SEARCH CLINIC

A network of thousands of computers which stole millions of dollars from advertisers by generating fake advert viewings has been discovered.British web analytics firm Spider.io claims the “Chameleon” botnet is made up of 120,000 home PCs and costs advertisers £3.9 million per month.

Spider.io said that Chameleon simulated clicks on adverts on over 200 sites.

The firm said the botnet was responsible for up to nine billion false ad views every month.

Websites that show display ad receive money when an ad is viewed, in what is called cost-per-impression advertising. It works by money being paid when an ad impression is viewed, and advertisers selling a product or a service pay the website owner a fixed amount each time their ad is viewed.

The ads are typically placed by advertising networks that act as middlemen – the network places the ad on the publisher’s site and the advertiser pays the network and the publisher.

Advertisers use clicks and mouse movements over ads as leading indicators of visitor intent – meaning that the users being shown ads are more likely to buy a product or sign up to a new service.

So if a malicious programme generates clicks or mouse traces, then advertisers will be encouraged to buy more ad space.

Spider.io said that about 95% of the hijacked machines were in the US.

“This particular botnet is being used to emulate human users surfing the web, mimicking normal browsing sessions and normal ad engagement,” said the firm’s chief executive Douglas de Jager.

“It is difficult to imagine why one would run this type of botnet across a cluster of 202 sites other than to commit display advertising fraud.

“Unfortunately, we can’t be sure precisely which of the financially motivated parties is behind this. It could perhaps even be a single person within one of the companies, unbeknownst to others at this company.”

He added that the company was able to spot the botnet thanks to a very specific behaviour of the infected computers.

“The bots subject host machines to heavy load, and the bots appear to crash and restart regularly,” he said.

“When a bot crashes the concurrent sessions end abruptly; upon restart the bot requests a new set of cookies. These crashes and idiosyncratic site-traversal patterns are just two of the many bot features that provide for a distinctive bot signature.”

“Advertising networks – not the advertisers themselves – need to work harder at identifying the difference between a genuine user clicking on an ad, and a compromise computer that has been turned into a click-fraud bot.”

Campaigners have criticised Google for encouraging the poaching of elephants by running advertisements promoting ivory products.The Environmental Investigation Agency (EIA) says more than 10,000 ads about ivory were running on Google’s Japanese shopping site.

They have written to the internet giant asking for their removal.

The claim was made at the meeting of the Convention on the International Trade in Endangered Species (Cites) taking place in Bangkok.

EIA says that they have been monitoring advertising in Japan for a long time, looking for evidence of whale products being promoted for sale. They found more than 1,400 of these types of ads.

But when they carried out a similar search for ivory ads on Google’s wholly owned Japanese shopping site, they found more than 10,000.

The vast majority, more than 80% were for “hanko”, a Japanese name seal that people use to sign official documents. The stamps are often inlaid with ivory lettering.

The campaigners say the ads are contrary to Google’s own policies which don’t allow the promotion of elephant or whale products. And the EIA says they are contributing to elephant poaching across Africa.

“We were really shocked to be honest, to find that one of the world’s richest and successful technology companies with such incredible resources had taken no action to enforce their own policies, especially given that elephants are being slaughtered across Africa to provide these trinkets for the public in Japan.” said EIA’s Allan Thornton.

Google acknowledged that these type of ads violated their own terms. In a statement they said: “Ads for products obtained from endangered or threatened species are not allowed on Google. As soon as we detect ads that violate our advertising policies, we remove them.”

EIA says that they wrote to Google on 22 February to inform them of the problem but they have received no response as yet. They say that the adverts are still up and running.

“I don’t know what’s going on in Google,” said Allan Thornton.

“They are considered a progressive company who are interested in environmental issues, but they seem to have made some pretty serious mistakes by letting whale and ivory products be sold on their Google Japan site,” he added.

Dealing with the ivory issues is one of the key tasks for this meeting of Cites in Bangkok.

The sale of elephant tusks was banned back in 1989. But elephant welfare groups say around 30,000 elephants a year are still being killed to meet the demand for trinkets and carvings that are often sold to tourists in countries like Thailand.

The internet has given a huge boost to the ivory business. Last year, another investigation by the International Fund for Animal Welfare (IFAW) found over 17,000 ivory products on sale on Chinese websites.

Despite record EU unemployment, the European Commission has launched a “grand coalition” to address the region’s IT skills shortages.Digital agenda commissioner Neelie Kroes told delegates at the CeBIT exhibition that the EU’s competitiveness is “under threat” if it cannot fill the expertise gap.

The shortages come at a time of high unemployment across Europe, she added, calling for greater awareness of IT career opportunities.

Together with European Commission president Jose Manuel Barroso, Ms Kroes said that 1 million euros (£860,000) will be invested into the coalition.

“This coalition is not about reinventing the wheel. It should be about building on existing success,” she said.

“I want people to be open in their commitments, join forces where they see the chance, and recognise we need to do things differently.

“Quite simply, facing hundreds of thousands of unfilled vacancies, we cannot continue as we were; and we must all do our bit.”

The commission’s own figures suggested that there will be 900,000 vacancies for IT-related roles by 2015. There are currently about 26 million people unemployed across Europe.

The number of “digital jobs” – jobs based around IT – is growing by about 100,000 every year, yet the number of skilled IT graduates is failing to keep pace.

Jose Manuel Barroso launched the digital jobs coalition

Ms Kroes said she now wants to have companies move “from ‘wouldn’t-it-be-nice-if’ to, ‘here’s-what-we-are-going-to-do’.”

The commission highlighted several new initiatives already taking places, including Telefonica’s investment in start-ups, and Cisco’s pledge to train 100,000 people to install smart-meters into homes.

The commission’s proposals include simplification of the certification system, making it easier to prove what skills a graduate has, regardless of the EU country in which they have worked or studied.

Technology skills shortages have been cited as a pressing problem for several companies which rely on highly-skilled engineers to further their development.

In January, Google chairman Eric Schmidt announced that his firm was to contribute to a scheme to give schools 15,000 free microcomputers.

The British Raspberry Pi devices will also be used to encourage young children into learning coding skills.

The days of the tiresome password may be numbered- according to Paypal.The fact is that the way we users typically deal with having multiple passwords for our online accounts makes us too vulnerable to spyware, phishing and identity theft.

Many of us rely on the same password, while many more of us only use three or four passwords.

Ideally, the best password would be at least 16 characters with capitals, numbers and special characters – but you’d never remember it.

So the industry is looking to ditch passwords, and is turning to a variety of solutions, such as voice recognition, key stroke analysis and finger print identification.

Payments firm PayPal is one of those leading the changes, and president David Marcus says the aim is to make the whole process seamless.

“Like magic, you’ll be authenticated, and the payment will go through. We want to move away from passwords, and get to embedded fingerprint scanners on mobile phones.”

“You’re going to start seeing that type of experience later this year, with a mass roll-out in the year to come.”

Earlier this month, PayPal, Lenovo and others announced the formation of the Fido Alliance (Fast Identity Online) to change the way online security checks are carried out.

The idea is that users will be able to select the type of authentication that suits them best – from fingerprint scanning to USB tokens.

“The best protection is the one you don’t see – it’s the one that happens in the background, that verifies your identity accessing your own data,” says Mr Marcus.
‘Untapped potential’

For PayPal, solving the password security problem is important because so many people now use it to make purchases – it has 125 million customers in more than 190 countries.

“You shop offline more than you shop online, but in most of these transactions mobile is involved now,” says Mr Marcus.

“As the offline market is 17 times bigger than the online market, there is still huge untapped potential for us.”

The key driver for this has been the way in which customers are increasingly using phones, tablets and other handheld devices to make purchases.

Last year, PayPal recorded $145 billion (£95bn) in total transactions, of which $14 billion were via mobile devices, says Mr Marcus.  “But the year before it was less than $4 billion.

All of which should be welcome news for those of us who continually have to email our online retailers for new passwords, because we’ve forgotten the one we asked them for the last time we tried to buy something from them.

Global music revenues had risen for the first time since 1999 according to new research.The International Federation of the Phonographic Industry (IFPI) said that accelerating digital music sales had caused a 0.3% upturn in global revenues – a total of  £10.9 billion.

“It is hard to remember a year for the recording industry that has begun with such a palpable buzz in the air,” said Frances Moore, chief executive of IFPI.

“These are hard-won successes for an industry that has innovated, battled and transformed itself over a decade.

“They show how the music industry has adapted to the internet world, learned how to meet the needs of consumers and monetised the digital marketplace.”

Global singles best sellers in 2012

Carly Rae Jepsen, Call Me Maybe, 12.5 million units
Gotye, Somebody That I Used To Know, 11.8 million
PSY, Gangnam Style, 9.7 million
Fun, We Are Young, 9.6 million
Maroon 5, Payphone, 9.1 million
Michel Telo, Ai Se Eu Te Pego, 7.2 million
Nicki Minaj, Starships, 7.2 million
Maroon 5, One More Night, 6.9 million
Flo Rida, Whistle, 6.6 million
Flo Rida, Wild Ones, 6.5 million

Source: IFPI

The music industry has undertaken a sizable campaign over several years to see illegal sites and services put out of business.

In the UK, the British Phonographic Industry (BPI) took action to the courts, obtaining a court order to force internet service providers to block access to file-sharing site The Pirate Bay.

The music industry has also started to refocus its efforts by targeting those who make profiting from illegal music possible, such as advertisers, as well as the piracy sites themselves.

Elsewhere, search engines like Google have been pressured to demote piracy websites in their search results.

More needs to be done on that front, IFPI said: “Searches for the names of popular artists followed by the term “mp3″ still return a large number of results for illegal sources on the first page.

“In August 2012, Google announced it would take into account the number of valid copyright notices it receives when returning search results.  That was a welcome step in principle but unfortunately has not been translated into results.”

The computer maker Dell has reported quarterly falls in profits and sales in what could be its last set of results as a public company.The world’s third largest PC maker said net profit in the fourth quarter fell 31% to £345 million ($530 million)  compared with the same period a year ago.

Revenue fell 11% to £9.34 billion which were hurt by the shrinking consumer business.

Founder Michael Dell has offered to buy the business for £15.9 billion.

But his attempt to turn it back into a private firm has faced opposition over the value of the consultancy side of the business.

Dell’s largest independent shareholder, Southeastern Asset Management, said the offer “grossly undervalues the company”, while reports suggest other large investors also oppose the deal.

In recent years Dell has struggled to compete with cheaper Asian rivals, as well as the boom in smartphones and tablet computers, and has focused more on corporate needs and less on the home consumer.

For the full year ending 1 February 2013, net profit fell 32% to £1.55 billion, while revenue fell 8% to £37.19 billion.

Dell said that it was not providing an outlook for the 2014 fiscal year or for the first fiscal quarter, given the proposed merger agreement to take the company private.

Given the recent spate of hacking incidents a timely report from the National Audit Office (NAO) has highlighted that a lack of skilled workers is hampering the UK’s fight against cyber crime.The spending watchdog had heard from experts who believe it could take “up to 20 years to address the skills gap”, it said in a report.

But progress has been made in tackling cyber fraud, with more police resources and prosecutions aimed at catching cyber criminals, the NAO added.

The government said it was “investing heavily” in research and education.

The number of IT and cyber security professionals in the UK has not increased in line with the growth of the internet, the watchdog said.

In 2011, ministers announced funding of £650 million to implement the UK’s Cyber Security Strategy, which set out the risks of the UK’s growing reliance on cyber space.

The strategy identified criminals, terrorists, foreign intelligence services, foreign militaries and politically motivated “hacktivists” as potential enemies who might choose to attack vulnerabilities in British cyber-defences.

In a review of the strategy, the NAO said there had been an number of developments to help tackle cyber crime.

The internet economy in the UK accounts for more than £120 billion – a higher proportion of GDP than any other G20 country, the NAO said.

But it warned that the cost of cyber crime is estimated to be between £18 billion and £27 billion a year.

Action Fraud, the UK’s national fraud reporting centre, received 46,000 reports of cyber-enabled crime, amounting to £292 million of attempted fraud, the report said.

And the Serious Organised Crime Agency had captured more than 2.3 million compromised debit or credit cards since 2011, preventing a potential economic loss of over £500 million.

New regional police cyber crime centres and a trebling of the size of the Police Central e-crime Unit had also helped boost the UK’s capability to combat attacks, the watchdog said.

But the NAO warned that the UK faced a current and future cyber security skills gap, with “the current pipeline of graduates and practitioners” unable to meet demand.

Education officials interviewed by the NAO said it could take “up to 20 years to address the skills gap at all levels of education”.

They raised concerns about a lack of promotion of science and technology subjects at school, leading to a low uptake of computer science and technology courses by university students.

Nintendo has cut the sales forecast for its new Wii-U console-  but still expects to make an annual profit thanks to the weaker yen.It now predicts it will sell only four million Wii-Us in the year to March, down 27% from its previous forecast, after sales disappointed.

Nonetheless, the Japanese firm increased its annual net profit forecast to £98 million thanks to gains from its weakening home currency.

A year ago it made a loss of  £302 million.

For the first nine months of its year, the firm reported a £102 million profit, compared with a loss of  £115 million a year earlier.

The results, which came after the end of trading on the Tokyo Stock Exchange, provide mixed signals for stock analysts.

The apparent failure so far of the Wii-U to take off versus competition from tablet and smart phone game applications may bode ill for the company’s long-term growth prospects.

Nintendo also cut its full-year sales forecasts for its other games consoles, with 3DS sales expected to reach 15 million by March (down 14% from its previous forecast), and DS sales to total 2.3 million (down 8%).

Perhaps the biggest shock will come from the firm announcing that it now expected to make an overall operating loss of £140 million for the year, whereas previously it had foreseen a £140 million operating profit. Financial analysts had expected a £85.7 million operating profit on average.

The company said that the new forecasts took account of the evident turnaround in the yen with the election of Prime Minister Shinzo Abe, who has taken a much more aggressively expansionary stance towards both government spending and the central bank’s monetary policy.

The weakening currency provides a two-fold benefit to the company – increasing the value of its foreign currency assets in the short-term, and reversing its steady loss of price competitiveness against foreign rivals in the longer-term.

Amazon has announced a sharp fall in profits for the end of 2012.Net income for the three months to the end of December was £61.5 million, down from £112 million for the same period in 2011.

The fall came despite an increase in revenues during the period, from £11.08 billion a year ago, to £13.54 billion- a jump of 22%.

That growth came as the world’s largest internet retailer bagged a big share of internet spending during the crucial holiday period.

After reporting the results, Amazon’s shares rose by close to 7%.

“We’re now seeing the transition we’ve been expecting,” said Jeff Bezos, founder and chief executive of Amazon.com.

“After five years, e-books is a multi-billion dollar category for us and growing fast – up approximately 70% last year.

“In contrast, our physical book sales experienced the lowest December growth rate in our 17 years as a book seller, up just 5%.

“We’re excited and very grateful to our customers for their response to Kindle and our ever-expanding ecosystem and selection.”

The Seattle based company also said operating income increased by 56% to £257 million in the fourth quarter.

A new solution is available to small businesses who want to take customers’ payments by credit or debit card- but do not want to be tied in to a monthly payment contract.Several companies are now offering SMEs the chance to take these payments using a dongle on their smartphone or iPad. The start-up costs are either zero or minimal, and there is no monthly fee, but the business pays a percentage of each transaction.

iZettle is one of a number firms offering the small card reader that plugs into iPhones, iPads and a number of Android smartphones or tablets.

The customer hands over their card to the stallholder – or plumber or window-cleaner – and it is swiped through the device. Mastercard and American Express card holders then sign for their purchase.

The merchant pays a commission of 2.75% per transaction, and the consumer gets to use their plastic rather than cash in new places.

Traders say the system is secure and customers can request a receipt- which is then sent to their own smart phone with the details of the transaction.

iZettle says 15,000 traders signed up with it in November. But several other firms are also fighting for their share of the market.

Sum Up offers a similar service. It launched five months ago, and as well as its UK operation it says it is expanding in nine other countries.

Payleven, based in London and Berlin, is another firm offering a service where Mastercard and American Express cards holders sign when making a purchase.

It says it will be launching the first chip and pin version of this payment for smartphones running Google’s Android software or Apple’s iOS in February.