Wednesday, August 31, 2011

Facebook pays $40,000 to bug spotters

 @CNNMoneyTech August 30, 2011: 3:01 PM ET
NEW YORK (CNNMoney) -- Facebook wants you to try to hack into its site -- and if you succeed, it will pay you for the details.
Facebook said this week that that it has paid out more than $40,000 under its new "bug bounty" security initiative. Launched three weeks ago, Facebook's program invites security researchers -- both the professional kind and hacker hobbyists -- to send it the details of any Facebook vulnerabilities that they uncover. If the report checks out, Facebook will pay a finder's fee of at least $500.
"We've already paid a $5,000 bounty for one really good report," Facebook Chief Security Officer Joe Sullivan wrote in a blog post. "One person has already received more than $7,000 for six different issues flagged."It's willing to go higher for extra-impressive bug spotting.
Although the social networking has its own security team, Facebook launched its bug bounty program to tap into the collective wisdom of the site's 750 million users.
"We hire the best and brightest, and have implemented numerous protocols," Sullivan wrote. "We realize, though, that there are many talented and well-intentioned security experts around the world who don't work for Facebook."
Researchers from more than 16 countries have successfully submitted bounty bugs, Facebook said. Its public "thank you" list names dozens of contributors.
Facebook also took pains to assure bug-hunters that it won't take any legal action against those who submit bugs, even if they were uncovered through less-than-legal routes into Facebook's systems.
That's often how hackers find vulnerabilities, but even those without any ill intent -- so-called "white-hat hackers" -- can land in hot water with companies if they tell them about their intrusion.

Gilt Groupe hacks its own site
"We worked with several third-party groups to ensure that the language in our policy protects researchers and makes clear our intent to work with, not punish, those who report information," Sullivan wrote.
The Electronic Frontier Foundation, an advocacy group that often weighs in on Internet-related legal issues, is a fan of that approach.
"We hope to see others follow Facebook's lead and go even further," the EFF wrote last year about Facebook's security policy. "The more transparent companies are about their approaches to vulnerability disclosure -- and the more they encourage users to come forward -- the more often they will learn about problems that need to be fixed."  To top of page

Tuesday, August 30, 2011

Report: Young women are 'power users' of social media sites

Doug Gross

The percentage of adults who use social media continues to grow, and young women are leading the way, Pew says.
The percentage of adults who use social media continues to grow, and young women are leading the way, Pew says.
(CNN) -- People keep on flocking to sites like Facebook and Twitter, and young women are leading the way.
The percentage of Internet users who are on social-networking sites continues to climb, according to a survey released Friday by the Pew Internet & American Life Project.
In fact, it has doubled in the past three years, the report says, from about 29% in 2008 to 65% this year.
This year's Pew report also marks the first time that more than 50% of adults surveyed (Web users and nonusers) use social networking.
In February 2005, 5% of adults told Pew they used social media.
The report calls young adult women the "power users" of social-media sites.
About 89% of online women from 18-29 years old are on the sites and 69% of them say they tend to log onto social media every day.
Overall, 69% of women on the Web said they use social networking, compared to 60% of all men.
Pew said women have been "significantly more likely" to be on social sites than men since 2009.
Only search engines and e-mail remained more popular than social media among Web users, according to the survey
In one question, Pew asked people who have used social-networking to give a one-word description of their experiences.
The responses were overwhelmingly positive, the report said, with one-in-five being negative.
Among positive responses, the top five were: good, fun, great, interesting and convenient.
The most popular negative responses were: boring, confusing, frustrating, time-consuming and overwhelming.
We're particularly fond, however, of Pew's list of words that were only mentioned once in a survey of well over 2,000 people.
Our favorites? Hogwash, glitches, omnipresent and nosey.
The findings are from a phone survey of 2,277 adults conducted in English and Spanish between April 26 and May 22 . The margin of error among Internet users is +/-3.7 percentage points

Monday, August 29, 2011

Hurricane Irene Scam Hits Facebook

Hurricane Irene surely turned New York City to “city that never sleeps” as it brought flood waters, knocked out power to more than 4 million people and was even responsible for at least 15 deaths in six states.
What’s worse is that cybercriminals are taking advantage of the incident by spamming a fake video on Facebook.
The page, which contains the alarming title “VIDEO SHOCK – Hurricane Irene New York kills All” displays a clickable image of a fake video player on the page.

The text displayed in the succeeding pages is in Italian, which suggests that the attack specifically targets Italian users. Clicking the image of the video displays a prompt that says “Per Vedere il video devi prima condividere” which translates to “To see the video you must first share”, as well as two options that say “Share” and “See the video”.

Clicking “Share” displays the link to the Facebook on the user’s wall.

On the other hand, clicking “See the video” displays a list of deals that the user must register to, in order to view the video.

The said deals only lead to advertisement and affiliate program websites.
Such schemes in Facebook have been rampant in the past weeks, as we’ve seen such scams that lead to spam pages or surveys. We’ve seen these attacks use various social engineering lures, such as false news about the death of of singer Lady Gagatickets for the Twilight movie, Breaking Dawn, and invites for Google+.
Publish PostFor more information on threats found in social networks such as Facebook, check our report: Spam
, Scams and Other Social Media Threats, and our infograph, The Geography of Social Media Threats.

The 25 Best iPhone Apps

Apps make Apple's iPhone what it is. They are what transform these handy little devices from mobile phones to pocket PCs. While you can find an app for just about anything ("there's an app for that!" is not just clever marketing), plenty of apps aren't worth your time. Others are good—entertaining, usually, at the very least—and still others seem useful for only a day or two, until their novelty wears off. And some make you wonder how you ever functioned without them.
Over the years, the team at PCMag has looked at and reviewed countless iPhone apps. We’ve been bored with plenty and impressed with a few. The 25 apps that made the cut for this list are the ones that have shown outstanding performance, have been almost universally liked by users young and old, or have had a solid history of being among the first apps we'd recommend new users download. These apps appeal to just about everyone who owns an iPhone. Many of the apps listed here are free, a few cost a couple of dollars, and the priciest one on this list will only set you back about $10.
Missing from this list are apps that come pre-installed on the iPhone, although they are certainly not to be overlooked. The YouTube, Maps, Calendar, and Clocks apps in particular should not be ignored, while the iTunes, iPod, and App Store apps typically see a fair share of well-deserved usage, too.
If you're a long-time iPhone owner, some of these apps will probably look familiar. If you have more recommendations, post your suggestions in the comments—they may make it into a future update of this article.

Friday, August 26, 2011

Your cell phone is more likely to work in a hurricane than an earthquake

 @CNNMoneyTech August 26, 2011: 12:03 PM ET
A specialist at the National Hurricane Center in Miami looks over forecasts as Hurricane Irene approaches the East Coast.

NEW YORK (CNNMoney) -- In the battle of natural disasters affecting the East Coast this week, the powerful Hurricane Irene is less likely to disrupt cell phone service than Tuesday's relatively minor earthquake.
Cell service was extremely spotty from New England to Georgia on Tuesday following the 5.8-magnitude earthquake, as networks became saturated with mobile phone calls. That kind of mass calling event doesn't typically occur during a hurricane -- particularly a slow-moving one like Irene.
"In an earthquake, millions of people feel the same thing at once and all call their loved ones at the same time. Hurricanes don't have that effect," said Ken Rehbehn, principal analyst at Yankee Group.
Wireless infrastructure like switching stations and towers are designed to withstand winds from Category 5 hurricanes, the wireless carriers say. Irene is expected to be weakerthan that, though still quite strong by the time it hits the coast.

East Coast braces for Hurricane Irene

Experts caution that every storm has unique characteristics, and hurricanes can temporarily disrupt service. Cell towers are connected to the Internet, and the signal piggybacks on land line service in many areas. That means downed wires can sometimes impact wireless service.
But wireless carriers build redundancy into their networks, so weather-related service losses usually don't last too long.
"Cell phone companies have backup resources like cells on trucks," Rehbehn said. "When issues happen, they get those deployed pretty quickly."
Verizon Wireless spokesman Jeff Nelson said the nation's largest wireless provider uses alternative stand-by power sources to keep service uninterrupted.

n anticipation of the hurricane, AT&T conducted inspections of its electric generators and prepared portable generators for back-up. The company also readied its mobile cell sites and emergency vehicles for deployment.
No such preparations could be made in advance of an earthquake, of course, though the carriers' infrastructure is designed to withstand quakes of higher magnitude than the one that hit the East Coast this week.
Their infrastructure wasn't damaged, and none of it failed as a result of the quake, according to Verizon (VZFortune 500), AT&T (TFortune 500), Sprint (SFortune 500) and T-Mobile. The reason cell service went out was because of a bottlenecking factor: Like a highway that gets congested during rush hour, cellular infrastructure is not designed to handle the sudden traffic spike that occurs during emergency situations.
Congestion solution: More spectrum
Citing this week's earthquake as an example, the wireless industry is calling on the government to allocate more wireless spectrum.
"We need more lanes, or spectrum," said Steve Largent, president of the wireless industry association CTIA, in a blog post on Wednesday. "Otherwise, wireless consumers will experience a significant traffic jam. With more spectrum, we'd have more lanes that would allow more users."
The Federal Communications Commission has proposed auctioning off 500 MHz of spectrum to wireless companies. But the plan faces several hang-ups, including patches of local television broadcasters claiming rights to that spectrum.
As part of a bipartisan congressional proposal co-sponsored by Sens. Jay Rockefeller and Kay Bailey Hutchison, some of that spectrum would be auctioned off and a portion of the proceeds would be given to broadcasters as an incentive.
The pending bill also includes $12 billion and dedicated spectrum for the formation of a public emergency wireless network that would allow police and firefighters to communicate even when commercial wireless networks are overloaded.
Yet the bill is being held up as a possible bargaining chip in the looming debt ceiling super committee discussions.
Some politicians view the auction proposal as a way to increase government revenues without raising taxes. Some are proposing less funding for the emergency network -- which could impair its ability to get off the ground. To top of page