Author: Adamson Rust

Third of EU is crap at web security

Nearly a third of the population of the European Union’s 27 member states caught a computer virus in 2010 because many are too daft to surf the web safely.

The figures were released today by the EU, a day before Safer Internet Day, organised by the EC-funded INSAFE. They reveal that many in Europe have a long way to go before becoming properly tech-savvy, with plenty forgoing security or parental control software and others falling for phishing attempts.

31 percent of EU citizens reported that they had contracted a computer virus in 2010, despite the fact that 84 percent employ security software, such as antivirus and anti-adware programs.

Bulgaria had the worst record for virus infections, with 58 percent reporting malware on their computers. Malta was close behind at 50 percent, while Slovakia, Hungary and Italy were not far off, with 47 percent, 46 percent and 45 percent respectively.

The lowest infection rates were reported in Austria and Ireland, at 14 and 15 percent respectively. Finland and Germany were next, with 20 percent and 22 percent respectively. The UK was in the middle ground, with 31 percent.

Four percent of EU citizens reported more serious problems of online privacy violations and personal information abuse, with Bulgaria and Spain rating worst for this kind of problem, both at seven percent. Italy and the Netherlands were close behind at six percent each.

Three percent reported financial loss as a result of fraudulent credit card use and phishing attacks targeting online banking and similar websites. Latvia and the UK were the worst at falling for these scams, at eight percent and seven percent respectively.

Despite the fact that most people used security software in the EU, Latvians, Romanians and Estonians were found to be less savvy. Only 62 percent in Lativa, 64 percent in Romania and 65 percent in Estonia used security software to protect against malware. 

14 percent of families in the EU used parental control software, with Luxembourg and Slovenia leading the charge at 25 percent each. France was next at 24 percent, while Denmark, Austria and the UK all came in at 21 percent. Five percent of all parents were shocked their children were looking at inappropriate websites in 2010. Italian and Latvian kids are randier, with parents finding 11 percent and nine percent respectively checking out the dodgier side of the web.

China, Japan, South Korea to sign investment agreement soon

China, Japan and South Korea are set to agree on an investment deal in May.

The deal marks the end of a nearly four-year long series of negotiations between the three countries, starting in March 2007. This March the thirteenth round of talks will take place, which should bring the agreement close to completion, according to The Nikkei.

The investment treaty will see the three nations chopping cross-border investment hurdles and changing foreign investment legislation and regulations to make it easier for their neighbours. This will allow much more investment freedom among the countries, which have already been stepping up their investment with each other.

Bilateral treaties already exist between some of the countries, but this move will mark the first trilateral agreement. It is particularly being pushed by Japan, which has been trying to expand its business in China and South Korea.

Japan and China already have an investment accord, but there are no protections in place for intellectual property, a problem that will be addressed in the new treaty. There will also be clauses included for addressing dispute settlements.

Given the volume of technology companies in all three countries, including Sony, Samsung, Toshiba, Lenovo and many more, the benefits of a trilateral investment treaty on the technology sector would be huge.

It is expected that the deal will come into force by the end of 2012, subject to parliamentary approval.

Meanwhile cross-Strait relations between Taiwan and China have been improving with growing trade agreements. One unnamed expat tells TechEye“Yes, the ECFA with China and Taiwan is solid now, and yes, China is thinking a very long term game. It wants to control the entire Asian region, then the world later.

“They are smart, and they will win.”

China readies cloud computing city

China is employing IBM to help it build a city-sized cloud computing centre based in the Hebei Province, which is expected to be opened by 2016.

The complex will be comparable in size to the Pentagon, but will have multiple buildings spread out over four blocks, similar to traditional business parks. It will span 6.2 million square feet, with the primary data centre accounting for 646,000 square feet.

IBM will be supplying its data design services, while Range Technology Development will also be working on the project. They will initially build seven low-slung data centres, spanning up to one million square feet, with room for three additional units on either side.

There are also reports that it might include a residential area, most likely for the staff working at the nearby data centres.

Despite such large-scale projects, China’s IT budget is five times lower than the US’, but it is growing at a significantly higher pace according to IDC. China’s full year growth for 2011 is expected to come in at $112 billion, up 15.6 percent, while the US is expected to bring in $564 billion, up only 5.9 percent.

While China’s reliance on cloud computing and data centres isn’t particularly high at the moment, if it continues its current growth it will need the services offered by the Hebei complex and other data centres over the next six years.

Below is a Google Maps satellite image of Hebei, while beneath it is an artist’s rendition of the new complex, courtesy of IBM.

Hebei

Hebei 2

GTX 580 battle, RAM Kits, Acer recall, 128GB CF card

HardwareHeaven tried the Gainward GTX 580 Phantom 3 versus the Asus GTX 580 DirectCU II, with both graphics cards coming in close for the throne. Both scored 10 out of 10, but the Asus model was declared the overall winner thanks to its “extreme approach”. It boasted the lowest temperatures and noise levels of any GTX 50 and its overclocking prowess was unmatched by rivals. It may be a tad expensive, but HardwareHeaven gave it the “money no object” Diamond Award.

The Crucial Ballistix 4GB DDR3-2133 RAM Kit was reviewed at PureOC. Its sleek exterior, thermal monitoring ability and strong performance earned it some brownie points, but its height might be problematic for installation in some cases. Overclocking ability wasn’t amazing, but it wasn’t paltry either, while the price of $110 was considered a little steep for 2133MHz modules.

TweakTown reviewed the G.Skill Ripjaws-X Series PC3-17066 4GB RAM Kit, which earned a rating of 98 percent and an Editor’s Choice Award. Its 7-10-7-27-1T at 1.65v setup was seen as much more aggressive than other P67 chipset kits. It also boasted impressive speeds and a very reasonable price at $139.99.

Acer is the latest manufacture affected by the faulty Sandy Bridge chipset, according to HotHardware. It said that it was “fully aware of the issue and is taking all necessary steps to minimize any inconvenience customers might experience.” It also halted shipments and issued a recall of affected products. Acer will offer machine services or product replacements to those who bought the defective products, all free of charge.

HardwareBistro brings news of SanDisk’s 128GB Extreme Pro CompactFlash card, which is advertising speeds of up to 100MB/s. It’s also has Video Performance Guarantee enabled for higher frame capture and superior high-definition video, as well as a UDMA-7 interface for maximum data transfer. SanDisk is touting the card is extra durable, thanks to its RTV silicone coating, protecting it from moisture, humidity, shock, and high and low extreme temperatures.

Tensions high among UK MPs over EU cybercrime directive

Tensions have broken out in the House of Commons over a proposed European direction on cyber attacks against information systems, which the UK has agreed to opt into.

James Brokenshire, the Parliamentary Under Secretary of State for the Home Office, began the debate by commenting on the seriousness of the threat posed by cyber warfare which is set to be a key focus of proposals to world leaders today. He said there can be “a significant real-world impact”, both financially and with infrastructure, and that national security is also at risk.

He commended the work done by the European Scrutiny Commitee to tackle this problem and lent his support to the European Union directive aimed at tackling cybercrime. He also said that the UK is committed to its role in addressing cybercrime, investing £650 million over the next four years.

Diana Johnson, Labour MP for Kingston upon Hull North, also recognised the threat of cyber warfare and welcomed the opt-in to the EU directive. However, she queried why there was a delay in the opt-in process, since there was an original deadline to do so by December 23, 2010. The UK opted in on January 31, meaning it was over a month late on the deadline. Her point was also echoed by Chris Bryant, Labour MP for Rhondda, who said the UK was “dilatory” on this matter.

Johnson asked why the UK did not opt in earlier, given there is room within the directive for negotiation on certain items. She made the point that because the UK failed to opt in on time, no influence from the UK could be imparted on the draft directive, effectively axing Britain’s right to express its views on how the directive should take shape.

She also quizzed the Minister on the ability to fund the proposed measures with a severely curtailed Home Office budget, what further resources would be needed, how it will address the longer prison sentences suggested in the directive, and why the UK government failed to opt into the EU directive on human trafficking, which she asked the Minister to reconsider.

Brokenshire responded that the opt-in was made “in time” and that no harm would come from the decision. He said it would be “premature” to address specific points of the directive, since it is still in a draft stage, and he made the point that there is enough funding available, but a decision has yet to be made on how it will be allocated. He said the reason the human trafficking direction was not opted into was because there were no measures in place where the UK would have benefited, but that this decision is open to review.

William Cash, the Conservative MP for Stone, was not pleased with the decision, calling the draft directive “deficient” and still needing considerable scrutiny. He asked why there was a scrutiny process at all if decisions were going to be made before such processes were complete, but Brokenshire said that the directive was still open for negotiation.

Neil Carmichael, Conservative MP for Stroud, asked if telephone fraud would be included as part of the directive – to which Brokenshire said that it mainly focused on computers, but with the growth of the likes of Skype, there is scope for its inclusion.

ACFV buys Answers.com for $127 million

AFCV Holdings is to buy Answers.com for $127 million.

The deal will see AFCV, a subsidiary of Summit Partners, hand over $10.50 in cash per share, a premium of around 33 percent on the closing price of stock for the last 90 days, with a total acquisition cost of approximately $127 million.

Common stock, Series A convertible preferred stock and Series B convertible preferred stock will all go to AFCV Holdings. Holders of the Series A and B shares will receive cash consideration for their stock at a rate equivalent to that of common stock.

Bob Rosenchein, CEO of Answers.com, said that he was pleased that the deal gives good value to investors, but it is not clear what financial situation Answers.com was in before the acquisition offer was accepted. 

Its Q3 revenue for 2010 was slightly down at $4.452 million, compared to $4.987 million in the same quarter in 2009. It predicted a stronger fourth quarter and a strong 2011, but those figures have yet to be released and could be poorer than expected.

The interactive search approach is an interesting one, but with the popularity of Google and the recent growth for Bing, Answers.com is up against a lot of competition, not to mention rival ask and answer sites. This feature is what distinguishes them from the major companies, but it’s difficult to see it as a real money-maker compared to the established Yahoo answers and upstarts like Quora.

Google reports 98 percent adoption rate of Google Instant

Some people love it and some people loathe it, but Google has reported that Google Instant has an adoption rate of 98 percent.

At first you might think this is the rate of satisfaction with Google’s “as you type” search engine, but this is not really the case. The feature is turned on by default for everyone and most people just get on with it, rather than trying to find the opt-out button.

Since most people don’t even know where the opt-out button is, many would presume it simply doesn’t exist and that instant results is the way of things for Google going forward.

Google hides the opt-out button in Settings and then Search Settings. Near the bottom there is an option to “Use Google Instant — predictions and results appear while typing” or “Do not use Google Instant.”

A properly placed opt-out button should probably be on the main search page itself, made visible to the average user. The fact that two percent of Google’s many millions of people have opted out might seem like a small percentage, but it’s not a small number of actual people who’ve figured out that an opt-out exists and where to find it.

"Rules of engagement" proposed for cyber warfare

A proposal for “rules of engagement” for cyber warfare is to be made by security experts from Russia and the US tomorrow.

The proposals, reported by BBC Newsnight, call for a rendition of the Geneva and Hague conventions in the virtual world.

They will be laid out before many of the world’s leaders, including UK Prime Minister David Cameron, US Secretary of State Hillary Clinton, German Chancellor Angela Merkel and Russian Foreign Minister Sergei Lavrov

One of the primary focuses of the proposal is to develop policies to protect essential cyber facilities that support our hospitals and schools. It was suggested that clear markers be employed to differentiate between military and civilian targets, which is relatively clear in the real world but much more muddied in cyberspace.

The dangers of cyber attacks include silent embedded malware, which has the potential to disable power grids, cut off water supplies and halt manufacturing systems, all of which could have a disastrous effect on the welfare of a country’s citizens, as well as the overall economy. While not explicitly stated, Stuxnet is an obvious example of how this could be employed.

With high profile targets like the UK and US stock exchanges falling victim to attacks, the potential for financial devastation is huge, a point which may force many countries to join together to develop stronger cyber defences and a better series of policies to deal with the problem. 

However, the BBC reported that the UK is reluctant to negotiate a new treaty on the issue, which could be a stumbling block for other countries. Despite this, the UK is investing substantial money in cyber defence, including a new Cyber Security Operations Centre. It has also agreed today to opt into the EU’s cyber crime plan, which will see it bring in new legislation to tackle the situation.

It will also be proposed that countries should stop thinking in black and white terms, of peace and war, and instead focus on the reality of grey positions in between, in a state the security experts call “other than war”.

Google offers $20,000 bounty to hack Chrome

Google is offering a bounty of $20,000 to the first person who hacks Chrome, effectively inviting hackers to go to town.

The prize is part of the 2011 Pwn2Own contest, which will see hackers from around the world try to find exploits in the leading web browsers.

Prizes of $15,000 are on offer for those who breach the security of Internet Explorer, Firefox and Safari, a $5,000 increase on prizes offered the year prior. A laptop will also be awarded.

Google is offering a larger prize of $20,000 and a CR-48 laptop. It employs a “sandbox” technique for preventing malware from escaping the web browser to infect the computer, which is a much more secure approach than the main rival browsers.

Hackers will only have the launch day of the contest to claim the Google bounty and two exploits need to be found in Google’s code to qualify. They must also be able to escape the sandbox feature, which Google is clearly betting isn’t possible.

$20,000 can still be won if an exploit is found on the second or third day, but only half of this will come from Google, with Pwn2Own sponsor TippingPoint handing over the other $10,000. Requirements for winning on these two days are also less strict, allowing for non-Chrome bugs.

A similar bounty was offered for the last two year’s Pwn2Own contests, but no one managed to break through Chrome’s defences in this period. It remains to be seen what will happen for 2011. 

A $15,000 bounty is also on offer for anyone who hacks the Dell Venue Pro running Windows 7, iPhone 4 running iOS, Blackberry Torch 9800 running Blackberry 6 OS or Nexus S running Android. A copy of the phone and a few other things will also be thrown in as part of the prize.

Contest details are here.

Vodafone accuses Egypt's Mubarak of sending propaganda texts

Vodafone has accused the Egyptian government of employing its mobile network to send unattributed pro-government text messages, while there are also concerns over some of its staff in the country.

Vodafone was one of three mobile phone companies that was instructed to send out text messages since protests broke out over a week ago against the leadership of President Mubarak, who has been in power for 30 years.

Vodafone was ordered to disable its services as part of a country-wide clampdown on internet and mobile communication, but it says the company was told to re-enable its network to send out government-sanctioned messages before disabling it again.

Reuters reported that it has seen one of these text messages, from February 2, which gave the details of the location and time of a pro-Mubarak rally.

Vodafone said that it made it clear to the Egyptian government that text messages should be transparent and it should be clear who sent them. It said that these messages were not written by the mobile network operators and it could not respond to authorities on their content.

The situation may be even grimmer than just the unattributed text messages, as Vodafone has also reported that one of its engineers in Egypt had been seriously engineered, while another is missing.

Vodafone’s data services are back online today, but its text message service remains offline. The country’s internet was restored yesterday after Mubarak promised he would not run for re-election in September.

“The current situation regarding these messages is unacceptable,” Vodafone said.