Friday, December 31, 2010

WakeMate faces 'Toyota Moment' with recall just days after first shipments

The WakeMate sleep aid device / app only recently shipped, after nearly a year of delays. In a serious bit of bad news for the company, it's already been recalled, or more specifically, part of it has.

To be exact, the black USB charging unit that was shipped with the device has been recalled. Customers should not use the charger, as there is a risk of fire.

The company has sent emails to all customers, and says on its site that if a customer does not respond to an email, the company will call the contact number on the WakeMate order. They emails say:
Hello WakeMate Customer,

We have just been alerted to a safety issue with our product. The black USB charger bricks that have been included with the product are defective. Do not use them.

The USB chargers were sourced through a Chinese vendor. We paid to have the proper certification and safety tests performed here in the U.S. for the chargers. However, tonight we were informed by a customer of a safety incident with the black USB chargers. Therefore, effective immediately we are recalling ALL USB charger bricks and informing our customers that it is not safe to use these USB chargers to charge your WakeMate.

We will continue to look into the situation but needed to email you immediately to ensure that you stop using and unplug the included Black USB Power Bricks.

We are extremely sorry that we sent a product containing defective components. However, we also want to stress that this issue is with the chargers only, and not with the WakeMate itself. It is still safe to use the included USB cable to charge the WakeMate, and it is safe to wear the WakeMate while sleeping.

I sincerely apologize for this mishap on our part. We are doing everything we can to prevent any further incidents with the USB charger bricks.

If you have any questions do not hesitate to contact me.

Arun Gupta
CEO, Perfect Third Inc.
In a thread on Hacker News, the company elaborated on the problem:
yes the batteries are safe. we believe that the chargers are spitting out a noisy electrical signal, which is causing the battery charger IC on the WakeMate to overheat, thus causing the problem. We have only seen any incidence when the unit is plugged into the black USB charger bricks we shipped with. To date we have logged over 20000 hours of sleep on our system, so we’re certain that sleeping with the Wakemate is safe, and that the batteries on the WakeMates are safe as well. This is in addition to the testing and certification we had done on the unit as well before we began shipping units.
WakeMate is supposed to improve the sleeping experience of users, through the use of Actigraphy. The WakeMate is both an app and a device, as it comes with a wristband that measures your movements and determines your optimal wake-up time. The software runs on Android, iOS, and BlackBerry. That wristband, however, needs charging, and its the charger that is the problem.

Googler Jason Toff Tweeted about his experience, and included a video (below) that shows the damage done. While OK, he noted that if he had not been in the room with the WakeMate, his house would have caught on fire.

WakeMate has met its "Toyota unintended acceleration moment." Toyota was an established, huge corporation, as opposed to a start-up. Whether or not this incident becomes the company's downfall remains to be seen.

Police catch burglar with help of woman's dog-monitoring iPhone app

A woman may have her dog to thank for catching a burglar. It's not, however, because the dog himself caught the burglar, but instead because the iCam application she used on her iPhone to monitor her dog clued her into a burglary.

The iCam app runs on both Android and iPhone. Claire, who did not want her last name released, downloaded the app so she could peek in on her dog while she was away. She said,
"It's creepy. I've never had a house broken in to. He went through my drawers, my jewelry. He even touched my clothes and pillow."
Claire used iCam and activated her computer's webcam, only to see a man riffling her through her belongings. He got away with $500 worth of items. It's unclear why the dog wasn't taking any action.

Once a Denver, CO television station aired the video, a viewer recognized the burglar and notified police. Authorities arrested Peter Jones, 47, on burglary charges, Denver Police Det. John White said.
"We developed information that led to the suspect based on the video that captured the burglar in action."
Jones told police that he didn't take anything, although he admitted walking around in Claire's house. She told authorities:
"Well that's interesting, because I have the feed of him stealing my iPad."
Watch a report with some of the video feed below.

Newsweek expose leaks Assange's Christmas images

Credit: Newsweek
How ironic this expose is, as Newsweek has leaked the Christmas activities of one Julian Assange, Wikileaks' chief. He wasn't caught furtively talking to a disgruntled U.S. soldier, but instead seemed to be living life on bail pretty much the way most of us would.

Most are aware of the multiple leaks that have been released by Assange's whistleblower site, Wikileaks, in 2010.  They include not just classified information allegedly leaked by Pfc. Bradley Manning related to Iraq and Afghanistan, but also numerous diplomatic cables that were most recently leaked.

It was after this most recent leak that the wolves were set upon Assange.  He is currently on bail in the U.K., under house arrest while he awaits an extradition hearing on charges of sexual misconduct in Sweden.

As he awaits his hearing, scheduled for early in 2011, Assange had Christmas dinner, sifted through a huge number of Christmas cards, dressed as Santa, browsed the Web on a Mac (sorry, Microsoft), and even worked on the grounds of the country mansion where he is under house arrest.

No matter what you think about the leaks from his website, positive or negative, it seems clear from these images that he is still a human being.

You can see the full gallery of images at Newsweek's website.

Apple rejects 'anti-gay app' for second time

Apple has rejected a so-called anti-gay app for the second time. The "Manhattan Declaration" was booted from the App Store in late November, after a petition initiated by which garnered 7,700 signatures.

That version of the app included a four-question survey, with one question asking “Do you support same-sex relationships?” If a user answered “yes,” they were told that they had replied incorrectly.

In their resubmitted app, the developers removed the survey. However, as GLAAD says,
The Declaration is a 4,700-word statement signed by many Christian religious leaders and citizens that claims to speak “in defense of the sanctity of life, traditional marriage, and religious liberty. It issues a clarion call to Christians to adhere firmly to their convictions in these three areas.” It calls relationships among LGBT people “immoral sexual partnerships,” and says marriage “is not a civil right” for them, among sending other anti-LGBT messages.
Apple's reason for rejection was the same as the initial rejection, that the app is likely “to expose a group to harm” and “to be objectionable and potentially harmful to others.” These are both violations of the iOS SDK Terms of Service.

The report adds that the makers of the app intend to "take the issue to the Apple’s App Review Board after the holidays."

As was noted once the first rejected came to light, Steve Jobs is the ultimate appeal board at Apple. He is famously in control of most decisions, and definitely in control if anything controversial appears in the media. In this, there should be no question. Since he's a famous liberal, the odds of an appeal going anywhere is most likely nil.

Kindle gets its promised e-book lending feature

As promised, has launched the Kindle's book loaning feature. In late October, announced the feature would be coming to the Kindle before the end of the year, to match a similar feature on Barnes & Noble's nook.

Considering the feature went live, quietly, on Thursday Dec. 30th, just made it under the wire.

The feature has its fair share of caveats. First, not every book will be lending-enabled; that's up to the publisher, just as with the Kindle's text-to-speech feature. Additionally, each e-book can only be lent once (as with the nook), so choose who you lend to wisely. Also, the lending window is 2 weeks, and during that time, your ability to read the e-book yourself is revoked. Finally, only U.S. customers can lend an e-book, and international users may or may not be able to receive a loan, depending on the publishing rights of the title in their countries.

You can share a book either from the Manage Your Kindle page in your account on Amazon's site, or from the product page of a book you've already purchased. You specify an e-mail address for the person you want to lend to, and that person has one week to accept the loan. If he or she does not accept in that time, the book reverts back to you, and does not count against your one-time loan limitation.

Since Barnes & Noble and both have lending facilities for their e-books, can the iBook Store be far behind? Not likely, but first Apple should try to get more titles in its iBook Store, no?

Publisher breaks Adsense ToS, blames Google after ban

A publisher who monetized his website through the use of Google's Adsense, and who admitted to be making a pretty good amount of money doing it, has been banned by Google for violating its Terms of Service. While he's cried foul for the issue, and others have come in to support him, unfortunately for him: he's gotten what he deserved.

Find or Create Hilarious Merchandise at CafePressHe started by making YouTube videos, which are, quite honestly, bringing tons of views to YouTube and thus making Google money. It wasn't his YouTube videos that were the issue, but his own site, however.
Over the past 18 months I have been making films for Google. In fact, I make them for Youtube – owned by Google. I am the 97th biggest reporter on YouTube ever, globally, and No 7 in the UK.
That's great for Google, and if he were doing that under contract for say, ABC, and getting residuals, there would be no question that he deserved his income. However, here's what happened, on his own site, which he later started and populated with ads, including Adsense:
I was also running little blocks of adverts provided by Adsense and, yes, I told my subscribers that I got some money if they visited the websites of those advertisers – all of whom were interested in selling stuff to sailors.

I thought this was not much of a revelation - as any fule kno that is how it works.
It may not be a revelation, but it's definitely off limits according to the Adsense ToS, to encourage visitors to click your ads.

His justifications, that the ads were contextual to his site, and that the folks coming to his site were sailors, and that some had never seen a sailing ad on a site before, may be true, but don't discount the ToS violations.

WebMasterWorld has a long discussion forum post on the issue, and the opinion there is all in one direction: Favoring Google. As one commenter said:
He got Greedy. Broke the rules. And he is now out.

Will Google make a move and expand the Big 4 U.S. wireless carriers into the Big 5?

Is Google set to become the newest wireless carrier in the U.S.? That's the question asked by CNNMoney, which answers its question with a "they could, but will they." Meanwhile, TechCrunch, commenting on the original story, answers CNNMoney's question with a resounding "yes."

Google Voice, with its deep integration into Android and newly released iPhone native app, along with all the infrastructure that Google has built around the service, gives the company a leg up if it wants to move in that direction.

They are also other signs that Google might be interested in becoming a carrier, such as the fact that in 2008, Google put in a bid to buy wireless spectrum to provide mobile Internet access (which went eventually to Verizon), and its moves into experimental broadband with its Google Fiber project.

However, the fact that Google has already admitted that it makes the bulk of its revenue from Android on search, it would probably take Verizon, for one, mere seconds to substitute Bing onto its Android handsets. It's already put Bing into a few of them, much to the dismay of end users.

Of course, as SAI points out, if Google were to attempt such a move, it probably wouldn't get federal regulatory approval. Both the CTIA and Verizon spend far more money on lobbying than Google does.

There would be a host of other obstacles in Google's way, including its unfamiliarity with all that's required to be a wireless carrier. Instead, as Forrester Research analyst Jeffrey Hammond said,
"While I think Google could become a mobile provider, I'd view it as a nuclear option."
In other words, as long as the current set of carriers don't get in the way of Google's ambitions to be the hub for all things Internet, all will be well. If things change, you could be looking toward a Google-branded Android phone, with that branding referring to Google as a carrier, not just for a pure Android phone like the Nexus S.

China said to ban Skype

The latest product of Western technology to be banned from China is Skype. According to the official state newspaper, the People's Daily, all Internet phone calls, with the exception of those made over two state-owned networks, China Unicom and China Telecom, were to be banned.

In addition to Skype, China's UUCall and other similar services would be banned.

In a statement, Skype said the service continues to work in China, at least for now. The VOIP company said:
"Users in China currently can access Skype via Tom Online, our partner."
Services such as Facebook, Twitter and YouTube are already blocked in China. Google earlier moved its services from China to Hong Kong, after China's attempts to hacks it Gmail service.

Skype has offered Chinese users a joint service with Hong Kong-based Tom Online since September 2007. Skype has been criticised for allowing monitoring of messages, particularly those that address "controversial" subjects such as Tibet.

Professor Kan Kaili at Beijing University of Post and Telecommunications said he doubted the complete shutdown of Skype in China was possible.
"It is very unlikely that they will manage to shut Skype down. Skype is the market leader, but there is also MSN and Gmail Talk. The children of Chinese government officials, who are studying abroad, use these services to call home, so I do not think anyone is going to cut the lines. Even if they take a strict approach, such as getting local operators to block the broadband services of people who use Skype, people will still find a way around it."

Pew: 65% of Internet users have paid for online content; what does it mean?

The latest Pew Research study shows that 65 percent of Internet users they surveyed have paid for online content. The survey is quite broad in what it defines as "paying for online content," however, so the headline may not mean what many hope it means.

What the report doesn't mean is that 65 percent of Internet users have paid for a something with a paywall, like say the Wall Street Journal. Drilling into the report shows the following:
  • 33 percent of internet users have paid for digital music online
  • 33 percent have paid for software
  • 21 percent have paid for apps for their cell phones or tablet computers
  • 19 percent have paid for digital games
  • 18 percent have paid for digital newspaper, magazine, or journal articles or reports
  • 16 percent have paid for videos, movies, or TV shows
  • 15 percent have paid for ringtones
  • 12 percent have paid for digital photos
  • 11 percent have paid for members-only premium content from a website that has other free material on it
  • 10 percent have paid for e-books
  • 7 percent have paid for podcasts
  • 6 percent of internet users said they had paid for some other kind of content, uncategorized by Pew Research
  • 5 percent have paid for tools or materials to use in video or computer games
  • 5 percent have paid for “cheats or codes” to help them in video games
  • 5 percent have paid to access particular websites such as online dating sites or services
  • 2 percent have paid for adult content
A better headline for this study might be "65 percent of Internet users have purchased digital content." Buying software online, or music, or paying for apps on smartphones or tablets isn't really the genre that many are concerned about, in terms of monetization of the Web.

What is more of a concern is whether or not sites like the New York Times, which plans a paywall soon, will be able to make a go of it. Buying something on the Internet, even though the survey concentrated on "intangible goods," rather than tangible ones like a book or laptop, isn't the same thing.

Many are used to content on ... or from ... the Internet being free. That's why it's not clear that something like "The Daily," Rupert Murdoch's upcoming iPad news daily, will work, since so much news content is available for free.

It is true, however, that 18 percent said they paid for digital newspaper, magazine, or journal articles or reports, and 11 percent have paid for members-only premium content from a website that has other free material on it, and that 2 percent paid for adult content.

The average spent monthly was approximately $47. That included both subscription (an average of $12 per month) and individual file access (an average of $22 per month). Pew said that some high-end users skewed the average higher, and given that they added that most purchasers spent about $10 per month.

The survey ran from Oct. 28 - Nov. 1. Princeton Survey Research Associates International interviewed 1,003 U.S. adults about their online content habits. (672 interviews by landline, 331 by cell) The margin of error was "a fairly narrow plus-minus of 3.7 percentage points."

Apple to announce Verizon iPhone before Valentine's Day: report

Many are anticipating a Verizon iPhone in the first quarter of 2011. Typically, Apple would have a huge event around the announcement, and current speculation is that the Verizon version will be announced before Valentine's Day, 2011.

Whether or not that prediction comes to fruition, Business Week also states the obvious, that the Verizon iPhone presents a large problem for AT&T. As the exclusive carrier for the U.S. iPhone since 2007, AT&T's network has been the subject of much criticism, including a recent reader poll from Consumer Reports which ranked AT&T as the worst carrier in America.

Meanwhile, Verizon has a reputation for reliability. Whether the iPhone's data-sucking abilities will test that reputation remains to be seen. Reports have noted that Android users on Verizon's network are actually using more data, per device, than corresponding iPhone users on AT&T's network, which could be a positive sign for the carrier.

As far as the intro goes, it looks like hopes for a CES announcement by Verizon have been dashed. According to BW, a person familiar with Apple's plans who is not authorized to discuss them publicly said that the Verizon iPhone launch event will come sometime after CES.

Although it's widely expected that users will flock to the Verizon iPhone, it may not come at the expense of AT&T, said BW. "The expense and hassle of changing carriers could also work to AT&T's advantage," BW said, and that is true. AT&T recently increased its early contract termination fees from $175 to $325. Those who have not planned in advance for the Verizon iPhone, which has been rumored for months, may be stuck.

Additionally, those who have family plans would also face the expense of multiple device purchases, as the entire family would have to be outfitted with Verizon compatible phones. The new iPhone is not expected to be compatible with Verizon's 4G LTE network, so that is not anticipated to be a draw.

It's also true that CDMA devices, until now, have not been able to use voice and data at the same time. This means if a user is on a call, they couldn't go to, say, Yelp, to look something up. A change to CDMA which would allow both data and voice to be used at once, called SVDO, has been developed, but it is unclear if that will be included in the CDMA version of the iPhone.

Charles S. Golvin, an analyst with Forrester Research spoke of the potential of AT&T defections, and said,
"I'm sure some AT&T customers are sufficiently frustrated to switch, but the vast majority are at least happy enough."
Happy enough, we would think, to forego the expense and effort, at least until their contracts expire.

Video calling feature on Skype for iPhone goes live

FaceTime now has a legitimate competitor, as Apple's video calling feature now faces the wrath of Skype, which has officially released the video calling feature to its iOS client. Admittedly, a CES intro was generally expected, but the Skype outage last week might have prompted an early release to get some positive PR.

Unlike FaceTime, the video calling feature works over 3G, as well as wi-fi. The data use on 3G has been measured, however, and it's 3.4MB per minute. If you aren't grandfathered into an unlimited data plan with AT&T, you'd better keep an eye on your usage if you use 3G for calling.

In terms of compatibility, the new app (App Store link) is compatible with the iPhone 4, iPhone 3GS, and iPod touch 4th generation with i0S 4.0 or above (naturally, iPhone 3GS users don't have a front-facing camera, but they can still use the rear-facing one). Video calls can be received on the iPod touch 3rd generation and iPad.

Additionally, calls can be made between iOS devices and desktop clients, including Skype for Windows 4.2 and above, Skype for Mac 2.8 and above, Skype for Linux and the ASUS videophone. A reminder, based on last week's Skype outage: update your Windows client if you are on

Although 3G calling is possible, we'd recommend that 3G to 3G video calling only be done as a last resort. Performance, as you might expect, is far from optimal.

Skype's app is free in the App Store. No word yet on Android updates or other platforms, but those announcements might be saved for CES.

Thursday, December 30, 2010

Kanye West's unfinished 'Monster' video leaked to the Web

Poor Kanye West has seen another more of his content leaked to the Web. An obviously unfinished version of his hit "Monster" single has hit YouTube.

"Monster" is the name, and monsters are featured. It's a close to six minute, gory flesh-fest (NSFW), featuring Rick Ross, Jay Z, Nicki Minaj and Bon Iver. Fans have been anticipating the release of this video for weeks, after being teased with a making-of video in early December, followed by a preview soon thereafter.

No doubt, it's very gory, with one scene featuring West standing holding a woman's severed head. No release date has been announced for the official version of the "Monster" video. Take a look in the sidebar; more than one version has been released to YouTube with at least one already taken down. Remember: NSFW.

Hackers hack PS3 private key, bust PlayStation DRM wide open

The latest hack to come out of the Chaos Computer Club (CCC) Congress being held in Berlin comes from the fail0verflow hacking squad, who say they've found a way to obtain the PS3's private cryptography key, which is used to sign code.

With an exploit of this type, people could sign, and thus run any PS3 program. The system would then run it as though it were a valid PS3 game, and firmware upgrades won't be able to stop it, either.

Naturally, one can imagine pirated games being signed, allowing them to run as though they were legitimate copies. However, fail0verflow said their intention was not piracy, but rather, according to a Tweet from the group, to enable Linux to run on all PS3s, "whatever their firmware versions."

In fact, The team claims: "We only started looking at the PS3 after Other OS was killed." OtherOS was a feature available in the first versions of the PS3. It allowed other operating systems, such as Linux or FreeBSD, to be installed on the system. However, this feature was removed in newer models. Older models saw the feature removed, as well, through a firmware update by Sony.

Sony said the removal was to prevent piracy.

The hack was possible because Sony completely screwed up. When fail0verflow worked backwards from generated keys, they discovered that a parameter that should have been randomized for each key generation was not. Instead, the PS3 was using a constant for what should have been a variable, making it simple to create out acceptable keys.

fail0verflow's website is up, but with just a staging site for now. The team promises to host details of the private key and a jailbreak patch there, as well.

Meanwhile, you can watch a video of their demonstration at CCC, below, with the hilarity over Sony's error at about 39:11.

Hackers demo the 'SMS of Death' attack at security conference

The latest hack shown off at the Chaos Computer Club (CCC) Congress being held in Berlin has been dubbed the "SMS of Death." And the hack would affect feature phones, which despite the rise of smartphones, comprise more than 85 percent of the world’s cellphones.

Feature phones aren't "smart" phones, but they can play MP3s or browse the web, among other things. They represent as many as 85 percent of cell phones globally. An example would be the Motorola RAZR.

Collin Mulliner, a researcher at Berlin’s Technical University, and colleague Nico Golde set up their own GSM network in their lab, and tested a variety of feature phones, sending them SMS messages with "damaging payloads." Depending on the phone, the results varied.

For example, some phones rebooted, but without registering the fact that the message was received, meaning that when the phone rebooted, the carrier would continue sending the message and triggering a looping set of crashes. To fix the problem, it was necessary to put the SIM into an unsusceptible phone.

Other phones had their interfaces shut down, and were disconnected from the network. The models tested included the Nokia S40 and related models (except for the very newest release); Sony Ericsson w800 and several related models; LG (LG 320), Samsung S5230 Star and S3250; Motorola RAZR, ROKR, and SVLR L7; and India’s Micromax X114.

The worst case scenario, Mulliner said, would be that a hacker could target a specific carrier, holding it hostage with the threat of an "SMS of Death" attack that could knock feature phones off the network or even damage phones permanently. This comes on the heels of McAfee's report which noted mobile attacks are set to rise in 2011.

Mulliner noted that unlike smartphones, feature phone firmware updates, which could be used to fix bugs, are few and far between. As there is no such thing as bug-less software, Mulliner said the obvious, "Manufacturers need to find a way to do firmware updates, and make sure to advertise them.” Advertising may be the key, as well as forcing an update, as Skype found out recently.

Nintendo drops warning label age for 3DS to six, from seven

Earlier, while stating that although 3D gaming on its Nintendo 3DS handheld system could cause eye fatigue faster then normal, Nintendo also warned that children under seven shouldn't use the system. Nintendo hasn't backed off that warning, but they have dropped it by one year, to six instead of seven.

In June, Nintendo of America president Reggie Fils-Aime said:
"We will recommend that very young children not look at 3D images. That's because, [in] young children, the muscles for the eyes are not fully formed... This is the same messaging that the industry is putting out with 3D movies, so it is a standard protocol. We have the same type of messaging for the [1990s Nintendo virtual reality machine] Virtual Boy, as an example."
As noted, Nintendo has lowered the cautionary age to six, which means seven year old probably jumping for joy. As with anything, it appears the key is moderation. People are told to rest their eyes when viewing computer monitors; the same should be true of the 3DS screen, although the warning about children's eyes, we would say, should be taken seriously.

Man steals video game out of 17-year-old's casket

A 17-year-old's life is snuffed out, and that's a tragedy. Someone steals a GameBoy and cartridges from that 17-year-old's casket: that's just low.

Get Free Shipping at eBags17-year-old Bradley McCombs was killed in a rollover SUV accident. During a viewing Monday night at the Rairigh Funeral Home in Montgomery Township, 38-year-old Jody Lynn Bennett took a GameBoy, GameBoy Light and three cartridges, which had been placed in McCombs' casket.

Montgomery Township is about 65 miles northeast of Pittsburgh.

Thanks to an anonymous tip, police caught up with Bennett and arrested him at about 1 PM EST on Wednesday. Bail was set at $15,000, which he was unable to post, so he was jailed. He has been charged with theft, abuse of a corpse, and intentional desecration of a venerated object.

His mother said Dianna Bennett, said her son was addicted to both drugs and alcohol, and apologized for his actions.

Irony: rooted B&N nook color gains access to Android Market, Kindle app

The Barnes & Noble nook color is Android-based, and thus, possibly rootable. In fact, it has been rooted, and irony of ironies, can now read Kindle e-books.

Rooting an Android device is similar to jailbreaking iOS. It allows users to access features and functions they wouldn't normally be able to. The full process is available here, and although the irony of being able to use the Kindle app is perhaps the snarkiest thing about the process, the actual result is far more.

What actually happens is you turn the nook color into a general purpose Android device. B&N had closed off a lot of things, walling it off as an e-book reader only. After the root, you've got a general-purpose tablet, right down to YouTube, Gmail, and the best of all: the Android Market. It's been confirmed that apps from the Market can be installed, as well.

That makes the $249 nook color a very affordable Android tablet, and not a cheap knock-off that might break just about any time. Naturally a nook color firmware update could close the root.

At the same time, it's a good thing (for B&N) that the nook color doesn't have 3G support. If it had support in the same manner as the Kindle (meaning, no charge to end users), you could see how much of a bargain that would make this device.

Disney's 'underground command center' helps customers survive lengthy lines

A underground bunker isn't what you might expect at a Walt Disney theme park, but indeed it's there, beneath the Cinderella Castle at Walt Disney World in Florida. The purpose isn't to monitor for miscreants and line-cutters, but instead for fun, that is to get you to the fun faster.

You might think there's not much that Disney can do with lines. There will always be lines, of course, for rides and attractions. But the command center monitors shows lines of people in either green; yellow or red outlines, and you can imagine that yellow and red marked lines are those who might be disgruntled and Tweeting about it.

An example, as the New York Times reports, if lines at the "Pirates of the Caribbean" ride are getting too long, the Disney Operational Command Center, as it's called, can send more boats to quicken the pace. If the ride is already at maximum capacity, they can send a theme park employee such as Mickey Mouse or even Captain Jack Sparrow entertain bored visitors. Some of the rides, such as Space Mountain, even have short video games to keep visitors occupied until they reach the ride.

In the future, Disney might embed NFC, or Near-Field Communication (which was added to the Samsung Nexus S, as you may recall, and which Google says may replaced credit cards someday) into wristbands that can be used to transmit a visitor’s name, credit card number and favorite Disney characters. Guests can then swipe their band to pay for things, and even hear their names called out by robotic characters on rides.

You can imagine that would be the bands would come at a premium, which would mean they might cost extra, of course.

Not specific to the command center, but also something Disney has done to help visitors, are Android and iPhone apps that can be used to help find things like restrooms or even park characters.

Those interested in privacy might be concerned about the command center. Disney does not see it that way. Instead, is believes the center is just another facet in its attempts to improve the customer experience. Those who have waited hours in a line at a Disney theme park would probably be willing to give up some privacy. According to Disney, previously a typical visitor only had time for nine rides, out of more than 40, and even these new improvements have only raised that average to 10.

Wednesday, December 29, 2010

With the aid of $15 cell phones, hackers eavesdrop on encrypted GSM calls

GSM encryption has been broken since December of last year, and in August at Defcon 3, a $1,500 device was demonstrated that could intercept phone calls.  The price has just dropped to rock-bottom: at the Chaos Computer Club (CCC) Congress on Tuesday, a method of eavesdropping on calls and text messages using only four sub-$15 cell phones, a laptop, and open source software was demo'ed.

It was, in fact, at last year's CCC when the ability to crack GSM's encryption was first demonstrated. The new hack was demonstrated at CCC in Berlin by Karsten Nohl and Sylvain Munaut.

In the new hack, first, by leveraging the way that GSM networks exchange subscriber location data, hackers narrow down a subscriber’s current location to a city or rural area. Once that's done, hackers can drive around the locality, sending the target phone “silent” or “broken” SMS messages that do not show up on the phone.

Using simple Motorola GSM phones flashed with their own firmware, Nohl and Munaut can "sniff" the network which "allowed them to retain the raw data received from the cell network, and examine more of the cellphone network space than a single phone ordinarily monitors." As further explained:
By sniffing the network while sending a target phone an SMS, they were able to determine precisely which random network ID number belonged to the target. This gave them the ability to identify which of the myriad streams of information they wanted to record from the network.
Nohl, a Security Research Labs researcher said,
“GSM is insecure, the more so as more is known about GSM. It’s pretty much like computers on the net in the 1990s, when people didn’t understand security well.”

Blame it on old software: Skype outage due to old client versions

Blame it on older Windows clients. That's the verdict, forensically, from Skype's investigation into what caused the recent massive Skype outage.

Skype is a P2P service, and relies on supernodes, which exist outside firewalls, for its directory service. The current Windows version of Skype is However, a bug in caused those clients to crash. Here's what Skype said:
On Wednesday, December 22, a cluster of support servers responsible for offline instant messaging became overloaded. As a result of this overload, some Skype clients received delayed responses from the overloaded servers. In a version of the Skype for Windows client (version 5.0.0152), the delayed responses from the overloaded servers were not properly processed, causing Windows clients running the affected version to crash.

The worst news is that around 50 percent of all Skype users globally were running the version of Skype for Windows. The crashes caused approximately 40 percent of those clients to fail. In effect, 20 percent of clients overall failed, as the newer client, older (4.0) Windows clients, and clients on other platforms were unaffected by the initial problem.

However, once those Windows clients crashed, that meant a number of supernodes, approximately 25 – 30 percent, failed. That's when things really started to fail on the Skype network.

What can Skype do to keep this from happening again? They will be reviewing their procedures for "automatic" updates to end users, but in addition to that the company outlined plans, including strengthening their core systems, in their forensic blog post.

In addition, the company sent an email to affected users, issuing a $1 credit voucher for the inconvenience. While that seems ludicrously small, it should be noted that landline companies don't give users a credit for an outage, nor do broadband companies. Thus, it's not as bad a deal as it might sound.

Mini-fridge turned into iPhone-controlled beer cannon

If you have been running out of cool ways to use your iPhone, check in with Ryan to see if he has any ideas for you. Ryan has turned an old mini-fridge from his days at college days into an iPhone-controlled beer-firing cannon.

Among the features are that you can select from 4 types of beer, adjust the temperature, aim via the attached webcam. Additionally, the cannon auto tweets each shot. In addition, Ryan added on YouTube that crosshairs for aiming are in the works.

Watch the beerfest below. He's thinking of selling beer cannons once he reaches version 2.0.

HTC Thunderbolt leaks continue ahead of CES unveiling

Verizon still has no 4G handsets, although it very recently launched its LTE network, and consumers are looking to Q1 2011 for the first one. Rumored to be first was an HTC device, codenamed Mecha / Mocha and now HTC Thunderbolt, and now more images have leaked, just ahead of CES.

Previous leaked images have shown a device that reminds many of an HTC Desire HD, but also of an HTC Evo, right down to the kickstand. Shipping codename aside, it's been rumored to ship with the name HTC Droid Incredible 2 or HTC Droid Incredible HD. The latest rumored shipping name is the HTC Droid Thunderbolt, or perhaps just the HTC Thunderbolt.

Since Droid Life just managed to snag 12 photographs of the HTC Thunderbolt, we're leaning toward believing those name variations are solid.

Not that much is known spec-wise about the HTC Thunderbolt, but it's expect to have a 4.3-inch screen, run Android 2.2 (Froyo), most likely not getting Gingerbread (Android 2.3) since it's also going to run Sense UI, which will slow a  port, a kickstand with a hidden speaker beneath, and no Bing (based on the "with Google" logo on the back, shown in leaked images).

It's also possible that this is just another "controlled leak." Multiple Mecha / Mocha / Incredible HD / Incredible 2 / HTC Thunderbolt images have leaked over the past few days. With Verizon planning a highly anticipated press conference at CES, we expect to hear more there.

Researchers hack Kinect to control WoW

The ideal gaming system would be if you could actually immerse yourself in a gaming world and fight, cast spells, whatever, by making the motions that you would need if you were actually part of the game. This Kinect hack doesn't go quite that far, but we can dream, can't we?

Built by the USC Institute for Creative Technologies, FAAST, or the Flexible Action and Articulated Skeleton Toolkit isn't specific to World of Warcraft (WoW), but it has been hacked to control WoW as shown in a demo video below. The actual plans of the institute are a bit less commercial.

The plan is to develop "simple, medically inspired games for rehabilitation of motor-skills after a stroke, and even for reducing childhood obesity through 'healthy gaming.'" Of course, healthy gaming could possibly be achieved with a Nintendo Wii and EA Sports Active, but as we know, the Kinect goes far beyond the Wiimote.

Watch the demo video, remember that this is 0.03 version software, and imagine the future.

Groupon valuation as much as $7.8 billion: report

When Groupon turned down Google's, it was assumed they might go for another financing round. According to VC Experts, and a Tweet by Groupon CEO Andrew Mason, that is indeed the case.

VC Experts said that Groupon has filed a certificate to authorize a $950 million Series G round of preferred stock. Mason's Tweet said:
Groupon is in the process of completing a new round of financing - we'll let everyone know when there's more to announce.
VC Experts also estimate that the new round of financing gives Groupon a “best estimate” valuation of $6.4 Billion. With the latest filing the number of Groupon's authorized voting common shares has risen to 250 million. If all of them were issued at $31.59 per share, that could mean that Groupon's valuation would be over $7.8 billion.

Groupon, of course, is the Deal of the Day site that turned down an offer for $6 billion from Google.  The site issues deals, and if enough people sign up for them (a group) the deal goes live (a Groupon).

The new Certificate of Incorporation can be downloaded here. The $950 million is the upper limit on what Groupon could raise. VC Experts said that the company would be filing another document next week detailing the exact amount it intends to raise.

Facebook connects sick 10-year-old girl with kidney donor

Facebook aims to keep you connected to your friends, even faux ones. In this case the social networking site connected two complete strangers to each other, and may have saved a girl'e life in the process.

Donette Warren used the popular social networking site Facebook, to find a donor for her daughter, ten-year-old Vivica Loyd, who has been ill most of her life. Born with six holes in her heart, Loyd has had five strokes and over forty surgeries.

Donette Warren was searching on Facebook for a solution. She said,
"I was posting on Facebook all day. I was posting the message to help my daughter and [asking] to please repost."
Cathy Olsen saw a post on a friends' Facebook wall. After asking the opinion of her family, Olsen was tested and determined a match.
"I couldn't sit around and watch a girl die, that I knew I was a match for. I don't feel like a hero, but it feels great."
Vivica had been undergoing dialysis treatment for three years.

It's not the first time a kidney match was facilitated by Facebook. Earlier, Sarah Taylor, Carlos Sanchez, and John Burge all had transplants with a Facebook connection.

There are a number of organ donor related groups on Facebook, including the NHS Organ Donor Campaign and the Gift of Life group.

Watch a video report specifically on Loyd, below.

Apple rises on list of malware writers' targets: McAfee

Apple has achieved enough critical mass to become a viable target for malware writers, McAfee has written in its 2011 Threat Predictions report. In addition, the security company notes a number of other venues for attack, including mobile, as tide of smartphone use continues to rise.

Among the highlights of the report, the full text of which is available at McAfee's site, are:
Apple: No longer flying under the radar
Historically, the Mac OS platform has remained relatively unscathed by malicious attackers, but McAfee Labs warns that Mac-targeted malware will continue to increase in sophistication in 2011. The popularity of iPads and iPhones in business environments, combined with the lack of user understanding of proper security for these devices, will increase the risk for data and identity exposure, and will make Apple botnets and Trojans a common occurrence.
We've been saying it for some time: there are two reasons that Apple's Mac OS X has not been targeted by malware, at least to any great extent. One is the lower cost of Windows PCs, meaning that malware writers have easy access to them, and two is the fact that Windows dominates, meaning that if a malware writer wanted a larger number of targets, Windows was the way to go. With Apple's increased prominence, times have changed.
Mobile: Usage is rising in the workplace, and so will attacks
Threats on mobile devices have so far been few and far between, as “jailbreaking” on the iPhone and the arrival of Zeus were the primary mobile threats in 2010. With the widespread adoption of mobile devices in business environments, combined with historically fragile cellular infrastructure and slow strides toward encryption, McAfee Labs predicts that 2011 will bring a rapid escalation of attacks and threats to mobile devices, putting user and corporate data at very high risk.
Strange that jailbreaking would categorized as a threat. Jailbreaking on iOS does open the platform to more threats, but in and of itself it is not malware.
Exploiting Social Media: URL-shortening services
Social media sites such as Twitter and Facebook have created the movement toward an “instant” form of communication, a shift that will completely alter the threat landscape in 2011. Of the social media sites that will be most riddled with cybercriminal activity, McAfee Labs expects those with URL-shortening services will be at the forefront. The use of abbreviated URLs on sites like Twitter makes it easy for cybercriminals to mask and direct users to malicious websites. With more than 3,000 shortened URLs per minute being generated, McAfee Labs expects to see a growing number used for spam, scamming and other malicious purposes.
There are a few ways to check shortened URLs, but one of them is Securi, which offers an URL checker.
Exploiting Social Media: Geolocation services
Locative services such as foursquare, Gowalla and Facebook Places can easily search, track and plot the whereabouts of friends and strangers. In just a few clicks, cybercriminals can see in real time who is tweeting, where they are located, what they are saying, what their interests are, and what operating systems and applications they are using. This wealth of personal information on individuals enables cybercriminals to craft a targeted attack. McAfee Labs predicts that cybercriminals will increasingly use these tactics across the most popular social networking sites in 2011.
McAfee doesn't mention other ways that criminals are using your check-ins. Some are using Facebook and other check-ins to time burglaries.
Applications: Privacy leaks—from your TV
New Internet TV platforms were some of the most highly-anticipated devices in 2010. Due to the growing popularity among users and “rush to market” thinking by developers, McAfee Labs expects an increasing number of suspicious and malicious apps for the most widely deployed media platforms, such as Google TV. These apps will target or expose privacy and identity data, and will allow cybercriminals to manipulate a variety of physical devices through compromised or controlled apps, eventually raising the effectiveness of botnets.
Makes 100 percent sense, since Google TV, for example, is an Android-powered device. Of course, once Google TV gets access to the Android Market, it will also get access to antivirus software.
Hacktivism: Following the WikiLeaks path
Next year marks a time in which politically motivated attacks will proliferate and new sophisticated attacks will appear. More groups will repeat the WikiLeaks example, as hacktivism is conducted by people claiming to be independent of any particular government or movement, and will become more organized and strategic by incorporating social networks in the process. McAfee Labs believes hacktivism will become the new way to demonstrate political positions in 2011 and beyond.
It's interesting, but we expect most of this hacktivism to come via DDoS attacks, and not leaks.
Sophistication Mimics Legitimacy: Your next computer virus could be from a friend
Malicious content disguised as personal or legitimate emails and files to trick unsuspecting victims will increase in sophistication in 2011. “Signed” malware that imitates legitimate files will become more prevalent, and “friendly fire,” in which threats appear to come from your friends but in fact are viruses such as Koobface or VBMania, will continue to grow as an attack of choice by cybercriminals. McAfee Labs expects these attacks will go hand in hand with the increased abuse of social networks, which will eventually overtake email as a leading attack vector.

Botnets: The new face of Mergers & Acquisitions
Botnets continue to use a seemingly infinite supply of stolen computing power and bandwidth around the globe. Following a number of successful botnet takedowns, including Mariposa, Bredolab and specific Zeus botnets, botnet controllers must adjust to the increasing pressure cybersecurity professionals are placing on them. McAfee Labs predicts that the recent merger of Zeus with SpyEye will produce more sophisticated bots due to improvements in bypassing security mechanisms and law enforcement monitoring. Additionally, McAfee Labs expects to see a significant botnet activity in the adoption of data-gathering and data-removal functionality, rather than the common use of sending spam.

Advanced Persistent Threats: A whole new category
Operation Aurora gave birth to the new category of advanced persistent threat (APT)— a targeted cyberespionage or cybersabotage attack that is carried out under the sponsorship or direction of a nation-state for something other than pure financial/criminal gain or political protest. McAfee Labs warns that companies of all sizes that have any involvement in national security or major global economic activities should expect to come under pervasive and continuous APT attacks that go after email archives, document stores, intellectual property repositories and other databases.
What is McAfee speaking about in terms of Advanced Persistent Threat? They're talking about something like Stuxnet, which seems to have been written by a foreign power to take down Iran's nuclear agenda.

It's a back and forth between security experts and malware writers.  The key thing to remember is nothing is unhackable, no matter what anyone says. Even Mac users should be using an antivirus product.

Oh, and one more thing: use strong passwords.