Friday, August 30, 2013

New York Times hit with malicious attack.

A tweet from the official Times Twitter account was directing readers to an alternative website, news.nytco.com, if they were having difficulties accessing the main site at nytimes.com. Readers in Europe and Asia were reporting problems Wednesday.

Marc Frons, chief information officer at the Times, told employees Tuesday that the outage was the result of an attack on Melbourne IT, the company's domain name registrar, according to the New York Times.

Frons told the Times that the hacktivist group Syrian Electronic Army was responsible for the attack, "or someone trying very hard to be them." The Syrian Electronic Army is a group of hackers aligned with Syrian President Bashar al-Assad.

The group sent a tweet claiming responsibility for the Times attack, and SEA also claimed that it took over Twitter's own domain on Tuesday afternoon.

The Federal Bureau of Investigation has begun looking into the website disruption, a law enforcement official told CNN. The "preliminary inquiry" is still in its early stages, the official said.
The Times did not reply to a request for comment.

Two weeks ago, Syrian Electronic Army claimed responsibility for hacking Outbrain, a news recommendation engine that appears on websites including The Washington Post, CNN and Time. The hacked news links were redirecting to a site controlled by the hacking group, which supports Syrian President Bashar al-Assad and has taken credit for several recent cyberattacks.

The New York Times' own website had suffered an outage the day before the Outbrain hack, prompting speculation that hackers were responsible, but a spokeswoman for the paper said that outage was the result of complications associated with a scheduled maintenance update.

Source: New York Time

Thursday, August 29, 2013

The "Tech Tax" has hit Massachusetts, and will surely impact your business. Help us take action now!

Massachusetts now has the highest and most aggressive technology tax in the nation at 6.25%. This is one time that being ranked #1 is not a good thing for anyone. This tax impacts many areas of information technology, including website development, software use and development, just to mention a few. It also applies to installing and configuring personal and business computers, servers, network devices, virus scanning software, Microsoft office software and much more where you will be taxed for both the software and now labor necessary to install and configure it.

Effective July 31st, the Massachusetts Department of Revenue has applied sales and use tax (6.25%) to previously untaxed computer/software services. Known colloquially as the "tech tax," these new taxable services include: the installation of computer systems (including servers, PCs, switches, firewalls, routers, etc), the planning, consulting, or designing of computer systems, and the installation, modification, or adaptation of most software. This new tax on technological services was written into the legislature, sections 48 and 49. An Act Relative to Transportation Finance.

Unfairly targeting the Information Technology industry, and completely unrelated to Transportation Finance, this new "tech tax" legislature is poorly written, poorly timed, and, as many argue, too reminiscent of previously failed attempts in this state to impose sales tax on services. Not to mention it has a potentially crippling effect on small businesses in Massachusetts.

We are working with our state representative and local groups to petition the State to repeal/revise this tax. The Mass High Tech Council has teamed up with The Massachusetts Taxpayers Foundation to further push for a repeal. There are also several blogs devoted to cataloging the repeal progress, including No Tech Tax and Repeal The IT Service Tax.

How the New "Tech Tax" Affects You
The DOR has issued guidelines and a FAQ explaining the new taxable services vs. nontaxable services. Please look at this to determine how you will be impacted. This means that any computer/software services performed after July 31, 2013 and falling under the new taxable definitions set forth by the Massachusetts Department of Revenue will be subject to an additional 6.25% sales tax.

What You Can Do
We understand the impact that this service tax will have on your business and personal computer services. If you wish to join us in a repeal effort, we recommend adding your signature to this online petition to help repeal this new law.

Please join me, John, and our IES family in the campaign to repeal this discriminatory sales tax: http://chn.ge/15jZmMV

Wednesday, August 28, 2013

Twerk, selfie, emoji and others have been added to the Oxford Dictionary.

Oh what a glorious day...The Oxford Dictionaries Online is adding a slew of words, from bitcoin to twerk.

Before you completely lose it like I did, the Oxford Dictionaries Online is separate from the Oxford English Dictionary, though both are published by the Oxford University Press. The ODO changes much more frequently, and has added text-speak acronyms like OMG and LOL in recent years. The OED adds words much less frequently and never removes a word once it has been added.

The new words are an odd mix of techie and tween-y. Here are some of the words that are being added:

Tech Division

bitcoin, n.: a digital currency in which transactions can be performed without the need for a central bank.
BYOD, n.: abbreviation of ‘bring your own device’: the practice of allowing the employees of an organization to use their own computers, smartphones, or other devices for work purposes.
digital detox, n.: a period of time during which a person refrains from using electronic devices such as smartphones or computers, regarded as an opportunity to reduce stress or focus on social interaction in the physical world.
geek chic, n.: the dress, appearance, and culture associated with computing and technology enthusiasts, regarded as stylish or fashionable.
Internet of things, n.: a proposed development of the Internet in which everyday objects have network connectivity, allowing them to send and receive data.
MOOC, n.: a course of study made available over the Internet without charge to a very large number of people.
phablet, n.: a smartphone having a screen which is intermediate in size between that of a typical smartphone and a tablet computer.
unlike, v.: withdraw one’s liking or approval of (a web page or posting on a social media website that one has previously liked).
These ones are pretty straightforward, covering a nice, broad range of words that people make up in the tech world.

Middle School Division

dappy, adj. (informal): silly, disorganized, or lacking concentration.
derp, exclam. & n. (informal): (used as a substitute for) speech regarded as meaningless or stupid, or to comment on a foolish or stupid action.
squee, exclam. & v. & n. (informal): (used to express) great delight or excitement.
twerk, v.: dance to popular music in a sexually provocative manner involving thrusting hip movements and a low, squatting stance.

The Glorious Overlap

Here’s where it really gets fun–slang that you’d think no self-respecting adult would use, but is actually commonplace in Silicon Valley.
emoji, n: a small digital image or icon used to express an idea or emotion in electronic communication.
Ah, to use emojis or stickers in your social network or messaging service?? An age old business question that harkens back to the Rockefellers and Carnegies.
FOMO, n.: fear of missing out: anxiety that an exciting or interesting event may currently be happening elsewhere, often aroused by posts seen on a social media website.
I know what you’re thinking–really, Billy? You’re putting FOMO in both sections? But don’t sit there and honestly say you haven’t heard numerous VCs say said they had FOMO about a round.
selfie, n. (informal): a photograph that one has taken of oneself, typically one taken with a smartphone or webcam and uploaded to a social media website.

Source: Tech Crunch

Tuesday, August 27, 2013

Newest Kickstarter project plans to bring wearable LED panels to market.

It can be hard to stand out in a crowd, but a bright, animated wearable LED panel should help you get noticed. The Fos on  is a fabric panel with Velcro strips. It weighs less than a golf ball and can be attached to clothing, backpacks, or just about anything else you can think to stick it on.

The Fos receives its animated display instructions wirelessly from your smartphone. It is geared for active people. Runners can display their heart rate. Bicyclists can display their speeds. Imagine seeing all the riders in the Tour de France kitted out with these.

Each Fos panel consists of white or blue LEDs, a microprocessor, flash memory, and a power supply. The panel is attached to a sheet of fabric and is extremely thin.

An 11x3-inch Fos patch is going for a $149 pledge. The overall project goal is to raise $200,000. A chunk of that is scheduled to go toward developing applications for the Fos, so it can be used right out of the box.

One of the neater ideas for Fos is to tie it in with GPS and biking. Enter your route into an app and wear the patch on your back. The LEDs will display large animated indicators showing which direction you're turning as your phone tracks you on GPS. It would give traffic around you a very bright heads-up about your movements.

Fos looks like fun for anyone into wearable tech, but the urban athlete audience will likely find it especially interesting, as anything that improves your ability to be seen is a good idea when you're sweating away on the streets. Also, the Fos may well end up being a motivational tool for lazy people. Once you've seen three or four of these running by advertising amazing workout feats, you just might be inspired to get your butt into shape.


Source: Kickstarter, CNET

Monday, August 26, 2013

Pull the plug on all those pesky accounts using this simple website.

Everyday you log into services tailor-made for shopping, searching, sharing, watching, chatting, curating, reading, bragging — that’s a lot of places to keep your personal information, and no one could blame you if you wanted to try to pare down on those extraneous connections. Hell, I’d like nothing better myself sometimes.

A U.K. based duo consisting of developer Robb Lewis and designer Ed Poole seem to understand that desire awfully well, and they teamed up to create what may be a truly indispensable resource. It’s called JustDelete.me, and as the name sort of implies, it’s a directory of links to pages where you can lay waste to your myriad online accounts.

It’s a deceptively simple resource. You’re greeted with a sizable grid that points you to a slew of popular web services that you probably use. More specifically, those links point you straight at the pages where you can deactivate all those pesky accounts…or at least where you can try. Thankfully, Lewis has done the due diligence to figure out which services can be disconnected from painlessly and which ones require you to (ugh) actually communicate with someone to get the job done.

A disconcerting number of sites and services fall into that latter category. Of the ones that Lewis has added, 10 won’t let you kill your account without first talking to a customer service rep, and 4 (Netflix, Steam, Starbucks, and WordPress) don’t seem to let you delete your accounts at all. Of course, it’s in these companies’ best interests to keep the account deletion process as obtuse (one might say dark) as possible. The less progress you make on that front, the more likely you are to say “screw it” and remain in their clutches.

As useful as the site can be for people looking to disconnect sans headaches, it’s far from being a complete compendium. Lewis notes on his blog that Justdelete.me is very much a work-in-progress — he’ll gladly accept suggestions for services that people think should be on the list, and here’s hoping this thing continues to pick up steam.

Source: Tech Crunch

Friday, August 23, 2013

This bar owner wants to be your Facebook friend. Don't want any more friends? Then don't expect to get in.

Tony Mannor, the owner of Finnegan's Irish Pub & Restaurant in Stockton, California insists that if you want to get into his bar after 9 p.m., you have to be one of the bar's Facebook friends.

CBS Sacramento reports that as Finnegan's became more popular, the wrong crowd muscled its way in.

So Mannor tried to think of a way to maintain the bar's inner decorum without having its inner decor destroyed by undesirables.

He liked the idea of people becoming the pub's Facebook friends. Then, he personally screened all the profiles.

Now, customer (and Facebook friend) Debbie Walters told CBS Sacramento: "The bouncer actually stands at the front door with a computer to make sure you're a guest." Yes, there really is no greater intimidation than a large man clutching an iPad.

The bar's Facebook page currently enjoys 3,712 Facebook "likes" and around 10,000 friends. What a party that would be if they all came at once.

Mannor claims that since he instituted his Facebook bouncer system, almost all the trouble has been eliminated.

I am, though, extremely concerned about Friday night.

For the bar's Facebook page promises: "The SEX ON FIRE Burlesque Show! This is 'Night 2' of the bartender battle! Team Outlaws are bringing THE HEAT with Singer Bo Vixxen and celebrity burlesque performer Minxie! Dont miss out! The show starts at 9pm!"

I fear that Facebook's legendary insistence on ensuring everyone has an honest and genuine profile will be put to a rigorous test for this one night.

Source: CNET

Wednesday, August 21, 2013

Paying with a credit card is so 2012. Welcome to 2013, where you can pay with your face!

You don't need your wallet if you shop at certain stores testing a new PayPal app that's prompting buzz. You instead can pay with your face and your phone.

Basically, it works this way: You download the PayPal app, which shows a list of participating stores. Upon entering a store, just check in on your phone by using a four-digit PIN. Done shopping? A clerk will see your photo and first name on his or her phone or tablet and click on your picture to charge your PayPal account.

"We very much see this as the future of money. By 2016, you'll be able to leave your wallet at home," Rob Harper, PayPal's London-based head of retail services, told The Telegraph in a video report. It's backed by the same security that PayPal has for online purchases, Harper told the BBC, so if the company thinks something looks suspicious, it will take steps.

It's getting buzz for being tested at a dozen merchants on the outskirts of London, such as Noble Jones fashion clothing store, where owner George Absi finds the system "quite useful. You can make payment anywhere in the store. You don't have to bring the customer the bill," he said in a promotional video.

A UK-based PayPal spokesperson told MSN News "it is already available in the US," but we're unclear where, so we're trying to get details. (From what we can tell so far, it looks like a different PayPal mobile-payment system in the U.S. is offered at two dozen chains and typically works as it does at The Home Depot — you pay with PayPal at the cash register by typing in a mobile number and PIN or by swiping a PayPal payment card and entering a PIN, according to PayPal's website.)

Could this cashless, credit-cardless advancement tested in Britain one day improve your life? Depends on how much hassle you consider cash and credit cards to be. Ubergizmo puts it in a snarky way:

"If you’re lucky enough to have your popular retailer accept PayPal while you’re checking out in the store, then you know what a slight hassle it can be to have to input your password or passcode, which can add seconds to your entire transaction, and as a result, can turn your life completely upside down. That’s why PayPal is testing out a new method of verifying its users by using a photo of them as verification."

Source: MSN

Tuesday, August 20, 2013

This is why IES recommends Firefox or Chrome vs Internet Explorer...

Sauce Labs, an Internet software testing and development company, specializes in automated testing for mobile and Web applications by delivering a test environment that accommodates over 150 browsers, operating systems, and device platforms. In the course of all that testing they've gotten to know which ones break the most and which ones break the least. Now, for the second time, Sauce is revealing which browsers can stand the test of the Web and which ones buckle under the strain.

For the purposes of the report Sauce only analyzed browser versions for which the company had at least 1,000 jobs in the last two years. This means that the most recent versions of some browsers aren't represented in the report.

Taken all-in-all, the bottom of the barrel Web browser family was Internet Explorer (IE). But, that's not the entire story.

True, with a 0.25 percent error rate, IE was the worst Web browser, but each browser has many different versions and a close look reveals that Microsoft's Web browsers have greatly improved since IE 7 first appeared in 2006. As for IE 6, let's not even talk about it!

While IE 7 has an error rate of .29 percent, the latest version, IE 10, has "an impressive 0.05 percent error rate." Sauce has found that Microsoft has gotten much better at "squashing their historically error rates."

So, if IE has been significantly improved, which browser has the "honor" of being the poorest program? That regrettable position, of currently deployed and supported Web browsers, goes to Apple's Safari 6.

The best browser, in terms of the fewest number of defects, is Firefox 22—followed by Chrome 27, IE10, Opera 12, and Safari 6. According to Sauce, "Most versions of Chrome have error rates low enough that they didn't show up on the graph. Neither do later versions of Firefox. That means that Chrome and Firefox are solid in terms of performance. For the tech savvy that isn't too surprisingly."

All-in-all, compared to the last Sauce evaluation of browsers in 2011, the company found that "Half of the browser versions we analyzed had error rates lower than 0.07-percent. That's pretty low, and suggests that browsers are getting more reliable as more versions come out."


Source: ZDNet

Monday, August 19, 2013

How's this for irony? Mark Zuckerberg's wall got hacked....warning him of a security problem.

A Palestinian IT expert who claimed to have discovered a Facebook vulnerability said he took his bug report to Mark Zuckerberg's Facebook page after being ignored by the social network's security team.

The vulnerability allows anyone to post anything to anyone else's page, regardless of whether they are a Facebook friend of that person, Khalil Shreateh wrote in a blog post Saturday. Shreateh initially reported the vulnerability through Facebook's "white hat" security disclosure service, which offers a minimum bounty of $500 for legitimate bugs.

However, despite including a demonstration of the bug executed on the Facebook page of Zuckerberg pal Sarah Goodwin, Shreateh was told by a Facebook security engineer in a terse note that "sorry this is not a bug."

Undaunted, Shreateh decided to share his experience with Zuckerberg by posting a note to the Facebook founder's page that apologized for the post but said he had "no other choice."

"[A] couple of days ago I discovered a serious Facebook exploit that allows users to post to other Facebook users timeline while they are not in friend list," Shreateh wrote in his post to Zuckerberg's timeline. "I appreciate your time reading this and getting some one from your company team to contact me."

Within minutes, Shreateh was contacted by a Facebook security seeking details of the exploit, Shreateh said, adding that his own Facebook account was quickly disabled. A security engineer told Shreateh his account had been disabled as a "precaution."

"When we discovered your activity we did not fully know what was happening," an engineer who identified himself as "Joshua" told Shreateh. "Unfortunately your report to our Whitehat system did not have enough technical information for us to take action on it. We cannot respond to reports which do not contain enough detail to allow us to reproduce an issue."

Joshua also informed Shreateh that he would not be receiving a bug reward for reporting the exploit because he violated the site's terms of service. "We do hope, however, that you continue to work with us to find vulnerabilities in the site," he wrote.

A Facebook security engineer responded Saturday in a Hacker News post that the vulnerability was fixed Thursday and conceded that Shreateh should have been asked for more details on the issue after his initial report. Along with offering inadequate information about the bug, Shreateh's post to Zuckerberg's timeline violated the social network's responsible disclosure policy, the security engineer wrote.

"Exploiting bugs to impact real users is not acceptable behavior for a white hat," the engineer wrote, adding that researchers are allowed to create test accounts to aid their research.


(click for larger screen shot)
Source: CNET

Thursday, August 15, 2013

Kinect app that turns any surface into a touchscreen now available, starting at only $149.

With several companies developing technologies that can turn any surface into a touchscreen, it should be widely available soon. Those who want to try it out before it's cool, however, should look towards Ubi Interactive's software that combines the talents of Microsoft's Kinect for Windows sensor and a projector. So long as the software's installed on a Windows 8 computer, the sensor tracks and detects movements users make on the projected image. Interactions are the same as any tablet or smartphone, including launching icons by tapping on them and expanding areas with pinch-to-zoom. Merely a concept in 2012, the software is now available on Ubi's website with prices ranging from $149 to $1,499, depending on the display size and the type of customer support. Sounds like even an Average Joe can nab one, assuming they already have a projector and one of Microsoft's $250 motion / voice detectors.


Source: Engadget

Tuesday, August 13, 2013

Fraud is on a whole new level with these "geniuses"...

Here's the plan. We'll take some ice cubes. We'll stuff them into parcels. Next, we'll take the parcels to our local post office.

Now here's the clever part. We'll say they're iPads, send them as special delivery and insure them for 2,500 British pounds (almost $4,000). Then we'll say the iPads never got there and claim compensation.

What can possibly go wrong?

You might think I have lost the passcode to my faculties. However, the plan I am describing was precisely that followed by two gentlemen who wanted to make a little money.

Their names are Nathan Meunch and Nigel Bennett. As the Mirror reports, these two cunning Brits executed this plan to near-perfection.

They did, it's fair to say, strike an early obstacle.

Elaine Sloane, the lady at the post office in Telford, U.K., explained: "I just happened to say to the gentleman: 'Is it raining outside?' and he said yes. But it seemed strange to me because I could see from where I was sitting it didn't look like it was raining."

Meunch, you see, had areas of damp adorning his jacket.

Still, Sloane took the parcel. However, a short while later there was dampness among the parcels marked for special delivery.

This was caused by the melting iCubes.

Sloane revealed to the Shropshire Star: "We had a little look and you could see all ice in there. He had sent it as iPads and I couldn't believe it was all this water and the box was disintegrating."

Still, the parcel was secured and actually sent. Sticking to their plan, a claim for compensation was duly filed by Meunch.

Oh, but staff at the post office had already noted the parcel's dubious nature. So when the claim came in, the authorities were ready.

Bennett's lawyer said that his client was short of money. However, in a less than spirited defense, he also described the plan as "rather pathetic."

The two men were found guilty of fraud Monday. Their punishment was to go and work at Foxconn for a year. I am sorry, I don't have that quite right.

In fact, they were given a 12-month community order -- they must spend time working in the community. They must also spend 150 hours working in court.

This whole plan almost makes the people who sold wooden iPads for $180 seem like savvy entrepreneurs.

Source: CNET

Thursday, August 8, 2013

Ever wanted to hunt ghosts? It's simple! Just grab your iPhone and this 99 cent app...

Ghost hunters Roger Pingleton and Jill Beitz, founders of StreamSide Software, have developed an iPhone app they say gives the dead a voice.

In developing the Spirit Story Box app (99 cents to download at the Apple app store; there is no Android version), Pingleton said his goal was to improve on other paranormal apps for the iPhone.
"Bottom line is we wanted people to have fun with it," Pingleton said.

Beitz, Pingleton and about a dozen others recently used Spirit Story Box to search for ghosts at the Wayne County Historical Museum in Richmond.

"They had a blast with it," Pingleton said. "They had numerous words spoken that related directly to the areas where they were hunting."

The Spirit Story Box app picks up changes in random electrical noise to select words from a preprogrammed vocabulary.

When the app hits on something, it comes out of the iPhone as a spoken word.

Some paranormal investigators think the spirits can manipulate random streams of data. Scientists, of course, denounce the idea.

The app, like myriad other devices that claim to detect or communicate with spirits, cannot be proved to work.

Wanda Lou Willis, 75, a folklore historian and author from Indianapolis, has researched the supernatural and haunted locations for several books. She said many people believe that electronic devices can be tuned to communicate with spirits.

"Electricity seems to attract the spirits," Willis said. "Human beings have a lot of electricity in our bodies. It is believed that when we pass over, our spirit becomes something in the universe, sort of an electrical current."

Skeptics, and there are many, say devices and programs like the Spirit Story Box iPhone app are neatly packaged random word generators. Any connection the selected words or phrases bring forth, critics say, is found solely in the minds of gullible users.

For every critic there's a believer. A 2003 Harris Poll found 51percent of the public believes in ghosts.

"There is nothing in this world that doesn't exist for someone, somewhere, at some time, including being able to connect with and contact a spirit," Willis said. "You have to have your mind open to it to have it really happen."

Source: USA Today

Wednesday, August 7, 2013

Do you save passwords in Google Chrome? Maybe you should reconsider...

You might want to think twice before you let someone borrow your computer.

The most obvious risk of allowing someone else access to your desktop is that they can impersonate you, using any app where you’re already signed in. They could send prank messages using your default email client, or profess your undying love for Justin Bieber using your logged-in Twitter account.

That’s annoying, but far from fatal.

But the situation becomes considerably worse if you use Google Chrome to save and sync passwords for easy logins at your favorite websites. An intruder who has unrestricted access to your computer for even a minute can view and copy all of your saved passwords just by visiting an easy-to-remember settings page: chrome://settings/passwords.

That link opens the local copy of your saved password cache, which is synchronized to every machine where you sign in with your Google account.

And the funny thing is, anyone who visits that page can see the plaintext version of every saved password just by clicking a button.

The saved password list shows the web address, username, and password for each saved set of credentials. Initially, the saved password is displayed as a row of asterisks. But if you click the masked password, you see a “Show” button that you can click to immediately display the saved password.

A malicious or spiteful intruder who can lure you away from your computer briefly can see your saved passwords, then close the settings page. And you have no idea that your credentials have been compromised.

Source: ZD Net

Tuesday, August 6, 2013

New mobile phone plan to offer no minutes.

Don’t let the name fool you. TextNow aims to be a lot more than just another over-the-top texting app, and on Tuesday it demonstrated its ambitions by becoming first in the U.S. to offer an IP-only voice service over a smartphone, beating its virtual operator rival, FreedomPop, to market.

TextNow began selling refurbished versions of the Samsung Galaxy S II ($120) and Nexus S ($90), both with their standard phone features disabled. In their place is TextNow’s voice and text app, which lets you make VoIP-based calls and send IP SMS, just as you would on a normal mobile phone.

TextNow is a mobile virtual network operator (MVNO) on Sprint, but instead of buying bulk minutes and messages from its carrier partner, it’s sending all traffic over Sprint’s 3G data network.
The advantage of this approach is much lower costs. For its baseline service, TextNow is charging $19 a month, which includes 500 MB, unlimited texting, unlimited inbound calls, and 750 minutes of outbound calls. TextNow assigns you a standard telephone number, making the service look like any ordinary phone to outsiders—think Vonage on a smartphone. Sticking to its OTT roots, however, all calls to other TextNow users are free.

Essentially, the service is TextNow’s standard OTT app featured on a dedicated smartphone, with an access plan included. When Derek Ting, co-founder and chief executive officer of TextNow’s parent company Enflick, gave GigaOM a preview of the smartphone strategy in June, he explained that TextNow has always targeted younger consumers who couldn’t afford—or simply didn’t want—to pay for a monthly mobile service plan. Consequently, the typical TextNow customer uses its app to connect such devices as the iPod Touch or tablets with no mobile connection.

TextNow felt that those customers didn’t just need an app they could use on Wi-Fi but a full-bore mobile service that took advantage of IP communications to offer cheap voice plans. It started out selling a 3G Wi-Fi hotspot that could connect customers to the wider mobile network, but its ultimate goal was to offer phones following the same principle. That’s why TextNow is targeting older Android smartphones and refurbished handsets, Ting said: Not only can it offer a cheap service, but cheap devices as well.

TextNow isn’t the only company with an all-IP mobile strategy. Mobile broadband MVNO FreedomPop has promised to deliver its own VoIP service this summer, using Android phones and its unique freemium business model. MetroPCS has been supporting VoIP on its LTE systems since August, augmenting its traditional 2G network (though that service will quickly disappear as customers migrate over to T-Mobile’s (GSM network). And all the major carriers plan to offer voice over-LTE (VoLTE) in the next few years.

The difference is that the major carriers aren’t necessarily using VoIP to make their services cheaper. They’re tapping VoIP to make more efficient use of their networks and to build new IP communications features around their core voice services.

Source: Business Week

Monday, August 5, 2013

Your TV might be watching you...

The flaws in Samsung Smart TVs, which have now been patched, enabled hackers to remotely turn on the TVs' built-in cameras without leaving any trace of it on the screen. While you're watching TV, a hacker anywhere around the world could have been watching you. Hackers also could have easily rerouted an unsuspecting user to a malicious website to steal bank account information.

Samsung quickly fixed the problem after security researchers at iSEC Partners informed the company about the bugs. Samsung sent a software update to all affected TVs.

But the glitches speak to a larger problem of gadgets that connect to the Internet but have virtually no security to speak of.

Security cameras, lights, heating control systems and even door locks and windows are now increasingly coming with features that allow users to control them remotely. Without proper security controls, there's little to stop hackers from invading users' privacy, stealing personal information or spying on people.
In the case of Samsung Smart TVs, iSEC researchers found that they could tap into the TV's Web browser with ease, according to iSEC security analyst Josh Yavor. That gave hackers access to all the functions controlled by the browser, including the TV's built-in camera.

"If there's a vulnerability in any application, there's a vulnerability in the entire TV," said Aaron Grattafiori, also an analyst at iSEC.

Yavor and Grattafiori were also able to hack the browser in such a way that users would be sent to any website of the hacker's choosing. While the hack would have been obvious if the website on the screen didn't match the desired address, Yavor says there could be serious implications if a bad actor sent a user to a lookalike banking page and retrieved a user's credentials.

The research was conducted on different models of 2012 Samsung Smart TVs and was presented this week at the Black Hat cybersecurity conference in Las Vegas.

In a statement to CNNMoney, Samsung said it takes user safety very seriously. Addressing the camera flaw, a company spokesperson said, "The camera can be turned into a bezel of the TV so that the lens is covered, or disabled by pushing the camera inside the bezel. The TV owner can also unplug the TV from the home network when the Smart TV features are not in use."

Samsung also recommends that customers use encrypted wireless access points.

The iSEC crew said they remain skeptical that the technology is perfectly secure, even after Samsung patched the bugs.

"We know that the way we were able to do this has been fixed; it doesn't mean that there aren't other ways that could be discovered in the future, " Yavor said.

Companies like Samsung pay hackers when they report security vulnerabilities like the ones iSEC found. The researchers are iSEC confident that there are more undetected flaws in these devices that they are running a fund-raiser off of finding bugs in Smart TVs at technology conference Def Con later this week.

Yavor and Grattafiori say users should run regular updates from vendors like they would for anti-virus definitions or system updates on the smartphone.

And when all else fails, users can always put tape over their cameras.

Source: CNN Money

Thursday, August 1, 2013

So your teenager wants to open a Facebook account...here's how to handle it.

There are plenty of reasons Facebook, Instagram, and other social networks have a minimum age limit. Here's just one: Children aren't born with internal privacy settings.

Moms and Dads can't assume teens know what they should and shouldn't share online. And just because children meet the minimum age requirement (for Facebook, it's age 13), that doesn't mean they should rush to create an account. Colby Zintl of Common Sense Media, a nonprofit family and children's advocacy group, said kids are probably better equipped to deal with the not-always-kid-friendly content and situations found on social networks when they're 14 or 15.

Once everyone's in agreement about when to get online, parents should show kids how to go about it. Walk them through the privacy settings. Show them how to unfriend people and delete posts. Make sure that only their friends can view their profile.

Zintl suggested that parents activate the setting that allows kids to approve all posts before they're added to their timeline. "Talk to your child about the importance of that," Zintl said. "It relates to the concept of a digital footprint -- everything is permanent. If a child is going to post on your child's wall, there should be some barrier to entry there."

The current generation of kids are growing up as digital natives, so they're often comfortable with social media, but they still need to be careful. And thanks to proud parents and grandparents, their lives are probably well-documented. Said Zintl: "Parents posting pictures of their babies starts a kid's digital footprint for their entire life. They're creating a lifetime of photos and history online."

Common Sense Media urges parents to emphasize to kids that the Internet is written with a permanent Sharpie, not pencil. "Once a photo, or a comment, is out in cyberspace, there is no getting it back. Even if you take it down from Facebook, another kid could have forwarded it," Zintl said. "There is no such thing as a real eraser button in social media, and that is an important reminder to share with kids over and over again."

Source: CNET