Researcher warns of iPhone phishing dangers

ReadWriteWeb reports that malicious web developers can take advantage of the iPhone’s ability to push the Safari’s address bar out of view, according to independent security researcher Nitesh Dhanjani via a post on his personal blog. After a web page loads, the real address bar can disappear while a web site graphic depicting the address bar can be used to trick users into thinking they’re on the correct site. This weakness stems from a design consideration from Apple. It only occurs on websites that identify themselves as mobile sites, as it allows web developers to take advantage of more of the “precious screen real estate” on the iPhone’s small screen, says Dhanjani. However, for phishers, this could be a new way to direct users to dangerous websites. Dhanjani created a proof-of-concept demo of how this phishing attack could work, which iPhone users can try (safely) from the following URL: http://www.dhanjani.com/iphone-safari-ui-spoofing/ . If you don’t have an iPhone to test it, you can watch this YouTube video instead. In the demo, mobile Safari visits a web page that looks nearly identical to Bank of America’s mobile web site. The web site name and lock icon even appear in green, an indication that the website is protected via SSL. However, as you can see, the graphic is not the real address bar. If you scroll up, the actual address bar appears at the top of the page…

Click here for the full story

…Read More

At least 20% of Facebook users exposed to malware in their news feeds

It’s been less than a month since BitDefender launched its Facebook app Safego, offering a scan to Facebook users of the links posted to their profile. As the emphasis of much malware shifts from email to social networks, the app offered a preventative method, of sorts, to help cut down on malware’s spread. Just how much malware is out there? Based on the scans that BitDefender has run so far, about one-fifth of Facebook users have some sort of infection in their news feeds, says ReadWriteWeb. According to the app’s Facebook page, “Since its launch (almost a month ago), BitDefender safego scanned 17 million Facebook posts and it has detected infections on the news feeds of around 20% of its users. We detected several types of scam waves.”

CNET reports that “Over 60 percent of attacks come from notifications from malicious third-party applications on Facebook’s developer platform, the study found. Within that, the most popular subset of “attack apps” (21.5% of total kinds of malware) were those that claim to perform a function that Facebook normally prohibits, like seeing who has viewed your profile and who has “unfriended” you. 15.4% lure in users with bonus items for Facebook games like free items in FarmVille; 11.2% offer bonus (yet bogus) Facebook features like free backgrounds and “dislike buttons,” 7.1% promise new versions of well-known gaming titles like World of Warcraft; 5.4% claim to give away free cell phones; and 1.3% claim to offer a way to watch movies for free online.”

Click here for the full story…Read More

New social eReading platform allows real-time discussions, right on the eBook’s pages

Describing itself as “part online bookstore, part social network,” and “the world’s first truly social eReading platform,” Copia has launched a platform designed to bring together book-buying, reading and discussion, reports ReadWriteWeb. While there are several sites, such as Goodreads that let you share your reading lists, habits, and reviews with others, Copia wants to bring that sharing and collaboration within the eBook itself so that book discussions can be held in real-time, right from the pages of the text. Like other book-sharing sites, Copia encourages you to create a library of every book you’ve ever read and allows you to rate and review books. Content on the site – the books and user-generated notes – can be browsed by community rating, tags from users or publishers, notations, popularity and price. The social element the site wants to promote includes links to Facebook and Twitter, as well as the ability to form study groups and book clubs. But it’s the note-sharing from within the pages of a book that may be Copia’s most interesting feature and the one that serves most clearly to break from the idea that reading is a solitary and isolated event…

Click here for the full story

…Read More

Internet censorship one step closer to law

The Senate Judiciary Committee voted unanimously to pass the Combating Online Infringement and Counterfeits Act (COICA), moving the legislation one step closer to reality, reports ReadWriteWeb. The law would give the U.S. Attorney General’s office the right to shut down websites that it deems are participating in piracy and “infringing activities” without due process or proof that a copyright “crime” has been committed. The law would allow the government to blacklist a website that had “no demonstrable, commercially significant purpose or use other than” sharing unauthorized copyrighted material. Sites would be blacklisted from the Domain Name System, credit card companies would be forbidden to process payments, and advertisers would be banned from placing ads on the site. Techdirt has the list of the Senators involved in today’s vote, and notes that, “What’s really amazing is that many of the same Senators have been speaking out against internet censorship in other countries, yet they happily vote to approve it here because it’s seen as a way to make many of their largest campaign contributors happy.”

The proposed legislation is supported by groups like the RIAA, MPAA, and Screen Actors Guild. But many free speech advocates see the move as a violation of the First Amendment and dangerous first step down the road to censorship. The EFF responded to this morning’s vote saying that it is “deeply disappointed to report that the Senate Judiciary Committee approved the COICA internet censorship bill this morning, despite bipartisan opposition, and countless experts pointing out how it would be ineffective, unconstitutional, bad for innovation and the tech economy, and would break the internet.”

Click here for the full story…Read More

Google warns Facebook users of ‘trap’ before data export

If you hadn’t yet heard, there’s been a bit of a kerfuffle this past week over your data by two Internet giants – Facebook and Google, reports ReadWriteWeb. It started when Google began blocking other services from importing its data without reciprocity, a move aimed directly at Facebook. Since then, the ball has been hit back and forth, with Facebook making an end-run around Google and deep-linking directly to a contact exporter on Google. Now, Google has retaliated by asking any user that gets that far if you are “super sure you want to import your contact information for your friends into a service that won’t let you get it out?” Take a look at Google’s rather hilarious response after the jump. This is the page that Facebook users now see when they try to export their Google data to find their friends on Facebook. “You have been directed to this page from a site that doesn’t allow you to re-export your data to other services, essentially locking up your contact data about your friends,” warns Google. “So once you import your data there, you won’t be able to get it out.” The page even offers users the ability to “register a complaint”, although it’s unclear where this complaint will end up…

Click here for the full story

…Read More

Will your local library lend eBooks? (Or can they?)

Amazon has recently touted that sales of Kindle books are outstripping those of both hardcover and paperback editions. And a Forrester forecast earlier this week gauged that the sales from e-books for 2010 would hit over $1 billion. It seems as though the market for digital literature is strong. But according to some publishers, if libraries start lending e-books, it could serve to “undo the entire market for e-book sales,” reports ReadWriteWeb. Those were the words of Stephen Page, CEO of the publisher Faber and Faber who spoke last month at a library conference in the U.K. and announced the Publisher Association’s new stance on e-book lending via libraries…

Click here for the full story

…Read More

Google offers free in-flight Wi-Fi for the holidays

Air-bound travelers this holiday season will find that they don’t have to worry about being disconnected from the Internet, even for a few hours, reports ReadWriteWeb. The Google Chrome browser team has joined with three airlines to offer free in-flight Wi-Fi on more than 700 planes for approximately 15 million passengers this holiday season. This is the second year in a row that Google has offered free Wi-Fi, with the program expanding this year to three airlines – AirTran, Delta and Virgin America. According to the Free Holiday Wi-Fi website, the deal will last from Nov. 20, 2010 through Jan. 2, 2011. To connect, simply search for the Gogo Inflight network and connect your device…

Click here for the full story

…Read More

Google says Buzz privacy complaints are false, settles for cash anyway

When Google released Google Buzz in February, there was a backlash. The backlash became, in turn, a lawsuit. That lawsuit has now been settled. In a note to users, Google explained the settlement, reports ReadWriteWeb.

“The settlement acknowledges that we quickly changed the service to address users’ concerns. In addition, Google has committed $8.5 million to an independent fund, most of which will support organizations promoting privacy education and policy on the web.”

The backlash and subsquent lawsuit centered on Google’s default signing up of every Google user for the service without permission. We described the complaints in our February post.…Read More

U.S. National Archives asks whether politicians’ tweets and blogs are ‘official government records’

Much of the Internet buzz surrounding today’s midterm elections in the U.S. revolves around voter participation and how social media may or may not impact turnout, reports ReadWriteWeb. But the increasing use of Web 2.0 and social media tools also impacts politicians and government employees as well. Many federal agencies have worked to encourage public participation and transparency with these new communication tools. But for one of the federal agency in particular, the rise of new forms of communications has other implications: Are all these new Facebook posts, YouTube videos, and tweets federal records?

Click here for the full story

…Read More

Facebook declares ‘Zero Tolerance’ for data brokers

On Facebook’s Developers blog, the world’s largest social networking company declared “zero tolerance” for data brokers, after a recent Wall St. Journal investigation revealed that some Facebook application developers have been selling Facebook users’ information to data brokering firms, reports ReadWriteWeb. Facebook has responded to this news by banning the developers engaging in this practice from the site for a period of six months. To regain entry, the companies will have to submit their data practices for an audit to ensure compliance or the ban will remain in effect. WSJ’s investigation, part of a series called “What They Know,” has been revealing (in a sometimes overly paranoid fashion) the ins and outs of how your personal information is being gathered by data brokers, bought and sold, and then used for targeting advertising purposes. In the case of Facebook, WSJ cautioned that “many of the most popular applications… have been transmitting identifying information – in effect, providing access to people’s names and, in some cases, their friends’ names – to dozens of advertising and Internet tracking companies.” The paper claimed that the issue affected tens of millions of Facebook app users…

Click here for the full story

…Read More