Category: Internet

Google plots the death of Flash

flash-gordonSearch engine outfit Google has just announced a so-called “timeline” for banishing Flash from its advertising network and  going totally HTML5.

According to a spokesGoogle the Google Display Network and DoubleClick Digital Marketing are now going 100 percent HTML5.

From June 30, 2016, Google will no longer accept new Flash display ads from advertisers. On January 2, 2017, even old Flash ads will be blocked from appearing, making Google’s ad network mostly Flash-free.

Video ads will remain in Flash however, although there are not many of those.

Google has been trying to get advertisers off of Flash for some time, providing tools and best practices for switching. Now it apparently feels good enough about the switch to force it on the world.

Even Adobe has had enough of Flash. It killed Flash Professional—its Flash authoring tool—in December, and today announced Adobe Animate, which outputs projects in HTML5.

Adblock plus opens Camp David with the advertisers

Camp-DavidThe German outfit running Adblock Plus is negotiating with advertisers in a bid to find an “acceptable” level of advertising on the net.

Eyeo has set up an independent committee for acceptable advertising which it has called “Camp David” in a bid to hammer out a deal with Internet publishers, advertisers and ad-blockers.

The first such “summit” was held in a small village called New York in November and the second earlier this week in London.

Eyeo spokesman Ben Williams said that “the biggest European names in publishing, ad-tech, advertising, digital non-profits and content creation.”

At the moment only those who appear on Eyeo’s own “white-list” of acceptable ads can be displayed.
To get on that “white-list”, advertisers must meet certain criteria laid drawn up Eyeo itself which stipulate how “non-intrusive” ads should be in terms of size, placement and labelling, explained Williams.

Big websites can pay a fee not to be blocked. And it is these proceeds that finance the Cologne-based company and its 49-strong workforce. While Google and Amazon have paid up, others refuse.

Axel Springer, which publishers Germany’s best-selling daily Bild, thinks Eyeo is trying to nick a slice of its advertising fee.

Google kills popular ad-blocking app

stalin-googleSearch engine outfit Google has pulled a popular ad-blocking app from its Google Store claiming that it violates developer guidelines.

Called Adblock Fast, the plug-in from startup Rocketship Apps worked within Samsung’s mobile browser thanks to a partnership with the phone maker, which opened an API this week allowing third-party developers to build content blocking features for the preinstalled Samsung Internet app.

According to Rocketship developer Brian Kennish, Google says Adblock Fast violates section 4.4 of of its Developer Distribution Agreement, which disallows apps or plugins offered through the Play Store from “interfering” or “disrupting” devices, networks, or services of third parties. In this case it would appear the network involved is Google’s advertising network.

It seems that since the removal of Adblock Fast, two other Android ad blocking plug-ins working with Samsung’s browser have sprouted up: Crystal, the popular iOS ad blocker, and Adblock Plus. It’s unclear if Google simply hasn’t caught on to the competitors, or if Rocketship did something specifically to violate the Play Store guidelines.

Adblock Plus tried in 2013 to put out an Android ad blocker only to run into a similar issue, and the company was only recently allowed to distribute its app again, by bundling it within the company’s own browser.

Firefox allows ad blockers to be installed on its Android browser as plug-ins, but only through the browser itself. Samsung could similarly distribute Adblock Fast through its own preloaded app store on Galaxy devices.

 

Google still trying to build skynet

1200x-1A new Google project is testing the use of drones for high-speed Internet delivery is starting to take off.

Dubbed SkyBender the cunning plan is to use solar powered drones armed with millimeter-wave radio transmitters that could send out next-generation 5G wireless Internet signals.

Google has been working on SkyBender since last summer and has set up a series of transceivers to test the SkyBender signal reception.

Google SkyBender uses solar-powered drones, produced by the Google-acquired Titan Aerospace, and Centaur piloted planes produced by Aurora Flight Sciences. Google would use the autonomous aircraft to send its internet signal through phased arrays and to consumer devices.

The extremely-high-frequency  waves experimented with for the project could provide data at speeds around 40 times of those that current 4G networks offer, but they are easily scattered by atmosphere, rain, fog, and foliage, leaving them with an effective range only about a tenth of that of 4G signals. Google’s project includes testing various transceivers that would extend the signals’ coverage and mean that it had bandwidth to play with, which no one else wants.

Google has not officially announced Project SkyBender and there is no time frame for when testing will be completed, although Google has permission from the Federal Communications Commission to continue its desert operations through July.

Oracle kills Java plug-in

Ned's_executionOracle has finally announced that it is killing off its Java browser plugin.

The cunning plan is to scale  down the plugin technology in Java Developer Kit 9 and remove it completely from Oracle JDK and Java Runtime Environment in a future Java SE release.

Oracle admitted that plugins were outdated and modern Web browsers don’t need them.  Chrome disabled Java in April last year, while Firefox also announced plans to kill Oracle’s technology.

Oracle has warned developers to find an alternative.

“With modern browser vendors working to restrict and reduce plugin support in their products, developers of applications that rely on the Java browser plugin need to consider alternative options such as migrating from Java Applets (which rely on a browser plugin) to the plugin-free Java Web Start technology,” Oracle said in a blog post to users.

Oracle acquired the Java plugin, in 2010. It is a bit like Flash and  Silverlight in that it uses NPAPI, which is an ancient Netscape Plugin API. These plugins have caused more trouble than good and using one is like painting a large bullseye on your back and screaming “hack me”.

Some will be miffed at the plug-in’s exist. Some enterprises are likely still running older Web browsers that need Java, and created plenty of applets for it.

Twitter fixes buggy update which caused worldwide crash

TwitterSocial notworking site Twitter says it has fixed the buggy software which caused a worldwide outage yesterday.

Users from Scandinavia to Saudi Arabia to South Africa reported outages. India and Russia also suffered performance issues, according to a Twitter technical site.

Both Twitter’s Internet and mobile services began experiencing outages concentrated in northern Europe around 0820 GMT.

Intermittent breakdowns later spread to the United States and Canada in the early part of their working day.

Sporadic disruptions continued at 1420 GMT, six hours after they first began to spread. At approximately 1745 GMT Twitter reported that some users were still having trouble accessing the service.

Fifteen minutes later the company announced the service problems had been resolved. A company spokeswoman had no further comment.

In a status update at 1800 GMT, Twitter said an “intermittent issue affecting some users” was related to “an internal code change.”

“We reverted the change, which fixed the issue,” Twitter said in a statement.

Twitter fell 7 percent at market close. Wall Street has long worried about Twitter’s stagnant growth in users and advertising revenue. The site going tits up so spectacularly added to the worries.

Many pointed out that Twitter could not have been down for everyone since #twitterdown was among the top trending hashtags on the site.

Twitter currently has just over 300 million users but had its slowest user growth in 2015. It was eclipsed by photo-sharing app Instagram, which is owned by Facebook Inc and surpassed 400 million users last year.

Apple will start charging for iTunes Radio

radio_farm_family_ca1930_dbloc_saFruity cargo cult Apple is so confident about its iTunes Radio it is going to start charging for it.

While the service has been hailed by the Tame Apple Press, it did not do as well as many thought it would.  The service, which competes with people like Pandora, is exected to lose members once the ree period isover.  In fact even free is less interest than expected.

Reading the Tame Apple Press’s view of the numbers suggests that the pool of users is growing, and Apple can be confident in charging people for it.

ITunes Radio, which was announced in 2013, will no longer be free from the end of January, Apple confirmed in statement.

The ad-supported service, available only in the United States and Australia, will be folded into Apple Music, which costs $9.99 a month.  Quite what users get out of the service other than the joy of having an officially blessed Apple service is anyone’s guess.

 

 

Drupal floored by poor update security

drupal-panicWeb content management studio Drupal is flawed by several bugs in its update process which could allow hackers to take over the sites the CMS creates.

Drupal is not as popular as WordPress but is used by some fairly serious content businesses. Now IOActive’s Fernando Arnaboldi has warned that there are three major flaws in Drupal’s update process that may allow attackers to poison Drupal installations via update packages.

In the worst cases, even servers can be taken over.

Drupal can be updated from its backend administration panel, just by pressing a button. The CMS is also fitted with an automatic update checker, for both its core and its modules. This lets admins know when a new version is out and allows them to quickly apply the update package and move on to other more important things.

The first problem is with failed update queries. Because of various connectivity issues, Drupal sites may sometimes fail when checking for an update. When this happens, the CMS prints the “All your projects are up to date” message, instead of clearly stating that the update has failed to complete.

Attackers could flood local networks with traffic when an update process is taking place, forcing the CMS to print an erroneous update status in the backend.

The Drupal admin might think their site is up to date when in reality it remains vulnerable for tens of dangerous bugs, which can quickly add up when not keeping the CMS properly updated.

Arnaboldi said that the second issue has to do with the “Check manually” button included on the Drupal update page. This button allows the site’s administrators to check for new updates on command, and later apply the update. This  button is vulnerable to CSRF (Cross-Site Request Forgery) attacks.

“Administrators may unwillingly be forcing their servers to request unlimited amounts of information from updates.drupal.org to consume network bandwidth,” he wrote.

The third flaw is more critical and has to do with the fact that Drupal’s update process is unencrypted. By sending everything in cleartext, an attacker present on the local network in the form of an infected computer can sniff out traffic between the Drupal CMS and the drupal.org servers, and detect when an update process is started.

The hacker can launch a simple MitM (Man-in-the-Middle) attack, spoof communications, and send malicious update packages to the CMS instead.   Arnaboldi used the third flaw to backdoor a Drupal update on a test website. He packaged a reverse PHP shell that gave him access to the Web server running the CMS, and later extracted the MySQL database’s username and password (image below).

What is weird is that Drupal had known of this issue since 2012, but only recently reopened discussions on fixing the problem, after Arnaboldi made the announcement.  It still does not have a fix but is apparently working on it.

Hate speech will be deleted in a day in Germany

German coat of armsGermany has received a promise from Facebook, Google and Twitter they will delete hate speech from their websites within 24 hours.

The move is a step in the fight against rising online racism following the refugee crisis. German Justice Minister Heiko Maas said the new agreement makes it easier for users and anti-racism groups to report hate speech to specialist teams at the three companies.

“When the limits of free speech are trespassed, when it is about criminal expressions, sedition, incitement to carry out criminal offences that threaten people, such content has to be deleted from the net. And we agree that as a rule this should be possible within 24 hours.”

Germany last month launched an investigation into the European wing of Facebook over its alleged failure to remove racist hate speech.

Martin Ott, Facebook’s managing director for northern, central and eastern Europe based in Hamburg, may be held responsible for the social platform’s failure to remove hate speech, a spokeswoman for the prosecution said last month.

A Facebook spokesperson said the allegations “lack merit” and there has been no violation of German law by Facebook or its employees.

Facebook has a partnership with a group called FSM, which monitors multimedia service providers on a voluntary basis, and has said it would encourage its users to push back against racism.

Vandals attacked its offices in the northern city of Hamburg at the weekend, damaging the entrance to the building and spraying “Facebook dislike” on a wall.

20 percent never turn off their internet

Simpsons_Internet_Computers_Black_ShirtOne in five Americans never turn off their internet connection and always maintain a link to the outside world, according to a new report.

According to a survey by Pew Research Centre 21 percent use the internet “almost constantly”.

Of the 87 percent of survey respondents who reported going online at all, the most common option chosen was that they go on “several times a day,” with only six percent reporting not going online at least daily.

Young people were more likely to say they went online “almost constantly” — 36 percent of people aged 18-29, and 28 percent of the 30-49 group. Any older than that and the numbers drop off considerably.

Those with more education and those with more income also reported going online more frequently, and black respondents used the internet slightly more often than their white or Hispanic counterparts.

Of course, when equipped with a smartphone or tablet, the numbers rise as well: 87 percent of mobile device owners go online daily, compared with just 65 percent of those without.
Pew’s survey was conducted by phone with 2,001 Americans aged 18 and older, in June and July of this year.