Rapidshare Lifts Download Speed Cap

RapidShare is one of the most popular file-sharing website on the Internet. Like all other file-sharing websites, it too grew extremely notorious for hosting massive amounts of pirated and illegal content. During the recent crackdown on Megaupload, RapidShare made a quick move and enforced various limitations on its users to stay in business and to drive away pirates.


Earlier this year when Megaupload was raided and shut down, millions of users sought refuge in RapidShare. RapidShare was well aware of the fate of Megaupload, and decided to shoo away freeloaders (think free users) by capping their download speeds to unusable limits. This was an attempt to make RapidShare unpopular amongst pirates and drive them away. However, it could not continue with that decision, as it was an unusual one. Now, RapidShare has decided to undo the download speed capping, and some users have started seeing higher download speeds than usual. This has been confirmed by RapidShare CEO Alexandra Zwingli, who says,

We can confirm that we have removed all download limits for free users, which is part of a new strategy. Even though the limit was initially introduced to deter piracy, we have since then come to realize that there are more efficient counter-measures. Further details will be announced towards the end of 2012.

RapidShare has been responsible in its dealing with copyright owners. It will be interesting to see what alternative measures it implements to curb piracy, after lifting off the download-speed cap.

Trend Micro Unearths a Massive Android Adware and Data-harvesting Ploy

The world is seeing a paradigm shift from PCs to mobile solutions. While performance improvements, availability of apps and aggressive marketing has skyrocketed Android’s popularity, there is a vital area that has been ignored — Security. Android phones run apps, which connect to the Internet the same way your browser connects to the Internet. While, the browser’s access to your operating system is well regulated by the browser manufacturer, an app’s access to your system is defined by the app developer at his own will. Some apps use ad networks for monetization, and these ad networks gobble up all kinds of personal information notoriously. This poses a serious security threat, which is being exploited now.


In a report titled “Android Under Siege: Popularity Comes at a Price”, Trend Micro has released the scariest report out there for Android enthusiasts. Android malware count has increased 600% from about 30,000 mid-2012 to about 175,000 now. Most of these infected apps are fake versions of popular android apps. Some others do not have proper disclosures of activities listed on their EULA.

A dangerous malware called Zero Access Malware that can patch system files has been seen on more than 900,000 devices, and there are over 7000 Android devices that are infected with a dangerous adware, which harvests your personal data without permission. The top two countries sending out malware and hosting data harvesting botnets are Saudi Arabia and India. These are good choices for running such operations, as they are not seen as the conventional cybersecurity threats.

Clearly, the openness and regulation-free nature of the Android platform is taking a toll on security. Android developers need to address this issue and come up with a secure platform. Failing that, Android will soon become the Windows OS of the mobile world.

Read Trend-Micro’s report here [PDF link].

Valve Praises Linux as a Game Development Platform

Ubuntu Developer Summit is underway and there have been interesting announcements flowing in all throughout the summit. However, the most exciting announcement made at this USD is perhaps about gaming. Both Valve and Ubuntu are taking gaming on Linux seriously, and this might be the one factor that finally gets more people to use Ubuntu and more importantly, Linux.


Valve has announced that the Steam client for Ubuntu will land sometime mid-November and it has already given beta access to attendees with a Launchpad account. This shows a high level of preparedness on part of Valve, and a vision from Valve’s Drew Bliss, who says,

Open platforms allowed Steam to exist. If we tried today, it probably wouldn’t be possible. We chose Ubuntu to start because of its broad user-base, strong community, and a strong company backing it in Canonical. Ubuntu was a simple choice to make.

If everything goes well, the Ubuntu platform will save Valve some valuable hours spent on performance tuning of games. Moreover, its openness and community-driven nature will also prove to be fruitful for Valve.

Steam Linux beta will have Team Fortress 2, Portal and Serious Sam 3 available.

The summit has started today, and it is a four-day event full of exciting announcements, especially on Ubuntu 13.04 and on Ubuntu as a game development platform. Head over to the UDS page to know about Ubuntu Developer Summit.

Tiles Not Working After Updating to Windows 8 [Fixed]

I recently updated my PC from Windows 7 to Windows 8, and was surprised to see that the update went quite smoothly. There were no glitches, and Windows Update Assistant was honest enough to tell me upfront which programs would work, and which would not. Finally, after a long and painful hour-long process, my PC was ready with Windows 8 pro, and it felt good that nothing ended up broken in the process. However, my happiness was short-lived and I found that none of the tiles was working under Windows 8. When I click on a tile, it simply flashes the tile, but no application launches after that.

A quick search revealed that the problem was not with Windows 8, but with Avast Antivirus. Now, many people have had the same problem, and they have removed Avast Antivirus altogether to fix this issue. I use Avast Antivirus because it offers the best free protection available out there. It has a high detection rate, reports fewer false positives, and is good at removal too. Its low memory footprint makes its presence less intrusive, and overall, it is perhaps the best free antivirus. Removing Avast was not an option.


The solution is not in removing Avast, but in updating the program. Head over to the update program section on the Avast dashboard (Maintenance -> Update), and perform a program update. Once the update is done, you will be asked to restart your system.


On a successful restart, your Avast antivirus will show that it is updated completely.


Follow the discussion on this topic at TechNet forum. However, if you are not an Avast antivirus users, take a look at these possible causes for Windows 8 live tiles crash.

New DMCA Law Makes Jailbreaking and Rooting Legal, but Only for Smartphones

The Digital Millennium Copyright Act (DMCA) was first passed back in 1998, at a time when the term “jailbreaking” did not even exist. It was passed mainly to prevent bypassing of Digital Rights Management technology. Back then, it was also established that DMCA could have its own exemptions. Yesterday, a new set of exemptions were announced for the DMCA, which will come into effect on October 28, and will continue to be valid for three years until 2015.

These exemptions announced by the DMCA are extremely arbitrary, and their poorly defined scope undermines the premise of having DMCA in the first place. Ars Technica puts together these discrepancies as-

The new batch of exemptions illustrate the fundamentally arbitrary nature of the DMCA’s exemption process. For the next three years, you’ll be allowed to jailbreak smartphones but not tablet computers. You’ll be able to unlock phones purchased before January 2013 but not phones purchased after that. It will be legal to rip DVDs to use an excerpt in a documentary, but not to play it on your iPad.

Apparently, Tablets were excluded from jailbreaking because the definition of tablets is too broad at the moment. The deadline of January 2013 for unlocking phones has no explanation as well, but the most disappointing news from this exemption list is related to unlocking of smartphones.

Jailbreaking of phones was already legal according to the DMCA. However, according to this revised law, phones cannot be jailbroken anymore without the permission of the carrier. DMCA’s argument against unlocking was a comparison with software purchase, which says that you are essentially licensing the software for use according to the EULA, but you cannot claim ownership on the software.

If DMCA can be so flexible that it takes concepts of software purchase and applies them to hardware purchase, how is it so rigid to allow the same freedom on one device, and take away that freedom on another?

Tech Giants Come Together to Form Cyber Security Research Alliance

In the wake of the ongoing cyber-warfare, tech giants have come together to form a consortium that will focus on cyber-security. The consortium is called Cyber Security Research Alliance (CSRA) and it counts AMD, Intel, RSA, Lockheed Martin and Honeywell as its members. Problems in cyber-security are getting complex every day, and this private alliance will create a rich knowledge pool to address the security issues of the present and the future.


The primary aim of the CSRA is to bridge the gap between Government-funded R&D efforts and commercial cyber-security solutions. It will bring together expertise from member companies and the R&D efforts of the Government. Chuck Romine, Director of NIST’s Information Technology Laboratory, says,

Putting into practice the exciting cyber security innovations that emerge from research requires active partnerships between government and industry and also among private sector stakeholders. The emergence of CSRA can strengthen both kinds of partnerships and we look forward to working with this new organization to promote a trustworthy cyberspace for our nation and its citizens.

Most of the mega-attacks that we have seen over the last few days have been on control systems (think Flame and Stuxnet). It is good to see that cyber-security efforts for protection of control systems have stepped up, after Stuxnet. Visit the CSRA homepage to know more.

Also, read how Kaspersky is creating a high-availability operating system for control systems that primarily addresses security.

EXT4 File-system Bug Affects Stable Linux Kernel

A recent file-system bug has been found with EXT4 that has made its way into the stable Linux kernel releases 3.4, 3.5 and 3.6. This EXT4 bug results in data-corruption and it is activated when the file-system is unmounted too frequently within a short period. It might also be triggered by frequent reboots, although the practical chances of that happening are relatively low.


The user reporting the bug writes,

The bug did really quite a lot of damage to my /home fs in only a few minutes of uptime, given how few files I wrote to it. What it could have done to a more conventional distro install with everything including /home on one file system, I shudder to think.

A detailed explanation of the issue is present in this LKML mail. It says that the trouble started with an EXT4 patch made in Kernel 3.6.2, which was later backported to Kernel 3.5 and 3.4 as well, spreading the problem further and further behind. There is no fix for this issue currently, and developers are working on a fix for the latest stable Linux kernel.

Here is the beauty of open source software development. A bug is found, and because the source is open for everyone to see and modify, people jump in to solve it as a community effort. Soon thereafter, a solution is found and the issue is fixed. This is unlike closed source programs, where you have to wait for the organization controlling the code to step up, modify the code and keep updating people about what it is doing. Moreover, in the world of closed software, you would not even know what went wrong to begin with, unless someone digs it up.

Huawei’s Comeback: Offers Access to Its Source Code for an Independent Test

Chinese telecom equipment manufacturer, Huawei, has been slammed hard by Governments all over the world, and its biggest blow came from the US Government Congressional reports, which suggested Huawei’s possible ties with the Chinese government for spying on the US. Although the congressional reports came in much later after Australia had already rejected Huawei two months ago, it was the nail in the coffin for Huawei. Canada followed suit and threw out Huawei from its own Government network too. Soon thereafter, ZTE lost its Cisco sales partnership over illegal sales, and the world-dominant Chinese telecom hardware space started looking pretty messed up.


Huawei realized that something had to be done to save its mega-projects and more importantly, its brand name. Huawei is here for business, and bad press can bring about bad business faster these days. The US congressional reports talked more about possibilities than factual evidences of Huawei spying, and the best way out of this fiasco for Huawei, was to let experts take a look at its internals.

In its first aggressive response since the starting of this blame game, Huawei is now challenging the Australian Government (the first one to cry foul) to look at its source code and have it tested through an independent testing facility. Huawei Australia Chief, John Lord says that Huawei feels strongly against state-funded spying. He has made it clear that the protectionism being practiced by the US is not going to ensure security. Lord goes to the extent of tagging this as part of a trade conflict between US and China.

The fiery rhetoric of the US Committee’s report may make good headline-fodder in an election year, but it should really be seen as a missed opportunity.

Cybersecurity infringements, violations are illegal and we would never allow anyone to do that and we haven’t. We would never allow our equipment to be misused and I make that point quite strongly.

Finally, Lord also states that over 70 percent of Huawei’s equipment comes from outside China, and this invalidates the whole premise of the purely apprehensive moves made by a series of Governments worldwide.

What is the World’s Strongest Password?

Password strength is one thing that worries everyone when choosing a password for a new account. Most web-applications we see nowadays enforce strong password policies by advising their users to enter weird combinations of letters, numbers, and special characters. However, passwords made in this manner are safe only from prying eyes. Moreover, people still end up using the names of their girlfriend/son/daughter/wife/mother in their passwords, which makes them vulnerable to social hacking. So, how do we come up with a safe password?

An important part of answering that question is to know what you are protecting your password against. Is it against prying eyes, is it against social hacking or is it against automated attacks? The answer is all of them, and there is a way to protect yourself against all of these.

The Sneak Peek


I am a big fan of LastPass and it is an absolutely wonderful application. Using LastPass has many advantages. You never have to enter your password on every website you visit, except for a single master password, which signs you into LastPass. This can potentially reduce the risk from people who like to sneak up and look at your passwords. It also offloads the responsibility of remembering a huge load of passwords to LastPass. There is one more advantage of using LastPass, which is not much touted — it protects from phishing attacks as it works only on correct URLs of websites.

Social Hacking


There is no technology that can prevent people from giving away all sorts of personal information about themselves, to someone who seems to be a friendly and harmless guy from a business where you have an account. This bit of safety can come from awareness and awareness alone. Do not give away any of your personal information to an unknown person, or even to a known person unless you are sure about the reasons why you need to give it. This includes safe behavior on social networks as well. Do not go around making Facebook friends out of people you have not met in real life, because your Facebook account is always spilling all sorts of personal information.

In addition, your mother’s maiden name is not the most exclusive information in the world, and it is a very bad choice for a security question.

Automated attacks

If you are trying to protect against brute force or a directory attack, your safest bet is a long password. This XKCD says it all. However, entropy is more mathematical than practical; for instance, a 30 character long sequence of ‘a’s has a low entropy but is a strong password for any brute-force program.

So, what is the world’s strongest password? Perhaps you can tell me.

Further reading: StackExchange and more StackExchange

The Saudi Populace Discovers the Free Speech Capabilities of Twitter

The Arab world is seeing a massive power shift, so much so that there is a specific term for it — the Arab Spring. This geopolitical region has seen a massive uprising, and archaic governments have been overthrown in numerous Arab countries over the last few years. While a large part of this revolution is driven by real-life demonstrations and protests, there is another face of this revolution being held on the Internet via Twitter.


Twitter is known for its transparency and free speech, and people from the world over are leveraging this powerful platform to voice their opinions and concerns. Saudi Arabia is not untouched by the power of Twitter, and there has been open criticism of the royal family of Saudi Arabia on Twitter recently — something that no one had dared to do in the past.

The New York Times says,

Unlike other media, Twitter has allowed Saudis to cross social boundaries and address delicate subjects collectively and in real time, via shared subject headings like “Saudi Corruption” and “Political Prisoners,” known in Twitter as hashtags. With so many people writing mostly under their real names — there are some 2.9 million users in the kingdom, according to one recent study, and it is the world’s fastest-growing Twitter zone.

Saudi Arabia has its own whistleblower on Twitter, who goes by the name of “Mujtahidd “. This account has leaked numerous incidents of corruption in the country, especially related to the royal family. The Saudi government has tried its level best to restrict free speech by banning numerous topics of conversation in public or print media, but their lack of control over Twitter does not provide for regulatory means that they would like to enjoy, and this makes Twitter their nemesis.

Clearly, Saudi Arabia is geared up for a revolution, and Twitter is playing a decisive role in it.