Start up: Sony-signed malware, robots watching videos, Nexus 6’s lost finger lock, are tablets desktops?, and more


I love robots, by Duncan on Flickr.

A selection of 10 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Swedish police raid The Pirate Bay, site offline >> TorrentFreak

This morning, for the first time in months, The Pirate Bay disappeared offline. A number of concerned users emailed TF for information but at that point technical issues seemed the most likely culprit.

However, over in Sweden authorities have just confirmed that local police carried out a raid in Stockholm this morning as part of an operation to protect intellectual property.

“There has been a crackdown on a server room in Greater Stockholm. This is in connection with violations of copyright law,” read a statement from Paul Pintér, police national coordinator for IP enforcement.


‘Destover’ malware now digitally signed by Sony certificates >> Securelist

Functionally, the backdoor contains two C&Cs [command & control servers for computers taken over by the malware] and will alternately try to connect to both, with delays between connections:

208.105.226[.]235:443 – United States Champlain Time Warner Cable Internet Llc

203.131.222[.]102:443 – Thailand Bangkok Thammasat University

So what does this mean? The stolen Sony certificates (which were also leaked by the attackers) can be used to sign other malicious samples. In turn, these can be further used in other attacks. Because the Sony digital certificates are trusted by security solutions, this makes attacks more effective. We’ve seen attackers leverage trusted certificates in the past, as a means of bypassing whitelisting software and default-deny policies.

We’ve already reported the digital certificate to COMODO and Digicert and we hope it will be blacklisted soon. Kaspersky products will still detect the malware samples even if signed by digital certificates.

Everyone says “ooh! Thailand again!” (a previous part of the hack was linked to a hotel in Bangkok) but nobody says “hmm, Time Warner.” What if the hackers are based in the US? (Speaking of which, has Re/Code walked back – as one says – on its claim that North Korea was behind the Sony hack?)


Android source reveals scrapped Nexus 6 fingerprint sensor >> Ars Technica

Methods like “FINGERPRINT_ACQUIRED_TOO_FAST” and “FINGERPRINT_ACQUIRED_TOO_SLOW” in the fingerprint API suggest it supported a “swipe” style fingerprint reader, which, unlike Apple’s stationary fingerprint reader, requires the finger to be moved across a sensor at the right speed. Another file said the system would show a picture indicating which part of the finger would need to be scanned next, which again points to it being more like a swipe reader and less like a whole-fingerprint scanner.

The fingerprint API would be open to multiple apps, with a comment saying Google had built “A service to manage multiple clients that want to access the fingerprint HAL API.” Presumably this would allow apps like Google Wallet to use your fingerprint as authentication.

Motorola had a fingerprint scanner in the Atrix in 2011. Sucked.


The real reason why Google is dropping the tablet v desktop distinction – it’s the user context, stupid! >> Search Engine Land

Looking at the huge amount of search query data that they have access to, Google picked up on a pattern in the way people use their devices. What they noticed is that user context trumps everything else.

“User context” refers to the time, location and device from which a search is conducted, and as [group product manager of Global Mobile Search Ads at Google] Surojit [Chatterjee] put it: “User context drives what people search for, and the actions they take. So for example, say I am at home in the evening, and I’m doing a search. The actions that I will take will be largely the same if I’m using a smartphone, tablet or notebook, because the context is the same. Particularly between notebook and tablet, the query patterns are very similar.”

Similarly, the types of searches that we typically think of as “mobile” searches are the ones that people make when they’re out and about, away from home or work – and that user context is actually far more important than the physical device they are using.

Also: “Currently, 80% of tablet traffic occurs in the home, in the evening, and Google is much more interested in user context vs. user hardware.”

In other words, tablets are the new laptops/desktops.


Korea’s shrinking market: domestic smart device market size likely to shrink for two years >> BusinessKorea

[Research company IDC] mentioned a decline in smartphone supply as the main culprit of the negative growth of the domestic market. The smartphone segment used to account for 80% of the overall smart device market, but the domestic supply is forecast to drop by 20.5% to 17.54m units and the sales by 29.2% to 12.345trn won (US$11.1bn) this year.

“The smartphone market has already reached a saturation point, and the market downturn has been accelerated by the recent suspension of the business of mobile carriers, the Terminal Distribution Structure Improvement Act and the crisis of Pantech,” IDC Korea explained.

Non-tablet PC demand is on the decline as well, with more and more people using their smartphones and tablet PCs instead of conventional PCs.

That’s a steep drop in Samsung’s and LG’s homeland.


OMG! Mobile voice survey reveals teens love to talk >> Official Google Blog

Mobile voice searches have doubled in the past year, says Google, which commissioned a study of 1,400 US adults so it could commission an annoying infographic:

We weren’t surprised to find that teens — always ahead of the curve when it comes to new technology—talk to their phones more than the average adult. More than half of teens (13-18) use voice search daily — to them it’s as natural as checking social media or taking selfies. Adults are also getting the hang of it, with 41% talking to their phones every day and 56% admitting it makes them “feel tech savvy.”

Those numbers feel high. Would love to know how they break down between smartphone platform; Google doesn’t specify that, and doesn’t show what the actual questions on the survey are.

Given that about half of smartphone owners in the US have iPhones, could it be that a significant portion of those people who use voice commands (because that’s what the survey asks about – not voice search) were actually asking Siri to do stuff?

Note though how Google cleverly elides from “voice search” (what it offers in the Google app) to voice commands – which don’t necessarily involve Google at all.


Digitimes Research: Lenovo mobile device shipments to lead Samsung by 9 million units in 2015 >> Digitimes

Note that by “mobile” it’s excluding smartphones, which might strike some as contrary. But anyway, Jim Hisiao and Joanne Chien report:

Despite difficulties to achieve further shipment growths for its tablet business, Lenovo with its advantage as the largest notebook brand vendor worldwide and aggressive promotions of its inexpensive and phone-enabled tablets is expected to achieve 50m in total tablet and notebook shipments in 2015, widening its gap with Samsung to 9m units.

Because tablet demand will weaken in 2015, Lenovo’s and Samsung’s strategies for the mobile computing device market are expected to focus on maintaining their tablet shipments. Digitimes Research believes Lenovo’s shipments for tablets with phone functions to emerging markets in 2015 are expected to remain strong…

…Samsung’s aggressive expansion of its tablet product line in the first half of 2014 did not receive a good response from the market. Since the company is expected to turn conservative about its tablet business and place most of the resources on the smartphone business in 2015, Digitimes Research expects the Korea-based vendor’s tablet shipments to drop to 36m units in the year.

As for the notebook business, after phasing out from the market in the second half of 2013, Samsung’s shipment volume has dropped rapidly and is only expected to reach 5m units in 2015.

Samsung’s essential weakness compared to Lenovo is its failure to make any profit from selling PCs.


Editorial: No comments. An experiment in elevating the conversation >> St Louis Post-Dispatch

Last Sunday, we challenged our region to have the serious discussion on race that it has been avoiding for decades. Such difficult discussions are made more challenging when, just to present a thoughtful point of view, you have to endure vile and racist comments, shouting and personal attacks.

If you’ve watched many of the talking heads on cable television try to discuss the killings of Michael Brown and Eric Garner, you know what we’re talking about. Unfortunately, sometimes comments on newspaper stories and columns have a similar effect.

In fact, it has a name: “The nasty effect.”

That’s what University of Wisconsin-Madison researchers Dominique Brossard and Dietram Scheufele dubbed the negative effect certain comments can have on a reader’s understanding.

Comments on general news sites are a waste of the readers’ (and arguably writers’) time. I wonder how much further this trend will go.


Apple trial continues, without a plaintiff for now >> Associated Press

U.S. District Judge Yvonne Gonzalez Rogers scolded Marianna Rosen and her attorneys on Monday for not providing more complete information about the iPods Rosen had purchased. That came after Apple lawyers successfully argued that the devices purchased by Rosen were not among those affected by the lawsuit.

But the judge also rejected Apple’s argument that the case should be dismissed because it’s too late to name a new plaintiff. She ordered the attorneys suing Apple to identify a new person, by Tuesday, who can serve as a lead plaintiff.

Both sides estimate about 8 million people bought iPods that are potentially affected by the lawsuit, which focuses on Apple’s use of restrictive software that prevented iPods from playing music purchased from competitors of Apple’s iTunes store. The plaintiffs say that amounted to unfair competition and that Apple was able to sell iPods at inflated prices because the software froze makers of competing devices out of the market.

Apple is carving out entirely new areas of law. There was the antitrust case where it had the minority share (in ebooks), and now a class action (also with antitrust implications) where none of the plaintiffs shows up. Presumably a suitable plaintiff will have to show that they bought music from Real and that it was deleted… but that they then couldn’t reload it or play it on any device, or only on the iPods? Did Apple explicitly promise that they would be able to buy music bought from anywhere on it? (I don’t think so.) The limits of this case aren’t clear.


Robots, not humans, fake 23% of web video ad views, study finds >> Bloomberg

Computers being remotely operated by hackers account for almost one in four views of digital video ads worldwide, according to a study that estimates such fraud will cost advertisers $6.3bn next year.

The fake views, which also account for 11% of other display ads, often take place in the middle of the night when the owners of the hijacked computers are asleep.

The result is retailers, automakers and other companies paying for web advertisements that are never seen by humans, or are seen by fewer people than they are paying for, according to the report released today by the Association of National Advertisers, whose members include Wal-Mart Stores, Ford Motor Co. and Wendy’s.

“We’re being robbed,” said Bob Liodice, president and chief executive officer of the New York-based association, which has 640 members that spend more than $250bn a year in advertising. “This isn’t about system inefficiencies or process sloppiness. This is about criminal activity.”

Between this and Google’s announcement that half of all online ads aren’t actually viewed, a lot of the basis for the online advertising business begins to look a bit shaky.


China’s polluted soil is tainting the country’s food supply >> Businessweek

A new study from the China National Environmental Monitoring Center examines the results of nearly 5,000 soil samples from vegetable plots across China. Roughly a quarter of the sampled areas were polluted. The most common problem is high soil concentrations of heavy metals—such as cadmium, lead, and zinc—which leach out from open mines and industrial sites and into surrounding farmland.

Plants grown in tainted soil can absorb heavy metals. People who ingest high levels of heavy metals over an extended time can develop organ damage and weakened bones, among other medical conditions.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.