The latest VideoPress upgrade rocks.
The VideoPress upgrade, which allows you to upload and embed your own videos on your blog, now comfortably handles videos from iPhones and iPads. You can shoot vertically or horizontally, and we’ll take care of rotating it for you so that your video looks great when it’s published on your site.
Yet another reason why WordPress is the best CMS ever.
In the face of stellar iPhone and iPad sales, Android, the rival platform from Google, is struggling. The latest news is that a gaping security hole leaves nearly all Android users open to attack.
Researchers in Germany have found that most Android phones contain a dangerous security hole that, if exploited, would allow someone to access your accounts for certain Google services.
Elsewhere recently, Nvidia chief Jen-Hsun Huang has called out Google for its less-than-stellar tablet sales.
“It’s a point of sales problem. It’s an expertise at retail problem. It’s a marketing problem to consumers. It is a price point problem,” he said, for starters.
Though Huang didn’t mention the $499 starting price for the iPad, it was clear that this was a reference point. “The baseline configuration included 3G when it shouldn’t have,” he said. “Tablets should have a Wi-Fi configuration and be more affordable. And those are the ones that were selling more rapidly than the 3G and fully configured ones,” he said.
He didn’t stop there. “And it’s a software richness of content problem,” he added, echoing Jha’s comments.
The New York Times, the newspaper of all newspapers, chose St. Patrick’s Day to embark on its second attempt to charge for its online content. In Canada, the paywall went into effect March 17. For the rest of the world, the wall goes up March 28.
Times publisher Arthur Sulzberger said the new digital subscriptions were “an important step that we hope you will see as an investment in The Times, one that will strengthen our ability to provide high-quality journalism to readers around the world and on any platform.”
The Times has tried to charge for content before. That experiment, known as TimesSelect, proved a bruising lesson for The Grey Lady. Far from making money, the move largely withdrew the paper from online conversations, as bloggers and other opinion makers stopped linking to and writing about stories behind the paywall. The Times quit TimesSelect less than two years later.
If The Times is hoping that things turn out differently this time, it’s going to need an overflowing cupful of St Patrick’s blessings. Felix Salmon in Wired Magazine unpacked the whole subscription deal, and after doing some back-of-the-envelope math, pronounced the whole thing “weird.” Not to mention expensive.
The New York Times paywall cost $40 million to build.
Subscriptions are complex. Your first 20 stories per month are free. As are stories that are linked from off site, such as Facebook, blogs, etc. After that the subscription fee kicks in: $15 per month for unlimited Web access, more if you want to use the smartphone and/or iPhone apps.
“So by my back-of-the-envelope math, the paywall won’t even cover its own development costs for a good two years, and beyond that will never generate enough money to really make a difference to NYTCo revenues,” Salmon said.
But that, in a nutshell, is the fragile state of the journalism world. Even the very best of the very best must make more money from their online ventures. Even if a solid revenue model is not exactly obvious, nor particularly profitable, something must be done to battle the long-term trends, which are clear — revenue from print advertising is falling and unlikely to reverse course; something must cover the shortfalls. If not the Web, then what?
The newspaper world is watching with a sharp eye. Because like California, and the canary in the coal mine, the way of The New York Times foreshadows the direction of the industry as whole.
The NY Times has more on Stuxnet, humanity’s first instance of weaponized software. Initial theories — Stuxnet was written by the U.S. and/or Israel and designed to sabotage Iran’s nuclear centrifuge programs — look increasingly plausible.
The New York Times Magazine details the rise and fall of Albert Gonzales, aka soupnazi, a Cuban-American who Secret Service agents call the world’s greatest cybervillian.
Over the course of several years, during much of which he worked for the government, Gonzalez and his crew of hackers and other affiliates gained access to roughly 180 million payment-card accounts from the customer databases of some of the most well known corporations in America: OfficeMax, BJ’s Wholesale Club, Dave & Buster’s restaurants, the T. J. Maxx and Marshalls clothing chains. They hacked into Target, Barnes & Noble, JCPenney, Sports Authority, Boston Market and 7-Eleven’s bank-machine network. In the words of the chief prosecutor in Gonzalez’s case, “The sheer extent of the human victimization caused by Gonzalez and his organization is unparalleled.â€
For years an informant/adviser to the the U.S. government’s cybercrime unit, Gonzales is now two years in to a 20-year stretch at Club Fed. Reports of hacking dropped noticeably in 2009 when the government shut him down.
I hadn’t even heard about this. But in April, a group of Gmail users sued Google over privacy violations regarding Google Buzz, the search giant’s underwhelming attempt at social networking. Google settled yesterday for $8.5 million. Gmail users, however, will not see a cent.
The Plaintiffs allege that Google automatically enrolled Gmail users in Buzz, and that Buzz publicly exposed data, including users’ most frequent Gmail contacts, without enough user consent. Google denies the accuracy of Plaintiffs’ allegations and denies that it violated any law or caused any harm by the launch of Google Buzz.
Under the Settlement, Google will establish an $8.5 million Common Fund to fund organizations focused on Internet privacy policy or privacy education, as well as to cover lawyers’ fees and costs and other expenses. Google will also do more to educate users about the privacy aspects of Google Buzz.
By and large, it appears that most people just don’t care about online privacy, as the never-ending Facebook fiascos can attest. (Despite the habitual misuse of private data, people still flock to Facebook by the millions.) The tiny minority who protest this kind of abuse need support from us all. Because without them, the corporate titans of the world wouldn’t have even the slightest reason for pause.
Russian police have shuttered the operations of Spamit.com, and they are now on the hunt for “suspected spam kingpin” Igor A Gusev. People who pay attention to such things say that global spam volumes are down 1/5 — or about 50 billion spam messages per day — since police raided Gusev’s operations in September.
Full story from The Times.
Oh the mischief this new Firefox plugin is going to cause.
Firesheep adds a sidebar to Mozilla’s Firefox browser that shows when anyone on an open network — such as a coffee shop’s Wi-Fi network — visits an insecure site. “Double-click on someone [in the sidebar] and you’re instantly logged on as them,” said [plugin author Eric] Butler in his short description of his add-on.
Computer World says the Firesheep add-on has been downloaded more than 50,000 times since it was released Sunday. You can download Firesheep from Butler’s Web site. It’s extremely easy to install: just download the .xpi file; drag it to a Firefox window; and restart.
And it’s not just Facebook that Butler’s plugin makes double-click hackable, either. Others include:
The plugin is relatively easy to customize, too, meaning that someone with not much more than basic programming skills could easily add other domains to Firesheep’s default list. TechCrunch offers a pretty thorough explanation of how Firesheep works and the plugin’s impact, as well as a possible defense. The truth is, though, using the Internet on a public Wi-Fi network is inherently insecure. But that isn’t news, is it?
Facebook — for reasons of apathy, negligence or worse — still cannot secure the private details of its users.
Many of the most popular applications, or “apps,” on the social-networking site Facebook Inc. have been transmitting identifying information—in effect, providing access to people’s names and, in some cases, their friends’ names—to dozens of advertising and Internet tracking companies, a Wall Street Journal investigation has found.
The issue affects tens of millions of Facebook app users, including people who set their profiles to Facebook’s strictest privacy settings. The practice breaks Facebook’s rules, and renews questions about its ability to keep identifiable information about its users’ activities secure.
This unlikely will be the last time that the personal details of Facebook users get exploited for company benefit. Since its earliest beginnings, Facebook has gobsmacked many with its profoundly cynical privacy policies. At first, people were outraged. Then they were just angry. Now, the site is so large and so popular, and it has been pimping its users’ data for so long, that news of more blatant privacy violations elicits hardly more than a sigh.
I guess Zuckerberg was right after all.
Iran is fighting off a significant cyber attack, reports The New York Times. The worm, dubbed Stuxnet, represents a hellish breakthrough in the evolution of computer viruses.
Stuxnet, which was first publicly identified several months ago, is aimed solely at industrial equipment made by Siemens that controls oil pipelines, electric utilities, nuclear facilities and other large industrial sites. While it is not clear that Iran was the main target — the infection has also been reported in Indonesia, Pakistan, India and elsewhere — a disproportionate number of computers inside Iran appear to have been struck, according to reports by computer security monitors.
The Christian Science Monitor first reported on Stuxnet in June. The primary source of the CSM story was computer security expert Ralph Langner, who has been chronicling his research of the virus on his Web site. Langner called Stuxnet the “hack of the century,” and said “Stuxnet is going to be the best studied piece of malware in history.”
Wired magazine, unsurprisingly, has the definitive story.
“It’s the most complex piece of malware we’ve seen in the last five years or more,†says Nicolas Falliere, a code analyst at security firm Symantec. “It’s the first known time that malware is not targeting credit card [data], is not trying to steal personal user data, but is attacking real-world processing systems. That’s why it’s unique and is not over-hyped.â€
… Eric Byres, chief technology officer for Byres Security, says the malware isn’t content to just inject a few commands into the PLC [Programmable Logic Controller] but does “massive reworking†of it.
“They’re massively trying to do something different than the processor was designed to do,†says Byres, who has extensive experience maintaining and troubleshooting Siemens control systems. “Every function block takes a fair amount of work to write, and they’re trying to do something quite radically different. And they’re not doing it in a light way. Whoever wrote this was really trying to mess with that PLC. We’re talking man-months, if not years, of coding to make it work the way it did.â€
