Will Google’s Algorithm Stop Piracy?

Nosey Google has updated its search engine algorithms in an attempt to restrict piracy web sites appearing high in its search rankings.

The update will mean piracy sites are less likely to appear when people search for music, films and other copyrighted content.

The decision to roll out the search changes was announced in a refreshed version of a How Google Fights Piracy report, which was originally published in September 2013.

However, this year’s updated report features a couple of developments, including changes to ad formats and an improved DMCA demotion search signal.

The move is likely to be a result of criticism received from the entertainment industry, which has argued that illegal sites should be “demoted” in search results because they enable people to find sites to download media illegally.

The biggest change in the Google search update will be new ad formats in search results on queries related to music and movies that help people find legitimate sources of media.

For example, for the relatively small number of queries for movies that include terms like ‘download’, ‘free’, or ‘watch’, Google has instead begun listing legal services such as Spotify and Netflix in a box at the top of the search results.

“We’re also testing other ways of pointing people to legitimate sources of music and movies, including in the right-hand panel on the results page,” Google added.

“These results show in the US only, but we plan to continue investing in this area and to expand it internationally.”

An improved DMCA demotion signal in Google search is also being rolled out as part of the refresh, which down-ranks sites for which Google has received a large number of valid DMCA notices.

“We’ve now refined the signal in ways we expect to visibly affect the rankings of some of the most notorious sites. This update will roll out globally starting next week,” Google said, adding that it will also be removing more terms from autocomplete, based on DMCA removal notices.

The new measures might be welcomed by the entertainment industry, but are likely to encourage more people to use legal alternatives such as Spotify and Netflix, rather than buying more physical media.

Source

MasterCard Testing New Fingerprint Reader

MasterCard is trying out a contactless payment card with a built-in fingerprint reader that can authorize high-value payments without requiring the user to enter a PIN.

The credit-card company showed a prototype of the card in London on Friday along with Zwipe, the Norwegian company that developed the fingerprint recognition technology.

The contactless payment card has an integrated fingerprint sensor and a secure data store for the cardholder’s biometric data, which is held only on the card and not in an external database, the companies said.

The card also has an EMV chip, used in European payment cards instead of a magnetic stripe to increase payment security, and a MasterCard application to allow contactless payments.

The prototype shown Friday is thicker than regular payment cards to accommodate a battery. Zwipe said it plans to eliminate the battery by harvesting energy from contactless payment terminals and is working on a new model for release in 2015 that will be as thin as standard cards.

Thanks to its fingerprint authentication, the Zwipe card has no limit on contactless payments, said a company spokesman. Other contactless cards can only be used for payments of around €20 or €25, and some must be placed in a reader and a PIN entered once the transaction reaches a certain threshold.

Norwegian bank Sparebanken DIN has already tested the Zwipe card, and plans to offer biometric authentication and contactless communication for all its cards, the bank has said.

MasterCard wants cardholders to be able to identify themselves without having to use passwords or PINs. Biometric authentication can help with that, but achieving simplicity of use in a secure way is a challenge, it said.

Source

Criminals Remotely Erasing Smartphone Data

Smartphones taken as evidence by police in the UK are being wiped remotely by crooks in order to remove potentially incriminating data, an investigation has uncovered.

Dorset police told the BBC that six devices were wiped within the space of a year while they were being kept in police custody, and Cambridgeshire, Derbyshire, Nottingham and Durham police also confirmed similar incidents.

The technology being used was originally designed to allow device owners to remove sensitive data from phones or tablets if they are lost or stolen.

“We have cases where phones get seized, and they are not necessarily taken from an arrested person, but we don’t know the details of these cases as there is not a reason to keep records of this,” a spokeswoman for Dorset police told the BBC.

A spokeswoman for Derbyshire police also confirmed one incident of a device being remotely wiped while in police custody.

“We can’t share many details about it, but the case concerned romance fraud, and a phone involved with the investigation was remotely wiped,” she said. “It did not impact upon the investigation, and we went on to secure a conviction.”

Software that enables this remote wiping has been available from a variety of security firms for some time now.

For example, BitDefender announced a product a while back intended to track  lost or stolen Android devices. Not only did it allow users to connect remotely and ‘wipe’ data from a web profile via the internet, but to activate commands with text messages.

Pen Test Partners’ digital forensics expert, Ken Munro, said it is common practice to immediately put devices that are seized as evidence into a radio-frequency shielded bag to prevent any signals getting through and stop remote wipes.

“If we can’t get to the scene within an hour, we tell the client to pop it in a microwave oven,” he said. “The microwave is reasonably effective as a shield against mobile or tablet signals – just don’t turn it on.”

Source

RedHat Ups Game With Fedora 21

RedHat has announced the Fedora 21 Alpha release for Fedora developers and any brave users that want to help test it.

Fedora is the leading edge – some might say bleeding edge – distribution of Linux that is sponsored by Red Hat. That’s where Red Hat and other developers do new development work that eventually appears in Red Hat Enterprise Linux (RHEL) and other Red Hat based Linux distributions, including Centos, Scientific Linux and Mageia, among others. Therefore, what Fedora does might also appear elsewhere eventually.

The Fedora project said the release of Fedora 21 Alpha is meant for testing in order to help it identify and resolve bugs, adding, “Fedora prides itself on bringing cutting-edge technologies to users of open source software around the world, and this release continues that tradition.”

Specifically, Fedora 21 will produce three software products, all built on the same Fedora 21 base, and these will each be a subset of the entire release.

Fedora 21 Cloud will include images for use in private cloud environments like Openstack, as well as AMIs for use on Amazon, and a new image streamlined for running Docker containers called Fedora Atomic Host.

Fedora 21 Server will offer data centre users “a common base platform that is meant to run featured application stacks” for use as a web server, file server, database server, or as a base for offering infrastructure as a service, including advanced server management features.

Fedora 21 Workstation will be “a reliable, user-friendly, and powerful operating system for laptops and PC hardware” for use by developers and other desktop users, and will feature the latest Gnome 3.14 desktop environment.

Those interested in testing the Fedora 21 Alpha release can visit the Fedora project website.

Source

FBI Worried About Encryption

The U.S. Federal Bureau of Investigation expressed some concerns about moves by Apple and Google to include encryption on smartphones, the agency’s director has stated.

Quick law enforcement access to the contents of smartphones could save lives in some kidnapping and terrorism cases, FBI Director James Comey said in a briefing with some reporters. Comey said he’s concerned that smartphone companies are marketing “something expressly to allow people to place themselves beyond the law,” according to news reports.

An FBI spokesman confirmed the general direction of Comey’s remarks. The FBI has contacted Apple and Google about their encryption plans, Comey told a group of reporters who regularly cover his agency.

Just last week, Google announced it would be turning on data encryption by default in the next version of Android. Apple, with the release of iOS 8 earlier this month, allowed iPhone and iPad users to encrypt most personal data with a password.

Comey’s remarks, prompted by a reporter’s question, came just days after Ronald Hosko, president of the Law Enforcement Legal Defense Fund and former assistant director of the FBI Criminal Investigative Division, decried mobile phone encryption in a column in the Washington Post.

Smartphone companies shouldn’t give criminals “one more tool,” he wrote. “Apple’s and Android’s new protections will protect many thousands of criminals who seek to do us great harm, physically or financially. They will protect those who desperately need to be stopped from lawful, authorized, and entirely necessary safety and security efforts. And they will make it impossible for police to access crucial information, even with a warrant.”

Representatives of Apple and Google didn’t immediately respond to requests for comments on Comey’s concerns.

Source

Hackers Infiltrate Jimmy Johns

Sandwich restaurant chain Jimmy John’s said there was a potential data breach involving customers’ credit and debit card information at 216 of its stores and franchised locations on July 30.

An intruder stole log-in credentials from the company’s vendor and used the credentials to remotely access the point-of-sale systems at some corporate and franchised locations between June 16 and Sept. 5, the company said.

The chain is the latest victim in a series of security breaches among retailers such as Target Corp, Michaels Stores Inc and Neiman Marcus.

Home Depot Inc  said last week some 56 million payment cards were likely compromised in a cyberattack at its stores, suggesting the hacking attack at the home improvement chain was larger than the breach at Target Corp.

More than 12 of the affected Jimmy John’s stores are in Chicago area, according to a list disclosed by the company.

The breach has been contained and customers can use their cards at its stores, the privately held company said.

Jimmy John’s said it has hired forensic experts to assist with its investigation.

“Cards impacted by this event appear to be those swiped at the stores, and did not include those cards entered manually or online,” Jimmy John’s said.

The Champaign, Illinois-based company said stolen information may include the card number and in some cases the cardholder’s name, verification code, and/or the card’s expiration date.

Source

Intel Sampling Xeon D 14nm

Intel has announced that it is sampling its Xeon D 14nm processor family, a system on chip (SoC) optimized to deliver Intel Xeon processor performance for hyperscale workloads.

Announcing the news on stage during a keynote at IDF in San Francisco, Intel SVP and GM of the Data Centre Group, Diane Bryant, said that the Intel Xeon processor D, which initially was announced in June, will be based on 14nm process technology and be aimed at mid-range communications.

“We’re pleased to announce that we’re sampling the third generation of the high density [data center system on a chip] product line, but this one is actually based on the Xeon processor, called Xeon D,” Bryant announced. “It’s 14nm and the power levels go down to as low as 15 Watts, so very high density and high performance.”

Intel believes that its Xeon D will serve the needs of high density, optimized servers as that market develops, and for networking it will serve mid-range routers as well as other network appliances, while it will also serve entry and mid-range storage. So, Intel claimed, you will get all of the benefits of Xeon-class reliability and performance, but you will also get a very small footprint and high integration of SoC capability.

This first generation Xeon D chip will also showcase high levels of I/O integrations, including 10Gb Ethernet, and will scale Intel Xeon processor performance, features and reliability to lower power design points, according to Intel.

The Intel Xeon processor D product family will also include data centre processor features such as error correcting code (ECC).

“With high levels of I/O integration and energy efficiency, we expect the Intel Xeon processor D product family to deliver very competitive TCO to our customers,” Bryant said. “The Intel Xeon processor D product family will also be targeted toward hyperscale storage for cloud and mid-range communications market.”

Bryant said that the product is not yet available, but it is being sampled, and the firm will release more details later this year.

This announcement comes just days after Intel launched its Xeon E5 v2 processor family for servers and workstations.

Source

Vendors Testing New Xeon Processors

Intel is cooking up a hot batch of Xeon processors for servers and workstations, and system vendors have already designed systems that are ready and raring to go as soon as the chips become available.

Boston is one of the companies doing just that, and we know this because it gave us an exclusive peek into its labs to show off what these upgraded systems will look like. While we can’t share any details about the new chips involved yet, we can preview the systems they will appear in, which are awaiting shipment as soon as Intel gives the nod.

Based on chassis designs from Supermicro, with which Boston has a close relationship, the systems comprise custom-built solutions for specific user requirements.

On the workstation side, Boston is readying a mid-range and a high-end system with the new Intel Xeon chips, both based on two-socket Xeon E5-2600v3 rather than the single socket E5-1600v3 versions.

There’s also the mid-range Venom 2301-12T, which comes in a mid-tower chassis and ships with an Nvidia Quadro K4000 card for graphics acceleration. It comes with 64GB of memory and a 240GB SSD as a boot device, plus two 1TB Sata drives configured as a Raid array for data storage.

For extra performance, Boston has also prepared the Venom 2401-12T, which will ship with faster Xeon processors, 128GB of memory and an Nvidia Quadro K6000 graphics card. This also has a 240GB SSD as a boot drive, with two 2TB drives configured as a Raid array for data storage.

Interestingly, Intel’s new Xeon E5-2600v3 processors are designed to work with 2133MHz DDR4 memory instead of the more usual DDR3 RAM, and as you can see in the picture below, DDR4 DIMM modules have slightly longer connectors towards the middle.

For servers, Boston has prepared a 1U rack-mount “pizza box” system, the Boston Value 360p. This is a two-socket server with twin 10Gbps Ethernet ports, support for 64GB of memory and 12Gbps SAS Raid. It can also be configured with NVM Express (NVMe) SSDs connected to the PCI Express bus rather than a standard drive interface.

Boston also previewed a multi-node rack server, the Quattro 12128-6, which is made up of four separate two-socket servers inside a 2U chassis. Each node has up to 64GB of memory, with 12Gbps SAS Raid storage plus a pair of 400GB SSDs.

Source

Can A Linux Cert Payoff?

The Linux Foundation has announced an online certification programme for entry-level system admininstration and advanced Linux software engineering professionals to help expand the global pool of Linux sysadmin and developer talent.

The foundation indicated that it established the certification programme because there’s increasing demand for staff in the IT industry, saying, “Demand for experienced Linux professionals continues to grow, with this year’s Linux Jobs Report showing that managers are prioritizing Linux hires and paying more for this talent.

“Because Linux runs today’s global technology infrastructure, companies around the world are looking for more Linux professionals, yet most hiring managers say that finding Linux talent is difficult.”

Linux Foundation executive director Jim Zemlin said, “Our mission is to address the demand for Linux that the industry is currently experiencing. We are making our training [programme] and Linux certification more accessible to users worldwide, since talent isn’t confined to one geography or one distribution.

“Our new Certification [Programme] will enable employers to easily identify Linux talent when hiring and uncover the best of the best. We think Linux professionals worldwide will want to proudly showcase their skills through these certifications and that these certificates will become a hallmark of quality throughout our industry.”

In an innovative departure from other Linux certification testing offered by a number of Linux distribution vendors and training firms, the foundation said, “The new Certification [Programme] exams and designations for Linux Foundation Certified System Administrator (LFCS) and Linux Foundation Certified Engineer (LFCE) will demonstrate that users are technically competent through a groundbreaking, performance-based exam that is available online, from anywhere and at any time.”

The exams are customised somewhat to accommodate technical differences that exist between three major Linux distributions that are characteristic of those usually encountered by Linux professionals working in the IT industry. Exam takers can choose between CentOS, openSUSE or Ubuntu, a derivative of Debian.

“The Linux Foundation’s certification [programme] will open new doors for Linux professionals who need a way to demonstrate their know-how and put them ahead of the rest,” said Ubuntu founder Mark Shuttleworth.

Those who want to look into acquiring the LFCS and LFCE certifications can visit the The Linux Foundation website where it offers the exams, as well as training to prepare for them. The exams are priced at $300, but apparently they are on special introductory offer for $50.

The Linux Foundation is a nonprofit organization dedicated to accelerating the growth of Linux and collaborative development. It is supported by a diverse roster of almost all of the largest IT companies in the world except Microsoft.

Source

UPS Breached

Credit and debit card information belonging to customers made purchases at 51 UPS Store Inc. locations in 24 states this year may have been illegally accessed as the result of an intrusion into the company’s networks.

In a statement on Wednesday, UPS said it was recently notified by law enforcement officials about a “broad-based malware intrusion” of its systems.

A subsequent investigation by an IT security firm showed that attackers had installed previously unknown malware on systems in more than four-dozen stores to gain access to cardholder data. The affected stores represent about 1% of the 4,470 UPS Store locations around the country.

The intrusion may have exposed data on transactions conducted at the stores between Jan. 20 and Aug. 11, 2014. “For most locations, the period of exposure to this malware began after March 26, 2014,” UPS said in a statement.

In addition to payment card information, the hackers also appear to have gained access to customer names, as well as postal and email addresses.

Each of the affected locations is individually owned and runs private networks that are not connected to other stores, UPS added. The company provided alist of affected locations.

The breach is the third significant one to be disclosed in the past week. Last Thursday, grocery store chain Supervalu announced it had suffered a malicious intrusion that exposed account data belonging to customers who had shopped at about 180 of the company’s stores in about a dozen states. The breach also affected customers from several other major grocery store chains for which Supervalu provides IT services.

Source

« Previous Page — Next Page »