Apple has finally explained why its Dev Center has been mysteriously shut down since last Thursday: An intruder broke in to the company's developer site in an attempt to steal registered developers' personal information. While Apple says it's in the process of "completely overhauling" its developer systems, updating its server software, and rebuilding its entire database, a Turkish security researcher named Ibrahim Balic emerged on Sunday claiming credit for the successful hack -- and claiming he had only the best white-hat intentions.
Balic's claims are not verified, and several news organizations such as the Guardian U.K. and AllThingsD have questioned his claims to be the hacker that caused the shutdown. Apple told AllThingsD is not able to comment about whether it knows the hacker's identity "at this time." Read more...
A former marketing executive at AT&T has pleaded guilty to charges related to an insider trading scheme in which he leaked sales information about Apple's iPhone and Research In Motion's BlackBerry devices to members of an investment community.
Alnoor Ebrahim, 57, of Alpharetta, Georgia, pleaded guilty Monday in U.S. District Court for the Southern District of New York. Ebrahim provided nonpublic information about device sales to members of an investment community, described as an expert networking firm, the U.S. Department of Justice said. Read more...
Remember address book-gate? Locationgate? I-don’t-know-what-my-apps-are-doing-on-my-phone-gate? (Oh, that last one might not be a real thing.) Regardless, we’re living in age where companies are pushing us to rethink the boundaries between what we consider private, personal information and what should be public. The resulting backlash is an overreaction(-gate) when we discover that some of the data we presumed to be ours alone was actually being stored, accessed and shared by others…in many cases, “others” being mobile app developers.
Well, leave it to a security firm to capitalize on the privacy scare trend. And by capitalize, I mean launch a $4 app that tells you what the apps on your phone are doing. Introducing Bitdefender’s Clueful. Read more...
A Mac developer has posted a tool that detects a Flashback malware infection on Apple's computers.
The tiny tool -- it's just a 38KB download -- was created by Juan Leon, a software engineer at Garmin International, the Kansas-based company best known for its GPS devices.
Ars Technica first reported on Leon's FlashBack Checker.
The tool spots the malware by automating a tedious process first described by security firm F-Secure last month. F-Secure's procedure required entering multiple commands in Terminal, the Mac OS X command line utility. Read more...
The U.S. White House will push for online businesses to adopt new privacy codes of conduct, including consumer rights to control what information websites collect about them and a right to see what data is being collected, officials there said.
Members of President Barack Obama's administration will officially announce details about its so-called privacy bill of rights on Thursday, with the effort focused on government working with private businesses, privacy groups and other experts to develop voluntary privacy codes of conduct.
While the Obama administration will propose privacy legislation to the U.S. Congress, the U.S. Department of Commerce will move ahead with voluntary codes of conduct that could be implemented without congressional action, administration officials said in a press briefing late Wednesday. Legislation would put consumer privacy rights into law. Read more...
Hackers claimed to have stolen internal data from Apple supplier Foxconn, and leaked the information online, in response to media reports of poor working conditions at the electronics manufacturer's factories in China.
The hacker group, Swagg Security, announced the attack in a Twitter message on Wednesday, and also leaked data stolen from the Foxconn site to The Pirate Bay. It said the data included user names and passwords. "The passwords inside these files could allow individuals to make fraudulent orders under big companies like Microsoft, Apple, IBM, Intel, and Dell," the hackers said in a message on Pastebin. Read more...
Hackers claiming to be Saudis posted credit card information of thousands of Israelis on the Internet, credit card companies said Tuesday, in what appeared to be a politically motivated attack. One expert played down its scope.
The Israeli Ynet news website said the hackers, identifying themselves as Group-XP, called the cyber attack a "gift to the world for the New Year" that they hoped "would hurt the Zionist pocket."
They claimed to have compromised 400,000 credit-card holders, but Israel's central bank said only about 15,000 active cards were affected.
"Group-XP is a known Saudi hacking group that seeks to propagate Wahhabism," the strict form of Islam practiced in Saudi Arabia, said Gadi Aviran of Terrogence Ltd., an Israeli web intelligence company. Read more...
A federal agency charged with protecting consumer rights is gathering information on the new uses of facial recognition in contexts such as social networks, digital signs, and mobile apps, and it's asking the public for help.
The move by the Federal Trade Commission (FTC) was prompted by a public workshop on facial recognition technology hosted by the agency earlier this month. Here are some of the issues the FTC would like the public to comment on.
- What are the current and future commercial uses for facial recognition technologies?
- How can consumers benefit from the technology?
- Should special considerations be applied to use of the technology on vulnerable populations, such as children?
- What best practices should be used when crafting notice and choice policies for use of the technology?
- Are there situations where notice and choice aren't needed? On the other hand, are there situations where the technology should not be used, even with notice and choice?
- Are notice and choice adequate to protect privacy when the technology is used, or are there other methods that are better for preserving privacy?
- What best practices should be used to protect consumer privacy when developing and deploying facial recognition technologies? Read more...
The FBI has denied a request for the release of information regarding its use of Carrier IQ's software, saying that releasing the information could interfere with ongoing law enforcement operations.
The response does not make it clear whether the agency is using Carrier IQ for investigative purposes, or whether the documents it has, are related to an investigation of the controversial software.
The request under the Freedom of Information Act was filed Dec. 1 by Michael Morisy, co-founder of MuckRock, a website that helps people file FOIA requests with the government. Morisy asked the FBI for any manuals, documents or other written material it might have related to the FBI's use of data gathered by Carrier IQ. Read more...
Microsoft hasn't spilled the beans about Office 365 sales, but the little information we do have makes it sound to me as if the cloud suite isn't doing well at all.
In spite of a spate of minor announcements yesterday, Group Product Manager Andrew Kisslo announced on the Office 365 blog, "Just five months after its release, Office 365 is being adopted eight times faster than its predecessor."
Keep in mind that Office 365's predecessor is BPOS -- and BPOS didn't exactly get off to a dizzying start. Back in 2007 and 2008, Microsoft hosted Exchange and SharePoint in an ad hoc way. Microsoft didn't give the service a name until November 2008, when an amalgamation of Exchange and SharePoint was packaged and sold as Microsoft Online Services, a precursor to BPOS. Microsoft has never divulged how many BPOS customers it signed on in the five months after its launch, but the number of organizations using Microsoft-hosted servers in April 2009 certainly wasn't stunning. Read more...
The larger a company becomes, the more difficult it is to ensure its workforce gets the information they need, when they need it.
That was the dilemma facing the UK-based speaker maker Bowers & Wilkins (B&W) two years ago.
The 46-year-old company had reached annual revenues of about £200m and was operating in about 60 countries worldwide, but it had a problem with the quality of information being gathered about its operations.
Regional teams were compiling their own business reports and emailing them to managers - but these reports often contained inconsistent and erroneous information.
"The dispersed nature of the teams drove us to have problems with reporting. Read more...
Japan's largest defense contractor, Mitsubishi Heavy Industries, today acknowledged that scores of its servers and PCs had been infected with malware, but denied that any confidential information had been stolen.
The Daily Yomiuri, citing confidential sources, first reported the attack, which involved as many as eight different types of malware, including Trojan horses.
A U.S.-based Mitsubishi spokesman confirmed that the company had uncovered a large-scale intrusion that had planted malware on 45 servers and an additional 38 individual PCs in several locations around Japan. Read more...
A 43-year-old former Akamai employee has pleaded guilty to espionage charges after offering to hand over confidential information about the Web acceleration company to an agent posing as an Israeli consular official in Boston.
Starting in September 2007, Elliot Doxer played an elaborate 18-month-long game of cloak-and-dagger with James Cromer, a man he thought was an Israeli intelligence officer. He handed over pages and pages of confidential data to Cromer, providing a list of Akamai's clients and contracts, information about the company's security practices, and even a list of 1,300 Akamai employees, including mobile numbers, departments and e-mail addresses. Read more...