i phone 4s:security hole found

NEW DELHI: Apple iPhone 4S's most-talked about feature Siri is facing criticism for a default security setting that can leave the device vulnerable.

According to Sophos, even if a user's iPhone 4Sis locked with a passcode, an unauthorised user can press the button and give a spoken command to Siri, like ask it to send emails or tamper with your calendar.

However, Sophos has also suggested a way to disable Siri when the device is locked. To disable the feature, a user needs to press enter "Settings/General/Passcode Lock" on his iPhone 4S, and set the "Siri" option to "Off".

Siri is the voice-activated personal assistant that comes with the new iPhone 4S. With the launch of iPhone 4S on Oct 14, Siri became an instant hit with users scrambling to activate the feature and facing a host of connectivity troubles.

Siri lets users perform tasks like asking for a weather update anywhere in the world, or setting an alarm, or asking for places to eat, or making a calendar appointment.

According to Apple, the feature is based on artificial intelligence technology that the company got from its acquisition of a company called Siri. 

QuanAptiRSAgaar.rar

Quantative apptitude R.s agarwal.
DownloaD

How hackers track what you type on smartphone

WASHINGTON: A research team at Georgia Tech claims that it has discovered how to use a users smartphone to track what the person is typing on the keyboard.

The smartphone accelerometer, an internal device that detects when and how the phone is tilted, senses keyboard vibrations and deciphers complete sentences with up to 80 per cent accuracy.

"We first tried our experiments with an iPhone 3GS, and the results were difficult to read," Patrick Traynor, assistant professor in Georgia Tech's School of Computer Science, said.

"But then we tried an iPhone 4, which has an added gyroscope to clean up the accelerometernoise, and the results were much better. We believe that most smartphones made in the past two years are sophisticated enough to launch this attack," he said.

The technique works through probability and by detecting pairs of keystrokes, rather than individual keys. It models "keyboard events" in pairs, then determines whether the pair of keys pressed is on the left versus right side of the keyboard, and whether they are close together or far apart.

After the system has determined these characteristics for each pair of keys depressed, it compares the results against a preloaded dictionary, each word of which has been broken down along similar measurements, i.e., are the letters left/right, near/far on a standard QWERTY keyboard.

The technique works reliably only on words of three or more letters. "The way we see this attack working is that you, the phone's owner, would request or be asked to download an innocuous-looking application, which doesn't ask you for the use of any suspicious phone sensors," Henry Carter, one of the study's co-authors, said.

"Then the keyboard-detection malware is turned on, and the next time you place your phone next to the keyboard and start typing, it starts listening," carter said.

The study has been published in the paper "(sp)iPhone: Decoding Vibrations From Nearby Keyboards Using Mobile Phone Accelerometers," and will be presented on 20th October.

New industrial virus Duqu on prowl

WASHINGTON: First there was the Stuxnetcomputer virus that wreaked havoc on Iran's nuclear program. Now comes "Duqu," which researchers said appears to be quite similar.

Security software firm Symantec said in a report it was alerted by a research lab with international connections last week to a malicious code that "appeared to be very similar to Stuxnet." It was named Duqu because it creates files with "DQ" in the prefix.

The US Department of Homeland Security said it was aware of the reports and was taking action.

"DHS' Industrial Control Systems Cyber Emergency Response Team has issued a public alert and will continue working with the cyber security research community to gather and analyze data and disseminate further information to our critical infrastructure partners as it becomes available," a DHS official said.

Symantec said samples recovered from computer systems in Europe and a detailed report from the unnamed research lab confirmed the new threat was similar to Stuxnet.

"Parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose," Symantec said. "Duqu is essentially the precursor to a future Stuxnet-like attack."

Stuxnet is a malicious software that targets widely used industrial control systems built by German firm Siemens. It is believed to have crippled centrifuges Iran uses to enrich uranium for what the United States and some European nations have charged is a covert nuclear weapons program.

Cyber experts say its sophistication indicates that Stuxnet was produced possibly by the United States or Israel.

The new Duqu computer virus is designed to gather data from industrial control system manufacturers to make it easier to launch an attack in the future by capturing information including keystrokes.

"The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility," Symantec said.

"Duqu does not contain any code related to industrial control systems and is primarily a remote access Trojan (RAT)," Symantec said. "The threat does not self-replicate."

Duqu shares "a great deal of code with Stuxnet" but instead of being designed to sabotage an industrial control system, the new virus is designed to gain remote access capabilities.

"The creators of Duqu had access to the source code of Stuxnet," Symantec said.

IBM fires 1000 workers in india

BANGALORE: One of the largest private sector employers in India, IT services firm IBM is trimming its contract workforce. At least 600-1,000 contract employees have been asked to leave the company since August.

Sources in the recruitment industry and the company attribute this to both economic uncertainty and cyclical reasons.

These contract employees work for IBM, but are on the payrolls of either a recruitment firm or another IT vendor. Two of the biggest providers of contract staff to IBM, who did not wish to be named, confirm this. One of them told ET that IBM had asked few hundreds of contract staffers to leave in August.

This vendor lost 40 such staffers, but this month placed 20 again. An executive at the contract staffing firm attributed this to two factors - project completion and a reduced demand from service clients because of economic pressure globally. Another executive at one of the biggest providers of contract staff for IBM said that the demand for contract staff was down and even from IBM, the demand has dipped 10-15%.

Ascribing this to seasonality, he said every year in this quarter business comes down and companies like IBM try to optimise their existing resources rather than get new ones on board. According to him, a project typically starts in January and gets over by September-October. Hence, the dip in contract staff numbers. Plus, the current quarter is slow for most IT firms in terms of new project starts, he added.

"Things are definitely slower. Economic uncertainty has a role to play, but the bigger reason is a seasonally weak quarter," says a senior executive at another large contract staffing firm. The firm works with IBM both in India and United States. "The company is taking on less contract staff, but this could also be because of project closures," says the executive.

In response to an email from ET, the company said, "IBM continuously transforms its business, rebalancing skills and capabilities in order to meet the changing needs of clients and our business as a whole." In India, IBM has close to 1.3 lakh employees including contract workforce. Contract staffing is the first area to be impacted when IT companies face uncertainty on the demand pipeline or contracts fail to ramp up as expected.

Contract staffing for lower-end services is a common method to manage business cycles or perform functions that may not be very core to clients. The third quarter is also a seasonally weak quarter for most IT firms as business gets affected by the holidays and not many clients take spending decision in this quarter.

However, not all vendors have been impacted. Bangalore-based recruitment firm Ikya Consultants has around 600 employees working for IBM. "We have not lost any of our people," says Ajith Issac, CEO of the firm.

A Delhi-based staffing firm that provides employees on a contractstaffing basis to the IT company in large numbers said that around 600-odd people being asked to go is not a significant number for one of the largest employers in the IT industry. This staffing firm has not received any reductions in mandates from IBM.

Infosys posts highest employee addition in 4 years

Infosys made a gross addition of 15,352 people in the quarter.

BANGALORE: Infosys made a gross addition of 15,352 people in the quarter, and a net addition of 8,262 people, taking the total headcount to 1,41,822. The net addition was its highest quarterly addition in at least four years.

The company expressed confidence that it would meet its previous forecast of adding 45,000 people during the fiscal.

The attrition rate has fallen to 15.6% from 17.1% in the same quarter the previous year. Analysts say that this is perhaps driven by people choosing not to swap jobs in uncertain times.

The quarter reported a utilization of 77.3%, up from the preceding quarter, but lower than what it was a year ago. "The hiring number indicates that the company sees strong growth ahead despite economic uncertainty. Whether this assumption is right or wrong, we have to wait and see," said Ankur Rudra, sector analyst with Ambit Capital.