S2T4W8 Friday: New iPhone has a Little More Bling, The Cost of Illegal Downloading, iPhone makes it into The Guinness World Book, Trust No One, Microsoft Aquisitions

1.

Analyst: New iPhone to Have More Bling, But Not Much

By Daniel Ionescu, PCWorld    May 14, 2011 9:30 AM

More bling is expected from the next iteration of Apple's popular iPhone, but not the type that will stir a revolution.

That's the assessment in a recent research note by industry analyst Peter Misek of Jefferies & Co. that was picked up by several news organizations.

The proof is in the name. Misek said the name of the handset is expected to be the iPhone 4S, instead of iPhone 5.

Some of the incremental improvements, according to Misek, include Sprint and T-Mobile selling the device, better cameras from Sony and HSPA+ support. He expects Apple to put the A5 chip from the iPad 2 tablet into the new iPhone, giving it dual-core processing power.

The research note doesn't mention anything about NFC capabilities in the new iPhone, which were widely speculated earlier this year. Such short-range wireless connectivity allows data and images to easily be transmitted between two devices such as a cell phone and a computer by touching one to the other.

At least more carriers are set to have the new iPhone this year. That would mean Sprint and T-Mobile in the U.S. joining AT&T and Verizon. A look inside the Verizon iPhone revealed its radio chip could handle radio frequencies from all top four U.S. carriers.

But if you were keeping your hopes up for a 4G LTE iPhone though, Misek said Apple is not happy enough with the technology to include it in the new model expected in the next few months. Instead, it will feature HSPA+, which is what AT&T calls 4G. This could be explained by recent reviews of 4G Android phones, where abysmal battery life was noted--a trade-off Apple probably wants to avoid.

2.

LimeWire Agrees to Pay $105 Million to Record Labels

By Grant Gross, IDG News    May 13, 2011 10:50 pm

LimeWire has agreed to pay record labels US$105 million to settle a lawsuit alleging that the file-sharing service allowed its users to infringe copyright, the Recording Industry Association of America (RIAA) announced late Thursday.

Thirteen record labels, in a lawsuit filed in August 2006, alleged that LimeWire was "devoted essentially to the Internet piracy" of music. Judge Kimba Wood of the U.S. District Court for the Southern District of New York ordered LimeWire to stop distributing its peer-to-peer software in October of last year.

The out-of-court settlement came after a jury trial that focused on damages to be paid by LimeWire and CEO Mark Gorton began in New York last week.

"We are pleased to have reached a large monetary settlement following the court's finding both LimeWire and its founder Mark Gorton personally liable for copyright infringement," RIAA Chairman and CEO Mitch Bainwol said in a statement. "As the court heard during the last two weeks, LimeWire wreaked enormous damage on the music community, helping contribute to thousands of lost jobs and fewer opportunities for aspiring artists."

Bainwol called the settlement a "reason for celebration by the entire music community."

The settlement reinforces the U.S. Supreme Court's ruling against P2P vendor Grokster in 2005, Bainwol added. The court ruled that Grokster and StreamCast Networks can be held liable for copyright infringement committed by users.

The settlement and the Grokster case show that "designing and operating services to profit from the theft of the world's greatest music comes with a stiff price," Bainwol said.

LimeWire's lawyer, Joseph Baio of Willkie Farr & Gallagher in New York, wasn't immediately available to comment on the settlement.

LimeWire.com's home page has a note about the injunction issued by Wood. "We further remind you that the unauthorized uploading and downloading of copyrighted works is illegal," the note said.

3. 

Guinness Awards Gaming Records to iPhone 4, App Store

By Ed Oswald, PCWorld    May 14, 2011 2:03 PM

The Guinness Book of World Records has bestowed the honor of fastest-growing gaming system uponApple's iPhone 4, as well as noting that the App Store itself and several games in it also have set records.

An estimated 1.5 million iPhone 4s were sold on launch day, far eclipsing any other gaming system. Guinness noted that the PlayStation Portable only sold 200,000 units in its first day, and it was a full week until the Nintendo DS pushed 500,000 consoles out the door.

"The release of the iPhone has not just changed the mobile industry, but the video game world too," Guinness' gaming editor Gaz Deaves says in a statement. The organization also noted that Apple's App Store holds the record for the largest downloadable video game store with 37,362 titles available.

Guinness did not provide numbers from the Android Market for comparison purposes, but noted the App Store was well ahead of other competitors including Xbox Live Arcade (around 1300) and Wii's Virtual Console service at 576.

Angry Birds is also receiving honors for being the "Top Paid-For App Store Game in Most Countries." The title is the top paid download in 67 countries on the App Store with an estimated 6.5 million paid downloads.

Other records for iOS games include Tap Tap Revenge for the most popular App Store game in history with 15 million downloads, and Plants vs. Zombies set two records in the strategy category. It was the highest grossing launch with $1 million in revenue for developer PopCap in the first nine days, as well as the fastest selling with 300,000 downloads in that same period.

4.

On the Internet, Trust No One

By Ted Landau, Macworld    May 15, 2011 6:00 am

On the Internet, trust no one. Or at least, as President Reagan famously said, "Trust, but verify." In particular, whenever an unusual and unexpected message appears on your computer, be suspicious of its authenticity.

The most recent example supporting this advice is the MAC Defender Trojan horse. As previously covered here at Macworld, after clicking a link to a site that comes up in a Google search, a message may pop up claiming that your computer is "infected." At the same time, a ZIP file is downloaded to your Mac. If you're using Safari, the file is automatically launched, unless you disabled the option to 'Open "safe" files after downloading' in Safari's Preferences. The downloaded file turns out to be an installer for a supposed piece of software named MAC Defender. You are asked to purchase this software so as to fix the "infection."

It's all a scam. There is no actual program to install. The goal of the creators of this con is simply to get your money and credit card number.

After reports of the scam began circulating on the Web, the package was modified with a new name: MAC Security. It's just as phony.

This is merely the latest in a series of similar scams. For example, as reported in an Apple Support Communities thread posted in January, Skype users may receive a false alert claiming: "ATTENTION! Security Center has detected malware on your computer."

How can you tell if these warnings are phony? What should you do if and when you receive one?

For starters, assume that all such unfamiliar messages are scams. Better safe than sorry. There are no legitimate error messages in Mac OS X or Safari (or any other Internet-connected software that I have ever used) that directly link to unrelated third-party sites. If the third-party site requests any personal information, from an email address to a credit card number, be even more suspicious (if that's possible).

Don't click on any links included in such messages. Don't install any software that accompanies the message. Don't provide any personal information at all. In fact, don't do anything that the message requests that you do. Just ignore it and discard it.

Similarly, beware of phishing scams in emails that you receive. If you get an email, even from a website that you frequent (such as Facebook or PayPal), that includes a link to login to the site: beware. It could be a fake message taking you to a phony site--all designed to trick you into giving scammers your username, password, and/or credit card number.

As a rule, whenever I receive any such messages from known vendors, if I think there is any chance that the message is legitimate, I separately log in to the site, ignoring the provided link. If I truly need to perform the requested action, I should be prompted to do so.

The same rule applies to e-mail attachments. Be especially suspicious of unsolicited attachments from unknown senders. In this regard, Microsoft recently posted Security Bulletin MS11-036, describing a vulnerability in Microsoft PowerPoint that "could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker... could gain the same user rights as the logged-on user." You could be at risk by opening a suspect PowerPoint file that you received in an e-mail. On a Mac, the danger is limited to Microsoft Office 2004 and 2008 (not the latest 2011 version). An update to patch the security hole is in the works, and should be available soon.

This is the world we live in--where being skeptical typically pays off and being trusting too often leads to disaster. Still, I suppose it's always been that way, at least as far back as when P.T. Barnum ispurported to have said "There's a sucker born every minute." The technology keeps getting updated; the dangers stay the same.

5.

To read this more closly go to:   http://www.coolinfographics.com/

S2T4W8 Wednesday: The 'Post-PC' Era Is Here -- But Don't Junk Your PC Just Yet, Former Hacker Comments on How PSN Attack May Have Gone Down, Microsoft: One in 14 Downloads Is Malicious, Should You Delete Your profile?

1.

The 'Post-PC' Era Is Here -- But Don't Junk Your PC Just Yet

By Jeff Bertolucci, PCWorld    May 17, 2011 3:31 PM

Has the much-discussed "post-PC era" finally begun? The term has been tossed about for years by industry executives and pundits alike. Its most recent high-profile use came during Steve Jobs' iPad 2 unveiling in March, when the Apple CEO/guru called the iPhone, iPod, and iPad "post-PC devices" that needed to be more intuitive and easier to use than conventional desktops or laptops.
Well, add Forrester Research to the list of industry watchers who believe the post-PC era has begun. In a new report released Tuesday, Forrester analyst Sarah Rotman Epps says that computing devices--and how we interact with them--are currently undergoing a dramatic shift to:
· Ubiquitous computing: Mobile devices with sensors such as accelerometers, gyroscopes, and geolocators are freeing us from the stationary limitations of desktop PCs.
· "Casual" computing: Instant-on/always-on smartphones and tablets remove the formal boot up/shutdown process of the desktop.
· A more intimate experience: Tablets and smartphones are kept close to your body, whereas using a laptop or desktop is "arms-length activity," writes Epps in a blog post. This means that consumers are using computing devices in intimate places, including the bedroom. Sounds like a boon to couples' therapists to me.
· Physical interaction with devices: Touchscreens, voice input, motion-sensing devices such as Microsoft Kinect, and cameras with facial recognition allow your "body and voice" to control the machine. By comparison, the desktop's mouse/keyboard interface is more abstract and less personal.
What's it all mean? Certainly, the mobility and ubiquity of today's tech devices is changing the way interact with our digital assistants. But the laptop and desktop aren't going away anytime soon.
"So what does 'post-PC' mean, anyway? It doesn't mean that the PC is dead," Epps writes. In fact, Forrester forecasts that U.S. consumer laptop sales will grow at a compound annual growth rate of 8 percent between 2010 and 2015, and desktop sales will decline only slightly.
And while 82 million American consumers will own a tablet in 2015, more than 140 million will own a laptop, Forrester predicts.
"In the post-PC era, the 'PC' is alive and well, but it morphs to support computing experiences that are increasingly ubiquitous, casual, intimate, and physical," says Epps.


2.

Former Hacker Comments on How PSN Attack May Have Gone Down

By    May 17, 2011 3:24 PM

The PlayStation Network is back up for most gamers around the world, but Sony has yet to give an explanation as to why and how the attack brought down the service for over a month.
Former hacker and lead architect at Mykonos Software, Kyle Adams, spoke with PCWorld about how the hack may have occurred. Adams suggests Sony may have left its doors wide open for attack by using outdated software.
Was the PlayStation Blog a Gateway?
Hackers likely gained access using an SQL injection attack, according to Adams. In other words, hackers inserted malicious code into the database, and the server erroneously executed the code. This allowed the hackers to gain access to the server.
Adams suggests that the attackers may have entered the server through Sony's blog. Sony's blog was using an outdated version of Wordpress, which has known SQL injection vulnerabilities.
"It seems likely to me that Sony got attacked through its web services first, such as the blog, and it opened up the doors to the rest of Sony's servers," Adams told PCWorld.
The attack on Sony's PSN was an "advanced persistent threat," which, as the name suggests, is a series of ongoing, planned attacks. Each planned attack opens up more and more doors, allowing the hackers to advance further into the server.
Hackers On Sony's Servers For Months
"The depths they went indicates that this hack wasn't arbitrary," Adams said.
He explains that these types of attacks can go on for weeks or even months without being discovered, and that APTs typically involve attempts to obtain valuable data.
"They perceive value in the site they're going after," Adams said. "There's a whole lot of value in the data Sony had. There's always a buyer out there."
Adams did stress that he believes Anonymous had nothing to do with the attack, and notes that the group has never hacked and taken personal information in the past.
Adams seemed to concede, however, that Sony's claim that Anonymous may have made the hacker's jobs easier with their DDoS attacks has some validity.
"It's possible for another group to go through an open backdoor," he said.


3.

Microsoft: One in 14 Downloads Is Malicious

By Robert McMillan, IDG News

The next time a website says to download new software to view a movie or fix a problem, think twice. There's a pretty good chance that the program is malicious.

In fact, about one out of every 14 programs downloaded by Windows users turns out to be malicious, Microsoft said Tuesday. And even though Microsoft has a feature in its Internet Explorer browser designed to steer users away from unknown and potentially untrustworthy software, about 5 percent of users ignore the warnings and download malicious Trojan horse programs anyway.
Five years ago, it was pretty easy for criminals to sneak their code onto computers. There were plenty of browser bugs, and many users weren't very good at patching. But since then, the cat-and-mouse game of Internet security has evolved: Browsers have become more secure, and software makers can quickly and automatically push out patches when there's a known problem.
So increasingly, instead of hacking the browsers themselves, the bad guys try to hack the people using them. It's called social engineering, and it's a big problem these days. "The attackers have figured out that it's not that hard to get users to download Trojans," said Alex Stamos, a founding partner with Isec Partners, a security consultancy that's often called in to clean up the mess after companies have been hacked.
Social engineering is how the Koobface virus spreads on Facebook. Users get a message from a friend telling them to go and view a video. When they click on the link, they're then told that they need to download some sort of video playing software in order to watch. That software is actually a malicious program.
Social-engineering hackers also try to infect victims by hacking into Web pages and popping up fake antivirus warnings designed to look like messages from the operating system. Download these and you're infected. The criminals also use spam to send Trojans, and they will trick search engines into linking to malicious websites that look like they have interesting stories or video about hot news such as the royal wedding or the death of Osama bin Laden.
"The attackers are very opportunistic, and they latch onto any event that might be used to lure people," said Joshua Talbot, a manager with Symantec Security Response. When Symantec tracked the 50 most common malicious programs last year, it found that 56 percent of all attacks included Trojan horse programs.
In enterprises, a social-engineering technique called spearphishing is a serious problem. In spearphishing, the criminals take the time to figure out who they're attacking, and then they create a specially crafted program or a maliciously encoded document that the victim is likely to want to open -- materials from a conference they've attended or a planning document from an organization that they do business with.
With its new SmartScreen Filter Application Reputation screening, introduced in IE 9, Internet Explorer provides a first line of defense against Trojan horse programs, including Trojans sent in spearphishing attacks.
IE also warns users when they're being tricked into visiting malicious websites, another way that social-engineering hackers can infect computer users. In the past two years, IE's SmartScreen has blocked more than 1.5 billion Web and download attacks, according to Jeb Haber, program manager lead for SmartScreen.
Haber agreed that better browser protection is pushing the criminals into social engineering, especially over the past two years. "You're just seeing an explosion in direct attacks on users with social engineering," he said. "We were really surprised by the volumes. The volumes have been crazy."
When the SmartScreen warning pops up to tell users that they're about to run a potentially harmful program, the odds are between 25 percent and 70 percent that the program will actually be malicious, Haber said. A typical user will only see a couple of these warnings each year, so it's best to take them very seriously.



4.