Subscribe to:

Subscribe to :: TheGuruReview.net ::

Alibaba Has Major Plans To Court U.S. Business In 2015

January 20, 2015 by mphillips  
Filed under Around The Net

China’s Alibaba Group Holding Ltd  is gearing up to capture U.S. business this year, by offering American retailers new ways to sell to China’s vast and growing middle class.

Anchored by Alipay, the dominant Chinese electronic payments system that works closely with Alibaba and is controlled by its executives, the world’s largest Internet retailer is using the calling card of China’s consumers to attract U.S. partners, two sources close to the company told Reuters.

Long seen as the most potent threat to Amazon.com Inc with $300 billion in global sales, the moves add up to a conservative approach to expanding in the United States, contrary to industry speculation that the company may be plotting a direct assault on U.S. soil.

Long seen as the most potent threat to Amazon.com Inc with $300 billion in global sales, the moves add up to a conservative approach to expanding in the United States, contrary to industry speculation that the company may be plotting a direct assault on U.S. soil.

That considered strategy, outlined to Reuters for the first time by the sources and executives who work directly with the Chinese company, is intended to heighten awareness in the United States of what Alibaba does, gain goodwill in an important Western market, and lay the groundwork for a longer-term play.

At the heart of its push are Alibaba’s and Alipay’s trial deals to handle Chinese sales, payment and shipping for some of the biggest names in U.S. retail from Neiman Marcus Group to Saks Inc. Both confirmed the agreement but would not talk about how the pilots are faring.

 

The Chinese companies will also work with U.S. startup Shoprunner, an online mall for U.S. retailers in which it owns a stake, and retail services provider Borderfree Inc  to court Chinese consumers.

And Alibaba is preparing a marketing campaign to raise awareness among U.S. businesses of its global business-to-business wholesale platform, Alibaba.com, so they can buy and sell to and from global suppliers.

 

 

 

Apple Re-opens Russian Online Store With Big Price Boost

December 23, 2014 by mphillips  
Filed under Mobile

Apple signficantly increased the price of its entry-level iPhone 6 by 35% when it reopened its Russian online story on Monday.

Last week, the Cupertino, California company shut down its Russian e-market after the ruble took a dive when currency markets devalued the oil-dependent country’s ruble.

Although the ruble has recovered somewhat — on Monday it was trading at 54.49 to the dollar, an improvement from near 80 at one point last week — Apple boosted the price of the 16GB iPhone 6 to 53,990 rubles today, equivalent to $991.

Before Apple shut the virtual doors to its online store, that same iPhone 6 had been selling for 39,900 rubles, equal to $574 on Monday, Dec. 15, at that day’s exchange rate.

Apple had increased the price of the iPhone 6 by 25% in November in an earlier move to deal with the falling ruble.

Although Apple does not have brick-and-mortar stores of its own in Russia — the nearest are in Germany, Sweden and Turkey — local resellers and mobile carriers sell its hardware. One of those resellers, the Svyaznoy electronics chain, priced the 16GB iPhone 6 on Monday at 48,990 rubles — equivalent to $899 — or 9% lower than Apple’s price.

A 16GB iPhone 6 without a carrier contract sells for $649 in the U.S.

According to IDC, Apple sold approximately 1.6 million iPhones in Russia in 2013, or about 1% of its total worldwide that year.

Other Apple hardware sold on the company’s Russian online store was also priced much higher than in the U.S. A 16GB iPhone Plus, which sells for $749 in the U.S., cost 61,990 rubles, equal to $1,138; the lowest-priced 13-in. MacBook Air was priced at 77,990 rubles (or $1,431), while the U.S. price Monday was $999.

 

 

Hackers Go After German Steel Factory

December 23, 2014 by Michael  
Filed under Computing

Hackers managed to access production networks at a German steel maker, allowing them to tamper with the controls of a blast furnace. According to a German government report, published by the Federal Office for Information Security (BSI), it was a rare case where a digital attack actually caused physical damage.

The attack used spear phishing and sophisticated social engineering techniques to gain access to the factory’s office networks, from which access to production networks was gained. Spear phishing involves the use of email that appears to come from within an organisation. After the system was compromised, individual components or even entire systems started to fail frequently.

One of the plant’s blast furnaces could not be shut down in a controlled manner, which resulted in “massive damage to plant,” the BSI said, describing the technical skills of the attacker as “very advanced.”

Courtesy-Fud

Researches Looks Toward Quantum Physics For Fraud-proof Credit Cards

December 19, 2014 by mphillips  
Filed under Around The Net

Researchers in the Netherlands are using quantum physics in an attempt to create fraud-proof credit cards and ID cards.

The approach, which they call Quantum-Secure Authentication (QSA), centers on single particles of light, or photons, and their ability to encode data so that attackers cannot determine what the information is. It exploits a property of photons that allows them to effectively be in multiple places at once, a phenomenon described in quantum physics.

Researchers in the Netherlands are applying quantum physics in an attempt to create fraud-proof credit cards and ID cards.

“Quantum-physical principles forbid an attacker to fully characterize the incident light pulse,” the researchers wrote in an article in the journal Optica. “Therefore, he cannot emulate the key by digitally constructing the expected optical response, even if all information about the key is publicly known.”

The researchers at the University of Twente and Eindhoven University of Technology coated a credit card with a thin layer of white paint containing millions of nanoparticles. When light hits the nanoparticles, it bounces around until it escapes, creating a unique pattern that depends on the precise position of the particles in the paint. The card is “enrolled” in the system by recording the way that it reflects light.

To authenticate the card, a bank machine showers the paint with a pulse of light that is unique to each transaction. When the correct tell-tale pattern of light emerges as an “answer” to the bank’s “question,” the card can be authenticated.

While an attacker could measure the entire incoming light pattern and then use a projector to return the correct answer, the ability of photons to be in multiple places at once allows the bank to create the complex light question with only a small number of photons, or even just one. Due to the characteristics of quantum physics, an attempt to observe the question and answer process between a reader and the card would destroy the information in the transmission, making it more secure.

“Even if somebody has the full information of how the card is built, technology does not allow him to build a copy,” lead author Pepijn Pinkse of the University of Twente said via email. “The nanoparticles are too small and there are too many of them which need to be positioned with too high accuracy.”

The approach could be used in everything from authenticating passports to opening electronic locks on car doors or accessing secure areas such as government buildings.

 

 

 

Amazon Considering Expansion Of Same Day Delivery Service

December 12, 2014 by mphillips  
Filed under Around The Net

The No. 1 U.S. online retailer is also exploring adding a same-day delivery option on all items sold by third-party merchants on its site, a move that some logistics experts said may help offset the high costs of speedy, last-mile delivery.

The company’s global ambitions for same-day delivery were echoed in at least seven listings for senior product and marketing jobs based at the company’s headquarters in Seattle, including three posted online this week.

“Our long-term vision is that customers can order and receive a sellers’ product the same day anywhere in the world,” according to one job listing posted in late October.

It is not clear when Amazon hopes to meet its goals and how it would extend same-day delivery to more third-party sellers, who account for 40 percent of items sold on Amazon’s website and pay fees between 8 percent and 20 percent in most categories.

An Amazon spokesman declined to comment.

Amazon offers same-day delivery in just over a dozen U.S. cities, charging $5.99 for members of its Prime program while non-members pay $8.99. In October, the company launched a same-day delivery service in the United Kingdom with newspaper delivery company Connect Group PLC.

A senior product manager role advertised on Tuesday called for a candidate to shape the future of same-day delivery and “drive large worldwide projects with huge customer-facing and financial impact.”

Offering fast shipping is a key piece of Amazon’s strategy to compete with brick-and-mortar stores. But the effort is costly – during the first nine months of 2014, Amazon’s shipping costs were more than double its shipping revenue.

But the potential payoff could be big, analysts say. According to a September survey by RBC Capital Markets, just 4 percent of Amazon customers used same-day delivery, but they spent 15 percent more than others.

 

 

 

Amazon May Move Drone Testing Outside Of U.S.

December 10, 2014 by mphillips  
Filed under Around The Net

Amazon.com Inc will move more of its drone testing outside U.S. borders unless it gets quick permission from U.S. regulators to proceed with outdoor trials, the company said in a recent letter to the Federal Aviation Administration.

The U.S. online retailer has already started conducting outdoor tests “in other countries with regulatory environments more supportive of small (unmanned aircraft systems) innovation,” according to the letter written by Amazon vice president of global public policy Paul Misener.

Amazon says outdoor testing is crucial to developing its “Prime Air” program, which aims to use drones – small unmanned aircraft – to deliver packages in 30 minutes or less. It said it preferred to keep that testing within the United States.

In July, Amazon sought permission from the FAA to test drones in outdoor areas near Seattle, where one of its research and development labs is working on the technology, but the FAA has been slow to give its approval.

“Without approval of our testing in the United States, we will be forced to continue expanding our Prime Air R&D footprint abroad,” Misener wrote in the letter, first reported by The Wall Street Journal.

Drones are among several initiatives underway at Amazon to help control rising shipping costs and compete with brick-and-mortar stores by delivering items quickly. Amazon said there were dozens of U.S. job openings for its Prime Air division for hardware engineers and research scientists.

 

 

Yet Another Retailer System Hacked

December 8, 2014 by mphillips  
Filed under Around The Net

Women’s clothing retailer Bebe Stores has become the latest in a growing list of national retailers to be hit by an attack on its credit card payment system.

The company said Friday that the cardholder name, account number, expiration date, and verification code could have been stolen by hackers who apparently had access to the company’s payment processing system between Nov. 8 and 26.

The incident came to light in late November when Bebe said it noticed suspicious activity on computers that operate the payment processing system. Stores affected were the roughly 200 it operates in the U.S., Puerto Rico and the U.S. Virgin Islands.

“If you used a payment card at a U.S., Puerto Rico or U.S. Virgin Islands store during this time frame, you should review your account statements for any unauthorized activity,” it said in a message to customers.

The last couple of years have been bad ones for the safety of credit card data at major U.S. retailers. Millions of credit and debit card numbers have been compromised in breaches at retailers, including Target, Home Depot, PF Chang’s restaurants, Super Valu grocery stores, Neiman Marcus, UPS Store and others.

In many cases, the attacks were targeted at payment processing terminals and used sophisticated malware that stole card details as consumers swiped their cards. Many of the thefts were only discovered after the card numbers appeared for sale on Internet hacking forums.

Such was the case with Bebe Stores. First news of the hack came earlier this week through the closely followed Krebs on Security blog.

 

 

Amazon Rolls Out Kiva Robots Just In Time For Holiday Shopping

December 2, 2014 by mphillips  
Filed under Around The Net

Amazon.com Inc has installed more than 15,000 robots across 10 U.S. warehouses, a move that looks to reduce operating costs by one-fifth and get packages out the door more quickly in the run-up to Christmas.

The orange 320-pound (145 kg) robots, which scoot around the floor on wheels, show how Amazon has adopted technology developed by Kiva Systems, a robotics company it bought for $775 million in 2012. Amazon showed off the robots ahead of Cyber Monday, the biggest online shopping day of the year.

The robots are designed to help the leading U.S. online retailer speed the time it takes to deliver items to customers and better compete with brick-and-mortar stores, where the bulk of Americans still do their shopping.

The robots also may help Amazon avoid the mishaps of last year’s holiday season, when a surge of packages overwhelmed shipping and logistics company UPS and delayed the arrival of Christmas presents around the globe. Amazon offered shipping refunds and $20 gift cards to compensate customers.

Amazon deployed the robots this summer, ahead of the key holiday quarter, when the company typically books about one-third of its annual revenue. The updated warehouses are in five states — California, Texas, Florida, New Jersey and Washington.

The move comes at a cost. Amazon estimated in June 2013 that it would spend about $46 million to install Kiva robots at its warehouse in Ruskin, Florida, including $26.1 million for the equipment, according to company filings to local government.

The Kiva robots have allowed Amazon to hold about 50 percent more items and shorten the time it takes to offer same-day delivery in several areas, said Dave Clark, senior vice president of worldwide operations and customer services.

 

 

Apple Pay Enjoys Success As More Retailers Jump Onboard

November 24, 2014 by mphillips  
Filed under Mobile

U.S. consumers have been leery of in-store mobile payments for years, but Apple Pay is making gains in that area just a month after the service launched Oct. 20.

Apple’s latest success with Apple Pay includes the addition of support from hundreds of grocery stores within six major chains in the past week: BiLo Holding, 830 stores; Harvey’s and Winn-Dixie, 530; Albertson’s and Jewel-Osco, 180; Shaws and Star Markets, 150; United Food Stores, 60; and Associated Food Stores, 135. Wegmans and Whole Foods were already part of the original 35 retail chains offering Apple Pay in an estimated 225,000 stores, about 5% of all possible U.S. retail locations.

In addition, on Thursday, American First Credit Union said its Visa card now supports Apple Pay, joining more than 500 U.S. banks already supporting the service through Visa, MasterCard and American Express cards.

In the past week, SunTrust and Regions Bank added their support.

McDonald’s has confirmed that more than 50% of its in-store mobile payments at 14,000 restaurants were made with Apple Pay in its first month. Whole Foods recently said it processed more than 150,000 Apple Pay transactions in the first three weeks of the service. And Walgreens, the national drug store chain, said in-store mobile payments had doubled since Apple Pay launched.

 

 

eBay Re-vamping Its Local Delivery Program

November 21, 2014 by mphillips  
Filed under Around The Net

EBay Inc is making over its local delivery program and extending more logistics options to smaller merchants that make up the bulk of the e-commerce giant’s sprawling base of marketplace sellers, according to one of its executives.

More of eBay’s smaller sellers, including some with annual sales under $100,000, will allow shoppers to buy items online that can be picked up in stores, an option now used by big companies such as Best Buy Co Inc and Toys ‘R’ Us.

EBay also plans to dismantle its standalone mobile app for its $5 same-day delivery service “eBay Now” as soon as this week. The service will instead be folded into eBay’s mobile app and website.

“The big play in the U.S. has been around buy online, pick-up in store,” Tom Allason, head of eBay Local, said Wednesday.

The shift reflects how eBay and other technology companies, including Amazon.com Inc and Google Inc, still struggle with the high cost of same-day delivery. Only a fraction of a small retailer’s sales come from customers who also opt for same-day delivery, making it difficult to make a profit.

“That’s a part of why delivery is only one piece of the equation,” Allason said in an interview.

Earlier, the e-commerce giant intensified efforts to court retailers as it prepares to split its marketplaces division next year from PayPal, the payments unit that has been the fastest-growing part of its business.

EBay had planned to expand same-day delivery to 25 markets by the end of 2014, but it is only available in New York, San Francisco, the broader Bay Area, Dallas and Chicago.

EBay is exploring other delivery options for the United States, Germany and other markets, including the “click-and-collect” model used by Shutl in the United Kingdom, in which shoppers pick up certain eBay purchases from British retailer Argos.

 

 

WhatsApp Adds End-to-End Encryption

November 20, 2014 by mphillips  
Filed under Around The Net

Stepping up efforts to keep its users messages safe from prying eyes, WhatsApp announced that it now supports end-to-end encryption for messages sent between users.

The end-to-end encryption comes thanks to a collaboration between WhatsApp and Open Whisper Systems, an open-source development company focused on secure communications.

Facebook-owned WhatsApp has more than 600 million users who log in monthly, making Open Whisper’s encryption deployment the largest ever in the area of end-to-end encrypted communication, Open Whisper said.

The encryption is on by default. It’s only available for Android right now, though the companies are working to roll out support for other platforms.

End-to-end encryption has gained attention following the disclosures about government surveillance last year by former NSA contractor Edward Snowden. Meanwhile, the flood of cyber attacks targeting retailers and Internet companies alike have highlighted the need for better data security.

Edward Snowden himself has called end-to-end encryption the best possible form of encryption, because it keeps people’s data encrypted even while it’s on company servers. The data, in theory, can only be decrypted on people’s personal devices. That means outside groups must target individuals’ machines if they want to access the data.

Some other mainstream services like Google have released products to facilitate end-to-end encryption. And along with Apple, Google’s also working to make encryption the default on smartphones.

But end-to-end encryption still is primarily offered by lesser known companies that don’t rely on people’s data for advertising.

WhatsApp’s end-to-end encryption uses Whisper’s TextSecure protocol, which encrypts text messages over the air and on people’s phones.

WhatsApp declined to comment further on the encryption deployment.

 

 

Has Google Glass Reached The End Of The Line?

November 18, 2014 by mphillips  
Filed under Consumer Electronics

After two years of showing up at high-profile events wearing Google Glass, the gadget that transforms eyeglasses into spy-movie worthy technology, Google co-founder Sergey Brin arrived recently to a Silicon Valley event noticeably bare-faced. He’d left his pair in the car, Brin told a reporter. The Googler, who heads up the top-secret lab which developed Glass, has hardly given up on the product — he recently wore his pair to the beach.

But Brin’s timing is not propitious, coming as many developers and early Glass users are losing interest in the much-hyped, $1,500 test version of the product: a camera, processor and stamp-sized computer screen mounted to the edge of eyeglass frames. Google Inc itself has pushed back the Glass roll out to the mass market.

While Glass may find some specialized, even lucrative, uses in the workplace, its prospects of becoming a consumer hit in the near future are slim, many developers say.

Of 16 Glass app makers contacted by Reuters, nine said that they had stopped work on their projects or abandoned them, mostly because of the lack of customers or limitations of the device. Three more have switched to developing for business, leaving behind consumer projects.

Plenty of larger developers remain with Glass. The nearly 100 apps on the official web site include Facebook and OpenTable, although one major player recently defected: Twitter.

“If there was 200 million Google Glasses sold, it would be a different perspective. There’s no market at this point,” said Tom Frencel, the Chief Executive of Little Guy Games, which put development of a Glass game on hold this year and is looking at other platforms, including the Facebook Inc-owned virtual-reality goggles Oculus Rift.

Several key Google employees instrumental to developing Glass have left the company in the last six months, including lead developer Babak Parviz, electrical engineering chief Adrian Wong, and Ossama Alami, director of developer relations.

 

 

 

Will Sophos’ Cloud Strategy Work?

November 17, 2014 by Michael  
Filed under Computing

Sophos is betting that understaffed IT departments will want to use the cloud to deal with cyber attacks. Kris Hagerman, CEO of the computer security company, said SMBs often have small IT departments and may have no one dedicated to full-time security.

Sophos thinks the answer will be a cloud-based management console to work across its entire security portfolio, Hagerman said. The company’s UTM firewall product handles email security, endpoint and network protection, wireless, web filtering and web server defence.

The company has linked its UTM system to its endpoint protection product so the two can share data, which results in better overall security and easier management, Hagerman said. The system has been given the thumbs up from analyst outfit Gartner which said that its “ease of use consistently rates high. The interface contains general guidance on what each feature does, which is useful for SMB operators, who are not all security experts.”

Hagerman said Sophos’ end user and network businesses—it’s two main lines—are growing twice the rate of the market. There isn’t a magic formula to that growth, he said.

Courtesy-Fud

 

Darkhotel Malware Targeting Business Executives

November 11, 2014 by Michael  
Filed under Computing

An espionage campaign dubbed Darkhotel has been targeting travelling executives via hotel WiFi for the past four years, Kaspersky has warned, and is still active today.

According to the security firm, Darkhotel infects hotel networks with spying software which in turn infects the computers of targeted executives as soon as they connect to the hotel WiFi network.

The executives are tricked into installing the information-stealing malware by disguising it as an update for legitimate software such as Adobe Flash, Google Toolbar or Windows Messenger.

The malware then searches the computer for sensitive corporate data, cached passwords and log-in credentials.

Kaspersky notes that, once installed, Darkhotel can be used to download more advanced tools capable of stealing data, including all keystrokes.

Kurt Baumgartner, principal security researcher at Kaspersky Lab, said: “For the past few years, Darkhotel has performed a number of successful attacks against high-profile individuals, employing methods and techniques that go well beyond typical cyber criminal behaviour.

“This threat has operational competence, mathematical and crypto-analytical offensive capabilities, and other resources that are sufficient to abuse trusted commercial networks and target specific victim categories with strategic precision.”

According to Kaspersky, top executives from the US and Asia are most likely to be targeted by the Darkhotel malware, in particular those in the Asia-Pacific region.

Among the victims identified by Kaspersky were executives from the private equity, pharmaceutical and electronics manufacturing industries, and figures from law enforcement, military services and non-government organisations.

Kaspersky warned that the Darkhotel malware is still active, and has advised business travellers to use a VPN, make sure that any security solution offers proactive defence against new threats, and treat software updates as suspicious.

The security firm said it is working with hotel chains to mitigate the threat.

 

Courtesy-TheInq

Will The Drupal Flaw Prove To Be Catastrophic?

November 4, 2014 by Michael  
Filed under Computing

The Drupal web content management system has been exposed as having backdoor access that could deliver your site to hackers.

The problem is not particularly new. Drupal warned about it earlier this month, but it still needs tackling as millions of websites may be at risk.

Drupal said that sites running version 7 really ought to have upgraded to 7.32 by now, because not doing so leaves them as open as a torn tea bag.

Initially the alert was about the threat, but the firm has updated its earlier advice and is now warning of in-the-wild attacks.

That earlier advice was about a problem in a database API. “A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution,” warned Drupal in a security alert.

“Depending on the content of the requests this can lead to privilege escalation, arbitrary PHP execution, or other attacks. This vulnerability can be exploited by anonymous users.”

More recent information from the firm points users toward the released upgrade, and informs them that attacks started not long after the initial announcement.

“You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is seven hours after the announcement,” it said, adding that, even when updated, sites will have some cleaning up to do.

“If you have not updated or applied this patch, do so immediately, then continue reading this announcement; updating to version 7.32 or applying the patch fixes the vulnerability but does not fix an already compromised website,” it explains.

“If you find that your site is already patched but you didn’t do it, that can be a symptom that the site was compromised – some attacks have applied the patch as a way to guarantee they are the only attacker in control of the site.”

Gavin Millard, EMEA technical director at Tenable Network Security, advised people to follow Drupal’s advice.

“The so-called ‘Drupageddon’ vulnerability could have easily led to exploitation of any systems running the vulnerable code. With such an easy to exploit flaw, the chance of exfiltration of data or further exploitation are high,” he said.

“For those who have good security controls, reviewing of logs and traffic directed at the sites following the vulnerability being announced and the patch applied is common sense and highly advisable, with appropriate action taken if indicators of compromise are found.

“For those who don’t have such a good level of security or visibility into the logs, the advice from the Drupal team should be heeded. If you don’t know if you were exploited you should assume that you have been.”

Courtesy-TheInq