05 August 2015

New Android Bug Called “Heartbleed for Mobile”

New security vulnerability in Android allows hackers to take control of a smartphone by sending a text message. The worst part is that for the vast majority of Android users, there’s no fix yet. The researcher who detected the vulnerability claims that even the small number of people using Google’s own smartphones Nexus are vulnerable to some of the effects of the flaw.

LookoutHeartbleedLogo.th.png

The bug affects a part of the Android OS called Stagefright. The latter allows smartphones and tablets display media content. So, a malicious video can deliver a software which will run on the phone and potentially allow an attacker to obtain access to data on the phone and spy on the owner through camera and microphone.

The problem is that Google’s messaging app Hangouts automatically pre-processes received videos, so if the malicious video is sent as an MMS message, it will immediately take over the device before you even know about it, because in this case the user doesn’t actually have to play the video to be hacked. In respond, Google announced that the newer versions of Android protect users from the worst effects of the vulnerability. Security experts called the bug “Heartbleed for mobile”, referring to the flaw that put thousands of websites at risk a year ago.

The researcher who discovered the problem revealed its details to Google a few months ago and even provided patches for the errors. He set a condition of a 3-month embargo before he went public, giving Google enough time to fix the flaw. But this discovery highlighted another security problem with Android: the speed with which fixes are received by end users. Google, the developer of Android, cannot push patches to most of Android devices produced by other companies, and the manufacturers often have to negotiate with mobile network operators to send patches to end users.

Pakistan Tried to Tap Worldwide Web Traffic

According to recent reports, Pakistani intelligence was trying to tap international web traffic via underwater cables. Apparently, this could give the country a digital espionage capacity to rival the United States.

daf73e71-0035-4102-94e8-97ce8b450e84-2060x1236.th.jpg


It is claimed that Pakistan’s Inter-Services Intelligence agency hired third parties to acquire spying tool kits from abroad for domestic surveillance. The same reports claim that the agency sought access to tap data from “landing sites” passing through the country’s port city of Karachi. If succeeded, this would have effectively given it access to web traffic all over the world.

The country was known to negotiate with a European company two years ago to acquire the technology, but it is unknown whether the deal went through. The cables in question route data through various countries and regions – from Europe to Africa and all the way to south-east Asia, including traffic from North America and India.

It is suggested that the data collection sought in the agency’s proposal could rival some of the world’s most powerful surveillance programs (like those of the United States and the United Kingdom).

Back in June 2015, Pakistani rights campaigners and opposition lawmakers called for Islamabad to protect the privacy of its citizens after leaked documents revealed that the UK intelligence had obtained access to almost all of the Pakistani Internet users. The country is currently in the process of discussing its own cyber-crime law, which may threaten to curtail freedom of expression and privacy if not amended.

Finally, the local rights groups also expressed concern over a provision in the bill that allows the government to share collected data with foreign spy agencies, including the US NSA.

MtGox Founder Arrested in Japan over lost Bitcoins

Mark Karpeles, 30, the ex-boss of the now defunct popular Bitcoin exchange MtGox, was arrested in Japan over the disappearance of millions of dollars worth of the cryptocurrency.
Mt_Gox_CEO_Mark_Karpeles_Wide.th.jpg 
 
The French-born Mark Karpeles was accused of falsifying information on the outstanding balance of the Bitcoin exchange, which used to be the world’s largest hub for trading cryptocurrency. According to Japanese news reports, officials from the Tokyo metropolitan police claimed that Mark Karpeles allegedly manipulated the exchange computer system to inflate its assets.

After media reports emerged about his arrest, Mark Karpeles claimed that the allegations were “false” and he would “of course deny” them. When the exchange filed for bankruptcy last year, Karpeles explained that 750,000 customer Bitcoins and another 100,000 Bitcoins that belonged to MtGox disappeared due to a software security bug. At the time of the bankruptcy filing, these 850,000 Bitcoins were worth $480m. The cryptocurrency exchange also said that over $27m was missing from its Japanese bank accounts.

Mark Karpeles blamed hackers for the loss and later announced that he was never going to hide from justice and managed to recover 200,000 of the lost Bitcoins. He was known as a self-proclaimed geek saying he was uncomfortable in his native country and hadn’t been back in years. The MtGox founder became interested in Bitcoin when one of the clients of his web-hosting services offered to pay in cryptocurrency.

After a while, MtGox was dominating global trade in Bitcoin. However, back in 2012, employees at the Tokyo-based exchange have already challenged the founder on issues including client money being used to cover costs.

Google Receives 18 DMCA Requests Every Second

Rights owners send Google more and more copyright takedown requests. The statistics said that the search engine is required to remove 18 links to "pirate" pages every second, and this number continues to grow. Rights owners can be understood – by sending takedown notices, they hope to steer prospective customers away from pirate portals.

The number of DMCA notices has increased dramatically over the years – while 7 years ago Google received only a few dozen requests per year, now the same number is reached in a few seconds. For example, over the past month, copyright holders submitted about 47 million notices, which makes it 18 links per second. As for the last week, the company got a staggering 12.5m reported links, which proves that the surge in notices is still ongoing.

The largest number of requests comes from the BPI and RIAA – they have sent notices for 5.5 million URLs over the past month (12% of all notices). However, the outfits are topped by takedown agencies Rivendell and Degban, who account for reporting 7.7 and 6.3 million links respectively.

Overall, within the past month, over 2,600 rights owners submitted takedown notices targeting 77,500 separate domain names. The top targets include the relatively unknown MP3 search engine myfreemp3.re and a number of The Pirate Bay related domains.

Usually, Google removes all of the reported URLs, but sometimes takedown notices also include duplicate or non-infringing links, and in this case the company takes no action. Even despite such a huge number of processed requests, many copyright holders are still not happy with the search engine’s take on the piracy problem. For example, such Hollywood representatives as the RIAA and MPAA have repeatedly stressed that Google does not do enough to remove pirated content from the top search results.

In respond, the company has gradually altered its search algorithms. In October 2014, Google introduced the most significant change yet, downranking websites that often link to pirated content.

Still, the entertainment industry continues to urge the company to completely de-list infringing domains and boost the rankings of legal alternatives. Apparently, until Google agrees to comply, the number of reported links wouldn’t decrease.

01 July 2015

আসছে আরও টাইজেন স্মার্টফোন@ Aii tuo SUZog@@@

17 May 2015

17 May: ITU’s 150th Anniversary Celebrations


German Court Shut Down Popular Torrent Trackers

A court in Hamburg has recently ruled that a hosting company has to identify the owners of 3 popular BitTorrent trackers, which coordinate dozens of millions of transfers every day. The court order was delivered following a complaint from German music group BVMI, which also claimed responsibility for the shutdown of the torrent trackers that went offline earlier this year.

screenshot_150.png
OpenBitTorrent, PublicBT and Istole.it were popular torrent trackers that coordinate the downloads of 30 million people at a time. In order words, each of these non-profit websites, powered by the open source Opentracker software, handled 3bn connections per day. However, the services went offline almost 4 months ago, and now the German music industry group BVMI takes credit for the shutdowns. It explained that the hosting company took the tracker offline after it was ordered to identify its operators.
It also admitted that the host was fighting against the shutdown, initially refusing to disclose the personal details of the site operators. Now it is obliged to do so in accordance with the court injunction. This court ruling follows a complaint from the German music industry group BVMI and is recognized as the first against the so-called standalone BitTorrent trackers, which don’t actually host or process any infringing content themselves, but are just a neutral part of the BitTorrent ecosystem.
The entertainment industry admitted that they had to target standalone trackers, because they make it possible for those who offer and seek unauthorized content to make the first connection. The only problem is that these trackers are also used by legal torrents to coordinate connections.
Thanks to TorrentFreak for providing the source of the article.

Kim Dotcom Got Back Some of His Money

The founder of MegaUpload was allowed to get more of his seized funds in New Zealand. Kim Dotcom will receive millions to pay his legal expenses and extra $128,000 per month to pay mansion rent, buy grocery cover staff, security and other expenses.
 
kimdotcom-interview-1200.th.jpg

In February 2015, Kim Dotcom came to court to ask for money to cover living expenses and pay his legal fees. Previously, Kim Dotcom was given about $15,000 per month to live on, but this was not enough for him. So, the recent ruling is largely good news for Kim Dotcom, with the judge also reviewing objections by authorities that he has funds in a trust that he could use. The judge ruled that the major asset of Dotcom's trust was its shareholding in Mega Ltd, but he couldn’t sell those shares until the planned listing of Mega. As a result, the judge decided that Dotcom does not have the ability to meet his legal and reasonable living expenses. Taking into consideration that Dotcom still owes his lawyers about $1.5m, the judge decided that Dotcom would need between $1.5m and $3m to fight against extradition. This money will be granted to him from currently restrained government bonds.

The judge also considered Kim’s needs to cover family’s accommodation costs ($60,000 per month) and his claims for such items as security, staff wages and other general expenses. Kim Dotcom currently has 8 staff in his mansion, but the judge ruled that 5 people would be enough and granted $19,000 per month for staff. He will also get $11,000 for grocery.

Overall, Kim Dotcom was awarded his legal fees and $128,000 per month to cover living expenses pending the expiry of the lease on his mansion (2016). Apparently, the position will be reviewed afterwards.

Thanks to TorrentFreak for providing the source of the article.

Companies Still Fail to Monetize Piracy

Financial results of Rightscorp, a piracy monetization company, show that monetizing piracy isn't as easy as it expected. Rightscorp did a great job by protecting more copyrights, attracting more Internet service providers to cooperation and settling more court cases, but it still ended up with an operating loss of almost $930,000.
0280f98078e83938c8ff7fec804539c9-bpfull.jpg
Rightscorp’s mission is to turn piracy into profit: they cooperate with copyright owners, track file-sharers and send them a settlement offer to avoid lawsuits. There are a lot of copyright trolls out there, but Rightscorp only asks for $20 per case of violation, which is a relatively cheap deal in comparison to others. The only problem is that Rightscorp still can’t make its operation profitable: back in 2014, it lost $3.4 million, and the most recent results don’t seem much better.
As for the fundamentals, Rightscorp currently has 1.5 million in its authorized copyright catalog, but only 256,000 are in its full system. 233 Internet service providers cooperate in the scheme at the moment, and the company has access to 15% of all homes in the US. As a result, Rightscorp has closed 200,000 cases of copyright infringement in the past two years.
Reported revenue for Q1 2015 was a little over $300,000, but reported loss was almost $930,000 due to the costs, including fees it pays to rightsowners (half of revenues), wages and legal costs. Aside from the usual advice required for company operation, Rightscorp is being sued over the methods employed to extort cash from alleged pirates.
It remains unclear whether Rightscorp will eventually be able to monetize piracy – perhaps, increased volumes and economies of scale can help.
Thanks to TorrentFreak for providing the source of the article.