WikiLeaks to Publish Data Obtained by Anonymous from Stratfor

In the past period, a number of 25 media outlets worldwide analyzed the gigabytes of data obtained by WikiLeaks from Stratfor, allegedly with the aid of Anonymous hackers. Now WikiLeaks plans on publishing all the data online under the name of The Global Intelligence Files.

According to a press release from WikiLeaks, the 5 million emails they possess date from 2004 until late December 2011, when the breach that affected the think tank took place.

“They reveal the inner workings of a company that fronts as an intelligence publisher, but provides confidential intelligence services to large corporations, such as Bhopal's Dow Chemical Co., Lockheed Martin, Northrop Grumman, Raytheon and government agencies, including the US Department of Homeland Security, the US Marines and the US Defense Intelligence Agency,” the document reads.

The files that are about to be leaked reportedly contain information about Stratfor’s informants, structure, payment-laundering techniques, but also some things related to the US government and its attacks against WikiLeaks founder Julian Assange.

“The material shows how a private intelligence agency works, and how they target individuals for their corporate and government clients. For example, Stratfor monitored and analysed the online activities of Bhopal activists, including the ‘Yes Men’, for the US chemical giant Dow Chemical,” WikiLeaks continues.

Since they’re accused of many things, including secret deals with media organizations and journalists from Reuters, Keiv Post and others, Stratfor issued a quick response regarding these claims.

First of all, Stratfor informs subscribers and friends that the data is not part of another breach, instead it's a result of the hacking operation that targeted the company at the end of 2011.

“Some of the emails may be forged or altered to include inaccuracies; some may be authentic. We will not validate either. Nor will we explain the thinking that went into them. Having had our property stolen, we will not be victimized twice by submitting to questioning about them,” Stratfor representatives wrote.

They also let everyone know that they’re not a government-affiliated organization, naming the actions performed by WikiLeaks as a “deplorable breach of privacy.”

Read More

Skype for Windows Phone Beta Now Available

Undoubtedly, Skype was one of the most anticipated applications for the Windows Phone devices, with all of its VoIP and video calling capabilities.

Today, the application is available for download in beta, but it is expected to become available in gold sometime in April.

Those who would like to test drive Skype for Windows Phone can now head over to the Windows Phone Marketplace (Zune link), or to this page on Softpedia to download the beta release.

“Skype for Windows Phone Beta supports the most important Skype features you've come to know and love,” Skype’s Rick Osterloh notes in a blog post.

“And you will be especially thrilled by the clean and simple Skype experience that the Metro user interface delivers on your Windows Phone. It has never before been so easy to connect with the people you care about most.”

The Skype for Windows Phone Beta provides users with the possibility to make free audio and video calls to any Skype contact over 3G and 4G or WiFi.

The app also offers users the possibility to “make affordable calls to landlines and mobiles using Skype Credit, create and hold one-to-one and group chats, and update your profile and account information, among others features.”

Skype recommends the use of WiFi connections to ensure that the quality of the call is high. Skype-to-Skype calling on Windows Phone is compatible with Skype for Windows 4.2 and above, Skype for Mac OS X 2.8 and above, Skype for Linux, Skype for iOS 3.0 and above, Skype for Android 2.0 and above, and Skype running on TVs.

According to Microsoft, Skype for Windows Phone will soon get a taste of other enhancements as well. “We see incredible potential to include Skype capabilities in Windows Phone in order to enable a great experience for you,” the said blog post explains.

The application is compatible with all smartphones running Windows Phone 7.5. Microsoft notes that it can deliver great performance capabilities on Nokia Lumia 710, Nokia Lumia 800, HTC Titan, HTC Radar, Samsung Focus S and Samsung Focus Flash.

Download SKYPE for Window Beta

Read More

Security Firewall to Protect Indian Government Sites from Hackers

The government of the Indian state of Andhra Pradesh wants to ensure that hackers will have a hard time breaching their official websites and it's determined to implement a “security firewall” to protect them.

Khaleej Times reports that on February 17, just before the annual state budget was presented, hackers illegally accessed 21 government sites, administrators struggling for a week to restore 15 of the affected domains, the remaining 6 still being investigated.

Officials say that they’re aware of the fact that the hackers have no intent of causing damage to the data stored on their servers. The hacktivist simply added some extra webpages that hosted their protest messages.

Even though there were no financial losses recorded and the government determined that the hackers only wanted to demonstrate their skills, they’re preparing some security measures that will prevent future incidents.

Authorities decided to perform periodic security audits, create walls to secure web applications, and monitor traffic with the purpose of locating the origin of potential attacks.

A committee was formed by members of the state's Information Technology and Communications department, Nasscom, the National Informatics Centre, Data Centre Operator (Wipro) and experts from Cyber Security Works.

A draft will be made available by March 10 for all the stakeholders, allowing them to provide feedback regarding the implementation of the new policies.

Wipro was already contracted to monitor Internet traffic for unusual activities in order to predict and mitigate attacks before they can cause any damage.

With the large number of attacks that have taken place worldwide against government-owned websites, it shouldn’t surprise anyone that measures are taken. Most likely, other Indian states and other countries will follow the example set by the Andhra Pradesh government, if they haven’t done so already.

Read More

Hackers Breach the Lebanese Ministry of Economy and Trade

Mad HackerZ Team, the Lebanese hackers that in the past week breached and defaced a large number of websites as part of what they call the electronic revolution, managed to leak data from the server on which the official site of Lebanon’s Ministry of Economy and Trade is hosted.

The hackers not only leaked tons of data from the site, but they also defaced it to post their protest messages.

“And Now Sorry For Owner Website But We Have To Send Our Messege. I Repeat: Our revolution is peaceful. Our goal: Deliver a message to the Lebanese people and Governors,” the hackers wrote.

The data dump includes usernames, email addresses, passwords (not in clear text), names and other private information belonging to the site’s customers.

Besides the site of the Ministry of Economy and Trade, the Mad HackerZ also breached the Lebanese White Pages, publishing usernames and password hashes, including the ones of the site’s administrators.

Read More

1,000 Apps Downloaded Every Two Seconds on Apple's App Store

Considering that Apple’s countdown timer reflects reality, and there’s no reason why it shouldn’t, the Apple App Store is currently serving 1,000 applications every two seconds, worldwide.

As you just read through the headline and the first paragraph of this news entry, Apple served roughly 6,000 applications to iDevice users across the globe.

Put that into perspective and 25 billion downloads suddenly doesn’t seem such a huge milestone to reach. Though it’s still a pretty big number.

To celebrate the feat, Apple recently announced a contest to give away a $10,000 iTunes Gift Card to whomever downloads the 25 billionth app.

“As of today, nearly 25 billion apps have been downloaded worldwide,” Apple states on its iTunes contest page. “Which is almost as amazing as the apps themselves. So we want to say thanks. Download the 25 billionth app, and you could win a US$10,000 App Store Gift Card. Just visit the App Store and download your best app yet.”

The promotion is open only to entrants who are at least the minimum age required by law in their country.

Users need to be located in a participating App Store country. Entrants under the age of majority in their jurisdiction must obtain a parent’s or legal guardian’s consent before signing up for the contest.

One winner will receive a single $10,000 App Store Gift Card. The card will be redeemable in the iTunes Store, App Store, and iBookstore, as available in the country in which the winner is located.

The winner will be listed online at http://www.apple.com/itunes/25-billion-app-countdown within approximately ten days following the end of the Promotion period, and will have to agree to allow Apple to use his / her name, photograph, likeness, voice, prize information, and biographical information for publicity and promotional purposes.

Read More

Hackers Say Google Is Vulnerable to Cookie Phishing Attacks

Hackers from team BlitzSec discovered vulnerabilities in the search engines Ask and Google, but also in Ask’s toolbar webpage.

The danger levels for all three security holes are estimated as being high by the grey hats.

More specifically, the cross-site scripting (XSS) flaw found in us.ask.com can be utilized by cybercriminals to perform “cookie catching.” A similar vulnerability located on the toolbar.ask.com domain can be utilized basically in the same way.

Finally, the weakness found on Google.com, the world’s most popular search engine, allows ill-purposed hackers to launch “cookie phishing attacks.”

While security holes found in Google may be rare, in the past period security experts identified a number of issues in its competitor, Ask.com. TeamHav0k found an XSS problem in the maps section of Ask which could allow for XSS Tunneling and other malicious operations.

Read More

Security Expert Finds XSS on Official Red Hat Site

An independent security researcher, Shadab Siddiqui, identified a cross-site scripting vulnerability on a subdomain of Redhat.com, the official Red Hat site.

The expert, who possesses several global certifications such as CEH and ECSA, contacted the site’s representatives to inform them on the presence of the security holes.

“I was going through Redhat website I found XSS vulnerability though I have informed the website administrator of the website but I want to show even the best companies are not secured,” Siddiqui told us.

He even provided a couple of screenshots to reveal how he was able to load any other website within the apac subdomain on the Red Hat site. He also demonstrated how the managed to gain access to the site’s cookies.

In the past period, grey hats and security experts identified a large number of XSS weaknesses on many commercial websites. The operations are purposed to show that even though these types of flaws are highly common, they shouldn’t exist at all because they pose major risks to the site’s customers.

Read More

iPhone 5 May Launch Waterproof This Fall

HzO’s director of marketing & sales Rick Peterson has revealed at MWC 2012 that the company has agreements with several other companies to make their upcoming smartphones waterproof. Apple is most likely one of them.

When asked if they were working with Apple on waterproofing future devices, Peterson told Cult of Mac, “We have agreements in place with all of our partners preventing us from talking about upcoming devices.”

Peterson indirectly confirmed that the iPad 3 cannot possibly benefit from the technology, even if Apple had a deal signed with HzO, simply because “it takes at least six months or more from signing a deal with a partner to the release of a device using our technology.”

Peterson added, “No one was even talking about this technology six months ago, so it’s going to take a while for the first phones shipping with HzO to reach market. We hope to see some of them announced this week at Mobile World Congress, and some of these will be shipping later in the year.”

Both HzO and Liquipel at present at the Mobile World Congress in Barcelona showing off their superhydrophobic technologies that allow virtually any gizmo to be submerged and not get its electronics wet.

Of course, with design variations come different scenarios where some devices are more prone to getting wet than others. But the stuff seems to make wonders for media players like Apple’s iPods, and smartphones like the iPhone 4 and iPhone 4S.

Apple is likely to refresh its iPhone lineup this year, either in summer at the company’s annual Worldwide Developers Conference, or in fall, like the iPhone before it.

According to a “reliable” Asian source talking to Japanese blog Macotakara last week, “[the] next iPhone will be released in September or October.” Apple is reportedly planning to stick to an autumn refresh for every new iPhone starting with the iPhone 4S.

Read More

iPad 3 Tablets Loaded on Planes - Photo

An intriguing image reportedly stemming from the WeiPhone (Chinese) forums is said to reveal Foxconn loading iPad 3 pallets onto a jet on its way to the United States, with scheduled stops in ORD Chicago, JFK New York, and LAX Los Angeles.

The image uploader reportedly said iPad 3 shipments were already on their way to America as the post had gone live.

A Google-translation from the Weibo and WeiPhone forum posts is provided by 9to5mac:

“Friends broke the news: Chengdu International Airport at major international cargo charter flights, cargo owners demanding security, from CTU takeoff by stop PVG Shanghai, and then directly to ORD Chicago, the JFK New York, LAX in Los Angeles, March 9, completed before transport. According to the privately disclosed the Chengdu F production for the U.S. A company’s latest products… Received friends inside information, Chengdu International Airport night cargo charter flights, said the owner of the security demanding, and in private that the Chengdu Fu X Kang new products. Takes note of the location of the United States (ORD Chicago, JFK New York, LAX in Los Angeles).”

The blog further includes a translation from a Chinese speaking reader who reportedly said, “Our company started undertake a load of top-secured cargo. The owner has extreme requirements for the security. In order to prevent the cargo from being dragged on the airport ramp for too long, as well as shortening the time the cargo stay on the airport ramp, we hereby require XXXX to schedule all the XXX cargo planes from Feb. 26 to Mar. 9. to XXX slot.”

Apple is widely expected to unveil its next generation of iPad computers at an event scheduled for March 7 at the Yerba Buena Center for the Arts in San Francisco, California.

Read More

TeamViewer 7.0.12799 Released

A new TeamViewer emerged over the weekend, bringing to the table a handful of improvements designed to extend the functionality of the application.

The highlights of version 7.0.12799 include enhanced chat behavior as well as better compatibility with Mac OS and improved reliability on UDP connections. Apart from this, the new release allows you to save the chat history and fixes various display and text errors.

The developer also announces that the current revision improves VoIP quality and connection speed on low quality connections.

Updating to the latest release can be done by installing the new version over the old one. There should be no problems and you do not have to remove the old release. The revision log can be viewed on this page.

Download TeamViewer for Windows

Download TeamViewer for Mac

Download TeamViewer for Linux

Download TeamViewer for Mobile

Read More

XSS Flaw in Skype Shop May Allow Hackers to Steal User Accounts

Georgian security researcher Ucha Gobejishvili identified major cross-site scripting (XSS) vulnerabilities on the Skype Shop (shop.skype.com) website and in the Skype Application Programming Interface (API) site (api.skype.com).

The first site is the official Skype store where customers can purchase anything from headsets, phones, webcams, mobiles, and microphones.

According to a blog post on 1337 Blog, the expert’s personal site, the XSS flaw discovered on these sites could allow an attacker to hijack cookies if he manages to convince the potential victim to click on a specially designed link. If exploited successfully, a hacker could hijack the user’s session and even steal his/her account.

Given the large number of visitors this site has, the vulnerability can be catalogued as being a “high risk” issue.

The vulnerabilities have been reported to Skype and the company’s representatives redirected it to Microsoft’s Security Response Center (MSRC), which now handles certain problems found in Skype.

The API site is currently down, which may be an indication to the fact that the flaw affecting it may be addressed. We’ll return with an update as soon as more information is made available.

This is not the first security hole identified by Gobejishvili on a site owned by Microsoft. Earlier he found similar weaknesses on Microsoft MSN Solutions Center and Microsoft AdCenter Service

Other XSS vulnerabilities identified by the researcher and submitted to XSSed.com include one found on the official website of the Federal Emergency Management Agency (FEMA.gov), an organization governed by the U.S. Department of Homeland Security (DHS).

Another one was discovered on the site of the European Commission (ec.europa.eu). Even though the issues were reported about a week ago, so far none of these websites’ administrators patched them up, leaving them exposed to cybercriminal operations.

Read More

International Monetary Fund and Military Site Defaced by Anonymous

Anonymous Romania continues its campaign against the local government and international organizations which they blame of being corrupt. The latest victims are an official site of the International Monetary Fund and the website of the National Association of Retired Military Personnel (ANCMRR).

The hackers told us that, after they breached the site of ANCMRR, they realized that an official website of Bucharest, Romania's capital city, was hosted on the same server. Much to the hackers’ surprise, it seems that the server ran a pirated edition of a Windows operating system, fact which they proved with a screenshot showing a “Windows Genuine Crack” hosted on one of the hard drive’s partitions.

The hacktivists identified around 8 gigabytes of information they consider to be “useful,” planning to publish it all online after they finish copying all of it to their own servers.

The website of the International Monetary Fund, the organization founded to “promote international monetary cooperation,” belongs to the Regional Office designated for Romania and Bulgaria. The hackers defaced the site’s main page and they say that they plan on leaking data from their servers.

Currently, the website of the International Monetary Fund has been restored, but the site of the Military Association still displays the image posted by the hackers.

Since we’ve last heard from them, Anonymous also breached the Romanian Commodities Exchange, site from which they also obtained tons of information they plan on making public in the upcoming days.

The site was also defaced, but its administrators rushed to restore it. However, the site still seems to display some errors which may indicate that the hackers still have access to it.

Last week, we’ve learned about Anonymous’ hacking spree in Romania, the online activists managing to breach and deface a large number of sites belonging to law enforcement and other government agencies.

Read More

Beware of "Click Speed" Tests on Facebook

It seems that scammers are not content with the fact that each Facebook customer that falls for their schemes only clicks on one Like button. Now, they’ve come up with a new way of tricking users into clicking on a large number of Likes without giving it much thought.

Bitdefender experts provide the details regarding a couple of such scams.

The first one starts with a classic “Who is Fake in Your Profile” post which promises to inform users if their Facebook friends are real or if they’re simply some fake profiles made by someone with the intent of duping them.

“Having friends that you’ve known since you were little :] Wtf! My 29 Friends are fake :( They make me fool by making fake ids :/ you can also find who is fake on your Profile by using This --> [LINK],” reads a variant of the shady message.

Once the link is clicked, the unsuspecting victim is taken to a page the promises to reveal fake profiles, but not before the user passes a "security test." The security test consists of 77 Like buttons that must be clicked in 60 seconds in order for it to be completed successfully.

Of course, this has nothing to do with a security test, instead the fraudsters dupe the Facebook member into blindly approving 77 pages that probably advertise more malicious schemes.

Another variant of this scheme simply dares Facebook customers to test their “click speed” to find out if they’re fast enough. While this may seem fun, in reality the little game is designed with the same purpose as the previous one and users may find themselves subscribed to a large number of pages that keep spamming them with shady advertisements and fake prizes.

This is why it’s important to treat even apparently harmless applications with caution, since you may never know what hides behind a simple Like button.

Read More

Saintis Perancis Memeluk Islam Setelah Mengkaji Mayat Ramses II

Mumia Ramesses II

Pada pertengahan tahun 1975, Presiden Perancis menawarkan kerajaan Mesir bantuan untuk meneliti, mempelajari dan menganalisis mumia Firaun, Ramasses II yang sangat terkenal.

Firaun yang dikatakan hidup di zaman Nabi Musa yang akhirnya mati tenggelam dalam Laut Merah ketika mengejar Musa dan para pengikut baginda yang melarikan diri daripada kekejamannya.

Mesir menyambut baik tawaran itu dan membenarkan mumia itu diterbangkan ke Paris. Malah ketika sampai di sana kedatangan mumia itu disambut dengan pesta dan majlis keramaian. Ini termasuklah apabila Mitterand dan para pemimpin Perancis yang lain tunduk hormat ketika mumia itu dibawa lalu di hadapan mereka.

Mumia itu kemudiannya diletakkan di ruang khas di Pusat Arkeologi Perancis. Di situ ia bakal diperiksa sekali gus membongkar rahsianya oleh para pakar, doktor bedah dan autopsi Perancis yang dipimpin oleh doktor yang sangat terkenal, Prof. Dr. Maurice Bucaille.

Prof. Dr. Maurice Bucaille

Bucaille adalah seorang pakar bedah kenamaan Perancis yang dilahirkan di Pont-L’Eveque pada 19 Julai 1920. Memulakan kerjaya di bidang perubatan am dan pada tahun 1945 beliau diiktiraf sebagai pakar di bidang gastroentorologi.

Ramai kerabat diraja dan keluarga pemimpin dunia menggunakan khidmat Dr. Bucaille, termasuk Raja Faisal Arab Saudi dan pemimpin Mesir, Anwar Sadat.

Kesempatan untuk membedah dan menyiasat mumia Firaun ini di manfaat sepenuhnya oleh Bucaille. Beliau mengerah seluruh tenaga dan pengalamannya untuk membongkar misteri di sebalik kematian raja Mesir kuno itu.

Hasilnya sangat mengejutkan. Dr. Bucaille menjumpai sisa-sisa garam yang masih melekat pada jasad mumia tersebut sebagai bukti terbesar bahawa Firaun mati akibat tenggelam di dalam laut. Iaitu jasadnya segera dikeluarkan dari laut, ‘dirawat’ segera dan dijadikan mumia supaya jasad itu tidak buruk.

Namun penemuan itu menimbulkan persoalan yang sangat besar kepada Dr. Bucaille.

Bagaimana jasad tersebut masih dalam keadaan sangat baik berbanding jasad-jasad yang lazimnya tenggelam dan dikeluarkan daripada laut?

Beliau menyiapkan sebuah laporan akhir yang dipercayainya sebagai penemuan baru, iaitu proses menyelamatkan mayat Firaun dari laut dan kaedah pengawetannya.

Laporan tersebut diterbitkan dengan tajuk; Mumia Firaun: Sebuah Penelitian Perubatan Moden (tajuk asalnya; Les Momies Des Pharaons Et La Midecine) . Ekoran penerbitan laporan itu, Dr Bucaille dianugerah penghargaan tertinggi kerajaan iaitu Le Prix Diane Potier-Boes (Penghargaan Dalam Sejarah) oleh Academie Frantaise dan anugerah Prix General daripada Academie Nationale De Medicine, Perancis.

Kisah Firaun Di Dalam Al-Quran

Namun seorang rakan sempat membisikkan kepada Dr. Bucaille bahawa penemuan ini sebenarnya bukan sesuatu yang baru.

“Jangan panik kerana sesungguhnya umat Islam telah mengetahui tentang peristiwa Firaun yang mati lemas dan mayatnya dipelihara sehingga ke hari ini!”

Namun kata-kata itu ditentang keras oleh Dr. Bucaille kerana beliau menganggap sangat mustahil. Baginya membongkar sesebuah misteri yang berlaku lama dahulu tidak mungkin dapat diketahui kecuali dengan perkembangan teknologi moden, peralatan dan makmal canggih.

Hakikatnya Dr. Bucaille menjadi serba salah dan bingung apabila diberitahu bahawa al-Quran yang diyakini dan dipercayai oleh umat Islam telahpun meriwayatkan kisah tenggelamnya Firaun dan kemudian mayatnya diselamatkan.

Beliau tertanya-tanya, bagaimana perkara seperti itu dapat diterima oleh akal kerana mumia itu baru sahaja ditemui sekitar tahun 1898. Sedangkan al-Quran telah ada di tangan umat Islam sejak 1400 tahun yang lalu.

Sambil mata tidak terlepas dari memandang mumia Firauan yang terbujur di hadapannya, Dr. Bucaille terus tertanya-tanya bagaimana al-Quran dapat menyatakan kisah Firaun yang jasadnya diselamatkan dari hancur sejak ribuan tahun lalu.

“Adakah masuk akal ,di hadapanku ini adalah Firaun yang cuba menangkap Musa? Apakah masuk akal Muhammad mengetahui hal sejarah ini? Pada hal kejadian Musa dikejar Firaun telah berlaku sebelum al-Quran diturunkan,” kata hatinya sendirian.

Beliau mendapatkan kitab Injil yang di dalamnya hanya menyatakan Firaun tenggelam di tengah laut saat mengejar Nabi Musa tetapi tidak diceritakan mengenai mayat Firaun.

Sementara dalam Kitab Perjanjian Lama (Injil Lama) pula yang diceritakan dalam kitab itu hanyalah:

“Air (laut) pun kembali seperti sebuah lautan yang berombak dan beralun, menenggelamkan kereta-kereta (chariot) kuda, pasukan berkuda dan seluruh bala tentera Firaun tanpa ada seorang pun yang berjaya menyelamatkan diri. Tetapi anak-anak Israel dapat menyelamatkan diri atas daratan kering di tengah-tengah laut itu”.

(Exodus 14:28 dan Psalm 136:15)

Penemuan Roda Kereta Firaun di dasar Laut Merah

Dr. Bucaille sangat terkejut kerana tidak ada disebut langsung mengenai apa yang terjadi seterusnya kepada mayat Firaun selepas tenggelam. Ini menjadikan beliau semakin kebingungan.

Apabila mumia dikembalikan semula ke Mesir, Dr. Bucaille terus mendapatkan kepastian mengenai mumia itu. Lalu beliau memutuskan untuk bertemu dengan para ilmuwan Islam mengenai sejarah Nabi Musa, kekejaman Firaun sehinggalah Bani Israel meninggalkan Mesir dan dikejar Firaun dengan seluruh bala tentera di belakang mereka.

Maka salah seorang mereka terus bangun dan membaca ayat al-Quran berhubung sejarah tersebut untuk Dr. Bucaille mendengarkannya sendiri:

“Maka pada hari ini Kami selamatkan badan kamu supaya kamu dapat menjadi pelajaran bagi orang-orang yang datang sesudah kamu dan sesungguhnya kebanyakan manusia lengah dari tanda-tanda kekuasaan Kami.”

(Yunus: 92)

Apabila mendengar ayat ini, hati Dr. Bucaille benar-benar tersentuh. Beliau akhirnya mengakui kebenaran ayat itu kerana ia dapat diterima akal dan memberikan satu inspirasi serta dorongan kepada sains untuk maju meneroka lebih jauh lagi.

Lalu dengan hati yang begitu sebak dan keharuan, beliau pun bangun dan dengan suara yang lantang berkata: “Sesungguhnya aku masuk Islam dan beriman dengan al-Quran ini.”

Tidak sekadar beliau mengakui kebenaran dan memeluk Islam tetapi beliau kemudiannya pulang ke Perancis dengan mengkaji seluruh isi al-Quran.

Akhirnya beliau berjaya menerbitkan buku yang sangat mengejutkan seluruh dunia dan sehingga kini telah diterjemahkan dalam pelbagai bahasa pada tahun 1976, iaitu The Bible, the Qur’an, and Science : The Holy Scriptures Examined in the Light of Modern Knowledge.

Melalui buku ini, Dr. Bucaille yang kemudiannya dikenali sebagai Dr. Yahya Maurice Bucaille berjaya membuktikan bahawa al-Quran adalah selari dengan fakta-fakta sains sementara kitab Injil adalah sebaliknya.

“Sains dan Islam umpama saudara kembar yang tidak boleh berpisah. Ini kerana dalam Injil terdapat pelbagai kesilapan dari aspek saintifik tetapi tiada sedikitpun kesilapan seperti itu ada dalam al-Quran.

“Al-Quran yang di dalamnya diceritakan segala penjelasan mengenai fenomena alam semula jadi yang sangat bertepatan dengan sains moden,” katanya.

Beliau memberikan kesimpulan bahawa tidak syak lagi al-Quran benar-benar kalam Allah.

Credit goes to : Page gmbar2 lwk dan video gempak

Read More

Student Facebook hacker gets eight months

A software development student in the U.K. who hacked into Facebook via an employee's account is jailed after being found guilty of stealing intellectual property.

It's normally parents who tell you they're doing something unpleasant for your own good.

However, this was also the explanation offered by 26-year-old Glenn Mangham, who was yesterday given eight months of incarceration for hacking into Facebook's inner sanctum.

The Guardian records Mangham's words to the court: "It was to identify vulnerabilities in the system so I could compile a report that I could then bundle over to Facebook and show them what was wrong with their system."

I know there are at least 14 altruistic people in the world. This court, though, seems to have decided that Mangham, a software development student, wasn't one of them.

Indeed, the proceedings dwelled a little on what might have been his motivation for using a Facebook employee's account to burrow into the company's secrets.

Mangham's lawyer suggested that his client was really a sort of Harrison Ford or Nicolas Cage: "He saw this as a challenge. This is someone who in previous times would have thrown everything aside to seek the source of the Nile."

Oddly, even the judge decided that Mangham had not done this for financial gain, nor even to pass the information he had gleaned to dangerous entities like the KGB or Google.

And yet he was tossed into jail for eight months--principally, it seems, because he entered the systems of an important company.

The judge actually declared: "You accessed the very heart of the system of an international business of massive size, so this was not just fiddling about in the business records of some tiny business of no great importance."

Some might conclude, therefore, that British justice is rather more inclined to protect the 1 percent and their businesses, rather than the 99 percent.

Such a conclusion might cause certain upper lips to stiffen with anger, given this apparent indifference to justice for all.

Still, Mangham clearly knows a thing or two about Facebook. Perhaps, once his time inside is done, he might receive a lunch invitation or two--just to, you know, see if he can offer a little background.

Perhaps, at least, he might visit a bier keller with Austrian law student Max Schrems, who is enjoying a very noble and interesting battle to help people get information from Facebook--their own.

Read More

TeamHav0k Helps Songfacts Patch Up Website

Last week, members of TeamHav0k found a serious cross-site scripting (XSS) vulnerability in Songfacts, the popular site that offers music lovers tons of information on songs and artists ever since 1999. The hackers provided us with a proof-of-concept and we’ve forwarded the information to Songfacts, which quickly acted on securing the site.

TeamHav0k, the grey hat hacker collective that’s famous for finding a large number of vulnerabilities in websites that belong to NASA, Sony, Yale, Google, and government organizations worldwide, recently proved that they really want to lend a hand to site administrators when it comes to securing sites.

We’ve had the opportunity to intermediate the disclosure of the vulnerability to Songfacts, which acted responsibly to ensure that their customers would be safe while surfing the site.

“This is what we do, we are grey hat. Those who deserve to not be exploited are helped, but if it is a corrupt government or corporation, we’re taking a whole new ball game for them,” the hackers said.

The grey hats discovered that the search feature on Songfacts didn’t filter strings, allowing potential cybercriminals to launch malicious operations against the site’s customers.

“We took your alert seriously, and audited our code. The philosophy of our developer: We must always be cautious of the GET variables being delivered by the search form process,” Carl Wiser, a Songfacts representative, told us.

“Scrubbing user-supplied data prior to use is a must. Never trust user-supplied data, including that which is sent in the REQUEST_URI and any associated QUERY_STRING.”

After the site’s developer addressed the issue, TeamHav0k had another crack at it and concluded that the XSS vulnerability was no longer present. They also provided a great explanation on the dangers of XSS flaws, even if they’re non-persistent.

“Most people don't see XSS as a dangerous vulnerability unless it is a persistent one. Well, I would just like to inform those who think this: you are wrong,” the hackers said.

“If the attacker has the proper knowledge of XSS and has some Social Engineering skills he/she can then send a non-persistent pay-load to a victim which from there the attack can open up a backdoor on the victims computer taking complete control, total OS compromise.”

They explain that this can be accomplished simply by taking advantage of a few open-source tools.

“XSSF or Cross Site Scripting Framework can be utilized with MSF or Metasploit Framework in order to open up a meterpreter shell to the victim, as well as steal cookies among other nasty things.”

Grey hat hackers often say that they are forced to resort to data leaks and defacements to attract the attention of websites administrators on the existence of dangerous vulnerabilities, but this situation clearly proves that it doesn't always have to be so.

Even though this doesn’t necessarily mean that the website is now 100% secure, it proves that hackers can collaborate well with site admins, and it also shows that there are security conscious site owners that really do care for their customers’ wellbeing.

“The user experience is very important to us on Songfacts - no pop-ups, takeovers or other annoying forms of advertising. And while we spend lots of time interviewing songwriters and telling the stories behind the songs, we also must ensure that our readers are protected,” Wiser added.

“Security has gotten much more complex since we launched in 1999 using the Lasso data engine to display the song information from our Xserve (we did everything on Macs). Back then, the battle was getting pages to load on Netscape browsers connected to dial-up modems.”

We applaud the efforts of both TeamHav0k and Songfacts for showing that even though “security is just an illusion,” it can always be improved to make the Internet a safer place.

Read More

Weather.gov and NOAA.gov hacked

The official websites of the US National Weather Service (weather.gov) and the National Oceanic and Atmospheric Administration of the US Department of Commerce (noaa.gov) were breached by a hacker that goes by the name of Codeinsec.

The hacker didn’t provide any details regarding the purpose for which the sites were breached, but he leaked a sample of data obtained from the organizations’ servers. The Pastebin file published by the hacker contains server information and other data that proves he managed to gain access.

Codeinsec claims that he plans on breaching other similar sites in the near future.

In the past few weeks, a lot of US government websites were breached for apparently no reason, in many cases the attackers stating that the hack was a way of forcing site administrators to patch up the vulnerabilities in the sites.

Read More

Seven Hours of Sleep Are Enough for Teens

According to the conclusions of a new study conducted by investigators at the Brigham Young University, it would appear that 7 hours of sleep per night is the optimal duration for teenagers.

This finding runs contradictory to federally imposed sleep guidelines for this segment of the population, which calls for about 9 hours of sleep per night. The team says that it has data to support its new claims, PsychCentral reports.

The study was conducted on 16- to 18-year-olds. Experts analyzed their academic performances during a trial period, and determined that sleeping 7 hours each night can be directly correlated with increased average performances.

BYU experts are keen to point out that they are not advocating sleep deprivation in any way. They are just saying that 7 hours may represent just the right amount of sleep young adults should get at that age.

“We’re not talking about sleep deprivation. The data simply says that seven hours is optimal at that age,” BYU researcher Eric Eide says. The expert, who is also the author of the new study, says that the findings do not extend to other age ranges.

Together with BYU economics professor Mark Showalter, Eide conducted the new work as the first in a larger series of investigations designed to explain how sleep patterns and duration affect people's health and education.

The team says that current methodologies being used to assess how much people should sleep entail placing test subjects in a room, then asking them to sleep until they are satisfied. But Showalter says that something is wrong with this approach, drawing a parallel to food studies.

“If you used that same approach for a guideline on how much people should eat, you would put them in a well-stocked pantry and just watch how much they ate until they felt satisfied,” he explains.

In the research paper, which appears in the latest issue of the Eastern Economics Journal, the team argues that 10-year-olds should sleep for 9 – 9.5 hours, 12-year-olds for about 8 – 8.5 hours and 16+-year-olds for 7 hours. The team studied data from 1,724 primary and secondary school students.

“From the other end, if a kid is only getting 5.5 hours of sleep a night because he’s overscheduled, he would perform better if he got 90 minutes more each night,” Showalter concludes.

Read More

Anonymous Hacks Turkey’s Telecoms Authority

Turkey’s Information Technologies and Communications Authority was breached by Anonymous hackers as part of Operation Digiturk. The operation was launched after the one of the country’s satellite television providers, Digiturk, blocked a couple of blogs that were hosting copyrighted materials.

According to hackt1v1sm, Anonymous revealed their plans to retaliate against the company’s actions a few days ago after Digiturk’s CEO came forward with a statement, naming Google and YouTube as being the one responsible for the blockades.

“The websites like Google and Youtube are illegally broadcasting football matches. We have complained to Google and Youtube, but we never got answers from them. We decided to go to court. Because Google never answered to us the court decided to block the IP address. Google has to deal things like that. You cannot broadcast football matches,” said Ertan Ozerdem, CEO of Digiturk.

Digiturk even had the video announcement posted by Anonymous removed from YouTube, claiming it represented copyright infringing material.

LegionNet reports that tons of data was leaked from the country’s telecoms authority as a form of protest. User accounts, admin accounts, client listings and other private information was made available by the hackers.

“It is time to fight for free internet while dominations are getting consistent. Digiturk, who is responsible for blocking blogger.com and inci.sozlukspot.com, is terrorizing the internet. The victims were not warned and did not even have the right of defence. Censorship is a human rights violation,” the hackers wrote.

Anonymous hackers have been highly active lately in countries such as Egypt, Brazil, Israel and Syria. Unlike the situation in Turkey, where their operation was launched to fight censorship, in these countries they acted in support of the country’s citizens and against the governments they consider to be corrupt and violent.

Read More

Number of mobile devices to hit 8 billion by 2016, Cisco says

If there was any doubt the world is going mobile, it should be tossed out the window today.

In Cisco's Visual Networking Index Global Mobile Data Traffic Forecast, which was released today, the company claims that by 2016, there will be over 8 billion handheld or "personal mobile-ready" devices operating globally. In addition, nearly 2 billion "machine-to-machine" connections, including GPS systems and medical applications, will be in use.

All those devices will drive mobile data traffic up 18-fold, reaching 10.8 exabytes per month, or 130 exabytes a year, by 2016. To put that into perspective, 130 exabytes is equal to 33 billion DVDs, 4.3 quadrillion MP3 files, and 813 quadrillion text messages. This year, Cisco expects just 1.3 exabytes to be used each month.

Some of the world's top carriers are struggling to keep up with mobile data demands, and major companies, like Verizon and AT&T, have instituted tiered plans to ratchet back user consumption of mobile data. Still, if Cisco's forecast is to be believed, carriers will be forced to spend boatloads of cash in the coming years on improving infrastructure to handle the sheer amount of data that will cross their lines.

"By 2016, 60 percent of mobile users--3 billion people worldwide--will belong to the 'Gigabyte Club,' each generating more than one gigabyte of mobile data traffic per month," Cisco vice president of product and solutions marketing, Suraj Shetty, said in a statement. "By contrast, in 2011, only one-half percent of mobile users qualified. This impressive growth in mobile traffic will be driven by more powerful devices, notably smartphones and tablets, using faster networks, such as 4G and Wi-Fi, to access more applications, particularly data-intensive video."

By the end of this year, Cisco believes the average smartphone connection speed will hit 1.8 Mbps. By 2016, that figure could grow to 5.2Mbps, representing a 31 percent compound annual growth rate.

Cisco's forecast was based on analyst forecasts and real-world mobile data usage. The company also employed computing power, mobile broadband speeds, and its own estimates to help it arrive at certain figures.

In the past, Cisco's forecasts have been quite accurate. In last year's study, the company forecast mobile Internet traffic to grow 131 percent in 2011. Actual mobile Internet traffic growth on the year was 133 percent.

Read More

'Reverse smudge engineering' foils Android unlock security

Google's mobile operating system lets people unlock devices by swiping a particular pattern across a three-by-three grid of dots. But Android evangelist Tim Bray raised a concern about "reverse smudge engineering" to figure out the unlock pattern.

"A couple of colleagues had my original Galaxy Tab and needed to use it for something, but I wasn't there. They managed to figure out my pattern by looking at the fingerprints on the glass, and it only took them a few minutes," Bray said in a post yesterday.

I suspect it's probably not a huge problem for those of us who keep phones in a pocket that will swipe the screen. But I can't help but notice that my unpocketable Galaxy Tab 10.1 has a lot of fingerprints on it right now and that sometimes I can tell what game was being played on the family iPad by the smudges.

And it only took about five peanuts and 10 finger swipes to produce the photo above. (No, that's not my real swipe pattern, but yes, that is real dust and scratches.)

The blog post got me thinking about what I think is a worse problem for the pattern-unlock feature: it can be very visible. On my Nexus S phone, the feature is sluggish enough that I have to trace the dots slowly, and the red track my finger leaves is very visible. Performance is better on the Galaxy Nexus, but judging by how fast my son figured out my pattern, it's pretty easy for the human brain to recognize the pattern.

For that reason, I recommend pattern-swipers head over to Android's security settings and uncheck the default "make pattern visible" option.

Bray recommends people stop swiping altogether and concludes that the numeric code option is the best for him: "The PIN has the huge advantage that it uses a nice big fat numeric keypad, and I can type it in really, really fast; I could do it right in front of you five times in a row and you'd have no clue, I bet."

Ice Cream Sandwich adds another choice: face unlock. Some have reported being able to bypass this security mechanism with a photo, which certainly poses a security risk. But I can't recommend it for a different reason: it doesn't work well enough for me.

Maybe Ice Cream Sandwich discriminates against people with beards. Or maybe I use my phone in the dark too much where the image quality is low. Whatever the problem, the mechanism fails as often as not for me, and that's too often.

It'd be a lot more convenient, of course, if there we didn't have to worry about unlocking phones at all. But the reality is that a modern smartphone can grant access to your personal and work e-mail, your Twitter and Facebook accounts, whatever files you have stored sites like Google Docs and Dropbox, your contacts list, and your photo and video collection.

Realistically, somebody unscrupulous who gets your phone is most likely to wipe it, then sell it, rather than pry into your affairs. And encryption and remote-wipe software can reduce the perils of stolen phones.

No security is perfect, but at least use some kind of secure unlocking mechanism so your phone isn't wide open.

Read More

Guinness World Record for Facebook comments now 1 million

The record for the number of comments on a single Facebook item is 1,001,552. It is almost double the previous record and was set over the course of three months.

A new record has been set for the most comments on a single Facebook item: over 1 million responses. On October 30, 2011, Tracey Hodgson of the U.K. made a post on the Facebook Page for the Zynga freemium game FFG Pioneers. By January 31 (three months later), the post had accumulated 1,001,552 comments.

The comments kept coming, but 1,001,552 is the number that the Guinness World Records (GWR) approved, so that’s the new record. Curiously though, the post and its comments are no longer on the Facebook Page. Thankfully, GWR got a screenshot (pictured above).

The record was achieved by less than 107 Facebook users (that’s the number of Likes the Page had at the time the record was set). Even if every one of those users did participate, it means they each made an average of 9360 comments. The 1 million figure almost doubles the previous record set for a post by Roberto Esposito of Italy last year.

“I started to get into Frontierville after my daughter started playing it using my Facebook account,” Hodgson told GWR. “I began to play myself, and then got involved in helping with the game’s community groups as an administrator. My friend Nattie Murphy saw the previous record and suggested I try to break it - it sounded like a great idea for our group to show what we are capable of when we work together. We had over 107 help, but many left the record group because of the constant notifications, but there were a core group of four people including Nattie adding comments. It feels fantastic to have been able to break the world record for our community - while I don’t actually play Frontierville anymore, I’ve met some great people through playing it and love to be able to help them enjoy the game still.”

In other words, this wasn’t just an interesting or controversial post that got people talking: the goal was to break the record. Still, you have to appreciate the dedication, even if it the actual discussion wasn’t in any way valuable.

GWR organization currently recognizes seven records for Facebook use (you can apply at guinnessworldrecords.com/apply):

Most comments on a wall post (minimum: 5,000)

Most comments on a status update (minimum: 5,000)

Most comments on a picture (minimum: 5,000)

Largest group (minimum: 2,000,000)

Largest fan page (minimum: 2,000,000)

Most likes on a status update (minimum: 5,000)

Most likes on a picture (minimum: 5,000)

GWR has over 730,000 Likes on its Facebook Page.

Read More

Anonymous invites CIA, others to its weekend party

The loose-knit hacking collective, which last week scored a coup against the FBI, claimed yesterday to have taken down the CIA's Web site, in what appeared to be a Distributed Denial of Service attack (one of the group's specialties, such relatively unsophisticated attacks paralyze Web servers with waves of data requests).

The group also posted information it said was pilfered from police and government servers in Alabama, and, as blog RT reported, took down the Mexican Senate and Interior Ministry Web sites. It also said it had exposed e-mail addresses from the Mexican Mining Chamber, aka "Camimex."

Contacted by CNN last night, a CIA representative would say only, "We are aware of the problems accessing our Web site, and are working to resolve them." The site was back online Saturday.

In a Pastebin document posted Friday, Anonymous addressed the citizens of Alabama and said that "because of your police being lazy when it comes to data security," operatives for the group had managed to lift information on 46,000 Alabama residents, including their names, Social Security Numbers, dates of birth, criminal records, and license plate numbers.

The group said its efforts were in protest of Alabama's House Bill 56, controversial immigration legislation that became law in the state last year. But the individuals responsible for the Pastebin post seemed to be aware that Anonymous' past leaking of personal information may not always have served its reputation and causes very well.

The document included heavily censored information on 500 people and said all of the stolen data had ultimately been erased.

"Attached to this press release are redacted versions of a VERY SMALL amount of data that we have actually acquired,..." the post reads. "This release is only meant to show the Citizens of the state of Alabama the amount of incompetence that is taking place within the state government.... We mean no harm by releasing this redacted information. This data was not securely segregated from the Internet, nor was it properly encrypted."

Meanwhile, the Mexico-related attacks were in response to, on the one hand, alleged exploitative labor conditions and business practices at Camimex, and on the other, according to RT, a proposed law that some are calling the Mexican version of the Stop Online Piracy Act, the outcry-inducing antipiracy proposal that recently grabbed headlines in the U.S. The Mexican proposal, RT reported, would allow for fines of 1 million pesos (more than $100,000) against online pirates.

RT reported that Mexico's Interior Secretary, Alejandro Poire, said during a news conference that the Interior Minisry's Web site had been blocked for less than five minutes Friday morning, that no data was compromised, and that officials were investigating.

Anonymous embarrassed the FBI a week ago Friday by posting on YouTube a recording of a conference call between the bureau and U.K. law enforcement over Anonymous and other online activist groups.

The group makes a habit of targeting law enforcement and related agencies on Fridays. The same day as the FBI post, Anonymous claimed to have hacked into police sites in Texas, Boston, and Salt Lake City, as well as the site of defense lawyers for a U.S. Marine accused of leading a civilian massacre in Iraq. (This hacker chart lists much of Anonymous' activity since last year.)

Read More

Anonymous targets Oakland city officials

Oakland city officials, meet Anonymous.

In response to what it claims is a series of community-busting moves by the California city's leaders and police, such as Occupy Oakland-related arrests and crackdowns, budget cutting and school, park, and library closings unaccompanied by City Hall salary cuts, the hacktivist group today released a document containing personal data on a number of officials.

"Anonymous has been watching," the group wrote on Facebook. "Since the inception of Occupy Oakland, we have been actively monitoring your behavior and exposing the identities and sensitive information of Officers of the Oakland Police Department; as they have continued to act in an unprofessional and violent matter. You tear gassed us. You shot us with your weapons. You arrested us. You beat us. You also did this to our friends, and to our families. We watched as you cut budgets, cut our jobs, closed our schools, our parks, and our libraries, while leaving your own salaries alone."

Not long after, the group released the document containing the officials' private data.

According to the San Francisco Chronicle, Oakland's mayor seemingly dismissed Anonymous' move, saying most of the released information was already available online.

But the Chronicle also noted that among Oakland officials, one member of the city council did not have her information posted. "Thank you for your support," Anonymous wrote of Councilwoman Rebecca Kaplan, "and being a true leader in the community."

This is not the first time that Anonymous has targeted Bay Area officials. Last August, the group broke into the union site of the Bay Area Rapid Transit (BART) police department, which had been lambasted for its decision to shut down cell phone service in the subway system's tunnels in advance of a public protest. Anonymous then posted a database from the union site that made public the names, e-mail and home addresses, and passwords of department officials.

Read More

He Had Such Quiet Eyes

Elements of the Poem

Setting

Place : A quiet place where couples meet

Time : The present,a quiet evening

Social setting : Middle-class,young working people

Persona

• The persona is a third person observing the folly of a young woman who is easily taken in by pleasure-seeking guys.

Themes

• Deception
• Love/lust trap

Message

• Learn from your mistakes.
• Appearances can be deceptive.

Moral values

• Do not be fooled by outward appearances or 'sweet talk'.
• Never compromise your moral values and principles.
• Listen to your elders, advice.

Tone & Mood

• Sad, with a tinge of regret
• Didactic

Languange & Style

• 3 verses
• Rhyming end lines
• Literally devices : metaphor,personafication,rhymes,alliteration

The Poet: Bibsy Soenharjo

• An Indonesian poet, well-versed in Indonesian,English,French and Dutch.
• Her poems are characterized by rhymes, wit, verbal puns and alliteration.
• Her imagination draws the reader into a world of fantasy and surprises.
• Her sense of humour is engaging.

Overview of 'He Had Such Quiet Eyes'

• The poem deals with the issue of deception in society,especially in matters of the heart.
• The persona is observant and conveys a message about the need for caution and good judgement to avoid being deceived by others.

Meaning of Verses

Verse1

The poet observes the folly of a young woman.The persona highlights that the man had eyes which masked his true personality.She did not realize this as he gave her a pleading,sorrowful look and she was taken in.She believed his lies.

Verse 2

Now the young woman realizes the awful truth.The poet notes that if the young woman had listened to the advice given,she would never have given in, nor would she have so many questions and regrets afterwards.

Verse 3

Here the poet is didactic and advises the reader not to be deceived by appearances.A person's true character is revealed over time.Caution will benefit us especially when it involves feelings.

Read More

Hackers wanted $50,000 to keep Symantec source code private

Symantec told a hacker group that it would pay $50,000 to keep the source code for some of the its flagship security products off the Internet, the company confirmed to CNET yesterday evening.

An e-mail exchange revealing the extortion attempt posted to Pastebin (see below) today shows a purported Symantec employee named Sam Thomas negotiating payment with an individual named "Yamatough" to prevent the release of PCAnywhere and Norton Antivirus code. Yamatough is the Twitter identity of an individual or group that had previously threatened to release the source code for Norton Antivirus.

"We will pay you $50,000.00 USD total," Thomas said in an e-mail dated Thursday. "However, we need assurances that you are not going to release the code after payment. We will pay you $2,500 a month for the first three months. Payments start next week. After the first three months you have to convince us you have destroyed the code before we pay the balance. We are trusting you to keep your end of the bargain."

A Symantec representative confirmed for CNET the extortion attempt in this statement:

In January an individual claiming to be part of the 'Anonymous' group attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession. Symantec conducted an internal investigation into this incident and also contacted law enforcement given the attempted extortion and apparent theft of intellectual property. The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation. Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide.

However, after weeks of discussions regarding proof of code and how to transfer payment, talks broke down and the deal was never completed. A group called AnonymousIRC tweeted this evening that it would soon release the data. "#Symantec software source codes to be released soon. stay tuned folks!!! #Anonymous #AntiSec #CockCrashed #NortonAV."

Apparently after weeks of discussions, Yamatough's patience was wearing thin, leading to an ultimatum:

"If we dont hear from you in 30m we make an official announcement and put your code on sale at auction terms. We have many people who are willing to get your code. Dont f*** with us."

The exchange gets contentious at times, with Yamatough suggesting that Symantec was trying to track the source of the e-mails.

"If you are trying to trace with the ftp trick it's just worthless. If we detect any malevolent tracing action we cancel the deal. Is that clear? You've got the doc files and pathes [sic] to the files. what's the problem? Explain."

Another e-mail, with the subject line "say hi to FBI," accuses the company of being in contact with the federal law enforcement agency, a charge Thomas denied. "We are not in contact with the FBI," he wrote, falsely. "We are using this email account to protect our network from you. Protecting our company and property are our top priorities."

Yamatough demanded that Symantec transfer the money via Liberty Reserve, a payment processor based in San Jose, Costa Rica. But Thomas appears reluctant, calling it "more complicated than we expected." Thomas instead suggests using PayPal to transmit a $1,000 test as "a sign of good faith." Yamatough rejects that offer, saying, "Do not send us any money (we do not use paypal period) do not send us any 1k etc. We can wait till we agree on final amount."

Liberty Reserve did not immediately respond to a request for comment.

The posted thread ends with an exchange today with the subject line "10 minutes" that threatens to release the code immediately if Symantec doesn't agree to use the payment processor to transfer the funds.

"Since no code yet being released and our email communication wasnt also released we give you 10 minutes to decide which way you go after that two of your codes fly to the moon PCAnywhere and Norton Antivirus totaling 2350MB in size (rar) 10 minutes if no reply from you we consider it a START this time we've made mirrors so it will be hard for you to get rid of it."

Thomas' response, apparently the last of the discussion, is brief: "We can't make a decision in ten minutes. We need more time."

Symantec admitted in mid-January that a 2006 security breach of its networks led to the theft of the source code, backtracking on earlier statements that its network had not been hacked. The security software maker initially said a third party was responsible for the theft of 2006-era source code for Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks (Norton Utilities and Norton GoBack), and PCAnywhere.

Symantec said that most of it customers were not in any increased danger of cyberattacks as a result of the code's theft but that users of its remote-access suite PCAnywhere may face a "slightly increased security risk."

Symantec instructed its PCAnywhere users in late January to disable the product until the company could issue a software update to protect them against attacks that could result from the theft of the product's source code.

The theft came to light in early January when hackers claimed that they had accessed the source code for certain Symantec products, which Symantec identified as Symantec Endpoint Protection (SEP) 11.0 and Symantec Antivirus 10.2. Evidence suggested that hackers found the code after breaking into servers run by Indian military intelligence.

A hacker group calling itself Yama Tough and employing the mask of hacktivist group Anonymous in its Twitter avatar said in a tweet it would release 1.7GB of source code for Norton Antivirus, but the group said in a later tweet that that it had decided to delay the release.

The e-mail thread

Read More

Vulnerability in HTC Android Allows Hackers to Steal Wi-Fi Passwords

Researchers Chris Hessing and Bret Jordan found that an issue present in certain Android builds designed for HTC smartphones could expose 802.1X Wi-Fi credentials to applications that have basic Wi-Fi permissions.

Since Wi-Fi permissions are almost always related to Internet access permissions, a malicious application could easily obtain usernames, passwords and SSID data and send them to a remote server.

Among the affected devices, the experts name Desire HD, EVO 3D, EVO 4G, Sensation 4G, Droid Incredible, Glacier, and Thunderbolt 4G. Nexus One and myTouch3G are not affected.

The issue is represented by the fact that while viewing the settings with the .toString() member of the WifiConfiguration class, the resulting output doesn’t leave the passwords field blank, nor does it replace the password with “*” signs to show it is present.

Instead it displays the actual passwords in clear text, making it available for every application that knows where to look for it.

The vulnerability, catalogued as critical, was disclosed via email and telephone to HTC Global and Google on September 7, 2011. The same day other key government agencies and CERT were notified.

During the same month Google and HTC verified the exploit and maintained contact with the researchers and a few days ago HTC publicly disclosed the issue.

“Google and HTC have been very responsive and good to work with on this issue. Google has made changes to the Android code to help better protect the credential store and HTC has released updates for all currently supported phone and side-loads for all non-supported phone,” the researchers write.

Google also scanned the Android Market for applications that may exploit the vulnerability and found none.

HTC reports that the fix was automatically received through regular updates and upgrades by most phones, but some users need to deploy the update manually. The company advises users to check back on the website in the course of next week for further details.

Read More

Zynga-Powered Gaming Brings In 12 Percent of Facebook Revenue

Official information delivered by Facebook shows that during 2011 Zynga alone was responsible for the creation of 445 million dollars in revenue (337.5 million Euro), which represents about 12 percent of the more than 3.7 billion dollars (2.8 billion Euro) that Facebook reportedly generated.

A part of the money was directly paid by Zynga in order to create advertising on the Facebook site, some of it was generated by ads placed on the pages hosting the games, and another part was linked to the 30% cut that Facebook takes from virtual goods sale.

The Securities and Exchange Commission filing from Facebook, required for its Initial Public Offering, stated, “If the use of Zynga games on our Platform declines, if Zynga launches games on or migrates games to competing platforms, or if we fail to maintain good relations with Zynga, we may lose Zynga as a significant Platform developer and our financial results may be adversely affected.”

The success of social gaming developer and publisher Zynga has long been linked to the Facebook platform, but until now it was unclear how much the social network itself depended on gaming for its revenue streams.

Facebook has set a market value of about 100 billion dollars (75.9 billion Euro) in its IPO application, but that figure might see a re-evaluation in the coming months.

The date for the IPO has not been set.

Zynga and Facebook might be highly dependent on one another for their business model. However, the two companies had a tense relationship during the last couple of years, with the game developer at one point threatening to quit the social network and launch its own gaming site when the Facebook Credits system was introduced.

Analysts have recently raised doubts over the business model that Zynga uses, with one claiming that the company was spending more money attracting players to its games than it gets from them afterwards

Read More

Facebook Game Store Exposed to SQL Injection Attacks

Researchers from the Vulnerability Lab found an SQL Injection vulnerability in Facebook Game Store that could allow an attacker to remotely inject and execute SQL commands.

The application that contains the security hole is managed by a third party and it’s sponsored by the Facebook Game Store Development Team.

The high-severity flaw was disclosed to the vendor and the developer on February 2 and was disclosed publicly on February 4, but there is no indication if the issue has been addressed.

Vulnerabilities found on Facebook pages are rare, but considering the social network site’s large number of customers their existence could have serious consequences.

Lately, Vulnerability Lab experts have found a lot of security bugs in major websites, the most important ones being those identified in Kaspersky Anti-Virus and Internet Security 2012, Dusseldorf International Airport and a number of other high-profile sites such as Google, Forbes, Myspace, MTV and Ferrari.

Read More

Daily Mail Website Hacked and Defaced by TeaMp0isoN

OpCensorThis is continued by the members of TeaMp0isoN, their latest target being the popular online newspaper Daily Mail. The hacktivists defaced one of the site’s subdomains, accusing its representatives of being bias, among other things.

“For years you've poisoned the mainstream media with your sensationalist, ultranationalist nonsense, continuing to inject reader's minds with anti- immigration and borderline racist propaganda,” the hackers wrote on the defaced page.

“Your distorted bias on news is wrongly justified by patriotism and conservatism, though we see through your hateful slurs.”

The defaced recipes subdomain also displayed a YouTube video that featured Lyricist Jinn with the song he wrote specially for OpCensorThis some time ago.

At the time of writing the vulnerable subdomain redirects visitors to another site, probably while its administrators patch up the security holes.

Read More

Kupasan & kajian novel "PAPA... (akhirnya kau tewas jua!)"

Biodata Pengarang : Deana Yusof

1. Deana Yusof ialah nama pena bagi Norhaiza binti Yusof.
2. Beliau dilahirkan pada 3 Mac 1957 di Kepong,Selangor.
3. Deana memperoleh pendidikan awal di Sekolah Menengah Kampung Baru,Kuala Lumpur.
4. Tamat pendidikan menengah,Deana melanjutkan pelajaran di Universiti Teknologi MARA di Shah Alam,Selangor.
5. Beliau kini menjadi suri rumah tangga sepenuh masa dan menjadi penulis di Pekan Ilmu Publications.
6. Berpegang pada kepercayaan bahawa kualiti lebih penting daripada kuantiti,maka beliau kini akan menulis sebuah novel setahun.

Tema

1. Tema bermaksud sesuatu atau subjek yang menjadi dasar sesuatu penceritaan.
2. Tema dianggap sebagai perkara atau idea pokok yang menjadi keutamaan kepada persoalan-persoalan lain yang terdapat dalam mana-mana cerita.
3. Tema dalam novel PAPA... (akhirnya kau tewas jua!) ialah kasih sayang yang mendalam dalam ikatan kekeluargaan.
4. Ikatan kasih sayang itu lahir daripada hati yang suci dan ikhlas terhadap seseorang yang paling dicintai.
5. Ikatan itu adalah kunci kepada nikmat kebahagiaan dan keharmonian dalam kehidupan berkeluarga.
6. Sifat kasih sayang terpancar melalui watak Intan Julia,Jeffri dan Intan Maliana.Ketiga-tiga watak tersebut menunjukkan rasa saling menyayangi dan mengambil berat antara satu sama lain.

Persoalan

# Pengorbanan #

• Intan Maliana sanggup berkorban dengan mengandung buat kali kedua demi mengikut kehendak suaminya.Walhal,tindakannya itu mendatangkan risiko kepada dirinya.

• Jeffri sanggup mengorbankan masa,tenaga dan kepentingan peribadi demi menjaga isterinya yang koma selama lebih tiga tahun.

# Kesetiaan seorang suami terhadap isteri #

• Jeffri setia menemani isterinya yang koma selepas banyak kehilangan darah semasa melahirkan anak kedua mereka.
• Jeffri enggan berkahwin lagi walaupun didesak oleh Mak Cik Noraini.
• Jeffri membuat keputusan mengahwini Aisyah selepas bertahun-tahun hidup keseorangan.

# Masalah yang timbul akibat daripada kegagalan mengawal nafsu #

• Tindakan Muaz al-Khalibi menodai pengemas biliknya telah menyebabkan wanita itu mengandung.
• Muaz yang enggan bertanggungjawab telah menyebabkan pembantu rumah itu meninggalkan Rasylan di tepi longkang besar.
• Rasylan yang telah diambil sebagai anak angkat oleh Datuk Mustakim akhirnya berasa terpinggir selepas ibu bapa angkatnya beroleh zuriat sendiri.
  

# Ketabahan dan kesabaran menghadapi ujian daripada Tuhan #

• Ketabahan Jeffri berhadapan dengan ujian Tuhan apabila isterinya koma,manakala anak kembarnya meninggal dunia.
• Intan Maliana tabah menghadapi tekanan ketika mengandung anak kedua dan kemudiannya koma lebih tiga tahun.
• Ketabahan Mak Cik Noraini yang kehilangan suami dan anak-anaknya dalam suatu kemalangan jalan raya.

# Persahabatan tanpa mengira asal usul dan status sosial #

• Intan Julia berkawan rapat dengan Rasylan walaupun Rasylan anak luar nikah.
• Jeffri melarang Intan Julia berkawan rapat dengan Rasylan kerana asal usul keturunan Rasylan.
• Aisyah tidak berasa kekok bercampur gaul dengan Intan Julia walaupun keluarganya orang berada.

Read More