Tag: privacy-rights

Google launches Play Newsstand: a hybrid magazine store and RSS reader

The long-rumored Google Play Newsstand for Android has finally launched , and it’s not at all what we were expecting. Early reporting and investigation pinned it as a newspaper section of the Play Store, but it’s much more than that. Google is selling newspapers and magazines under a single banner, and  there’s a visual-heavy RSS reader, sort of like Flipboard. This means Newsstand is replacing two of Google’s existing apps: Google Play Magazines and Google Currents. Google is pitching it as “all your subscriptions in one place.” Like most things “Google” these days, calling it an “app” isn’t really the whole story. There’s also a new section of the desktop Play Store, and some magazines and newspapers are even viewable in the browser. RSS is strictly confined to the app, though. Just like the old Play Magazines, paid content is available as a subscription or on a per-issue basis, and 30-day trials are available for some premium content. RSS feeds, magazines, and newspaper can be downloaded for offline reading later, and there’s also a bookmark function. Read 1 remaining paragraphs | Comments        

See the original post:
Google launches Play Newsstand: a hybrid magazine store and RSS reader

Hack of Cupid Media dating website exposes 42 million plaintext passwords

A hack on niche online dating service Cupid Media earlier this year has exposed names, e-mail addresses and—most notably—plain-text passwords for 42 million accounts, according to a published report. The cache of personal information was found on the same servers that housed tens of millions of records stolen in separate hacks on sites including Adobe , PR Newswire , and the National White Collar Crime Center, KrebsonSecurity journalist Brian Krebs reported Tuesday night . An official with Southport, Australia-based Cupid Media told Krebs that user credentials appeared to be connected to “suspicious activity” that was detected in January. Officials believed they had notified all affected users, but they are in the process of double-checking that all affected accounts have had their passwords reset in light of Krebs’s discovery. The compromise of 42 million passwords makes the episode one of the biggest passcode breaches on record. Adding to the magnitude is the revelation the data was in plain-text, instead of a cryptographically hashed format that requires an investment of time, skill, and computing power to crack. As Krebs noted: Read 3 remaining paragraphs | Comments        

Continue Reading:
Hack of Cupid Media dating website exposes 42 million plaintext passwords

GitHub resets user passwords following rash of account hijack attacks

GitHub is experiencing an increase in user account hijackings that’s being fueled by a rash of automated login attempts from as many as 40,000 unique Internet addresses. The site for software development projects has already reset passwords for compromised accounts and banned frequently used weak passcodes, officials said in an advisory published Tuesday night . Out of an abundance of caution, site officials have also reset some accounts that were protected with stronger passwords. Accounts that were reset despite having stronger passwords showed login attempts from the same IP addresses involved in successful breaches of other GitHub accounts. “While we aggressively rate-limit login attempts and passwords are stored properly, this incident has involved the use of nearly 40K unique IP addresses,” Tuesday night’s advisory stated. “These addresses were used to slowly brute force weak passwords or passwords used on multiple sites. We are working on additional rate-limiting measures to address this. In addition, you will no longer be able to login to GitHub.com with commonly used weak passwords.” Read 3 remaining paragraphs | Comments        

See the article here:
GitHub resets user passwords following rash of account hijack attacks

Password hack of vBulletin.com fuels fears of in-the-wild 0-day attacks

János Pálinkás Forums software maker vBulletin has been breached by hackers who got access to customer password data and other personal information, in a compromise that has heightened speculation there may be a critical vulnerability in the widely used program that threatens websites that use it. “Very recently, our security team discovered sophisticated attacks on our network, involving the illegal access of forum user information, possibly including your password,” vBulletin Technical Support Lead Wayne Luke wrote in a post published Friday evening . “Our investigation currently indicates that the attackers accessed customer IDs and encrypted passwords on our systems. We have taken the precaution of resetting your account password.” The warning came three days after user forums for MacRumors—itself a user of vBulletin—suffered a security breach that exposed cryptographically hashed passwords for more than 860,000 users . When describing the attack, MacRumors Editorial Director Arnold Kim said the compromise in many ways resembled the July hack of the Ubuntu user forums , which also ran on vBulletin. Read 9 remaining paragraphs | Comments        

Read the original:
Password hack of vBulletin.com fuels fears of in-the-wild 0-day attacks

California shuts down 10 “fraudulent” health care websites

This is the real McCoy. Covered California In a move rarely seen by state authorities, California has shut down 10 domain names that the Golden State claims were fraudulent imitations of Covered California, the state’s own version of the Affordable Care Act. On Thursday, the state’s attorney general announced that it had forced 10 domain names to either redirect to the bona fide Covered California website, or to remove their sites entirely. California also sent cease and desist letters to the operators of those sites. As California’s attorney general, Kamala Harris, wrote in a statement : Read 5 remaining paragraphs | Comments        

Read the original post:
California shuts down 10 “fraudulent” health care websites

In 6 months, US law enforcement asked Google for data on 21,000 users

Google Google and other tech companies have been actively fighting at the Foreign Intelligence Surveillance Court in an attempt to tell the public more about the types of US law enforcement orders that they must comply with. While that case continues, Google announced on Thursday that US government (local, state, federal) requests for data has reached 21,683 users between January through June 2013. By comparison, the company’s previous reporting period (July through December 2012) saw 8,438 user data requests from US authorities—a jump of about 32 percent. Again, the United States remains at the top of this list by a wide margin. India, Germany, France and the United Kingdom round out the next four positions, respectively. Read 5 remaining paragraphs | Comments        

Visit link:
In 6 months, US law enforcement asked Google for data on 21,000 users

Google Books ruled legal in massive win for fair use

Moyan Brenn A long-running copyright lawsuit between the Authors’ Guild and Google over its book-scanning project is over, and Google has won on the grounds that its scanning was “fair use.” In other words, the snippets of books that Google shows for free don’t break copyright, and it doesn’t need the authors’ permission to engage in the scanning and display of short bits of books. On the fair use factor that’s often the most important—whether or not the fair use of a work hurts the market for the original work—US District Judge Denny Chin seemed to find the plaintiffs’ ideas both nonsensical and ignorant of the limits on the Google Books software: Read 1 remaining paragraphs | Comments        

See the original post:
Google Books ruled legal in massive win for fair use

Android 4.4 KitKat, thoroughly reviewed

After three Jelly Bean releases in a row, Google has unleashed a major revision to the world’s most widely used operating system. With the  Nexus 5  comes Android 4.4 “KitKat.” KitKat brings a ton of enhancements: support for hidden system and status bars, printer support, and lower memory usage. It also has a number of user-level improvements, including a new dialer, a Google-infused home screen, and a whole pile of UI refinements. The lower memory usage is particularly important because Google hopes this is the feature that will finally kill Gingerbread and other older versions of Android. Ice Cream Sandwich raised the system requirements for Android quite a bit, and to this day you still see lower-end phones shipping with Gingerbread because of the lower barrier to entry. Unfortunately, the only device that currently runs KitKat is the Nexus 5, which has a whopping 2GB of RAM, so there isn’t much memory testing that we can do right now. We’ll have to wait for actual low-memory hardware running KitKat to evaluate any of the low-memory requirement claims. We  can   take a look at just about everything else, though. We believe KitKat is the biggest Android release since Ice Cream Sandwich. Google has touched nearly every part of the OS in some way, so there’s a lot to cover. Read 47 remaining paragraphs | Comments        

See more here:
Android 4.4 KitKat, thoroughly reviewed

Hack of MacRumors forums exposes password data for 860,000 users

MacRumors MacRumors user forums have been breached by hackers who may have acquired cryptographically protected passwords belonging to all 860,000 users, one of the top editors of the news website said Tuesday evening. “In situations like this, it’s best to assume that your MacRumors Forum username, e-mail address and (hashed) password is now known,” Editorial Director Arnold Kim wrote in a short advisory . He went on to advise users to change their passwords for their MacRumors accounts and any other website accounts that were protected by the same passcode. The MacRumors intrusion involved “a moderator account being logged into by the hacker who then was able to escalate their privileges with the goals of stealing user login credentials,” Kim said. The company is still investigating how the attacker managed to compromise the privileged account. Read 5 remaining paragraphs | Comments        

Follow this link:
Hack of MacRumors forums exposes password data for 860,000 users

How one site beat back botnets, spammers and the “4chan party van”

Aryan Blaauw One Sunday late last month, administrators at Orlando, Florida-based TorGuard were in high spirits. They had just successfully rebuffed the latest in a series of increasingly powerful denial-of-service attacks designed to cripple their virtual private networking service. Despite torrents of junk traffic that reached peaks as high as 15Gbps, the admins had neutralized the offensive by locking down the TorGuard servers and then moving them behind the protective services of anti-DoS service CloudFlare. “This seemed to anger the attackers, however, because on Monday things got a bit more personal,” TorGuard administrator Ben Van Pelt told Ars. “Unable to spam, DDoS, hack, or social engineer us, they employed the tactics of the ‘4chan party van.’ Throughout the day our office received multiple unrequested deliveries from local pizza chains, Chinese food, and one large order of sushi. A handful of local electricians and plumbing services were also disappointed to be turned away. To my knowledge no fake calls have been placed to law enforcement yet, however nothing would surprise me at this point.” The two-month-long campaign of harassment and attacks, which Van Pelt suspects was carried out by a competing virtual private networking service, illustrates the lengths some people will go to goad their online adversaries. His experience provides a vivid account of what it’s like to be on the receiving end of a relentless stream of distributed denial-of-service attacks and ultimately what can be done to mitigate them. Read 14 remaining paragraphs | Comments        

See more here:
How one site beat back botnets, spammers and the “4chan party van”