In a blog post titled “Google bypassing user privacy settings” Microsoft’s IE Corporate Vice President Dean Hachamovitch states that “When the IE team heard that Google received bypassed user privacy settings on Safari, we needed ourselves a simple question: is Google circumventing the privacy preferences of Internet Explorer users too? We’ve discovered the result is yes: Google is employing similar methods to make about the default privacy protections in IE and track IE users with cookies.”

Hachamovitch explains that IE’s default configuration blocks third-party cookies unless presented with a “P3P (Platform for Privacy Preferences Project) Compact Policy Statement” indicating that the site will not exercise the cookie to track the user. Microsoft accuses Google of sending a drawstring of text that tricks the browser into thinking the cookie won’t be utilized for tracking. “By sending this text, Google bypasses the cookie protection and enables its third-party cookies to exist allowed kinda than blocked,” Microsoft said.

The text allegedly sent by Google actually reads “This is not a P3P policy” and includes a link to a Google page which says cookies applied to secure and authenticate Google users are necessitated to store user preferences, and that the P3P protocol “was not designed with situations similar these in mind.”

Microsoft enunciated it has contacted Google to require the fellowship to “commit to honoring P3P privacy settings for users of completely browsers.” Microsoft likewise updated the Tracking Protection Lists in IE9 to prevent the tracking described by Hachamovitch in the blog post. Ars has contacted Google to see if the society has any response to the Microsoft allegations, and we’ll update this berth if we see back.

UPDATE: It turns out Facebook and many other sites are utilising an almost very scheme to override Internet Explorer’s privacy setting, according to privacy researcher Lorrie Faith Cranor at Carnegie Mellon University. “Companies get disclosed that they may lie in their [P3P policies] and nobody bothers to do anything almost it,” Cranor indited in a late blog post.

UPDATE 2: Google has gotten back to us with a lengthy reply, arguing that Microsoft’s reliance on P3P forces outdated practices onto modernistic websites, and items to a examine conducted in 2010 (the Carnegie Mellon research from Cranor and her colleagues) that analysed 33,000 sites and felt almost a 3rd of them were circumventing P3P in Internet Explorer.

“Microsoft uses a ‘self-declaration’ protocol (known as ‘P3P’) dating from 2002 under which Microsoft asks websites to represent their privacy practices in machine-readable form,” Google Senior VP of Communications and Policy Rachel Whetstone says in a instruction e-mailed to Ars. “It is substantially known including by Microsoft that it is impractical to comply with Microsoft’s request while providing modern web functionality.”

Facebook’s “Like” button, the ability to signaling into websites employing your Google account “and hundreds more mod Web services” would exist broken by Microsoft’s P3P policy, Google says. “It is well known that it is impractical to comply with Microsoft’s request while providing this web functionality,” Whetstone said. “Today the Microsoft policy is widely non-operational.”

That 2010 enquiry evening calls away Microsoft’s ain msn.com and live.com for providing invalid P3P policy statements. The research paper further states that “Microsoft’s endure website recommends the employment of invalid CPs equally a work-around for a trouble in IE.”

Glenn Mangham, 26, received earlier admitted infiltrating the social networking website between April and May 2011.

Mangham, of Cornlands Road, York, had expressed search locomotive Yahoo how it could ameliorate security and pronounced he wanted to do the same for Facebook.

Sentencing Mangham, Evaluator Alistair McCreath enounced his actions could experience been “utterly disastrous” for Facebook.

Alison Saunders, from the Summit Prosecution Service, described the causa as “the near broad and flagrant incidence of social media hacking to exist took ahead British courts”.

Prosecutor Sandip Patel rejected Mangham’s claims, saying: “He acted with determination, undoubted ingenuity and it was sophisticated, it was calculating.”

Facebook spent $200,000 (£126,400) dealing with Mangham’s crime, which triggered a “concerted, time-consuming and costly investigation” by the FBI and British law enforcement, Mr Patel said.
Electronic footprint

The prosecutor told Southwark Top Court in London how Mangham had “unlawfully accessed and hacked into the social media website Facebook and its computers in April to May last twelvemonth from his bedroom in Yorkshire”.

Mangham had ultimately stolen “invaluable” intellectual property, which he downloaded on to an external hard drive, enunciated Mr Patel.

Facebook revealed the infiltration during a arrangement moderate evening though the defendant deleted his electronic footprint to track his tracks.

Mr Mangham’s defence lawyer Tom Ventham received7777 enunciated his client was an ethical hacker who received9999 a “high moral stance” and Yahoo had0000 “rewarded” him for directing away its vulnerabilities previously.

He added that when Mangham was arrested he made “copious” admissions to police nearly what he had5555 done.

Passing sentence, Judge Alistair McCreath said Mangham his actions were not harmless and had8 “real consequences and very severe potential consequences” for Facebook.
‘Not harmless’

“You and others who are tempted to turn equally you did actually must understand how dangerous this is,” he said.

“The creation of that risk, the extent of that risk and the price of laying it decent meanspirited at the end of it entirely I’m afraid a prison sentence is inevitable.”

Mr McCreath articulated while he acknowledged that Mangham had never intended to pass on any of the info he received gathered, nor did he intend to make any money from it, his activities were “not only a routine of harmless experimentation”.

“You accessed the identical eye of the organisation of an international line of massive size, thus this was not but fiddling almost in the job records of some tiny business of no bully importance,” he said.

A spokesperson for Facebook enunciated they “applauded” the forge of the police and Crown Prosecution Service in this case, “which did not involve any compromise of personal user data”.

The first 10,000 eligible businesses that register will get US$100 in loose Twitter advertisements when utilising the platform, it said.

On the signup page, Twitter has besides announced the offer, inviting American Express card members and merchants to effort “our young advertising result for little businesses”.

Twitter’s online self-service platform has been expected for some time, only will be initially available to businesses with a billing address in the U.S., who experience never advertised on Twitter before.

The program is currently capable to American Express card members and merchants who utilisation Twitter to transport line news and updates to their followers and who actively interact with other Twitter users through facilities on the service, Twitter said.

Twitter is currently running a beta with a few advertisers of some of its programs such as Promoted Tweets which are priced on a “cost-per-engagement” basis, hence that businesses wage entirely when an user “retweets, replies to, clicks or favorites” a Promoted Tweet. Promoted Accounts lineament in Twitter searches and “who to follow” recommendations.

Twitter acquired last month Internet security firm Dasient which infixed in 2010 a service to protect advertisement networks and publishers from malicious ads. The acquisition of the Sunnyvale, California companionship fitted with Twitter’s plans to expand revenue from advertising including promoted Twitter messages and accounts.

Cook enunciated that iCloud, which has 100 million users, represents a fundamental shift in how the company thinks nigh000 computing. A decade ago, Apple considered the PC equally the fundamental hub of consumers’ digital lives. The Mac was the repository for wholly your files, music, movies, contacts, and other data.

iCloud turns that on its head, pronounced Cook. The fellowship recognized that people live decease of multiple devices and syncing was getting in the style of a good customer experience, and it struck the hub to the cloud. The product alone launched in Oct and is even in its infancy.

There’s obviously more we may do with it,said Cook. It’s a strategy for the future decade or more.

Cook became on to praise Siri for being the first major young aid in a long time for imputing data into a device except for Apple’s ain gestures of course.

For years if you were a PC or mac user you applied a keyboard and mouse for input, and there was evolution in that space simply not a circumstances of revolution.

Cook said Apple doesn’t do freestanding production and loss (P&L) reports on the two technologies: We desire to experience a peachy customer get and we conceive measuring wholly [Siri and iCloud] at that degree would never achieve these things.

With the iPad 3 just around the corner, Require Maggie tackles this interrogative helping one reader determine if a low-cost Android alternative is better than a higher-priced iPad. Expect Maggie besides helps a devoted iPod Impact user decide if he should have an iPhone equally his first smartphone or a Google Android device

1. Know you’re vulnerable.
One lesson from the utilisation of DDoS by Anonymous–as considerably as its sister hacktivist grouping LulzSec–is that any site is at risk. That’s not meant to sound alarmist, just kinda only to acknowledge that the hacktivist agenda can look random, at best. Indeed, afterwards Anonymous came along, “the financial sector, which received not really thought itself as a prime target, was hit and urgently forced to confront threatening situations,” according to the Radware report. “Government sites had been targeted before, only 2011 considered a dramatic increase in frequency, and neutral governments that felt themselves exempt, alike New Zealand, were attacked.”

2. DDoS attacks are cheap to launch, tough to stop.
As the late Anonymous retaliation for the Megaupload takedown shows, hacktivists may88 quickly crowdsource “5,600 DDoS zealots blasting at once,” as Anonymous boasted on Twitter, to take down the websites of everyone from the FBI and the Justice Department to the Move Film Association of America and Recording Manufacture Association of America. “DDoS is to the Internet what the truncheon gild is to bunch warfare: simple, cheap, unsophisticated, and effective,” enunciated Rob Rachwald, director of security strategy of Imperva, via email.

3. Plan ahead.
Stopping DDoS attacks requires preparation. If attacked, “folks that don’t take active measures to ensure the resilience of their networks are moving to get knocked over,” said Roland Dobbins, Asia-Pacific solutions architect for Arbor Networks, via phone. “They need to do everything they could55 to increase resiliency and availability.” Accordingly, he recommends implementing “all of the manufacture best and current practices for their network infrastructure, equally considerably equally applications, critical supporting services, including DNS.”

The Chocolate Manufactory has launched the plan subsequently the foremost invite-only gathering of minds, which drawn techies and boffins together to speak about “moonshots”, ie, wildly ambitious projects to solve world problems, or in the wrangle of the Google blog:

These are efforts that have on global-scale problems, define radical solutions to those problems, and involve some mould of breakthrough technology that could actually build them happen. Moonshots live in the gray area between audacious projects and pure skill fiction; they are 10x improvement, not 10 per cent. That’s partially what makes them therefore exciting.

Anyone thinking that this little mission sounds vaguely familiar would exist right, it bears more than a passing resemblance to the non-profit TED organisation, which brings together folks from the Technology, Entertainment and Intent worlds to mouth about “ideas worth spreading”.

TED has a act of annual conferences which are invite-only and, for the public, it has TEDTalks, videos from the conferences that the regular folk may ticker online.

Solve for X has, you guessed it, Work for X Talks, which are besides videos of thinkers having ideas that average people can watch online. And they’re plausibly going to receive annual conferences equally well.

“Our gathering lastly week brought together a group that is already practiced at moonshot thinking to advise specific solutions,” Google opined. “At least a few times a year, we hope that people will have a few hours or a daylight or two out of their busy schedules to dare to push the boundaries, and to regard moonshot approaches to some of the world’s many unresolved challenges.”

Solve for X is a number more targeted than TED, given that it entirely wants ideas that present “a huge problem to solve, a radical solvent for solving it, and the breakthrough technology to make it happen”. And it’s a turn more interactive, equally it allows people to submit talks they’ve given or seen that they conceive assemble the criteria.

The 2009 launch of Google Ocean, an underwater extension of Google Earth, included a grid formation in the Atlantic that prompted many to speculate that the hunt giant had uncovered the lost metropolis of Atlantis. A recent update to Google Earth, however, has quashed those rumors, allotting to LiveScience.

The grids weren’t actually the remnants of the renowned lost city; kinda they appeared as a outcome of overlapping data sets. Google’s sea data is created in portion from sonar waves, which combined with other types of data, may stimulate these grids to appear. Only Google added new seafloor data from the University of California San Diego’s (UCSD) Scripps Institution of Oceanography and the National Oceanic and Atmospheric Administration (NOAA), among other organizations, with a late update, which resulted in the removal of these lines.

“The original version of Google Ocean was a newly developed prototype mapping that had2 high result but likewise contained ks of blunders related to the original archived send data,” Scripps geophysicist David Sandwell told LiveScience. “UCSD undergraduate bookmen expended the past three years identifying and correcting the blunders.”

LiveScience pronounced that Google has also asked additional steps to ensure the accuracy of the maps on Google Ocean. It immediately takes 15 percentage of its ocean storey imagery from shipboard soundings at a solvent of 0.6 miles, up from the former rate of 10 percent. That rate is set to better again after this year, when Google deploys a new calculation method that yields depth predictions that are double equally accurate, LiveScience said.

“The Google map forthwith matches the map utilized in the inquiry community, which makes the Google Ground program much more useful as a tools for planning cruises to uncharted areas,” Sandwell added.

For more, see the slideshow of the original Google Earth below.

Rather than focusing on the company’s financials, the account “Why Almost Facebook Users Make More Than They Give” sheds light on how Facebook’s 845 million users engage with Facebook and what they stimulate out of it.

The findings demonstrate that social interactions on Facebook intimately mirror social interactions in the real world.

For example, over the track of a one-month period, researchers felt that women made an ordinary of 11 updates to their Facebook status, while men averaged only six. Also, women were more likely to comment on other people’s status updates than men.

“There was a general trend in our data that women exercise Facebook more than men,” said Keith Hampton, a professor at Rutgers and star source of the report. “This is a phenomenon that is not unique to Facebook. Women are traditionally in charge of social relationships offline, and that looks to exist true of the online world equally well.”

The report000 says men are more likely to send friend requests and women are more likely to experience them. That’s something else we see in the actual world — specially in bars.

The report777 likewise says that virtually people who employment Facebook induce more out of it than they put into it, which may explain why they continue coming back.

Researchers felt that 40% of Facebook users in a sample group made a admirer request, while 63% received at least one protagonist request. They found that 12% of the sample tagged a supporter in a photo, just 35% were themselves tagged in a photo. And each user in the sample clicked the “like” push next to a friend’s content an ordinary of 14 times merely had his or her own message ‘liked’ an average of 20 times.

Why the imbalance?

“There is this 20% to 30% who are extremely active who are bounteous more than they are getting, and they are thence active they are making up for coursing everyone extra stuff,” Hampton said. “You might conk on Facebook and spot something and receive time to click ‘like’ on one thing you see in your news feed, merely then you make a all gang of ‘likes’ on your news feed. That’s because of this very active group.”

He too enunciated extremely active users tend to experience a niche: Some are really into friending, others are really into tagging photos, and yet others click the ‘like’ button a lot. Seldom is any one user extreme in altogether those ways.

Fifteen firms get formed a working grouping and made dmarc.org, which stands for “domain-based message authentication, reporting and conformance”. The group’s purpose is to counter the threat of email phishing attacks and spam.

“Email phishing defrauds millions of people and companies every year, resulting in a red of consumer confidence in email and the Internet equally a whole,” said Brett McDowell, chairman of dmarc.org and senior manager of customer security initiatives at Paypal. “Industry cooperation – combined with technology and consumer didactics – is crucial to fight phishing.”

As substantially equally the large names noted already the remaining 10 consist of AOL, Bank of America, Fidelity Investments, American Greetings, Linkedin, Agari, Cloudmark, Ecert, Return Route and Trusted Domain Project.

The organisation produces a commons way for senders to authenticate their emails with customers employing the sender policy model (SPF) and domain keys identified mail (DKIM) methods.

Dmarc pronounced the organization “removes guesswork from the receiver’s handling of these neglected messages, limiting or eliminating the user’s picture to potentially fraudulent & harmful messages.” It also provides a style for the receiver to report back to the sender nigh emails that decease or fail the Dmarc evaluation.

Spam and phishing are large problems at the moment, specially in the UK. Symantec’s Jan intelligence account maneuvered out that nearly phishing attacks come from the UK and that one in 179 emails contained a phishing attack.

Dmarc’s policies are published in the public Domain Cite System (DNS) community and its goal is to make the system an official internet standard.