Sign up for our Technology Newsletter 
eBay Expands Mobile Shopping
July 21, 2014 by admin
Filed under Around The Net
Comments Off on eBay Expands Mobile Shopping
Braintree, the payments gateway owned by eBay Inc, is working on removing a hurdle for e-commerce companies by making it easier for customers to directly pay for products on their smart phones.
The company rolled out a set of tools for software developers on Wednesday that allows businesses to deduct payments directly from a customer’s PayPal account.
The developer kit is the first big push from Braintree since it was bought by eBay for $800 million last year to help PayPal, eBay’s payments division, expand its presence on mobile devices.
Eliminating the need for mobile shoppers to type in their credit card details on their phones should help boost sales, Braintree Chief Executive Bill Ready said in an interview.
This is especially critical as consumers spend more time on their smartphones, a trend that is forcing developers to design a “fundamentally different computing experience” for the smaller screen, Ready added.
Braintree processes payments for businesses including car service Uber and online home-rental marketplace Airbnb.
Is Malware Wreaking Havoc On XP?
One of the top three malware programs affecting businesses in the second quarter is a worm that takes advantage of the large number of companies still using Windows XP, Trend Micro has warned.
The worm, dubbed DOWNAD, also known as Conficker, can infect an entire network via a malicious URL, spam email, or removable drive. Windows XP is particularly susceptible to this threat because it is known to exploit the MS08-067 Server service vulnerability in order to execute arbitrary code.
DOWNAD also has its own domain generation algorithm (DGA) that allows it to create randomly-generated URLs. It then connects to these created URLs to download files to the system. Trend Micro said that around 175 IP addresses are found to be related to the DOWNAD worm and that these IP addresses use various ports and are randomly generated via the DGA capability of DOWNAD.
“During our monitoring of the spam landscape, we observed that in Q2, more than 40 percent of malware related spam mails are delivered by machines infected by DOWNAD worm,” said Trend Micro anti-spam research engineer Maria Manly in a blog post.
“A number of machines are still infected by this threat and leveraged to send the spammed messages to further increase the number of infected systems. And with Microsoft ending the support for Windows XP this year, we can expect that systems with this OS can be infected by threats like DOWNAD.”
The security company warned that spam campaigns delivering FAREIT, MYTOB, and LOVGATE payloads in email attachments are attributed to DOWNAD infected machines. FAREIT is a malware family of information stealers that download variants of the Zeus Trojan, while MYTOB is an old family of worms known for sending a copy of itself in spam attachments.
The other top sources of spam with malware are the CUTWAIL botnet, together with Gameover ZeuS (GoZ). Manly said CUTWAIL was actually previously used to download GoZ malware but now a malware called UPATRE employs GoZ malware or variants of ZBOT which have peer-to-peer functionality.
“In the last few weeks we have reported various spam runs that abused Dropbox links to host malware like UPATRE,” Manly said. “We also spotted a spammed message in the guise of voice mail that contains a Cryptolocker variant. The latest we have seen is a spam campaign with links that leveraged CUBBY, a file storage service, this time carrying a banking malware detected as TSPY_BANKER.WSTA.”
According to Manly, cybercriminals and threat actors are probably abusing file storage platforms to mask their malicious activities and go undetected in the system and network.
“As spam with malware attachment continues to proliferate, so is spam with links carrying malicious files. The continuous abuse of file hosting services to spread malware appears to have become a favoured infection vector of cyber criminals most likely because this makes it more effective given that the URLs are legitimate thereby increasing the chance of bypassing anti-spam filters,” she added.
Intel Reveals 750 Series SSD
During the 3D Revolution 2014 presentation held in Rome, Intel has showed its updated SSD roadmap unveiling the new August Ridge SSD 750 Series which will be available in multiple form-factors, including lately popular M.2.
Spotted by Techpowerup.com, the Intel SSD 750 Series will be aimed at both the consumer and the professional market segments and be available in three form-factors, including 2.5-inch SATA 6Gbps, mSATA 6Gbps as well as the M.2 form-factor.
The new 750 SSD Series will most likely be available in all the popular capacities, up to 960GB, and be based on 20nm MLC NAND flash.
Unfortunately, the roadmap does not reveal many details regarding the performance of the SSD 750 Series but does note that it should launch in Q4 2014.
Can Malwarebytes Protect XP?
Malwarebytes has launched anti-exploit services to protect Windows users from hacking attacks on vulnerabilities in popular targets including Microsoft Office, Adobe software products and Java, a service which even offers protection for Windows XP users.
Consumer, Premium and Corporate versions of the service are available, and are designed to pre-emptively stop hackers from infecting Windows machines with malware.
“An exploit will typically first corrupt the memory of an application process, take control, then execute code,” said Malwarebytes director of special projects Pedro Bustamante.
“From the shell code it executes a payload that tells the exploit what to do and that in turn usually downloads malware from the internet and executes it. The final stage is usually where antivirus kicks in, when it’s being downloaded from the internet, and starts doing things like behavioural analysis to see if it’s malicious.
“We don’t care about that, what we do comes before then. We just look for exploit-like behaviour and block anything that looks like it at the shellcode or payload stages. We come into play before the malware even appears on the scene.”
The Consumer version of the anti-exploit service is free and offers basic browser and Java protection.
The Premium version costs $37.00 per user and adds Office and Adobe protection services as well as the ability to add custom shields to other internet-facing applications, like Messenger or Netflix.
The Corporate version costs$40.00 person user and offers complete anti-exploit protection and comes with Malwarebytes’ Anti-malware service and a toolkit for IT managers.
Bustamante explained that the technology is designed to help businesses and general web users defend against the new wave of exploit-based cyber attacks.
“Traditional security can’t deal with exploits. Every day we see people getting infected, even if they have the latest up-to-date antivirus readers, because of exploits,” he said. “This is why we care about the applications you run – Firefox, Chrome, Internet Explorer, Java, Acrobat [and Microsoft] Word, Excel [and] Powerpoint.”
Bustamante added that the service is doubly important for Windows XP users since Microsoft officially ceased support for the OS in April.
“We’re still seeing over 25 percent of our users running XP. For them this product is even more important,” he said.
“We see new zero-days if not every week, every month, and for XP users who are not getting any more patches from Microsoft this product will be essential.
“Every month Microsoft will be releasing security patches for newer versions of Windows. Every time Microsoft does this it’ll be a treasure map for hackers to find exploits on Windows XP.
“It’ll show them exactly where the vulnerabilities are, so every month will see an influx of new exploits targeting Windows XP.”
Did Intel Miss The Tablet Boat?
Intel CEO Brian Krzanich has admitted the obvious – Intel missed the boat on tablets.
Speaking at the Code Conference, Krzanich said the company was slow to react to the emergence of tablets and smartphones.
“There was a belief that tablets would be a consumption device only (and) that people would come back to the laptop and the PC. There were heavy debates within Intel and it took a while for us to accept and acknowledge that data. Companies make mistakes,” Krzanich told Walt Mossberg in an interview.
In other words at least part of Intel’s failure to tap the emerging mobile market a few years ago was internal wrangling.
The course shifted under the Krzanich regime. Last Intel President Renee James and Krzanich made it clear that the company is now treating its Atom line-up just like its big cores. For years the company treated Atoms as a sideshow, making sure that they would not eat into Core sales.
ARM had different ideas and so did AMD, they went after the tablet and essential notebook markets. As a result ARM currently dominates the mobile space, while AMD managed to carve a nice niche in the entry-level x86 segment, with Brazos and Kabini parts.
Intel is fighting back, but it is paying a heavy price. The company is on track to quadruple its tablet SoC shipments to 40 million units this year, but it has to pay through the nose to get there. As for the smartphone market, Intel is all but absent.
Krzanich insists he is not giving up on the phone and tablet space. He wants Intel to take a 15 to 20 percent market share in these segments, which sounds very ambitious. Thanks to generous subsidies it has a good chance in the tablet space. This week Intel announced a deal with Rockchip, which should also boost its presence in the booming tablet market in China.
However, so far the company has not rolled out a compelling smartphone SoC and it’s lagging behind the competition in LTE integration.
Is IBM Going After HP?
IBM has announced a unified branding for its commerce cloud based enterprise products and services with a presentation at the Smarter Commerce Global Summit in Tampa, Florida.
Hot on the heels of HP, which unified its cloud offerings under the Helion brand last week, IBM Experienceone is designed to allow companies to improve engagement with their customers by leveraging big data through the cloud.
Deployment comes from a unified offer of consulting services, software and infrastructure from IBM subsidary Softlayer, which can be used to gather data, mine analytics and improve customer commerce via a mixture of traditional and cloud services.
IBM has already committed 1,000 new employees for its IBM Interactive Experience who will staff 10 “IBM Interactive Experience Labs” that are being set up to help customers understand the rules of engagement and hopefully increase their level of customer engagement.
IBM GM of Industry Cloud Solution Craig Hayman said, “IBM Experienceone provides a secure and simplified portfolio – including innovation from more than 1,200 partners – to help clients design and deliver more valuable customer engagements. With cloud, on premise and hybrid options, IBM Experienceone quickly scales to engage every customer in the moment while protecting their privacy.”
The IBM Experienceone brand is a coming together of many acquisitions that IBM has made in the field over recent years, including Sterling Commerce, Tealeaf, Coremetrics, Unica, Demandtec, Xtify and Silverpop. The only obvious omission from the top to tail offer is a specific CRM database, however IBM Experienceone is compatible with most of the leading solutions, including those of its arch rivals. This leads to the question, could a CRM be next on the company’s shopping list?
As well as on desktop and server equipment, Experienceone analytics will also be available through apps for iOS and Android.
IBM Goes BlueMix
IBM has put together a vast array of hosted cloud services, and now it has a single location to offer them for sale.
At IBM Cloud online marketplace, that went live on Monday, enterprises can find the full range of IBM’s offerings behind a single gateway.
“So many of our customers want to build new cloud-based, front-end systems, but they want to tie them into their back-end infrastructure. We’re delivering a whole set of integration components and control services to do the connection, and monitor and control what is taking place,” said Steve Mills, IBM senior vice president and group executive for software and systems.
The marketplace has more than 100 hosted IBM applications, as well as middleware components from IBM’s Bluemix platform as a service (PaaS). It also serves as a portal to IBM’s SoftLayer infrastructure as a service (IaaS) and houses a collection of services from IBM partners.
“It’s an open platform. It supports all the popular application development tools and structures. So it’s not uniquely IBM. There’s a lot of open source and partners,” Mills said. In addition to IBM’s own offerings, other services will be offered on the site by SendGrid, Zend, Redis Labs and other IBM partners.
IBM is banking heavily on the cloud. The company’s revenue has been declining lately, due in part to sagging hardware sales. The cloud is likely to be a good place to look for more money: Gartner expects 80 percent of organizations to use cloud services in some form by the end of 2014.
Although IBM got a late start in the cloud, at least compared with rivals Amazon and Microsoft, it’s aggressively repositioning itself as a one-stop cloud services company. It generated $4.4 billion in cloud-related revenue in 2013 and has made a number of additional investments in the area as well.
In January, the company announced it would invest $1.2 billion into expanding its SoftLayer cloud service, which it acquired last year for $2 billion.
It is also investing $1 billion in the effort to adapt its middleware software as cloud services, part of the Bluemix offering.
The new online marketplace ties together a number of these initiatives from IBM within a single portal. It can be accessed from desktops, laptops, tablets and smartphones, and it can customize the service offerings based on the user’s needs.
Can Qualcomm Move Forward?
Qualcomm has posted its smallest quarterly revenue increase since 2010, which saw its share price plummeting five percent in after hours trading.
Qualcomm reported its second quarter earnings on Wednesday for the three months to 30 March, and its revenue rose to $6.37bn during the period, up four percent from a year ago, with net profit up five percent to $1.97bn.
However, that was the smallest year over year percentage increase since the June quarter of 2010, when revenue declined by two percent, and was far lower than the quarterly growth rates of over 20 percent that Qualcomm investors have seen previously.
“We delivered another solid quarter, driven by demand for our leading multimode 3G/LTE chipset solutions and record licensing revenues,” said Qualcomm CEO Steve Mollenkopf in the earnings report, not mentioning that earnings reflected a much lower increase than seen in recent quarters.
“Looking forward, we are pleased to be raising our earnings per share guidance for the fiscal year. We continue to see increasing demand for our industry-leading chipsets and strong growth in calendar year 2014 of 3G/4G smartphones around the world.”
Qualcomm also forecast sales of between $6.2bn and $6.8bn for the April to June quarter, with the low end of that estimate representing a decline of one percent from a year ago.
It’s probable that while growing smartphone penetration in emerging markets is helping to keep the firm’s unit sales high, it’s also having an negative effect on Qualcomm’s average selling price (ASP) levels of mobile chipsets and devices.
Following Qualcomm’s earnings report, analysts said that the dip in revenue was attributable to a decline in sales in China as the country’s biggest network, China Mobile, prepares to launch a faster network with 4G, or LTE, technology, and customers are anticipating the launch before buying new smartphones.
Qualcomm now expects to make a profit of between $5 and $5.25 per share, five cents above its earlier projection, the firm said.
Is Qualcomm In Trouble?
Qualcomm’s activities in China may lead to regulatory penalties for the chip vendor, this time from the U.S. Securities and Exchange Commission over bribery allegations.
The company is currently facing an anti-monopoly probe from Chinese authorities for allegedly overcharging clients. Qualcomm has also said that the SEC may also consider penalizing the company, as part of an anti-corruption investigation.
The SEC’s Los Angeles Regional Office has made a preliminary decision to recommend that the SEC take action against Qualcomm for violating anti-bribery controls, the company said in its second quarter report. The accusations involve Qualcomm offering benefits to “individuals associated with Chinese state-owned companies or agencies,” the report added.
Both the SEC and the U.S. Department of Justice have been probing the company over alleged violations of the nation’s Foreign Corrupt Practices Act.
In cooperation with those official investigations, Qualcomm said it’s found instances of preferential hiring, and giving gifts and other benefits to “several individuals” with China’s state-owned companies. The gifts and benefits amounted to less than US$250,000 in value.
If the SEC takes action against Qualcomm, penalties could include giving up profits, facing injunctions, and other monetary penalties, the company said. Earlier this month, Qualcomm filed a submission with the U.S. regulator, countering any claims of wrongdoing.
Qualcomm is facing the investigations at a time when China is increasingly become a bigger part of its business. The nation is the world’s largest smartphone market, and more Chinese device manufacturers are expanding globally.
Last year, however, Chinese regulators began investigating Qualcomm due to complaints from industry groups. The company was allegedly abusing its market position and charging higher fees for its patent licensing business. In November, Chinese authorities conducted two surprise raids of Qualcomm offices in China for documents.
Chinese regulators could decide to penalize Qualcomm by confiscating financial gains made, and even imposing a fine of 1 to 10 percent on its revenues for the prior year, the company said in its quarterly report.
Many Websites Still Exposed
The world’s top 1,000 websites have been updated to protect their servers against the “Heartbleed” vulnerability, but up to 2% of the top million remained unprotected as of last week, according to a California security firm.
On Thursday, Menifee, Calif.-based Sucuri Security scanned the top 1 million websites as ranked by Alexa Internet, a subsidiary of Amazon that collects Web traffic data.
Of the top 1,000 Alexa sites, all were either immune or had been patched with the newest OpenSSL libraries, confirmed Daniel Cid, Sucuri’s chief technology officer, in a Sunday email.
Heartbleed, the nickname for the flaw in OpenSSL, an open-source cryptographic library that enables SSL (Secure Sockets Layer) or TLS (Transport Security Layer) encryption, was discovered independently by Neel Mehta, a Google security engineer, and researchers from security firm Codenomicon earlier this month.
The bug had been introduced in OpenSSL in late 2011.
Because of OpenSSL’s widespread use by websites — many relied on it to encrypt traffic between their servers and customers — and the very stealthy nature of its exploit, security experts worried that cyber criminals either had, or could, capture usernames, passwords,\ and even encryption keys used by site servers.
The OpenSSL project issued a patch for the bug on April 7, setting off a rush to patch the software on servers and in some client operating systems.
The vast majority of vulnerable servers had been patched as of April 17, Sucuri said in a blog postthat day.
While all of the top 1,000 sites ranked by Alexa were immune to the exploit by then, as Sucuri went down the list and scanned smaller sites, it found an increasing number still vulnerable. Of the top 10,000, 0.53% were vulnerable, as were 1.5% of the top 100,000 and 2% of the top 1 million.
Other scans found similar percentages of websites open to attack: On Friday, San Diego-based Websense said about 1.6% of the top 50,000 sites as ranked by Alexa remained vulnerable.
Since it’s conceivable that some sites’ encryption keys have been compromised, security experts urged website owners to obtain new SSL certificates and keys, and advised users to be wary of browsing to sites that had not done so.
Sucuri’s scan did not examine sites to see whether they had been reissued new certificates, but Cid said that another swing through the Web, perhaps this week, would. “I bet the results will be much much worse on that one,” Cid said.