Tuesday 29 November 2011

Black Friday and Cyber Monday US online sales soar

Online sales rose faster than expected in the US on Black Friday, according to surveys.

Internet sales totalled $816m (£524m), a 26% gain on last year, said Comscore. IBM Coremetrics put the rise at 24%.

Black Friday, the day after Thanksgiving, is treated by many retailers as the start of the Christmas shopping season. They offer one-off discounts to mark the occasion.

Analysts said heavy promotional activity helped drive demand.

By comparison, a report by Shoppertrak suggested that in-store Black Friday sales were up by 7% on last year, at $11.4bn.
Beating the rush

Around 50 million Americans visited online retail sites on Friday, according to Comscore.

It said Amazon was the most popular destination, with 50% more visitors than any other retailer.

Walmart, Best Buy, Target and Apple were next in line, said the analytics company.

"Despite some analysts' predictions that the flurry of brick-and-mortar retailers opening their doors early for Black Friday would pull dollars from online retail, we still saw a banner day for e-commerce," said Comscore's chairman, Gian Fulgoni.
Mobile shopping

IBM Coremetrics also noted a trend towards shopping on smartphones and tablet computers.

It said Black Friday purchases made on mobile devices had accounted for 9.8% of all online sales, compared with 3.2% last year.

IBM described mobile shoppers as having had a "laser focus" since they had been more likely to view a single page on a retailer's site rather than browse what else was for sale.

IBM said Apple's iPhone and iPad had generated the most mobile internet visits to online stores, accounting for more than double the traffic originating from devices running Google's Android system.

The company also noted a jump in Black Friday related chatter on social networks. It recorded a 110% rise in discussion volumes after consumers had shared tips on how to secure products before they sold out and the best places to park.
Cyber Monday

Friday's internet sales are expected to be eclipsed today on what is referred to as Cyber Monday - which many experts believe will be the US's busiest online shopping day of the year.

Close to 123 million Americans plan to make an online purchase according to a survey commissioned by the US National Retail Federation, an industry lobby group. That would be a 15% increase on last year.

NRF said nearly eight in ten online retailers would run special promotions including "flash sales that last an hour" and "free shipping offers".

The federation also highlighted the shift to mobile devices, saying it expected 17.8 million Americans to use them to shop today, nearly five times the number in 2009.

"Retailers have invested heavily in mobile apps and related content as the appetite for Cyber Monday shopping through smartphones and tablets continues to rise," said Vicki Cantrell, executive director of the NRF's website shop.org.
Cyber confusion

UK internet retailers said it was less clear which day will be the UK's busiest online shopping day this year.

"Over the last couple of years we have seen a fortnight of peak activity over the period corresponding to both this and next week," said Andy Mulcahy, a spokesman for the industry body Interactive Media in Retail Group (IMRG).

"We expect £3.72bn will be spent online over the two week period."

Mr Mulcahy said that although some retailers are trying to generate interest in the idea of a cyber event in the UK, but they are split over which day to mark.

Visa Europe said it believed today will be the UK's busiest internet shopping day, with £303m spent online.

eBay has forecast that it would experience its peak in activity this Sunday with more than 5.5 million people expected to log onto the UK version of its auction website.

Amazon said it expected to experience more demand the following day.

"In recent years, the first Monday in December has been Amazon.co.uk's busiest day with orders for over 2.3 million items being placed on Monday 6th December last year," said Christopher North, the website's managing director.

Saturday 26 November 2011

United Kingdom cybersecurity project a 'promising step' but with hazards

The UK government has today released its 2011 Cyber Security Strategy.

With an increased focus on cybercrime, and renewed focus on cyberspace as an engine of economic and social prosperity, the strategy continues to hone Whitehall's understanding of this vibrant, complex and increasingly global domain.

Many of the strategy objectives - in particular those related to securing critical infrastructure - will require close engagement with the private sector.

These public-private partnerships are essential, and, as noted in a recent Chatham House report on critical national infrastructure, they require awareness, engagement and trust among senior decision makers on all sides.

This is not an easy process and requires a keen understanding of the incentives that guide actions in the public and private sectors.
Links to business

The government will also have to balance the tension between building a more secure environment - which requires standards and regulation - and encouraging businesses to set up shop in the UK.

However there are signs that Whitehall is aware of these complexities and the need to experiment with potential solutions.

One new initiative is a three-month pilot scheme among five business sectors: defence, finance, telecommunications, pharmaceuticals, and energy.

It will exchange "actionable information on cyber threats", "analyse new trends" and work to "strengthen and link up our collective cyber security capabilities".

The strategy also supports existing independent initiatives such as Get Safe Online (raising awareness of cyber threats) and Cyber Security Challenge UK (searching for new talent), both of which have taken a good idea and implemented it in a simple and straightforward manner.
Risks

Cybercrime is topic that receives significant focus, in particular for the damage it does to the financial and social fabric of the country.

One primary initiative will create a "national cyber crime capability as part of the new National Crime Agency by 2013".

Another will create, by the end of 2011, a "single reporting system for citizens and small businesses to report cyber crime".

These are all encouraging steps that will require patience and persistence but which are essential.

One idea that looks slightly riskier is a "government-sponsored venture capital model to unlock innovation on cyber security in SMEs" (small and medium enterprises).

The appetite for risk varies widely between Silicon Roundabout and Whitehall, and government experimentation with venture capitalism has often produced mixed results. For example the US government's $535m (£345m) loan to Solyndra - the now-bankrupt solar panel manufacturer.
First steps

The new strategy is more detailed than the 2009 version, and in many ways reads more like a cyber and economic security strategy.

It continues the process set in motion by the recent Foreign Office-led London Conference on Cyberspace, which emphasised the economic and social benefits of a secure cyberspace and called for development of "rules of the road".

The introduction to the strategy notes that the government will report back in 2012 on progress made toward these objectives.

This strategy is a promising step and has ambitiously laid out a task list of dozens of actions.

The real challenge will be to prioritise and deliver in a climate of financial austerity.

David Clemente is a research assistant specialising in international security, at the Chatham House think tank.

He is the co-author off the organisation's recent report "Cyber security and the UK's critical national infrastructure".

Thursday 24 November 2011

Black Friday iTunes infected credit malware alarm

Criminals are targeting internet users with a new gift certificate scam, according to security experts.

Users receive an email that claims to be from Apple's iTunes store, warns the Eleven security blog.

The ZIP file attached contains malware that may allow hackers to gain access to the recipient's computer.

The blog says the attack appears to have been timed to coincide with Black Friday, one of the US's busiest shopping days.

Black Friday was the name used by Philadelphia's police department in the 1960s to describe the day after Thanksgiving because of all the traffic jams caused by people visiting the city's stores.

It is now viewed by many retailers as the start of the Christmas shopping season. They mark the day with one-off discounts and other special offers.

Eleven says the period has become one of the most popular times for internet scammers to target users.
Infected offer

The security firm says that users are told they have been sent $50 (£32) of iTunes store credit and need to open an attached file to find out their certificate code.

The file contains a program known as Mal/BredoZp-B.

PCthreat.com says the software opens up a backdoor on the users' computers and may also capture passwords and other information.

It says the code may also slow down the infected computer's performance and make files disappear.

The malware can be removed with the use of anti-spyware tools.
Facebook phishing

Security adviser Sophos warns of a separate threat linked to Facebook.

It says users are receiving emails claiming that they have violated the social network's policy regulations by annoying or insulting other members.

An attached link take users to a web page that presents them with a fake "Facebook Account Disabled" form.

The firm says that members are then asked to fill in a series of forms requesting their login details, country of residence and the first six digits of their credit card number.

If the users refuse they are told their account will be blocked automatically.

"New day, new attempt," writes Sophos's security writer Lisa Vaas on the company's blog.

"All these phishing scams boil down to a naked grab for your account details. Remember, neither Facebook nor other reputable social media sites would ask for this information."

Wednesday 23 November 2011

Apple wants to turn green with solar energy information centre

Apple, ranked the least green of the big tech companies earlier this year, is moving quietly to repair its reputation by switching its vast east coast data centre from coal to solar power.

Local officials in North Carolina say the company is preparing to build a solar farm adjacent to its $1bn data centre in Maiden.

The facility could help Apple recover from a Greenpeace report earlier this year which said its cloud-computing operations – run from centres such as the one in North Carolina – were heavily reliant on dirty energy such as coal.

Tech companies are notoriously secretive about their data centres and the energy that powers them. A spokeswoman for Apple would confirm only that the company was preparing the ground next to its centre.

But the project became public knowledge in the town when work crews began burning the cleared brush from the 121-acre site in mid-October. Neighbours complained about the smoke billowing into their homes. "They decided after that since it was annoying the neighbours to bring in a chipper and shred and mulch all the wood," said Toni Norton, an engineer for Catawba County.

With the expansion of cloud computing, companies such as Apple have invested heavily in large data centres for their web-based services – often in areas promising cheap electricity, such as North Carolina.

Google, American Express and Facebook have also built data centres in North Carolina. Apple's is one of the largest, occupying about 500,000 sq ft, said Maiden's planning director, Sam Schultz.

But environmental groups say the spread of cloud computing has led to a big jump in electricity use by the IT industry – and much of that power comes from heavily polluting coal. Data centres currently consume about 3% of US power supply, according to Greenpeace. North Carolina gets most of its electricity from coal and nuclear.

Duke Energy, which supplies the plant, gets 78% of its power from coal and nuclear, according to its annual sustainability report. Companies are not required to disclose their energy use, or their carbon footprint, and tech companies tend to be secretive about how much electricity they use, the Greenpeace report said.

It's not even clear when Apple intends to break ground on the solar facility. Todd Herms, Maiden's town manager, said the company had yet to approach the town for a building permit. There are few clues towards Apple's plans in its initial permit, which lays out plans for the company to bank the soil to avoid it washing into nearby creeks.

"The plans say solar farm but for all the permits show they could be putting a big mobile home park there," said Norton.

Google kills off 7 more products as well as Wave

Google has announced that it is dropping seven more products in an effort to simplify its range of services.

The out-of-season "spring clean" brings an end to services including Google Wave, Knol and Google Gears.

It is the third time that the US firm has announced a cull of several of its products at the same time after they had failed to take off.

Experts said the strategy might put off users from signing up to new services.

Google announced the move in its official blog.

"We're in the process of shutting a number of products which haven't had the impact we'd hoped for, integrating others as features into our broader product efforts, and ending several which have shown us a different path forward," said Urs Holzle, Google's vice president of operations.

"Overall, our aim is to build a simpler, more intuitive, truly beautiful Google user experience," he added.
Wave goodbye

The seven latest products earmarked for the chop are as follows:

Google Wave - an attempt to combine email and instant messaging for real-time collaboration
Google Bookmarks List - a service which allowed users to share bookmarks with friends
Google Friends Connect - allowed webmasters to add social features to their sites by embedding a snippet of code
Google Gears - much-hyped effort to maintain web browser functionality when working offline
Google Search Timeline - a graph of historical query results
Knol - a Wikipedia-style project, which aimed to improve web content
Renewable Energy Cheaper than Coal - a project which aimed to find ways to improve solar power

Google had previously announced its plans to kill off some of the projects on the list.

It has now given details about when the switch-offs will occur. For example Wave will be retired in April, and Knol content will be taken offline in October.
Lessons

The diverse nature of the list illustrated how Google operated as a company, said Richard Edwards, principal analyst at research firm Ovum.

"Any company with the resources and number of brains that Google has will have ideas, only some of which will fly. Hitting the zeitgeist is tricky to plan or predict," he said.

The steady stream of innovations from the search giant and the open way it announced them had been a welcome change in a tech industry that had traditionally kept its cards close, said Mr Edwards.

But he warned that Google needed to be careful about how it announced new products in future.

"It can hype the bejesus out of new announcements and it can be difficult for people to pick out the substance from the hype," he said.

There were, he said, "lessons to be learned" from firms such as Apple which took a more measured approach, announcing just a handful of new products once or twice a year.
Focus

Some experts think that Google is streamlining in order to concentrate on its Facebook rival Google+.

The network gained 10 million users within the first 16 days after its private launch, and 40 million within the first 100 days, making it the fastest-growing social network in the history of the web.

But Mr Edwards was sceptical about how successful the service would be in the long-term.

"There is no likelihood of people flocking away from Facebook at the current time unless it commits some hideous faux pas on privacy," he said.

"Something may displace Facebook but I'm not sure it is likely to be Google+," he added.

FBI downplays claim that hackers damaged USA water pump

US officials have cast doubt over reports that a water pump in Illinois was destroyed by foreign hackers.

The FBI and the Department of Homeland Security said they had "found no evidence of a cyber intrusion".

The Illinois Statewide Terrorism and Intelligence Center (STIC) previously claimed a hacker with a Russian IP address caused a pump to burn out.

A security expert, who flagged up the story, said he was concerned about the conflicting claims.

Information about the alleged 8 November breach was revealed on Joe Weiss's Control Global blog last week. His article was based on a formal disclosure announcement by the Illinois STIC.

The report said that the public water district's Supervisory Control and Data Acquisition System (Scada) had been hacked as early as September.

It claimed that a pump used to pipe water to thousands of homes was damaged after being repeatedly powered on and off.

It added that the IP address of the attackers had been traced back to Russia.

The news attracted attention because it could have been the first confirmed case of foreign hackers successfully damaging a US utilities.
'No evidence'

The FBI and the DHS said they had carried out "detailed analysis" and could not confirm the intrusion.

"There is no evidence to support claims made in the initial Fusion Center report - which was based on raw, unconfirmed data and subsequently leaked to the media - that any credentials were stolen, or that the vendor was involved in any malicious activity that led to a pump failure at the water plant," an email sent to the US Industrial Control Systems Joint Working Group said.

"In addition, DHS and FBI have concluded that there was no malicious or unauthorised traffic from Russia or any foreign entities, as previously reported."

The officials added that their analysis of the incident was still ongoing.

Mr Weiss said he was concerned that the email appeared to contradict the initial report.

"This begs the question why two government agencies disagree over whether a cyber event that damaged equipment had occurred at a water utility," he wrote on his blog.

"If the STIC report is correct, then we have wasted precious time and allowed many others in the infrastructure to remain potentially vulnerable while we wait to find out if we should do anything."
Fewer managers

Mr Weiss also notes that a 2010 report by the security company McAfee highlighted the relative vulnerability of the global water system compared with other industries including energy and financial services.

"The water/sewage sector... had the lowest adoption rate for security measures protecting their Scada/ICS systems," it said.

The report noted that the low adoption rate might have been linked to the fact that the water and sewage sector, and said that only 55% of its Scada systems were connected to the internet - a lower percentage than most other industries.

However, it went on to highlight the lower number of managers taking responsibility for the issue.

"When considering this data, the small number of water sector executives amongst those with Scada/ICS systems responsibilities - only 11 out of 143 - needs to be noted," said the McAfee report.

Saturday 19 November 2011

World's 'lightest material' revealed by United States engineers

A team of engineers claims to have created the world's lightest material.

The substance is made out of tiny hollow metallic tubes arranged into a micro-lattice - a criss-crossing diagonal pattern with small open spaces between the tubes.

The researchers say the material is 100 times lighter than Styrofoam and has "extraordinarily high energy absorption" properties.

Potential uses include next-generation batteries and shock absorbers.

The research was carried out at the University of California, Irvine, HRL Laboratories and the California Institute of Technology and is published in the latest edition of Science.

"The trick is to fabricate a lattice of interconnected hollow tubes with a wall thickness 1,000 times thinner than a human hair," said lead author Dr Tobias Schaedler.
Low-density

The resulting material has a density of 0.9 milligrams per cubic centimetre.

By comparison the density of silica aerogels - the world's lightest solid materials - is only as low as 1.0mg per cubic cm.

The metallic micro-lattices have the edge because they consist of 99.99% air and of 0.01% solids.

The engineers say the material's strength derives from the ordered nature of its lattice design.

By contrast, other ultralight substances, including aerogels and metallic foams, have random cellular structures. This means they are less stiff, strong, energy absorptive or conductive than the bulk of the raw materials that they are made out of.

William Carter, manager of architected materials at HRL, compared the new material to larger low-density structures.

"Modern buildings, exemplified by the Eiffel Tower or the Golden Gate Bridge are incredibly light and weight-efficient by virtue of their architecture," he said.

"We are revolutionising lightweight materials by bringing this concept to the nano and micro scales."
Robust

To study the strength of the metallic micro-lattices the team compressed them until they were half as thick.

After removing the load the substance recovered 98% of its original height and resumed its original shape.

The first time the stress test was carried out and repeated the material became less stiff and strong, but the team says that further compressions made very little difference.

"Materials actually get stronger as the dimensions are reduced to the nanoscale," said team member Lorenzo Valdevit.

"Combine this with the possibility of tailoring the architecture of the micro-lattice and you have a unique cellular material."

The engineers suggest practical uses for the substance include thermal insulation, battery electrodes and products that need to dampen sound, vibration and shock energy.

Sunday 6 November 2011

Google updates search engine for smarter results

Google has overhauled the way it serves up results in response to search queries.

The update is designed to work out whether a person wants up-to-date results or historical data.

The US firm estimated the alterations to its core algorithm would make a difference to about 35% of searches.

The changes try to make results more relevant and beef up features which Google believes set it apart from rivals.

By contrast, Microsoft's Bing search engine emphasises social search.
Fresh spam

"Search results, like warm cookies right out of the oven or cool refreshing fruit on a hot summer's day, are best when they're fresh," wrote Google fellow Amit Singhal in a blogpost explaining the changes.

The under-the-hood changes sought to understand whether a searcher wants results "from the last week, day or even minute" said Mr Singhal.

The update is supposed to offer a better guess of how "fresh" the results should be.

For instance, said Mr Singhal, anyone searching for information about the "Occupy Oakland protests" would probably want up to the minute news.

These need to be distinguished from searches for regular events such as sports results or company reports.

Other types of searches could call on older results, he said. Those looking for a recipe to make tomato sauce for pasta quickly would be happy with a page that is a few months or years old.

The update to improve the "freshness" of results builds on the big update made to the underlying infrastructure of Google's core indexing system in August 2010 known as Caffeine. That change made it easier for Google to keep its index up to date and to add new sources of information.

Writing on the Search Engine Land news site, analyst Danny Sullivan described the changes as "huge". The last big update to the Google algorithm, known as Panda, affected only 12% of searches.

The update could have potential disadvantages, warned Mr Sullivan.

"Rewarding freshness potentially introduces huge decreases in relevancy, new avenues for spamming or getting "light" content in," said Mr Sullivan.