Category: Internet

Google kills popular ad-blocking app

stalin-googleSearch engine outfit Google has pulled a popular ad-blocking app from its Google Store claiming that it violates developer guidelines.

Called Adblock Fast, the plug-in from startup Rocketship Apps worked within Samsung’s mobile browser thanks to a partnership with the phone maker, which opened an API this week allowing third-party developers to build content blocking features for the preinstalled Samsung Internet app.

According to Rocketship developer Brian Kennish, Google says Adblock Fast violates section 4.4 of of its Developer Distribution Agreement, which disallows apps or plugins offered through the Play Store from “interfering” or “disrupting” devices, networks, or services of third parties. In this case it would appear the network involved is Google’s advertising network.

It seems that since the removal of Adblock Fast, two other Android ad blocking plug-ins working with Samsung’s browser have sprouted up: Crystal, the popular iOS ad blocker, and Adblock Plus. It’s unclear if Google simply hasn’t caught on to the competitors, or if Rocketship did something specifically to violate the Play Store guidelines.

Adblock Plus tried in 2013 to put out an Android ad blocker only to run into a similar issue, and the company was only recently allowed to distribute its app again, by bundling it within the company’s own browser.

Firefox allows ad blockers to be installed on its Android browser as plug-ins, but only through the browser itself. Samsung could similarly distribute Adblock Fast through its own preloaded app store on Galaxy devices.


Google still trying to build skynet

1200x-1A new Google project is testing the use of drones for high-speed Internet delivery is starting to take off.

Dubbed SkyBender the cunning plan is to use solar powered drones armed with millimeter-wave radio transmitters that could send out next-generation 5G wireless Internet signals.

Google has been working on SkyBender since last summer and has set up a series of transceivers to test the SkyBender signal reception.

Google SkyBender uses solar-powered drones, produced by the Google-acquired Titan Aerospace, and Centaur piloted planes produced by Aurora Flight Sciences. Google would use the autonomous aircraft to send its internet signal through phased arrays and to consumer devices.

The extremely-high-frequency  waves experimented with for the project could provide data at speeds around 40 times of those that current 4G networks offer, but they are easily scattered by atmosphere, rain, fog, and foliage, leaving them with an effective range only about a tenth of that of 4G signals. Google’s project includes testing various transceivers that would extend the signals’ coverage and mean that it had bandwidth to play with, which no one else wants.

Google has not officially announced Project SkyBender and there is no time frame for when testing will be completed, although Google has permission from the Federal Communications Commission to continue its desert operations through July.

Oracle kills Java plug-in

Ned's_executionOracle has finally announced that it is killing off its Java browser plugin.

The cunning plan is to scale  down the plugin technology in Java Developer Kit 9 and remove it completely from Oracle JDK and Java Runtime Environment in a future Java SE release.

Oracle admitted that plugins were outdated and modern Web browsers don’t need them.  Chrome disabled Java in April last year, while Firefox also announced plans to kill Oracle’s technology.

Oracle has warned developers to find an alternative.

“With modern browser vendors working to restrict and reduce plugin support in their products, developers of applications that rely on the Java browser plugin need to consider alternative options such as migrating from Java Applets (which rely on a browser plugin) to the plugin-free Java Web Start technology,” Oracle said in a blog post to users.

Oracle acquired the Java plugin, in 2010. It is a bit like Flash and  Silverlight in that it uses NPAPI, which is an ancient Netscape Plugin API. These plugins have caused more trouble than good and using one is like painting a large bullseye on your back and screaming “hack me”.

Some will be miffed at the plug-in’s exist. Some enterprises are likely still running older Web browsers that need Java, and created plenty of applets for it.

Twitter fixes buggy update which caused worldwide crash

TwitterSocial notworking site Twitter says it has fixed the buggy software which caused a worldwide outage yesterday.

Users from Scandinavia to Saudi Arabia to South Africa reported outages. India and Russia also suffered performance issues, according to a Twitter technical site.

Both Twitter’s Internet and mobile services began experiencing outages concentrated in northern Europe around 0820 GMT.

Intermittent breakdowns later spread to the United States and Canada in the early part of their working day.

Sporadic disruptions continued at 1420 GMT, six hours after they first began to spread. At approximately 1745 GMT Twitter reported that some users were still having trouble accessing the service.

Fifteen minutes later the company announced the service problems had been resolved. A company spokeswoman had no further comment.

In a status update at 1800 GMT, Twitter said an “intermittent issue affecting some users” was related to “an internal code change.”

“We reverted the change, which fixed the issue,” Twitter said in a statement.

Twitter fell 7 percent at market close. Wall Street has long worried about Twitter’s stagnant growth in users and advertising revenue. The site going tits up so spectacularly added to the worries.

Many pointed out that Twitter could not have been down for everyone since #twitterdown was among the top trending hashtags on the site.

Twitter currently has just over 300 million users but had its slowest user growth in 2015. It was eclipsed by photo-sharing app Instagram, which is owned by Facebook Inc and surpassed 400 million users last year.

Apple will start charging for iTunes Radio

radio_farm_family_ca1930_dbloc_saFruity cargo cult Apple is so confident about its iTunes Radio it is going to start charging for it.

While the service has been hailed by the Tame Apple Press, it did not do as well as many thought it would.  The service, which competes with people like Pandora, is exected to lose members once the ree period isover.  In fact even free is less interest than expected.

Reading the Tame Apple Press’s view of the numbers suggests that the pool of users is growing, and Apple can be confident in charging people for it.

ITunes Radio, which was announced in 2013, will no longer be free from the end of January, Apple confirmed in statement.

The ad-supported service, available only in the United States and Australia, will be folded into Apple Music, which costs $9.99 a month.  Quite what users get out of the service other than the joy of having an officially blessed Apple service is anyone’s guess.



Drupal floored by poor update security

drupal-panicWeb content management studio Drupal is flawed by several bugs in its update process which could allow hackers to take over the sites the CMS creates.

Drupal is not as popular as WordPress but is used by some fairly serious content businesses. Now IOActive’s Fernando Arnaboldi has warned that there are three major flaws in Drupal’s update process that may allow attackers to poison Drupal installations via update packages.

In the worst cases, even servers can be taken over.

Drupal can be updated from its backend administration panel, just by pressing a button. The CMS is also fitted with an automatic update checker, for both its core and its modules. This lets admins know when a new version is out and allows them to quickly apply the update package and move on to other more important things.

The first problem is with failed update queries. Because of various connectivity issues, Drupal sites may sometimes fail when checking for an update. When this happens, the CMS prints the “All your projects are up to date” message, instead of clearly stating that the update has failed to complete.

Attackers could flood local networks with traffic when an update process is taking place, forcing the CMS to print an erroneous update status in the backend.

The Drupal admin might think their site is up to date when in reality it remains vulnerable for tens of dangerous bugs, which can quickly add up when not keeping the CMS properly updated.

Arnaboldi said that the second issue has to do with the “Check manually” button included on the Drupal update page. This button allows the site’s administrators to check for new updates on command, and later apply the update. This  button is vulnerable to CSRF (Cross-Site Request Forgery) attacks.

“Administrators may unwillingly be forcing their servers to request unlimited amounts of information from to consume network bandwidth,” he wrote.

The third flaw is more critical and has to do with the fact that Drupal’s update process is unencrypted. By sending everything in cleartext, an attacker present on the local network in the form of an infected computer can sniff out traffic between the Drupal CMS and the servers, and detect when an update process is started.

The hacker can launch a simple MitM (Man-in-the-Middle) attack, spoof communications, and send malicious update packages to the CMS instead.   Arnaboldi used the third flaw to backdoor a Drupal update on a test website. He packaged a reverse PHP shell that gave him access to the Web server running the CMS, and later extracted the MySQL database’s username and password (image below).

What is weird is that Drupal had known of this issue since 2012, but only recently reopened discussions on fixing the problem, after Arnaboldi made the announcement.  It still does not have a fix but is apparently working on it.

Hate speech will be deleted in a day in Germany

German coat of armsGermany has received a promise from Facebook, Google and Twitter they will delete hate speech from their websites within 24 hours.

The move is a step in the fight against rising online racism following the refugee crisis. German Justice Minister Heiko Maas said the new agreement makes it easier for users and anti-racism groups to report hate speech to specialist teams at the three companies.

“When the limits of free speech are trespassed, when it is about criminal expressions, sedition, incitement to carry out criminal offences that threaten people, such content has to be deleted from the net. And we agree that as a rule this should be possible within 24 hours.”

Germany last month launched an investigation into the European wing of Facebook over its alleged failure to remove racist hate speech.

Martin Ott, Facebook’s managing director for northern, central and eastern Europe based in Hamburg, may be held responsible for the social platform’s failure to remove hate speech, a spokeswoman for the prosecution said last month.

A Facebook spokesperson said the allegations “lack merit” and there has been no violation of German law by Facebook or its employees.

Facebook has a partnership with a group called FSM, which monitors multimedia service providers on a voluntary basis, and has said it would encourage its users to push back against racism.

Vandals attacked its offices in the northern city of Hamburg at the weekend, damaging the entrance to the building and spraying “Facebook dislike” on a wall.

20 percent never turn off their internet

Simpsons_Internet_Computers_Black_ShirtOne in five Americans never turn off their internet connection and always maintain a link to the outside world, according to a new report.

According to a survey by Pew Research Centre 21 percent use the internet “almost constantly”.

Of the 87 percent of survey respondents who reported going online at all, the most common option chosen was that they go on “several times a day,” with only six percent reporting not going online at least daily.

Young people were more likely to say they went online “almost constantly” — 36 percent of people aged 18-29, and 28 percent of the 30-49 group. Any older than that and the numbers drop off considerably.

Those with more education and those with more income also reported going online more frequently, and black respondents used the internet slightly more often than their white or Hispanic counterparts.

Of course, when equipped with a smartphone or tablet, the numbers rise as well: 87 percent of mobile device owners go online daily, compared with just 65 percent of those without.
Pew’s survey was conducted by phone with 2,001 Americans aged 18 and older, in June and July of this year.

Israelis do a Turkey over YouTube

youtube-hamas-israelThe Israeli government is getting hacked off that scenes of its soldiers attacking Palestinians are finding their way onto YouTube.

The Israelis have managed to keep such footage off the air by forcing hacks and hackettes to submit all footage to government censorship. This has worked rather well as most of the world had been unaware of some key incidents.

But now it appears the Palestinians have been posting footage on YouTube which so far has not been censored. Israel has decided to adopt the same approach used by Turkey when its citizens post footage it does not like – it “works with” YouTube and Google to keep the footage off-line. In Turkey’s case it finds a judge to shut down YouTube completely.

Israeli daily Maariv said Tzipi Hotovely will be “working with Google and YouTube officials” in a joint mechanism that will be in charge of “monitoring and preventing” any publication of materials deemed by Tel Aviv to be “inflammatory”.

Hotovely announced in a Hebrew-only press release that she met with YouTube CEO Susan Wojcicki, and Google’s Director of Public Policy, Jennifer Oztzistzki, at Google’s Silicon Valley Offices.

Hotovely said she is worried that videos showing Israeli’s behaving badly might encourage young children to go out and stab: “The attacks daily in Israel are the result of youths and children incited by the education system and the social networks, this is a daily war of incitement.”

Yahoo decides to hack off users

a1pissedoffSearch engine Yahoo has decided that the best way to retain its users is by hacking them off.

In what appears to be a PR own goal, Yahoo is preventing some Yahoo Mail users from seeing their own e-mails until they turn off their ad-blocking software.

US users have tried to view their mail, only to receive a message from the site asking them to turn off their ad-blocking software first. It is the sort of “users have to do what they are told” approach which you can only get away with if you have a wonderful service which people want, which Yahoo doesn’t, or you don’t have any competition, which Yahoo has in spades.

Apparently the whole thing is a test of “new product experiences” and only a small number of Yahoo Mail users are involved.

It is all part of a move against the use of ad blockers, which people are installing on their devices to get away from annoying, invasive, often inconvenient advertisements.

Rather than instructing their advertising departments to stop using adverts that take over your computer until you click something, or have to fill in a survey about your experience on the site which you cannot see because of a huge survey advert demanding your attention, Yahoo has joined the legions who want to punish those who use ad-blockers.

Ad-blocking is a headache for Yahoo, Google and media companies, all of which depend on advertising revenue to fund their businesses.

Some firms have put up messages asking users to turn off their ad-blocking software in exchange for access to content, but Yahoo may be alone in actively blocking users from reaching their own correspondence.