| China Hack Was “Highly Sophisticated” |
|
Wired reports that the intrusion of Google (and others) by Chinese hackers exploited a previously-undiscovered flaw in (what else?) Internet Explorer versions 6 through 8. Microsoft has issued an advisory; here’s their take on the matter: “At this time, we are aware of limited, active attacks attempting to use this vulnerability against Internet Explorer 6. We have not seen attacks against other affected versions of Internet Explorer. We will continue to monitor the threat environment and update this advisory if this situation changes. On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.” Or, as Wired puts it: “There is no existing patch for the memory-corruption flaw that causes the browser to internally misfire in a way that allows the hacker to inject malware onto the user’s computer.” I have a suggestion: drive a stake through Jason Voorhees’ heart and switch to Google Chrome. (Eight months later, my Chrome-only netbook is still virus-free.) Do it now. Seriously. Or use Firefox, if you prefer. Anything but IE. According to another Wired article, the hackers who exploited that there hole provided by Microsoft weren’t yer typical script kiddies: “According to [Dmitri] Alperovitch, [a researcher at McAfee anti-virus], the attackers used nearly a dozen pieces of malware and several levels of encryption to burrow deeply into the bowels of company networks and obscure their activity. ‘The encryption was highly successful in obfuscating the attack and avoiding common detection methods,’ he said. ‘We haven’t seen encryption at this level. It was highly sophisticated.’” |
|
|
Submitted by: Dan Giancaterino, Education Services Manager
|
Comments (0)January 14, 2010
| Google Docs Will Now Take Anything You Throw At It |
|
In a few weeks, you’ll be able to upload any type of file onto Google Docs: “Instead of emailing files to yourself, which is particularly difficult with large files, you can upload to Google Docs any file up to 250 MB. You’ll have 1 GB of free storage for files you don’t convert into one of the Google Docs formats (i.e. Google documents, spreadsheets, and presentations), and if you need more space, you can buy additional storage for $0.25 per GB per year. This makes it easy to backup more of your key files online, from large graphics and raw photos to unedited home videos taken on your smartphone. You might even be able to replace the USB drive you reserved for those files that are too big to send over email.” Those of you who read Douglas Rushkoff’s comments in my “Google Calls Out China” post will realize what a double-edged sword this really is. |
|
|
Submitted by: Dan Giancaterino, Education Services Manager
|
| Google Calls Out China |
|
On Tuesday, Google shouted “J’accuse” at the Chinese government in a big way: “Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google … [W]e have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves … [A]s part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users’ computers.” The NY Times tells the story of one of these targets, Tenzin Seldon, a young Tibetan activist living in California. She was notified by Google that her Gmail account had been compromised: “She also allowed Google to examine her personal computer at the company’s request. Google returned it this week, saying that while no viruses or malware had been detected, her account had indeed been entered surreptitiously.” The same day they disclosed China’s hacking, Google decided to activate https access for *all* Gmail accounts. It was not necessarily a coincidence, according to the NY Times: “Sam Schillace, an engineering director at Google Apps, said the shift to default HTTPS was not prompted by the attacks and, to the best of his knowledge, would not have averted them. The move had been in the works for some six months, during which time Google engineers did extensive testing and made numerous technical fixes to enable a smooth transition. However, the announcement itself was prompted by the attack news. ‘The Gmail team decided, why wait?’ he said. ‘We want our users to be as safe as we can make them be.’” But that’s not all. Google has decided to stop filtering Chinese Web results: “These attacks and the surveillance they have uncovered — combined with the attempts over the past year to further limit free speech on the web — have led us to conclude that we should review the feasibility of our business operations in China. We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China.” They did not just say that they’d pull the plug on the biggest market for Internet ads in the world, did they? Oh yes, they did. And the Chinese reaction? Pfffft, according to Bloomberg: “China, in a veiled response to the announcement by Google Inc. that it will stop censoring its Chinese Web site, said it welcomed global Internet companies provided they obey laws that restrict their content. ‘The Chinese government administers the Internet according to law and we have explicit stipulations over what content can be spread on the Internet,’ Foreign Ministry spokeswoman Jiang Yu said at a regular briefing in Beijing today.” So what are we to make of this? According to Jessica Vascellaro of the Wall Street Journal [sub required], this was a hotly-debated moral issue: “[Google CEO Eric] Schmidt made the argument he long has … namely that it is moral to do business in China in an effort to try to open up the regime. [Google co-founder Sergey] Brin strenuously argued the other side, namely that the company had done enough trying and that it could no longer justify censoring its search results.” Other sources are nososure. TechCrunch’s Paul Carr says that “anyone who is applauding Google for taking a stand against censorship needs – ironically – to sit the hell down and shut the hell up.” “… you have to accept that Google spent four years, and earned vast sums of money, operating under China’s censorship laws. And now only when they suffer an attack that threatens to damage their business worldwide – ‘What? The communists can hack my Gmail?’ – have they suddenly found a conscience. This may be a case of scorched-earth diplomacy on the part of Google, it may just be pure retaliation against a government which tried to hack their servers or it may be a shrewd business move dressed up as ‘taking a stand’. But what it’s absolutely not is a ‘moral position’, nor one that they should be particularly applauded for, any more than a man who has spend four years beating his wife should be applauded when he decides to stop. If anyone should be applauded it’s the man who didn’t beat his wife in the first place: companies like Twitter and Facebook whose refusal to work with the Chinese government lead to them being blocked last July.” And Douglas Rushkoff of The Daily Beast thinks that “Google is attempting to create a distraction”: “From what? From the fact that some Chinese hackers broke into their servers and gained access to what was supposed to be secure private and corporate data. Get it? That means none of our stuff on Google’s servers is safe. Now this would be a big deal—especially for those of us who have already bought into Google’s halcyon promise of a secure, always on, and always accessible ‘cloud’ in which to do our computing … So what is Google to do? Make sure that people don’t believe that a few hackers could have accomplished such a feat … Instead of letting our minds even go there, Google blames the government. At least the Chinese government sounds big and scary and qualified enough to break into a few corporate servers—and surely they wouldn’t be interested in any of America’s companies or users.” Last (and least, imho) Secretary of State Hillary Clinton says “We look to the Chinese government for an explanation.” Thanks … I’d been a bit nostalgic about the Cold War recently. |
|
|
Submitted by: Dan Giancaterino, Education Services Manager
|
January 11, 2010
| This is for Zhora … And This is for Pris |
|
As I blogged last month, Google has released the Nexus One. I could link to a bazillion articles about it, but the NY Times has a handy roundup of the media coverage. Oh, and the estate of Philip K. Dick wants Google to pony up some bucks, since the replicants in Blade Runner were designated as Nexus models. Unfortunately, the author never trademarked the term. However his daughter says it’s not about the money: “People don’t get it. It’s the principle of it.” |
|
|
Submitted by: Dan Giancaterino, Education Services Manager
|
December 15, 2009
| Let’s Run Down Google’s Life List, Shall We? |
|
Conquer other search engines. Check. Become a media darling. Check … and check. Make yourself a synonym for online video. Check. Digitize every book known to humankind. Check. (Pending resolution of pesky legal issues.) Become the world’s map-maker. Check. Poke Microsoft in the eye. Check. (What fun!) Remake email in your own image. Check. Establish a beachhead in the mobile wars. Check … and check. Invent the world’s fastest and safest browser. Check. (More Microsoft eye-poking!) What the heck — leverage that into an operating system for PCs. Check. (The ultimate e-p experience!) Finally, since you’ve got a few spare minutes somewhere you can tap into, take a shot at Apple as well by creating your own phone. Check — the Nexus One, designed by Google and built by HTC (the company that produced the G1.) The phone will be unlocked and will work on GSM networks such as T-Mobile and AT&T. (Sorry, Verizon.) Pricing rumor follows: “Here’s the price: $199 unlocked in stores. $100 rebate online if you have an active and old Google account. That $100 rebate is either to buy it $99 online from Google’s online phone store, for using on Android Marketplace or for using on any Google Checkout stores.” |
|
|
Submitted by: Dan Giancaterino, Education Services Manager
|
December 8, 2009
| Search Trifecta For My Android Phone |
|
Yesterday Google released a search-by-image Android app called Google Googles. Take a picture of something and Google will run a search for whatever the heck it thinks it is. Very nifty. It worked like a champ for the following:
Googles isn’t perfect, however. It gacked on my Pepsi Max label, including the bar code. I would have thought that was a gimmee. Oh, well. Anyway, now I can search any of 3 ways with my G1: by camera with Goggles, by voice, and using the slide-out or on-screen keyboards. I’m waiting for the day when I can simply press it to my forehead and it’ll search for what I’m thinking about. |
|
|
Submitted by: Dan Giancaterino, Education Services Manager
|
| Google Real-Time Search |
|
Yesterday Google announced real-time search. Your results page will now contain Tweets, plus posts from sites such as FriendFeed, Jaiku, Identi.ca and (real soon now) updates from public MySpace and Facebook pages. Here’s an example I stumbled onto today. Apparently Bryant Gumbel revealed on the Regis & Kelly show this morning that he recently had surgery for lung cancer. My search results for bryant gumbel cancer features a constantly-updating stream of Tweets near the top of the page. If I want to view only the real-time results, I can click on Show Options in the blue stripe at the top of the results page, then click on the Latest link. This will also include stories from other sources that have just been indexed. (In my case, I see Star Magazine and the BBC, among others.) Real-time search is being rolled-out gradually, so if you can’t see it now, you will soon. One more thing: Google Trends, which has now graduated from Google Labs, now shows you trending topics, similar, but not identical to, Twitter’s. (That’s how I found out about Mr. Gumbel’s condition.) Last week the WSJ Digit’s blog had an interesting story about the differences between trending topics on Bing Twitter and Twitter itself. |
|
|
Submitted by: Dan Giancaterino, Education Services Manager
|
| Google Chrome for Mac (and Some Smack-Talk) |
|
TechCrunch alerts me that a beta version of Google Chrome is available for the Mac. Note to wife: I downloaded the beta. It’s getting installed on the Mac. Oh, yes. You can’t stop me. Oh, no. You gotta sleep sometime. |
|
|
Submitted by: Dan Giancaterino, Education Services Manager
|
December 3, 2009
| And Speaking of Different Approaches |
|
Here’s another UI difference between Google and Bing. Bing’s introduced Streetside view — their answer to Google’s Street View — for more than 50 U.S. metro areas. But you have to install Silverlight to use it. I know I’m being cranky here, but I don’t want to load a whole bunch of crap on my laptop if I can avoid it. Google Maps didn’t make me do that. |
|
|
Submitted by: Dan Giancaterino, Education Services Manager
|
| Google’s Fading. Fading In, That Is. |
|
Google’s launched a new version of its home page, which displays only the logo, the search box, and the buttons. All the other fru-fru — and there wasn’t very much of it to begin with — fades in when you move the mouse. When you compare that with Bing’s home page, which today is featuring an image of the Georgia Aquarium and a Zebra Shark, you’re seeing 2 different user interface approaches. Though I like a lot of Bing’s UI touches — the “more info” link for each hit, the advanced search options that open at the top of the results page instead of in a new page, the “show similar images” feature and the video pre-play, to name a few — I really don’t want to be distracted by shiny objects when I’m about to do a search. |
|
|
Submitted by: Dan Giancaterino, Education Services Manager
|
RSS
