Total Pageviews

Friday, February 15, 2013

Facebook Says Hackers Breached Its Computers

Facebook admitted that it was breached by sophisticated hackers in recent weeks, two weeks after Twitter made a similar admission. Both Facebook and Twitter were breached through a well-publicized vulnerability in Oracle’s Java software.

“We have found no evidence that Facebook user data was compromised,” Facebook said.

In a blog post late Friday afternoon, Facebook said it was attacked when a handful of its employees visited a compromised site for mobile developers. Simply by visiting the site, their computers were infected with malware. The company said that as soon as it discovered the malware, it cleaned up the infected machines and tipped off law enforcement.

n Feb. 1, Twitter said hackers had breached its systems and potentially accessed the data of 250,000 Twitter users. The company suggested at that time that it was one of several companies and organizations to be have been similarly attacked.

Facebook has known about its own breach for at least a month, according to people close to the investigation, but it was unclear why the company waited this long to announce it. Fred Wolens, a Facebook spokesman, said the company wanted to fully investigate the source of the breach before disclosing it. Mr. Wolens said the company was still working closely with law enforcement to determine the source of the attacks.

Like Twitter, Facebook said it believed that it was one of several organizations that were targeted by the same group of attackers.

“Facebook was not alone in this attack,” the company said in its blog post. “It is clear that others were attacked and infiltrated recently as well.”

The attacks add! to the mounting evidence that hackers were able to use the security hole in Oracle’s Java software to steal information from a broad range of companies. Java, a widely used programming language, is installed on more than three billion devices. It has long been hounded by security problems.

Last month, after a security researcher exposed a serious vulnerability in the software, the Department of Homeland Security issued a rare alert that warned users to disable Java on their computers. The vulnerability was particularly disconcerting because it let attackers download a malicious program onto its victims’ machines without any prompting. Users did not even have to click on a malicious link for their computers to be infected. The program simply downloaded itself.

After Oracle initially patched the security hole in January, the Department of Homeland Security said that the fix was not sufficient and recommended that, unless “absolutely necessary”, users should disable it on their computers cmpletely. Oracle did not issue another fix until Feb. 1.

Social networks are a prime target for hackers, who look to use people’s personal data and social connections in what are known as “spearphishing” attacks. In this type of attack, a target is sent an e-mail, ostensibly from a connection, containing a malicious link or attachment. Once the link is clicked or attachment opened, attackers take control of a user’s computer. If the infected computer is inside a company’s system, the attackers are able to gain a foothold. In many cases, they then extract passwords and gain access to sensitive data.

Facebook said in its blog post that the updated patch addressed the vulnerability that allowed hackers to access its employees’ computers.

Hackers have been attacking organizations inside the United States at an alarming rate. The number of attacks reported by government agencies last year topped 48,500 â€" a ninefold jump from the 5,500 attacks reported in 2006, according to ! the Gover! nment Accountability Office.

In the last month alone, The New York Times, The Wall Street Journal and The Washington Post all confirmed that they were targets of sophisticated hackers. But security experts say that these attacks are just the tip of the iceberg.

A common saying among security experts is that there are now only two types of American companies: Those that have been hacked and those that don’t know they’ve been hacked.

Was that Fireball a Meteor or a Meteorite

One of many views of the Russian fireball recorded on a dashboard-cam on Friday.

As Russian speakers will be aware, more and less obscene versions of the question, “What was that” punctuated many of the spectacular videos recorded in and around the Siberian city of Chelyabinsk on Friday, as what NASA calls “the Russian fireball” screamed across the sky.

To answer that question, The Lede turned to Kenneth Chang, a colleage on the Science desk, who put together the following guide to near-earth-object terminology.

Asteroid: a rock in orbit generally between Mars and Jupiter; fragments of a planet that never came together. Over the eons, because of collisions and gravitational jostling with neighbors, some asteroids have been ejected from the main belt and some are on trajectories that intersect with Earth’s orbit.

Comet: a chunk of ice and rock originating from the outer solar system. Some of them occasionally get gravitationally nudged so that they zoom toward the inner solar system, with the possibility of hitting Earth.

Meteor: the streak of light seen when a space rock â€" an asteroid or a comet â€" enters the atmosphere and starts burning up. It’s the scientific synonym for “falling star.”

Meteorite: if a meteor doesn’t entirely burn up, a piece of space rock that lands on Earth is ! called a meteorite.

Meteoroid: a space rock that’s bigger than a dust grain but smaller than an asteroid. The dividing line between asteroid and meteoroid is fuzzy, but generally space rocks bigger than boulders are asteroids. So a breadbox-size rock would be a meteoroid.

Bolide: astronomers use the term to describe a bright fireball from an incoming meteor; geologists use it as a catch-all term for a comet or an asteroid that his the Earth.

Digital Diary: Are We Suffering From Mobile App Burnout

At last count, I had 259 applications on my iPhone.

I probably use 16 regularly â€" including Google Maps, Messages, Twitter for iPhone and Instagram.

When I got my first iPhone in late 2008, I couldn’t wait to peruse the App Store for cool new games, neat productivity tools and quirky new social services. In a way, it felt like what television once was, a new kind of inexpensive, readily available entertainment. During those early days, people rushed to download the next new thing, and Apple’s swiftly rising count of the number of applications available was a hallmark of success. The sheer number of apps gave Apple a significant market appeal and a seemingly unbeatable lead over rivals like Android and Research in Motion, who all scrambled to try to recreate those successes.

But now the App Store just feels daunting. Apple recently said there were 775,000 applictions for the iPhone and iPad available on its virtual shelves. Who has the time to sift through that glut to uncover new gems

Of course, trendy new games and services like Tiny Tower and Draw Something still float up and become all the rage. But they typically fade away, at least for me. Although I download new applications constantly for my job, it is rare that one becomes integral to my daily routine. I just don’t have the time to use more than I’m already using. Does anyone

I asked a few friends, and their behavior is similar to mine. One friend who lives in Los Angeles said he had 150 applications installed on his phone. He estimates that he uses about 15 on a daily basis. Another friend, this one in New York, told me he had 104 apps on his phone and used around 20 regularly.

This seems to correlate with a larger study by Nielsen, which found that the average number of applications per smartphone was rising, but that the amount of time people spent using apps had not changed much. The most heavily used apps were Facebook, YouTube, the Android Market, Google Search and Gmail.

Onavo, a company that helps people monitor their data use, estimates that only about 1,000 applications have at least 50,000 users in the United States. The rest remain far from the mainstream.

For the typical app, less than half the people who download it use it more than once, said Guy Rosen, the chief executive of Onavo.

Do you suffer from app overload How many apps do you have in your phone, and how many of those do you actually use Do you find yourself shutting yourself off to new apps because you simply can’t handle any more

Answering Readers\' Questions About the Meteor Strikes

Clark R. ChapmanSouthwest Research Institute Clark R. Chapman

You asked us great meteor questions, readers, ones that went beyond the mere fact of the seriously cool video coming from all over Russia. But we wanted to give you a deeper look at the science behind bombardments from space, so we called in a respected source to help.

Clark R. Chapman is a senior scientist at the Southwest Research Institute in San Antonio and a pioneer in the field of asteroid threat assessment. He is co-author of the 1989 book, “Cosmic Catastrophes” with David Morrison, a senior scientist at the NASA Ames Research Center in Mountain View, Calif.


This is an unusual strike. It will take a while for analysis of the videos, and presumably of the seismic records of the explosion, before we can estimate the size of the projectile. I’m guessing it’s a once-in-a-decade kind of event.


Why unusual


It’s unusual in the sense that it’s rare. It’s not the kind of event that happens very often. A! lso, they’re talking about maybe 1,000 people injured and some in the hospital. I’m not aware of a strike that has caused that much injury. That’s because it hit in a somewhat populated part of Russia, instead of the ocean or the desert or the middle of Siberia where relatively few people would have got hurt.


These things happen continually. This one was probably a few meters in diameter but they’re flying by the Earth ll the time. And they hit - ones this big - maybe once in a decade. Things that would really devastate a city if they hit would occur maybe once every few centuries. It happens on a scale (of meteors small and large). Anyone living out in the countryside or a rural area, if the skies are clear, can look up at night and see apple-seed-size meteors hitting every few minutes, or at least every few hours.


Conceivably it could be part of a swarm, but it’s not associated with DA14 [the big asteroid that is to fly close by the Earth on Friday]. They’re on totally different trajectories. I ! don’t h! ave the numbers in front of me, but their orbits are totally different. They both intersect the Earth, more or less, but the asteroid is moving maybe south to north and the Russian meteorite west to east. They’d have to be coming in the same direction to be part of a swarm. It’s a remarkable coincidence that what may be the most damaging meteor strike in modern history would happen on the same day as the closest passage of an asteroid as big as DA14.


How big is DA14


It’s about 100 feet across.


Should we be scared What can we do


The estimated danger from a large impact has dropped in recent decades because of telescopic observations and sky surveys. We should continue to monitor the skies for undiscovered large asteroids and for very much smaller ones that could still be quite dangerous, depending on where they hit. We should continue to look.


No space telescope now searches for such threats. Would such a device help


That kind of project wouldn’t find what hit Russia (as the asteroid was too small) but it would find ones that are much more dangerous. And once they were detected, we could warn people. We could say, “It’s going to hit such an area at a certain time on a certain day and you should stay away from the windows.” You could provide warning of impacts that could be dangerous.


Could we divert a planetary threat


If it’s found early enough - quite a few years in advance of its hitting - then NASA and the European Space Agency and other space agencies have the technology to divert the asteroid so it would miss the Earth.

Daily Report: Device Offers Partial Vision for the Blind

The Food and Drug Administration on Thursday approved the first treatment to give limited vision to people who are blind, involving a technology called the artificial retina, reports Pam Belluck in Friday’s New York Times.

The device allows people with a certain type of blindness to detect crosswalks on the street, the presence of people or cars, and sometimes even large numbers or letters. The approval of the system marks a milestone in a new frontier in vision research, a field in which scientists are making strides with gene therapy, optogenetics, stem cells and other strategies.

The artificial retina is a sheet of electrodes implanted in the eye. The patient is also given glasses with an attached camera and a portable video processor. This system, called Argus II, allows visual signals to bypass the damaged portion of the retina and be transmitted to the brai..

With the artificial retina or retinal prosthesis, a blind person cannot see in the conventional sense, but can identify outlines and boundaries of objects, especially when there is contrast between light and dark â€" fireworks against a night sky or black socks mixed with white ones.

The F.D.A. approved Argus II, made by Second Sight Medical Products, to treat people with severe retinitis pigmentosa, in which photoreceptor cells, which take in light, deteriorate.

The eyeglass camera captures images, which the video processor translates into pixelized patterns of light and dark, and transmits them to the electrodes. The electrodes then send them to the brain.

“The questions that this particular device raised for F.D.A. were very new,” Dr. Malvina Eydelman, the F.D.A.’s director for the Division of Ophthalmic and Ear, Nose, and Throat Devices, told The Times. “It’s a big step forward for the whole ophthalmology field.”

Video Captures Flaming Object Believed to Be Meteorite

The flaring objects that fell on a remote part of Russia in what officials believe was a meteor shower produced some captivating video from people in the area.

One video showed the a flaming object zooming toward earth and seemingly in the direction of the moving vehicle whose occupant was filming it. The object then struck the earth, causing a big explosion.

Another video, taken from a vehicle moving along a city street, shows a burst of blinding light followed by a tail of flaming debris.

Ð'зрыв над ЧеÐ'ябинском

It could not immediately be determined whether the two videos captured the same object.

As Ellen Barry, The Times’s Moscow bureau chief, reports, Russian authorities have tentatively identified the debris as fragments of a meteorite, and that it shattered windows and left some buildings damaged. Emergency officials in the city of Chelyabinsk reported that at least four people were injured by broken glass in a school, she reported.