Friday, 30 December 2011

What a W(onder)

Review: Samsung Galaxy W
Everyone has seen, heard, and even used the Samsung Galaxy S2 with some being convinced that it was the device they needed. Others, of the category who could not afford such a pricey smartphone, have to be contented with knowing that what Samsung offers is out of their league.
That changed when the Samsung Galaxy W - Galaxy S2´s younger sibling - arrived onto the scene and caused a stir among those who wanted Samsung´s flagship smartphone but can´t afford it.

Why did the Samsung W, called the Galaxy Wonder in certain countries, had such an effect, especially if it sputtered into retail shops with no fanfare?

For starters, it´s very affordable - only RM999 (without contract). And for such a price, just about anyone who has some loose change can purchase a Samsung smartphone that is similar to the Galaxy S2.

But wait...can it perform just like the much sought after Galaxy smarthphone?

Before going into that, it must be said that the Galaxy W doesn´t have a dual-core CPU or the sleek, elegant size and feel of the Galaxy S2.

Instead, what the Galaxy W has is a single-core 1.4GHz CPU, a chassis that is slightly smaller in both body-frame and screen (3.7-inch), and lower capacity for storage and memory. In the case of the latter, there is a MicroSD slot for users who need bigger memory space.

The specs of the Galaxy W, while not as up-scaled like the Galaxy S2, do not compromise on the overall performance of the device.

Apps, both light and heavy loaders, as well as multi-tasking between apps and operating on a number of Internet browser tabs had not encountered any lag whatsoever. In fact, they all performed rather smoothly on the Galaxy W.

This is where the device clearly shows how it is very much like the Galaxy S2 in terms of what it has to offer. What it lacks in size, storage, and speedy processing, the Galaxy W makes up for its ability to be a nimble and hardy device as well.

Interestingly, this small Galaxy also heats up just as fast and as hot as the bigger Galaxy. Samsung really needs to figure out how it can keep its devices running cool and not start baking within the first 10 minutes of use.

What the Galaxy W needs if it were to be exactly like its bigger brother is to have longer battery life. Minimum use saw the smartphone lasting no more than 10 hours and one day if it is on standby. Heavy use (even sporadically) will see the power drop rapidly and only lasting no more than 6 hours.

Power issues aside, the Galaxy W is definitely one of the few smartphones that fits nicely in the mid-tier range and will be the one to catch the attention of many thanks to its low price-point and design DNA being very close to the Galaxy S2.

If the fast heat build-up and quick power drain are non-issues, then the Galaxy W may be the smartphone to consider as a great New Year´s purchase for 2012.

Sources : New Strait Times

M'sia needs to produce own cyber security software, says expert

KUALA LUMPUR: Malaysia needs to produce its own cyber information security software as depending on foreign software may risk information leaks and intelligence breaches, said a software expert.
Universiti Putra Malaysia (UPM) Computer Science and Information Technology Faculty dean Prof Dr Ramlan Mahmod said infiltration could happen covertly as currently there was a lack of understanding on source code logic streams used by foreign software.
"At the moment, there is no software capable of checking the source code of software to ensure the software used is confirmed safe.
"For the realisation of this information technology, the country needs to acquire 'technical knowhow' in information security and expertise in various fields such as computer science, mathematics and engineering," he told Bernama.
He said to acquire the expertise, the nation needed to carry out the foundation work such as training more experts in information technology and by bringing in more external technologies into the country.
Dr Ramlan said information leaks could happen in two situations - when the data is in transmission and hacking of existing data in storage.
"To prevent hackers from attacking data in transmission or unauthorised access to data storage, the information could be encrypted or hidden.
"This is the basis of information and software development important to ensure our cyber defence," he said.
He said the government needed to play a major role to set up a strong system of cyber defence as it needed financial commitment, expertise, legislation and continuous monitoring.
"Cyber security is the same as national security involving many operational aspects such as prevention, defence, detecting, intelligence and attack.
"It also needs sophiscated technical knowledge in information security and continuous upgrading of capability considering hackers are also improving their attacks," he said. BERNAMA
Sources : The Star

Thursday, 29 December 2011

Biometrics for secure mobile connections

Biometrics for secure mobile connections

Though security applications that verify a person's identity based on their physical attributes, such as fingerprint readers or iris scanners, have been in use for some time, biometric security has only recently started to appear in mobile phones, PDAs and notebook computers where the need for miniaturisation represents a technological challenge. 

So far biometric data has been used to tie the device to a person to prevent it from being used illegitimately if lost or stolen. But the IST project SecurePhone is taking a new approach, employing physical attributes to enable the user to digitally sign audio, text or image files, providing proof of their origin and authenticity.

"As far as we know there is no other biometrically-enabled digital signature application available for mobile devices that can guarantee security by storing and processing all sensitive information on the device's SIM card," explains SecurePhone technical coordinator Roberto Ricci at Informa in Italy. "Because biometric data never leaves the device's SIM card and cannot be accessed, except by the verification module which also runs on the SIM card, the user's biometric profile is completely safe. This is important to meet the highest privacy requirements."

Although existing communications infrastructure based on the GSM, GPRS and UMTS mobile systems provides a secure means of communication, it lacks any robust method of user identification. Text, audio and image files can be sent by anyone to anyone with no authentication and there are no guarantees the person you are talking to in a phone conversation, if you've never met them before, is really who they claim to be.

The upshot is that data exchanged over mobile devices is of limited use for legally binding transactions even though mobile devices, given their ubiquity, would be a prime candidate for carrying out e-commerce (or m-commerce), managing business processes such as signing contracts or even in securing the exchange of data in e-healthcare and e-government systems. A digitally signed and authenticated voice recording during a telephone conversation would, for example, give the speaker's words legal value.

"The aim is to enable users to exchange information that can't be disputed afterward. That could be a voice recording that is authenticated to eliminate any doubt about who the speaker is, what they actually said and prove that it has not been manipulated," Ricci explains. "To achieve that it is necessary to digitally sign the data and to ensure that only the legitimate user can perform the signing."

The system developed by the SecurePhone project partners consists of two main elements. The first, an authentication module, uses biometric security applications to verify the user's identity. That in turn gives them access to the second module which digitally signs the data using a Public Key Infrastructure (PKI). 

"Rather than relying on something you possess – you can forget a PIN code or write it down and lose it – biometric security relies on what you are," Ricci notes.

The system, which is designed primarily for PDA-phones but could also be used in new generation smart phones and WiFi-enabled PDAs, offers three methods of biometric identification. One employs the digital cameras that have become commonplace in mobile devices along with a face recognition application to identify the user based on their facial features. Another uses voice recognition software – also detecting any asynchrony between speech and lip movements - and the third verifies the handwritten signature of the user on the device's touch screen. The three methods are used in combination to enhance the overall levels of security and reliability, and most importantly they require no hardware additions to mobile devices.

"The SecurePhone platform is entirely software based. This is important if it is to be adopted by device manufacturers as it keeps costs down and makes implementing it much easier. There is no need to add fingerprint or iris scanners. Instead, the system uses elements that already exist in the device and which serve alternative purposes as well, while the type of verification carried out is non-intrusive for the user," Ricci says.

The project partners are currently working on the final integration of the system ahead of trials of a finished prototype that are expected to begin in August. Ricci notes that so far the different elements of the application have performed well during laboratory testing.

Despite SecurePhone's focus on research, ricci notes the the resultin application is commercialy appealing and that the project partners are planning a further project with the aim of bringing the technology to market.

"We wouldprobably aim at the niche markets at first, such as busy executives, e-government or e- healthcare, and then expand from there," he says. 

Sources : 21 Century

Wi-Fi 'protected set-up' not so protected after all

On Tuesday, the organization, known as US-CERT, cited findings from security researcher Stefan Viehbock, who uncovered the security hole in the so-called Wi-Fi Protected Set-up, or WPS, protocol, which is often bundled into Wi-Fi routers. The WPS protocol is designed to allow unskilled home users to set up secure networks using WPA encryption without much hassle. Users are then able to type in a shortened PIN instead of a long pass-phrase when adding a new device to the secure network.
That method, however, also makes it much easier for hackers to break into a secure Wi-Fi network, US-CERT says. The security threat could affect millions of consumers, since the WPS protocol is enabled on most Wi-Fi routers sold today.
"A few weeks ago I decided to take a look at the Wi-Fi Protected Setup (WPS) technology,"Viehbock said in a blog post. "I noticed a few really bad design decisions which enable an efficient brute force attack, thus effectively breaking the security of pretty much all WPS-enabled Wi-Fi routers. As all of the more recent router models come with WPS enabled by default, this affects millions of devices worldwide."
The basic problem is that the security of the 8-digit PIN falls dramatically with more attempts to key in the password. When an attempt fails, the hacker can figure out if the first four digits of the code are correct. From there it can then narrow down the possibilities on the remaining digits until the code is cracked. Viehbock said a hacker can get into a secure Wi-Fi hotspot in about two-hours using this method to exploit a vulnerability.
Here's how US-CERT describes the flaw:
When the PIN authentication fails the access point will send an EAP-NACK message back to the client. The EAP-NACK messages are sent in a way that an attacker is able to determine if the first half of the PIN is correct. Also, the last digit of the PIN is known because it is a checksum for the PIN. This design greatly reduces the number of attempts needed to brute force the PIN. The number of attempts goes from 108 to 104 + 103 which is 11,000 attempts in total.

It has been reported that some wireless routers do not implement any kind of lock out policy for brute force attempts. This greatly reduces the time required to perform a successful brute force attack. It has also been reported that some wireless routers resulted in a denial-of-service condition because of the brute force attempt and required a reboot.
US-CERT said in its warning that there is no known fix to the security problem. Instead, the group recommends that users disable the WPS function on their routers. The warning lists several wireless router vendors as selling devices that are affected by the security hole: Buffalo, D-Link, Cisco Linksys, Netgear, Technicolor, TP-Link, and ZyXEL.
US-CERT indicated in its warning that it notified router vendors that are affected by the security issue in early December, but so far the vendors have not offered a response nor have any of them issued statements.
CNET also contacted the vendors listed by US-CERT, but has not yet received a response from any of them.

By Marguerite Reardon
Sources : CNET News

Windows 8: The InfoWorld Deep Dive report

It's not the Windows you know and love. Microsoft has revealed a "reimagined" Windows -- code-named Windows 8 -- that boasts a very different, tile-centric user interface called Metro taken from Windows Phone that is touch-savvy, runs on ARM processors as well as Intel x86 chips, takes fewer system resources so it can run on a wider variety of hardware platforms, and works on both tablets and traditional keyboard-and-mouse PCs. It's not mobile versus desktop, it's mobile and desktop together.
The new Windows -- available now in a pre-beta developers version and expected to be formally released in late 2012 -- reflects a changing world, says Microsoft's Windows chief Steven Sinofsky. "Things are a whole lot different now than three years ago. ... Touch is a whole new dimension. Mobility is a whole new dimension. ... We want Windows to respond to that."
InfoWorld's analysis of Windows 8, based on hands-on use of the developer version, is that it is a game-changer for users -- and will be a major shift for users and IT alike in terms of capability, usage, management, and overall technology strategy. And it will introduce huge changes to how developers conceive and deliver their applications.

By InfoWorld Staff
Sources : InfoWorld

New York Times mistakenly e-mails millions about subscriptions

The New York Times is now saying that a believed-to-be bogus e-mail that told millions of subscribers that their subscriptions had been canceled actually did come from the newspaper company. But the e-mail, which was meant for only 300 recipients, was instead sent to more than 8 million subscribers, a tweet from Amy Chozick, a media reporter for the Times states.
(Credit: Screenshot by Anne Dujmovic/CNET)
This morning millions of New York Times subscribers received an e-mail informing them that their subscription had been canceled and then went on to offer a 50 percent discount if they renewed their subscription and used a special code. When CNET tried calling the number listed, there was nothing but a busy signal.
After a flurry of tweets about the e-mail showed up on the social-networking site Twitter, the newspaper responded, stating that the e-mail was a fake.
(Credit: Screenshot by David Hamilton/CNET)
Some people speculated that the e-mail header had been spoofed to make it look like the message had come from the Times, since the same e-mail address had been used to send legitimate correspondence. It turns out the e-mails were legit.
The New York Times reporter covering this story is promising a follow-up to offer details on how this mistake happened.
Here is the text from the original e-mail:
Dear Home Delivery Subscriber,
Our records indicate that you recently requested to cancel your home delivery subscription. Please keep in mind when your delivery service ends, you will no longer have unlimited access to and our NYTimes apps.
We do hope you'll reconsider.
As a valued Times reader we invite you to continue your current subscription at an exclusive rate of 50% off for 16 weeks. This is a limited-time offer and will no longer be valid once your current subscription ends.*
Continue your subscription and you'll keep your free, unlimited digital access, a benefit available only for our home delivery subscribers. You'll receive unlimited access to on any device, full access to our smartphone and iPad» apps, plus you can now share your unlimited access with a family member.
To continue your subscription call             1-877-698-0025       and mention code 38H9H (Monday-Friday, 8:30 a.m. to 8:30 p.m.; Saturday, 9 a.m. to 3 p.m. E.D.T.).
By Marguerite Geardon
Sources : CNET news

Looking Forward to 2012: Apple TV, iPhone 5 and Goodnight PCs


Onward, tablets, smartphones and post-PC (yet still just as much “personal computing”) devices — call them whatever you like, 2012 will see a glut of me-too mobiles designed to untether us from stodgy office desktops and augment our everyday, ordinary activities by slipping into our everyday, ordinary surroundings. With that in mind, here’s my list of up-and-coming 2012 tech picks:
Apple TV, the Next Generation
The trouble my 37-inch, four-year-old LG 1080p LCD TV has squeezing inside my mammoth mission-style entertainment center aside, I’ve been eyeballing a new TV all year. I already have an Apple TV, but we’re talking the tiny black box, not a full-blown TV set. So when I say I’m eyeballing an Apple TV, let there be no confusion — I’m speaking of the rumored 32- and 37-inch Apple television sets due sometime this summer, not the device I only use to stream my music library to the living room.
Apple’s challenge, assuming these things are real, is twofold: Leapfrogging the current black box Apple TV’s features, and pricing its televisions competitively (assuming it wants to sell these things mainstream, anyway). Feature-wise, Apple needs to do more than offer access to a few third-party services and stream iTunes media from an Apple computer (it needs to be more than just an Apple TV inside an Apple-branded television, in other words) so here’s my wish list: An Apple TV that could sync wirelessly with iOS devices, allowing video, photos and even apps or games to appear (magically!) on the TV without cables, and a Siri-like voice command feature, making an appearance alongside a motion-control interface similar to (but ideally miles better than) Microsoft’s Kinect. Bring it on, Apple!
iPhone 5 or Android Whatever
The iPhone 4 I picked up last February — my first iPhone, if it matters — has been a mostly up experience. It’s quick, dependable, swarming with apps that cover all my bases and not a total disaster when texting so long as I use just one finger (in lieu of two thumbs). My only complaints: The screen is too small, the phone’s too breakable (all glass, front and back) and I’m still not sold on finger-gaming, especially first-person stuff where I’m fighting just to see around my thumbs (would someone please release a thumbstick snap-around like the 3DS’s add-on already?). I have mixed feelings about most Android phones, but after playing with a friend’s Galaxy Nexus, I’ve sort of done a one-eighty: Unless the iPhone 5 is thinner and has an edge-to-edge 4.65-inch or larger display, I may just pick up a Galaxy Nexus to go hand-in-glove with a new Windows-based, gaming-angled ultrabook.
Goodbye forever, desktop PCs — hello ultrabooks and tablets!
I ditched my tricked-out Windows desktop PC a few weeks ago — good night, good luck (and, with all due respect, good riddance). I barely touched the thing in 2011, and I’ve jettisoned any nostalgic sentiments I once had for screwing around with soldering circuits or tweaking liquid cooling kits. My work machine’s now an 11-inch MacBook Air, though it might as well be a Windows-based ultrabook. I love OS X, but I’m almost as fond of Windows 7, and since I’ve kept my personal and work data agnostic, organized and easy to migrate, I’ll be happy to switch if the right hardware comes along (hello Razer Blade!). The desktop PC is a dinosaur, and Moore’s Law ceased to matter years ago (just because computing power doubles in a given period doesn’t mean app requirements or consumer needs do), so bring on the souped-up ultraportables and 2012′s enhanced tablets (be they Android or iOS based), and may the space beneath (or beside) our desks, chairs and tables remain case- and cable-free forever.
By Matt Peckham
Sources : Time

Tuesday, 27 December 2011

Pikom says did not initiate Computing Professionals Bill

PETALING JAYA: The National ICT Association of Malaysia (Pikom) said it was invited by the Ministry of Science, Technology and Innovation (Mosti) as one of 17 stakeholders to provide comments and input to the proposed Computing Professionals Bill (CPB).
"We would like to make it clear that Pikom did not champion the proposed Board of Computing Professionals Bill 2011," said Pikom president, Shaifubahrim Saleh in a statement.
He added that while Pikom sees the proposed Bill as a move to enhance the industry's professionalism, it is also concerned with the Bill's scope, approach and implementation.
The industry body will be polling its 1,400-strong membership to gauge sentiments and collect feedback on the proposed Bill.
The statement comes days after IT professionals expressed their opposition to the Bill during the Dec 13 open day session held at Mosti's Putrajaya office to gather feedback.
Science, Technology and Innovation Minister Datuk Seri Maximus Johnity Ongkili, has stressed that his ministry is only the "facilitator" of the Computing Professionals Bill.
"The idea came from the industry players and we are just the facilitating the process," he said during a press conference on Dec 14 to clarify Mosti's position.
The mentioned stakeholders comprise IT graduates, academia, SME and SMI, multinational corporations, and self-taught IT professionals.
The draft Bill seeks to legalise the formation of a Board of Computing Professionals to oversee the registration of IT professionals in this country.
It is a bid to ensure that only qualified professionals can work in the Critical National Information Infrastructure (CNII) sectors.
Among the sectors in the CNII are banking and finance, cyber-security, national defence, healthcare, emergency services, food and agriculture, and utilities.
The Bill will recognise two categories of IT talents - certified IT practitioners who do not have formal qualifications, and certified IT professionals who have full qualifications.
The draft of the Bill was released on the Internet on Dec 8 but so far no one has admitted to posting the 56-page document online.
Since then, the proposed Bill has come under a firestorm of criticism from the local IT community, with concerns ranging from the lack of consultation with the wider community to the hindrance of innovation and development the Bill would have across the board upon its implementation.
Many have called for the proposed Bill to be scrapped entirely, questioning the need for a law rather than industry-led initiatives to improve quality and standards of its practitioners.
Ongkili stated during the press conference that if the industry was collectively against the Bill, Mosti would move to scrap it.
"If they are not keen, it is entirely up to them to decide and as for us, we will have less work," he told reporters present.
Ongkili said since industry players had brought up their concerns, the onus was on them to assist the ministry in drafting the law and setting up the board.
"It will be up to the industry to decide the composition of the board, the extent of its powers and other related matters. The board will then define the realm to be regulated and they can tailor it to their requirements," he said.
Ongkili has also expressed hope that a draft of the Bill could still be ready by the middle of next year, with consultations slated to continue with more stakeholder groups to be engaged.
"I think six months is sufficient for this. We will weigh all views and comments and hopefully a final decision can be made then," he said.
The 30-day feedback period on the draft Bill is ongoing and interested parties have been urged to e-mail their suggestions and concerns to by January 15 2012.
By Gabey Goh
Sources : The star

Wednesday, 21 December 2011

Canon Crowns 7 Winners for Canon Photomarathon Malaysia 2011

´The Earth Guardian´, ´City of Colours´ and ´Extraordinary of the Ordinary´ - these were the three themes that Canon Marketing Malaysia unveiled at the 5th Canon Photomarathon Malaysia 2011.

The event, which was held on October 15 2011, had more than 1,600 of Malaysia´s top photographers and photo enthusiasts racing throughout KL to shoot different subjects to create their interpretation of these three themes.

A total of 4,731 entries were submitted. To heighten the anticipation and create a sense of public involvement, shortlisted entries were subsequently put on display at the "Canon Signature Gallery", a special charity photography exhibition held at the centre court of Pavilion Kuala Lumpur from October 19 to 23 2011.

Simon Wong, Director of the Imaging Communication Products Division, Canon Marketing (Malaysia), revealed the winners a few days after the exhibition ended.

The following names were those that came up on top:Grand Prize winner for the Best of Show category: Abdul Hafiz Bin Abdul Hamid, 29, from Penang.

1st, 2nd and 3rd prize for the Best of Show category: Asmady Bin Ahmad, Akmal Hakim Bin Rusly and Abdul Ramdzhani Bin Abdul.

Best of the three themes:
- The Earth Guardian: Abdul Hafiz Bin Abdul Hamid

- City of Colours: Chan Tek Mun

- Extraordinary of the Ordinary: Davie Gan Say Hong

Abdul Hafiz walked away with an all expenses paid trip to Tasmania, Australia for the 8-day photo clinic hosted by acclaimed photographer Triston Yeo, RM10, 000 cash prize, Canon PIXMA MG8170 inkjet printer and a Think Tank Rotation 360 Camera Backpack. As for the best of the three themes, they received a unit Canon PowerShot G12, Canon PIXMA iP3680 inkjet printer and a Think Tank Digital Holster professional camera bag each.

"This year´s themes were very challenging but we were amazed at the quality, creativity and professionalism of the photo submissions. All the judges agreed that it was tough to hand-pick the winning photos for this year but we believe all the winners displayed tremendous vision, deep insight and amazing talent through their lens," said Wong.

According to Wong, Canon Marketing Malaysia has managed to raise a total of RM32, 915 for the National Breast Cancer Research Foundation through this event. It is his, as well as Canon´s, hope to continue these efforts to contribute back to the community and at the same time reward and recognise Malaysia´s top talent in photography.

Sources : New Strait Time

A Slimmer and Lighter Galaxy TAB

Samsung Malaysia Electronics Sdn. Bhd (Samsung) had announced the arrival of the GALAXY Tab 7.0 Plus into the Malaysian market.
Portable, yet providing a rich multimedia experience, thanks to its using of Android HoneyComb, on a large 7-inchscreen display, the GALAXY Tab 7.0 Plus packs power and productivity within a chic and light weight design.

"The tremendous success of the first generation GALAXY Tab last year marked an important milestone in the mobile industry, which pioneered the seven-inch tablet market. Building on its success, we are proud to introduce the GALAXY Tab 7.0 Plus, reloaded with enhanced portability, productivity and a richer multimedia experience. The GALAXY Tab 7.0 Plus is designed to give you even more possibilities on the go," said Kwon Jae Hoon, Managing Director, Samsung Malaysia.

Powering the GALAXY Tab 7.0 Plus is its 1.2GHz dual-core processor, which is further complemented with Samsung´s Touchwiz UX, and its innovative Mini Apps and Live Panel software.

Mini Apps allows users to seamlessly multitask as it allows them to consolidate seven applications that are easily accessed from a bottom-side tray on the main screen. Users can launch their favourite features such as calculator, calendar or task manager as pop-ups over full screen applications.

Available from December 2011 onwards, the Tab 7.0 will be priced at RM1699

 Sources : New Strait New