Jul 202014
 

 

Veteran Pickpocket Explains How ATM Skimmers Are Ruining His Craft

 

GIZMODO
by Adam Clark Estes
July 20, 2014

 

 

ATM Hacking & ATM Skimmers

ATM Hacking & ATM Skimmers

 

There’s no better example of a petty criminal than the pickpocket, a fast-moving talent who lifts wallets as if he were picking up pennies off the sidewalk. But a profile of a veteran pickpocket in the New York Times this weekend shows that technology is destroying the art. Credit cards are just more lucrative.

It’s not a surprising revelation, but it’s oddly sad to hear Wilfred Rose, said veteran thief, bemoan the shift. “We’re disappearing,” he told the paper from prison. “In a few years, there won’t be any of us left.” Evidently Rose is just one of 50 pickpockets—”the Nifty Fifty”—that the NYPD still watches out for. ATM skimmers, the Times says, are taking over.

Who wouldn’t blame them? Besides the fact that hackers can make off with millions in a matter of hours by taking the high tech route to stealing cash, ATM skimmers can live in machines for months without detection. And even if they do get discovered, it’s almost impossible to link them back to a thief. Pickpockets were never so lucky. [NYT]

Direct Link:  http://gizmodo.com/veteran-pickpocket-explains-how-atm-skimmers-are-ruinin-1607948716

Jul 202014
 

Hackers Have Figured Out How to Steal Millions from ATMs

 

GIZMODO
by Adam Clark Estes
April 3, 2014

 

 

A woman withdraws money from an ATM in the Cypriot capital of Nicosia, on March 16, 2013. Eurozone finance ministers agreed on a bailout for Cyprus, the fifth international rescue package in three years of the debt crisis. AFP PHOTO/BARBARA LABORDE        (Photo credit should read BARBARA LABORDE/AFP/Getty Images)

A woman withdraws money from an ATM in the Cypriot capital of Nicosia, on March 16, 2013. Eurozone finance ministers agreed on a bailout for Cyprus, the fifth international rescue package in three years of the debt crisis. AFP PHOTO/BARBARA LABORDE (Photo credit should read BARBARA LABORDE/AFP/Getty Images)

 

Federal regulators just alerted banks across the country of a very dangerous new skill ATM hackers have picked up. They can trick ATMs into spitting out unlimited amounts of cash, regardless of the customer’s balance. Not only that, but also schedule the illicit withdrawals for holidays and weekends, when the ATMs are extra flush.

We’ve heard of crazy ATM hackers before, but this really takes the cake. It’s a triple threat, really. The ability to skirt around daily ATM withdrawal limits is bad enough, since the hackers isn’t limited to $500 or whatever the limit is on any single account. But the fact that the hackers can now extract more than what’s in a customers account combined with the scheduling method means that any given ATM theft could now be an all out heist. That’s why the Secret Service is calling this strategy Unlimited Operations.

Heists are exactly what’s happening, too. “A recent Unlimited Operations attack netted over $40 million in fraud using only 12 debit card accounts,” said the Federal Financial Institutions Examination Council in its alert to banks. The regulators believe that the hackers have actually been targeting bank employees with phishing scams in order to get their malware installed on the banks’ computer systems. The Los Angeles Times explains how it’s done:

Criminals use the malware to obtain employee login credentials and to determine how the institution accesses ATM control panels, often based online, that allow changes to be made in the amount of money customers may withdraw, geographic usage limits and how fraud reports are generated.

After hacking the control panel, criminals withdraw funds by using fraudulent cards they create with account information and personal identification numbers stolen through separate attacks, the regulators said. The PINs may be stolen by malicious software or scanning programs at merchant sales terminals or ATMs, or by hacking into computers.

It also doesn’t help that the recent Target breach put millions upon millions of card numbers out in the open, giving hackers even more fraudulent cards to work with.

For those that’ve been hit by one of these attacks, federal insurance will kick in, but it’s a huge pain in the ass for everyone. So in a twisted sort of way, these ATM hackers are inevitably taking your tax dollars. That mobile payments revolution everyone keeps talking about can’t come soon enough, can it? [LAT]

** RELATED ARTICLE: 

Hackers Can Force ATMs to Spit Out Money With a Text Message

 

Direct Link:  http://gizmodo.com/atm-hackers-have-figured-out-how-to-withdraw-unlimited-1557714644

Jul 202014
 

Search engine turns the tables on hackers by exposing their info

 

ENGADGET
by Jon Fingas
July 20, 2014

 

 

Search engine turns the tables on hackers by exposing their info [Image credit: Patrick Lux via Getty Images]

Search engine turns the tables on hackers by exposing their info [Image credit: Patrick Lux via Getty Images]

 

Want to see a textbook definition of irony? Look no further than Indexeus, a search engine that primarily exposes the info of malicious hackers caught up in the very sort of data breaches that they inflict on others. As it was originally structured, people had to “donate” $1 for every record they wanted to purge from the engine’s index; in other words, they had to pay to avoid the wrath of their fellow thieves. This was ostensibly to create “awareness” of susceptibility to attacks, but critics have complained that it amounts to extortion.

You no longer have to pay, however. Indexeus founder Jason Relinquo tells security guru Brian Krebs that blacklisting is now free due to the EU’s “right to be forgotten;” he can’t charge for a service that’s supposed to be gratis. That purported desire to obey the law is rather odd when the indexed content is illegal by nature. Look at it this way, though — if any targeted hackers are having second thoughts about their paths in life, this may be the excuse they need to make a clean break.

 

Direct Link:  http://www.engadget.com/2014/07/20/indexeus/

 

 

Jun 022014
 

N.S.A. Collecting Millions of Faces From Web Images

The New York Times
by
May 31, 2014

 

 

N.S.A. Collecting Millions of Faces From Web Images

N.S.A. Collecting Millions of Faces From Web Images

 

 

The National Security Agency is harvesting huge numbers of images of people from communications that it intercepts through its global surveillance operations for use in sophisticated facial recognition programs, according to top-secret documents.

The spy agency’s reliance on facial recognition technology has grown significantly over the last four years as the agency has turned to new software to exploit the flood of images included in emails, text messages, social media, videoconferences and other communications, the N.S.A. documents reveal. Agency officials believe that technological advances could revolutionize the way that the N.S.A. finds intelligence targets around the world, the documents show. The agency’s ambitions for this highly sensitive ability and the scale of its effort have not previously been disclosed.

The agency intercepts “millions of images per day” — including about 55,000 “facial recognition quality images” — which translate into “tremendous untapped potential,” according to 2011 documents obtained from the former agency contractor Edward J. Snowden. While once focused on written and oral communications, the N.S.A. now considers facial images, fingerprints and other identifiers just as important to its mission of tracking suspected terrorists and other intelligence targets, the documents show.

 

 Umar Farouk Abdulmutallab, left, who tried to bomb an airplane, and Faisal Shahzad, who tried to set off a car bomb in Times Square. The attempts prompted more image gathering. Credit Reuters; U.S. Marshals Service, via Associated Press

Umar Farouk Abdulmutallab, left, who tried to bomb an airplane, and Faisal Shahzad, who tried to set off a car bomb in Times Square. The attempts prompted more image gathering. Credit Reuters; U.S. Marshals Service, via Associated Press

 

“It’s not just the traditional communications we’re after: It’s taking a full-arsenal approach that digitally exploits the clues a target leaves behind in their regular activities on the net to compile biographic and biometric information” that can help “implement precision targeting,” noted a 2010 document.

One N.S.A. PowerPoint presentation from 2011, for example, displays several photographs of an unidentified man — sometimes bearded, other times clean-shaven — in different settings, along with more than two dozen data points about him. These include whether he was on the Transportation Security Administration no-fly list, his passport and visa status, known associates or suspected terrorist ties, and comments made about him by informants to American intelligence agencies.

It is not clear how many people around the world, and how many Americans, might have been caught up in the effort. Neither federal privacy laws nor the nation’s surveillance laws provide specific protections for facial images. Given the N.S.A.’s foreign intelligence mission, much of the imagery would involve people overseas whose data was scooped up through cable taps, Internet hubs and satellite transmissions.

Because the agency considers images a form of communications content, the N.S.A. would be required to get court approval for imagery of Americans collected through its surveillance programs, just as it must to read their emails or eavesdrop on their phone conversations, according to an N.S.A. spokeswoman. Cross-border communications in which an American might be emailing or texting an image to someone targeted by the agency overseas could be excepted.

Civil-liberties advocates and other critics are concerned that the power of the improving technology, used by government and industry, could erode privacy. “Facial recognition can be very invasive,” said Alessandro Acquisti, a researcher on facial recognition technology at Carnegie Mellon University. “There are still technical limitations on it, but the computational power keeps growing, and the databases keep growing, and the algorithms keep improving.”

State and local law enforcement agencies are relying on a wide range of databases of facial imagery, including driver’s licenses and Facebook, to identify suspects. The F.B.I. is developing what it calls its “next generation identification” project to combine its automated fingerprint identification system with facial imagery and other biometric data.

The State Department has what several outside experts say could be the largest facial imagery database in the federal government, storing hundreds of millions of photographs of American passport holders and foreign visa applicants. And the Department of Homeland Security is funding pilot projects at police departments around the country to match suspects against faces in a crowd.

The N.S.A., though, is unique in its ability to match images with huge troves of private communications.

“We would not be doing our job if we didn’t seek ways to continuously improve the precision of signals intelligence activities — aiming to counteract the efforts of valid foreign intelligence targets to disguise themselves or conceal plans to harm the United States and its allies,” said Vanee M. Vines, the agency spokeswoman.

She added that the N.S.A. did not have access to photographs in state databases of driver’s licenses or to passport photos of Americans, while declining to say whether the agency had access to the State Department database of photos of foreign visa applicants. She also declined to say whether the N.S.A. collected facial imagery of Americans from Facebook and other social media through means other than communications intercepts.

“The government and the private sector are both investing billions of dollars into face recognition” research and development, said Jennifer Lynch, a lawyer and expert on facial recognition and privacy at the Electronic Frontier Foundation in San Francisco. “The government leads the way in developing huge face recognition databases, while the private sector leads in accurately identifying people under challenging conditions.”

Ms. Lynch said a handful of recent court decisions could lead to new constitutional protections for the privacy of sensitive face recognition data. But she added that the law was still unclear and that Washington was operating largely in a legal vacuum.

Laura Donohue, the director of the Center on National Security and the Law at Georgetown Law School, agreed. “There are very few limits on this,” she said.

Document

Identity Intelligence: Image Is Everything

An excerpt of a document obtained by Edward J. Snowden, a former contractor with the National Security Agency, referring to the agency’s use of images in intelligence gathering.

 

OPEN Document

Congress has largely ignored the issue. “Unfortunately, our privacy laws provide no express protections for facial recognition data,” said Senator Al Franken, Democrat of Minnesota, in a letter in December to the head of the National Telecommunications and Information Administration, which is now studying possible standards for commercial, but not governmental, use.

Facial recognition technology can still be a clumsy tool. It has difficulty matching low-resolution images, and photographs of people’s faces taken from the side or angles can be impossible to match against mug shots or other head-on photographs.

Dalila B. Megherbi, an expert on facial recognition technology at the University of Massachusetts at Lowell, explained that “when pictures come in different angles, different resolutions, that all affects the facial recognition algorithms in the software.”

That can lead to errors, the documents show. A 2011 PowerPoint showed one example when Tundra Freeze, the N.S.A.’s main in-house facial recognition program, was asked to identify photos matching the image of a bearded young man with dark hair. The document says the program returned 42 results, and displays several that were obviously false hits, including one of a middle-age man.

But the technology is powerful. One 2011 PowerPoint showed how the software matched a bald young man, shown posing with another man in front of a water park, with another photo where he has a full head of hair, wears different clothes and is at a different location.

It is not clear how many images the agency has acquired. The N.S.A. does not collect facial imagery through its bulk metadata collection programs, including that involving Americans’ domestic phone records, authorized under Section 215 of the Patriot Act, according to Ms. Vines.

The N.S.A. has accelerated its use of facial recognition technology under the Obama administration, the documents show, intensifying its efforts after two intended attacks on Americans that jarred the White House. The first was the case of the so-called underwear bomber, in which Umar Farouk Abdulmutallab, a Nigerian, tried to trigger a bomb hidden in his underwear while flying to Detroit on Christmas in 2009. Just a few months later, in May 2010, Faisal Shahzad, a Pakistani-American, attempted a car bombing in Times Square.

The agency’s use of facial recognition technology goes far beyond one program previously reported by The Guardian, which disclosed that the N.S.A. and its British counterpart, General Communications Headquarters, have jointly intercepted webcam images, including sexually explicit material, from Yahoo users.

The N.S.A. achieved a technical breakthrough in 2010 when analysts first matched images collected separately in two databases — one in a huge N.S.A. database code-named Pinwale, and another in the government’s main terrorist watch list database, known as Tide — according to N.S.A. documents. That ability to cross-reference images has led to an explosion of analytical uses inside the agency. The agency has created teams of “identity intelligence” analysts who work to combine the facial images with other records about individuals to develop comprehensive portraits of intelligence targets.

The agency has developed sophisticated ways to integrate facial recognition programs with a wide range of other databases. It intercepts video teleconferences to obtain facial imagery, gathers airline passenger data and collects photographs from national identity card databases created by foreign countries, the documents show. They also note that the N.S.A. was attempting to gain access to such databases in Pakistan, Saudi Arabia and Iran.

The documents suggest that the agency has considered getting access to iris scans through its phone and email surveillance programs. But asked whether the agency is now doing so, officials declined to comment. The documents also indicate that the N.S.A. collects iris scans of foreigners through other means.

In addition, the agency was working with the C.I.A. and the State Department on a program called Pisces, collecting biometric data on border crossings from a wide range of countries.

One of the N.S.A.’s broadest efforts to obtain facial images is a program called Wellspring, which strips out images from emails and other communications, and displays those that might contain passport images. In addition to in-house programs, the N.S.A. relies in part on commercially available facial recognition technology, including from PittPatt, a small company owned by Google, the documents show.

The N.S.A. can now compare spy satellite photographs with intercepted personal photographs taken outdoors to determine the location. One document shows what appear to be vacation photographs of several men standing near a small waterfront dock in 2011. It matches their surroundings to a spy satellite image of the same dock taken about the same time, located at what the document describes as a militant training facility in Pakistan.

Direct Link:  http://www.nytimes.com/2014/06/01/us/nsa-collecting-millions-of-faces-from-web-images.html?hpw&rref=us&_r=0

Jun 022014
 

Apple takes on Snapchat with a text self-destruct button: Latest software destroys messages

  • Apple unveiled the latest software at its developer conference in California
  • This includes the ‘flatter’ Mac OS software called Yosemite, as well as iOS 8
  • Yosemite lets users search Wikipedia and the web from the home screen
  • It also comes with a new online storage service called iCloud Drive
  • iOS 8 features interactive notifications and a new QuickType keyboard
  • It has added a Snapchat-style self-destruct button for video messages
  • Apple’s new Health app connects fitness tracking bands with doctors
  • It is now easier for parents to track what their children are up to online
  • Elsewhere, Apple launched HomeKit that lets users control smart appliances with their iOS device

 

The Daily Mail / UK
by Mark Prigg In San Francisco
2 June 2014

The latest iOS 8 software has interactive notifications, a keyboard that predicts what users will type, and a Snapchat-style self-destruct button for messages. Craig Federighi, Apple's senior vice president of Software Engineering also revealed the much-rumoured Health app (pictured) that syncs with fitness trackers

The latest iOS 8 software has interactive notifications, a keyboard that predicts what users will type, and a Snapchat-style self-destruct button for messages. Craig Federighi, Apple’s senior vice president of Software Engineering also revealed the much-rumoured Health app (pictured) that syncs with fitness trackers

 

Apple has unveiled a radical overhaul of its Mac software alongside a brand new iOS 8.

The latest iOS software now has interactive notifications, a keyboard that predicts what users will type, and a Snapchat-style self-destruct button for video and audio messages.

Meanwhile, the new Mac software design has taken many of the concepts seen on last year’s ‘flat’ iOS 7, and added key features such as being able to search Wikipedia and the web directly from the home screen.

Apple boss Tim Cook said the firm’s software had been completely redesigned to work ‘seamlessly’ together.

iOS 8′s new notification system means people can respond without having to open and switch apps.

There is also a new video messaging system allowing people to easily send video and audio messages.

This allows messages to be set to self destruct, rather like Snapchat.

The iPhone’s keyboard has been overhauled with a new QuickType system that can predict words the user is likely to use, and learns how a user types over time.

Spotlight has also been improved to allow better searching.

According to Cook, Messages is the most frequently used app, and this has been updated it to make it easier to set up and take part in group chats.

The much-rumoured Health app was also revealed, following weeks of leaks. It brings together data from fitness tracking bands and other systems.

‘Developers have created a vast array of healthcare devices,’ said Craig Federighi, Apple’s senior vice president of Software Engineering. ‘But until now, the information lives in silos.’

 

On Yosemite (pictured left), Federighi said users can now search Wikipedia and the web directly from the home screen. The iOS 8 software (pictured right) now has a new notification system, meaning people can respond without having to switch apps. There is also a Snapchat-style self-destruct button for video messages

On Yosemite (pictured left), Federighi said users can now search Wikipedia and the web directly from the home screen. The iOS 8 software (pictured right) now has a new notification system, meaning people can respond without having to switch apps. There is also a Snapchat-style self-destruct button for video messages

 

Apple iOS 8

Apple iOS 8

 

During the Mac OS announcement, Federighi (pictured) joked that OS X Weed was one of the names considered. The software has been redesigned (pictured) to look 'flat' and resemble the latest version of the iOS software seen on iPhones and iPads - in a project overseen by chief designer Sir Jonathan Ive

During the Mac OS announcement, Federighi (pictured) joked that OS X Weed was one of the names considered. The software has been redesigned (pictured) to look ‘flat’ and resemble the latest version of the iOS software seen on iPhones and iPads – in a project overseen by chief designer Sir Jonathan Ive

 

 

*** WHAT’S NEW IN IOS 8?

iOS 8 now has a new notification system, meaning people can respond without having to open and switch apps.

A new video messaging system lets people easily send video and audio messages, and these messages can be set to self destruct, rather like Snapchat.

The iPhone’s keyboard has been overhauled with a new QuickType system that can predict words the user is likely to use, and learns how a user types over time.

Spotlight has been improved to allow better searching.

Messages has been updated it to make it easier to set up and take part in group chats.

The much-rumoured Health app brings together data from fitness tracking bands and other systems. 

The family sharing app allows families to easily share calenders, pictures and even find phones.

Parents can see what their children have bought online, and download apps, music and films on the same account.

The system will automatically message parents if their child tries to buy content online.

 

Apple is working with the Mayo Clinic to allow data to be shared with doctors automatically, and notify them if a reading is too high, for example.

Apple’s iOS 8 additionally now has a family sharing app allowing families to easily share calenders, pictures and even find phones.

Parents can see what their children have bought online, and download apps, music and films on the same account.

The system will automatically message parents if their child tries to buy content online, too.

Elsehwere, the firm added HomeKit, a system to allow users to control home appliances and turn their iPhone into a remote control.

It allows the iPhone to open doors, control lights and even carry out commands like ‘get ready for bed’ which could dim lights and lock all doors.

During the Mac OS announcement, Federighi joked that OS X Weed was one of the names considered, before revealing the latest version of the software will be called Yosemite.

The software has been redesigned to look ‘flat’- to resemble the latest version of the iOS software seen on iPhones and iPads – in a project overseen by chief designer Sir Jonathan Ive.

It also has a new mode that lets users easily change the colour scheme, and comes with a new online storage service called iCloud Drive.

This lets users automatically synchronise files across multiple Macs, iPhones, iPads and even Windows PCs.

‘It’s got an all new interface,’ Federighiboasted. ‘It’s gorgeous and more usable.’

The software update will improve battery life, according to Federighi, and it has added a new ‘markup’ option to let users easily annotate pictures they are emailing.

The firm has also improved the way Macs, iPads and iPhone work together.

 

*** WHAT’S NEW IN MAC OS X YOSEMITE?

The software has been redesigned to look ‘flat’- to resemble the latest version of the iOS software seen on iPhones and iPads – in a project overseen by chief designer Sir Jonathan Ive.

It also has a new mode that lets users easily change the colour scheme, and comes with a new online storage service called iCloud Drive, allowing users to automatically synchronise files across multiple Macs, iPhones, iPads and even Windows PCs.

The software update will improve battery life, according to Federighi, and it has added a new ‘markup’ option to let users easily annotate pictures they are emailing.

The firm has also improved the way Macs, iPads and iPhone work together.

For example, a new feature called Continuity lets people drop files onto their phone from a Mac, while Handoff lets people swap between devices and automatically pick up where the user left off – even if an email is half written.

Elsewhere, Yosemite now has SMS and phone call support to Macs, meaning people can send texts from their Mac, and even use it as a speakerphone. 

 

Federighi (pictured) also unveiled a radical overhaul of Apple's Mac software, called Mac OS X 10.10 Yosemite. The update will improve battery life on Macs, according to Federighi, and it has added a new 'markup' option to let users easily annotate pictures they are emailing

Federighi (pictured) also unveiled a radical overhaul of Apple’s Mac software, called Mac OS X 10.10 Yosemite. The update will improve battery life on Macs, according to Federighi, and it has added a new ‘markup’ option to let users easily annotate pictures they are emailing

 

For example, a feature called Continuity lets people drop files onto their phone from a Mac, while Handoff lets people swap between devices and automatically pick up where the user left off – even if an email is half written.

Elsewhere, Yosemite now has SMS and phone call support to Macs, meaning people can send texts from their Mac, and even use it as a speakerphone.

Users can dial their iPhone from their Mac, a feature that was demonstrated by calling Dr Dre, Apple’s latest employee. ‘What time should I get into work? I can’t wait to start,’ he said.

 

The firm has also improved the way Macs, iPads and iPhone work together. For example, a new feature called Continuity lets people drop files onto their phone from a Mac. Elsewhere, Yosemite has SMS and phone call support (pictured), meaning people can send texts from their Mac, and even use it as a speakerphone

The firm has also improved the way Macs, iPads and iPhone work together. For example, a new feature called Continuity lets people drop files onto their phone from a Mac. Elsewhere, Yosemite has SMS and phone call support (pictured), meaning people can send texts from their Mac, and even use it as a speakerphone

 

The new Mac OS X 10.10 Yosemite software will be available in the Autumn, and will be free.

The Worldwide Developer Conference (WWDC) is an annual event in which the company reveals a series of new products and software to developers.

Recently, the event has focused predominantly on Apple software, including iOS on the iPhone, iPad and iPod touch, and OS X for its range of Macs.

Major hardware releases are reserved until Apple’s annual event in September.

Speaking to 5,000 developers at the California’s Moscone centre, Cook said: ‘We’re here to celebrate the developer community, and the number of lives they have enriched.

‘Our youngest developer is 13, and we’ll be seeing apps from him for a long time.

‘We’re gathered to talk about Mac OS and iOS. While the industry declined by 5 per cent, Macs grew by 12 per cent.’

Cook also took aim at Microsoft’s poorly received Windows 8 software.

‘Over 50 per cent of our users are on the latest release. Windows 8 shipped a year before Mavericks, and it’s at 14 per cent.

Earlier this year, Cook announced Apple is gearing up to ‘enter new product categories’.

While the recent $3billion acquisition of Beats Audio from rapper Dr Dre suggests the company is potentially exploring new territories.

 

Apple is working with the Mayo Clinic to allow its fitness data (pictured) to be shared with doctors automatically, and notify them if a reading is too high

Apple is working with the Mayo Clinic to allow its fitness data (pictured) to be shared with doctors automatically, and notify them if a reading is too high

 

The Worldwide Developer Conference (WWDC) (pictured) is an annual event in which the company reveals a series of new products and software to developers. Recently, the event has focused predominantly on Apple software, with major hardware releases reserved for Apple's event in September

The Worldwide Developer Conference (WWDC) (pictured) is an annual event in which the company reveals a series of new products and software to developers. Recently, the event has focused predominantly on Apple software, with major hardware releases reserved for Apple’s event in September

 

At last year’s event, Apple’s senior vice president of Software Engineering, Craig Federighi unveiled iOS 7 – which was seen as a major step away from previous versions of the mobile software.

It was the first major change to the operating system since senior vice president of design at Apple, Sir Jonathan Ive, was put in charge of software in October 2013.

It was a complete redesign, and many critics said it was too similar to Google’s rival Android system. 

Elsewhere, Apple is said to be looking to launch a Smart Home platform that would let iOS devices control connected household appliances.

Google has also made inroads into the smart home with the Nest Labs purchase, and this could be the next key battleground the two companies will be fighting over.

 

 

Direct Link:  http://www.dailymail.co.uk/sciencetech/article-2646338/Apple-gears-launch-iOS-8-turn-iPhone-remote-control.html