Web attack knows where you live

One visit to a booby-trapped website could direct attackers to a person's home, a security expert has shown.

The attack, thought up by hacker Samy Kamkar, exploits shortcomings in many routers to find out a key identification number.

It uses this number and widely available net tools to find out where a router is located.

Demonstrating the attack, Mr Kamkar located one router to within nine metres of its real world position.

'Creepy' attack
Many people go online via a router and typically only the computer directly connected to the device can interrogate it for ID information.

However, Mr Kamkar found a way to booby-trap a webpage via a browser so the request for the ID information looks like it is coming from the PC on which that page is being viewed.

He then coupled the ID information, known as a MAC address, with a geo-location feature of the Firefox web browser. This interrogates a Google database created when its cars were carrying out surveys for its Street View service.

This database links Mac addresses of routers with GPS co-ordinates to help locate them. During the demonstration, Mr Kamkar showed how straightforward it was to use the attack to identify someone's location to within a few metres.

"This is geo-location gone terrible," said Mr Kamkar during his presentation. "Privacy is dead, people. I'm sorry."

Mikko Hypponen, senior researcher at security firm F Secure, attended the presentation and said it was "very interesting research".

"The thought that someone, somewhere on the net can find where you are is pretty creepy," he said.

"Scenarios where an attack like this would be used would be stalking or targeted attacks against an individual," he added.

"The fact that databases like Google Streetview's Mac-to-Location database or the Skyhook database can be used in these attacks just underlines how much responsibility companies that collect such data have to safeguard it correctly," said Mr Hypponen.

Mr Kamkar detailed the attack during a presentation at the Black Hat hacker conference. In 2005, Mr Kamkar created a worm that exploited security failings in web browsers to garner more than one million "friends" on the MySpace social network in one day.

Prosecuted for the hack, Mr Kamkar was given three years' probation, did 90 days of community service and paid damages. He was also banned from using the net for personal purposes for an undisclosed amount of time.

Private browsing modes leak data

The private browsing modes on modern browsers leak information about where people have visited, suggests a study.

Available in many browsers, the private modes are not supposed to log information about sites visited.

However, the study found that in many cases the privacy mode was compromised by additions to the browser or extra security on websites.

Many extras that people add to browsers can "completely undermine" the anonymity of private browsing.

Computer scientist Dan Boneh from Stanford University led the study of private browsing modes on the Firefox, Internet Explorer, Chrome and Safari browsers.

The researchers tested when people used private browsing modes by employing adverts that log the state of the machine on which the ad is being displayed.

It found that private browsing was most popular when people visited adult sites.

Private browsing modes typically work by erasing the information logged when any site is visited.

These logs include small text files known as cookies, entries on a history file and data put in the browser's cache.

However the study found that other ways in which a browser logs data were often left undisturbed at the end of a private browsing session.

This occured, for example, if the site being visited used security systems such as those which protect data sent back and forth during web purchases.

Add-ons or plug-ins for browsers, particularly those that help with searching, also readily log information that the private browsing mode was supposed to delete, found the study.

The researchers concluded that, in some cases, these weaknesses were able to "completely defeat the benefits of private mode".

The paper will be presented at the Usenix Security conference which is being held in Washington, DC from 11-13 August.

Saudi Blackberry services Resumes

Blackberry services have been restored in Saudi Arabia, reports say.

A ban on the use of the device for sending and receiving messages was due to have come into force.

And locals said the handsets had stopped working for four hours.

But there is no sign yet that the ban has been lifted. Earlier reports that Blackberry manufacturers RIM (Research in Motion) had found a solution to security issues raised by local authorities cannot be confirmed.
The authorities object to the devices because they operate an encrypted message service meaning that communication from Blackberry devices cannot be monitored.

Ben Thompson, in Dubai, said that there are conflicting reports about why the handsets are currently working again.

"Services are up and running again across the country," he confirmed.

"But inevitably, that raises more questions than it answers. If RIM did grant Saudi Arabia access to its security codes, other countries in the region would now expect the same.

"The UAE - which is threatening its own ban by October alongside Algeria, Indonesia and India would all be expecting similar deals."

Dubai-based British businessman Nazar Musa said that had been a lot of local interest in the issue.

"There's been an awful lot of discussion and debate about the Blackberry issue," he told.

"Clearly as a centre of regional business and with links and ties to the rest of the world the use of Blackberry services is vital."

He added that there had been "limited concern" expressed on chat rooms about the desire of the authorities to access the data itself.

RIM has been contacted.

In a statement earlier this week a spokesperson for the company said that the devices were deliberately designed to prevent anybody from accessing individual message data, which is stored on servers in Canada.

"RIM cannot accommodate any request for a copy of a customer's encryption key, since at no time does RIM, or any wireless network operator or any third party, ever possess a copy of the key."

Net neutrality talks stall in US

US regulators have halted closed-door meetings intended to find a way to make sure all web data is treated equally.

The Federal Communications Commission began the meetings after a court limited its net regulation powers.

The FCC faced criticism over the meetings by groups that supported the principle known as net neutrality.

The FCC decision follows reports that Google and Verizon hatched a separate deal to allow faster speeds for web sites that pay for the privilege.

"Any outcome, any deal that doesn't preserve the freedom and openness of the internet for consumers and entrepreneurs will be unacceptable," said FCC chair Julius Genachowski.
Both firms denied they were close to an agreement that many fear would lead to a "two-tier internet".

Google said: "We remain as committed as we always have been to an open internet".

In a blog post net service provider Verizon also clarified its position.

"As we said in our earlier FCC filing, our goal is an internet policy framework that ensures openness and accountability, and incorporates specific FCC authority, while maintaining investment and innovation," wrote David Fish, executive director of media relations for Verizon.

"To suggest this is a business arrangement between our companies is entirely incorrect," he added.

Despite the public statements, reports that an agreement will soon be announced persist.

During the Techonomy conference in Lake Tahoe, California, Google boss Eric Schmidt would not be drawn on the issue.

"We have been talking to Verizon for a long time about trying to get an agreement on what the definition of what net neutrality is," he told reporters.

"We are trying to find solutions that bridge between the hard core 'net neutrality or else' view and the historical telecom view of no such agreement."

Log Jam

The issue of net neutrality, which means no data traffic is prioritised over any other, has become a thorny one for the FCC. A recent court case limited the agency's powers to police what happens to data when it ruled that the FCC did not have the power to sanction Comcast for throttling some traffic.

As a result the FCC said it would reclassify broadband under a more heavily regulated part of the telecommunications law known as Title II. Cable and phone companies claimed the move would stifle investment in next generation broadband.

With the fear that these companies would resort to legal action, the agency began holding what critics termed "secret negotiations" aimed at forging a consensus on how to treat internet traffic.

The FCC's move to end these talks with firms such as Verizon, Google, Skype and AT&T suggest they broke down without reaching a decision.

Edward Lazarus, FCC chief of staff, said the talks had not "generated a robust framework to preserve the openness and freedom of the internet".

Pay to play

Public interest groups believe the Google Verizon tie-up, if it came to pass, would change the very nature of the internet and how it operates

"The deal marks the beginning of the end of the internet as you know it," said Josh Silver, president of the Free Press consumer group.

"Since its beginnings, the net was a level playing field that allowed all content to move at the same speed, whether it's ABC News or your uncle's video blog. That's all about to change."

At the Techonomy Conference Mark Carges, chief technology officer of auction site eBay, underlined the company's support for net neutrality.

"eBay supports net neutrality legislation that will prohibit phone and cable companies from replacing the robust open internet with 'Pay to Play' private networks that will force out and discriminate against content and service providers that refuse to pay new tolls," Mark Carges told.

"Consumers, non-profits and businesses already pay for access to the internet," he said. "Broadband providers should not be permitted to 'double dip' by charging consumers twice for high-speed internet access."

Techonomy attendee Neelie Kroes, European Commissioner for the Digital Agenda, said she was watching the situation in the US closely.

"We are facing the same types of issues and with our discussions we are consulting everyone," said Ms Kroes adding that she was a supporter of net neutrality.

"I know Chairman Genachowski and that he is doing his utmost to find solutions to this issue," she said.

UK to open Earth observation hub

Science minister David Willetts has announced a new UK centre for monitoring the Earth from space.

The Earth observation hub will focus on acquiring environmental data, such as information on deforestation and the impact of climate change.

The hub will be based at the International Space Innovation Centre (ISIC) at Harwell in Oxfordshire, which will open in April 2011.

The aim is to bring together UK expertise in Earth observation.

The hub will also be used as a flight operations centre for controlling satellites. In addition, it will develop the expertise to analyse environmental information coming from space, helping scientists learn more about how the planet is being affected by climate change.
Tracking pollution

Professor Alan O'Neill, director of the National Centre for Earth Observation, said: "By bringing together the best of our space science base with industrial researchers, we hope to develop a wide range of applications.

"These include global monitoring of deforestation, concentration of greenhouse gasses, and levels of marine pollution."

Up to 40 scientists will be based at the centre. Many of them will be involved in gathering and presenting the vast amounts of information coming from environmental satellites.

The data will be made available to scientists across the world and to the public.

Details of the hub were announced by the Science Minister David Willetts in a speech on Wednesday morning at the Farnborough Air Show.

He said that the centre would not become a "centralising force"; rather, it would serve as a hub to link regional space capabilities and promote knowledge-sharing between academia and industry.

Mr Willetts' said in his speech: "ISIC will operate at arm's length from the UK Space Agency so that it becomes a common facility within the Harwell campus.

"And at Harwell, the new European Space Agency facility is already working well, especially in climate change science and related applications.

"Soon it will have an incubator for new space businesses and work on space exploration. This is a fantastic additional catalyst for UK space."

Ancient climate change 'link' to CO2

A "global pattern" of change in the Earth's climate began 2.7 million years ago, say scientists.

Researchers found that, at this point, temperature patterns in the tropics slipped into step with patterns of Ice Ages in the Northern Hemisphere.

They report in the journal Science that atmospheric CO2 could be the "missing link" to explain this global pattern.

The findings, they say, reveal a "feedback process" that could have been magnified by greenhouse gases.

This loop of feedback could have intensified both the Ice Ages in the Northern Hemisphere, and temperature fluctuations in the tropics.

Professor Timothy Herbert from Brown University in Rhode Island, US, led the research. He and his colleagues, in the US and China, analysed mud cores from the seabed in the four tropical ocean basins - the Arabian Sea, the South China Sea, the eastern Pacific and the equatorial Atlantic Ocean.

These mud cores are laid down over millions of years - as sediments of dead plant and animal material sink to the ocean floor.

So by analysing the chemical composition of this material - specifically the chemical remains of one ancient and tiny marine organism - the scientists were able to produce a timeline of temperature changes.

The team "found a fingerprint in the sequence of temperature changes" - a pattern that began 2.7 million years ago, Professor Herbert explained.

He told: "The timing and the amplitude of temperature changes [in the Northern Hemisphere] are reproduced in the tropical temperatures. The patterns are incredibly similar."

He added that the study provided the first direct evidence of a global pattern in climate change that dated back almost three million years.
Ancient greenhouse

Professor Herbert added that the "best global mechanism" to explain this link was the level of atmospheric greenhouse gases.

Dr Carrie Lear, a palaeoclimate scientist from Cardiff University in the UK, agreed that carbon dioxide was the likely "culprit".

She told: "This study reveals a feedback process that has magnified climate change since the inception of Northern Hemisphere glaciation 2.7 million years ago.

"It seems the tropical warming caused by high CO2 levels set off a chain of events resulting in additional greenhouse gases, including water vapour, being released to the atmosphere, thus causing further warming."

Dr Lear said that such studies of past climate change were "invaluable in understanding the current climate system, and hence predicting future change".

Birds with the brightest feathers may pay a cost for their showmanship

Males with the brightest plumage are thought to be more sexually attractive to female birds.

But a study of American goldfinches is the first to show that high levels of brightly coloured chemicals in feathers leads to a breakdown in flight muscles, which affects flight performance.

Details are published in the journal Naturwissenschaften. The discovery does not necessarily mean that the brightest birds are also the weakest, or least able to reproduce.

Instead it shows that having bright feathers comes at a real cost to male birds.

That in turn means that bright feathers are an honest signal of quality.

Only the fittest males in the best condition, who are best able to cope with the negative effects, will take on enough brightly coloured chemicals to brighten their plumage.

Yellow health

In many animals, including fish and birds, males gain competitive or mating advantages by ingesting and using large quantities of pigments known as carotenoids.

These yellow, orange and red pigments are found naturally in the bird's diets, and they cannot be made by their bodies.

When eaten, carotenoids are converted to brighten otherwise dull feathers, creating bright plumages.

The beneficial effects of high levels of carotenoids are well documented by scientists: as antioxidants they are thought to improve bird's health, and the resulting bright feathers signal to female birds that males are healthy, have less parasites and a good diet.But until now, scientists have not examined whether there is a downside to eating lots of carotenoids.

To do so, Professor Kristen Navara of the University of Georgia in Athens, US and colleagues at Auburn University, Alabama studied what happened to American goldfinch birds fed a diet rich in carotenoids.

Over two consecutive seasons, they fed wild caught goldfinches a high carotenoid diet for two months, followed by a normal diet for two months.

A control group of birds was consistently fed a diet low in carotenoids.

During the experiments, the researchers collected feathers from the birds to measure how much carotenoid pigment was taken up into the bird's plumage.

In the first year, they also tested for levels of an enzyme that might indicate muscle is being broken down in the birds.

In the second year, they followed this up by directly testing the bird's ability to fly by measuring the performance of the bird's flight muscles.

Muscle wasters

The results were clear.

Birds fed carotenoid supplements were significantly more colourful, having more strikingly yellow feathers.

However, birds fed this high-carotenoid diet also produced high levels of muscle-wasting enzymes, as the carotenoids became toxic, causing tissue damage.

They also performed less well during flight tests.

"The impairments were long-term and occurred two months after carotenoid supplementation had stopped," Prof Navara told.

"In a natural situation, this time period would correspond with the breeding season for male goldfinches."Impaired muscle performance during this time could decrease reproductive output overall."
That means only birds in good enough condition to tolerate these negative effects will take on high levels of carotenoids, and hence have the showiest feathers.

"So when females choose males with bright colouration, they are choosing ones in good enough condition to withstand high levels of carotenoids," says Prof Navara.

"Until now high levels of carotenoids have been regarded as beneficial to songbirds, and out study suggests that other potentially detrimental effects need to be tested in other species to get a full picture."

Microsoft slims down Xbox console

The new console - to be launched this week - will have the same price as the old system, but comes with Wi-Fi and a 250 GB HD.

It follows a similar move by Sony, which released its own slimmer edition in August 2009.

The announcement was made ahead of the E3 games convention in Los Angeles, at which the firm showcased its range of forthcoming games.

The event also saw the first public viewing of Call of Duty: Black Ops, the latest edition in the popular Call of Duty series.

The new edition is set during the Vietnam War and takes the players through the tunnels of South Vietnam and into the jungles of Laos.

The game will hit the shops on 9 November this year.

New deal
Microsoft said a new deal with Call of Duty's publisher Activision would see all add-on and map packs for the game being released on Xbox 360 first, and that this deal would last for the next three years.

The event, less than 12 hours after it unveiled the final version of its hands-free control system Kinect, also had offerings from Hideo Kojima, the man behind the Metal Gear Solid series with Metal Gear Solid: Rising; Gears of War 3; Fable 3; and Halo Reach, the latest in the long running series.

Microsoft also fleshed out details of the games, as well as software that will be supported by Kinect.

After the success of Wii Sports from rival Nintendo, it was unsurprising that Microsoft are to follow suit, with Kinect Sports boasting six different events, from javelin, to boxing and volleyball.

The firm also demonstrated Kinectimals, a virtual pet that allows users to adopt and play with their favourite animals.

Kinectwill launch on 4 November 2010 in North America, with Europe expected to follow a few weeks later. Microsoft said there will be 15 different Kinect titles at launch.

The firm hopes these new games will help it stay ahead of its arch-rival, Sony PlayStation, which has seen a resurgence in sales over recent months.

Last year, the firm unveiled a number of games that were once the sole domain of the PlayStation, such as Grand Theft Auto and Assassins Creed.

Exclusivity
An exclusive title can mean a significant lift to hardware sales, as gamers are forced into a single platform if they want to actually play it. Halo did much to boost the Xbox 360 when it was launched, as did Metal Gear Solid for the PlayStation 3.

However, the price difference between the two systems at the time meant that there were more sales for Microsoft's system than Sony.

Since the two systems launched, an unofficial price war has been waged between the two firms, with Sony reducing the price of the PS3 from £420 at launch to £249.99 ($299 in the US) and Microsoft now selling its Xbox 360 Elite for £199 (down from its original £299 price tag at launch).

Both firms say that their price cuts are not influenced by competitors decisions.

Sony has denied there will be any further reduction in price for the PlayStation 3 at E3, with Sony's UK Sales Director - Mark Howsen - telling the British games industry magazine MCV that there had been "no discussion internally about that at all".

"We're enjoying good year-on-year growth and as long as that continues we'll keep on going I think".

Wikipedia unlocks divisive pages for editing

The online encyclopaedia Wikipedia says it has taken an "important step" towards making it easier to edit some of its most controversial articles.

Up to 2,000 articles, including a page about former US President George W Bush, will have their strict editing restrictions relaxed.

Users will now be able to submit changes to the selected pages for review by senior editors.

It is part of Wikipedia's ongoing efforts to curb vandalism of the site.

Wikipedia's founder Jimmy Wales told the new system, called "pending changes" will allow the site "to open up articles for general editing that have been protected or semi-protected for years.

"That's what is exciting about this," he said.

False reports

Wikipedia encourages editorial changes from everybody who comes to the site.

However, it has been plagued by persistent problems such as the malicious editing of entries, and repeated editing of controversial topics. As a result, the site has introduced a number of levels of protection that can be applied to articles.

For example, new or anonymous users could previously be prevented from editing "semi-protected" articles, and were forced to suggest changes on a discussion board attached to each article before they could be incorporated.

Semi-protected articles cover a wide range of subjects including Iceland, David Cameron, George W Bush and even homework.

The new changes should make it easier for users to contribute to these pages, the site says.

Mr Wales said that he was pleased to see the pages opening up again.

"These have had to be semi-protected for years just because they are too tempting for naughty people to try something funny," he said.

"But semi-protection has prevented thoughtful and sincere newcomers from making good changes."

Pending Changes will be introduced at 11pm GMT on 15 June.

Editing review

Any edits to articles in this category are subject to review from an established Wikipedia editor before publication, although anyone can still view changes that have been proposed.

For the duration of the two month trial, Wikipedia users will notice a small magnifying glass, in place of a padlock, on included articles. In a blog post, Wikipedia said: "The icon, on the upper right corner of the article, represents an important step that Wikipedia volunteers have taken to open up articles that were previously protected from editing.

"At present, only about 0.1% of the 3.3 million articles on the English Wikipedia are under edit protection.

"This tool should help reduce disruptive edits or errors to these pages while maintaining open, collaborative editing from anyone who wants to contribute."

Anyone can view proposed edits by clicking on the "pending changes" tab, alongside the "edit" and "history" tabs on a Wikipedia entry.

The software that enables the new feature was originally developed for the German version of Wikipedia, where it is called "flagged revisions".

In Germany, edits on all articles are subject to review, and it is likely that some observers will see this pilot as the first step towards such a system in English.

Mr Wales said that was "extremely unlikely" and "neither necessary nor desirable".

"The Germans seem happy with it, but they are also going to be closely watching the English system, and I'm sure they'll at least consider switching if the results are good," he said.

Michael Peel, secretary of the independent non-profit organisation Wikimedia UK, told that it had taken "a long time to find consensus" on how best to run the trial.

Mr Wales called for a similar change in 2009, after Wikipedia articles wrongly suggested for a short time that two US senators had died.

In a blog entry, Mr Wales said the "nonsense" of the false reports would have been "100% prevented" by a system that involved editors and said he wanted the changes to be implemented as soon as possible.

The suggestion provoked a storm of comments on his site, with many encyclopaedia editors saying the proposal was unworkable.

Wikipedia said the decision about which articles to include in the new trial, up to an initial limit of 2,000, will be taken by the Wikipedia community.