security news

Following controversy, Apple has made changes to the end user licence agreement that binds its iBooks Author software.

iBooks Author
(Credit: Apple)

The legal agreement sparked ire following the software's introduction last month for its stipulation that books that were created with the free software would have to be made available only through Apple's iBookstore if authors intended to charge for them.

In the new version of the software that went out to users late last week, the company has modified the original language to state that the only works subject to that rule are files in the .ibooks format, files that only open up for the company's iOS devices.

"This restriction does not apply to the content of such works when distributed in a form that does not include files in the .ibooks format," the end user licence agreement (EULA) now states.

"We updated the iBooks Author end user licence agreement to clarify the terms for authors regarding content ownership and distribution," an Apple representative said in a statement.

So what types of files can users sell outside of Apple's stores if they've made them in the software? That leaves PDF and plain text, neither of which work with some of the extra features - like 3D objects, widgets, quizzes and flash cards - that can be added to content created within the software.

Apple introduced its iBooks Author software at a private event last month alongside iBooks 2. The free software lets authors design digital versions of textbooks and other interactive titles for the iPad. It was launched in conjunction with the company's push to get textbook authors to create and distribute digital editions.

Shortly after its release, the licensing agreement came under fire from iOS and Mac developer Dan Wineman, who highlighted the section in question, comparing it to "Microsoft trying to restrict what people can do with Word documents, or Adobe declaring that if you use Photoshop to export a JPEG, you can't freely sell it to Getty". The latest update clarifies that.

Via CNET

European Union officials have asked Google to refrain from implementing its plans to share user information across all of its services until the privacy implications can be analysed, but Google is standing its ground.

In a letter to Google CEO Larry Page, Jacob Kohnstamm, chairman of the Article 29 working group of EU advisers on data protection issues, said: "We wish to check the possible consequences for the protection of the personal data of these [EU] citizens in a coordinated procedure," the Financial Times reported over the weekend.

The working group has asked French data protection watchdog CNIL to lead the investigation, the letter said.

But Google is not backing down on its policy modification, which was announced last week and is due to go into effect on 1 March. In a letter sent to Kohnstamm, Google privacy counsel Peter Fleischer wrote that the company is "happy to discuss this further" if the CNIL requests a meeting.

"As you will know, we had extensively pre-briefed data protection authorities across the EU prior to the launch of our notification to users on 24 January 2012," he wrote. "At no stage did any EU regulator suggest that any sort of pause would be appropriate. Since we finished these extensive briefings, we have notified over 350 million Google account holders, as well as providing highly visible notices to all our non-authenticated users."

The privacy policy changes won't affect users' existing privacy settings and no new or additional data about users is being collected, Fleischer noted. The change will allow Google to use the data it already has access to to provide more convenience and better services to users, he said. The move basically streamlines more than 60 different privacy policies of Google's into one.

Google has been able to combine information from a user's two different Google accounts, which enables users to add a Calendar appointment when a Gmail message includes data about a meeting. But Google's privacy policies have restricted the company's ability to combine information within a user's account for two services: web history and YouTube. So, someone searching Google for cooking recipes could not be shown suggestions for cooking videos on YouTube, Google said in its letter.

Google's new policy has raised legislative eyebrows the world over. Even the Australian Privacy Commissioner, Timothy Pilgrim, is looking into the policy shift, according to a report in the Australian Financial Review last week, while US lawmakers have already taken Google to task over the privacy policy changes, with some pushing the company to allow users to opt out of the switch.

Google executives appeared before a Congressional subcommittee last week to answer questions about the changes. Representative Mary Bono Mack, who heads up the House subcommittee doing the investigation, accused Google officials of not being "forthcoming" in their answers.

Google also has been taking heat for its decision to embed Google+ results in its main search page. After the news was announced last month, EPIC asked the US Federal Trade Commission (FTC) to look into whether the move violates federal antitrust rules and poses consumer privacy concerns.

The Electronic Privacy Information Center filed a Freedom of Information Act (FOIA) request with the FTC for access to a privacy report that Google recently submitted to the agency. The privacy report is required as part of a consent decree the FTC and Google announced in October to settle a complaint EPIC brought to the FTC in 2010 over the now-defunct Google Buzz social network service.

"Google promises access to the world's information, but it has not made available to the public the report it submitted to the Federal Trade Commission about the steps it takes to protect the privacy of its users," Marc Rotenberg, EPIC executive director, said in a statement.

Google said in a statement that the company could not comment on EPIC's FOIA request.

Meanwhile, Google clarified its privacy policy changes with respect to Google Apps for Government in response to concerns that it would compromise sensitive government data. The government contracts supersede the privacy policy in the old version and the new version, unless domain administrators turn on additional apps that are not in the core suite, Google said.

"Enterprise customers using Google Apps for Government, Business or Education have individual contracts that define how we handle and store their data," Amit Singh, vice president of Google Enterprise, said in a statement. "As always, Google will maintain our enterprise customers' data in compliance with the confidentiality and security obligations provided to their domain. The new Privacy Policy does not change our contractual agreements, which have always superseded Google's Privacy Policy for enterprise customers."

Separately, there is scrutiny over antitrust allegations in the US and Europe. The FTC and the US Senate have investigations under way focusing on concerns that Google unfairly promotes its own services in its search results. Meanwhile, the European Union is considering whether to file a formal antitrust complaint against Google based on similar complaints by rival search providers there.

Luke Hopewell contributed to this article.

Via CNET

It seems that applications take up a lot of the government's budget, year on year, which makes me wonder why more departments aren't following Queensland's Department of Education.

The department has released a tender for a vendor to construct a plan to rationalise 35 Microsoft Access and .NET applications, calling in an external vendor to take a snapshot of what the department's got under its hood. I'm sure it's part of the Department of Human Services consolidation.

It wants to use the money it requires to keep the applications up and running in other areas. The more it can kill off, the more it can spend somewhere else. It sounds sensible - especially when you consider data released by the Federal Government last week (PDF), which said that in the year to 30 June 2010, the applications service tower cost 36 per cent of the over $5 billion federal government IT budget.

That's almost $2 billion spent each year.

In that year, 52 per cent of employees working on public service IT were working on that area. And if you look at the people who were hired outside of the public service to work on the government's IT, 70 per cent of them worked on that area. Given that the Gershon report wanted to cut contractors down, wouldn't it be a good idea to have a good look at all these applications these people are managing?

Do we need them all? I bet the users think they do. But what if they could be convinced to move to something else that would suit their needs just as well, but would also help someone else, cutting one variant out of the mix? Unfortunately, as almost every shared services implementation has shown us, sharing has never been humanity's best trait. And many IT projects fail because of poor change management.

Then you've got to add consumerisation into the mix. End users don't want just one application to do what they need, they want the one that they like! And they like to be able to download it themselves and preferably onto their own device as well as onto the desktop. So securing and managing those applications looks like a nightmare. More people please, not less!

Is there any way to cut down the application bloat, which doesn't involve an extremely costly program that results in user uproar? Or are we just doomed to having 10 different applications to meet everyone's possible need and hiring the requisite number of people to manage them?

You can't run a successful internet service provider in this country without a lot of air travel, and it's no different for Larry Kestelman, founder of Dodo.

Larry Kestelman
(Credit: Dodo)

What tech do you travel with and why?

My laptop, because the time I get on the plane gives me the chance to catch up on all my emails. When I land, and as soon as I can connect to the internet, I press send on all my emails and they go spreading around the world.

What tech do you miss from home?

My home automation pad, which works from my iPad and controls everything in the house. When I travel I have to re-adapt to the old world of the single remote!

Most memorable travel story/experience.

Being a boat lover, I would have to say travelling with friends on a boat around the Italian and French coasts would be by far my most memorable travel experience. You can't beat the combination of water, boats and friends.

Personal travel advice/tip?

Plan ahead as much as you can so that everything runs smoothly. Consider all the things that could go wrong because who knows - they might!

What was your biggest travel disaster?

It was a disaster which in the end was diverted. Cutting it short, a taxi driver in London stole my travel bags with all of my things - documents, money, laptop and a lot of valuables after he'd dropped us off at the airport. Our flight was leaving in three hours and the thought of trying to track down a London cabbie in the heart of London before we boarded was very stressful.

We managed to access a video recording of the cab driver from the hotel we were staying at and got security to rewind the tape and find out the driver's number plates. The police ended up finding him and making him return my possessions. Needless to say it was off to the station for him. It was a very interesting experience and a miracle the police found him.

What is the best airport you've visited and why?

Hong Kong - everything runs like clockwork. I love the fact that the airport actually extends out into the mainland city so you can check-in in town, hop on a train and just go straight to the gate without needing to worry about your bags or standing in queues.

What is your dream travel tech to have on planes/in airports/at hotels?

In this day and age I'd love for there to be internet wherever I go, especially on planes. Even though there's roaming internet, it's extraordinarily expensive and hard to keep in touch. Flights can be very long so it would be amazing if you could continue communicating with the world while on board.

In some ways it's good that there's down time, there are arguments for both; however, you do have the choice to switch it off. One internet connection around the world on one plan would be amazing.

Half of all Fortune 500 companies still contain computers infected with the DNSChanger Trojan, weeks after a FBI-led takedown operations targeting the botnet's command-and-control infrastructure.…

A Wisconsin woman has been charged over claims she tried to sell $1m worth of Facebook shares that she didn't own.…

Members of Anonymous have released an intercept of a conference call between investigators at the FBI and Scotland Yard during which operations against hacktivist group were discussed.…

Apple's FileVault disk encryption can be circumvented in less than an hour, according to a computer forensics firm.…

Researchers at the Ruhr-University Bochum have managed to extract the secret encryption algorithmns used by satellite phones, and discovered that it's a lot less secure than one might hope.…

Quotw This was the week when Facebook finally filed for its IPO.…