Tuesday, January 31, 2012

MegaUpload Users Files Safe From Deletion For Now

If you are a MegaUpload user by now you are painfully aware that the site has recently been forced to shut down by US law enforcement officials due to copyright concerns. Unfortunately for user there was no prior notice given so that we could gain access to the site and download or remove our content. Well rest easy, at least for now. News.com reports that a deal has been made between MegaUpload's defense team and the two companies that hosted MegaUpload's servers, Carpathia Hosting and Cogent Communications Group to safe guard your files from deletion for at least two more weeks.

What does this mean for you?
Well so far not much has changed. The site is still down so users will not be able to access their files. Ira Rothken, MegaUpload's U.S. attorney, has said he is working with the hosting companies and the federal government to try to reach an arrangement that will allow users access to some, if not all, of their files.

Will I ever get my MegaUpload data back?
There is no clear and decisive answer here. The hosting companies involved have no control over the data as of now. It all depends on the federal government and what they decide to do. If they force the deletion of the data thee really is no recourse, they must legally comply.

The Electronic Frontier Foundation (EFF) and Carpathia Hosting have setup a website and begun a campaign urging "innocent users" of Megaupload's service to get in touch with EFF to explore possible legal avenues for retrieving the data.

The site is designed to "help lawful users in the United States work with EFF to investigate their options for retrieving their legitimate, non-infringing files from Megaupload." This means users with personal files, photo's backups ect. not those of you with anything that might be construed as copyrighted material.

So for now its just a wait and see game. Hopefully it will all pan out for the best!

Saturday, January 28, 2012

Newest Smartphone Threat QR Code Malware

Security vendor AVG has issued a warning for smartphone users that like to scan Quick Response codes that some of these codes may contain text and URLs with hidden malware.

In its latest report, entitled AVG Community Powered Threat Q4 2011, the company warned that hackers are putting their own malicious stickers over the top of legitimate QR codes. These codes lead unsuspecting users to malicious sites or offer up downloads in the form of malicious malware. Some of the codes install malware which sends costly SMS messages to premium numbers and also redirects to a URL which downloads a malicious file.

In most cases the user does not know what lurks behind the QR code until the malware is already installed and running.

"Putting a malicious QR code sticker onto existing marketing material or replacing a website's bona fide QR code with a malicious one could be enough to trick many unsuspecting people. In Q4 we clearly saw the convergence between computers and mobile phones applies to malware too. As phones become more like computers, so do the risks,” said Yuval Ben-Itzhak, Chief Technology Officer, AVG Technologies. “Many sophisticated tricks of the trade from computers are now being repurposed for phones. However, as phones are often tied into billing systems the gains can be far greater.”

Full Q4 Threat Report: AVG_Community_Powered_Threat_Report_Q4_2011

Friday, January 20, 2012

Internet Blackout Works As Congress Shelves SOPA And PIPA Vote

The politicians behind the anti-piracy bills, SOPA And PIPA, have responded to the recent internet blackouts in protest to their legislation by indefinitely shelving their respective proposed votes.

In a brief statement, Senate Democratic leader Harry Reid said "in light of recent events" that he would postpone the SOPA vote that had been scheduled for January 24. Shortly after Reid's statement Lamar Smith, the Republican chairman of the House of Representatives Judiciary Committee, followed suit, saying his panel would delay action on the similar PIPA legislation until there is wider agreement on the issue at this time neither have offered details on a potential new date for the vote

"I have heard from the critics and I take seriously their concerns regarding proposed legislation to address the problem of online piracy. It is clear that we need to revisit the approach on how best to address the problem of foreign thieves that steal and sell American inventions and products," Smith said in his statement.

Does this mean SOPA and PIPA are dead? Not hardly!!

Despite his decision to postpone the current action, Reid left the door open to bringing the bill back or introducing further similar legislation. In his statement he said, "There is no reason that the legitimate issues raised by many about this bill cannot be resolved."

Clearly the fight is not over.

Tuesday, January 17, 2012

Major Sites Plan Blackouts In Protests Against SOPA

Update: You may have already noticed several major sites including Wikipedia and Craigslist have already put up their blackout pages. Many sites are choosing to add a 3-4sec splash screen type delay. Just note that doesn't mean the sites were hacked. This is a planned organized protest.

Starting at 5AM PST (8AM EST) you may notice some of your favorite websites are offline. Don't be alarmed! This is in protest to the recently proposed Stop Online Piracy Act (SOPA) and the Protect IP Act (PIPA). The protest is set to begin Jan 18th at 8AM EST and end at 8PM EST.

Several major websites including Google, Reddit, Wikipedia, BoingBoing, Imgur and Tucows, are planning a partial, if not total, blackout Wednesday to protest the controversial anti-piracy legislation being considered by Congress. According to Fight for the Future and SOPAStike, two of the groups organizing the protests, nearly 12,000 websites have said they will join the blackout. That number is still growing.

If you need to use some of your favorite sites like Wikipedia for any urgent research, make sure you do it today – come tomorrow, you’ll be clean out of luck.

So what is SOPA Anyway?

SOPA and PIPA are actually two independent pieces of legislation. SOAPA is currently being considered in the House and PIPA in the Senate. Both are designed to tackle the problem of foreign-based websites that sell pirated movies, music and other products.

The goal is to give Intellectual Property (IP) owners more tools to go after foreign sites they claim are infringing upon their IP and contributing to the theft and sale of U.S. goods, music, video and other material.

Opponents argue that the bills will give content and IP owners too much power to go after websites they decide are infringing on their rights. The argument is that while the bills are targeted only at foreign websites, there are still sections that provide for very sweepings powers that could be used against legitimate U.S. websites. Inevitably forcing then to undertake costly and impractical monitoring of their sites to ensure compliance with SOPA and PIPA.

The main issue is with DNS blacklisting. This very sticky provision would have required ISPs to prevent Americans from visiting blacklisted sites by altering the DNS service that translates site names like Google.com into IP addresses such as 174.35.23.56. Instead, for the blacklisted sites, ISPs would have to return a negative result so their customer's browsers would show that the site doesn’t exist. You could still reach the site via it's direct IP address just not by the domain name.

According to MPAA tech policy chief Paul Brigner the Motion Picture Associaton of America has conceded that DNS filtering will not be included in the anti-piracy bills now making their way through Congress. His remarks came during a debate on SOPA at the State of the Net conference in Washington DC. The event was sponsored by the Congressional Internet Caucus Advisory Committee.

Brigner's comments were echoed by Steve Tepp of the US Chamber of Congress, another major SOPA supporter. He said the DNS provisions of SOPA and PIPA have "essentially been taken off the table," as the sponsors of both bills—Rep Lamar Smith (R-TX) and Sen. Patrick Leahy (D-VT), respectively—have pledged to remove those provisions from the bill.

Many contend that while this provision was a major sticking point many of the provisions still in the bills will enable a sort of Internet censorship and prior restraint on free speech.

You can view the entire bill here (download PDF).

Related Articles:

Thursday, January 12, 2012

Google Launches Android Design Site

Android developers looking for a little help will now have a new tool thanks to Google. Today the company has introduced Android Design: A site Google explains as the place to learn about principles, building blocks, and patterns for creating world-class Android user interfaces.

The site features a ton of information including advice for buildings apps with details on suggested iconography, patterns, colors, typography, and writing styles. While these are all just suggestions Google hopes that by following some of these guidelines there will be less fragmentation across the user experience and that apps that follow them will look like they belong on an Android device.


Android Developers Blog: Introducing the Android Design site

Thursday, January 05, 2012

iPhone 4S Uses Twice As Much Data As Previous iPhone

Recent studies suggest that Apple's latest iPhone consumes nearly double the data as the previous iPhone model and even more than previous generation of the smartphone and the iPad tablets due to the increasing use of online services like Siri.

IPhone 4S users transfer on average three times more data than users of the older iPhone 3G model which was used as the benchmark in a study by telecom network technology firm Arieso. Data usage of the previous model, the iPhone 4, was only 1.6 times higher than the iPhone 3G, while iPad2 tablets consumed 2.5 times more data than the iPhone 3G, the study showed.

According to Arieso CTO Michael Flanagan the top reasons behind the growing data volume include the addition of Siri and iCloud as well as other online services.

Apple users certainly aren't alone in their higher than average data usage, but they were in the top tier of Arieso’s research. Other heavy data users include owners of Samsung's Galaxy S and S II, as well as the Nexus One and HTC Desire S. According to the reports the study showed that users of the latest RIM BlackBerry smartphones, the Curve and the Bold Touch, were amongst the lowest downloading about five times less data than iPhone 4S subscribers.

To me the numbers really aren't surprising. As you add more services and features you should expect higher than normal data usage. More and more people are using their phones to record high-definition video and images adding to higher upload volumes. While more and more of us are using our phones to browse the Internet and play music and videos adding to higher download numbers. The downside is the burden on carrier demand as well as the need for higher capacity data plans. User that use to get by with a basic limited plan may now exceed those limits or face the need for a much higher priced plan.

Update: Here is the full report

Wednesday, January 04, 2012

Facebook Scammers Exploit Users Wanting Their Old Facebook Back

Facebook users beware a new scam has cropped up over your dislike of the new Facebook Timeline feature and your desire to revert to the old look.

Facebook has recently given users the opportunity to update to the new Timeline feature, which by all accounts hasn't been as big a hit as they had hoped. Scammers it appears have began cashing in on the fact that many of the new users of the feature don't care for the new changes and have found a way to take advantage of this attitude.

Inside Facebook reports that "a number of scammers" are creating Facebook Pages filled with deceptive instructions which promise users the ability to go through a few steps to roll back to the old style. Unsuspecting users are seemingly unaware that the switch to Facebook's Timeline is permanent.

Among the instructions scammers are giving users are clicking various "Like" buttons, inviting friends to "like" a page, watching YouTube videos, downloading files, and so on. While some of these actions may not have terrible outcomes, many could lead to the installation and spread of malicious software and the theft of personal information.

Again users should be aware that the switch to Facebook's Timeline is permanent once you decide to try it you are stuck with it and there is no going back!

Facebook Announces 2012 Hacker Cup

Facebook is inviting programmers worldwide to try their hand at the company's annual Hacker Cup a worldwide programming competition that challenges contestants to solve increasingly difficult algorithmic problems.

"Whether we’re building a prototype for a major product like Timeline at a Hackathon, creating a smarter search algorithm, or tearing down walls at our new headquarters, we’re always hacking to find better ways to solve problems." wrote Facebook mobile engineer David Alves in a blog post announcing the contest.

The competition commences with a 72-hour Qualification Round on January 20, 2012 at 4:00 PM PT and ends on January 23, 2012 at 4:00 PM PT. All registered competitors will be presented with three problems. Every competitor who correctly solves at least one problem will advance to Online Round 1.

Online Round 1 will last 24 hours from January 28, 2012 at 10:00 AM PT and ends on January 29, 2012 at 10:00 AM PT. To advance to Online Round 2, participants must solve at least one problem correctly. If more than 500 people solve at least one problem correctly, then the top 500 participants will advance, as well as everyone else who answered the same number of questions correctly as the 500th-place contestant.

Online Round 2 will last three hours from February 4, 2012 at 1:00 PM PT and end February 4, 2012 at 4:00 PM PT. The competitors will have three hours to solve the presented problem sets. The top-scoring 100 participants from Online Round 2 will receive an official Hacker Cup t-shirt. The top-scoring 100 competitors from Online Round 2 will be notified via email that they have advanced to Online Round 3.

Online Round 3 will last three hours from February 11, 2012 at 1:00 PM PT and end February 11, 2012 at 4:00 PM PT. The 100 competitors will have three hours to solve the presented problem sets. The top-scoring 25 competitors from Online Round 3 will be notified via email that they have advanced to the final round at Facebook.

Facebook will fly the top-scoring 25 competitors to Menlo Park, California, for the final round of competition on March 17, 2012, where they'll receive some great cash prizes and other awesome goodies. Out of these 25 finalists, one champion will emerge and be immortalized on the Hacker Cup trophy. Finalists will be responsible for obtaining their own entry visa before arrival in the USA; however, Facebook will reimburse the finalist for any visa application fee and up to $100 USD in travel expenses incurred in obtaining the visa. Facebook will not reimburse any fees or expenses related to obtaining a passport.

For a look at what is in-store for the competition checkout  last year's challenges.

Monday, January 02, 2012

New Scareware Targets Mobile Phone Users

A new fake antivirus suite has popped up this time targeting users of mobile operating systems like Android rather than traditional PC based OS's.

Late last week Kaspersky Lab researcher Denis Maslennikov posted details of the new threat on the Kapersky labs Securelist blog. As with traditional variants the new "scareware" or "ransomware" utilizes a replica of legitimate anti malware software to trick users into installing malicious programs that then steal private user information or encrypts hard drives and extorts money from the owner to decrypt the data.

Maslennikov says that cybercriminals are using black SEO for redirecting users to web pages which emulate AV scanning. All a user has to do is a basic Web search for some of the more popular mobile applications, such as the mobile version of the opera Web browser. The users are the redirected to scam Web sites offering "free" virus scans of mobile devices, including Android.

The website then proceeds with a fake scan of the device returning a false "positive" result. In turn encouraging the mobile device user to "activate" security protections on their device by clicking on a link in the scan results. Clicking that link downloads and installs a malicious application that Kaspersky detects as Trojan-SMS.AndroidOS.Scavir for Android. In the case of a non-Android device the user will be asked to download ‘VirusScanner.jar’: a file which is detected by us as Trojan-SMS.J2ME.Agent.ij.

When the application executes , the user is asked to press the ‘Continue’ button if he wants to launch VirusScanner with some options like ‘Turn on multi-level protection’, ‘Disable remote control of a device’ or ‘Turn on web site scanning’. But in fact after pressing ‘Continue’ this app will send SMS messages to expensive premium rate numbers.