DaniWeb IT Discussion Community

DaniWeb IT Discussion Community http://www.daniweb.com/forums/ Tech support, programming, web development, and internet marketing community. Forums to get free computer help and support. en-US Tue, 22 Dec 2009 12:14:01 GMT vBulletin 60 http://www.daniweb.com/alphaimages/misc/rss.jpg DaniWeb IT Discussion Community http://www.daniweb.com/forums/ News Story SQL failure exposes plain text passwords http://www.daniweb.com/news/story247659.html Sat, 19 Dec 2009 13:54:40 GMT File under FAIL: social network widget maker RockYou has fallen victim to a SQL injection flaw and as a result some 32.6 million users are being urged to change their passwords as a matter of urgency. Security specialists Imperva discovered the problem at social networking development site... File under FAIL: social network widget maker RockYou has fallen victim to a SQL injection flaw and as a result some 32.6 million users are being urged to change their passwords as a matter of urgency.

Security specialists Imperva discovered the problem at social networking development site Rockyou.com and issued a warning to users of its applications earlier this week. "Rockyou.com is not just any software site. Since its creation in 2006, it's become the hub for many social networking sites such as Bebo, Facebook and Myspace, to mention but a few" said Amichai Shulman, Imperva CTO.

Shulman claimed that the "vast majority" of user names and passwords were, by default, the same as the users webmail accounts, adding "the users are young and security is not top of mind, but nonetheless companies need to keep them protected and ensure their details are safe... it is the responsibility of application owners to protect the information trusted to them by users".

TechCrunch reports that the hacker exploit took advantage of a "trivial SQL injection vulnerability" which "has been well documented for over a decade" and is "extremely basic in execution, yet catastrophic in impact". Worse yet, it points out that RockYou only requires 5 character passwords, and that these were stored in plain text. If this were not bad enough, users of RockYou widgets were prompted to "enter their third-party site credentials directly into the RockYou site when sharing data or an application". Indeed, SQL injection exploits are nothing new and have hit the most unlikely of people including security experts Kaspersky. That said, I agree with TechCrunch that this really does look like it was a security disaster just waiting to happen. Not least thanks to a basic misunderstanding of the importance of a secure password strategy.

RockYou, meanwhile, have made the following security statement:

Quote:

Our users' privacy and data security have always been a priority for RockYou and we strive to keep them secure. Our users have confidence in our services and we will continue to ensure that confidence is deserved.

As we previously explained, one or more individuals illegally breached one of our databases that contained the usernames and passwords for about 32 million users in an unencrypted format. It also included these users' email addresses. This database had been kept on a legacy platform dedicated exclusively to RockYou.com widgets. After learning of the breach, we immediately shut the platform down to prevent further breaches.

Importantly, RockYou does not collect user financial information associated with RockYou.com widgets. In addition, user information for users of RockYou applications on partner sites, including Facebook, MySpace, Hi5, Friendster, Bebo, Orkut, Mixi, Cyworld, etc., were not implicated by the breach. The platform breach also did not impact any advertiser or publisher information, which we maintain on a separate and secure system that is not a legacy platform. Lastly, the security breach did not affect our advertising platform or our social network applications.

However, because the platform breached contained user email addresses and passwords, we recommend that our RockYou.com users change their passwords for their email and other online accounts if they use the same email accounts and passwords for multiple online services. Changing passwords may prevent anyone from gaining unauthorized access to our users' other online accounts. We are separately communicating with our users so that they take this step and are informed of the facts.

We are investigating the data breach, reviewing our security protocols, and implementing new practices to prevent this from happening again. For example, we are taking the following steps:

1. We are encrypting all passwords;
2. We are upgrading the legacy platform with the same infrastructure and industry standard security protocols we employ on our partner applications platforms;
3. We are reviewing our current data security features and ensuring that they meet industry standards and best practices; and
4. We are cooperating with Federal authorities to investigate the illegal breach of our database.

We are sorry for the inconvenience this illegal intrusion onto the RockYou system has caused our users. We will continue to advise our users of any information that would help them.

]]> MS SQL happygeek http://www.daniweb.com/forums/thread247659.html News Story WARNING: new Adobe zero-day vulnerability in the wild http://www.daniweb.com/news/story246553.html Tue, 15 Dec 2009 10:47:48 GMT Still using Adobe Acrobat or Adobe Reader? Maybe it is time to switch to something that's not glowing red on the bad guy radar, or which is more securely coded depending upon how you look at these things. Yes, Adobe has admitted that there is yet another possible zero-day vulnerability in Adobe Acrobat and Reader, oh deep joy.

David Lenoe of Adobe confirms "...Adobe received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild" adding that the company is "currently investigating this issue and assessing the risk to our customers" and "will provide an update as soon as we have more information".

According to Symantec which discovered the vulnerability "the PDF files we discovered arrives as an email attachment. The attack attempts to lure email recipients into opening the attachment. When the file is opened, a malicious file is dropped and run on a fully patched system with either Adobe Reader or Acrobat installed. Symantec products detect the file as Trojan.Pidief.H".

I've said it before and I will say it again: "I just don't get is how month after month, quarter after quarter, year after year, the vulnerabilities just keep piling up". And piling up they are, with reports
seemingly coming thick and fast over the last couple of years. ]]> Viruses, Spyware and other Nasties happygeek http://www.daniweb.com/forums/thread246553.html News Story What are the top 10 iPhone apps for journalists and bloggers? http://www.daniweb.com/news/story246020.html Sun, 13 Dec 2009 12:25:07 GMT I've been a freelance journalist for 20 years now, and can honestly say that the iPhone has changed the way I work more than anything since wireless Internet access came along all those years ago. But what are the essential iPhone apps that a jobbing journalist, or blogger for that matter, cannot live without? I've not included the built-in apps that come with my iPhone 3GS such as mail, calendar, camera/video and the voice memo recorder, but rather have concentrated on my top 10 third party apps:

1. Twittelator Pro

Twitter is not just for stalking celebrities, it's also where the news breaks first these days. Which means a journalist out on the road needs a decent client to access it wherever they may be. For me, that decent client has to be Twittelator Pro as it is simply the most powerful Twitter client bar none. From the great reading interface, to the ease by which you can follow and create lists, the search and trending functionality it is perfect. Writing posts is quick and easy, with a neat ability to automatically shrink URLS so you can post links to your online news stories with ease. Yep, Twittelator Pro helps you read and write the news, and it acts as a great SEO and syndication tool for good measure. Indeed, it is the single app I use more than any other during a working day and that includes mail and calendar apps! If further proof were needed of how highly I rate this app, I even use it when sitting in the office with my desktop computer - it beats the pants off the 'official' Twitter web interface and then some.

2. Evernote

If I am going to be away from the office for more than a day, then I'll drag my netbook along with me. However, I don't carry it around everywhere I go like some bodily appendage. The same is not true about the iPhone, I do carry that literally everywhere I go. So I need to be able to exploit that when it comes to writing impromptu news stories. Which is where Evernote comes in, with a neat interface that lets me quickly write up some notes (or even a finished piece if needs must) attach some images and maybe a voice recording - all within the same app, which then stores this stuff for me online so I can access it from anywhere using any device on any platform. Neat, and essential.

3. WordWeb

I might be a professional journalist, even an award winning one for that matter, but I still make spelling mistakes and occasionally find myself struggling to find the right word for the occasion. So number three on my list has to be WordWeb which is a dictionary and thesaurus without too many bells and whistles. Not that it isn't powerful, just don't expect a jazzed up graphical interface. Text is what is important here, and delivery that text is what WordWeb concentrates on. You can set it to the version of English you need (American, Australasian, British or Canadian) and let is show antonyms, synonyms, similar words and derived forms. Brilliant, or if you prefer, intelligent, impressive, magnificent.

4. Skype

Yes I know, the iPhone does do phone calls as well as apps. However, as any freelance journalist or blogger will tell you, international calls are expensive. Very expensive. For those times when email isn't an option or you need a real time chat across the waters, I turn to Skype. Be it for Skype to Skype voice calling or the great Skype IM chat functionality, it is something that the jobbing journalist cannot do without in this increasingly global working age.

5. Google

I could use Safari to search Google, and do on occasion. Sometimes I use the SearchIt app which quickly presents Google results in a nicely formatted way, with links to news and Wikipedia and images that I like. But most of the time I find myself fingering that Google icon. As well as the search function which every hack will be using many times a day, this app lets me quickly access my other Google services such as Gmail, Docs, Reader, Translate, YouTube and so on.

6. Google Maps

The one Google service that I keep on the first screen of my iPhone is Google Maps. If I need to know where that chap I am talking to is located I'll look here. If I need to know how to get to his offices which are around the corner somewhere, I'll look here. If I need to get a fix on a town in the middle of nowhere that I've never heard of, I'll look here. As long as I have a 3G or WiFi connection it comes up trumps every time.

7. XE Currency

Writing for different publications around the world I find myself forever having to convert from one currency to another in print. Fine if I am at home with my handy currency conversion tool widget on the desktop PC, but what if I am in a hotel? That's where the iPhone comes to the rescue with XE which quickly gets me the latest exchange rates off the Internet and does the conversions in a flash.

8. reMail

Google Mail has been something of a revelation for the average journalist, meaning that they can keep an online archive of pretty much everything they have ever sent or received and access it pretty much anywhere they are for reference. But what if you need to search for something and there is no Internet connection? What if your mobile phone signal is down? That's when you need reMail which keeps an offline archive of your online GMail messages. Sure, it takes an age (well overnight at least) to go and grab it all to start with, but you end up with an offline archive which is full text searchable and incredibly speedy to return the results you need.

9. iTrans Tube and thetrainline

Two apps find themselves at number nine, both related to train travel. I'm based in the UK and like to travel by train when I can, often at short notice and to somewhere I'm not overly familiar with. Thetrainline app quickly tells me when the next train is leaving and what times the trains are to get back again. iTrans Tube takes care of me when I visit the big smoke, London, and need to go underground. An interactive London Tube map, a tap tells me when trains are leaving and even lets me get directions.

10. Wolfram Alpha LLC

It's not cheap, and it might be argued that it is difficult to use, but if you need quick answers to complex questions it's a life saver. This computational knowledge engine draws on some 50,000 built-in algorithms and an amazing 10 trillion pieces of updated and curated data to provide expert answers to free-form questions. Whether I need to find out what the weather was like in Honolulu when Obama was born or discover the fourth largest female population centre on the planet, Wolfram Alpha will tell me. It's worth the investment in your time to understand how to input questions because the answers it outputs are so useful. I've certainly changed my opinion of it. ]]> Cellphones, PDAs and Handheld Devices happygeek http://www.daniweb.com/forums/thread246020.html News Story Will 802.11ac Gigabit WiFi be the death of Ethernet? http://www.daniweb.com/news/story245152.html Wed, 09 Dec 2009 21:24:39 GMT The Institute of Electrical & Electronics Engineers (IEEE) has started work on WiFi the next generation. While that news in itself might not exactly rock your socks off, the small matter of a big speed increase might. Word is that WiFi TNG could be fast, very fast indeed. Anyone fancy some 1 gigabit per second wireless networking?

Of course, there are a couple of caveats for the average consumer that need to be thrown in the mix here: firstly any WiFi standard upgrade is at least a year or two away yet, and secondly just because your WiFi network will support gigabit speeds that doesn't mean the Internet connection feeding it will run any faster.

So why the excitement? Seriously speedy wireless network could herald the death of Ethernet, simple as that. Assuming the thing can be engineered to be both robust enough as well as quick enough, that is. Certainly 1 Gbps is fast enough as raw encoding rates go, but what about the reliability factor?

From what I can gather it could be a case of perm any one from three, with the three in question being speed, distance and robustness. So the technology can be tweaked to provide better range at the expense of throughput and reliability, or better reliability at the expense of throughput and range for example. However, providing a massive boost to all three would appear to be something of a fantasy right now.

That said, I applaud the IEEE for the work it is doing on 802.11ac and wish it all the best in getting that 1Gbps wireless that we all want, if not actually need. That said, I don't think that the reliable, rangy and speedy Gigabit Ethernet is going to be added to the endangered networks list any time soon. ]]> Networking Hardware Configuration happygeek http://www.daniweb.com/forums/thread245152.html <![CDATA[News Story Preserve Polar Bears, Don't Use Google During Copenhagen Week]]> http://www.daniweb.com/news/story244378.html Mon, 07 Dec 2009 12:53:54 GMT A new search engine officially launches today, the same day as the World Climate Summit in Copenhagen commences. According to Ecosia you can help battle climate change by switching away from Google and here's how.

Not only will the new guy on the search block give 80% of the advertising revenue it earns to a World Wildlife Fund environmental protection project to help save the Amazon rain forest (and therefore reduce global warming and save polar bears in case you were wondering) but it also reckons each search will use much less electricity than Google

Ecosia will also be running on 'green' electricity and apparently will save up to 2 square metres of rain forest when compared to sites like Google which, according to Ecosia at least, produces that same amount of carbon dioxide when making one search as a light bulb does when switched on for an hour.

Search engines claiming to be green are nothing new, who could forget the Black Google for example? But whereas that simply changed the background colour from white to black and claimed to consume a whole heap less electricity as a result (a claim that was poo-pooed by many) Ecosia is doing something tangible by actually donating money to the climate fight.

The Berlin-based search start up is confident it will be the greenest search engine on the planet, with founder Christian Kroll arguing that thanks to advertising "search engines earn billions every year" and there can be an "eco-friendly way of using these huge profits" which is why he is donating 80% of all advertising revenue to the WWF Amazon project.

Great. Assuming that enough people switch away from Google to actually earn any advertising revenue in the first place that is.

Of course that's not the only problem facing Ecosia. Other green engines have been powered by Google and so the argument has always been that they actually leave a bigger carbon footprint as in effect people are using Google and another search farm to do the work, when just one would be better and less harmful. Ecosia does not use Google, but it does use Yahoo and Bing so maybe there is still something in this argument after all. ]]> Search Engine Optimization happygeek http://www.daniweb.com/forums/thread244378.html News Story Non-Latin domain names predicted to cause trouble in 2010 http://www.daniweb.com/news/story243653.html Fri, 04 Dec 2009 12:17:03 GMT With 2009 coming to an end, it's that time of year when security experts start predicting what the (very near) future will hold in terms of likely threat landscapes. One has bucked the trend of just picking on botnet growth and SEO poisoning, although both are on its list, and instead highlighted the dangers of cloud computing and non-Latin domain names.

In a report predictably called Predictions 2010, M86 Security reveals its expectations for Web and messaging-based threats for the coming year based upon extensive research into current threat over the past year coupled with an analysis of the major vulnerabilities facing organisations.

So let's have a look at what popped up when these security experts rubbed their virtual crystal balls shall we?

1. Setting Sights on SaaS and Cloud Services

Cloud computing and SaaS have exploded in popularity during 2009, leading to a vast increase in service offerings. As a result, more and more corporate data is being stored outside of the network, making it difficult for IT administrators to have direct control over the data. In 2010, cybercriminals will target the larger cloud-based providers and attacks will increase.

2. International Domain Name Abuse

In 2009, ICANN approved the registration of Internationalised Domain Names, enabling the use of non-Latin characters in domain names. As a result, phishing attacks should rise, as cybercriminals can register phony Web sites with URLs that are nearly indistinguishable from legitimate ones.

3. Evolution of Web Site Infections

The standard attack vector for cybercriminals is to compromise legitimate Web sites to spread malware. In 2010, the majority of malicious behaviour will reside on legitimate Web sites that have been compromised by various scripts and worms.

4. Exploiting Third Party Applications

Cybercriminals commonly exploit highly deployed third party applications, such as Adobe Flash and Acrobat Reader. The ability to embed one file type in another will result in more complex attacks gaining popularity in 2010, due to the ability to evade detection mechanisms.

5. Attacking Application Programming Interfaces

Social networks such as Twitter and Facebook are extending their services for third party development through the use of application programming interfaces (APIs). There is an implicit level of trust provided through the use of APIs, granting access to user profiles and data, so the threats that target them are likely to increase in 2010.

6. URL Shortening Services Hide Nefarious Means

The popularity of Twitter and link sharing has given rise to URL shortening services that reduce the number of characters needed to parse a link. However, these services enable cybercriminals to spread spam and malware by obfuscating the destination of posted links.

7. Botnets Grow in Sophistication

Botnets continue to be a major problem, driving the majority of spam output and mass Web site attacks. Botnets have moved away from traditional IRC-based command and control, in favour of HTTP or other custom protocols, utilising Twitter, Google and Facebook.

8. Continued Rise of Scareware

Scareware is a traditional tactic that grew popular in the second half of 2009 because its effectiveness. Consumers are prompted to download malicious software through convincingly crafted anti-malware landing pages. In 2010, these attacks should escalate, as the look and feel of scareware pages get updated and criminals find new ways to reach users.

9. Poisoning Search Engine Results

A growing trend is the use of Search Engine Optimisation (SEO) techniques to drive users to Web pages hosting malicious code. Also known as SEO poisoning, the technique aims to elevate malicious landing pages in search engine results rankings to ensure a steady supply of victims. The technique is commonly paired with scareware to capitalise on users trust in search engines. ]]> Domains and DNS happygeek http://www.daniweb.com/forums/thread243653.html News Story Will Google Public DNS become a valuable commercial data mine? http://www.daniweb.com/news/story243494.html Thu, 03 Dec 2009 23:16:13 GMT Depending upon the level of your paranoia, Google is either attempting to take over the online world or simply trying to make it a better place in which to work and play. This latest announcement does nothing to clarify these already muddy waters. "As part of our ongoing effort to make the web faster" says Google Product Manager Prem Ramaswami "we're launching our own public DNS resolver".

DNS, the Domain Name System that converts domain names that humans are happy with such as www.daniweb.com into the Internet Protocol (IP) numbers such as 74.53.219.188 (type it into your browser and it will take you to www.daniweb.com as if by magic) that computers like.

For the most part, the average user doesn't give any thought to DNS as it's one of those behind the scenes technical things that make the Internet work. There isn't any need for the average user to even know that DNS exists, let alone how it works or who holds the key to the IP kingdom. But these databases that form the address book of the Internet are hugely important. Which is why DNS distributes the responsibility of how the domain names are assigned and mapped to IP numbers to particular trusted and authoritative name servers for each top level domain. The system works, and on the whole it works well, by being a distributed and fault tolerant beast.

It has to be, otherwise the Internet would simply crawl to a halt under the strain of the hundreds if not thousands of DNS lookups we all make each and every day. So if it ain't broke, why is Google trying to fix it?

Ramaswami argues that complex pages requiring multiple DNS lookups before they start loading can "slow down the browsing experience" and that the Google approach is being tweaked in order to "make users' web-surfing experiences faster, safer and more reliable".

Google certainly thinks it will be safer, arguing that it will provide numerous security benefits over existing services which have had their moments and near misses in recent times.

And Google certainly thinks it will be faster. "The goal of Google Public DNS is to benefit users worldwide while also helping the tens of thousands of DNS resolvers improve their services, ultimately making the web faster for everyone" Ramaswami concludes.

It is not a conclusion shared by everyone. Privacy advocates are concerned that by handing over Internet address resolution to Google in this way, taking that away from the ISP, could leave the search giant with the potential to get even more data about where people go when they are online. Google has tried to offset some of these concerns by setting up a privacy policy for Google Public DNS which promises to delete the temporary logs containing IP addresses within 48 hours. The company also points out that the service will not be an authoritative name service and not a top-level domain service either. It's just an alternative, a faster alternative, for those people who want to try something different.

I'm not too worried about it myself, not least because I doubt it will prove that successful for one very good reason: reconfiguring DNS is just too much of a hassle for all but the most determined of users. Some have argued that it will likely be the default DNS for the Chrome OS in 2010, and that will speed uptake. But that presumes that Chrome OS will have a great impact in the market, and that itself is questionable.

I'm more interested to see how the Internet Corporation of Assigned Names and Numbers (ICANN) responds, and the impact of Google just making such an announcement as this will surely muddy the highly political waters upon which the whole concept of Internet governance floats. ]]> Domains and DNS happygeek http://www.daniweb.com/forums/thread243494.html News Story Death of piracy about as likely as death of porn http://www.daniweb.com/news/story242981.html Wed, 02 Dec 2009 10:06:01 GMT What might kill illegal downloading do you think? The long (and mostly ineffective (http://www.daniweb.com/news/story220692.html)) arm of the law perhaps, or maybe a sudden (and unlikely) feeling of overwhelming love (http://www.daniweb.com/news/story235178.html) for the poor music and movie... What might kill illegal downloading do you think? The long (and mostly ineffective) arm of the law perhaps, or maybe a sudden (and unlikely) feeling of overwhelming love for the poor music and movie industry?

According to the Global Web Index the answer could be simple and obvious: why bother downloading something illegally when you can watch it or listen to it perfectly legally using streaming media services?

YouTube has certainly showed a thirst for streaming videos, free of charge to the end user. The Global Web Index research reveals that 64% of Internet users watch video clips this way. Aha, you say, video clips are not the same as movies though. However, according to the report it seems that 31% are already watching full length TV and 'video programming' (whatever that might be) so perhaps the notion of streaming advertising supported full length blockbusters isn't a total non-starter.

Tom Smith, Managing Director of Trendstream who led the research says "Thanks to the rise of online services such as Spotify, Hulu, iPlayer and of course YouTube, the environment has been created where you can stream almost all the content you would ever want. If everything I want is available on demand, the concept of ownership is diminished" and adds "This is not only a threat to traditional packaged sales of music, TV and film, it will also kill off piracy. Why pirate when you can stream?".

It's all about the money, I hear you scream. Yet this research suggests that isn't actually the case with people downloading illegal media content are also driven by a desire for immediacy, being able to get that content as soon as it is available. Take the example of watching US TV shows in the UK, shows which are not legally available for months thanks to complex licensing issues.

Tom Smith concludes "This does not mean consumers won?t pay for their online content. When content is great and it can be accessed when and how people want, they will pay. Instead of taking legal action against isolated individuals, the content providers should take the opportunity to get their content online in a relevant format and at a fair price. If they do that, people will no longer to seek illegal alternatives. In a world of instant information and content, media owners are missing out on millions of dollars of revenue by restricting content through time delays, regional staggering or by relying purely on traditional media delivery".

Only time will tell, but history suggests that as is the case with online porn it will not be easy to rid the Internet of illegal downloaders and file-sharers. ]]> eCommerce happygeek http://www.daniweb.com/forums/thread242981.html News Story How to jump the BT Broadband queue http://www.daniweb.com/news/story242426.html Mon, 30 Nov 2009 12:25:21 GMT Jumping the queue for BT Broadband is possible, it would seem. Possible, but not easy - unless you happen to be the Chairman of BT that is.

Imagine you've been living without broadband for years because BT cannot supply it to your rural residence. Now imagine if the chairman of BT moves to your village, and you discover that he is actually getting a broadband service - from BT. Oh what a PR disaster that would be.

Imagine no more, that's exactly what has happened in Hambleden, Oxfordshire. Sir Michael Rake arrived in the village, one of the 'broadband not-spots' which BT says it cannot yet provide a service to, about a year ago. Villagers have been trying to persuade BT to move them into the broadband age for five years or more now, all to no avail. One was even told that if he wanted BT to run a broadband pipe directly to his house as a special service it would cost him £68,000. Of course, his name was not Sir Michael Rake.

A recent report suggested that some 7.5 million UK broadband users are disappointed with the service they get. The villagers of Hambleden are bloody furious, it would seem. The well connected (every pun intended) newcomer to the village appears to be getting special treatment from the company he runs and has been placed on a very limited Broadband Enabling Technology (BET) trial which provides him with a broadband feed of up to 2Mbps if two bonded lines are used.

OK, let's sit back a little and think this over. Of course you would expect the chairman of the board to get a place on the 'very small pilot scheme' being run by BT, not least as the company tends to try these things out with staff first of all before extending the trials to customers once initial bugs have been ironed out. However, the fact that Sir Michael is so new to the village, and other residents and local businesses have been campaigning for broadband access for years, might have given BT some food for thought before pressing ahead.

Would it have been too difficult to avoid a PR disaster, and this is set to become nothing less, by agreeing to extend the trial to the entire village? Either that, or explain to Sir Michael that it might be better if he waits a bit like everyone else.

A BT spokesperson told The Telegraph "BT has learnt a lot through the trial the chairman participated in and hopefully those lessons will benefit the residents of Hambleden in due course".

It could be worse, Sir Michael could have been trialling the BT 60Mbit/s service I guess. ]]> Networking Hardware Configuration happygeek http://www.daniweb.com/forums/thread242426.html News Story I had that phone in the back of my taxi 10,000 times! http://www.daniweb.com/news/story242405.html Mon, 30 Nov 2009 09:58:37 GMT According to a new survey of London taxi drivers, an average of 10,000 mobile phones are left behind by customers every single month. If that total is not staggeringly high enough, you can top it up with another 1000 iPods and memory sticks if you like. December is the worse month for losing a... According to a new survey of London taxi drivers, an average of 10,000 mobile phones are left behind by customers every single month. If that total is not staggeringly high enough, you can top it up with another 1000 iPods and memory sticks if you like. December is the worse month for losing a mobile phone in a taxi though, most likely down to people having their hands full of bags of Xmas shopping as they rush to jump out.

Steve McMenara, a spokesperson for TAXI, which is a magazine published by the Licensed Taxi Drivers Association, said: "It’s a known fact that this is the worst time of year for forgetting `property’ at the back of cabs, but especially mobile phones and laptops as they slip onto the floor or get forgotten on the seats as passengers rush onto their next destination with their hands full. More people travel into London to buy their Xmas presents during this period who are not regular cab users, they hop a cab to get back to their train stations – and it’s always about an hour later we get a panicked call on their mobile phones asking for them to be returned."

Sean Glynn from encryption specialists Credant Technologies which carried out the taxi survey adds: "Back in the good old days when a Window was something you looked out of, and a Mac was something you wore in the rain, it used to be small items like brollies and briefcases stuffed full of boring office papers. Now it’s laptops, smartphone’s and thumb drives, all chock-full of valuable information to an identity thief. If you don’t want to worry about the consequences of losing your mobile – with all those embarrassing text messages and pictures - or laptop with valuable personal and company information – then protect that data using encryption and/or passwords. The technology is available, so why not use it?"

That said, the survey also reveals that a licensed London taxi, of the 'black cab' variety, is one of the safest places you can lose a mobile phone in the UK. Apparently some 80% of the cabbies which took part said that owners were reunited with phones after the driver found them and handed them into the lost property service. Lose a mobile phone in the back of a New York taxi and, a parallel survey suggests, the chance of you getting it back drops to 66%. It's not all good news for Londoners though, a similar survey three years ago reported that you had a 96% chance of getting your lost property back, so it looks like cabbies are getting less honest as the recession bites.

Amongst the more interesting things left in the back of London taxis during the last year have been: a baby, a cat, 2 dogs, a number of toilet seats, a brace of pheasants plus a sawn off shotgun and even some pork chops and plenty of false teeth. ]]> Cellphones, PDAs and Handheld Devices happygeek http://www.daniweb.com/forums/thread242405.html News Story Murdoch: a mogul in denial http://www.daniweb.com/news/story240694.html Mon, 23 Nov 2009 12:55:53 GMT Rupert Murdoch is not a stupid man, his business empire is evidence of that. For anyone to become a media mogul requires smarts, but those smarts seem to be deserting Murdoch as he continues to play the fool and deny that old monetisation methods do not work for the new online model that has so... Rupert Murdoch is not a stupid man, his business empire is evidence of that. For anyone to become a media mogul requires smarts, but those smarts seem to be deserting Murdoch as he continues to play the fool and deny that old monetisation methods do not work for the new online model that has so totally embraced news media.

Gord Hotchkiss over at Searchnewz says "Rupert Murdoch's rantings are so out of touch that they're bordering on lunacy, or, at a minimum, stupidity. He's mad that his old revenue model isn't working anymore" and I couldn't agree more.

When Mike Butcher at TechCrunch broke the news that Microsoft might be trying to fund a move to persuade newspapers to move from Google to Bing, a few of us blinked not so much with surprise but more a feeling of inevitability. It took a while for the rest of the world to catch up after the Financial Times published a story (behind a paywall and 9 days later, ironically enough) stating that Microsoft had discussions involving News Corp "being paid to de-index its news websites from Google". It's also something Ron Miller, right here on DaniWeb, beat the old media to the punch with if you broaden the net a little and excuse the pun.

This all comes off the back of a Sky News interview with Rupert Murdoch during which he pointed out that readers who see News Corp news after arriving from a search page are of little value as far as its advertisers are concerned. Murdoch took the bait offered up by the Sky political editor when asked why he didn't make his sites invisible to Google in that case and responded with a curt "I think we will".

Murdoch is, as you would expect from a media mogul, looking for ways to make news pay. He has already proposed a highly controversial 'paywall' behind which premium news content should be made available only to those willing to pay for the privilege. You can do your own search for 'Murdoch Paywall' to see what the web thinks of that. My view on that, as a former Sunday Times columnist and having had some involvement in the first News Corp online venture (Delphi UK) is to say OK, go ahead. Market forces will prevail and if your news content is really worth it, Mr Murdoch, people will indeed pay and your media empire will not crumble and die before your very eyes.

Unfortunately I think that, in all honesty, you still don't get this new media Internet thing, and your advisors are not being helpful in illuminating your understanding it would seem. Otherwise why would you be demanding that headline link aggregators such as NewsNow stop linking to your stories?

The copyright infraction argument being used is a spurious one, linking is not stealing and in fact it is quite the opposite. Instead of reselling your content, Mr Murdoch, headline linking aggregators are pushing hundreds of thousands of readers to your stories, on your servers, every day. Now, if you cannot figure out a way to make money from this influx of readers then that is as a result of shortcomings in your business vision and should not be blamed on the very services which are delivering your readers to you.

There was an interesting post on Twitter over the weekend in which someone mused over whether Murdoch might start turning his attention to bloggers and try closing them down over fair use and news linking next. My immediate thought was it would be a silly thing to do, after all most newspaper journalists use blogs as an information source these days, and stories often break on the blogs first and are then 'discovered' by the newspapers and presented as their own scoop.

Which kind of brings us full circle back to Mike Butcher at TechCrunch breaking the Microsoft meeting story more than a week before the old media hacks got hold of it.

However, I am not quite done with this rant, because there is one more blog that is deserving of a mention here and that is TechDirt which has done a wonderful job in erecting a counter-argument to the news aggregators as parasites position in a story entitled "A Look At All The Sites Owned By Rupert Murdoch That 'Steal' Content" which examines Murdoch owned sites which appear to aggregate content from other sites and rely upon the fair use argument that Murdoch seems to think should be dismissed by the courts.

I'm guessing that at some point soon the tablets will kick in, the sabre will stop being rattled, and Murdoch will realise that cutting his hands off because he has a headache isn't going to solve anything. Just as cutting off Google isn't going to result in a sudden deluge of folk rushing to subscribe to News Corp content when they can simply use Google to find someone else reporting the same news, for free. ]]> eCommerce happygeek http://www.daniweb.com/forums/thread240694.html News Story Apple voids Mac warranties for smokers, claims hardware is biohazard http://www.daniweb.com/news/story240428.html Sun, 22 Nov 2009 12:06:08 GMT This has to be the most bizarre excuse for voiding a warranty ever, but according to The Consumerist (http://consumerist.com/5408885/smoking-near-apple-computers-creates-biohazard-voids-warranty) at least two Mac owners have been told their Applecare warranties are no good because they smoke. In... This has to be the most bizarre excuse for voiding a warranty ever, but according to The Consumerist at least two Mac owners have been told their Applecare warranties are no good because they smoke.

In both cases, we are told, the Mac owner concerned took the matter up with the Apple supremo, Steve Jobs, or at least with his office. And in both cases they lost that appeal.

According to one of the users, who had an overheating Macbook, his machine had more than a year of warranty to run but the Apple Store called him to let him know it would not be working on the machine and his warranty had been voided. The chap says they told him this was due to the health risks of second hand smoke.

The other user, in a different part of the US entirely, reports a similar experience. She had a non-working iMac with an extended warranty which was voided by Apple due to contamination. When pressed for an explanation the user was told that the computer was contaminated with cigarette smoke and as such constituted a bio-hazard.

Oddly, the Applecare warranty document itself does not seem to mention cigarette smoke as being something that would void the cover. Apple has a long history of making mad decisions (see here, here, here and here for some examples) but this really does take the biscuit.

I'm an ex-smoker myself, and like many ex-smokers I hate the smell of cigarettes and I hate being in a room full of smokers. But I'll tell you what I hate even more, and that's some numbnuts repair guy who mistakenly thinks he will get cancer from looking at a hard drive with tar on it, and some numbnuts company which defends that decision. ]]> Apple Hardware happygeek http://www.daniweb.com/forums/thread240428.html News Story OMG! Gumblar gets busy http://www.daniweb.com/news/story239735.html Thu, 19 Nov 2009 12:25:32 GMT I just had a Jaws moment. You know, you think it is safe to go back in the water and then a bloody great shark bites your legs off. Except in this case you can replace the sea with the Internet and the shark with the equally dangerous Gumblar (http://www.daniweb.com/blogs/entry4339.html). ... I just had a Jaws moment. You know, you think it is safe to go back in the water and then a bloody great shark bites your legs off. Except in this case you can replace the sea with the Internet and the shark with the equally dangerous Gumblar.

According to the latest ScanSafe numbers, Gumblar was responsible for a whopping 29% of all the web malware blocks it saw during October. Gumblar, in case you were wondering, is the collective name for a family of website compromises which are particularly nasty. Using a variety of routes to infection, Gumblar will install traffic sniffers and backdoors on computers, and exploit stolen FTP data to compromise web servers and sites.

During the course of October it began to put a backdoor botnet to use as a malware host, something very rarely seen as botnets are usually used to distribute and attack rather than host malware. To make matters even more worrisome, Gumblar has been dynamically constructing the hosted malware at the time of access to ensure users are delivered different exploits dependent on factors such as browser type for example. Throw in the use of dynamic obfuscation and you start to understand why Gumblar is proving to be such a troublesome beast. Once a Gumblar family exploit has been successfully installed via a visit to a compromised site, it is able to intercept all web traffic in both directions.

"Gumblar is arguably one of the most insidious threats facing both Web surfers and website operators today" Mary Landesman, senior security researcher at ScanSafe, argues "disturbingly, in early November, we detected that the backdoor left in place on the compromised websites by the Gumblar attackers was being leveraged by other groups of attackers meaning that the sites were under their control. This exacerbates the seriousness of the situation".

Landesman admits that the implications of this evolutionary departure from the norm displayed by Gumblar when it comes to installing PHP backdoors on compromised websites and using them as the actual malware host are rather staggering. "When a typical outbreak of website compromises occur, there are generally only a few actual malware domains involved" Landesman explains, adding "in the case of Gumblar, conservatively there are at least 2,000 backdoored websites serving as actual malware hosts. As a result, there is no single or few points at which to target efforts to shutdown the source of malware". ]]> Viruses, Spyware and other Nasties happygeek http://www.daniweb.com/forums/thread239735.html News Story Introducing the Linux OAPC (Old Age Personal Computer) http://www.daniweb.com/news/story239453.html Wed, 18 Nov 2009 13:29:03 GMT What do you get if you combine a computer company with a group of Vegans and someone who used to present a popular children's TV show? The less than obvious answer is a Linux computer designed especially for old people.

But there you have it, and according to the press release that sits before me the awfully named simplicITy computer (what's wrong with OAPC I ask you) that is designed specifically to meet the needs of users aged 50 plus, has come about courtesy of a collaboration between a money saving website co-founded by ex Blue Peter presenter Valerie Singleton, a group called Vegan Solutions and a company by the name of Wessex Computers.

The real question I find myself asking is why? Why build a PC just for older people, and why assume that older people are either technophobic or somehow incapable of using a bog standard PC running Linux, Windows or even a Mac for that matter?

"For some time now, we have been aware of the need among older people for a simpler type of computer" Valerie Singleton says, continuing "a large number of 50 pluses only require: email, internet, a writing package, perhaps a means of storing or viewing pictures and a facility to chat. We don’t need the bells and whistles that modern computers offer, we just need something that’s simple to use and reliable".

So buy a netbook then.

The press release gets even odder, insisting that if you walk into any computer store you discover that even a basic computer comes with "a bewildering array of packages and programmes" as if this is a problem. Surely that's called getting value for money, right? How many consumers would buy a PC which comes with just the OS and diddly squat else if it cost the same as a PC which comes with a bunch of productivity and leisure applications thrown in for free?

But that's not the only problem, apparently. Nope, the user interface is not ideal either I am assured, and as a result "potential mature computer users are being ‘turned off’ from using email and the Internet".

So buy a netbook running Linux then, assuming you can still find one that is.

Nigel Houghton, Managing Director of discount-age which is marketing the OAPC (I'm using my name as it is less bewildering and confusing than simplicITy) argues that for "many 50-pluses, using a computer has become complicated and frightening" and the OAPC makes "getting online and staying in touch painless, easy and affordable".

What's the secret of this incredible computer for the apparently easily confused over 50 age group then? The use of a basic menu planted on top of a Linux distro called Mint. This shows just six big options to choose from: Email, Browse the web, Chat, About me, Documents and Video tutorials.

Big buttons with big text and a page called Square One so if the user gets too confused they can always go straight back to square one. To aid the anti-confusion, the video tutorial button explains the main functions "slowly and logically" and can be "played again and again".

Don't get me wrong, I applaud any attempt to get more people into computing in this increasingly IT communications dependent age. I don't have anything against using Linux either. But is it just me who finds this whole approach a little, well, overly patronising?

It has far too much of the speak loudly and slowly about it, after all the poor old duffers will never understand otherwise right? I'm sure the team involved has done its research, but a quick poll over the last few days of relatives and acquaintances over the age of 50 makes me think it might have missed the mark, by a country mile.

Most of the people I spoke to were as old as Ivy Bean although most were as computer savvy and all were rather offended by the idea of being treated as incapable of using a PC just on age grounds. While more than half of these people already owned a computer and were amazingly managing to cope with using it quite well thanks very much, the remainder were split up between those who had no interest at all and 20% who popped into the library and used a PC there when they needed to. Of that group, a number said they would be buying a laptop soon so I explained more about the OAPC.

Guess what the main concern was? Yep, that the computer would not be the same as the ones in the library, which they already knew how to use. And those library PCs were running Windows, of course.

I admit that I am not in the over 50 age group myself, so I'd be particularly interested in reading the opinions of those who are. Is the Linux OAPC a hit or miss? ]]> Window and Desktop Managers happygeek http://www.daniweb.com/forums/thread239453.html News Story How to destroy a botnet http://www.daniweb.com/news/story238483.html Sat, 14 Nov 2009 11:52:14 GMT Botnets are, without any shadow of a doubt, one of the biggest scourges (http://www.itpro.co.uk/blogs/daveyw/2009/09/30/death-taxes-and-botnets/) of IT security today. From sending spam to launching DDoS attacks (http://www.daniweb.com/news/story238033.html) and distributing malware, botnets can be... Botnets are, without any shadow of a doubt, one of the biggest scourges of IT security today. From sending spam to launching DDoS attacks and distributing malware, botnets can be found at the centre of most of the security problems facing computer users right now.

So wouldn't it be fun if you could take down, knock over and destroy a botnet? The good news is that it seems you can, with a little determination and a lot of inside knowledge.

Researchers at the FireEye Malware Intelligence Lab have been working hard at gathering the necessary knowledge with regards to one Botnet, known as Ozdok or perhaps more commonly Mega-D. Having got to grips with the command and control architecture, along with the fallback mechanisms used to keep the botnet alive should they come under attack, FireEye decided the time was right to strike. This meant moving out of the lab and the purely theoretical realm of botnet takedown and into the real world, which involves getting various agencies working together with an intent to destroy a botnet. So FireEye contacted ISPs, registries and registrars and set about the task in hand.

Atif Mushtaq writes that "all the major Ozdok command and control servers... have been taken down. As it turns out, no matter how many fallback mechanisms are in place, if they aren't all implemented properly, the botnet is vulnerable".

It wasn't easy, but within a 24 hour period it would appear that it is possible to shutdown a botnet by working against all the fallback mechanisms that have been identified, and doing so with such speed that the botnet herders are unable to mount any kind of defence strategy to keep running.

FireEye approached the challenge methodically, by first preparing enough evidence of botnet activity (including those domains and hosts responsible) to allow ISPs to take the abuse notifications that followed seriously. Apparently this initial work paid off with only 4 hosts not being taken down promptly as a result, and those have been reported to relevant authorities to try and get them investigated and removed. Registrars were also contacted to request domain were suspended so as to break the primary command and control chain. Some of these were successful, although many appear to be still up and running. So not so much success there, although FireEye has managed to reroute Mega-D zombies to a sinkhole server rather than the real Command and Control centres.

In itself this is good news as it means FireEye can collect data about those zombies and identify victims, who can then be given help to clean their machines. In the first 24 hours of this determined takedown effort FireEye has seen 264,784 unique IPs connect to the sinkhole server.

According to Mathew Nisbet, Malware Data Analyst with MessageLabs, the effort has been worthwhile. Nisbet says "our monitoring shows a huge decline in this previously prolific botnet’s activity" continuing "normally between 600 and 1600 IP’s are seen each day" but after the takedown attempt it "plummeted down to less than 50".

Sure, Mega-D was not obliterated by this attack and it is still spewing out a handful of spams every day. It should be remembered that Mega-D has been taken down before and bounced back. However, this time it has been effectively crippled and that's important given how fiercely competitive the botnet market is. Clients will move elsewhere and it is doubtful if Mega-D will be able to recover to anything like the position it previously held in the underground botnet for hire league tables. ]]> Viruses, Spyware and other Nasties happygeek http://www.daniweb.com/forums/thread238483.html News Story Warning: iPhone exploit in the wild and stealing user data http://www.daniweb.com/news/story238029.html Thu, 12 Nov 2009 12:37:46 GMT Over the weekend news broke that a worm had started infecting Jailbroken iPhones in Australia. Nobody really took the exploit too seriously as all the 'ikee worm' did was change the phone wallpaper to a picture of 80's pop singer Rick Astley in a kind of warped tribute to the RickRolling Internet meme of last year.

However, I warned at the time that "as code variants continue to appear it is only a matter of time, and probably not that much of it, before a malicious party uses it to deliver a payload that is a whole lot more troublesome than Rick Astley" and my gloomy prediction has now borne fruit.

One researcher, Peter James of Mac security specialists Intego, has revealed that a new exploit is taking advantage of the same vulnerability that the ikee worm did, the often unchanged default SSH password of Jailbroken iPhones. iPhone/Privacy.A, as Intego have creatively named it, will allow hackers to "silently copy a treasure trove of user data from a compromised iPhone: e-mail, contacts, SMSs, calendars, photos, music files, videos, as well as any data recorded by any iPhone app".

The hacker would first need to install the tool onto a computer which would then scan for any Jailbroken iPhones connected to the networks it discovers, and assuming that the root password has not been changed it can then quietly go about its business. Although there is a chance of the thing being installed on a computer in shop, for example, and scanning for devices within range as people mill about, the actual overall risk is pretty low.

For a start it requires a Jailbroken device, either iPhone or iTouch, and it is estimated that something less than 10% have actually been modified in this way. Although this does mean a couple of million or so devices at risk, you also have to bear in mind that many of those who have gone through the Jailbreak process will be of a technical mindset. Exactly the people who read the newsfeeds, who frequent forums such as DaniWeb, who will be all to aware of ikee and the need to change the default SSH root password. All of the time the number of devices that are at risk is being reduced.

So perhaps the 75% of people who took part in a Sophos poll which asked if the ikee worm author had done iPhone users a favour by alerting them to a significant problem in a harmless way and agreed that he had were right after all. Better to get a grinning pop star on your iPhone as a wake up call to a vulnerability than have your data stolen right off the bat. That said, the ikee worm also alerted the bad guys to the vulnerability and it has not taken them long to get right out there and exploit it.

Personally I would have preferred it if the ikee chap had approached Apple with the discovery and let them get it patched before going public. That kind of disclosure is the responsible way to do it and, assuming that Apple acted quickly enough, the problem could have been corrected without any data stealing tools or faded singers being involved. Of course, Apple might say that if you breach the terms and conditions of usage of your hardware device by modifying it in this way then you deserve everything you get.

Certainly, as far as the Apple campaign against Jailbreaking goes this kind of bad publicity is actually pretty good for the company. It can, quite rightly, proclaim that legitimate users have nothing to fear and warn that the security risk is just one more reason that they should not be tempted down the Jailbreak road.

That said, some researchers are also warning that non-Jailbroken iPhones could be compromised if the bad guys look away from this particular access route and start exploiting other avenues such as the SMS hacking trick revealed at Black Hat earlier in the year. ]]> Mac Rumors and Reports happygeek http://www.daniweb.com/forums/thread238029.html News Story Programming Google - expressive, concurrent and garbage-collected http://www.daniweb.com/news/story238004.html Thu, 12 Nov 2009 11:26:18 GMT First Google expressed an interest in the web browser client (http://www.itwire.com/content/view/20370/53/) market, and then the operating system market (http://www.itwire.com/content/view/26281/53/) and now it has launched its own open source systems programming language. Google Go... First Google expressed an interest in the web browser client market, and then the operating system market and now it has launched its own open source systems programming language.

Google Go is being touted as 'expressive, concurrent, garbage-collected' and promises to produce fast code, fast. According to Google a typical build takes but a fraction of a second while the resulting programs run almost as quickly as comparable C or C++ code.

Go has, we are told, pointers but no pointer arithmetic (for random access Google says use slices which know their limits) and promotes writing systems and servers as sets of lightweight communicating processes which it has called goroutines. You can "run thousands of goroutines if you want and say goodbye to stack overflows" Google insists.

So why this and why now? Well, Google argues that while the computing landscape has changed significantly over the last decade there has not been a major systems language that has emerged alongside to exploit the increasing speed of computers, to address the dependency management that is such a big part of software development today, to counter the growing rebellion against 'cumbersome type systems' such as Java and C++, and to properly support fundamental concepts of garbage collection and parallel computation.

"We believe it's worth trying again with a new language, a concurrent, garbage-collected language with fast compilation" Google states.

It tells us that a large Go program will compile in just a few seconds on a single computer and that Go provides a software construction model that makes dependency analysis easy peasy while at the same time avoiding much of the overhead of C-style include files and libraries.

It reveals that the open source Go type system has no hierarchy and so there is no time wasted defining relationships between types. Unlike typical OO languages, Go makes its static types feel lightweight, apparently.

Of course, it remains to be seen just how this programming language experiment, for that is what it undoubtedly is, will work out. It's one of those things that has emerged from an internal project, initially conceived to make it easier to write Google server software. But Google admits it isn't actually ready for any kind of large-scale production use yet, although the server behind the golang.org site is a Go program I am told.

There's an in-depth tutorial here so take a look and let me know what you think. How far can Google Go, er, go? ]]> C++ happygeek http://www.daniweb.com/forums/thread238004.html News Story Have 600,000 modders lost Xbox Live access in Microsoft cull? http://www.daniweb.com/news/story237742.html Wed, 11 Nov 2009 12:05:18 GMT Reports are starting to emerge online that Microsoft may have initiated a cull of Xbox Live accounts belonging to users of modified games consoles. One claims that a "trusty source" working in a call centre which handles Xbox 360 accounts has had an influx of "screaming teenagers who don't don't understand the terms of use that comes with the console they bought". That same posting suggests that as many as 600,000 Xbox Live accounts across North America have been disabled so far.

Comments to another forum confirm that Xbox owners in Europe are also seeing accounts banned for having modifications such as flashed firmware on the DVD drive.

It would seem that the move is against those owners whose consoles have been modded to play pirated games and suggests that owners of such modified consoles should not login to Xbox Live until after the Christmas holidays as the cull should be over by then.

I have had my fair share of Xbox 360 hardware problems but have not been tempted into taking my revenge on Microsoft by going down the modded console route. I have to say that I'm glad I have stayed legal now, after all without Xbox Live the 360 is about as much use as a one legged man at an ass kicking party. ]]> Game Development happygeek http://www.daniweb.com/forums/thread237742.html News Story Does Twitter mean business with LinkedIn deal? http://www.daniweb.com/news/story237470.html Tue, 10 Nov 2009 11:57:05 GMT Everyone seems to be talking about how first Facebook (http://www.itwire.com/content/view/25376/53/) and now Twitter are being adopted by business users, as if the concept of social networking in a business environment was somehow new. Of course, the truth is that services such as LinkedIn have... Everyone seems to be talking about how first Facebook and now Twitter are being adopted by business users, as if the concept of social networking in a business environment was somehow new. Of course, the truth is that services such as LinkedIn have been providing just that for many years now.

Indeed, LinkedIn has fairly quietly grown to some 51 million members worldwide now, yet still seems to struggle to command the same type of media pulling power that either Twitter or Facebook have when it comes to generating news headlines and publicity.

I suspect there will be no such problems today as LinkedIn cleverly announces what it calls an 'integration partnership' with none other than Twitter itself, allowing members to share their status updates between both services.

Unfortunately, while LinkedIn is getting all excited about "cross integration of the two networks through the Tweets app" which "allows members of LinkedIn to automatically share their updates on the professional network with their Twitter followers" and the ability to "select Twitter status updates to share with their LinkedIn network" simply by "adding the #in hashtag to tweets on the microblogging site" I am not jumping up and down myself. Well, at least not with joy or excitement.

It has been possible to do much the same between Facebook and Twitter accounts for some time now, and to be honest it has ended up driving me away from Facebook. I pop in rarely now, only if I get an email notification that someone I'm interested in catching up with wants to connect with me there. My problem being that I already see the updates that my friends post on Twitter, so why on earth would I want to see the exact same updates on Facebook as well? Now it looks like I'll be using LinkedIn even less than I do already, as I certainly don't want to see them all there as well.

"Linking the two together via simple sharing of status updates will add the broadcast power of Twitter to the collective knowledge and business insight of LinkedIn global membership" LinkedIn says in a statement, adding that the partnership will enable members of both sites to "collaborate more easily, communicate with their network and continue to become more productive and successful".

But I still don't get it, not least as surely most people tend to draw a distinct line between Twitter and LinkedIn, between professional and social networking. After all, the whole point of LinkedIn has always been as a way of connecting to other professionals within a business context. I consider LinkedIn to be more like handing your business card around at a conference, and Twitter more like texting your mates. Things do change though, and Twitter is no exception as it has proved recently when it found its voice and roared.

Sure, Twitter has been embraced by the new media business crowd, but more as a marketing tool than anything else and certainly not, as far as I can tell, as a true business networking service. Which leaves me wondering if this will be used more as a one-way medium with LinkedIn postings hitting Twitter far more than the other way around? How that will pan out is pretty unclear, as is how postings of a purely business nature will be received by the Twitterati. So far pure marketing campaigns such as the now infamous Moonfruit one have had a mixed reception, often creating something of a Twitter backlash against the use of hashtag spam. Will LinkedIn messages be treated the same way, as corporate spam?

The only thing I am really sure about is that LinkedIn will get some column inches out of this, courtesy of the Twitter connection. And that has got to be good for business. ]]> Social Media and Online Communities happygeek http://www.daniweb.com/forums/thread237470.html News Story FIGHT: World of Warcraft vs China http://www.daniweb.com/news/story235672.html Tue, 03 Nov 2009 14:04:15 GMT It would seem that there is something of an ongoing battle in the world of online Chinese gaming, and World of Warcraft is right in the midst of it. As I reported (http://www.daniweb.com/news/story220683.html) back in July, the company behind World of Warcraft (Blizzard Entertainment) was having... It would seem that there is something of an ongoing battle in the world of online Chinese gaming, and World of Warcraft is right in the midst of it.

As I reported back in July, the company behind World of Warcraft (Blizzard Entertainment) was having problems in getting The Burning Crusade expansion pack up and running in China. Best not even mention Wrath of the Lich King then. It's all a little, well a lot, complicated and just a tad political, of course. Here's what I said a few months ago:

"A planned upgrade to the game which involved moving to a new operator in China, an online gaming outfit by the name of NetEase, has been anything but easy. Because it is a foreign game, and the move to a new local operator makes it a new foreign game for good measure, the Chinese government get to put it through a strict approval process."

Now it would seem that the publishing regulator in China has returned that application and halted the approval process as a result. NetEase, meanwhile, has already started operating World of Warcraft in China again despite not having approval. It fired up the local WoW servers back in September, one assumes as it was tired of waiting for that bureaucratic rubber stamp. Remember, WoW had already been approved and had been operating in China previously, all that changed was the local operator. Heck, NetEase apparently even got the nod to go ahead from the Cultural Ministry in China to rev up the WoW servers again.

But that has not appeased the agency concerned with the approval process, the General Administration of Press and Publication (GAPP) and it has now demanded NetEase stop taking money, stop new players from signing up, and in effect just, well, stop. No doubt part of this intransigence stems from the declared intent of GAPP to clean up the online gaming sector and remove violence and pornography from the MMORPG genre (oh how China loves those weapons of mass censorship) but it will be interesting to see how the war is won between commerce, a Government with one eye on foreign investment and an internal agency seemingly struggling to justify its own existence. ]]> Game Development happygeek http://www.daniweb.com/forums/thread235672.html News Story Hold the front page: Piracy is not killing the music business! http://www.daniweb.com/news/story235178.html Sun, 01 Nov 2009 22:39:06 GMT If piracy and illegal downloaders really are killing the music industry, how come more singles have been sold this year than ever before and people who file-share spend more money on legal releases than those who do not file-share?

I have to admit, it's not been a good week to be on the side of law and order and the established way of things as far as the music business is concerned. While the UK Government pushes ever onwards with the Digital Economy Bill which promises a robust legal and regulatory framework to deal with illegal file-sharing, and continues to insist that illegal downloading is a real threat to the music industry, figures have been released which seem to undermine the official 'three strikes and your out' to save creative output position.

According to the Daily Mail a newly published study shows that, in the UK at least, those who download illegal music actually spend considerably more on buying legal music than those who do not admit to illegal downloading. When it comes to music singles and albums, the illegal downloaders spend an average of £77 per year on official releases while people who say they have never downloaded any music illegally spend only £44 per year.

Of those asked, around two thirds would stop downloading illegally if music download services were cheaper. Just reducing the cost to 45p a track could double the sales of legal downloads it would seem. Add to this the fact that 42% of people said they download illegally to try before they buy, and 83% insist they buy more music as a result of such downloading, and you get the feeling that the music industry needs to be examining new music distribution business models and exploiting them rather than applying the big stick with fingers in ears going la la la approach.

The British Phonographic Industry, the UK music industry trade association, reckons that illegal downloaders will cost the music biz around £200 million in lost sales by the end of this year. Yet at the same time it is being reported that the BPI is also saying that 2009 will be the biggest year ever as far as sales of singles in the UK is concerned. The previous record for most single records being sold was et, er, last year in fact. Even more proof, were it needed, that illegal downloads are simply not killing the music business as is constantly being suggested by the industry powers that be. ]]> eCommerce happygeek http://www.daniweb.com/forums/thread235178.html News Story Trick or Treat Security Scares http://www.daniweb.com/news/story234435.html Thu, 29 Oct 2009 13:36:34 GMT You probably call it Halloween, for myself and other pagans it is Samhain (http://en.wikipedia.org/wiki/Samhain), but for the cyber-gangs it is phishing time. Seasonally-themed spam is on the up at this time of the year, Halloween related messages accounting for 0.5% of the daily spam traffic by... You probably call it Halloween, for myself and other pagans it is Samhain, but for the cyber-gangs it is phishing time. Seasonally-themed spam is on the up at this time of the year, Halloween related messages accounting for 0.5% of the daily spam traffic by volume in mid-October according to the latest Symantec MessageLabs Intelligence Report.

Currently, with the 'Witch's New Year' Sabbath itself coming this weekend, there are some 500 million emails circulating worldwide and the majority of the Halloween spam is originating from the Rustock and Donbot botnets. Most of this would appear to be pointing towards pharmaceutical sites and rogue/counterfeit software sites.

"As is typical with spammers this time of year, we are seeing them try to capitalize on the holiday season" said MessageLabs Intelligence Senior Analyst, Paul Wood. "Although they may be a bit overzealous, spamming is a numbers game and the spammers have certainly succeeded with volume thus far. Perhaps their early-bird approach is an attempt to compete with the other botnets and get in early to maximize their chances of success."

This month has also seen a batch of intercepted event-related advance-fee fraud spams, mostly relating to the 2010 football World Cup in South Africa which try and get the target to pay an up front fee in order to supposedly receive their prize draw winnings.

The October phishing activity has been 1 in every 293.7 emails, an increase of 0.11% since September but a drop of 10.5% if looked at as a proportion of all email-borne threats.

When it comes to viruses, October has seen the global ratio of email-borne viruses in email traffic from new and previously unknown bad sources increase by just 0.18% from September to 1 in every 230.8 emails. However, only 19.2% of email-borne malware contained links to malicious websites, which is a huge drop of some 20.6% from the previous month.

Geographically speaking, Denmark was the most spammed country with levels of 96.2 percent of all email, with the US on 94% and the UK on 93.3% while China tops the virus activity charts though, with 1 in every 80.7 emails being infected. ]]> Viruses, Spyware and other Nasties happygeek http://www.daniweb.com/forums/thread234435.html News Story Firefox by the numbers: 30 million new users in just 8 weeks http://www.daniweb.com/news/story233983.html Tue, 27 Oct 2009 23:31:34 GMT Some Twitter postings just demand you read them two or three times to take in what is being said in 140 characters. One such posting was made today by Mozilla CEO John Lilly which simply said: "Firefox user growth has been amazing last 8 weeks or so. +30M or so unique monthlies"

That's worth repeating, 30 million new users for Firefox in an 8 week period. Wow!

Tristan Nitot, President of Mozilla Europe, confirmed the figures when speaking to ZDNet in the UK. Nitot explains that it can calculate the number of users per month by multiplying the active daily users by a factor of three to allow for those days when they are not actually browsing the web. In confirming that Mozilla has seen a "significant increase" in Firefox user numbers, Nitot said "Firefox checks for new versions every 24 hours, when it's running, and when it checks, it pings the Mozilla server. We count the number of pings."

The figures collected show that Firefox now has some 330 million monthly users, and increase over the last eight weeks of some 10 million daily users on average. Although the numbers look good for Mozilla, and the latest global market share statistics suggest it is up around 3% from this time last year, it only has 23.75% of that world share. Microsoft, on the other hand, is in decline with a loss of 5% share during the same period, but crucially Internet Explorer still commands an impressive 65% of the market. That share does vary from country to country though, and Firefox rules the roost in 17 European countries for example. ]]> Web Browsers happygeek http://www.daniweb.com/forums/thread233983.html News Story Google, Bing and Twitter sitting in a tree... http://www.daniweb.com/news/story232243.html Thu, 22 Oct 2009 09:36:49 GMT Forget the Windows 7 launch, the real big news from Microsoft this week is that it has reached a deal with Twitter to include real-time tweet data in Bing searches. If that wasn't excitement enough for the Twitterati, just a few hours after Microsoft made its announcement Google joined in and announced that it too had reached an agreement with Twitter to do the same.

If you still play buzzword bingo, then forget Web 2.0 or even Social Media if you want to score big points, the buzzword today has to be Real Time Web. And that is what has got both Microsoft and Google so excited, the notion of capturing and enabling access to data in real time. It is something of the Holy Grail as far as search is concerned, and something which the deals with Twitter makes a little more of a reality.

In an announcement on Wednesday Microsoft was positively gushing over the glory of Twitter, stating "Twitter is producing millions of tweets every minute on every subject you can imagine. The power of those tweets as a form of data that can be surfaced in search is enormous. Innovative services like Twitter give us access to public opinion and thoughts in a way that has not before been possible".

Which is why Microsoft was pleased to announce that "we now have access to the entire public Twitter feed and have a beta of Bing Twitter search for you to play with" which is great, and you can try the thing out here. Assuming you are in the US that is. The great real time global news and opinion feed that is Twitter is only available to Americans for now. The logic behind that particular decision escapes me, so if anyone from Microsoft, or on the Bing team, cares to comment here and explain I'm ready and waiting.

I am also ready and waiting for the Google Twitter Search which is not just available for the US audience. In fact it is not even available for the US audience, or any other for that matter. All Google has done is quickly react to the Microsoft announcement and let everyone know that it too has done a deal with Twitter to try and take some of the sting out of Bing beating them to the PR punch.

"We believe that our search results and user experience will greatly benefit from the inclusion of this up-to-the-minute data" says Marissa Mayer, Vice President of Search Products and User Experience at Google, who continues "we look forward to having a product that showcases how tweets can make search better in the coming months".

Coming months? Looks like Microsoft really has stolen a march on Google this time. Another feather in the Bing bonnet, but one that may well blow away when Google does get that Twitter search integration sorted. I just hope it doesn't take too long to archive and index the 5 billion tweets that have already been tweeted, and the millions more that are being added every day. ]]> Search Engine Optimization happygeek http://www.daniweb.com/forums/thread232243.html News Story 5 Billion Tweets! http://www.daniweb.com/news/story231619.html Tue, 20 Oct 2009 10:13:10 GMT GigaTweet (http://popacular.com/gigatweet/) has been counting the total number of messages posted to Twitter in real time, and the rolling count is almost hypnotic. Overnight the 5 billionth Tweet was posted. So what was it? Perhaps someone speaking out... GigaTweet has been counting the total number of messages posted to Twitter in real time, and the rolling count is almost hypnotic. Overnight the 5 billionth Tweet was posted.

So what was it?

Perhaps someone speaking out against corporates trying to gag freedom of the press again? Nope.

Maybe another campaign kicking off against insensitive and homophobic ranting in the Daily Mail newspaper? Nope.

Must be an anarchist orchestrating a protest movement then? Nope.

Which surely only leaves the willy waving celebrity crowd, was it one of them letting us know they had eaten dinner with another celeb and were off to bed now? Nope.

It surely wasn't me, @happygeek, saying something profound? Nope, no chance of that I am afraid.

Actually, the 5 billionth Tweet was something of a let down, yet a refreshing reminder that the real power of Twitter is with ordinary users having ordinary conversations with their ordinary friends.

It would appear that Tweet 5,000,000,000 was posted by one Robin Sloan (@robinsloan) in reply to a user called @sexysloan9912e, and simply said "Oh lord".

Indeed. ]]> Social Media and Online Communities happygeek http://www.daniweb.com/forums/thread231619.html News Story Gary McKinnon wins extradition reprieve for psych review http://www.daniweb.com/news/story231374.html Mon, 19 Oct 2009 11:01:16 GMT Just when it looked like every avenue to prevent the extradition of self-confessed NASA Hacker Gary McKinnon had been exhausted, especially when just last week a couple of High Court judges denied him leave to appeal his case to the highest court in the UK, it looks like the hacking cause célèbre... Just when it looked like every avenue to prevent the extradition of self-confessed NASA Hacker Gary McKinnon had been exhausted, especially when just last week a couple of High Court judges denied him leave to appeal his case to the highest court in the UK, it looks like the hacking cause célèbre has got a reprieve.

In an unexpected twist, Home Secretary Alan Johnson has delayed the extradition proceedings while he considers the medical evidence. Diagnosed with Asperger's Syndrome, it has been argued by the Free Gary campaign that to send him to prison in the US would be the equivalent of signing his death warrant.

Certainly there seems to be a groundswell of opinion (both here and in the US) that were McKinnon tried in the UK he would most likely face a more lenient sentence. I myself have argued that he should face the music, as it were, in the UK rather than the US. I recently stated right here on DaniWeb that "I seriously doubt that McKinnon could get a fair trial in the US where he has already been branded a fugitive from justice (for merely going through the legal process of appealing against an extradition order, something to which he has every legal and moral right) and various government and military mouthpieces have made it quite clear that they think the book should be thrown at him and McKinnon should get 'what he deserves' which would appear to be 60 years in a supermax prison apparently".

However, I have also made it quite clear that I believe McKinnon should not be let off with a slap on the wrist. He has broken the law, he admits as much, and must face the consequences - Asperger's Syndrome or not. This has, let's face it, been dragged out long enough now. McKinnon was arrested way back in 2002 and the 43 year old needs to be prosecuted and tried in a court of law so that he, and everyone else, can move forward. ]]> Network Security happygeek http://www.daniweb.com/forums/thread231374.html Product Review Kitsound X5: An iPhone vibrator everyone will want to play with http://www.daniweb.com/reviews/thread231357.html Mon, 19 Oct 2009 09:58:45 GMT Attachment 12191It's just small enough to fit into your pocket, uses a specially developed high-tech gel and vibrates like crazy. But this latest must have addition to the iPhone accessories cupboard is no sex toy: this is the Kitsound X5 Surface Speaker, and oh boy does it pack a satisfying punch.

The trouble with most portable speakers is they are either not actually portable, as in not pocket-sized unless you happen to be wearing a pair of MC Hammer trousers, or not actually any good. We've all heard the idiots on the beach or in the park with their tinny little travel speakers pumping out about as much bass as my mum playing a kazoo.

The rule of audio thumb being, of course, that the bigger the speaker the deeper the bass it will provide. Which does not bode well for pocket-sized speakers, now does it? One technological concept which attempted to get around this limitation was the surface speaker. Any number of these have popped up over the years and I've tried a few of them. They all apply the same basic premise, that you attach the speaker unit to a flat surface and the resonating of that surface adds the size and thus the bass to the sound. Unfortunately, while some have been a disaster and others have been OK, none have actually managed to deliver on the promise of a true take it anywhere and put it on pretty much anything to get blown away by the bass portable speaker.

Until now, that is.

I've just spent a couple of weeks in the company of the Kitsound X5 Surface Speaker which, frankly, I'm not happy about having to give back now the review period is over. Damn it, I might actually have to go and shell out £40 and buy one of these things - and that only applies to less than 5% of the gadgets I have ever reviewed. So what has grabbed my attention and loosened my wallet in this case?

First of all, the Kitsound X5 is reasonably small at 160 x 60 x 27mm and weighs a just 194g. So that sorts out the portability issue, this one definitely is pocketable although it's more jacket friendly than a trouser item to be fair.

Then there are the looks, which are distinctly not the usual plasticky pocket speaker affair that you might expect. what you probably were not expecting was this small rubberised black brick with a glossy black top (complete with square holes in a depleted Space Invaders formation) and a squidgy bottom. It actually looks really rather cool, in a minimalist kind of a way. I like that. A lot.

Especially when you plug it in and ramp up the sound from your iPhone, or iPod, or pretty much any MP3 player or laptop for that matter. Nobody was expecting the Spanish Inquisition and nobody was expecting this harmless looking little device to blow the bloody doors off either!

The secret is twofold: first there is the patented high-tech SFX GEL AUDIO layer on the bottom of the speaker, developed in the UK to amplify the sound through any item with a natural resonance; and then there is the item upon which you plop the Kitsound X5 itself.

Which is where the fun really starts as you explore your surroundings to see, or rather hear, which items produce the best sound and the biggest bass kick. Hold it against a large window and you'll be blown away, try a desktop or the fridge door and you'll be surprised. I cannot start to tell you how amazed I was to hear the sound coming out of my toilet when my 11 year old son tried it on the toilet seat lid!

I have listened to music through a biscuit tin, saucepan, car roof and even a hollowed out tree trunk and been pleasantly surprised with not only the real depth of bass and lower midrange (what one of my colleagues described using the audio engineering technical term of 'well fat man') but also the balance provided by a second hidden speaker covering the upper midrange and higher frequencies. The frequency response is 40Hz-20KHz in case you wondered.

All of which is as much use as a one-legged man at an **** kicking party if the battery runs out after 10 minutes or you need to carry a supply of Duracells around with you in another pocket. Thankfully, the Kitsound X5 has the power side of things covered by using a built-in Lithium Ion 700mAh battery which promises 20 hours of continuous play from a single charge and delivered 17.5 hours on test here, which is actually still pretty impressive.

In the box you get a bunch of mobile phone and MP3 device adaptors, and I am reliably informed these will mean it can work with most LG, Nokia, Samsung and Sony Ericsson phones as well as your iPhone and iPod or any MP3, laptop or device with a headphone jack. There's a hard case which is nice for suitcase travel but not really designed to be trouser friendly, oh and a USB charging cable to keep the battery going.

If there was anything that could be classed as a downer for the Kitsound X5 it would have to be that at low volumes the sound is marred by the noise of the vibrations as it uses the resonance of whatever it is sitting upon at the time. Of course, the answer to that problem is simple: ramp up the volume and pump up the bass!

The Kitsound X5 is available now from the likes of Amazon or Play, costs around £40 ($65) and if I were giving it points out of ten would earn a well deserved 9.

Attached Images

kitsoundx5.jpg (132.5 KB)

]]> Cellphones, PDAs and Handheld Devices happygeek http://www.daniweb.com/forums/thread231357.html News Story Mozilla says Microsoft browser malware can Firefox off http://www.daniweb.com/news/story231169.html Sun, 18 Oct 2009 13:21:34 GMT Odd isn't it, how Microsoft kicked up a fuss when Google announced the Chrome plugin for Internet Explorer on the grounds that it could make the browser more insecure. Indeed, it went as far as to suggest that it doubled the potential surface area for malware and scripted attacks. Yet, amazingly, Microsoft sees no such problem with installing a plugin into the Firefox browser. What's more it is installed without asking the permission of the user and, he says with more than a hint of irony, it left Firefox vulnerable to a drive-by exploit.

This is nothing new, as those with a memory for such underhand shenanigans will recall, as Microsoft started 'silently' installing a .NET Framework Assistant extension for Firefox users earlier in the year. The sting at the time was that it could not be uninstalled, and when an uninstall option was provided (after much media attention) it managed to break some other Firefox extension during the uninstall process.

So imagine the surprise when numerous Firefox users were presented with an 'Add-ons may be causing problems' popup when they had not added any new extensions. That popup quickly explained what was going on (see screenshot) determining that the Microsoft .NET Framework Assistant 1.1 may be "unstable or insecure". Given the option to restart Firefox so that the add-on could be disabled most punters would, I suspect, jump at the chance.

People have a right to be angry both at Microsoft for plugging something into a non-Microsoft browser client which could impact upon the security of that client, and doing so without their knowledge or prior consent I might add, but also with Firefox for allowing this silent installation in the first place.

But why the fuss now, when this plugin was pushed out some months back? Well it all boils down to the recent big Patch Tuesday roll out from Microsoft. On Tuesday Microsoft warned that unless Firefox users had installed the appropriate Internet Explorer patch then they would be vulnerable to an exploit enabled by a .Net Framework Assistant extension bug. Microsoft stated that installing Tuesday's MS09-054 patch protected all users from the exploit, no matter the attack vector, including Firefox users.

Mozilla responded, quite correctly, by telling Microsoft to Firefox off. It automatically turned on a system to block the extension for all Firefox users. Mike Shaver, Vice President of Engineering with Mozilla, explains "Because of the difficulties some users have had entirely removing the add-on, and because of the severity of the risk it represents if not disabled, we contacted Microsoft today to indicate that we were looking to disable the extension and plugin for all users via our blocklisting mechanism. Microsoft agreed with the plan, and we put the blocklist entry live immediately."

The thing is, if you silently or stealthily install software which impacts upon the security of the user, without that users knowledge or prior consent, isn't that called malware?

Attached Images

firefox-says-no.jpg (14.1 KB)

]]> Web Browsers happygeek http://www.daniweb.com/forums/thread231169.html News Story World ad-supported first as C4 lets you see more on YouTube http://www.daniweb.com/news/story230391.html Thu, 15 Oct 2009 12:42:24 GMT UK broadcaster Channel 4 has signed a deal with YouTube to bring full TV programmes online, streamed for free. It's the first time that any broadcaster in the world has made such a comprehensive schedule of 'catch-up' programming available for free via YouTube.

Of course, when I say free I mean ad-supported but that's only to be expected. With YouTube now serving some one billion video streams a day, it makes commercial sense to increase your advertising reach in this way. Financial terms are not being disclosed, but the partnership runs for an initial term of at least three years on a shared revenue basis. We do know, however, that the deal is non-exclusive, allowing Channel 4 to continue distributing its 4oD service via its own website and other third party sites.

According to the press release from Oliver Rickman, manager for Google UK Communications and Public Affairs, the terms of the deal mean that "Channel 4 will make its 4oD video-on-demand ‘catch-up’ service of new programmes available via YouTube shortly after television transmission, including series that have already proved particularly popular with online audiences such as Skins, Hollyoaks, The Inbetweeners and Peep Show".

As well as that, YouTube users will also be able to access around 3,000 hours of full length programming from the Channel 4 archive at any given time, including shows like Brass Eye, Derren Brown, Ramsay’s Kitchen Nightmares, Teachers to name but a few.

Although the service will not be available in full until early next year, content is expected to start dribbling through in the coming weeks and months.

Andy Duncan, Channel 4’s Chief Executive, said: “Channel 4 was the first broadcaster anywhere in the world to make all its commissioned content available online and we’ve consistently pioneered in this field. This strategic partnership is another important milestone for us and we’re delighted to be combining the power of the ‘4’ brand and the appeal of our content with YouTube’s unrivalled reach and reputation online. Making our programmes directly accessible to YouTube’s 20 million UK users will financially benefit both Channel 4 and our independent production partners and help bolster our investment in quality British content. It demonstrates our ability to strike dynamic commercial partnerships to help underpin our future as a commercially funded, not-for-profit multi-platform public service network.” ]]> Advertising Sales Strategies happygeek http://www.daniweb.com/forums/thread230391.html Product Review CoPilot for iPhone - updated app reviewed in depth http://www.daniweb.com/reviews/thread230373.html Thu, 15 Oct 2009 11:24:54 GMT CoPilot Live 8 Mobile Navigation on the iPhone has been a runaway success at the App Store, consistently keeping ahead of its TomTom rival in the 'top grossing' app charts at least in the UK Store. It arrived first and costs half as much as the TomTom app, but is it better?

If you had asked me that question a month ago then the answer would have been a resounding no. Extensive testing showed up huge problems in keeping a GPS lock and the app even refused to start half the time I wanted it to. But then, just as I was about to post a truly damning review, something happened: a brand new update appeared at the App Store, promising to fix the problems.

I've now driven nearly 1000 miles with CoPilot on the iPhone, and can report whether the promise has been fulfilled.

After much complaint, the truly awful CoPilot keyboard has been replaced by the app making use of the proper QWERTY iPhone keyboard instead. Although this might seem like a little thing to those of you who never used it, believe me the previous keyboard was a non-QWERTY atrocity that made any attempt at data entry (like inputting a destination address for example) into a time consuming, fiddly, nightmare of epic proportions. So well done to ALK for listening to its users and replacing that, it makes getting to a destination that little bit quicker and, really, isn't that the whole point of a satnav? Oh, and talking of little things that make a difference, you can now turn off those annoying 'beeps' when pressing any of the on-screen configuration buttons!

ALK has also updated the integration with the iPhone contacts book, and this does actually seem to work now. It had no trouble at all in finding every single one of my contacts when asked and plotting a route directly to them. Like the QWERTY keyboard, this improvement now puts CoPilot on an equal footing with arch-rival TomTom (see my TomTom for iPhone review here) as far as this functionality goes. CoPilot also now has the ability to properly and reliably recall your destination after you take an incoming phone call, something that TomTom has been doing well since the first release.

Unfortunately, although the update promises an "improved GPS performance in walking mode" as well as more general "GPS reliability improvements" I am afraid that my testing proved to be something of a hit and miss experience. For sure one area which has seen a major improvement, in fact changed beyond all recognition compared to my experience of CoPilot before the upgrade, is that of start up and time to locate. Beforehand, I would find myself finding something else to do while the app tried to get past the starting flash screen. Unless it was a cloudless day it would often actually refuse to go any further at all, one assumes because it was waiting to lock on to a GPS signal.

Now, however, not only does CoPilot start up very quickly indeed, and grab my location within a few seconds, but it can perform this trick indoors with the curtains closed. I am assuming that it gets a little help from the mobile network signal, but that is pure guesswork on my behalf.

On the road things are also vastly improved, with CoPilot now being able to accurately keep up with my movements (most of the time) and the stuttering performance of old has gone. I was impressed that the GPS now has no problems keeping a lock even in very bad weather conditions such as heavy rain and thick cloud.

So why the use of 'unfortunately' when I introduced the subject of GPS then? Well that comes back to the 'most of the time' reference just now. Where CoPilot let me down was when I was driving very slowly, you know, as you do when traffic is really heavy in town. If your speed drops down below 5 miles per hour then CoPilot assumes you have stopped and so the tracking pointer turns back into the annoying red puck and just sits there while you continue to slowly move forward.

Of course, this means that if you are in a long queue of slow moving traffic then CoPilot does not bother to tell you that you needed to take the next left because it thinks you are stationary.

But it seems this is not a bug, but a feature. Other users have complained about this behaviour and have been told that it is a deliberate 'dead reckoning system' designed so as not to spin the map when you are stationary at a traffic light. The position simply does not get updated if you are driving at less than 5 miles per hour.

Sorry, but I just don't get this. Mainly due to the fact that TomTom and other satnav systems manage to keep tabs on my position when I am stationary or crawling along and also manage to inform me that I need to turn even if I am moving at 4 miles per hour at the time. Guess what? I've never seen a satnav map spinning at traffic lights either!

Overall though, GPS performance was acceptable and managed to get me to my destinations. Eventually. Ah yes, which brings me to the mapping and route calculations bit. No matter which routing option I took, be that the quickest, the shortest or the most economic (nice feature that one, by the way) it steadfastly refused to take me on what I know to be the best route home from a number of locations.

To be brutally honest, some of the suggested routes were just downright bizarre. Either adding miles or minutes to a journey. Unlike the TomTom app with its IQ routes feature which, on the 1 out of 10 times tried taking me on an unintelligently routed journey, would get the hint pretty quickly and re-route me where I expected to be going, CoPilot just kept trying to get me to turn around and get back on the wrong route.

OK, I appreciate that a satnav is not intended to be used when you know where you are going and CoPilot certainly managed to get me where I wanted to go every time, but using one on known routes is a good measure of how the machine thinks during a review test and I have to say I was somewhat disappointed with CoPilot.

This disappointment was carried into usage despite the update notes telling me that a number of additional "stability/performance improvements" had been made. Perhaps I was not looking in the right places, but my application displayed some buggy behaviour such as the route progress bar sticking halfway and refusing to budge. I also saw this message more than once "Error: CoPilot failed to find a valid route to your destination" which surprised me as I had reached my destination at the time. It seems to be a bug associated with the display of the hugely annoying "would you like to return to your trip's origin' message that is shown when you arrive somewhere (why would I want to go back, I've literally only just arrived!) as this triggers the appearance of the FAIL message for me.

Please, don't get the impression that I hated everything about CoPilot on the iPhone, I really didn't. In fact there are some features which I really loved. The 'Live Services' which are starting to appear for example. At the time of testing I could get a live weather report for my local vicinity, at my destination or for any city I wanted to key in. The weather data, provided by AccuWeather.com, seemed to be pretty accurate whenever I looked at it. The roadside assistance button was also active, one click showing your location both in terms of address and lat/long coordinates (and a mapping display option) meaning that the emergency services or your recovery service will be able to find you without hassle. If you belong to the AA, even better, as there's a big 'call' button to enable one click access to the breakdown call centre. Oh, and the speed camera detection database is pretty good, giving a nice clear warning as you approach one.

There's no live traffic information yet though, but I am told that this will be available "via in-app purchase... towards the end of this month or early November". The App Store approval process is being blamed for there not being an exact date that this will become available, which is fair enough. I was unable to get any idea of pricing for the Live Traffic service before publication of this review. As soon as I know I will post the pricing as a comment.

The user interface was something of a mixed blessing as far as I was concerned. I like the big and easy to click buttons, dividing the screen into six squares. I like the destination setting options of address (including full seven digit postcode on the UK and Ireland maps I was using), points of interest, iPhone contact, intersection, coordinates (unlikely to ever use this but I guess it's nice to know it is there if I did need it) and finally the ability to pick somewhere right off a map. Oh, there's a favourites option in the 'My Places' section of course where you can allocate a home and work address to big buttons along with recent destinations and other favourite trips. Hitting the Quick Stop button lets you quickly find a petrol station, restaurant, hotel or garage for vehicle repair and hitting the Save Current Location buttons does just that.

What I don't like about the interface is the actual mapping screen itself. The lack of an auto-zooming feature means that it is not as easy to see where you are going compared to the TomTom application, and the information bar is far less informative no matter how you configure it. The bottom line, during hours of real-world driving on test here, is that the CoPilot screen just does not offer the same clarity on the move as the TomTom. The roads are rendered smaller by default and I don't want to be tapping zoom buttons on the move!

Some of the voice instructions could also be better with CoPilot. Case in point, one junction I use regularly is an offset crossroads if that makes sense, so you need to turn left and then immediately turn right. TomTom tells me to turn left and then turn sharp right, whereas CoPilot directs me to turn left and completely ignores the turn right bit. If I were following the route it would take me in the wrong direction and then have to route me back, a detour of more than a mile!

I must also mention battery life and heat while comparing the two iPhone satnav apps. Both are, naturally enough, huge consumers of your iPhone power resources and an in-car power adaptor is essential. However, while the TomTom cost me 45% of battery capacity (as reported by my iPhone 3GS itself) over the course of one hour driving, the CoPilot cost me 60% in the same time. When it comes to heat, the iPhone gets quite warm after TomTom has been doing its stuff for 15 minutes or so. For reasons I do not understand, it gets much warmer and you could even describe it as quite hot, when the CoPilot app is running for the same amount of time. This is a completely unscientific observation based upon how hot my ears felt when answering a phone call after using each app for the same period of time!

So, to sum up then, there's a lot to like about CoPilot Live 8 Mobile Navigation on the iPhone. Not least the stunning value for money that it represents when compared to TomTom which costs more than twice as much as CoPilot. The UK and Ireland application cost £59.99 for TomTom and yet just £24.99 for CoPilot.

But, despite this newly updated application being made available, it does still feel like something of a work in progress. There are bugs to be ironed out and some more tweaking required to the GPS functionality before I would be happy using it as my in-car satnav solution. At this point in time, of the two, it is TomTom I reach for the most when I have not got my standalone Satnav device with me. Neither are good enough yet for me to want to lose my dedicated in-car satnav though, thanks very much.

If I was giving it a rating out of 10, CoPilot for iPhone would currently be a 6.

Attached Images

	copilot001.jpg (88.3 KB)
	copilot002.jpg (100.2 KB)
	copilot003.jpg (64.9 KB)
	copilot004.jpg (117.5 KB)

]]> Apple Hardware happygeek http://www.daniweb.com/forums/thread230373.html News Story Spam fighting Europeans must do better http://www.daniweb.com/news/story229532.html Mon, 12 Oct 2009 13:03:08 GMT The European Commission has called on EU member countries to do more, and do better, in fighting spam and other online privacy threats. In a newly published study... The European Commission has called on EU member countries to do more, and do better, in fighting spam and other online privacy threats. In a newly published study, commissioned by the EC, it was revealed that almost all EU countries have at least one spam, spyware or malware reporting site for members of the public.

Yet the actual number of prosecuted cases, or occasions of imposed sanctions against privacy lawbreakers, varies considerably from member country to member country despite the EU-wide ban on spam. European law has actually banned spam and spyware since 2002, although you wouldn't know it considering that some 65% of European citizens are still plagued by both. And, of course, that apparent different interpretation of the law between members.

In the report an analysis of some 140 enforcement cases from 22 different member countries highlights the considerable differences between the number of cases per country and the fines imposed. The highest numbers of cases were reported in Spain (39), Slovakia (39) and Romania (20). The highest fines were imposed in the Netherlands (€1 000 000), Italy (€570 000) and Spain (€30 000). However, spammers in countries such as Romania, Ireland, and Latvia received modest fines ranging from hundreds to several thousand Euros.

The EU Commissioner for Information Society and Media, Viviane Reding, says that the figures "show that several EU countries are doing more to enforce online privacy rules" but concedes "spam is an area where we can and must improve for the benefit of internet users in the EU".

Reding argues that the EU needs to step up the fight against spammers and make sure that it adopts "legislation that provides for strong civil and criminal sanctions against spammers".

Not least, I would have thought, a better system of Europe-wide cooperation between countries in order to enforce the law and brings perpetrators to book. The report suggests that the level of cooperation also currently differs strongly between EU countries, with agreements existing in Belgium, Cyprus, Estonia, France, Germany, Italy, Latvia, Lithuania, the Netherlands, Romania and the UK. Luxembourg and Malta, however, rely purely on informal cooperation. Others seemingly do not cooperate at all.

"I call on EU countries to reinforce their national efforts to fight on-line privacy threats such as spam, spyware and malicious software" Reding concludes "If we can end the spam plague within Europe we will set the example for our neighbouring countries and other parts of the world which are as responsible for spam we receive in Europe".

With spam figures rising and the spammers always quick to adapt to changing market conditions, something needs to be done and done soon. ]]> Viruses, Spyware and other Nasties happygeek http://www.daniweb.com/forums/thread229532.html News Story Twitter gets knickers in a twist over security scare http://www.daniweb.com/news/story229498.html Mon, 12 Oct 2009 11:08:45 GMT I love Twitter, and post a lot of links to security related stories via my @happygeek (http://twitter.com/happygeek) account. But now I am getting a little worried that I might suffer the same fate as a well known, and highly respected security expert. Mikko Hypponen is a familiar face around the... I love Twitter, and post a lot of links to security related stories via my @happygeek account. But now I am getting a little worried that I might suffer the same fate as a well known, and highly respected security expert. Mikko Hypponen is a familiar face around the security conventions, and a familiar name to anyone who reads security news blogs. Mikko is the Chief Research Officer at F-Secure, and knows a thing or two about issuing security warnings.

Shame that Twitter cannot say the same.

It all started back on August 3rd when Mikko posted a tweet which simply read:

Quote:

"I guess somebody will fall for it... a desperate MySpace phishing site at www. rnyspece. com (don't go there)."

The eagle-eyed amongst you will note that Mikko inserted spaces into the URL to prevent the hard of thinking from clicking on a link to a phishing site. You might even have spotted the words 'phishing site' and the phrase 'don't go there' which were part of the posting.

Twitter, it would seem, did not spot any of these things. Although it took the micro-blogging outfit a couple of months not to spot them and suspend the @mikkohypponen Twitter account. Yes, suspended the account of a well known Internet security expert for passing on a warning about an Internet security threat. Doh. Or, as Twitter called it, strange activity. The official Twitter response when Mikko tried to access his account was a warning which read "this account is currently suspended and is being investigated due to strange activity. If we have suspended your account mistakenly, please let us know."

Mikko did just that, and got the rather patronising response from Twitter customer services of "I've unsuspended you acct. You were suspended for using the malware URL rnyspeceDOTcom in DMs. Be careful! We scan evrythng for malware." Yes, those were the Twitter customer service spellings.

Nice to know that Twitter apparently considers itself to be the security expert here. You might recall that it has been at the centre of some slack security scares itself in the recent past, such as when an employee got hacked and confidential company documents became public record. Not that I am going to dwell on such things, the issue here is why Twitter suspended the mikkohypponen account, the manner in which it did it and the nature of that customer service response.

Maybe Twitter didn't realise that Mikko was a leading security expert, after all there are millions of users of the service. Well, he told ZDNet that he had "worked with Twitter previously regarding twitter worms and such" so you might think they would remember him.

OK, but Twitter restored the account once he complained loudly about it so no harm done. Well, apart from the fact that, initially at least, Twitter did not restore the thousands of followers that Mikko had nor the people he himself followed, not to mention his Tweet archive. That has now been rectified I am pleased to report.

The above shows something of an immature system for dealing with such issues, as indeed does the customer service response which was not only patronising but I think really rather rude as well. Is it that hard to say 'sorry, we got it wrong' apologies for the inconvenience' rather than 'you've been very naughty and you are lucky we are being so nice about it' or is it just me?

Look, I'm pleased to learn that Twitter takes security matters seriously. Especially the posting of malicious links which is a real problem for it, the bad guys can and do post links to bad places. Yet the nature of the suspension would suggest that this is some kind of automatic scanning system for content deemed inappropriate or links known to be malicious. In this case I would suggest it was looking for the word rnyspece as Mikko deliberately posted a malformed URL to prevent link clicking. Again, you might think that this is a good thing, but here are two reasons why it is not.

Firstly, how come it took two months to discover the link and suspend the account posting it? If that's the time-scale involved then Twitter might as well save some resources and pull the plug on that filtering. The phishing gangs do not hang around for months, they are generally fly-by-night types with sites up and down like a whore's drawers.

Secondly, what about the retweet situation? Twitter itself states, in a blog posting regarding Project Retweet which will bring official support to retweeting, that "The open exchange of information can have a positive global impact and the more efficient dissemination of information across the entire Twitter ecosystem is something we very much want to support." Well, it has a funny way of showing it. If you suspend someone for posting something inappropriate, what about anyone who retweets that posting? If the filtering system is, indeed, automated then rewteeters are surely also at risk of suspension. ]]> Social Media and Online Communities happygeek http://www.daniweb.com/forums/thread229498.html News Story Netscape Communicator is born again http://www.daniweb.com/news/story229484.html Mon, 12 Oct 2009 09:50:41 GMT Remember when a web browser was so much more than just a web browser? It seems that the days of the all-you-can-eat Internet suite are back as the SeaMonkey 2.0 release code (http://www.seamonkey-project.org/releases/2.0rc1) is made available to download. There was a time when Netscape ruled... Remember when a web browser was so much more than just a web browser? It seems that the days of the all-you-can-eat Internet suite are back as the SeaMonkey 2.0 release code is made available to download.

There was a time when Netscape ruled the online world, but you have to be something of an Internet veteran to remember it to be honest. Back in the day, and that would be 1997 if my memory serves me well, Netscape Communicator was the only browser in town but it wasn't only a browser. You got email in the form of Netscape Messenger which also included a Usenet News client, and address book, a calendar and even an HTML editor known as Netscape Composer.

That was before Mozilla came along with Firefox and declared war on browser bloat. Now, as the likes of Google with the Chrome browser have stripped back to the basics, the circle of online life has been completed. Yes, the SeaMonkey Council is adopting the bloatware principle and brings you an all-in-one Internet suite. There's the familiar web browser, of course, but also a Mail and Newsgroups client with spam controls built in, an IRC 'chatzilla' client and, oh yes, the SeaMonkey Composer for HTML editing.

The big question remains, to be fair, does anyone actually want this kind of Internet application suite anymore? To be honest if I wanted a bloated browser I would still be using Internet Explorer. Oddly, back at the start of 2005 Mozilla itself didn't seem to think anyone wanted bloated browsers either. On March 10th, 2005, the Mozilla Foundation said that the Mozilla Application Suite (as it was then) would not have any more releases. The pretty sound reasoning being that it needed to concentrate on Firefox and Thunderbird as people wanted standalone clients. The development door was left ajar, however, with the SeaMonkey Council taking over the project and release management allowing community members to continue pushing the concept and the code forward.

So why do I say that Netscape Communicator has been born again? Well I have a very long memory, and was indeed around working online at the time, and can recall that while Netscape Communicator 5 never actually saw the light of day it did have a code name. That code name was SeaMonkey... ]]> Web Browsers happygeek http://www.daniweb.com/forums/thread229484.html News Story The Return Oriented Programming Hackers http://www.daniweb.com/news/story228659.html Thu, 08 Oct 2009 20:21:06 GMT Want to know how to fix an election without resorting to bribery and corruption? Ever thought about throwing some Return Oriented Programming into the voting equation? Ordinarily, the hacking into of an electronic voting machine might spark a little bit of interest if there were an election... Want to know how to fix an election without resorting to bribery and corruption? Ever thought about throwing some Return Oriented Programming into the voting equation?

Ordinarily, the hacking into of an electronic voting machine might spark a little bit of interest if there were an election looming perhaps. That said, the potential insecurity of such machines can happily be filed under old news.

However, my attention was grabbed by the paper (Can DREs Provide Long-Lasting Security?) from a bunch of security researchers based at the Universities of California, Michigan and also Princeton. Not least because while it did, I admit, involve revealing how a Direct Recording Electronic voting machine had been hacked it also described something called Return Oriented Programming. Also, much of the research that has gone before when it comes to the security of voting machines tends to rely greatly upon having access to source code. The researchers say that they hope their results "go some way towards answering the objection, frequently raised by vendors, that voting security researchers enjoy unrealistic access to the systems they study."

The DRE voting machine in question, a Sequoia AVC Advantage, dates back to the 80's so maybe it is not that surprising that it can be hacked today. However, that does not make it an easy target: the thing employs numerous safeguards such as separating data and code, and throwing up a non-maskable interrupt error if someone were to try and execute injected code in RAM (the actual executable code for this machine is held in ROM). Nor does it make the research irrelevant, as the team states in its paper "because the development, certification, and procurement cycle for voting machines is unusually slow, the service lifetime can be twenty or thirty years."

Yet the research team are insistent, courtesy of Return Oriented Programming techniques, that if someone used the same techniques as they describe it would be possible, assuming they had access to the machine in the first place, to replace the installed election application with one of their own which could manipulate the voting in any way the attacker wished.

"The Z80 instruction set is very dense. Every byte is either a valid opcode or is a prefix byte. As there are no invalid or privileged instructions, instruction decoding of any sequence of data always succeeds" the researchers explain in their paper, adding "This density facilitates return-oriented programming since we can exploit unintended instruction sequences to build gadgets — a sequence of pointers to instruction sequences ending with a ret." By using a stack that is made up of code snippet addresses the researchers were able to show how they can recreate what are, for all intents and purposes, arbitrary programs. It's clever stuff, using a bog standard buffer overflow within the program code to create the stack and having a ret instruction triggering one ret after another in order to execute the vote rigging code itself.

The team have managed to demonstrate that an attacker could exploit vulnerabilities in one particular voting machine in order to install vote-stealing malware using a maliciously formatted memory cartridge. The important thing being that they have done this without replacing the system ROMs and starting out with "no source code, schematics, or nonpublic documentation." The whole attack-stealing code was produced in less than 16 man-months of labour and at a cost, if replicated in the private sector of around $100,000.

Kudos to Stephen Checkoway, J. Alex Halderman, Ariel J. Feldman, Edward W. Felten, Brian Kantor and Hovav Shacham for their innovative research. ]]> C happygeek http://www.daniweb.com/forums/thread228659.html News Story The political power of Twitter challenged http://www.daniweb.com/news/story227590.html Sun, 04 Oct 2009 15:59:44 GMT It would appear that a political activist from New York has been arrested by the FBI in connection with helping orchestrate G20 summit protesters in Pittsburgh. According to The Guardian (http://www.guardian.co.uk/world/2009/oct/04/man-arrested-twitter-g20-us) the man, Eliot Madison from Queens,... It would appear that a political activist from New York has been arrested by the FBI in connection with helping orchestrate G20 summit protesters in Pittsburgh. According to The Guardian the man, Eliot Madison from Queens, has been charged with hindering prosecution after helping G20 protesters evade police by using Twitter.

Along with another man, Madison is said to have been tracked by law enforcement agents to a motel room during the summt, where he was found in front of a row of laptops and emergency frequency radio scanners.

The official police documents say that both men were using Twitter in order to "inform the protesters and groups of the movements and actions" of law enforcement during the protests. Of course, it should come as no surprise that Twitter is being used to help organise political protest if, indeed, that were the case in this instance. After all, people Tweeting have a proud and proven track record of providing information during all kinds of political disturbances around the world.

When it is someone using Twitter to report on the movements of police during a rebellion in a hostile nation then it is positively encouraged by the US authorities. However, it appears that when the political unrest is nearer to home (well, right inside the house, as it were) then US authorities are less accommodating of the democracy afforded by such real-time micro-blogging.

During the G20 summit the police were seen to be openly monitoring Twitter feeds so as to be able to listen in on the protesters' communication lines, but this is the first time that I am aware of arrests being made as a result of that monitoring.

If this goes to court, as seems likely, I will be interested to see the defence that Madison puts up. Especially if reports that he is a member of a group called People's Law Collective, which serves to give legal advice to protesters, are true.

The New York Post reports that Madison is also charged with criminal use of a communication facility and possessing criminal instruments.

So, is this a case of the political power of Twitter being challenged right on it's own doorstep? Let me know what you think... ]]> Social Media and Online Communities happygeek http://www.daniweb.com/forums/thread227590.html News Story Malware hosting trends exposed http://www.daniweb.com/news/story226750.html Wed, 30 Sep 2009 10:46:42 GMT Using newly registered domains with a very short lifespan to host malware websites is so last year. It would appear that these days such things are far more likely to be hosted on much older compromised web sites instead. Could this be down to a decline in domain tasting? The latest MessageLabs... Using newly registered domains with a very short lifespan to host malware websites is so last year. It would appear that these days such things are far more likely to be hosted on much older compromised web sites instead. Could this be down to a decline in domain tasting?

The latest MessageLabs Intelligence report appears to think so, suggesting that the previously widespread practise of cancelling a new domain registration within a few days 'cooling off' period has been in decline recently. Indeed, the Internet Corporation for Assigned Names and Numbers stated as much in June. The MessageLabs analysis of those websites which had been established purely to deliver malware showed that those domains classified as young, registered within three months of being blocked for hosting malicious content, are now relatively small in number. Mainly because they are discovered and taken down within the first 38 days of registration in 90% of cases. When it came to older domains that had been registered for more than three months and then compromised for malware service, MessageLabs discovered that they have a much longer shelf life: 90% are taken down after 138 days. Overall, 80% of sites blocked for serving up malware are established legitimate sites which have been compromised.

"It is not surprising that with a small window of opportunity for younger domains, the attackers register domains much faster" Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec says "suggesting that attackers are working very hard to set up new domains and compromise new websites. However, in an effort to keep up with the rapid turnover of domains, the bad guys are often serving up the same malware". Which is why it is of a greater benefit for the bad guys to compromise those existing sites rather than establish a specialised new domain for the purpose. "Fundamentally, using legitimate websites to spread malware reduces the labor for the cybercriminals and extends the lifetime of the malware" Wood explains, adding "moreover, by taking advantage of the Add Grace Period, a policy that allows scammers to register a domain at no cost and cancel after five days, ‘domain tasting’ and ‘domain kiting’ have become common practice for cybercriminals, allowing them to beat the system without ever paying for malware distribution."

The report also highlights a decrease in the global ratio of spam in email traffic from new and previously unknown bad sources in September, down 2.1% since August to 86.4% or 1 in every 1.2 emails sent. Year on year though, spam levels were up: 88.1% for Q3 2009 compared with 81.0% for Q3 2008. There was also bad news about botnets, which appear to be have well and truly recovered from the McColo takedown hiccup and are now responsible for sending a staggering 150 billion spam emails every day! ]]> Viruses, Spyware and other Nasties happygeek http://www.daniweb.com/forums/thread226750.html News Story WW2 code breakers win the lottery http://www.daniweb.com/news/story226521.html Tue, 29 Sep 2009 11:01:10 GMT Bletchley Park, the top secret code breaking hub that played a pivotal role in the outcome of World War Two, has finally been awarded development funding of some £460,500 ($735,500) from the Heritage Lottery Fund. The money will literally save the place the saved the lives of countless people by... Bletchley Park, the top secret code breaking hub that played a pivotal role in the outcome of World War Two, has finally been awarded development funding of some £460,500 ($735,500) from the Heritage Lottery Fund.

The money will literally save the place the saved the lives of countless people by shortening World War two by at least two years. With the money, the Bletchley Park Trust will be able to start plans for transforming Bletchley Park itself into a world class heritage and educational centre. The Trust now has a further two years in which to finalise the plans before submitting them to the HLF in order to raise a further £4.1 million ($6.5 million) of the total £10 million ($15.9 million) needed for the project.

One very vocal supporter of Bletchley Park, the renowned actor, author and Twitterer Stephen Fry could hardly contain his joy: "the news that Bletchley Park has the initial support of the Heritage Lottery Fund is simply wonderful" Fry enthused, adding "and yet, what should the Heritage Lottery Fund do if not exactly this? As each year passes it is becoming clearer and clearer just how vital a role in winning the war Bletchley played".

It has been a good month for code breaker fans. Just a couple of weeks ago the British Prime Minister, Gordon Brown, apologised for the prosecution and persecution of Alan Turing which ended up killing the man who led the technological fight against Hitler and the Nazis. "The Prime Minister’s apology on behalf of the nation to Alan Turing last month was the first step" Fry explains with "the government announcement in July of Commemorative Badges for Bletchley Park veterans" the second, and now the funding announcement completes a trio of good fortune.

Since 1994, Bletchley Park has been open to the public in the guise of a museum and houses the National Museum of Computing which, also this month, announced it was on a mission to restore the world's oldest original working computer. Bletchley Park Trust wants to transform the current museum into a world-class heritage and educational site that can remind us all of the profound significance of the impact its work had on the outcome of war and as a permanent tribute to its unsung intellectual warriors.

Carole Souter, Chief Executive of Heritage Lottery Fund, said "Bletchley Park is an extraordinary part of the UK's heritage. The Heritage Lottery Fund's initial support for the Trust's restoration plans demonstrates our belief that Bletchley's story should be much more widely known and appreciated. We also recognise the importance of preserving the site as a tribute to the men and women who worked there with quiet and tireless dedication during World War Two. Without their dedication, our nation's history might have been a very different one." ]]> Computer Science happygeek http://www.daniweb.com/forums/thread226521.html News Story How the music copyright debate turned into a copywrong farce http://www.daniweb.com/news/story226113.html Sun, 27 Sep 2009 13:24:48 GMT When singer Lily Allen posted a passionate plea for people to stop illegally sharing music files, and started a dedicated blog where fellow pop stars could voice their concerns over the 'theft' of their work, you might have been forgiven for thinking it would just turn into the usual bunch of rich kids moaning about how unfair it was that they couldn't buy a second Ferrari this year. However, it quickly got much more interesting than that, thanks to a large dose of double standards on the part of Allen herself.

The trouble with setting yourself up as some kind of industry spokesperson when the debate is as explosive as the music sharing one, and proffering support for a three strikes and you are out law, is that you have to be pretty damn sure of your position. While there is certainly a goodly amount of honesty, passion and common sense in what Allen says on the subject all of that pretty much disappeared up the wazoo, hidden by a smokescreen of her own making. Allen lit the match by seeming to forget that copyright and intellectual property rights apply outside of the glitzy music business. It would appear that the 'It’s Not Alright' blogger rather unfortunately posted a message to kick the whole debate off which, while explaining that copyright infringement is a bad thing, itself infringed the copyright of the person who had actually written most of it and the news site where the cut and pasted paragraphs had originally been published. There was no hint that the first half of the message had been lifted entirely from the Techdirt site, nor that it had been written by someone else; no link back to them, no credit, nothing. Not only that, but as was quickly pointed out, the site also contained images of newspaper articles scanned and reproduced as entire pages.

No wonder supporters of file-sharing, journalists and other independent observers quickly piled in to accuse the singer of displaying a bad case of poor judgement and double standards. It almost seemed like the 'we work hard to create music, don't steal it' argument was existing in a bubble where other creatives and their work were not seen as valuable or worthy of equal protection.

To make matters worse, when the inevitable criticism started to hit the fan, Allen responded not with hands up in horror at such a glaring faux pas but instead with an apology that seemed to border on the 'it was a mistake, I've done nothing wrong' kind of argument that you might hear from, oh let's see, someone accused of music file-sharing. Allen posted a rebuttal, largely in shouty upper case text, which read

Quote:

"I THINK ITS QUITE OVIOUS THAT I WASNT TRYING TO PASS OF THOSE WORDS AS MY OWN, HERE IS A LINK TO THE WEBSIITE I ACQUIRED THE PIECE FROM. Apologies to Michael Masnick.
http://www.techdirt.com/articles/20090914/0348436181.shtml"

The spelling mistakes are hers, not mine, dear reader. I note that she used the word 'acquired' rather than stole, funnily enough.

I would imagine it would be a different matter if Michael Masnick, the author of the copy that appeared on the site, were to post Lily Allen music clips on his site without crediting her as the artist, or posted those clips at all for that matter.

Also, funnily enough, that message is no longer available. Nor are any of the others that were posted to the Lily Allen blog either by Allen herself, fellow musicians such as Gary Barlow and Mark Ronson amongst others, or any of the people who commented either supporting or criticising her position. The blog has vanished, closed down by Allen it would appear according to her Twitter postings as "the abuse was getting too much."

All of which helps to perfectly illustrate just what is missing from much of the file-sharing debate, and that would be reasoned thought. There is far too much knee jerk reaction on both sides of the argument and not enough people prepared to think before they post. Only when the two camps can sit down and debate rationally will a reasonable solution emerge, and emerge it must if the music industry is to survive the business evolutionary stage it has found itself at in the 21st century. ]]> Cellphones, PDAs and Handheld Devices happygeek http://www.daniweb.com/forums/thread226113.html