UPS branches hit by data breach

21 August 2014 Last updated at 11:52

The personal data of customers who have used local branches of the US parcel delivery company UPS has been stolen in a widespread security breach.

The hack, which affected 51 franchises across 24 states, exposed clients' names, postal addresses, email addresses and payment card information.

The company said the malware had been "eliminated" and that its services were now safe to use.

On Monday, a large US hospital chain said its systems had been infiltrated.

About 4.5 million healthcare patients involved with Community Health Systems facilities had their private information stolen.

Last week, the US grocery chain SuperValu said it had also suffered a breach.

UPS, which was founded as a messenger company in 1907 and has become a multibillion-dollar corporation, has more than 4,450 franchised locations in the US.

Monitor account

Each franchise is individually owned and responsible for installing its own network.

The breaches, which were only discovered by UPS because of a notification from the US government, took place between January and August.

UPS said that while it had received no reports of the stolen data being used for fraudulent purposes, customers should carefully monitor their account activity for signs of intrusion.

"We encourage you to remain vigilant by reviewing your account statements and monitoring your free credit reports," said Tim Davis, president of The UPS Store.

He added: "Our customers can be assured that we have identified and fully contained the incident."

The company also said it had begun an internal review to investigate the breach.

23.53 | 0 komentar | Read More

Man jailed for filming in cinema

22 August 2014 Last updated at 12:19

A man has been jailed for 33 months after recording Fast And Furious 6 from the back of a cinema in Walsall.

A judge in Wolverhampton ruled that Philip Danks, 25, uploaded the movie, which was downloaded 700,000 times.

The Federation Against Copyright Theft (Fact) claimed this meant "millions of pounds" lost for the film's distributor, Universal Pictures.

Another man, Michael Bell, was also sentenced to a community order for 120 hours' unpaid work.

Bell, the former boyfriend of Danks' sister, had played a part in uploading material, the court ruled.

As well as putting the film on the internet, Danks offered to sell copies of the film using his Facebook profile.

'Arrogant'

Danks had also used his profile to update his friends about his case - on 20 August, a day before his hearing, he wrote: "Not loking [sic] good."

The judge who sentenced Danks said his behaviour was "bold, arrogant and cocksure".

In a statement distributed by Fact, Det Sgt Rod Rose, of West Midlands Police, said: "We assisted the Federation Against Copyright Theft throughout this case with search warrants, forcing entry to addresses and making arrests.

"We also supported with evidence recovery and interviewing suspects.

"Fraud comes in many guises and ultimately affects all of us."

Police said that Danks had continued to illegally distribute movies after his arrest in May last year.

Officers were able to trace him after he used the username TheCod3r to leave a comment on a well-known pirated movie website.

Danks had used the same username on the Plenty of Fish dating website.

23.53 | 0 komentar | Read More

Samsung-made Nook tablet announced

20 August 2014 Last updated at 18:31 By Leo Kelion Technology desk editor

Please turn on JavaScript. Media requires JavaScript to play.

Michelle Fleury reports from New York, where the Samsung Galaxy Tab 4 Nook had its debut

Barnes & Noble has unveiled a customised version of an existing Samsung tablet as a replacement for the Nook HD+, which it manufactured itself.

The US book chain is marketing the device as the "first-ever full-featured Android tablet optimised for reading", based on its inclusion of pre-installed Nook apps and homescreen shortcuts.

However, its screen is lower resolution than Kobo's Android-powered Arc 7HD.

One analyst said it would be an "uphill struggle" to sell the new device.

"There is growing consumer apathy to this growing class of low-cost tablets," said Ben Wood, from the tech consultancy CCS Insight.

"Although there is the Nook angle on this, it goes into the melting pot with numerous other tablets that will appear in this price point as we run up to Christmas.

"Amazon has pretty much locked out the market in reading-focused tablets anyway, the only thing I'd applaud here is the fact that Barnes & Noble has gone to Samsung, which can give it scale and quality."

The advantage that the 7in (17.8cm)-screened Samsung Galaxy Tab 4 Nook has over Amazon's Fire tablets is that it can easily access the Google Play marketplace. Amazon's tablet uses a proprietary store with fewer apps available.

Costing $179 (£107), the new Nook is also cheaper than the Kindle Fire HDX and Kobo Arc 7HD.

However with only 216 pixels per inch, text will appear less sharp on its screen. Likewise, magazines and movies sold from the included Nook Newsstand and Nook Video apps will present less detail than similar purchases on either the two other Android machines or Apple's bestselling iPad Mini, which also has its own dedicated ebook store.

Even so, one market watcher said the tie-up still made business sense. Samsung should benefit from the exposure of having its machine promoted in Barnes & Noble's stores and website, while the retailer gets to cut its costs after posting a $47m (£28.2m) net loss for its last financial year.

"It's very hard to make money out of mobile devices," said Ian Fogg, from the IHS consultancy.

"But by having this partnership, Barnes & Noble can have its own content and services pre-installed so that they are not just front-of-mind but also front-of-eyes for consumers.

"If it wants to get its apps used on other people's devices it has to persuade people to install them instead of a Kindle app or another competitor - that visibility is very important."

At the moment the Samsung Galaxy Tab 4 Nook is only available in the US.

Barnes and Noble will continue to sell e-ink readers, including the Nook GlowLight, which was launched in the UK earlier this month.

23.53 | 0 komentar | Read More

UK's 'most generous town' revealed

21 August 2014 Last updated at 00:03 By Dave Lee Technology reporter, BBC News

Bedford has been crowned the UK's most generous town, according to data gathered by donation site JustGiving.

In the year to May 2014, 41,631 people with a Bedford postcode gave a total of £1,145,967 to appeals on the site.

JustGiving compiled its list based on the number of givers and the amount donated in relation to populations.

Richard Fuller, the MP for Bedford & Kempston, said he was "thrilled but not surprised" by the findings, saying it reflected the town's "solidarity".

"It's great to see that sense of personal responsibility to not just look after yourself but to look after others," he told the BBC.

"What's distinctive about Bedford is that going back decades now it's been a very welcoming place for people with different backgrounds."

The top 10 ranking was determined by calculating how much a town had donated via the site - adjusted to account for the number of donors relative to the population size.

Top 10 'most generous' places in the UK

Location	Statistics
Source: JustGiving. Population sizes taken from Office for National Statistics, and adapted to provide postcode matches (ONS figures are given for local authorities, not postcode groups).
1. Bedford	41,631 givers; £1,145,967 raised; population 79,150
2. Cambridge	48,295 givers; £1,440,634 raised; population 126,480
3. Reading	58,235 givers; £1,711,566 raised; population 159,247
4. Brentwood	21,672 givers; £750,509 raised, population 74,460
5. Woking	27,646 givers; £921,165 raised; population 99,567
6. Aberdeen	58,307 givers; £1,872,610 raised; population 220,420
7. Bristol*	135,373 givers; £3,582,531 raised; population 432,500
8. Cheltenham	33,381 givers; £976,995 raised; population 115,900
9. High Wycombe	31,658 givers; £1,004,113 rasied; population 120,256
10. Watford	22,643 givers; £737,375 raised; population 93,736

* Update: The table in this report has been revised after JustGiving recalculated its figures for Bristol.

The town of Sevenoaks had the highest amount per individual giver - an average of £42.29 each was donated by people there.

The data only reflects donations made through the JustGiving website, and so does not take into account other charity donations made by people, - such as putting cash in collections, making payments via direct debits and standing orders, or through other online services.

Aberdeen was the highest ranked Scottish location, coming in sixth overall. No towns in Northern Ireland or Wales made the top 10.

JustGiving is the UK's largest charity fundraising website and is widely used for people undertaking sponsored events to raise money for good causes.

However, it has been criticised for charging charities a fee to use its site, and it takes a small cut of every pound donated - unlike rivals such as Virgin Giving.

JustGiving said it reinvests these charges into improving its service.

New blood

The data highlighted the growing importance of online donating and campaigning to charities across the country.

While direct mail still remains the most popular way of donating to charity, online services are growing rapidly - particularly among young people.

"If you look at the distribution of donors by their age, direct mail is most popular amongst those aged 70-plus," said Matt Haworth, co-founder of Reason Digital, a group which advises charities on online fundraising.

"We need to replace that with new blood. We're going to see in the next few years that the majority of income is digital. Charities really need to prepare."

He said that fundraisers were having to adapt how they communicated with potential donors to allow for shorter attention spans online.

"Everything's getting shorter." he said.

"You used to send your supporters a long penned letter that might go into great detail. That is now giving way to shorter messages, tweets, and text-giving."

Follow Dave Lee on Twitter @DaveLeeBBC

23.53 | 0 komentar | Read More

Spy camera cash machine gang jailed

21 August 2014 Last updated at 12:46

A gang behind a "sophisticated" bank card fraud has been jailed.

Florin Silaghi, Vasile Pop, Ovidiu Metac and Adriana Turc used spy cameras to scam card data from ATMs, downloaded the details and then copied them on to fake cards, the Old Bailey heard.

They compromised 953 bank accounts and took some £160,000, although they stole details from more than 60,000 accounts.

The Romanian nationals, who operated from Harrow in north-west London, were jailed for between 21 and 64 months.

'Fraudster's utopia'

Prosecutor Catherine Pattison said the four were responsible for "a large-scale, highly sophisticated, well executed ATM and counterfeit fraud".

Their operation was smashed in December when gadgets including cards traps, cloned cards and spy cameras were seized in police raids.

The Dedicated Cheque and Plastic Crime Unit (DCPCU) said the cards recovered had a street value of £16m - based on the amount stolen on average from a compromised card.

During the investigation, evidence of a method not seen before in the UK to steal card details came to light - spy cameras fitted to the side panel of cash machines, rather than the top panel.

This method allows fraudsters a better view of people's Pin numbers.

Det Insp Sarah Ward, from the DCPCU, said: "The premises we raided really were a fraudster's utopia, with a dizzying array of machines and gadgets designed to commit serious fraud."

Sentencing them, Recorder Douglas Day QC said: "Electronic card fraud is one of the scourges of the technological age... it causes significant loss to the banks and distress and inconvenience to the card holders whose cards have been compromised."

Silaghi, 30, was jailed for 64 months, Pop, 30, for 61 months, Metac, 25, received 43 months, while Turc, 27, was jailed for 21 months.

They all admitted to conspiracy to defraud and various other charges relating to the technical side of the operation.

The prosecutor said Silaghi and Pop were the key players, while Metac and his partner Turc had lesser roles.

23.53 | 0 komentar | Read More

Social network cannot stop IS posts

21 August 2014 Last updated at 13:13 By Dave Lee Technology reporter, BBC News

The team behind a social network being used by Islamic State (IS) militants has admitted it cannot prevent the spread of extremist material.

Diaspora is a decentralised network with data stored on many private servers which cannot be controlled by any single administrator.

IS is believed to have switched to Diaspora after Twitter upped its efforts to block accounts.

Diaspora's creators said they were "concerned" about the activities.

In a blog post, they wrote: "Various newspapers have reported that members of the Islamic State (IS) have set up accounts on Diaspora to promote the group's activities.

"In the past, they have used Twitter and other platforms, and are now migrating to free and open source software."

The post explained that Diaspora's network is spread across several independent servers - known as pods - which are not controlled by the Diaspora team.

Continue reading the main story

It's absolutely inevitable that organisations like IS are going to be among the early adopters"

End Quote Jamie Bartlett Social media analyst and author

"There is therefore no way for the project's core team to manipulate or remove contents from a particular node in the network (which we call a "pod")," the blog post explained.

"This may be one of the reasons which attracted IS activists to our network."

Diaspora was launched in 2010, paid for by a crowdfunding campaign set up by four students in New York.

Twitter efforts

Diaspora said it was contacting administrators of the individual pods - known as podmins - to alert them to the problem of extremist content, stressing the legal implications of hosting such material.

"Because this is such a crucial issue, we have also accumulated a list of accounts related to IS fighters, which are spread over a large number of pods, and we are in the process of talking to the podmins of those pods.

"So far, all of the larger pods have removed the IS-related accounts and posts."

A bigger challenge is in contacting owners of smaller pods to ask for material to be taken down, the team said.

Before shifting some of its focus to Diaspora, much of IS's efforts were focused on Twitter. But in the past week, the site has been pro-active in removing the accounts of IS members and supporters.

It has since widened that scope to include any member who shares graphic images of video relating to the killing of US photojournalist James Foley.

However, Diaspora, due to its nature, will be unable to take similar action. It is therefore unsurprising that IS would turn to the network, argued Jamie Bartlett, author of The Dark Net, a book looking at hidden internet services and decentralised social networks.

"Not a great deal can be done," he told the BBC.

"In terms of the base technology, decentralised services are incredibly difficult for police to get a handle on. Every time they're clamped down on - the services get a bit smarter, a bit better at evading detection.

"It's absolutely inevitable that organisations like IS are going to be among the early adopters of this sort of innovation."

Follow Dave Lee on Twitter @DaveLeeBBC

23.53 | 0 komentar | Read More

Aircraft to have 'human-like skin'

21 August 2014 Last updated at 16:40

A system that allows the exterior of aircraft to "feel" damage or injury in a way similar to human skin is in development by BAE Systems.

The British defence contractor said the technology, which works by covering the entire body of a plane with tens of thousands of micro-sensors, is able to detect problems before they occur.

The devices could measure wind speed, temperature, strain and movement.

One analyst said the innovation could prove useful "far beyond the military".

Senior research scientist Lydia Hyde, who came up with the technology, says the idea came to her while watching her tumble dryer, which uses a sensor to prevent overheating.

"Observing how a simple sensor can be used to stop a domestic appliance overheating got me thinking about how this could be applied to my work and how we could replace bulky, expensive sensors with cheap, miniature, multi-functional ones," she said.

"This in turn led to the idea that aircraft, or indeed cars and ships, could be covered by thousands of these motes creating a 'smart skin' that can sense the world around them and monitor their condition by detecting stress, heat or damage."

The sensors, which might be as small as dust particles and have their own power source, could even be sprayed on to an aircraft like paint, BAE said.

Early warning

Jennifer Cole, senior research fellow at the Royal United Services Institute (Rusi) think tank, told the BBC the technology could help stave off natural disasters or everyday annoyances.

"It could help equipment and technology to 'report back' on local environmental conditions and alert users to when repairs are needed ahead of schedule if hairline cracks are detected early, for example on flood defences and dams.

"Or it could enable water pipes to 'switch on' heating elements automatically during a particularly cold winter that would prevent pipes from freezing and bursting."

She added: "If similar technology could be applied to cars, it could revolutionise MOT schedules and potentially reduce road accidents."

23.53 | 0 komentar | Read More

NSA and GCHQ agents 'leak Tor bugs'

22 August 2014 Last updated at 10:58 By Leo Kelion Technology desk editor

Please turn on JavaScript. Media requires JavaScript to play.

Andrew Lewman: "The fact that we take a completely anonymous bug report allows them to report to us safely"

British and American intelligence agents attempting to hack the "dark web" are being deliberately undermined by colleagues, it has been alleged.

Spies from both countries have been working on finding flaws in Tor, a popular way of anonymously accessing "hidden" sites.

But the team behind Tor says other spies are tipping them off, allowing them to quickly fix any vulnerabilities.

The agencies declined to comment.

The allegations were made in an interview given to the BBC by Andrew Lewman, who is responsible for all the Tor Project's operations.

He said leaks had come from both the UK Government Communications Headquarters (GCHQ) and the US National Security Agency (NSA).

By fixing these flaws, the project can protect users' anonymity, he said.

"There are plenty of people in both organisations who can anonymously leak data to us to say - maybe you should look here, maybe you should look at this to fix this," he said. "And they have."

Mr Lewman is part of a team of software engineers responsible for the Tor Browser - software designed to prevent it being possible to trace users' internet activity. The programs involved also offer access to otherwise hard-to-reach websites, some of which are used for illegal purposes.

The dark web, as it is known, has been used by paedophiles to share child abuse imagery, while online drug marketplaces are also hosted on the hidden sites.

Mr Lewman said that his organisation received tips from security agency sources on "probably [a] monthly" basis about bugs and design issues that potentially could compromise the service.

However, he acknowledged that because of the way the Tor Project received such information, he could not prove who had sent it.

"It's a hunch," he said. "Obviously we are not going to ask for any details.

"You have to think about the type of people who would be able to do this and have the expertise and time to read Tor source code from scratch for hours, for weeks, for months, and find and elucidate these super-subtle bugs or other things that they probably don't get to see in most commercial software.

"And the fact that we take a completely anonymous bug report allows them to report to us safely."

He added that he had been told by William Binney, a former NSA official turned whistleblower, that one reason NSA workers might have leaked such information was because many were "upset that they are spying on Americans".

In response, a spokesman from the NSA public affairs office said: "We have nothing for you on this one."

A spokesman for GCHQ said: "It is long-standing policy that we do not comment on intelligence matters. Furthermore, all of GCHQ's work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorised, necessary and proportionate."

The BBC understands, however, that GCHQ does attempt to monitor a range of anonymisation services to identify and track down suspects involved in the online sexual exploitation of children, among other crimes.

The reporter Glenn Greenwald has also published several articles, based on documents released by the whistleblower Edward Snowden, alleging that both agencies have attempted to crack Tor as part of efforts to prevent terrorism.

A security expert who has done consultancy work for GCHQ said he was amazed by Mr Lewman's allegation, but added that it was not "beyond the bounds of possibility.

"It's not surprising that agencies all over the world will be looking for weaknesses in Tor," said Alan Woodward.

"But the fact that people might then be leaking that to the Tor Project so that it can undo it would be really very serious.

"So if that is happening, then those organisations are going to take this very seriously."

Illegal activity

Tor was originally designed by the US Naval Research Laboratory, and continues to receive funding from the US State Department.

It is used by the military, activists, businesses and others to keep communications confidential and aid free speech.

But it has also been used to organise the sale of illegal drugs, host malware, run money laundering services, and traffic images of child abuse and other illegal pornography.

Mr Lewman said that his organisation provided advice to law enforcement agencies, including the FBI and the UK Serious Crime Agency (Soca), to help them understand how Tor worked in order to aid their investigations.

But he criticised cyberspies who carried out orders to undermine Tor's protections.

"We are around 30 people in total, and think of the NSA or GCHQ with their tens of thousands of employees and billions of pounds of budget," he said.

"The odds there are obviously in their favour.

"It's sort of funny because it also came out that GCHQ heavily relies on Tor working to be able to do a lot of their operations.

"So you can imagine one part of GCHQ is trying to break Tor, the other part is trying to make sure it's not broken because they're relying on it to do their work.

"So it's typical within governments, or even within large agencies, that you have two halves of the same coin going after different parts of Tor. Some protect it, some to try to attack it."

He added that the Tor browser had been downloaded 150 million times in the past year, and that it currently supported about 2.5 million users a day.

"Hundreds of millions of people are now relying on Tor," Mr Lewman said, "in some cases in life-and-death situations. And that's what we pay attention to.

"We would be very sad if anyone was arrested, tortured and killed because of some software bug or because of some design decision we made that put them at risk."

Mr Lewman will deliver the keynote speech at the Broadband World Forum event in Amsterdam in October.

You can read a full transcript of the interview here.

Who are the cyberspies?

The Government Communications Headquarters (GCHQ) employs about 5,000 people and has two key roles:

• To identify threats from intercepted communications. It says these include terrorism, the spread of nuclear weapons, regional conflicts around the world and threats to the economic prosperity of the UK.

• To serve as an authority on information assurance - meaning that it advises the government and organisations running the UK's critical infrastructure how to safeguard their systems from interference and disruption.

It dates back to 1919, when it was called the Government Code and Cypher School. It adopted its current name in 1946. The foreign secretary is answerable in Parliament for GCHQ's work.

The National Security Agency (NSA) gathers intelligence for the US government and military leaders.

It is also has the task of preventing foreign adversaries gaining access to classified national security information.

It employs about 35,000 workers, both civilians and military.

23.53 | 0 komentar | Read More

Study creates 'virtual time travel'

22 August 2014 Last updated at 11:28 By Melissa Hogenboom Science reporter, BBC Radio Science

Virtual reality can be used to give the illusion of going "back in time", according to an exploratory study.

In this virtual world, subjects were able to reduce how many people a gunman killed, an event they had unknowingly been part of.

Going into "the past" increased the level of guilt the participants felt.

Writing in the journal Frontiers in Psychology, the team says that virtual time travel could help people overcome traumatic experiences.

Most interesting, the researchers add, was the emotional impact virtual time travel had on the participants.

"The more the participants felt the illusion, the greater the sense of their own morality," explained co-author Mel Slater of the ICREA (Catalan Research Institute) and University College London.

Mutable past

In the virtual world, participants could walk, talk and move similar to how they would in real life, and previous studies have shown that people strongly associate with their virtual selves.

"In virtual reality, the brain's low level perceptual system does not distinguish between the virtual and the real world; the brain takes what it sees and hears in a surrounding environment as given," added Prof Slater.

"Therefore, if they had an experience with the illusion of time travel, there is implicit learning that the past is mutable, that is: 'my own past decisions don't matter because they're changeable'."

In the study, 32 participants witnessed a man open fire and kill five people in an art gallery. They had learnt to control a lift and had allowed the killer to go to the upper-level.

Continue reading the main story

It's the best thing we can do for time travel until the physicists do their job and come up with a time machine"

End Quote Dr Friedman Doron, Sammy Ofer School of Communication, Israel

Half of these went back in time to experience this event once more, but this time were faced with a classic moral dilemma: do nothing and five people will die, or intervene and five lives can be saved at the expense of one.

The other half simply experienced the same event but were not able to change their earlier actions.

This dilemma is commonly used in philosophical studies looking at morality. As expected, most participants chose to intervene.

This team says that virtual time travel could help people overcome post traumatic stress disorders or to revaluate previous bad decisions.

Time machine

The laws of physics, of course, currently dictate that time travel is not possible. But lead author of the work, Friedman Doron, from the Sammy Ofer School of Communications in Israel, said his team had now come closest to it.

"Highly immersive virtual reality is very visceral. People hide behind the desk when they get shot. Some of the subjects duck down. It's the best thing we can do for time travel until the physicists do their job and come up with a time machine. For now this is the closest thing."

Physicist Robert Nemiroff of Michigan Technology University, US, commented that the work was interesting, though strange as "the ability to change the past is not a reasonably likely occurrence".

"If some version of illusory 'time travel therapy' can help people make better decisions in the future, and come to a better understanding of bad decisions, they have made in the past - then I am all for it."

But he added that having patients going around really believing that that they could change the past "might have negative repercussions that have not been explored".

People have long entertained the fantasy of going backwards in time, commented James Broadway from the University of California Santa Barbara, who was not involved in the research but edited the journal collection in which it appeared.

"'If I knew then what I know now...' is a common lament indeed.

"While it remains impossible to un-do something that has already occurred, results of this study suggest that... virtual reality techniques can be usefully harnessed to promote greater acceptance of one's own mistakes in the past, as well as better decision-making in the future."

Follow Melissa on twitter

23.53 | 0 komentar | Read More

Researchers hack into Gmail app

22 August 2014 Last updated at 15:47

US researchers say they have been able to hack into Gmail accounts with a 92% success rate by exploiting a weakness in smartphone memory.

The researchers were able to gain access to a number of apps, including Gmail, by disguising malicious software as another downloaded app.

Gmail was among the easiest to access from the popular apps tested.

The hack was tested on an Android phone, but the researchers believe it could work on other operating systems.

A Google spokeswoman said the technology giant welcomed the research. "Third-party research is one of the ways Android is made stronger and more secure," she said.

The research is being presented later at a cybersecurity conference in San Diego by academics from the universities of Michigan and California.

Other apps hacked included H&R Block, Newegg, WebMD, Chase Bank, Hotels.com and Amazon.

Passwords stolen

The Amazon app was the hardest to access, with a 48% success rate.

The hack involves accessing the shared memory of a user's smartphone using malicious software disguised as an apparently harmless app, such as wallpaper.

This shared memory is used by all apps, and by analysing its use the researchers were able to tell when a user was logging into apps such as Gmail, giving them the opportunity to steal login details and passwords.

"The assumption has always been that these apps can't interfere with each other easily," said Zhiyun Qian, an assistant professor at the University of California and one of the researchers involved in the study.

"We show that assumption is not correct, and one app can in fact significantly impact another and result in harmful consequences for the user."

In another example the researchers were able to take advantage of a feature of the Chase Bank app which allows customers to pay in cheques by taking pictures of them with their device's camera.

The researchers were able to access the camera to steal the pictures as they were being taken, giving them access to personal information including signatures and bank details.

The tests were carried out on Android phones, but the researchers believe the attacks could be successful on other operating systems, including Windows and the iOS system developed by Apple.

23.53 | 0 komentar | Read More