Tuesday, December 31, 2013

Hackers Claim To Publish List Of 4.6M Snapchat Usernames And Numbers

snapchatDB screenshot

A site called SnapchatDB.info claims that they’ve saved usernames and phone numbers for 4.6 million accounts and made the information available for download. SnapchatDB says that it got the information through a recently identified and patched Snapchat exploit and that it is making the data available in an effort to convince the messaging app to beef up its security. We’ve reached out to Snapchat and SnapchatDB for comment.


SnapchatDB said it “censored the last two digits of the phone numbers” in order to “minimize spam and abuse,” but that it still might release the unfiltered data, including millions of phone numbers.


The Next Web did a WHOIS lookup on SnapchatDB’s domain and found it was created just yesterday on December 31. The registrant’s name is protected, but its mailing address and contact number are both listed in Panama.


The site appears to have been created in response to recently identified flaws in Snapchat’s security. Last week, ZDNet published an article on how white-hat Gibson Security researchers had tried to alert Snapchat to ways that hackers would connect usernames to phone numbers for user in stalking, but were ignored. Gibson Security then published the exploit publicly on Christmas Eve.


The firm said that hackers could use two exploits to gain access to users’ personal data, including their real names, usernames and phone numbers, through Snapchat’s Android and iOS API. Snapchat did offer a public statement, but as TechCrunch’s Josh Constine wrote, it wasn’t very satisfactory because it did not offer details on how its countermeasures would work, such as rate limiting, bad IP blocking, or automated systems that scan suspicious activity. Snapchat said:



“Theoretically, if someone were able to upload a huge set of phone numbers, like every number in an area code, or every possible number in the U.S., they could create a database of the results and match usernames to phone numbers that way. Over the past year we’ve implemented various safeguards to make it more difficult to do.”



To be sure, SnapchatDB might be a prank meant to call attention to these issues. On Hacker News, several people have had trouble downloading the data files (I just got an error message for both of them, but that may be because of high traffic). Some commenters who did manage to get ahold of the files said they couldn’t find their own numbers in the lists and entire area codes appeared to be missing.


Either way, the Gibson Security report and SnapchatDB are both reminders that even in an ephemeral messaging service, it would be a mistake to be lulled into a sense of security about the information that you do have stored with the app. “People tend to use the same username around the web so you can use this information to find phone number information associated with Facebook and Twitter accounts, or simply to figure out the phone numbers of people you wish to get in touch with,” SnapchatDB stated on the site.










from TechCrunch http://feedproxy.google.com/~r/Techcrunch/~3/99cub5pdBbc/

Snapchat user info database leaks, claims to hold most numbers and usernames

Last week security researchers published a way to skim Snapchat's full database, and it appears someone did it before the vulnerability was addressed. A website called SnapchatDB! has appeared posting SQL/CSV files that it claims contain the username ...



from Engadget RSS Feed http://www.engadget.com/2013/12/31/snapchat-user-info-leak/?ncid=rss_truncated

Samsung's new TV remote for 2014 is 80 percent smaller, has touch, voice and gesture control

Samsung couldn't wait for CES to start leaking information about its new HDTVs, starting with the remote. After rolling out larger and larger contraptions over the years with more buttons (on both sides, even), this year's "Smart Control" model is 80 ...



from Engadget RSS Feed http://www.engadget.com/2013/12/31/samsung-smart-control-tv-remote-ces-2104/?ncid=rss_truncated

Netflix is testing multiple new subscription plans, like 3 streams for $9.99

Netflix likes to run small tests of features and packages before it offers them widely (like its new unified UI), and that includes the "1 SD stream for $6.99" some have started seeing recently. Another offer currently in testing covers the hole ...



from Engadget RSS Feed http://www.engadget.com/2013/12/31/netflix-is-testing-more-new-subscription-plans-offers-include-3/?ncid=rss_truncated

Daily Roundup: NSA iPhone malware, Mac Pro teardown, this year in reviews and more!

You might say the day is never really done in consumer technology news. Your workday, however, hopefully draws to a close at some point. This is the Daily Roundup on Engadget, a quick peek back at the top headlines for the past 24 hours -- all ...



from Engadget RSS Feed http://www.engadget.com/2013/12/31/nsa-iphone-malware-mac-pro-teardown-2013-reviews/?ncid=rss_truncated

TLDR: 9 Paleofuture Stories From 2013 You Swore You'd Finish Later

Dell portrays itself as a feisty startup in its first ad after going private (video)

Now that Dell is once again a private company, it's trying to shake off its reputation as a member of the status quo. Appropriately, the PC builder just unveiled a new TV ad (after the break) that suggests it has all the energy and vision of a ...



from Engadget RSS Feed http://www.engadget.com/2013/12/31/dell-beginnings-ad/?ncid=rss_truncated

I, Spammer

spam%20(240%20x%20169)

As I approach the half-way mark of my crowdfunding project, I wanted to address the thing that makes me feel the worst about this whole process: the spam. As I intimated in in my last post, moving from passive content producer to active content salesperson is hard. As someone used to fire-and-forget posting, convincing others to buy something I’ve built is a hard thing to do. And the best way to do it, sadly, is through spam.


Screen Shot 2013-12-31 at 11.05.33 AM


I pride myself on trying to be a nice guy. I post crowdfunding projects on TC all the time because I think they’re cool and I tend to use social media to either make dumb jokes or talk about projects I’ve seen. Now, however, I have to use social media as a sales tool. I contact the vast majority of my Facebook friends directly, have retweeted comments about the book, and even resorted to contacting my LinkedIn and Google+ contacts although I barely use those services. How did I get the most traction, however?


Email.


Take a look at the image above. Aside from a massive Facebook push around Christmas each of those spikes were driven by an email blast sent out on or around that date. Emails took a few days to appear as pledges but after each email I was able to push the total up by at least $1,000. Even given the horrible click rates, those are very compelling numbers.


Screen Shot 2013-12-31 at 11.15.32 AM


Now, to be clear, I don’t think it was just the email. These lists consist of people who have signed up for my various projects and folks I’ve met in my travels. They know me and many have the ulterior motive of staying friendly with a TC editor. Would I have the same results of I were some dude selling penis pills online? I sincerely doubt it. However, I could see this working if the email list were in the millions and not in the thousands.


In short, direct contact works best. As one crowdfunder told me “When someone gets an email from you they can do one of two things: ignore it and feel bad/indifferent or act on it.” In my case I was lucky that so many acted on it.


Again, I’ve been consistently amazed how little Twitter and Facebook – aside from direct messages – have contributed to the process. While these tweets and twoots are great for getting the word out – I’m not ungrateful by any means – the actual conversion is limited. Broadcasting “Buy This!” is far less effective than saying “Hey, friend, buy this.”


Do I feel bad about this spam? Well, I’ve tried to keep it to a minimum and now that I’m well past my original $8,000 goal I feel bad for continuing to market. But, in the end, this is a project I love and feel deserves to do well. What would I change in the future? I’d create some sort of system so I don’t re-target backers who have already helped out – that’s something that really upset me and I’ve received two emails from friends about it. Essentially I haven’t found any system for truly segmenting out who I contact although I’m sure solutions exist (and feel free to let me know if you have one).


Still I’m amazed at the reach and power at good old email. It sucks, but it’s true: spam works and it works well. In the end, a nice message, carefully wrought, results in far less blowback than a wonky diet pill email, but the process is the same. Like it or not, direct email is a crowdfunder’s best friend.


This is part of a series on crowdfunding, The Mytro Project . For future posts I’m looking for more input from online analysts and other crowdfunding platforms so please email me at john@techcrunch.com.










from TechCrunch http://feedproxy.google.com/~r/Techcrunch/~3/wVwJ4yP23BY/

Want to stream ABC shows the day after they air? Better get cable

As the legions of cord cutters continue to grow, companies are looking for any way to keep customers tied to their increasingly archaic (and offensively priced) pay TV subscriptions. ABC is just the latest network to get in on the frustrating ...



from Engadget RSS Feed http://www.engadget.com/2013/12/31/abc-restricts-streaming/?ncid=rss_truncated

How the Internet’s Founders Feel About The NSA Scandal

vint-cerf1

As the co-fathers of the Internet, Vinton Cerf and Robert Kahn tend to be pretty protective of their digital masterpiece. Both were early Defense Department engineers of the communications architecture that underlies the modern Internet, and both tend be outspoken about threats to a free and open information superhighway. For instance, when a United Nations body, the Internet Telecommunications Union, tried to assert more control over Internet governance, Cerf was immediately dispatched to Washington D.C. to preempt the power grab.


The National Security spying scandal has, likewise, been hailed as a global threat to privacy and the Internet itself. In a wide-ranging interview with the New York Times, Cerf and Kahn had a more reserved concern for government surveillance.


Here is Cerf on the NSA:



Q. Edward Snowden’s actions have raised a new storm of controversy about the role of the Internet. Is it a significant new challenge to an open and global Internet?

A. The answer is no, I don’t think so. There are some similar analogues in history. The French historically copied every telex or every telegram that you sent, and they shared it with businesses in order to remain competitive. And when that finally became apparent, it didn’t shut down the telegraph system.


The Snowden revelations will increase interest in end-to-end cryptography for encrypting information both in transit and at rest. For many of us, including me, who believe that is an important capacity to have, this little crisis may be the trigger that induces people to spend time and energy learning how to use it.



To give a bit of background, Cerf has suggested that privacy is a relatively new concept (and, historically, he’s correct). During the Civil War, Abraham Lincoln collected all telegrams, in a move that has been compared to the modern surveillance state. It appears that this type of mass surveillance, followed by new privacy laws, is typical in American history.


Khan seemed far more reserved in opining how the NSA affects privacy:



Q: Is there a solution to challenges of privacy and security?

In the 1990s when I was on the National Internet Infrastructure Advisory Committee, Al Gore showed up as vice president, and he made an impassioned pitch for Clipper chip [an early government surveillance system]. He said, “We need to be very aware of the needs of national security and law enforcement.” Even though the private sector was arguing for tight encryption, the federal government needed [to be able to conduct surveillance]. It never went, and it’s not anywhere today. I think it’s probably easier to solve the Israeli-Palestinian problem than it is to solve this.



A bit of background, in the 90′s, the government proposed a hardware backdoor to cell phones, known as the “Clipper Chip”. Hackers and activists successfully fought its implementation. Privacy is a perennial problem on the Internet–one that may never be solved.


Read the full interview here.










from TechCrunch http://feedproxy.google.com/~r/Techcrunch/~3/syVs_5uysGs/

Leak hints Google may shut down its Schemer goal sharing service

We can't blame you if you haven't heard of Google's Schemer; the goal sharing service launched at the end of 2011, but it hasn't received much publicity (or traffic) since. Accordingly, the crew in Mountain View may be close to shutting Schemer down. ...



from Engadget RSS Feed http://www.engadget.com/2013/12/31/leak-hints-google-may-shut-down-schemer/?ncid=rss_truncated

Sony's first PlayStation 4 ad for Japan teases the Japanese with everyone's joy

Japan, you'll get the PlayStation 4 soon. Promise. For now, look at everyone else enjoying it. Don't they look happy? That could be you on February 22nd! ...



from Engadget RSS Feed http://www.engadget.com/2013/12/31/playstation-4-japan-commercial/?ncid=rss_truncated

Google wants to make your mundane conversations into quirky online comics

Deep down, we'd all like to believe our text-based interactions are worthy of Calvin & Hobbes-style witticisms. They're not and you know it, but does Google? No matter, because the tech giant was just awarded a patent to format your virtual ...



from Engadget RSS Feed http://www.engadget.com/2013/12/31/google-comic-book-generator-patent/?ncid=rss_truncated

Sony launches dedicated Xperia Z Ultra cases for QX lens cameras

Though Sony's crazy QX10 and QX100 lens cameras can attach to most smartphones, the company naturally favored its own Xperia Z and Z1 handsets by creating custom cases for those devices. Now it's doing the same for its crazy-large 6.4-inch Xperia ...



from Engadget RSS Feed http://www.engadget.com/2013/12/31/sony-qx-lens-camera-xperia-ultra-z/?ncid=rss_truncated

Sony Rumored To Be Considering A Windows Phone Handset In 2014

Screen Shot 2013-12-31 at 10.17.48 AM

According to The Information, Sony could release a Windows Phone device, diversifying its mobile device lineup, bolstering Microsoft, and perhaps demonstrating a growing wish among hardware firms to hedge against an Android-dominated future.


Sony appears to be strongly interested in the project. The Verge wrote this morning that the company has continued the project despite Microsoft’s plan to purchase Nokia’s handset business. Its willingness to consider building a Windows Phone device despite the platform having a firm home-advantage tilt towards Microsoft’s own hardware is indicative.


For Sony the move would diversify its mobile line away from Android, a platform now generally associated with Samsung hardware. The irony to that is the simple fact that Nokia is the de facto Windows Phone OEM, so Sony would be entering into a second realm where it would be a second-place player.


The winner in Sony’s potential entrance is Microsoft, even if the release of a Vaio-branded Windows Phone handset could potentially slow sales growth of its — soon to be owned — Lumia phones. Microsoft would collect a per-unit fee, perhaps enjoy faster overall platform sales growth, and, of course, there has ever been an implied connection between the Windows Phone and Xbox product lines. We have yet to see hard evidence in my estimation that one leads to greater use of the other, but the shared Xbox platform experience must have some impact on consumer activity.


Therefore, Sony building a Windows Phone would have some positive impact on Xbox. And that would, presumably, come at the cost of Playstation momentum.


According to the latest public data, Nokia’s control of usage share in the Windows Phone hardware ecosystem is now more than 92 percent. That’s dangerous for Microsoft as betting your mobile platform on a single device stack could lead to platform risks (a poor hardware update cycle could slow growth for a year, etc.), meaning that Sony’s joining the Windows Phone cadre could better moor Windows Phone.


When Windows Phone launched, it did so with OEM partners as diverse as Dell. There has been a winnowing. If Microsoft can flip that trend, it will have gone a ways to proving that the progress it made in 2013 was no fluke.


Top Image Credit: Flickr










from TechCrunch http://feedproxy.google.com/~r/Techcrunch/~3/bViw7umvuOw/

LG May Be Taking Another Stab At The Wearable Activity Tracking Formula

lifebandtouch

CES 2014 is just around the corner, along with enough new gadgetry to fill several lifetimes. Last year we saw a glut of activity trackers pop up in the wake of notable hits like the Fitbit and Jawbone’s UP, and now it looks like LG is taking yet another stab at the wearable fitness formula with its newly leaked (thanks to @evleaks) Lifeband Touch.


Wait, hold on, another stab? Let’s not forget that LG showed off an awfully familiar looking quantified self contraption at last year’s CES, a device that never found its way to store shelves. That earlier unit was capable of connecting to certain compatible LG smart TVs in addition to just tracking your movement, which has to be one of the savvier approaches to building a wearable I’ve seen yet.


After all, if you’re going to insist that people wear your wrist-worn doodad for days on end, what better way to go than to connect it to more things you’re likely to interact with often anyway. Sadly, there are precious few details to go on at this point so the Lifeband is


If we’re being honest, the Lifeband’s existence doesn’t come as much of a surprise — LG has already confirmed that it’s continuing to work on wearable devices, and some recent rumors pointed to a health-conscious angle. The real question, though, is whether or not these things will ever actually see the light of day.


The quantified self market is still a relatively young one, but it’s already got its fair share of big-name incumbents that seem to get the lion’s share of attention from the press and consumers alike. Then again, the Galaxy Gear seemed like one of those kooky vaporware projects for a while before Samsung (for better or worse) decided to push it out the door — maybe LG will throw caution to the wind and release this thing after all.










from TechCrunch http://feedproxy.google.com/~r/Techcrunch/~3/Sl5yAT7wZIA/