'Sony-inspired' hack ends game work

13 January 2015 Last updated at 12:54

A hack attack "inspired" by the recent attack on Sony has led a developer to cancel creation of a game featuring Kim Jong-un.

Called Glorious Leader! the side-scrolling shooter involved the North Korean leader taking on the US army.

Now Money Horse Games has shut down development after hackers destroyed game data files.

Money Horse apologised to backers and said it was sorry it could not complete the game.

Glorious Leader first appeared on the Kickstarter website in December seeking $55,000 (£36,500) to make the retro-styled title. The game involved controlling the country's leader through a series of challenges that saw him taking on US soldiers, drones, helicopters and ships.

Development has now been halted and the game cancelled thanks to the hack attack that, said Money Horse," was inspired by the larger attack on Sony". It said it was sure that the attack was the work of "amateurs" and not politically motivated like the the Guardians of Peace group that said it carried out the Sony hack.

"The hackers destroyed data pertaining to Glorious Leader! and other projects we had in development and locked us out of our own computers and website," wrote the developers in an update. It added that no user data went astray in the attack.

The firm added that other hackers had targeted it before now because of the game's subject matter.

"Between the hacking and other threats, we think it is time to re-evaluate our commitment to Glorious Leader!," the company said.

The hack, the lost data and a lull in funding combined to bring about the demise of the project, it said.

23.43 | 0 komentar | Read More

Microsoft hits out at Google team

12 January 2015 Last updated at 12:59

Google has been criticised by Microsoft after the search giant publicised a security flaw in Windows - which some said put users at risk.

Microsoft reacted angrily when Google posted details of the bug online before a patch to fix the issue was released.

The disclosure was part of Google's Project Zero initiative that seeks to pressure firms into dealing with security problems more quickly.

Several security researchers disagreed with Google's actions.

"I feel sorry for the users, who could be impacted by Google's schoolyard antics," tweeted expert Graham Cluley, who noted the company had been criticised for similar behaviour in the past.

Discussion on Google's bug reporting site was divided on the matter.

"Google was wrong with what they did," wrote one developer.

"They don't have all of the OS code so they have no idea how much other code would have to be rewritten to correct the problem.

"That extra coding takes time to ensure that something else doesn't get broken in the process."

But another said: "Google is not evil. Microsoft just slept and did not fix the vulnerability in time. Good job Google."

Google has not yet responded to the BBC's request for comment.

Anger

Google's Project Zero seeks to find bugs in popular software and then give the manufacturers responsible 90 days to fix the problem.

This bug, which affects Windows 8.1, was revealed by Google to Microsoft on 13 October 2014.

On 11 January, Google publicised the flaw. Microsoft said it had requested that Google wait until it released a patch on 13 January.

"We asked Google to work with us to protect customers by withholding details until Tuesday, January 13, when we will be releasing a fix," Microsoft's senior director of research Chris Betz said in a blog post.

"Although following through keeps to Google's announced timeline for disclosure, the decision feels less like principles and more like a 'gotcha', with customers the ones who may suffer as a result.

"What's right for Google is not always right for customers. We urge Google to make protection of customers our collective primary goal."

23.43 | 0 komentar | Read More

New terror data laws needed, says PM

12 January 2015 Last updated at 16:32

Please turn on JavaScript. Media requires JavaScript to play.

David Cameron: "We must not allow terrorists safe space to communicate with each other"

David Cameron has promised a "comprehensive piece of legislation" to close the "safe spaces" used by suspected terrorists to communicate online with each other.

If he wins the election, Mr Cameron said he would increase the authorities' power to access both the details of communications and their content.

Mr Cameron said the recent attacks in Paris showed the need for such a move.

He was "comfortable" it was appropriate in a "modern liberal democracy".

Speaking at an event in the East Midlands, Mr Cameron said he recognised such powers were "very intrusive" but he believed that they were justified to counter the growing threat to the UK, as long as proper legal safeguards were in place.

The coalition introduced emergency legislation last year to maintain internet and phone companies' obligation to store their customers' personal communications data and to give access to the police.

'In extremis'

But an attempt to extend these powers to include internet browsing history and social media sites were dropped following opposition from the Liberal Democrats.

Mr Cameron said the government had acted to safeguard powers for so-called communications data, which refers to the details of when and how people have contacted each other but not the content of messages.

He said legislation would be needed to allow for "more modern forms of communication".

He went on to say he would also legislate in the "more contentious" area of the content of these online communications.

There should be no "means of communication" which "we cannot read", he said.

Data laws

• Draft Communications Data Bill 2012 - Would have extended the range of data communications companies have to store for 12 months. It would have included, for the first time, details of messages sent on social media, webmail, voice calls over the internet and gaming, in addition to emails and phone calls. Officials would not have been able to see the content of the messages without a warrant. The bill, dubbed the "snooper's charter" by critics, was blocked by the Lib Dems.
• Data Retention and Investigatory Powers Act 2014-15 - Introduced as emergency legislation to maintain the requirement for phone and internet companies to log records (but not content) of calls, texts and internet use.
• Counter-Terrorism and Security Bill 2014-15 - Part of the bill going through Parliament would add to the Data Retention and Investigatory Powers Act to allow internet protocol (IP) address matching. This would identify the individual or the device that was using a particular IP address at any given time.

Previous governments had backed away from going down such a route, Mr Cameron said, but he believed this would have to change so that, "in extremis", such material could be obtained with a signed warrant from the home secretary.

He said this would mirror existing powers enabling the police to get hold of conventional forms of communications, such as letters and other correspondence, in criminal investigations if legally sanctioned.

Existing legislation will have to be renewed after May's general election because a "sunset clause" (which gives the law a limited time life span) was added to the Data Retention and Investigatory Powers Act last year, meaning the measures will expire in 2016.

'Blanket powers'

Mr Cameron added: "If I am prime minister, I will make sure it is a comprehensive piece of legislation that makes sure we do not allow terrorist safe spaces to communicate with each other.

"That is the key principle. Do we allow terrorists the safe spaces to talk to each other? I say 'no we don't".

He added: "I am confident the powers we need, whether it is on communications data or the content of communications, I am very comfortable they are absolutely right for a modern liberal democracy."

Labour leader Ed Miliband said it was important for security services to "keep up to date with technology" but said it had to be "done in the right way", with "basic liberties" protected.

"That's why we said there needs to be an independent look at these issues, to make recommendations about what needs to be changed for the future," he added.

Explaining his party's opposition to the draft Communications Data Bill in 2013, Lib Dem leader Nick Clegg said a "law which means there will be a record kept of every website you visit, who you communicate with on social media sites" would not happen when his party was in government.

Speaking on BBC Radio 4's The World at One, David Anderson QC, the government's independent reviewer of terror legislation, said the "real issue" was that people were communicating not over the telephone, but over the internet, using service providers based in the United States.

Liberal Democrat Civil Liberties Minister Simon Hughes said he would not support "blanket powers" that would take away the liberties of "innocent civilians".

23.43 | 0 komentar | Read More

Computers 'good judge of character'

13 January 2015 Last updated at 01:57

Computers can be better at predicting our personality than our friends and family, an experiment with tens of thousands of volunteers has indicated.

By analysing "likes" on Facebook, a computer model deduced a person's character on five key traits better than brothers, mothers and even some partners.

The Cambridge team acknowledge that personality is more complex than this.

But they say the results show computers can outpace humans.

And the findings, in the journal PNAS, suggest some interesting associations - Facebook fans of Dr Who tend to be shy, while fans of Big Brother are conservative or conventional.

Digital footprint

The University of Cambridge and Stanford University researchers had already said that Facebook "likes" could be used to predict a raft of personal information including sexual orientation and political leaning.

In this study, they wanted to go a step further and pit man against machine to see which would perform better at making judgements about human character and personality.

Dr Youyou Wu and her colleagues ran the data of 70,520 willing Facebook users through their computer system, which linked "likes" to five core personality traits:

• agreeableness
• conscientiousness
• extraversion
• neuroticism
• openness

Continue reading the main story

Friends and colleagues might only see us in a limited number of situations so they have less information to go on"

End Quote Dr Youyou Wu

The Facebook users completed a personality questionnaire and were asked to get their colleagues, friends and family to act as character witnesses by filling out a survey.

The researchers then compared all the results to see how the computer model fared in summing up a person's self-reported character.

Given enough "likes", the computers came closer to a person's self-reported personality than even their closest allies.

By looking at just 10 Facebook "likes", the computer was able to outperform a work colleague.

Analysing 70 "likes" let the machine rival a friend or flatmate.

Using 150 "likes", it trumped a family member, but not a partner - it took 300 likes to match or outdo their deductive power.

Given that the average Facebook user had about 227 "likes" on their profile, this was ample for a computer to go on, said Dr Wu - a visiting intern at Facebook and a PhD student at the University of Cambridge.

"It may seem surprising because people are generally good at judging personality.

"It's intuitive to think that people close to us know us very well, so it's even more impressive that computers are able to beat us at our game."

She said that people now spent a lot of time online, which gave computers the edge.

"Friends and colleagues might only see us in a limited number of situations, so they have less information to go on.

"Computers can access a lot of relevant information about us and have a huge memory capacity.

"And they can make judgements in a consistent, systematic way, whereas humans may be biased."

Alan Redman, a chartered psychologist with a specialist interest in personality and psychometrics, said advertising companies already used our digital footprints to build a picture of who we were.

And potential employers might want to check social media sites before seeing a candidate.

"We do need to be careful," he added.

"We have little control over the data that is being collected about us."

23.43 | 0 komentar | Read More

Facebook restricts violent videos

13 January 2015 Last updated at 14:00 By Leo Kelion Technology desk editor

Facebook has begun placing warnings over videos posted to its site, stating their contents might "shock, offend and upset" if viewed.

The alerts prevent the videos from automatically playing in feeds unless they are clicked, unlike other clips.

The site is also preventing graphic videos and photos from being shown to any user who has identified themself as being under 18 years old.

It follows pressure for the move from its own safety advisers.

But one psychologist said the measure still did not do enough to protect young, vulnerable members of the social network.

Among the first posts to be affected are uploaded files containing video footage of policeman Ahmed Merabet being shot dead in Paris by a terrorist involved in last week's Charlie Hebdo attacks.

Murder videos

Facebook has faced repeated criticism over recent years for allowing violent and graphic images that it deems to be of public interest or concern to remain on its pages.

The US firm's guidelines ban material "shared for sadistic pleasure or to celebrate or glorify violence".

However, it allows news reports and other documentary images depicting beheadings and other types of murder to remain online despite the potential for distress.

The firm permits children as young as 13 years old to be members. But some even younger children circumvent this age limit by providing false details when joining up.

Last August, controversy over images showing people's heads placed on spikes in Syria prompted the Family Online Safety Institute (Fosi) - a member of Facebook's safety advisory board - to demand the social network change its practices.

Stephen Balkam, the charity's chief executive, told the BBC he wanted cover pages to be placed over graphic material to prevent people from seeing distressing images without warning, and an age-gate system implemented to make it harder for under-18s to find the material.

Work in progress

Facebook has now confirmed it began rolling out such a scheme in December. It applies to graphic material reported to the firm by its users that is judged to have been posted in an irresponsible manner.

"When people share things on Facebook, we expect that they will share it responsibly, including choosing who will see that content," a spokeswoman told the BBC.

"We also ask that people warn their audience about what they are about to see if it includes graphic violence.

"In instances when people report graphic content to us that should include warnings or is not appropriate for people under the age of 18, we may add a warning for adults and prevent young people from viewing the content."

The spokeswoman added that the firm's engineers were still looking to further improve the scheme.

She said this might include adding warnings to relevant YouTube videos, which is not currently possible, as well as placing alerts over distressing photographs that were still available to adults.

Mr Balkam said he was "delighted" by Facebook's move.

"I also think that it has walked a very fine line between protection of users and protection of free expression, and I think it has got it just about right," he added.

Facebook had briefly experimented with adding a more basic form of warning sign to clips of decapitations in October 2013 after Prime Minister David Cameron said: "It's irresponsible of Facebook to post beheading videos, especially without a warning."

Clips showing decapitations taking place were later banned altogether.

'Good step'

News of the social network's latest move was welcomed by Childnet International, a London-based charity that is another member of Facebook's safety advisory panel.

"It's a good step to try and help protect people from this content, and we are glad that there is 18 age-gating," said the organisation's chief executive Will Gardner.

"There always has to be the recognition that people don't always sign up with their accurate age, and we have to be aware of that. But it's important that there are steps taken to protect people from seeing harmful and disturbing content that they don't want to see."

However, Dr Arthur Cassidy - a psychologist who runs a branch of the Yellow Ribbon Program suicide-prevention charity - said Facebook should implement an outright ban on clips and pictures of extreme violence.

He noted that large numbers of children used the service and said it was likely that many would try to work around the new restrictions.

"At the end of the day warning messages will not prevent young people from seeing upsetting and psychologically damaging material," he said.

"We know if we say, 'Do not do it,' that they will still do it - they will want to look and view material, irrespective of how grotesque it is.

"And it has the potential to influence maladaptive behaviour in those who might have the potential to become aggressors themselves."

23.43 | 0 komentar | Read More

Hackers 'disable extremist website'

Hacking group Anonymous has claimed responsibility for disabling an extremist website based in France.

A post on Twitter said "Tango Down" and included a link to a site which has been linked to extremists.

Anonymous "declared war" on jihadist websites on Friday after the Paris attacks.

The group posted a video saying it would target extreme social media accounts as part of efforts to protect freedom of speech.

The warning came in the same video as a tribute to the victims of the attack on French satire magazine Charlie Hebdo.

On Sunday, more than a million people marched through the streets of Paris in solidarity, as well as in London and other cities around the world.

A Belgian part of the hacking group said in the message: "We are declaring war against you, the terrorists."

Since it was posted on 8 January, more than 6.5 million people have watched the clip, which shows a figure wearing the group's signature Guy Fawkes mask.

In an earlier message posted on forum site Pastebin, the group addressed the "enemies of freedom of expression", and warned extremists: "Expect a massive frontal reaction from us because the struggle for the defence of those freedoms is the foundation of our movement."

The message signed off by saying: "We will not forget. We will not forgive. Dread us."

The nature and type of attack on the website is not yet known, but in the past Anonymous has used Distributed Denial of Service (DDoS) as a way of bringing down websites by flooding them with traffic until they go offline.

The website targeted by Anonymous now redirects to an internet search engine, DuckDuckGo.

DDoS attacks were identified as the source of the problems with the PlayStation Network, which went down over Christmas leaving gamers unable to get online.

The 'hacktivists'

Anonymous is a group made up of activists and hackers claiming to defend and protect democracy.

They've previously made threats against the BBC, while hackers linked to the group also threatened to release sex tape images which they claimed were of Iggy Azalea.

The group has carried out denial of service attacks on websites belonging to governments, as well as religious and corporate organisations.

Charlie Hebdo

Twelve people, including eight journalists and the magazine's editor, were murdered in last Wednesday's gun rampage.

On Friday, the two brothers suspected of being behind the shootings were killed in an assault at a warehouse where they had held a hostage north of Paris.

The hostage was freed unhurt.

People, believed to have been hostages, were seen fleeing the supermarket with police

At the same time, anti-terror forces stormed a Jewish supermarket in eastern Paris where several hostages were held by another gunman.

Four hostages at the supermarket and one captor were killed.

It's thought the three hostage-takers were connected and that the supermarket captor was also behind the shooting of a police woman on Thursday.

Police are still looking for a 26-year-old woman, Hayat Boumeddiene, over that attack.

Follow @BBCNewsbeat on Twitter, BBCNewsbeat on Instagram and Radio1Newsbeat on YouTube

23.43 | 0 komentar | Read More

Obama calls for stronger data privacy

12 January 2015 Last updated at 20:38

Please turn on JavaScript. Media requires JavaScript to play.

President Obama said the internet creates "enormous vulnerabilities"

US President Barack Obama has unveiled new proposals on how consumers' personal data is handled.

Mr Obama called for legislation that will require firms to inform customers of data breaches within 30 days as well as protect students' information.

He said identify theft and other cyber attacks were a "direct threat to the economic security" of Americans.

But shortly after his speech, the Twitter account for the US military's Central Command was hacked.

The attack appears to not have exposed any non-public information but is described as embarrassing for the Pentagon.

Mr Obama's proposals come after a year in which many large US retailers, including Target, Home Depot, Staples and Sears, were hit by cyber-thieves keen to scoop up payment-card data.

In a speech previewing his annual State of the Union speech, Mr Obama urged Congress to pass a nationwide law to require firm to inform customers within 30 days if their data has been hacked and make it a crime to sell customers' identities overseas.

Currently, different states have different disclosure regimes, many of which are more than 10 years old.

"As we've all been reminded over the past year, including the hack of Sony, this extraordinary interconnection creates enormous opportunities, but also creates enormous vulnerabilities for us as a nation and for our economy, and for individual families," Mr Obama said.

"This is a direct threat to the economic security of American families and we need to stop it... If we are going to be connected, we need to be protected."

He also asked Congress to pass in legislation form a "Consumer Privacy Bill of Rights" created by the White House in 2012, designed to further allow consumers to determine how their information is used by firms online.

Mr Obama also proposed more access to consumer credit reporting and a law that would prohibit educational software firms from selling student data to third parties.

23.43 | 0 komentar | Read More

US military's Twitter account hacked

12 January 2015 Last updated at 23:10

The Twitter and YouTube accounts of the US military command were suspended for a few hours after being hacked by a group claiming to back Islamic State.

One message on Centcom's Twitter feed said: "American soldiers, we are coming, watch your back."

It was signed by Isis, another name for the Islamic State. Some internal military documents also appeared on the Centcom Twitter feed.

Centcom said it was "cyber-vandalism" and not a serious data breach.

In a statement, it said there was no operational impact and no classified information was posted.

"We are viewing this purely as a case of cyber-vandalism," it said. Later on Monday, its Twitter feed became visible again, although not active.

Embarrassingly, the hack happened as President Barack Obama was giving a speech on cyber-security.

Reflecting on major breaches like a recent hack of Sony Pictures, Mr Obama said in his speech the US had been reminded of "enormous vulnerabilities for us as a nation and for our economy".

Please turn on JavaScript. Media requires JavaScript to play.

President Obama said the internet creates "enormous vulnerabilities"

His spokesman Josh Earnest said the US is looking into the Centcom hacking.

He said they were investigating the extent of the incident, and that there was a significant difference between a large data breach and the hacking of a Twitter account.

Analysis - Jonathan Marcus, BBC defence correspondent

This is an irritating hack rather than a matter of major security concern, but it will inevitably lead to a review to see if there are any more fundamental vulnerabilities in the US military's public facing web and Twitter accounts.

The material posted on the site represents an amateurish and unconvincing attempt to publicise "secrets". Most of the information is hardly secret at all - the postal address at the Pentagon of the Chairman of the US Joint Chiefs of Staff, General Martin Dempsey.

A variety of maps and diagrams were also posted by the hackers. Two appeared to be slides from a presentation at the Lincoln Laboratory - a government funded think-tank at the Massachusetts Institute of Technology.

They showed maritime defences on the Chinese coast, but not in any great detail. There were also simple maps of North Korea showing population centres, nuclear installations and missile sites.

You can find maps showing the same things on the websites of many US think-tanks.

Please turn on JavaScript. Media requires JavaScript to play.

The White House says it is monitoring the extent of the hack

An unnamed Pentagon official told Reuters the hacking was an embarrassment but did not appear to be a security threat.

And Professor Alan Woodward, from the University of Surrey, said he did not consider the attack to be a major breach of security.

"I wouldn't say it's trivial, but it's just a slip," he told the BBC.

"Twitter accounts are usually looked after by an individual in an organisation - it's very easy to give away that password.

"In terms of if this is a hack into something secret, or sensitive - no, it's not. An individual has made a slight mistake."

Subsequent posts on the Centcom Twitter account said: "Pentagon Networks Hacked! China Scenarios" and "Pentagon Networks Hacked. Korean Scenarios."

Some of the documents posted appeared to list names and phone numbers of members of the military as well as PowerPoint slides and maps.

The Centcom YouTube account was also hacked.

American and coalition war planes have been undertaking air strikes against IS in Iraq and Syria.

23.43 | 0 komentar | Read More

Alleged Silk Road owner put on trial

13 January 2015 Last updated at 12:12

The trial of Ross Ulbricht, the alleged creator and operator of the Silk Road underground market, begins today.

Jury selection, the first stage of the trial which could last six weeks, will start in a Manhattan federal court.

Mr Ulbricht is accused by the US of making millions from the Silk Road where drugs and other illegal commodities were bought and sold.

He has pleaded not guilty to the charges filed against him and has never admitted that he ran the site.

Hidden site

The charges against Mr Ulbricht include accusations of operating a continuing criminal enterprise, conspiring to commit narcotics trafficking, money laundering and computer hacking. He could face life in prison if found guilty on all charges.

Mr Ulbricht is also accused of soliciting murders to help silence people who knew about the site and his involvement with it. There is no evidence that any of the murders were carried out. The New York trial will not deal with the murder plot charges but evidence relating to them will be presented in court.

The Silk Road shut down in October 2013 following raids by the FBI and other US law enforcement agencies. The market operated from January 2011 to late 2013 during which time, the US alleges, tens of thousands of people used it to trade many different types of drugs, acquire forged documents and buy and sell hacking services.

The judge presiding over the trial wrote in documents released before the case began that the Silk Road was an "online criminal enterprise of enormous scope" that could generate tens of millions of dollars in revenue.

The Silk Road operated as a "hidden service" on the Tor dark web network allowing people to use it anonymously. Anonymity was also aided by payments for drugs and other services being carried out in bitcoins. More than 29,000 bitcoins seized during the 2013 raid were sold by US marshals in June this year for $17m (£11m).The FBI is believed to be in possession of a larger hoard of bitcoins seized from the site.

Mr Ulbricht's family and friends have set up a website to help defend him saying he is innocent of all charges and had nothing to do with the Silk Road and its operation. A documentary called Deep Web has been made about the case, Mr Ulbricht's treatment and how the FBI tracked him down. It is due to be shown later this year. Supporters say the case has serious implications for online freedom because of the way it has been handled.

Since the Silk Road shut down, other hidden sites have sprung up to take its place. One, called Silk Road 2.0, has been shut down due to raids by law enforcement agencies and the arrest of the man believed to be its operator.

23.43 | 0 komentar | Read More

Android security shift exposes users

13 January 2015 Last updated at 16:29

Millions of Android users could be at risk as Google cuts back on security updates for older versions of its smartphone operating system.

The risk arises because Google has stopped producing security updates for parts of those older versions.

About 60% of all Android users, those on Android 4.3 or older, will be affected by the change.

The researchers who uncovered the policy change said it was "great news for criminals".

Bizarre response

The shift was brought to light by security experts who found vulnerabilities in the webview component of Android 4.3 aka Jelly Bean. Webview is used to display webpages on an Android device.

Tod Beardsley and Joe Vennix from security firm Rapid7 and independent vulnerability finder Rafay Baloch contacted Google to let it know about the loophole. They expected to hear about the work Google was doing to patch the bug but instead were told that it was now only fixing bugs found in the two most recent versions of Android known as Kitkat (4.4) and Lollipop (5.0).

In a blogpost, Mr Beardsley said Google's Android security team told him it would "welcome" a patch from the researchers if they produced one but would not be making one itself. It added that it would tell its Android partners about the bug even though no fix would be forthcoming.

Mr Beardsley said the response was so "bizarre" that he contacted Google for clarification and was told again that many components of Android in earlier versions of the OS would not be getting fixes.

Over the last year, Mr Vennix and Mr Baloch have uncovered 11 separate vulnerabilities in the webview component.

Mr Beardsley questioned the wisdom of the decision because Google's own statistics show that the majority of Android users, 60%, are still using the older, vulnerable versions of Android.

"It would appear that over 930 million Android phones are now out of official Google security patch support," wrote Mr Beardsley.

Mr Beardsley did point out that it was not all bad news for Android users as some elements of the older versions, such as the multimedia player, will still be updated. In addition, Google regularly changes the requirements apps must meet to head off some security problems.

However, he added: "Any new bug discovered in 'legacy' Android is going to last as a mass-market exploit vector for a long, long time."

A spokesperson for Google declined to comment on its policy change.

23.43 | 0 komentar | Read More