Google buys Kiwi-founded Wildfire

Google has bought Kiwi-founded social advertising company Wildfire for a reported US$250 million.

Victoria Ransom and Alain Chuard started Wildfire four years ago as a New Zealand-based adventure travel company.

Looking to give away a free trip to their fans on Facebook, the couple decided to create an application.

The software they developed has helped them build a 350-strong company now based in the Redwood City, California.

Widlfire announced the news today in a company blog.

"Today we are about to start a new chapter of our story and we couldn't be more excited to share the news: Wildfire is joining Google!

"We truly could not think of a more perfect home for Wildfire."

A Google blog said "with Wildfire, we're looking forward to creating new opportunities for our clients to engage with people across all social services. We believe that better content and more seamless solutions will help unlock the full potential of the web for people and businesses."

The Wall Street Journal said Google had acquired the company for an as yet undisclosed price but its sources were confident of a figure around US$250 million.

Wildfire helps companies promote themselves through social media platforms such as Facebook, Twitter and Pinterest.

The company states on its website that it has over 16,000 clients, including 30 of the top 50 global brands.

The Wildfire blog said the company would operate "as usual" and there would be no changes to its service.



Mountain Lion Offers New Features for Small Business Customers

Apple has just released the latest version of its OS, Mountain Lion, which includes a whole host of features that may be helpful for small businesses and entrepreneurs, including a system-wide sharing application, a new alerts system, and a gatekeeper platform for improved cyber-security.

Mountain Lion

Mountain Lion includes changes to the Notification Center, which streamlines alerts from different programs like Mail, Calendar, Messages, and even third party apps. Having all alerts come from one notification center could have an impact on productivity, since users wouldn't have notifications and distractions coming from several different programs at the same time.

Another time saver could be Mountain Lion's system-wide Sharing application, which can make it easier for companies to share files and media content from one centralized platform. The system can also integrate with social media platforms like Facebook, Twitter, Flickr, and Vimeo, so companies that use social media marketing can make sharing easier and more streamlined.

Apple has also gotten rid of iChat in the new OS, and replaced it with a new Messages app, which people can use to communicate with anyone using an iPhone, iPad, or other mobile devices with iMessage. So companies that switch over to Mountain Lion can easily communicate with other employees, collaborators, and clients while they're on the go, which could prove to be exceedingly helpful due to the large number of businesses that have begun using iPads and other mobile devices.

And finally, Apple's new Gatekeeper platform aims to make downloading software from the internet safer, especially for companies that don't have an excess of IT resources. Gatekeeper gives users more control over what apps are installed, and helps to protect users from installing malicious apps and other software from any sites on the web.

Though most businesses have stuck with Windows operating systems through the years, the new OS from Apple could at least be worth a second look. Mountain Lion includes over 200 new features, though many are smaller changes that some Mac users might not even notice.

The software update is currently available for $19.99 from the Mac App Store.




Apple tells court Samsung copied iPhone design

An attorney for Apple told a jury that rival Samsung faced two options to compete in the booming cellphone market after Steve Jobs introduced the iPhone to critical acclaim in 2007: Innovate or copy.

Attorney Harold McElhinny claimed Samsung chose to copy, making its smartphones and computer tablets illegal knockoffs of Apple's popular products.

Samsung "has copied the entire design and user experience" of Apple's iPhone and iPad," McElhinny told a 10-person jury during his opening remarks at the closely watched patent trial.

Samsung denies the claims and its lawyers were expected to deliver their opening statement later in the day.

Samsung has previously countered that Apple did the stealing. It has also said some of the technology at issue such as the rounded rectangular designs of smartphones and tablets has been the industry standard for years.

The witness lists of both sides are long on experts, engineers and designers and short on familiar names.

For example, Apple CEO Tim Cook is not scheduled to testify.

Cupertino-based Apple filed its lawsuit against Samsung last year and is demanding $2.5 billion in damages, an award that would dwarf the largest patent-related verdict to date.

The case marks the latest skirmish between the two companies over product designs. A similar trial began last week, and the two companies have been fighting in other courts in the United Kingdom and Germany.

US District Judge Lucy Koh in San Jose last month ordered Samsung to pull its Galaxy 10.1 computer tablet from the US market pending the outcome of the patent trial. However, she barred Apple attorneys from telling jurors about the ban.

"In some sense, the big part of the case is not Apple's demands for damages but whether Samsung gets to sell its products," said Mark A. Lemley, a professor and director of the Stanford Program in Law, Science, and Technology.

A verdict in Apple's favour could send a message to consumers that Android-based products such as Samsung's are in legal jeopardy, Lemley said.

A verdict in Samsung's favor, especially if it prevails on its demands that Apple pay its asking price for certain transmission technology, could lead to higher-priced Apple products.

In court papers filed last week, each company laid out its legal strategy in trial briefs.

Apple lawyers argue there is almost no difference between Samsung products and its own, and that the South Korean company's internal documents show it copied Apple's iconic designs and its interface.

Samsung denies the allegation and counter-claims that Apple copied its iPhone from Sony. Samsung lawyers noted that it has been developing mobile phones since 1991 and that Apple jumped into the market in 2007.



Bootstrapping a Global $7M Software Company from Kolkata, India

Those who know me know that I am a strong advocate of bootstrapping. Of course, it's not always feasible, but when it is, as in the case of Pallav Nadhani, CEO of FusionCharts, I believe every entrepreneur should bootstrap.

bootstrapping

Pallav was born in the small Indian town of Bihar where he lived until the age of 15. After that, he lived in Kolkata with his father, a man with an entrepreneurial spirit of his own. Pallav's father had started his own Web design company and Pallav helped out. He'd gotten his first computer at age nine and used it to teach himself Basic and C++. While helping out at his father's Web design company, Pallav “picked up a few different Web technologies.”

One day, while browsing the Web, he discovered ASPToday.com, which was published by Wrox Publication. The idea for FusionCharts came when Pallav noticed that desktop applications didn't look as good as Web applications, and came up with an idea to change Excel's charting to a “webified interface.”

He described his idea in a tutorial article that ASPToday.com published. Pallav earned $1,500 for that article and used it to fund what would grow into a multi-million dollar operation with close to 500,000 people using its products.

Many people who read Pallav's article started contacting him. They wanted to know if he could customize some aspect of his tutorial. So, he decided to create all of the requested customizations and use them as the foundation on which to build a product that he could sell. Because he didn't know how much he should charge, Pallav started out only charging $15 because that was the minimum amount that a payment gateway he had signed up with would accept. That was in 2001.

Once Pallav's first customers deemed the product a good one, Pallav put it up on a website and started marketing it by writing articles about “why people should not be using outdated charts in Excel when there was a better technology.” He had no money at the time, so guerilla PR â€" writing articles that indirectly promoted his product â€" was the only option available to him.

FusionCharts gained traction with the help of recommendations from clients whom Pallav helped integrate his application into the product for free, only charging them a licensing fee. In return, they wrote recommendations that led to more clients. Pallav continued to write guest posts. He also visited Web forums and talked about the features of his product.

Because one of the clients for whom Pallav provided free integration services had a wide reach, Pallav's business grew steadily early on. He launched the first version of his product in October 2002. By March of 2003, the company had earned $10,000. In 2003, the company earned $100,000; in 2004, $300,000; and in 2005, FusionCharts earned $750,000 in revenue and so on.

Increased earnings allowed Pallav to start paying for online advertisements, which helped the company to grow even faster. By 2006, FusionCharts had almost earned $1 million and had a staff of 10 people.

Of course, pricing has come a long way. Where Pallav once charged $15 dollars for a product that's designed for developers who can integrate charting with software applications, he now charges from $199 to $13,000 for the reseller license. Enterprise licensing can cost as much as $100,000.

FusionCharts has another product that's designed for SharePoint users who require visualization on the platform. The fee for that is $1,299 per server. The third product is for non-technical users who need visualization that's better than what they can get with PowerPoint. For that, the charge will be $49 per user.

The introduction of the iPad presented Pallav with a serious challenge because FusionCharts' products require Flash and Apple doesn't support it. Pallav's answer was to partner with one his competitors to create a hybrid product that works on iPad, iPhone, Android, PCs and the Web, a strategic move that gave FusionCharts a big boost in business and, consequently, revenue.

Today, FusionCharts is a $7 million enterprise with a global clientele, many of them Fortune 500 companies. Pallav has increased his team to 60 people and increased its product offering to a total of 14. In 2011, FusionCharts opened a location in Bangalore.

Pallav has no interest in financing because, as he puts it, financing would not help him grow at this point. He runs a lean operation that for the seven years of its existence ran at 80% profit margin.

That's quite an accomplishment for a young man who started his company with $1,500.

Boot Photo via Shutterstock




Apple and Samsung begin court battle

A jury has been selected in the US to decide the merits of Apple's claims that Samsung Electronics' smartphones and computer tablets are illegal knockoffs of the iPhone and iPad.

Lawyers for both sides were expected to deliver their opening arguments this morning in a San Jose federal courtroom, followed by Apple calling its first witness.

Apple filed a lawsuit against Samsung Electronics last year alleging the world's largest technology company's smartphones and computer tablets are illegal knockoffs of its popular iPhone and iPad products.

Cupertino-based Apple is demanding US$2.5 billion ($3.1 billion) in damages, an award that would dwarf the largest patent-related verdict to date.

Samsung countered that Apple is doing the stealing and that some of the technology at issue such as the rounded rectangular designs of smartphones and tablets have been industry standards for years.

The trial is expected to last more than a month.

The case is just the latest skirmish between the two companies over product designs. A similar trial began last week, and the two companies have been fighting in courts in the United Kingdom and Germany.

Industrywide, some 50 lawsuits have been filed by myriad telecommunications companies jockeying for position in the burgeoning US$219 billion market for smartphones and computer tablets.

US District Judge Lucy Koh in San Jose last month ordered Samsung to pull its Galaxy 10.1 computer tablet from the US market pending the outcome of the upcoming trial, though the judge barred Apple lawyers from telling the jurors about the ban.

Brian Love, a Santa Clara University law professor and patent expert, said that even though the case will be decided by 10 jurors, the judge has the authority to overrule their decision if she thinks they got it wrong.

Mark Lemley, a Stanford Law School professor, said a verdict in Apple's favour could send a message to consumers that Android-based products such as Samsung's are in legal jeopardy.

A verdict in Samsung's favour, especially if it prevails on its demands that Apple pay its asking price for certain transmission technology it controls, could lead to higher-priced Apple products.

- AP



Internet avengers track down mean-spirited hacker

A group of internet "hactivists" has hunted down and handed over a hacker who destroyed a Kiwi website which raises funds to help feed hungry children.

Documentary-maker Bryan Bruce discovered his website Redsky Film and Television had been hacked on Saturday. A message appeared on the site to say it had been hacked by "@AnonVoldemort".

He posted a message on a Facebook page connected to his site, asking internet users to help fix the problem and find the hacker.

He never expected the Anonymous group of hackers to help.

The group was earlier this year involved in protests against the closure of Kim Dotcom's Megaupload filesharing website.

Websites including the FBI, Universal Music and Recording Industry Association of America were taken "offline" by the Anonymous group hours after Megaupload was closed down.

Mr Bruce told the Herald he did not know exactly who had helped him - or how - but within a day he had an email with the details of the hacker, believed to be a 35-year-old man living in Madrid with his mother.

He has passed the information on to police in Spain and is waiting for their response.

The website included a store where copies of Mr Bruce's documentaries could be bought, including the award-winning Inside Child Poverty - A Special Report. He donates all sales from that DVD and a percentage from others to a charity that provides breakfasts for hungry schoolchildren.

As a result of the hacking, the website will now be out of action for at least a month and it will cost a significant amount of money to get it working again.

"In bringing down the site he was bringing down a charity, basically," Mr Bruce said.

"I posted on Facebook 'can anybody help me with this' because I don't understand how all this hacking stuff works. It's beyond me.

"Two or three people picked it up and, as I understand, they contacted some top hackers in a group called Anonymous."

Mr Bruce was told that hackers had a code of conduct and Anonymous was upset by what had happened to his site.

"Apparently, one of the rules is you don't hack charity sites, you don't hack sites of people trying to help kids. This guy was trying to impress them, to try and get into their group and boasting about what he'd done - but they turned on him, they chased him."

Mr Bruce said it was good to see Anonymous doing the right thing.

"This is the other side of this group. I'm not going to make comment about what they do in other areas, but this was a real Robin Hood thing. They just decided this was not good. It's extraordinary."

PROVIDING FOOD
* Copies of Inside Child Poverty documentary can still be bought online.
* See: tinyurl.com/cqcwl37
* Proceeds go to children's charities.

By Anna Leask | Email Anna

12 Ways to Automate Profits and Make Money Faster

What's one way you have used automation to make your business more money?

The following answers are provided by the Young Entrepreneur Council (YEC), an invite-only nonprofit organization comprised of the world's most promising young entrepreneurs. The YEC recently published #FixYoungAmerica: How to Rebuild Our Economy and Put Young Americans Back to Work (for Good), a book of 30+ proven solutions to help end youth unemployment.

1. Create Custom Sales Paths

When we run email promotions, our order forms automatically redirect customers to different upsell offers based on their previous purchases. For example, different segments of our email database will see an offer for product X and other segments will see an offer for product Y, depending on whether or not they have purchased the product yet.
- Phil Frost, Main Street ROI

2. Automatic Print Services

We offer print services and have software that will automate the entire ordering process. It works well for us because we don't need to pay a sales rep to take orders â€" it's just free money!
- Jordan Guernsey, Molding Box

 

3. Set Email Autoresponders

Once a prospect opts in anywhere on any of our sites, we have set up email autoresponders to continue the conversation and build the relationship. These emails vary from free offerings to upsells to paid products. Every message they receive, however. is in alignment with whatever they initially signed up for. It creates an opportunity to build the know, like and trust factor and increase sales.
- Erin Blaskie, BSETC

One of the additions to my business that have made us more money is to ask people to share our free stuff. This allows us to reach more people, and also be a more valuable provider at the same time. It also makes sense that if someone enjoyed some of our work, their friends will too.
- Nathalie Lussier, Nathalie Lussier Media

5. Mechanical Turk Makes It Easy

We used Amazon Mechanical Turk to sort out and categorize hundreds of thousands of sales leads. It's a huge time saver and a boost to your sales.
- Alexander Torrenegra, VoiceBunny

 

6. No More Followup Reminders

Even when followup with a lead or client should not be automated, the triggers can be. By setting reminders and automating the message, it cuts the time it takes to reach out. Smart CRMs with task notifications trigger emails containing the lead name, email, phone number and details regarding the conversation, making it easier to enable personalized followup.
- Kelly Azevedo, She's Got Systems

7. Collecting Leads Automatically

My business collects a traveler's information through a contact form (powered by Wufoo) on the homepage. Based on the data, Wufoo triggers an email to send to a specific list on my Mailchimp account. Because this happens automatically, it saves me time, money, and increases the response rate of tourism agencies, resulting in more booked tours and more money for my business.
- Jun Loayza, Tour Woo

8. Put Business Processes in Writing

I have a step-by-step direction manual for every position in my company. Therefore, it becomes easy for employees to know exactly what they need to do for effectiveness in their position. Also, it has reduced the learning curve when new employees are on-boarded, which adds more money to my bottom line quicker.
- Lawrence Watkins, Great Black Speakers

9. From Manual to Outsourcing

If you find yourself doing the same things over and over again, then you can probably write it down, teach someone how to do it and outsource it. As an entrepreneur, you should only be focused on things that cannot be trained, documented or done by someone less skilled. If you find your self doing those types of tasks you should outsource the solution and make it automatic.
- Lucas Sommer, Audimated

10. Banking and Invoicing Automation

Most banks and invoicing software allow you to automate almost every task, and while this may not make your business more money, it will certainly free up your time to focus on the tasks that do make your business money. If you bank or invoicing software doesn't allow you to automate a process, it's time to look for a new provider.
- Derek Johnson, Tatango

11. People Make the Technology Tick!

We experience the best success when we compliment automations with a human touch. Instead of simply sending an automated email for example, we program our CRM to schedule phone calls for our sales department before and after emails are sent. From our clients' perspective, it's like we're saying: “We're sending you an email,” “Here's that email,” a “Did you get that email?,” Works like a charm!
- Robert Sofia, Platinum Advisor Marketing Strategies, LLC

12. Tricky Transactional Emails

Our sites functionality is largely based upon the social aspects of sharing links online. To improve our user retention and return rate, we implemented automatic transcriptional emails that alert users anytime someone follows them, likes their content, or leave them a comment. We have seen an increase in traffic and ad impressions since its implementation.
- Hack Murphy, Di.tl



How to Use Social Media to Establish Trust

Life as a small business owner is all about trust. Trust is how we make consumers feel comfortable purchasing from us instead of big box stores and its how we get them to keep coming back. And through the world of social media, we have a slew of new ways to develop trust in our customers' eyes to make them feel good about our business. But are you taking advantage of them?

Below are six ways SMBs can use social media to establish trust with customers.

1. Turn customers into allies

Social media works to break down the invisible wall that has existed for too long between business owners and the people they serve. Through blogs and social networks businesses are able to talk to consumers more intimately, to share information without selling, and to seek their customer's advice on matters related to their business. Those that take advantage of this can turn customers from marks to allies. By bringing customers deeper into your business and giving them a sense of investment in your company, you earn their trust and loyalty. You show them you value their opinion and how important they are to your business. As a result, they become part of your company forever.

2. Build up online reviews

More and more studies are showing the correlation between online reviews and consumer trust. For example, last year a 15 Miles survey found that 25 percent of consumers admitted ratings and review information made their decision for them about whether or not to make a purchase. It didn't influence it. They didn't just consider it. It made it. And those numbers are going up, not down.

If you're a company who has not taken advantage of the review revolution, the simple truth is you're going to be passed over for a competitor who has. One of the most powerful things social media has done is to help make important purchasing information more available to the consumers looking for it. As an SMB, establishing trust means soliciting reviews from customers and vendors, as well as managing and responding to the reviews that you do get. Build reviews into your sales cycle and encourage customers to get vocal about your business. And don't worry about hiding from negative reviews; as long as you handle them correctly, they actually help your trust and credibility.

3. Establish social proof

The same studies that are showing the relationship between trust and online reviews, are showing that customers expect to be able to find certain information about your brand on the Web. If they don't, it makes them wonder why it's not there. And not in a good way.

Just like consumers want to see reviews about your business they also want to see that you have a Web site and a dedicated online presence. They also want to see that you have a Facebook page. Or a Twitter account. Or a blog. Heck, they want to see you commenting on the same blogs they're commenting on. All of this acts as social proof, making you look more “legitimate” in the eyes of wary customers and building your trust levels. The expectation in today's market is that businesses are using these platforms. And if you're not, or if you are but they can't find it, they drawn their own conclusions as to why. The more visible you are to customers and the more places they can find you, the more they trust your brand.

4. Follow up after purchase

Social media offers additional customer touch points, which again works to build trust in the brand. Whether it's an after-purchase email message explaining features or set up, or a tweet to check on someone's experience, the more you can use social media as a way to follow up and check in on customers, the more you're going to show yourself as a company worth their dollars. And because monitoring can be automated through tools and alerts, this becomes a painless way for brands to stay in the loop with their customers.

5. Respond well to feedback

Hey, it's not all rainbows and butterflies out there. When you enter the world of social media you're going to find customers singing your praises and customers wanting to take you to task. By responding calmly and openly to customers who have less-than-stellar things to say about your brand, you show them that you value your opinion and that you're a company not afraid to take and respond to criticism.

6. Bring value

Last week I shared how simply starting a company blog makes you a better business owner. The core of that post is that by solving your customers' problems, both big and small, it makes you more aware of their needs and how your company can help. The other side of the coin is that by providing content and showing customers you understand their struggles, you build trust with them. Social media helps businesses build more loyal customers by putting the focus on education, not selling. And the result of that is we trust the brand helping us to solve our problems, not just pad their wallets.

As a small business owner, your business relies on trust more than a larger business. If your customers don't trust that you can solve their needs and that you'll be around in the morning, they're going to seek out other companies. Thankfully with social media we have even more touchpoints to build trust with customers.

Image credit: johnkwan / 123RF Stock Photo




Sustainability And The Summer Olympics

The 2012 Olympic and Paralympic Games in London aren't just about badminton and beach volleyball. They're also a chance to show the world what can be done with environmental sustainability at one monstrous event.

2012 olympics

Organizers of this year's event claim it will be the “most sustainable” Olympics to date, and they've spent years planning how to make it so â€" from how Olympic Stadium was constructed to the food served at the games to the transportation options offered. These measures will also likely have a lasting effect on London, as local businesses and Olympic vendors were pushed to adopt more sustainable practices and new urban green spaces were created for visitors.

Here's a look at some of the interesting green practices springing up at this year's summer games:

Sustainable fish. Roughly 14 million meals are expected to be served at this year's Olympics, and many of those will likely be fish and chips. In early 2011, London committed to being the world's first “Sustainable Fish City.” All caterers at the Olympics were required to serve sustainably sourced fish, which often meant finding new sustainable fishery suppliers. “Sustainable seafood” is that which is harvested at a sustainable rate, as to not deplete the world's dwindling supply.

“Zero” Waste. London has billed itself the first “zero waste” Olympics, and the organizers put out several reports explaining how they planned to make that happen. It included ambitious recycling and reusing programs, as well as reducing packaging needs and other waste. Food waste at the games will be composted. About 90% of the material waste in the construction of the Olympic stadium was recycled or reused, so it didn't end up in a landfill.

Transportation. Organizers are encouraging visitors to walk, bike or take public transportation to get around the city and spent $15.5 million upgrading urban walkways and bike paths. An estimated 8,000 bikes are available for rent around the city through London's Barclays Bike Hire program, which launched in summer 2010. BMW, as part of its Olympics sponsorship, is providing more than 200 electric vehicles as fleets and setting up charging points around the city.

City greening. A few years ago, London officials started beautifying their city in preparation for the games. This included adding more park space and greenery around the Olympic Stadium. In London, for instance, more than 3,000 trees were planted in preparation and more than 15 tons of waste removed from the parks and waterways.

Despite all these steps, skepticism has been growing in recent weeks over whether the 2012 Olympic Games will achieve their “zero waste” goal. Some critics point to missed opportunities and green shortcomings. A recent report by BioRegional, a group that worked with Olympic organizers on their original sustainability plan, also says London could have done more.

But even so, the London Olympics will hopefully serve as a role model for future Olympic hosts and show how large-scale events can help propel cities' and local businesses' green endeavors forward.

Olympic 2012 Photo via Shutterstock




FYIcode: A New Concept for Telephone Marketing

We've had QR codes, billboards, and Internet ad banners, but they were all limited to a short message. FYIcode, a new service that provides audio information for those on the go, seeks to build something that will bridge the gap that exists between a prospective customer and the information that he or she seeks.

It does this by allowing you to record a 60-second message attached to an identifier code or name that describes your business and current offers. Your prospects can pick up the phone, dial FYIcode's number, say “Paul's flower shop” (for example), and hear your recording. After the recording, the person can either say “1″ or “2,” which gives them the option to either reach your establishment via the phone or get a text message with your mobile website, respectively.

Here's how the system works in a video.

I actually called the number mentioned in the website, and received an answer after it rang once. It told me to either say “word” to say the name of the institution or establishment i'm seeking, or “number” to say a numerical code. I chose “word” even though I was just going to say a number, and it understood my input anyway. The number was “123456,” which is the test code for FYIcode. Shortly after I said the code, the default message for FYIcode appeared.

I'm not sure if it's the poor peering I get from my telephone line or something wrong on behalf of FYIcode, but it sometimes misinterprets what I say. Sometimes, I also say gibberish words and end up with a result regardless. The system works fine, generally. Out of ten tries, nine of them responded perfectly to my input. I'd admit that the one time it didn't respond, I said the numbers rather quickly. You'll have to speak clearly and slowly so that the robot understands you.

For businesses seeking to have an FYIcode, the standard price is $49 a year, giving you everything described here. Overall, the service is very reliable and hasn't caused any problems at the time of this review. Its interpretation system is slightly rudimentary, but customers will get where they want to go without much fuss.

Used correctly, the system can provide valuable information to your customers as well as promotions offered by your establishment. It certainly helps make your local marketing efforts more fluid and might entice more people to come on over.



BT global security practice head claims one in three Android apps are malicious

The head of the global security practice at BT, Jill Knesek, has claimed that more than a third of all Google Android applications contain some form of malware.

According to EETimes, Jill Knesek said that after analysis of more than 1,000 Android applications, BT discovered that a third were compromised with some form of active or dormant malware.

“Almost every device is compromised with some kind of malware, although often it's not clear if that code is active or what it is doing,” she said in a panel discussion at the NetEvents Americas conference.

However when asked by ZDNet about the claim, BT said that the opinions were reflective of information available from public studies. BT said that it had done some testing on both Android and Apple OS environments, but not on the scale reported in the last week.

Paul Ducklin, Sophos's head of technology for Asia Pacific, questioned the comment, saying that if one in three apps is infected and the average device has ten apps installed, then it doesn't sound terribly far-fetched that almost every device might be compromised.

He said: “But if it's often not clear whether a device is infected, how can we be so sure that one in three apps really is compromised? Perhaps the risk is much smaller and more knowable than Knesek suggested?

Knesek's comments come a few days after G Data's Security Labs found a piece of malicious software for Android that shops for paid-for apps. Named ‘MMarketPay.A', it automatically buys paid apps without the knowledge of the smartphone or tablet user.

It said that the malware is hidden in fake GO Weather, Travel Sky or E-Strong File Explorer apps, and is being distributed through various Chinese websites and third-party provider app marketplaces. It said that the Trojan gains access to the mobile provider's app store and can then download and install additional malware or paid apps. While this is currently only targeting Chinese users, G Data Security Labs believed it could spread to Europe.

G Data said that the malware changes the mobile device's access point name and connects to China Mobile and the Trojan intercepts the confirmation message and provides a response via a specific server. The malware can then access China Mobile's app store without logging in, then purchase and install any apps at the victim's expense at any time.

Ralf Benzmüller, head of G Data's Security Labs, said: “We are watching the development of a new and lucrative business model for cyber criminals here. Hence we think it is quite possible that a modified version of this malicious app will appear in Europe and target the customers of European mobile providers."

The Trend Micro 2012 Q2 threat report said that 25,000 Android malware apps had been identified in the second quarter of 2012, an increase of 317 per cent over the number of samples found in the first quarter of 2012. However Trend Micro said that it had seen only one in five Android devices with a security app installed.



BT global security practice head claims one in three Android apps are malicious

The head of the global security practice at BT, Jill Knesek, has claimed that more than a third of all Google Android applications contain some form of malware.

According to EETimes, Jill Knesek said that after analysis of more than 1,000 Android applications, BT discovered that a third were compromised with some form of active or dormant malware.

“Almost every device is compromised with some kind of malware, although often it's not clear if that code is active or what it is doing,” she said in a panel discussion at the NetEvents Americas conference.

However when asked by ZDNet about the claim, BT said that the opinions were reflective of information available from public studies. BT said that it had done some testing on both Android and Apple OS environments, but not on the scale reported in the last week.

Paul Ducklin, Sophos's head of technology for Asia Pacific, questioned the comment, saying that if one in three apps is infected and the average device has ten apps installed, then it doesn't sound terribly far-fetched that almost every device might be compromised.

He said: “But if it's often not clear whether a device is infected, how can we be so sure that one in three apps really is compromised? Perhaps the risk is much smaller and more knowable than Knesek suggested?

Knesek's comments come a few days after G Data's Security Labs found a piece of malicious software for Android that shops for paid-for apps. Named ‘MMarketPay.A', it automatically buys paid apps without the knowledge of the smartphone or tablet user.

It said that the malware is hidden in fake GO Weather, Travel Sky or E-Strong File Explorer apps, and is being distributed through various Chinese websites and third-party provider app marketplaces. It said that the Trojan gains access to the mobile provider's app store and can then download and install additional malware or paid apps. While this is currently only targeting Chinese users, G Data Security Labs believed it could spread to Europe.

G Data said that the malware changes the mobile device's access point name and connects to China Mobile and the Trojan intercepts the confirmation message and provides a response via a specific server. The malware can then access China Mobile's app store without logging in, then purchase and install any apps at the victim's expense at any time.

Ralf Benzmüller, head of G Data's Security Labs, said: “We are watching the development of a new and lucrative business model for cyber criminals here. Hence we think it is quite possible that a modified version of this malicious app will appear in Europe and target the customers of European mobile providers."

The Trend Micro 2012 Q2 threat report said that 25,000 Android malware apps had been identified in the second quarter of 2012, an increase of 317 per cent over the number of samples found in the first quarter of 2012. However Trend Micro said that it had seen only one in five Android devices with a security app installed.



Tesco criticised for password and browser security measures

Tesco has come under fire for emailing users passwords in plain text.

According to research by Troy Hunt, Tesco does not salt or hash its passwords and at best they are encrypted, but the chances are that they are stored in plain text.

He also claimed that passwords are not protected in email and that pages on the website are loaded up over HTTPS, but embed resources loaded over HTTP, and that the HTTPS session was disrupted on the ‘Safe Shopping Guarantee' page. Also, the online shopping session is not in HTTPS, meaning that cookies are being sent over HTTP.

He began by tweeting with Tesco Customer Care, telling them that if they are emailing passwords to customers, "they are well short of industry standards on a number of fronts". Tesco responded by saying that "Passwords are stored in a secure way. They're only copied into plain text when pasted automatically into a password reminder mail" and that "all customer passwords are stored securely and inline with industry standards across online retailers".

A letter from Ben Clark in 2010 gained a response from Tesco, it was posted on Pastebin. He pointed out that his original password was sent to him in plain text and suggested that it was not storing the password in a hashed format.

He said: “This is a very basic level of security that would protect your customers should your database get compromised by preventing anyone from seeing your customers passwords. It also prevents potentially malicious people within the organisation from being able to see the password.”

Tesco responded to Clark by saying that its IT support team said that although information is not encrypted, the level of security surrounding the password means that only the senior technical positions could access the information.

Tesco has not responded to requests for comment.



Tesco criticised for password and browser security measures

Tesco has come under fire for emailing users passwords in plain text.

According to research by Troy Hunt, Tesco does not salt or hash its passwords and at best they are encrypted, but the chances are that they are stored in plain text.

He also claimed that passwords are not protected in email and that pages on the website are loaded up over HTTPS, but embed resources loaded over HTTP, and that the HTTPS session was disrupted on the ‘Safe Shopping Guarantee' page. Also, the online shopping session is not in HTTPS, meaning that cookies are being sent over HTTP.

He began by tweeting with Tesco Customer Care, telling them that if they are emailing passwords to customers, "they are well short of industry standards on a number of fronts". Tesco responded by saying that "Passwords are stored in a secure way. They're only copied into plain text when pasted automatically into a password reminder mail" and that "all customer passwords are stored securely and inline with industry standards across online retailers".

A letter from Ben Clark in 2010 gained a response from Tesco, it was posted on Pastebin. He pointed out that his original password was sent to him in plain text and suggested that it was not storing the password in a hashed format.

He said: “This is a very basic level of security that would protect your customers should your database get compromised by preventing anyone from seeing your customers passwords. It also prevents potentially malicious people within the organisation from being able to see the password.”

Tesco responded to Clark by saying that its IT support team said that although information is not encrypted, the level of security surrounding the password means that only the senior technical positions could access the information.

Tesco has not responded to requests for comment.



Be Careful What You Click on Facebook – It May Impact Your Online Reputation

As a small business owner, you carefully guard your online reputation. You devote large amounts of time to maintaining your Facebook and Twitter accounts and you wouldn't dream of posting anything the slightest bit unprofessional. Sure, you may follow the goings-on of the Kardashians avidly in your spare time, but why would you post about it on your business account?

Unfortunately, many Facebook users have been doing just that. And the worst part is, they didn't even realize they'd done it. Sites like Socialcam have been automatically posting videos viewed by Facebookers directly into their timelines, which alerts everyone who gets their newsfeeds to see them.

While that's bad enough for Aunt Sarah, it can severely damage the reputation of a small business owner. Say, for instance, you see an enticing news item about Justin Bieber in the ads on Facebook. You click to see what it's all about, not realizing that everyone who subscribes to your updates on Facebook will see it. Since you're logged into your business account on Facebook, anything posted to your timeline represents not only you, but your entire business. A few customers see you as unprofessional and you've lost not only a few Facebook fans, but some customers as well.

Evan Stein, owner of CMIT Solutions in New York, has been warning clients about this issue for a while. Stein is happy to announce the company is finally doing something about it. After being admonished by privacy advocates, the company announced it would be changing its app so that the auto-post feature is set to off by default, requiring users to change it if they want to share what they view with everyone.

However, Stein is quick to point out that Socialcam isn't the only app automatically posting information to users' timelines. He points to two apps that also post information on items viewedâ€"Washington Post Social Reader and Spotify. The only way to truly prevent this from happening is to take control of your apps.

“Hiding such notifications is quite easy,” Stein says. “Simply hover your mouse over the notification, and a drop-down arrow will appear. Click the arrow and then select ‘Hide all by (name of app).'”

While you're tweaking your notifications, this is a good time to take a look at all of your apps. You set these posting preferences when you install the app, then forget about them. There may be apps that automatically post information about your activities to your timeline, but there may also be apps that send information about your activities to the company that provided the app. By regularly auditing your app preferences, you can make sure nothing is being shared about you that you don't authorize.

“Whether or not you want to install these apps on your Facebook page is, of course, up to you,” Stein says. “However, definitely don't install them on your company's Facebook page. Appearing obsessed with Jersey Shore to your friends and family is one thing, but it's probably something best kept hidden from your customers.”



Locog selects Good Technology for mobile device management

The Olympics organisers have selected Good Technology's Good for Enterprise to secure its extensive mobile workforce during London 2012.

The London Organising Committee of the Olympic and Paralympic Games (Locog) selected the technology for 14,000 personal and sponsor-provided mobile devices.

Locog said that it chose Good for Enterprise to provide its team with secure access to email services, calendar, contacts and applications, while safeguarding against lost or stolen mobile devices. 

Gerry Pennell, Locog's CIO, said: “London 2012 will be the first Games to be impacted by the consumerisation of technology, our team expect IT services that work around them. Good Technology's secure, containerised solution means we don't have to compromise on devices or security â€" we were impressed that in just four hours it integrated into our wider corporate IT infrastructure and gave us exactly what we wanted.”

Andrew Jacques, general manager EMEA at Good Technology, said: “Being part of such an important event is an honour and something the whole team is proud of. Staging the Games is a huge challenge and we are delighted to be supporting Locog by securing its team of mobile workers.”



Microsoft names BlueHat prize winner

Vasilis Pappas has been named as the first winner of Microsoft's BlueHat prize, awarded for the development of a new, innovative computer security defence technology.

Pappas won with his ‘kBouncer', an exploit mitigation technology that detects abnormal control transfers using the last branch recording feature of Intel processors to mitigate return-oriented programming (ROP).

According to Microsoft, ROP is an advanced technique that attackers use to combine short pieces of benign code, already present in a system, for a malicious purpose. It said that as it uses supported hardware features, kBouncer can be implemented with lower cost to performance and development time.

This technique was defended against in the winning and two runners-up technologies. The first runner-up was Ivan Fratric, who created ROPGuard, and the surprise second was Jared DeMott for /ROP.

Mike Reavey, senior director of the Microsoft security response center, said: “A year ago we posed a challenge to the researcher community and asked them to shift their focus from solely identifying and reporting individual vulnerabilities to investing in new lines of defensive research that could mitigate entire classes of attacks.

“It's with great pleasure that we congratulate the winner of our inaugural BlueHat prize contest for his submission of a novel defensive technology that advances the challenging issue of exploit mitigation of some of the most popular attack techniques we're seeing today.”

Matt Thomlinson, general manager of the Microsoft Trustworthy Computing group, said that it has integrated some of the finalists' technologies into its Enhanced Mitigation Experience Toolkit (EMET) 3.5 technology preview.

Dave Forstrom, Microsoft Trustworthy Computing director, said: “It's great to see an initiative to collaborate and share innovations [from] a year ago evolve into prototypes with one now available this quickly as a new freely available computer security tool. Even in an enterprise that is fully updated against known vulnerabilities, EMET provides defences that protect assets from the yet unknown threats. EMET can easily be used on home machines to protect against known, and unknown, vulnerabilities.”

Pappas is currently a PhD student at Columbia University in New York, and collected a $200,000 (£128,000) prize. Fratric was awarded $50,000 (£32,000) for his submission, while DeMott won $10,000 (£6,000) for his entry.

The BlueHat contest was announced at the 2011 Black Hat conference in Las Vegas and was designed to challenge the security community to look beyond the norm of problems such as vulnerabilities and instead focus on developing innovative solutions to pressing security challenges.

A panel of Microsoft security engineers judged the submissions based on: practicality and functionality; robustness; and impact. However security firm Subreption criticised the contest, saying that entrants would be selling themselves short, as Microsoft would own the intellectual property of the entry.



Famous Bloggers Founder Loses Domain Names

If you're an online entrepreneur, there are few things more important than the security of your domain names. Building an audience and marketing your Website depends upon the security of these names and of the passwords that protect them. It also depends upon the password security of  other accounts you use in your business. So imagine how it might feel to suddenly discover that the domain names to two of your most valuable sites are suddenly gone!

Here's What Happened

It's your worst nightmare. On Wednesday of last week, blogger and online entrepreneur Hesham Zebida says he discovered, to his dismay, that two of his most valuable domain names had been mysteriously transferred from his Web hosting account. He says he then received an e-mail from someone claiming to have the domains and offering to sell them back. Zebida.com

What he did next. After contacting his hosting company, Zebida spent the next four days doing what many of us might, contacting everyone imaginable including law enforcement and his connections in the online blogging community, working to get his domains back. He finally succeeded, but admits he didn't get much sleep in the process. Here's what we can all take from his ordeal. Famous Bloggers

Lessons Learned

It's your responsibility. Zebida blames his hosting company for allowing his domains to disappear in the first place and for not working hard enough to resolve the problem on his behalf, but the fact is that hosting companies regularly post warnings like this one. It is every Website owner's responsibility to do what they can to secure their site, as Zebida says he now realizes. Go Daddy

What you can do. If you want to go the extra mile and avoid issues with your domain names and other online security problems, Webmaster Mitz Pantic has some suggestions for you. Don't rely on your hosting company alone to protect your site and domain names. Take the time to learn what's necessary to protect your online business from harm. Let's Build Websites

Risks Abound

Don't fool yourself. You may believe that only big companies need to deal with attacks on their Websites and that small businesses are too far under the radar to draw the attention of attackers. You're wrong. In a recent Twitter chat with representatives from online security provider Symantec, members of our community learned the threat is real. Small Business Trends

Protecting your Website. Of course, as blogger and online entrepreneur Scott Dudley reminds us, it's not just your domain name that's vulnerable to attack. The content management software you use to create your Website may also allow unwanted access, resulting in lost visibility and lost business. Take steps to protect your site. Lo Cost Marketing

What the Future Holds

The problem with progress. New developments in Web standards may bring even more security challenges in the not-too-distant future. For example, new tools known collectively as HTML5 could make your humble Website as sophisticated and powerful as desktop software, but resulting security risks may give any Webmaster pause. Technology Review