Monday, July 5, 2010

The Next Web

The Next Web

Link to The Next Web

Wikipedia was down, and now we know why [Updated]

Posted: 04 Jul 2010 05:58 PM PDT

As of the time of this writing, Wikipedia has been down and out for around 40 minutes.  As of yet, there is no explanation as to why, but Twitter seems to be buzzing about it as well.

It’s not the first time, and certainly not the last.  The last time, in the latter days of March, Wikipedia felt a hard knock for quite a few hours.  Again, at that time, Twitter users were the first to seem to realize what had happened.

As of yet, there is no information regarding the outage on the Wikipedia Technical Blog.  It’s unclear as to whether or not this is similar in relation to the last outage, attributed to an overheating DNS server.

We’ll, of course, keep you updated as we find out more.

For now, this is what we have:

According to Gabe Rivera’s Twitter, the reason behind this down time has to do with an outage at the Florida data center in the US.

Update: The site appears to be back now, and fully functional.

Original title and link for this post: Wikipedia was down, and now we know why [Updated]

Apple’s app store, filled with “App farms” being used to steal. [Examples]

Posted: 04 Jul 2010 05:09 PM PDT

As the story of of iTunes accounts being hacked continues to develop, we’ve come across a number of what we would call “App Farms” in iTunes being used to scam users out of their money.

Despite a claim that we’re exaggerating the gravity of the entire situation, let’s show you a few examples of these app farms and you can judge for yourself.

1. The Company/Thuat Nguyen begun our investigation.  It’s responsible for 42 apps, 41 of which are book apps, all in the top 50 best selling apps in the books category. This app developer hacked iTunes user accounts and purchased their own apps using those accounts.  (Update: This app developer has now had all his apps removed)

2. Charismaist (iTunes Link). With only three apps in the app store, Charismaist can hardly be considered a farm but we’ve already received 4 reports of charges up to $600 for the purchases of this developer’s apps.

One reader says:

“Someone has downloaded 8 apps and two songs totalling £61.70. The most expensive being an app called All Match by Charismaist for £54.99! The other apps seem to be based on photographer like Camera One, Night Shot, Camera Flash Ultra. Surely Apple won't pay out to these developers.”

and another,

“My iTunes account was also hacked in the last week or so and I was billed £140. iTunes customer support was less than supportive and it took my bank getting involved, my card being cancelled and reissued and 2 changes of passwords to get is sorted. The apps that Jamie Vickery mentioned were bought using my account too.”

Comments on iTunes about one of the apps can be found below:


3. Wishii Network. Similar to the first example, Wishii Networks apps completely dominate the top travel iPad apps list with 29 out of 50 apps in the Travel category of apps store, this time on the iPad.

We’ve yet to receive reports from anyone who has spotted these apps in their billing history but considering this is the US itunes app store and each of the apps requires payment to climb up the chart – someone’s paying for them.

4. Storm 8 (itunes link). Check out the screenshot below.  An app developer with 45 Games, many are clones that only differ by the number of “points” they offer.  This is probably the most interesting exploit of them all. The app developer hands out their games for free (or very little) and then uses the in-game points purchases to make their money, often charging up to $150 for in-game points purchased.

One report we received:

“Our account was hacked just over a week ago. We're still waiting on our bank to finish its 'investigation' to get our money back. Unlike what others have reported, we were taken for over $1400.00 on what looks like in-game credits for some game called World War at $160 a transaction and some music. Again, Apple did nothing to help but give the password reset advice and removing of the credit card info.”

Other Examples

There are other App Farms we know of, but no reports of whether or not they have been used for unethical purposes. One example is Brighthouse Labs with 4568 Apps, all virtually worthless.

As I’ve said before, clearly when one developer completely dominates the ranking in a particular category, other app developers suffer but when it happens by means of hacking end users accounts – it's a serious concern that leaves everyone involved suffering. Developers don't get the recognition they deserve, users are robbed and left with a poor user experience, while Apple is left with a tarnished brand and a lot of explaining to do.

Why does Apple not have mechanisms in place to detect when previously unpopular apps from the same developer flood the top rankings?

When some apps are left waiting weeks for approval, only to be rejected by Apple for minor objections, how does a company with no website, no description and apps that are literally swarming iTunes escape punishment? More importantly, how has someone managed to hack users' accounts and left many, we can only assume, unaware they've been robbed?

More to follow. If you know of any other companies with similar set-ups on iTunes, do please let us know.

Original title and link for this post: Apple’s app store, filled with “App farms” being used to steal. [Examples]

The rogue developer’s apps have been removed from the iTunes Store.

Posted: 04 Jul 2010 03:28 PM PDT

In an interesting non-announcement, it seems that the applications that have caused such a stir today have now been removed from the iTunes Store.  That is, the ones of which we are aware.

We’ve gotten no response from Apple, so there is no confirmation as to whether Apple itself has removed the applications, or if the developer has become aware of the publicity and decided to leave well enough alone.

To that end, keep an eye here on TNW.  In the next few minutes, we’ll be reporting on some other rogue developers that we’ve uncovered.  This might turn out to be a very interesting week for Apple.

In the mean time, make certain that you’re taking precautions against having your own account compromised.

Original title and link for this post: The rogue developer’s apps have been removed from the iTunes Store.

Google: Apple Is Making Our Job Easy

Posted: 04 Jul 2010 03:07 PM PDT

A few days ago, Google CEO Eric Schmidt did a rather candid interview that was covered on the Telegraph website in the UK. Somewhere along the way, the majority of the media seemed to have missed it, but there were some very key points about Google’s mindset on products, and mobile in particular.

Probably most notable of his quotes was the following:

“We don’t have a plan to beat Apple, that’s not how we operate.  We’re trying to do something different than Apple and the good news is that Apple is making that very easy.”

The statement, made in reference to the 2.2 version of Android being rolled out shortly after the launch of iPhone 4, opens quite a few doors about the inner workings of Google.  For one, as Schmidt is quick to point out, the business models are drastically different between the two companies.

“The Google model is completely open. You can basically take the software – it’s free – you can modify whatever you want, you can add any kind of app, you can build any kind of business model on top of it and you can add any kind of hardware. The Apple model is the inverse.”

Though Schmidt is also keen to point out that Google has been eyeing the mobile market for quite some time, and the market had only recently come to a point where it seemed logical for Google to strike.

And strike it has.  Google, it seems, is working its way toward a semantic experience not only for search but for its mobile market as well.  Schmidt points out that in the course of the next 5 years, the world will be consuming the majority of its content online.  That consumption, says Schmidt, will happen "on devices that are live not static. The characteristics of these devices are that they know who you are, they know where you are, they can play video and they carry memory.”

So then back to the subject of Apple making Google’s job easier.  The question, of course, is how this is fact.  The answer is deceptively simple, and one that we’ve talked about before:  Google is catering to a market that wants a more open platform.

The argument could be made, indeed, that Android is only open to an extent; that the approval process and release cycle puts it simply on par with iOS and not in a different class.  But the other end of that story is what you can do with Android once it’s in your own hands.  As Schmidt points out, you can modify it in any way that you want and that, it seems, is important enough to keep Android running strong.

What’s more?  In a statement that is sure to strike to the heart of Apple, Schmidt makes a quip about the development process for Android, and for Google products in general:

"All of our testing indicates that the vast majority of people are perfectly happy with our policy. And this message is the message that nobody wants to hear so let me say it again: the reality is we make decisions based on what the average user tells us and we do check. And the reason that you should trust us is that if we were to violate that trust people would move immediately to someone else.”

While this speaks volumes about how Google does business in general, it also shows a more human side of the giant.  Google seems to be acutely aware of the fact that the goal of keeping customers lies in keeping their trust.

Original title and link for this post: Google: Apple Is Making Our Job Easy

Pardon us, Twitter, but why are @replies missing?

Posted: 04 Jul 2010 01:24 PM PDT

This is just now starting to come to light, so we’ll gather more information as we can.

A post to the Twitter Development Talk on Google Groups has brought about an interesting question.  It seems that @replies are missing, and nobody has said anything about it.  Indeed, a quick Twitter search brings about many users wondering where the replies have gone.

Could this have to do with Twitter’s recent rate limiting, and the selective removal of services in order to help with an overloaded system?  It’s possible, though Twitter has not addressed the issue on the Twitter Status page.  In fact, the most recent updates only mention some elevated error rates, which we’ve seen over the past few weeks.

The stranger part of this story, however, is that it doesn’t seem to affect all replies.  Nor does it seem to fully affect all users.  The sporadic nature of the loss is what raises the greater question here.

We’ve reached out to Twitter, and will let you know what we find.

Update, according to a Twitter staffer:

The mentions timelines were updating with additional latency, perhaps a few minutes, for about a day, but they were updating. They should be updating in near real time now.

-John Kalucki
http://twitter.com/jkalucki
Infrastructure, Twitter Inc.

This could solve the issue of latency, however, it doesn’t answer the question as to why a number of users are reporting that their replies are missing entirely.

Original title and link for this post: Pardon us, Twitter, but why are @replies missing?

iTunes accounts hacking more widespread than initially thought. The facts, and what you should do.

Posted: 04 Jul 2010 01:05 PM PDT

On Sunday we reported details of how one specific app developer had managed to hack iTunes users accounts and use them to purchase his own apps – making it to the top of the iTunes charts.

As the story has developed, the problem has grown far more serious than initially thought – not just that one particular developer and his apps - the Apple App store is filled with App Farms being used to steal.

This post will give a complete run down of what we know and will be continue to be updated as we learn further details.

The Facts

  • A number of iTunes accounts have been hacked from across the globe, not just the US, and used to purchase apps.
  • The app developer that began this entire investigation has now had their account (and apps) removed, but we’ve discovered a number of other developer accounts with very similar, if not more “innovative”, approaches to stealing users money. The Apple App store is filled with App Farms being used to steal.
  • iTunes users have reported anywhere between $100-$1400 spent using their accounts.
  • The trend: buy a couple of low cost apps ($1-$3) and then one app at an extortionate price ($90+).
  • We’ve also seen a reports of a free app being bought and using in app purchases to effectively send money to the app developers accounts. Details here, the app is called World War.
  • Apple’s only response so far has been to ask users to change their password. We have also contacted Apple and are awaiting a response.
  • Many of the apps have been purchased to specifically climb up the iTunes ranking to gain momentum in the hope that others will purchase the apps based on their high sales.
  • Currently all the app purchased have been owned by Asia based developers with little information known about them. Clearly they feel being based in Asia will give them immunity to any US laws.
  • This seems to have been happening over the course of the last 4 weeks, although MacRumors shows hacking on some level dating back to 2009.
  • The App developers are using images from the web as their app icons
  • The developers website and support links direct users to non-existent websites or landing pages.
  • The initial rogue developer’s have now been removed from the app store but other unethical developers still have their accounts available in the app store – details on those to come.

more to follow.

What you should do

  • Check your itunes previous purchases. If you spot anything you haven’t personally purchased contact Apple and your bank to try prevent any iTunes purchases from clearing.
  • Get in contact with Apple.
    Email link.
    or the website "Get Human" lists this for Apple: 800-275-2273
    To talk to a real person: press 0 at eac prompt, ignoring messages.
  • Change your itunes password
  • Remove your iTunes card details and consider using gift cards where possible.

more to follow.

http://thenextweb.com/apple/2010/07/04/app-store-hacked/comment-page-1/#comment-11929

Original title and link for this post: iTunes accounts hacking more widespread than initially thought. The facts, and what you should do.

“Night vision” hack on some Android phones almost doubles battery life

Posted: 04 Jul 2010 12:22 PM PDT

Developer Jeff Sharkey has come up with an Android hack for OLED display phones (Nexus One, Incredible, etc) that he claims almost doubles battery life: go into “night vision” mode by filtering “separate pixel elements for each color channel” so that only one color shows at a time (red works best) .

First of all, it’s worth noting that he did this hack in airplane mode with GPS off, though it doesn’t seem that that is necessary for the hack to work. As Sharkey puts it:

Filtering to show only red pixels only requires 35% of the original baseline OLED panel current, on average. Adding back the baseline current, the best case overall is about 42% of the original system current, effectively doubling the battery life. Also, showing only red pixels doubles as an awesome night vision mode, perfect for astronomy.

The hack uses a “low-level window compositer” called SurfaceFlinger. Have to say, after watching this video, we would certainly pay for an app that does this (heck, maybe even if it doesn’t save that much battery – it just looks cool):

Images and video by Jeff Sharkey.

Original title and link for this post: “Night vision” hack on some Android phones almost doubles battery life

BBC Says Its Facebook Fans Are “Saddos”

Posted: 04 Jul 2010 10:54 AM PDT

Well this is embarrassing for the BBC. The corporation’s new Olympics site has launched with a bit of (we assume) placeholder text left intact. (Update: The text has now been removed but you can see a screenshot below).

Inviting readers to become a member of a BBC Olympics Facebook page, the text reads “You can also become a saddo on Facebook”. Oops.

Strangely, the page doesn’t even link to a specific location on Facebook, just Facebook.com. The Media Blog (who spotted the faux pas) says the site launched only this weekend. This leads us to believe that either someone clicked ‘Publish’ a little ahead of time or there was a real lack of proofreading. Either way, it’s an embarrassing slip-up.

Original title and link for this post: BBC Says Its Facebook Fans Are “Saddos”

Pop Goes Google! Rube Goldberg Doodle Puts On A Fourth of July Display

Posted: 04 Jul 2010 09:04 AM PDT

In celebration of the Fourth of July, Google has once again brought life to its doodle, this time following in the steps of OK Go and their Google Chrome ads to bring a Rube Goldberg fireworks contraption to their homepage.

This is one fireworks display that you can try at home kids:

Original title and link for this post: Pop Goes Google! Rube Goldberg Doodle Puts On A Fourth of July Display

Probably the greatest Internet story we’ve heard in some time.

Posted: 04 Jul 2010 08:23 AM PDT

By now you’ve probably realized the immense power that social media can have. However, it isn’t often that we’re witness to exactly what can happen when a direct mission is undertaken by a single site. In this case, the mission was to repair a reputation, and the site is Reddit.

As a back story, a popular Reddit user named CarlH was the victim of an Internet smear campaign after a business deal gone wrong. For five years he had dealt with losing clients and eventually his company.  A couple of weeks ago, he turned to the users of Reddit to clear his name.

In a post to the popular social news site, he stated his case and then made his plea to the other users.  His sole question was whether or not anything could be done.  In answer, the users of Reddit went to work.  Posts were put up, around the Internet, linking to legitimate information about CarlH and his business.  Within 12 hours, the #1 listing in Google (which happened to be the misinformation about CarlH) had been replaced by a real, relevant site.

How powerful was the force behind this movement?  Apparently,  it held enough weight to place the user’s name into the 5th most searched term on Google, on June 30th.  According to a follow-up post by the user:

Enough searches were done to result in the automated creation of over 200,000 new web-pages containing my name.  And here we are on July 4th and finally, after five years, that lie is completely gone from the first 5 pages of search results on Google and all other search engines, and it seems to be dropping more every day. Further, many other pages containing my name now rank high on Google, including automatically generated pages that have nothing to do with me, as well as pages about other individuals who share my name. Nothing negative therefore stands out against me.

This is truly a testament to the force that social media can have.  It’s also a real-world example of exactly how search engines, and the Internet as a whole, work.

Original title and link for this post: Probably the greatest Internet story we’ve heard in some time.

YouTube Hacked, Justin Bieber Videos Targeted.

Posted: 04 Jul 2010 07:02 AM PDT

Updates at foot of the post, including statement from Google.

In the past hour it appears YouTube has become the target of a hacker attack, specifically targeting videos of pop singer Justin Bieber.

Videos relating to the star have been hit with a redirect hack with a number of different payloads. We’ve seen one redirect to an infamous, explicit “One Man One Jar” video while another covers the screen in the words “OMG Faggot”. A Twitter search confirms that the problem is widespread. Some users are reporting seeing a banner claiming that Bieber is dead.

(Update: here’s a screenshot:)

So, what’s causing this? Coder Richard Cunningham writes on his Posterous blog that it relates to video comments.

“It looks like they are deliberately using malformed HTML to get past YouTube’s checks for HTML sanitisation in the comments. The comment I’ve seen is using the long forgotten marquee tag and a javascript alert, though in principle it could be expanded to support XSS type flaws.”

Comments on many videos, some not related to Bieber, have code like this on them:

YouTube appears to be deleting or blocking comments on many video pages. The attack comes on the same day as an apparent iTunes App Store hack came to light. We’ll update with more information as we get it.

UPDATE: Discussions on the notorious 4chan bulletin board site point to members of its community being to blame. We won’t link to the site (the link would be unlikely to last long if we did) so here’s a screenshot of one such message.

UPDATE 2:

Reports on 4chan say that YouTube has blocked the script that hackers were using:

UPDATE 3:

An update via Slashdot:

Several hours ago, someone found an HTML injection vulnerability in YouTube’s comment system, and since then sites such as 4chan have had a field day with popular videos. The bug is triggered by placing a <script> tag at the beginning of a post. The tag itself is escaped, but everything following it is cheerfully placed in the page as is. Blacked out pages with giant red text scrolling across them, shock site redirects, and all sorts of other fun things have been spotted. YouTube has currently blocked such comments from being posted and set the comments section to be hidden by default, and appears to be in the process of removing some of these comments, but the underlying bug does not seem to have been fixed yet.”

UDPATE 4:

Google has sent us the following statement regarding the hack:

“We took swift action to fix a cross-site scripting (XSS) vulnerability on youtube.com that was discovered several hours ago. Comments were temporarily hidden by default within an hour, and we released a complete fix for the issue in about two hours. We're continuing to study the vulnerability to help prevent similar issues in the future.”

Original title and link for this post: YouTube Hacked, Justin Bieber Videos Targeted.

App Store, Hacked. (Updated: iTunes Accounts too.)

Posted: 04 Jul 2010 05:45 AM PDT

Editors Note: This article began with details of one specific app developer hacking iTunes users accounts and purchasing their own apps using those accounts – making it to the top of the iTunes charts. As the story has developed it appears to be far more widespread than just that one particular developer and his apps…the Apple App store is filled with App Farms being used to steal. We’ve put together a complete list of all the facts and updates to this story here which we high recommend you read instead of this article.

Two iPhone App developers have spotted what appears to be a hacking of the App store rankings by a rogue developer. The rankings in the books category of the US iTunes store features 40 out of 50 apps by the same app developer, Thuat Nguyen.

What’s more concerning is that it seems individuals iTunes accounts have been hacked to make mass purchases of that one developer's apps. (Update: this does not appear to just be one specific developer nor one particular set of apps any more. Details at the foot of this post.)

One look at a screenshot of some twitter search results above or this MacRumors thread should ring alarm bells – there is a problem. What’s more concerning is that these are only the people reporting it on twitter and forums, plenty would not have.

A screenshot of the books category on iTunes below should illustrate the extent of the problem. How has a developer managed to hack enough iTunes accounts to buy the number of apps required for each to dominate the paid books category on iTunes?

Some users who have had their accounts hacked have left comments on the apps they have supposedly bought complaining that up to $200 has been spent on apps they’d never personally bought themselves. (update: we’ve now heard reports of $600+ spent on some users accounts, more details at the foot of this post)

There are other comments clearly from the app developer himself, giving positive reviews in an attempt to draw attention away from the other comments.

Both the support and company links for the company in iTunes take you to a Home.com URL with nothing but a holding page. Also Google Search results for Thuat Nguyen do not provide any concrete details as to who the individual or company is.

Clearly when one developer completely dominates the ranking in a particular category, other app developers suffer but when it happens by means of hacking end users accounts – it’s a serious concern that leaves everyone involved suffering. Developers don’t get the recognition they deserve, users are being robbed and left with a poor user experience, while Apple is left with a tarnished brand and left with a lot of explaining to do. Why does Apple not have mechanisms in place to detect when previously unpopular apps from the same developer flood the top rankings?

When some apps are left waiting weeks for approval only to be rejected by Apple for minor objections, how does a company with no website, no description and apps that are literally swarming iTunes escape punishment? More importantly, how has someone managed to hack users’ accounts and left many, we can only assume, unaware they’ve been robbed?

What you should do now.

For now, we can only recommend you check your recent purchases, remove your debit card being stored on iTunes and change your password immediately. When we have more recommendations you can be sure you’ll hear from us.

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

Update 1:

We’re interviewing a number of people who have had their accounts hacked and used to buy apps. Worryingly they aren’t just apps from this developer.

Update 2:
Reader Jamie Vickery, a UK based iTunes user discovered a number of apps had been bought using his account. This does not appear to be a US specific issue any more.

“I've just noticed my iTunes account has been hacked in the past week. Someone has downloaded 8 apps and two songs totalling £61.70. The most expensive being an app called All Match by CharismaIST for £54.99! The other apps seem to be based on photographer like Camera One, Night Shot, Camera Flash Ultra. Surely Apple won't pay out to these developers. I have changed my password and put in an email complaint to iTunes so we'll see how it goes.”

Update 3:

More reports. Users in the MacRumors forum claiming their accounts have been hacked and used to purchase apps. Two examples:

“Yesterday my credit union contacted me saying there was suspicious activity on my debit card. Sure enough over 10 transactions in the $40-$50 area all on iTunes equaling to $558″

“I also received a receipt via email on my “Purchases” on 7/2/10. I made the mistake of storing my debit card on the itunesstore app. I have run into the exact same responses that other users are reporting–only email as a method of contact.

That response was to tell me how to change passwords, etc. – stock answers and to also tell me of no refunds. I was an internet technician for years so the iTunes advise was second nature for me but with little hope for “fixing” the issue since I believe that the breach was on the iTunes server.

Thankfully, I carry a smartphone with my email setup on it, so I received the invoice quickly. Most of the 15 purchases where for items that I don’t even own i.e. iphone (I have a blackberry) and ipod (I’m 47 and I still use a radio for my music). I was able to verify the $70.15 charge via mobile banking and immediately called my bank. The transaction was in the processing stage and I think my bank was able to refuse it–I’ll see after the holiday weekend. With my card canceled, the additional $20+ charge was unable to be authorized.

I noticed reading the comments that someone was starting a class action suit, there are enough victims to be able to makeiTunes responsible for this.

I will not take this laying down–I’ve filed a police report and filed a complaint with the Better Business Bureau and if I can afford it–I want to be included in the class action suit if it was started. I am currently trying to figure out how to get the news media notified of this scam. ”

Update 4:

A succinct list of facts and updates to this story can be found here.

Update 5:

Thuat Nguyen’s book apps have all been removed from the iTunes store but there are many others. More details and further updates can be found here.

Original title and link for this post: App Store, Hacked. (Updated: iTunes Accounts too.)

The Next Web, Here you can watch The Next Web online. Recently it is the latest update serial play for the The Next Web.The Next Web is fully Eng Subbed, and avail in eng sub. Now it is availab le to watch online. you can watch The Next Web by the given links below, click on The Next Web Parts below to watch online. The Next Web Vidoe is source of Mega Video, Youtube etc, so you can watch The Next Web without any issue.

The Next Web Part 1

The Next Web Part 1

The Next Web Part 1

Tags: The Next Web, The Next Web watch online, full The Next Web video, The Next Web download, The Next Web torrent, free The Next Web, The Next Web megavideo, The Next Web full, The Next Web eng sub

Posted by ADMIN at 4:03 AM  

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)