Details of Play.com user accounts leak out, rage ensues

Earlier today reports of a possible system compromise of Play.com's servers started the spread across the web. Understandably angry users posted on various forums about spam e-mails they were receiving via e-mail addresses they had created specifically for Play.com transactions. The spam messages were the same for every user. The sender was "GSNnews@email.gsn.com" and the subject was "Get more done, much faster, with Acrobat X PDF Reader. Upgrade Available Now".

It turns out that the compromise came from one of Play.com's marketing affiliates and the names and e-mail addresses of a number of users were leaked out and likely sold to spammers. For its part, Play.com did start to send e-mails to affected users informing them of the situation, sending out the following message:

"Email Security Message

We are emailing all our customers to let you know that a company that handle part of our marketing communications has had a security breach. Unfortunately this has meant that some customer names and email addresses may have been compromised.

We take privacy and security very seriously and ensure all sensitive customer data is protected. Please be assured this issue has occurred outside of Play.com and no other personal customer information has been involved. Please be assured we have taken every step to ensure this doesn’t happen again and accept our apologies for any inconvenience this may have caused some of you.

Customer Advice

Please do be vigilant with your email and personal information when using the internet. At Play.com we will never ask you for information such as passwords, bank account details or credit card numbers. If you receive anything suspicious in your email, please do not click on any links and forward the email on to privacy@play.com for us to investigate.

Thank you for continuing to shop at Play.com and we look forward to serving you in the future.

The Play.com Customer Service Team"

The users affected seem to be some of the customers who were signed up to receive the weekly newsletter sent out via Play.com's affiliate marketing companies. If you have never been signed up to this service your details remain safe.

It is important to state that no credit card or bank details were involved in this leak and no passwords have been compromised. Play.com assure me that their database server is not public-facing (meaning it has no direct access to the internet).

Anyone concerned about this should contact Play.com for more information at this address: http://www.play.com/Help.html?page=cuaccount or call their customer service team on 0845 800 1020.


I Want To Be Freed From Captivity!

So, I have decided it's time to expand my horizons. I came to a realisation the other day that all my skills are IT-based. This is not a bad problem to have in the current climate as computers are used in pretty much every industry and there is always a demand for people to keep them running effectively (like a zookeeper looking after a bunch of hyperactive meerkats)!

Why is this a problem then you didn't ask? Well, this zookeeper has a dark and deadly secret...

I hate computers and IT in general.

No, really, I do. Stay with me here. Sure, it's fun to play about with certain things and waste an inordinate amount of time on Facebook and YouTube, but the act of looking after these meerkats computers gets pretty old pretty quickly! So its technical and has a certain mystique about it all to those who are less than savvy with technology but let's be brutal with the honesty here; it's really nothing difficult at all. Every now and again you might get an interesting problem but before you get a chance to attack it like Dr. House would attack a rare and almost implausible case of face fungus (may not be a real condition) the solution either presents itself or a quick Google search of the error code yields a forum answer from some 15 year old nerd with ADHD and a nervous tick, and then the brief excitement is over. Back to "beating up" a shopkeeper on Mafia Wars then!

With the above in mind, I've decided it's definitely time to add some non-IT skills to the ammo box. Quite what these skills are is yet to be decided. I could take the secret agent course and learn how to make an underwater breathing device from matchsticks and a tin of dried tomato's, or a public speaking course so I can fast-track my appointment as supreme dictator of Earth.

Whatever I choose, I shall blog about my progress. Suggestions are welcome too. I must go now, I have a small problem at the zoo...


iOS 4.2 Gold Master released to developers

Today Apple released iOS 4.2 to developers via the iOS developer website. The release is known as a Gold Master (GM) which usually is the release that will be pushed out to the masses.

The release will be available for all but the first generation iPhones and iPod touches and means the iPad will finally get its first iteration of iOS, gaining multitasking and app folders. All the iOS 4.2 devices will be adding two standout features: Air Print for remote printing via a networked Mac or compatible HP hardware, and Air Play to stream video playback to the iOS-based Apple TV.

The new OS should be available for general download sometime in the next few weeks. Here's hoping its sooner!


Windows LNK Vulnerability and what it means for you

Microsoft earlier this week release Security Advisory 2286198, which has detailed information on the zero-day LNK (Windows Shell shortcut) vulnerability that is currently being exploited in the wild.

This is quite a serious vulnerability in the sense that the attack vectors are pretty widespread. At first it looked like this could only be exploited via a USB device such as a pen drive but it can also be exploited via Windows file shares and WebDAV. The image below shows what versions of Windows are affected (spoiler: every version):

Microsoft describes the vulnerability in this way:

"The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed."

Essentially this means that malicious code can be hidden inside a shortcut and when Windows reads the shortcut to display the icon (most of the icons on your Desktop are LNK files, or shortcuts) the malicious code can be executed and its this code that can do a lot of damage depending on what the attackers want it to do.

The other issue with this vulnerability is that it also extends to files that allow embedded shortcuts, such as Microsoft Office files. This means that potentially this vulnerability could be exploited via e-mail.

The advice is simple and is something that should always apply to your computer use. Don't download files from dubious sources or files you aren't sure are legitimate and don't open e-mail attachments from unknown senders, particularly if you aren't expecting an attachment and always pay attention to the type of file you are being sent.

Thankfully security vendors are pretty much on top of this issue and Microsoft's own free anti-virus software as well as paid offerings from F-Secure, Kaspersky Labs and others offer good protection from attackers using this vulnerability. If you already have anti-virus software, make sure it is up-to-date.


Microsoft discontinues 1 vs 100 on Xbox LIVE

Microsoft today confirmed what many had suspected for a while now, 1 vs 100 will not be returning for a third series.

The downloadable game was free to play on Xbox LIVE and allowed gamers to participate in a live quiz show and some were lucky enough to be selected to compete for real-world prizes including games, TV's, laptops and of course a haul of Microsoft Points.

At one stage in the beta, 114,000 people were playing online at the same time, scooping a Guinness World Record for most contestants in a game show in the process. The first season in the UK ran with a live host but had lots of problems with the audio and many, myself included, often could not hear the host in between games. The second season ran without the live host.

“When we started on this journey, we knew we were creating an entirely new genre of entertainment that would be a continually evolving concept,” Microsoft Game Studios’ general manager Dave McCarthy stated.

“We’re very proud of the 1 vs 100 team and their accomplishments, and are excited to apply what we’ve learned to future programming.”

Microsoft adds that the 1 vs 100 team will be applying the lesson learned from the game to new, as-of-yet unannounced projects. Lets hope they get something out soon, 1 vs 100 was a pretty good innovation in the casual gaming space.


Fixing corruption of your Search Providers in IE8

I am sure there are a lot of people out there that have trouble with toolbars in Internet Explorer. The very nature of a toolbar sends IT people insane. They serve no real purpose other than to clutter the space in your browser and in many cases, lock your browser into whatever service the toolbar provides. The example I will be siting today is the Google Toolbar from, well, Google funnily enough!

Sometimes when you remove or disable a toolbar without running its uninstaller, it gets mad and throws a bit of a tantrum. The kind when you take a child shopping and you tell them they can't have those sweets. Only its not you that gets the brunt of the tantrum, its your browser! Other times the toolbar can just throw the tantrum anyway, even if you didn't touch it or try and remove/disable it. You know when that happens because you will most likely see this when you open Internet Explorer:

What you are seeing is Internet Explorer telling you that something has corrupted the Search Provider (which is that box in the top right corner) and it has tried to fix it. The only problem is not only is there nothing to fix but if you try and make any changes to the Search Provider it ignores them. This problem can come from a few different sources but the most common is because remnants of the Google Toolbar are hijacking the Search Provider and rightly or wrongly trying to keep the one it installed as the default.

The fix? Very simple in most cases. Follow these steps (making sure Internet Explorer is not running):

1. Open your Registry editor by clicking on Start and selecting Run... and type "regedit" (without the quotes) and press Return. 2. Navigate to HKEY_CURRENT_USER\Software\Google. 3. Right-click on the Google entry in the left pane and select Delete and say Yes to the message prompt. 4. Close the Registry editor and open Internet Explorer.

This should fix the problem. If the problem persists, your solution is probably the slightly more complicated problem solved on the Microsoft Answers message board which you can find here: http://social.answers.microsoft.com/Forums/en-US/InternetExplorer/thread/ba3d3a7a-4670-42e4-8888-0712158f15c2


Why Suarez was right to do what he did...

After a great game of football tonight, the talking point is not how good or bad the winning team, Uruguay, was, the debate is centring around their striker Luis Suarez and his handball that kept them in the game. In case you missed it, Ghana won a corner in the last few seconds of extra time and from this corner the ball was glanced on and Uruguay goalkeeper Fernando Muslera didn't punch the ball clear. Dominic Adiyiah had a shot from six yards blocked on the line by Luis Suarez, before Adiyiah's next effort, a header, was punched off the line by Suarez. The striker was sent off and Asamoah Gyan stepped up to take the penalty, and smashed it against the crossbar.

This meant the game finished 1-1 and penalties followed, and sadly for Ghana, Uruguay came out as 4-2 winners of the shootout, with Sebastian Abreu scoring the winning penalty in emphatic style. So now the game is done, the postmortem has already begun. Suarez is taking a lot of flack for what supporters say is blatant cheating. You can't argue that the act of handball is against the rules of the game, but Suarez broke those rules and was punished for it. He was shown a straight red card and Ghana were awarded the penalty. This has essentially become a problem because Ghana did not score from that penalty, and thus Suarez had prevented Ghana from winning the game 2-1. If Gyan had scored the penalty, there would be no uproar and justice would be perceived to have been served, but we will never know if that would have been the case.

The problem with making Suarez out to be the pantomime villain is that he is in no way the first person in the history of the game to commit this offence. A lot of people are reacting as though this is the first time anyone has cheated in this way, but this happens every season in most top leagues around the world. On numerous occasions over the years I have seen players in the Premier League, La Liga and Serie A using their hand or arm to keep the ball out of the net. It's an instinctive reaction. People are overreacting because Ghana (who seemed to have been awarded a divine right to the semi-final by ITV prior to the match by the way) missed their subsequent penalty. If it was the other way around and it was a Ghana player who did that to a Uruguayan, would the Ghana player just let the ball past him and let his team go out of the cup? No, I don't think so either.

Suarez played by the rules, and what I mean by that is he knew using his hand to stop the ball would result in a penalty and a sending off so he took his chance and it paid off. People need to understand that he didn't 'get away with it', he was punished to the full extent of the rules.

However, the fact that he is now a national hero might be taking it a step too far!


Beware the Cricket, it might kill your computer!

A few days ago a friend of mine wanted to watch the Cricket on his computer. Naturally he goes on the internet to download Sopcast (for those that don't know, Sopcast is a piece of software that broadcasts TV channels). Sopcast is pretty easy to find, searching for it in any search engine should bring it up as the first hit but somehow he managed to download something that wasn't Sopcast! What he did get was something pretty nasty...

The download he opened certainly was not Sopcast and pretty soon after opening it the machine slowly started to die. The final straw came when he tried to use Task Manager to kill some processes and was locked out (a common tactic for spyware to use so you can't stop it) and then the machine came to a halt. He restarted the laptop and was greeted with the screen nobody ever wants to see: "Missing Operating System". Along with the spyware he contracted he also picked up a virus that infected the Master Boot Record (MBR). This essentially means that the computer doesn't know if and where the OS is and as a result cannot boot to it. Things didn't stop there. After removing the virus from the MBR and trying to rebuild the boot table the next problem hit. A virus had nuked the file system and that pretty much guarantees you won't be booting from that laptop ever again unless you reinstall Windows.

The story has a kind of happy ending though. Because this was his work laptop (which you should never use for personal use as this clearly demonstrates) his IT Department were able to restore an image of his drive and get him up and running with minimal data loss. Not everyone is this lucky so my advice to anyone who is looking to watch premium content online; watch it legitimately, the hassle you might run into doing it other ways could end up costing you more than missing a test match!


Internet Explorer’s European Market Share – The Real Story

Ok, so today a lot of technology sites/blogs have been reporting on the “drop” in Internet Explorer’s market share since the ballot screen started being pushed through Windows Update and most of them got this information from this Reuters report which slightly misrepresents the data.

 

The latest live statistics from global Web analytics firm StatCounter shows the continuing "weekend dip" (which is the term used to describe IE market share dropping because of the decreased usage of business PC’s)  where IE usage drops and Firefox usage peaks, as solely responsible for the latest round of victory claims from at least one supporter of Europe's browser choice screen for Windows users.

 

European usage share for IE on 1st February  stood at 45.63%, representing the amount of Web traffic traced to European addresses whose browsers identified themselves as IE via the user agent string. Firefox usage on that same day was at 39.18%. The browser choice screen was pushed out on 1st March. As of Friday, 19th March, IE usage share for Europe was at 45.77%, with Firefox at 37.9%. When the weekend came around, IE usage share dropped to 43.57%, and Firefox share went up to 39.29%.

 

StatCounterGlobal

StatCounter Global Stats chart – click here for live data 

 

This two point decline in usage over a weekend is a common occurrence (hence the name weekend dip) because more home PC’s are online being tracked and the user has more control over what browser they can use.  If we look at overall statistics from StatCounter you will see that Firefox actually had a decline in usage and that share was taken by Chrome.  Opera also saw a very marginal increase in usage overall.

 

It seems a lot of blogs jumped on the Reuters report and didn’t do their research (some are big-name blogs too, not naming any names of course).  This might all change come next month when the browser ballot screen should have been pushed out to all European users, and IE might actually see a legitimate fall in market share but until then the biggest bit of news out of all of this is the fact Chrome seems to be chipping away at Firefox’s market share more than IE.

 

Feel free to check out the live stats from StatCounter here.

Getting the “Nothing Special” Achievement in Left 4 Dead: My story…

So last night I fire up L4D for a nice quick campaign (on Expert difficulty of course) and settle down to play.  The guy who joins our existing team of 3 asked us to help him get the Nothing Special Achievement.  For those unfamiliar with this one its where none of the team can be attacked by the special infected (Hunter, Boomer, Smoker, Witch and Tank) for the entire campaign.  If anyone gets hit by the special infected and loses health then its all over, you have to restart the campaign (yes, completely restart from the beginning).
So we started playing through the game and after a few retries we got through the first section of the campaign (Death Toll) with no problem.  We got quite far through the second section and then the new guy got hit by the Tank.  Instead of restarting we simply all died so the section would restart.  We all though that because we are starting the section again the achievement is back on and we could carry on.  Sadly we were wrong.  As I explained above, once you are hit, its over, you must restart the ENTIRE campaign.  You can’t simply all die and just restart that section.  The game already flags the achievement as being over, or so I thought…
left_4_dead_ea3 It turns out that the game can be “tricked” into letting you have this achievement.  The trick is so simple yet something you probably wouldn’t think of doing, not least because you wouldn’t expect it to work!  All you need to do is pick a campaign (probably best with Death Toll because of the rock glitch at the finale, but Dead Air will work too) and play the first 4 sections of that campaign.  You can be hit by the special infected as many times as you want in the first 4 sections.  Once you reach the finale, call a vote to return to the lobby.  Now from the lobby, keep the same campaign chosen but change your start section to the finale.  Doing this “tricks” the game into thinking you have done the first 4 sections and are now on to the finale, and also clears the special infected hit flags which haven’t carried over from the other sections.  All you have to do now is complete the finale.  Sounds easy?  Well there is a caveat.  You cannot get hit by special infected or you will have to restart the entire campaign.  When you make it to the finale, you have to make sure you clear it without being hit by the specials.  This is why I say choose a finale that you can glitch, because if you go through it like I’ve explained and then you get hit in the finale, you can’t quit out to the lobby and just start the finale again, you have to start completely from scratch.
I hope this helps anyone still looking for this achievement (yes, the game is old but this one is one of the more tricky ones).  I know this post is long but I hope by explaining what I had to go through before I figured this one out will make you laugh at/with me and save you from wasting the same amount of time I did!  :)
P.S. Make sure you play with a good team and if possible use a microphone.  Much much easier.