plugin, and that they have noticed that comments have nearly doubled its weekly average since using the plugin starting on March 1. They are also noticing more in-depth conversations and a dramatic increase in spam, as well. Examiner's referring instances have also doubled in the first month of using the plugin. The other site that has seen a difference is Townsquare Media, the local radio broadcaster. They have been using the Facebook plugin for six weeks now, and are noticing a 45% average increase in Facebook referrals.
Although it has had its benefits, there are other sites that are saying it's having an opposite effect. Techcrunch is saying that they are noticing a dramatic decrease in the number of comments they are receiving, after implementing the Facebook Comments. It has decreased the number of trolls and amount of spam, but this is most likely due to the decrease in page views. People are complaining more about the fact that they now have to have a real identity to be able to even leave a comment or to voice their opinion on such sites.
Clearly the one main benefit of using the Facebook Comments plugin is to decrease the amount of spam that is distributed throughout these sites. It seems to have allowed user to feel more safe putting their opinion out there, without being hit with spam or attacked. While this seems to be the positive end of the deal, others are just furious that now they have to identify themselves, while before...you didn't have to. Why does anyone need to know who you are? It only allows you to be labeled, especially if you're known. I agree with both ends of the deal, but I think that there has to be ways to satisfy both ends of the spectrum and allow users to both be satisfied and feel protected.
Article Name: Facebook: Our Comments PlugIn Increases Publisher Traffic Up to 45%
by Mike Melanson
Wednesday, April 6, 2011
Developer Yanks Unauthorized Windows Phone 7 Update Tool
Just hours after launching a tool that let Windows 7 owners grab smartphone updates directly from Microsoft, the developer pulled the utility from his Web site. This tool was called "ChevronWP7.Updater" was used to apply all available Windows Phone 7 updates, which included the "NoDo" update. The NoDo adds copy and paste functionalities and the February update that was designed to prepare the smartphones for the NoDo update. Windows Phone 7 updates have already had numerous issues, and customers have bashed Microsoft and its mobile carrier partners for the sluggish update roll-out. Experts have also bashed the company for not anticipating that these delays would make the users and fans upset and angry.
Walsh's tool, which he had created over a span of 5 days, was released on Monday. It allows users to sidestep the carriers and to use the updates directly from Microsoft. But the tool's download link was removed from Walsh's blog later that day. His response to why he had done so was just that it was down for now, and that he would follow with more information. Nothing else, as to why he had taken the link down, has been said. Microsoft hasn't even responded to if they were the reason for why Walsh had removed the ChevronWP7.Updater...and if they were the reason, why? The only clues that have been retrieved are from a Facebook page of Microsoft's German team. They have basically warned that users who run Walsh's tool may not be able to retrieve future updates form their carriers.
The German team is also saying to use this tool at your own risk, if you are going to do so. Unofficial hacker tools can put the phone in an undefined state and not allow you to install future updates. They are saying that Microsoft nor the device manufacturer or the network operator is assuming liability for these types of consequences. As of now, there are mixed reviews from people who have used the tool. Some people are satisfied, while others are reporting problems and issues. Microsoft is saying that they are in contact with Mr. Walsh and intend on finding out his intent and any potential implications.
Again, another program/tool is released and no one wants to take responsibility for damage it may cause if users download it. Although it seems to be a mistake, someone needs to step up and take responsibility, and if not, do something about it. Walsh is obviously he reason for the issues though, so why is no one holding him directly responsible? It was clearly unauthorized, and he shouldn't have released the tool in the first place.
Article Name: Developer yanks unauthorized Windows Phone 7 update tool
by: Gregg Keizer
http://www.computerworld.com/s/article/9215547/Developer_yanks_unauthorized_Windows_Phone_7_update_tool?taxonomyId=15
Walsh's tool, which he had created over a span of 5 days, was released on Monday. It allows users to sidestep the carriers and to use the updates directly from Microsoft. But the tool's download link was removed from Walsh's blog later that day. His response to why he had done so was just that it was down for now, and that he would follow with more information. Nothing else, as to why he had taken the link down, has been said. Microsoft hasn't even responded to if they were the reason for why Walsh had removed the ChevronWP7.Updater...and if they were the reason, why? The only clues that have been retrieved are from a Facebook page of Microsoft's German team. They have basically warned that users who run Walsh's tool may not be able to retrieve future updates form their carriers.
The German team is also saying to use this tool at your own risk, if you are going to do so. Unofficial hacker tools can put the phone in an undefined state and not allow you to install future updates. They are saying that Microsoft nor the device manufacturer or the network operator is assuming liability for these types of consequences. As of now, there are mixed reviews from people who have used the tool. Some people are satisfied, while others are reporting problems and issues. Microsoft is saying that they are in contact with Mr. Walsh and intend on finding out his intent and any potential implications.
Again, another program/tool is released and no one wants to take responsibility for damage it may cause if users download it. Although it seems to be a mistake, someone needs to step up and take responsibility, and if not, do something about it. Walsh is obviously he reason for the issues though, so why is no one holding him directly responsible? It was clearly unauthorized, and he shouldn't have released the tool in the first place.
Article Name: Developer yanks unauthorized Windows Phone 7 update tool
by: Gregg Keizer
http://www.computerworld.com/s/article/9215547/Developer_yanks_unauthorized_Windows_Phone_7_update_tool?taxonomyId=15
Tuesday, April 5, 2011
After Security Breach, Companies Begin Protecting Customers of E-Mail Fraud
Epsilon has stated that a giant security breach occurred on its online marketing firm, leaving millions of people at risk for e-mail fraud. The breach had exposed peoples' names and e-mail addresses of customers of some of the nation's largest companies including JPMorgan Chase, Target, Citibank, and Walgreens. Although the number of people affected is unknown, security experts are saying that this giant security breach may be one of the largest, and could eventually lead to surge in phishing attacks. Epsilon is a marketing firm that handles e-mail marketing lists for hundreds of clients, and is also the marketing firm that suffered this breach. While e-mail addresses don't sound as though they are really that vulnerable, experts are saying that if criminals can associate these e-mail addresses with names, and then to companies/businesses like a bank, they could devise highly customized attacks to trick people into giving more important confidential information. This technique is known as "spear phishing." Some are saying that the road maps between the customers and the banks are now basically in the hands of criminals.
A spear phishing e-mail can be much more dangerous than regular phishing attacks because it can include a person's name and is sent only to people who are known to be customers of a certain business, increasing the chance that the targets will be victimized. With the information that was stolen from Epsilon, these criminals could send the customers of JPMorgan Chase emails that appear to be from the bank, complete with their names, and if criminals cross check their name with property records of mortgage holders, they could also include their address in the e-mail.
While these companies are trying to make their customers aware of what has happened, they are also assuring them that the hackers had only stolen names and e-mail addresses and not passwords, credit card information, or other important and confidential information. They are basically saying that they may just receive spam and other sorts of junk e-mails. Although it is limited in what they can share, those from Epsilon are saying that they are conducting a full investigation on this issue. Others are thinking that Epsilon was a random attack because the hackers basically scan the Internet looking for machines with a high vulnerability rate. Epsilon just so happened to be their choice.
With the issues going on today between credit card fraud, identity theft, and things along that nature, it is scary hearing from businesses in which you are a customer, especially your bank, that your information has been stolen or released to a third party without your consent. Most people would become aggravated and annoyed. And I'm sure these major companies are dealing with complaints as well as trying to fix this problem.
Article Name: After Breach, Companies Warn of E-Mail Fraud
by Miguel Helft
http://www.nytimes.com/2011/04/05/business/05hack.html?_r=1&ref=technology
A spear phishing e-mail can be much more dangerous than regular phishing attacks because it can include a person's name and is sent only to people who are known to be customers of a certain business, increasing the chance that the targets will be victimized. With the information that was stolen from Epsilon, these criminals could send the customers of JPMorgan Chase emails that appear to be from the bank, complete with their names, and if criminals cross check their name with property records of mortgage holders, they could also include their address in the e-mail.
While these companies are trying to make their customers aware of what has happened, they are also assuring them that the hackers had only stolen names and e-mail addresses and not passwords, credit card information, or other important and confidential information. They are basically saying that they may just receive spam and other sorts of junk e-mails. Although it is limited in what they can share, those from Epsilon are saying that they are conducting a full investigation on this issue. Others are thinking that Epsilon was a random attack because the hackers basically scan the Internet looking for machines with a high vulnerability rate. Epsilon just so happened to be their choice.
With the issues going on today between credit card fraud, identity theft, and things along that nature, it is scary hearing from businesses in which you are a customer, especially your bank, that your information has been stolen or released to a third party without your consent. Most people would become aggravated and annoyed. And I'm sure these major companies are dealing with complaints as well as trying to fix this problem.
Article Name: After Breach, Companies Warn of E-Mail Fraud
by Miguel Helft
http://www.nytimes.com/2011/04/05/business/05hack.html?_r=1&ref=technology
Tuesday, March 29, 2011
New 'Cloud Girlfriend': Have the Girl, Without the Hassle
Did you ever think that you would ever have a girlfriend, and not have to deal with her in real life? Of course, to some this is a dream come true, but to others it is quite unusual. Some mothers tell you that you would never find a girlfriend with your head in the clouds or even by sitting in front of a computer. But now, things have changed. The upcoming application, Cloud Girlfriend, says that they can create the perfect girlfriend for you, one that you will never have to deal with in real life. The benefits of this is that they will post adoring messages to your Facebook or Tweet at you ALL the time. This can occur because your Cloud Girlfriend is only a virtual presence stored in a virtual cloud, with a virtual personality matching what you can ask for. Your Cloud Girlfriend's profile would be run by a human, however. Cloud Girlfriend's co-founder insists that it be a female human being.
Co-founder, David Fuhriman, claims that this is not a sex chat or pornography service. The girlfriend is operated by a real girl and can be like having a real long-distance girlfriend but without all of the extra hassles. Cloud Girlfriend has not launched yet, due to raising concerns with Facebook and Twitter's Terms of Service. Although it has issues coming its way with the social networking sites, the Cloud Girlfriend has gained a lot of media attention because of its unusual premise and appeal to the tech savy, busy, modern young man.
Cloud Girlfriend finds ways to defend its ways and its role in society. It claims that it is therapeutic because it ultimately fulfills a man's emotional, psychological needs, and builds his self confidence. They also claim that it can help them to successfully navigate real-life situations, which would lead them to make wise decisions throughout their life.
Cloud Girlfriend seems to be just another excuse for why men and women cannot hold a true relationship. It's a way around having a real relationship with another human being, which could only lead to the individual having other psychological problems. Facebook and Twitter should be concerned more because accounts are being created for such a low purpose, which only takes up the space on their network, that could be used by people who really want to use the social networking sites for what they were created for. The Cloud Girlfriend should also raise questions such as, what if the person wants to "break up" with the girl? Or, if you were to "break it off", would you be able to get away from them posting unnecessary messages onto your Facebook or Twitter? Why can't people just meet a significant other the way that everyone else does and has done it for hundreds and hundreds of years?
Article Name: 'Cloud Girlfriend' Offers Dream Virtual Girlfriends
by Sara Yin
http://www.pcmag.com/article2/0,2817,2382740,00.asp#
Co-founder, David Fuhriman, claims that this is not a sex chat or pornography service. The girlfriend is operated by a real girl and can be like having a real long-distance girlfriend but without all of the extra hassles. Cloud Girlfriend has not launched yet, due to raising concerns with Facebook and Twitter's Terms of Service. Although it has issues coming its way with the social networking sites, the Cloud Girlfriend has gained a lot of media attention because of its unusual premise and appeal to the tech savy, busy, modern young man.
Cloud Girlfriend finds ways to defend its ways and its role in society. It claims that it is therapeutic because it ultimately fulfills a man's emotional, psychological needs, and builds his self confidence. They also claim that it can help them to successfully navigate real-life situations, which would lead them to make wise decisions throughout their life.
Cloud Girlfriend seems to be just another excuse for why men and women cannot hold a true relationship. It's a way around having a real relationship with another human being, which could only lead to the individual having other psychological problems. Facebook and Twitter should be concerned more because accounts are being created for such a low purpose, which only takes up the space on their network, that could be used by people who really want to use the social networking sites for what they were created for. The Cloud Girlfriend should also raise questions such as, what if the person wants to "break up" with the girl? Or, if you were to "break it off", would you be able to get away from them posting unnecessary messages onto your Facebook or Twitter? Why can't people just meet a significant other the way that everyone else does and has done it for hundreds and hundreds of years?
Article Name: 'Cloud Girlfriend' Offers Dream Virtual Girlfriends
by Sara Yin
http://www.pcmag.com/article2/0,2817,2382740,00.asp#
Monday, March 28, 2011
Captchas' Real Purpose!
"Back in the day", in order to attend an event, you would have to make phone calls, write, or wait to go to the destination and hope for tickets at the box office. Now, it is as easy as making a few clicks and entering your credit card information on the Internet. But before these ticket distributors take your money, they might first present the user with two sets of distorted, wavy letters and ask for a transcription. These are called Captchas, and only humans can read them. They are meant so that robots cannot hack or access secure Web sites. What the readers do not know though, is that they have been enlisted in a project to transform an old book, magazine, newspaper into an accurate, easily sortable, and searchable computer text file.
One of these wavy, distorted words probably came from a digitalized image from an old text, and while the original page has already been scanned into an online database, the scanning programs made a lot of mistakes. So basically, the users and readers who are entering their copy of these letters are correcting them. So in other words, buy a ticket to a such event, and help preserve history! The set of software tools that that accomplishes this is called reCaptcha. Its original project was to clean up the digitized archive of the New York Times, but now it is the main method used by Google to authenticate text in Google Books, its vast project to digitized rare and out of print texts on the Internet.
Digitization is usually a three-stage process: create a photographic image of the text (a bitmap), encode the text in a compact, searchable form using character recognition software (O.C.R.), and correct the mistakes. Normally, the first two steps are easier to complete and more straightforward. The third step is sometimes more difficult because a lot of the time, O.C.R. programs mess up a large portion of the words, so that only humans can fix these issues. In order to get around this obstacle, Captchas were developed. It was estimated that humans around the world could decode about 200 million Captchas a day, at 10 seconds per Captcha. So now, reCaptcha is being used by 70 to 90 percent of Web sites such as Ticketmaster, banks and Facebook. Although this has been extremely helpful, reCaptcha has run into numerous errors such as it not being able to easily read cursive writing. Besides these points, reCaptcha achieves an accuracy rate of about 99 percent.
Usually turning to the public would be a bad idea when trying to accomplish major goals such as this. But in this instance, it was a great idea. It's amazing how well the results have turned out and how accurate they are as well. I would think that a program such as reCaptcha would have more issues when turning to the public, but it seems to be more successful than anything. I have used and had to translate these Captchas before, and I never knew that that was what they were for, to correct words for a greater reason.
Article Name: Deciphering Old Texts, One Woozy, Curvy Word At A Time
by Guy Gugliotta
Monday, March 21, 2011
Microsoft Urges Users to Block Flash Player Attacks
Microsoft is now urging its users of older Office suites to install and run a complicated tool to protect themselves against ongoing attacks exploiting an unpatched bug in Adobe's Flash Player. Andrew Roths and Chengyun Chu, a manager and security engineer with the Microsoft Security Response Center, say that the Enhanced Mitigation Experience Toolkit (EMET) would help for users of Office prior to 2010. Turning on the EMET will enable a number of security protections called, security mitigations. It is a tool that is designed, usually, for advanced users (such as IT pros) that manually enables address space layout randomization (ASLR) and data execution prevention (DEP), and they are both anti-exploit technologies included with Windows
Adobe has confirmed that attackers were exploiting an unpatched bug in Flash player by sending victims malicious Microsoft Excel documents. Office suites prior to 2010 are only being attacked because the version of Excel that came with Office 2010 has DEP enabled and is not susceptible to attacks. The current attacks do not bypass DEP. Excel 2010 also protects the users by isolating these infected files inside Office 2010's "Protected View". This is a "sandbox" that prevents attacking code from getting out of the application and infecting other areas. Those who use Office 2003 and 2007 are not protected by Protected View or DEP. Microsoft has recommended EMET before. EMET 2.0 can be downloaded for free from Microsoft's site, and after downloading this, users can manually configure the tool to add protection to Office's applications.
Most people think that most attacks and issues usually occur in applications from the Internet, or that you manually download and install onto your computer, that may sometimes not always be trusted. Usually, you can trust the products, especially from Microsoft, in that your computer would not get attacked in such a way. Atleast Microsoft has provided a free download to help prevent these problems from happening again. Adoble plans on fixing Flash Player's vulnerability sometime soon, though.
Article Name: Microsoft Urges Office Users to Block Flash Player Attacks
by: Gregg Keizer
http://www.computerworld.com/s/article/9214795/Microsoft_urges_Office_users_to_block_Flash_Player_attacks?taxonomyId=17
Adobe has confirmed that attackers were exploiting an unpatched bug in Flash player by sending victims malicious Microsoft Excel documents. Office suites prior to 2010 are only being attacked because the version of Excel that came with Office 2010 has DEP enabled and is not susceptible to attacks. The current attacks do not bypass DEP. Excel 2010 also protects the users by isolating these infected files inside Office 2010's "Protected View". This is a "sandbox" that prevents attacking code from getting out of the application and infecting other areas. Those who use Office 2003 and 2007 are not protected by Protected View or DEP. Microsoft has recommended EMET before. EMET 2.0 can be downloaded for free from Microsoft's site, and after downloading this, users can manually configure the tool to add protection to Office's applications.
Most people think that most attacks and issues usually occur in applications from the Internet, or that you manually download and install onto your computer, that may sometimes not always be trusted. Usually, you can trust the products, especially from Microsoft, in that your computer would not get attacked in such a way. Atleast Microsoft has provided a free download to help prevent these problems from happening again. Adoble plans on fixing Flash Player's vulnerability sometime soon, though.
Article Name: Microsoft Urges Office Users to Block Flash Player Attacks
by: Gregg Keizer
http://www.computerworld.com/s/article/9214795/Microsoft_urges_Office_users_to_block_Flash_Player_attacks?taxonomyId=17
Google Accuses Chinese Government of Blocking Their Services
The Chinese government has been accused by Google of blocking its Gmail service, making it difficult for local users to access the site. Google has claimed that there is not any issues with their main page or Gmail service in China, which leads them to believe that it is definitely a government blockage. It has been designed to make it seem like there is an issue with Gmail, but Google has done extensive checks to be sure that this is not the case. Analysts who track track Web developments say that the Chinese government is intentionally disrupting and blocking access to Google as a part of a campaign to tighten Internet controls and censor material.
Beijing has had some of the world's strictest Internet controls, but after pro-democracy demonstrations broke out in the Middle East in the beginning of this year, the Chinese government have become more strict in the effort to censor Web content and to disrupt Web searches related to calls for similar protests in China. After numerous attacks on its Web site by Chinese hackers, Google removed its Chinese language Internet search engine from China and relocated it to Hong Kong, where Beijing has fewer controls. After these attacks, the hackers had access to the private Gmail accounts of Chinese human rights advocates because the hackers had stolen some of the Google source code.
Although Google is trying to protect its services, it is being said that Google has violated its written promise that was made when entering the Chinese market by stopping filtering its searching service and blaming in insinuation for alleged hacker attacks. Currently, Google's search engines are still accessible in China, but the government has the ability to block them whenever they feel like it.
Although Google made promises with China, it is obvious that it is causing issues having pacts with them. The service was already hacked and source code was stolen, which causes many more problems along the way. It is almost impossible to completely cut China off, but it seems to be necessary to take some sort of more direct action in protecting Google's services from being attacked once again.
Article Name: Google Accuses Chinese of Blocking Gmail Service
by: David Barboza and Claire Cain Miller
http://www.nytimes.com/2011/03/21/technology/21google.html?ref=technology
Beijing has had some of the world's strictest Internet controls, but after pro-democracy demonstrations broke out in the Middle East in the beginning of this year, the Chinese government have become more strict in the effort to censor Web content and to disrupt Web searches related to calls for similar protests in China. After numerous attacks on its Web site by Chinese hackers, Google removed its Chinese language Internet search engine from China and relocated it to Hong Kong, where Beijing has fewer controls. After these attacks, the hackers had access to the private Gmail accounts of Chinese human rights advocates because the hackers had stolen some of the Google source code.
Although Google is trying to protect its services, it is being said that Google has violated its written promise that was made when entering the Chinese market by stopping filtering its searching service and blaming in insinuation for alleged hacker attacks. Currently, Google's search engines are still accessible in China, but the government has the ability to block them whenever they feel like it.
Although Google made promises with China, it is obvious that it is causing issues having pacts with them. The service was already hacked and source code was stolen, which causes many more problems along the way. It is almost impossible to completely cut China off, but it seems to be necessary to take some sort of more direct action in protecting Google's services from being attacked once again.
Article Name: Google Accuses Chinese of Blocking Gmail Service
by: David Barboza and Claire Cain Miller
http://www.nytimes.com/2011/03/21/technology/21google.html?ref=technology
Monday, March 14, 2011
Google: Social Network? Or is it all a hoax?
There have been rumors going around that Google will soon be coming out with their own social networking site, and with all of the confusion being caused by this rumor, Google has yet to do anything to clear any of it up. For months, there has been online chatter that Google is secretly working on releasing their own social networking site that would focus maybe on gaming, movies or music. But nothing has been definitely stated by Google or anyone that has any legitimate say in what is actually going to happen. Whether it will be called Google Circle or Google Me, it has been called the Facebook killer more than one time.
There was a lot of talk about this happening and that it was going to be called Google Circle at SXSW, the film, interactive and music festival that is now under way in Austin, Texas. But right after, a tweet from @googlesxsw bashed those rumors saying that they weren't launching any such products, but they were doing plenty else. After this, Google's Chris Messina stated that they were not launching its own social network. You would think that this would have been the end of it, but it kept going when Tim O'Reilly, technology pundit, tweeted something that inferred otherwise. He said that it wasn't necessarily a social network or a product, but more of a "research-y thing" that would help you manage social data.
It is being said that whether Google is creating a social network or not, they need to respond to the surge on Facebook and the power inherent in the Facebook business model. Even though it seems as though two companies don't compete directly, they really do. They compete for the users attention and their time.
I think it would be a good idea for Google to launch a social network, but it will be very difficult to compete with Facebook because it is now, probably the leading social networking site available for no charge. They may receive much attention and users mainly based off of their increased reputation for other things, but it still will be hard to compete with other social networking sites. This isn't saying that they won't become successful, though.
Article Name: Have you heard the one about Google going social?
by: Sharon Gaudin
http://www.computerworld.com/s/article/9214539/Have_you_heard_the_one_about_Google_going_social_?taxonomyId=11
There was a lot of talk about this happening and that it was going to be called Google Circle at SXSW, the film, interactive and music festival that is now under way in Austin, Texas. But right after, a tweet from @googlesxsw bashed those rumors saying that they weren't launching any such products, but they were doing plenty else. After this, Google's Chris Messina stated that they were not launching its own social network. You would think that this would have been the end of it, but it kept going when Tim O'Reilly, technology pundit, tweeted something that inferred otherwise. He said that it wasn't necessarily a social network or a product, but more of a "research-y thing" that would help you manage social data.
It is being said that whether Google is creating a social network or not, they need to respond to the surge on Facebook and the power inherent in the Facebook business model. Even though it seems as though two companies don't compete directly, they really do. They compete for the users attention and their time.
I think it would be a good idea for Google to launch a social network, but it will be very difficult to compete with Facebook because it is now, probably the leading social networking site available for no charge. They may receive much attention and users mainly based off of their increased reputation for other things, but it still will be hard to compete with other social networking sites. This isn't saying that they won't become successful, though.
Article Name: Have you heard the one about Google going social?
by: Sharon Gaudin
http://www.computerworld.com/s/article/9214539/Have_you_heard_the_one_about_Google_going_social_?taxonomyId=11
Internet Poker: Who/What Are You Playing Against?
Bryan Taylor, 36, began playing poker professionally in 2008. Taylor became extremely suspicious of his most frequent opponents when they began to play so similar, that it made him believe that he was competing against computers (or robots). To his surprise, this held to be true. These "bots" were programmed to play poker, and essentially beat the odds. A frequently visited site of Mr. Taylor's, PokerStars, had determined that some of their opponents were computers, playing as if they were people, and they were shut down. Any other incidents in the past that involved this issue were usually not that big of a problem because until recently, the poker bots were not that good. Now, they are programmed to win so much, that they could win up to tens of thousands of dollars.
Companies, such as PokerStars are cracking down on catching these bots. When a player is identified as being a bot, PokerStars removes them from the games and confiscates all of their winnings that they may have accumulated. This issue is becoming more and more common because the availability of buying your own personal poker bot is becoming more easy. Full Tilt, another large poker site, has banned more than 400 customers and has seized more than $50,000 of the customers' money because of this.
Unlike Watson, the I.B.M. computer that won on "Jeopardy!", poker bots are not stellar players. But they are getting better due to the advances in the way that computer scientists program software to play games. It is said that more than 90% of these bots aren't so good, and they are losing more money than they are gaining. These could be a couple reasons for why gambling sites aren't really cracking down as much as others in catching these bots.
Most of the poker bots made today and that are sold on the Internet were created by programmers as a hobby. Buyers can than program the bots that they purchase to make different strategic decisions in various circumstances. This allows them to observe which are successful, and which are not. They can then apply these successful strategies in the real world. While some buyers use it to this advantage, others think they can just use the bots they buy off the Internet to make money.
Is this just another step to advance into a world where humans encounter more robots each day? It becomes more frustrating, when you are playing online poker or things of that nature, and you are up against a bot, yet you don't know it. As the bots become better, your odds lessen and you're out of more money. Sure, it's your decision, but most people don't think of these things when playing on the Internet. It's going to become more and more popular, and everyone will eventually purchase a bot just to be able to beat the odds. It's going to be a battle against the bots, eventually, and not so much about humans intellectual and strategic decisions. It's going to be more about power.
Article Name: Poker Bots Invade Online Gambling
by: Gabriel Dance
http://www.nytimes.com/2011/03/14/science/14poker.html?ref=technology
Companies, such as PokerStars are cracking down on catching these bots. When a player is identified as being a bot, PokerStars removes them from the games and confiscates all of their winnings that they may have accumulated. This issue is becoming more and more common because the availability of buying your own personal poker bot is becoming more easy. Full Tilt, another large poker site, has banned more than 400 customers and has seized more than $50,000 of the customers' money because of this.
Unlike Watson, the I.B.M. computer that won on "Jeopardy!", poker bots are not stellar players. But they are getting better due to the advances in the way that computer scientists program software to play games. It is said that more than 90% of these bots aren't so good, and they are losing more money than they are gaining. These could be a couple reasons for why gambling sites aren't really cracking down as much as others in catching these bots.
Most of the poker bots made today and that are sold on the Internet were created by programmers as a hobby. Buyers can than program the bots that they purchase to make different strategic decisions in various circumstances. This allows them to observe which are successful, and which are not. They can then apply these successful strategies in the real world. While some buyers use it to this advantage, others think they can just use the bots they buy off the Internet to make money.
Is this just another step to advance into a world where humans encounter more robots each day? It becomes more frustrating, when you are playing online poker or things of that nature, and you are up against a bot, yet you don't know it. As the bots become better, your odds lessen and you're out of more money. Sure, it's your decision, but most people don't think of these things when playing on the Internet. It's going to become more and more popular, and everyone will eventually purchase a bot just to be able to beat the odds. It's going to be a battle against the bots, eventually, and not so much about humans intellectual and strategic decisions. It's going to be more about power.
Article Name: Poker Bots Invade Online Gambling
by: Gabriel Dance
http://www.nytimes.com/2011/03/14/science/14poker.html?ref=technology
Sunday, February 27, 2011
China Cleans Up Spam Issue
China was, at one point, the world's leading source of spam, but lately they have been dropping in the rank because they are slowly beginning to clean up this issue. Cisco Systems' IronPort group ranks China to be number 18 in terms of spam-producing countries. This is good, compared to two years ago when they ranked in the top 5. In 2009, they were ranked number 3 and by the end of 2009 was when they began to drop off significantly. Currently, China is ranked number 20 which is right behind Spain.
China is currently the home to approximately 420 million Internet users, and many of these users are accessing the Internet through hacked computers. In 2006, China began recognizing the major concerns and problems caused by the spam overload coming from their country. An anti-spam initiative was launched that brought network operators and security companies together in order to discuss this issue. Anti-spam supporters from the United States are now working more with China's members of the Internet Security team to work out standards and better ways of cooperating.
The thought process is that hopefully the U.S. will learn a few things from China and its efforts in fighting spam.Currently, the U.S. remains the top spamming country and is the source of about one-fifth of the world's spam.Although some security experts say that some of the spam messages are created by spammers that are not residing in the country, but the fact that the U.S. has so many hacked machines at our disposal is becoming a huge problem.
In an effort to control China's spam problem, they have made it more difficult to register new Internet domains have put on more stricter controls on those who are able to send out emails. Although China is coming up with more and more ways to control their spam breakout, it is being studied that spammers have moved from China to Russia now. Although this may remain true, experts are having a hard time keeping track of China's improvements because they keep most of their doings on the "down low.
It is kind of scary how quickly spamming can become a problem, and I was unaware that the United States is top in this spam outbreak. Although, I am not shocked. We become aware of this issue, but not much is done about it. It seems as though China really put their foot down and decided that this wasn't going to be a problem in their country. Maybe other countries, now Russia ... and the U.S. need to consider doing the same.
Article Name: China Cleans Up Spam Problem
by: Robert McMillian
http://www.computerworld.com/s/article/9211658/China_cleans_up_spam_problem?taxonomyId=17&pageNumber=1
China is currently the home to approximately 420 million Internet users, and many of these users are accessing the Internet through hacked computers. In 2006, China began recognizing the major concerns and problems caused by the spam overload coming from their country. An anti-spam initiative was launched that brought network operators and security companies together in order to discuss this issue. Anti-spam supporters from the United States are now working more with China's members of the Internet Security team to work out standards and better ways of cooperating.
The thought process is that hopefully the U.S. will learn a few things from China and its efforts in fighting spam.Currently, the U.S. remains the top spamming country and is the source of about one-fifth of the world's spam.Although some security experts say that some of the spam messages are created by spammers that are not residing in the country, but the fact that the U.S. has so many hacked machines at our disposal is becoming a huge problem.
In an effort to control China's spam problem, they have made it more difficult to register new Internet domains have put on more stricter controls on those who are able to send out emails. Although China is coming up with more and more ways to control their spam breakout, it is being studied that spammers have moved from China to Russia now. Although this may remain true, experts are having a hard time keeping track of China's improvements because they keep most of their doings on the "down low.
It is kind of scary how quickly spamming can become a problem, and I was unaware that the United States is top in this spam outbreak. Although, I am not shocked. We become aware of this issue, but not much is done about it. It seems as though China really put their foot down and decided that this wasn't going to be a problem in their country. Maybe other countries, now Russia ... and the U.S. need to consider doing the same.
Article Name: China Cleans Up Spam Problem
by: Robert McMillian
http://www.computerworld.com/s/article/9211658/China_cleans_up_spam_problem?taxonomyId=17&pageNumber=1
Saturday, February 26, 2011
Microsoft Moonlighting .. okay?
Smartphones are the new phone of today, and majority of people now own one. These phones allow you to download different applications including games, news, weather, etc, but most people don't have the newly introduced application, called Bubblegum. Bubblegum is an application that allows you to edit your photos on your phone and upload them up to Web sites such as Facebook. The reason for why most people don't have this application is because it is considered an app for a nascent market. This is people who have the new Windows 7 software inside their phones. Because the platform is new, developers need to learn more about it before writing many of those apps. In order to do this, Microsoft has decided to take a very unusual step. Microsoft has decided to relax a strict rule that they have had, and let employees moonlight in their spare time. The employees will keep the resulting intellectual property and most of the revenue, as long as the second job is writing applications for Windows Phone 7 based devices.
Microsoft is not being quiet about this process. They are throwing pizza parties for those employees willing to help, and are giving free Windows 7-based phones to all employees in the 19 countries where the phones are available. The major downside to this, is that if an app doesn't catch on, there is no money in the process for the employees who had taken up their leisure time to help. This possibility has made this incentive less attractive to the employees.
Some seem to think that Microsoft shouldn't be cheering their employees on that are helping with this development. Most companies want their engineers to give their all into their core jobs. Microsoft, though, says that they did this change in policy so developers could work on this project in their spare time, and still have the financial benefit and outcome of the work. The incentive has been part of the pull to get this work done, and so far, 840 applications have been published. It is said that Microsoft's new rules fit the broader rethinking of how large companies manage research. Not only are they rewarding their employees for working in their spare time, but they are also keeping that energy to catch up in the mobile market.
If Microsoft is going to do this in order to further themselves and catch up in the mobile market, it doesn't really matter what other companies think. In my opinion, the other companies are jealous of what Microsoft has thought of to better their company and their products. They obviously need to change things up in order to stay ahead and not fall behind other leading mobile phone companies, in their advancements to win over people's vote on which company is best.
Article: Moonlighting Within Microsoft, in Pursuit of New Apps
by: Anne Eisenberg
http://www.nytimes.com/2011/02/27/business/27novel.html?ref=technology
Microsoft is not being quiet about this process. They are throwing pizza parties for those employees willing to help, and are giving free Windows 7-based phones to all employees in the 19 countries where the phones are available. The major downside to this, is that if an app doesn't catch on, there is no money in the process for the employees who had taken up their leisure time to help. This possibility has made this incentive less attractive to the employees.
Some seem to think that Microsoft shouldn't be cheering their employees on that are helping with this development. Most companies want their engineers to give their all into their core jobs. Microsoft, though, says that they did this change in policy so developers could work on this project in their spare time, and still have the financial benefit and outcome of the work. The incentive has been part of the pull to get this work done, and so far, 840 applications have been published. It is said that Microsoft's new rules fit the broader rethinking of how large companies manage research. Not only are they rewarding their employees for working in their spare time, but they are also keeping that energy to catch up in the mobile market.
If Microsoft is going to do this in order to further themselves and catch up in the mobile market, it doesn't really matter what other companies think. In my opinion, the other companies are jealous of what Microsoft has thought of to better their company and their products. They obviously need to change things up in order to stay ahead and not fall behind other leading mobile phone companies, in their advancements to win over people's vote on which company is best.
Article: Moonlighting Within Microsoft, in Pursuit of New Apps
by: Anne Eisenberg
http://www.nytimes.com/2011/02/27/business/27novel.html?ref=technology
Monday, February 21, 2011
'kill switch' to save us from cyberattacks? or no 'kill switch'?
Three U.S. Senators have presented a new bill that would limit the authority of the president's request to shut down parts of the Internet during a major cyberattack. The Cybersecurity and Internet Freedom Act, introduced late Thursday, would explicitly deny the president or other U.S. officials "authority to shut down the Internet." One of the senators, Senator Joseph Lieberman, states that it is basically impossible to shut down the Internet in this country. He says that there is no 'kill-switch' in their legislation.
Lieberman, Susan Collins and Tom Carper, the bill's sponsors, introduced a cybersecurity bill that would have defined emergency powers that the president could use, in 2010. In these included shutting down parts of the Internet when there is an ongoing cyberattack on the nation's critical infrastructure. The new legislation has similar language, allowing the president to take emergency action to protect, but the new bill adds to this saying that the president, and any federal cybersecurity officials and government employees do not have the authority to shut down the Internet.
Many, including members of the Senate Homeland Security and Government Affairs Committee, argued that the bill would limit the powers that the president has in the Communications Act in 1934 to shut down wired and radio communications during war time. Although this is true, the bill failed to pass through Congress. Because of this, the new 221 page bill mirrors parts of the 2010 bill. This bill would require owners of critical infrastructure to fix vulnerabilities. It would also establish and create a national center that would focus on preventing and responding to various cyberattacks.
If the president knows that there are major cyberattacks occuring through our Internet stream, why shouldn't he have the power to shut it down? He is elected to serve and protect his people of his country, and if he is doing so, I don't see much of the harm. Sure, it would be inconvenient. But would most people rather be affected by a cyberattack? Who knows the major damange it could cause. Atleast, though, it was considered that the president take action.
Article Name: Bill would prohibit Internet 'kill switch'
by: Grant Gross
http://www.computerworld.com/s/article/9210339/Bill_would_prohibit_Internet_kill_switch_?taxonomyId=17
Lieberman, Susan Collins and Tom Carper, the bill's sponsors, introduced a cybersecurity bill that would have defined emergency powers that the president could use, in 2010. In these included shutting down parts of the Internet when there is an ongoing cyberattack on the nation's critical infrastructure. The new legislation has similar language, allowing the president to take emergency action to protect, but the new bill adds to this saying that the president, and any federal cybersecurity officials and government employees do not have the authority to shut down the Internet.
Many, including members of the Senate Homeland Security and Government Affairs Committee, argued that the bill would limit the powers that the president has in the Communications Act in 1934 to shut down wired and radio communications during war time. Although this is true, the bill failed to pass through Congress. Because of this, the new 221 page bill mirrors parts of the 2010 bill. This bill would require owners of critical infrastructure to fix vulnerabilities. It would also establish and create a national center that would focus on preventing and responding to various cyberattacks.
If the president knows that there are major cyberattacks occuring through our Internet stream, why shouldn't he have the power to shut it down? He is elected to serve and protect his people of his country, and if he is doing so, I don't see much of the harm. Sure, it would be inconvenient. But would most people rather be affected by a cyberattack? Who knows the major damange it could cause. Atleast, though, it was considered that the president take action.
Article Name: Bill would prohibit Internet 'kill switch'
by: Grant Gross
http://www.computerworld.com/s/article/9210339/Bill_would_prohibit_Internet_kill_switch_?taxonomyId=17
are you being watched?
Most people think that the only people that could hack into their personal data on their computer or snoop on their Internet activity is someone who is involved in the government, or someone that spends all of their time stuck to a computer and knows the ins and outs of everything involved with computers. What these people don't know is that while you are sitting in a Wi-Fi hot spot, your Internet activity could be being watched by someone who is sitting right next to you. A free program, called Firesheep, was released in October and is allowing anyone to access what other users of an unsecured Wi-Fi network are doing and then allow them to log onto these sites as the other person. Because this happened sparatically, website administrators are scrambling to add additional protections to block out this program.
Eric Butler, creator of Firesheep, says that he created this program to show that a widespread issue in website security is being ignored, and that it points out the lack of end-to-end encryption. Basically, while the password that you enter on password "protected" sites such as Facebook, Twitter, Amazon, eBay, etc is encrypted, the web browser's cookieis often not encrypted. Firesheep gets that cookie and allows these people that have Firesheep to log on and be you on these sites. This program isn't just now coming out to cause problems. It is said that over a million people have downloaded this program and are using it.
The only sites that are protected from this program and from snoopers are those that employ the cryptographic protocol Transport Layer Security or its predecessor, Secure Sockets Layer, throughout your session. Paypal and many banks do this, but there is a shocking number of those who do not. The biggest reason for why all websites won't go along with encrypting all communication is because it will slow down the site and cause a huge engineering expense.
Although it is only available to a small percentage of its users and has its limitations, Facebook has recently offered protection as an opt-in security feature. Although this seems nice, it will eventually block out all major applications on Facebook, making most users not want to accept the protection. Either that or they just won't even know about it. Joe Sullivan, chief security officer at Facebook, says that they hope to have this available to all users in the next couple of weeks.
You may be thinking, "Then I just won't go to free Wi-Fi hotspots. I'm protected at home.". You're wrong. Specific Wi-Fi cracking programs are available that work by faking legitimate user activity to collect a series of clues to get the passwords that you may enter into your computer. It is becoming more and more easier to get the password to your wireless router, making it easier to access other information.
It is pretty rediculous that we can't even be safe in our own homes with our security locked routers and Wi-Fi. You have to basically watch your back now wherever you go, and know the specifics of almost every website that you visit to know that you are fully protected. But, really, how many people really think that they need to do such a thing? Most people are unaware that things of this nature even occur. Why aren't these the top news stories on the 6:00 news?
Article Name: New Hacking Tools Pose Bigger Threats to Wi-Fi Users
by: Kate Murphy
http://www.nytimes.com/2011/02/17/technology/personaltech/17basics.html?_r=1&ref=technology
Eric Butler, creator of Firesheep, says that he created this program to show that a widespread issue in website security is being ignored, and that it points out the lack of end-to-end encryption. Basically, while the password that you enter on password "protected" sites such as Facebook, Twitter, Amazon, eBay, etc is encrypted, the web browser's cookieis often not encrypted. Firesheep gets that cookie and allows these people that have Firesheep to log on and be you on these sites. This program isn't just now coming out to cause problems. It is said that over a million people have downloaded this program and are using it.
The only sites that are protected from this program and from snoopers are those that employ the cryptographic protocol Transport Layer Security or its predecessor, Secure Sockets Layer, throughout your session. Paypal and many banks do this, but there is a shocking number of those who do not. The biggest reason for why all websites won't go along with encrypting all communication is because it will slow down the site and cause a huge engineering expense.
Although it is only available to a small percentage of its users and has its limitations, Facebook has recently offered protection as an opt-in security feature. Although this seems nice, it will eventually block out all major applications on Facebook, making most users not want to accept the protection. Either that or they just won't even know about it. Joe Sullivan, chief security officer at Facebook, says that they hope to have this available to all users in the next couple of weeks.
You may be thinking, "Then I just won't go to free Wi-Fi hotspots. I'm protected at home.". You're wrong. Specific Wi-Fi cracking programs are available that work by faking legitimate user activity to collect a series of clues to get the passwords that you may enter into your computer. It is becoming more and more easier to get the password to your wireless router, making it easier to access other information.
It is pretty rediculous that we can't even be safe in our own homes with our security locked routers and Wi-Fi. You have to basically watch your back now wherever you go, and know the specifics of almost every website that you visit to know that you are fully protected. But, really, how many people really think that they need to do such a thing? Most people are unaware that things of this nature even occur. Why aren't these the top news stories on the 6:00 news?
Article Name: New Hacking Tools Pose Bigger Threats to Wi-Fi Users
by: Kate Murphy
http://www.nytimes.com/2011/02/17/technology/personaltech/17basics.html?_r=1&ref=technology
Tuesday, February 15, 2011
Firefox may be enabling a do-not-track system
Mozilla Corporation is in the process of enabling a do-not-track feature to their Firefox Web browser, but is running into a few problems. This feature would allow users to be able to visit any website without having their activity traced and monitored online. In order to to this, tracking companies need to agree that they will not monitor users who have enabled the do-not-track feature, and so far there have been no agreements publicly from any of these companies. This idea has come from certain growing privacy concerns about the online-tracking industry. Mozilla sees this move as attending to and honoring people's privacy choices.
Until recently, Mozilla, Microsoft Corp. and Google have been in competition focusing on speed and technical features more than privacy tools. However, last month Microsoft had stated that it would revive a powerful privacy feature in its Internet Explorer 9 that would allow internet users to stop certain websites and tracking companies from monitoring their activity. It was also said that Microsoft had done something along the same lines in their Internet Explorer 8. Google has also supposed to be announcing a privacy tool for its Chrome Web browser that will enable users to permanently opt out of ad-targeting. These privacy tools are said to be more difficult and complicated than stated here. It will require steps in deciding which sites to block, and identifying its extent.
Mozilla's privacy tool will not be set by default, but will only require the user to go in their settings and check a box to enable the do-not-track feature. Currently, Mozilla is unsure of when this will be released, but they intend on it being successful.
There are privacy settings in Microsoft's Internet Explorer, and as stated, it is complicated to change the settings for it. If you want to block certain settings, you need to individually identify which websites you wish to block, etc. It gets time consuming, and even though some people may wish to do so, they don't want to take the time to do it. It seems as though Mozilla's solution to this inconvenience would be much easier and less time consuming. All it really needs is the consent from the tracking companies.
Article Name: Firefox Web Tool to Deter Tracking
by: Julia Angwin
http://online.wsj.com/article/SB10001424052748704213404576100441609997236.html
Until recently, Mozilla, Microsoft Corp. and Google have been in competition focusing on speed and technical features more than privacy tools. However, last month Microsoft had stated that it would revive a powerful privacy feature in its Internet Explorer 9 that would allow internet users to stop certain websites and tracking companies from monitoring their activity. It was also said that Microsoft had done something along the same lines in their Internet Explorer 8. Google has also supposed to be announcing a privacy tool for its Chrome Web browser that will enable users to permanently opt out of ad-targeting. These privacy tools are said to be more difficult and complicated than stated here. It will require steps in deciding which sites to block, and identifying its extent.
Mozilla's privacy tool will not be set by default, but will only require the user to go in their settings and check a box to enable the do-not-track feature. Currently, Mozilla is unsure of when this will be released, but they intend on it being successful.
There are privacy settings in Microsoft's Internet Explorer, and as stated, it is complicated to change the settings for it. If you want to block certain settings, you need to individually identify which websites you wish to block, etc. It gets time consuming, and even though some people may wish to do so, they don't want to take the time to do it. It seems as though Mozilla's solution to this inconvenience would be much easier and less time consuming. All it really needs is the consent from the tracking companies.
Article Name: Firefox Web Tool to Deter Tracking
by: Julia Angwin
http://online.wsj.com/article/SB10001424052748704213404576100441609997236.html
Paying Attention to the "Fine Print"?
Facebook, along with many other social networking sites, have had their fair share of scams. From getting users' personal information to making you believe that the site is shutting down. This, once again, is holding true for many Facebook users. They are coming across a message that is said to be from Mark Zuckerberg, founder of Facebook, stating that the site will shut down and if you are interested in keeping your account, to visit a listed website. This site takes you through the steps of "keeping your account". It makes you allow this application to the user's website. Like the other applications on Facebook, this one will post status messages or other content on the user's Wall. It begins by posting the same message that the user had fell for in the first place.
While this is happening, a completely bogus explanation for why Facebook will be shutting down is presented to the user. It explains that Facebook is becoming way too overpopulated and that there are too many people complaining that the website is becoming too slow. It also says that there are too many Facebook accounts that are not being used, and they are requiring everyone who is active on their account to verify this so that they don't shut down their account. The scam ends by providing a pop-up window of surveys to be completed, and once one is completed it is shown that the user's Facebook is active and will remain active.
Clearly, this is is a scam and the information that has been provided to users on Facebook are false. It is said that for every survey that is completed, to apparently keep your Facebook account, more money is put into these scammers' and hackers' pockets. If you are one of these people who had accepted this application onto your Facebook account, you are advised to delete everything from that application.
There has been word going around, ever since Facebook has been active, that its applications are not all valid. When you "Allow" for an application to access your account, you are sometimes allowing hackers to access your account information...not just to view your page. These things are sometimes easily mistaken for a cool game or a fun application, which is how the hackers grab a user's attention. More people just need to be on the look out for what is trying to really hack into their accounts.
Article Title: "Facebook closing all accounts" scam hits users
by Zeljka Zorz, HNS News Editor
http://www.net-security.org/secworld.php?id=10517
While this is happening, a completely bogus explanation for why Facebook will be shutting down is presented to the user. It explains that Facebook is becoming way too overpopulated and that there are too many people complaining that the website is becoming too slow. It also says that there are too many Facebook accounts that are not being used, and they are requiring everyone who is active on their account to verify this so that they don't shut down their account. The scam ends by providing a pop-up window of surveys to be completed, and once one is completed it is shown that the user's Facebook is active and will remain active.
Clearly, this is is a scam and the information that has been provided to users on Facebook are false. It is said that for every survey that is completed, to apparently keep your Facebook account, more money is put into these scammers' and hackers' pockets. If you are one of these people who had accepted this application onto your Facebook account, you are advised to delete everything from that application.
There has been word going around, ever since Facebook has been active, that its applications are not all valid. When you "Allow" for an application to access your account, you are sometimes allowing hackers to access your account information...not just to view your page. These things are sometimes easily mistaken for a cool game or a fun application, which is how the hackers grab a user's attention. More people just need to be on the look out for what is trying to really hack into their accounts.
Article Title: "Facebook closing all accounts" scam hits users
by Zeljka Zorz, HNS News Editor
http://www.net-security.org/secworld.php?id=10517
Wednesday, February 9, 2011
Is your facebook safe?
Facebook, one of the largest social networking sites available today, is taking action against a newly created site called Lovely Faces. Lovely Faces is an online dating site that was created as a way to demonstrate how easily data is misused that is placed on different sites, such as Facebook. This dating site features 250,000 profiles of men and women, whose personal information and photos were "scraped" off different social networking sites and used without their permission. Paolo Cirio, an Italian media artist, and Alessandro Ludovico, a media critic and editor in chief of Neural magazine in Italy, are Lovely Faces' creators. These two admitted to using an automated bot program to systematically scrape personal and public information from 1 million Facebook profiles.
Through a different PDF file, provided in the news article, the creators explained their thought process. They thought that, after downloading and scraping all of these different people's profiles, that they had it all figured out. They knew what the people on these networking sites really wanted. They thought that these people were on these networking sites because they wanted to attract new people, begin new relationships, and receive love through their digital traits. Although this may hold to be true, Cirio and Ludovico also came up with the idea that these people were trapped in Facebook's privacy rules and regulations. Their idea of creating Lovely Faces was to give these virtual identities a place to expose themselves freely, and they could break away from Facebook's "constraints and boring social rules."
When the data and information was scraped from the different profiles, it was downloaded into a database and run through a face recognition software program that would group the different individuals in different categories. These categories were based on their facial expressions, such as "easy going", "funny", "mild", and "smug". The two creators stated that Lovely Faces demonstrates how awesome social networks can also be seen as a "goldmine" for identity theft. Facebook states that they have, and will continue, to take legal action against organizations that violate their terms. They say that they have already demanded that Lovely Faces delete the collected data, and they will continue to be on top of this.
It is scary sometimes how easily your personal information can be stolen, but what some people don't understand is that whenever you put something on the internet, whether you intend on it being private, it is public. It isn't hard to hack into someone's account, as shown through Cirio and Ludovico. They basically turned these people into interested men and women, who were looking for a relationship. When in turn, they really weren't. It is interesting how often things like this happen, but disappointing that we need to be more protective of what we let loose online.
http://www.computerworld.com/s/article/9208558/Duo_scrapes_1M_Facebook_profiles_to_create_mock_dating_site?taxonomyId=84 & http://www.face-to-facebook.net/press/face2facebook_press_release.pdf
Through a different PDF file, provided in the news article, the creators explained their thought process. They thought that, after downloading and scraping all of these different people's profiles, that they had it all figured out. They knew what the people on these networking sites really wanted. They thought that these people were on these networking sites because they wanted to attract new people, begin new relationships, and receive love through their digital traits. Although this may hold to be true, Cirio and Ludovico also came up with the idea that these people were trapped in Facebook's privacy rules and regulations. Their idea of creating Lovely Faces was to give these virtual identities a place to expose themselves freely, and they could break away from Facebook's "constraints and boring social rules."
When the data and information was scraped from the different profiles, it was downloaded into a database and run through a face recognition software program that would group the different individuals in different categories. These categories were based on their facial expressions, such as "easy going", "funny", "mild", and "smug". The two creators stated that Lovely Faces demonstrates how awesome social networks can also be seen as a "goldmine" for identity theft. Facebook states that they have, and will continue, to take legal action against organizations that violate their terms. They say that they have already demanded that Lovely Faces delete the collected data, and they will continue to be on top of this.
It is scary sometimes how easily your personal information can be stolen, but what some people don't understand is that whenever you put something on the internet, whether you intend on it being private, it is public. It isn't hard to hack into someone's account, as shown through Cirio and Ludovico. They basically turned these people into interested men and women, who were looking for a relationship. When in turn, they really weren't. It is interesting how often things like this happen, but disappointing that we need to be more protective of what we let loose online.
Article Name: Duo scrapes 1M Facebook profiles to create mock 'dating' site
By Jaikumar Vijayan
http://www.computerworld.com/s/article/9208558/Duo_scrapes_1M_Facebook_profiles_to_create_mock_dating_site?taxonomyId=84 & http://www.face-to-facebook.net/press/face2facebook_press_release.pdf
Tuesday, February 8, 2011
Your Apps Are Watching You
An article, "Your Apps are Watching You" by Scott Thurm and Yukari Iwatani Kane discusses how privacy on certain Smart Phones, such as the Iphone, are not as strict as you may think. It was found that different Smart phones are spreading personal information about the cell phone owner such as location, age, gender, zip code, the phone's unique ID number, and other sorts of personal information, to different companies without the user's consent. This sort of act is occurring when certain applications on the phone are accessed by the user.
Both Google and Apple back up their privacy content laws by stating that they had created strong privacy protections for their customers, especially for and regarding location based data. An Apple spokesman said, "Privacy and trust are vitally important."The Journal tested different Apps in Apple's Iphone and in Google's Smartphones and found that the most common shared detail was the phone's unique ID number. This ID number is tracked by the carrier and company to monitor what the user is downloading, using, how much time they use the different apps, etc.
Google and Apple seem to think that they have a hold on what their privacy laws control, but it is obvious that there are several ways of getting around these issues. There are certain applications that ask for permission to transmit personal information through the phones, but it can be said different about other applications. Most people are unaware of the fact that their phones are doing this, and that nothing is really being done about it.
http://online.wsj.com/article/SB10001424052748704694004576020083703574602.html
Both Google and Apple back up their privacy content laws by stating that they had created strong privacy protections for their customers, especially for and regarding location based data. An Apple spokesman said, "Privacy and trust are vitally important."The Journal tested different Apps in Apple's Iphone and in Google's Smartphones and found that the most common shared detail was the phone's unique ID number. This ID number is tracked by the carrier and company to monitor what the user is downloading, using, how much time they use the different apps, etc.
Google and Apple seem to think that they have a hold on what their privacy laws control, but it is obvious that there are several ways of getting around these issues. There are certain applications that ask for permission to transmit personal information through the phones, but it can be said different about other applications. Most people are unaware of the fact that their phones are doing this, and that nothing is really being done about it.
http://online.wsj.com/article/SB10001424052748704694004576020083703574602.html
Subscribe to:
Posts (Atom)