Will GoDaddy Do An IPO?

Web hosting company The GoDaddy Group Inc is gearing up for a second attempt at an initial public offering, according to two people familiar with the matter, as the 2014 tech IPO pipeline continues to grow.

GoDaddy, the Internet domain registrar and web host known for its racy ads, would join a number of high-profile tech names expected to go public this year in the wake of Twitter Inc’s successful debut. They include “Candy Crush” developer King Digital and cloud services providers Box and Dropbox.

The company is in the process of selecting underwriters for its IPO, one of the two sources said on condition of anonymity.

GoDaddy was not immediately available for comment.

GoDaddy had filed to go public in 2006 but was told at the time that it would be required to take a 50 percent haircut — a percentage that is subtracted from the par value of assets that are being used as collateral — on its initial public offering.

The company instead decided to pull its filing, citing unfavorable market conditions.

The company, founded in 1997, was eventually acquired by a private equity consortium led by KKR & Co and Silver Lake in 2011 for $2.25 billion. Silver Lake declined to comment while KKR did not immediately respond to a request for comment.

Other private equity buyers included Technology Crossover Ventures.

GoDaddy, which provides website domain names, is famous for airing bawdy commercials with scantily clad women for the past decade during the Super Bowl.

The Wall Street Journal first reported on the plans.

Source

Will Chrome’s API Work?

Google has targeted web browser settings hijacking in its latest update to Chrome for Windows.

On the Chromium blog, Google engineering director Erik Kay announced an extension settings API designed to ensure that users have notice and control over any settings changes made to their web browsers.

As a result, the only way extensions will be able to make changes to browser settings such as the default search engine and start page will be through this API.

Bargain hungry consumers are often unaware that freeware programs often bundle add-on programs for which developers receive payment but can create irritating, rather than malicious, changes to user settings.

Although there is usually consent sought at installation, quite often it is ignored or not understood, and the people who miss the warnings are generally the same ones who find it hard to change the settings back.

Kay said that the API is available in the Chromium developer channel, with a rollout to the stable channel set for May.

The Chromium stable channel has been updated to version 33.0.1750.149. The main change is an update to the embedded Flash Player for Windows, which is now version 12.0.0.77.

There are seven new security fixes, most of which were user submitted via the open source Fast Memory Detector Address Sanitizer.

Although the user community and Chrome team continue to proactively protect the Chromium project, third party extensions can still cause problems, with several already having been removed from the Chrome Store this year.

Source

Twitter Tightens Security

Twitter Inc said it has put in place a security technology that makes it harder to spy on its users and called on other Internet firms to do the same, as Web providers look to thwart spying by government intelligence agencies.

The online messaging service, which began scrambling communications in 2011 using traditional HTTPS encryption, said on Friday it has added an advanced layer of protection for HTTPS known as “forward secrecy.”

“A year and a half ago, Twitter was first served completely over HTTPS,” the company said in a blog posting. “Since then, it has become clearer and clearer how important that step was to protecting our users’ privacy.”

Twitter’s move is the latest response from U.S. Internet firms following disclosures by former spy agency contractor Edward Snowden about widespread, classified U.S. government surveillance programs.

Facebook Inc, Google Inc, Microsoft Corp and Yahoo Inc have publicly complained that the government does not let them disclose data collection efforts. Some have adopted new privacy technologies to better secure user data.

Forward secrecy prevents attackers from exploiting one potential weakness in HTTPS, which is that large quantities of data can be unscrambled if spies are able to steal a single private “key” that is then used to encrypt all the data, said Dan Kaminsky, a well-known Internet security expert.

The more advanced technique repeatedly creates individual keys as new communications sessions are opened, making it impossible to use a master key to decrypt them, Kaminsky said.

“It is a good thing to do,” he said. “I’m glad this is the direction the industry is taking.”

Source

Will Twitter IPO Shares Reach $20?

Twitter has decided to price its IPO shares between $17 and $20 when it lists on the New York Stock Exchange, the company said in its filing.

Based on an assumed initial public offering price of $18.50 — the midpoint of the range — Twitter estimates the net proceeds from the sale of shares of common stock will be roughly $1.25 billion, the company said in documentsfiled with the U.S. Securities and Exchange Commission.

Some 80.5 million shares of common stock will be registered, according to the filing.

Releasing its IPO price range positions Twitter to begin its “road show,” seeking to raise funds from investors across the country. In documents filed last week, the company said it would list its shares under the ticker symbol TWTR on the New York Stock Exchange, representing a big win for the market over rival Nasdaq.

Twitter has yet to determine a date for the listing, though one report suggested Nov. 15 could be the day.

Twitter’s IPO is likely to be one of the hottest of the year and the most prominent in social media since Facebook went public last year. Twitter’s share price range will be markedly lower than Facebook’s, which priced its IPO at $38 per share.

Twitter filed for its highly anticipated public offering earlier last  month.

Source

Facebook Buys Onavo

Facebook’s CEO Mark Zuckerberg has been shopping again. This time he picked up Onavo, the Tel Aviv based startup whose apps include services designed to monitor and compress mobile data.

The move will benefit Zuckerberg’s interests at two levels. With Facebook keenly emphasising its mobile credentials, the Onavo service could persuade doubters that it’s time to give the service a go.

Meanwhile his Internet.org initiative plans to bring internet connectivity to the parts that other means just can’t reach. Compression technology might make Facebook a viable option in parts of the developing world where data is an expensive luxury, while for the rest of us the prospect of lower roaming charges might be enticing.

As well as being a new subsidiary of Facebook, Onavo will become a satellite office for Facebook in Tel Aviv, the first time it has had a direct presence in Israel. So far there’s no information on how much money has changed hands, but figures of between $100m and $200m have been mentioned.

In a blog post, Onavo said, “We’re excited to join their team, and hope to play a critical role in reaching one of Internet.org’s most significant goals – using data more efficiently, so that more people around the world can connect and share.

“When the transaction closes, we plan to continue running the Onavo mobile utility apps as a standalone brand. As always, we remain committed to the privacy of people who use our application and that commitment will not change.”

However, we might speculate that the technology involved could also be integrated into mobile Facebook apps to make them more data efficient, luring more people to share their lives as they live them.

Source

Some Hackers Going To Jail

Thirteen people have been indicted, accused of being members of the Anonymous hacktivist group and allegedly involved in Operation Payback.

Operation Payback was the retaliation against payment firms that Anonymous put in motion following their blocking of Wikileaks donations.

The 13 are accused of taking part in a series of distributed denial of service (DDoS) attacks, and the US Department of Justice filed a federal grand jury indictment in US District Court in Alexandria, Virginia. The indictment charges them with conspiracy to intentionally cause damage to protected computers.

Anonymous is a loosely linked digital rights collective. In its early days it pulled together volunteers from all walks of life.

Operation Payback struck a number of organisations including Mastercard, Visa, Paypal and the Motion Picture Association of America. The attacks lasted between September 2010 and January 2011. As well as retaliating against payment providers, part of Operation Payback was aimed at parties thought to be involved in a campaign against The Pirate Bay.

Agence France Presse (AFP) has seen the indictment and named those indicted in it. They are Dennis Owen Collins, Jeremy Leroy Heller, Chen Zhiwei, Joshua Phy, Ryan Russel Gubele, Robert Audubon Whitfield, Anthony Tadros, Geoffrey Kenneth Commander, Austen Stamm, Timothy Robert McLain, Wade Carl Williams and Thomas Bell.

According to AFP the 13 alleged Anonymous members “planned and executed a coordinated series of cyber-attacks against victim websites by flooding those websites with a huge volume of irrelevant internet traffic with the intent to make the resources on the websites unavailable to customers and users of those websites.”

In short, they are accused of having conducted a digital sit-in protest.

Source

King.com Has IPO In The Works

King.com Ltd, the British mobile gaming firm best known for its popular puzzle game ‘Candy Crush Saga’, has filed confidentially for an initial public offering (IPO) in the United States, a person familiar with the matter said on Sunday.

Online technology companies are rushing to the stock market on the backs of Twitter Inc’s announcement earlier this month that it plans to go public in the most eagerly anticipated IPO since last year’s flotation ofFacebook Inc.

Emerging growth companies such as King can use a secretive IPO registration process in the U.S. thanks to the Jumpstart Our BusinessStartups (JOBS) Act, which loosened a number of federal securities regulations in hopes of boosting capital raising and thereby increasing job growth.

King has hired Bank of America Merrill Lynch Corp, Credit Suisse Group AG and JPMorgan Chase & Co to lead the offering, said the person, confirming an earlier report by the Daily Telegraph and asking not to be identified because the information is confidential.

Representatives for King and the banks either declined to comment or did not respond to requests for comment.

King offers 150 games in 14 languages through mobile phones, Facebook and its website. It boasts more than 1 billion gameplays per day from its users.

The company’s games appeal to a growing trend for players to play puzzles with their friends in short bursts, especially as games are increasingly played on the move on phones or tablets to kill spare minutes.

Rival Zynga Inc went public two years ago in a high-profile IPO that raised $1 billion. Since then, Zynga has suffered from sagging morale during several quarters of worsening performance and repeated waves of layoffs.

Founded in 2003, King has been profitable since 2005 and has not had a funding round since September of that year, when it raised 34 million euros ($46.04 million) from investment firms Apax Partners and Index Ventures.

Source

Cyber Attacks Increasing In Middle East

Syria’s civil war and political strife in Egypt have given birth to new battlegrounds on the Web and driven a surge in cyber attacks in the Middle East, according to a leading Internet security company.

More than half of incidents in the Gulf this year were so-called “hacktivist” attacks – which account for only a quarter of cybercrime globally – as politically motivated programmers sabotaged opposing groups or institutions, executives from Intel Corp’s software security division McAfee said on Tuesday.

“It’s mostly bringing down websites and defacing them with political messages – there has been a huge increase in cyber attacks in the Middle East,” Christiaan Beek, McAfee director for incident response forensics in Europe, Middle East and Africa (EMEA), told Reuters.

He attributed the attacks to the conflict in Syria, political turmoil in Egypt and the activities of hacking collective Anonymous.

“It’s difficult for people to protest in the street in the Middle East and so defacing websites and denial of service (DOS) attacks are a way to protest instead,” said Beek.

DOS attacks flood an organization’s website causing it to crash, but usually do little lasting damage.

The Syrian Electronic Army (SEA), a hacking group loyal to the government of President Bashar al-Assad, defaced an Internet recruiting site for the U.S. Marine Corps on Monday and recently targeted the New York Times website and Twitter, as well other websites within the Middle East.

Beek described SEA as similar to Anonymous.

“There’s a group leading operations, with a support group of other people that can help,” said Beek.

McAfee opened a centre in Dubai on Monday to deal with the rising threat of Internet sabotage in the region, the most serious of which are attacks to extract proprietary information from companies or governments or those that cause lasting damage to critical infrastructure.

Cyber attacks are mostly focused on Saudi Arabia, the world’s largest oil exporter, Qatar, the top liquefied natural gas supplier, and Dubai, which is the region’s financial, commercial and aviation hub, said Gert-Jan Schenk, McAfee president for EMEA.

“It’s where the wealth and critical infrastructure is concentrated,” he said.

The “Shamoon” virus last year targeted Saudi Aramco, the world’s largest oil company, damaging about 30,000 computers in what may have been the most destructive attack against the private sector.

“Ten years ago, it was all about trying to infect as many people as possible,” added Schenk. “Today we see more and more attacks being focused on very small groups of people. Sometimes malware is developed for a specific department in a specific company.”

Source

Is The Tesla Hackable?

It’s the curse of the connected car once it’s linked to the Internet, it’s, well, on the Internet. In the case of the Tesla Model S, this means that mischievous hackers could, in theory, control some functions of the vehicle and even snoop without the owner’s knowledge.

Tesla offers Android and iPhone apps for Model S owners, which can be used to check the vehicle’s battery, track its location and status, and tweak several other settings, like climate control and the sunroof. It can also be used to unlock the doors on the Model S.

Dell senior engineer George Reese says the REST API used by Tesla to provide access for Android and iPhone apps has several fairly serious security flaws, which could offer a way in for unscrupulous hackers.

According to an article written by Reese for O’Reilly, Tesla appears to have broken from accepted best practice when designing the API for the Model S.

“It’s flawed in a way that makes no sense. Tesla ignored most conventions around API authentication and wrote their own. As much as I talk about the downsides to OAuth (a standard for authenticating consumers of REST APIs–Twitter uses it), this scenario is one that screams for its use,” he wrote.

However, Reese notes, this is merely a potential attack vector, not one that could be immediately exploited. That said, a compromised website particularly one designed to provide “value-added services” via the API to Tesla drivers could prove highly damaging.

“I can … honk their horns, flash their lights, and open and close the sunroof. While none of this is catastrophic, it can certainly be surprising and distracting while someone is driving,” Reese wrote.

Automotive hacking has been posited by experts for some time, and several presentations at this year’s Defcon detailed fairly comprehensive methods of compromising some models.

Source

Hackers Dupe Apple

Apple’s security was once again made a laughing stock as a team of researchers demonstrated how it is possible to sneak apps past Apple’s test regime. A group of researchers presenting at Usenix were able to spreading malicious chunks of code through an apparently-innocuous app for activation later.

According to their paper the Georgia Tech team wanted to create code that could be rearranged after it had passed AppStore’s tests. The code would look innocuous running in the test environment, be approved and signed, and would later be turned into a malicious app.

They created an app that operated as a Georgia Tech “news” feed but had malicious code was distributed throughout the app as “code gadgets” that were idle until the app received the instruction to rearrange them. After the app passes the App Review and lands on the end user device, the attacker can remotely exploit the planted vulnerabilities and assemble the malicious logic at runtime by chaining the code gadgets together.

The instructions for reassembly of the app arrive through a phone-home after the app is installed.

The app will run inside the iOS sandbox, but can successfully perform many malicious tasks, such as stealthily posting tweets, taking photos, stealing device identity information, sending email and SMS, attacking other apps, and even exploiting kernel vulnerabilities.

Source

« Previous Page — Next Page »