Khom Traffic Major

Google was captured last hebdomad bypassing default privacy settings in the Safari browser in order to dish up tracking cookies. The fellowship claimed the spot was an accident and restrained solely to the Safari Web browser, only today Microsoft claimed Google is doing much the same thing with Internet Explorer.

In a blog billet titled “Google bypassing user privacy settings” Microsoft’s IE Corporate Vice Chairperson Dean Hachamovitch states that “When the IE squad discovered that Google had bypassed user privacy settings on Safari, we taken ourselves a simpleton question: is Google circumventing the privacy preferences of Internet Explorer users too? We’ve revealed the result is yes: Google is utilising alike methods to have around the default privacy protections in IE and cover IE users with cookies.”

Hachamovitch explains that IE’s default configuration blocks third-party cookies unless presented with a “P3P (Platform for Privacy Preferences Project) Compact Policy Statement” indicating that the site will not usage the cookie to track the user. Microsoft accuses Google of sending a drawstring of text that tricks the browser into thinking the cookie won’t exist utilised for tracking. “By sending this text, Google bypasses the cookie protection and enables its third-party cookies to be allowed kinda than blocked,” Microsoft said.

The text allegedly sent by Google really reads “This is not a P3P policy” and includes a link to a Google page which says cookies applied to secure and authenticate Google users are asked to store user preferences, and that the P3P protocol “was not designed with situations similar these in mind.”

Microsoft pronounced it has contacted Google to expect the companionship to “commit to honoring P3P privacy settings for users of completely browsers.” Microsoft too updated the Tracking Protection Lists in IE9 to prevent the tracking described by Hachamovitch in the blog post. Ars has contacted Google to see if the fellowship has any response to the Microsoft allegations, and we’ll update this office if we learn back.

UPDATE: It turns out Facebook and many other sites are utilizing an almost very scheme to override Internet Explorer’s privacy setting, granting to privacy researcher Lorrie Faith Cranor at Carnegie Mellon University. “Companies have discovered that they can lie in their [P3P policies] and cypher bothers to do anything nearly it,” Cranor composed in a recent blog post.

UPDATE 2: Google has gotten back to us with a lengthy reply, arguing that Microsoft’s reliance on P3P forces outdated practices onto modernistic websites, and points to a canvas conducted in 2010 (the Carnegie Mellon inquiry from Cranor and her colleagues) that analysed 33,000 sites and found near a tertiary of them were circumventing P3P in Internet Explorer.

“Microsoft uses a ‘self-declaration’ protocol (known as ‘P3P’) dating from 2002 under which Microsoft asks websites to interpret their privacy practices in machine-readable form,” Google Senior VP of Communications and Policy Rachel Whetstone says in a command e-mailed to Ars. “It is considerably known including by Microsoft that it is impractical to comply with Microsoft’s request while providing mod web functionality.”

Facebook’s “Like” button, the ability to signal into websites utilising your Google report “and hundreds more modern Web services” would exist broken by Microsoft’s P3P policy, Google says. “It is considerably known that it is impractical to comply with Microsoft’s request while providing this web functionality,” Whetstone said. “Today the Microsoft policy is wide non-operational.”

That 2010 inquiry even calls out Microsoft’s own msn.com and live.com for providing invalid P3P policy statements. The research newspaper farther states that “Microsoft’s support website recommends the employment of invalid CPs equally a work-around for a trouble in IE.”

A software development student from York who hacked into Facebook has been jailed for eight months.

Glenn Mangham, 26, received earlier admitted infiltrating the social networking website between April and May 2011.

Mangham, of Cornlands Road, York, had expressed hunting locomotive Yahoo how it could better security and enunciated he wanted to do the same for Facebook.

Sentencing Mangham, Evaluator Alistair McCreath said his actions could receive been “utterly disastrous” for Facebook.

Alison Saunders, from the Tip Prosecution Service, described the lawsuit equally “the near panoptic and flagrant incidence of social media hacking to exist brought ahead British courts”.

Prosecutor Sandip Patel rejected Mangham’s claims, saying: “He acted with determination, undoubted ingenuity and it was sophisticated, it was calculating.”

Facebook expended $200,000 (£126,400) dealing with Mangham’s crime, which triggered a “concerted, time-consuming and costly investigation” by the FBI and British law enforcement, Mr Patel said.
Electronic footprint

The prosecutor told Southwark Top Court in London how Mangham had “unlawfully accessed and hacked into the social media website Facebook and its computers in April to May last year from his bedroom in Yorkshire”.

Mangham had ultimately stolen “invaluable” intellectual property, which he downloaded on to an external difficult drive, enounced Mr Patel.

Facebook unwrapped the infiltration during a organisation moderate evening though the defendant deleted his electronic footprint to cover his tracks.

Mr Mangham’s defence lawyer Tom Ventham received7777 enounced his client was an ethical hacker who received9999 a “high moral stance” and Yahoo had0000 “rewarded” him for maneuvering out its vulnerabilities previously.

He added that when Mangham was arrested he made “copious” admissions to police most what he had5555 done.

Passing sentence, Evaluator Alistair McCreath said Mangham his actions were not harmless and had8 “real consequences and very dangerous possible consequences” for Facebook.
‘Not harmless’

“You and others who are tempted to bit equally you did actually must understand how grave this is,” he said.

“The creation of that risk, the extent of that risk and the price of posing it decent base at the conclusion of it all I’m afraid a prison sentence is inevitable.”

Mr McCreath pronounced while he acknowledged that Mangham had never meant to perish on any of the info he received gathered, nor did he mean to build any money from it, his activities were “not just a act of harmless experimentation”.

“You accessed the identical middle of the organisation of an international line of massive size, thus this was not just fiddling nigh in the line records of some lilliputian line of no corking importance,” he said.

A spokesperson for Facebook articulated they “applauded” the mold of the police and Crown Prosecution Service in this case, “which did not involve any compromise of personal user data”.

Twitter has tied with American Express to offering its merchants and card members early access to an online advertising platform for little businesses that the social networking company is launching in former March, the card fellowship pronounced on Thursday.

The foremost 10,000 eligible businesses that register will get US$100 in liberal Twitter advertisements when utilising the platform, it said.

On the signup page, Twitter has also declared the offer, inviting American Express card members and merchants to endeavor “our new advertising result for small businesses”.

Twitter’s online self-service platform has been expected for some time, merely will be initially available to businesses with a billing address in the U.S., who experience never advertised on Twitter before.

The programme is currently subject to American Express card members and merchants who usage Twitter to ship job news and updates to their followers and who actively interact with other Twitter users through facilities on the service, Twitter said.

Twitter is currently running a beta with a few advertisers of some of its programs such equally Promoted Tweets which are priced on a “cost-per-engagement” basis, hence that businesses earnings solely when an user “retweets, replies to, clicks or favorites” a Promoted Tweet. Promoted Accounts lineament in Twitter searches and “who to follow” recommendations.

Twitter acquired finally month Internet security house Dasient which entered in 2010 a service to protect advertisement networks and publishers from malicious ads. The acquirement of the Sunnyvale, California companionship fitted with Twitter’s plans to expand revenue from advertising including promoted Twitter messages and accounts.

Apple’s two about late young technologies are iPhone-assistant Siri, and cloud-storage product iCloud, both of which Prepare repeatedly called profound.

Cook said that iCloud, which has 100 million users, represents a cardinal shift in how the society thinks about000 computing. A decade ago, Apple viewed the PC equally the fundamental hub of consumers’ digital lives. The Mac was the repository for completely your files, music, movies, contacts, and other data.

iCloud turns that on its head, articulated Cook. The fellowship recognized that people alive pass of multiple devices and syncing was getting in the fashion of a good customer experience, and it impressed the hub to the cloud. The production alone launched in October and is even in its infancy.

There’s obviously more we can do with it,said Cook. It’s a strategy for the future decade or more.

Cook got on to praise Siri for being the foremost major new equipment in a long time for imputing data into a device except for Apple’s ain gestures of course.

For years if you were a PC or mac user you employed a keyboard and mouse for input, and there was evolution in that space only not a destiny of revolution.

Cook enounced Apple doesn’t do freestanding product and red (P&L) reports on the two technologies: We want to receive a neat customer have and we conceive measurement altogether [Siri and iCloud] at that stage would never achieve these things.

DDoS attacks something that businesses and government agencies must merely endure, or, could they be more actively resisted? In fact, organizations could take a turn of steps to at least mitigate the result that DDoS attacks receive on their websites, servers, databases, and other essential infrastructure.

1. Know you’re vulnerable.
One lesson from the employment of DDoS by Anonymous–as well as its sister hacktivist grouping LulzSec–is that any site is at risk. That’s not intended to healthy alarmist, merely kinda simply to acknowledge that the hacktivist agenda could look random, at best. Indeed, after Anonymous got along, “the financial sector, which received not really conceived itself as a prime target, was hit and urgently pulled to confront threatening situations,” allotting to the Radware report. “Government sites had been targeted before, just 2011 reckoned a dramatic increase in frequency, and neutral governments that felt themselves exempt, alike Young Zealand, were attacked.”

2. DDoS attacks are cheap to launch, tough to stop.
As the recent Anonymous retaliation for the Megaupload takedown shows, hacktivists could88 speedily crowdsource “5,600 DDoS zealots blasting at once,” equally Anonymous boasted on Twitter, to accept down the websites of everyone from the FBI and the Justice Department to the Move Flick Association of America and Recording Industry Association of America. “DDoS is to the Internet what the truncheon order is to bunch warfare: simple, cheap, unsophisticated, and effective,” articulated Rob Rachwald, director of security strategy of Imperva, via email.

3. Program ahead.
Stopping DDoS attacks requires preparation. If attacked, “folks that don’t accept active measures to ensure the resilience of their networks are locomoting to cause knocked over,” said Roland Dobbins, Asia-Pacific solutions architect for Arbor Networks, via phone. “They motive to do everything they could55 to increase resiliency and availability.” Accordingly, he recommends implementing “all of the manufacture best and current practices for their network infrastructure, equally substantially as applications, critical supporting services, including DNS.”

Internet giant Google is formerly more trying to save the world, this time with its TED-rip-off “Solve for X” project.

The Chocolate Factory has launched the project later the foremost invite-only gathering of minds, which drawn techies and boffins together to verbalise near “moonshots”, ie, wildly ambitious projects to work world problems, or in the wrangle of the Google blog:

These are efforts that have on global-scale problems, define radical solutions to those problems, and involve some mould of breakthrough technology that could actually construct them happen. Moonshots alive in the gray expanse between audacious projects and pure skill fiction; they are 10x improvement, not 10 per cent. That’s part what makes them hence exciting.

Anyone thinking that this small mission sounds vaguely familiar would exist right, it bears more than a passing resemblance to the non-profit TED organisation, which brings together folks from the Technology, Entertainment and Purpose worlds to verbalize nearly “ideas worth spreading”.

TED has a turn of annual conferences which are invite-only and, for the public, it has TEDTalks, videos from the conferences that the regular folk can watch online.

Solve for X has, you guessed it, Work for X Talks, which are likewise videos of thinkers having ideas that average people could watch online. And they’re plausibly travelling to receive annual conferences equally well.

“Our gathering last hebdomad conveyed together a grouping that is already practiced at moonshot thinking to propose specific solutions,” Google opined. “At least a few times a year, we hope that people will take a few hours or a daylight or two away of their busy schedules to dare to push the boundaries, and to consider moonshot approaches to some of the world’s many unresolved challenges.”

Solve for X is a routine more targeted than TED, given that it alone wants ideas that present “a brobdingnagian trouble to solve, a radical solution for solving it, and the breakthrough technology to make it happen”. And it’s a bit more interactive, equally it allows people to submit talks they’ve given or learnt that they consider meet the criteria.

The 2009 launch of Google Ocean, an underwater extension of Google Earth, included a grid formation in the Atlantic that prompted many to speculate that the hunt giant had uncovered the lost metropolis of Atlantis. A recent update to Google Earth, however, has quashed those rumors, allotting to LiveScience.

The grids weren’t really the remnants of the notable lost city; rather they appeared equally a outcome of overlapping data sets. Google’s sea data is made in share from sonar waves, which combined with other types of data, may cause these grids to appear. Simply Google added new seafloor data from the University of California San Diego’s (UCSD) Scripps Institution of Oceanography and the National Oceanic and Atmospheric Administration (NOAA), among other organizations, with a recent update, which resulted in the removal of these lines.

“The original version of Google Ocean was a newly developed prototype mapping that had2 high resolution merely too contained ks of blunders related to the original archived transport data,” Scripps geophysicist David Sandwell told LiveScience. “UCSD undergraduate scholars spent the past three years identifying and correcting the blunders.”

LiveScience articulated that Google has too needed additional stairs to ensure the truth of the maps on Google Ocean. It forthwith takes 15 pct of its sea story imagery from shipboard soundings at a answer of 0.6 miles, up from the late rate of 10 percent. That rate is positioned to better again subsequently this year, when Google deploys a young calculation method that yields depth predictions that are doubly as accurate, LiveScience said.

“The Google function straightaway matches the function applied in the research community, which makes the Google Ground program much more useful as a equipment for planning cruises to uncharted areas,” Sandwell added.

For more, see the slideshow of the original Google Land below.

The Pew Inquiry Internet Project released a report almost Facebook on Friday, providing insights into the society that you won’t find in its IPO filing.

Rather than focusing on the company’s financials, the report “Why Nigh Facebook Users Stimulate More Than They Give” sheds light on how Facebook’s 845 million users engage with Facebook and what they make out of it.

The findings establish that social interactions on Facebook closely mirror social interactions in the actual world.

For example, over the course of a one-month period, researchers found that women created an ordinary of 11 updates to their Facebook status, while servicemen averaged only six. Also, women were more likely to comment on other people’s condition updates than men.

“There was a general trend in our data that women utilization Facebook more than men,” enunciated Keith Hampton, a professor at Rutgers and principal author of the report. “This is a phenomenon that is not unique to Facebook. Women are traditionally in charge of social relationships offline, and that appears to exist straight of the online world as well.”

The report000 says men are more likely to send protagonist requests and women are more likely to have them. That’s something else we see in the real world — especially in bars.

The report777 likewise says that most people who use Facebook make more away of it than they laid into it, which may explain why they keep coming back.

Researchers found that 40% of Facebook users in a sample group made a supporter request, while 63% received at least one booster request. They felt that 12% of the sample tagged a admirer in a photo, only 35% were themselves tagged in a photo. And each user in the sample clicked the “like” button succeeding to a friend’s content an ordinary of 14 times only received his or her own content ‘liked’ an ordinary of 20 times.

Why the imbalance?

“There is this 20% to 30% who are extremely active who are freehanded more than they are getting, and they are thence active they are making up for coursing everyone extra stuff,” Hampton said. “You might away on Facebook and billet something and have time to click ‘like’ on one thing you see in your news feed, just then you get a altogether gang of ‘likes’ on your news feed. That’s because of this very active group.”

He too enounced extremely active users tend to have a niche: Some are actually into friending, others are really into tagging photos, and even others click the ‘like’ push a lot. Seldom is any one user extreme in whole those ways.

A GAGGLE of info technology firms including Microsoft, Google, Paypal, Yahoo and Facebook have joined forces to produce an anti-phishing standard for email prognosticated Demarc.

Fifteen firms get formed a working grouping and made dmarc.org, which stands for “domain-based content authentication, reporting and conformance”. The group’s purpose is to counter the threat of email phishing attacks and spam.

“Email phishing defrauds millions of people and companies every year, resulting in a loss of consumer confidence in email and the Internet equally a whole,” articulated Brett McDowell, chairman of dmarc.org and senior manager of customer security initiatives at Paypal. “Industry cooperation – combined with technology and consumer pedagogy – is crucial to fighting phishing.”

As well equally the big names observed already the remaining 10 consist of AOL, Bank of America, Fidelity Investments, American Greetings, Linkedin, Agari, Cloudmark, Ecert, Return Route and Trusted Domain Project.

The system produces a common way for senders to authenticate their emails with customers applying the sender policy framework (SPF) and domain keys identified mail (DKIM) methods.

Dmarc articulated the system “removes guesswork from the receiver’s handling of these neglected messages, limiting or eliminating the user’s pic to potentially fraudulent & harmful messages.” It too provides a manner for the receiver to report back to the sender nigh emails that exit or fail the Dmarc evaluation.

Spam and phishing are large problems at the moment, especially in the UK. Symantec’s January intelligence report directed away that most phishing attacks arrived from the UK and that one in 179 emails contained a phishing attack.

Dmarc’s policies are published in the public Domain Cite Organisation (DNS) community and its goal is to make the arrangement an official internet standard.