LightSquared Files For Bankruptcy

(Reuters) - LightSquared, the wireless startup backed by hedge fund manager Philip Falcone, on Monday filed for Chapter 11 protection.

The company and many affiliates filed for protection from creditors with the U.S. bankruptcy court in Manhattan. It has more than $1 billion of both assets and liabilities, according to the bankruptcy petition. The filing was expected.

LightSquared's future had been thrown into doubt in February when the U.S. Federal Communications Commission said it would revoke permission to build out a new high-speed wireless network.

The FCC made the decision because the planned network threatened to interfere with global positioning systems used by the military and various industries.

(Reporting by Svea Herbst-Bayliss; Additional reporting by Jonathan Stempel in New York; Editing by Gerald E. McCormick)

Read more »

New Amazon Kindle Details Reportedly Leak

son)

By Nivedita Bhattacharjee

(Reuters) - Amazon.com Inc will launch new versions of its Kindle e-reader and tablet, including a monochrome e-reader with front lighting, a source who has seen the prototype told Reuters.

The world's largest Internet retailer is aiming to have the new e-reader in stores in July, said the source, who has direct knowledge of the matter but asked not to be named because Amazon has not yet made the decision public.

Amazon has been ramping up production of the new Kindle, which will run on E Ink's display, the source said.

Amazon's Kindle e-reader has been popular, but readers have had to buy an external light to attach to the device to read in the dark. The front light eliminates that problem.

"I do see demand for a front-lit Kindle," said Jennifer Colegrove, Vice President of Emerging Display Technologies at DisplaySearch, an NPD Group company, which monitors trends in the display sector.

There is a trade-off, she said: "Front-lit will consume battery power and (it'll) run out ... quicker."

Amazon also plans to launch a new tablet closer to the holiday season later this year, the source said. The new Kindle Fire is expected to have a bigger diagonal display of 8.9 inches, bringing it closer in size to Apple Inc's iPad. The company did not respond to calls or emails seeking comment.

"We don't comment on our customers' launch plans," said Sri Peruvemba, Chief Marketing Officer for E Ink Holdings, the supplier of Kindle's ePaper technology.

"E Ink is an innovator and for the past 10 years, we have consistently delivered new products, major enhancements to existing products, and unique designs, so it is not surprising that there is constant speculation about what we will do next," said Peruvemba.

While Barnes & Noble was the first to market with a glowing e-reader, there has been speculation about Amazon being a close second.

Amazon will launch the new Kindle e-reader in the touch 3G and touch wi-fi versions, the source said.

"They can afford to add a front light because the component is not very expensive and their display otherwise uses very little energy," said Colegrove.

An increase of about $10 above the current prices should be "quite reasonable," she said.

The source said Amazon was likely to keep prices the same, or raise them by a very small margin, if at all.

Some blogs had speculated on the possibility of a color-equipped e-reader, but the source said that there was very little chance of Amazon launching one this year. Though Amazon has held can talks with E Ink, the companies haven't reached any concrete decisions yet, he said.

Vinita Jakhanwal, an analyst at IHS iSuppli, which tracks electronic component supply chains, said when she looked at the color e-paper product in a trade show in October, that it needed "a lot of technological improvements" to be used in a products in large volumes.

"I doubt if the color Kindle is ready for a launch," she said.

(Nivedita Bhattacharjee in Chicago, additional reporting by Alistair Barr in San Francisco; editing by Gunna Dickson)

Read more »

Facebook IPO Price Range Raised, New Regulatory Filing Reveals

NEW YORK (AP) — Facebook on Tuesday increased the price range at which it plans to sell stock to the public, as investor enthusiasm in the offering continued to mount and boost the potential value of the world's most popular social network.

The Menlo Park, Calif. company said in a regulatory filing that it now expects to sell its stock for between $34 and $38 per share, up from its previous range of $28 to $35. At the upper limit of $38 per share, the sale would raise about $12.8 billion.

The IPO is expected to be completed late Thursday and begin trading on the Nasdaq Stock Market on Friday under the ticker symbol "FB."

The increased range is a sign of high demand from investors to own a piece of the world's most popular social network. The initial public offering is the most hotly anticipated in years and would value Facebook at more than $100 billion.

Facebook is selling 180 million of its shares in the IPO. Another 157 million shares are coming from existing stockholders, including the company's earliest investors and CEO Mark Zuckerberg.

Even after the IPO, Zuckerberg will remain Facebook's single largest shareholder. And he will control the company through 57 percent of its voting stock.

The IPO is expected to be the largest ever for an Internet company. It is expected to raise more than 10 times as much as the $1.67 billion raised in Google Inc.'s 2004 IPO.

At a value of $38 per share, the high end of Facebook's expected range, Facebook would generate $6.84 billion on its shares. Existing stockholders would collectively make $5.98 billion.

Facebook has more than 900 million users who log in at least once a month.

Even at the higher price range, it's going to be tough for the company's fans and everyday investors to get in on the IPO. Most of the shares are expected to go to people with connections to the company or large, active accounts with one of the big banks or brokerage firms directly involved in the stock sale.

Morgan Stanley leads the team of 33 underwriters selected for the Facebook offering, followed by JPMorgan Chase and Goldman Sachs.

The inclusion of online broker E-Trade Financial Corp. as an underwriter was seen as a glimmer of hope that Facebook might make more shares available than usual for retail investors through discount brokerages. But chances of getting any are very slim regardless.

Analysts say there's so much interest in Facebook's stock that some underwriters are closing their books as early as Tuesday. This means they won't be taking any more orders from potential buyers.

In its Tuesday filing, Facebook also adjusted the timetable for finishing its $1 billion acquisition of Instagram, saying it expects the deal to close sometime in 2012. Previously, it had said it expected to complete the deal in the second quarter.

Some have speculated that the acquisition of the photo-sharing network would come under regulatory scrutiny. If the deal doesn't close by Dec. 10, Facebook could have to pay Instagram a breakup fee of $200 million.

Read more »

Popular Surveillance Cameras Open to Hackers, Researcher Says

In a world where security cameras are nearly as ubiquitous as light fixtures, someone is always watching you.

But the watcher might not always be who you think it is.

Three of the most popular brands of closed-circuit surveillance cameras are sold with remote internet access enabled by default, and with weak password security — a classic recipe for security failure that could allow hackers to remotely tap into the video feeds, according to new research.

The cameras, used by banks, retailers, hotels, hospitals and corporations, are often configured insecurely — thanks to these manufacturer default settings, according to researcher Justin Cacak, senior security engineer at Gotham Digital Science. As a result, he says, attackers can seize control of the systems to view live footage, archived footage or control the direction and zoom of cameras that are adjustable.

“You can essentially view these devices from anywhere in the world,” Cacak said, noting that he and his security team were able to remotely view footage showing security guards making rounds in facilities, “exceptionally interesting and explicit footage” from cameras placed in public elevators, as well as footage captured by one high-powered camera installed at a college campus, which had the ability to zoom directly into the windows of college dorm rooms.

Cacak and his team were able to view footage as part of penetration tests they conducted for clients to uncover security vulnerabilities in their networks. The team found more than 1,000 closed-circuit TV cameras that were exposed to the internet and thus susceptible to remote compromise, due to inherent vulnerabilities in the systems and to the tendency of the companies to configure them insecurely.

The inherent vulnerabilities, he said, can be found in at least three of the top makers of standalone CCTV systems that he and his researchers examined — MicroDigital, HIVISION, CTRing — as well as a substantial number of other companies that sell rebranded versions of the systems.

CCTV video surveillance systems are deployed at entrances and exits to facilities as well as in areas considered to be sensitive, such as bank vaults, server rooms, research and development labs and areas where expensive equipment is located. Typically, the cameras are easily spotted on ceilings and walls, but they can also be hidden to monitor employees and others without their knowledge.

Obtaining unauthorized access to such systems could allow thieves to case a facility before breaking into it, turn cameras away from areas they don’t want monitored or zoom in on sensitive papers or prototype products at a workstation. The cameras could also be used to spy on hospitals, restaurants and other facilities to identify celebrities and others who enter.

Remote access capability is a convenient feature in many of CCTV systems because it allows security personnel to view video feed and control cameras via the internet with laptops or mobile phones. But it also makes the systems vulnerable to outside hackers, particularly if they’re not set up securely. If the feature is enabled by default upon purchase, customers may not know this is the case or understand that they should take special steps to secure the systems as a result.

“All the ones we found have remote access enabled by default,” Cacak says. “Not all the customers may be aware [of this]…. Because most people view these [video feeds] via console screens, they may not be aware that they can be remotely accessed.”

Compounding the problem is the fact that the systems come deployed with default easy-to-guess passwords that are seldom changed by customers. They also don’t lock-out a user after a certain number of incorrect password guesses. This means that even if a customer changes the password, an attacker can crack it through a bruteforce attack.

Many of the default passwords Cacak and his team found on CCTV systems were “1234″ or “1111.” In most cases the username was “admin” or “user.”

“We find about 70 percent of the systems have not had the default passwords changed,” Cacak said.

Because many customers who use the systems don’t restrict access to computers from trusted networks, nor do they log who is accessing them, Cacak said owners often cannot tell if a remote attacker is in their system viewing video footage from outside the network.

To help companies determine if their CCTV systems are vulnerable, Cacak’s team worked with Rapid7 to produce a module for its Metasploit software targeting CCTV systems made by MicroDigital, HIVISION and CTRing or sold by other companies under a different name. Metasploit is a testing tool used by administrators and security professionals to determine if their systems are vulnerable to attack, but it’s also used by hackers to find and exploit vulnerable systems.

The module can determine if a specific user account, such as “admin,” exists on a targeted CCTV system, and it can also conduct automatic log-in attempts using known default passwords, brute force a password crack on systems using unknown passwords, access live as well as recorded CCTV footage, and redirect cameras that are adjustable. HD Moore, chief security officer at Rapid7, said they’re working on a scanner module that will help locate CCTV systems that are connected to the internet.

Earlier this year, Moore and another researcher from Rapid7 found similar vulnerabilities in video-conferencing systems. The researchers found they were able to remotely infiltrate conference rooms in some of the top venture capital and law firms across the country, as well as pharmaceutical and oil companies and even the boardroom of Goldman Sachs — all by simply calling in to unsecured videoconferencing systems that they found by doing a scan of the internet.

They were able to listen in on meetings, remotely steer a camera around rooms, as well as zoom in on items in a room to read proprietary information on documents.

Cacak said that customers using CCTV systems should disable remote access if they don’t need it. If they do need it, they should change the default password on the systems to one that is not easily cracked and add filtering to prevent any traffic from non-trusted computers from accessing the systems.

Read more »