msgbartop
All about Google Chrome & Google Chrome OS
msgbarbottom

19 Jun 12 Steven J. Vaughan-Nichols: It’s 2016, and Chrome OS is ascendant


Computerworld - The very first PCs were just appearing when I started using computers. We had already seen the advent of microcomputers and minicomputers. Those machines were designed for people who loved technology, not people who loved getting work done with technology. For work, you used mainframes and midrange Unix and VMS computers with a terminal on the client end. The CP/M-80, Apple II and IBM PC changed all that. Fat client computers took over the world, and they’re still reigning, in the form of Windows PCs and Macs.

But the PC is no Queen Elizabeth II. Its reign, half the length of hers, may be coming to an end.

Google thinks we’re ready to say goodbye to fat client systems and move to cloud-based operating systems, such as its own Chrome OS. Instead of PCs, it wants us to use Chromeboxes and Chromebooks. We’re resisting, but I think we’ll come around to Google‘s point of view in a few short years.

Not that the old mainframe/terminal model ever really went away. Some companies still issue thin clients that are basically input devices, with most of the actual computing happening on a distant server. Others use its descendant, client/server systems. More companies might have stuck with those models, but users made their preferences known. They liked the “personal” in “personal computer.” They wanted their computers to run just the way they wanted.

But as always happens with technology, evolution continued. Over the last few years, PCs have become commodities. Off the top of your head, can you explain what differentiates Dell from HP from Lenovo PCs? Meanwhile, we’ve moved huge quantities of our business and consumer computing to the Web and the cloud. That means that today, there just isn’t that much that you can you do on a PC that you can’t do on a Chromebook. Indeed, some people, including yours truly and Computerworld’s J.R. Raphael, were already using Chromebooks all the time even before the recent refresh.

Today, there are as many useful, fun and essential programs on the Internet as there are on PCs. But, unlike PCs, which require constant upgrades and expert management, Chrome systems automatically update constantly. Want to set up a thousand Chromebooks to access only your corporate-approved websites? I can do that in less time than it takes me to write this column.

Chrome OS is easy for users and administrators, and it’s cheaper. That’s a powerful combination.

What keeps that combo from winning the day is the reluctance to rely on a machine that can’t do much of anything without an Internet connection. But that resistance is going to fade as we all begin to realize that the same thing is more and more true of fat clients.

Opinions

Article source: http://www.computerworld.com/s/article/9228195/Steven_J._Vaughan_Nichols_It_s_2016_and_Chrome_OS_is_ascendant?taxonomyId=89

Tags: , , ,

18 Jun 12 MacBook Pro Retina display ruins web, Google fixing Chrome browser


HP AirPrint
Simply print wirelessly from your iPad®, iPhone®, and iPod touch®1 to HP web-connected printers. Enjoy the freedom to print the stuff you love – photos, tickets, emails and reports – straight from the devices you love wirelessly via your Wi-Fi network. No software or set up required.

Article source: http://www.macvideo.tv/editing/news/?newsId=3364478&pagType=samechandate

Tags: ,

17 May 12 Google To Sell Android Phones Directly





Oct 20: Becoming a Security Detective – Gathering and Analyzing Security Intelligence in the Enterprise

In this all-day virtual event, experts will offer detailed insight in how to collect security intelligence in the enterprise, and how to analyze and study it in order to efficiently identify new threats as well as low-and-slow attacks such as advanced persistent threats. Register today!


Platinum Sponsors: ArcSight, NetIQ, Proofpoint, Thawte
Gold Sponsor: Q1 Labs




October 6: InformationWeek 500 Virtual Event: The Need for Speed

At the 2011 InformationWeek 500 Virtual Conference, C-level executives from leading global companies will gather to discuss how their organizations are turbo-charging business execution and growth.


Platinum Sponsor: ArcSight, Workday
Gold Sponsor: IBM




Aug 25: InformationWeek Dark Reading present: How Security Breaches Happen and What Your Organization Can Do About Them

Attendees will get insights on how to prevent breaches from happening, how to research and identify the source of a breach, and how to remediate a compromise as quickly and efficiently as possible.


Platinum Sponsor: ArcSight, NetIQ, Thawte
Gold Sponsors: Lumension, NetGear, GFI
Silver Sponsor: Motorola




July 28: InformationWeek Symantec present: Infrastructure at Risk — Taking Decisive Action to Secure Your Critical Data Assets

Join the editors of InformationWeek and leading security experts from Symantec for an in-depth look at the current threats faced by large and small organizations, and the implications for your business, your customers, and even your country. You’ll hear how today’s threat landscape is changing drastically, and learn the latest countermeasures and best practices to keep your company’s precious data assets out of the hands of determined cybercriminals.




July 27: Electronic Health Records — Moving from Concept to Reality

At this InformationWeek Healthcare Virtual Event, we will talk with healthcare practitioners, IT professionals and other industry experts about issues surrounding EHR selection, deployment and use.


Platinum Sponsor: HP, Intel, GBS, Geotrust, NextGen
Silver Sponsor: Proofpoint




On-Demand: InformationWeek Interop present: Business Mobility Unleashed

In this virtual event, the leaders behind InformationWeek Business Technology Network and Interop zero in on the top mobile technologies and techniques you’ll need to understand and master to ensure your organization thrives in the wireless world.


Platinum Sponsors: Alcatel-Lucent, APC
Gold Sponsor: HP
Silver Sponsor: Emerson Network Power
Bronze Sponsor: Skybot




On-Demand: Cybersecurity Best Practices

In this half-day virtual event, experts assess the state of cybersecurity in government and present the latest strategies for creating a more secure, attack-proof IT infrastructure. This event will help CISOs and other information assurance professionals in federal, state, and local government stay on top of the latest developments in the field.


Platinum Sponsor: GeoTrust
Gold Sponsor: Bit9




On-Demand: Data Center Transformation

Data centers are undergoing incredible transformations that create
both opportunities and challenges for IT professionals. Server virtualization enables rapid provisioning,
more efficient use of resources, and improved disaster recovery. That trend will continue with storage and network virtualization,
allowing IT pros to further abstract — and optimize — data center resources.In this virtual event, you will learn how prepare your organization for a data center transformation.


Platinum Sponsors: AMD, APC, Cisco, Eaton, SunGard
Gold Sponsor: Emerson Network Power




On-Demand: Cloud Computing Roadmap: Controlling the Cloud – Managing, Optimizing and Integrating Cloud Services with Your Existing IT Infrastructure

In this virtual event, you’ll learn how to craft your own strategy for successfully embracing and integrating new cloud computing capabilities without derailing or destroying your current IT roadmap.


Platinum Sponsors: ArcSight, GoToAssist, SunGard, thawte
Gold Sponsor: Symform
Silver Sponsor: Skybot




On-Demand: Plugging the Leaks — Finding and Fixing the IT Security Holes in your Enterprise

In this virtual event presented by Dark Reading and InformationWeek, you’ll find out how criminals target the flaws in your IT environment, and you’ll get some insight on the best methods for finding and fixing your vulnerabilities — before you’re hit by malware or unauthorized access.


Platinum Sponsors: NetIQ, Novell, thawte, Webroot
Gold Sponsors: ArcSight, Bit9, OpenText
Silver Sponsor: Application Security, Core Security, Lumension

 

Article source: http://www.informationweek.com/news/byte/personal-tech/smart-phones/240000509

Tags: , , , , ,

14 May 12 Windows 8 Update: Firefox, Chrome cry foul over Windows 8 ARM




Microsoft is taking heat from browser competitors Firefox and Chrome for blocking them out of planned Windows 8 devices that will be based on ARM processors.

These low-power machines will run Windows RT, which Microsoft describes as a new member of its Windows operating system family that won’t allow installing third-party software.

Firefox maker Mozilla says that means it won’t be able to devise a version of its browser to run on Windows RT machines, something it says kills competition and is ultimately bad for customers.

“In practice, this means that only Internet Explorer will be able to perform many of the advanced computing functions vital to modern browsers in terms of speed, stability, and security to which users have grown accustomed,” writes Harvey Anderson, Mozilla general counsel in a blog post. “Given that IE can run in Windows on ARM, there is no technical reason to conclude other browsers can’t do the same.”

He also hints that allowing Internet Explorer but effectively blocking other browsers may stir up already settled legal issues about browser bias. “If Windows on ARM is simply another version of Windows on new hardware,” he writes, “it also runs afoul of the EC browser choice and seems to represent the very behavior the DOJ-Microsoft settlement sought to prohibit.”

Mozilla project manager Asa Dotzler expands on the perceived problem in a separate blog post in which he acknowledges that initially this will affect mostly tablets. But he says that as ARM processors are more widely used, Windows RT will have a bigger footprint. “ARM will be migrating to laptop PCs and all-in-one PCs very quickly,” Dotzler writes. “If you read Microsoft’s blog posts about Windows on ARM, you’ll see that they expect ARM PCs to cover the whole spectrum. ARM chips are already being used in servers. This is not a tablet-only concern.”

No word from Microsoft on this.

Windows 8 upgrades?

Microsoft plans a discount program for customers who buy Windows 7 computers this summer who later want to upgrade to Windows 8 Pro, according to a CNET blog post that attributes the details to unnamed sources.

The intent apparently is to keep up sales of Windows 7 PCs during the run-up to the release of Windows 8, since customers might opt to wait a few months to buy the newer version.

It’s not a free upgrade, so customers would buy a Windows 7 PC, then pay more to install Windows 8 on it. Depending on the pricing of the two platforms, that could be more or less expensive than just waiting for Windows 8 and paying for it all at once. Presumably Microsoft has this all thought through.

HP bets its tablet future on Windows 8

HP CEO Meg Whitman says the company will start making tablets again after discontinuing them last year – and they will be based on the new Windows 8 operating system. No word on whether they will be x86 machines or ARM machines.

Whitman also pointed to new technology – memristors – that will eventually be worked into its PCs. A memristor is a resistor that also has memory in enough capacity that it could replace traditional storage in tablets and smartphones. No word on when they might come into play.

Lenovo plans Windows 8 convertible

Lenovo will come out with a Windows 8 version if its tablet/laptop that will take advantage of the operating systems support for traditional applications as well as its new touch-centric Metro aspect, the company’s president of products Peter Hortensius told a Wall Street Journal blogger.

The device will be similar to the Lenovo Ideapad Yoga that looks like a laptop, but if you want to use it as a tablet, the keyboard hinges back behind the screen.

Timeframe for the device: 12 months.

No DVD player

Windows 8 won’t support playing DVD videos, at least not out of the box. Support for optical players has to come from either a Windows add-on at some unspecified extra fee, be bundled as part of a package by hardware manufacturers or bought from a third party and installed by the end user. There are also some free players out there that users could install.

Microsoft says licensing fees for the decoder is one reason for the decision. Another is that fewer and fewer PC hardware platforms come with optical drives, so it just doesn’t make sense to include DVD video support on all of them that run Windows 8, Microsoft says.

ChkDsk gets better

In Windows 8, the ChkDsk utility that looks for and fixes disk problems has been made less disruptive, according to the Building Windows 8 blog.

Currently ChkDsk deals with the disk as a whole and therefore the machine can’t be used while it is running. In Windows 8, the checks can be made in the background so users can keep working on the machines. If ChkDsk finds problems, it notes them and fixes them straight away when the machine is taken offline, reducing the downtime needed to fix disk problems.

Article source: http://pcworld.co.nz/pcworld/pcw.nsf/news/windows-8-update-firefox-chrome-cry-foul-over-windows-8-arm

Tags: , , , , ,

19 Apr 12 How to run the new Chrome OS environment without a Chromebook


Google is revamping its Chrome OS platform with a new desktop environment and window management system. We took a close look at the user interface improvements earlier this week in a detailed hands-on report. In our review, we explained how advanced users can install the experimental new interface on a Chromebook by enabling the developer update channel.

Of course, that only works if you have a Chromebook. After we published our review, we heard from many readers who wanted to test the latest experimental version of Chrome OS on conventional hardware. In this tutorial, we will explain how to install a third-party build of Google’s operating system in a virtualized environment or on a bootable thumb drive.

Chrome OS is a Linux-based operating system that largely consists of open source software. Independent developers can download the source code from a public repository and compile their own builds of the platform. Google uses the name Chromium OS to distinguish the underlying open source project from the commercial version of the operating system that is shipped by hardware manufacturers.

A third-party build that is based on the code from the open source software repositories is technically called Chromium OS, and is branded accordingly. That’s what we are going to be working with in this tutorial. When you get it up and running, you will notice that the browser icon is blue instead of the usual red, green, and yellow.

Google provides detailed instructions that explain how to download the source code, compile all of the components, and generate a bootable system image. The process is a bit involved, however, and isn’t really intended for enthusiasts who just want to try the software. Fortunately, somebody else has already done all the work.

Liam McLoughlin, who is known as Hexxeh on the Internet, routinely generates up-to-date builds of Chromium OS and publishes them on his website for people to download. He offers two separate flavors of the operating system: vanilla and lime. The vanilla builds are more closely aligned with upstream whereas the lime builds include broader hardware support and additional components, such as a Java plugin.

McLoughlin generates new builds every day using the very latest code from the Chromium OS project. That means his recent builds include the Aura-based user interface and other new features that we looked at in our review. In addition to a standard disk image that is suitable for writing to a USB thumb drive, he also supplies a VirtualBox disk image that can be used to easily set up a virtualized Chromium OS environment.

Before we begin, it’s worth noting that running Chromium OS on a regular computer is not the same as running Chrome OS on a Chromebook. There are some distinctive hardware features in Chromebooks that you generally won’t find in regular netbooks and laptops. One key difference is that Chromebooks have a verified boot mechanism that checks at startup to make sure the operating system hasn’t been compromised.

That feature requires specialized hardware and a signed kernel that is supplied by a hardware manufacturer. It’s obviously not a feature that you are going to get when you run Chromium OS on a regular netbook. It’s also worth noting that these Chromium OS builds aren’t as tightly locked down as the standard Chrome OS. You get a full shell and have broader filesystem access.

Testing Hexxeh’s Chromium OS build

The process of obtaining a Chromium OS disk image and writing it to a USB thumb drive is different for each operating system. Hexxeh supplies a utility for Mac OS X that largely automates the entire process. The tool will download the Chromium OS build specified by the user and then write it to a USB thumb drive.

The Chromium OS disk creator tool for Mac OS X

A similar tool is currently being developed for Windows, but isn’t available yet. Windows users will have to download a disk image from Hexxeh’s website and then use a third-party tool to write it to a USB thumb drive. Hexxeh recommends using Image Writer for Windows, which has a pretty self-explanatory user interface.

Linux users will have to use the dd command at the command line to write the disk image to a USB thumb drive. For reasons that aren’t entirely clear to me, the user-friendly USB disk creator tool that comes bundled with Ubuntu seems to consistently fail with the Chromium OS disk image. The dd command, which is the method that Hexxeh recommends, works perfectly. Please note that dd is unforgiving and can do nasty things to your hard drive if you feed it the wrong parameters.

To download the disk image manually, which you will need to do on Windows or Linux, visit Hexxeh’s website and click the USB thumb drive icon next to the latest build. I chose to use the vanilla flavor, which ended up working pretty well on my hardware. The disk image is compressed in a zip archive, with a total download size of 256MB. Hexxeh recommends installing it on a USB storage device that is at least 4GB.

After you write the image to a USB thumb drive, you can get a complete Chromium OS experience by booting from the device. The vast majority of modern PCs natively support USB booting, but you may need to jump through some hoops to get it to work. On most computers, it’s a simple matter of activating a boot device selection menu during startup. On some computers, you might need to go into the bios and manually configure the boot device order.

I tested Hexxeh’s Chromium OS builds on my HP netbook. When the HP logo appears during startup, I have to press the escape key to get to the boot menu and then F9 to get to the boot device selection list. The list lets me choose between booting from the built-in hard drive or the USB thumb drive.

Booting from a USB drive is obviously a lot slower than booting from an internal SSD, so it’s going to take a bit longer than it would on a Chromebook. The process is still pretty fast, however. You will see the Chromium OS logo on the screen for a few moments while the system is booting. When it finishes, you will be presented with the platform’s initial setup wizard. It will walk you through the steps of setting up your WiFi network and user account.

You only have to go through this setup process the first time that you boot the operating system from the USB thumb drive. On subsequent startups, you will instead see the login screen. After you get past the setup or login screen, you will see the Chromium OS desktop in all its Aura-enabled glory.

Hexxeh’s vanilla build worked mostly as expected on my HP netbook, but I encountered several minor hardware problems. The Synaptics clickpad on the netbook proved especially problematic and couldn’t handle click-and-drag operations reliably. I also encountered some difficulty getting the system to resume from a suspended state during my tests.

I had no trouble with WiFi, however, which worked perfectly out of the box. You might see different results, depending on your hardware. If you encounter serious hardware problems, you might want to check and see if your system is better supported by the Lime build.

Virtualization

As noted above, Hexxeh provides VirtualBox disk images alongside the USB images. The VirtualBox images are useful if you want to test Chromium OS in a virtualized environment instead of running it natively on hardware. The image is supplied in a VDI file, which is VirtualBox’s standard virtual disk format.

When you create a new virtual machine in VirtualBox and reach the step where it prompts you to specify a virtual hard disk, click the “Use existing hard disk” option. Next, click the folder icon to the right of the disk selection list. You will see a file selection dialog, which you can use to select the VDI file.

Configuring the Chromium OS VDI in VirtualBox

The vanilla Chromium OS build works well in VirtualBox, though you won’t be able to take advantage of the VirtualBox features that require guest additions. I had some minor issues with cursor control and had to select the option to disable mouse integration from the Machine menu.

Conclusion

Hexxeh’s builds are currently aimed at supporting conventional x86 hardware, but he’s also exploring other possibilities. In a recent Twitter post, he demonstrated an ARM build of Chromium OS booting on the $35 Raspberry Pi Linux computer. It’s possible that the enthusiast community will bring the platform to a variety of other hardware devices and form factors.

Using the instructions in this article, you should be able to get a taste of what Google is going to offer with the next generation of Chrome OS, including the much-improved user interface. Although running a third-party build on conventional hardware probably isn’t practical for day-to-day use, it’s an easy way to explore the capabilities of Google’s operating system without having to purchase a Chromebook.

Article source: http://arstechnica.com/business/news/2012/04/howto-run-the-new-chrome-os-environment-without-a-chromebook.ars

Tags: , , , , ,

22 Mar 12 The Zero-Day Salesmen


At a Google-Run competition in Vancouver last month the search giant’s famously secure Chrome Web browser fell to hackers twice. Both of the new methods used a rigged ­website to bypass Chrome’s security protections and completely hijack a target computer. But while those two hacks defeated the company’s defenses, it was only a third one that actually managed to get under Google’s skin.

A team of hackers from French security firm Vupen were playing by different rules. They declined to enter Google
(
GOOG -

news
-

people
)’s contest and instead dismantled Chrome’s security to win an HP-sponsored hackathon at the same conference. And while Google paid a $60,000 award to each of the two hackers who won its event on the condition that they tell Google every detail of their attacks and help the company fix the vulnerabilities they had used, Vupen’s chief executive and lead hacker, Chaouki Bekrar, says his company never had any intention of telling Google its secret techniques–certainly not for $60,000 in chump change. “We wouldn’t share this with Google for even $1 million,” says Bekrar. “We don’t want to give them any knowledge that can help them in fixing this exploit or other similar exploits. We want to keep this for our customers.”

Article Controls

Emailemail

imageprint

imagereprint

imagenewsletter

imagecomments

imageshare

imagedel.icio.us

imageDigg It!

imageyahoo

imageFacebook

imageTwitter

imageReddit

imagerss

Those customers, after all, don’t aim to fix Google’s security bugs or those of any other commercial software vendor. They’re government agencies who purchase such “zero-day” exploits, or hacking techniques that use undisclosed flaws in software, with the ­explicit ­intention of invading or disrupting the computers and phones of crime suspects and intelligence targets.

In that shady but legal market for security vulnerabilities, a zero-day exploit that might earn a hacker $2,000 or $3,000 from a software firm could earn 10 or even 100 times that sum from the spies and cops who aim to use it in secret. Bekrar won’t detail Vupen’s exact pricing, but analysts at Frost Sullivan, which named Vupen the 2011 Entrepreneurial Company of the Year in vulnerability research, say that Vupen’s clients pay around $100,000 annually for a subscription plan, which gives them the privilege of shopping for Vupen’s techniques. Those intrusion methods include attacks on software such as Micro­soft Word, Adobe
(
ADBE -

news
-

people
) Reader, Google’s Android, Apple
(
AAPL -

news
-

people
)’s iOS operating systems and many more–Vupen bragged at HP’s hacking competition that it had exploits ready for every major browser. And sources familiar with the company’s business say that a single technique from its catalog often costs far more than its six-figure subscription fee. Even at those prices, Vupen doesn’t sell its exploits exclusively. Instead, it hawks each trick to multiple government agencies, a business model that often plays its customers against one another as they try to keep up in an espionage arms race.

Bekrar claims that it carefully screens its clients, selling only to NATO governments and “NATO partners.” He says Vupen has further “internal processes” to filter out nondemocratic nations and requires buyers to sign contracts that they won’t reveal or resell their exploits. But even so, he admits that the company’s digital attack methods could still fall into the wrong hands. “We do the best we can to ensure it won’t go outside that agency,” Bekrar says. “But if you sell weapons to someone, there’s no way to ensure that they won’t sell to another agency.”

That arms-trade comparison is one Vupen’s critics are eager to echo. Chris Soghoian, a privacy activist and fellow at the Open Society Foundations, calls Vupen a “modern-day merchant of death,” selling “the bullets for cyberwar.” After one of its exploits is sold, Soghoian says, “it disappears down a black hole, and they have no idea how it’s being used, with or without a warrant, or whether it’s violating human rights.” The problem was starkly illustrated last year when surveillance gear from Blue Coat Systems
(
BCSI -

news
-

people
) of Sunnyvale, Calif. was sold to a United Arab Emirates firm but eventually ended up tracking political dissidents in Syria. “Vupen doesn’t know how their exploits are used, and they probably don’t want to know. As long as the check clears.”

Vupen is hardly alone in the exploit-selling game, but other firms that buy and sell hacking techniques, including Netragard, Endgame and larger contractors like Northrop Grumman
(
NOC -

news
-

people
) and Raytheon
(
RTN -

news
-

people
), are far more tight-lipped than Bekrar’s small firm in Montpellier, France. Bekrar describes his company as “transparent.” Soghoian calls it “shameless.”

“Vupen is the Snooki of this industry,” says Soghoian. “They seek out publicity, and they don’t even realize that they lack all class. They’re the ­Jersey Shore of the exploit trade.”

Even so, Bekrar won’t share revenue numbers, though he insists the firm is profitable. One person who will share those sales numbers is a South African hacker who goes by the name “the Grugq” and lives in Bangkok. For just over a year the Grugq has been supplementing his salary as a security researcher by acting as a broker for high-end exploits, connecting his hacker friends with buyers among his government contacts. He says he takes a 15% commission on sales and is on track to earn more than $1 million from the deals this year. “I refuse to deal with anything below mid-five-figures these days,” he says. In December of last year alone he earned $250,000 from his government buyers. “The end-of-year budget burnout was awesome.”

Meet The Hackers Who Sell Spies The Tools To Crack Your PC (And Get Paid Six-Figure Fees)

Apple’s Deep Pocketsimage

Adobe Earnings Preview: Tablet and Cloud Initiatives in Focus

Walter Isaacson Discusses Steve Jobs’ Geniusimage

Article source: http://www.forbes.com/forbes/2012/0409/technology-hackers-government-security-zero-day-salesmen.html

Tags: , , ,

14 Mar 12 Boot up: Metro Chrome, Raspberry Pi re-pricing, LTE roaming, Kindle Singles …


A quick burst of 7 links for you to chew over, as picked by the Technology team

Google confirms it’s working on Chrome for Windows 8 Mashable

A Google spokesperson told Mashable that the new version of Chrome would be based on the desktop browser (as opposed to the Android version). “Our goal is to be able to offer our users a speedy, simple, secure Chrome experience across all platforms, which includes both the desktop and Metro versions of Windows 8,” the rep said. “To that end we’re in the process of building a Metro version of Chrome along with improving desktop Chrome in Windows 8 such as adding enhanced touch support.”

Not offering Chrome for Windows 8 would basically be leaving money on the table on Google’s part.

Geotagging poses security risks The United States Army

[Steve] Warren cited a real-world example from 2007. When a new fleet of helicopters arrived with an aviation unit at a base in Iraq, some Soldiers took pictures on the flightline, he said. From the photos that were uploaded to the Internet, the enemy was able to determine the exact location of the helicopters inside the compound and conduct a mortar attack, destroying four of the AH-64 Apaches.

Ow.

So Sirious: iPhone user sues Apple over voice-activated assistant WSJ Law Blog

According to the lawsuit filed Monday in federal court in California: [I]n many of Apple’s television advertisements, individuals are shown using Siri to make appointments, find restaurants, and even learn the guitar chords to classic rock songs or how to tie a tie. In the commercials, all of these tasks are done with ease with the assistance of the iPhone 4S’s Siri feature, a represented functionality contrary to the actual operating results and performance of Siri.

The Law Blog asked Siri whether her makers exaggerated her worth. And she has an answer.

Will 4G LTE devices ever roam internationally? CNET News

“What’s happening in terms of the number of radio technologies that can be added to a chip is not classic Moore’s Law, but it’s similar” said Dan Warren, senior technology director for the GSM Association. “There has been a lot of change in the past 9 to 12 months. And we’re seeing chipsets go from single and dual frequency to four and five frequencies.” Today’s so-called “world” phones already need to operate in about six bands to get access to 2G and 3G networks around the world. To include LTE roaming, wireless devices will need another six or seven frequency bands, Warren estimates. This means that the next generation of truly mobile “world” devices will need at least 12 frequency bands.

Looks like roaming will be HSPA roaming – or just 3G roaming.

Exclusive: Amazon Has Sold Over Two Million Kindle Singles paidContent

Amazon says that in the 14 months the program has been running, it has sold over two million Kindle Singles. Seventy percent of each sale goes to the author or publisher, and Amazon keeps 30%. Amazon wouldn’t disclose its total revenues from those two million singles, but the minimum price of a Single is $0.99 and most are $1.99 (the author or publisher sets the price). So with an average price of $1.87 multiplied by two million, a rough estimate of Amazon’s 30-percent cut is $1.12m.

The novella – or short story – is back?

HP attempts to take on Amazon’s cloud service NYTimes.com

Zorawar “Biri” Singh, senior vice president and general manager of H.P.’s cloud services… did not say how much the computing services would cost, but said “we are not coming at this at ’8 cents a virtual computing hour, going to 5 cents.’” Amazon recently cut its prices, and its lowest cost computing is 2 cents per hour, though with extra features it can cost more. While Amazon tends largely to have a self-service model, Hewlett-Packard’s cloud will also offer more personalized sales and service, Mr. Singh said. H.P. also plans to offer a number of tools for developers to use popular online software languages, like Ruby, Java, and PHP, as well as ways for customers to provision and manage their workloads remotely. The service will also include an online store where people can offer or rent software for use in the Hewlett-Packard public cloud.

Hard to see quite who HP is going for, though. If they don’t go with Amazon, wouldn’t those customers go with Microsoft?

Pricing updates (good news!) from Element 14/Premier Farnell and RS Components Raspberry Pi

Basically, now going to cost a total of £31.86 to get it in your totally non-sweaty hands. (Inc postage and VAT.)

You can follow Guardian Technology’s linkbucket on Pinboard. To suggest a link, either add it below or tag it with @gdntech on the free Delicious service.

(Corrected headline: it’s Chrome for Windows 8 Metro, not necessarily the ARM version. Thanks @pezzonovante1 for pointing that out.)

Article source: http://www.guardian.co.uk/technology/blog/2012/mar/14/technology-links-newsbucket

Tags: , , ,

02 Mar 12 Google Will Offer $1 Million In Rewards For Hacking Chrome In Contest


Updated below to clarify that Google‘s Pwnium contest will take place separately from the Zero Day Initiative’s Pwn2Own competition.

For the last three years, Google’s Chrome browser has left the world’s premiere hacking competition unscathed, even as Firefox, Internet Explorer and Safari have all been taken down by the assembled security researchers. So in a new contest it’s launching this year, Google is offering hackers a million reasons to re-focus their efforts.

Google announced Monday evening that it’s offering up to a million dollars in rewards at a hacking contest it’s calling Pwnium, which take place at the same time as the annual Pwn2Own hacking contest at the CanSecWest security conference in Vancouver. Hackers don’t necessarily need to target Chrome to win a chunk of that money: Google is paying $20,000 to any participant who can exploit hackable bugs in Windows, Flash, or a device driver, security problems that would affect users of all browsers. But for hacks that include flaws specific to Chrome, Google will pay $40,000 each, and for those that exploit only bugs in Chrome, the company will shell out $60,000, up to its million dollar limit.

In fact, Google’s rewards may end up dwarfing those offered by the longer-running Pwn2Own’s organizer, the Hewlett-Packard-owned Zero Day Initiative. HP plans to offer $60,000 to the first place winner of its competition, $35,000 to the second, and $15,000 to the third place contestant, using a point system to determine those placements.

And why is Google willing to pay seven figures to see its browser taken apart in public? Because, the company explains in a blog post, the annual hacking contest offers a chance to test Chrome’s mettle against some of the world’s most innovative hackers in a setting where any new flaws can be identified and patched. In return for its rewards, Google demands any winning researcher submit the details of the exploited flaws to its security team, a condition that ZDI doesn’t impose on its winning hackers.  ”Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing, and sandboxing,” Chrome security engineers Chris Evans and Justin Schuh write. “This enables us to better protect our users.”

The Pwn2Own and Pwnium competitions aren’t the only time researchers can be paid for digging up security flaws in Chrome. Like other companies including Mozilla and Facebook, Google offers “bug bounties” to researchers, and its flaw-buying program has given out more than $300,000 in payments over the last two years.

Since Chrome first appeared as a target in the Pwn2Own contest in 2009, participating hackers haven’t even tried to exploit the browser, focusing instead on the array of other software and devices laid out as the contest’s victims. Because security exploits are usually developed well ahead of the contest, that’s a sign that none of the researchers could find a chink in Chrome’s armor–its security features include sandboxing, which limits the access of an exploit to the rest of a user’s PC and “just-in-time hardening” that prevents javascript on websites from executing commands on the user’s machine.

Even when Google offered an extra $20,000 to anyone who could hack its browsers last year, no one took up the challenge. That result provides great marketing fodder, but Google says it’s more eager to expose bugs in its code–hence this year’s massive payouts. “While we’re proud of Chrome’s leading track record in past competitions, the fact is that not receiving exploits means that it’s harder to learn and improve,” Evans and Schuh write. “To maximize our chances of receiving exploits this year, we’ve upped the ante.”

Article source: http://www.forbes.com/sites/andygreenberg/2012/02/28/google-will-offer-1-million-in-rewards-for-hacking-chrome-in-contest/

Tags: , , ,

02 Mar 12 Pwn2Own Host Responds to Google’s Departure


The host of Pwn2Own has responded to Google’s decision to pull out of the 2012 competition and offer its own cash prizes for Chrome hacks.

Google recently offered up to $1 million in prize money at CanSecWest for those who could exploit the Chrome web browser using all-Chrome bugs or a combo of OS and Chrome bugs. Google also offers cash for participants who uncover exploits that could endanger web browsing altogether, not just with Google’s browser. The company said the competition is separate from Pwn2Own, the latter of which Google decided not to sponsor this year.

“Originally, our plan was to sponsor as part of this year’s Pwn2Own competition,” the Google Chrome Security team said on Monday. “Unfortunately, we decided to withdraw our sponsorship when we discovered that contestants are permitted to enter Pwn2Own without having to reveal full exploits (or even all of the bugs used!) to vendors. Full exploits have been handed over in previous years, but it’s an explicit non-requirement in this year’s contest, and that’s worrisome.”

After we posted the news article, HP DVlabs, the company hosting the Pwn2Own contest, said there’s been some confusion created by Google’s decision to create its own event versus sponsoring HP DVlabs’ Pwn2Own competition. The company also responded to Google’s claim about contestants not having to reveal full exploits to vendors.

“Affected vendors always receive full details for vulnerabilities discovered during the Pwn2Own contest – this is a key benefit for the vendor community,” the company told Tom’s. “HP DVLabs analyzes each vulnerability it receives to determine the root problem, severity of the vulnerability, and its susceptibility to attack to help vendors assess the risks and deal with mitigating them.”

Pwn2Own contestants will have access to a total “purse” of $105,000 this year, spread over three prizes for vulnerabilities discovered in Firefox, Internet Explorer, Safari and Chrome. HP DVlabs says that Google’s withdrawal only removes the additional $20,000 they had offered up for vulnerabilities in its Chrome browser.

“While Google has opted to go it alone to run its own security contest, HP doesn’t necessarily see Google’s move as undermining the Pwn2Own 2012 event,” the company said. “Very few vendors have the expertise, time, or capital to manage security analysis of the type that [parent company] HP TippingPoint does at Pwn2Own and as part of ZDI.Vulnerabilities are increasing in complexity and until vendors significantly invest in creating a thriving security research team within their own organization, they will rely on contests like Pwn2Own that can cut through the clutter and identify vulnerabilities based on risk.”

HP DVLabs has successfully hosted the Pwn2Own contest through the Zero Day Initiative (ZDI) since 2009, and will continue as planned during the conference next week, the company said.

Article source: http://www.tomsguide.com/us/Google-Chrome-Pwn2Own-Hacking-HP-DVlabs,news-14331.html

Tags: , , ,

28 Feb 12 Google Will Offer $1 Million In Rewards For Hacking Chrome In Contest


For the last three years, Google’s Chrome browser has left the world’s premiere hacking competition unscathed, even as Firefox, Internet Explorer and Safari have all been taken down by the assembled security researchers. So this year, Google is offering hackers a million reasons to re-focus their efforts.

Google announced Monday evening that it’s offering up to a million dollars in rewards at the annual Pwn2Own hacking contest, which takes place next week at the CanSecWest security conference in Vancouver. Hackers don’t necessarily need to target Chrome to win a chunk of that money: Google is paying $20,000 to any participant who can exploit hackable bugs in Windows, Flash, or a device driver, security problems that would affect users of all browsers. But for hacks that include flaws specific to Chrome, Google will pay $40,000 each, and for those that exploit only bugs in Chrome, the company will shell out $60,000, up to its million dollar limit.

In fact, Google’s rewards may end up dwarfing those offered by the contest’s official organizers, the Hewlett-Packard-owned Zero Day Initiative. HP plans to offer $60,000 to the first place winner, $35,000 to the second, and $15,000 to the third place contestant, using a point system to determine those placements.

And why is Google willing to pay seven figures to see its browser taken apart in public? Because, the company explains in a blog post, the annual hacking contest offers a chance to test Chrome’s mettle against some of the world’s most innovative hackers in a setting where any new flaws can be identified and patched. In return for its rewards, Google demands any winning researcher submit the details of the exploited flaws to its security team, a condition that ZDI doesn’t impose on the winning hackers.  ”Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing, and sandboxing,” Chrome security engineers Chris Evans and Justin Schuh write. “This enables us to better protect our users.”

Pwn2Own isn’t the only time researchers can be paid for digging up security flaws in Chrome. Like other companies including Mozilla and Facebook, Google offers “bug bounties” to researchers, and its flaw-buying program has given out more than $300,000 in payments over the last two years.

Since Chrome first appeared as a target in the Pwn2Own contest in 2009, participating hackers haven’t even tried to exploit the browser, focusing instead on the array of other software and devices laid out as the contest’s victims. Because security exploits are usually developed well ahead of the contest, that’s a sign that none of the researchers could find a chink in Chrome’s armor–its security features include sandboxing, which limits the access of an exploit to the rest of a user’s PC and “just-in-time hardening” that prevents javascript on websites from executing commands on the user’s machine.

Even when Google offered an extra $20,000 to anyone who could hack its browsers last year, no one took up the challenge. That result provides great marketing fodder, but Google says it’s more eager to expose bugs in its code–hence this year’s massive payouts. “While we’re proud of Chrome’s leading track record in past competitions, the fact is that not receiving exploits means that it’s harder to learn and improve,” Evans and Schuh write. “To maximize our chances of receiving exploits this year, we’ve upped the ante.”

Article source: http://www.forbes.com/sites/andygreenberg/2012/02/28/google-will-offer-1-million-in-rewards-for-hacking-chrome-in-contest/?feed=rss_home

Tags: , , ,