Friday, January 21, 2011

Lush hackers cash in stolen cards

Cyber thieves are cashing in after stealing credit cards in a hack attack on the website of cosmetics firm Lush.

The online shop was shut down on 21 January and its home page replaced with a message revealing the attack.

Lush said anyone who placed an online order between 4 October and 20 January should contact their bank in case their card details had been compromised.

Many Lush customers have reported that their cards have been used fraudulently.

Comments posted on the Facebook page of Lush revealed that many customers were angry about the security lapse that may have spanned four months.

Many said they had lost money or had to cancel cards in case they were about to be abused. Some said Lush should have noticed the problem earlier and called for compensation for the money they have lost.

Security expert Rik Ferguson from Trend Micro said the sums of money the hackers were taking could be significant.

"I was initially alerted to the attack by one of my own friends whose card, along with her husband's, have subsequently been used to make fraudulent purchases totalling almost �6000 from well-known online retailers," wrote Mr Ferguson on the Trend Micro blog.

"The risk of these stolen card numbers being used by criminals has already moved from the theoretical to reality," he said.

Hilary Jones, ethical director at Lush, said the firm became aware of problems on Christmas day when hackers were discovered to have penetrated the site.

The site was taken down and did little trade between Christmas and New Year while Lush investigated to see if the hackers were merely mischievous or out to make money.

It became obvious that the hackers were after cash as European customers began reporting small purchases made with credit cards that had been used on Lush and other web shops.

Ms Jones said the small transactions were "test" purchases that thieves do to see if a stolen credit card is still live.

She said that when it became obvious that a lot of test purchases were being made and the Lush site was the key, the company shut down its store and told customers what had happened.

"As an ethical company we could not keep that information to ourselves," said Ms Jones. "We had to tell a huge raft of customers."

The four-month window that people needed to check was a safeguard to ensure all at-risk customers were covered, she said. The site was not vulnerable throughout that time.

"We really want to make sure we cover all possibilities," said Ms Jones. "We wanted to tell more customers than less."

The Lush website has been "retired" and a new online shop is set to appear in a few days but will initially only accept payment through Paypal.

Ms Jones said a forensic investigation was underway to find out how the thieves broke into the site.

Hack attack

At the same time, Trapster in the US has reported that it too has been hit by hackers.

The site, which helps people avoid speed cameras and road hazards, issued a warning to its 10 million users saying their e-mail addresses and passwords may be in the hands of attackers.

It said the attackers breached the site once and managed to get away with the data. Trapster's warning triggered a similar one by Twitter advising people to change their password and avoid using the same one on different sites.

The attack could mean that accounts on other sites get taken over by spammers and used to send junk mail.

In mid-December Gawker Media's revelation that its servers had been hacked and 1.3 million accounts had been compromised gave rise to warnings from Yahoo, Twitter, LinkedIn and World of Warcraft maker Blizzard asking people to change login details.



Business Forum | Christian Forum | Coupon Forum | Discussion Forum | Gamers Forum
Legal Forum | Politics Forum | Sports Forum | Teen Forum | Webmaster Forum

Scholar rejects Google 'attack'

A researcher who has accused Google of bias says the internet giant is now waging a campaign to discredit him.

Ben Edelman, an associate professor at Harvard Business School, published a study this week claiming Google boosts its own products in search results.

The Californian company responded by suggesting he was actually working on behalf of its rival, Microsoft.

But Mr Edelman told the BBC that Google was launching "personal attacks" to distract people from its own behaviour.

"I don't mind personal attacks, to be honest, because I think it shows they can't argue against the research," said the associate professor.

"That's what they've done to most of my recent research."

His study, "Measuring Bias in Organic Web Search", was conducted in August last year alongside Harvard colleague Benjamin Lockwood and published on Wednesday.

It found that Google gave undue prominence to its own sites across a number of popular search terms, such as e-mail, video and chat.

Under a search for "e-mail", for example, the study found that Google's top result is its own Gmail service - despite the fact that almost twice as many people searching the site subsequently clicked on the second result, Yahoo Mail.

The company responded angrily to the study, issuing a statement that accused him and his methodology of deliberate bias.

"The report is highly biased, ignoring contrary examples like "search engine", "book flights" or "directions", and failing to account for other reasons why certain sites rank highly," it said in a statement.

It was also unimpressed by the author's credentials.

"Mr Edelman is a longtime paid consultant for Microsoft, so it's no surprise that he would construct a highly biased test that his sponsor would pass and that Google would fail," it said.

"Google never artificially favours our own services in our organic web search results, and we perform extensive user testing to ensure that search results are ranked in a way that provides users with the most useful answer," it added.

Antitrust investigations

The issue strikes at the heart of Google's multibillion dollar search business, which it has always said is based on a neutral, automated system that merely reflects how popular a site is online.

That claim is already being questioned by regulators in Europe and America, following complaints from some services who feel they have been deliberately excluded.

In November, the European Commission announced that it was launching an investigation into whether the company was abusing its dominance.

Earlier last year, meanwhile, the attorney general of Texas said he was looking at claims that Google manipulates results to boost its own products and therefore make more profit.

Mr Edelman said his work was a thorn in Google's side because it backed up those criticisms.

"I can see why it would hit home for them - they're under antitrust scrutiny on at least two continents," said Mr Edelman. "Their approach of asking people to trust them seems to be wearing thin."

"Start Quote

"I can see why it would hit home for them - they're under antitrust scrutiny on at least two continents."

End Quote Ben Edelman Associate professor, Harvard Business School

Mr Edelman told the BBC that the study could have been improved with more information and time.

He said its data could have been more recent and the search terms could have been independently chosen. But, he added, the numbers were sound and that he stood by his conclusion.

Not everyone agrees with Mr Edelman's analysis, however.

Danny Sullivan, the editor of the Search Engine Land website, has defended some of Google's practices in the past. He said the Harvard study did outline some "odd" behaviour but said the figures could also be used to show that Google was less biased than might be expected.

"Statistics can easily be turned to whatever you want them to be," he wrote. "I feel like Edelman is turning his study into the most negative view possible."

Responding to Google's claims of bias, Mr Edelman said that he had been a paid consultant for Microsoft in the past, a fact openly disclosed on his website.

However, he added, the research - which also looked at Microsoft's Bing service and found it was less skewed than Google - was not deliberately designed to produce such a result.

He added that he had also given free advice to Google in the past as well as other companies, including the BBC.

He also said that the company supported him when he criticised the behaviour and bad practices of Yahoo, which was Google's main rival at the time.

"When Google didn't have as much market power as they do now, they consulted with me on some projects," he said. "How quickly Google forgets."



Business Forum | Christian Forum | Coupon Forum | Discussion Forum | Gamers Forum
Legal Forum | Politics Forum | Sports Forum | Teen Forum | Webmaster Forum

Larry Page to become Google chief

Google co-founder Larry Page is to become chief executive of the US internet search giant in April.

He will take over from Eric Schmidt, who has been in the job for a decade and will become executive chairman.

Google said Mr Schmidt would focus on "deals, partnerships, customers and broader business relationships".

The surprise news came as Google unveiled strong net profits in the last three months of $2.54bn (�1.6bn) on revenues of $8.44bn.

Mr Page, 37, is reclaiming the job he relinquished to Mr Schmidt, 55, when investors called for a more experienced business leader.

"In my clear opinion, Larry is ready to lead and I'm excited about working with both him and Sergey [Brin] for a long time to come," Mr Schmidt said in a blog posting. Mr Brin, also 37, is Google's other founder.

Analysis

<!-- pullout-items--> <!-- pullout-body-->

It's just under 10 years ago that Eric Schmidt joined Google, and what a ride it's been. He was brought in as the "adult" to complement the search company's young leadership team. He had plenty of experience: at Bell Labs, Xerox, Sun and Novell. His job: to reassure investors and manage growth.

Mr Schmidt has delivered, and more. His biggest achievement is how he bonded with Google's two founders; as an executive triumvirate they appear to have managed the company with little internal friction.

In corporate terms, Larry Page and Sergey Brin have been grown-ups for quite a while. Now they are taking charge at the company that is rightfully theirs.

But Google has lost momentum recently, especially in competition with Facebook. Key staff are leaving. It will be Larry Page's job to re-energise the search giant.

Still, shareholders will feel a tad safer in the knowledge that Eric Schmidt will carry on as the founders' mentor.

<!-- pullout-links-->

Mr Schmidt said the management changes, which take effect on 4 April, were part of a plan to "streamline" decision making and create clearer lines of responsibility and accountability.

"We've been talking about how best to simplify our management structure and speed up decision making for a long time," Mr Schmidt said.

He added: "Larry will now lead product development and technology strategy, his greatest strengths... Sergey has decided to devote his time and energy to strategic projects, in particular working on new products. His title will be co-founder."

Caution

Analysts said that Mr Page was now more experienced, and would carry more weight with investors on Wall Street than he did 10 years ago.

But Brian Pitz, analyst at UBS, added a note of caution. "The Street will think it's a negative, that there is probably some issue going on. Google is trying to get more efficient and trying to get a tech guy in the seat to compete with Facebook.

"I don't think it changes anything strategically where the company is headed," he said.

The surprise news overshadowed strong fourth-quarter profits that were well ahead of analysts' estimates. The $2.54bn profit compares with $1.97bn made in the same quarter the year before.

Analysts said Google appeared to have strengthened its internet advertising machine during the pre-Christmas shopping season, sparking a 26% surge in revenues to $8.44bn.

After subtracting the commissions Google pays to advertising partners, revenues were $6.37bn, about $300m more than analysts had forecast.

Mike Hickey, analyst at Janco Partners, said: "When you see an executive change, you hesitate because generally, it's a disruption at the top. Obviously the numbers look good, so it's a balance between the two."

Shares of Google rose about 2% to $639 in after-hours trading on Wall Street. The company now has a market value of about $200bn and has turned the co-founders and Mr Schmidt into billionaires.



Business Forum | Christian Forum | Coupon Forum | Discussion Forum | Gamers Forum
Legal Forum | Politics Forum | Sports Forum | Teen Forum | Webmaster Forum

Illegal gamers costing &#39;billions&#39;

Man playing football game <!-- Empty - Wide embedded hyper -->

People who play illegal copies of video games on chipped or modified consoles cost at least �1.45 billion in lost sales in 2010.

The Association of UK Interactive Entertainment (UKIE), which speaks for the games industry, says it's not just money that's being lost.

It also estimates that it's resulted in 1,000 fewer jobs in the industry.

One pirate told Newsbeat that games are too expensive and the companies behind them make enough money as it is.

They want to bring the prices down and then maybe people would stop doing this

Martin, 25, from Scarborough on illegal gaming

Piracy is traditionally more commonly associated with music or films.

But 25-year-old Martin, from near Scarborough, says that's not the case.

He's been modifying consoles for a year and says he's adapted, otherwise known as 'modded', 'chipped' or 'flashed', around 60.

"I can pretty much modify anything," he admitted.

"Xbox 360s and there's a new hack for the PS3, Wii, DS and PSP."

Sony takes PS3 hackers to court

Pirated games

He charges around �40 to modify a console which makes it possible to then play pirated games on them.

They can cost anywhere from �1 to �5 per illegal copy.

Chipped games console UK software sales were down from �1.9bn in 2008 to �1.45bn last year

He said: "At the end of the day the video game industry makes as much as the film industry nowadays.

"So they (the industry) can't say they're losing masses of money over this.

"They want to bring the prices down and then maybe people would stop doing this."

That is a common argument used by pirates, that legitimate games which cost around �45 is too much for many people to pay.

"They want to bring the prices down and maybe people would stop doing this."

Sales down

As with many parts of the economy the video game industry is suffering at the moment.

Total software sales in the UK are down from �1.9 billion in 2008 to �1.45 billion last year.

It estimates that for every original game sold at least one is pirated.

I think pirated games are a bad idea. It's stealing and it doesn't give revenue to the industry to be able to invest in future games, bigger game and better games

Luke Gourley, 19, from Sunderland

Video game bosses say that, like the music and film industry, it's a huge problem and that figure is a conservative estimate.

Michael Rawlinson, the Director General of UKIE, says it's a simple question of criminals breaking the law and posing a genuine threat to video game companies.

He said: "When people play a pirated game that money goes to a criminal, not to the industry.

"That takes away jobs from young developers and graphic designers, so it actually stifles creativity and stops new games coming out."

He says games aren't overpriced: "These big games, you get 20 to 50 hours game play, which is tremendous value for money.

"A game like Call of Duty could take two years to make and cost millions of pounds.

"So there are huge sums of money involved in individual games."

Luke Gourley, who's 19 and from Sunderland, agrees.

He said: "I think pirated games are a bad idea.

"It's stealing and it doesn't give revenue to the industry to be able to invest in future games, bigger game and better games."

Follow our technology reporter Dan Whitworth on Twitter



Business Forum | Christian Forum | Coupon Forum | Discussion Forum | Gamers Forum
Legal Forum | Politics Forum | Sports Forum | Teen Forum | Webmaster Forum