Students Plan to Press Irish Data Commissioner on Facebook

Posted on by
Reply

A group of students concerned over Facebook’s privacy practices plans to continue to press the Irish Data Protection Commissioner (DPC) for action following a meeting on Monday in Vienna with representatives of the social networking site.

The students, who formed Europe v. Facebook, filed 22 complaints with the Irish DPC in August and September 2011. Facebook committed to changing how it retains data and some privacy control following a critical audit by the regulator released in December.

The company also agreed voluntarily to meet with Europe v. Facebook to address the group’s concerns. The six-hour meeting took place on Monday in Vienna’s airport, according to a statement released by Europe v. Facebook on Tuesday.

Those attending the meeting were Richard Allan, Facebook’s director of policy for Europe, and another Facebook representative. Max Schrems, a law student at the University of Vienna, and another student from the same university represented Europe v. Facebook.

The group characterized the discussion as friendly and positive, but said it still had “seriously doubts about a lot of Facebook’s data usage.”

Europe v. Facebook will get additional information from Facebook and will monitor changes the social networking site makes following the complaints. It said it plans to ask the Irish DPC for a formal decision if there are outstanding issues.

The DPC has said that if a complainant is not satisfied with the outcome, it will study the issues further and make a formal decision. If the complaining parties are still not satisfied, they can file an appeal with the courts.

Send news tips and comments to jeremy_kirk@idg.com

Denial-of-service Attacks Are on the Rise, Anti-DDoS Vendors Report

Posted on by
Reply

Both the number and volume of distributed denial-of-service attacks are increasing, according to new reports from DDoS mitigation companies Prolexic and Arbor Networks.

During the fourth quarter of last year, Prolexic detected 45 percent more DDoS attacks compared to the similar period of 2010 and more than twice the number of attacks observed during the third quarter of 2011.

There’s a trend toward a shorter attack duration, but a bigger packet-per-second attack volume, said Paul Sop, Prolexic’s chief technology officer.

The average attack bandwidth registered in the fourth quarter of 2011 was 5.2G bps (bits per second), 148 percent higher than what it was during the third quarter. The year over year increase for attack bandwidth in 2011 was 136 percent.

This trend is also reflected in a new report from Arbor Networks which surveyed 114 representatives of different market segments about their experience with DDoS attacks in 2011. Over 40 percent of respondents said they experienced attacks that exceeded 1G bps in bandwidth last year, while 13 percent said they were the target of at least one attack that exceeded 10G bps.

Based on the Prolexic’s statistics for the last quarter of 2011, Paul Sop believes that 2012 will be one of the most challenging years for online businesses, because they are one of the primary targets of DDoS attacks.

Both Prolexic and Arbor Networks recorded an increase in the number of so-called layer-7 DDoS attacks, which target particular Internet facing applications rather than load balancers or Internet gateways.

DDoS attacks on applications focus on sending bad traffic using those applications’ protocols, said Darren Anstee, solutions architect for Europe, the Middle East and Africa at Arbor Networks. The attacks are very effective using relatively low bandwidth and just a few hosts, he said.

The number one motivation for DDoS attacks in 2011 was rooted around political and ideological conflicts, said Roland Dobbins, an Arbor solutions architect for Asia and co-author of the company’s report.

Japan was the primary source of DDoS attack traffic for the last quarter of 2011, according to Prolexic. This comes as a surprise because the country rarely even makes it into the top 10 and doesn’t have a large concentration of botnets.

Prolexic believes that the surge of DDoS attacks originating in Japan might be the result of local companies setting up impromptu communication networks with lax security in the aftermath of last year’s natural disasters. Poor network security could have led to a larger number of botnet-compromised computers in the country.

(Jeremy Kirk in London contributed to this report.)

Deleted Facebook Photos Still Accessible Online Years Later

Posted on by
Reply

196410 facebook privacy changes original Deleted Facebook Photos Still Accessible Online Years LaterPhotos deleted from Facebook have remained on the social network’s servers for nearly three years, according to an investigation by Ars Technica.

Ars Technica looked into this situation almost three years ago and found that some of the photos that users deleted then are still accessible on Facebook’s servers.

Facebook told Ars Technica that, while its older systems did not always delete user-uploaded content within a reasonable timeframe, it’s in the process of moving to new systems that will ensure any deleted content is removed from its servers within 45 days.

“We have been working hard to move our photo storage to newer systems which do ensure photos are fully deleted within 45 days of the removal request being received,” Facebook representative Frederic Wolens told Ars Technica in an e-mail. “This process is nearly complete and there is only a very small percentage of user photos still on the old system awaiting migration. … We expect this process to be completed within the next month or two, at which point we will verify the migration is complete and we will disable all the old content.”

Facebook’s statement implies that users’ deleted Facebook images are probably out there, easily accessible by anyone, and untrackable by that user (unless he or she happened to save the direct links to each photo before deleting them). To access the direct link of a Facebook photo, all someone has to do is right-click on the photo and select “Copy Image Location.” (That is the process in Firefox; other browsers will have a variation of this.) The direct link to the image will be copied onto your computer’s clipboard, and you can easily paste it into an e-mail, Word document, or other electronic space.

196410 facebook privacy original Deleted Facebook Photos Still Accessible Online Years LaterThe problem with this is not just that the direct links stay viable, but they’re also public. Direct-linking to a Facebook image allows anyone — no matter how private your profile is — to see that picture.

I don’t have as many direct links to deleted photos as Ars Technica apparently does, but I did try two — one of a friend’s ex-boyfriend, and one of another friend’s tattoo, both of which were uploaded several years ago and deleted around the end of 2008. The ex-boyfriend’s photo is no longer there, but the image of the tattoo remains.

So here’s what you should take from this: Facebook does not immediately delete your photos when you delete them from the site. Though Facebook says it is moving to a new system that will delete photos within 45 days, this system won’t be ready for another couple of months and I’m not totally sure I believe them — after all, Ars Technica called them out three years ago and they’re still not finished fixing it. So be really careful about what you upload to Facebook. Really, really careful.

Follow Sarah on Twitter, Facebook, or Google+.

Amazon Web Services Lowers Price of Storage in Its Cloud

Posted on by
Reply

Amazon Web Services has cut the cost of storing data using its Simple Storage Service (S3) — saving users with 50 TB stored on the service around 12 percent on their monthly bill, the company said on Monday.

S3 users are charged monthly for the amount of storage they take up in Amazon’s cloud. Amazon has cut the cost of storage in its U.S. Standard region from US$0.14 per gigabyte per month to $0.125 for the first terabyte of data, and for the next 49 TB the cost is now $0.110 per gigabyte per month, instead of $0.125.

Charges for the next 450 TB and subsequent blocks of 500 TB are lower too.

Amazon continues to develop its infrastructure to drive down storage costs, which are then passed along to users, it said. The price cuts have been effective since Feb. 1.

Storage is not the only cost that enterprises using S3 face: They must also pay for requests and traffic out of Amazon’s cloud.

The news of the price cut follows the release of a study by market research company Gartner suggesting that using cloud services to improve business intelligence functions can be cheaper for the first five years, but then becomes more expensive.

Amazon said its scale and focus give users an advantage over traditional IT, and another price cut is an example of that principle at work. The number of objects stored in S3 increased to 762 billion during the last three months of 2011, compared to 262 billion during the same period in 2010, according to Amazon.

Along with EC2 (Elastic Compute Cloud), S3 is the backbone of Amazon’s web services offering.

At the end of last month, Amazon announced a public beta test of AWS Storage Gateway, which allows enterprises to back up application data in Amazon’s cloud using a software appliance and S3.

Send news tips and comments to mikael_ricknas@idg.com

Sony Merges PlayStation Network Into Broader Online Services

Posted on by
Reply

Sony will merge its PlayStation online gaming service into its broader online platform from Tuesday.

The company said in a message to PlayStation Network users that their accounts will be rebranded under the Sony Entertainment Network. Online PlayStation users will be rerouted to a new login screen for the more general service, and the first time they sign in will have to agree to a slightly different privacy policy, including new terms related to parental controls.

Sony emphasized that only the name of the network will change, and all login details will remain the same. The move is the latest by the company to integrate its PlayStation platform into its broader services and products, a shift that incoming CEO Kazuo Hirai has said is crucial to its strategy. Last year, Sony combined all of its electronics goods, game consoles and network platforms into a single division, with Hirai in charge, after moving its gaming division from the trendy Aoyama neighborhood of Tokyo to the more business-like Shinagawa district, next to its headquarters, in 2010.

“This helps us get closer to our goal of establishing a global comprehensive network platform of services across games, movies, music and more,” the company said of the latest change.

The shift will be implemented in software updates to the PlayStation 3 and PlayStation Vita game consoles. The Vita handheld, which was released in Japan last year and is due out in North America and Europe later this month, is due to receive a software update from tomorrow that includes an online map service and adds the ability to shoot videos to its photo app.

While working to bring its broader online contents to its gaming consoles, the company is also trying to expand its gaming holdings to its other devices. Under its “PlayStation Certified” program, Sony has designated some of its tablets and mobile phones as able to seamlessly run certain games, although only a limited number of titles have been offered so far.

Sony said last week that Hirai will become CEO from April, replacing current chief Howard Stringer.

Programmer Personality Types: 13 Profiles in Code

Posted on by
Reply

To the world at large, computers are scary machines that are impossible to understand, and programmers are the mysterious geniuses who know how to manipulate them even if they are never able to fix yours for whatever reason.

212534 code binary 180 original Programmer Personality Types: 13 Profiles in CodeAnyone who has worked with the machines knows that programmers aren’t just one undifferentiated group, but a club with a wide variety of subspecies. From those who will go to any length to avoid documentation to those who deploy code like duct tape, refuse to use libraries, or can’t help but rewrite their apps in the latest experimental programming language, programmers are a colorful lot — particularly in their perspectives and habits — though collectively comrades in code.

[ Find out which 11 programming trends are on the rise, verse yourself in the 12 programming mistakes to avoid, and test your programming smarts with our programming IQ test: Round 1 and Round 2. | Keep up on key application development insights with the Fatal Exception blog and Developer World newsletter. ]

Here we’ve compiled the 13 classic programming personality types you’re likely to find in almost any IT or development shop. Together, they keep the machines feature-rich, despite steadfast differences in their approaches to programming.

Programming Personality Type No. 1: The Underdocumenter

They offer plenty of rationalizations, some of which may even sound reasonable. Comments take longer to read than good code, they might say. Or they will claim that Lisp or Java or whatever is self-documenting by the very nature of its structure. Or that the search capabilities of modern IDEs can parse the code itself. After all, human-written text requires artificial intelligence to discover its semantic meaning, whereas good code is immediately understandable to the parser. Whatever the reason, shirking documentation sounds perfectly good to them because they read and write programming languages with more ease than they do English.

The Underdocumenter will go to any length to avoid being shackled by management’s foolish requirement to write text about that function. The droll ones will create functions like queryDatabase, then add a comment that says, “Queries database.”

comments generic 5241390 Programmer Personality Types: 13 Profiles in CodeThe cleverest Underdocumenters will even write their own code to save them the trouble of writing English. I know someone who hooked up a version of Eliza to Emacs so that he could add Eliza-grade comments to his code with the push of a button. No one noticed, he said, because even his manager had written scripts to count the words in the comments of the developers he managed. Eliza always had him near the top of the documentation pecking order in his department.

Car: Vespa

Relationship status: Living with the same person for 15 years without getting married because they don’t want to fill out the forms

Household chore: Rewiring the house without labeling the breakers

Role model: Guy who hid the Ark of the Covenant before “Raiders of the Lost Ark”

Pet: “Around here somewhere.”

Favorite programming construct: Lambda

Drink: Anything with an “XXX” on the bottle

Programming Personality Type No. 2: The CYA Specialist

For some programmers, documentation is a talisman for warding off middle-management evil. They write paragraphs and paragraphs about mundane routines like queryDatabase. Did you know that the routine will work for Oracle and Postgres 8.5 but not MySQL or Postgres 9.0+? It doesn’t matter if you’re running only one database, the CYA Specialist has you covered.

If you’re lucky, your CYA Specialist will be a frustrated novelist who is happy to inject a pun or two into a boring pile of code. But the worst kind is the one who lords their documentation over others during code reviews. If a bug appears, the CYA Specialist says it was a limitation that was “well-documented in the 17th paragraph of the method’s comment.”

Some CYA Specialists perform job security by obscurity, handing over a binder full of printed-out code, as if you’re going to leaf through 700 pages of monospaced, unsearchable type. They know that if you measure the work product in pounds, there can’t be any debate over what they’ve done.

Car: Stack of Chilton manuals

Relationship status: Married to a 48-page prenuptial agreement

Household chore: Relabeling the spice rack

Role model: Wikipedia editor of the year

Pet: “Come over to see the photo montage of Scrappy that used to be just a wall.”

Favorite programming construct: The comment block

Drink: Triple-filtered water

China Plans to Improve Internet Speeds, Bring Down Costs

Posted on by
Reply

Following user complaints of slow connection speeds, China plans to improve the nation’s Internet networks by building new fiber networks while also lowering their prices, said a Chinese government official on Tuesday.

“This implementation will push China’s broadband foundation and applications to a new level, and improve the price-peformance ratio of user’s broadband,” said Chen Jiachun, a deputy director with China’s Ministry of Industry and Information Technology, during a Tuesday media briefing

Although China has the world’s largest Internet population at 513 million users, according to the government estimates, the country still lags far behind other nations in Internet access speeds.

China has an average Internet speed of 1.4 Mbps, putting the nation 90th on the global rankings, according to Internet content delivery network vendor Akamai Technologies. In contrast, the global average Internet connection speed is 2.7 Mbps. South Korea has the highest average Internet speed at 16.7 Mbps, while the U.S. ranks 13th with an average speed of 6.1 Mbps.

In building more Internet networks, China plans to also bring more broadband to the country’s rural areas, Chen said. Currently, China’s Internet penetration rate covers 38.3 percent of the populace.

Chen made the statements after the Chinese government started an anti-monopoly investigation in November against state-controlled telecommunication firms China Telecom and China Unicom.

The two companies dominate about 90 percent of the nation’s broadband market, but had allegedly kept Internet service fees high without optimizing connection speeds, according to a report from China’s state-run Xinhua News Agency.

In December, both China Telecom and China Unicom said in response to the investigation that the companies will improve Internet speeds while bringing down prices for customers.

Anonymous Claims to Have Released Source Code of Symantec’s PcAnywhere

Posted on by
Reply

Hacker group Anonymous claimed late Monday that the source code of Symantec’s pcAnywhere had been uploaded on The Pirate Bay site.

Symantec could not immediately comment on whether the hackers had indeed released the source code of its product. “It happened so recently that we’re still in the process of analyzing and won’t be able to confirm until the morning,” a spokesman said via email.

Earlier on Monday, an email string posted on Pastebin referred to negotiations over payment for the source code between one Sam Thomas, purported to be a Symantec employee, but using a Gmail mail id, and a person named Yamatough. The name of the hacker is similar to the Twitter handle of YamaTough in Mumbai who is associated with the hacker group, Lords of Dharmaraja, that had earlier claimed it had access to the source code of some Symantec products.

“We will pay you $50,000.00 USD total,” Thomas said in an e-mail earlier this month. He however wanted assurances that the hacker would not release the code after payment, and offered to pay $2,500 a month for the first three months, with payments starting the next week.

“After the first three months you have to convince us you have destroyed the code before we pay the balance. We are trusting you to keep your end of the bargain,” he added.

Yamatough rejected the offer stating that “our offshore people wont let us securely get the money because they wont process amounts less than 50k a shot”.

By late Monday, Yamatough gave Symantec 10 minutes to decide which way it would go. “After that two of your codes fly to the moon PCAnywhere and Norton Antivirus totaling 2350MB in size (rar),” the hacker said. “We can’t make a decision in ten minutes.  We need more time,” Thomas replied.  

Symantec said the offer of $50,000 to the hacker was part of a law enforcement investigation.

The company did not however disclose the name of the investigative agency. “Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide,” the company said in a statement.

Symantec said that in January an individual claiming to be part of Anonymous attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession. “Symantec conducted an internal investigation into this incident and also contacted law enforcement given the attempted extortion and apparent theft of intellectual property,” it added.

Symantec admitted in January that its network was compromised and source code stolen, according to reports, backing away from earlier claims that a third party had been attacked.

Nikon D800 Full-Frame DSLR Packs 36 Megapixels

Posted on by
Reply

zoomIcon Nikon D800 Full Frame DSLR Packs 36 Megapixelsd800e 24 120 fronttop 11273134 Nikon D800 Full Frame DSLR Packs 36 MegapixelsNikon D800Nikon today announced its second new full-frame DSLR of the year, the Nikon D800, which offers the same-size sensor as the Nikon D4 announced at CES 2012. The Nikon D800 will sit below the D4 at the high end of Nikon’s DSLR line, offering more than twice the pixel density of the top-of-the-line D4. Nikon says that the D800 will eventually replace the Nikon D700 in the company’s prosumer DSLR lineup, and that the new camera offers the highest-resolution Nikon sensor yet.

The D800′s FX-format full-frame sensor captures 7360-by-4912-resolution images (36.15 megapixels), and its size, in-camera features, and target buyer all differ slightly from those of the 16-megapixel Nikon D4. Whereas the D4 is geared more toward high-speed shooting and low-light performance, the Nikon D800 puts image resolution front and center with its 36.3-megpixel sensor. Nikon says the D800 is built with wedding photography, portraits, and fashion spreads in mind. The combination of pixel density and sensor size should make the D800′s output about as crop- and billboard-friendly as it gets outside a medium-format camera.

zoomIcon Nikon D800 Full Frame DSLR Packs 36 Megapixelsd800 back 11273120 Nikon D800 Full Frame DSLR Packs 36 MegapixelsNikon D800 (back)The D800′s image resolution translates into a slower burst-shooting speed at full resolution when compared to the D4 (the D800 snaps 4 frames per second versus the D4′s continuous shooting speed of 10 fps) and an ISO range that isn’t quite as expandable as the one found in the D4 (the D800 caps out at ISO 25,600, while the D4 is expandable to a whopping ISO 204,800). Both new DSLRs offer a hot shoe for external flashes; but unlike the D4, the Nikon D800 also has a built-in pop-up flash, which can serve as a commander flash to control external Speedlight flashes. The D800 is also significantly smaller than the D4, at 5.7 inches wide, 4.8 inches tall, and 3.2 inches deep, as compared to the D4′s 6.3-by-6.2-by-3.6-inch frame.

In addition to the similar sensor sizes, the D800 and the D4 share a few notable similarities, as well: Both are built around Nikon’s latest Expeed 3 image processor; both offer 91,000-dot color-matrix metering; both employ a 51-point autofocus system; and both feature a “Dual Live View” mode that retains manual exposure settings while toggling between still- and video-capture modes.

zoomIcon Nikon D800 Full Frame DSLR Packs 36 Megapixelsd800 me1 11273133 Nikon D800 Full Frame DSLR Packs 36 MegapixelsNikon D800

The Nikon D800 looks as though it will be a popular DSLR for videographers, thanks to manual exposure controls in video mode; 1080p recording at 30, 25, and 24 fps (as well as 720p video at 60 fps); and the ability to feed uncompressed video to a monitor or recording device via HDMI as it’s being captured. A 3.5mm stereo mic jack supports recording audio with an external microphone, and the D800 offers the same in-camera audio monitoring and headphone jack as the D4.

In addition to the expected RAW mode, manual exposure controls, aperture-priority, and shutter-priority modes for a camera of its class, the D800 will have an automated HDR (high dynamic range) mode, automatic scene-recognition features, and an Active D-Lighting feature to bring out highlights in shadowy areas.

zoomIcon Nikon D800 Full Frame DSLR Packs 36 Megapixelsd800 24 120 top 11273121 Nikon D800 Full Frame DSLR Packs 36 MegapixelsNikon D800 (top)To speed up transfers of bulky 36-megapixel image files and 1080p videos, the D800 has a high-speed USB 3.0 connector (which will also work with USB 2.0 cables at a slower transfer rate). Storage is handled by two separate card slots–one for SDHC/SDXC cards, and one for CompactFlash cards–and shooters can define target cards for photos and videos separately, set one of the cards as a backup drive, and automatically jump between storage cards without interrupting video recording if one of them fills up.

The Nikon D800 is due in March at $3000 for the body only–about half the price of the higher-end Nikon D4. A second version of the D800, called the Nikon D800E, will also arrive in April. The D800E will eliminate the D800′s integrated low-pass filter; Nikon says the filter-less D800E will provide a further boost to detail and image resolution at the expense of a visible moire effect in some images. The Nikon D800E will be priced at $3300 for the body only.

Oracle Asks for Retrial Against SAP in TomorrowNow Case

Posted on by
Reply

Oracle has chosen a new trial in its lawsuit against SAP for copyright infringement, rejecting the reduction of a jury verdict by about US$1 billion by a federal court in September last year.

The company rejected the Judge’s ruling lowering the jury verdict, and chose a new trial, Oracle’s attorney, Geoffrey M. Howard said in a filing Monday before the United States District Court, Northern District of California, Oakland division.

“We are disappointed that Oracle has passed up yet another opportunity to resolve this case,” SAP said in a statement. “We will continue to work to bring this case to a fair and reasonable end.”

Judge Phyllis Hamilton overturned in September a $1.3 billion award Oracle won against SAP in its corporate theft trial, in which SAP admitted liability for illegal downloads of Oracle software and support materials by a former subsidiary, TomorrowNow, which provided lower-cost support for Oracle applications.

The Judge however approved SAP’s request that Oracle accept a lower award. The verdict grossly exceeded the actual harm to Oracle in the form of lost customers, she said.

If Oracle were to reject the reduction of the amount to $272 million, the court would order a new trial as to the amount of actual damages, Judge Hamilton said.

Oracle had argued that SAP should pay damages based on a “hypothetical” cost that SAP would have to pay to license the software legally. The court found that there was insufficient evidence for a reasonable jury to find that Oracle was entitled to a hypothetical license.

Accepting the Judge’s ruling would force Oracle to risk waiving its right to appeal the court’s decision on motions for judgment as a matter of law and for a new trial, Howard said in the filing.

“Oracle’s objective is to obtain clarification of the law and, if it is right about what the law is and what the evidence supports in this case, to vindicate the verdict of the jury and Oracle’s intellectual property rights as a copyright owner,” Howard added.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John’s e-mail address is john_ribeiro@idg.com