Apple complains Amazon's US site is selling fake products

Apple has complained of a "flood" of counterfeit goods masquerading as its products being sold on Amazon.com.

The claim relates to items sold via Amazon's "fulfilment" scheme, whereby third parties list their goods on the retail giant's site, store their inventory in its warehouses and rely on it for deliveries.

Apple warns the alleged fakes are potentially life-threatening.

But it is suing one of the vendors rather than Amazon itself.

The defendant, New York-based Mobile Star LLC, could not be reached for comment and has yet to file its own legal paperwork.

"Mobile Star has been deceiving Apple customers and putting their safety at risk by selling counterfeit power adapters," an Apple spokesman told the BBC.

"They have ignored our repeated requests, so we are taking legal action to get them to stop."

Amazon says it takes such matters seriously.

"Amazon has zero tolerance for the sale of counterfeits on our site," a spokeswoman told the BBC.

"We work closely with manufacturers and brands and pursue wrongdoers aggressively."

Details of the case were first reported by Patently Apple.

Fire risk

Apple said it had bought "well over" 100 iPhone devices, own-brand power adapters and charging cables, and had found almost 90% of them were fakes.

"Unlike genuine Apple products, they are not subjected to industry-standard consumer safety testing and are poorly constructed with inferior or missing components, flawed design and inadequate electrical insulation," it said.

"These counterfeits have the potential to overheat, catch fire and deliver a deadly shock to consumers while in normal use."

Image copyrightAPPLE

Image captionApple's lawyers highlighted this review in which an Amazon shopper had complained of their charger catching fire

It added that customers might be fooled into believing the products were safe because Amazon was perceived to be one of the US's most trustworthy companies.

"Consumers, relying on Amazon.com's reputation, have no reason to suspect the power products they purchased... are anything but genuine."

One blogger who has previously highlighted what he calls "Amazon's fraudulent seller problem" suggested Apple should be more aggressive in its effort to tackle the issue.

"I can certainly see why Apple is suing Mobile Star," wrote John Gruber.

"But why not sue Amazon too?

"This is shameful. I've known for a while never to trust anything merely 'fulfilled by Amazon', but I'm actually surprised that even the 'Apple' branded chargers... are dangerous counterfeits as well."

'Smart' home devices used as weapons in website attack

Hackers used internet-connected home devices, such as CCTV cameras and printers, to attack popular websites on Friday, security analysts say.

Twitter, Spotify, and Reddit were among the sites taken offline on Friday.

Each uses a company called Dyn, which was the target of the attack, to direct users to its website.

Security analysts now believe the attack used the "internet of things" - web-connected home devices - to launch the assault.

Dyn is a DNS service - an internet "phone book" which directs users to the internet address where the website is stored. Such services are a crucial part of web infrastructure.

On Friday, it came under attack - a distributed denial of service (DDoS) - which relies on thousands of machines sending co-ordinated messages to overwhelm the service.

The "global event" involved "tens of millions" of internet addresses.

Jump media player

Media player help

Out of media player. Press enter to return or tab to continue.

Media captionEXPLAINED: What is a DDoS attack?

Security firm Flashpoint said it had confirmed that the attack used "botnets" infected with the "Mirai" malware.

Many of the devices involved come from Chinese manufacturers, with easy-to-guess usernames and passwords that cannot be changed by the user - a vulnerability which the malware exploits.

"Mirai scours the Web for IoT (Internet of Things) devices protected by little more than factory-default usernames and passwords," explained cybersecurity expert Brian Krebs, "and then enlists the devices in attacks that hurl junk traffic at an online target until it can no longer accommodate legitimate visitors or users."

The owner of the device would generally have no way of knowing that it had been compromised to use in an attack, he wrote.

Mr Krebs is intimately familiar with this type of incident, after his website was targeted by a similar assault in September, in one of the biggest web attacks ever seen.

• Have hackers turned my printer into an offensive weapon?
• Do smart devices mean dumb security?

---

Media affected by attack - Leo Kelion, technology desk editor

It has emerged that the BBC's website was also briefly caught up in Friday's attack. The BBC is not a customer of Dyn itself, but it does use third-party services that rely on the domain name system hosting facilities provided by Dyn.

I understand that these include Amazon Web Services - the retail giant's cloud computing division - and Fastly - a San Francisco-based firm that helps optimise page download times.

Both companies have acknowledged being disrupted by the DDoS assault. Only some BBC users, in certain locations, would have experienced problems and they did not last long.

But there are reports that other leading media providers also experienced similar disruption.

It serves as a reminder that despite the internet being a hugely robust communications system, there are still some pinch points that mean a targeted attack can cause widespread damage.

---

The incidents mark a change in tactics for online attackers.

DDoS attacks are typically aimed at a single website. Friday's attack on Dyn, which acts as a directory service for huge numbers of firms, affected several of the world's most popular websites at once.

The use of internet-connected home devices to send the attacking messages is also a relatively new phenomenon, but may become more common.

The Mirai software used in these attacks was released publicly in September - which means anyone with the skill could build their own attacking botnet.

Image copyrightTHINKSTOCK

Image captionAny number of home devices could be used in such attacks - so long as they're connected to the internet

On social media, many researchers and analysts expressed frustration with the security gap being exploited by attackers.

"Today we answered the question 'what would happen if we connected a vast number of cheap, crummy embedded devices to broadband networks?'" wrote Matthew Green, an assistant professor at the Johns Hopkins Information Security Institute.

Jeff Jarmoc, head of security for global business service Salesforce, pointed out that internet infrastructure is supposed to be more robust.

"In a relatively short time we've taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters," he tweeted

Dyn is a DNS service - an internet "phone book" which directs users to the internet address where the website is stored. Such services are a crucial part of web infrastructure.

On Friday, it came under attack - a distributed denial of service (DDoS) - which relies on thousands of machines sending co-ordinated messages to overwhelm the service.

The "global event" involved "tens of millions" of internet addresses.

Jump media player

Media player help

Out of media player. Press enter to return or tab to continue.

Media captionEXPLAINED: What is a DDoS attack?

Security firm Flashpoint said it had confirmed that the attack used "botnets" infected with the "Mirai" malware.

Many of the devices involved come from Chinese manufacturers, with easy-to-guess usernames and passwords that cannot be changed by the user - a vulnerability which the malware exploits.

"Mirai scours the Web for IoT (Internet of Things) devices protected by little more than factory-default usernames and passwords," explained cybersecurity expert Brian Krebs, "and then enlists the devices in attacks that hurl junk traffic at an online target until it can no longer accommodate legitimate visitors or users."

The owner of the device would generally have no way of knowing that it had been compromised to use in an attack, he wrote.

Mr Krebs is intimately familiar with this type of incident, after his website was targeted by a similar assault in September, in one of the biggest web attacks ever seen.

• Have hackers turned my printer into an offensive weapon?
• Do smart devices mean dumb security?

---

Media affected by attack - Leo Kelion, technology desk editor

It has emerged that the BBC's website was also briefly caught up in Friday's attack. The BBC is not a customer of Dyn itself, but it does use third-party services that rely on the domain name system hosting facilities provided by Dyn.

I understand that these include Amazon Web Services - the retail giant's cloud computing division - and Fastly - a San Francisco-based firm that helps optimise page download times.

Both companies have acknowledged being disrupted by the DDoS assault. Only some BBC users, in certain locations, would have experienced problems and they did not last long.

But there are reports that other leading media providers also experienced similar disruption.

It serves as a reminder that despite the internet being a hugely robust communications system, there are still some pinch points that mean a targeted attack can cause widespread damage.

---

The incidents mark a change in tactics for online attackers.

DDoS attacks are typically aimed at a single website. Friday's attack on Dyn, which acts as a directory service for huge numbers of firms, affected several of the world's most popular websites at once.

The use of internet-connected home devices to send the attacking messages is also a relatively new phenomenon, but may become more common.

The Mirai software used in these attacks was released publicly in September - which means anyone with the skill could build their own attacking botnet.

Image copyrightTHINKSTOCK

Image captionAny number of home devices could be used in such attacks - so long as they're connected to the internet

On social media, many researchers and analysts expressed frustration with the security gap being exploited by attackers.

"Today we answered the question 'what would happen if we connected a vast number of cheap, crummy embedded devices to broadband networks?'" wrote Matthew Green, an assistant professor at the Johns Hopkins Information Security Institute.

Jeff Jarmoc, head of security for global business service Salesforce, pointed out that internet infrastructure is supposed to be more robust.

"In a relatively short time we've taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters," he tweeted

Who Shut Down the Internet Friday?

 


Cyber experts and intelligence officials told NBC News it was too early to determine who was responsible for the cyber attacks that caused massive internet outages across the U.S. Friday, with some saying their analysis pointed to Russia and others saying it could just be "internet vandalism."

The three "denial of service," or DDoS, attacks, hit at about 7 a.m. , noon and 4 p.m. Eastern Time, knocking out such websites as Vox, Twitter, Spotify, Amazon, PayPal and Reddit.

The attacks used the "internet of things," meaning "smart" household appliances like DVRs, routers, printers and cameras that are linked to the web, to create "botnets" that overloaded websites by sending them more than 150,000 requests for information per second.

Officials said the attacks were largely aimed at internet infrastructure linked to one company rather than specific websites. Nearly all of those attacked were clients of Dyn, a firm that provides domain name system services and other internet infrastructure services. However, according to one official, there was also targeting of some individual websites.

"We have begun monitoring and mitigating a DDoS attack against our Dyn Managed (Domain Name System) infrastructure," Dyn said on its website at 11:52 a.m. ET. "Our engineers are continuing to work on mitigating this issue."

A senior intelligence official told NBC News that the current government assessment is that the attacks were a "classic case of internet vandalism," and did not appear to be state-sponsored or directed.

But two other senior intelligence officials told NBC News that while forensics on the attacks are far from complete, initial analysis points to the attacks being "Russian in origin" -- based on the methods and magnitude.

The Russian intelligence agency known as FSB enlisted Russian cybercriminals in 2008 to mount a similar cyberattack on the Republic of Georgia. Eight years later, there are far more devices hooked up to the internet, and available to be used in bot-nets for DDoS attacks.

"This is the Georgia attack on steroids," said an intelligence official. South Korea, India, Spain, Brazil and the U.K. also experienced major outages Friday.

Is It Really Russians?

Shawn Henry, chief security officer of the cybersecurity firm Crowdstrike, expressed caution about blaming Russians. He said many possible explanations were circulating around the internet Friday. He didn't rule out Russian involvement, but said it was "very, very early" to determine responsibility.

Henry said what was most ominous about the attacks is that they reveal that the U.S. is seriously vulnerable to cyber attack: "This demonstrates the fragility of the network and infrastructure."

Several internet experts told NBC News that they didn't see any Russian fingerprints.

Andrew Komarov of InfoArmor told NBC News he didn't see any sign of Russian involvement at all, whether state or private. He noted that the botnet used in the attack, "Mirai," was developed by an English speaker and that he had found no link between "Mirai" and the Russians, who have their own much more sophisticated methods.

He said the attacks seemed more consistent with the methods used by the hacking group known as Lizard Squad, two of whose members, both teens, were arrested earlier this month in the U.S. and the Netherlands and charged in connection with DDoS attacks.

Said Komarov, "We have some context, that because of similar victims, using Dyn, and also tactics, tools and procedures by threat actors, it may be a revenge for the past arrests of DDoS'ers in the underground, happened several weeks ago."

Dmitri Alperovitch of Crowdstrike also expressed doubt about a link to the Russian government, and speculated the attacks might have to do with a recent interview that cybersecurity expert Brian Krebs did with Dyn mentioning Russian organized crime. Alperovitch said use of a botnet bears the hallmark of a criminal rather than state attack, and the target may simply have been Dyn, not the U.S.

Flashpoint, a private cybersecurity and intelligence firm, noted that the Krebs site was attacked in September by a Mirai botnet, and the Krebs site was among those attacked Friday. The hacker who attacked Krebs in September released the source code on the web earlier this month, and hackers have copied the code to create their own botnets.

Flashpoint said it had concluded that the Friday attacks were not mounted by hacktivists, a political group or a state actor.

A senior federal law enforcement official confirmed that the attacks used a botnet exploiting the internet of things, and that the FBI is investigating. The official said federal law enforcement had not yet made a determination about who launched the attack and why.

Triumph Launches Bonneville T100 At ₹ 7.78 Lakh

The new Triumph Bonneville T100 finally made its debut in India. It is priced at ₹ 7.78 lakh (ex-showroom, Delhi). It will replace the existing T100 and borrows the engine from the Triumph Street Twin. 

The new Bonneville T100 was unveiled recently at the INTERMOT motorcycle showand comes equipped with technology like electronic ride-by-wire throttle, traction control, torque-assist clutch and standard ABS. The last generation T100 didn't have rider aids like ride-by-wire, traction control or even ABS. The chassis and suspension setup is new too, which promises to give a good ride quality and be comfortable even in daily use. The Bonneville T100 is shod with Pirelli Phantom Sportscomp tyres, which have been specially designed for the Bonneville family.

The 900cc parallel-twin engine that makes 54bhp power at 5,900rpm and peak torque of 80Nm at 3,230rpm, the Bonneville T100 borrows its looks from its elder sibling, the Bonneville T120. It maintains the retro theme with twin-pod instrument console and classic styling cues inspired by the original 1950s Triumph Bonneville.

Vimal Sumbly, managing director, Triumph Motorcycles India Pvt. Ltd. commented, "India is a large and growing market for classic motorcycles. With our range of new, exciting and accessible modern classics like the all new Triumph Bonneville T100, we would further strengthen our market position in the above 500cc, plus 5 lakh segment in India."  he also added that the

The new Triumph Bonneville T100 is available in three colours; Aegean Blue & Fusion White, Intense Orange & New England White and Jet Black. Triumph will offer 150 official accessories to customise the motorcycle to individual owner's requirements. Accessories include Vance & Hines slip-on silencers, leather seats, chrome clutch and alternator embellishers, and compact LED indicators.

(Triumph Bonneville T100 details)

 The last generation Bonneville was the largest selling Triumph in India, and although Triumph launched the Street Twin as the entry-level Bonnie earlier this year, there was no 'classic' Bonneville in the entry-level segment.

Last fiscal, Triumph India sold over 3,000 motorcycles, taking second place in sales behind Harley-Davidson in the superbike market. In 2017, Triumph expects to see a growth of 25 per cent, and the new Bonneville T100 is expected to be one of the sales drivers for Triumph India.

Must Read: Who is Planning to Finish Modi and How???

Ever since India attacked Pakistan through surgical strikes and isolated them globally by exposing their terror affiliations, Pakistan is desperately trying its best to get back at India hook or crook.

In a secret file which was accessed by NewsX recently, the Pakistan has formed a team with 13 senators who are planning to attack India not by external force but by internal forces! The secret file has been termed as  “TARGET MODI, BREAK INDIA”.

The Pakistan has constituted two think tank groups for this purpose, one of the senators Abdul Qayyam has confessed that they were directed to highlight the RSS ideology and create fear in the minds of minorities. They are instructed to spread hatred against RSS and Hindus, spread rumors about attack on minorities and project Modi government is supporting the fringe forces.The secret file outlines the plan to attack Modi and India by uniting the Anti-India forces and Anti- Modi forces within country. The plan directs to bring together minorities like Muslims, Christians and spread communal hatred against RSS. The main aim is to rack up dalit issues, create riots on basis of caste and religion. According to reports many LeT and JeM terrorists are planning to finish Modi either politically or literally! Pakistan is heavily funding many organizations in India to support their mission.

 Follow

NewsX 

✔@NewsX

'Secret' Pak note accessed — 'Target Modi, break India'

10:11 PM - 10 Oct 2016

 
•  155155 Retweets
 
•  6060 likes

The note describes 6 point agenda:

• Target Modi and his RSS Ideology of Hindutva
• Attack Alienated Muslims, Christians and highlight Maoists insurgency
• Gather those sections of the public who are against Modi and oppose Anti-Pakistan policies.
• Unite Secular political parties, NGOs, Media, Civil Society members and Human Rights Activists to speak against India and Modi government.
• Approach nuclear neighbors and spread the Anti India venom.

This note is a clear indication as to why many political parties have already started to speak against the army and demanding proof. If political parties are playing in the hands of the Pakistan just to win votes, there would be no bigger disgrace to the country. All those people who are demanding to hold dialogue with Pakistan seems to belong to the same gang of Anti India brigade.

Since 2014 its well known how NGOs, media and so called human rights activists ignited the fake intolerance episode to malign the Modi government, but the same people remained silent when Anti India Slogans were raised in JNU. The media glorified terrorist Burhan Wani and called him innocent. Doesn’t this prove who these people are working for?!

Pakistan which is unable to fight direct battle with India is indulging in such shameless activities which are being supported by the people from our own country. The terror country very well knows Modi will show no more soft stand on Pakistan!

The Intelligence Bureau have also received inputs of Ajit Doval facing severe threats after Surgical strikes. We need to realize the internal enemy in more dangerous than outside enemy and until we curb the traitors who are speaking for Pakistan, India continues to face severe threat both internally and externally!