Internet users, beware: new security research has revealed that 40-50 million network-enabled device can be hacked and controlled remotely, with vulnerable products including cameras, printers and routers.

By hijacking personal devices like cameras, hackers can easily watch the every move of the device's owner and invade the privacy of millions of users.

Internet routers that use a protocol called Universal Plug and Play (UPnP) allow network-connected devices such as computer and printers to make themselves easily discoverable, but new research by the security firm Rapid7 shows that this discoverability can be exploited by hackers.

Many routers are set to use the UPnP by default, thereby subjecting all network-enabled devices using the router to the damage that hackers are able to inflict. As many as 50 million unique devices can be exploited and about 6,900 products are vulnerable to software bugs that have already been found in three different implementations of the protocol.

Vendors including Cisco’s Linksys, Belkin, D-Link, and Netgear produce routers that make themselves and their connected devices susceptible to software bugs. At least 23 million types of connectible devices could be hijacked and permanently disabled, while others would face temporary incapacitation.

Using the discoverability of the devices, hackers could invade the network itself, regardless of any sort of firewalls that might be in place, thereby endangering personal information. Hackers could use UPnP-enabled routers and their devices to access confidential files, steal passwords, take full control of computers and access webcams, printers and other security systems.

“We never expected this much UPnP to be exposed on the Internet. The scope of the exposure just blew us away,” Rapid7’s chief security officer H.D. Moore told Forbes.

“This is the most pervasive bug I’ve ever seen,” he told Reuters, referring to the software bugs that Rapid7 discovered in most of the vulnerable devices that were tested.

Rapid7 recommends that Internet users check their routers for UPnP capabilities and disable the feature to protect their devices from being invaded by hackers. The new research also prompted CERT to issue a warning and Cisco to disseminate information about their susceptible products.

“Linksys is aware of the industry-wide UPnP library security vulnerability announced by the US CERT on January 29th,” a spokesperson wrote on the company website. “We recommend Linksys customers visit our website to understand if their home router is affected, and learn how to disable UPnP through the user interface to avoid being impacted.”

Unless Internet users take steps to ensure their network’s security, tens of millions could be at risk of having their information stolen, being watched through their own webcams, or having their devices destroyed.
 

Lithuanian digital design production company Gamadigi expects to win Scandinavian and Western Europe markets.

 

 

 

 

 

 

 

 

 

 

 

Creativity trumps unemployment and a bad economy – at least for one jobless Frenchman, whose online CV went viral after he created a mock Amazon.com webpage and offered himself for sale based on his skills as a web product manager.

Parisian Philippe Dubost caused an internet sensation by creating an Amazon-like webpage that invited prospective employers to bid for him.

The price has been scratched out from $999,999, encouraging employers to offer their own salary options. The fake page urges buyers to "order soon", as there is "only one left in stock".

The page includes a profile picture, skills and experience. It also has personal information like his height, languages spoken, and his best marathon time.

By clicking to add Dubost to your ‘cart’, his contact information pops up. He also links his resume to his blog.

Under ‘shipping’ he indicated, “This item is available for shipping anywhere in the world!” demonstrating his willingness to travel.

Dubost even developed a “frequently bought together” section and included running shoes (sold on Amazon) and airline tickets.

"I wanted to do something fun. Résumés are not fun. They're not fun to write, not fun to read", Dubost told The Independent. "I thought it would be fun to build a small web product that would feel a little bit like a game you could interact with, like those baby toys where every button you push makes a different noise."

After the online CV went viral, around 100 employers had offered various job opportunities, Dubost says.

"So many awesome companies, projects, entrepreneurs, I'm starting to feel like a spoilt kid with too many toys," Dubost added. "And yes, among those there are indeed a few opportunities that match what I'm looking for and that I'm going to pursue."

Unprecedented unemployment levels are putting a big strain on the young professionals to innovate traditional methods of job search. Earlier in January, the UK’s Adam Pacitti, 24, spent his last $800 on a billboard featuring his picture and a message “please give me a job”.

In France, the number of jobless has continued to increase in December for the 19th consecutive month, affecting at least 3 million people, which is a near-15-year high.
 

 

 

 

 

 

 

 

 

 

 

 

 

 

Hackers claiming to be from the activist group Anonymous have hacked a US government website in response to the death of Aaron Swartz.

Activists embedded a video statement on the homepage of the United States Sentencing Commission, an agency of the US government.

The statement referred to the death of Mr Swartz, an internet activist who apparently killed himself in January.

"Two weeks ago today, a line was crossed," the statement said.

"Two weeks ago today, Aaron Swartz was killed. Killed because he faced an impossible choice. Killed because he was forced into playing a game he could not win."

Mr Swartz, who was 26, was facing hacking charges and is believed to have taken his own life.

His federal trial was due to be held next month. If found guilty, he could have faced up to 35 years in prison.

Following his death, Mr Swartz's family released a statement blaming "intimidation" and "prosecutorial overreach" from the criminal justice system.
'Operation last resort'

The attack on the website was scheduled to begin at midnight eastern standard time, according to documents that appear to have been posted online by Anonymous activists.

Later on Saturday the website was not functioning.

The USSC is responsible for issuing sentencing guidelines for US federal courts.

The hackers, who had labelled the attack "Operation Last Resort", said the site was chosen for symbolic reasons.

"The federal sentencing guidelines... enable prosecutors to cheat citizens of their constitutionally-guaranteed right to a fair trial, by a jury of their peers [and] are a clear violation of the 8th amendment protection against cruel and unusual punishments," the video statement said.

The statement also suggested the hackers had sensitive information relating to a number of US judges that may be made public.

There have been numerous attacks by hackers operating under the Anonymous banner in recent months.

On Thursday two British men were jailed after taking part in an attacks on payment services including Paypal, organised by Anonymous.

Government websites of the UK and other countries have also been the subjects of attacks.
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Every quarter Akamai analyzes traffic patterns and the volume of Internet traffic around the world. Their position in the industry as a content provider with a globally deployed network, enables them to be a good gauge of global trends when it comes to broadband penetration.

Akamai reports over 666 million unique IP addresses from 238 countries traversed their network during the second quarter of 2012 - providing a treasure trove of information regarding broadband adoption, connection speeds and other data.

Akamai notes a 6% overall increase in the number of unique IP address from their previous quarterly report. Some of the most interesting data comes from their analysis of global trends. These are some of the more pertinent findings:

Akamai defines broadband as connections of more than 4 Mbps, which aligns with the current FCC definition for defining broadband. Akamai is using the term "high broadband" to define connections of 10 Mbps or higher. Using these terms, the following facts pertain to the most recent data published by Akamai:

 

• Globally, the adoption of high broadband increased 19% to 10%, with South Korea having the highest "high broadband" adption rate of 53%
• Global broadband adoption grew 10% to 40% - with Soth Korea also having the highest broadband rate at 86%

Akamai will no longer report broadband penetration or speeds at the city level.

One significant finding in this report is Akamai's estimate of over one billion web users globally. Although the company reports more than 600 million users, they believe this understates the true total because of multiple individual users sharing IP addresses.

Of the 666 million global users, the top 10 countries listed below represent 66% of the global total.

•     146 million were from the United States
•     China had 92 million users
•     Japan had 40.5 million users
•     Germany had 36 million users
•     United Kingdom and France had 25 million users
•     South Korea and Brazil had 19 million users
•     Italy had 17 million users
•     Russia had 16 million users

Almost all of the countries listed experienced positive growth since the last quarter.

Overall average global connection speeds was 2.6 Mbps, a 14% increase from the last reported quarter. When reviewing the Akamai report, the state of broadband connectivity in the United States, as it relates to broadband connection speeds, is not keeping pace with the rest of the world.

Using the FCC's definition of broadband at 4 Mbps, 40% of users globally are able to access broadband. While the United States has a rate of 60% - higher than the global average, this lags several nations such as South Korea, Japan, Canada, and Switzerland.

These are the percentages in the top 10 countries with the highest percentages of connections above the 4 Mbps threshold:

Global - 40%

1. Hongkong (54,1)
2. Sør-Korea (48,8)
3. Japan (42,2)
4. Latvia (37,5)
5. Romania (37,4)
6. Belgia (32,7)
7. Sveits (32,4)
8. Bulgaria (32,1)
9. Israel (30,9)
10. Singapore (30,7)

The United States ranked 14th globally at 60%, with was a 19% increase from the previous year.

Within the United States, Delaware continues to lead the pack when it comes to speeds. At an average speed of 10.2 Mbps, the speeds experienced in Delaware were 35% higher than the previous year. When analyzing year over year growth, all top ten state experienced notable increases. Nine other states round out a list of the fastest average broadband connections in the country. They are:

 

• New Hamphsire - 9.4 Mbps
• Vermont - 9.1 Mbps
• District of Columbia - 8.9 Mbps
• Utah - 8.5 Mbps
• Rhode Island - 8.5 Mbps
• Connecticut - 8.4 Mbps
• Massachusetts = 8.2 Mbps
• Maryland - 8.1 Mbps
• Washington - 7.9 Mbps

According to the Akamai report:

"The strong growth seen across both the short and long-term is extremely encouraging, and hopefully bodes well for the continued adoption of high speed Internet connections across the United States throughout 2012.

In a January speech at the 2012 International Consumer Electronics Show in Las Vegas, FCC Chairman Julius Genachowski made the point that the United States needs ubiquitous broadband and universal broadband adoption, which he said means world-class wired and wireless infrastructure.

To that end, he also noted that the FCC has removed barriers to wired and wireless broadband buildout. In February, however, a posting on technology industry blog GigaOm noted that some states are working to advance legislation that would restrict community/municipal broadband efforts, which could effectively limit consumer choice to the service tiers and speeds that the incumbent telecom and cable providers have made available to that market, slowing the progress towards ubiquitous broadband and universal broadband adoption."
 

Mozilla has published details of the first smartphones to be powered by its Firefox operating system.

Two handsets are to be made by a small Spanish firm called Geeksphone and will be targeted at developers ahead of the system's formal launch.

The platform is based on the HTML5 web programming language and is being marketed as offering software writers more "freedom" than alternatives.

However, it faces competition from other soon-to-be-released systems.

Blackberry 10, Ubuntu, Tizen and Sailfish are all due for release for smartphones before the end of 2013, joining a market already occupied by Android, iOS, Windows Phone, Blackberry 7 and Symbian among others.

One analyst said he did not believe there was enough room in the market for all to survive.
Low and high-end

The two new handsets are codenamed Keon and Peak.

Keon is the more basic model, including a 3.5in (8.9cm) screen, a 3MP (megapixel) camera and Qualcomm's low-end Snapdragon S1 processor.

Peak has a bigger 4.3in display, an 8MP camera and a more powerful Snapdragon S4. Mozilla noted this was probably "slightly faster" than the first generation devices that would be marketed to the public.

It added that Geeksphone's phones would be made available for sale next month, but did not provide a price.

It said that when devices went on general sale they would be cheaper than many alternatives and would be targeted at emerging markets.
Open source

The Mozilla Foundation already uses the Firefox brand for its web browser - an offshoot of the 1990's Netscape Navigator product. The software is developed by a community of volunteers and is run as an open source project, meaning its code is accessible to others allowing them to make their own modifications.

The same principles are applied to the operating system and Mozilla highlights the fact that coders can market their apps through their own websites or any store they wish in addition to the organisation's own marketplace.

It adds that the lightweight nature of the system means that apps should run smoothly and offer "optimal battery life" on low-end devices.

However, one analyst questioned whether this would make Firefox OS stand out, bearing in mind developers were already free to offer web apps for most other devices, and in the case of Android could also sell native apps outside Google's own Play store if the user adjusted their settings to accept them.

"What Firefox is trying to do is make the web the app store and bring the openness of the web to phones," said Nick Dillon, senior analyst at the consultants Ovum.

"But the question is what does this offer over a cheap Android phone to a consumer looking to buy a low-end handset?

"On Android you got Google services pre-installed and the 700,000 apps in its store but Firefox OS isn't going to have these so will have reduced functionality."
Native or not?

If Firefox OS is a success it should help drive the creation of HTML5 apps, which by their nature should work on any smartphone.

In theory this works to developers' advantage as they can write a single program and then offer it across a range of platforms.

However, many view the language as a "work in progress" when it comes to mobile and believe that for the time being native apps - those coded for a specific platform - offer advantages.

"Applications that require more processing power and the full capabilities of a phone - games for example - lend themselves more to native applications," said Mr Dillon.

"Although HTML5 has come a long way there are still gaps, like for notifications, that have not been fully standardised across all browsers - so if you are building an app that can alert users to the fact they have received a new message, it's easier to do in a native app if you want to ensure a consistent experience.

"The trade-off, of course, is that it will take more time and effort to make the app for each platform."
 

 

 

 

 

 

 

 

 

 

 

 

 

 

The 2010 cyber-attack on an Iranian uranium enrichment facility, which destroyed more than 1,000 centrifuges, has sparked a buildup of Tehran’s hacking capabilities, a US cyberwarfare commander said. Tehran may soon be a formidable foe in cyberspace.

While no government has officially claimed responsibility for the Stuxnet virus that targeted Iran’s Natanz facility, the US and Israel are widely believed to be behind the attack. The sophisticated cyberweapon infected industrial computers and interfered with centrifuge operations, causing damage to the equipment.

"It's clear that the Natanz situation generated a reaction by them. They are going to be a force to be reckoned with, with the potential capabilities that they will develop over the years and the potential threat that will represent to the United States," General William Shelton told journalists. Shelton heads the US Air Force’s Space Command, and also oversees the Air Force's cyber operations.

General Shelton declined to elaborate on Iran’s offensive hacking capabilities, or the damage that Tehran could inflict on US computer networks. Earlier, a newsletter from the Department of Homeland Security’s cyber unit warned that critical US infrastructure is becoming increasingly vulnerable to hacker attacks.

Tehran has denied several accusations it was involved hacking operations; the latest such incident was a hacking attack on nine US banks and financial institutions last week, which cost the firms millions of dollars.

A hacker group claimed responsibility for the denial-of-service onslaught against the financial websites, saying it was retaliation for an amateur video deemed offensive to Islam’s Prophet Muhammad.

But US media cited a number of officials and experts who said that Washington is certain Tehran was behind the attack. Tehran denied any involvement, saying in a statement that it “denounces such methods, which are a violation of the sovereignty of nations.”

Another alleged Iranian cyberwarfare operation was last year’s attack on Saudi oil giant Aramco. A virus uploaded to the state-owned firm’s computer networks damaged files on some 30,000 computers.

At the time, US Secretary of Defense Leon Panetta called the incident “a significant escalation of the cyber threat,” and warned that a “cyber Pearl Harbor” could soon hit America.

Iran has recently grappled with a number of cyber-attacks. In December 2012, Tehran complained that a number of hacking attacks aimed at disrupting the networks of Iranian industrial facilities – including a power plant – took place over the course of several months.

Iran is currently under crippling financial sanctions championed by the US that have significantly cut its oil revenues and damaged its economy. Washington and its allies have stepped up pressure on Tehran in a bid to halt its uranium enrichment program, and have accused Iran of trying to build a nuclear weapon.

The Islamic Republic has for years denied allegations it is weaponizing its nuclear industry, arguing that its enrichment capabilities are needed to produce fuel for nuclear power plants and radioactive isotopes for medical applications.
 

At least 17 billion Earth-size planets may inhabit the Milky Way galaxy, SPACE.com reported citing a new study by US astronomers.