Saturday, September 20, 2014

iCloud hacking: Now, 'nude photos' of Kim Kardashian West, Vanessa Hudgens leaked

Photos showing an apparently nude Kim Kardashian West are
among a group of images that have appeared online in what
appears to be a second leak of hacked personal pictures of
celebrities, weeks after stars including Jennifer Lawrence and
Kate Upton were targeted.
The actresses Vanessa Hudges and Aubrey Plaza, designer and
former child star Mary-Kate Olsen, and US soccer player Hope
Solo are reportedly also among those apparently hacked.
In the self-shot pictures being shared on online message board
4chan, Reddit and Twitter, the woman pertaining to be Kim
Kardashian West is not wearing a wedding ring and it is unclear
when the photos were taken.
Photographs of Hayden Panettiere and Eyes Wide Shut actress
Leelee Sobieski also feature in the latest cache, according to
Buzzfeed.
Further pictures of Lawrence are also reportedly circulating.
Earlier this month over 100 household names were the target of
online thieves, who stole scores of naked photographs and
intimate videos and posted them on the website 4Chan.
Several of the images - in particular, two of Hunger Games star
Lawrence - quickly circulated on Twitter.
The original list had also included Kim Kardashian West, Olsen
and Hudgens, as well as Ariana Grande, Jessica Brown Findlay,
Mary E Winstead, Rihanna, Mary E Winstead, Cara Delevingne,
Kate Bosworth, Selena Gomez, Kate Upton, Kirsten Dunst and
Kaley Cuoco.
The FBI and Apple are both conducting investigations into the
apparent widespread invasion of personal accounts thought to be
connected to the iCloud service.
A spokesperson for Lawrence said at the time: "This is a flagrant
violation of privacy. The authorities have been contacted and will
prosecute anyone who posts the stolen photos of Jennifer
Lawrence."
Justice and Grande both said that the pictures were fake,
although Lawrence's spokesperson verified their authenticity.
Representatives for Upton said they were "looking into" the
authenticity of the intimate images.
Ricky Gervais went on a back tracking spree on the social media
site after he was criticized for 'victim blaming', while Emma
Watson also took to Twitter to voice her condemnation of the
breach.

Thursday, September 11, 2014

Five million Gmail addresses and passwords dumped online


An archive containing nearly 5 million Gmail addresses and plain text passwords was posted Tuesday on an online forum, but the data is old and likely sourced from multiple data breaches according to one security firm.

A user with the online alias “tvskit” posted the archive file on a Bitcoin security forum called btcsec.com and claimed that over 60 percent of credentials found inside are valid.

“We can’t confirm that it is indeed as much as 60 percent, but a great amount of the leaked data is legitimate,” said Peter Kruse, the chief technology officer of CSIS Security Group, a Danish security company that provides cybercrime intelligence to financial institutions and law enforcement.

CSIS researchers analyzed the data and concluded that it is up to 3 years old based on correlations with past leaks.

“We believe the data doesn’t originate from Google directly,” Kruse said via email. “Instead it’s likely it comes from various sources that have been compromised.”

This means that many of the leaked passwords do not correspond to Gmail or Google accounts, but to accounts on other sites where users have used their Gmail addresses as the user name.

CSIS has confirmation that at least five of the leaked user name and password pairs were never used as log-in credentials for Gmail or Google accounts. This enforces the idea that the data comes from compromises outside Google, though it’s possible that they were all perpetrated by a single individual or group, Kruse said.

“The security of our users is of paramount importance to us,” a Google representative said Wednesday via email. “We have no evidence that our systems have been compromised, but whenever we become aware that an account has been compromised, we take steps to help our users secure their accounts.”

Even if many of the leaked credentials turn out not to be from Google, affected users might still want to change their passwords on websites where they used their Gmail address as the user name. A website called isleaked.com allows users to check if their email address is among those leaked.

Friday, September 5, 2014

NVIDIA sues Samsung, Qualcomm for patent infringement

Samsung might find itself in court again, but this time not
against Apple and this time not alone. NVIDIA has filed a
lawsuit against both Samsung and Qualcomm, accusing
them of infringing on 7 of its patents related to computer
graphics and is asking the International Trade Commission
and in the U.S. District Court in Delaware to confirm that,
ban devices, and award them damages. No one will perhaps question that NVIDIA owns patents related to
computer graphics technology. No one will also perhaps deny the
contributions the company has made to the field. Perhaps there
are even some actual patent infringement to be found in its
competitors products, too. But there are many parts of this
lawsuit that are just quite difficult to fathom, much less stomach.
For example, NVIDIA's blog post lists seven infringed patents, a
detail that seems to be missing from its official PR statement.
Among those, four are given as follows:
#our foundational invention, the GPU, which puts onto a
single chip all the functions necessary to process
#graphics and light up screens
our invention of programmable shading, which allows
non-experts to program sophisticated graphics
#our invention of unified shaders, which allow every
processing unit in the GPU to be used for different
purposes
#our invention of multithreaded parallel processing in
GPUs, which enables processing to occur concurrently
on separate threads while accessing the same memory
and other resources
Like many software patents these days, those sound very
commonplace and those are the very same foundational
processes or algorithms used in graphics architecture everywhere.
Surely, others in that market, like once bitter rival ATI (now AMD/
ATI) would have a word or two to say about that.
The targets of the lawsuit are equally perplexing. It specifically
names Samsung and Qualcomm as the culprits. But in the same
breadth, it actually mentions a lot more. Qualcomm is being
targeted for its Adreno GPU used in its Snapdragon SoCs. But the
list of Samsung's devices also include those that run on its own
Exynos chips and so ARM's Mali and Imagination Technologies'
PowerVR graphics architectures are also dragged into the lawsuit.
In short, NVIDIA is basically targeting almost every mobile GPU
maker or designer in the market.
Here's the list of Samsung devices that NVIDIA says infringe on
its patents:
Galaxy Note Edge
Galaxy Note 4
Galaxy S5
Galaxy Note 3
Galaxy S4
Galaxy Tab S
Galaxy Note Pro
Galaxy Tab 2
NVIDIA claims that this is the first time ever that they have filed a
patent lawsuit against anyone in its 21 years of existence. It does
make us question why it took them long to target these chips that
have been in the market for so long. It is also strange that it is
going after Samsung alone, considering the Adreno, Mali, and
PowerVR chips have other customers as well. NVIDIA also says
that it has repeatedly approached Samsung for licensing
negotations but has been repeatedly told that it is the problem of
Samsung's suppliers, which might actually be true as well.
Whatever NVIDIA really has in mind when it filed its complaint, it
might turn out to become a PR problem for them. While it doesn't
fit the definition of a patent troll, there will be many who will
question NVIDIA's motives and sanity, not to mention its financial
situation.