YouTube hack 'threatened' Bieber clips

Kamil Hismatullin joked that he had been tempted to wipe singer Justin Bieber's channel

A Russian coder has revealed how he discovered a way to delete any video on YouTube.

A demonstration of Kamil Hismatullin's technique, posted online, shows that once he had copied part of a video's web address he could use it to wipe the clip within half a minute.

Rather than exploit the hack, he instead reported it to parent company Google, which gave him a reward.

He joked, however, that he was tempted to wipe Justin Bieber's music videos.

"I spent six to seven hours [on] research, considering that [for a] couple of hours I've fought the urge to clean up Bieber's channel, haha," wrote Mr Hismatullin.

"Although it was an early Saturday's (sic) morning in San Francisco when I reported [the] issue, Google's security team replied very fast, since this vulnerability could create utter havoc in a matter of minutes in the bad hands.

"This vulnerability [might have been used] to extort people or simply disrupt YouTube by deleting massive amounts of videos in a very short period of time.

"It was fixed in several hours, Google rewarded me $5,000 and luckily no Bieber videos were harmed."

Mr Hismatullin wrote that he discovered the flaw while investigating YouTube Creator Studio, a service that lets video creators see analytics data about the clips they have uploaded via an app.

Mr Hismatullin showed that his hack could be completed using easily-accessible tools

The facility allows any clip to be deleted if you type in both its event ID - which can be found in its web address - and a long string of letters and numbers known as an authentication token, which is supposed to act as a kind of password.

The problem the coder discovered was that the service was accepting any token for a takedown request, rather than requiring one that belonged to the account of the person who had uploaded the clip.

This meant Mr Hismatullin could simply copy a token from his own account and use it to delete others' videos.

The developer said that he had spent time searching for vulnerabilities in Google's products after previously having been given a $1,337 (£902) grant by the firm.

The search giant gives such payouts as part of a programme to encourage people who have previously reported flaws to hunt out more.

The scheme puts a cap on subsequent payments, limiting the bounty Mr Hismatullin received for his findings.

"To be honest I expected $15,000 to $20,000," he commented.

"I wanted to write a kind of 'complaint' to Google, but first I re-read [its] rules and understood that Google could not pay me more.

"Facebook has not got a boundary for maximum reward, so they can pay as much as they want."

23.52 | 0 komentar | Read More

VIDEO: Big leap in 4K video streaming tech

A new method of data compression could see ultra-high definition video - also known as 4K - being streamed to TVs and other devices using around 50% of the bandwidth currently needed.

V-Nova has gathered 20 large telecoms, broadcast and IT companies including Sky, Intel, and the European Broadcasting Union to back its new Perseus technology.

It could see the average home broadband speed in the UK - around 22 megabits per second (Mbps) - support three 4K streams simultaneously instead of just one.

The technique makes use of the multiple cores within processors found in today's mobile devices and smart TVs to process the picture more efficiently.

Movie streaming firm Netflix currently requests users of its 4K Ultra High Def service to have a steady 25Mbps broadband connection, with analysis of their video stream showing between 12 and 16Mbps is actually required.

V-Nova says it can deliver the same quality picture using just 7-8Mbps.

Media expert Ian Maude, from Enders Analysis, said: "This is cutting-edge technology that will be welcomed by pay TV companies, and TV manufacturers because it will help drive 4k sales.

"But there are still limiting factors to the take-up of 4K including whether networks are capable of meeting demand, having a device able to display an ultra-high definition picture, and the amount of content currently being shot in 4K.

"Ultra HD will still remain niche for some time but this technology will help."

The technology also allows HD video to be streamed to mobile phones by using a similar amount of bandwidth to that currently needed to play music.

It is hoped the new encoding technique will help social network users share video as easily as sending messages, and bring standard definition video to millions of devices in developing countries where cellular data rates make it too expensive to stream any quality of video.

The system will first be deployed in the US and several European countries this summer with UK content distributors and broadcasters introducing it before the end of this year.

23.52 | 0 komentar | Read More

Tech sites lead on April Fools gags

Cern scientists have become adept users of The Force since its discovery

The Force - the mysterious energy field used by the Jedi in Star Wars - has been discovered by researchers at the Cern laboratory.

The European research centre announced its spoof discovery with pictures showing its scientists using The Force in everyday life.

It was one of many April Fools jokes seen on websites around the world.

Others included a selfie shoe, driverless pizza delivery and thought-powered web search.

"The Force is what gives a particle physicist his powers," said Cern scientist Ben Kenobi of the University of Mos Eisley, Tatooine in a press release.

Many scientists at the centre were already using The Force, said the release, to communicate over long distances, influence minds and for "lifting heavy things out of swamps".

Microsoft used the background image for its main Bing search page to tout its April Fools joke in which it claimed the search system could read palms and minds to ensure people got the results they really wanted.

Anyone could try thought-powered search by putting their right hand on a screen where the Bing homepage indicated.

"The innovative new search function intelligently analyses the electrical signals transmitted through the hand to calculate the relevant search term," said the software firm.

Many other firms and sites produced spoof announcements and products for 1 April.

Microsoft's Bing can read nerve impulses to improve search results

Smartphone maker Samsung produced a spoof page for a Blade edge version of its Galaxy smartphone that, it claimed, was designed for cooks. The limited edition handset incorporates a diamond-edged blade so the phone can also be used to chop food when it is not being used for calls, texts, or browsing the web.

HTC joined in with fake product pages for the Re-Sok - the "world's first truly smart sock". The technology-enhanced footwear is engineered with GPS so pairs of socks can easily find each other and have an automatic hole warning system to alert owners when their intelligent footwear is running thin.

For its April Fools parody, Motorola went to the trouble of making a lavish video showing two craftsmen producing selfie-sticks out of wood and leather.

New York-based footwear maker Miz Mooz joined in and produced a pair of shoes that have smartphone docking ports in each toe so each one can be used to take selfies.

Other parodies included cab-calling firm Hailo introducing piggy-back rides around cities; Domino's pizza introducing a driverless pizza delivery system using autonomous scooters; BMW making the ultimate rugby mouth guard and Sony making a wearable add-on for the PlayStation so players can take part in games when they are swimming.

23.52 | 0 komentar | Read More

Google reveals computer-on-a-stick

Asus will begin sales of the Chromebit computer-on-a-stick later this year

Google has announced new Chrome-powered computers, which are set to target budget-conscious consumers and schools.

The range includes a new type of device called the Chromebit, which looks like an oversized memory stick, and turns monitors and TVs into computers when plugged into their HDMI ports.

The tech firm also revealed the cheapest Chromebook laptops to date, costing $149 (£101).

The move is likely to intensify competition with Microsoft.

The announcements came less than a day after Microsoft revealed plans to sell a new entry-level tablet-laptop hybrid of its own.

Its Surface 3 costs more -$499, and £419 in the UK for the basic model - but provides access to a wider range of software made for the Windows platform.

"This is a booming sector of the market at the moment," commented Chris Green, a tech analyst at the Davies Murphy Group consultancy.

"With the falling cost of hardware, schools are looking to families to equip kids with their own computers - the idea of BYOD [bring your own device to class].

"This has prompted manufacturers to create low-cost entry-level laptops that parents then buy for their children as well as themselves."

Google has pledged not to display ads to children that use the education-related software it provides for its Chrome platform, and does not charge manufactures to use its operating system.

Microsoft's Surface 3 costs more but can be used with a touchscreen pen and run Windows software

But one expert said the company still hoped to financially benefit in the long-term.

"The key goal here for both Google and Microsoft is to put their brand and services out there in front of kids to build loyalty at a very early age," said Ronan de Renesse, a consumer technology expert at the Ovum consultancy.

"It's also a good way to to see whether or not to extend these types of devices to emerging markets, where they could be used outside education by people with very low disposable incomes."

For now, Google says the new Chromebooks and Chromebits will be limited to the US.

"We hope to make these widely available in the future, however we have nothing more to announce at this time," said a spokeswoman.

Stick computers

Chrome OS runs web-based software via the firm's Chrome browser and recently gained the ability to run a limited number of Android apps . The platform is designed to store most of its users' files in the cloud.

More than five million Chromebooks and Chromebase desktops were sold across the world last year, according to market research firm Gartner.

It forecasts that figure will grow to close to eight million units this year, and 16 million in 2018.

The Chromebits will be made by the Taiwanese manufacturer Asus.

Google said they would cost "less than $100" and go on sale before the end of the year.

Intel announced its rival Compute Stick in January

The search firm has already had success with the Chromecast, a media streaming dongle with a similar form factor.

In recent months both Intel and Hannspree have launched Windows-powered "PC-on-a-sticks", albeit at a slightly higher cost.

Such devices require their owners to provide displays, keyboards and other peripherals, but the idea is that many people will already own them.

"People seem to love the idea of having a working computer on something no bigger than a dongle that lets them do web browsing, media streaming and other tasks on a big screen, but can be out of sight, out of mind when needed," said Mr Green.

Great expectations

The two new laptops have already gone on sale.

The Asus Chromebook Flip will also go on sale shortly

The Haier Chromebook 11 is exclusive to Amazon while the Hisense Chromebook is being sold via Walmart.com.

Both feature an 11.6in (29.5cm) screen and between 8.5 to 10 hours of battery life, but keep their costs low by restricting themselves to 16 gigabytes of storage and 2GB of RAM.

Google also announced a slightly higher priced model, the Asus Chromebook Flip, whose touchscreen can be turned around. It will cost $249 when it goes on sale.

"The [ultra low-cost] sector is still a relatively small part of the entire PC market, but is growing fast, so is important," commented Mr de Renesse.

"What's key is to offer some of the lowest prices. But that has to be balanced against the fact that the US is a market with very high consumer expectation, even within schools."

23.52 | 0 komentar | Read More

China cracks down on explicit anime

Officials complained about Blood-C featuring a scene in which blood appeared to "spurt" into the lens

Some of China's biggest video streaming sites have been warned that they face punishment after failing to remove explicit Japanese cartoon video clips.

China's Ministry of Culture said the firms had hosted anime that glorified violence and terrorism, and contained "vulgar" erotic elements.

Net firms Baidu, Tencent and Youku were among those named as offenders.

The announcement coincides with the introduction of wider restrictions on the use of foreign online clips.

China's Ministry of Culture announced plans to punish the firms, at a news conference

Streaming sites now require publication licences to be able to add other countries' TV series and movies, which will be judged by the State Administration of Press, Publication, Radio, Film and Television (SAPPRFT) on an individual basis. Unregistered clips must also be removed.

The official news agency Xinhua has noted that local TV stations rarely screen imported series because they are supposed to favour domestic productions.

Three specific examples of indecent anime cartoons are mentioned in a statement posted to the Ministry of Culture's website:

High School of the Dead was accused of being too sexually suggestive

• Blood-C, a series about a sword-wielding teenage girl who fights monsters in her town. It is accused of containing a "particularly bloody" beheading scene that would cause "extreme discomfort"
• Terror in Resonance, a series involving two teenagers who carry out a terrorist attack with a nuclear weapon. Officials said this glorified violence and criminal activities
• High School of the Dead, a show about a group of students struggling to survive in a world overtaken by zombies. The programme, which was given a certificate 15 when released in the UK, is accused of being borderline-pornographic

The ministry noted that 12 offending clips on Todou alone had attracted more than one million hits.

The firms involved have been told they will learn what penalties they face at a later stage.

Officials also announced plans to issue a "blacklist" of banned content to help the firms meet their obligations.

The move was attacked by an editorial published on Shenzhen-based news site Qianzhan.com, which questioned why adult-themed content could not be restricted to the over-18s, as is the case in Hong Kong and Taiwan.

Beijing is engaged in wider efforts to restrict what foreign online content its citizens can access, via the use of a system known as the Great Firewall of China.

But one expert suggested the fact anime had been singled out for criticism, might feed into specific concerns about the spread of that genre.

"The sexualisation of child-like women may be a legitimate concern to the Chinese government," said Professor Leslie Young from the Cheung Kong Graduate School of Business.

Another academic, however, said it signalled that the government was becoming more restrictive.

"Most websites and publications have a pretty good idea of what they can get away with," said Prof Karl Gerth, who holds a chair in Chinese studies at the University California, San Diego.

"And, for the past few years, they have internalised the more restrictive preferences of the new Xi Jinping regime.

"For this to break out in the open suggests the leeway to publish online or in print 'controversial' material of all sorts continues to narrow."

23.52 | 0 komentar | Read More

Social media teacher abuse 'rising'

Teachers have long complained of cyber-bullying

More teachers are facing abuse on social media, warns a teachers' union.

Sexist, racist and homophobic remarks were being used by pupils against school staff, as well as offensive comments about appearance, the NASUWT said.

There were also examples of parents being abusive on social media, it added.

About 60% of 1,500 teachers questioned in a poll said they had faced abuse, compared with 21% last year.

In one case, a photograph of a teacher was posted online with an insulting word underneath.

In another, pupils used the name of a heavily pregnant school worker to post insults, the teachers' union said.

Insulting comments

Of those who had been subjected to insults, nearly half (48%) said these remarks were posted by pupils, 40% said they were put up by parents, and 12% said both parents and pupils were responsible.

Almost two-thirds (62%) said pupils had posted insulting comments, while just over a third (34%) said students had taken photos or videos without consent.

A third (33%) received remarks about their performance as a teacher, 9% had faced allegations from pupils about inappropriate behaviour and 8% had been subjected to threatening behaviour.

More than half (57%) of pupils responsible were aged between 14 and 16, and 38% were 11 to 14, the teachers' poll found, with a fifth aged 16 to 19 and 5% were seven to 11.

Among the examples published by NASUWT was the case of a student uploading a teacher's photo and then, along with classmates, writing insults underneath.

Cancer jibe

One teacher had been harassed for nine months by students who sent sexually explicit messages and set up a fake social media account in the teacher's name.

The union said it had been told of a teacher receiving the comment "I hope she gets cancer", while the heavily pregnant worker had faced abusive remarks.

Another school worker faced comments from a pupil's family member about how they looked and that they were ugly.

Chris Keates, the union's general secretary, said: "It is deeply worrying to see that the abuse of teachers has risen by such a huge margin this year.

"Equally concerning is that it appears that more parents are the perpetrators of the abuse.

"The vile, insulting and personal comments are taking their toll on teachers' health and well-being, and undermining their confidence to do their job."

23.52 | 0 komentar | Read More

Airbnb adds Cuba to destination list

Home holiday rental site Airbnb has added Cuba to its list of destinations.

More than 1,000 properties in the Caribbean nation are already listed, but can only be booked by users in the US.

The San Francisco-based site is restricted from showing the listings elsewhere because of a US trade embargo against the island.

Nevertheless, Airbnb said Cuba could eventually become one of its biggest markets in Latin America.

"We are actually plugging into an existing culture of micro-enterprise in Cuba," said the firm's regional director Kay Kuehne.

"The hosts in Cuba have been [renting out rooms to travellers] for decades."

One expert, however, said the site faced major challenges.

More than 600 properties are already listed in Havana alone

The US relaxed travel restrictions for its own citizens to Cuba in January

"While Airbnb is a valuable alternative for millions of travellers, in the context of Cuba, because of the high margins it takes from every transaction, it won't necessarily meet with great success," said travel writer Simon Calder.

"All the Cuban bed-and-breakfast providers I know would like to keep all the money rather than handing 15% or more to an American corporation," he added, referring to the total amount the firm deducts from both the host and the guest.

"The other thing is that anybody who has used the internet in Cuba will know that a prospective host is unlikely to be able to respond immediately given the shockingly slow internet there, which reminds me of what you used to find across the developing world in the early 1990s."

The initial listings range from £10 a night for a private room in Trinidad to £695 a night for the whole of a five-bedroom "chalet" in Havana.

Airbnb members based outside the US are told they cannot complete a booking

Airbnb visitors outside the US can view the listings, but can only add them to their wish lists, rather than book them. An on-screen alert states that the site is not licensed to provide booking services to others.

The US recently began allowing Americans to travel to the island if they obtained a special licence, which can be granted for activities including family visits, educational activities and public performances.

The White House said it would like tourism to be added to the list, and President Obama has urged Congress to begin work to drop the wider sanctions.

"We are ending a policy that was long past its expiration date," he said in his State of the Union address in January.

The move made it possible for online film-streaming site Netflix to be launched in Cuba the following month, which freedom of speech campaign group Freedom House said was more "symbolic" than anything else in the short-term because of the country's "exceptionally slow connectivity".

A search for Havana hotels on Kayak offers rooms in Romania and Bulgaria, but not Cuba

Visitors across the globe can still find listings for Cuba-based rooms via other US services, including TripAdvisor, which allows users to contact hosts directly but does not take a cut of the bookings itself.

Simon Calder however, criticised the "absurdity" of the fact that several other US-based travel sites, including Kayak and Booking.com, continued to ignore the island's existence.

"Anybody trying to find a flight to Havana on a US airline website will be assured that the city does not exist," he said.

23.52 | 0 komentar | Read More

Android apps to run on Windows, Macs

Google has made it possible for Android apps to run on machines that can run its Chrome browser and OS

Google has released a tool that lets Android apps run on any machine that can run its Chrome browser.

Called Arc Welder, the tool acts as a wrapper around Android apps so they can run on Windows, OSX and Linux machines.

The software expands the places that Android apps can run and might make it easier for developers to get code working on different machines.

But one developer said it was better to write apps that run "natively" rather than via separate software.

Arc - the App Runtime for Chrome - was first released in late 2014 as a way for Android apps to run on machines running Google's Chrome operating system. The OS is used on many netbooks and other small machines made by Google and some of its hardware partners.

Now Google has produced a new tool, called Arc Welder, which converts Android apps into versions that can be used with the Chrome browser, not just the OS. With Welder it has also added support for many Google Play services so when apps are converted they do not lose access to payment systems, maps and other functions they expect.

In its developer documentation, Google said the underlying technology for Arc Welder meant converted apps should run almost as quickly as they did on a phone or tablet.

With Arc Welder Google, it is seeking a way to help developers get their creations onto as many machines as possible, but one developer was not sure it would accomplish that aim.

The software tool could see Android apps popping up on desktop machines

"The best way to make apps by far is to make them natively using the tools that they give us," said Sam Furr, director and co-founder of development studio The App Developers.

He said that moving away from those well-known development systems can mean losing some behaviours, such as touch combinations, that people expect. He also wondered if a converted app running via a browser sitting in a separate operating system would be as fast as one developed natively.

Running a phone app on a desktop would inevitably mean losing some functions, he said, because bigger computers lack some of the extras, such as accelerometers and GPS receivers, that are now standard on smartphones.

Mr Furr said the ability to reach lots of different operating systems with just one app was potentially attractive.

"When building an app you want to get it to as many people as possible but you have to ask how long it will take to get it on other platforms," he said.

"There's no shortage of cross-platform frameworks and some of them are very good," he said, "but in our experience you do not get the same end product as you would when you build it natively."

23.52 | 0 komentar | Read More

Google drops Chinese net regulator

Google Chrome users will see a warning when visiting certain Chinese sites

A Chinese internet regulator has hit out at Google for no longer accepting its security certificates.

When browsing the internet, certificates are designed to ensure the communication between a computer and web server is secure.

Google said it would no longer accept certificates issued by the China Internet Network Information Center (CNNIC) following a security lapse.

The CNNIC said Google's decision was "unacceptable and unintelligible".

The CNNIC is responsible for providing certificates for websites with .cn domain names, as well as Chinese-language domains - including banks and government sites.

It means users of Google's Chrome browser will see a warning notice when trying to access sites with CNNIC certificates.

It will state that the website the user is attempting to access may be unsecure.

Vulnerable

Google discovered last month that unauthorised security certificates were issued to several of its own domains.

After an investigation, conducted with the help of the CNNIC, it became clear that there was a problem with MCS Holdings, a Cairo-based firm contracted by the CNNIC to provide certificates.

Security certificates are supposed to ensure that communication between users and websites is safe

Google said domains with security certificates issued by MCS Holdings were vulnerable to man-in-the-middle attacks - a method of hacking that involves intercepting communications between, for example, a person's computer and a web server.

MCS Holdings has said the problem was an accident and was due to human error.

While Google welcomed the CNNIC's help with the investigation, it said the regulator had "delegated their substantial authority to an organisation that was not fit to hold it".

As a result, Google has decided to no longer trust domains with certificates issued by, or on behalf of, the CNNIC.

Grace period

Users will be presented with a warning screen before being asked if they want to proceed to the "unsecure" site.

However, there will be some exceptions.

Google has offered a grace period to some major CNNIC-approved sites - such as banks - so they can obtain certificates from a different issuing authority.

The search giant said the CNNIC was welcome to reapply for trusted status "once suitable technical and procedural controls are in place".

But in a statement posted on Thursday, the regulator expressed anger, saying: "The decision that Google has made is unacceptable and unintelligible.

"CNNIC sincerely urge that Google would take users' rights and interests into full consideration."

23.52 | 0 komentar | Read More

OnLive gaming service to switch off

OnLive had allowed TV and PC owners to play console video games for a subscription fee

Video game streaming pioneer OnLive is to shut down after selling several of its patents to Sony.

The California-based firm had allowed PC and tablet owners to play console titles, which were run on its computer servers but controlled and viewed in the gamer's home.

Sony is expected to use the 140 patents it has acquired to support its own PlayStation Now streaming service.

OnLive was once valued at $1.8bn (£1.2bn).

The terms of the deal have not been disclosed.

It brings to an end a troubled five years of service.

In 2012, many of OnLive's staff lost their jobs when the company was sold to a venture capital firm after running up about $40m in debt.

Several of the biggest publishers had refused to support it, although the business had proven that gaming was possible without too much delay between a user pressing a gamepad button and their character responding.

Interest was also limited by the fact users needed a relatively fast broadband connection.

In addition, many PC owners seemed to prefer buying games from Steam and other online marketplaces, rather than paying a monthly subscription fee for a Netflix-like "all-you-can-eat" experience.

In March 2014, the company announced a new direction with the launch of CloudLift, a facility that let gamers stream and play select titles they had bought from Steam on mobile devices, TVs and other computers.

The launch of CloudLift failed to make OnLine a viable standalone business

But things did not bode well when it cut the price from $14.99 to $7.95 just a month later.

"It is with great sadness that we must bring the OnLive Game Service to a close," a message posted to the company's site now says.

"Sony is acquiring important parts of OnLive, and their plans don't include a continuation of the game service in its current form.

"As the first-ever game streaming service of its kind, everyone who has ever played a game using OnLive has contributed to the technology and its evolution in some way.

"We're immensely proud of what's been achieved and extend our heartfelt gratitude to you for being a part of the OnLive Game Service."

The firm added that it would not be offering any refunds for related hardware purchases, unless they were made before February.

Although OnLive will cease to exist, streamed video game services look set to thrive.

Sony began offering its PlayStation Now service to the UK last month

Sony offers PlayStation Now, which provides ongoing access to more than 100 PS3 games for a monthly fee as well as the ability to rent specific titles for limited amounts of time.

Until recently the service only worked with Sony's own video game consoles and TVs in the US and Canada. However, it has recently been extended to a select group of UK players as well.

The Japanese firm also plans to add Samsung's smart TVs to its list of supported devices later this year.

In addition, chipmaker Nvidia streams a library of PC games to its Android-powered Shield handhelds across the globe via a service called Grid. It has said it plans to extend this to a new living-room console in May.

23.52 | 0 komentar | Read More