Tag: Christmas

Hackers go for speech recognition in Chrome

Hackers have worked out a way to use the speech recognition in Chrome to spy on you.

Apparently, the method involves switching on your microphone using bugs in the Chrome browser.

The exploit was discovered by developer Tal Ater who found it while working on annyang, a popular JavaScript Speech Recognition library.

This allowed him to find multiple bugs in Chrome, and to come up with an exploit which combines all.

He reported the exploit to Google’s security team in private on September 13. By September 19, their engineers have identified the bugs and suggested fixes. On September 24, a patch which fixes the exploit was ready, and three days later, his find was nominated for Chromium’s Reward Panel.

But as time passed, and the fix didn’t make it to users’ desktops. A month and a half later, Ater asked the team why the fix was not released. Their answer was that there was an ongoing discussion within the Standards group, to agree on the correct behaviour – “Nothing is decided yet.”

Four months later Google is still waiting for the Standards group to agree on the best course of action, and your browser is still vulnerable.

As it lies, all it takes is a user to visit a site that uses speech recognition to offer some cool new functionality.

Here is a short film of the exploit in action

Huawei products do have backdoors

Der Spiegel hack and hacker Jacob Applebaum has found proof that products made by the Chinese outfit Huawei do have backdoors to allow access to spying.

This was the central reason why US Senators banned Huawei from taking US government projects claiming that the company was a tool of the Chinese military.

The only problem was that the backdoors being placed in the Huawei gear were put there because US spooks wanted to spy on everyone and the Chinese outfit was just doing what it was told.

A bit on the nose really to do what you are told by US spooks and then lose your contracts because you are following their security instructions.

Applebaum found that if any company tried to use traditional and reliable US companies, because they feared Chinese intrusion, they would find the same backdoor installed.

Talking to the 30th Chaos Computer Club conference in Hamburg, Germany, Applebaum presented a snapshot of dozens of zero day exploits used to spy on both US citizens and foreigners.

It looks like the NSA can use zero-day exploits to spy on communications passing through the switches and routers of all the world’s largest networking vendors, Dell Cisco, Juniper Networks and Huawei.

Dell and HP servers have a backdoor as well as smartphones of Apple and Samsung.

Applebaum dubbed the companies collaborators with the spooks who had left their customers vulnerable.

“Fuck them for collaborating, and for leaving us vulnerable,” he said. He hoped that by naming and shaming them they would close the backdoors on the spooks.

Apparently the backdoor is in the server hardware systems at the BIOS level.

The NSA’s documents boast that these exploits work across servers running the Microsoft Windows, Linux, FreeBSD and even Sun Solaris operating systems.

This gives away the spook’s cunning plan. After all how many people in Al Qaida are using Solaris? Applebaum asked the crowd.

Dell’s best-selling PowerEdge servers (1850, 2850, 1950, 2950) all feature a vulnerability that allows the NSA to post spyware iton the BIOS using either remote access or via the inserting of a USB drive.

A related NSA exploit, dubbed GODSURGE, uses a JTAG debugging interface in the Dell PowerEdge 1950 and 2950. A JTAG debugging interface is usually used to test the BIOS/firmware for bugs, but it can also be used to reflash the BIOS from scratch.

HP’s Proliant 380DL G5 server can be opened using IRONCHEF, which extracted data from the server using two-way RF communication.

The NSA has also developed an exploit for tapping Apple’s iPhone called DROPOUTJEEP and another for Vole’s Windows Phone called TOTEGHOSTLY, Applebaum said. 

Hacker took over the BBC

Red-faced security experts at the BBC are having to explain how a hacker broke into their systems over the Christmas break.

According to Reutersthe hacker was only revealed after he launched a Christmas Day campaign to convince other cyber criminals to pay him for access to the system.

It is not clear if the hacker found any buyers, but the BBC’s security team responded to the issue on Saturday and believes it has secured the site.

Reuters could not find out if the hacker stole data or caused any damage in the attack. However, they did manage to compromise a server that manages an obscure password-protected website called ftp.bbc.co.uk.

The Beeb was warned about the attack by Hold Security, a cybersecurity firm in Milwaukee that monitors underground cyber-crime forums in search of stolen information.

Hold spotted a Russian hacker known by the monikers “HASH” and “Rev0lver,” attempting to sell access to the BBC server on December 25.

HASH showed files that could only be accessed by somebody who really controlled the server.

The BBC has been targeted by the Syrian Electronic Army, which supports Syrian President Bashar al-Assad, and other hacker activist groups that deface websites and take over Twitter accounts. 

Disney takes away kids’ Amazon Christmas presents

Mickey Mouse outfit Disney has decided that its fluffy bunny image is not getting it anywhere and it is better to stop kids’ Christmas presents this year.

For a while now Amazon has been selling Disney’s Christmas catalogue to parents who want to sit kids down on Christmas Day with a nice cartoon. However it seems that, despite parents paying for the content, Amazon has deleted them from the library and the site.

According to Boing Boing,  Amazon said that the agreement that it has to distribute content contains a clause that Disney can pull its content at any time and ‘at this time they’ve pulled that show for exclusivity on their own channel”.

So Disney effectively pulled its Christmas content so that it could show it on its own channel and banned parents from seeing content, which they had paid for, until July.

To be fair it is all in Amazon’s terms and conditions in the small print that you never read, but it does seem rather odd that you can pay for something and have it taken away because it does not fit into a publishers’ schedule.

It is being seen as yet another example as to why Big Content completely fails to understand digital content sales. It still thinks that people will buy hard copies if digital copies are made too expensive or unreliable. In fact, they will simply go to a pirate site.

Amazon was also dumb allowing studios the right to revoke access to videos, something that many of the owners of its Kindle products would have been unaware. 

Apple returns policy most searched for over holidays

Spoilt kids and unclear branding could have been the cause of Apple’s returns policy the most searched for over the holiday period, according to a report from Experian Marketing Services.

In data which was sent to the Telegraph, Experian noted that searches for Apple’s returns policy topped the lists.

Apple’s policy was followed by Argos, Harrods, Debenhams, and Toys R Us respectively. Searches for returns policies were up 250 percent compared to the same time last year, but Christmas 2012 was also record breaking for online retail.

Experian Marketing Services’ digital insight manager, James Murray, said in a statement that the return policy searches could be as a result of brand confusion – for example, parents mixing up an iPad Mini and an iPod Nano, which, although they sound similar, are entirely different products. 

“This has been the busiest Christmas ever for online retailers with 30% growth in visits since last year,” Murray said. “Boxing Day and increasingly Christmas Day itself are key days when consumers go online to spend Christmas money on gifts they didn’t get or organise returns for unwanted gifts”.

On Christmas and Boxing Day, brats were largely ridiculed for complaining about the colour of the Apple products they unwrapped. Although many of the twits later claimed to be joking, it’s entirely possible supply was tight for the colour of their choice and they headed online for a replacement. 

Amazon cloud "killed" Netflix's Christmas

The problems of dependence on cloud based systems were highlighted in the US over Christmas when the video distributor Netflix lost a fortune due to an outage at Amazon.

The company hoped to make a killing over Christmas as punters decided that since the US had cancelled all the good TV series during the Christmas break they would rent a video instead.

But an outage at one of Amazon’s web service centres hit users of Netflix streaming video service on Christmas Eve and was not fully resolved until Christmas Day.

Netflix subscribers across Canada, Latin America and the United States were knocked out and affected various devices that enable users to stream movies and television shows from home.

This meant that even gaming consoles like the Nintendo Wii and PlayStation 3 to Blu-ray DVD players which used Netflix would not work.

It has been estimated that more than 27 million are in the Americas region that was exposed to the outage and could have potentially been affected.

According to Reuters, the event marks the latest in a series of outages from Amazon Web Services.

Officials at Amazon Web Services have not said anything about the outage. However it does show that it is risky putting all your eggs in one cloud basket. 

Retailers: Apple ahead in Christmas tablet sales

Consumers are splashing out on expensive technology such as Apple’s iPad, some major retailers have confirmed to TechEye.

Apple is still leading the way for Christmas presents with the iPad and MacBook pushing sales for many big companies – dwarfing the likes of Intel’s Ultrabooks, which have had a well publicised hard time.  

One large retailer said, speaking with TechEye: “As much as it pains me to say this, we’re seeing alot of sales around Apple. This is especially prevalent in the laptop and tablet markets. Unfortunately it’s still the same story for Ultrabooks, which just aren’t shifting.”

However, more reasonably priced items had also seen a jump over the festive period, including the Google Nexus line, which was a close second to Apple’s offerings.  

Another attraction for an iPad alternative is in buying for a younger audience. Another, separate retailer said that there are plenty of people who “are looking for a tablet for younger teens and don’t want to risk buying them a top of the range item”.

One of the reasons why Apple’s offerings have proven to be so popular, could be as a result of these products keeping their value. A top retailer told us despite seeing high sales in the electrical sector, many people were sitting tight. That said,  “iPads and Macs are flying off the shelves, but despite a small growth other brands are behind”.

Although the supply of Apple gear is traditionally tight at launch, we have heard from some retailers that enough stock has been ordered in anticipation for the Apple “rush” that it’s likely buyers will be “safe even up until Christmas eve”.

32GB Asus Nexus 7 kicks off Chrimbo tablet war

Earlier today, Google’s Play Store said the £199 16GB, Nexus 7 tablet was unavailable for purchase in the UK and elsewhere – and here’s why – Asus has just announced the 32GB version is on sale for the same price, in what can only be seen as the first blow in the fight for leading sales over Christmas.

The Nexus 7 was made available online from 4.30pm in the UK and can be bought at retailers such as PC World, Currys, Comet, Ebuy, Tesco, and the other usual culprits. Meanwhile, the 32GB edition with 3G connectivity will be made available through Three in the middle of November.

The Nexus 7 has received rave reviews so far, not least for its affordable price tag. Google was seen to be more in competition with Amazon’s Fire tablets, although undercutting Apple was an appealing side effect. Caught on the back foot, Apple rushed out the iPad Mini. Though the company previously followed the diktat of its late CEO Steve Jobs, who said a 7 inch tablet would never take off, market pressure appears to have forced its fruity hand into coming up with a device of its own.

£199 is about as cheap as it gets for a premium tablet with this spec, and it doesn’t come as much of a surprise the flagship Google device – made by Asus – is targeting the lower end of the pricing spectrum in time for Christmas. As the days count down to the traditional spending hike, the competition will undoubtedly increase as manufacturers try to outperform each other on pricing to seduce the cash-strapped western consumer.

It certainly seems that the tablet wars are heating up. Apple has failed to drum up as much hype as it is used to without the reassuring arrogance of its late CEO and super-salesman Steve Jobs on board.  Rather than delivering on innovation, Apple has spent much of its time waging costly skirmishes against former allies, such as chasing Samsung around the globe with a string of patent infringement accusations. The detonator on thermonuclear war turned out to be a dud.

Amazon and Google, however, are looking increasingly like the two top contenders, especially considering their devices ship with more reasonable price tags and, crucially, they are more open. Indeed, jailbreaking an iPad has just been made illegal by US law.

We haven’t forgotten Microsoft’s Surface. But that particularly device strikes us more as an experiment – and one that will hit the consumer in the pocket.

Where does this leave the Ultrabook? Well, the price is still very much through the roof, and until something remarkable reaches the market, it looks like Intel’s ultrathins will be sitting on the sideline – at least over the Christmas period. Vendors have been hoping Windows 8 could bring more consumer interest to the woeful PC market, but so far, reception has been lukewarm. PC makers will have to come up with some special goods to win market share back and we know they will be trying with hybrid devices and more, otherwise it’s boom or bust and back to the drawing board.

O2 turns scrooge on Xmas promo mess-up

Now that the 12th day of Christmas has been and gone, British telco O2 has got the January Blues and gone all Scrooge.

O2 ran a promotional offer around Christmas time on some of its phones. “£20 to spend as you like,” it said, as a special treat for new customers signing up to its packages. The problem was the voucher customers got didn’t work in-store – they had to go online to apply for it. Customers could choose a Boots, Amazon, Next, Pizza Hut or Argos voucher.

Confused customers went online, wondering why the website they had to claim through was sending them round and around. One tells TechEye “it was a challenge”, who eventually managed to claim the voucher on the 14th December but still hasn’t had anything in the post.

But now, it seems there was a hiccup in O2’s systems. In an email, a representative for the Voucher Team said: “It appears on our system, that you may have received multiple sets of £20 vouchers from O2 for the Christmas Promotion. We are asking that customers please return these extra vouchers; but keep the vouchers you were entitled to.”

Doesn’t O2 know it’s a faux pas to ask for your presents back? Especially when customers haven’t been given them in the first place.

Christmas creates Amazon shanty-towns

The shift to online retail Christmas shopping has created new shanty-towns in the US desert similar to the days of the gold-rush.

The Wall Street Journal reports on Amazon hiring shedloads of the nation’s elderly and using them like Santa’s elves to pack up parcels in its many warehouses.

It gives the world the case of Ray and Sarann Williams who arrived in Fernley, Nevada to work around the clock at Amazon’s warehouse and help the online retailer meet its spike in orders.

They came all the way from Hurricane, Utah, to work at the Fernley warehouse because the two month warehouse gig helps tide them over.

Amazon makes nearly 40 percent of its $34 billion plus annual revenue at the end of the year and hires thousands of temporary workers at each of its 34 US warehouses.

In doing so it has created a sort of modern day migrant worker. Many of them are retirees who spend all or part of the year living in RVs and taking odd seasonal jobs around the country.

Amazon pays about 50 percent better than minimum wage and it is seen as a bit safer than some jobs.

Workers can be on their feet for hours fetching items from shelves, packing boxes and preparing incoming items for storage. A lot of them lose weight over Christmas instead of putting it on.

As the elderly Americans work flat out to bring the US Christmas presents, we are still stuck with the glorious postal service.  While they might be fast at packing, afterwards they have to go on the postal equivalent of the Brighton line