ZDNet Australia - Security

Following controversy, Apple has made changes to the end user licence agreement that binds its iBooks Author software.

iBooks Author
(Credit: Apple)

The legal agreement sparked ire following the software's introduction last month for its stipulation that books that were created with the free software would have to be made available only through Apple's iBookstore if authors intended to charge for them.

In the new version of the software that went out to users late last week, the company has modified the original language to state that the only works subject to that rule are files in the .ibooks format, files that only open up for the company's iOS devices.

"This restriction does not apply to the content of such works when distributed in a form that does not include files in the .ibooks format," the end user licence agreement (EULA) now states.

"We updated the iBooks Author end user licence agreement to clarify the terms for authors regarding content ownership and distribution," an Apple representative said in a statement.

So what types of files can users sell outside of Apple's stores if they've made them in the software? That leaves PDF and plain text, neither of which work with some of the extra features - like 3D objects, widgets, quizzes and flash cards - that can be added to content created within the software.

Apple introduced its iBooks Author software at a private event last month alongside iBooks 2. The free software lets authors design digital versions of textbooks and other interactive titles for the iPad. It was launched in conjunction with the company's push to get textbook authors to create and distribute digital editions.

Shortly after its release, the licensing agreement came under fire from iOS and Mac developer Dan Wineman, who highlighted the section in question, comparing it to "Microsoft trying to restrict what people can do with Word documents, or Adobe declaring that if you use Photoshop to export a JPEG, you can't freely sell it to Getty". The latest update clarifies that.

Via CNET

European Union officials have asked Google to refrain from implementing its plans to share user information across all of its services until the privacy implications can be analysed, but Google is standing its ground.

In a letter to Google CEO Larry Page, Jacob Kohnstamm, chairman of the Article 29 working group of EU advisers on data protection issues, said: "We wish to check the possible consequences for the protection of the personal data of these [EU] citizens in a coordinated procedure," the Financial Times reported over the weekend.

The working group has asked French data protection watchdog CNIL to lead the investigation, the letter said.

But Google is not backing down on its policy modification, which was announced last week and is due to go into effect on 1 March. In a letter sent to Kohnstamm, Google privacy counsel Peter Fleischer wrote that the company is "happy to discuss this further" if the CNIL requests a meeting.

"As you will know, we had extensively pre-briefed data protection authorities across the EU prior to the launch of our notification to users on 24 January 2012," he wrote. "At no stage did any EU regulator suggest that any sort of pause would be appropriate. Since we finished these extensive briefings, we have notified over 350 million Google account holders, as well as providing highly visible notices to all our non-authenticated users."

The privacy policy changes won't affect users' existing privacy settings and no new or additional data about users is being collected, Fleischer noted. The change will allow Google to use the data it already has access to to provide more convenience and better services to users, he said. The move basically streamlines more than 60 different privacy policies of Google's into one.

Google has been able to combine information from a user's two different Google accounts, which enables users to add a Calendar appointment when a Gmail message includes data about a meeting. But Google's privacy policies have restricted the company's ability to combine information within a user's account for two services: web history and YouTube. So, someone searching Google for cooking recipes could not be shown suggestions for cooking videos on YouTube, Google said in its letter.

Google's new policy has raised legislative eyebrows the world over. Even the Australian Privacy Commissioner, Timothy Pilgrim, is looking into the policy shift, according to a report in the Australian Financial Review last week, while US lawmakers have already taken Google to task over the privacy policy changes, with some pushing the company to allow users to opt out of the switch.

Google executives appeared before a Congressional subcommittee last week to answer questions about the changes. Representative Mary Bono Mack, who heads up the House subcommittee doing the investigation, accused Google officials of not being "forthcoming" in their answers.

Google also has been taking heat for its decision to embed Google+ results in its main search page. After the news was announced last month, EPIC asked the US Federal Trade Commission (FTC) to look into whether the move violates federal antitrust rules and poses consumer privacy concerns.

The Electronic Privacy Information Center filed a Freedom of Information Act (FOIA) request with the FTC for access to a privacy report that Google recently submitted to the agency. The privacy report is required as part of a consent decree the FTC and Google announced in October to settle a complaint EPIC brought to the FTC in 2010 over the now-defunct Google Buzz social network service.

"Google promises access to the world's information, but it has not made available to the public the report it submitted to the Federal Trade Commission about the steps it takes to protect the privacy of its users," Marc Rotenberg, EPIC executive director, said in a statement.

Google said in a statement that the company could not comment on EPIC's FOIA request.

Meanwhile, Google clarified its privacy policy changes with respect to Google Apps for Government in response to concerns that it would compromise sensitive government data. The government contracts supersede the privacy policy in the old version and the new version, unless domain administrators turn on additional apps that are not in the core suite, Google said.

"Enterprise customers using Google Apps for Government, Business or Education have individual contracts that define how we handle and store their data," Amit Singh, vice president of Google Enterprise, said in a statement. "As always, Google will maintain our enterprise customers' data in compliance with the confidentiality and security obligations provided to their domain. The new Privacy Policy does not change our contractual agreements, which have always superseded Google's Privacy Policy for enterprise customers."

Separately, there is scrutiny over antitrust allegations in the US and Europe. The FTC and the US Senate have investigations under way focusing on concerns that Google unfairly promotes its own services in its search results. Meanwhile, the European Union is considering whether to file a formal antitrust complaint against Google based on similar complaints by rival search providers there.

Luke Hopewell contributed to this article.

Via CNET

It seems that applications take up a lot of the government's budget, year on year, which makes me wonder why more departments aren't following Queensland's Department of Education.

The department has released a tender for a vendor to construct a plan to rationalise 35 Microsoft Access and .NET applications, calling in an external vendor to take a snapshot of what the department's got under its hood. I'm sure it's part of the Department of Human Services consolidation.

It wants to use the money it requires to keep the applications up and running in other areas. The more it can kill off, the more it can spend somewhere else. It sounds sensible - especially when you consider data released by the Federal Government last week (PDF), which said that in the year to 30 June 2010, the applications service tower cost 36 per cent of the over $5 billion federal government IT budget.

That's almost $2 billion spent each year.

In that year, 52 per cent of employees working on public service IT were working on that area. And if you look at the people who were hired outside of the public service to work on the government's IT, 70 per cent of them worked on that area. Given that the Gershon report wanted to cut contractors down, wouldn't it be a good idea to have a good look at all these applications these people are managing?

Do we need them all? I bet the users think they do. But what if they could be convinced to move to something else that would suit their needs just as well, but would also help someone else, cutting one variant out of the mix? Unfortunately, as almost every shared services implementation has shown us, sharing has never been humanity's best trait. And many IT projects fail because of poor change management.

Then you've got to add consumerisation into the mix. End users don't want just one application to do what they need, they want the one that they like! And they like to be able to download it themselves and preferably onto their own device as well as onto the desktop. So securing and managing those applications looks like a nightmare. More people please, not less!

Is there any way to cut down the application bloat, which doesn't involve an extremely costly program that results in user uproar? Or are we just doomed to having 10 different applications to meet everyone's possible need and hiring the requisite number of people to manage them?

You can't run a successful internet service provider in this country without a lot of air travel, and it's no different for Larry Kestelman, founder of Dodo.

Larry Kestelman
(Credit: Dodo)

What tech do you travel with and why?

My laptop, because the time I get on the plane gives me the chance to catch up on all my emails. When I land, and as soon as I can connect to the internet, I press send on all my emails and they go spreading around the world.

What tech do you miss from home?

My home automation pad, which works from my iPad and controls everything in the house. When I travel I have to re-adapt to the old world of the single remote!

Most memorable travel story/experience.

Being a boat lover, I would have to say travelling with friends on a boat around the Italian and French coasts would be by far my most memorable travel experience. You can't beat the combination of water, boats and friends.

Personal travel advice/tip?

Plan ahead as much as you can so that everything runs smoothly. Consider all the things that could go wrong because who knows - they might!

What was your biggest travel disaster?

It was a disaster which in the end was diverted. Cutting it short, a taxi driver in London stole my travel bags with all of my things - documents, money, laptop and a lot of valuables after he'd dropped us off at the airport. Our flight was leaving in three hours and the thought of trying to track down a London cabbie in the heart of London before we boarded was very stressful.

We managed to access a video recording of the cab driver from the hotel we were staying at and got security to rewind the tape and find out the driver's number plates. The police ended up finding him and making him return my possessions. Needless to say it was off to the station for him. It was a very interesting experience and a miracle the police found him.

What is the best airport you've visited and why?

Hong Kong - everything runs like clockwork. I love the fact that the airport actually extends out into the mainland city so you can check-in in town, hop on a train and just go straight to the gate without needing to worry about your bags or standing in queues.

What is your dream travel tech to have on planes/in airports/at hotels?

In this day and age I'd love for there to be internet wherever I go, especially on planes. Even though there's roaming internet, it's extraordinarily expensive and hard to keep in touch. Flights can be very long so it would be amazing if you could continue communicating with the world while on board.

In some ways it's good that there's down time, there are arguments for both; however, you do have the choice to switch it off. One internet connection around the world on one plan would be amazing.

Symantec is reporting that it has begun to see Android malware that exhibits similar characteristics to server-side polymorphic malware in the desktop environment.

(Pixel Virus image by Surian Soosay, CC BY 2.0)

The company said that it has come across malicious Android applications hosted outside of the Android marketplace, which automatically change themselves each time they are downloaded. The malware, which Symantec's mobile-security product detects as Android.Opfake, makes changes to variable data, re-orders files in Android packages and/or inserts dummy files in an attempt to avoid detection.

These dummy files all contain a picture of a Russian man who has become somewhat of an internet celebrity due to people manipulating his photo into various images.

However, while the malware might share similar characteristics to polymorphic viruses, Trend Micro told ZDNet Australia that strictly speaking, it isn't the same in the mobile environment as it is in the desktop environment.

In the desktop environment, server-side polymorphic malware takes advantage of the way that it can be distributed. Infected sites distribute malware to the user by exploiting any number of vulnerabilities, but server-side polymorphic malware gives users a unique strain of the malware, making detection difficult. Detection usually occurs by looking for similar signatures, but, since the generation of malware occurs server-side, the end results are (ideally) completely different.

Trend Micro argues that Symantec's example isn't a true example of server-side polymorphic malware since the malware is self-updating on the client side.

"These are self-updating pieces of malware that use your mobile device's connectivity to either download updates, upgrades, configuration files," its US threat team wrote in an email, but it didn't write off the threat as insignificant.

"Much as it is like in the desktop environment, security solutions that use static signatures are not the best way to go, and adding heuristics will do better - but the better solution is prevention by blocking access to locations and sites that have been observed to only host mobile malware."

Although Trend Micro was unable to confirm at the time of writing whether its mobile security product was able to detect these types of threats, it placed emphasis on the need for users to raise their awareness and acknowledge that technology is only part of the solution.

"It's time for mobile users to awaken to the facts above, and the capabilities of their devices. They should treat app downloads with the same caution as they do on desktops, and install or make use of whatever security add-ons, as this creates another protective layer."

Rival security company Lookout said that it had noticed these types of threats several months ago, and its Mobile Security product already detects and protects against it.

Nevertheless, the company continues to take a cautious approach towards the threat.

"We are closely monitoring this family of malware to see how it evolves, like we would any malware family."

McAfee said it is aware of polymorphic malware, and while it did not confirm whether its product was able to guard against such threats, it had taken a similar approach to Trend Micro in recognising the importance in blocking access to malware sources.

"We are currently exploring a number of techniques to address this using existing technologies, such as white listing and behavioural analysis, as well as other techniques."

The use of behavioural analysis is a technique recently employed by Google's new server-side Bouncer service, which automatically scans the Android Marketplace for malicious apps.

Google declined to comment on whether Bouncer would detect apps that used techniques similar to polymorphism, or whether such apps had yet made it in to the Marketplace.

Telstra has rejected claims by its competitors that it is milking universal service obligation (USO) payments for extra cash.

Under universal service obligation legislation, currently being reviewed by parliament, Telstra will keep its copper network in place for the 7 per cent of Australia not covered by the fibre roll-out of the National Broadband Network and will provide a minimum voice service as it has for years. For this, Telstra will be paid $50 million in the first two years, and $100 million each year after for a period of 20 years by the government. Should costs for this service exceed this, the telecommunications industry will be required to pay a levy to make up the difference.

Optus and Macquarie Telecom have been particularly vocal in their opposition to having to pay this USO levy, as they see it as effectively having to pay Telstra to compete with it, and say the telco vastly overestimates the cost for providing USO services over its copper network today.

At a senate hearing yesterday, James Shaw, Telstra's director of government relations rejected these claims.

"The competitors, I have to say, don't pay the invoices that we pay, so we do know the costs involved in providing services to remote and regional Australia," he said,

According to Yolanda Chorazyczewski, Telstra's group regulatory manager, the last 7 per cent was particularly expensive for Telstra to reach.

"It is no coincidence that the NBN roll-out stops at 93 per cent. It's that last 7 per cent that is uneconomic for the NBN to roll out, well it's uneconomic for any infrastructure to be rolled out in those areas, and it is very costly to provide any other sort of infrastructure."

On the levy, Shaw said Telstra itself pays 65 per cent of the levy - effectively to itself - and noted that parts of the USO have previously been open up to competition and none of Telstra's competitors ever sought to take these on for the government.

He said the costs were purely about maintaining the copper, which becomes more expensive in regional and rural Australia.

"It's a large geographic area of Australia, with long copper runs, small population base, so the number of users on a length of copper can be quite small. So your unit cost can become substantially larger than putting a couple of kilometres of copper in a suburban area to serve thousands of customers," he said, adding that Telstra also had to maintain thousands of exchanges in the last 7 per cent.

"Which we have to keep powered up, we have to keep monitoring, so it is quite an extensive task. It takes time, money and manpower."

Shaw said that negotiations with the government had been "robust" and that the value for the USO was adequate within the whole NBN package with the government. Daryl Quinlivan, deputy secretary for the infrastructure group within the Department of Broadband, Communications and the Digital Economy, said that the department had assurances from economists commissioned during the negotiations that the value of $550 million was in the mid-range of the costs associated with providing USO.

"We've seen estimates of the cost of delivery of the USO. Anything from zero ... anywhere up to $1.8 billion. We were quite reassured that the number we eventually struck with Telstra was a midpoint," he said. "The negotiations with Telstra were very difficult, whether there is a margin in there for Telstra, I simply do not know. Telstra didn't tell us."

And given Telstra pays 65 per cent of the levy, Quinlivan said the telco had an incentive to keep costs down.

"There is a reasonable presumption ... that the operating costs of this part of the network will increase over time because it has very long [copper] lengths, it is the most hostile parts of the country. They'll be maintaining it in its current operating condition," he said. "Telstra has an incentive to minimise costs and if possible, move out of this part of the business in the medium term."

There were clauses in the 20-year agreement for Telstra to stop providing the copper network if it becomes apparent that after the NBN roll-out that it is no longer needed.

"The government's undertaking is to provide continuity of the copper services during the period of the NBN roll-out and beyond, and if it becomes clear at some point during that 20 years that the demand is no longer there for use and retention of the copper network, then there are facilities in the contract for terminating it," he said.

Quinlivan added that although the industry would ideally like to see that contract ended as soon as possible, rural interests wanted more certainty of services being offered, which is why the government opted for a 20-year contract.

update Apple has slammed a hearing deal proposed by rival litigant Samsung today, saying that splitting the issue into three separate cases would confuse the case and evade the necessary "rigorous analysis" in the courtroom.

(My trusty gavel image by Brian Turner, CC2.0)

Samsung took Apple to court over patents that it has allegedly infringed upon in its iPhone models from the 3GS iPhone onwards. Samsung has been pushing for the case to be heard as quickly as possible, but Apple said in December that it would not be ready for a hearing on the case in March, saying that it needed more time for preparation.

At stake are three matters: patents relating to 3G technology that Samsung claims have been used without permission; the ability to use the technology under a fair, reasonable and non-discriminatory (FRAND) licence; and issues of competition law.

Samsung's most recent proposal saw the Korean-based gadget maker offer a deal where the two parties would have each matter - the patent case, the FRAND case and the competition case - separated into three parts, with the first starting in April. Samsung stated its plans before Christmas to propose splitting the matters, but Apple said then that there is too much overlap between the split portions.

Apple vehemently rejected Samsung's proposal to split the case this morning before Justice Annabelle Bennett, saying that it is a prime example of sloppy case management.

"It seems to be proposed that patent matters ... are treated as a deliberately split-up case, with settlements to be heard at different times. There are huge problems with the proposition," said Stephen Burley QC, representing Apple.

One of Apple's primary concerns remains the presentation of witnesses and subject-matter experts to the court. Apple claimed that both it and Samsung would need to rely on the same witnesses in different sections of the case, meaning that they would need to be called twice or even three times to give evidence before the court.

"[Samsung's] proposal that they're suggesting ... is that the patent-infringement case experts be cross-examined before evidence is even filed in the overlapping competition and infringement cases, which requires further cross-examination of the same witnesses at a later date," Burley QC said in objection, adding that breaking the three cases up would see the parties fighting on multiple fronts.

"It's also an extraordinary step to take as a matter of case management - to deliberately start a case knowing it can't finish is an extreme step," he said, adding that "there is no urgency that requires such a step."

Neil Young SC, appearing for Samsung, disagreed with Apple's assertions, saying that splitting the cases is nothing new.

"The idea of having a stage-based hearing broken up into parts is common practice. It's simply an adjournment, where we then address the later stage of a case. Your Honour originally set aside six weeks in March and April ... that time has been set aside, and we desire to use it. These issues aren't going to go away unless they're resolved by a court," Young said.

Samsung also shot down Apple's claim that hearing from multiple witnesses at different times would cloud the case, saying that technical testimony does not change over time.

"There's no reason to see why that purely technical evidence can be in any dispute."

Samsung mounted its own offensive in court, saying that Apple only filed the competition-law counterclaim - which alleges that Samsung was singling out Apple when it could have gone after any phone manufacturer or network carrier - after it lost its appeal to have the Galaxy Tab 10.1 banned in Australia. Samsung also said that Apple has brought its most recent timetable restrictions upon itself.

"Apple made no reference at all to raise a competition case ... even though they had [formally set out] a case in the US. It's set for trial in June or July, and there was 13 days set aside ... for that hearing. A conscious decision was raised in Australia that [a competition-law case] would not be raised in [local] proceedings.

"There is no evidence that Apple did any work to prepare evidence prior to 20 December relating to the competition case. It appears to be a matter which appeared during 2012," Samsung said.

After hearing a day's worth of submissions, Justice Bennett proposed that both parties submit to the court a draft set of short minutes that sets out what has to happen and when, so that the two can come to a middle ground on hearing dates.

"It's not good enough ... to set down a date and say it'll all happen by then. Give me a set of short minutes that take care of all the steps that need to take place between now and the hearing, [like] experts meeting [and] who needs to apply," Bennett said.

The case was adjourned until next Wednesday.

Updated at 4.30pm, 3 February 2011: added last three paragraphs on Bennett's orders to the parties.

Michael Lee also contributed to this article.

Why is Facebook floating and is it a bad idea for mum and dad investors? Optus won the first round of TV Now, what happens now and how can you get away with petty internet crime?

On this week's episode of Technolatte:

• Facebook finally files its multibillion-dollar IPO
• We talk about the ramifications of Optus' TV Now win against the football codes
• Why do companies like Trend Micro let small offenders get away with small crimes online?

• Subscribe to Technolatte on iTunes.

  Running time: 18 minutes, 27 seconds

Although Microsoft struck a massive blow at the Kelihos/Hlux botnet last year, Microsoft's ally in the strike, Kaspersky Labs, has now found new variants of the Kelihos bots, calling into question whether the operation was effective.

(Red Robot 3 image by Splenetic, Royalty Free)

The Kelihos/Hlux botnet was previously dealt a blow through a method called sinkholing. During normal operation, botnets communicate with one or more command-and-control centres. The compromised computers need to know where the command-and-control centres are, so the botnet's operators set up domains and modify their DNS entries to point to the IP address of the command-and-control centre's servers.

Sinkholing comes into effect when researchers contact the domain registrars, prove that the domains are being used for malicious purposes and take control of their DNS entries, substituting their own server IP addresses. This fools infected computers into communicating with the researchers' server instead. At this point, no further instructions are sent out to compromised clients, as attempts to self-cleanse the botnets have numerous ethical and legal considerations. Although being cut off from the command-and-control servers effectively neutralises infected computers from being able to conduct illegal activities, the PCs are still left open to future exploitation by criminals.

The method was seen as a better alternative than attempting to gain control of the command-and-control servers. The latter strategy required a highly coordinated surprise attack, since operators could always modify the DNS entries of their domains and point to new servers if they ever realised or suspected that their physical infrastructure was being compromised.

However, Kaspersky has said that sinkholing may not be very effective if the botnet's operators are not apprehended. It found that shortly after the announcement made by Microsoft and itself last year, new versions of the bot's code had begun to surface, either written by the existing yet-to-be-caught operators, or by a new player that had obtained the botnet source code.

The presence of two different keys used to encrypt communications in the new version of the botnet code indicates that there may be two different groups controlling the botnet, the company wrote in a blog post.

The company said that sinkholing might still be used to neutralise botnets, but it would require slightly different techniques, including pushing tools on to infected machines to remove infection, and forcing operators to re-infect if they want to build another botnet. Ultimately, though, the company said that the most effective way to disable botnets is to find the operators.

Microsoft has recently accused former antivirus employee Andrey Sabenikov of being involved in the botnet; however, he has said that he is innocent.

If you ever needed proof that the internet puts power into the hands of the consumer, take a look at the latest electricity prices in New Zealand.

Energy prices have now fallen for two consecutive quarters, for the first time in almost 13 years. The main reason being touted for this is growing competition, fuelled by price comparison websites, such as the government's www.whatsmynumber.org.nz, which covers the electricity market.

The website enables people to quickly identify their estimated savings using a simple calculator. People wanting to access the estimated savings can then link to the Consumer NZ's Powerswitch site www.powerswitch.org.nz to confirm a new retail deal and initiate the switch to a new retailer.

Around a quarter of a million Kiwi householders switched providers in 2011. This amounted to a record one in four households, as switchers increased 12 per cent last year, which is up 74 percentage points since records began eight years ago.

Online providers like Powershop benefited most, thanks to campaigns to highlight the benefits of switching providers.

We have seen how price comparison websites like Trivago, Moneysupermarket.com and Gocompare have revolutionised the travel, insurance and finance sectors, especially overseas, but now we can see a clear example of the web bringing power to the people in one of the most basic of commodities in New Zealand.

While the consumers may seem the main beneficiary, we should also remember that online also provides businesses with a cheaper retail channel. It also adds transparency for the government, which is the dominant supplier in New Zealand and can be blamed for price increases.

It all confirms that no matter how markets operate and are regulated, by letting people make better, informed choices, which help bring prices down, the internet truly does bring power to the people. Of course, what it means for retailers struggling to adapt to change is another story.

NewSat has signed a $180 million contract for capacity on its Jabiru-1 satellite.

The deal with Asian satellite operator MEASAT Satellite Systems will provide multiple transponders covering South Asia and Southeast Asia for 15 years - the lifespan of the satellite.

The deal is set to be completed over the next two weeks as the satellite's specifications are finalised. A lease agreement with MEASAT will also be executed for capacity on Jabiru-2.

NewSat is planning to launch the Jabiru-1 satellite later this year. It will be a hybrid Ku- and Ka-band satellite, which will provide coverage over Southeast Asia, the Middle East and North Africa.

It has been signing a string of deals for capacity on the satellite. Last year it signed a 10-year, US$134 million contract to provide satellite capacity to Pakistani telco 3A Technology, hot on the heels of a similar US$105 million deal with the a US carrier, and an earlier deal with the US military.

Communications Minister Stephen Conroy has flagged potential legislative changes to protect football-broadcast rights following the Optus TV Now ruling.

The ruling by Justice Steven Rares in the Federal Court earlier this week stated that Optus' TV Now app does not infringe on the copyright of the sporting codes when it records and replays their TV broadcast. This decision has sparked concerns from a number of sporting agencies worried that the ruling devalues their broadcast contracts. The Australian Football League (AFL) is likely to appeal the ruling in order to salvage its $153 million five-year contract for mobile-broadcasting rights with Telstra, but the organisation has estimated that it could take up to two years to resolve.

Speaking on the Today Show yesterday, Communications Minister Stephen Conroy - an avid Collingwood football club supporter - said that the government would wait for the appeals process to resolve, but indicated that the government may seek to change the legislation to protect the broadcasts of the sporting codes.

"It is a very far-reaching decision that could significantly change the way sporting rights are allocated, and whether it is possible to protect content online," he said. "If we want to sustain the competitions - the NRL, the AFL and all of the other sporting competitions, not just here but around the world - then you have got to be able to, if you pay a large amount of money for those rights, you have got to be able to protect it."

Conroy said that the government had anticipated such issues by commissioning the Convergence Review, which aims to address evolving technology, such as Optus' TV Now app and IPTV, and its impact on free-to-air broadcasting.

Conroy hinted that the government may need to take steps to ensure that rights are upheld.

"We will be wanting to make sure we get the right balance between consumers and the sporting-rights bodies and the TV stations; no one will pay for these rights if they can't find a way to make money off them."

The Convergence Review handed down its interim report late last year, calling for the dissolution of content licences for traditional outlets, instead to be replaced by "content-service enterprises" that are technology neutral and are overseen by a new regulator.

The final report of the Convergence Review is due to reach the government next month. The government is also currently reviewing the 2006 amendments to the Copyright Act 1968 that includes the provision allowing individuals to record TV broadcasts to watch "at a time more convenient".

Ian McDonald, special counsel for copyright with Simpsons Solicitors, told ZDNet Australia that because Optus handles all of the recording, and stores the recordings in the cloud, it will raise interesting questions when this section of the Act is reviewed.

"Nobody really had the cloud in view at that point. Certainly not the legislators or copyright industry in general," he said. "The cloud raises a whole series of quite different policy questions, which is: we are no longer looking at the activities of an individual. We're looking a business model, and an organisation or commercial entity [making the recording].

"Would we apply the same reasoning or see the same need for an exception as the [time-shifting provisions] if we're talking about a centralised, organised commercial entity, which is using this as part of its business model to sell a service?"

A short directions hearing for the case was stood over until Thursday, 9 February, because the parties could not agree on the outstanding matters from the trial. Justice Rares said that he would "endeavour to convene a full court" for the appeal as soon as possible, given the impending start to the season of football for both the AFL and the NRL.

In the meantime, there's speculation that the Federal Court ruling may end up devaluing the broadcast contracts, not only with Telstra, but also free-to-air broadcasts, and this in turn may impact the clubs and the players themselves. Marita Shelly, a law PHD candidate at RMIT University wrote on The Conversation that the AFL may seek to renegotiate player agreements.

"The big losers will be the football clubs and the players. Potentially, the AFL will attempt to re-negotiate with the AFL Players Association in regards to the collective bargaining agreement. Clubs could also be placed in financial risk if their funding was to be reduced," she said.

Optus has won the first round against the sporting codes to keep its TV-recording app alive, but it is far from over.

The ruling by Justice Steven Rares in the Federal Court earlier this week that Optus' TV Now app does not infringe on the copyright of the sporting codes when it records and replays their TV broadcast has sparked concern from a number of sporting agencies that believe the ruling devalues their broadcast contracts.

But this is just the beginning, the AFL is likely to appeal the ruling in order to salvage its $153 million five-year contract for mobile broadcasting rights with Telstra, but the organisation has estimated it could take up to two years to resolve.

Full Spectrum delivers you all the latest National Broadband Network news, and keeps you up to date with the hustle and bustle of the telco industry.

Startmate company Ninja Blocks raised over $35,000 in under four days via the Kickstarter project to build a device that bridges the gap between your real life and the web.

The Ninja Blocks device is an open-source hardware device composed of an RGB LED; built-in temperature sensor; and accelerometer, which communicates with web apps via the Ninja Cloud, according to the description on the project page.

It was founded by Australian trio Madeleine Moore, Marcus Schappi and Mark Wotton, whose project was recently accepted into the 2012 Startmate mentor program.

The Ninja Block can be programmed for "if this then that" tasks, where an action is performed when the device's sensor is triggered. Sample triggers include "movement has been detected" or "a button has been pushed", and actions include "display text on an LCD display" and "send an SMS to my phone".

It will launch with support for Dropbox, Twitter, Facebook, Google Docs, SMS, voice calls and Xbox Live. The device features four expansion ports, and a USB port for additional sensors that can offer different triggers.

The company claims that the Ninja Cloud allows you to control your Ninja Blocks without writing a single line of code, and examples of tasks are taking a picture of your front yard and saving it to Dropbox when movement is detected or turning on a lamp in the hallway if your baby is crying.

The project was posted on crowdsourced fundraising site Kickstarter, where companies can raise money for a project by offering products and services in exchange for financial pledges.

The $24,000 target was reached in 72 hours, and currently 228 backers have pledged over $35,000, with 38 days to go.

Hardware devices are extremely unique innovations because they are easier to sell and much more valuable to investors. The idea leverages existing popular social-networking and web services and connects them to real life. It's backed by the Startmate program. The Kickstarter project has proven there is huge customer demand.

The device will have to provide a seamless user experience. While it can perform a wide range of cool tasks that appeal to geeks, it should focus on doing a couple of tasks extremely well that will really resonate with mainstream consumers (eg, home security, baby monitoring, Twitter reader, etc).

There are virtually endless opportunities to apply this technology to "bring web apps to life".

The open-source hardware means that someone else could develop their own version of the device, powered by a different software layer.

This is a really exciting innovation. While this kind of sensor technology has been the plaything of garage geeks, the proliferation of mobile and web apps, and social networking tools, means that there is a greater potential to apply it in the lives of everyday consumers. Having a hardware device to sell makes it a very valuable investment or acquisition proposition, and based on the results of the Kickstarter project, it will deliver impressive sales for the company.

Verdict: BOOM

Google has added an automated scanning process that is designed to keep malicious apps out of the Android Market.

The new service, code-named "Bouncer", scans apps for known malware, spyware and trojans, looks for suspicious behaviour and compares against previously analysed apps, Hiroshi Lockheimer, vice president of engineering on the Android team, said in an interview with ZDNet Australia's sister site CNET yesterday.

Every app is then run on Google's cloud infrastructure to simulate how the software would operate on an Android device, he said. Existing apps are continuously analysed, too.

"The system takes an app that's been uploaded, and runs it in the cloud and monitors what the app is doing in a virtual environment, if you will," Lockheimer said.

If malicious code or behaviour is detected, the app is flagged for manual confirmation that it is malware. The app could be blocked from being uploaded if it is blatantly malicious, or will be removed quickly thereafter if it gets flagged by the scanning process. "It won't get uploaded at all if it is an instance of known malware," Lockheimer said.

Unlike Apple, which vets every iPhone app before it hits the iTunes Marketplace, Google does not require pre-approval for Android apps. Instead, it does the screening of the apps behind the scenes when the developers upload them to the Android Market.

Google is also analysing new developer accounts to "prevent malicious and repeat-offending developers from coming back," the company said in a blog post.

Google has been quietly testing Bouncer for a "number of months", long enough to see an impact, Lockheimer said. Between the first and second half of 2011, there was a 40 per cent decline in the number of downloads of potentially malicious apps, the company said.

Lockheimer said that he could not say how many malicious apps had been blocked or removed from the market as a result of the scanning.

Asked if Google created Bouncer in response to complaints about malicious apps on the Android Market, Lockheimer said no. "It's not like there is a rampant malware problem," he said. "Think of it as an insurance policy ... to ensure that Android continues to be a safe place."

Mobile-security firm Lookout found about 1000 malicious Android apps last year, but the vast majority were on unofficial, third-party sites, where anything goes. However, some malicious apps have made it to the Android Market, including about two dozen apps containing malware that Google yanked in May, and nearly 60 malicious apps removed in March.

It's likely that Bouncer will flag apps that may not technically be considered malware, but are designed to perpetrate fraud against the consumer. This would include situations such as the nearly 30 fraud-related apps Google pulled from the market in December that were found to be charging premium-SMS toll rates on European phones without the user's knowledge.

Asked to comment on this, a Google spokesperson said, "We look for many things; this may be one of them."

The news was met with praise by security experts, including some who wondered why Android apps weren't scanned from the beginning.

"I think it is great that Google is taking steps to address the inevitability of malicious apps in their app store. What were they thinking at first?" said Chris Wysopal, chief technology officer at application-security provider Veracode, who had called on Google to scan Android apps in March last year.

"Both Apple and Microsoft started their app stores with a validation process. Blocking known malware patterns is a no-brainer.

"We think it is great that Google is working with the Android community to provide an alternative to a manual curation process, allowing developers to innovate quickly, while also increasing the baseline level of security for Android users," said Kevin Mahaffey, chief technology officer at Lookout. "We collaborate closely with the Android security team to protect users against threats, and believe this is a step in the right direction in securing the Android ecosystem from a broad range of constantly evolving threats."

Via CNET

Details of Microsoft's Windows Phone 8 were prematurely outed thanks to a leaked video obtained by PocketNow.com.

Joe Belfiore, director of Microsoft's Windows Phone program, in a video obtained by PocketNow
(Credit: PocketNow.com)

The next big iteration of its Windows Phone platform appears to address many of the early concerns and brings it to par with competing platforms. Microsoft is still fighting an uphill battle in getting its phones - which have been critically praised - into the hands of consumers. So far, consumers have by far favoured Android smartphones and the iPhone.

The version, codenamed Apollo, will allow vendors more choice with how they build their phone, going back on Microsoft's previous insistence upon using a standard set of specifications. That allows the handset manufacturers to better compete and stand apart from each other with varying levels of specs.

The platform will add support for multi-core processors - at a time when Android devices are already moving to quad-core chips - four different screen resolutions, a removable microSD card and near-field communication, crucial for mobile payments.

Windows Phone 8 will also integrate with the Windows 8 desktop and tablet operating system. The hope is developers can take chunks of their code for one platform and move it to the other. PocketNow said the company expects 100,000 apps to be available at launch, which it pegged to the fourth quarter. Windows Phone 8 will add native code support, allowing for apps that are more integrated into the devices. Skype may also play a bigger role in the operating system.

Possibly taking a swipe at Research In Motion's shrinking share for its BlackBerry devices, Microsoft is adding more business-friendly features such as encryption and allowing companies to build their own proprietary apps into the phone.

The new platform will also be designed to better handle data traffic, opting to go to Wi-Fi and using proxy servers to feed pages to internet Explorer 10, similar to how Opera Mini can achieve faster browsing times.

Via CNET

Making it too easy for entrepreneurs to access investment funds can have an adverse impact on the start-up landscape, as it encourages substandard ideas that will inevitably fail.

There lies a fine but important line between making things easier, for example through government grants, and ensuring that budding entrepreneurs do not fall into complacency by being sheltered against hard knocks, said industry players at the first annual Startup Asia on Thursday.

Speaking to ZDNet Australia's sister site ZDNet Asia at event sidelines, Lim Kuo-Yi, CEO of Infocomm Investment, said that government grants serve their purpose well in giving people a chance to experience running their own business. Infocomm Investment is the venture-capital (VC) subsidiary of Singapore's Infocomm Development Authority (IDA). Lim is also the mentor-in-residence at Singapore Management University's Institute of Innovation and Entrepreneurship.

However, he noted that this could also lead to more start-ups being formed just to get the money, and not because entrepreneurs have a really good idea that can become commercially successful.

According to Lim, government grants are about achieving quantity effect, lowering barriers and simplifying things, so to give a shot to as many entrepreneurs as possible.

However, quality also matters, and businesses have an obligation to prove themselves as quality start-ups, he added.

Lim's views were shared by Alvin Yap, CEO and founder of TMG, a Singapore-based developer of mobile games for emerging markets. Also a speaker at Startup Asia, Yap acknowledged the importance of external help, such as government support and funding, but added that a "reality check" with real-world experience is necessary for a successful business.

"The government fund was not to grow my business, but to help teach me how to be an entrepreneur. The only way [to learn to run a business] is to go out and get your arse kicked," he said.

Yap, 26, founded The Mobile Gamer (TMG) when he was 22 years old. "Being young, you don't have much savings." Three years ago, his start-up received two grants totalling about US$80,205 from Spring Singapore and the Media Development Authority. The company has since received two more rounds of private investment.

"We would have never [have] got started if not for government funding. But none of it goes into what we're doing now. Instead, those funds went into us nurturing and maturing [ourselves] as entrepreneurs," he added

While it should not be too easy for aspiring entrepreneurs to set up and run their start-ups, it should also be not too difficult.

Lim emphasised that it is not about deciding what approach has more merits. Instead, there should be different entrepreneurship programs to achieve specific purposes. "If the objective is to just give people the experience of running a business, then lower the bar. If it's to create good, successful companies, then be more selective," he said.

Lim also pointed out that ideally, the local community of private VCs and investors should be strong and vibrant enough to invest in start-ups without government involvement. The government's role is to kick-start markets that have yet to get much attention, and, once enough momentum sets in, private VCs and investor angels step in, he said.

Yap also suggested that government funding programs should increase consultation from entrepreneurs on the ground. This refers to people who are currently active in the market space, rather than academics or those who are very experienced but have since retired. "For today's start-ups, you need today's people who are relevant," he said.

Via ZDNet Asia

In November of last year, ZDNet Australia conducted a live panel discussion that focused on the future of the desktop.

Then, on 6 December, we presented a live webinar entitled "Modernising the Desktop", where we talked with futurist Morris Mselowski to get his thoughts on future user interfaces. Leading Morris through the presentation was Twisted Wire host Phil Dobbie. Here are just some of the points discussed:

• Physical workspace-tied desktops will not be the default work area
• Project and task-driven projects
• Data retrieval and information access will not be linear and hierarchical, but semantic and driven by intent and need
• Tomorrow's workspace managers will need to know how to juggle all these new "workspaces"

You can watch and listen to that webinar by clicking on the window above.

If you've got thoughts on what the desktop of the future will look like, please leave your comments in the Talkback section below. We look forward to hearing from you.

The Australian Football League (AFL) has vowed to take every legal avenue available to protect its multimillion-dollar broadcast-rights deal with Telstra, but its fight may take up to two years.

AFL chief executive Andrew Demetriou has warned Telstra's rival Optus that its victory in the Federal Court, which assured that it would be allowed to broadcast recorded matches on mobile platforms, would be short lived.

The AFL, the National Rugby League (NRL) and Telstra will appeal the judgment, as it blurs the AFL's $153 million deal with Telstra, and throws the NRL's ongoing negotiations for a similar deal into jeopardy.

"We will have our day yet again. We will go through the proper legal processes and exploit all of our avenues through appeal," Demetriou said.

"They can crow all that they like today, but this has a long way to play out."

Demetriou said Telstra has indicated that it will honour its five-year agreement with the AFL. Telstra, however, would not confirm its commitment.

Copyright lawyer David Brennan believes that even if the leagues and Telstra successfully appeal, Optus would then take it to the High Court, which could restore the original judgment.

The ultimate action for the sporting codes and Telstra is for federal parliament to change the out-of-date legislation to keep up with technology, and tighten up the exclusivity of broadcast deals.

Brennan says that any change to the Copyright Act could take as long as two years to get through parliament, but the lobbying will begin immediately.

Although Telstra holds exclusive internet-broadcast rights for the AFL and the NRL, Justice Steven Rares ruled on Wednesday that Optus customers can record any free-to-air TV program and play it on mobile devices at a later time - even as soon as two minutes after the program begins.

Brennan said that many issues in Rares' ruling are contestable.

"Until there's an appeal, I don't think anyone can be really confident as to what the law of the land is," he said.

"If I was Optus, I wouldn't be building my house entirely on the strength of this judgment. Everyone involved would be prudent to wait until that is settled."

Optus chief executive Paul O'Sullivan said that the decision was about consumers' rights.

"Yesterday's decision continues to allow millions of Australians to record and play back free-to-air TV at their convenience - just as they have done since the VCR arrived in Australia, and continue to do so today via emerging digital services like TiVo, Play TV and Foxtel IQ," O'Sullivan said.

But Demetriou was adamant Optus is breaching copyright and jeopardising sports that rely on millions of dollars from broadcast rights.

"We are absolutely entitled to protect our content and exploit our content," Demetriou told ABC Radio on Thursday.

"What we do as a not-for-profit organisation is: if we derive returns, we reinvest it into our code.

"We will do everything in our power, everything, to make sure that we protect our content, because that's what it is; it's ours.

"When you have a situation where Optus seek to try and use our content without ever undertaking one discussion with the AFL, that is where we say we think it's a breach of our copyright."

The NRL's 2013-17 agreement will be finalised this year, but it's concerned that the ruling will impact cash-strapped clubs desperately waiting for a windfall from a new deal.

Cricket Australia, which has a deal with Vodafone, said it will assess the ruling.

The Coalition of Major Professional and Participation Sports (COMPPS), a lobby group that represents the AFL, the NRL, the ARU, Cricket Australia, the FFA, Tennis Australia and Netball Australia, said that changing legislation is the most likely solution.

"Certainly, key ministers are aware of the situation and the problems it creates for sport," COMPPS executive director Malcolm Speed said.

Speed said that coalition members have discussed the issue, and will work out their response in addition to the appeal from the AFL, the NRL and Telstra, which is likely to be lodged within a week.

Facebook's long-awaited initial public offering (IPO) filing revealed the social network's financial picture, but the company also had to lift the kimono on its technology infrastructure. Simply put, there are technology risks that come with scaling enough to support 483 million daily active users.

Disclosure about technology infrastructure isn't new in IPO filings, but there are some key points worth noting about Facebook.

Among the key IT facts from Facebook's filing:

• Facebook is aware that security could hurt. "Computer malware, viruses, and computer hacking and phishing attacks have become more prevalent in our industry, have occurred on our systems in the past, and may occur on our systems in the future. Because of our prominence, we believe that we are a particularly attractive target for such attacks," said Facebook. Translation: we have a bull's eye on us.

• Facebook is going to pull an Amazon and Google, and sacrifice margins for datacentres. Facebook said:

  Historically, our costs have increased each year due to these factors and we expect to continue to incur increasing costs, in particular for servers, storage, power and datacentres, to support our anticipated future growth. We expect to continue to invest in our global infrastructure in order to provide our products rapidly and reliably to all users around the world, including in countries where we do not expect significant short-term monetisation. Our expenses may be greater than we anticipate, and our investments to make our business and our technical infrastructure more efficient may not be successful.

• Uptime matters - a lot. Facebook noted:

  As our user base and the amount and types of information shared on Facebook continue to grow, we will need an increasing amount of technical infrastructure, including network capacity, and computing power, to continue to satisfy the needs of our users. It is possible that we may fail to effectively scale and grow our technical infrastructure to accommodate these increased demands.

• Third parties need to deliver. Facebook relies on a series of third-party providers - notably software-as-a-service providers. Providers to Facebook include Salesforce.com, NetSuite and Oracle to name a few, we've been told.

• Facebook has proprietary technology risks. Facebook said:

  In 2011, we began serving our products from datacentres owned by Facebook using servers specifically designed for us. We plan to continue to significantly expand the size of our infrastructure, primarily through datacentres that we design and own. The infrastructure expansion we are undertaking is complex, and unanticipated delays in the completion of these projects or availability of components may lead to increased project costs, operational inefficiencies, or interruptions in the delivery or degradation of the quality of our products. In addition, there may be issues related to this infrastructure that are not identified during the testing phases of design and implementation, which may only become evident after we have started to fully utilise the underlying equipment, that could further degrade the user experience or increase our costs.

  The big takeaway with that disclosure is that Facebook is wrestling with procurement. HP CEO Meg Whitman has already noted that Facebook has had issues procuring parts amid a hard drive shortage.

• Software matters. Facebook's code is "highly technical and complex". "Any errors, bugs or vulnerabilities discovered in our code after release could result in damage to our reputation, loss of users, loss of revenue or liability for damages, any of which could adversely affect our business and financial results," said Facebook.

• Acquisitions and integration experience could hurt. Facebook noted that it may struggle integrating acquired companies on the technology front.

Via ZDNet US