Sign up for our Technology Newsletter 
SalesForce Goes Hacking
Salesforce.com really wants to attract lots of developers to its Dreamforce conference next month in San Francisco. As in, really.
Last Friday, the cloud software vendor announced a “hackathon” would be held at the conference, with US$1 million going to the developer or team who creates the top prize-winning mobile application with Salesforce.com technology.
“It’s not going to be easy — $1 million is going to bring out the best of the best,” Salesforce.com said in Friday’s announcement. “So don’t wait until Dreamforce! You’re going to want to get started now. With Force.com, Heroku, ExactTarget Fuel, Mobile Services and more — you’ve got a killer array of platform technology to use.”
Salesforce.com will also be providing some “pretty amazing new technology” for use at the show, the announcement adds.
In order to participate, developers have to either register for a full conference pass or a special $99 hacker pass.
The hackathon reflects Salesforce.com’s long courtship of developers to its development technologies, its AppExchange marketplace and recent efforts to build out more tooling for mobile application development.
Developers taking part in the hackathon will have plenty of competition, with some 20,000 programmers expected to attend Dreamforce overall. A “Hack Central” area will be open around the clock, supporting coders who want to work until the wee hours on their application.
In order to qualify, an application can’t have been previously released. The entries will be judged on four criteria counting 25 percent each: innovation, business value, user experience and use of Salesforce.com’s platform.
The second-place finisher will receive $50,000, with $25,000 going to the third-place winner. Fourth and fifth place will get $10,000 and $5,000, respectively.
Some 120,000 people are expected to register for Dreamforce this year. While some of that total will be watching online rather than in person, Dreamforce is now operating at a scale rivaling Oracle’s OpenWorld event, which happened last month.
Amazon Debuts Cloud-based Transcoding Service
Comments Off on Amazon Debuts Cloud-based Transcoding Service
Amazon Web Services has rolled out the option to use its Elastic Transcoder for audio-only conversions.
Amazon Elastic Transcoder was developed to offer an easy and low-cost way to convert media files from their source format into versions that will play on devices like smartphones, tablets and PCs.
The new feature lets anyone use Amazon Elastic Transcoder to convert audio-only content like music or podcasts from one format to another. Users can also strip out the audio tracks from video files and create audio-only streams. An option that, for example, can be used to create podcasts from video originals that are compatible with iOS applications that require an audio-only HTTP Live Streaming (HLS) file set, Amazon said.
The output from Elastic Transcoder is two-channel AAC, MP3 or Vorbis. Metadata like track name, artist, genre and album art is included in the output file and users can also specify replacement or additional album art.
Users of the service pay for the length of their converted content. For audio-only transcoding, prices start at $0.0045 per minute. That compares to the video version, which costs from $0.015 per minute for standard definition content and $0.03 per minute for high-definition clips, according to Amazon’s website.
For users who want to try out the service, the AWS Free Tier offers up to 20 minutes of free audio output per month. The service was announced for video in January and is still tagged as a beta.
PayPal Extend Bug Bounty
PayPal is expanding its bug bounty program to individuals aged 14 and older, a move intended to reward younger researchers who are technically ineligible to hold full-fledged PayPal accounts.
PayPal’s program, which is a year old this month, only applied to those 18 years and older. Under the old rule, participants in the program were required to hold valid accounts, which excluded minors, said Gus Anagnos, PayPal’s director of information security.
In May, 17-year-old Robert Kugler, a student in Germany, said he’d been denied a reward for finding a vulnerability. PayPal said the bug had already been found by two other researchers, which would have made Kugler ineligible for bounty.
In an apparent miscommunication, Kugler said he was initially told he was too young rather than the bug had already been discovered. Nonetheless, PayPal said it would look to bring younger people into its program, which pays upwards of $10,000 for remote code execution bugs on its websites.
Those who are under 18 years old can receive a bug bounty payment through a PayPal student account, an arrangement where a minor can receive payments via their parent’s account, Anagnos said.
Anagnos said other terms and conditions have been modified to make its program more transparent, such as clarifying which PayPal subsidiaries and partner sites qualify for the program.
PayPal pays much less for vulnerabilities on partner websites, which have a URL form of “www.paypal-__.com.” A remote execution bug found on that kind of site garners only $1,500 rather than up to $10,000 on the company’s main sites.
Like other bug bounty programs run by companies such as Microsoft and Google, PayPal will publicly recognize researchers on its website with a “Wall of Fame” for the top 10 researchers in a quarter. Another “honorable mention” page lists anyone who submitted a valid bug for the quarter.
Eusebiu Blindu, a testing consultant from Romania, was one of the researchers listed on the Wall of Fame for the first quarter of this year.
“I think Paypal is the best bug bounty program, and I am glad I participated in it from the first days of its launching,” he wrote on his blog.
Mozilla Touts WebRTC
Mozilla has shown off WebRTC integration in its Firefox web browser, demonstrating real-time video conferencing and file transfer capabilities.
All major web browser developers have started to integrate the WebRTC protocol and now Mozilla has shown off how far its integration has come. The firm demonstrated working video conferencing, file transfer and sharing capabilities through the Firefox web browser.
Mozilla was keen to push its implementation of the Datachannels API that is part of WebRTC to allow instant messaging and file transfer. The firm’s impressive demonstration shows off seamless sharing between two clients that had initiated a video conversation, with tabs and files being sent and viewed with little user interaction.
Mozilla’s demonstration does highlight the need for tight sandboxing within the web browser, however as a peer-to-peer protocol that automatically encrypts communications between two hosts, WebRTC could challenge some existing closed communication protocols such as Skype.
Maire Reavy, product lead for Firefox Platform Media at Mozilla said, “WebRTC is a powerful new tool that enables web app developers to include real-time video calling and data sharing capabilities in their products. While many of us are excited about WebRTC because it will enable several cool gaming applications and improve the performance and availability of video conferencing apps, WebRTC is proving to be a great tool for social apps.”
Mozilla didn’t say when its WebRTC implementation will enter the stable release channel, however given the outfit’s rapid release schedule, it should be a matter of weeks rather than months.
WordPress Attacked By Hackers
March 14, 2012 by admin
Filed under Around The Net
Comments Off on WordPress Attacked By Hackers
Security outfit Websense said that more than 200,000 infected pages that redirect users to websites displaying fake antivirus scans have been created. The latest compromises are part of a rogue antivirus distribution campaign that has been going on for months, the Websense researchers said.
Cybercriminals gangs have switched to drive-by download attacks that exploit vulnerabilities in outdated browser plug-ins to automatically download and install their rogue software. The large number of infected Web pages seen in this campaign is an indication that these scams still work. Vulnerable websites are a rich source of opportunity for cybercriminals. More than 85 percent of the compromised sites were located in the US, but their visitors were geographically dispersed.
Is Apple Taking Work Conditions Seriously?
February 20, 2012 by admin
Filed under Consumer Electronics
Comments Off on Is Apple Taking Work Conditions Seriously?
Apple “takes working conditions very seriously”, the firm’s CEO Tim Cook said at a conference yesterday.
Cook was speaking at a Goldman Sachs technology conference, according to Mac Rumours. He said the company is committed to making sure working conditions are up to standard, and that Apple’s top priority will be to eliminate underage workers. He added, “If we find a supplier that intentionally hires underage labor, it’s a firing offence.”
Cook said, “Apple takes working conditions very seriously, and we have for a very long time. Whether workers are in Europe or Asia or the United States, we care about every worker.”
He added, “I’ve spent a lot of time in factories, personally. Not just as an executive. I worked at a paper mill in Alabama and an aluminium plant in Virginia. Many of our top executives visit factories on a regular basis. We have hundreds of employees based there full time.
“We are very connected to the process and we understand working conditions at a very granular level. I realize that the supply chain is complex and I’m sure that you realise this.
“The issues around it are complex. Our commitment is simple: every worker has the right to a fair and safe work environment, free of discrimination, where they can earn competitive wages and they can voice their concerns freely. Apple’s suppliers must live up to this to do business with Apple.
“No one in our industry is doing more to improve working conditions than Apple. We believe transparency is so very important in this area.”
Yesterday, Apple asked the Fair Labor Association (FLA) to conduct audits at Foxconn’s factories in China. In a statement, Apple said that factories in Shenzhen and Chengdu will be audited at its request. Audits have already begun.
Symantec’s Virus Code Hacked
Symantec is looking into an Indian hacking group’s claims that it accessed source code used in the company’s flagship Norton Antivirus program.
A spokesman for the company on Thursday said that one claim by the group was false, while another is still being investigated.
Meanwhile, the Indian group, which calls itself Lords of Dharmaraja, has threatened to publicly disclose the source code very soon.
On Wednesday, the group posted on Pastebin what it claimed was confidential documentation related to Norton AntiVirus source code. A review of the material showed what appears to be a description of an application programming interface (API) for Symantec’s AV product.
The group also posted what it claimed was the complete source code tree file for Norton Antivirus. That document appears to have been taken down.
‘Yama Tough,’ the hacker who posted the documents, released at least two more on Google+ allegedly related to Symantec source code. One of the documents appears to be a detailed technical overview of Norton Anti-Virus, Quarantine Server Packaging API Specification, v1.0. The other document, from 2000, describes a Symantec Immune System Gateway Array Setup technology.
.
Apple Loses Court Case
Apple has lost a patent lawsuit against a small Spanish company, allowing the firm to continue selling its tablet computer.
Apple filed the case a year ago when it obtained an injunction from a local court to ban imports of the NT-K tablet into Spain. However, according to court documents, the Spanish court has vacated the injunction, saying that there are no legal grounds to block sales of the device.
According to the Wall Street Journal, the NT-K tablet is made in China and sold in Europe by Nuevas Tecnologias y Energias Catala, based in the eastern Spanish region of Valencia.
The NT-K tablet runs a Spanish language version of Android written by Nuevas Tecnologias’ programmers.
More Citigroup Accounts Compromised Than Stated
June 21, 2011 by admin
Filed under Around The Net
Comments Off on More Citigroup Accounts Compromised Than Stated
Citigroup was apparently hit harder by a cyber-attack in May than what was originally reported; which is now 360,000 of its customers. Unfortunately, this number is double the number that Citigroup initially stated.
Citigroup is one of the biggest banks in the US and ranks number 3 overall. The breach occurred on May 10th and was confirmed by Citigroup on June 8thth. That said, around 360,080 North American Citigroup credit card accounts were impacted by the breach, Citigroup stated; which is around 1 per cent of their North American card customer’s base.
FTC Singles Out Google’s Chrome
Federal Trade Commission Chairman Jon Liebowitz this week singled out Google for not adopting “Do Not Track,” the privacy feature that allows consumers the ability to opt out of online tracking by Web sites and marketing entities.
In an interview Monday with Politico, Liebowitz called out Google for not supporting Do Not Track in its Chrome browser.
Noting that Do Not Track had gathered momentum, Liebowitz said, “Apple just announced they’re going to put it in their Safari browser. So that gives you Apple, Microsoft and Mozilla. Really the only holdout — the only company that hasn’t evolved as much as we would like on this — is Google.”
Do Not Track has been promoted by the FTC and by privacy advocates including the Electronic Frontier Foundation (EFF), as the best way to help consumers protect their privacy.
The technology requires sites and advertisers to recognize incoming requests from browsers as an opt-out demand by the user. The information is transmitted as part of the HTTP header.
As Liebowitz said, Microsoft and Mozilla have added Do Not Track header support to their Internet Explorer 9 (IE9) and Firefox 4 browsers. While Apple hasn’t confirmed that the next version of Safari will include Do Not Track, developers have reported finding the feature in early editions bundled with Mac OS X 10.7, aka “Lion,” the upgrade slated to ship this summer.