Category: OpenSource


Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping

Hundreds of open source packages, including the Red Hat, Ubuntu, and Debian distributions of Linux, are susceptible to attacks that circumvent the most widely used technology to prevent eavesdropping on the Internet, thanks to an extremely critical vulnerability in a widely used cryptographic code library.

The bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) and Transport Layer Security (TLS) protections available on websites that depend on the open source package. Initial estimates included in Internet discussions such as this one indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn’t be surprising if the actual number is much higher. Web applications, e-mail programs, and other code that use the library are vulnerable to exploits that allow attackers monitoring connections to silently decode encrypted traffic passing between end users and servers.

The bug is the result of commands in a section of the GnuTLS code that verify the authenticity of TLS certificates, which are often known simply as X509 certificates. The coding error, which may have been present in the code since 2005, causes critical verification checks to be terminated, drawing ironic parallels to the extremely critical “goto fail” flaw that for months put users of Apple’s iOS and OS X operating systems at risk of surreptitious eavesdropping attacks. Apple developers have since patched the bug.

“It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification,” an advisory issued by Red Hat warned. “An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker.”

GnuTLS developers published this bare-bones advisory that urges all users to upgrade to version 3.2.12. The flaw, formally indexed as CVE-2014-0092, is described by a GnuTLS developer as “an important (and at the same time embarrassing) bug discovered during an audit for Red Hat.” Debian’s advisory is here.

As was the case with last week’s critical encryption bug from Apple, the GnuTLS vulnerability is the result of someone making mistakes in source code that controls critical functions of the program. This time, instead of a single misplaced “goto fail” command, the mistakes involve errors with several “goto cleanup” calls. The GnuTLS program, in turn, prematurely terminates code sections that are supposed to establish secure TLS connections only after the other side presents a valid X509 certificate signed by a trusted source. Attackers can exploit the error by presenting vulnerable systems with a fraudulent certificate that is never rejected, despite its failure to pass routine security checks. The failure may allow attackers using a self-signed certificate to pose as the cryptographically authenticated operator of a vulnerable website and to decrypt protected communications. It’s significant that no one managed to notice such glaring errors, particularly since they were contained in code that anyone can review.

Security researchers are still studying the vulnerability and assessing its effect on the wide array of OSes and applications that depend on GnuTLS. For the moment, readers should assume that the severity is critical given the dizzying amount of downstream code that may be affected. One example: the apt-get installer some distributions of Linux use to distribute and update applications relies on GnuTLS, although exploits against the package can probably be caught by cryptographic code-signing of the downloaded program (thanks to readers for pointing out this secondary level of protection). Version 3 of lib-curl, which is distributed in Debian and Ubuntu, also depends on GnuTLS. Some Debian- and Ubuntu-based virtual private networking applications that work with Cisco Systems hardware are also affected. This list goes on and on.

Source: ArsTechnica

Is Aliyun OS really Linux? Android? A rip-off of both?

When Acer was ready to announce a new smartphone running Alibaba’s Aliyun operating system, Google responded with force. If it were to be released, Google would end its parternship with Acer, which uses Android for 90 percent of its smartphones.

Acer swiftly cancelled the release, but clearly Acer wasn’t happy about the state of affairs. Alibaba, China’s largest e-commerce company, was even less happy.

Alibaba says it wants Aliyun OS to be the “Android of China,” claimign that they’ve spent years working on their Linux-based mobile operating system.

Google didn’t see it that way. Google thinks Alibaba is an Android rip-off.

In Google’s Android Official Blog, Andy Rubin, Google’s senior vice president of mobile and digital content said:

“We built Android to be an open source mobile platform freely available to anyone wishing to use it. In 2008, Android was released under the Apache open source license and we continue to develop and innovate the platform under the same open source license — it is available to everyone at: http://source.android.com. This openness allows device manufacturers to customize Android and enable new user experiences, driving innovation and consumer choice.”

But: “While Android remains free for anyone to use as they would like, only Android compatible devices benefit from the full Android ecosystem. By joining the Open Handset Alliance (OHA), each member contributes to and builds one Android platform — not a bunch of incompatible versions.”

Android is a mobile operating system branch of Linux. While there have been disagreements between developers, Android and mainstream Linux buried the hatchet in March 2012.

So, from where Google sits, Aliyun OS is an incompatible Android fork.  John Spelich, Alibaba vice president of international corporate affairs replied oddly: “[Google] have no idea and are just speculating. Aliyun is different.”

How can Google have no idea about what Aliyun is if it is indeed, as Alibaba claims, a Linux fork? Linux is licensed under the GNU General Public License, version 2 (GPLv2). Part of that license insists that if a GPLv2 program is released to general users, the source code must be made publicly available. Thus, perhaps Google doesn’t have any idea because, as Spelich indidicted and far as I’ve been able to find, Aliyun’s source code is not available anywhere. If indeed the source code isn’t open and freely available, even if Aliyun has no Android connection, this would still make it an illegal Linux fork.

Spelich went on to claim that Aliyun is “not a fork,” adding: “Ours is built on open-source Linux.” In addition, Aliyon runs “our own applications. It’s designed to run cloud apps designed in our own ecosystem. It can run some but not all Android apps.”

Rubin, in a Google+ post, replied, “We agree that the Aliyun OS is not part of the Android ecosystem and you’re under no requirement to be compatible.”

“However, ” he continued, “[t]he fact is, Aliyun uses the Android runtime, framework and tools. And your app store contains Android apps (including pirated Google apps). So there’s really no disputing that Aliyun is based on the Android platform and takes advantage of all the hard work that’s gone into that platform by the OHA.”

Hands on research by Android Police, a publication dedicated to Android reporting and analysis, shows that Aliyun app store includes pirated Google apps.

Android Police found that, “Aliyun’s app store appeared to be distributing Android apps scraped from the Play Store and other websites, not only downloadable to Aliyun devices as .apk files, but also provided by third parties not involved with the apps’ or games’ development. What’s more, we’ve received independent confirmation from the original developers of some of these apps that they did not in fact give consent for their products to be distributed in Aliyun’s app store.”

Not the least of the evidence is that the Aliyun includes Google’s own Android applications such as Google Translate, Google Sky Map, Google Drive, and Google Play Books. The odds of Google giving Aliyun permission to use its own applications are somewhere zero and none.

What we seem to have in Aliyun is an illegal Android and Linux fork, which supports a pirated software ecosystem. I only wonder that Google didn’t come down even harder on Acer and I really wonder how much due diligence, if any, Acer did before signing a deal with Alibaba.

Source: ZDNet

WARNING: Factory Resetting your Android may leave private data on your device

It’s never fun to have to issue a warning, but a new study by the LA Times indicates that the Factory Reset function on Android devices may not work as advertised. The site worked with a security expert to run a test on BlackBerry, Android, and iOS devices as well as PCs. It discovered that important, sensitive data could be retrieved on a large portion of Android devices even after the Factory Reset feature had been properly used.

Robert Siciliano, an identity theft expert from McAfee performed the experiment, where he purchased 30 used devices (mostly smartphones and laptops) from random users on Craigslist. His goal was to see how smart people were about removing their personal information from phones, but as it turns out, even though a majority of owners did correctly Factory Reset their Android devices, he was still able to retrieve vital data like “Social Security numbers, child support documents, credit card account log-ins, and a host of other personal data.” This finding is all the more disturbing since he could find no problems with the way iPhones, iPads, or BlackBerry devices delete their data. The only other weak link was Windows XP, which is so old it’s almost expected.

We’ve reached out to Google’s Android team to try and learn more about this potential vulnerability, but have not heard back as of publication. We’ll update this article if and when we get some answers.

Until we learn more, we don’t recommend that you don’t sell your used Android devices to anyone that you don’t know or trust. It’s quite possible that personal information could be leaked from it.

Ryan: I’ve owned a couple Android phones and I also have the Galaxy Tab.. I am back to BlackBerry and using the 9900, I find Android Phones to drop calls and bug out with force close errors more often like I like when using a phone.  And I can’t seem to drop this keyboard.. emails are much quicker on a BlackBerry than other devices. It would be interesting if RIM decided to let other companies use their keyboard design.

Source: DigitalTrends

Google Android 4.0 Ice Cream Sandwich source code is now available

Google promised, and Google delivered: the source code to Google Android 4.0.1, codenamed “Ice Cream Sandwich,” has been released to the open source community. And as a nice side bonus, the code now available encompasses the complete source code history tree, which includes the never-before-open Android Honeycomb family of releases.

I’m not a developer, so I’ll defer to Google Android Open-Source Project software engineer Jean-Baptiste M. “JBQ” Queru’s post to the Android Building mailing list for details:

This is actually the source code for version 4.0.1 of Android, which is the specific version that will ship on the Galaxy Nexus, the first Android 4.0 device. In the source tree, you will find a device build target named “full_maguro” that you can use to build a system image for Galaxy Nexus. Build configurations for other devices will come later.

Later in the same post, he writes:

 

This release includes the full history of the Android source code tree, which naturally includes all the source code for the Honeycomb releases. However, since Honeycomb was a little incomplete, we want everyone to focus on Ice Cream Sandwich. So, we haven’t created any tags that correspond to the Honeycomb releases (even though the changes are present in the history.)

This is a very cool thing for Google to do – I stand by my opinion that Google had been misrepresenting the openness of the Android operating system to everybody up to and including the US Senate, but this goes a long way towards realigning perception with reality.

But on the other hand, it seems pretty transparent that they only did it for fear that Google’s rushed Motorola Mobility buy coupled with the closed Google Android 3.0 release tree would intensify the scrutiny on the search giant at a time when it can’t afford much more of the legal spotlight.

There’s no point looking a gift horse in the mouth, though, and I’m looking forward to seeing what the Android hacker community puts together with Ice Cream Sandwich as its new foundation.

Download it here.

 

 

Source: Googling Google

KDE takes on Android, Apple’s iOS on smartphones and tablets

If another group was trying to take on Android and Apple’s iOS on smartphones and tablets, I’d dismiss them. RIM, BlackBerry’s parent company, is having a heck of a time getting anyone to buy into PlayBook and while HP TouchPad users loved it,HP killed the TouchPad after only a few weeks. So, why should anyone think that KDE, makers of one of the two most popular Linux desktops, should stand a chance with Plasma Active? Well, because KDE has a long history of delivering the goods with minimal resources.

So what is it? Plasma Active is not, like Android, iOS, or webOS, an operating system. It’s a KDE 4.x style interface and application programming interface (API) designed for touch devices. The Plasma Active Team states that “Plasma Active is innovative technology for an intelligent user experience (UX). It is intended for all types of tablets, smartphones and touch computing devices such as set-top boxes, smart TVs, home automation, in-vehicle infotainment. The goals for this KDE open source project are:

  • A fast embedded UX platform with minimal memory requirements
  • Customizable and modular to support different form factors
  • An interface that adapts as users change Activities.

In their GrandMaster Plan, the developers go into more detail about how they’ll do this: “Plasma Active runs on the proven Linux desktop stack, including the Linux kernel, Qt and KDE’s Plasma Framework. The user interface is designed using Plasma Quick, a declarative markup language allowing for organic user interface design based on Qt Quick. Plasma Active uses existing free desktop technology and brings it to a spectrum of devices through a device-specific user interface. Classical Plasma Widgets can be used on Plasma Active as well as newly created ones. The key driver for the development of Plasma Active is the user experience. Collaboration is made easy through high-level development tools and a well defined process. ”

“The first release of Plasma Active fully focuses on tablet computers. Plasma Active Tablet’s user experience is designed around the web, social networks and multimedia content.” Today, Plasma Active runs on MeeGo and the openSUSE-based Balsam Professional (German language site). There are also OS images for Intel-based tablets, and package builds for ARM and x86 platforms. The group is working flashable images for ARM platforms. The interface will also run on Oracle’s VirtualBox virtual machine. If you want to try it you can find downloads and instructions at the Plasma Active Installation page.

According to Sebastian Kügler, one of Plasma Active’s leading developers Plasma Active is “certainly meant as a replacement for iOS and Android, a completely open, community-driven project with strong backing by a group of (SMB-sized) businesses. We hope this appeals to many hardware vendors, and have in fact already started talking with some. The feedback so far was very good, and the concepts seem to appeal with potential partners. There is definitely demand for an open system without lock-in in the market for devices.”

Kügler also told me that they “have started investigating Tizen, [Intel and the Linux Foundations’ proposed replacement for MeeGo] but at this point, there is too little information out, and too many unknowns. We do see Tizen as a potential and likely target platform, but before Intel and Samsung release an SDK, our hands are tied. It’s not stopping us, since in the meantime, we can still run our stuff on MeeGo and Balsam, and we are investigating, together with the Mer team [Another mobile Linux operating system] how to get Plasma Active onto Mer.

That’s all well and good but does KDE have any industry support for this? Kügler replied, “My employer, open-slx backs this project, and we are actively working towards creating a wider ecosystem of companies around Plasma Active, to make good commercial support available, next to the community resources. This includes OEMs, ODMs and companies that can deliver support around Plasma Active, for example integration with new hardware platforms, support for custom-build OS images, 3rd party software, end-user support, etc.”

To that, I might add that unlike other such mobile projects, KDE starts with a large number of open-source applications that already run with it. That’s an advantage that neither RIM nor HP had. Personally, it’s hard for me to see a competitor to Android or iOS getting traction, but I’ve learned over the years not to bet against the KDE team.

Source: ZDNet

Samsung joins forces with Intel and Microsoft

Samsung has quickly become one of the largest smartphone makers globally, helped by its strong offering of devices using Google’s Android platform.

Analysts said Wednesday’s deals signaled Samsung’s aim to lower its exposure to Android following Google’s $12.5 billion August acquisition of Motorola Mobility.

“The Google Motorola deal certainly gives Samsung some motivation to lessen the dependence on Android,” said Matthew Thornton, analyst at Avian Securities.

Microsoft and Samsung signed on Wednesday a new deal for development and marketing of Windows phones, while also agreeing on a wide patent cross-licensing deal. Samsung has also used Microsoft’s software in the past.

Earlier on Wednesday two Linux software groups, one backed by Samsung, another by Intel, said they have joined forces to develop a new operating system for cellphones and other devices.

Under the deal, the LiMo Foundation and Linux Foundation are effectively merging their LiMo and Meego mobile operating systems and hope to gain wider industry and consumer support, but analysts said the new Tizen platform is likely to struggle.

It would have to attract wide support from developers and manufacturers to compete with the dozen or so other mobile operating systems available in a smartphone market currently dominated by Apple’s in-house software and Google’s Linux-based Android.

“The best hope for them is that big operators get worried by Android … and decide to consciously switch their allegiances to rival platforms to restrict Google’s huge influence over the mobile market,” said analyst Neil Mawston from Strategy Analytics.

Earlier this year Nokia, the biggest phone maker by volume, ditched its own Symbian operating system in favor of Microsoft’s Windows Phone software.

Currently Windows Phone has a smartphone market share of 2-3 percent, according to industry analysts, and LiMo and Meego have less than 1 percent apiece, while Android’s share is almost 50 percent and still growing.

“This (Tizen) is driven by necessity. Linux rivals to Android have failed to gain traction and Samsung needs to reduce its dependence on Google,” said Geoff Blaber, an analyst at London-based telecoms industry consultancy CCS Insight.

The world’s second-biggest cellphone maker behind Nokia, Samsung is the leading user of the Android platform, which has been one of the reasons for its escalating court-room fight over patents with Apple.

Microsoft said the definitive agreement with Samsung to cross-license the patent portfolios of both companies, provides

broad coverage for each company’s products, and it will get royalties for Samsung’s devices running the Android platform.

“It’s probably a win-win. Microsoft is leveraging its patents to get customers while Samsung is looking for ways to lessen its dependence on Android,” said Avian’s Matthew Thornton.

2012 LINUX STORY

LiMo Foundation and the Linux Foundation said the new Tizen platform is an open-source, standards-based software platform that supports multiple devices including smartphones, tablets, smart TVs, netbooks and in-vehicle ‘infotainment’ systems.

A spokesman for Samsung said: “We’ve been a core Linux partner … and this is in line with our strategy of supporting many platforms.”

The initial release is planned for the first quarter of 2012, enabling the first devices using Tizen to come to market in mid-2012, the two groups said.

The world’s largest semiconductor firm Intel and Samsung Electronics, the second biggest maker of cell phones and one of the key contributors to LiMo, will head the technical steering committee developing Tizen.

Earlier this month Intel and Google launched a development partnership to adapt Android for Intel’s Atom processor chips, with a view to having the first Anroid phones featuring Intel chips in the first half of next year.

Linux is the most popular type of free, or open-source, computer operating system which allows the public to use, revise and share. Linux suppliers earn money selling improvements and technical services.

Source: Reuters

Will Windows 8 block users from dual-booting Linux? Microsoft won’t say

There’s a report circulating — originating with a Red Hat employee — that says Microsoft’s new secure-boot functionality in Windows 8 could preclude users from running both Windows and Linux on their PCs.

True or false? Well-grounded or unfounded? Microsoft execs will not comment — which is leading many to assume it’s true.

Matthew Garrett, a power management and mobile Linux developer at Red Hat, blogged about the possible lock-out scenario on September 20. He explained how the Unified Extensible Firmware Interface (UEFI) technology and Microsoft’s  secure-boot plans — outlined in a new blog post on the “Building Windows 8″ blog this week — potentially could thwart those who want to dual boot Linux and Windows 8 on their Windows 8 machines.

Garrett’s conclusion: “It’s probably not worth panicking yet. But it is worth being concerned.”

Microsoft officials have said — via a UEFI session at the company’s recent Build conference, along with the aforementioned blog post — all that they are going to say on the topic.

Here’s what Microsoft has said, re: its secure boot plans for Windows 8. These tidbits are from the previously mentioned Build session on UEFI:

  • All firmware and software in the boot process must be signed by a trusted Certificate Authority (CA)
  • Required for Windows 8 client
  • Does not require a Trusted Platform Module (TPM)
  • Reduces the likelihood of bootkits, rootkits and ransomware

Update: Microsoft officials have posted more on UEFI and secure boot. After reading it, I still don’t know whether anything about Windows 8’s implementation of secure boot will block Linux. Anyone out there able to tell more from the September 22 post on the Building Windows 8 blog?

Source: ZDNet

World’s First BitTorrent Certified Digital TV Launches

The world’s first Digital TV with ‘BitTorrent inside’ will be presented to the public tomorrow at the IFA trade show for consumer electronics in Berlin. The TV is manufactured by Vestel and uses technology from BitTorrent Inc. that allows consumers to find, download and play their favorite digital media directly on their television.

Early 2011 BitTorrent Inc., the company behind the popular file-sharing client uTorrent, launched a new all-in-one ecosystem for BitTorrent-certified products codenamed Chrysalis.

By using a certified application users can search for files that are shared on BitTorrent, download these files, and play them directly on their computers, TV or mobiles devices. Everything is bundled into one system and downloaders don’t have to worry about conversion, codecs or file-formats.

Today BitTorrent Inc. and TV manufacturer Vestel announce the launch of the first digital TV that will come with this built-in BitTorrent support. By embedding BitTorrent technology directly into the the TV hardware the two companies hope to appeal to a wide audience of people who are looking for an even more simple way to enjoy downloaded content in their living room.

“Consumers want all types of personal media and Internet content in their living rooms and the TV remains the most desired device for consuming this digital media, regardless of source,” Vestel’s Hakan Kutlu said commenting on the announcement.

“BitTorrent certification helps our TV line meet this consumer demand and ensures that Vestel products remain at the forefront of technology innovation and adoption,” Kutlu adds.

The first BitTorrent certified TV will be demoed tomorrow in Berlin, Germany at IFA, one of the world’s largest consumer trade shows.

Aside from convenience, the main reason for BitTorrent Inc. to develop the new BitTorrent ecosystem is to simplify the downloading process for less tech-savvy people. Right now, many people drop out after installing a BitTorrent client because they find it too complicated to download and play content.

“The world of digital media has become unnecessarily complex and results in an increasingly fragmented consumer experience. People want access to their entire content library – personal media, Internet files, and artist approved content – regardless of source, media type, or file format,” BitTorrent’s chief strategist Shahi Ghanem said.

BitTorrent told TorrentFreak that more certified devices running Chrysalis software will be announced this fall. Two years ago BitTorrent already partnered with device makers such as Netgear and D-Link to bring BitTorrent to set-top boxes and NAS devices, but these don’t run on Chrysalis yet.

BitTorrent’s efforts to simplify the user experience and become more integrated into devices doesn’t mean that the development of uTorrent will stagnate. The Chrysalis project has replaced the former mainline BitTorrent client, but uTorrent will continue to be developed separately. And with more than 100 million active users a month, that is probably a wise decision.

Source: TorrentFreak

Red Hat CEO thinks the desktop is becoming a legacy application

A running joke at this years LinuxCon is that “X is the year of the Linux desktop.” Jim Zemlin, head of the conference’s sponsoring organization, The Linux Foundation, started it with his keynote in noting how often he’d made that prediction and how often he’s been wrong. The current prediction, which I believe Linus Torvalds made last night was : “2031! The year of the Linux desktop.” Jim Whitehurst, CEO of Red Hat, has another year in mind for the Linux desktop though: Never. Oh, and the Windows and Mac desktops? Get ready to say good-bye to them soon.

In an interview with me, Whitehurst told me that he believes that the “Fat client operating system [the traditional desktop] is becoming a legacy application.” What he meant by that isn’t that your desktops are suddenly going to vaporize into puffs of smoke in 2016 like from some really lame disaster movie. No, his point is that the cost of maintaining and securing a desktop operating system is growing increasingly higher.

So, what he sees happening is that everyone, and it’s not just Linux, “writing their functionality for the back engine. Why would anyone with all the different platforms—smartphones, tablets, etc.—and the costs of securing all of them want to spend money on that? The cost to manage and secure a fat client is ridiculous.”

So what will replace it? He sees several possibilities. In the short run, for businesses he sees Virtual Desktop Infrastructure (VDI) becoming increasing more important. Here, he sees Citrix, which has long provided Windows desktops via its VDI platform, continuing to be the major player. “It’s Citrix’s market to lose,” said Whitehurst.

Red Hat will also play a role in VDI as well. In 2012, Red Hat will be reintroducing ts Simple Protocol for Independent Computing Environments (SPICE)-based VDI. On the server side, SPICE depends on KVM (Kernel Virtual Machine) for its horsepower. Don’t think though that Red Hat plans on head-to-head competition with Citrix for tomorrow’s VDI desktop. They don’t.

Instead, Whitehurst said, “SPICE will be part of a packaged offering for those who want it.” He sees its market as being primary users who are already using Linux desktops, terminal applications, or Linux-based thin-clients. It’s a great offerings, but as for using it to run say “20,000 Windows desktops?” No, that’s Citrix’s market.”

So what kind of desktop does he see the enterprise user moving to, since after all, there’s only so much you can do with any tablet or smartphone? Whitehurst thinks it will probably be based on a KVM-based cloud and using a Web browser as its primary interface.

He added that he thinks Google’s Chrome operating system looks promising and that he plans on trying out the Samsung Chromebook himself sometime soon. You see, unlike many CEO’s, Whitehurst is also a techie. His first exposure to Linux was running Slackware on his own. Today, he runs Fedora 15 as his desktop. He knows Linux. As Red Hat gets ready to become the first billion-dollar open-source company, it’s clear he knows business. He knows the desktop. If he says the fat-client desktop is getting ready to become yesterday’s news, I’m inclined to listen to him.

Source: ZDNet

Google buying Motorola: Nokia, Samsung, and other industry players react

Google said this morning that it dropped its “top five” Android partners a line yesterday to let them know that this Motorola acquisitionwas taking place — so naturally, many of them had prepared statements ready to go. The move will have ripple effects across several entire industries, though — not just the Android ecosystem alone — so we wanted to reach out and get reactions from a few companies that have a vested interest in Google’s successes and failures.

Overall, the theme across Android licensees’ initial statements is unwaveringly supportive at this point. Considering that Google’s primary goal is to shore up Android’s shaky patent situation, that comes as little surprise — though the striking similarity in some of the messaging suggests that Mountain View may have applied some pressure to show a unified front today. Regardless, the ball will be in Google’s court going forward to make sure that these guys aren’t put at a competitive disadvantage against Motorola — a move that could drive them away from Android altogether and into alternatives like Windows Phone, as Nokia’s statement seems to imply.

Follow the break for the full rundown from Nokia, HP, Samsung, HTC, Sony Ericsson, and LG.

 

Nokia

From Nokia, which had bypassed Android for its “commoditization risk” and is preparing to introduce a lineup dominated by Windows Phone devices in the coming years:

“This further reinforces our belief that opportunities for the growth of Nokia’s smartphone business will be greatest with Windows Phone. This could prove to be a massive catalyst for the Windows Phone ecosystem. Additionally, with our respective intellectual property portfolios, Nokia and Microsoft are working together to build and nurture an innovative ecosystem that benefits consumers, operators, developers and other device manufacturers.”

HP

HP hopes to go big with webOS through its own devices (and perhaps licensing deals at some point), which means it’s not directly affected by the Google-Motorola deal — but the seismic shift in the wireless ecosystem has the potential to affect the company’s fortunes nonetheless. Alas, they’ve issued a standard “no comment” today.

Samsung

Though Samsung Mobile US hasn’t specifically weighed in on the deal, JK Shin, President of Samsung Mobile’s global operations, had this to say:

“We welcome today’s news, which demonstrates Google’s deep commitment to defending Android, its partners, and the ecosystem.”

HTC

HTC — which splits its time between Android and Windows Phone — called on CEO Peter Chou for this quote:

“We welcome the news of today’s acquisition, which demonstrates that Google is deeply committed to defending Android, its partners, and the entire ecosystem.”

Additionally, the company insists that the deal won’t have an effect on its working relationship with Google:

“We are supportive of Google’s acquisition of  Motorola Mobility as this is a positive development to the Android ecosystem, which we believe is beneficial to HTC’s promotion of Android phones. The partnership between HTC and Google remains strong and will not be affected by this acquisition.”

Sony Ericsson

Bert Nordberg, CEO of the embattled company, released one of the briefest comments of the day — though it echoes the same sentiment that’s being conveyed by other Android manufacturers:

“I welcome Google‘s commitment to defending Android and its partners.”

LG

LG Mobile boss Jong-Seok Park seems to have cribbed off Nordberg’s notes (or vice versa):

“We welcome Google‘s commitment to defending Android and its partners.”

Source: Thisismynext

Chromebooks get VPN, secure Wi-Fi, Citrix virtualization

Since the unveling of its Chromebook, Google has billed the cloud-based notebook as the ideal device for both enterprise customers and their beleaguered IT departments.

With the most recent update, Google is proving its case.

In an addition that perhaps should have been part of the Chromebook from the beginning, Google is adding virtual private network (VPN) support, allowing users secure remote access of their corporate or institutional networks.

That’s not all. Google is also adding support for the secure 802.1X protocol, which allows network managers to require authentication for users to access secure Wi-Fi networks.

Sweetening the deal is Citrix desktop application vitualization, ideal for companies that rely on expensive software suites but are increasingly made up of road warriors.

Google says all three feature additions are in response to feedback from its business and education customers. With such widely-used features in these sectors, though, why wasn’t it a no-brainer?

Source: ZDNet / Google