Month: December 2012

Microsoft’s Imagine Cup rewards student innovators with thousands of dollars worth of prizes, the chance to network with other entrepreneurs and valuable experience. But to develop those skills into a viable business can require additional funding, and Microsoft’s Imagine Cup Grant winners, announced Tuesday, now have that.

Team Graphmasters of Germany walked away with $100,000 in cash, which the company will use to develop a navigation system using Windows Phone and Microsoft’s cloud technology, Windows Azure. Team Stethocloud placed second, walking away with a $50,000 prize for its mobile-hybrid stethoscope that can be used to detect childhood pneumonia via the cloud.

See the similarities? The company is funding startups that combine a client sensor, like a phone, with the combined knowledge of the cloud. In fact, every team that Microsoft funded combined a Windows Phone with Windows Azure.

According to a Microsoft representative, each team was judged based on four criteria:

1. Project impact and viability (40%), including whether or not the solution would be technically and economically viable.
2. Team quality and motivation (30%), concerning how the team is structured, and how capable it appears to be to overcome obstacles.
3. Solution design (20%), or how novel the solutuion is.
4. Defining the problem (10%), or how broad the problem that the team is solving actually is.

Imagine Cup Grants are a three-year, $3 million competitive grants program that provides opportunity for young people by helping them realize their vision of bringing their technology enabled projects to life, according to Microsoft. Grant recipients receive funding, access to resources and support to help them create a business or nonprofit organization. The Imagine Cup Grants are part of Microsoft YouthSpark, a global initiative that aims to create opportunities for 300 million youth in more than 100 countries during the next three years.

Graphmasters: Solving Traffic Problems, Collaboratively

According to Christian Brueggemann, who is involved in the technical development of the algorithms behind Team Graphmasters, the company began life as an academic project, natch, which competed in the Imagine Cup about four years ago.

The company’s first product – originally dubbed “Greenway” and now known as “Nunav,” uses a combination of cloud services and devices not to route drivers to their destination via the shortest, most optimized route, but to send them along a variety of paths to minimize total congestion. That, in turn, can cut the amount of time all drivers spend idling in traffic, reducing congestion and the corresponding increase in greenhouse gases from wasted gas. In a hypothetical example, one car can produce 2.5 tons of carbon dioxide per year – enough that a forest of 200 trees would be needed to consume it all. In total, the CO2 output from the world’s cars would require a forest the size of Australia.

Rival navigation systems, according to Brueggemann, are reactive: a driver’s GPS device encounters a traffic jam, reports it, is rerouted, possibly encounters another traffic jam, and the process repeats itself. What Nunav attempts to do, he said, was to proactively assign drivers to side streets, so that every driver wasn’t trying to fit through the same high-speed bottlenecks. (It’s worth noting that Graphmasters’ examples focused on cities, where a number of relatively equal alternative routes present themselves.)

“A reactive system routes drivers around traffic jams that already exist, and when the traffic jam exists, you already have the problem,” Bruggemann said.

All Nunav needs is about 1% of the cars on the road to communicate and respond to create a detailed traffic overview, and about 10% of the GPS infrastructure. “The strategy we’re making is to get our service into the navigation systems alrady in the market, because once we do that it will be very easy to get 10% of users,” Bruggemann said. That doesn’t necessarily mean only Windows Phones, but all GPS devices.

And what’s the business model? It’s a new one: Nunav charges for the accelerated route. Yes, it’s only $.10 or so, which Graphmasters promises will be made up for by reduced stress.

Stethocloud And Winsenga

The same strategy – the cloud plus a device – drove the introduction of Stethocloud, a nifty app developed by four students from Australia. The team created a digital stethoscope that could be plugged into the audio jack of a smartphone. The goal is to help diagnose and treat pneumonia. 

After a user enters some basic information about the child, such as the date of birth, the app asks the parent or doctor to hold the stethoscope up to eight points on the child’s chest, “listening” and then uploading the sound file to the cloud. An algorithm then determines whether or notthe child has pneumonia, and advises a course of treatment.

That same approach was used to develop Winsenga, which combines a high-performance microphone placed within a Pinard horn, rural Africa’s answer to the stethoscope. Without access to ultrasound machines, doctors and nurses have to rely on their own ears to determine if a fetus is alive, and what problems there might be. The app listens to the heartbeat, diagnoses any problems and issues an alert if needed.

Team Vivid from Egypt and Team QuadSquad from Ukraine each won $50,000 to form companies that can access healthcare records from mobile devices, as well as help disabled individuals speak more effectively.

The message here is clear: Microsoft is looking for developers focused on using devices as a local sensor and tapping into the cloud for specialized intelligence and additional computing horsepower. Whether it’s Microsoft technology talking to Microsoft services, or something like Symbian talking to an Amazon Web Services hosted application running within Amazon’s cloud, the company sees the combination of local sensors and back-end intelligence as a powerful trend it wants to encourage.

---

Original news article at https://readwrite.com on December 05, 2012 at 06:30PM

Why is is that many computer users do not take better care of their systems security-wise? I think the main reason for that is that security does not matter for as long as you are not attacked or encounter situations where you need better security. When that happens, it is often too late and while many Internet users learn from this, it is still fair to say that security is something that many users ignore for the most part.

Many may have an antivirus solution installed because all the magazines and sites tell them that this is important, but it usually does not get farer than this.

I’d like to present to you 5 tips that help you stay safe on the Internet. Some recommend software programs or browser extensions, while others explain key security concepts that you can use to make sure you are safe. Feel free to add your own recommendations in the comment section below.

1. Updates

I’m not telling you to install antivirus solution A or B, or that you need a bi-directional firewall, or need to scan your system from time to time with a rootkit scanner. No, the most important tip is to keep your system up to date. This includes Windows Updates that get released on the second Tuesday of every month. Make sure you install them when they are released, and not days, weeks or months later (unless you know what you are doing).

But updating does not end there. You also need to make sure that your programs are up to date, especially those that you use to connect to the Internet, web browsers for instance, but also programs that may embed plugins into those browsers, like Adobe with its Flash Player.

Some programs come with options to install updates automatically, while others require you to download and install updates by yourself.

I recommend to activate automatic updates in Windows and in your browser of choice. It is also useful to stay on top of Flash and Java updates, and updates for other browser plugins you are using.

To find out which you are using, enter about:plugins in Firefox or Opera, and chrome://plugins/ in Google Chrome. For Microsoft’s Internet Explorer, it is complicated.You need to open the Windows Registry Editor and look under the following keys:

1. HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
2. HKLM\Software\Microsoft\Internet Explorer\Toolbar
3. HKLM\Software\Microsoft\Internet Explorer\Extensions

Some web browsers inform you if plugins need updating. You can visit Mozilla’s Plug-in Check site to test if plugins in your browser need updating. Note that this may not work in all browsers.

2. Know Internet addresses

Sounds easy but is something that most users do not pay attention to. The Internet address, or website address or url, determines the site you are connected to. What you need to understand is that https is better than https, and that finance related sites, like your bank’s website, payment processors and the payment section of shopping sites, need to display https in front. You also need to make it a habit to check the web address.

You can also click on the icon in front to get additional information in your browser.

Link checking is important. This is done by hovering your mouse cursor over a link to read the web address it links to. Browsers and other programs usually display link destinations then, which you should make use of to make sure a link leads to the correct destination and not a phishing or fake site.

If you are unsure, enter the address manually instead in your browser or contact the support of the site to find out if the mail is legit or not.

3. Pick secure unique passwords

A password like Dallas or 123456 is easy to remember, but what you need to consider is that it is also easily guessable. You need to select secure unique passwords whenever you sign up for a service.

Secure means that it needs to have a decent length, 12 to 16 characters is a good start, that it is diverse, meaning that you need to mix letters, numbers and special chars if allowed by the site. Since it is quite difficult to remember passwords like V34cy_dsf23$s23, especially if you have dozens or more of those, it is advised to use a password manager. You can use an online password manager like Last Pass for that, or a desktop password manager like the excellent KeePass.

These programs not only save your passwords and usernames, they also include password generators which simplifies the generation of secure passwords.

Unique on the other hand means that you should not use the same password on more than one sites. The only exemption that I’d make here is if the account is not personal, e.g. you have signed up for a site to watch videos there but have not entered any personally identifiable information.

Do not write those passwords down physically, save them in unencrypted form on the computer, or tell them to anyone you know or do not know.

4. Use disposable mail / a second mail account

You do not and should not sign up for all services with your main account. One option that often makes sense is to create a second email account and use that account exclusively for sign ups on sites that are not overly important to you. While you might want to sign up with your real email address on your University’s student site, you should prefer a secondary address for social networking sites, news sites, blogs, gaming sites and more or less all other sites on the Internet.

Why? This is more of a “we sell your email address and profile information” kind of thing that it is a potential security hazard. Still, if you do not want to be swarmed by spam, use a secondary address or disposable email.

Disposable email addresses basically let you create email addresses on the fly that have a limited lifespan. The idea is to sign up using one, get the confirmation email, click on the link, and never use that email address again. Pretty handy huh?

They are not useful for all types of sign ups though. Anyone with knowledge of the email address you signed up with can for instance request a password reset for your account. The email goes directly to the disposable email provider where anyone with knowledge can access it and reset your password. When that happens, it is usually only a matter of time until your account gets hijacked.

In short: they are very good when you need to sign up to a site to access contents. As soon as you reveal personal information, it is better to use a secondary email account for sign up.

5. Use common sense

A Nigerian prince wants to give you 10% of his 10 billion Dollar stash but requests that you send him money first so that he can make the transfer? A women emails you that you never heard of before and claims that she wants to have sex with you? An Iraqi war veteran stumbled upon a ton of Gold and needs logistics to transport it out of the country?

Those email messages and a lot more are common. Spammers try a lot to get you on the hook. Even if you would not fall for those examples, there are others that you may. Examples of this are information about a package that a service like UPS tried to deliver but could not, a Casino that is offering you free spins, or someone who claims to have made millions with a simple Internet site (and wants to sell that secret to you for $10).

A rule of thumb is that you should not open attachments of emails where the sender is not known to you. I do not open emails from businesses that I do not have a relationship with.

But common sense is also important when you are browsing the web. Congratulations, you are the 1,000 visitor, you have won an Apple iPad. Bogus messages are all around you, and it is best to ignore them all instead of falling pray to people who just want your data so that they can sell it to the highest bidder.

Common Sense should probably have been number one of the list

Closing Words

Anything that I missed that you’d like to add? Leave a comment below, I’d love to read your suggestions.

---

Original news article at https://www.ghacks.net on December 05, 2012 at 09:10PM

Check Point has revealed how a sophisticated malware attack was used to steal an estimated €36 million from over 30,000 customers of over 30 banks in Italy, Spain, Germany and Holland over summer this…

---

Original news article at https://www.net-security.org on December 05, 2012 at 07:11PM

This blog has featured stories about a vast array of impressive, high-tech devices used to steal money from automated teller machines (ATMs). But every so often thieves think up an innovation that makes all of the current ATM skimmers look like child’s play. Case in point: Authorities in Brazil have arrested a man who allegedly stole more than USD $41,000 from an ATM after swapping its security camera with a portable keyboard that let him hack the cash machine.

The story comes from O Estado de S. Paulo (“The State of São Paulo“), a daily newspaper in Brazil’s largest city. According to the paper, late last month a crook approached an ATM at the Bank of Brazil and somehow removed the security camera from the machine. Apparently, the camera was a USB-based device, because the thief then was able to insert his own USB stick into the slot previously occupied by the camera. As you can imagine, a scene straight out of Terminator 2 ensued.

The attacker was then able to connect a folding keyboard to the ATM’s computer and restart the machine. The newspaper story isn’t crystal clear on the role of the USB device — whether it served as a replacement operating system or merely served to connect the keyboard to the machine (it’s not hard to imagine why this would be so easy, since most ATMs run on some version of Microsoft Windows, which automatically installs drivers for most USB-based input devices).

At any rate, after the thief rebooted the ATM’s computer, he was reportedly able to type the value of the currency notes that he intended to withdraw. According to the story, the thief started by removing all of the R $100 bills, and then moved on to the R $50 notes, and so on.

As clever as this hack was, the crook didn’t get away: The police were alerted by the central bank’s security team, and caught the thief in the process of withdrawing the funds. Brazilian authorities said they believe the man was being coached via phone, but that the guy they apprehended refused to give up the identity of his accomplice. My guess is the one coaching the thief had inside knowledge about how these machines operated, and perhaps even worked at a financial institution at one point.

These kinds of attacks make traditional ATM skimmer scams look positively prehistoric by comparison. But the sad part is that even really crude skimming devices can be very lucrative and go undetected for months. I was reminded of this last week, when, for the third time in as many months, authorities discovered ATM skimmers at hospitals within a few miles of here. Local police believe the same thieves are responsible for planting all of the fraud devices, which are relatively unsophisticated but nonetheless enabled the theft of thousands of dollars over a period of several weeks.

According to Fairfax County Police, one was discovered on the same ATM located near the lobby gift shop at Inova Fairfax Hospital on Tuesday, November 27. A hospital employee noticed that the input slot for the card was loose and wobbly; when she inserted her bank card, the device fell off.

A second device was discovered on a machine located in the Inova Fair Oaks Hospital lobby adjacent to the cafeteria on Wednesday, November 28 around 1 p.m. A hospital security guard discovered the device after being notified of the prior incident.

In September, Fairfax police recovered a remarkably similar skimmer from that very same ATM in front of the Fairfax hospital gift shop. I popped by the hospital today and snagged a picture of the cash machine in question (at left, and sadly, I did not discover another skimmer).

Interestingly, the police said that none of these bank machines are either owned or “monitored” by Inova staff; while they are are located on hospital property, the banking institutions that own them are responsible for their maintenance and management.

I doubt these skimmers would have gone undiscovered for weeks a time had they been attached to ATMs at actual bank branches. These incidents are a good reminder that, whenever possible, stick to ATMs located at bank branches. And, as always, keep a close eye on your bank statement for fraudulent charges.

---

Original news article at https://krebsonsecurity.com on December 05, 2012 at 03:05AM

---

Original news article at https://news.hitb.org/ on December 04, 2012 at 03:00PM

(LiveHacking.Com) –  The latest set of tests performed by AV-TEST, an independent IT security and anti-virus research institute  has shown that Microsoft’s Security Essentials (MSE) can only detect 64 per cent of zero-day threats when running under Windows 7. This is down from 69 per cent in the previous round of certification tests, which were carried out […]

---

Original news article at https://www.livehacking.com on December 03, 2012 at 01:27PM

Prey is one of our favorite ways to protect your devices against theft. If a laptop or mobile is lost or stolen, Prey can help you recover it. It’s free to use for up to three devices, but if you have a family with lots of devices to protect, or just a bunch of your own, you need Prey Pro. StackSocial currently has a deal that knocks 72% off a year’s worth of service so you can protect up to 10 devices for only $50. More »

---

Original news article at https://lifehacker.com on December 01, 2012 at 02:30AM