November 29th, 2014 | Edited by Zoran Stosic | software
A federal judge in New York has given final approval to a settlement in which Apple will pay $450 million for its role in a conspiracy to fix prices for ebooks.
Judge Denise Cote of the U.S. District Court in Manhattan called the settlement “fair and reasonable.” It requires Apple to pay $400 million to consumers who bought certain books between 2010 and 2012, as well as $50 million in attorneys’ fees.
Although the settlement is final, Apple only has to pay that amount if it loses its appeal of a 2013 price-fixing ruling. If the appeal is successful, Apple will pay only $50 million to ebook purchasers and $20 million to attorneys.
A hearing on the appeal is scheduled for Dec. 15 in Manhattan. Lawyers for the ebook buyers have said they “strongly believe” that Apple’s appeal won’t be successful.
The iPhone maker was found guilty last year of conspiring with five big publishers to inflate prices for electronically downloaded books. The publishers—Hachette, HarperCollins, Macmillan, Penguin and Simon & Schuster—had already settled the charges against them for $166 million.
If Apple’s appeal is unsuccessful, there will be $566 million in total to divide among the affected consumers. They include millions of people who bought certain books from the five publishers between April 2010 and May 2012.
There are more details about who qualifies for the settlement here, although the period when buyers could make a claim ended last month. Those who applied could get $6.54 for each New York Times bestseller they bought. It will be less than a dollar if Apple wins its appeal.
November 25th, 2014 | Edited by Zoran Stosic | software
A malware program distributed recently through a rogue server on the Tor anonymity network was also used in targeted attacks against European government agencies.
The malware has been dubbed OnionDuke by security researchers from antivirus firm F-Secure, who believe it is connected to MiniDuke, a cyberespionage threat of Russian origin that was used to attack NATO and European governments before its discovery in February 2013.
In October, Josh Pitts, a researcher with Leviathan Security Group, found a Tor exit node located in Russia that was wrapping malware with all executable files downloaded by users through the node. When browsing the Web anonymously through Tor, the traffic is passed through random relays inside the Tor network and then it goes back out on the Internet through one of the many so-called exit nodes run by volunteers around the world.
The rogue Russian exit node identified by Pitts was banned from the Tor network, but researchers from F-Secure analyzed the malware it distributed and found that upon installation, it was downloading additional malicious components from several command-and-control servers.
“We have, for instance, observed components dedicated to stealing login credentials from the victim machine and components dedicated to gathering further information on the compromised system like the presence of antivirus software or a firewall,” the F-Secure researchers said in a blog post Friday.
One of the command-and-control domain names used by the malware was registered in 2011 by someone who used the alias John Kasai. At about the same time, the John Kasai name was used to register a number of other domains, including two used by MiniDuke.
“This strongly suggests that although OnionDuke and MiniDuke are two separate families of malware, the actors behind them are connected through the use of shared infrastructure,” the F-Secure researchers said.
“Based on compilation timestamps and discovery dates of samples we have observed, we believe the OnionDuke operators have been infecting downloaded executables at least since the end of October 2013,” the researchers said. Since at least February 2014, OnionDuke has also been distributed through infected executables in pirated software downloaded over BitTorrent.
The F-Secure researchers found what they describe as “strong evidence” that OnionDuke has also been used in targeted attacks against European government agencies, like MiniDuke, but they haven’t identified the exact attack vectors used in those campaigns yet.
“On one hand is the ‘shooting a fly with a cannon’ mass-infection strategy through modified binaries and, on the other, the more surgical targeting traditionally associated with APT [advanced persistent threat] operations,” they said.
November 22nd, 2014 | Edited by Zoran Stosic | software
Facebook lets its users control whether other people can see the information they post, but when it comes to controlling what Facebook itself gets to see, privacy-conscious users are out of luck.
In fact, Facebook doesn’t think it would make sense to let users do that.
“With most online services, there’s an understanding that when you use those services to share information, you’re also sharing information with the company providing the service,” said Matt Scutari, manager of privacy and public policy at Facebook.
“For users who are truly concerned with sharing their information with a particular platform, honestly, you might not want to share information with that platform,” he said, speaking during a conference on digital privacy in Palo Alto, California, on Friday 14th November.
“I don’t think there are many services out there who could claim they’re not using your information that you’re sharing with them for any purpose. They have to at least use that information to provide the service,” he added.
Scutari was responding to a question from the audience about what tools, if any, Facebook might provide to people who want to post and share information but keep it from Facebook itself.
Data collection—what companies collect, and how it’s used—is an area of concern for Internet users in general, highlighted by some dramatic findings in a recent Pew survey.
Facebook does have a team of employees tasked with looking at privacy issues related to its products, features and tools. The team has a number of programs in place, including daily surveys of users and talks with people in other countries to get their views on privacy, Facebook said on Friday 14th November.
November 20th, 2014 | Edited by Zoran Stosic | software
Apple has acted quickly to address a malware threat to iOS and Mac OSX computers, saying on November 6th it has blocked apps from running that are infected with the WireLurker malicious code.
A day earlier, security vendor Palo Alto Networks revealed a campaign in which hackers were transferring malware to Apple devices through infected desktop applications downloaded from a Chinese marketplace.
The attack was a novel one in that it compromised iOS devices that had not been jailbroken, or altered to remove the restrictions that prevent people from downloading apps outside of the thoroughly-vetted App store.
About 467 Mac desktop applications were found to be infected with WireLurker at an app store for Chinese users called Maiyadi. The malware waits until an iOS device is connected to the desktop via USB, then uses one of a two methods to infect the mobile device. WireLurker can then steal data from the device, such as phone logs.
Apple didn’t say exactly what steps it has taken to stop the attack, but said “we are aware of malicious software available from a download site aimed at users in China, and weve blocked the identified apps to prevent them from launching.”
The company reiterated its longstanding advice to download software only from trusted sources.
Dave Jevans, founder and CTO for mobile security company Marble Security, said Apple had a few different options for thwarting WireLurker.
One way it infects devices is by using an enterprise provisioning certificate, which is used by developers building apps for in-house that don’t appear on the App Store. The certificates are what allows those apps to run on iOS, and in the hands of a malicious hacker could be used to spread infected applications. Apple revoked the certificate used by WireLurker’s creators, Jevans said.
That would help protect phones that aren’t jailbroken from running infected apps, but it might not help those whose devices have already been infected, he said.
Apple could also update Safari to prevent people from navigating to the Maiyadi website, but users would still be able to get there using Chrome or other browsers. The company could also update its XProtect antivirus engine with a signature to block WireLurker installations, Jevans said.
November 18th, 2014 | Edited by Zoran Stosic | software
Happy day, Android users! And if you’re currently sporting the second-generation Moto X, you’re in for a treat. Motorola said it would deploy Android Lollipop quickly, and boy, did it deliver.
Motorola has apparently not only has begun its soak test for Lollipop for the new Moto X, but it’s already put up arelease notes page for the update with a complete change log of what’s in the software package. We’ve yet to receive an indication of a Lollipop update on our Moto X unit, however.
Why this matters: It’s not the biggest news to happen on a late Friday afternoon, but if the software update is pushed live over the weekend it means that Motorola technically beat Google to the Android 5.0 update punch. While the Nexus 9 tablet ships with Lollipop, no other devices with prior Android versions have been updated yet—not even the Nexus 5 and 7!