Google update might just be the ultimate way to watch video on your mobile

Watching videos on your phone just got a lot more immersive thanks to a new update from Google.

Watching videos on your phone just got a lot more immersive thanks to a new update from Google.

The online giant has today added 4K Ultra high-definition movies to its Google Play Store, allowing you to watch your favorite films ion clearer quality than ever before.

Google has made 125 movies available for the initial launch on its Play Movies store, including the likes of Ghostbusters and Captain Philips.

chromecast ultra google play movies 4k

GOOGLE – Chromecast Ultra is one of the best ways to stream 4K video

The films are also rather on the costly side, with prices starting at $29.99 – although this does get your permanent ownership, rather than just rental.

Users can purchase films via the Play Movies site using their mobile device, with downloads sent straight to your smartphone or tablet.

Google is also offering a free 4K movie from its store with every Chromecast Ultra purchase.

The Chromecast Ultra is one of the few devices able to stream the 4K content, which also includes the Sony Bravia Android TV.


However, in order to download the films, you will need to be in either the USA or Canada – and there’s no news on a UK release date yet.

4K video content is growing hugely in popularity as more and more viewers get supported televisions.

The BBC launched its first Ultra HD 4K broadcast earlier this week, making it the first public broadcaster to do so.



via:  express

Save pagePDF pageEmail pagePrint page

Google plans to be fully renewable next year, and it will save on costs

Google, the largest corporate buyer of renewable energy on the planet, says it makes economic sense.

For six years, Google has aggressively purchased renewable energy to power the email accounts, searches, app downloads, video streams and other services that have become an integral part of daily online life.

In the process, it became the largest corporate buyer of renewable energy on the planet. Next year it plans to go one step further, ensuring that it purchases 100 percent of the energy it uses to power its entire sprawling digital empire from renewable sources.



A wind farm in Story County, Iowa, where Google has a data center and made its first wind power purchase in 2010. Credit: Carl Wycoff/flickr

While Google has said it’s committed to be part of the climate solution, altruism isn’t the main reason for its renewable energy splurge. Buying renewable also gives Google a competitive advantage. In 2015, it consumed 5.7 terrawatts of energy, roughly the equivalent of all of San Francisco. The fluctuating cost of coal and gas can create unwelcome surprises for a company that is dependent on energy for its core business.

“Energy costs are the largest operating cost for our data centers,” Neha Palmer, the head of Google’s energy strategy, said. “There’s a perception that renewables can be more expensive and that’s just not the case.”

Since Google’s first renewable energy purchase in 2010 — a 10 megawatt deal with a wind farm in the heart of Iowa — wind power costs have dropped an average of 80 percent while solar has dropped 60 percent.

Markets in Northern Europe — where one of Google’s 15 massive data center operates — are designed to make it easy and cost-effective to purchase renewable energy because you can directly choose the supplier, Palmer said.

Outside of purchasing clean energy, Google has also focused on the part of the energy equation it has more control over: efficiency. Since 2010, the digital world has blown up. There are more people online watching more videos, streaming more songs and checking more emails. Data centers have to have all those things available as quickly as possible, which requires a lot of energy.

To help improve efficiency, Google tasked DeepMind — its in-house artificial intelligence group — with studying patterns in data center operations. By “learning” the patterns of data use, cooling needs and other aspects of data center operations, Google said it was able to cut energy use by up to 40 percent in test data centers.

There’s a slight caveat, which is that Google won’t run entirely on renewables yet. It plans to purchase the equivalent of 100 percent of the energy it uses in the form of renewables through agreements with electric utilities, but the energy flowing to its data centers and offices isn’t solely from renewable sources. That’s due to a few factors, including the lack of 24/7 access to renewables and the reality that energy on the grid comes from a variety sources including coal and natural gas.

Google is just one of a number of companies pursuing more climate-friendly energy policies. Eighty-three large companies including Apple, Ikea and Facebook have committed to getting 100 percent of their energy from renewables (how they reach that goal remains to be seen).

Global investments have also been rising. Renewable energy investments topped $286 billion last year, a record. That has helped drive costs down, making renewables cheaper and more appealing.

“We’re technology agnostic but we’re not price agnostic,” Palmer said.


via: salon

Save pagePDF pageEmail pagePrint page

Microsoft officially closes its $26.2B acquisition of LinkedIn

After getting its final European Commission approvals earlier this week, Microsoft and LinkedIn today announced that Microsoft’s $26.2 billion acquisition of LinkedIn, the social networking site, has officially closed.

The news comes six months after news first broke of the deal.

In an internal memo, LinkedIn CEO Jeff Weiner went through the areas where the two companies would be working together, and how they will in other ways remain independent. That memo is copied below.

LinkedIn today has over 400 million registered users, making it the largest social networking site focused on the working world. People use the service both to make work connections with other people in their fields, but also to look for jobs and hire people. As we reported earlier this week, the fact that LinkedIn essentially has a dominant position in this area meant that Microsoft had to make concessions to the EC about how it would work to allow other social networking sites to integrate on its platforms.

The fact that these concessions had to be made speaks a little to what Microsoft’s intentions might be with LinkedIn. It seems like one key area for Microsoft will be to upsell those using LinkedIn to recruit, to then buy into Microsoft’s software in areas like HR and sales to extend that functionality.

Microsoft has up to now not really been a significant player in open-ended social networking, although with products like Yammer and Skype it’s clearly put a lot of investment into the kinds of collaboration products that are in demand from enterprises and business users today. It will be interesting to see how and if it tries to marry these two sides of enterprise-focused social networking down the line.

More to come. Refresh for updates.


Six months ago, we announced our intention to be acquired by Microsoft. At the time, Satya and I shared the background of the deal and our joint vision for changing the way the world works. Today I’m pleased to announce that we’ve just officially closed the acquisition. I’m more confident than ever that our move to join forces with Microsoft will accelerate our mission to connect the world’s professionals to make them more productive and successful, and ultimately help create economic opportunity for every member of the global workforce.

Over the past few months, the LinkedIn and Microsoft leadership teams have been meeting to understand and prioritize the opportunities ahead. We’ve been able to see first-hand the level of innovation being driven at scale — in artificial intelligence, machine learning, the cloud, devices, and more. We’ve also had the chance to build a deeper relationship with Satya and the Microsoft leadership team, and to witness the strategic and cultural shifts they are driving, and the impressive traction they are seeing as a result.

As we move forward, our day-to-day operations will essentially remain unchanged: We’ll continue to have the same mission and vision, the same culture and values, the same brand, and the same leadership team.

Our members still come first. Our commitment to privacy and security will not change. And our partners are still core to our business. We’ll continue to remain focused on growing LinkedIn and creating value for our members and customers. Over the coming months we’ll start sharing more about how we’re integrating products, especially in areas where we can leverage Microsoft’s scale, e.g.,

  • LinkedIn identity and network in Microsoft Outlook and the Office suite
  • LinkedIn notifications within the Windows action center
  • Enabling members drafting résumés in Word to update their profiles, and discover and apply to jobs on LinkedIn
  • Extending the reach of Sponsored Content across Microsoft properties
  • Enterprise LinkedIn Lookup powered by Active Directory and Office 365
  • LinkedIn Learning available across the Office 365 and Windows ecosystem
  • Developing a business news desk across our content ecosystem and
  • Redefining social selling through the combination of Sales Navigator and Dynamics 365

Getting to this point wouldn’t have been possible without the teams who have been working tirelessly on the close since we announced the deal in June. I’d like to thank them for all they’ve done to set us up for success as we begin our next chapter.

In so many ways we’re just getting started, and I couldn’t be more excited about the future.

Next play.



via:  techcrunch

Save pagePDF pageEmail pagePrint page

Website leaves 43,000 sensitive medical records exposed

Being notified of a data breach is never good news but nobody expects a company whose data have been exposed to be hard to contact.

And yet this is what happened when respected security researcher Troy Hunt was tipped off last week about a website that had accidentally left a directory containing 43,203 medical files in an unsecured state.

The files could be accessed using the directory’s URL but also, in nearly 7,000 cases, simply by plugging the address into Google, which had even helpfully cached its contents.

Hunt decided to contact the website owner, Indian laboratory company Health Solutions, but hit a dead end when published email addresses bounced back his messages as “user unknown” and he got no response using a contact form.

His urgent pleas for help contacting the company were noticed on Twitter by an Indian BuzzFeed journalist, who confirmed that the breached files were blood pathology reports for named Indian patients, some suffering from Aids.

When BuzzFeed eventually made contact with a Health Solutions, it received a confused, startled response.

The company said it was in the process of moving to a new website in January and could do nothing about the breach until then, saying: “Look, we are not the doctors, we merely do blood tests for patients. […] Maintaining doctor-patient privacy is not something that we as the lab are concerned with.”

On hearing of this response, Hunt described himself as “gobsmacked”. “How on earth can you leak this sort of data and just not care?!”

The confidential files remained accessible until BuzzFeed published its story on the breach on Friday, nearly two days later.

It was later reported that up to 35,000 of the 43,000 files related to patients.

How long had the files been exposed and how did the breach occur? In a separate interview, Health Solutions blamed the company hired to manage the website and admitted it could stretch back six months. Some of the files had been hacked, the company claimed, without elaborating.

Website data breaches have been a running theme for years. In October, Hunt discovered that the Australian Red Cross Blood Service had exposed 1.3 million records on its site, including his own and that of his wife.

Nevertheless, the cautionary tale from India raises issues that go beyond the fact that organisations sometimes get their security wrong.

On the basis of the reported exchanges, it seems that Health Solutions did not respond fast enough or even see the breach as its problem.

If the latter is the case, it is misguided. Sensitive data is always someone’s security problem, regardless of how many others might be subcontracted to handle it.


via:  sophos

Save pagePDF pageEmail pagePrint page

North Korea’s Linux-based Red Star OS can be Hacked Remotely with just a Link

North Korea’s own homegrown computer operating system, that’s supposed to be fully hacker proof and more secure than foreign OS, like Microsoft’s Windows, can easily be hacked remotely.

A group of hackers managed to break into Red Star OS — North Korea’s government sanctioned Linux-based OS — using just a link.

Red Star OS is North Korea’s own homegrown OS that looks remarkably just like Apple’s OS X and gives North Korean authorities more control over the computers, providing not only security but also spying tools that help track files in a way that if the government wants, every bit of user’s data can be traced easily.

According to the information security company Hacker House, Red Star OS contains a critical vulnerability that makes it possible for hackers to gain remote access to any PC running North Korea’s OS just by tricking victims into opening a hyperlink.

The latest version of Red Star OS ships with a Firefox-based web browser called Naenara, and according to researchers, the “trivial remote exploit attack vectors” contained in the web browser allows attackers to hack into the system.

Here’s how the exploit work:

The Hacker House hackers exploited a particular Red Star application that handles Uniform Request Identifiers (URI) – a string of characters used to identify resources in a network.

Hackers noted that the “mailto” URI request used for email could be exploited by hackers to remotely “execute arbitrary commands.”

Since this particular URI does not remove requests from the application’s command line, hackers could “trivially obtain code execution” just by injecting malicious links into the command line.

“Whilst probing for vulnerabilities it was noticed that registered URL handlers were passed to a command line utility ‘/usr/bin/nnrurlshow.’ This application (aside from having null ptr de-refs and other cute bugs) takes URI arguments for registered URI handlers when handling application requests such as ‘mailto’ and ‘cal,’ the Hacker House hackers explains.

“Naenara doesn’t sanitize the command line when handling these URI argument requests and as such you can trivially obtain code execution by passing malformed links to the nnrurlshow binary.”

In short, this security flaw can be used easily to install malware or exploit PCs running the Red Star operating system.

Rival South Korea has long blamed North Korea for mounting various cyber attacks against its government, military, and other organizations.

Just recently, the South Korean military blamed North Korea for breaching its military cyber command. A spokesman for the military cyber command told BBC that classified information was thought to have been stolen, although it’s not clear exactly what data was accessed.

Save pagePDF pageEmail pagePrint page

Minion – Mozilla Security Testing Framework

Minion is a security testing framework built by Mozilla to bridge the gap between developers and security testers. To do so, it enables developers to scan with a wide variety of security tools, using a simple HTML-based interface.

Minion - Mozilla Security Testing Framework

It consists of three umbrella projects:

  • Minion Frontend, a Python, angular.js, and Bootstrap-based website that provides a HTML interface to authenticate and authorize users, manage sites, initiate scans, and report issues
  • Minion Backend, a Python, Flask, and Twisted-based backend that provides an API for the Minion Frontend, and acts as a middleman between the frontend and external security tools
  • Minion VM, a repository of recipes to allow quick installations of Minion either via Vagrant or Docker

Minion has limited scanning functionality built into itself. Instead, it relies on the large variety of pre-existing open source and commercial scanning tools. These plugins include:

You can download Minion here:


Or read more here.


via:  darknet

Save pagePDF pageEmail pagePrint page

Employee awareness key to fighting financial security threats – SANS Institute says

Imagine you receive an email from an unknown sender. It includes  unusual language, or even gibberish in the subject line; if you push through your suspicion and open it, there’s a link promising you a free iPad if you click right now. There’s a good chance you realize the link is probably spam, and you delete the email and report it as such. Simple, right? You might think it’s hard to imagine why anyone would click an unsafe link and potentially invite malware into their environment.

Now, imagine that link was more effectively disguised. Perhaps the email sender showed up as your spouse’s name. Maybe it wasn’t an email at all – maybe you saw a routine popup reminding you to update your version of Microsoft Windows. Suddenly, identifying an unsafe link isn’t as straightforward as you thought. In fact, the recent “SANS 2016 Survey on Security and Risk in the Financial Sector” found that ransomware and phishing attacks cause more harm than any other cyberattacks aimed at the financial services industry – and both methods of attack typically require users to click links.

Employee awareness among most valuable security protection approaches

The SANS Institute reports that the most effective security protection technique for combating phishing and ransomware attacks is a direct response: email security monitoring and sandboxing. The close second, however, is employee awareness training and testing. Technology solutions can only go so far to weed out malicious messages and help employees make smart decisions about suspicious links. To approach the source of the problem, organizations need to focus on educating their employees and networks about the threats such messages pose to sensitive data and the company at large, while highlighting best practices to identify and avoid those issues.

Sensitive data protection fuels cybersecurity programs

For 69 percent of organizations surveyed by the SANS Institute, protecting sensitive data from exposure is the No. 1 driver behind every security initiative. This finding confirms the point that data is a company’s most valuable asset, especially in regard to the sensitive information financial organizations manage on a daily basis. Additional drivers include protecting brand reputation and maintaining industry compliance. While these are important goals, financial organizations should be careful to avoid each initiative competing for internal resources.

Efforts to improve data awareness, protection and security within an organization must be unified. By driving data awareness and security initiatives with employee education, as well as direct-response activities to incoming threats, companies can create holistic plans to keep their most valuable assets – their data – safe.


via:  datagravity


Save pagePDF pageEmail pagePrint page

Rule 41 — FBI Gets Expanded Power to Hack any Computer in the World

Hacking multiple computers across the world just got easier for the United States intelligence and law enforcement agencies from today onwards.

The changes introduced to the Rule 41 of the Federal Rules of Criminal Procedure by the United States Department of Justice came into effect after an effort to block the changes failed.

The change grants the FBI much greater powers to hack into multiple computers within the country, and perhaps anywhere in the world, with just a single warrant authorized by any US judge (even magistrate judges). Usually, magistrate judges only issue warrants for cases within their jurisdiction.

That’s the same the FBI did in its 2015 investigation into child pornography site Playpen, in which the agency hacked into some 8,700 computers across 120 different countries.

The Supreme Court approved the changes to Rule 41 in April, allowing any U.S. judge to issue search warrants that give the FBI and law enforcement agencies authority to remotely hack computers in any jurisdiction, or even outside the United States.

Democratic Senator Ron Wyden attempted three times to block changes to Rule 41 that potentially risks people using Tor, a VPN, or some other anonymizing software to hide their whereabouts, but the efforts were blocked by Republican Senator John Cornyn of Texas.

The rule change should take effect on 1st December, today, barring surprises.

On the one hand, privacy advocates and legal experts have described the rule change as the extensive expansion of extraterritorial surveillance power that will allow agencies like the FBI to carry out international hacking operations with a lot less of a hassle.

On the other hand, the DOJ argued that the changes to the rule will help investigate modern internet criminals, allowing investigators access computers whose locations are “concealed through technological means,” like the Tor anonymity network or VPNs (Virtual Private Networks), and devices used in botnets that have become powerful cyber weapons.

Assistant Attorney General Leslie Caldwell highlighted these concerns in a blog post published last week, saying if a criminal suspect is using Tor or VPN to hide its real location, it becomes tough for investigators to know his/her current location.

“So in those cases, the Rules do not clearly identify which court the investigators should bring their warrant application to,” Caldwell said.

But what would happen if the FBI hacks the botnet victims, rather than the perpetrators? Or what if the government abuses this power to target nation states?

In a speech, Wyden said that the changes to Rule 41 amounted to “one of the biggest mistakes in surveillance policy in years,” giving federal investigators “unprecedented authority to hack into Americans’ personal phones, computers, and other devices,” Reuters reports.

Other critics worry that the changes to Rule 41 would give the FBI unfettered ability to hack innocent users whose electronic devices have been infected with botnet malware without their knowledge, or anyone who keeps their identities private online.

To this concern, Caldwell argued that investigators accessing the devices of botnet victims “would, typically, be done only to investigate the extent of the botnet,” or in order to “obtain information necessary to liberate victims’ computers from the botnet.”

Caldwell further argued that the rule change would not allow the FBI to conduct “Mass Hacking;” in fact, failing to implement the rule change “would make it more difficult for law enforcement to combat mass hacking by actual criminals.”


via:  thehackernews

Save pagePDF pageEmail pagePrint page

Thanks To ‘Fight For $15’ Minimum Wage, McDonald’s Unveils Job-Replacing Self-Service Kiosks Nationwide

McDonald’s restaurant employees rally after walking off the job to demand a $15 per hour wage and union rights during nationwide ‘Fight for $15 Day of Disruption’ protests on November 29, 2016 in Los Angeles, California. (David McNew/Getty Images)

As the labor union-backed Fight for $15 begins yet another nationwide strike on November 29, I have a simple message for the protest organizers and the reporters covering them: I told you so.

It brings me no joy to write these words. The push for a $15 starter wage has negatively impacted the career prospects of employees who were just getting started in the workforce while extinguishing the businesses that employed them. I wish it were not so. But it’s important to document these consequences, lest policymakers elsewhere decide that the $15 movement is worth embracing.

Watch on Forbes: $15 Minimum Wage, What We Can Expect


Let’s start with automation. In 2013, when the Fight for $15 was still in its growth stage, I and others warned that union demands for a much higher minimum wage would force businesses with small profit margins to replace full-service employees with costly investments in self-service alternatives. At the time, labor groups accused business owners of crying wolf. It turns out the wolf was real.

Earlier this month, McDonald’s announced the nationwide roll-out of touchscreen self-service kiosks. In a video the company released to showcase the new customer experience, it’s striking to see employees who once would have managed a cash register now reduced to monitoring a customer’s choices at an iPad-style kiosk.

It’s not just McDonald’s that has embraced job-replacing technology. Numerous restaurant chains (both quick service and full service) have looked to computer tablets as a solution for rising labor costs that won’t adversely impact the customer’s experience. Eatsa, a fully-automated restaurant concept, now has five locations—all in cities or states that have embraced a $15 minimum wage. And in a scene stolen from The Jetsons, the Starship delivery robot is now navigating the streets of San Francisco with groceries and other consumer goods. The company’s founder pointed to a rising minimum wage as a key factor driving the growth of his automated delivery business.

Of course, not all businesses have the capital necessary to shift from full-service to self-service. And that brings me to my next correct prediction–that a $15 minimum wage would force many small businesses to lay off staff, seek less-costly locations, or close altogether.

Tragically, these stories—in California in particular–are too numerous to cite in detail here. They include a bookstore in Roseville, a pub in Fresno, restaurants and bakeries in San Francisco, a coffee shop in Berkeley, grocery stores in Oakland, a grill in Santa Clara, and apparel manufacturers through the state. In September of this year, nearly one-quarter of restaurant closures in the Bay Area cited labor costs as one of the reasons for shutting down operations. And just this past week, a California-based communications firm announced it was moving 75 call center jobs from San Diego to El Paso, Texas, citing California’s rising minimum as the “deciding factor.” (Dozens of additional stories can be found at the website

A crowd of about 350 protesters stand on Broadway in front of a McDonald’s restaurant, Tuesday, Nov. 29, 2016, in New York. (AP Photo/Mark Lennihan)

Other states are also learning the same basic economic lesson: Customers have a limit to what they will pay for service. Voters in Washington, Colorado, Maine and Arizona voted to raise minimum wages on Election Day, convinced of the policy’s merits after millions of dollars were spent by union advocates. In the immediate aftermath, family-owned restaurants, coffee shops and even childcare providers have struggled to absorb the coming cost increase—with parents paying the cost through steeper childcare bills, and employees paying the cost through reduced shift hours or none at all.

The out-of-state labor groups who funded these initiatives aren’t shedding tears over the consequences. Like their Soviet-era predecessors who foolishly thought they could centrally manage prices and business operations to fit an idealistic worldview, economic reality keeps ruining the model of all gain and no pain. This brings me to my last correct prediction, which is that the Fight for $15 was always more a creation of the left-wing Service Employees International Union (SEIU) rather than a legitimate grassroots effort. Reuters reported last year that, based on federal filings, the SEIU had spent anywhere from $24 million to $50 million on the its Fight for $15 campaign, and the number has surely increased since then.

This money has bought the union a lot of protesters and media coverage. You can expect more of it on November 29. But the real faces of the Fight for $15 are the young people and small business owners who have had their futures compromised. Those faces are not happy ones.


via:  forbes

Save pagePDF pageEmail pagePrint page

5 Quick Tips To Help With Information Security

Information Security is a moving target. Once you “think” that you have it figured out, boom, here comes another new threat to knock you back on your heels and question just how strong your Information Security program is. That’s the bad news. The good news is that we are going to give you 5 Information Security Tips that will help reduce the chances (notice I did not say eliminate) of an Information Security incident from taking place.(These can apply to both individuals and organizations as well):

  1. Install Antivirus and AntiMalware – Sounds simple enough but the key is to make sure that you update the definitions for both programs on a regular basis. If you have these programs on your system but they haven’t been updated in 3 months, that could lead to trouble. I know that there is a lot of talk out there in the Infosec world about the death of antivirus and while some of that might be true, it still plays a valuable role in your overall Information Security Program.
  2. Passwords, Passwords, Passwords – I get it, we are inundated with the need to create thousands of passwords for all the “stuff” we have to log in to. But, that doesn’t mean that you can use terrible passwords (like Password1) and you shouldn’t use the same password across sites/systems. Passwords are getting easier to crack so you need to be more complex in your passwords. Use longer (more than 10 characters), more complex (combination of uppercase, lowercase, numbers, and symbols), and not words. Get a password manager that generates passwords for you and this will help resolve the issue. Bonus: The password manager will save the passwords for you too! Just don’t use a weak password to login to the manager!
  3. Avoid Unsecured, Public WiFi – This would be like going to the mall during the holiday season, putting all the gifts you just bought in your car, and leaving the car doors unlocked while you go back to do more shopping. Either you are very trusting of others or you’re not that smart. Same rules apply when using that free WiFi that Starbucks offers you so you can sit there for 3 hours and consume 45 Pumpkin Spice Lattes. Use a VPN to secure your connection so hackers can’t intercept what you are doing over that very public, very open WiFi connection.
  4. Be Careful on Social Media – Social Media is great for many reasons but it can be a nightmare for many reasons too if you aren’t careful. Sharing that you are going on a trip with your family for 10 days and nobody is watching your house is an invitation for criminals to see just how good your security system might be (if you even have one). Don’t post a ton of personal information and if you do, make sure that your profile is locked so only you can choose who sees what you post. Oh, and finally, don’t accept friend requests from people you don’t know. If you don’t know them and don’t have any mutual friends in common, now might not be the time to develop that electronic friendship
  5. Secure Your Laptop and Smartphone – It’s almost 2017, if you don’t have passwords and encryption on both your laptop or smartphone, you are at a significant risk of suffering some form of a breach. In fact, if you need proof of this specific to the healthcare sector, head on over to the Department of Health and Human Services Office of Civil Rights “Wall of Shame.” This outlines all breaches reported affecting over 500 individuals as well as the reason for the breach. You will be amazed at how many are due to the theft/loss of a laptop or other electronic device.


These seem like simple things to put in place and in all honesty, they are. But, people get busy and sometimes these small things can fall through the cracks and increase your risk of a breach and the resulting fines associated with various compliance regulations. By implementing good security, you reduce your risk and simplify the process of complying with various Federal, State, and Industry Regulations.


via:  compassitc

Save pagePDF pageEmail pagePrint page