Twitter’s Authentication Has Vulnerabilities

Twitter’s SMS-based, two-factor authentication feature could be abused to lock users who have not enabled it for their accounts if attackers gain access to their log-in credentials, according to researchers from Finnish antivirus vendor F-Secure.

Twitter introduced two-factor authentication last week as an optional security feature in order to make it harder for attackers to hijack users’ accounts even if they manage to steal their usernames and passwords. If enabled, the feature introduces a second authentication factor in the form of secret codes sent via SMS.

According to Sean Sullivan, a security advisor at F-Secure, attackers could actually abuse this feature in order to prolong their unauthorized access to those accounts that don’t have two-factor authentication enabled. The researcher first described the issue Friday in a blog post.

An attacker who steals someone’s log-in credentials, via phishing or some other method, could associate a prepaid phone number with that person’s account and then turn on two-factor authentication, Sullivan said Monday. If that happens, the real owner won’t be able to recover the account by simply performing a password reset, and will have to contact Twitter support, he said.

This is possible because Twitter doesn’t use any additional method to verify that whoever has access to an account via Twitter’s website is also authorized to enable two-factor authentication.

When the two-factor authentication option called “Account Security” is first enabled on the account settings page, the site asks users if they successfully received a test message sent to their phone. Users can simply click “yes,” even if they didn’t receive the message, Sullivan said.

Instead, Twitter should send a confirmation link to the email address associated with the account for the account owner to click in order to confirm that two-factor authentication should be enabled, Sullivan said.

As it is, the researcher is concerned that this feature could be abused by determined attackers like the Syrian Electronic Army, a hacker group that recently hijacked the Twitter accounts of several news organizations, in order to prolong their unauthorized access to compromised accounts.

Some security researchers already expressed their belief that Twitter’s two-factor authentication feature in its current implementation is impractical for news organizations and companies with geographically dispersed social media teams, where different employees have access to the same Twitter account and cannot share a single phone number for authentication.

Twitter did not immediately respond to a request for comment regarding the issue described by Sullivan.

Source

Is This A Mobile First World?

Judging from the number of people engrossed in activities with their smartphones on the sidewalk, in their cars and in public places, mobile seems to have stolen our attention away from the wired Internet and traditional TV.

However, there is a ways to go before mobile platforms become the primary place where consumers turn for entertainment and getting things done, players at  CTIA Wireless trade show said.

Nokia Siemens Networks announced new capabilities in its network software to make video streams run more smoothly over mobile networks. Among other things, the enhancements can reduce video stalling by 90 percent, according to the company. But even Sandro Tavares, head of marketing for NSN’s Mobile Core business, sees “mobile-first” viewing habits as part of the future.

“Now that the networks are providing a better capacity, a better experience with mobile broadband, mobile-first will come,” Tavares said. “Because the experiences they have with the devices are so good, these devices … start to be their preferred screen, their first screen.

“This is a trend, and this is something that will not change,” Tavares said. But he thinks it’s too early to build networks assuming consumers will turn to tablets and phones as their primary sources of entertainment. “Do you have to be prepared for mobile-first now? Probably not. You have to be able to keep the pace.”

For AT&T, mobile-first is a top priority for its own internal apps, ensuring employees can do their jobs wherever they are, said Kris Rinne, the carrier’s senior vice president of network technologies. But to make it possible over the network, a range of new technologies and relationships may have to come together, she said.

For example, giving the best possible performance for streaming video and other uses of mobile may require steering traffic to the right network if both cellular and Wi-Fi are available. AT&T is developing an “intelligent network selection” capability to do this, Rinne said. When AT&T starts to deliver voice over LTE, it will stay on the cellular network — at least in the early days — because the carrier has more control over quality of service on that system, she said.

Other issues raised by mobile-first include security of packets going over the air and rights for content that subscribers are consuming primarily on mobile devices instead of through TV and other traditional channels, Rinne said.

Source

Qualcomm surpasses AMD

It’s no secret that the mobile boom is taking a toll on makers of PC components and AMD is one of them. According to data from IC Insights, Qualcomm and Samsung have managed to pass AMD in microprocessor sales last year.

Intel still dominates the market, with $36.9 billion sales and a 65.3 percent market share. However, Qualcomm has managed to squeeze into second spot, with $5.3 billion in sales and a 9.4 percent share. Samsung ranked third, with $4.66 in sales and an 8.2 percent market share. Qualcomm and Samsung also recorded plenty of growth, 28 and 78 percent respectively.

However, AMD slumped 21 percent to take 6.4 percent of the market, with $3.6 billion in sales. It was still ahead of Freescale and Nvidia, as well as Texas Instruments and ST Ericsson.

It should be noted that about 83 percent of Samsung’s revenue came from chips churned out for Apple. In other words, had Apple built the chips on its own, it would have tied with AMD for the third spot.

Source

Is Yahoo Really Back?

Yahoo has once again made the list as one of the world’s 100 most valuable brands.

The Internet company nabbed the 92nd spot in the annual list of global companies from multiple industries including technology, retail and service, released Tuesday by BrandZ, a brand equity database. The ranking gave Yahoo a “brand value” of US$9.83 billion, which is based on the opinions of current and potential users as well as actual financial data.

Apple occupied the number-one position on the list, with a brand value of $185 billion. Google was number two, with a value of roughly $114 billion.

The BrandZ ranking, commissioned by the advertising and marketing services group WPP, incorporates interviews with more than 2 million consumers globally about thousands of brands along with financial performance analysis to compile the list. Yahoo last appeared on the list in 2009 at number 81.

Yahoo’s inclusion on the 2013 list comes as the Internet company works to reinvent itself and win back users. Previously a formidable player in Silicon Valley, the company has struggled in recent years to compete against the likes of Google, Facebook and Twitter.

Improving its product offerings on mobile has been a focus. New mobile apps for email and weather have been unveiled, along with a new version of the main Yahoo app, featuring news summaries generated with technology the company acquired when it bought Summly.

Most notably, Monday the company announced it is acquiring the blogging site Tumblr for $1.1 billion in cash. Big changes to its Flickr photo sharing service were also announced.

Yahoo’s rebuilding efforts have picked up steam only during the last several months, but the 2013 BrandZ study was completed by March 1.

However, last July’s appointment of Marissa Mayer as CEO likely played a significant role in the company’s inclusion in the ranking, said Altimeter analyst Charlene Li. “Consumer perception has gone up since then,” she said.

“Yahoo’s leadership has a strong sense of what they want to do with the brand,” she added.

Yahoo’s 2012 total revenue was flat at $4.99 billion. However, after subtracting advertising fees and commissions paid to partners, net revenue was up 2 percent year-on-year.

Source

nVidia Explains Tegra 4 Delays

nVidia’s CEO Jen-Hsun Huang mentioned a concrete reason of Tegra 4 delays during the company’s latest earnings call.

The chip was announced back in January, but Jensen told the investors that Tegra 4 was delayed because of Nvidia’s decision to pull in Grey aka Tegra 4i in for six months. Pulling Tegra 4i in and having it scheduled for Q4 2013 was, claims Jensen, the reason for the three-month delay in Tegra 4 production. On the other hand, we heard that early versions of Tegra 4 were simply getting too hot and frankly we don’t see why Nvidia would delay its flagship SoC for tactical reasons.

Engaging the LTE market as soon as possible has been the main reason for pulling Tegra 4i, claims Jensen. It looks to us that Tegra 4 will be more than three months delayed but we have been promised to see Tegra 4 based devices in Q2 2013, or by the end of June 2013.

Nvidia claims Tegra 4i has many design wins and it should be a very popular chip. Nvidia expects to have partners announcing their devices based on this new LTE based chip in early 2014. Some of them might showcase some devices as early as January, but we would be surprised if we don’t see Tegra 4i devices at the Mobile World Congress next year, that kicks off on February 24th 2014.

Jensen described Tegra 4i as an incredibly well positioned product, saying that “it brings a level of capabilities and features of performance that that segment has just never seen”. The latter half of 2013 will definitely be interesting for Nvidia’s Tegra division and we are looking forward to see the first designs based on this new chip.

Source

Yahoo On A Buying Spree

Yahoo has purchased a mobile gaming company, Loki Studios, taking its total acquisitions this month to four.

The company said over the weekend it welcomed Loki, Astrid, GoPollGo and MileWise to its growing mobile team. “We recently added 22 entrepreneurs to our growing mobile team,” the company said in a Twitter message in a possible reference to some of the people from the four companies who have moved to Yahoo.

Loki’s flagship application is its location-aware game, Geomon. “We are thrilled to be joining the exceptional folks at Yahoo!. We believe fully in their commitment to creating outstanding mobile products,” the Loki team said on their website.

Earlier in the week, Yahoo also acquired GoPollGo, a social polling tool. The company’s founder and team said they were moving to Yahoo, and would no longer be supporting their offerings.

It is not clear whether Yahoo has bought all these companies for their products and technology or just to get their experienced staff in the area of mobile as it tries to build up its own mobile capabilities. The way the services are being shut down suggests that their user base did not particularly interest Yahoo. The company could not be immediately reached for comment.

Source

Will SoftBank Raise The Stakes?

SoftBank Corp President Masayoshi Son may get a less than enthusiastic reception when he comes to the United States this week to meet Sprint Nextel Corp’s major shareholders, as he tries to drum up support for the Japanese company’s proposed takeover of the No. 3 U.S. wireless service provider.

SoftBank’s billionaire founder, who proposed a $20 billion deal for a 70 percent stake in the U.S. wireless carrier, said on Tuesday that he would discuss the deal with shareholders in a bid to fight off rival Dish Network, a U.S. satellite TV provider, which offered Sprint a $25.5 billion bid.

The executive for the Japanese mobile operator may have a tough time selling the deal, as several shareholders have told Reuters that SoftBank would need to raise its bid in order to win their vote at Sprint’s June 12 shareholder meeting.

Two big Sprint shareholders, Paulson & Co and Omega Advisors, have publicly said the Dish offer looks better than SoftBank’s. Other shareholders said on Tuesday that they would go to meet Son during his trip but they were skeptical about his arguments against Dish.

While Dish’s offer would provide more cash upfront to shareholders, Son has argued that Dish would not be good for the company as it would require Sprint to take on a heavy debt load. He also promises a July 1 close for the deal and warned that Dish regulatory approval may not come until 2014.

Robert Lynch, the director of research for Westchester Capital Management, which owned over 14 million shares in Sprint at the end of December, said that the prospect of a quicker deal close would not be enough to win over his company’s vote.

“We think right now that Dish has a better offer on the table. We think SoftBank’s going to have to improve their offer,” Lynch said, noting that SoftBank’s comments about the prospective debt leverage from a Dish deal were overdone.

“We think the leverage is manageable. We think there are synergies here. While raising the leverage is something we looked at we think its not as big of a obstacle as SoftBank is saying,” Lynch said.

A big Sprint investor who asked not to be named said they were happy to meet with Son while he is in the United States but that they were hoping to convince him to raise his bid.

“If Mr. Son wants to own Sprint he will have to raise his bid,” said the person from a top 25 Sprint shareholder who did not want to be quoted by name ahead of the meeting.

Source

nVidia Wins With Tegra 4

Nvidia’s first Tegra 4 design win is here, apparently, and it doesn’t appear very impressive at all. Tegra 4 is late to the party, so it is a bit short on design wins, to put it mildly.

Now a new ZTE smartphone has been spotted by Chinese bloggers and it seems to be based on Nvidia’s first A15 chip. The ZTE 988 is a phablet, with a 5.7-inch 720p screen. It has 2GB of RAM, a 13-megapixel camera and a 6.9mm thin body. It weighs just 110g, which is pretty surprising. The spec is rather underwhelming, especially in the display department.

However, a grain of salt is advised. It is still unclear whether the phone features a Tegra 4 or a Qualcomm chipset. Also, it is rather baffling to see a 720p screen on a Tegra 4 phablet, it just seems like overkill.

Source

Citrix Goes To The Cloud

Citrix System’s GoToWebcast has become generally available in North America and Europe, offering users a cloud-based webcasting tool for up to 5,000 participants.

The subscription-based GoToWebcast allows users to broadcast unlimited audio and video presentations to live and on-demand audiences that can access them using mobile devices such as Apple’s iPhones and iPads, or Android-based smartphones and tablets.

To simplify administration, GoToWebcast has a five-step wizard that walks users through setting up their event. Users are first asked to schedule the event, including deciding audience size and if the web cast should be available on-demand or live with an archive. Users are then asked to select registration alternatives, multimedia options, choose what content to upload and finally decide on security and email settings.

In addition to audio and video, users can upload presentation documents, chat with attendees, conduct polls and link to social media channels. Citrix didn’t announce any pricing for the new service, only saying that users pay a fixed monthly fee.

The company also released a beta version of GoToWebinar with HDFaces for the 500- and 1,000-attendee plans. HDFaces is a video conferencing technology that lets up to six presenters lead interactive Q&A sessions, host panel discussions, or do demonstrations in high-definition.

The announcement comes after the recently announced availability of HDFaces for up to 100 participants in GoToWebinar and GoToTraining sessions, as Citrix adds high-definition video across its GoTo portfolio.

Source

Microsoft Looks Into Smart Watches

Microsoft is developing designs for a touch-enabled smart watch, joining a number of other large competitors like Samsung Electronics and Apple who are said to be working on similar devices, according to a recent report.

Executives at suppliers to Microsoft told The Wall Street Journal that the company was sourcing components for the prototype of what could potentially be a “watch-style device.”

Microsoft has, for example, requested 1.5-inch displays from component makers for the prototype, an executive at a component supplier told the newspaper. It is unclear whether the company will decide to go ahead with the watch, the newspaper added.

Microsoft could not be immediately reached for comment.

A large number of vendors are looking at new product categories beyond smartphones and tablets.

This isn’t the first time, however, that Microsoft may be looking at watches as a product. It launched a smart wrist watch around a concept called Smart Personal Object Technology it unveiled in 2002, but withdrew it after a lackluster performance.

The Redmond, Wash., company is seeing its key PC market under threat from smartphones and tablets, and the failure of its new Windows 8 operating system to boost sales significantly. IDC said last week that first quarter PC shipments totaled 76.3 million units, down 13.9% compared to the same quarter last year. (The decline was worse than the 7.7% previously forecast by the analyst firm, and the market could be headed into further contraction, the research firm added.

Source

« Previous Page — Next Page »