The iOS 5.1.1 update fixes four separate vulnerabilities, including one that could be used to take complete control of an affected device.

Here’s the skinny of this batch of updates:

• A URL spoofing issue existed in Safari. This could be used in a malicious web site to direct the user to a spoofed site that visually appeared to be a legitimate domain. This issue is addressed through improved URL handling. This issue does not affect OS X systems.

• Multiple security holes in the open-source WebKit rendering engine. These could lead to cross-site scripting attacks from maliciously crafted web sites. These vulnerabilities were used during Google’s Pwnium contest at this year’s CanSecWest conference.

• A memory corruption issue in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue was discovered and reported by Google’s security team.

This patch is only available via iTunes. To check that the iPhone, iPod touch, or iPad has been updated:

1. Navigate to Settings
2. Select General
3. Select About. The version after applying this update will be “5.1.1″.

Ryan says: As always, do not update to 5.1.1 if your iPhone is unlocked or jailbroken already or if you plan doing this in the future.

Source: Forbes / BGR

Most of us leave Wi-Fi on by default, in part because our phones chastise us when we don’t. (Triangulation by Wi-Fi hotspots is important for making location services more accurate.) But you probably didn’t realize that, using proprietary new “nodes” from Navizon, any device with an active Wi-Fi radio can be seen by a system like Navizon’s.

Navizon’s technology is also reminiscent of the location data provided to retailers and marketers by Skyhook’s Spotrank system, which has a different set of pros and cons: That data is available for every point on the planet, but it only includes devices running Skyhook software.

The rollout of this technology means there are now at least three ways that users can track their locations indoors, where GPS is generally useless — bluetooth beacon, Spotrank (and proprietary vendor) databases of Wi-Fi hotspots, and Navizon’s I.T.S. nodes. It also marks the second way (that I know of) for you to be tracked via the location of your phone, whether you want to be or not. (The first requires access to your cell phone carrier, and is used for example to locate your position when you make a 911 call.)

It shouldn’t be surprising that carrying around a little RF transmitter in your pocket makes you visible to all sorts of tracking technology. Maybe it’s simply the (inevitable) commercialization of this fact that is somehow unnerving.

Source: Technology Review

Its report claims that about 600,000 Macs have installed the malware – potentially allowing them to be hijacked and used as a “botnet”.

The firm, Dr Web, says that more than half that number are based in the US.

Apple has released a security update, but users who have not installed the patch remain exposed.

Flashback was first detected last September when anti-virus researchers flagged up software masquerading itself as a Flash Player update. Once downloaded it deactivated some of the computer’s security software.

Later versions of the malware exploited weaknesses in the Java programming language to allow the code to be installed from bogus sites without the user’s permission.

Dr Web said that once the Trojan was installed it sent a message to the intruder’s control server with a unique ID to identify the infected machine.

“By introducing the code criminals are potentially able to control the machine,” the firm’s chief executive Boris Sharov told the BBC.

“We stress the word potential as we have never seen any malicious activity since we hijacked the botnet to take it out of criminals’ hands. However, we know people create viruses to get money.

“The largest amounts of bots – based on the IP addresses we identified – are in the US, Canada, UK and Australia, so it appears to have targeted English-speaking people.”

Dr Web also notes that 274 of the infected computers it detected appeared to be located in Cupertino, California – home to Apple’s headquarters.

Java’s developer, Oracle, issued a fix to the vulnerability on 14 February, but this did not work on Macintoshes as Apple manages Java updates to its computers.

Apple released its own “security update” on Wednesday – more than eight weeks later. It can be triggered by clicking on the software update icon in the computer’s system preferences panel.

The security firm F-Secure has also posted detailed instructions about how to confirm if a machine is infected and how to remove the Trojan.

Although Apple’s system software limits the actions its computers can take without requesting their users’ permission, some security analysts suggest this latest incident highlights the fact that the machines are not invulnerable.

“People used to say that Apple computers, unlike Windows PCs, can’t ever be infected – but it’s a myth,” said Timur Tsoriev, an analyst at Kaspersky Lab.

Apple could not provide a statement at this time.

Ryan: Download Apple’s security update for the Flashback Trojan here.

Source: BBC News

Robert Siciliano, an identity theft expert from McAfee performed the experiment, where he purchased 30 used devices (mostly smartphones and laptops) from random users on Craigslist. His goal was to see how smart people were about removing their personal information from phones, but as it turns out, even though a majority of owners did correctly Factory Reset their Android devices, he was still able to retrieve vital data like “Social Security numbers, child support documents, credit card account log-ins, and a host of other personal data.” This finding is all the more disturbing since he could find no problems with the way iPhones, iPads, or BlackBerry devices delete their data. The only other weak link was Windows XP, which is so old it’s almost expected.

We’ve reached out to Google’s Android team to try and learn more about this potential vulnerability, but have not heard back as of publication. We’ll update this article if and when we get some answers.

Until we learn more, we don’t recommend that you don’t sell your used Android devices to anyone that you don’t know or trust. It’s quite possible that personal information could be leaked from it.

Ryan: I’ve owned a couple Android phones and I also have the Galaxy Tab.. I am back to BlackBerry and using the 9900, I find Android Phones to drop calls and bug out with force close errors more often like I like when using a phone.  And I can’t seem to drop this keyboard.. emails are much quicker on a BlackBerry than other devices. It would be interesting if RIM decided to let other companies use their keyboard design.

Source: DigitalTrends

While jail breaking is one option for avoiding the cost of tethering, other people may find that paying $30 per-year is worth avoiding the hassle of hacking a phone. Plus, for those of us who have a tendency to drop our phones, voiding the warranty and keep customer support and geniuses at bay is also reason enough to avoid the hack — which is why Tether is such a great service.

Initially launched in November 2011, Tether was originally accepted into Apple’s iTunes App Store. But the app was taken down only a few days later because it violated Apple’s terms. Since then, the team had been creating a workaround. And now, they’ve unveiled the latest version of Tether, built using its patent-pending technology, made possible by HTML5. This time around, the team decided to forgo the app’s submission to Apple altogether, seeing as how acceptance into the iTunes App Store was highly unlikely. Instead, Tether is entirely We-based, letting it bypass Apple’s scrutiny.

The service is available for Blackberry, iPhone and Android, and will currently work for any carrier throughout the world. But it’s a game of cat and mouse. Once the major carriers discern how to distinguish a tethered phone using HTML5 from a non-tethered phone, Tether users will run the risk of being forcibly upgraded to the carrier’s tethering plan, or risk being charged extra for the data sent while being tethered to your computer as per the carrier’s terms of service.

Using Tether isn’t too difficult as the video below will show you. You’ll need to download and install the appropriate software for your operating system, and proceed to create an ad-hoc network on your computer by entering in a password (if desired) for the auto-generated SSID. Note that if once Tether is open on your desktop, your current Wi-Fi connection will be disabled to make way for the tethered connection.

On your phone, find and select the ad-hoc network from list of available Wi-Fi. Then, using your mobile browser, you will be required to log into your paid account on tether.com/web. After logging in, you’re tethered and able to browse the Web on your computer right away.

Source: DigitalTrends

Microsoft Security Response Center (MSRC) director Mike Reavey talks about the CanSecWest Pwn2Own challenge that saw a successful exploit of two zero-day vulnerabilities in the Internet Explorer 9 browser.

Source: ZDNet

That’s what Steam developer and gaming company co-founder Gabe Newell told Penny Arcade.

Anonymous sources told gaming website The Verge that Valve was working on a project that would form the center of what they’re calling “The Steam Box,” a console that could have a Core i7 CPU, 8GB of RAM, and an NVIDIA GPU. The system may be able to bridge the age-old divide between PC games and consoles by putting PC games onto living room TVs. It makes sense: hardware has proved a curious divide for too long.

And most interesting, Valve may not just be gunning against the Xbox and the Playstation. It might also be going after the probable reboot of Apple TV, and by extension, cable itself.

Newell had fighting words against the Apple model of pretty-looking devices and tight control over software, and it seems like they will be pursuing an open model along the lines of Google’s Android.

“They build a shiny sparkling thing that attracts users and then they control people’s access to those things,” Newell told The Seattle Times in a reference to Apple.

With both Xbox and Playstation continually moving away from being pure gaming systems and angling towards being all-in-one entertainment devices, and now Apple and Valve moving into the game as well, the battle for living room entertainment looks like it’s about to get much more interesting.

Source: Forbes

The German court ruling said that the “zoomed in” mode for viewing photos on Motorola’s Android handsets infringed the Apple-held patent, but not the “zoomed out” mode. EU Patent No. EP2059868 originally derived from another patent, which allowed photos to ‘bounce’ when they are over-scrolled; because people will attempt to claim anything nowadays.

FOSS Patents author Florian Mueller understands that Apple could order the destruction of devices if it chooses so.

“If Apple enforces the ruling, it can even require Motorola to destroy any infringing products in its possession in Germany and recall, at MMI’s expense, any infringing products from German retailers in order to have them destroyed as well.”

Having said that, Motorola played down the fears that devices could be subject to such ghastly ends by saying that doesn’t expect the ruling to affect future sales, and that it has “implemented a new way to view photos”, reports Bloomberg with a spelling mistake.

While Motorola can continue selling the devices, it did not comment on Mueller’s comments that would lead to ultimately the mass graves of Motorola phones. Motorola has said that it has already sought a workaround to prevent its smartphones from infringing Apple’s patent, thus rendering the court’s judgement effectively useless.

It appears from this, that not only is Germany a hot bed of patent activity, litigation — and frankly, trolling — but while one company sues another, the defendant in each case is more often than not forced to simply modify the software of the phones.

If you thought the patent wars were all in Apple’s favour, you would be wrong. It was just over a week ago when Apple pulled the plug on its iCloud and MobileMe push email feature within the borders of Germany, after Motorola won a patent claim of its own.

Source: ZDNet

Bilton had an unnamed developer create a dummy application which would replicate the offending functionality, and the developer was able to easily poach location information as well as photos and video from a test device. Other developers — such as Curio co-founder David E. Chen — sounded off on the issue. Chen told the Times that, “The location history, as well as your photos and videos, could be uploaded to a server. Once the data is off of the iOS device, Apple has virtually no ability to monitor or limit its use.” Camera+ developer John Casasanta said that, “It’s very strange, because Apple is asking for location permission, but really what it is doing is accessing your entire photo library.” The article also suggests that this loophole may have been introduced with the release of iOS 4 in 2010.

We reached out to Apple about the issue, but the company declined to comment.

All hope might not be lost, however. We spoke to sources familiar with the situation, and were informed that a fix is most likely coming for the loophole. According to the people we talked to, Apple has been made aware of the issue and is likely planning a fix with an upcoming release of iOS. Those sources also confirmed that the ability to send your photos and videos to a third-party is an error, not an intended feature. If we had to guess, the fix will likely come alongside a patch for Apple’s other recent security issue — the ability for apps to upload your address book information without warning.

This story has clear echoes of that controversy, which came to light when a developer discovered that the app Path was downloading all of your device’s contact information to the company’s servers. In a follow-up report, we discovered that Path wasn’t the only app grabbing your info.

It will be interesting to see how Apple reacts to security breaches of this nature in the future. The company has long made it clear that it’s working to respect user’s privacy; at a glance it looks like these recent slip-ups are exceptions, not the rule.

Source: The Verge

Here’s a leaked screenshot from the near-final Windows 8 “Consumer Preview” version (build 8220) which comes to us via PCBeta.com:

Notice the absence of the traditional Start button? I’ve reached out to a few contacts who confirm to me that the button has indeed been removed and replaced with a hotspot in the corner that will duplicate the functionality offered by the old button.

The Start button was first introduced in Windows 95, and has been present in every version of Windows since.

Now here’s the real question … does Microsoft intend to permanently remove the Start button, or is this a trial balloon and Microsoft is looking to see what the feedback from users will be?

Source:  PCBeta

The world’s biggest maker of security software had previously said that hackers stole the code from a third party, but corrected that statement on Tuesday after an investigation found that Symantec’s own networks had been infiltrated.

The unknown hackers obtained the source code, or blueprint for its software, to Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere, Symantec spokesman Cris Paden said.

Last week, the hackers released the code to a 2006 version of Norton Utilities and have said they planned to release code to its antivirus software on Tuesday. It was not clear why the source code was being released six years after the theft.

Source code includes instructions written in computer programming languages as well as comments that engineers share to explain the design of their software. For example, a file released last week from the source code of a 2006 version of Norton Utilities included a comment that said “Make all changes in local entry, so we don’t screw up the real entry if we back up early.”

Companies typically heavily guard their source code, which is considered the crown jewels of most software makers. At some companies access is granted on an as-needed basis, with programmers allowed to view code only if it is related to the tasks they are assigned.

The reason for all the secrecy is that companies fear rivals could use the code to figure out the “secret sauce” behind their technology and that hackers could use it to plan attacks.

Paden said that the 2006 attack presented no threat to customers using the most recent versions of Symantec’s software.

“They are protected against any type of cyber attack that might materialize as a result of this code,” he said.

Yet Laura DiDio, an analyst with ITIC who helps companies evaluate security software, said that Symantec’s customers should be concerned about the potential for hackers to use the stolen source code to figure out how to defeat some of the protections in Symantec’s software.

“What we are seeing from Symantec is ‘Let’s put the best public face on this,’” she said. “Unless Symantec wrote all new code from scratch, there are going to be elements of source code in there that are still relevant today.”

Symantec said earlier this month that its own network had not been breached when the source code was taken. But Paden said on Tuesday that an investigation into the matter had revealed that the company’s networks had indeed been compromised.

“We really had to dig way back to find out that this was actually part of a source code theft,” he said. “We are still investigating exactly how it was stolen.”

Paden also said that customers of pcAnywhere, a program that facilitates remote access of PCs, may face “a slightly increased security risk” as a result of the exposure.

“Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information.”

Ryan: This is one of the reasons I had been telling people for years not to use Symantec programs. I knew they had been hacked because Viruses had been disabling out Norton on machines I had been fixing and I was seeing a big trend with this.

Source: Reuters / Yahoo! News

Well, if you ever want to stream Movies or TV Shows for free you are in luck today. Introduce XBMC + Icefilms, the most powerful combination to enrich your home entertainment. In a way this is better than what Netflix offers you for $9 a month.

Here is how to get started:

First you need to download the media center XBMC, originally designed for Xbox, but have grow ever since and now it’s a cross platform media center you don’t want to miss.

Next, download the icefilms add-on (always download the latest zip file) for XBMC. Icefilms is a third party source to view all the goodies that you can ever possible to imagine.

Follow These Installation Steps:

1. Once you done installing XBMC, fire it up. Go to System > Add-ons.
2. Choose “Install from zip file”
3. Use the keyboard arrow key or the mouse to navigate to the icefilms.zip add-on you just downloaded a moment ago. Hit OK when you done. By doing so you have just enabled the add-on. To make the use of this add-on go back to main menu. Video > Add-on
4. There will be a list of add-ons, select Icefilms
5. Choose Popular or other sorting option provided.

Wola, you’ve just got yourself a list of movies to be watch for free, all in high quality.

Follow these steps and you will be able to watch all the TV & Movies you could have ever wanted, plus alot more!

Some Movies or Videos will have more than one source, all streaming from Megaupload server. You need to wait for a while to start streaming, once the wait is over. You can enjoy the show.

That’s it, for now, XBMC is a great software if you are interested in building a home entertainment system. Give them a try, you will enjoy it. (Please note: we are not supporting nor encouraging any use of validating Copyright content. Simply provide a guidance what’s possible from a software prospective)

Download XMBC for your PC here.  When you’ve finished installing XMBC, download and install the Icefilms addon here.

The company has offered a complete list of devices currently supported by the tool. HTC notes some devices may never be supported by the unlock tool due to operator restrictions.

HTC had previously gone to some lengths to lock down bootloaders on its Android devices—partly as a defense against malicious software—but reversed course in the face of strong feedback from technically-inclined customers who feel that the ability to install their own custom operating systems is a key element of Android’s “openness.” (HTC says it was “overwhelmed by the enthusiasm of our fans.”) After all, what’s the point of an operating system being available as open source if programmers can’t download it and install it on devices?

For ambitious users, unlocking the bootloader may be a quick way to get Android 4 Ice Cream Sandwich onto HTC devices without waiting for official updates.

HTC is clear that it not officially supporting devices that have been unlocked with the bootloader, merely allowing users to unlock their devices at their own risk—and may mean they’re no longer covered by device warranties. HTC also notes that it’s possible unlocking devices may have unintended consequences, including overheating.

Ryan:  Ultimately, the main reason why I sold my HTC Desire Z and went back to BlackBerry was because of the buggy HTC Sense interface.  I am glad HTC is giving its customers more choice by allowing them to use a bootloader, “at their own risk” of course.

Source: DigitalTrends

They could use the vulnerability in the GSM network technology, which is used by billions of people in about 80 percent of the global mobile market, to make calls or send texts to expensive, premium phone and messaging services in scams, said Karsten Nohl, head of Germany’s Security Research Labs.

Similar attacks against a small number of smartphones have been done before, but the new attack could expose any cellphone using GSM technology.

“We can do it to hundreds of thousands of phones in a short timeframe,” Nohl told Reuters in advance of a presentation at a hacking convention in Berlin on Tuesday.

Attacks on corporate landline phone systems are fairly common, often involving bogus premium-service phone lines that hackers set up across Eastern Europe, Africa and Asia. Fraudsters make calls to the numbers from hacked business phone systems or mobile phones, then collect their cash and move on before the activity is identified.

The phone users typically don’t identify the problem until after they receive their bills and telecommunications carriers often end up footing at least some of the costs.

Even though Nohl will not present details of attack at the conference he said hackers will usually replicate the code needed for attacks within a few weeks.

Source: Reuters

The home screen has received links to the standard menu to launch the integrated Web browser and Live TV (assuming you have the dongle), the menu now appears as an overlay with refined navigation between sections or search. It’s also easier to sort video content and find additional information about the material with an extended synopsis. Boxee says it has reduced the number of clicks required to get around.

The bad news? This will be the last update for PC users. The company has decided that dedicated set-tops will play a larger role in the future of TVs than HTPCs running a conventional desktop operating system. As such, Boxee feels the need to refocus its efforts accordingly. Free downloads of version 1.5 will be available from Boxee’s website through January, but you’ll have to rely on other mirrors after that.

“People will continue to watch a lot of video on their computer, but it is more likely to be a laptop than a home-theater PC and probably through a browser rather than downloaded software,” the developer explained. “To our computer users…thank you for all your support — we would not be where we are today without you,” it acknowledged. Many PC customers are using that fact to protest Boxee’s abandonment plan.

“If you are a current Boxee user on a computer we hope that you will enjoy 1.5 and maybe when you are ready to retire that good ol’ HTPC/Mac Mini you will decide to get a Boxee Box,” the company said. Next year will bring many additions to Boxee’s product line, including the aforementioned Live TV dongle (provides access to the free over-the-air HDTV broadcasts that launched in 2009) and, hopefully, a new set-top.

Download Boxee 1.5 for your PC here.

Ryan: I am loving Boxee on my Media Center PC.  It’s better than Netflix, and you don’t have to pay $7.99 per month to use it because it’s FREE.  You can also watch a variety of local TV Channels like CBC, CTV etc.

Source: TechSpot

Samsung’s Galaxy Tab—a 7-in. slate I’ve been using daily for more than a year now—is also on the “won’t see Android 4.0″ list, says the Samsung Tomorrow blog. I can understand we’re looking at a smartphone and a tablet that made their debut in 2010, and there’s a limited shelf life for future updates on mobile devices. What I don’t understand, nor accept, is that the issue is Samsung’s user interface software. Even worse, I think Samsung is shooting itself in the foot. Here’s why.

You have to treat current customers well. On the one hand, I can see Samsung’s stance if it chooses not to bring Ice Cream Sandwich (ICS) to these older devices. From a financial standpoint, those handsets and tablets are already sold, and Samsung has earned all the income it’s going to from the sale of such devices. To bring Android 4.0 to the Galaxy S and Galaxy Tab, the company would have to invest time, effort, and money to deliver the software. It has no financial incentive to do so. But customers don’t care about that and could decide to buy a competing product if they feel slighted.

Software add-ons should never stop product advances. Some people like TouchWiz, and some don’t. The same could be said for HTC’s Sense. Both are user interface add-ons atop Google Android, and neither should be the primary cause of stopping an Android update. HTC once fell into this same trap with Gingerbread on its Desire handset and eventually compromised by removing some custom apps to make room for the update.

This isn’t a technical issue, it’s a bad decision. My first thought about this situation was that perhaps the Galaxy S and Galaxy Tab didn’t have the horsepower to run Android 4.0. Yet the Nexus S, made by Samsung, will get the ICS software, and it has very similar specifications to the Galaxy S in terms of memory, storage capacity, and processor. And I’m willing to bet the Android enthusiast community will have a custom build of Android 4.0 for both devices, if it doesn’t already. How sad is it that external developers can make this happen, when Samsung can’t?

Will most people who own a Samsung Galaxy S or Galaxy Tab be in an uproar over this? Probably not, as they’ll likely never know about Samsung’s decision, nor will they be thinking about Android 4.0 for devices that are 18 months old. But the decision sets a bad precedent and suggests that Samsung is more concerned with selling newer hardware than supporting existing customers and their current devices.

My suggestion would be a compromise of sorts: Offer a stock version of Android 4.0 for these devices with the customer understanding and accepting the fact that the TouchWiz interface will no longer be available after the upgrade. Unless there’s a real technical reason for the lack of an Android 4.0 upgrade—something Samsung should make clear—this might be the best answer. It wouldn’t cost nearly as much for Samsung to develop and test, while consumers thinking Samsung has let them down might be more accepting of the situation.

Ryan:  Samsung needs to seriously get their &%#* together.  I would like to update my Samsung Galaxy Tab, I find it buggy and it force closes way too much, too bad I will be forced to workaround this to put 4.0 on myself manually.

Source: BusinessWeek

Throw in a huge delay before BlackBerry 10 smartphones start shipping, and it’s clear why people are losing, or have lost, faith in a company that played a tremendous role in making the smartphone industry what it is today. Thanks to one of our most trusted sources, BGR now has new information on what’s going on inside Research In Motion, and the picture isn’t pretty.

And the view is none too good.

“Email and PIM [is better] on an 8700 than it is on BlackBerry 10,” our contact said while talking to us about RIM’s failure to make the company’s upcoming smartphone OS work with the network infrastructure RIM is known for.

We also have more background on why RIM’s BlackBerry 10 smartphones are delayed, and it has nothing to do with a new chipset that RIM is waiting on. Our source told us that CEO Mike Lazaridis was lying when he said the company’s new lineup was delayed for that reason.

“RIM is simply pushing this out as long as they can for one reason, they don’t have a working product yet,” we were told.

At the end of our conversation, our source communicated something shocking for a high-level RIM employee to say. He told us that RIM is betting its business on a platform and ecosystem that isn’t even as good as iPhone OS 1.0 or Android 2.0. “There’s no room for a fourth ecosystem,” he stated.

Microsoft’s range of Windows Phone devices suffer from a denial-of-service attack that allows attackers to disable the messaging functionality on a device.

The flaw works simply by sending an SMS to a Windows Phone user. Windows Phone 7.5 devices will reboot and the messaging hub will not open despite repeat attempts. We have tested the attack on a range of Windows Phone devices, including HTC’s TITAN and Samsung’s Focus Flash. Some devices were running the 7740 version of Windows Phone 7.5, others were on Mango RTM build 7720. The attack is not device specific and appears to be an issue with the way the Windows Phone messaging hub handles messages. The bug is also triggered if a user sends a Facebook chat message or Windows Live Messenger message to a recipient.

The flaw appears to affect other aspects of the Windows Phone operating system too. If a user has pinned a friend as a live tile on their device and the friend posts a particular message on Facebook then the live tile will update and causes the device to lock up. Thankfully there’s a workaround for the live tile issue, at initial boot up you have a small amount of time to get past the lock screen and into the home screen to remove the pinned live tile before it flips over and locks the device.

Both Apple and Google have suffered from SMS bugs with their iOS and Android devices. Security researcher Charlie Miller discovered a flaw in the iOS 3.0 software that allowed attackers complete control over an iPhone at the time. Android-based phones also suffered in the SMS attack, but attackers could only knock a phone offline rather than gain full access. The attack described in this article does not appear to be security related. It appears, from our limited testing, that the bug is related to the way Windows Phone handles messages.

Khaled Salameh discovered the flaw and reported it to us on Monday. WinRumors is in the process of disclosing the bug directly to Microsoft privately in co-operation with Khaled. At this stage there doesn’t appear to be a workaround to fix the messaging hub apart from hard resetting and wiping the device. Please see the video below for a demonstration.

Source: WinRumors

On the cusp of an event for the Windows 8 app store, one research firm has dealt a painful blow to the forthcoming OS.

“Windows 8 will be largely irrelevant to the users of traditional PCs, and we expect effectively no upgrade activity from Windows 7 to Windows 8 in that form factor,” research firm IDC told Computerworld this week.

For its part, Microsoft  has been quite vocal about its goals for Windows 8, which primarily involve the tablet market. Microsoft, like most of the world, assumes that tablets – which are already encroaching on the desktop PC and laptop markets – will one day become the dominant player in personal computing. Personally, I do not think it will be quite that simple. Instead, I expect a wise manufacturer to combine the perfect tablet with the perfect laptop and make a computer no one can live without. It hasn’t happened yet, but we’re getting closer every day.

Still, for Microsoft to sacrifice Windows 8′s success on the PC just for the sake of tablet sales would be silly. According to Computerworld, Windows 7 has been licensed 450 million times. That’s enormous! The only way Apple (NASDAQ: AAPL) could ever top that number is if it licensed Mac OS to third-party PC manufacturers. But that will never (and should never) happen.

For new PC buyers, Windows 7 is still a fairly new OS. But Windows Vista proved to be so bad (and so draining to weak hardware) that people were eager to upgrade. Windows 7 also had the benefit of coming out at a time when laptops had finally reached a nice balance between cost, performance, and durability. Whereas in the past you could spend upwards of $1,000 for a decent Windows XP laptop, the average high-quality Windows 7 laptop retails for $700 to $900. And because Windows 7 machines tend to have at least two gigs of ram, a much larger hard drive, and a vastly superior dual-core processor, their functional value should last a little longer.

In my own personal experience, dual-core processor laptops tend to hold up better after three years of use (2008 to 2011) than laptops with a single-core processor (2005 to 2008).

Unfortunately for Microsoft, this could mean that there will be fewer consumers buying new laptops when Windows 8 arrives than there were when Windows Vista and Windows 7 were released.

However, I am not convinced that IDC’s assessment is accurate. Will the Windows 8 upgrade rate be lower than Windows 7? Probably. From a consumer standpoint, and especially a business standpoint, Windows 8 may not provide enough of a difference to justify a purchase. The layout is cool and inspired, and it may very well be an important step in the Windows evolution. But that’s true of XP, one of the better versions of the software. But did everyone upgrade to XP when it was released? Nope. Did everyone need to make the switch? Nope.

That is the bigger challenge Microsoft faces: convincing us that Windows 8 is must-own software.

Since the company is so determined to make a dent in the tablet market, Microsoft needs to ensure that when Windows 8 is released, there is at least one (preferably several) must-have tablets available. If the company launches a true iPad competitor – or better yet, a true iPad-killer – then there will be very little preventing Windows 8 from attaining long-term success.

Source: Forbes

We know Opera for its obsession with speed. Keeping with the philosophy of faster is better, the latest version offers revamped HTML5 rendering engine. This means all modern HTML5 coded websites will work better than ever before. Opera claims that the websites using SSL technology will load faster than ever before. It also allows vector graphics to be mixed with HTML; which would open new possibilities for web applications.

Those who love the Opera’s inbuilt mail client will love the redesigned look which is faster and cleaner as well. The mail client now features mail grouping which is very useful when you have an influx of email messages every day.

Download Links: Opera for WINDOWS | MAC | Linux.

Source: CrazyEngineers

I’ve used other apps that claim to provide the same or similar features, but this is the best that I’ve personally tried. It’s easy — just launch AirDroid and it shows a specific URL (IP address) to type in your browser and a password to keep it secure. It’s fast, too. Once your browser connects, just click through the big icons on the web page to navigate into picture and files, view the call log, read text messages, and a lot more in a second. It’s also secure. AirDroid doesn’t store any of your info on its systems, and the password changes with each use (or you can set your own password if you prefer). All this, and it’s 100 percent free.

Once you control your phone over a computer screen, you’ll want to do so every time you’re near a computer. It’s very convenient. The app works its magic over a Wi-Fi connection.

Source: Appolicious

The issue was uncovered earlier this year by a team of researchers from Polytechnic Institute of New York University (NYU-Poly), MPI-SWS in Germany and INRIA in France and included Keith Ross, Stevens Le Blond, Chao Zhang, Arnaud Legout, and Walid Dabbous. The team presented the research in Berlin recently at the Internet Measurement Conference 2011 in a paper titled “I know where you are and what you are sharing.”

The researchers found several properties of Skype that can track not only users’ locations over time, but also their peer-to-peer (P2P) file-sharing activity, according to a summary of the findings on the NYU-Poly web site. Earlier this year, a German researcher found a cross-site scripting flaw in Skype that could allow someone to change an account password without the user’ consent.

Even when a user blocks callers or connects from behind a Network Address Translation (NAT) — a common type of firewall — it does not prevent the privacy risk,” according to a release from NYU-Poly.

The research team tracked the Skype accounts of about 20 volunteers as well as 10,000 random users over a two-week period and found that callers using VoIP systems can obtain the IP address of another user when establishing a call with that person. The caller can then use commercial geo-IP mapping services to determine the other user’s location and Internet Service Provider (ISP).

The user can also initiate a Skype call, block some packets and quickly terminate the call to obtain an unsuspecting person’s IP address without alerting them with ringing or pop-up windows. Users do not need to be on a contact list, and it can be done even when a user explicitly configures Skype to block calls from non-contacts.

The research also revealed that marketers can easily link to information such as name, age, address, profession and employer from social media sites such as Facebook and LinkedIn in order to inexpensively build profiles on a single tracked target or a database of hundreds of thousands.

“We feel the implications are very severe,” Ross told CSO. “For example, a high-school hacker, or anyone with basic programming and hacking skills, could track, for example, all the Congressmen in the United States, or the employees of a company. The attack can be used by blackmailers, stalkers, or journalists looking for a racy story about a politician.”

Skype and Microsoft Corp. were informed of the researchers’ findings and The New York Times reports that Skype is aware of the issue.

“We value the privacy of our users and are committed to making our products as secure as possible,” Adrian Asher, Skype’s chief information security officer, said in a statement. “Just as with typical Internet communications software, Skype users who are connected may be able to determine each other’s IP address. Through research and development, we will continue to make advances in this area and improvements to our software.”

Source: NetworkWorld

Speaking in London, WikiLeaks founder Julian Assange said more than 150 organisations worldwide were selling information obtained by monitoring people’s mobile phones and computers.

“Today, we release over 287 files, documenting the reality of the international mass surveillance industry. An industry which now sells equipment to dictators and democracies alike, in order to intercept entire populations. 9/11 has provided a license for European countries, for United States, Australia, Canada, South Africa and others to develop spying systems that affect all of us,” Assange said.

He added that iPhone, Blackberry and Gmail users were at risk.

The whistleblower website has in the past released classified US documents on the Iraq and Afghan wars as well as controversial details of US diplomatic cables.

Source: IBNLive Tech

According to a story from Ars Technica, RIM is offering its device management software to both its major competitors. The company made the announcement today that it would make the software available to Android and iPhone owners, which would allow users to manage those devices alongside BlackBerry devices using the software.

The new software is called BlackBerry Mobile Fusion and gives a lot of the same device management controls that BlackBerry customers enjoy (like remote phone locking and wiping and security features) to non-BlackBerry phones. It’s an acknowledgment on RIM’s part that it’s slowly losing its dominance in the field of business. While BlackBerry devices are still used heavily in enterprise, companies are also allowing employees to bring their own phones and use them.

BlackBerry Mobile Fusion allows RIM to continue to support its devices among businesses, even if its users also have other devices. RIM is aiming to become the “de facto platform” for device management among enterprise users, according to Alan Panezic, VP of enterprise product management at RIM. So while BlackBerry devices might be losing their market share, RIM doesn’t intend to be forgotten: it may just have to change the way it does things.

RIM has its work cut out for it, though. Its BlackBerry devices still curry a lot of favor among the government and businesses, but it’s losing traction to the widespread popularity of Android, and Apple’s iPad is popping up more and more in business settings. It probably didn’t help that BlackBerry devices suffered a worldwide outage in October. But the popularity BlackBerry does enjoy, as Ars Technica points out, largely comes from its management capabilities. Now Android users are going to have access to those same capabilities, which could help RIM maintain some popularity, especially if those capabilities become as popular on other devices as they have been on BlackBerrys.

On the other hand, if RIM gives up the things that make its handsets unique – by allowing millions upon millions of Android users to have those same capabilities without buying a BlackBerry – it could very well have a huge negative impact on the BlackBerry. We’ll have to wait and see if RIM’s gamble pays off, but in the meantime, Android users are going to have access to some potentially cool new software.

RIM says it’ll be releasing BlackBerry Mobile Fusion in the first quarter of 2012.

Source: Appolicious

The findings showed that sperm cells collected in lab dishes and placed beneath a laptop with a wireless Internet connection for four hours had less motility and more DNA damage than sperm placed in another room, away from electronic devices but kept at the same temperature.

“It is well-known that increased temperature may decrease sperm quality, and the use of portable computers on the lap increases scrotal temperature,” the researchers wrote in their study.

But the findings suggested it wasn’t the temperature beneath the laptop that was affecting sperm; instead, the radiation from the laptop was slowing the swimmers, according to the study.

Laptops emit radiation

The researchers in Argentina and Virginia used semen samples from 29 healthy men, whose average age was 34. The laptop was set to download and upload information over the course of the experiment, so the wireless connection was actively being used. The temperature under the laptop was held constant at 77 degrees Fahrenheit by an air-conditioning system.

Wireless Internet connections use radio-frequency electromagnetic waves. When the researchers measured the radiation coming from a laptop wirelessly connected to the Internet, they found it was at least three times higher than an unconnected laptop, and seven to 15 times higher than radiation in a general setting, according to the study, though the levels varied over the course of the experiment, depending on the flow of information coming to or from the computer.

There was no difference between the sperm samples held under the laptop and those kept away from it in terms of the percentage of sperm that were dead at the end of the experiment, according to the study.

Still, sperm motility and having undamaged DNA are important for fertilizing an egg.

“We speculate that keeping a laptop connected wirelessly to the Internet on the lap near the testes may result in decreased male fertility,” the researchers wrote in their conclusion.

Why sperm cells are vulnerable

Sperm cells are different from other cells in the body — their DNA is highly condensed into a small area, the researchers noted. This could make them more vulnerable to the effects of such radiation.

It’s plausible that the magnetic and electromagnetic fields produced by the radio waves damage molecules in sperm called phospholipids, which are a needed to keep membranes within a sperm cell intact, the study researchers wrote.

It is not known whether all laptop computers might have the same effects as those seen in this study, nor is it known what other factors might heighten or lessen the damage, the researchers wrote in their conclusion.

“However, we cannot discard the possibility that damage to sperm is caused by the low radiation produced by the computer without Internet connection,” they wrote, and this possibility should be studied further.

The study was published online Nov. 23 in the journal Fertility and Sterility.

Pass it on: Radiation from wireless internet connections might damage sperm cells.

Source: Yahoo! News

It’s likely sales have been blunted by the release of the iPhone 4S, as well as the lower price of the legacy iPhone 4 and 3GS models as well. The coming release of the Galaxy Nexus and phones running on the recently unveiled Android 4.0 Ice Cream Sandwich operating system is expected to provide additional pressure, while Nokia may take some shine off RIM’s growth overseas, Walkley said.

“We anticipate increasing competition across all tiers of RIM’s products in 2012,” he said in a research note sent to clients today.

RIM had hoped for its upgraded BlackBerry 7 operating system to inject some life back into the company’s prospects and get it back on track as it migrates to a slicker next-generation platform. With that platform, BBX, expected to be delayed until the middle of next year, it’s more important than ever for its current BlackBerry 7 phones to have a strong showing.

A RIM representative wasn’t immediately available for comment.

But aside from the flagship Bold 9900 smartphone, which has generally received favorable reviews, its other BlackBerry smartphones haven’t sold so well. RIM was suffering from weaker sales to consumers at Verizon Wireless, T-Mobile, and Sprint Nextel, as sales were dominated by the iPhone and Android devices, Walkley said. Even the Bold has lost its momentum following the launch of the iPhone 4S and subsequent price cuts to the older models, he added.

Overseas, Walkley said he was more bullish on Nokia’s prospects as it prepares to roll out its first Windows Phone devices in a few European markets. He expects Nokia to make more of a run in emerging markets where RIM has seen recent strength, which could cut into RIM’s growth. He added that RIM’s lower-tier BlackBerry devices that had been popular are slowing considerably in the face of new Nokia phones and sub-$200 Android smartphones showing up in Latin America and Eastern Europe. Nokia, meanwhile, is seeing more interest in its Asha series of phones in markets such as India and Indonesia, he added.

Walkley was also bearish on the prospects of the PlayBook, saying he only expects “soft sales” of the device. The PlayBook has been heavily discounted in recent weeks, with Black Friday specials pulling the price down to $200, but sales have still been anemic. The missing core features of the device–e-mail access, messenger services, and calendar–won’t arrive until an update next year. Walkley dropped his fiscal 2012 estimate for unit sales to 900,000 from 1.5 million units. In total, RIM has only sold 700,000 units to its retail partners through the August quarter, an extremely disappointing number.

The competition is only going to get worse with the $199 Kindle Fire out and Ice Cream Sandwich-powered tablets hitting the market in the coming months.

All of this bodes poorly for RIM, which has a rough year. Even its traditional stronghold of enterprise customers is vulnerable. A recent study by iPass found more corporate users on an iPhone than a BlackBerry. IPass was quick to note that the change in market share may be more due to the extreme growth of iOS, as opposed to RIM losing customers.

But it can’t be good if iPhone is beating RIM at its own game.

Source: CNET

Google promised, and Google delivered: the source code to Google Android 4.0.1, codenamed “Ice Cream Sandwich,” has been released to the open source community. And as a nice side bonus, the code now available encompasses the complete source code history tree, which includes the never-before-open Android Honeycomb family of releases.

I’m not a developer, so I’ll defer to Google Android Open-Source Project software engineer Jean-Baptiste M. “JBQ” Queru’s post to the Android Building mailing list for details:

This is actually the source code for version 4.0.1 of Android, which is the specific version that will ship on the Galaxy Nexus, the first Android 4.0 device. In the source tree, you will find a device build target named “full_maguro” that you can use to build a system image for Galaxy Nexus. Build configurations for other devices will come later.

Later in the same post, he writes:

This release includes the full history of the Android source code tree, which naturally includes all the source code for the Honeycomb releases. However, since Honeycomb was a little incomplete, we want everyone to focus on Ice Cream Sandwich. So, we haven’t created any tags that correspond to the Honeycomb releases (even though the changes are present in the history.)

This is a very cool thing for Google to do – I stand by my opinion that Google had been misrepresenting the openness of the Android operating system to everybody up to and including the US Senate, but this goes a long way towards realigning perception with reality.

But on the other hand, it seems pretty transparent that they only did it for fear that Google’s rushed Motorola Mobility buy coupled with the closed Google Android 3.0 release tree would intensify the scrutiny on the search giant at a time when it can’t afford much more of the legal spotlight.

There’s no point looking a gift horse in the mouth, though, and I’m looking forward to seeing what the Android hacker community puts together with Ice Cream Sandwich as its new foundation.

Download it here.

Source: Googling Google

Prior to this update, all a third party needed to do to gain access to someone’s Dropbox account was to copy the Dropbox configuration files from one PC to another. These configuration files could be copied directly from the PC or extracted from a system backup. Once in possession of these files, the third-party had total access to the Dropbox account even if the user changed their password. The only way to revoke access was to unlink the rogue system from the account using the account setting page over on the Dropbox website.

Dropbox version 1.2.48 fixes this serious vulnerability. However, because the client software can take several weeks to auto update, you have to carry out the procedure manually.

If you’re a Dropbox user I strongly urge you to install this update immediately!

Source: ZDNet

Research in Motion plans to continue supporting Adobe Flash, days after it emerged that the platform was not only on its last legs, but that it was to be taken round the back of the stable and beaten over the head with a rusty spade.

In a statement on the company’s corporate blog, the BlackBerry maker said:

“Earlier today, Adobe announced plans to stop investing in Flash® for mobile browsing, and focus more efforts on HTML5. As an Adobe source code licensee, we will continue to work on and release our own implementations, and are looking forward to including Flash 11.1 for the BlackBerry PlayBook.”

At roughly 10am this morning, a collective face-palm slapping sound was heard across the United States and Canada.

It is as though the BlackBerry maker is purposefully trying to continually do things to deliberately lower its stock price. I’m serious; is this some game show that I’m not aware of, where contenders win a vacation to the Bahamas if they successfully cripple their company within the space of a year?

The PlayBook has hardly been the most popular tablet the market has seen in recent years. In fact, come Christmas, I would place money that out of the ‘major players’, including Samsung, Motorola, and obviously Apple, that Research in Motion’s tablet will still come bottom of the pile.

But to continue to support an already dead platform on a dying tablet is like throwing salt in the wound of an already squashed slug.

It’s not the best analogy I should have come out with, but you get the idea.

Granted, the PlayBook does support HTML5, at least giving the tablet a break from a major software update that would be necessary to effectively replace the world’s most used web plug-in. It saves on a lot of headaches down the line, which from the perspective of future proofing was not a far off move.

The Ontario-based company will have the ability to continue to develop Flash on its own moving forward, keeping a ‘healthy’ following of developers interested and supported — that is, if you considered the aforementioned slug analogy to be healthy.

The PlayBook never really stood a chance, stood in line like the nerdy, glasses-wearing kid next to its prom-queen older sister. Even when the PlayBook had a chance to shine, in its secure emailing client that emulated the BlackBerry enterprise encryption, the tablet launched without it. In effect, its most favourable feature was left behind its launch.

But the linchpin to the PlayBook has always been its less than desirable advertising.

Nearly all of the company’s advertising and marketing efforts have been on the fact the PlayBook, unlike the iPad, as the supreme competitor to all other tablets on the market, will support Flash-based content. Though it still will, and Flash will not suddenly drop off the edge of the planet in the next few months, the BlackBerry maker is going to have to think of a brand new marketing strategy.

At least now Research in Motion can advertise the PlayBook as something it should have been marketed as a long way back: “The most expensive paperweight you never needed in the first place”.

Source: ZDNet

Latest Update: Adobe confirmed it will cease Flash development on mobile devices in a press release published Wednesday morning.

In an abrupt about-face in its mobile software strategy, Adobe will soon cease developing its Flash Player plug-in for mobile browsers, according to an e-mail sent to Adobe partners on Tuesday evening.

And with that e-mail flash, Adobe has signaled that it knows, as Steve Jobs predicted, the end of the Flash era on the web is coming soon.

The e-mail, obtained and first reported on by ZDNet, says that Adobe will no longer continue to “adapt Flash Player for mobile devices to new browser, OS version or device configurations,” instead focusing on alternative application packaging programs and the HTML5 protocol.

“Our future work with Flash on mobile devices will be focused on enabling Flash developers to package native apps with Adobe AIR for all the major app stores,” the quoted e-mail says.

In the past, Adobe has released software tools for mobile developers that create a single platform programmers can use to make applications that work across three major mobile platforms: Android, iOS and the BlackBerry OS. While it’s seemingly easier than learning all of the native languages for each operating system, some developers have claimed a loss in app performance when coding in a non-native language that then gets translated into other languages.

The move indicates a massive backpedaling on Adobe’s part, a company who championed its Flash platform in the face of years of naysaying about its use on mobile devices. Despite Flash’s near ubiquity across desktop PCs, many in the greater computing industry, including, famously, Apple Computer, have denounced the platform as fundamentally unstable on mobile browsers, and an intense battery drain. In effect, Flash’s drawbacks outweigh the benefits on mobile devices.

Flash became a dominant desktop platform by allowing developers to code interactive games, create animated advertisements and deliver video to any browser that had the plugin installed, without having to take into account the particulars of any given browser. However, with the development of Javascript, CSS, and HTML5, which has native support for video, many web developers are turning away from Flash, which can be a resource hog even on the most advanced browsers.

Apple made its biggest waves in the case against Flash in April of last year, when Steve Jobs penned a 1,500-word screed against the controversial platform, describing it as a technology of the past. Jobs and Apple disliked the platform so intensely, it has since been barred from use on all iOS devices.

Despite attempts to breathe life into Flash on other mobile devices — namely, Android and BlackBerry OS — Adobe has failed to deliver a consistently stable version of the platform on a smartphone or tablet. In WIRED’s testing of the BlackBerry PlayBook in April, Flash use caused the browser to crash on a consistent basis. And when Flash was supposed to come to tablets with Motorola’s Xoom, Adobe was only able to provide an highly unstable Beta version of Flash to ship with the flagship Android device.

“Adobe has lost so much credibility with the community that I’m hoping they are bought by someone else that can bring some stability and eventually some credibility back to the Flash Platform,” wrote software developer Dan Florio in a blog post on Wednesday morning.

The drastic reversal in Adobe’s mobile plans comes in the wake of the company cutting 750 jobs on Tuesday, a move prompted by what Adobe labeled “corporate restructuring.”

An Adobe representative did not immediately respond to a request for comment.

Source: Wired

Charlie Miller, a researcher with Accuvant Labs who identified the problem, built a prototype malicious program to test the flaw. He said Apple’s App Store failed to identify the malicious program, which made it past the security vetting process.

There is as yet no evidence that hackers have exploited the vulnerability in Apple’s iOS software. But Miller said his test demonstrated that there could be real malware in the App Store.

“Until now you could just download everything from the App Store and not worry about it being malicious. Now you have no idea what an app might do,” Miller said.

Miller said he proved his theory by building a stock-market monitoring tool, InstaStock, that was programed to connect to his server once downloaded, and to then download whatever program he wants.

Apple did not respond to requests for comment.

Miller, who in 2009 identified a bug in the iPhone text-messaging system that allowed attackers to gain remote control over the devices, said that he had contacted the company about the vulnerability.

“They are in the process of fixing it,” he said.

Miller is scheduled to present his detailed research at the SyScan ’11 security conference in Taiwan next week.

Source: Reuters

Criminals are typically creating Trojan copies of reputable apps and tricking users into installing them.

Once on the phone, the app can secretly generate cash for criminals through premium rate text messages.

Get Safe Online, a joint initiative between the government, police and industry, said it was concerned that users of smartphones, such as Android devices, were not taking steps to protect their devices.

Get Safe Online said fraudsters are designing apps which generate cash secretly in the background without the owner realising until their monthly bill.

A typical scam involves an app designed to send texts to premium rate services without the user knowing.

Apps can appear to be bona fide software or sometimes masquerade as stripped down free versions of well-known games.

Rik Ferguson, a hacking researcher with internet security firm Trend Micro, said: “This type of malware is capable of sending a steady stream of text messages to premium rate numbers – in some instances we’ve seen one being sent every minute.

“With costs of up to £6 per message, this can be extremely lucrative. The user won’t know this is taking place, even if they happen to be using the device at the same time, as the activity takes place within the device’s back-end infrastructure.”

Online banking

Another major security firm, Symantec, recently warned in its annual threat assessment that Android phones were at risk and that it had found at least six varieties of malicious software.

Minister for Cyber Security Francis Maude said: “More and more people are using their smartphone to transmit personal and financial information over the internet, whether it’s for online banking, shopping or social networking.

“Research from Get Safe Online shows that 17% of smartphone users now use their phone for money matters and this doesn’t escape the notice of criminals.”

Tony Neate, head of Get Safe Online, urged people to check their phone’s security.

“Mobile phones are very personal. I have talked to people who are never more than a yard away from their mobile phone. Because of that attachment, they start to think that they are in a way invincible.

“It’s the end user that picks up the tab – it’s your phone that incurs the costs. Whether you have pay-as-you-go or a monthly account, that money is going to come from the account and go to the criminal.”

Source: BBC News

Source: Engadget

The number was startling when I first heard it. I knew that Apple started building its own chip design team in 2009, but figured it had to be a few hundred people at most, not 5 percent of Apple’s non-retail workforce. (Apple employs more than 50,000 people worldwide, 30,000 of them in its retail stores). Apple started designing its own chips because Intel and AMD were still stuck in the PC era. Apple needs chips that are powerful enough, but also very low power.

Battery life is one of the most important features of a mobile device. Apple’s latest A5 processor, which first appeared in the iPad 2, will now power the iPhone 4S as well. Not only is the A5 twice as fast as the A4 in the current iPhone 4, but it slightly improves the battery life with 8 hours of talk time (versus 7 hours).

Not only are Apple’s processors extremely power efficient, but Apple is also removing the hard drives from its products and replacing them with flash memory chips. It’s not just iPhones and iPads, the MacBook Air’s storage is also flash. All of Apple’s products are moving in this direction. When you combine these two fundamental changes at the silicon level, “form factor no longer becomes an issue,” explained the Silicon Valley CEO.

You can put a computer into anything. Mobile phones and tablets, certainly. TVs, perhaps. But what else? It is only limited by the imagination of Apple’s engineers and what makes sense from a product point of view.

When Jobs retired, TechCrunch writer MG Siegler cautioned against focusing too much on the next iPhone. Jobs left Apple knowing that a string of post-PC products will be introduced in the years ahead. MG wrote:

It’s the longer roadmap that should really be the grand finale in the Jobs’ fireworks show.

Talking to sources in recent months, there has been one common refrain: that the things Apple is working on right now are the best things the company has ever done. These are things that will “blow your mind”, I’ve been told.

Jobs himself said when he resigned, “I believe Apple’s brightest and most innovative days are ahead of it.” Now we get to see what he meant by that. Jobs rebuilt Apple from the silicon up. It is the company itself which is his greatest product. And like all of his products, everything fits together: the chips, the hardware, the software, the industrial design, the developer platform, the tightly controlled manufacturing, the marketing, the retail stores.

This machine is proving adept at making and selling mobile computers—phones and tablets. But remember also that we are just at the beginning of the post-PC era. The iPhone launched 4 years ago, the iPad only a year and a half ago. It is becoming practical to put a computer into anything. Of course, just because you can, doesn’t mean you should. And if anything, Apple is very disciplined about choosing what not to do (another Steve Jobs trait). But if you believe that post-PC devices will include more than just phones and tablets, it is not such a crazy idea that one day Apple will be churning them out as well.

Source: TechCrunch

So what is it? Plasma Active is not, like Android, iOS, or webOS, an operating system. It’s a KDE 4.x style interface and application programming interface (API) designed for touch devices. The Plasma Active Team states that “Plasma Active is innovative technology for an intelligent user experience (UX). It is intended for all types of tablets, smartphones and touch computing devices such as set-top boxes, smart TVs, home automation, in-vehicle infotainment. The goals for this KDE open source project are:

• A fast embedded UX platform with minimal memory requirements
• Customizable and modular to support different form factors
• An interface that adapts as users change Activities.

In their GrandMaster Plan, the developers go into more detail about how they’ll do this: “Plasma Active runs on the proven Linux desktop stack, including the Linux kernel, Qt and KDE’s Plasma Framework. The user interface is designed using Plasma Quick, a declarative markup language allowing for organic user interface design based on Qt Quick. Plasma Active uses existing free desktop technology and brings it to a spectrum of devices through a device-specific user interface. Classical Plasma Widgets can be used on Plasma Active as well as newly created ones. The key driver for the development of Plasma Active is the user experience. Collaboration is made easy through high-level development tools and a well defined process. ”

“The first release of Plasma Active fully focuses on tablet computers. Plasma Active Tablet’s user experience is designed around the web, social networks and multimedia content.” Today, Plasma Active runs on MeeGo and the openSUSE-based Balsam Professional (German language site). There are also OS images for Intel-based tablets, and package builds for ARM and x86 platforms. The group is working flashable images for ARM platforms. The interface will also run on Oracle’s VirtualBox virtual machine. If you want to try it you can find downloads and instructions at the Plasma Active Installation page.

According to Sebastian Kügler, one of Plasma Active’s leading developers Plasma Active is “certainly meant as a replacement for iOS and Android, a completely open, community-driven project with strong backing by a group of (SMB-sized) businesses. We hope this appeals to many hardware vendors, and have in fact already started talking with some. The feedback so far was very good, and the concepts seem to appeal with potential partners. There is definitely demand for an open system without lock-in in the market for devices.”

Kügler also told me that they “have started investigating Tizen, [Intel and the Linux Foundations' proposed replacement for MeeGo] but at this point, there is too little information out, and too many unknowns. We do see Tizen as a potential and likely target platform, but before Intel and Samsung release an SDK, our hands are tied. It’s not stopping us, since in the meantime, we can still run our stuff on MeeGo and Balsam, and we are investigating, together with the Mer team [Another mobile Linux operating system] how to get Plasma Active onto Mer.

That’s all well and good but does KDE have any industry support for this? Kügler replied, “My employer, open-slx backs this project, and we are actively working towards creating a wider ecosystem of companies around Plasma Active, to make good commercial support available, next to the community resources. This includes OEMs, ODMs and companies that can deliver support around Plasma Active, for example integration with new hardware platforms, support for custom-build OS images, 3rd party software, end-user support, etc.”

To that, I might add that unlike other such mobile projects, KDE starts with a large number of open-source applications that already run with it. That’s an advantage that neither RIM nor HP had. Personally, it’s hard for me to see a competitor to Android or iOS getting traction, but I’ve learned over the years not to bet against the KDE team.

Source: ZDNet

The Firefox add-ons page for McAfee ScriptScan displays a large red X and notes that the add-on “causes a high volume of crashes.”

Mozilla’s advisory says, “Users are strongly encouraged to disable the problematic add-on or plugin, but may choose to continue using it if they accept the risks described.”

The bug report for the issue goes into greater detail. The report is titled “Blocklist McAfee ScriptScan for Firefox and McAfee SiteAdvisor due to explosive crashes,” and it notes that two separate bugs highly correlated with the two add-ons caused 3,432 and 6,691 crashes in the week ending September 28. The issues reportedly affect users of Firefox 6.0.2 and the just-released Firefox 7.

A comment in the bug report, dated September 28, suggests that the problem is even worse than those numbers would suggest:

We had 1555 processed crashes on 6.* yesterday, with the 10% throttling rate, this means that roughly 15,000 crashes happened during a single day with this signature!

The list of blocked add-ons includes an entry for McAfee SiteAdvisor from last March. Three Microsoft products, including the Bing Bar, were blocked in October 2010 at Microsoft’s request, to address security issues.

This isn’t the first time that McAfee’s add-on has been flagged for performance or reliability issues. An IBM TechNote from 2008 reports that an earlier version of ScriptScan “causes a four to seven seconds delay in rendering pages” from IBM’s WebSphere application. In that case, according to IBM, McAfee acknowledged the performance issues with the tool.

A support thread at Mcafee.com acknowledges the current issue and says “McAfee is aware of it, has a bug filed and is working with Mozilla to address the problem.”

This sort of incompatibility isn’t surprising. Mozilla’s decision to shift to a rapid-release schedule plays havoc with the makers of browser add-ons. On October 1, Symantec updated its Norton Toolbar and Norton Vulnerability Protection add-ons for Firefox. That followed a “minor product update” on September 20. A separate support note advised “This patch is necessary to prepare your Norton 2012 Product for the upcoming Firefox 7 compatibility update that we will release to Norton Products at a future date.” The Firefox 7.0 Compatibility Patch was released on September 27.

Source: ZDNet

Download Kik for BlackBerry

Ryan:  Great Messenger App for all platforms in general. Highly recommended over LiveProfile and WhatsApp.

Analysts said Wednesday’s deals signaled Samsung’s aim to lower its exposure to Android following Google’s $12.5 billion August acquisition of Motorola Mobility.

“The Google Motorola deal certainly gives Samsung some motivation to lessen the dependence on Android,” said Matthew Thornton, analyst at Avian Securities.

Microsoft and Samsung signed on Wednesday a new deal for development and marketing of Windows phones, while also agreeing on a wide patent cross-licensing deal. Samsung has also used Microsoft’s software in the past.

Earlier on Wednesday two Linux software groups, one backed by Samsung, another by Intel, said they have joined forces to develop a new operating system for cellphones and other devices.

Under the deal, the LiMo Foundation and Linux Foundation are effectively merging their LiMo and Meego mobile operating systems and hope to gain wider industry and consumer support, but analysts said the new Tizen platform is likely to struggle.

It would have to attract wide support from developers and manufacturers to compete with the dozen or so other mobile operating systems available in a smartphone market currently dominated by Apple’s in-house software and Google’s Linux-based Android.

“The best hope for them is that big operators get worried by Android … and decide to consciously switch their allegiances to rival platforms to restrict Google’s huge influence over the mobile market,” said analyst Neil Mawston from Strategy Analytics.

Earlier this year Nokia, the biggest phone maker by volume, ditched its own Symbian operating system in favor of Microsoft’s Windows Phone software.

Currently Windows Phone has a smartphone market share of 2-3 percent, according to industry analysts, and LiMo and Meego have less than 1 percent apiece, while Android’s share is almost 50 percent and still growing.

“This (Tizen) is driven by necessity. Linux rivals to Android have failed to gain traction and Samsung needs to reduce its dependence on Google,” said Geoff Blaber, an analyst at London-based telecoms industry consultancy CCS Insight.

The world’s second-biggest cellphone maker behind Nokia, Samsung is the leading user of the Android platform, which has been one of the reasons for its escalating court-room fight over patents with Apple.

Microsoft said the definitive agreement with Samsung to cross-license the patent portfolios of both companies, provides

broad coverage for each company’s products, and it will get royalties for Samsung’s devices running the Android platform.

“It’s probably a win-win. Microsoft is leveraging its patents to get customers while Samsung is looking for ways to lessen its dependence on Android,” said Avian’s Matthew Thornton.

2012 LINUX STORY

LiMo Foundation and the Linux Foundation said the new Tizen platform is an open-source, standards-based software platform that supports multiple devices including smartphones, tablets, smart TVs, netbooks and in-vehicle ‘infotainment’ systems.

A spokesman for Samsung said: “We’ve been a core Linux partner … and this is in line with our strategy of supporting many platforms.”

The initial release is planned for the first quarter of 2012, enabling the first devices using Tizen to come to market in mid-2012, the two groups said.

The world’s largest semiconductor firm Intel and Samsung Electronics, the second biggest maker of cell phones and one of the key contributors to LiMo, will head the technical steering committee developing Tizen.

Earlier this month Intel and Google launched a development partnership to adapt Android for Intel’s Atom processor chips, with a view to having the first Anroid phones featuring Intel chips in the first half of next year.

Linux is the most popular type of free, or open-source, computer operating system which allows the public to use, revise and share. Linux suppliers earn money selling improvements and technical services.

Source: Reuters

RIM’s BlackBerry also lost a point to 18 percent. It may have been helped by a slew of BlackBerry 7 phones shipping the same month, such as the Bold 9900 and 9930.

Google still had added momentum in the Nielsen research. Among those who had bought a smartphone in the past three months, 56 percent were buying Android. Apple still wasn’t under threat with a static 28 percent, but there had been extra pressure on Microsoft and RIM, which collapsed to about six and nine points. Both audiences may have been in holding patterns for most of the summer as they either waited for later BlackBerry 7 launches or for Windows Phone 7​.5 (Mango) in October.

Android may see a rare share reversal in October. The year so far has been unusual as Apple’s first where a new iPhone didn’t ship in the summer. Possibilities exist that iphone sharecould start growing again as Apple fills pent-up demand, most of all if a Sprint iPhone 5 ships and eliminates another shelter for Android.

Smartphones should also still be on track to become the dominant cellphones in the US, researchers said. They were now up to 43 percent of total ownership and at 58 percent among those who had bought in the past three months. Ownership is expected to cross the 50 percent mark before the end of the year as the iPhone 5, and more Android devices like the Galaxy S II tip the balance.

Source: Electronista

Hewlett-Packard Co last week named former eBay Inc Chief Executive Meg Whitman its president and CEO, replacing Leo Apotheker in a bid to restore investor confidence in the iconic Silicon Valley company.

“That is a major chance for us because big customers and resellers are uncertain. They are asking themselves: what’s next, who can i work with?” Frankfurter Allgemeine Zeitung quoted Walter Deppeler as saying in a prerelease of its Tuesday edition.

“We want to use this as an opportunity for us,” he added.

Source: Reuters

True or false? Well-grounded or unfounded? Microsoft execs will not comment — which is leading many to assume it’s true.

Matthew Garrett, a power management and mobile Linux developer at Red Hat, blogged about the possible lock-out scenario on September 20. He explained how the Unified Extensible Firmware Interface (UEFI) technology and Microsoft’s  secure-boot plans — outlined in a new blog post on the “Building Windows 8″ blog this week — potentially could thwart those who want to dual boot Linux and Windows 8 on their Windows 8 machines.

Garrett’s conclusion: “It’s probably not worth panicking yet. But it is worth being concerned.”

Microsoft officials have said — via a UEFI session at the company’s recent Build conference, along with the aforementioned blog post — all that they are going to say on the topic.

Here’s what Microsoft has said, re: its secure boot plans for Windows 8. These tidbits are from the previously mentioned Build session on UEFI:

• All firmware and software in the boot process must be signed by a trusted Certificate Authority (CA)
• Required for Windows 8 client
• Does not require a Trusted Platform Module (TPM)
• Reduces the likelihood of bootkits, rootkits and ransomware

Update: Microsoft officials have posted more on UEFI and secure boot. After reading it, I still don’t know whether anything about Windows 8’s implementation of secure boot will block Linux. Anyone out there able to tell more from the September 22 post on the Building Windows 8 blog?

Source: ZDNet

While the device has a reasonable user experience, the company fatally tied use of the PlayBook to the BlackBerry handset – you need a BlackBerry to read your email on a PlayBook. In the face of the Apple iPad juggernaut, the PlayBook has been simply steamrolled. There’s simply not much interest in buying it. Research In Motion shipped just 200,000 of the tablets in the August quarter, sharply below the Street consensus of around 554,000, according to the investment news service StreetAccount. Handset sales also fell short of expectations, at 10.6 million units, versus a Street consensus at 11.6 million.

The company conceded on the post-earnings conference call that sales of the PlayBook were lower than anticipated, while asserting that a major software upgrade for the device is coming that will “deliver highly anticipated new capabilities and applications” which RIM thinks will reinvigorate sales.” The new version of the software will have built-in native e-mail calendar and contacts, the ability to run Android Apps and a new video store with 10,000 movies and TV shows available for download, among other things.

But will any of that really give users pause as they decide which tablet to buy? The truth is, at this point there isn’t really a a tablet market – there’s an iPad market. And improving the current version of the PlayBook’s software is not especially likely to drive substantially higher sales of the PlayBook.

Source: Forbes

At the Intel Developer Forum in San Francisco on Tuesday, Intel CEO Paul Otellini showed a Android smartphone using his company’s Medfield chip, which is based on Atom. The 32-nanometer Medfield is the company’s flagship processor for smartphones, and succeeds the 45-nanometer Moorestown processor, which was Atom-based but had size and power issues.

Intel/Android Smartphones Next Year

The giant Intel is expected to reduce its mobile processor line to 22-nanometer within the next year, which would result in a smaller size and, most likely, a lower power need.

Intel has dominated the market for desktop and laptop PCs, and its integration with Windows was so powerful that the combination was dubbed Wintel. But the dominant processors for smartphones and tablets are those based on designs from the U.K.-based ARM Holdings. ARM chips are used in smartphones and tablets from Apple, Samsung, HTC and Research In Motion.

Intel and Google said that they expect Intel-based, Android smartphones to appear by the middle of next year. The arrangement with Google gives the chipmaker an endorsement that its new chips will be competitive in the challenging mobile environment.

Otellini told news media that the smartphone business “is not established” in terms of permanently dominant players, and he noted as evidence the speed with which Android has risen to become the leading mobile operating system.

‘Will Anyone Care?’

Microsoft’s coming Windows 8 operating system, unveiled to developers earlier this week, will have a version that runs on ARM processors. In fact, although Microsoft has been insisting that Windows 8 will be one operating system running on many platforms, there will be a branch just for ARM. The company said that Windows 8 on PCs will run all Windows 7 apps, but Windows 8 on ARM tablets may not be able to do so. Metro apps, designed specifically for Windows 8, will run on all Windows 8 machines.

Michael Gartenberg, research director at the Gartner Group, said the announced arrangement between Google and Intel makes sense for both companies, but the key question is “will anyone care?” He said Intel “has a lot to prove about whether it can make a mobile processor” that OEMs will want.

Avi Greengart, research director for consumer devices at Current Analysis, said the announcement showed “really, truly, nothing new.” Intel has, in the past, worked to some degree with other operating systems, while Microsoft has worked with other hardware makers, Greengart said.

One question is whether this new alliance with Google means that Intel’s own Meego mobile operating system, developed with Nokia, is now history. Greengart said it is “still around, but Intel is positioning it more for embedded applications.” When Nokia committed its product line to Windows’ Phone 7, he said, that “kind of killed any momentum.”

Source: NewsFactor

For mobile devices like laptops though, and situations where the computer is shut down and restarted again multiple times throughout the day, the new Windows 8 Hybrid Boot technology could have a huge impact.

Microsoft is very thorough when it comes to improving the operating system. The company always starts with data of the current use. When it comes to Windows 7, Microsoft noticed that 45% of laptop users and 57% of desktop users where shutting down (and possibly restarting) the operating system. The reason for shutting down the PC, instead of putting it in sleep or hibernation, has several reasons. A core reason is that some users want their PCs completely off, while others want to preserve as much batter or energy as they can.

The core difference between the boot process in Windows 7 and Windows 8 is this. Microsoft uses hibernation to save the kernel session. Think of it as partial hibernation. The core gain is a speed increase of 30% to 70% on all systems, as “reading the hiberfile in and reinitializing drivers is much faster”. But that’s not the only reason why it is faster. Microsoft has added multi-phase resume capabilities to the operating system which uses all cpu cores in multi-core systems in parallel to split the work load.

Here is a video demonstrating the fast startup feature of the Windows 8 operating system.

Source: Ghacks.net

The Flash plug-in for browsers

As the owner of one of those Android phones that has the Flash player installed, though, I can tell you why the iPhone’s not getting Flash: It’s awful. It runs horribly, and horribly slow. It’s a crapshoot whether it works at all, on my phone from last year, and that’s just to play a Web video. And Flash games like Robot Unicorn Attack? Right out.

Fortunately, a lot of these games and videos are available through apps like the YouTube one. That’s how iPhone owners watch them. And it seems Adobe has finally accepted that.

Introducing the Flash Media Server

Don’t be fooled by the headline on Boy Genius Report’s article. Adobe’s not bringing Flash anything to iPhones or iPads. Instead, website owners can buy these Flash Media servers for upward of $995, and they’ll convert Flash movies into a form that iGadgets can use.

There are a number of downsides with this plan. One, it doesn’t work on all websites; only the ones with owners who paid Adobe hundreds or thousands of dollars. And two, it costs hundreds or thousands of dollars. How many bloggers and restaurant owners are going to want to shell out $995 to $4,500 just so iPhone owners can watch ads in their web browsers instead of YouTube?

If anything, Adobe’s given people a reason to use HTML 5 video, or movies that play outside of Flash Player. Flash was fun while it lasted, but it’s going the way of the dinosaur. This “media server” thing is just an expensive kludge to artificially extend its lifespan, by milking businesses that are addicted to it.

But iPhones can’t browse the full web!

Actually, iPhone owners will have a better web browsing experience than most Android phone owners. Instead of having their battery life drained by a choppy Flash video — one that would just crash low-end smartphones like mine — they’ll get web movies in a format their iPhone can play without breaking a sweat.

Let’s face it: It’s been four years since the iPhone came out, and roughly three years since the first Android phone did. Adobe has had plenty of time to make Flash do its thing, and/or beg, plead, and cajole Apple into putting Flash on the iPhone. The Flash Media Server products show that it’s given up, at least on the “persuade Apple” part. And the poor quality of the Flash experience on Android smartphones and tablets suggests that it may be wise for Adobe to give up there as well.

Source: Yahoo! Contributor Network

That is where the new Droid Bionic from Motorola comes in. The Droid Bionic, released Thursday, is no weak contender in this fight to the top. Running on Android 2.3.4, the phone is miles ahead of even some of the most far-stretched rumors of the iPhone 5′s capabilities. With that being said, there are five reasons the Droid Bionic will be taking over the throne:

Price:

When the Bionic hits shelves early Thursday morning, it will not be undersold. With prices confirmed, such as $280 at Costco with free accessories, this phone is coming out swinging. As always, Apple plans to keep its customers in the dark, so no pricing is confirmed. However, knowing Apple’s past release of iPhone 4, one can expect a minimum $600 price tag.

Battery:

Anyone who has ever owned an iPhone knows one thing: There is no such thing as charging your iOS-powered phone too much. The Droid Bionic will operate using state of the art Lithium Ion battery with a capacity of 1,735 mAh, which is 315 more than the last iPhone released. Due to this, talk time is clocked in at 10.83 hours and stand a whopping 200 hours!

Flash:

Steve Jobs’ campaign against Flash compatibility has been a fight against what the people want. Bionic comes equipped to handle Flash and Flash-enabled software. This means no more sacrificing Web browsing or staring at error boxes where the flash content should be!

Music:

You would think that coming from having roots in an MP3 player the iPhone would have much more muscle in this field. However, the Droid Bionic once again outdoes Apple with the ability to handle formats such as WMA, eAAC+, AMR, and OGG. These formats, especially eAAC+, are some of the highest-quality, lowest-loss music media to date in the digital world.

Memory:

With no word from Apple yet on the iPhone 5′s ability to hold microSD cards, it is safe to assume the Droid Bionic is at the very top of its class. The microSD cards are already known for being some of the cheapest and most efficient ways to store data and Droid Bionic makes use of this. In fact, the new Motorola Smart Phone will be able to hold up to 32 GB of additional microSD or microSDHC memory!

The days of Apple’s rule over the kingdom are over. The new smart phone on the block, the Droid Bionic, is going to clean the floor with the lagging iPhone 5.

Source: Yahoo! / Engadget

Early 2011 BitTorrent Inc., the company behind the popular file-sharing client uTorrent, launched a new all-in-one ecosystem for BitTorrent-certified products codenamed Chrysalis.

By using a certified application users can search for files that are shared on BitTorrent, download these files, and play them directly on their computers, TV or mobiles devices. Everything is bundled into one system and downloaders don’t have to worry about conversion, codecs or file-formats.

Today BitTorrent Inc. and TV manufacturer Vestel announce the launch of the first digital TV that will come with this built-in BitTorrent support. By embedding BitTorrent technology directly into the the TV hardware the two companies hope to appeal to a wide audience of people who are looking for an even more simple way to enjoy downloaded content in their living room.

“Consumers want all types of personal media and Internet content in their living rooms and the TV remains the most desired device for consuming this digital media, regardless of source,” Vestel’s Hakan Kutlu said commenting on the announcement.

“BitTorrent certification helps our TV line meet this consumer demand and ensures that Vestel products remain at the forefront of technology innovation and adoption,” Kutlu adds.

The first BitTorrent certified TV will be demoed tomorrow in Berlin, Germany at IFA, one of the world’s largest consumer trade shows.

Aside from convenience, the main reason for BitTorrent Inc. to develop the new BitTorrent ecosystem is to simplify the downloading process for less tech-savvy people. Right now, many people drop out after installing a BitTorrent client because they find it too complicated to download and play content.

“The world of digital media has become unnecessarily complex and results in an increasingly fragmented consumer experience. People want access to their entire content library – personal media, Internet files, and artist approved content – regardless of source, media type, or file format,” BitTorrent’s chief strategist Shahi Ghanem said.

BitTorrent told TorrentFreak that more certified devices running Chrysalis software will be announced this fall. Two years ago BitTorrent already partnered with device makers such as Netgear and D-Link to bring BitTorrent to set-top boxes and NAS devices, but these don’t run on Chrysalis yet.

BitTorrent’s efforts to simplify the user experience and become more integrated into devices doesn’t mean that the development of uTorrent will stagnate. The Chrysalis project has replaced the former mainline BitTorrent client, but uTorrent will continue to be developed separately. And with more than 100 million active users a month, that is probably a wise decision.

Source: TorrentFreak

On the other hand, you also have early tech adopters like me who can’t wait to get their hands on the latest gadget. Chromebooks are new and different; the browser IS the operating system, and applications are available as browser plugins. But when all is said and done, why would I want to switch to a Chromebook when my MacBook Air runs OSX and Windows and is at least a pound lighter?

There is the matter of complexity, of course. There are a lot of people who simply do not need a full-blown computer in their lives. Many people are quite satisfied to surf the web, send email, use Facebook. They don’t need Microsoft Office, they don’t play World of Warcraft. For them, a Chromebook would be perfect.

Source: ZDNet

Some industry observers clearly have been worried about the dumbing down of the next Windows OS release. However, users who highly value the full-blown desktop experience will have the full set of PC capabilities at their fingertips, said Steven Sinofsky, the president of Microsoft’s Windows division, writing in a blog.

“If you want to, you can seamlessly switch between Metro style apps and the improved Windows desktop,” Sinofsky wrote. “Essentially, you can think of the Windows desktop as just another app.”

Windows 8 tablet users who prefer Windows Phone’s Metro-style UI for accomplishing tasks on the fly will never even need to see the platform’s desktop version.

“We won’t even load it — literally the code will not be loaded — unless you explicitly choose to go there,” Sinofsky said.

Moreover, the new Metro-style UI “is much more than the visual design — [it is] fast and fluid, immersive, beautiful, and app-centric,” Sinofsky said. And tablet users who do not need the full-blown Windows desktop experience won’t have to comply with its more stringent memory, battery life and hardware requirements, he added.

The Innovator’s Dilemma

Microsoft has to negotiate an innovator’s dilemma with Windows 8, said Al Hilwa, director of applications software development at IDC.

“They have to create a product which is appealing to an apparently large segment of the user population who loves a simpler touch-first approach to computing, while maintaining Window’s existing user-base that is comfortable with the precise control a keyboard, a mouse and a file-oriented interface provides,” Hilwa said.

Just how Microsoft will go about accomplishing the delicate balancing act of having both Windows 8 user interfaces operating together harmoniously remains unclear right now. However, more concrete details are expected to emerge at Microsoft’s Build conference for developers beginning Sept. 13 in Anaheim, Calif.

The bottom line is that Microsoft will need to ensure that both user segments remain happy with Windows 8, Hilwa said. The software giant also will need to “maintain two parallel application development models until these begin to blend more naturally down the road,” he added.

The Ribbon Users Love To Hate

Already featured in the 2007 and 2010 releases of Microsoft’s Office business productivity suite, the ribbon is one design element that some Office users love to hate. This helps explain this week’s flurry of negative comments about the addition of a ribbon to the new file management tool for Windows 8.

Still, Sinofsky pointed out that the addition of a ribbon will enable the platform’s designers to create an optimized file manager that positions the most frequently used commands at reliable, logical locations.

“The flexibility of the ribbon with many icon options, tabs, flexible layout and groupings also ensured that we could respect [Windows] Explorer’s heritage,” Sinofsky said.

What’s more, the Windows Explorer ribbon provides for a much more reliable and usable touch-only interface than pull-down-menu or context-menu designs could provide, Sinofsky said. Though some critics have complained about the additional screen real estate that this feature would occupy, Sinofsky said users would be able to display the Windows Explorer ribbon in either an open or minimized state.

Source: NewsFactor

The Windows Live DRX team produces the SkyDrive client applications that fuel our customers thirst for stable, secure and available online storage. DRX is building experiences to deliver all of your content from the cloud and your devices to any of your devices anywhere anytime. Our team develops clients for Windows, Windows Phone, iPhone, Mac and Android. We are looking for developers that are looking for their next challenge to build the highly distributed platform and multi-platform clients for the SkyDrive suite of products delivered through Windows Live and Windows.

For those of you who doesn’t know what the Windows Live DRX team do, they’re best known (or so they say) for developing Windows Live Mesh for the Wave 4 release back in 2010. If the DRX team is now working on SkyDrive client applications (for both Windows and other platforms), does that mean these “SkyDrive client applications” are actually some form of Windows Live Mesh? If you recall, the cloud-based “synced storage” component for the current Windows Live Mesh has one major shortfall – it is not integrated with the actual Windows Live SkyDrive in any way. Would this news also mean the synced storage for Mesh will finally be integrated with the actual SkyDrive?

If we trace back to the history of Windows Live Mesh, you might remember that the origin of Windows Live Mesh – which happens to be called Live Mesh – had a vision of being able to run across a variety of platforms and devices, including mobile, Mac, Xbox and Zune. The following video (thanks Avatar X!) from the Microsoft keynote during the 2008 Web 2.0 Expo might give you a good reminder of what Live Mesh could’ve been like:

Source: Liveside.net

This month alone, the MSVR (Microsoft Security Vulnerability Research) team released advisories to document vulnerabilities in WordPress and Apple’s Safari browser and in July, software flaws were found and fixed in Google Picasa and Facebook.

The MSVR program, launched two years ago, gives Microsoft researchers freedom to audit the code of third-party software and work in a collaborative way with the affected vendor to get those issues fixed before they are publicly compromised.

The team’s work gained prominence in 2009 when a dangerous security hole in Google Chrome Frame was found and fixed but it’s not very well known that the team has spent the last year disclosing hundreds of security defects in third-party software.

Since July 2010, Microsoft said the MSVR team identified and responsibly disclosed 109 different software vulnerabilities affecting a total of 38 vendors.

After dropping the TouchPad’s price to $99 for the 16Gb model and $149 for the 32GB variation, HP has sold an estimated 350,000 units this weekend. That’s comparable to launch weekend sales for Apple’s tablet. Granted, HP’s tablet is discontinued and on clearance, but it shows that many consumers are willing to forget about the iPad, if the price is right.

Here’s the problem with the current system: many entry-level tablets cost somewhere around $500 and that’s the same price as the iPad. I’m guessing most consumers that decide to spend a $500 on a tablet will opt to get an iPad. If other manufacturers want to be competitive with Apple’s tablet, which is in many ways the definitive device on the market, they need to give consumers a reason to pick up their device instead.

That hasn’t really been done until now.

HP offering its discontinued tablet for a one-fifth the cost of Apple’s tablet seems to have registered with many price-conscious and deal-hunting consumers.

Sure, I get that everyone likes a deal, myself included. (I picked up a TouchPad at my local BestBuy yesterday.) Obviously, HP’s price drop is a unique situation that other tablet makers probably don’t want to emulate, but maybe more thought should go into the tablet designing process than “let’s make
something like the iPad, that costs the same amount as the iPad.”

If nothing else, the fire sale shows that there is a lot of consumer interest in tablets and a lot of missed opportunities by other tablet makers. There are some tablet options under the $300 price point, but not too many that are mainstream.

Source: PC World

The music service will be offered as part of BlackBerry Messenger (BBM), its instant messenger service, according to the reports. The service may be launched as early as next week, said The Wall Street Journal.

A source familiar with the plan confirmed on condition of anonymity that the service was indeed being launched, but did not provide details.

Subscribers will get access to around 50 songs at a time, which they can listen to on their phones and share with other subscribers through BBM, the reports said.

RIM is not intending to compete with other music services like Apple’s iTunes or Spotify, WSJ said. Instead it is focusing on making its devices more attractive to younger users who would like to customize their phones and share music, the newspaper said.

RIM said in an e-mailed statement on Thursday that its “standard policy is to decline comment on rumors and speculation”. BBM is one of the largest mobile social networks in the world with over 45 million users, it added.

RIM is said to be in negotiations with four major recording labels for licensing deals, and may have closed some of the deals, according to the reports. The labels it is said to be negotiating with are Universal Music Group, Sony Music Entertainment, Warner Music Group, and EMI Group.

Source: PC World

In an interview with me, Whitehurst told me that he believes that the “Fat client operating system [the traditional desktop] is becoming a legacy application.” What he meant by that isn’t that your desktops are suddenly going to vaporize into puffs of smoke in 2016 like from some really lame disaster movie. No, his point is that the cost of maintaining and securing a desktop operating system is growing increasingly higher.

So, what he sees happening is that everyone, and it’s not just Linux, “writing their functionality for the back engine. Why would anyone with all the different platforms—smartphones, tablets, etc.—and the costs of securing all of them want to spend money on that? The cost to manage and secure a fat client is ridiculous.”

So what will replace it? He sees several possibilities. In the short run, for businesses he sees Virtual Desktop Infrastructure (VDI) becoming increasing more important. Here, he sees Citrix, which has long provided Windows desktops via its VDI platform, continuing to be the major player. “It’s Citrix’s market to lose,” said Whitehurst.

Red Hat will also play a role in VDI as well. In 2012, Red Hat will be reintroducing ts Simple Protocol for Independent Computing Environments (SPICE)-based VDI. On the server side, SPICE depends on KVM (Kernel Virtual Machine) for its horsepower. Don’t think though that Red Hat plans on head-to-head competition with Citrix for tomorrow’s VDI desktop. They don’t.

Instead, Whitehurst said, “SPICE will be part of a packaged offering for those who want it.” He sees its market as being primary users who are already using Linux desktops, terminal applications, or Linux-based thin-clients. It’s a great offerings, but as for using it to run say “20,000 Windows desktops?” No, that’s Citrix’s market.”

So what kind of desktop does he see the enterprise user moving to, since after all, there’s only so much you can do with any tablet or smartphone? Whitehurst thinks it will probably be based on a KVM-based cloud and using a Web browser as its primary interface.

He added that he thinks Google’s Chrome operating system looks promising and that he plans on trying out the Samsung Chromebook himself sometime soon. You see, unlike many CEO’s, Whitehurst is also a techie. His first exposure to Linux was running Slackware on his own. Today, he runs Fedora 15 as his desktop. He knows Linux. As Red Hat gets ready to become the first billion-dollar open-source company, it’s clear he knows business. He knows the desktop. If he says the fat-client desktop is getting ready to become yesterday’s news, I’m inclined to listen to him.

Source: ZDNet

According to an advisory from the open-source group, 8 of the 10 vulnerabilities are rated “critical,” meaning that they can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.

Here’s a glimpse of the critical issues:

Mozilla identified and fixed several memory safety bugs in the browser engine used in Firefox 4, Firefox 5 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

These include a WebGL crash, a JavaScript crash, a crash in the Ogg reader, memory safety issues and unsigned scripts.  These all affected Firefox 4 and 5.

Mozilla also credited researcher Michael Jordon of Context IS  with reporting a pair of critical issues — that an overly long shader program could cause a buffer overrun and crash in a string class used to store the shader source code; and a potentially exploitable heap overflow in the ANGLE library used by Mozilla’s WebGL implementation.

Some additional security problems fixed:

• Security researcher regenrecht reported via TippingPoint’s Zero Day Initiative that a SVG text manipulation routine contained a dangling pointer vulnerability.
• Mike Cardwell reported that Content Security Policy violation reports failed to strip out proxy authorization credentials from the list of request headers. Daniel Veditz reported that redirecting to a website with Content Security Policy resulted in the incorrect resolution of hosts in the constructed policy.
• nasalislarvatus3000 reported that when using Windows D2D hardware acceleration, image data from one domain could be inserted into a canvas and read by a different domain.

Overall, the theme across Android licensees’ initial statements is unwaveringly supportive at this point. Considering that Google’s primary goal is to shore up Android’s shaky patent situation, that comes as little surprise — though the striking similarity in some of the messaging suggests that Mountain View may have applied some pressure to show a unified front today. Regardless, the ball will be in Google’s court going forward to make sure that these guys aren’t put at a competitive disadvantage against Motorola — a move that could drive them away from Android altogether and into alternatives like Windows Phone, as Nokia’s statement seems to imply.

Follow the break for the full rundown from Nokia, HP, Samsung, HTC, Sony Ericsson, and LG.

Nokia

From Nokia, which had bypassed Android for its “commoditization risk” and is preparing to introduce a lineup dominated by Windows Phone devices in the coming years:

“This further reinforces our belief that opportunities for the growth of Nokia’s smartphone business will be greatest with Windows Phone. This could prove to be a massive catalyst for the Windows Phone ecosystem. Additionally, with our respective intellectual property portfolios, Nokia and Microsoft are working together to build and nurture an innovative ecosystem that benefits consumers, operators, developers and other device manufacturers.”

HP

HP hopes to go big with webOS through its own devices (and perhaps licensing deals at some point), which means it’s not directly affected by the Google-Motorola deal — but the seismic shift in the wireless ecosystem has the potential to affect the company’s fortunes nonetheless. Alas, they’ve issued a standard “no comment” today.

Samsung

Though Samsung Mobile US hasn’t specifically weighed in on the deal, JK Shin, President of Samsung Mobile’s global operations, had this to say:

“We welcome today’s news, which demonstrates Google’s deep commitment to defending Android, its partners, and the ecosystem.”

HTC

HTC — which splits its time between Android and Windows Phone — called on CEO Peter Chou for this quote:

“We welcome the news of today’s acquisition, which demonstrates that Google is deeply committed to defending Android, its partners, and the entire ecosystem.”

Additionally, the company insists that the deal won’t have an effect on its working relationship with Google:

“We are supportive of Google’s acquisition of  Motorola Mobility as this is a positive development to the Android ecosystem, which we believe is beneficial to HTC’s promotion of Android phones. The partnership between HTC and Google remains strong and will not be affected by this acquisition.”

Sony Ericsson

Bert Nordberg, CEO of the embattled company, released one of the briefest comments of the day — though it echoes the same sentiment that’s being conveyed by other Android manufacturers:

“I welcome Google‘s commitment to defending Android and its partners.”

LG

LG Mobile boss Jong-Seok Park seems to have cribbed off Nordberg’s notes (or vice versa):

“We welcome Google‘s commitment to defending Android and its partners.”

Source: Thisismynext

Software-bundled add-ons have been a problem for Firefox users, who have sometimes been surprised to find browser extensions show up on their machines without their consent.

An add-on included with Skype, for example, caused such a high number of browser crashes that Mozilla added it to a list of banned extensions last January. And in 2009, an add-on that Microsoft silently slipped into Firefox left browser users open to attack, a fact that Microsoft itself admitted.

“While some of these applications seek the user’s permission beforehand, others install add-ons into Firefox without checking to make sure the user actually wants them,” said Justin Scott, product manager for add-ons, on a Mozilla company blog.

Scott ticked off numerous issues with such add-ons, ranging from slowing down Firefox’s startup and page loading times to not keeping up with Firefox’s feature and security updates. “Most importantly, they take the user out of control of their add-ons,” Scott said.

Changes slated for Firefox 8, which will hit Mozilla’s “Aurora” preview channel next week and is scheduled to release in final form on Nov. 8, will return control to users, argued Scott.

If Firefox 8 finds that another program has installed an add-on, the browser will automatically disable it until the user has agreed to its installation. “Users that want the functionality provided by a third-party-installed add-on can easily allow the installation, while users who don’t can cancel or ignore the prompt,” said Scott.

Previously-installed add-ons will also be tagged when users upgrade to Firefox 8, and won’t be enabled until the user explicitly agrees.

Developers who follow Mozilla’s rules — asking users to opt-in — will be affected as well as those who try to slip an add-on by users, something that immediately raised questions.

“We have an installer on Windows that installs an add-in to Firefox (via an .exe). Its only job is to install the add-on and the user is agreeing to install the add-on,” said Michael Kaply, a former IBM developer who now consults with corporations on customizing Firefox for their workers or clients. “How do we keep this prompt from appearing in this case?” Kaply asked in a comment appended to Scott’s blog.

Mozilla didn’t have an answer for Kaply.

“Firefox unfortunately doesn’t have any way of knowing if the user was ever asked about installing the extension,” acknowledged Alex Faaborg, a principal designer at Mozilla, in another comment. “So the only way to ensure user control is to ask them when Firefox launches.”

Scott echoed that, saying that impact of bad add-ons outweighed the pain that will be felt by developers who abide by the rules. “Unfortunately, the extent of unwanted add-ons installed through these methods has caused us to take action, but we’re confident that users who truly want such add-ons to be installed will opt in when Firefox prompts them,” he said.

Users can try out the new add-on management features by downloading Firefox 8 after it lands on the Aurora channel next week.

Ryan:  Users should be given the option to choose whether or not they’d like to update or install an add-on in the first place.

Source: ComputerWorld

Riley Hassell, who caused a stir when he called off an appearance at a hacker’s conference last week, told Reuters he and colleague Shane Macaulay decided not to lay out their research at the gathering for fear criminals would use it attack Android phones.

He said in an interview he identified more than a dozen widely used Android applications that make the phones vulnerable to attack.

“App developers frequently fail to follow security guidelines and write applications properly,” he said.

“Some apps expose themselves to outside contact. If these apps are vulnerable, then an attacker can remotely compromise that app and potentially the phone using something as simple as a text message.”

He declined to identify those apps, saying he fears hackers might exploit the vulnerabilities.

“When you release a threat and there’s no patch ready, then there is mayhem,” said Hassell, founder of boutique security firm Privateer Labs.

Hassell said he and Macaulay alerted Google to the software shortcomings they unearthed.

Google spokesman Jay Nancarrow said Android security experts discussed the research with Hassell and did not believe he had uncovered problems with Android.

“The identified bugs are not present in Android,” he said, declining to elaborate.

It was the first public explanation for the failure of Hassell and Macaulay to make a scheduled presentation at the annual Black Hat hacking conference in Las Vegas, the hacking community’s largest annual gathering.

They had been scheduled to talk about “Hacking Androids for Profit.” Hundreds of people waited for them to show up at a crowded conference room.

Hassell said in an interview late on Thursday the pair also learned — at the last minute — that some of their work may have replicated previously published research and they wanted to make sure they properly acknowledged that work.

“This was a choice we made, to prevent an unacceptable window of risk to consumers worldwide and to guarantee credit where it was due,” he said.

A mobile security researcher familiar with the work of Hassell and Macaulay said he understood why the pair decided not to disclose their findings.

“When something can be used for exploitation and there is no way to fix it, it is very dangerous to go out publicly with that information,” the researcher said. “When there is not a lot that people can do to protect themselves, disclosure is sometimes not the best policy.”

Hassell said he plans to give his talk at the Hack in The Box security conference in Kuala Lumpur in October.

Ryan:  If you are running an Android phone, two must have apps for your phone are:  Lookout Mobile Security for Android & Advanced Task Killer.

Source: Reuters

With the most recent update, Google is proving its case.

In an addition that perhaps should have been part of the Chromebook from the beginning, Google is adding virtual private network (VPN) support, allowing users secure remote access of their corporate or institutional networks.

That’s not all. Google is also adding support for the secure 802.1X protocol, which allows network managers to require authentication for users to access secure Wi-Fi networks.

Sweetening the deal is Citrix desktop application vitualization, ideal for companies that rely on expensive software suites but are increasingly made up of road warriors.

Google says all three feature additions are in response to feedback from its business and education customers. With such widely-used features in these sectors, though, why wasn’t it a no-brainer?

Source: ZDNet / Google

“With our technology we can capture GPRS data communications in a radius of 5 km,” he told the paper before heading to a meeting of the Chaos Computer Club, a group that describes itself as Europe’s largest hacker coalition.

Phones using the newer UMTS standard are safer, Nohl said, but the crack effects industrial equipment, toll systems and anything using GPRS — including newer devices like Apple Inc’s iPhone or iPad which switch to the older GPRS in remote areas.

Source: Reuters

According to Tavis Ormandy, an information security engineer at Google who has a history of controversial vulnerability disclosures, the 400 unique Flash Player vulnerabilities were sent to Adobe as part of an ongoing security audit but there’s no documentation on these fixes in the new update.

“Apparently that number was embarrassingly high, and they’re trying to bury the results, so I’ll publish my own advisory later today,” Ormandy said on his Twitter feed.

Adobe’s advisory that accompanies the Flash Player update does in fact acknowledge Ormandy’s work:

Adobe would also like to thank Tavis Ormandy and the Google Chrome team for their great work on several improvements to this Flash Player release.

However, only 13 unique vulnerabilities are documented in the release and this prompted a series of snippy back-and-forth Twitter messages between Ormandy and Adobe spokeswoman Wiebke Lips.

“Tavis, please do not confuse sample files with unique vulnerabilities. What is Google’s agenda here?” Lips said. (This Twitter message has since been deleted).

Ormandy’s response:

“I don’t know what Google’s agenda is, but my agenda is getting credit for my work and getting vulnerabilities documented.”

Almost lost in the public spat is the fact that Adobe’s ubiquitous Flash Player contains vulnerabilities that could lead to remote code execution attacks.  The security flaws, described as “critical,” affect Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.25 and earlier versions for Android.

“These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system,” Adobe warned.

Adobe also shipped separate advisories to warn about security holes in Shockwave, Flash Media Server, Photoshop and RoboHelp.

• APSB11-19 – Security update available for Adobe Shockwave Player (Critical Severity)
• APSB11-20 – Security update available for Adobe Flash Media Server (Critical Severity)
• APSB11-22 – Security update available for Adobe Photoshop CS5 (Critical Severity)
• APSB11-23 – Security updates available for RoboHelp (Important Severity)

Source: ZDNet

The system would also make the solid-state drive optional. Buyers could pick the likely Intel-made 160GB SSD or opt for more traditional 250GB and 500GB hard drives. Not much is known about the choice of processor other than using a 2011 Core chip, although the Aspire would follow Apple into including Bluetooth 4.0 while swapping out the Thunderbolt for a plainer HDMI output. A card reader is in view on the right-hand side.

Acer is believed to be focusing on longevity, offering a competent though shorter six hours of battery use as well as 30 days of standby; the long idle time might only be true for the SSD option. Moving from sleep to wake should take 1.7 seconds.

Earlier rumors have had Acer’s ultrabook shipping at the very end of the year. The 3951 might undercut the MacBook Air with estimated prices of between $769 to $961 depending on the model, although it’s not clear what a base model would involve. Any lower pricing is likely to entail a slower rotating hard drive and might go below the 1.7GHz Core i5 Apple uses in its own system.

Intel devised the ultrabook spec as a way of sustaining notebook sales in the face of tablets through taking a cue from the Air. The decision may have triggered a pushback from Windows PC builders who have been fighting to lower the price after they were worried they would have no choice but to match Apple’s price after Intel set similar quality and performance goals.

Source: Electronista

People no longer have to log-in to the Facebook app to get and send messages. Like with Facebook’s web interface, people can see SMS text messages, chat messages, emails and Facebook messages all in one place.

For friends who are not on Facebook, the app will send them a text message, so people do not have to decide which is the best way to reach someone. If users share their location with friends in a group chat, they can see a screen with their friends on a map.

Facebook previously acquired start-up Beluga, a group messaging app in March. That team has worked on building out this app for Facebook.

It’s an interesting move for Facebook, setting up a completely separate app just for messaging. It shows Facebook’s emphasis on mobile and the company’s increasing focus there. Facebook still doesn’t have an iPad app, but it’s widely expected.

One way to look at this is, is that people’s Facebook contacts–what Facebook calls the “social graph”–are extremely valuable in and of itself, outside of all the other features of Facebook. Group messaging apps such as GroupMe, Gogii’s TextPlus, Pinger’s TextFree, WhatsApp, and Zlango have grown quickly as a way for people to stay in touch with small or large groups of people on their mobile devices, with mostly free texting. To stay in the middle of all that communication, Facebook now has an app of its own.

Source: Forbes

Or they will, perhaps, when an app called Anti, or Android Network Toolkit, hits the Android market next week. The program, which Israeli security firm Zimperium revealed at the Defcon hacker conference in Las Vegas Friday and plans to make available to Android users in coming days, is designed for penetration testing–in theory, searching out and demonstrating vulnerabilities in computer systems so that they can be patched. Anti aims to bring all the hacking tools available to penetration testers on PCs to smartphones, with an automated interface intended to make sniffing local networks and owning remote servers as simple as pushing a few buttons.

“We wanted to create a penetration testing tool for the masses, says Itzhak “Zuk” Avraham, founder of Tel-Aviv-based Zimperium. “It’s about being able to do what advanced hackers do with a really good implementation. In your pocket.”

Anti, a free app with a $10 corporate upgrade, will offer a wi-fi-scanning tool for finding open networks and showing all potential target devices on those networks, as well as traceroute software that can reveal the IP addresses of faraway servers. When a target is identified, the app offers up a simple menu with commands like “Man-In-The-Middle” to eavesdrop on local devices, or even “Attack”; The app is designed to run exploits collected in platforms like Metasploit or ExploitDB, using vulnerabilities in out-of-date software to compromise targets.

For now, the demonstration app Avraham showed me was equipped with only a few exploits: One aimed at a bug in Windows–the same flaw exploited by the Conficker worm in 2009–another targeting default SSH passwords in jailbroken iPhones, and a third exploiting a vulnerable, older version of Android. Zimperium has also built a Windows trojan that allows Anti to perform automated commands on hijacked machines like taking a screenshot, ejecting a CD, or opening the calculator, a common penetration-testing demonstration.

Even in its current form, the app raises the possibility of dangerous, stealthy attacks. A hacker could, for instance, walk into a coffee shop or a corporate office with his phone and start sussing out machines for data theft or malware infection. But Avraham says Zimperium will ask users in its terms of service to limit their hacking to “white hat” penetration testing.

“Hacking is not for the chosen few,” reads one description in the app’s documentation, formatted in Star Wars-style scrolling text. “Anti is your perfect mobile companion, doing it all for you. Please remember, with great power comes great responsibility. Use it wisely.”

Penetration testers who saw the app at Defcon were impressed. “It’s just sick,” says Don Bailey, a researcher with security firm iSec Partners. “The way it populates the screen with vulnerable targets…it’s really elegant.”

Another professional penetration tester for a defense contractor firm who asked that his name not be used called the app a “quick and dirty Swiss army knife for mobile pen testing.” “It’s so polished it’s almost like playing a video game,” he says, comparing it to penetration testing suites that cost thousands of dollars.

With its sheer simplicity, Anti’s impact could be comparable to that of Firesheep, a proof-of-concept tool released in October of last year that allowed anyone to easily snoop on devices on unsecured wi-fi networks that connected to unencrypted web pages. That tool was downloaded more than 1.7 million times, and no doubt used in some instances to spy on web users unawares. But it also helped inspire both Twitter and Facebook to encrypt traffic to their site and prevent such eavesdropping.

“People might use it in dangerous ways,” Avraham says with a shrug. “I really hope not. But I know this might be the risk to help people increase their security, and that’s our goal.”

Ryan: Great, now every kid that owns an Android phone can play wannabe hacker. Just what this world needs.

Source: Forbes

The Trojan is currently being delivered via fake a Adobe Flash Player (FlashPlayer.pkg) update, F-Secure said in a blog post.

Once installed, the trojan adds entries to the hosts file to hijack users visiting various Google sites (e.g., Google.com.tw, Google.com.tl, et cetera) to the IP address 91.224.160.26, which is located in Netherlands.

The server at the IP address displays a fake webpage designed to appear similar to the legitimate Google site.

“Even though the [Google] page looks fairly realistic, clicking on any of the links does not take the user to any other sites. Clicking on the links does however open new pop-up pages, which are all pulled from a separate remote server,” F-Secure said, nothing that this attack may be aimed at serving ads to infected Mac OS X machines.

Apple has struggled recently with scareware attacks on its platform and the latest sighting is further proof that the increase in Mac OS X market share has attracted the attention of malware writers.

Source: ZDNet

The robots will be used to do simple and routine work such as spraying, welding and assembling which are now mainly conducted by workers, said Gou at a workers’ dance party Friday night.

The company currently has 10,000 robots and the number will be increased to 300,000 next year and 1 million in three years, according to Gou.

Foxconn, the world’s largest maker of computer components which assembles products for Apple, Sony and Nokia, is in the spotlight after a string of suicides of workers at its massive Chinese plants, which some blamed on tough working conditions.

The company currently employs 1.2 million people, with about 1 million of them based on the Chinese mainland.

Ryan:  I don’t like to read about Foxconn workers jumping off buildings, it’s also bad for PR.

Source: Xinhua News

It can accomplish this feat with a Linux computer on-board that’s no bigger than a deck of cards. The computer accesses 32GB of storage to house all that stolen data. It uses a variety of networking hacking tools including the BackTrack toolset as well as a 340 million word dictionary to guess passwords. In order to access cell phone data, the WASP impersonates AT&T and T-Mobile cell phone towers and fools phones into connecting to one of the eleven antenna on-board. The drone can then record conversations to the storage card and avoids dropping the call due to the 4G T-mobile card routing communications through VoIP.

Amazingly, this was accomplished with breaking a single FCC regulation. The drone relies on the frequency band used for Ham radios to operate. Not wanting to get into legal trouble with AT&T and T-Mobile, they tested the technology in isolated areas to avoid recording phone conversations other than their own. The duo play to discuss how to build the WASP at the DEFCON 19 hacking conference.

Source: Digital Trends / Yahoo! News

In an era of smartphones and tablets, Intel is banking on the Ultrabook to breathe new life into the PC. Intel execs have said this new class of powerful, affordable ultra-thin notebooks could represent as much as 40 percent of consumer laptops by the end of next year.

But what exactly makes the Ultrabook different from, say an Apple MacBook Air, hasn’t been clear. Part of this is because the Ultrabook will take several years to fully evolve. The first Ultrabooks from the likes of Asus, HP, Lenovo and LG Electronics are due in time for the holidays. But from the start Intel has said that it will require several generations of new silicon, and hardware and software engineering, to realize the concept.

Now Intel is providing more details on how the Ultrabook will evolve. In a blog post this week, Becky Emmett, a media relations manager at Intel, wrote about the “substantial changes to the way Intel and its partners design, produce and market devices and their components” to enable the Ultrabook.

The first Ultrabooks, based on ultra-low voltage version of the second-generation Core processor (better-known as Sandy Bridge) will arrive in time of the holidays. The basic features of these Ultrabooks are already well-known:

• Less than 0.8 inches thick
• Fast start-up from hibernation with Intel’s Rapid Start technology
• Five to eight hours of battery life
• Enhanced security features to secure laptops and prevent identity theft

The Asus UX21, an 11.6-inch laptop, is expected to be the first when it ships this fall, followed by the Lenovo IdeaPad U300s and LG P220. But lately there have been rumors that computer makers are having trouble putting these together for less than $1,000 so the ramp of these first-generation Ultrabook may be slower than anticipated.

The second wave of Ultrabooks, due in the first half of next year, will be based on Intel’s first 22nm processors, known as Ivy Bridge. Intel claims these will have longer battery life, better performance, beefier security and high-speed data transfers with USB 3.0 and Thunderbolt, the I/O technology in several Apple Macs and the Sony VAIO Z Series.

Finally the third phase will be based on a new microarchitecture, Haswell, which Intel should release in 2014. With Haswell, Intel plans to change the basic design of its processors so that they use around half the power of today’s CPUs. In other words, you’ll get the performance (and price) of a mainstream processor combined with the battery life of today’s low-voltage versions. They should also be able to fit into even thinner and lighter systems that require less cooling.

PCs are always getting thinner, lighter, faster and cheaper. Intel is promising something bigger here comparing the Ultrabook with major shifts of the past such as the introduction of the Pentium processor in 1995 and the Centrino mobile platform in 2003. Intel says that eventually he Ultrabook will become “a tablet when you want it, a PC when you need it.” As someone who has spent a lot of time using convertible tablets, with mixed success, I can tell you that would be “an historic change” if Intel and the rest of the industry can pull it off.

Source: ZDNet

RIM says that there are 45 million BBM users, and that it activates 2 million new BBM accounts each month. The company says 70% of BBM customers use it daily and that those users send more than 100 billion messages each month. In other words, it’s been an overwhelming hit. Now RIM is wisely leveraging that popularity in a way that will not only make mobile app developers happy, but also create new app-embedded social experiences for its customers. Real-time instant messaging may not be the bedrock of your day, but this is a feature other mobile platform vendors will want to emulate. It is also further demonstration of RIM’s desire to create an ecosystem around what it calls Super Apps, or applications that become part of the underlying system infrastructure on a BlackBerry device.

For example, developers can add the ability to use BBM from within an app to invite a friend to download that app, with a mere line of code. RIM calls this viral distribution. Apps can also take advantage of BBM profile information, including the user’s name, avatar, and status, for a more customized application experience. Similarly, an application can update BBM profile information. For example, if you’re listening to a song in a music app, that song can become part of a BBM status update that all of your BBM friends can see.

Apps can also take advantage of a custom profile box. This box allows for more frequent updates, say for when you’re reading items in a news app. BBM friends who view that update can use that information to take them to the same application and read the news item as well. RIM calls this “inherent viral distribution,” which is Canadian for “nifty.” The idea here, then, isn’t just to create more rapid updates, but to do so in an application context, explained Brian Zubert, RIM’s team lead for developer relations.

Any and all of these application-context situations can also trigger BBM friends to download apps they don’t have; another boost for developers. Zubert said that most applications experience an initial usage spike when the user is enamored of the new app. Usage then levels off or disappears altogether, presumably as the user moves on to the next shiny app. One of the goals RIM has with BBM 6.0 is to change that behavior. “Nothing breeds retention like friends driving you back to apps,” he said. In many ways, Zubert said, the BlackBerry push service was all about driving content to users and driving those users back to an app. The same concept applies to BBM 6.0.

Apps can also leverage BBM’s chat features. Zubert offered the example of a virtual book club, where two BlackBerry users are reading the same book, and chat about it through BBM, right from inside the e-book app. These chats can happen anonymously, meaning you don’t have to be BBM friends to use BBM within apps, say for game playing or discussion boards. “Friends of convenience,” RIM calls this. Those guys have a phrase for everything.

RIM also believes these capabilities will drive people to extend their BBM world (or social graph, in cool kids’ parlance). Apps can also attempt to bring friends together, based on knowing who the app users are, and what their BlackBerry IDs are. This strikes me as a little creepy, but Zubert reminded me that you can go into permissions management and disable this sort of thing on a per-app basis; for instance, you can restrict an app from accessing your contact list. Zubert assured me that an app would have to get your permission to even send out a new BBM friend request.

BBM 6.0 has been in beta since January, and is available now in the BlackBerry App World. Several applications take advantage of these new capabilities, including FourSquare, Wikitude, Poynt, Huffington Post, and Backgammon King, among others.

Here’s a demonstration of BBM functionality in FourSquare:

Ryan:  I’m still waiting for BBM to be ported over to Android and Apple devices.

Source: InformationWeek

The new Vonage World plan is as follows: Subscribers can call land-line numbers in over 60 countries from either their own land-line or mobile phone using the VoIP service for $25.99 per month. Users can also call mobile numbers in up to 10 countries on the same plan.

Vonage suggests that anyone who already conducts international phone calls for a little as an hour a week could save up to $250 with this option.

Mike Tempora, senior vice president of product management for Vonage, said that the mobile option was in high demand from its customers, citing that “70 percent said they make international calls while their away from home either by using a calling card or paying high carrier rates.”

Additionally, the revamped plan includes the new Extensions feature, which enables customers to add any U.S. phone number (mobile, home or office) as another number on the plan. (Note that fax numbers as well as 800/887 and virtual numbers are not supported). That number can then double as a virtual calling card to re-route calls over the Vonage’s network.

For example, this makes the most sense if a subscriber has Vonage World at home or work, and wants to add his or her cell phone number to the plan, or vice versa.

The process to take advantage of this might seem a bit complicated on paper, but it’s rather straightforward. Once the user registers the number on his or her online account page, the user will then have to select a PIN number for validating the subscriber and the phone line later on. From there, when the user wants to make an international call, he or she just dials an access number, the PIN number and then the international phone number he or she is calling.

Tempora added that customers who use virtual numbers and/or international calling cards will find the process to be quite similar and intuitive.

Although this service is supported by any mobile device, there will be apps for iOS and Android in the coming weeks with a one-touch solution to streamline this process.

Ryan: Good news for people looking for a cheaper alternative to call overseas. I will be definitely downloading the app once it hits the Android Market.

Source: ZDNet

Mozilla

“Mozilla believes that the web can displace proprietary, single-vendor stacks for application development,” writes Mozilla researcher Andreas Gal in an announcement of the B2G project to developers. “To make open web technologies a better basis for future applications on mobile and desktop alike, we need to keep pushing the envelope of the web to include — and in places exceed — the capabilities of the competing stacks in question.” This, says Gal, is the goal of B2G.

The B2G project is currently “in its infancy,” so very little details even exist. We do know that Mozilla developers will initially build B2G upon low-level Android code, and plans to develop a new custom user interface and application stack around the Firefox HTML rendering engine, Gecko. Once the build of B2G is further along, however, Mozilla says it plans to use “as little of Android as possible.”

Like Android, B2G will be open source, but Mozilla will take the code’s transparency one step further by releasing the code “in real time,” rather than waiting until full builds are available, as is the case with most open source software, including Android, Chrome and Firefox.

“We will do this work in the open, we will release the source in real-time, we will take all successful additions to an appropriate standards group, and we will track changes that come out of that process,” writes Gal. “We aren’t trying to have these native-grade apps just run on Firefox, we’re trying to have them run on the web.”

Ryan: Someone needs go give Google and Apple a run for their money, it certainly won’t be Research in Motion.

Source: Yahoo! News

The logic behind the job cuts: RIM says it’s zeroed on “eliminating redundancies and reallocating resources to focus on areas that offer the highest growth opportunities.”

What sort of growth opportunities? Probably the company’s new Blackberry OS 7 and PlayBook tablet (as well, the Unix-like QNX operating system that powers the latter). Not that the PlayBook’s fared terribly well since it launched unspectacularly mid-April—at least one “major big box retail” source claimed in May that the tablet missed its sales targets by over 90%, and in mid-June, UK wireless carrier O2 said it was scuppering plans to carry the 7-inch tablet on its network.

Jared Newman of Techland surmises the reason wireless carriers haven’t picked up RIM’s tablet could be because it “lacks native e-mail and calendar apps, which could be a big turnoff to customers, and there aren’t a lot of third-party apps available right now.” Also: “Because the PlayBook’s BlackBerry Bridge feature, which lets users tether their BlackBerry phones to check e-mail, messages and calendar, undermines carriers’ ability to sell additional data plans for tablets,” something Newman says might explain why AT&T’s blocked the Bridge app—it connects Blackberry phones to the Playbook tablet—on its BlackBerry phones.

RIM’s job cut announcement this morning isn’t exactly a surprise, but analysts say the numbers of jobs eliminated is higher than expected. RIM shares fell on news of the cuts in pre-marketing trading, probably also no surprise, though analysts have framed the job cuts as crucial to a corporate rally.

“This is not totally unexpected,” Jefferies & Co analyst Peter Misek told Reuters. “I think this is obviously realigning the cost structure to a new growth, or sales, reality.”

Ryan: It’s not like I didn’t see this one coming.  This last year for RIM has not been so innovative as in previous years.

Source: TIME

Android device owners are already familiar with the lack of OTA updates on rooted devices, the equivalent to the jailbroken iOS device. Rooting or jailbreaking is the process owners go through to allow unofficial software to be installed to serve functions the official OS doesn’t support. It has long been understood that rooting an Android device ends OTA updating, and it is now clear the same will apply on the iOS front for jailbroken devices.

Those using beta iOS 5 report you can still apply Apple updates by connecting to a computer via USB cable, so all is not lost. Getting OS updates OTA is a much better alternative to cabling up a device, so those with jailbroken iPhones may need to rethink that once iOS 5 is officially released.

Ryan:  I say disable Automatic Updates in iTunes (Apple only seems to be updating iOS when new Jailbreaks are released), and stop tethering completely!

Source: ZDNet

At the Black Hat security conference in August, Miller plans to expose and provide a fix for a new breed of attack on Apple laptops that takes advantage of a little-studied weak point in their security: the chips that control their batteries.

Modern laptop batteries contain a microcontroller that monitors the power level of the unit, allowing the operating system and the charger to check on the battery’s charge and respond accordingly. That embedded chip means the lithium ion batteries can know when to stop charging even when the computer is powered off, and can regulate their own heat for safety purposes.

When Miller examined those batteries in several Macbooks, Macbook Pros and Macbook Airs, however, he found a disturbing vulnerability. The batteries’ chips are shipped with default passwords, such that anyone who discovers that password and learns to control the chips’ firmware can potentially hijack them to do anything the hacker wants. That includes permanently ruining batteries at will, and may enable nastier tricks like implanting them with hidden malware that infects the computer no matter how many times software is reinstalled or even potentially causing the batteries to heat up, catch fire or explode. “These batteries just aren’t designed with the idea that people will mess with them,” Miller says. “What I’m showing is that it’s possible to use them to do something really bad.”

Miller discovered the two passwords used to access and alter Apple batteries by pulling apart and analyzing a 2009 software update that Apple instituted to fix a problem with Macbook batteries. Using those keys, he was soon able to reverse engineer the chip’s firmware and cause it to give whatever readings he wanted to the operating system and charger, or even rewrite the firmware completely to do his bidding.

From there, zapping the battery such that it’s no longer recognized by the computer becomes trivial: In fact, Miller permanently “bricked” seven batteries just in the course of his tinkering. (They cost about $130 to replace.) More interesting from a criminal perspective, he suggests, might be installing persistent malware on the chip that infects the rest of the computer to steal data, control its functions, or cause it to crash. Few IT administrators would think to check a battery’s firmware for the source of that infection, and if undiscovered the chip could re-infect the computer again and again.

“You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery.” says Miller.

That attack would require finding another vulnerability in the interface between the chip and the operating system. But Miller says that’s not much of a barrier. “Presumably Apple has never considered that as an attack vector, so it’s very possible it’s vulnerable.”

And the truly disturbing prospect of a hacker remotely blowing up a battery on command? Miller didn’t attempt that violent trick, but believes it might be possible. “I work out of my home, so I wasn’t super inclined to cause an explosion there,” he says.

In fact, the batteries he examined have other safeguards against explosions: fuses that contain an alloy that melts at high temperatures to break the circuit and prevent further charging. But Miller, who has worked for the National Security Agency and subsequently hacked everything from the iPhone to virtual worlds, believes it might still be possible. “You read stories about batteries in electronic devices that blow up without any interference,” he says. “If you have all this control, you can probably do it.”

Miller, currently a researcher with the consultancy Accuvant, isn’t the first to explore the danger of explosive batteries triggered by hackers. Barnaby Jack, a researcher for with antivirus giant McAfee, says he worked on the problem in 2009, but he says he ”benched the research when I didn’t succeed in causing any lithium ion fires. Charlie has taken it a lot further and surpassed where I was at the time.”

Miller says he’s received messages from several other researchers asking him not proceed with the battery work because it could be too dangerous. But Miller has worked to fix the problems he’s exposing. At Black Hat he plans to release a tool for Apple users called “Caulkgun” that changes their battery firmware’s passwords to a random string, preventing the default password attack he used. Miller also sent Apple and Texas Instruments his research to make them aware of the vulnerability. I contacted Apple for comment but haven’t yet heard back from the company.

Implementing Miller’s “Caulkgun” prevents any other hacker from using the vulnerabilities he’s found. But it would also prevent Apple from using the battery’s default passwords to implement their own upgrades and fixes. Those who fear the possibilities of a hijacked chunk of charged chemicals in their laps might want to consider the tradeoff.

“No one has ever thought of this as a security boundary,” says Miller. “It’s hard to know for sure everything someone could do with this.”

Source: Forbes

Neil Daswani, who is also the CTO of security firm Dasient, says that they have studied around 10,000 Android apps and have found that 800 of them are leaking private information of the user to an unauthorized server. Neil Daswani is scheduled to present the full findings at the Black Hat Conference in Las Vegas which starts on July 30th.

The Dasient researchers also found out that 11 of the apps they have examined are sending unwanted SMS messages.

Google needs to take charge

This malware problem on Android has become too much. One of the main reason that we see malicious apps in the market is because of the lack of regulation in the apps that get into the Android Market.

Sure, the lack of regulation can be good. It means that developers can make their apps without worrying if Google will accept their apps or not. It fits into the pre-existing application distribution model where anyone can develop and publish their own apps.

However, this comes at a price – the malware problem. Yes, most of the problems with these malicious apps can be avoided if only users read the permission requirements of the apps. But, what percentage of the users actually read the permission requirements of all the apps they download?

I think that it is time that Google make approval of the apps a requirement before it gets into the Market. They do not need to do it like Apple, but a basic security check before an app gets on the market will be nice.

If nothing is done about and this problem is allowed to grow, it will end up killing the platform.

Ryan:  I’ve been using Lookout Mobile Security on Android OS for awhile now and it appears to be working great. You can find it here.

Source: Digitizor

Hulu Plus (Android version)

Primarily an alternative for TV junkies, Hulu Plus subscribers who pay a $7.99 monthly subscription from ABC, Fox, NBC and other outlets. Available on the iPhone, iPad and Android devices, the syncing abilities are like Netflix in that you can start watching a show on Hulu on your desktop, and continue where you left off while on the go with your smartphone or tablet. Hulu, which is reportedly on the block and may eventually be acquired by Google (GOOG), also deserves bonus points for its “Season Pass” product and 720p HD resolution.

Crackle – Movies & TV (Android version)

The good news about Crackle is that it is absolutely free – with no download or monthly subscription costs. The bad news is you are primarily limited to movies and TV shows from Sony Entertainment (which developed the app service). Still, this includes classics like Seinfeld, Ghostbusters, and Newsradio and lots of new and more timely releases. Video quality is solid, and its interface is intuitive. Just note that not all titles available from the website are offered within the app.

ABC Player

OK, so I’m confident enough in my own masculinity to admit that I felt overwhelming joy being able watch a full episode of Grey’s Anatomy on the iPad last season after there was a recording problem on my Comcast DVR. While this app is obviously limited to ABC programming, just as Crackle is limited to Sony, you just can’t beat the price. This was the first great entertainment title available on the iPad, While there is no comparable app available for Android smartphones and Honeycomb-based tablets, the free ABC News Android app is nice to have in your library.

Mediafly (Android version)

Increasingly, the best video entertainment in the world is produced by independent podcasters rather than bloated studios. While iTunes is serviceable for locating and playing video podcasts on iOS devices, Mediafly has a superior discovery and categorization platform. There are also several vertically-oriented Mediafly applications for categories like music, sports and automobiles. Particularly on Android devices, Mediafly is a must-have app for anyone who enjoys video or audio podcasts. Check out the Android tablet-specific version as well.

IMDb Movies & TV (Android version)

The bible for any movie and television junkie is also available via very robust iOS and Android devices. So if you don’t have the time or attention span to sit through an entire movie, get a quick fix of trailers and biographical information featuring your favorite actress or director. You can also shop for DVDs on the app and get movie times near you.

Ryan : Netflix ruined half of its subscriber base.  Dumb move, bundle the package again and stop gouging customers. Offer an incentive to return ie. One Free Month Winback. People came to you a for a “CHEAPER” alternative, remember that.

Source: Appolicious

“Thanks for stopping by. Socl.com is an internal design project from a team in Microsoft Research which was mistakenly published to the web. We didn’t mean to, honest,” the message reads.

As others have noted, it seems highly unlikely that Tulalip is simply an “internal design project.”

First of all, “internal design project” could simply mean that Microsoft is designing a new service, therefore; it’s an internal design project.

As far as actual evidence goes, the now-removed splash page says, “With Tulalip you can Find what you need and Share what you know easier than ever.” It also shows Facebook and Twitter buttons for signing in, as well as other standard social network caveats, like terms of service agreements, a “remember me on this computer” box to check, and a politically correct mix of “real” individuals looking coyly quirky. On top of all that, the layout of the images looks suspiciously similar the new “Tiles” design of Windows Phone 7.

Plus, the domain for the splash page, Socl.com, is the word “social,” or at least a hip shortened version.

Search Engine Land‘s Matt McGee discovered that Tulalip is, indeed, an app from Microsoft Research. McGee uncovered the Twitter authorization screen for the app, which says that users will be able to use Tulalip to do much of the same things they can do with Twitter, like “read Tweets from your timeline,” and “see who you follow, and follow new people.” If you ask us, that says basically nothing.

The gut reaction is to jump to the conclusion that Microsoft is preparing to launch a competitor to Google+. Which they may very well be. But we’re just going to have to sit back, and wait to see what happens when Tulalip isn’t “internal” anymore — or at least until they “accidentally” leak some more info.

Source: Fusible / Socl.com / Yahoo News!

This update fixes the PDF vulnerability used on the JailbreakMe.com site to easily  jailbreak the device via the Safari mobile browser. This update means that hackers won’t be able to use the same vulnerability to compromise iOS devices.

Apple took nine days to plug this hole.

If you want to be protected, fire up iTunes, connect your iOS device and download this update. If you want to jailbreak your device, do so and then install the third-party patch created by the jailbreak community to plug the hole.

iOS update 4.3.4 is for GSM iPhone 4, iPhone 3GS, iPad 2, iPad, and third- and fourth-generation iPod touch. If you have a Verizon CDMA iPhone 4 then you need iOS 4.2.9.

Ryan Says:  Those of you still wanting to use the Jailbreakme.com website to download cydia should avoid the latest 4.3.4 Apple iTunes update.

Source: ZDNet

It’s called Name ID, and it brings mobile phones one step closer to rendering their landline counterparts completely obsolete. The feature is the work of Cequint, a mobile technology company which hopes to be able to offer the feature on all major carriers shortly, though T-Mobile was the first to officially embrace it.

Name ID carries a $4 monthly fee. However, if you happen to purchase one of a few select new phones from T-Mobile, you are given a 10-day free trial of the new feature. As the carrier’s vice president enthusiastically put it, “Before Name ID for mobile phones, deciding whether or not to answer an unfamiliar call often left customers guessing. Now, Name ID allows T-Mobile customers to more easily determine which calls to answer.”

Ryan:  I think this feature will catch on in Canada for sure.  Solid move by T-Mobile USA.

Source: Electronista / Yahoo! News

The flaw, which may also allow denial-of-service attacks, is limited to the user permissions granted to the BlackBerry Administration API component, RIM said in an advisory.

“Successful exploitation of this issue could allow information disclosure. Successful exploitation may also result in resource exhaustion and therefore could be leveraged as a partial denial of service (DoS).”

RIM said issue affects the BlackBerry Administration Application Programming Interface (API) component within the BlackBerry Administration Service component of the following software versions: 

• BlackBerry Enterprise Server version 5.0.0 for Microsoft Exchange, IBM Lotus Domino and Novell GroupWise (with the BlackBerry® Administration API component installed as an option only)
• BlackBerry Enterprise Server Express 5.0.0 for Microsoft Exchange and IBM Lotus Domino  (with the BlackBerry Administration API component installed as an option only)
• BlackBerry Enterprise Server Express versions 5.0.1, 5.0.2 and 5.0.3 for Microsoft Exchange
• BlackBerry Enterprise Server Express versions 5.0.2 and 5.0.3 for IBM Lotus Domino
• BlackBerry Enterprise Server versions 5.0.1, 5.0.2 and 5.0.3 for Microsoft Exchange and IBM Lotus Domino
• BlackBerry Enterprise Server versions 5.0.1 for GroupWise

 
Source: BlackBerry Knowledge Base

THC began researching femtocells in 2009. The technology has become popular with cellphone companies like AT&T, which offers a 3G MicroCell, because the home access points mean better service for customers in areas with spotty coverage. THC purchased its femtocell from Vodafone UK and examined how the device communicated to Vodafone’s core network. They discovered that because of a flaw in how Vodafone implemented its system, it gave full access to the network to the femtocell, a device the hackers had full control of. Vodafone also used the same ‘newsys’ administrator password across all devices.

Vodafone says only a limited number of registered phones are allowed to access each customer’s femtocell. The hackers were able to uncap this and let any Vodafone customer phone automatically connect to their device. Once a phone connected, THC was able to eavesdrop on phone conversations, place calls as the customer, and even access their voicemail. With phone hacking in the news every day, we wonder what other security flaws are still waiting to be discovered.

Ryan’s Update:  I have been emailed by Vodafone’s Media Relations Team, and they have informed me that they have released a security patch and have fixed any flaws with Vodafone Sure Signal.  I was directed to read the following statement below:

Overnight on July 12, a claim appeared that hackers had found security loopholes in Vodafone Sure Signal which could compromise the security of Vodafone’s network.

This is untrue: The Vodafone network has not been compromised.
The claims regarding Vodafone Sure Signal,  which is a signal booster used indoors, relate to a vulnerability that was detected at the start of 2010.

A security patch was issued a few weeks later automatically to all Sure Signal boxes.

As a result, Vodafone Sure Signal customers do not need to take any action to secure their device.
We monitor the security of all of our products and services on an ongoing basis and will continue to do so.

Source: THC Blog / Yahoo! News

There was a time when if you wanted to watch a movie, you actually had to go to a theater to do it. Then came home video, and eventually, Netflix removed the need to leave your house to rent movies to watch. Then came Netflix streaming, and fans of instant gratification rejoiced. As subscribers quickly realized the convenience of streaming video, Netflix introduced a streaming-only subscription option. For a while, fans of both streaming video and DVDs had it great — newer movies on DVD, older features to watch on streaming video whenever they wanted, and all for a pretty good price. Now, not so much.

Why the change? Netflix claims that it makes better financial sense to keep the plans fully separate. Reading some of the hundreds of comments from irate subscribers (and soon-to-be-former subscribers) on their blog, however, really makes one wonder. As some have pointed out, if Netflix were to make more titles available for streaming, that could alleviate some of the aggravation. Personally, if we hadn’t already switched to a streaming-only plan, we certainly would be doing so now. Now we’re wondering if the folks at Redbox are doing a dance of joy for all the Netflix expatriates who might use this as the impetus to switch…

Source: Consumerist

The vulnerability, fixed with MS11-053, headlines a batch of updates that include fixes for gaping holes in the Windows kernel and security problems in the Windows Client/Server Run-time Subsystem.

[ SEE: Patch Tuesday head-up: 22 vulnerabilities in Windows, Office ]

The Bluetooth stack vulnerability introduces remote code execution risks on Windows Vista and Windows 7, Microsoft warned.

From the bulletin:

A remote code execution vulnerability exists in the Windows Bluetooth 2.1 Stack due to the way an object in memory is accessed when it has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a series of specially crafted Bluetooth packets and sending them to the target machine. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Microsoft’s Jonathan Ness expects to see exploit code that simply causes denial-of-service attacks. However, Microsoft is recommending that users close off the attack surface by preventing any Bluetooth device from connecting to your computer.

The graphic to the right shows the Windows 7 Bluetooth Settings option for doing so. Side effect: Your Bluetooth mouse or headset will stop working until you re-allow Bluetooth devices to connect to your computer.

Separately, Microsoft is urging Windows users to pay attention to MS11-055, which covers a publicly disclosed vulnerability in the way that Microsoft Visio handles the loading of DLL files. .An attacker who successfully exploited this vulnerability could take complete control of an affected system.

This issue only affects Visio 2003 SP3 and it is rated “important.” Newer versions like Visio 2007 and 2010 are not affected.

According to Amol Sarwate, vulnerability research lab manager at Qualys, this current strain of DLL pre-loading vulnerabilities was first identified in August of 2010 and plagues a large number of software packages, some from Microsoft and many from third party vendors.

“Addressing all of the vulnerabilities is a daunting task and will not be completed any time soon, so we recommend implementing the guidelines laid out in KB2269637 that provide an additional safety-net on the operating systems for all Windows applications,” Sarwate said.

The other two bulletins MS11-054 and MS11-056 affect Windows Kernel-Mode Drivers (win32k.sys) and Windows Client/Server Runtime Subsystem (CSRSS) respectively. Both are rated as “important” and attackers who already have access to the target machine can use these vulnerabilities to get system level privileges.

Source: ZDNet

Engineers at the California firm are fixing a weakness pointed out by the German Federal Office for Information Security (BSI).

“Apple takes security very seriously,” Apple spokeswoman Trudy Muller said in response to an AFP inquiry.

“We are aware of this reported issue and developing a fix that will be available in an upcoming software update,” she said.

BSI warned this week of a flaw that would let hackers infiltrate Apple mobile devices by duping users into opening PDF document files booby-trapped with malicious computer code.

Although no attacks have been observed, hackers are likely to try to exploit the weakness, according to a posting on the agency’s website.

Possible “attack scenarios for cyber-criminals” include accessing passwords, email messages, contact lists, or built-in cameras and eavesdropping on phone conversations or getting location information, according to BSI.

The agency recommended that Apple device users guard against hackers by not opening PDF documents from unfamiliar sources.

Apple gadget users should limit Web browsing to reliable websites and avoid clicking on links in emails unless they are certain where they lead, BSI advised.

Source: Yahoo! News

The more exciting of the two features, at least in terms of the potential for innovation, is what Mozilla is calling Web Activities (the concept has also been referred to as web intents and was originally conceived by Google Chrome developer advocate Paul Kinlan). It has a basic-sounding but very important goal: allowing multiple web applications to ‘speak’ to each other seamlessly.

Right now, a web-based image editing app that wants to give users access to their photos that are already hosted online would have to bake in APIs for the popular services (Flickr, Picasa, Facebook, etc.). And if a user had a photo hosted on a smaller service, they’d probably be out of luck — or have to manually upload them again. Using Web Activities, that wouldn’t be an issue — the web apps would speak in a standardized ‘language’ with each other without requiring the developer to integrate an API for each individual service.

It’s a nifty idea, and it’s one that’s already working quite well on a platform you may have sitting in your pocket: Android’s intents system does the same thing, allowing arbitrary applications to communicate with each other. This project sounds like it’s still very early on, but it has the potential to make web apps much more powerful.

The other new feature showcased on the Labs blog involves web app installation. Over the coming months more web services will probably be launching web apps (in the sense that they’re available through Mozilla’s upcoming app market and the Chrome Web Store), but users may not be aware of them. Mozilla’s solution: if you browse to a site that offers a web app, it will display a small popup notification prompting you to install it.

Of course, both of these features are still experimental and may never be widely rolled out. But my hunch is that both of them have legs — the app discovery feature seems pretty obvious and helpful, and Mozilla is working in tandem with the Google Chrome team to bring the Web Activities project to fruition.

Source: TechCrunch

As part of the July Patch Tuesday releases, Microsoft will ship four bulletins.  One of the bulletins will carry a “critical” rating because of a high risk of remote code execution attacks.

Three of the four bulletins will address security holes in Windows, the company’s flagship operating system. Affected Windows versions include Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2.

The Microsoft Office update will ship patches for security problems in Microsoft Visio 2003 Service Pack 3.

Source: Microsoft / ZDNet

With such a high benchmark set for sticking-it-to-the-man, on countless occasions over the last decade the community has sighed in collective resignation and disappointment when site admins or product developers have “caved in” to the demands of the entertainment industries.

But there are real people behind these stories of admins fighting for their lives, and while it’s easy to move on to tomorrow’s news with barely a second thought for their predicament, they are the ones that have to live with the consequences of their actions.

In May, US authorities embarked on phase 4 of Operation in Our Sites, seizing the domains of several more sites including that of Re1ease.net, a portal that offered links to movie and TV shows. Although the site quickly returned with a new domain, once the dust has settled the seriousness of their situation weighed heavily on the site’s admins.

“At the time I was happy the domain was all that was taken. If we had of lost the server I imagine we would have just quit there and then,” site admin PiraCee told TorrentFreak.

RE1_VOD, another Re1ease admin, explained that it came as a shock for the site to be targeted over other much larger sites of the same kind, but they remained defiant.

“We registered several domains being stubbon not to be taken offline,” he explained. “The initial plan was to re-code Re1ease to be API-based and be a distributed website.”

But it seems the mood soon changed.

While RE1_VOD recalls the excitement of getting up during the night to be the first to add content and beat competing sites, he told us that once the US government got involved it was an altogether different game.

Already the site had suffered problems with advertisers who would delay payments for months only to announce they could not deal with the site, presumably on copyright grounds. DMCA takedown notices began to cause problems too.

“We would reply to DCMA requests but just one email from copyright holders to hosts would result in them turning the website off,” says RE1_VOD.

“Apart from the effort that was to be involved, personally, the whole thing killed my passion for the project. What started as something fun simply wasn’t anymore,” says PiraCee.

Despite the issues, Re1ease continued with their work but last month came news of a real game-changer – the attempt at extraditing TVShack.net admin Richard O’Dwyer to the US.

“This was one of the main reasons for the closure. We didn’t fancy a holiday of that nature,” PiraCee explains.

“The risks outweigh the pros of running a site like Re1ease now, then when we heard about TVShack, we thounoughtnough is enough.”

“Hopefully, in one way or another, if Re1ease was still being watched in the same was TVShack was, they will see the closure as willingness to co-operate and that will be the end of the matter. We really do feel for Mr O’Dwyer.”

So for Re1ease, this really is the end. Both admins send their thanks to the staff and users of the site but while PiraCee and RE1_VOD will stay online, priorities will change.

“We don’t plan on leaving the Internet, but we are going to concentrate on our personal lives. I myself have just got engaged and i’m in the middle of buying a house / starting a family,” PiraCee concludes.

As the world becomes ever more connected through the Internet and other networks, we are communicating like never before – more quickly and more often. But despite these greater links between us, through the myriad of so-called social-networks, it is easier than ever to forget that there are real people behind these mountains of text on screens.

Some of these are real people in the file-sharing community and they face difficult times – who can blame them when they make tough decisions? Their families won’t, that’s for certain.

Source: TorrentFreak

The process is simple and pain-free. Just visit the website in the Safari browser and click the FREE button to begin the process. It uses a PDF exploit to carry out the hack and it’s very fast – and there’s no need to connect your iOS device up to a PC or Mac to do it.

Because the hack relies on a know known PDF exploit, the developers of the hack recommend installing “PDF Patcher 2″ in Cydia once you’ve jailbroken the device.

The following devices are supported:

• iPad1: 4.3 through 4.3.3
• iPad2: 4.3.3
• iPhone3GS: 4.3 through 4.3.3
• iPhone4: 4.3 through 4.3.3
• iPhone4-CDMA: 4.2.6 through 4.2.8
• iPod touch 3g: 4.3, 4.3.2, 4.3.3
• iPod touch 4g: 4.3 through 4.3.3

The only iOS devices that aren’t supported are the 1st and 2nd generation iPhones.

For more information check out the Q&A here.

Source: ZDNet

We have reported about the leaked version of Comex’s PDF exploit called ‘JailbreakMe’. The jailbreak not only works for the iPad 2 but it also can jailbreak your iPhone, iPod touch and iPad 1. But according to the numerous reports, this leaked version for iPad 2 only works over iOS 4.3.0 firmware. However, it does support iOS 4.2.1 to iOS 4.3.3 for iPhone 4, iPhone 3GS, iPhone 3G, iPod Touch 4G, iPod Touch 3G (iOS 5 is not supportable currently).

So those users who have save their SHSH Blobs using TinyUmbrella or downgraded their devices, now can use this jailbreak.

By following the simply method as this jailbreak is pretty easy as it does not requires to connect your device to computer, only you need to have an internet connection.

Simply launch MobileSafari on your iOS device and click on the respective direct-download links (provided below) of the JailbreakMe, then you will notice that Cydia will automatically starts downloading on your homescreen just like you download any application from the App Store.

Following the direct download links of JailbreakMe leaked version:

• iPad 1G: 4.2.1, 4.3.0, 4.3.2, 4.3,3
• iPad 2: 4.3.0, 4.3.2, 4.3.3
• iPhone 4: 4.2.1, 4.3.0, 4.3.1, 4.3.2, 4.3.3
• iPhone 3GS: 4.2.1, 4.3.0, 4.3.1, 4.3.2, 4.3.3
• iPhone 3G: 4.2.1
• iPod Touch 2G: 4.2.1
• iPod Touch 3G: 4.2.1, 4.3.0, 4.3.1, 4.3.2, 4.3.3
• iPod Touch 4G: 4.2.1, 4.3.0, 4.3.1, 4.3.2, 4.3.3

NOTE: This is not an official JailbreakMe release by Comex so that’s why it may cause you problems or it does includes bugs and issues with it as reports are coming on various websites that this leaked JailbreakMe is quite buggy and its suggested that users should wait until Comex releases it’s official JailbreakMe version with complete changelog through his official website at JailbreakMe.com

Source: iDrugged

Lately, a kerfuffle has emerged regarding the company’s terms of service, which include particularly onerous language:

“You grant us (and those we work with to provide the Services) worldwide, non-exclusive, royalty-free, sublicenseable rights to use, copy, distribute, prepare derivative works (such as translations or format conversions) of, perform, or publicly display that stuff to the extent reasonably necessary for the Service.”

This statement says the company can use your data pretty much as it chooses, a position that the next sentence attempts to mitigate:

This license is solely to enable us to technically administer, display, and operate the Services.

That last sentence qualifies the core issue by saying they can only use your data to operate their service. However, this language is ambiguous and therefore subject to interpretation. For example, perhaps Dropbox will want to scan your files to provide context-sensitive ads like Google. That would certainly fit within the definition of “technically administering” the service, as would many other activities that you may or may not find acceptable.

Advice to enterprise buyers: Dropbox offers a great service and useful free accounts, which is an attractive combination. Unfortunately, the terms of service do not offer adequate protections against sensitive data. For this reason, I suggest you discontinue use of the product for applications where privacy and confidentiality are mission critical.

In practice, however, Dropbox is unlikely to read your “stuff” or prepare derivative works, despite what’s in the terms of service. Therefore, continue using Dropbox for everyday file transfers where you value convenience over an absolute guarantee of privacy.

Source: ZDNet / Michael Krigsman

The volume of junk email flooding inboxes each day is way down from a year ago, as much as a 90 percent decrease according to some estimates. Symantec reports that spam volumes hit their high mark in July 2010, when junk email purveyors were blasting in excess of 225 billion spam messages per day. The company says daily spam volumes now hover between 25 and 50 billion missives daily. Anti-spam experts from Cisco Systems are tracking a similarly precipitous decline, from 300 billion per day in June 2010 to just 40 billion in June 2011.

There may be many reasons for the drop in junk email volumes, but it would be a mistake to downplay efforts by law enforcement officials and security experts.  In the past year, authorities have taken down some of the biggest botnets and apprehended several top botmasters. Most recently, the FBI worked with dozens of ISPs to kneecap the Coreflood botnet. In April, Microsoft launched an apparently successful sneak attack against Rustock, a botnet once responsible for sending 40 percent of all junk email.

In December 2010, the FBI arrested a Russian accused of running the Mega-D botnet. In October 2010, authorities in the Netherlands arrested the alleged creator of the Bredolab botnet and dismantled huge chunks of the botnet. A month earlier, Spamit.com, one of the biggest spammer affiliate programs ever created, was shut down when its creator, Igor Gusev, was named the world’s number one spammer and went into hiding. In August 2010, researchers clobbered the Pushdo botnet, causing spam from that botnet to slow to a trickle.

But botmasters are not idly standing by while their industry is dismantled. Analysts from Kaspersky Lab this week published research on a new version of the TDSS malware (a.k.a. TDL), a sophisticated malicious code family that includes a powerful rootkit component that compromises PCs below the operating system level, making it extremely challenging to detect and remove. The latest version of TDSS — dubbed TDL-4 – has already infected 4.5 million PCs; it uses a custom encryption scheme that makes it difficult for security experts to analyze traffic between hijacked PCs and botnet controllers. TDL-4 control networks also send out instructions to infected PCs using a peer-to-peer network that includes multiple failsafe mechanisms.

Getting infected with TDL-4 may not be such a raw deal if your computer is already heavily infected with other malware: According to Kaspersky, the bot will remove threats like the ZeuS Trojan and 20 other malicious bot programs from host PCs.  “TDSS scans the registry, searches for specific file names, blacklists the addresses of the command and control centers of other botnets and prevents victim machines from contacting them,” wrote Kaspersky analysts Sergey Golovanov and Igor Soumenkov.

The evolution of the TLd-4 bot is part of the cat-and-mouse game played by miscreants and those who seek to thwart their efforts. But law enforcement agencies and security experts also are evolving by sharing more information and working in concert, said Alex Lanstein, a senior security researcher at FireEye, a company that has played a key role in several coordinated botnet takedowns in the past two years.

“Takedowns can have an effect of temporarily providing relief from general badness, be it click fraud, spam, or credential theft, but lasting takedowns can only be achieved by putting criminals in silver bracelets,” Lanstein said. “The Mega-D takedown, for example, was accomplished through trust relationships with registrars, but the lasting takedown was accomplished by arresting the alleged author, who is awaiting trial. In the interim, security companies are getting better and better about working with law enforcement, which is what happened with Rustock.”

Attacking the botnet infrastructure and pursuing botmasters are crucial components of any anti-cybercrime strategy: TDSS, for example, is believed to be tied to affiliate programs that pay hackers to distribute malware.

Unfortunately, not many security experts or law enforcement agencies say they are focusing attention on another major weapon in battling e-crime: Targeting the financial instruments used by these criminal organizations.

Some of the best research on the financial side of the cybercrime underworld is coming from academia, and there are signs that researchers are beginning to share information about individuals and financial institutions that are facilitating the frauds. Recent studies of the pay-per-install, rogue anti-virus and online pharmacy industries reveal a broad overlap of banks and processors that have staked a claim in the market for handling these high-risk transactions. Earlier this week I published data suggesting that the market for rogue pharmaceuticals could be squashed if banks and credit card companies paid closer attention to transactions destined for a handful of credit and debit card processors. Next week, I will publish the first in a series of blog posts that look at the connections between the financial instruments used by rogue Internet pharmacies and those of the affiliate networks that push rogue anti-virus or “scareware.”

Source: Krebs on Security

First, Facebook co-founder and CEO Mark Zuckerberg told reporters that the company was planning to “launch something awesome” next week. Next, Facebook e-mailed journalists (including myself) with an invitation to a Facebook Event at 10:00 AM PDT on Wednesday July 6, 2011.

Now, the rumors and speculation are starting to pour in. The most likely one so far is the announcement of Skype video integration on Facebook (one of my many guesses when Zuckerberg first declared that something awesome was coming next week).

Facebook will launch an in-browser video chat product powered by Skype, according to a source with knowledge of the partnership cited by TechCrunch. The product will include a desktop component, but it’s not clear if you will need the Skype desktop client or additional software even if you already have Skype. Either way, it will reportedly be an in-browser experience.

Facebook and Skype first talked about a potential partnership in September 2010, but they could not reach an agreement. When Skype 5.0 was released in October 2010, the new version offered voice calling between Facebook friends, but it did not include a video chatting feature. The integration was a one-way road: only Skype added some Facebook features to its client.

Following rumors that Google, Facebook, and Microsoft were all interested in the Skype, the software giant swooped in. Two months ago, Microsoft announced that it was acquiring Skype for $8.5 billion in cash. The deal was approved by the boards of directors of both companies, and is Microsoft’s largest acquisition to date.

While Facebook failed to buy Skype, the company was still likely very pleased that Microsoft got the Luxembourg-based company rather than Google. Microsoft and Facebook have been partners for a very long time. One of the biggest reasons for this is simple: the software giant and the social giant realize they need to work together to compete with the search giant.

It all started in October 2007, when Microsoft invested $240 million in Facebook. Then in October 2009, Microsoft announced a global partnership with Facebook to add status updates to Bing search results. In June 2010, Microsoft added Facebook integration to bing.com/social. In October 2010, Bing began showing what your friends have Liked and started to offer Facebook-powered people search results. Finally, in May 2011, Bing added even more Facebook features to its social search.

Even though Facebook began talking to Skype long before Microsoft was ever in the picture, something tells me the software giant’s pending acquisition didn’t hurt discussions between the two web companies. Once the deal goes through, and assuming this rumor ends up being correct, Facebook will finally be integrating something that Microsoft owns to its website. Previously, the partnership between the two has only seen Microsoft integrating Facebook into Bing.

Facebook reportedly has 750 million users, and since Skype only has 170 million users, it’s understandable what Skype gains from this integration. On the other hand, data has shown that Facebook users want voice (and video) chat, so it’s clear that the social network will benefit as well.

Source: ZDNet

Piezoelectric materials, many of which are man-made ceramics, actually generate electric current when impacted. The science behind it has been used for many years in things like mechanical actuators and sensors, but has seen limited application in consumer electronics. Australian researchers at the Royal Melbourne Institute of Technology have been testing a piezoelectric film that could, in theory, be applied underneath a notebook keyboard. It would absorb the impact of each keystroke and use the electric current generated to charge the device’s battery.

There are currently no plans for a consumer-level device that would employ the technology, but the research is promising. According to the scientists, other applications for piezoelectric material might also be on the horizon, including running shoes that could charge your cell phone and pacemakers that are powered by blood pressure alone. So for now, if you’re desperate to lengthen your laptop’s lifespan, you might just want to check out our guide to doing just that.

Source: Yahoo! News

RIM, without a doubt, was one of Canada’s most important technology companies, if not the most important technology company in that country since the rise and fall of Nortel Networks.

Because the United States and Canada are inseparable allies and have economies and businesses which are in many ways co-dependent, the continued success of the most important technology company in Canada was critically important for our technology industry as well.

It’s key that we state the importance of what the company represented so that we understand the full extent of the loss when RIM does eventually meet its end.

While I am not the only member of the New Media that is eulogizing RIM while the company is still alive, I still intend to give it the respect that it is due.

RIM may not have been “United Statesian” in nationality, but it was an American company. And that means they are family, whether they fly the same flag at their corporate headquarters in Waterloo as us or not.

So when we see a company like RIM going through its death throes, like a beached whale, or a loved family member on life support which we know will never return to health, and that the inevitable is coming, it is a tragic thing for all of us in the industry.

And it is a painful and traumatic thing to observe, especially when we have seen this sort of thing happen before.

Nobody who is an American wants to see this. Not me, not anyone who is a firm believer why continued innovation in technology must remain on this continent, and at more than just a handful of companies.

But we cannot say that we did not see this coming. Clearly, we knew that RIM was sick and its health was failing very early in 2011, particularly with the massive drop in market share starting in the summer of 2010 which has only gotten worse and worse.

However, the signs and portents leading up to the rapid deterioration of the company go back much, much earlier.

When did things start to go terribly wrong for RIM? I’m going to have to say the moment that Apple launched the iPhone SDK and Developer Program, and created an App Store in the summer of 2008.

RIM’s failure to recognize this key ecosystem building strategy early on, and having to launch its own BlackBerry App World almost a year later was a critical mistake.

But it was only part of a long series of blunders by the company’s management that seemingly continue right up until the end of the story.

Another critical error was simply allowing its platform to rest on its laurels. OS 4 and OS 5 were already long in the tooth in 2007/2008 when the iPhone really began to surge in popularity.

That the company lacked modern mobile web browsing on its platform was a serious deficit as well, which it only partially remedied via its Torch Mobile acquisition in the summer of 2009. RIM could not fully reap the rewards of Torch and its Iris Browser (which was written for Windows Mobile) until it could utilize its Webkit developers to produce a modern browser for OS 6, which launched on the BlackBerry Torch exactly a year later.

The Torch, however, was largely panned by critics as being underpowered compared to other smartphones on the market at the time, which included a phalanx of much more advanced Android devices that began to emerge onto the market in late 2009, beginning with the Android 2.x-based Motorola Droid on Verizon.

So now between the Droid on Verizon (and its many Froyo-based copies that would follow on various carriers in 2010) and the iPhone on AT&T, the seemingly invincible BlackBerry that was holding onto its Enterprise customers with an iron grip was losing ground and being flanked on the largest growth market for smartphones, the consumer.

Indeed, my own personal separation from the BlackBerry collective occurred when I was forced into terminating my AT&T contract because my employer had to cut costs and instructed me to terminate my service. I was being given a cheaper “dumb” phone on a more reliable provider, and that if I wanted a phone with data capabilities, I would have to go out and purchase one and pay for the data plan myself.

Source: ZDNet

In a new survey (PDF Found Here) of 583 U.S companies conducted by Ponemon Research on behalf of Juniper Networks, 90% of the respondents said their companies’ computers were breached at least once by hackers over the past 12 months.

Nearly 60% reported two or more breaches over the past year. More than 50% said they had little confidence of being able to stave off further attacks over the next 12 months.

Those numbers are significantly higher than similar surveys and suggest that a growing number of enterprises are losing the battle to keep malicious intruders out of their networks. “We expected a majority to say they had experienced a breach,” said Johnnie Konstantas, director of product marketing at Juniper.

“But to have 90% saying they had experienced at least one breach and more than 50% saying they had experienced two or more, is mind blowing,” she said. It suggests “that a breach has become almost a statistical certainty,” these days.

The organizations that participated in the Ponemon survey cut across both the private sector and government and ranged from relatively small entities with less than 500 employees to enterprises with more than 75,000. The online survey was conducted over a five-day period earlier this month.

Roughly half of the respondents blamed resource constraints for their security woes, while about the same number cited network complexity as the primary challenge to implementing security controls.

The Ponemon survey comes at a time when concerns about the ability of companies to fend off sophisticated cyberattacks are growing. Over the past several months, hackers have broken into numerous supposedly secure organizations, such as security firm RSA, Lockheed Martin, Oak Ridge National Laboratories and the International Monetary Fund.

Many of the attacks have involved the use of sophisticated malware and social engineering techniques designed to evade easy detection by conventional security tools.

The attacks have highlighted what analysts say is the growing need for enterprises to implement controls for the quick detection and containment of security breaches. Instead of focusing only on protecting against attacks, companies need to prepare for what comes after a targeted breach.

The survey results suggest that many companies have begun moving in this direction. About 32% of the respondents said their primary security focus was on preventing attacks.

About 16% claimed the primary focus of their security efforts was on quick detection and response to security incidents, while about one out of four respondents said their focus was on aligning security controls with industry best practices.

Source: PC World

Most tablets on the market today host solid state drives and flash memory. Seagate has introduced two new tablet computers with physical hard drives on board.

Touted as the “world’s first handheld tablet computers with hard drives,” the 8-inch Archos 80 G9 and 10-inch Archos 101 G9 sport 2.5-inch Seagate Momentus Thin hard drives. Those hard drives have 7mm profiles and capacity options are set at 320GB, 250GB and 160GB. The last nitty-gritty detail about the hard drives specifically is that buyers can opt for 7200RPM and 5400RPM spin speeds with 16MB of cache.

For those who might want to use these tablets for business and/or host sensitive data on those Momentus Thin hard drives, Seagate is offering some extra (optional) security measures, including government-grade encryption to protect data.

Most other details about the tablets haven’t been publicized, except that these slates run on 1.5GHz processors. We should know more about these Seagate tablets closer to their unspecified release date in late September.

Based on pricing alone, these tablets appear competitive as the Archos 80 G9 and Archos 101 G9 have starting prices of $279 and $349, respectively. However, we’ll need to know more about the operating system and other features, before comparing it to other tablets already available.

Source: ZDNet ]]> http://ryanspcrepairshop.com/2011/06/23/seagate-unveils-worlds-first-tablets-with-hard-drives/feed/ 0 http://ryanspcrepairshop.com/2011/06/16/adobe-scraps-air-for-linux-focuses-on-mobile/ http://ryanspcrepairshop.com/2011/06/16/adobe-scraps-air-for-linux-focuses-on-mobile/#comments Fri, 17 Jun 2011 06:19:35 +0000 Ryan Boese http://ryanspcrepairshop.com/?p=2145 Concluding that its priorities should be on iOS and Android, Adobe Systems has stopped releasing its own version of its AIR programming foundation for Linux.

AIR combines Flash and a Web browser to let programmers build standalone software that runs on any system with the underlying AIR “runtime” that executes the software. It’s cross-platform technology, meaning for example that separate versions of TweetDeck–a prominent AIR app–don’t need to be rewritten for Mac OS and Windows.

But starting with AIR 2.7, released this week, Adobe won’t build a Linux version of AIR anymore, making the cross-platform technology a bit less cross-platform. Instead, it’s relying on partners to do so on their own.

“We will no longer be releasing our own versions of Adobe AIR and the AIR SDK for desktop Linux, but expect that one or more of our partners will do so,” Adobe said in a blog post.

The move contrasts sharply with Adobe’s bitter and public fight last year objecting to an Apple move that barred AIR-based apps from iOS devices. Apple eventually relented for AIR-derived apps, though it still won’t let Flash Player itself onto iOS devices.

In an FAQ (a PDF file no good reason that I can imagine), Adobe said Linux just isn’t where the AIR action is taking place now.

“Our customers are focusing on creating applications for smartphones and tablets, and we are aligning our investment towards new features and platform support for the device market,” Adobe said.

One of the main features of AIR 2.7 is better performance on iOS devices–four times faster in some cases, according to Adobe developer evangelist Renaun Erickson. Also in 2.7 are several features from Flash Player 10.3, such as microphone noise cancelation, and the ability to move the AIR runtime to the SD card on Android.

Linux on PCs has failed to take off widely, and only 1 in 200 AIR downloads are for Linux, added Dave McAllister, who spearheads Adobe’s open-source work.

“With desktop Linux, we see a basically flat growth curve hovering around 1 percent,” citing Net Applications’ NetMarketshare statistics. “And since the release of AIR, we’ve seen only a 0.5 percent download share for desktop Linux.”

Adobe is putting a priority on work that will let those partners port AIR to Linux, it said. “Source code for the Adobe runtimes is available to qualified partners under the terms of the Open Screen Project,” the company said.

Source: CNET

Well, if you use Firefox on a Windows PC to surf the web, be warned. There’s a new species of Fake Anti-Virus malware targeting Firefox users. Sophos reports that it directs you to a screen that looks exactly like Windows Update — except that when you click the button to update your computer, you get a nice, tasty dose of malware instead.

The page is nearly an exact replica of the real Microsoft Update page with one major exception… It only comes up when surfing from Firefox on Windows. The real Microsoft Update requires Internet Explorer.

The same site was also hosting the traditional Windows XP explorer scanner we have seen for years, as well as a new Windows 7 scanner.

Similar to spam messages that have corrected their grammar and use correct imagery and CSS, the attackers selling fake anti-virus are getting more professional.

They use high quality graphics and are using information from our UserAgent strings that are sent by the browser to customize your malware experience.

As always when surfing the web, if something pops up, always be leery. And always verify what site you’re downloading any file from. Especially if you didn’t initiate the download.

Source: Forbes