China shuts 50 websites and social media accounts

A picture illustration shows a WeChat app icon in Beijing, December 5, 2013. Credit: Reuters/Petar Kujundzic

A picture illustration shows a WeChat app icon in Beijing, December 5, 2013.
Credit: Reuters/Petar Kujundzic

China has closed 50 websites and social media accounts for violations ranging from pornography to “publishing political news without a permit”, Beijing’s cyberspace watchdog said on Tuesday.

The government is pursuing a crackdown on unwanted material online. Critics say the increasing restrictions further limit free speech in the one-party Communist state.

Authorities shut 17 public pages on the mobile social messaging app Weixin, also known as WeChat in English, as well as 24 websites and 9 channels or columns on websites, the Cyberspace Administration of China (CAC) said in a statement on its website (www.cac.gov.cn).

The Weixin accounts were shut down during the past two months, the state-run news agency Xinhua said.

Some of the other offences listed by CAC include publishing fake information under the guise of the government or media, and publishing information related to gambling or fraud.

Jiang Jun, a spokesman for the cyberspace watchdog, said the CAC would regularly publish a “black list” of violators, according to the statement.

Last fall, Xinhua said the cyberspace watchdog had closed nearly 1.8 million accounts on social networking and instant messaging services since launching an anti-pornography campaign earlier in the year.

In 2014, authorities received almost 11 million reports of what was described as harmful information online, Xinhua reported separately on Tuesday.

In November, Chinese officials called for controls on the Internet to preserve stability.

With a population of 1.4 billion and 632 million people online, China is a market no one wants to miss out on. But it also has the world’s most sophisticated online censorship system, known outside the country as the Great Firewall.

It blocks many social media services, such as Twitter, Facebook, YouTube, Instagram, Snapchat and Google, along with many rights groups sites and some foreign media agencies.

Source: Reuters

 

Google aiming to go straight into car with next Android

ANDROID IN YOUR AUTOMOBILE: Google will provide details for its long-term plan to put Android Auto directly into cars. — Reuters

ANDROID IN YOUR AUTOMOBILE: Google will provide details for its long-term plan to put Android Auto directly into cars. — Reuters

Google Inc is laying the groundwork for a version of Android that would be built directly into cars, sources said, allowing drivers to enjoy all the benefits of the Internet without even plugging in their smartphones.

The move is a major step up from Google’s current Android Auto software, which comes with the latest version of its smartphone operating system and requires a phone to be plugged into a compatible car with a built-in screen to access streaming music, maps and other apps. The first such vehicles will debut in 2015.

Google, however, has never provided details or a timeframe for its long-term plan to put Android Auto directly into cars. The company now plans to do so when it rolls out the next version of its operating system, dubbed Android M, expected in a year or so, two people with knowledge of the matter said.

The sources declined to be identified because they were not authorised to discuss the plans publicly.

“It provides a much stronger foothold for Google to really be part of the vehicle rather than being an add-on,” said Thilo Koslowski, vice president and Automotive Practice Leader of industry research firm Gartner, who noted that he was unaware of Google’s latest plans in this area.

If successful, Android would become the standard system powering a car’s entertainment and navigation features, solidifying Google’s position in a new market where it is competing with arch-rival Apple Inc. Google could also potentially access the valuable trove of data collected by a vehicle.

Direct integration into cars ensures that drivers will use Google’s services every time they turn on the ignition, without having to plug in the phone. It could allow Google to make more use of a car’s camera, sensors, fuel gauge, and Internet connections that come with some newer car models.

Analysts said Google’s plan could face various technical and business challenges, including convincing automakers to integrate its services so tightly into their vehicles.

Google declined to comment.

Technology companies are racing to design appliances, wristwatches and other gadgets that connect to the Internet. Automobiles are a particularly attractive prospect because Americans spend nearly 50 minutes per day on average on their commute, according to US Census data.

Apple unveiled its CarPlay software in March and Google has signed on dozens of companies, including Hyundai, General Motors Co and Nissan Motor Co , for its Open Automotive Alliance and its Android Auto product.

Android Auto and CarPlay both “project” their smartphone apps onto the car’s screen. Many of the first compatible cars are expected to be on display at the upcoming Consumer Electronics Show in Las Vegas next month.

By building Android into a car, Google’s services would not be at risk of switching off when a smartphone battery runs out of power, for example.

“With embedded it’s always on, always there,” said one of the sources, referring to the built-in version of Android Auto. “You don’t have to depend on your phone being there and on.”

By tapping into the car’s components, Google could also gain valuable information to feed its data-hungry advertising business model. “You can get access to GPS location, where you stop, where you travel everyday, your speed, your fuel level, where you stop for gas,” one of the sources said.

But the source noted that Android would need major improvements in performance and stability for carmakers to adopt it. In particular, Android Auto would need to power-up instantly when the driver turns the car on, instead of having to wait more than 30 seconds, as happens with many smartphones.

Automakers might also be wary of giving Google access to in-car components that could raise safety and liability concerns, and be reluctant to give Google such a prime spot in their vehicles.

“Automakers want to keep their brand appeal and keep their differentiation,” said Mark Boyadjis, an analyst with industry research firm IHS Automotive. “Automakers don’t want to have a state of the industry where you get in any vehicle and it’s just the same experience wherever you go.” — Reuters

Google revealed Android 5.0 ‘Lollipop’

lollipoplead

Google has just revealed that the next major version of Android, 5.0, will be known as Lollipop. After months of teasing the OS, the search giant is finally taking what was previously known as Android “L” into the mainstream, with the first set of the devices expected to arrive early next month. Speaking of which, Android Lollipop will make its debut on the new Nexus 6, a big-screen smartphone from Motorola; the Nexus 9, an 8.9-inch tablet made by HTC; and the Nexus Player, a $99 media-streaming box with Android TV, the first one with Google’s novel home entertainment platform. What’s more, the company confirmed that Lollipop is coming to the Nexus 5, Nexus 7 and Nexus 10, as well as Google Play edition devices, in the coming weeks.

To make things better, Android 5.0 is also headed to a number of Motorola smartphones, such as both generations of the Moto X and Moto G (including the LTE model), Moto E, Droid Maxx, Droid Mini and Droid Ultra. Motorola didn’t say when exactly the upgrade would be available for those devices, but at least it has confirmed its plans to do so. Now that Google’s let the Lollipop out of the bag, we’re sure more manufacturers are due to start coming forward with their own announcement.

The Android 5.0 SDK is going to be available on Friday, October 17th, which means everything is slowly, and sweetly falling into place ahead of next month. In the meantime, stay tuned, because we’ll be updating this post if any additional details come in.

Source: Engadget

Banker Malware Targeting Malaysian Internet Banking User

MyCERT Alert

1.0 Introduction

MyCERT had received several reports regarding a malware that targets Malaysian Internet banking customers. Based on our initial analysis, we found this campaign uses the Zeus banking malware family as its Modus Operandi in this campaign.

Attacker will infect victim’s computers with Zeus banker malware which will inject modified fake contents or page while a user is browsing a legitimate online banking website.

2.0 Affected Systems

Based on our initial analysis of a sample incident, we found the below is the affected system:

2.1 Smartphone running on Android
2.2 Vulnerable and unpatched Windows Operating System

3.0 Impact

3.1 The malware will inject a modified fake contents that looks like a real online banking website when user is browsing a legitimate online banking website, in which the content will request victim’s smartphone operating system and mobile number.

3.2 The malware will SMS to the smartphone a malicious APK and infect the smart phone in order to establish callback with the attackers for further instructions.

4.0 Technical Details

Attacker will infect victim’s computers with Zeus banker malware which will inject modified contents when users is browsing a legitimate online banking website, as shown in the below sample image of the injected page.

mycert-636.jpg

The modified content will prompt user to choose their smartphone Operating System and provide their phone number as well. With the phone number information, attacker will send SMS containing link to a malicious APK known as Zitmo malware to the victim’s smartphone, purportedly to be a an online banking verification certificate.

Once the APK is installed in the smartphone, a popup message will appear and the Zitmo malware will attempt to make callback to attacker through SMS and wait for further instruction.

Few days later, attacker will login to victim’s online banking account using the stolen credentials and perform online transaction successfully by using intercepted TAC number.

The mobile malware has been discovered since late September 2010 but first time being used in malware campaign targeting Malaysian Online Banking users.

5.0 Recommendation

5.1 For laptop/PC User:

1) Install robust anti-virus, anti-spyware and firewall software on your computer and other devices and configure it to update regularly.

2) Perform regular scans of your systems for malware and other risks.

3) Operating system providers such as Microsoft, periodically releases updates and patches that improve the security of your operating system. You should periodically check for these updates and keep your system current or configure it to do so automatically.

4) When accessing to online banking, make sure there is no pop-up/window that requires personal info such as credit card number, smartphone platform(Android/iOS) etc. Do not enter those information if required.

5) Use only a dedicated computer or laptop to do online banking

6) If you suspect your bank account has been compromised or spot any activity you have not authorized, please notify your banking provider immediately.

7) Please ensure you logout properly at the end of each session by clicking log-out button. Do not exit by simply closing the browser window.

8) If you come across anything suspicious when you do banking online such as unusual web pages asking for banking information, notify your bank provider immediately.

9) Never respond to any email/advertisements requesting you to provide your login details or log in via a link sent in an email/applications. The bank will never send you a mail or provide links in any applications like that, and such a request is likely to be a phishing attempt.

5.2) For Smartphone Users:

1) Verify an app’s permission and the app’s author or publisher before installing it.

2) Do not click on adware or suspicious URL sent through SMS/messaging services. Malicious program could be attached to collect user’s information.

3) Since URL on mobile site appears differently from desktop browser, make sure to verify it first.

4) Always run a reputable anti-virus on your smartphone/mobile devices, and keep it up to date regularly.

5) Don’t use public Wi-Fi networks for bank transactions and turn off Bluetooth connection when not in use. These can be open windows for eavesdroppers intercepting the transaction or installing spyware and other malware on user’s smartphone/tablet.

6) Update the operating system and applications on smartphone/tablet, including the browser, in order to avoid any malicious exploits of security holes in out-dates versions.

7) Do not root or otherwise ‘Jailbreak’ your phone; avoid side loading
(installing from non-official sources) when you can. If you do install Android software from a source other than the Market, be sure that it is coming from a reputable source.

6.0 References

6.1. Kapersky report on Zitmo malware

6.2. ATSEngine

Source: CyberSecurity Malaysia

Apple unveils watch and larger iPhones

Apple CEO Tim Cook speaks during an Apple event announcing the iPhone 6 and the Apple Watch at the Flint Center in Cupertino, California, September 9, 2014.

Apple CEO Tim Cook speaks during an Apple event announcing the iPhone 6 and the Apple Watch at the Flint Center in Cupertino, California, September 9, 2014.

Apple Inc unveiled a watch, two larger iPhones and a mobile payments service on Tuesday as Chief Executive Officer Tim Cook seeks to revive the technology company’s reputation as a wellspring of innovation.

The first new product to be developed and introduced under Cook’s reign is a timepiece tethered to the iPhone that will combine health and fitness tracking with communications. It will price at $349 and go on sale in early 2015.

First impressions were mixed. Some expected Apple to blow away the current competition but others warned the fact that it requires a paired iPhone may limit its sales.

Starting at $349 – $50 more than the cheapest version of the iPhone 6 with a contract, the lofty price tag may also keep some consumers on the sidelines. It could go up to more than $1,000 for higher-end editions, IDC analyst Danielle Levitas said.

The Apple Watch can receive phone calls and messages, play music, serve as a digital wallet to pay for goods and monitor heart rates via special sensors. The watches will come in three collections, including a sport edition and an upscale line coated in 18-karat gold.

“People are kind of scratching their heads on this watch, especially the fact that to successfully use the watch and to take advantage of its capabilities, you also have to have an iPhone,” said Daniel Morgan, vice president at Synovus Trust Company in Atlanta. “I don’t know if they’re in the right direction with this iWatch.”

Still, rival watch and wearable device makers will keep a wary eye on Apple, which upended the music industry and drove once-dominant phone makers like Blackberry to the brink of extinction.

Sony Corp, Samsung, LG Electronics Inc and Qualcomm Inc have already launched smartwatches, albeit without much success.

“Not the knockout some were anticipating. A bit gimmicky also on the health end of the wearable bands market,” said Jon Cox, an analyst of Swiss watch companies at brokerage Kepler Cheuvreux in Zurich.

“Not as cool as I feared. Nick Hayek is probably sleeping a little easier tonight,” Cox said, referring to the chief executive of Swatch Group.

Shares of the company closed just a tad higher after having risen almost 5 percent before executives trotted out the watch. The stock tends to rise in the run-up to a major product launch, and come under selling pressure afterward as investors cash out.

BUY WITH BIGGER PHONES

The watch is unlikely to increase Apple’s top-line. Estimates vary but IDC expects total global demand of 42 million smartwatches in 2015. Apple sells that many or more iPhones in a good quarter.

But the pressure was on for the world’s largest tech company to wow on Tuesday, after a years-long drought of products beyond new iPhones and iPads. The prospect of a new gadget attracted a broader swathe of attendees than usual, with celebrities, fashion industry editors and even healthcare executives rounding out the mostly tech-industry crowd.

In a rare move, Apple had planned on livecasting its entire event online, with a simultaneous translation in Chinese. But the livestream went down about a half-hour in, prompting many users to take to Twitter to express their frustrations.

Also on Tuesday, the company took the wraps off a larger, 4.7-inch iPhone 6 and 5.5-inch iPhone 6 Plus. They will support more than 200 telecoms carriers worldwide, including all three in China – a key growth market for the company.

And it introduced a new mobile payments service dubbed “Apple Pay.” Each phone will come equipped with its new payments service, which launches in the United States next month and allows users to pay for items in stores with their phones instead of physically presenting their credit or debit cards.

Launch partners include Walt Disney Co, McDonald’s and Whole Foods. The move gives Apple access to a trove of data on how consumers shop in brick and mortar stores, where more than 90 percent of U.S. retail sales are still conducted.

Each new iPhone will come with a “secure element” chip and a near-field communications, or NFC, antenna.

Ben Milne, CEO of Internet payment network Dwolla, wanted to hear a lot more about how Apple will tackle the aging payments infrastructure. Apple Pay should get some level of mass adoption based on the number of iPhones out there, but Apple will have to tackle the current high costs of payment processing to make its new feature more widespread, he said.

“The old architecture that payments is driven on is not up to snuff for the future they want to build,” Milne said.

Source: Reuters

 

Apple is replacing your iPhone 5 battery

iphone5blackwhiteApple has determined that a very small percentage of iPhone 5 devices may suddenly experience shorter battery life or need to be charged more frequently. The affected iPhone 5 devices were sold between September 2012 and January 2013 and fall within a limited serial number range.

If your iPhone 5 is experiencing these symptoms and meets the eligibility requirements noted below, Apple will replace your iPhone 5 battery, free of charge.

Replacement process
As of August 22, 2014, the replacement process will be available in the U.S. and China. In other countries, it will be available as of August 29, 2014.

Visit a participating Apple Authorized Service Provider to have your battery replaced. Your iPhone will be examined prior to any service to verify that it is eligible for this program and in working order.

To prepare your iPhone 5 for the battery replacement process, please follow the steps below:

  • Back up your data to iTunes or iCloud
  • Turn off Find my iPhone
  • Erase data and settings in Settings > General > Reset > Erase all Content and Settings

Note: If your iPhone 5 has any damage such as a cracked screen which impairs the replacement of the battery, that issue will need to be resolved prior to the battery replacement. In some cases, there may be a cost associated with the repair.

Additional Information
Apple may restrict or limit repair to the original country of purchase.

If you believe your iPhone 5 was affected by this issue, and you paid to replace your battery, you can contact Apple about a refund.

This worldwide Apple program doesn’t extend the standard warranty coverage of the iPhone 5. The program covers affected iPhone 5 batteries for two years after the first retail sale of the unit or until March 1, 2015, whichever provides longer coverage.

For more information and to check if you are eligible or not, click here.