(IDG News Service) The desktop is one the areas ripe for moving into the cloud, and the driver will be lower operational costs for both large and small companies, a VMware executive said at the company's VMworld conference in Cannes.
That's not going to happen over night, but that is where things are headed, according to Jocelyn Goldfein, general manager of the Desktop business unit at VMware, speaking in an interview Tuesday.
"Some days I think it's four years away, and other days I think it's all going to happen way faster than we think. I think Microsoft really bobbled with Vista. It's got everyone, including home users, questioning the future of the desktop, and willing to try something new," said Goldfein.
Moving to the cloud will let more companies take advantage of the economies of scale that come with managing many desktops. "People who specialize in desktop management are going to get the best economies of scale of all, and moving the desktop into an external cloud is going to let large or small enterprises, all the way down to SMBs and maybe even home users, take advantage of that," said Goldfein.
Also, most enterprises simply don't want to be in the business of managing desktops, and small to midsize businesses and home users don't want to either. Home users don't want to upgrade operating systems, patch applications or set firewall rules, according to Goldfein.
"The beauty of virtualization, because it decouples the user environment from the device, is that it actually enables someone to deliver that desktop as a service where they can't today," said Goldfein.
An important part of making desktops cloud compatible, and also helping client virtualization go mainstream, is the introduction of so-called "bare metal" hypervisors for client PCs. They allow the desktop to run locally without access to a network and take advantage of the PC's computing power, instead of just relying on the server.
Citrix is working with Intel to develop its CVP (Client Virtualization Platform) for Intel's Intel vPro and Centrino vPro processors, and the result will ship during the second half of the year, VMware announced on Tuesday.
VMware is usually one step a head of the competition in the virtualization space, but not in this case. Citrix already announced plans to come out with a bare metal hypervisor for PCs, and a partnership with Intel, in January. Just like VMware it plans to come out with its product during the second half of 2009.
"I don't think it's a land grab; the whole world isn't going to standardize on client hypervisors over night," said Goldfein.
PC vendors aren't going to choose one client hypervisor over the other, but will wait and see how the market pans out, she said.
Client virtualization is the more immediate opportunity, and VMware is investing a lot of energy in that space, which started to take off last year, according to Goldfein.
The adoption barriers will have to be lowered even further for the technology to go mainstream, including making the user experience better when running the desktop on the server over. To achieve that VMware is investing in its own display protocol, which will be developed with Teradici, and out during the second half of 2009.
"PC-over-IP is a protocol that they invented. Today it exists in hardware implementations, and we are collaboration with them on a software-only implementation. We think it's going to be as competitive as any soft protocol on the market," said Goldfein.
VMware chose to work with Teradici because of some of its core technologies, including the algorithms it uses to do compression and adaptive rendering, which detects how much bandwidth the user has and adopts on the fly, according to Goldfein.
But still, the performance will get much better when backed it up with hardware acceleration.
"We think that if that model becomes more cost effective it's really going to transform what we today think of as state of the art of remote display protocols," said Goldfein.
By Mikael Ricknäs
Wednesday, February 25, 2009
Sneaky New Virus Spreads via Ads
Hackers infiltrated popular tech business site eWeek.com yesterday using Google's DoubleClick banner ads as a vehicle. Websense caught the malicious coding and published its results, which spurred eWeek to scour its code and remove all phony advertisements.
The pest, named Anti-Virus-1, is complicated and smart. The advertisements are for antivirus software, and when a user clicked on them, the ads redirect to a pornography Website through a series of iframes. Then a PDF pops up loaded with evil code, exploiting a weakness currently festering in the Adobe systems; or the file index.php redirects to the rogue ad server. The server places a file named "winratit.exe" into the user's temporary files folder and stays there without any user interaction.
If the user tries to cleanse the computer by visiting any of several popular software downloading sites, the hack has a twist of the blade waiting: the host file is modified to redirect to even more malicious Websites offering further rogue downloads.
eWeek may not be the first popular Website to be attacked. "Given DoubleClick's tremendous reach, it's possible the rogue ads have shown up on Websites other than eWeek," Websense Vice President of Security Research Dan Hubbard told The Register.
As always, exercise caution when following advertisements.
Brennon Slattery
pcworld
The pest, named Anti-Virus-1, is complicated and smart. The advertisements are for antivirus software, and when a user clicked on them, the ads redirect to a pornography Website through a series of iframes. Then a PDF pops up loaded with evil code, exploiting a weakness currently festering in the Adobe systems; or the file index.php redirects to the rogue ad server. The server places a file named "winratit.exe" into the user's temporary files folder and stays there without any user interaction.
If the user tries to cleanse the computer by visiting any of several popular software downloading sites, the hack has a twist of the blade waiting: the host file is modified to redirect to even more malicious Websites offering further rogue downloads.
eWeek may not be the first popular Website to be attacked. "Given DoubleClick's tremendous reach, it's possible the rogue ads have shown up on Websites other than eWeek," Websense Vice President of Security Research Dan Hubbard told The Register.
As always, exercise caution when following advertisements.
Brennon Slattery
pcworld
Attackers exploit unpatched Excel vulnerability
(Computerworld) For the second time in the past five days, security researchers are warning that hackers are exploiting a critical unpatched vulnerability in widely-used software.
Attackers are exploiting a "zero-day," or unfixed, flaw in Microsoft Corp.'s popular Excel spreadsheet, using the bug to hijack select systems in Asia, many of them in government offices and high-profile corporations, said Vincent Weafer, vice president of Symantec Corp.'s security response group.
Hackers have been using another unpatched vulnerability in Adobe Reader for several weeks in a similar fashion, although now that the exploit code has gone public, experts expect to see attacks quickly increase.
The newest vulnerability, which is in all supported versions of Excel, including the latest -- Excel in Office 2007 on Windows and in Office 2008 for the Mac -- is in the program's file format, said Weafer.
"This is very similar to the Adobe [Reader] vulnerability we found earlier in that it's being used as a targeted threat," said Weafer. He said Symantec's researchers first came across attack code yesterday, and reported their findings to Microsoft the same day.
Today, Microsoft issued a security advisory with more information about the bug; that's typically a first step toward releasing a patch when a vulnerability goes public.
Microsoft spokesman Bill Sisk downplayed the threat to most users, repeating Weafer's comment that attacks have been seen in only limited numbers. But he promised that the company would patch the problem. "Microsoft is currently working to develop a security update for Microsoft Office that addresses this vulnerability and will release it after it has completed testing," he said in an e-mail.
According to Microsoft's advisory, Excel 2000, 2002, 2003 and 2007 on Windows, and Excel 2004 and 2008 on Mac OS X, are affected by the vulnerability.
Until a patch is produced, Microsoft said users could protect themselves by blocking Excel files from opening, a process that requires editing the Windows registry, normally a chore that's beyond the ability of most users. Alternately, users can run Excel 2003 documents through the Microsoft Office Isolated Conversion Environment (MOICE), a tool the company launched in 2007 that converts those files into the more-secure Office 2007 formats to strip out possible exploit code.
It's not clear how effective MOICE will be in stymieing attacks, however, since the exploit now circulating was crafted with Excel 2007 in mind, said Weafer. According to additional analysis by Symantec, the exploit works on PCs running that version of Excel but fails against earlier editions.
Hackers are using the Excel bug to deliver a Trojan horse to targeted machines, added Weaver. The Trojan acts as a downloader that is capable of retrieving and installing additional malware on the hijacked computer.
Weafer declined to draw a line between the recent zero-day dots, noting that attacks -- particularly targeted attacks like those triggering the Excel and Adobe Reader vulnerabilities -- often come in waves. But he was less hesitant to speculate on the near future.
"As soon as you talk about an [unpatched] vulnerability, people start looking at it for use in broad-based attacks," he said.
By Gregg Keizer
Attackers are exploiting a "zero-day," or unfixed, flaw in Microsoft Corp.'s popular Excel spreadsheet, using the bug to hijack select systems in Asia, many of them in government offices and high-profile corporations, said Vincent Weafer, vice president of Symantec Corp.'s security response group.
Hackers have been using another unpatched vulnerability in Adobe Reader for several weeks in a similar fashion, although now that the exploit code has gone public, experts expect to see attacks quickly increase.
The newest vulnerability, which is in all supported versions of Excel, including the latest -- Excel in Office 2007 on Windows and in Office 2008 for the Mac -- is in the program's file format, said Weafer.
"This is very similar to the Adobe [Reader] vulnerability we found earlier in that it's being used as a targeted threat," said Weafer. He said Symantec's researchers first came across attack code yesterday, and reported their findings to Microsoft the same day.
Today, Microsoft issued a security advisory with more information about the bug; that's typically a first step toward releasing a patch when a vulnerability goes public.
Microsoft spokesman Bill Sisk downplayed the threat to most users, repeating Weafer's comment that attacks have been seen in only limited numbers. But he promised that the company would patch the problem. "Microsoft is currently working to develop a security update for Microsoft Office that addresses this vulnerability and will release it after it has completed testing," he said in an e-mail.
According to Microsoft's advisory, Excel 2000, 2002, 2003 and 2007 on Windows, and Excel 2004 and 2008 on Mac OS X, are affected by the vulnerability.
Until a patch is produced, Microsoft said users could protect themselves by blocking Excel files from opening, a process that requires editing the Windows registry, normally a chore that's beyond the ability of most users. Alternately, users can run Excel 2003 documents through the Microsoft Office Isolated Conversion Environment (MOICE), a tool the company launched in 2007 that converts those files into the more-secure Office 2007 formats to strip out possible exploit code.
It's not clear how effective MOICE will be in stymieing attacks, however, since the exploit now circulating was crafted with Excel 2007 in mind, said Weafer. According to additional analysis by Symantec, the exploit works on PCs running that version of Excel but fails against earlier editions.
Hackers are using the Excel bug to deliver a Trojan horse to targeted machines, added Weaver. The Trojan acts as a downloader that is capable of retrieving and installing additional malware on the hijacked computer.
Weafer declined to draw a line between the recent zero-day dots, noting that attacks -- particularly targeted attacks like those triggering the Excel and Adobe Reader vulnerabilities -- often come in waves. But he was less hesitant to speculate on the near future.
"As soon as you talk about an [unpatched] vulnerability, people start looking at it for use in broad-based attacks," he said.
By Gregg Keizer
Gmail's one-two punch: Phishers attack after outage
Gmail users were hit with a double whammy yesterday.
Only hours after Google Inc. fixed a two-and-a-half hour Gmail outage, users of the hosted e-mail service's instant messaging tool were slammed with a phishing attack. Graham Cluley, a senior technology consultant with the UK-based security firm Sophos, wrote in a blog post today that the attack spread through the Gmail's Google Talk chat system.
The attackers sent Gmail users an instant message with no more of a lure than the message "check out this video" and a link from the TinyURL service, according to Cluley. The link, which is no longer working, took users to a website called ViddyHo that asked surfers to enter their Gmail usernames and passwords.
Cluley noted that TinyURL has blacklisted the phishers' site so that its no longer operational.
"The hackers behind ViddyHo could use the credentials they have stolen via their site to break into accounts, grab identity information and impact your wallet," wrote Cluley. "Potentially, a hacker who has grabbed your Gmail password could have accessed your entire address book and scooped up all of your correspondence, including information that you may have archived about other online accounts."
A Google spokesman noted in an email to Computerworld that the company has received "a number of reports" about the phishing attack from users. "We have blocked the addresses being used to send these messages, and users of Firefox, Safari, and Google Chrome will receive a phishing warning when trying to visit the ViddyHo.com site. We have also identified Viddyho.com in our search results as a phishing site," he said. "We encourage users to be very careful when asked to share their personal information."
The security consultant noted that people are often more susceptible to phishing or malware attacks that are spread via instant message than those that spread through email. People simply are more accustomed to being wary of email, leaving themselves vulnerable to other forms of attacks.
"If you were unfortunate enough to fall for this scam, make sure to change your Gmail password immediately. In fact, also change your passwords on any other site where you might be using the same password as on Gmail," said Cluley.
The Google spokesman added that users also should update their Gmail security questionnaire.
Prior to the phishing attack yesterday, Google engineers had worked to get Gmail back up on its feet after a two-and-a-half-hour outage that kept some users from accessing their e-mail entirely and forced others to wait a minute or more for their email to open.
Acacio Cruz, Google's Gmail site reliability manager, wrote in a Google blog post yesterday that the company's engineers are still trying to pinpoint the cause of yesterday's outage. "We know that for many of you, this disrupted your working day," he added. "We're really sorry about this, and we did do everything to restore access as soon as we could. Our priority was to get you back up and running."
The Gmail outage comes just a week after Google acknowledged that some users had experienced problems getting results from Google News searches over a span of more than 14 hours last Wednesday. Some users reported that they weren't getting any results when they were searching for keywords, such as Microsoft or even Google, in Google News. Other users reported that entire news sections, such as Science/Technology, were coming up empty of any stories.
And last December, Google confirmed that there was a technical problem with Google Talk and the Web-based Gmail chat system. One day early in the month, messages created by a "subset" of users were left unsent because of glitches in the messaging system, according to Google spokesman Andrew Kovacs.
Computerworld
By Sharon Gaudin
Only hours after Google Inc. fixed a two-and-a-half hour Gmail outage, users of the hosted e-mail service's instant messaging tool were slammed with a phishing attack. Graham Cluley, a senior technology consultant with the UK-based security firm Sophos, wrote in a blog post today that the attack spread through the Gmail's Google Talk chat system.
The attackers sent Gmail users an instant message with no more of a lure than the message "check out this video" and a link from the TinyURL service, according to Cluley. The link, which is no longer working, took users to a website called ViddyHo that asked surfers to enter their Gmail usernames and passwords.
Cluley noted that TinyURL has blacklisted the phishers' site so that its no longer operational.
"The hackers behind ViddyHo could use the credentials they have stolen via their site to break into accounts, grab identity information and impact your wallet," wrote Cluley. "Potentially, a hacker who has grabbed your Gmail password could have accessed your entire address book and scooped up all of your correspondence, including information that you may have archived about other online accounts."
A Google spokesman noted in an email to Computerworld that the company has received "a number of reports" about the phishing attack from users. "We have blocked the addresses being used to send these messages, and users of Firefox, Safari, and Google Chrome will receive a phishing warning when trying to visit the ViddyHo.com site. We have also identified Viddyho.com in our search results as a phishing site," he said. "We encourage users to be very careful when asked to share their personal information."
The security consultant noted that people are often more susceptible to phishing or malware attacks that are spread via instant message than those that spread through email. People simply are more accustomed to being wary of email, leaving themselves vulnerable to other forms of attacks.
"If you were unfortunate enough to fall for this scam, make sure to change your Gmail password immediately. In fact, also change your passwords on any other site where you might be using the same password as on Gmail," said Cluley.
The Google spokesman added that users also should update their Gmail security questionnaire.
Prior to the phishing attack yesterday, Google engineers had worked to get Gmail back up on its feet after a two-and-a-half-hour outage that kept some users from accessing their e-mail entirely and forced others to wait a minute or more for their email to open.
Acacio Cruz, Google's Gmail site reliability manager, wrote in a Google blog post yesterday that the company's engineers are still trying to pinpoint the cause of yesterday's outage. "We know that for many of you, this disrupted your working day," he added. "We're really sorry about this, and we did do everything to restore access as soon as we could. Our priority was to get you back up and running."
The Gmail outage comes just a week after Google acknowledged that some users had experienced problems getting results from Google News searches over a span of more than 14 hours last Wednesday. Some users reported that they weren't getting any results when they were searching for keywords, such as Microsoft or even Google, in Google News. Other users reported that entire news sections, such as Science/Technology, were coming up empty of any stories.
And last December, Google confirmed that there was a technical problem with Google Talk and the Web-based Gmail chat system. One day early in the month, messages created by a "subset" of users were left unsent because of glitches in the messaging system, according to Google spokesman Andrew Kovacs.
Computerworld
By Sharon Gaudin
Google jumps into EU antitrust case against Microsoft
Google Inc. today said it has asked the European Union's Competition Commission to let it participate in the antitrust agency's investigation of rival Microsoft Corp., joining browser builders Opera and Mozilla in the case.
"We are applying to become a third party in the European Commission's proceeding," Sundar Pichai, Google's vice president of product management, said in a company blog today.
Last month, the EU's commission submitted a preliminary list of charges, or statement of objections, to Microsoft, and accused it of shielding Internet Explorer (IE) from competition by bundling it with Windows.
Mozilla Corp., the maker of Firefox, had earlier been granted "interested third-party" status, which allows it to submit arguments to regulators, to see the charge sheet the commission sent Microsoft and to participate in a face-to-face hearing if Microsoft requests one.
The Norwegian browser developer Opera Software ASA filed the original complaint with the commission in late 2007.
Pichai said Google is getting involved because the field tilts toward Microsoft. "The browser market is still largely uncompetitive, which holds back innovation for users," he said. "This is because Internet Explorer is tied to Microsoft's dominant computer operating system, giving it an unfair advantage over other browsers."
Google, which launched its own Chrome only last September, cited such features as browser tabs and privacy modes as some of the things that have appeared because of competition among browser makers.
"We believe that we can contribute to this debate," added Pichai. "We learned a lot from launching Chrome last year and are hoping that Google's perspective will be useful as the commission evaluates remedies."
Although the commission has not spelled out what actions it might demand Microsoft take, agency spokesman Jonathan Todd has provided some clues. Microsoft could be fined, forced to let users choose alternate browsers to install in Windows or ordered to allow users to disable IE if a different browser is desired.
Speaking of remedies, Mitchell Baker, former CEO of Mozilla and currently the chairman of the nonprofit Mozilla Foundation, today offered her take on changes Microsoft might be required to make.
In a blog entry of her own, Baker, who has been commenting regularly on the issue since Mozilla joined the case as an interested party, listed several potential cures, but stopped short of calling them recommendations. One possibility would be to make Microsoft divulge all APIs available to IE to other browser builders, while another would require Microsoft to offer rival browsers whenever IE or Windows is updated, she said.
Other ideas she offered up ranged from bundling Windows with multiple browsers to including none at all. "This implementation ... has some obvious drawbacks for users," Baker acknowledged.
One antitrust expert has called the EU's investigation pointless.
"I just don't see what it adds to the final judgment in the U.S. case," said William Page, co-author of The Microsoft Case: Antitrust, High Technology, and Consumer Welfare, (University of Chicago Press, 2009) and a member of the faculty of the Levin College of Law at the University of Florida. "OEMs are already free to delete most of the visible evidence of [Internet Explorer] and to install another browser if they want."
According to Web measurement company Net Applications Inc., IE accounted for 67.6% of the browser market in January, the lowest number since the company began compiling data in 2005. Firefox, meanwhile, held down a 21.5% share, while Apple Inc.'s Safari and Google's Chrome ended the month with 8.3% and 1.1%, respectively.
By Gregg Keizer
computerworld
"We are applying to become a third party in the European Commission's proceeding," Sundar Pichai, Google's vice president of product management, said in a company blog today.
Last month, the EU's commission submitted a preliminary list of charges, or statement of objections, to Microsoft, and accused it of shielding Internet Explorer (IE) from competition by bundling it with Windows.
Mozilla Corp., the maker of Firefox, had earlier been granted "interested third-party" status, which allows it to submit arguments to regulators, to see the charge sheet the commission sent Microsoft and to participate in a face-to-face hearing if Microsoft requests one.
The Norwegian browser developer Opera Software ASA filed the original complaint with the commission in late 2007.
Pichai said Google is getting involved because the field tilts toward Microsoft. "The browser market is still largely uncompetitive, which holds back innovation for users," he said. "This is because Internet Explorer is tied to Microsoft's dominant computer operating system, giving it an unfair advantage over other browsers."
Google, which launched its own Chrome only last September, cited such features as browser tabs and privacy modes as some of the things that have appeared because of competition among browser makers.
"We believe that we can contribute to this debate," added Pichai. "We learned a lot from launching Chrome last year and are hoping that Google's perspective will be useful as the commission evaluates remedies."
Although the commission has not spelled out what actions it might demand Microsoft take, agency spokesman Jonathan Todd has provided some clues. Microsoft could be fined, forced to let users choose alternate browsers to install in Windows or ordered to allow users to disable IE if a different browser is desired.
Speaking of remedies, Mitchell Baker, former CEO of Mozilla and currently the chairman of the nonprofit Mozilla Foundation, today offered her take on changes Microsoft might be required to make.
In a blog entry of her own, Baker, who has been commenting regularly on the issue since Mozilla joined the case as an interested party, listed several potential cures, but stopped short of calling them recommendations. One possibility would be to make Microsoft divulge all APIs available to IE to other browser builders, while another would require Microsoft to offer rival browsers whenever IE or Windows is updated, she said.
Other ideas she offered up ranged from bundling Windows with multiple browsers to including none at all. "This implementation ... has some obvious drawbacks for users," Baker acknowledged.
One antitrust expert has called the EU's investigation pointless.
"I just don't see what it adds to the final judgment in the U.S. case," said William Page, co-author of The Microsoft Case: Antitrust, High Technology, and Consumer Welfare, (University of Chicago Press, 2009) and a member of the faculty of the Levin College of Law at the University of Florida. "OEMs are already free to delete most of the visible evidence of [Internet Explorer] and to install another browser if they want."
According to Web measurement company Net Applications Inc., IE accounted for 67.6% of the browser market in January, the lowest number since the company began compiling data in 2005. Firefox, meanwhile, held down a 21.5% share, while Apple Inc.'s Safari and Google's Chrome ended the month with 8.3% and 1.1%, respectively.
By Gregg Keizer
computerworld
Friday, February 20, 2009
Pirate Bay Trial Turns into a Circus
If nothing else, the copyright infringement trial of The Pirate Bay Four in Sweden is turning into an entertaining spectacle. For courtroom drama, it's got it all: Irreverent defendants joking with prosecutors; rabid anti-copyright proponents with megaphones; a hacked recording industry website; and even a cool pirate bus parked outside the court.
As an Ars Technica report indicates, The Pirate Bay defendants are either indifferent to the ways of business, including eye-glazing details like contracts and copyright law, or they're really good at faking it. Defendant Fredrik Neij, who owns The Pirate Bay's domain, told prosecutors that he never read a contract he signed that stated he would oversee the site's operations.
Prosecutors also tried to show that the Pirate Bay team knew all along that the site linked to copyrighted material. They asked Neij about a speech he made in 2006, where he said the site had received numerous threats from copyright owners. Neij replied that he hadn't written the speech, apparently implying that he wasn't clear on its contents.
Whatever they may lack in business acumen, the defendants definitely have a sense of humor. Wired reports that The Pirate Bay crew ran into prosecutors at an Italian restaurant on Wednesday, where the defendants jokingly tried to get the Suits to pick up the check. (They failed.)
Meanwhile, hackers defaced the Swedish website of the International Federation of the Phonographic Industry. But defendant Peter Sunde urged Pirate Bay supporters to give it a rest, adding that website defacing would only "reflect on us badly."
The Pirate Bay trial really comes down to this: It's the Kids vs. the Parents. The Kids, who admittedly are funnier and hipper (and probably smarter) than the Parents, wants to download copyright-protected stuff for free. The Parents want them to pay for it
Jeff Bertolucci, PC World
As an Ars Technica report indicates, The Pirate Bay defendants are either indifferent to the ways of business, including eye-glazing details like contracts and copyright law, or they're really good at faking it. Defendant Fredrik Neij, who owns The Pirate Bay's domain, told prosecutors that he never read a contract he signed that stated he would oversee the site's operations.
Prosecutors also tried to show that the Pirate Bay team knew all along that the site linked to copyrighted material. They asked Neij about a speech he made in 2006, where he said the site had received numerous threats from copyright owners. Neij replied that he hadn't written the speech, apparently implying that he wasn't clear on its contents.
Whatever they may lack in business acumen, the defendants definitely have a sense of humor. Wired reports that The Pirate Bay crew ran into prosecutors at an Italian restaurant on Wednesday, where the defendants jokingly tried to get the Suits to pick up the check. (They failed.)
Meanwhile, hackers defaced the Swedish website of the International Federation of the Phonographic Industry. But defendant Peter Sunde urged Pirate Bay supporters to give it a rest, adding that website defacing would only "reflect on us badly."
The Pirate Bay trial really comes down to this: It's the Kids vs. the Parents. The Kids, who admittedly are funnier and hipper (and probably smarter) than the Parents, wants to download copyright-protected stuff for free. The Parents want them to pay for it
Jeff Bertolucci, PC World
SAP buys PaaS vendor Coghead's intellectual property
SAP has purchased the intellectual-property rights of PaaS (platform as a service) vendor Coghead, and for now will use it only as an internal tool, according to an SAP spokeswoman. Terms were not disclosed.
Coghead recently told customers it planned to shut down its service due to economic factors, but did not mention the SAP deal in its announcement.
SAP will reveal more about how it plans to use the technology in coming weeks, but has no current intentions to sell it as a commercial service, according to the spokeswoman. The company is "working to help Coghead customers transition to new service providers without interruption."
Coghead's platform provides a visual editing environment, workflow and integration tools and a database, along with underlying infrastructure through Amazon's Elastic Compute Cloud. It is one of a wide range of PaaS offerings from the likes of Salesforce.com, Google and Microsoft, as well as smaller players such as Caspio.
A number of these vendors are offering Coghead customers incentives to migrate their applications.
As for Coghead's technology, it fits well with SAP, having been popular among SAP's developer community, according to Redmonk analyst Michael Coté.
There is also a "thriving subculture" of SAP developers who are interested in using emerging technologies, he said.
One example of this is the Enterprise Social Messaging Experiment, a Twitter-like messaging service being developed by SAP community members, Coté said.
In addition, SAP's venture capital arm had made an investment in Coghead, a move that "sort of blessed it for use," Coté said.
Meanwhile, SAP is moving more broadly into Web-based commercial software, both through its nascent Business ByDesign on-demand ERP (enterprise resource planning) software for the midmarket, as well as as-yet unannounced cloud-based services for on-premise software systems.
Coghead recently told customers it planned to shut down its service due to economic factors, but did not mention the SAP deal in its announcement.
SAP will reveal more about how it plans to use the technology in coming weeks, but has no current intentions to sell it as a commercial service, according to the spokeswoman. The company is "working to help Coghead customers transition to new service providers without interruption."
Coghead's platform provides a visual editing environment, workflow and integration tools and a database, along with underlying infrastructure through Amazon's Elastic Compute Cloud. It is one of a wide range of PaaS offerings from the likes of Salesforce.com, Google and Microsoft, as well as smaller players such as Caspio.
A number of these vendors are offering Coghead customers incentives to migrate their applications.
As for Coghead's technology, it fits well with SAP, having been popular among SAP's developer community, according to Redmonk analyst Michael Coté.
There is also a "thriving subculture" of SAP developers who are interested in using emerging technologies, he said.
One example of this is the Enterprise Social Messaging Experiment, a Twitter-like messaging service being developed by SAP community members, Coté said.
In addition, SAP's venture capital arm had made an investment in Coghead, a move that "sort of blessed it for use," Coté said.
Meanwhile, SAP is moving more broadly into Web-based commercial software, both through its nascent Business ByDesign on-demand ERP (enterprise resource planning) software for the midmarket, as well as as-yet unannounced cloud-based services for on-premise software systems.
Take Windows 7 for a spin with VirtualBox
Everyone likes to try new and shiny technology toys like the Windows 7 beta, but when the price is having to replace your existing operating system, that's too much for most people. That's when being able to use a virtualization program can come in darn handy.
To test out how well Windows 7 works on a virtualized system, I decided to use Sun's VirtualBox software. While there are, of course, other virtualization programs out there, such as VMware's Workstation and Parallels Desktop, VirtualBox has two significant advantages over the others. First, it's free. Second, you can use it with several operating systems, including Windows, Linux, Macintosh and OpenSolaris.
In my case, I decided to use VirtualBox to run Windows 7 on two Dell Inspiron 530S systems, one running Windows XP Pro SP3 and the other running MEPIS 7 Linux. Each PC came with a 2.2-GHz Intel Pentium E2200 dual-core processor with an 800-MHz front-side bus, 4GB of RAM, a 500GB SATA drive and an Integrated Intel 3100 Graphics Media Accelerator. While not powerful systems, these proved to have more than enough CPU power to run both their native operating system and Windows 7.
Running VirtualBox
VirtualBox comes in two editions. The full VirtualBox is free for personal use and evaluation, but doesn't come with the complete source code. VirtualBox OSE (Open Source Edition), also free, does come with the source code and includes several enterprise-level features, such as an RDP (Remote Display Protocol) Server and USB support. (Other virtualization applications, like Xen, require tweaking before they'll support USB.) Both versions can run Windows 7.
In general, you'll need at least 1GB of RAM to run VirtualBox and a guest operating system. More RAM is always better. In my testing, I found that Windows 7 would actually run on as little as 512MB, while Vista really needs at least 1GB of its own.
VirtualBox should run on any recent CPU, but it does best with high-end processors that support hardware virtualization enhancements such as Intel's VT-x and Advanced Micro Devices' AMD-V.
The first step is to download a copy of VirtualBox. To run Windows 7 successfully, you'll need at least VirtualBox 2.1.0 -- I ran it on the latest version, VirtualBox 2.1.2.
If you're a Linux or OpenSolaris user, you can also obtain a copy using your software package manager program. VirtualBox supports openSUSE, Fedora, Ubuntu, Debian, Mandriva, PCLinuxOS, RHEL (Red Hat Enterprise Linux), SLE (SUSE Linux Enterprise) and Xandros. You can also find additional support, both for specific operating systems and in general, in the FAQ file and in the User Manual (PDF).
On Windows and Mac OS X, installation requires little more than clicking on the installation file and letting it run. It's a bit more complicated on Linux and OpenSolaris. On Solaris, you need to compile the program. On Linux, you'll need to follow some additional steps, which are described in the Linux download section.
Finally, if you need more guidance, you can find step-by-step instructions for VirtualBox 2.1.0 at the Two Guys Tech site.
Setting up the VM
Your next step is to set up a new virtual machine for Windows 7. You do this by clicking the New button, which will then ask you how big a hard drive you want for the operating system. The default is to give it a 20GB virtual hard drive. With Windows 7, I decided to give it a more generous 40GB. You can also let VirtualBox dynamically determine how much hard drive room an operating system can have, but I prefer to decide for myself.
This done, you set up how much RAM and video memory Windows 7 can have. I prefer to give the operating system an ample 1GB of RAM and 128MB of video memory. You can get by with less, but you'll start noticing system delays.
VirtualBox also lets you set up 3-D graphics acceleration and access optical discs, USB devices, shared drives and so on through its main interface. You can set this up after you have Windows 7 installed, but I prefer to get this basic configuration out of the way first.
Installing Windows 7
With this done, you're ready to actually install Windows 7. You can either run the installation from a DVD or just load the Windows 7 ISO image file. Since I hate wasting time, I loaded the ISO. VirtualBox can load ISOs over both a network or from a local drive.
On both the Linux and Windows test systems, the Windows 7 installation was a snore. It took about half an hour, and the only thing I had to do was to set the proper time zone and enter the Windows 7 beta product key.
Once in place, I also loaded VirtualBox Guest Additions -- an additional set of functions that includes mouse integration (so you can mouse over from Windows 7 to your host desktop and back again without needing to hit the right-hand control button) and the ability to run the VM as a full desktop. They only work with Linux and Windows guest operating systems. But in either case, they're darn useful.
To install the Guest Additions (which downloads automatically with VirtualBox), you need to be running the VM and choose Devices --> Install Guest Additions from the VirtualBox main menu.
I found Windows 7 to run quite well as a VM under both MEPIS Linux and Windows XP SP3. As far as I'm concerned, the Windows 7 beta actually runs better than Vista SP1.
You should be aware, though, of some fundamental differences between running an operating system in a VM and running it natively. The most common problem is the inability to use the higher performance features of graphics, audio or network cards. That's because, like most virtualization software, VirtualBox provides the guest operating system with a virtual VESA-compatible graphics card, a virtual Intel ICH AC '97 audio and several virtual network cards. In short, your virtual Windows 7 can't use your high-end graphics card or what-have-you because only the host system has access to it, not the guest operating system, which must use virtual drivers instead.
Still, unless you want to run a high-end game, you're not going to notice these lacks. VirtualBox gives you everything most of you will need to decide for yourself whether Windows 7 will be worth your time. As far as I'm concerned, Windows 7 and VirtualBox are a great combination.
By Steven J. Vaughan-Nichols
computerworld
To test out how well Windows 7 works on a virtualized system, I decided to use Sun's VirtualBox software. While there are, of course, other virtualization programs out there, such as VMware's Workstation and Parallels Desktop, VirtualBox has two significant advantages over the others. First, it's free. Second, you can use it with several operating systems, including Windows, Linux, Macintosh and OpenSolaris.
In my case, I decided to use VirtualBox to run Windows 7 on two Dell Inspiron 530S systems, one running Windows XP Pro SP3 and the other running MEPIS 7 Linux. Each PC came with a 2.2-GHz Intel Pentium E2200 dual-core processor with an 800-MHz front-side bus, 4GB of RAM, a 500GB SATA drive and an Integrated Intel 3100 Graphics Media Accelerator. While not powerful systems, these proved to have more than enough CPU power to run both their native operating system and Windows 7.
Running VirtualBox
VirtualBox comes in two editions. The full VirtualBox is free for personal use and evaluation, but doesn't come with the complete source code. VirtualBox OSE (Open Source Edition), also free, does come with the source code and includes several enterprise-level features, such as an RDP (Remote Display Protocol) Server and USB support. (Other virtualization applications, like Xen, require tweaking before they'll support USB.) Both versions can run Windows 7.
In general, you'll need at least 1GB of RAM to run VirtualBox and a guest operating system. More RAM is always better. In my testing, I found that Windows 7 would actually run on as little as 512MB, while Vista really needs at least 1GB of its own.
VirtualBox should run on any recent CPU, but it does best with high-end processors that support hardware virtualization enhancements such as Intel's VT-x and Advanced Micro Devices' AMD-V.
The first step is to download a copy of VirtualBox. To run Windows 7 successfully, you'll need at least VirtualBox 2.1.0 -- I ran it on the latest version, VirtualBox 2.1.2.
If you're a Linux or OpenSolaris user, you can also obtain a copy using your software package manager program. VirtualBox supports openSUSE, Fedora, Ubuntu, Debian, Mandriva, PCLinuxOS, RHEL (Red Hat Enterprise Linux), SLE (SUSE Linux Enterprise) and Xandros. You can also find additional support, both for specific operating systems and in general, in the FAQ file and in the User Manual (PDF).
On Windows and Mac OS X, installation requires little more than clicking on the installation file and letting it run. It's a bit more complicated on Linux and OpenSolaris. On Solaris, you need to compile the program. On Linux, you'll need to follow some additional steps, which are described in the Linux download section.
Finally, if you need more guidance, you can find step-by-step instructions for VirtualBox 2.1.0 at the Two Guys Tech site.
Setting up the VM
Your next step is to set up a new virtual machine for Windows 7. You do this by clicking the New button, which will then ask you how big a hard drive you want for the operating system. The default is to give it a 20GB virtual hard drive. With Windows 7, I decided to give it a more generous 40GB. You can also let VirtualBox dynamically determine how much hard drive room an operating system can have, but I prefer to decide for myself.
This done, you set up how much RAM and video memory Windows 7 can have. I prefer to give the operating system an ample 1GB of RAM and 128MB of video memory. You can get by with less, but you'll start noticing system delays.
VirtualBox also lets you set up 3-D graphics acceleration and access optical discs, USB devices, shared drives and so on through its main interface. You can set this up after you have Windows 7 installed, but I prefer to get this basic configuration out of the way first.
Installing Windows 7
With this done, you're ready to actually install Windows 7. You can either run the installation from a DVD or just load the Windows 7 ISO image file. Since I hate wasting time, I loaded the ISO. VirtualBox can load ISOs over both a network or from a local drive.
On both the Linux and Windows test systems, the Windows 7 installation was a snore. It took about half an hour, and the only thing I had to do was to set the proper time zone and enter the Windows 7 beta product key.
Once in place, I also loaded VirtualBox Guest Additions -- an additional set of functions that includes mouse integration (so you can mouse over from Windows 7 to your host desktop and back again without needing to hit the right-hand control button) and the ability to run the VM as a full desktop. They only work with Linux and Windows guest operating systems. But in either case, they're darn useful.
To install the Guest Additions (which downloads automatically with VirtualBox), you need to be running the VM and choose Devices --> Install Guest Additions from the VirtualBox main menu.
I found Windows 7 to run quite well as a VM under both MEPIS Linux and Windows XP SP3. As far as I'm concerned, the Windows 7 beta actually runs better than Vista SP1.
You should be aware, though, of some fundamental differences between running an operating system in a VM and running it natively. The most common problem is the inability to use the higher performance features of graphics, audio or network cards. That's because, like most virtualization software, VirtualBox provides the guest operating system with a virtual VESA-compatible graphics card, a virtual Intel ICH AC '97 audio and several virtual network cards. In short, your virtual Windows 7 can't use your high-end graphics card or what-have-you because only the host system has access to it, not the guest operating system, which must use virtual drivers instead.
Still, unless you want to run a high-end game, you're not going to notice these lacks. VirtualBox gives you everything most of you will need to decide for yourself whether Windows 7 will be worth your time. As far as I'm concerned, Windows 7 and VirtualBox are a great combination.
By Steven J. Vaughan-Nichols
computerworld
Microsoft slates mock Windows 7 updates
Microsoft Corp. will test Windows 7 beta's update mechanism next week by feeding users as many as five fake updates, the company said late Thursday.
People running the public beta of Windows 7 will be offered the mock updates beginning on Tuesday, Feb. 24, said Brandon LeBlanc, a Microsoft spokesman. Microsoft wants to test the Windows Update service's ability to offer, download and install updates to the new operating system.
"These updates do not deliver new features or bug fixes," LeBlanc said in an entry to the company's official Windows 7 blog. "The test updates simply replace system files with the same version of the file currently on the system."
Up to five different test updates will be offered, he added, but unlike real updates, they will not be automatically downloaded and installed, even if the user has turned on Windows 7's Automatic Updates feature. "Users will need to manually install the test updates through Windows Update," LeBlanc said.
The Microsoft team responsible for Windows Update explained in more detail what users will see when the test kicks off next week. "Users will be notified of available updates, but they won't install automatically," the group said on its own blog. "Users will need to go to the Windows Update control panel and manually start installation. If you don't want to install the updates then you can right click on each update and select 'Hide update' to prevent it from being shown."
Microsoft launched the public beta of Windows 7 on Jan. 10, a day later than scheduled because it had problems handling the crush of users rushing to get the preview, which the company planned to limit to the first 2.5 million testers. Later, however, Microsoft backtracked from that idea and, in fact extended the download deadline to Feb. 12.
The next Windows 7 preview for public consumption will be a "release candidate," which Microsoft has talked up but not yet slated for delivery
By Gregg Keizer
Computerworld
People running the public beta of Windows 7 will be offered the mock updates beginning on Tuesday, Feb. 24, said Brandon LeBlanc, a Microsoft spokesman. Microsoft wants to test the Windows Update service's ability to offer, download and install updates to the new operating system.
"These updates do not deliver new features or bug fixes," LeBlanc said in an entry to the company's official Windows 7 blog. "The test updates simply replace system files with the same version of the file currently on the system."
Up to five different test updates will be offered, he added, but unlike real updates, they will not be automatically downloaded and installed, even if the user has turned on Windows 7's Automatic Updates feature. "Users will need to manually install the test updates through Windows Update," LeBlanc said.
The Microsoft team responsible for Windows Update explained in more detail what users will see when the test kicks off next week. "Users will be notified of available updates, but they won't install automatically," the group said on its own blog. "Users will need to go to the Windows Update control panel and manually start installation. If you don't want to install the updates then you can right click on each update and select 'Hide update' to prevent it from being shown."
Microsoft launched the public beta of Windows 7 on Jan. 10, a day later than scheduled because it had problems handling the crush of users rushing to get the preview, which the company planned to limit to the first 2.5 million testers. Later, however, Microsoft backtracked from that idea and, in fact extended the download deadline to Feb. 12.
The next Windows 7 preview for public consumption will be a "release candidate," which Microsoft has talked up but not yet slated for delivery
By Gregg Keizer
Computerworld
Saturday, February 14, 2009
Online Dating Adds Video, Goes Local
The latest Web dating services are adding video chats and location-based searches to help the lovelorn find their soul mates.
Most traditional dating sites require a lot of work up front before you even get to meet the person (and even then, incompatibility horror stories sometimes result). Why not fast-forward to the fun part? Four new sites are helping online daters meet face-to-face more quickly, both online (through video speed dating) and in person (by matching users with nearby singles) so they can exchange real winks instead of the virtual kind.
A caveat: Though these sites have cool features, they may not have a huge user base--or a significant user base in your area. Since much of a site's value depends on the pool of people who participate in it, your results may vary.
Video Speed Dating
WooMe
Designed to remove the stigma associated with matchmaking sites for young adults, WooMe creatyes a speed-dating venue for singles between 18 and 24 years old. Signing up takes seconds. After supplying minimal personal information (no last name required) and a photo, you can start your own chat session with other users or join an existing session. WooMe is about getting people talking, not about assembling detailed profiles.
Unlike most dating sites, which restrict member-to-member contact, WooMe makes communication between users pretty much a no-holds-barred affair. Before I had finished confirming my account, I received multiple friend requests, nudges, and even a flattering invitation to join the "hotties" chat session--all popping up in the middle of the screen.
Theoretically, chat sessions can focus on any topic, but in practice most seem geared toward younger users. Topics like "bored and nuthn to do," "nobody better lay a finger on my butterfinger," and "PaNTieS display" are fairly common, as are more explicit ones. The "CEO compensation limits" discussion I hosted attracted the two oldest men I chatted with--a 27-year-old and a 28-year-old.
Chats have set start times, and the fun, funky music accompanying the countdown wouldn't be out of place in a porn soundtrack (not that I would know...). Most discussions match two or three girls with the same number of guys. Once the chat starts, you have 60 to 90 seconds to talk to each person one-on-one through some combination of Webcam, audio, and IM; most of the speedthroughs I participated in included Webcam and IM, but no audio. To see some examples, check out the WooMe TV part of the site. After the discussion ends, you can contact one of the other participants by sending them a friend request (which allows you to message back and forth) or a nudge.
To find more people to chat with, friend, or nudge, you can search based on WooMe's profile parameters, which include--besides age range and location--looks (hot, beautiful, fine, etc.), "in their element" (anywhere, in a club, behind a computer, etc.), and personality (party, smart, chilled, etc.).
WooMe is a bit of an assault on the senses, but it's also kind of fun. The developers get points for including a "computer Woo test" so you don't have to worry that technical difficulties with your Webcam or microphone might prevent you from discussing "hotties with bodies."
SpeedDate
After sprinting through the lightning-fast 60-second chats on WooMe, I found the dates on SpeedDate almost luxuriously long. SpeedDate basically replicates the real-life speed-dating model, in which you chat with a complete stranger for 3 minutes. Just fill out some fairly rudimentary information, and upload a photo. Within minutes, you'll be set up on an online date, chatting through Webcam, audio, or IM (in my experience, IM was the dominant mode; I was the only person using a Webcam). After the date ends, you immediately notify the system whether the minitryst produced a match; and if both of you vote yes, let the messaging begin!
You can limit your pool of potential speed dates by age range and by general location (Near Me, United States, or Worldwide), but that's it. Be warned the interpretation of "Near Me" is fairly loose: I went on a SpeedDate with one guy who turned out to live about 200 miles away.
Besides going on dates, you can view users' profiles and flirt (send a brief message), wink, or (if you pay $60 per month for a premium membership) add special someones to your speed-date queue; but that's about it. Premium members also get to go drill down past the basic search parameters and into any form field in a profile, such as ethnicity, political beliefs, and height. On the other hand, no user--premium or free--can search open-text fields for interests, hobbies, or other information that might be hidden away in a profile description.The special iPhone application for the SpeedDate service provides an especially satisfying way to scroll through potential matches, thanks to the design decision to place its "Wink" and "Flirt" buttons right above the large profile photo. That makes for a user-friendly interface with one-click convenience.Location-Based Dating
Skout
Think of Skout as a local-food--or perhaps convenience-store--approach to dating. You update your location, and the Web site maps out your fellow users' locations with small profile photos. From there, you can check out their profiles, send them a message, or add them as a friend, perhaps resulting in a real-life, spontaneous meeting.Users can choose who sees their location: no one, friends, or everyone. The site can automatically update your location, or you can supply it yourself, with whatever degree of specificity you like. When others view your profile, the locator map will be zoomed in or out accordingly. In the San Francisco Bay Area, Skout staffers seemed to be the only people using actual street addresses.
Skout organizes users' geotagged photos and status updates into time-stamped news feeds (a carryover from its previous incarnation as a general social network), so you'll know at a glance how current the information is. You can control the location tags for your updates, too. One user posted a stunning photo of a sunset over a forest, tagging it "New York, New York," steadfastly refusing commenters' requests for a more specific location. (It clearly was not taken in New York City.) Currently, the number of Skout users hasn't achieved the critical mass necessary for the site to realize its full potential, but as far as location-based dating services go, it skews far closer to cool than to creepy.
Skout's nearly full-featured mobile site (m.skout.com) is the best part of this service and has a simplified interface that's much easier to navigate than the service's Web site. It lacks the map, but adds the ability to search by keywords. Apple is currently reviewing the company's iPhone app (which is why I don't review it here); but previews of the app suggest that it shares the same functionality as the mobile app.
MeetMoi
MeetMoi's goal is to take online dating out into the real world. Though it borrows heavily from traditional dating sites (including their somewhat earnest tone and limited features), it also has a mobile site (m.meetmoi.com) that can do nearly everything the full site can. The basic service is free, and for $10 per month (charged to your cell phone), you can initiate conversations with other users.You can set your basic search preferences to include age range, location, and when your prospective date last updated his or her profile. The results, sortable by much the same parameters, show distance as miles away from you. The Web site also adds a locator map for each user, zoomed in or out depending on how specific the location information is.
You can choose who gets to see your exact whereabouts on a map: no one, favorites only, or anyone (the default is no one). BlackBerry, Android, and Symbian phones users can download Xtify, a phone application that automatically updates their locations through the mobile site. If you choose not to update your location automatically, you can type in just your city.
Only premium users can initiate conversations, but all users can respond to messages and send winks. You'll be notified by text message when someone contacts you, but don't fear: You can set a maximum number of texts per day as well as the time of day that such messages are welcome.
Location-Based Dating iPhone Apps
Match2blue and WhosHere (note that the WhosHere app is offered through iTunes) are free, stand-alone iPhone apps for location-based dating. Both offer very similar features: quick signup, streamlined communication, and proximity-based searching.
Match2blue further tries to match people by interest, showing more stars in the 'Let's Match' results for people whose declared interests are more in sync. It also allows you to make your location either private or public. WhosHere lets you set the accuracy of your location from "within 30 feet" to "within 2 miles." Still, the privacy controls are fairly loose compared to those enforced at Skout and MeetMoi, so these might be better fits for people who are accustomed to broadcasting their life online--and who have no outstanding warrants.
Nicole Solis
Most traditional dating sites require a lot of work up front before you even get to meet the person (and even then, incompatibility horror stories sometimes result). Why not fast-forward to the fun part? Four new sites are helping online daters meet face-to-face more quickly, both online (through video speed dating) and in person (by matching users with nearby singles) so they can exchange real winks instead of the virtual kind.
A caveat: Though these sites have cool features, they may not have a huge user base--or a significant user base in your area. Since much of a site's value depends on the pool of people who participate in it, your results may vary.
Video Speed Dating
WooMe
Designed to remove the stigma associated with matchmaking sites for young adults, WooMe creatyes a speed-dating venue for singles between 18 and 24 years old. Signing up takes seconds. After supplying minimal personal information (no last name required) and a photo, you can start your own chat session with other users or join an existing session. WooMe is about getting people talking, not about assembling detailed profiles.
Unlike most dating sites, which restrict member-to-member contact, WooMe makes communication between users pretty much a no-holds-barred affair. Before I had finished confirming my account, I received multiple friend requests, nudges, and even a flattering invitation to join the "hotties" chat session--all popping up in the middle of the screen.
Theoretically, chat sessions can focus on any topic, but in practice most seem geared toward younger users. Topics like "bored and nuthn to do," "nobody better lay a finger on my butterfinger," and "PaNTieS display" are fairly common, as are more explicit ones. The "CEO compensation limits" discussion I hosted attracted the two oldest men I chatted with--a 27-year-old and a 28-year-old.
Chats have set start times, and the fun, funky music accompanying the countdown wouldn't be out of place in a porn soundtrack (not that I would know...). Most discussions match two or three girls with the same number of guys. Once the chat starts, you have 60 to 90 seconds to talk to each person one-on-one through some combination of Webcam, audio, and IM; most of the speedthroughs I participated in included Webcam and IM, but no audio. To see some examples, check out the WooMe TV part of the site. After the discussion ends, you can contact one of the other participants by sending them a friend request (which allows you to message back and forth) or a nudge.
To find more people to chat with, friend, or nudge, you can search based on WooMe's profile parameters, which include--besides age range and location--looks (hot, beautiful, fine, etc.), "in their element" (anywhere, in a club, behind a computer, etc.), and personality (party, smart, chilled, etc.).
WooMe is a bit of an assault on the senses, but it's also kind of fun. The developers get points for including a "computer Woo test" so you don't have to worry that technical difficulties with your Webcam or microphone might prevent you from discussing "hotties with bodies."
SpeedDate
After sprinting through the lightning-fast 60-second chats on WooMe, I found the dates on SpeedDate almost luxuriously long. SpeedDate basically replicates the real-life speed-dating model, in which you chat with a complete stranger for 3 minutes. Just fill out some fairly rudimentary information, and upload a photo. Within minutes, you'll be set up on an online date, chatting through Webcam, audio, or IM (in my experience, IM was the dominant mode; I was the only person using a Webcam). After the date ends, you immediately notify the system whether the minitryst produced a match; and if both of you vote yes, let the messaging begin!
You can limit your pool of potential speed dates by age range and by general location (Near Me, United States, or Worldwide), but that's it. Be warned the interpretation of "Near Me" is fairly loose: I went on a SpeedDate with one guy who turned out to live about 200 miles away.
Besides going on dates, you can view users' profiles and flirt (send a brief message), wink, or (if you pay $60 per month for a premium membership) add special someones to your speed-date queue; but that's about it. Premium members also get to go drill down past the basic search parameters and into any form field in a profile, such as ethnicity, political beliefs, and height. On the other hand, no user--premium or free--can search open-text fields for interests, hobbies, or other information that might be hidden away in a profile description.The special iPhone application for the SpeedDate service provides an especially satisfying way to scroll through potential matches, thanks to the design decision to place its "Wink" and "Flirt" buttons right above the large profile photo. That makes for a user-friendly interface with one-click convenience.Location-Based Dating
Skout
Think of Skout as a local-food--or perhaps convenience-store--approach to dating. You update your location, and the Web site maps out your fellow users' locations with small profile photos. From there, you can check out their profiles, send them a message, or add them as a friend, perhaps resulting in a real-life, spontaneous meeting.Users can choose who sees their location: no one, friends, or everyone. The site can automatically update your location, or you can supply it yourself, with whatever degree of specificity you like. When others view your profile, the locator map will be zoomed in or out accordingly. In the San Francisco Bay Area, Skout staffers seemed to be the only people using actual street addresses.
Skout organizes users' geotagged photos and status updates into time-stamped news feeds (a carryover from its previous incarnation as a general social network), so you'll know at a glance how current the information is. You can control the location tags for your updates, too. One user posted a stunning photo of a sunset over a forest, tagging it "New York, New York," steadfastly refusing commenters' requests for a more specific location. (It clearly was not taken in New York City.) Currently, the number of Skout users hasn't achieved the critical mass necessary for the site to realize its full potential, but as far as location-based dating services go, it skews far closer to cool than to creepy.
Skout's nearly full-featured mobile site (m.skout.com) is the best part of this service and has a simplified interface that's much easier to navigate than the service's Web site. It lacks the map, but adds the ability to search by keywords. Apple is currently reviewing the company's iPhone app (which is why I don't review it here); but previews of the app suggest that it shares the same functionality as the mobile app.
MeetMoi
MeetMoi's goal is to take online dating out into the real world. Though it borrows heavily from traditional dating sites (including their somewhat earnest tone and limited features), it also has a mobile site (m.meetmoi.com) that can do nearly everything the full site can. The basic service is free, and for $10 per month (charged to your cell phone), you can initiate conversations with other users.You can set your basic search preferences to include age range, location, and when your prospective date last updated his or her profile. The results, sortable by much the same parameters, show distance as miles away from you. The Web site also adds a locator map for each user, zoomed in or out depending on how specific the location information is.
You can choose who gets to see your exact whereabouts on a map: no one, favorites only, or anyone (the default is no one). BlackBerry, Android, and Symbian phones users can download Xtify, a phone application that automatically updates their locations through the mobile site. If you choose not to update your location automatically, you can type in just your city.
Only premium users can initiate conversations, but all users can respond to messages and send winks. You'll be notified by text message when someone contacts you, but don't fear: You can set a maximum number of texts per day as well as the time of day that such messages are welcome.
Location-Based Dating iPhone Apps
Match2blue and WhosHere (note that the WhosHere app is offered through iTunes) are free, stand-alone iPhone apps for location-based dating. Both offer very similar features: quick signup, streamlined communication, and proximity-based searching.
Match2blue further tries to match people by interest, showing more stars in the 'Let's Match' results for people whose declared interests are more in sync. It also allows you to make your location either private or public. WhosHere lets you set the accuracy of your location from "within 30 feet" to "within 2 miles." Still, the privacy controls are fairly loose compared to those enforced at Skout and MeetMoi, so these might be better fits for people who are accustomed to broadcasting their life online--and who have no outstanding warrants.
Nicole Solis
Lawsuit targets Microsoft over Vista-to-XP downgrades
A California woman has sued Microsoft Corp. over the $59.25 fee she was charged to "downgrade" Windows Vista on a new laptop to the older Windows XP, federal court documents show.
The lawsuit, filed Wednesday in a Seattle federal court, is Microsoft's latest legal problem related to Windows Vista, which has faced scrutiny for nearly two years in the better-known "Vista Capable" case.
Los Angeles resident Emma Alvarado charged Microsoft with multiple violations of Washington state's unfair business practices and consumer protection laws over its policy of barring computer makers from continuing to offer XP on new PCs after Vista's early-2007 launch. Alvarado is seeking compensatory damages and wants the case declared a class-action suit.
According to Alvarado, Microsoft coerced computer makers into "agreeing to restrictive and anticompetitive licensing terms" for XP. "Microsoft did so in order to maintain, protect and extend its market power in operating systems software into the next generation of personal computing, to lessen competition, to promote Vista and to enhance its monopoly position," her lawsuit claimed.
Irked at having to pay a fee for downgrading a new Lenovo notebook to XP, Alvarado said that Microsoft had used its position as the dominant operating system maker to "require consumers to purchase computers pre-installed with the Vista operating system and to pay additional sums to 'downgrade' to the Windows XP operating system."
"Downgrade" describes the Windows licensing rights that Microsoft gives users, who are allowed under special circumstances to replace newer versions of Windows with an older edition without having to pay for another license. In effect, the license for the newer Windows is transferred to the older edition.
After Vista's launch, PC makers stopped or significantly curtailed sales of machines with XP, but users -- and eventually resellers as well -- began to take advantage of downgrade rights as Vista's reputation slid. By Microsoft's rules, only buyers of PCs with pre-installed editions of Vista Business and Vista Ultimate could downgrade, and then only to Windows XP Professional.
As more users demanded downgrades, Microsoft allowed computer makers to install XP Professional at the factory. The computer makers charged a variety of fees for the service. Last December, Dell Inc. came under fire for adding $150 to the price of a downgraded PC: Dell said $20 was for the actual downgrade and another $130 to cover the additional cost of replacing the usual Vista Home Premium -- the most popular edition -- with Vista Business or Vista Ultimate.
Microsoft has extended XP availability several times. In October 2008, for instance, it added six months to the time when it makes XP media available to large computer makers.
The lawsuit, filed Wednesday in a Seattle federal court, is Microsoft's latest legal problem related to Windows Vista, which has faced scrutiny for nearly two years in the better-known "Vista Capable" case.
Los Angeles resident Emma Alvarado charged Microsoft with multiple violations of Washington state's unfair business practices and consumer protection laws over its policy of barring computer makers from continuing to offer XP on new PCs after Vista's early-2007 launch. Alvarado is seeking compensatory damages and wants the case declared a class-action suit.
According to Alvarado, Microsoft coerced computer makers into "agreeing to restrictive and anticompetitive licensing terms" for XP. "Microsoft did so in order to maintain, protect and extend its market power in operating systems software into the next generation of personal computing, to lessen competition, to promote Vista and to enhance its monopoly position," her lawsuit claimed.
Irked at having to pay a fee for downgrading a new Lenovo notebook to XP, Alvarado said that Microsoft had used its position as the dominant operating system maker to "require consumers to purchase computers pre-installed with the Vista operating system and to pay additional sums to 'downgrade' to the Windows XP operating system."
"Downgrade" describes the Windows licensing rights that Microsoft gives users, who are allowed under special circumstances to replace newer versions of Windows with an older edition without having to pay for another license. In effect, the license for the newer Windows is transferred to the older edition.
After Vista's launch, PC makers stopped or significantly curtailed sales of machines with XP, but users -- and eventually resellers as well -- began to take advantage of downgrade rights as Vista's reputation slid. By Microsoft's rules, only buyers of PCs with pre-installed editions of Vista Business and Vista Ultimate could downgrade, and then only to Windows XP Professional.
As more users demanded downgrades, Microsoft allowed computer makers to install XP Professional at the factory. The computer makers charged a variety of fees for the service. Last December, Dell Inc. came under fire for adding $150 to the price of a downgraded PC: Dell said $20 was for the actual downgrade and another $130 to cover the additional cost of replacing the usual Vista Home Premium -- the most popular edition -- with Vista Business or Vista Ultimate.
Microsoft has extended XP availability several times. In October 2008, for instance, it added six months to the time when it makes XP media available to large computer makers.
Alvarado's lawsuit said that Microsoft's extensions were "likely due to the tremendous profits that Microsoft has reaped from its 'downgrade' option."
Her lawyers also argued that Microsoft's practice is anticompetitive and monopolistic, and resulted in consumers paying higher prices for their PCs. "They have been forced to pay substantially more to acquire the Windows XP operating system than they would have to pay in a competitive marketplace," the complaint read.
Microsoft said it was premature to comment, as it had not yet been served with the lawsuit.
By Gregg Keizer
computerworld
Friday, February 13, 2009
Michael Phelps Bows Out of IBM Conference
Michael Phelps reportedly skipped a scheduled speaking appearance at the IBM Pulse conference in Las Vegas Tuesday.
Phelps, the 23-year-old swimmer who won eight Olympic gold medals last summer, is embroiled in controversy over a photo that shows him smoking a bong. The United States swimming association suspended Phelps from competition for three months and the swimmer lost an endorsement deal with Kellogg's.
Phelps is listed as one of the speakers at IBM's Pulse show, with promotional materials urging attendees to come "be inspired by special guest speaker, Olympic champion Michael Phelps."
But a report by CNBC said the news organization "has confirmed through multiple sources that Michael Phelps did not show up at the IBM Pulse 2009 Conference at the MGM Grand Hotel in Las Vegas, where he was scheduled to speak on Tuesday."
A spokesman for Phelps said it was his decision, rather than IBM's, to cancel the appearance, according to CNBC. "Michael is concentrating on swimming this week," the spokesman told CNBC.
Phelps has won 14 Olympic gold medals including the eight last summer, which broke a record previously held by Mark Spitz. Phelps has not yet announced whether he will swim at the 2012 Olympics.
The IBM Pulse show runs from Sunday through Thursday, and features IBM executives and customers discussing IT service management.
Jon Brodkin, Network World
Phelps, the 23-year-old swimmer who won eight Olympic gold medals last summer, is embroiled in controversy over a photo that shows him smoking a bong. The United States swimming association suspended Phelps from competition for three months and the swimmer lost an endorsement deal with Kellogg's.
Phelps is listed as one of the speakers at IBM's Pulse show, with promotional materials urging attendees to come "be inspired by special guest speaker, Olympic champion Michael Phelps."
But a report by CNBC said the news organization "has confirmed through multiple sources that Michael Phelps did not show up at the IBM Pulse 2009 Conference at the MGM Grand Hotel in Las Vegas, where he was scheduled to speak on Tuesday."
A spokesman for Phelps said it was his decision, rather than IBM's, to cancel the appearance, according to CNBC. "Michael is concentrating on swimming this week," the spokesman told CNBC.
Phelps has won 14 Olympic gold medals including the eight last summer, which broke a record previously held by Mark Spitz. Phelps has not yet announced whether he will swim at the 2012 Olympics.
The IBM Pulse show runs from Sunday through Thursday, and features IBM executives and customers discussing IT service management.
Jon Brodkin, Network World
Microsoft Plans Stores, Hires Dreamworks Exec
Microsoft plans to open its own retail stores to "transform the PC and Microsoft buying experience," the company said Wednesday as it hired an executive to run the retail operation.
The stores will help Microsoft engage more deeply with consumers and learn firsthand about what they want to buy and how, according to a Microsoft press release. Deciding where the stores will be located and what they'll look like will be the first order of business for David Porter, who will report to work on Monday as corporate vice president of Retail Stores.
Microsoft has long been perceived as lagging behind rival Apple in appealing directly to consumers, and Apple has a head start of several years in running a chain of stores. While Microsoft makes its own Xbox game terminals, Zune media players and some other devices, it doesn't have a branded PC product of its own like Apple's Macintosh.
In December, Apple neared 10 percent of personal computer sales while Windows lost a full percentage point of share for the second month in a row.
With the retail strategy, Microsoft said it hopes to articulate and demonstrate its innovation and value proposition. It will pass on lessons it learns from the stores to its retail and OEM (original equipment maker) partners.
The move comes as the company gears up for the release of the Windows 7 PC operating system as well as new releases of Windows Mobile and of the Windows Live online portal. It follows changes Microsoft has made to its marketing efforts as the Windows Vista operating system took on a negative image.
Porter has been head of worldwide product distribution for Dreamworks Animation SKG since 2007, but before that, he spent 25 years at Wal-Mart Stores. His last position there was vice president and general merchandise manager of entertainment.
Microsoft has already had at least one retail store. In 1999, it opened a large store on the second floor of Sony's Metreon entertainment and shopping complex in downtown San Francisco. Among other things, visitors to the store could try out Windows CE-based handhelds and buy Microsoft apparel, souvenirs and shrink-wrapped software. The shop closed several years later, as did most of the other non-Sony-related businesses in the complex.
Stephen Lawson, IDG News Service
Microsoft, Symantec, VeriSign join forces to fight Downadup worm
Nearly 20 technology companies and organizations are combining forces to disrupt the command-and-control infrastructure of the rapidly spreading Downadup worm, prompted by infection rates of nearly 2.2 million machines each day.
Firms, including Microsoft Corp., Symantec Corp. and VeriSign Inc., have joined ICANN, the nonprofit group that manages the Internet Domain Name System, to preemptively register and remove from circulation the Internet addresses that the worm's controllers use to maintain their hold on infected machines, said Gerry Egan, director of product management in Symantec's security response group.
Separately, Microsoft has offered a $250,000 reward for information that results in the arrest and conviction of the hackers who created and launched the worm.
Although Microsoft launched its hacker bounty program in 2003, it has rarely used the $5 million it set aside at the time. The last time it offered a reward was in 2004, when it posted a quarter-million-dollar bounty on the maker of the Sasser worm. A German teenager was arrested in May 2004 and charged with creating Sasser. The following year, Microsoft paid out the reward to two people who helped identify the hacker.
Perhaps not coincidentally, security researchers -- including those at Symantec -- have recently drawn comparisons between Sasser and Downadup, which also goes by the name "Conficker." Much of those comparisons relate to the size of the current attack, as well as the fact that the worm targets a wide-scale Microsoft vulnerability.
To stymie Downadup, the coalition plans to either pre-register or remove from circulation as many of the 250 different domains that the worm uses as possible, said Egan. "We're working with the domain registrars to take them out," he said. "It's a combination of registering the domains and removing them from circulation."
Once it has infected a PC, Downadup generates a list of 250 possible domains -- the list changes daily -- selects one, then uses that URL to reach a malicious server from which it downloads additional malware to install on the hijacked computer. Symantec and other security vendors, including Helsinki, Finland-based F-Secure Corp., have been preemptively registering some of those domains for weeks. They have then monitored the domains to get an idea of the worm's back-end processes and to track its spread.
Symantec has used that approach to gauge the current strength of the worm. According to Egan, over the last five days, Symantec has monitored an average of 453,000 different IP addresses infected a day with Downadup.a, the original November version, and 1.74 million more IP addresses infected a day with Downadup.b, the more virulent variant that debuted in late December 2008.
Together, the two versions have infected an average of nearly 2.2 million PCs daily.
Egan declined to say whether the group would be able to completely disable the worm's control mechanism, but said the consortium's formation does not mean that researchers have new information about what malicious tasks the infected PCs might be told to perform. "We have no indication of its purpose as of yet," he said.
Even so, Symantec sounded worried.
"The millions of systems infected by Downadup pose a risk to Internet users as well as to the infrastructure of the Internet," the company said in a long post to its security blog. "Under the control of attackers, the millions of infected systems could be used to launch distributed denial-of-service attacks against specific users or organizations, crippling their ability to function on the Internet. Additionally, the infected systems could be used to deploy further threats, such as seeding a new worm that targets a more recent or undisclosed vulnerability."
Last month, Microsoft refreshed its Malicious Software Removal Tool (MSRT), an anti-malware utility that cleans infected Windows PCs, with a signature for Downadup. Microsoft rarely reacts with a new MSRT signature as fast as it did in January.
The company has not responded to a questions about how many PCs the MSRT has scrubbed of Downadup.
While Downadup uses several attack strategies -- including using USB storage devices, such as flash drives, to spread -- one of its primary infection vectors is by exploiting a Microsoft vulnerability that the company patched with an "out-of-cycle" update in late October 2008.
By Gregg Keizer
computerworld
Firms, including Microsoft Corp., Symantec Corp. and VeriSign Inc., have joined ICANN, the nonprofit group that manages the Internet Domain Name System, to preemptively register and remove from circulation the Internet addresses that the worm's controllers use to maintain their hold on infected machines, said Gerry Egan, director of product management in Symantec's security response group.
Separately, Microsoft has offered a $250,000 reward for information that results in the arrest and conviction of the hackers who created and launched the worm.
Although Microsoft launched its hacker bounty program in 2003, it has rarely used the $5 million it set aside at the time. The last time it offered a reward was in 2004, when it posted a quarter-million-dollar bounty on the maker of the Sasser worm. A German teenager was arrested in May 2004 and charged with creating Sasser. The following year, Microsoft paid out the reward to two people who helped identify the hacker.
Perhaps not coincidentally, security researchers -- including those at Symantec -- have recently drawn comparisons between Sasser and Downadup, which also goes by the name "Conficker." Much of those comparisons relate to the size of the current attack, as well as the fact that the worm targets a wide-scale Microsoft vulnerability.
To stymie Downadup, the coalition plans to either pre-register or remove from circulation as many of the 250 different domains that the worm uses as possible, said Egan. "We're working with the domain registrars to take them out," he said. "It's a combination of registering the domains and removing them from circulation."
Once it has infected a PC, Downadup generates a list of 250 possible domains -- the list changes daily -- selects one, then uses that URL to reach a malicious server from which it downloads additional malware to install on the hijacked computer. Symantec and other security vendors, including Helsinki, Finland-based F-Secure Corp., have been preemptively registering some of those domains for weeks. They have then monitored the domains to get an idea of the worm's back-end processes and to track its spread.
Symantec has used that approach to gauge the current strength of the worm. According to Egan, over the last five days, Symantec has monitored an average of 453,000 different IP addresses infected a day with Downadup.a, the original November version, and 1.74 million more IP addresses infected a day with Downadup.b, the more virulent variant that debuted in late December 2008.
Together, the two versions have infected an average of nearly 2.2 million PCs daily.
Egan declined to say whether the group would be able to completely disable the worm's control mechanism, but said the consortium's formation does not mean that researchers have new information about what malicious tasks the infected PCs might be told to perform. "We have no indication of its purpose as of yet," he said.
Even so, Symantec sounded worried.
"The millions of systems infected by Downadup pose a risk to Internet users as well as to the infrastructure of the Internet," the company said in a long post to its security blog. "Under the control of attackers, the millions of infected systems could be used to launch distributed denial-of-service attacks against specific users or organizations, crippling their ability to function on the Internet. Additionally, the infected systems could be used to deploy further threats, such as seeding a new worm that targets a more recent or undisclosed vulnerability."
Last month, Microsoft refreshed its Malicious Software Removal Tool (MSRT), an anti-malware utility that cleans infected Windows PCs, with a signature for Downadup. Microsoft rarely reacts with a new MSRT signature as fast as it did in January.
The company has not responded to a questions about how many PCs the MSRT has scrubbed of Downadup.
While Downadup uses several attack strategies -- including using USB storage devices, such as flash drives, to spread -- one of its primary infection vectors is by exploiting a Microsoft vulnerability that the company patched with an "out-of-cycle" update in late October 2008.
By Gregg Keizer
computerworld
Wednesday, February 11, 2009
Microsoft Update Takes on Spam-spewing Botnet
Microsoft has beefed up the Malicious Software Removal Tool (MSRT) that ships with its Windows operating system so that it will detect and root out the notorious Srizbi botnet code.
"This month's MSRT takes on one of the largest botnets currently active worldwide," wrote Microsoft spokesman Vincent Tiu in a blog posting Tuesday, the day the update to the software removal tool was released. "Win32/Srizbi has been accused of being responsible for a huge chunk of spam e-mail messages sent in the years after its discovery," he added. "We hope to make a positive impact with the addition of Win32/Srizbi into MSRT."
Because Microsoft's detection software runs on hundreds of millions of computers worldwide, including many that are not running up-to-date antivirus software, a move like this can bring a botnet to its knees. That's what happened in September 2007, when Microsoft added detection for the Storm Worm botnet. Within 24 hours it had removed about 91,000 Storm infections, and soon the botnet was a shadow of its former self, experts say.
However, the results may not be so dramatic this time around. Srizbi was effectively knocked out of action last November when operators of the McColo Internet service provider in San Jose, California, were kicked off the Internet.
That takedown knocked the Srizbi command-and-control servers out of operation, and only about 1 percent of the botnet is still active. There are, however, several hundred thousand Srizbi-infected PCs out there, all of which are quietly waiting for new instructions, should criminals ever discover a way to reach them now that McColo is out of commission.
Microsoft could have taken a bigger bite out of spam had it targeted another botnet called Xarvester, said Joe Stewart, a botnet researcher with security vendor SecureWorks.
Still he applauded Microsoft's move to clean up the Srizbi-infected computers. "It's good to get them cleaned up, but it's not going to have the impact that it had on Storm."
Robert McMillan, IDG News Service
"This month's MSRT takes on one of the largest botnets currently active worldwide," wrote Microsoft spokesman Vincent Tiu in a blog posting Tuesday, the day the update to the software removal tool was released. "Win32/Srizbi has been accused of being responsible for a huge chunk of spam e-mail messages sent in the years after its discovery," he added. "We hope to make a positive impact with the addition of Win32/Srizbi into MSRT."
Because Microsoft's detection software runs on hundreds of millions of computers worldwide, including many that are not running up-to-date antivirus software, a move like this can bring a botnet to its knees. That's what happened in September 2007, when Microsoft added detection for the Storm Worm botnet. Within 24 hours it had removed about 91,000 Storm infections, and soon the botnet was a shadow of its former self, experts say.
However, the results may not be so dramatic this time around. Srizbi was effectively knocked out of action last November when operators of the McColo Internet service provider in San Jose, California, were kicked off the Internet.
That takedown knocked the Srizbi command-and-control servers out of operation, and only about 1 percent of the botnet is still active. There are, however, several hundred thousand Srizbi-infected PCs out there, all of which are quietly waiting for new instructions, should criminals ever discover a way to reach them now that McColo is out of commission.
Microsoft could have taken a bigger bite out of spam had it targeted another botnet called Xarvester, said Joe Stewart, a botnet researcher with security vendor SecureWorks.
Still he applauded Microsoft's move to clean up the Srizbi-infected computers. "It's good to get them cleaned up, but it's not going to have the impact that it had on Storm."
Robert McMillan, IDG News Service
Intel's $7 billion 'Made in the USA' investment
WASHINGTON -- It's been a dismal decade for manufacturing, with the more than 2 million U.S. jobs heading overseas.
Then, along comes Intel Corp. today, announcing a plan to spend $7 billion to upgrade its manufacturing in the U.S. -- a move that will retain or create about 7,000 jobs.
Intel is facing the same economic headwind slowing down all tech companies, and its revenues dropped 23% in the last quarter.
But CEO Paul Otellini detailed investment plans for facilities in Oregon, Arizona and New Mexico -- and not in China.
There are a lot of reasons why Intel may want to move quickly to build manufacturing capability for its next-generation 32-nanometer chips, and why the U.S. remains the best place to make them, according to analysts.
Frank Gillett, an analyst at Forrester Research Inc., said Intel's road map for producing the new processors was established long ago, and not moving ahead with this plan would have meant breaking the schedule, exposing the company to competitive risks.
The new chips, code-named Westmere, won't appear in servers until the end of this year or early next year, and by then, business spending on technology may be rebounding, said Gillett. "It would be hard to argue that they shouldn't be making this investment," he said.
Intel could have, theoretically, moved the manufacturing of the new chips overseas to a low-wage country. Manufacturing jobs have been flowing overseas: From 2001 to the middle of last year, the U.S. lost about 2.3 million manufacturing jobs, according to a Congressional Research Service report (PDF document).
Foreign nations are also offering Intel hundreds of millions of dollars in incentives. But the labor savings and financial incentives don't offset the capability that the company has here, says Otellini.
Analysts agree. "One of Intel's tremendous strengths is process control [in making chips]," said Leslie Fiering, an analyst at Gartner Inc. The company has a high level of quality assurance that it can scale, she said. "This is a major technology skill" that would cost huge amounts of time and money to transfer, Fiering said.
Much of that skill level is a product of the talent coming from U.S. universities, a point made today by Otellini, who urged investment in education. Intel employs about 45,000 people in the U.S.
"Our standard of living doesn't allow us to compete for low-wage jobs," said Otellini, who added that the biggest threat to the U.S. was an erosion of education.
Intel made today's announcement in Washington, which, as part of its stimulus plan, is also about to pump billions of dollars of new spending on broadband, IT and a variety of programs likely to increase demand for IT and products made by Intel.
Otellini pointed to many areas in the more than $800 billion in the stimulus plan that he supports, while also calling for a "culture of investment."
It's an argument he appears to have backed up with his own $7 billion investment today.
By Patrick Thibodeau
Computerworld
Then, along comes Intel Corp. today, announcing a plan to spend $7 billion to upgrade its manufacturing in the U.S. -- a move that will retain or create about 7,000 jobs.
Intel is facing the same economic headwind slowing down all tech companies, and its revenues dropped 23% in the last quarter.
But CEO Paul Otellini detailed investment plans for facilities in Oregon, Arizona and New Mexico -- and not in China.
There are a lot of reasons why Intel may want to move quickly to build manufacturing capability for its next-generation 32-nanometer chips, and why the U.S. remains the best place to make them, according to analysts.
Frank Gillett, an analyst at Forrester Research Inc., said Intel's road map for producing the new processors was established long ago, and not moving ahead with this plan would have meant breaking the schedule, exposing the company to competitive risks.
The new chips, code-named Westmere, won't appear in servers until the end of this year or early next year, and by then, business spending on technology may be rebounding, said Gillett. "It would be hard to argue that they shouldn't be making this investment," he said.
Intel could have, theoretically, moved the manufacturing of the new chips overseas to a low-wage country. Manufacturing jobs have been flowing overseas: From 2001 to the middle of last year, the U.S. lost about 2.3 million manufacturing jobs, according to a Congressional Research Service report (PDF document).
Foreign nations are also offering Intel hundreds of millions of dollars in incentives. But the labor savings and financial incentives don't offset the capability that the company has here, says Otellini.
Analysts agree. "One of Intel's tremendous strengths is process control [in making chips]," said Leslie Fiering, an analyst at Gartner Inc. The company has a high level of quality assurance that it can scale, she said. "This is a major technology skill" that would cost huge amounts of time and money to transfer, Fiering said.
Much of that skill level is a product of the talent coming from U.S. universities, a point made today by Otellini, who urged investment in education. Intel employs about 45,000 people in the U.S.
"Our standard of living doesn't allow us to compete for low-wage jobs," said Otellini, who added that the biggest threat to the U.S. was an erosion of education.
Intel made today's announcement in Washington, which, as part of its stimulus plan, is also about to pump billions of dollars of new spending on broadband, IT and a variety of programs likely to increase demand for IT and products made by Intel.
Otellini pointed to many areas in the more than $800 billion in the stimulus plan that he supports, while also calling for a "culture of investment."
It's an argument he appears to have backed up with his own $7 billion investment today.
By Patrick Thibodeau
Computerworld
Internet Explorer 8 Offers Improved Privacy and Security
Internet Explorer has recently been losing market share to upstarts like Mozilla's Firefox, Apple's Safari, and Google's Chrome beta, but Microsoft hopes to reverse the tide with Internet Explorer 8, which is due out this summer. My conclusion after a close examination of the four browsers: As matters stand, IE 8 seems likely to be the easiest to deploy and maintain over a large or small network.
In addition, IE 8's capabilities will either match or exceed those of the other browsers. Here's a comparative look at some of the key features to be included in IE 8, and a discussion of why companies may be better off using IE 8 than one of the other browsers.
Easy to Deploy
IE 8 appears to be especially well suited for companies that want to adopt a browser across large network. In particular, Microsoft has equipped IE 8 with built-in deployment features, based on the company's existing deployment and update platforms. In contrast, Mozilla relies on third-party Firefox client customization add-ons such as FrontMotion Firefox MSI, CCK Wizard, or FirefoxADM; and Safari and Chrome don't as yet offer network-wide client customization deployment options at all.
Microsoft has been hyping IE 8's ability to switch automatically to IE 7 compatibility mode when necessary. But that's because IE versions 7 and earlier often didn't follow Web standards, and this failure to conform forced Web developers to code their pages differently in order to render on IE. Once deployed across a network, IE 8 won't break corporate intranet: Internal or intranet Web sites will automatically default to IE 7 compatibility so that businesses won't have to rewrite their inward-facing corporate pages. Similarly, Web surfing or external browsing in IE 8 will default to the new "standards mode" as well. Since Firefox, Chrome, and Safari have more or less conformed to Web standards over the years, they don't require this compatibility mode.
Taking a page from Google Chrome, IE 8 will offer built-in tab crash protection. In the event of a page fault, only the affected tab and not the entire browser will crash. The current versions of Firefox and Safari lack this isolation feature. Firefox will, however, restore the entire browser session after a browser crash; a similar feature in Safari called 'Reopen All Windows from Last Session' lets you restore previous browser windows whether or not the session ended with a crash.
Better Productivity
Though Microsoft took its time before embracing tabbed browsing, IE 8 is set to make significant strides in this area. As links on a page open new tabs, color-coded related tabs appear alongside the original. Chrome, Firefox, and Safari do not offer this capability. On the other hand, Chrome, Safari, and Firefox 3.1 can pull a tab out of the browser and create a new, stand-alone browser session; IE 8 won't be able to do this. IE 8 will offer some nice features within a tab, though: When you open a new tab, the browser will give you the option to reopen a closed tab or to restore your previous browsing session, among other choices.
Also unique to IE 8 will be "accelerators"--shortcuts to services that open within a given Web page. Instead of cutting and pasting to another tab, you may simply highlight the text and click the blue Accelerator icon to open blog, e-mail, map, search, and even translation services on the page you're currently viewing. This page-within-a-page feature is unavailable as yet from Firefox (without add-ons), Chrome, or Safari.
Web Slices, another unique feature, is designed to monitor a specific section of a Web page--a weather radar image, say, or an eBay auction--without requiring you to revisit the page. You'll simply select the page element and drag it to your toolbar to view as needed. Companies may be able to use Web Slices for intranet messaging and access to company services.
Mozilla dubbed its address bar in Firefox 3 the 'Awesome Bar' because it displays URL suggestions drawn from browser history and bookmarks. IE 8 will have its own awesome bar, with the unique ability to delete these suggestions--something Firefox doesn't offer. Deleting suggestions may help prevent over-the-shoulder snooping and assuage privacy concerns regarding a shared computer.
Private Browsing
If you share a computer with others, you may prefer that sites you visit not be added to your browser's history, or that any new cookies created be deleted when your browsing session ends. Safari was the first browser to offer Private Browsing. Chrome has answered with Incognito, and Firefox plans to add some form of private browsing to its Firefox 3.1 release.
With IE 8, Microsoft will introduce In Private browsing. Both IE 8 (when it is released) and Chrome (now) display visual indicators--icons in the upper lefthand corner--to signal when you're in a private session. Safari offers no visual cues, and Firefox hasn't said what UI changes it plans to make. With private browsing, all client-side evidence of your surfing session should disappear when the session ends, though records of your visits will remain on external Web servers.
The private browsing feature appears to provide secrecy, but both Apple and Microsoft maintain a cache that includes Private Browsing sessions. Is that a contradiction? No. Apple uses a DS cache so that the Safari browser doesn't have to request DNS information continually on frequently accessed sites. IE 8 will save information about your In Private sessions for sites that may be collecting information about your visits. Both Apple and Microsoft say that you can delete these caches through configuration options, however.
Better Security
Perhaps the most vexing aspect of past versions of Internet Explorer has been the browser's poor security. Here, too, Microsoft has made significant gains on the competition, starting with its 'Trustworthy Computing' inspection of lines of code. Both IE 8 (running in Protected Mode) and Chrome will run at low integrity, meaning that they can't launch applications without the user's express permission. And both browsers are designed to use 'Data Execution Prevention' and 'Address Space Layout Representation' to protect against remotely executing malware. Neither Firefox nor Safari offers similar protection.
All of the new browsers support Extended Verification SSL, a way of further establishing trust in a site you are visiting. Only Safari doesn't change its address bar to green to signal the extra security. And all four browsers include antiphishing protection, though Safari 3.2 stops there and doesn't yet offer antimalware protection.
Cross-Site Scripting and Other Demons
Cross-site scripting (aka "XSS") attacks occur when a malicious Web site uses Javascipt to read or write data onto another Web site. Unlike the three competing browsers, IE 8 will offer built-in XSS protection. Firefox recommends that users install No Script, a third-party add-on. So far, Chrome and Safari don't offer XSS-specific protection.
"Clickjacking," a term coined by security researchers Jeremiah Grossman of WhiteHat Security and Robert Hansen of SecTheory, refers to a less common but sinister practice: Bad guys trick a user into clicking a concealed link and performing unknown actions, such as activating a peripheral device like a Webcam or deleting data from a Webmail site. Since the attack uses a common coding procedure, Microsoft says that the best way to defeat it is for developers to add a special tag--X-FRAME-OPTIONS--that IE 8 will use to filter clickjacking attempts. Firefox recommends using the No Script add-on to ward off clickjacking attempts. Chrome and Safari do not offer specific protection against clickjacking.
In light of its robust new features and the ease with which it can be deployed, IE 8 appears poised to be the most network-ready browser of the bunch. Organizations currently running Internet Explorer should definitely upgrade to IE 8 when Microsoft releases it, and those that have migrated away from Internet Explorer should evaluate the productivity and security benefits they stand to gain by returning.
Rob Vamosi, PC World
In addition, IE 8's capabilities will either match or exceed those of the other browsers. Here's a comparative look at some of the key features to be included in IE 8, and a discussion of why companies may be better off using IE 8 than one of the other browsers.
Easy to Deploy
IE 8 appears to be especially well suited for companies that want to adopt a browser across large network. In particular, Microsoft has equipped IE 8 with built-in deployment features, based on the company's existing deployment and update platforms. In contrast, Mozilla relies on third-party Firefox client customization add-ons such as FrontMotion Firefox MSI, CCK Wizard, or FirefoxADM; and Safari and Chrome don't as yet offer network-wide client customization deployment options at all.
Microsoft has been hyping IE 8's ability to switch automatically to IE 7 compatibility mode when necessary. But that's because IE versions 7 and earlier often didn't follow Web standards, and this failure to conform forced Web developers to code their pages differently in order to render on IE. Once deployed across a network, IE 8 won't break corporate intranet: Internal or intranet Web sites will automatically default to IE 7 compatibility so that businesses won't have to rewrite their inward-facing corporate pages. Similarly, Web surfing or external browsing in IE 8 will default to the new "standards mode" as well. Since Firefox, Chrome, and Safari have more or less conformed to Web standards over the years, they don't require this compatibility mode.
Taking a page from Google Chrome, IE 8 will offer built-in tab crash protection. In the event of a page fault, only the affected tab and not the entire browser will crash. The current versions of Firefox and Safari lack this isolation feature. Firefox will, however, restore the entire browser session after a browser crash; a similar feature in Safari called 'Reopen All Windows from Last Session' lets you restore previous browser windows whether or not the session ended with a crash.
Better Productivity
Though Microsoft took its time before embracing tabbed browsing, IE 8 is set to make significant strides in this area. As links on a page open new tabs, color-coded related tabs appear alongside the original. Chrome, Firefox, and Safari do not offer this capability. On the other hand, Chrome, Safari, and Firefox 3.1 can pull a tab out of the browser and create a new, stand-alone browser session; IE 8 won't be able to do this. IE 8 will offer some nice features within a tab, though: When you open a new tab, the browser will give you the option to reopen a closed tab or to restore your previous browsing session, among other choices.
Also unique to IE 8 will be "accelerators"--shortcuts to services that open within a given Web page. Instead of cutting and pasting to another tab, you may simply highlight the text and click the blue Accelerator icon to open blog, e-mail, map, search, and even translation services on the page you're currently viewing. This page-within-a-page feature is unavailable as yet from Firefox (without add-ons), Chrome, or Safari.
Web Slices, another unique feature, is designed to monitor a specific section of a Web page--a weather radar image, say, or an eBay auction--without requiring you to revisit the page. You'll simply select the page element and drag it to your toolbar to view as needed. Companies may be able to use Web Slices for intranet messaging and access to company services.
Mozilla dubbed its address bar in Firefox 3 the 'Awesome Bar' because it displays URL suggestions drawn from browser history and bookmarks. IE 8 will have its own awesome bar, with the unique ability to delete these suggestions--something Firefox doesn't offer. Deleting suggestions may help prevent over-the-shoulder snooping and assuage privacy concerns regarding a shared computer.
Private Browsing
If you share a computer with others, you may prefer that sites you visit not be added to your browser's history, or that any new cookies created be deleted when your browsing session ends. Safari was the first browser to offer Private Browsing. Chrome has answered with Incognito, and Firefox plans to add some form of private browsing to its Firefox 3.1 release.
With IE 8, Microsoft will introduce In Private browsing. Both IE 8 (when it is released) and Chrome (now) display visual indicators--icons in the upper lefthand corner--to signal when you're in a private session. Safari offers no visual cues, and Firefox hasn't said what UI changes it plans to make. With private browsing, all client-side evidence of your surfing session should disappear when the session ends, though records of your visits will remain on external Web servers.
The private browsing feature appears to provide secrecy, but both Apple and Microsoft maintain a cache that includes Private Browsing sessions. Is that a contradiction? No. Apple uses a DS cache so that the Safari browser doesn't have to request DNS information continually on frequently accessed sites. IE 8 will save information about your In Private sessions for sites that may be collecting information about your visits. Both Apple and Microsoft say that you can delete these caches through configuration options, however.
Better Security
Perhaps the most vexing aspect of past versions of Internet Explorer has been the browser's poor security. Here, too, Microsoft has made significant gains on the competition, starting with its 'Trustworthy Computing' inspection of lines of code. Both IE 8 (running in Protected Mode) and Chrome will run at low integrity, meaning that they can't launch applications without the user's express permission. And both browsers are designed to use 'Data Execution Prevention' and 'Address Space Layout Representation' to protect against remotely executing malware. Neither Firefox nor Safari offers similar protection.
All of the new browsers support Extended Verification SSL, a way of further establishing trust in a site you are visiting. Only Safari doesn't change its address bar to green to signal the extra security. And all four browsers include antiphishing protection, though Safari 3.2 stops there and doesn't yet offer antimalware protection.
Cross-Site Scripting and Other Demons
Cross-site scripting (aka "XSS") attacks occur when a malicious Web site uses Javascipt to read or write data onto another Web site. Unlike the three competing browsers, IE 8 will offer built-in XSS protection. Firefox recommends that users install No Script, a third-party add-on. So far, Chrome and Safari don't offer XSS-specific protection.
"Clickjacking," a term coined by security researchers Jeremiah Grossman of WhiteHat Security and Robert Hansen of SecTheory, refers to a less common but sinister practice: Bad guys trick a user into clicking a concealed link and performing unknown actions, such as activating a peripheral device like a Webcam or deleting data from a Webmail site. Since the attack uses a common coding procedure, Microsoft says that the best way to defeat it is for developers to add a special tag--X-FRAME-OPTIONS--that IE 8 will use to filter clickjacking attempts. Firefox recommends using the No Script add-on to ward off clickjacking attempts. Chrome and Safari do not offer specific protection against clickjacking.
In light of its robust new features and the ease with which it can be deployed, IE 8 appears poised to be the most network-ready browser of the bunch. Organizations currently running Internet Explorer should definitely upgrade to IE 8 when Microsoft releases it, and those that have migrated away from Internet Explorer should evaluate the productivity and security benefits they stand to gain by returning.
Rob Vamosi, PC World
Monday, February 9, 2009
Microsoft dumps Ultimate Extras from Windows 7
Microsoft Corp. will not offer "Ultimate Extras" in Windows 7, the company has confirmed, saying it abandoned the heavily criticized concept to focus on "existing features."
"Our new approach to planning and building Windows doesn't have the capacity to continue to deliver features outside the regular release cycle," a company spokeswoman said in response to questions about Windows 7. "While our core development team is focused on building the next release; our sustained engineering team is focused on updates to existing features. As a result, we don't plan to create Ultimate Extras."
Microsoft said last week that it will deliver a Windows 7 Ultimate edition as part of the new operating system release, but it has not spelled out in detail any of the six versions' feature lists.
Ultimate Extras was among the elements Microsoft cited in the months leading up to the early-2007 release of Windows Vista Ultimate to distinguish it from lower-priced versions. According to Microsoft's marketing, Extras was to be "cutting-edge programs, innovative services and unique publications" that would be regularly offered only to users of Vista's highest-priced edition.
READ THIS WHITEPAPER: Discover the trend from Unix to Linux in SAP Data Centers in this white paper from Novell.
But users blasted Microsoft for the paltry number of add-ons it released and its leisurely development pace. Just five months after Vista was launched, critics started to complain, which led Microsoft to promise that it would do better.
Two months later, however, users again pounded Microsoft on blogs and the company's own support forums as its self-imposed deadline for delivering more add-ons came and went without any new downloads.
Currently, Microsoft barely mentions Extras in the online pitch for Vista Ultimate, where the feature has been relegated to a short paragraph at the end of a long list. "Sometimes you feel like a grown-up kid," it reads. "You love gadgets and anything that makes your computer more interactive. Windows Vista Ultimate Extras offer you additional security features and games that make Windows more fun and easier to use."
A company blog dedicated to Ultimate Extras, where company employees occasionally posted news of the feature, is no longer online. It was also a magnet for critics.
The last time that Microsoft offered new Extras to Vista Ultimate users was in September 2008, when it released a puzzle game, Windows Tinker; a sound effects package to go with the game; and a trio of DreamScene video screensavers.
By Gregg Keizer
"Our new approach to planning and building Windows doesn't have the capacity to continue to deliver features outside the regular release cycle," a company spokeswoman said in response to questions about Windows 7. "While our core development team is focused on building the next release; our sustained engineering team is focused on updates to existing features. As a result, we don't plan to create Ultimate Extras."
Microsoft said last week that it will deliver a Windows 7 Ultimate edition as part of the new operating system release, but it has not spelled out in detail any of the six versions' feature lists.
Ultimate Extras was among the elements Microsoft cited in the months leading up to the early-2007 release of Windows Vista Ultimate to distinguish it from lower-priced versions. According to Microsoft's marketing, Extras was to be "cutting-edge programs, innovative services and unique publications" that would be regularly offered only to users of Vista's highest-priced edition.
READ THIS WHITEPAPER: Discover the trend from Unix to Linux in SAP Data Centers in this white paper from Novell.
But users blasted Microsoft for the paltry number of add-ons it released and its leisurely development pace. Just five months after Vista was launched, critics started to complain, which led Microsoft to promise that it would do better.
Two months later, however, users again pounded Microsoft on blogs and the company's own support forums as its self-imposed deadline for delivering more add-ons came and went without any new downloads.
Currently, Microsoft barely mentions Extras in the online pitch for Vista Ultimate, where the feature has been relegated to a short paragraph at the end of a long list. "Sometimes you feel like a grown-up kid," it reads. "You love gadgets and anything that makes your computer more interactive. Windows Vista Ultimate Extras offer you additional security features and games that make Windows more fun and easier to use."
A company blog dedicated to Ultimate Extras, where company employees occasionally posted news of the feature, is no longer online. It was also a magnet for critics.
The last time that Microsoft offered new Extras to Vista Ultimate users was in September 2008, when it released a puzzle game, Windows Tinker; a sound effects package to go with the game; and a trio of DreamScene video screensavers.
By Gregg Keizer
EMC, Microsoft extend partnership on virtualization, more
EMC and Microsoft have extended a partnership that focuses on interoperability of products related to virtualization, security and content management, the companies announced this week.
Despite a heated rivalry in the virtualization market between EMC-owned VMware and Microsoft, the partnership is a mutually beneficial one that should deliver real results to customers, writes Pund-IT analyst Charles King.
"Both companies are developing centralized data center and information management solutions, a critical value proposition for client organizations struggling with ever-expanding information assets and ever-increasing IT infrastructure complexity," King writes. "Perhaps more importantly, the two are also following paths that have led them far beyond their traditional areas of interest and expertise. Such a similarity of evolutionary intent can occasionally, as in the case of EMC and Microsoft, result in competitive and cultural overlaps that are beneficial for customers."
EMC and Microsoft extended their partnership through 2011, and company CEOs Joe Tucci and Steve Ballmer shared the stage at an event in New York City announcing the deal. "The two companies are committing to broader and deeper product interoperability and service delivery to address key customer requirements including virtualization, security and content management," the companies stated in a press release.
Use these best practices to meet the key requirements of a Data Loss Prevention solution. Read this whitepaper
The main pieces are Microsoft's data center products and productivity applications and EMC's storage technology and consulting. For example, the companies said EMC's technology is ideal for storage, protection and management of information in data centers that rely on Microsoft's Hyper-V virtualization technology. Also, EMC's Documentum content management software can be linked to Microsoft applications such as SharePoint, Outlook and SQL Server.
Going forward, EMC plans to build products that leverage and extend the capabilities of Microsoft Office SharePoint, letting customers use Microsoft interfaces to access business processes and workflows relying upon content stored and protected by EMC.
Also, Microsoft will expand integration of EMC's RSA data-loss prevention technology (DLP) into its own products to improve monitoring of sensitive data and to block unauthorized use, the companies said. (Compare Data Leak Protection products) Already, the RSA DLP Suite 6.5 has been designed for interoperability with Microsoft Active Directory Rights Management Services.
In addition to technology benefits, King says the extension of the partnership shows customers that the companies are still willing to cooperate despite competing aggressively in areas such as server virtualization. "At a time of increasing economic uncertainty, the last thing enterprises need is to worry about their favored vendors coming, figuratively, to blows," King writes.
By Jon Brodkin
Despite a heated rivalry in the virtualization market between EMC-owned VMware and Microsoft, the partnership is a mutually beneficial one that should deliver real results to customers, writes Pund-IT analyst Charles King.
"Both companies are developing centralized data center and information management solutions, a critical value proposition for client organizations struggling with ever-expanding information assets and ever-increasing IT infrastructure complexity," King writes. "Perhaps more importantly, the two are also following paths that have led them far beyond their traditional areas of interest and expertise. Such a similarity of evolutionary intent can occasionally, as in the case of EMC and Microsoft, result in competitive and cultural overlaps that are beneficial for customers."
EMC and Microsoft extended their partnership through 2011, and company CEOs Joe Tucci and Steve Ballmer shared the stage at an event in New York City announcing the deal. "The two companies are committing to broader and deeper product interoperability and service delivery to address key customer requirements including virtualization, security and content management," the companies stated in a press release.
Use these best practices to meet the key requirements of a Data Loss Prevention solution. Read this whitepaper
The main pieces are Microsoft's data center products and productivity applications and EMC's storage technology and consulting. For example, the companies said EMC's technology is ideal for storage, protection and management of information in data centers that rely on Microsoft's Hyper-V virtualization technology. Also, EMC's Documentum content management software can be linked to Microsoft applications such as SharePoint, Outlook and SQL Server.
Going forward, EMC plans to build products that leverage and extend the capabilities of Microsoft Office SharePoint, letting customers use Microsoft interfaces to access business processes and workflows relying upon content stored and protected by EMC.
Also, Microsoft will expand integration of EMC's RSA data-loss prevention technology (DLP) into its own products to improve monitoring of sensitive data and to block unauthorized use, the companies said. (Compare Data Leak Protection products) Already, the RSA DLP Suite 6.5 has been designed for interoperability with Microsoft Active Directory Rights Management Services.
In addition to technology benefits, King says the extension of the partnership shows customers that the companies are still willing to cooperate despite competing aggressively in areas such as server virtualization. "At a time of increasing economic uncertainty, the last thing enterprises need is to worry about their favored vendors coming, figuratively, to blows," King writes.
By Jon Brodkin
Mac clone maker wins legal round against Apple
A federal judge last week ruled that Psystar Corp. can continue its countersuit against Apple Inc., giving the Mac clone maker a rare win in its seven-month-old battle with Apple.
He also hinted that if Psystar proves its allegations, others may then be free to sell computers with Mac OS X already installed.
In an order signed on Friday, U.S. District Court Judge William Alsup gave Psystar the go-ahead to amend its lawsuit against Apple. According to Alsup, Psystar may change that countersuit, which originally accused Apple of breaking antitrust laws, to instead ague that Apple has stretched copyright laws by tying the Mac operating system to its hardware.
Alsup had tossed Psystar's antitrust charges in November 2008 but left the door open to a modified complaint. Psystar took advantage of the opportunity and filed a revised lawsuit in mid-December. Apple, however, had hoped to quash Psystar's revision, saying that the Miami-based company "attempts to repackage its dismissed antitrust allegations under the guise of copyright misuse."
Use these best practices to meet the key requirements of a Data Loss Prevention solution. Read this whitepaper
On Friday, Alsup said that Psystar could continue to press its once-dismissed case. "Psystar may well have a legitimate interest in establishing misuse [of copyright] independent of Apple's claims against it -- for example, to clarify the risks it confronts by marketing the products at issue in this case or others it may wish to develop," Alsup said in his ruling.
Apple started the legal wrangling in July when it said Psystar broke copyright and software-licensing laws by selling Intel-based computers with Mac OS X 10.5 preinstalled. Psystar has been selling machines equipped with Apple's operating system since April 2008.
Alsup also said that if Psystar proves that Apple abused copyright laws, some of Apple's charges against the company would be moot. He also seemed to say that that others would then be free to follow in Psystar's footsteps. "Moreover, if established, misuse would bar enforcement (for the period of misuse) not only as to defendants who are actually party to the challenged license but also as to potential defendants not themselves injured by the misuse who may have similar interests," said Alsup in his ruling.
The judge did not name the "potential defendants," but in previous filings, Apple has claimed that Psystar was not acting alone. "Persons other than Psystar are involved in Psystar's unlawful and improper activities described in this amended complaint," said Apple in a November filing. At the time, Apple only referred to those individuals or corporations as John Does 1 through 10.
Apple said it would reveal the names when it uncovered them.
Alsup also acknowledged Apple's argument that it had the right to decide how its software was licensed and used, but said that that would have to be decided as the case plays out. He did reject Psystar's attempt to include state unfair-competition charges in its countersuit, however.
Psystar has a week to submit its altered counterclaims, after which Apple must answer within 20 days. Alsup also told the two parties to get to work. "Both sides should be taking discovery and preparing themselves for trial and/or summary judgment," the judge concluded.
The case is currently scheduled to begin trial on Nov. 9.
By Gregg Keizer
computerworld
He also hinted that if Psystar proves its allegations, others may then be free to sell computers with Mac OS X already installed.
In an order signed on Friday, U.S. District Court Judge William Alsup gave Psystar the go-ahead to amend its lawsuit against Apple. According to Alsup, Psystar may change that countersuit, which originally accused Apple of breaking antitrust laws, to instead ague that Apple has stretched copyright laws by tying the Mac operating system to its hardware.
Alsup had tossed Psystar's antitrust charges in November 2008 but left the door open to a modified complaint. Psystar took advantage of the opportunity and filed a revised lawsuit in mid-December. Apple, however, had hoped to quash Psystar's revision, saying that the Miami-based company "attempts to repackage its dismissed antitrust allegations under the guise of copyright misuse."
Use these best practices to meet the key requirements of a Data Loss Prevention solution. Read this whitepaper
On Friday, Alsup said that Psystar could continue to press its once-dismissed case. "Psystar may well have a legitimate interest in establishing misuse [of copyright] independent of Apple's claims against it -- for example, to clarify the risks it confronts by marketing the products at issue in this case or others it may wish to develop," Alsup said in his ruling.
Apple started the legal wrangling in July when it said Psystar broke copyright and software-licensing laws by selling Intel-based computers with Mac OS X 10.5 preinstalled. Psystar has been selling machines equipped with Apple's operating system since April 2008.
Alsup also said that if Psystar proves that Apple abused copyright laws, some of Apple's charges against the company would be moot. He also seemed to say that that others would then be free to follow in Psystar's footsteps. "Moreover, if established, misuse would bar enforcement (for the period of misuse) not only as to defendants who are actually party to the challenged license but also as to potential defendants not themselves injured by the misuse who may have similar interests," said Alsup in his ruling.
The judge did not name the "potential defendants," but in previous filings, Apple has claimed that Psystar was not acting alone. "Persons other than Psystar are involved in Psystar's unlawful and improper activities described in this amended complaint," said Apple in a November filing. At the time, Apple only referred to those individuals or corporations as John Does 1 through 10.
Apple said it would reveal the names when it uncovered them.
Alsup also acknowledged Apple's argument that it had the right to decide how its software was licensed and used, but said that that would have to be decided as the case plays out. He did reject Psystar's attempt to include state unfair-competition charges in its countersuit, however.
Psystar has a week to submit its altered counterclaims, after which Apple must answer within 20 days. Alsup also told the two parties to get to work. "Both sides should be taking discovery and preparing themselves for trial and/or summary judgment," the judge concluded.
The case is currently scheduled to begin trial on Nov. 9.
By Gregg Keizer
computerworld
Friday, February 6, 2009
Bill Gates Releases Bugs Into the Wild
Bill Gates was at it again this week: Releasing bugs into the wild. "Not only poor people should experience this," the Microsoft founder said as he opened a jar containing mosquitoes during a talk Wednesday at the Technology Entertainment Design conference in Long Beach, California. The stunt drove many of the Technorati gathered right to their Twitter pages
Entrepreneur Loic Le Meur tweeted, "Bill Gates released mosquitoes at #TED we're all leaving the room and getting sick." Ebay founder and chairman Pierre Omidayr posted, "That's it, I'm not sitting up front anymore."
The Microsoft founder was trying to drive home the serious threat malaria poses to the impoverished masses around the world. Malaria is a virus transmitted through mosquito bites and is most prevalent in Africa and South East Asia. The software maker turned philanthropist is spearheading an effort through the Bill and Melinda Gates Foundation to significantly reduce malaria-related deaths by 2015, and ultimately eradicate the disease.
While some, like Le Meur, may have fled the room during Gates' stunt, I have it on good authority that most Mac users remained in the room, confident the mosquitoes would have no effect on them. According to reports, the mosquitoes Gates used were virus-free; however, we could not reach security representatives at Symantec to confirm there was no threat.
Apparently irony was in full swing yesterday at TED. In addition to a talk from Microsoft's founder about battling a problematic virus, Chris Anderson read questions for Gates from audience members . . . on a Mac.
Ian Paul,pcworld
Entrepreneur Loic Le Meur tweeted, "Bill Gates released mosquitoes at #TED we're all leaving the room and getting sick." Ebay founder and chairman Pierre Omidayr posted, "That's it, I'm not sitting up front anymore."
The Microsoft founder was trying to drive home the serious threat malaria poses to the impoverished masses around the world. Malaria is a virus transmitted through mosquito bites and is most prevalent in Africa and South East Asia. The software maker turned philanthropist is spearheading an effort through the Bill and Melinda Gates Foundation to significantly reduce malaria-related deaths by 2015, and ultimately eradicate the disease.
While some, like Le Meur, may have fled the room during Gates' stunt, I have it on good authority that most Mac users remained in the room, confident the mosquitoes would have no effect on them. According to reports, the mosquitoes Gates used were virus-free; however, we could not reach security representatives at Symantec to confirm there was no threat.
Apparently irony was in full swing yesterday at TED. In addition to a talk from Microsoft's founder about battling a problematic virus, Chris Anderson read questions for Gates from audience members . . . on a Mac.
Ian Paul,pcworld
Microsoft caves in, will change Windows 7 UAC
Admits mistake, bows to critics by adding prompt to ensure hackers can't silence warning
Reacting to intense criticism of an important security feature in Windows 7, Microsoft Corp. today said it will change the behavior of User Account Control (UAC) in Windows 7's release candidate.
"We are going to deliver two changes to the Release Candidate that we'll all see," said John DeVaan and Steven Sinofsky, two Microsoft executives responsible for Windows' development, in the second of two posts to the Engineering Windows 7 blog today.
"First, the UAC control panel will run in a high integrity process, which requires elevation," said DeVaan and Sinofsky. "Second, changing the level of the UAC will also prompt for confirmation."
The changes, they said, were prompted by feedback from users, including comments appended to an earlier post Thursday by DeVaan in which he defended the modifications Microsoft made to UAC in Windows 7.
"Our dialog is at that point where many do not feel listened to and also many feel various viewpoints are not well-informed," DeVaan and Sinofsky said in the later blog post. "That's not the dialog we set out to have and we're going to do our best to improve."
The UAC feature, which debuted in 2007 as part of Windows Vista, but was altered to reduce the number of prompts in Windows 7, has been under fire since last week, when two Windows bloggers, Rafael Rivera and Long Zheng, first reported that it could easily be disabled by attackers.
Yesterday, they followed up with more information about how hackers could piggyback on UAC-approved applications to fool Windows 7 into giving a malicious payload full administrative rights.
"This is definitely the result we've been looking for," Long said in a e-mail late Thursday. "[But] I'm a little bit shocked at just how quickly Microsoft has turned around, considering they made a post not 12 hours earlier stating that they would not change their position."
Rivera, Long, and others urged Microsoft to reconsider the default setting of UAC in Windows 7. That default, which DeVaan said Microsoft had selected because people running Windows balked at dealing with more than two security prompts per day, was to "Notify me only when programs try to make changes to my computer."
Microsoft, however, won't be taking that tack. Instead, the next public version of Windows 7 -- dubbed "RC" for release candidate -- will prompt the user before allowing any changes to UAC settings. "The way we're going to think about this [is] that the UAC setting is something like a password, and to change your password you need to enter your old password," DeVaan and Sinofsky said today.
Microsoft has not spelled out a Windows 7 RC timetable, but Sinofsky reiterated last week that the development process was moving straight from the public beta, which was launched Jan. 10, to the release candidate. In the past, the company has delivered multiple betas before moving to the RC milestone.
The other change to be implemented in Windows 7 RC will effectively render moot the proof-of-concept attack that Rivera and Long published last week, which silently disables UAC. "That was already in the works before this discussion and doing this prevents all the mechanics around SendKeys and the like from working," DeVaan and Sinofsky said.
They didn't issue an apology for the dust-up, but said Microsoft had erred when deciding how to implement UAC in Windows 7. "We said we thought we were bound to make a mistake in the process of designing and blogging about Windows 7."
"We want to continue the dialog and hopefully everyone recognizes that engineering, perhaps especially engineering Windows 7, is sometimes going to be a lively discussion with a broad spectrum of viewpoints," they said.
One security professional praised Microsoft's move. "This goes back to what beta programs are supposed to provide, feedback from a real audience," said Andrew Storms, director of security operations at nCircle Network Security Inc.
"This was an obvious design flaw, and for them to say they simply weren't going to fix it, that was the real problem," Storms said. "I think they realized that they needed to do something, more over the concern about their reaction than to the vulnerability itself."
By Gregg Keizer,computerworld
Reacting to intense criticism of an important security feature in Windows 7, Microsoft Corp. today said it will change the behavior of User Account Control (UAC) in Windows 7's release candidate.
"We are going to deliver two changes to the Release Candidate that we'll all see," said John DeVaan and Steven Sinofsky, two Microsoft executives responsible for Windows' development, in the second of two posts to the Engineering Windows 7 blog today.
"First, the UAC control panel will run in a high integrity process, which requires elevation," said DeVaan and Sinofsky. "Second, changing the level of the UAC will also prompt for confirmation."
The changes, they said, were prompted by feedback from users, including comments appended to an earlier post Thursday by DeVaan in which he defended the modifications Microsoft made to UAC in Windows 7.
"Our dialog is at that point where many do not feel listened to and also many feel various viewpoints are not well-informed," DeVaan and Sinofsky said in the later blog post. "That's not the dialog we set out to have and we're going to do our best to improve."
The UAC feature, which debuted in 2007 as part of Windows Vista, but was altered to reduce the number of prompts in Windows 7, has been under fire since last week, when two Windows bloggers, Rafael Rivera and Long Zheng, first reported that it could easily be disabled by attackers.
Yesterday, they followed up with more information about how hackers could piggyback on UAC-approved applications to fool Windows 7 into giving a malicious payload full administrative rights.
"This is definitely the result we've been looking for," Long said in a e-mail late Thursday. "[But] I'm a little bit shocked at just how quickly Microsoft has turned around, considering they made a post not 12 hours earlier stating that they would not change their position."
Rivera, Long, and others urged Microsoft to reconsider the default setting of UAC in Windows 7. That default, which DeVaan said Microsoft had selected because people running Windows balked at dealing with more than two security prompts per day, was to "Notify me only when programs try to make changes to my computer."
Microsoft, however, won't be taking that tack. Instead, the next public version of Windows 7 -- dubbed "RC" for release candidate -- will prompt the user before allowing any changes to UAC settings. "The way we're going to think about this [is] that the UAC setting is something like a password, and to change your password you need to enter your old password," DeVaan and Sinofsky said today.
Microsoft has not spelled out a Windows 7 RC timetable, but Sinofsky reiterated last week that the development process was moving straight from the public beta, which was launched Jan. 10, to the release candidate. In the past, the company has delivered multiple betas before moving to the RC milestone.
The other change to be implemented in Windows 7 RC will effectively render moot the proof-of-concept attack that Rivera and Long published last week, which silently disables UAC. "That was already in the works before this discussion and doing this prevents all the mechanics around SendKeys and the like from working," DeVaan and Sinofsky said.
They didn't issue an apology for the dust-up, but said Microsoft had erred when deciding how to implement UAC in Windows 7. "We said we thought we were bound to make a mistake in the process of designing and blogging about Windows 7."
"We want to continue the dialog and hopefully everyone recognizes that engineering, perhaps especially engineering Windows 7, is sometimes going to be a lively discussion with a broad spectrum of viewpoints," they said.
One security professional praised Microsoft's move. "This goes back to what beta programs are supposed to provide, feedback from a real audience," said Andrew Storms, director of security operations at nCircle Network Security Inc.
"This was an obvious design flaw, and for them to say they simply weren't going to fix it, that was the real problem," Storms said. "I think they realized that they needed to do something, more over the concern about their reaction than to the vulnerability itself."
By Gregg Keizer,computerworld
Valentine Spam Part of a Junk-mail Resurgence
It's a time for romance, for Cupid's arrow, and perhaps a male enhancement drug from a fake online pharmacy.
Valentine's day spam and scams are showing up in inboxes in anticipation of the upcoming holiday. The messages, with timely sales pitches like "Increase your length, the best valentine's gift," join a flood of other crap mail that has spam levels back up to where they were prior to the McColo shutdown success in November.
In addition to listing other eye-rolling Valentine's spam subjects like "Great watches for your Valentine," Symantec's State of Spam report for the month (pdf) adds to evidence that, as expected, junkmail spreaders have found other ways to spread their spam after McColo, a company that provided Internet homes for many spam spreaders, was cut off. It was a major victory, but one all the experts predicted would be short-lived.
Sadly, the experts were right. According to Symantec's report, spam levels are back up to around 79 percent of all e-mail, just about the levels prior to the McColo takedown.
But that doesn't detract from the major, and relatively rare, victory against the spammer infrastructure. And according to a story from Brian Krebs at Security Fix, the Washing Post writer who was instrumental in getting McColo nailed, there's potential for other wins.
Krebs covers work done by a group called Knujon that shows how most of the Web sites advertised by all this junk mail are registered with only a small handful of domain name registrars (out of 900 or so total, Krebs writes). His post doesn't explicitly come out and say so, but I'd say identifying outfits central to helping spammers is the first step towards cleaning up - or shutting down - those outfits and perhaps scoring another victory against Internet crime. I'll be keeping my fingers crossed.
Erik Larkin,pcworld
Valentine's day spam and scams are showing up in inboxes in anticipation of the upcoming holiday. The messages, with timely sales pitches like "Increase your length, the best valentine's gift," join a flood of other crap mail that has spam levels back up to where they were prior to the McColo shutdown success in November.
In addition to listing other eye-rolling Valentine's spam subjects like "Great watches for your Valentine," Symantec's State of Spam report for the month (pdf) adds to evidence that, as expected, junkmail spreaders have found other ways to spread their spam after McColo, a company that provided Internet homes for many spam spreaders, was cut off. It was a major victory, but one all the experts predicted would be short-lived.
Sadly, the experts were right. According to Symantec's report, spam levels are back up to around 79 percent of all e-mail, just about the levels prior to the McColo takedown.
But that doesn't detract from the major, and relatively rare, victory against the spammer infrastructure. And according to a story from Brian Krebs at Security Fix, the Washing Post writer who was instrumental in getting McColo nailed, there's potential for other wins.
Krebs covers work done by a group called Knujon that shows how most of the Web sites advertised by all this junk mail are registered with only a small handful of domain name registrars (out of 900 or so total, Krebs writes). His post doesn't explicitly come out and say so, but I'd say identifying outfits central to helping spammers is the first step towards cleaning up - or shutting down - those outfits and perhaps scoring another victory against Internet crime. I'll be keeping my fingers crossed.
Erik Larkin,pcworld
Microsoft to Roll Out Two Critical Patches for IE, Exchange
Microsoft Thursday said it will deliver four security updates on Tuesday, two of them pegged "critical," and will finally issue a patch for SQL Server that it's been working on since last April.
The four updates detailed in the advance notice published Thursday will quash bugs in Internet Explorer 7 (IE7); its Exchange mail server software; the Visio application that's part of the Office line-up; and SQL Server. The IE and Exchange vulnerabilities will be labeled critical, the company's highest threat ranking, while the SQL Server and Visio bugs will be marked as "important," one step lower.
Microsoft will release the updates on Feb. 10.
The SQL Server update will fix the vulnerability Microsoft acknowledged in late December 2008, said Andrew Storms , director of security operations at nCircle Network Security Inc. "I did a line-up between the advisory with the affected versions of SQL Server," he said Thursday morning. "It's almost a one-for-one match."
That bug is notable for several reasons. When Microsoft confirmed the vulnerability in a Dec. 22 advisory, it noted that exploit code had been published . Several days later, the company admitted that it first received a report on the bug from Bernhard Mueller of SEC Consult Security, a Vienna-based security consulting company, in April 2008.
Mueller disclosed the bug in early December after he grew tired of Microsoft's silence; he claimed that the company failed to return numerous messages in the two months prior when he asking for an update on the patch's progress.
Some security analysts had expected Microsoft to act faster . In late December, for example, Wolfgang Kandek , chief technology officer at security company Qualys Inc., predicted that Microsoft would deliver a fix "out of band," a term used when patches are issued outside Microsoft's normal once-a-month schedule.
"Three of these are all equally important, at least with the information we have today," Storms said about the IE, Exchange and SQL Server patches. "It all depends on an enterprise's infrastructure."
Companies are always sensitive to Exchange fixes, Storms continued, so the critical fix set for Exchange Server 2000, 2003 and 2007 will be parsed carefully. "Messaging is so important to the enterprise," Storms said, "that they'll want to spend a little extra time making sure the patch works." One plus, he said, is a "Does not require restart" note by Microsoft in Thursday's bulletin.
"That could mean it's not necessarily a giant hole, or that we're just going to get lucky," said Storms. Because they won't have to restart their Exchange servers, IT administrators should be able to deploy the patch more quickly, he said.
"The IE vulnerability has to be something unique to IE7," wagered Storms. According to Microsoft, the critical vulnerability affects only that version of the browser, not IE6 or IE5.01, the latter edition specific to Windows 2000, and the oldest browser that the company still supports with security updates. Storms hesitated to guess what IE7-only issue might be patched. "It could be any number of things," he said. "Could be scripting or the antiphishIng filter."
Microsoft's advance notice reported that the IE7 bug will be rated critical for both Windows XP and Windows Vista, but only "moderate" on Server 2003 and Server 2008.
Microsoft will release February's four updates at approximately 1 p.m. EST Tuesday.
Gregg Keizer, Computerworld
The four updates detailed in the advance notice published Thursday will quash bugs in Internet Explorer 7 (IE7); its Exchange mail server software; the Visio application that's part of the Office line-up; and SQL Server. The IE and Exchange vulnerabilities will be labeled critical, the company's highest threat ranking, while the SQL Server and Visio bugs will be marked as "important," one step lower.
Microsoft will release the updates on Feb. 10.
The SQL Server update will fix the vulnerability Microsoft acknowledged in late December 2008, said Andrew Storms , director of security operations at nCircle Network Security Inc. "I did a line-up between the advisory with the affected versions of SQL Server," he said Thursday morning. "It's almost a one-for-one match."
That bug is notable for several reasons. When Microsoft confirmed the vulnerability in a Dec. 22 advisory, it noted that exploit code had been published . Several days later, the company admitted that it first received a report on the bug from Bernhard Mueller of SEC Consult Security, a Vienna-based security consulting company, in April 2008.
Mueller disclosed the bug in early December after he grew tired of Microsoft's silence; he claimed that the company failed to return numerous messages in the two months prior when he asking for an update on the patch's progress.
Some security analysts had expected Microsoft to act faster . In late December, for example, Wolfgang Kandek , chief technology officer at security company Qualys Inc., predicted that Microsoft would deliver a fix "out of band," a term used when patches are issued outside Microsoft's normal once-a-month schedule.
"Three of these are all equally important, at least with the information we have today," Storms said about the IE, Exchange and SQL Server patches. "It all depends on an enterprise's infrastructure."
Companies are always sensitive to Exchange fixes, Storms continued, so the critical fix set for Exchange Server 2000, 2003 and 2007 will be parsed carefully. "Messaging is so important to the enterprise," Storms said, "that they'll want to spend a little extra time making sure the patch works." One plus, he said, is a "Does not require restart" note by Microsoft in Thursday's bulletin.
"That could mean it's not necessarily a giant hole, or that we're just going to get lucky," said Storms. Because they won't have to restart their Exchange servers, IT administrators should be able to deploy the patch more quickly, he said.
"The IE vulnerability has to be something unique to IE7," wagered Storms. According to Microsoft, the critical vulnerability affects only that version of the browser, not IE6 or IE5.01, the latter edition specific to Windows 2000, and the oldest browser that the company still supports with security updates. Storms hesitated to guess what IE7-only issue might be patched. "It could be any number of things," he said. "Could be scripting or the antiphishIng filter."
Microsoft's advance notice reported that the IE7 bug will be rated critical for both Windows XP and Windows Vista, but only "moderate" on Server 2003 and Server 2008.
Microsoft will release February's four updates at approximately 1 p.m. EST Tuesday.
Gregg Keizer, Computerworld
FAQ: How Google Latitude locates you
Multiple wireless technologies help Google's new Latitude service pinpoint your location
February 4 2009 google Inc. released the real-time location tool Google Latitude and opened up a new world of location-based services (LBS) for both PC and mobile phone users.
Latitude enables you to track friends, family, employees and so on — and vice-versa — in real time. Whether this is a good thing (hey, you'll always know where your buddy is in the stadium parking lot), or a preview of a corporate 1984 world where your boss can track your every move, will be determined by how we'll use the service. It's no surprise that at least one privacy group has already voiced security concerns over Latitude.
For now, though, most questions center on how people can use Latitude and how it does its location voodoo.
Can I use Google Latitude? According to Google, if you have any mobile device that supports Google Maps for Mobile v3.0 and above, you're probably good to go. These include Android-powered devices with Maps v3.0 and above; most color BlackBerry devices; most Windows Mobile 5.0 and above devices; and most Symbian S60 devices.
In the near future, you'll also be able to use Latitude on iPhone and iPod Touch with the Google Mobile App in the U.S., and on many Sony Ericsson devices. In addition, you can use Latitude today on a Linux, Mac or Windows PC by using the Latitude iGoogle gadget (you'll need a Google Account) and iGoogle, Google's personalized Web portal.
How do I get it? Mobile users need to first have Google Maps 3.0 or above installed. After that, you can install Latitude. PC users can install the gadget by starting from the Google Latitude site.
I don't have a Global Positioning System chip in my phone. Can I still use Latitude? You betcha. Latitude can use Wi-Fi access points, cell towers or GPS to work out your location.
How does Latitude do that? Google is using technology from Skyhook Wireless in the Latitude service. According to Nick Brachet, Skyhook's chief technology officer, the company's XPS hybrid-positioning system is "a software-only location solution that allows any mobile device with Wi-Fi, GPS or a cellular radio to determine its position with an accuracy of 10 to 20 meters. What sets XPS apart is that it uses land-based Wi-Fi access points, GPS satellites and cellular towers to determine location information."
In other words, Skyhook's software can use any of the three kinds of signals — Wi-Fi, 2G/3G/4G mobile or GPS satellite — that a device can pick up to work out its location. By leveraging these wireless capabilities, Skyhook's software can combine positioning data from satellites, carrier assistance servers and Wi-Fi base stations to significantly speed up positioning, or TTFF (time to first fix). TTFF for some devices can be up to a minute, but the addition of Skyhook's XPS can reduce TTFF to a few seconds.
I thought you had to have GPS to work out your location. How does Google/Skyhook get around that? The technique that Skyhook uses to work out your location is actually the same one that any GPS device uses: triangulation.
Here's how it works: When Latitude turns on, it automatically tries to reach any available GPS satellite, cell tower or Wi-Fi access point (AP). Once it establishes three or more links, it starts working out your location.
It does this essentially by figuring out, for example, that if you're two blocks from the cell tower at the church, and you're right under the Wi-Fi AP at the coffee shop, and you're at x distance from a GPS satellite, you must be at Buster's Coffee Shop. Typically, devices can use up to 24 reference points to work out your location.
Now, by itself your mobile device doesn't have the CPU horsepower to work that out. It takes the raw data and transmits it via a GSM, CDMA or Wi-Fi link to an assistance server. This technique is called A-GPS (Assisted GPS). Your mobile device or computer works together with the server to plot out your location.
And this is the important part for Latitude: Since the assistance server has the results of the calculation, it's easy to share your position with anyone else who uses Latitude and has your permission to see your location.
How does the system know where Wi-Fi APs and cell towers are? Skyhook keeps a database of public Wi-Fi AP locations, and Google has a database of Wi-Fi AP and cell tower locations. Together, these tens of millions of fixed locations give Latitude the grid it needs to work out your location.
How accurate is Latitude? It depends. If all you're working with is Wi-Fi APs, as would be the case with an iPod Touch or most PCs, it can only work out your location within about 200 meters. If you're using multiple cell towers, say you're in a city, you can get it down to a 100-meter circle. In the country, you may be as far out as 300 meters. And with GPS, you can lock down your location to a few meters. If you combine systems, you can be within GPS's accuracy range.
Many variables can interfere with your accuracy, however. Unfortunately, there are no hard and fast rules on determining how accurate Latitude or any other LBS application will be at any given location. For example, if you're inside a large building, you probably won't get a GPS signal. On the street, you may get the GPS, but you'll lose the Wi-Fi signals.
One way or the other, though, we're entering an age where you can always keep track of where you're at, who's near you and what businesses are close by. The flip side, of course, is that they can also track you.
By Steven J. Vaughan-Nichols
computerworld
February 4 2009 google Inc. released the real-time location tool Google Latitude and opened up a new world of location-based services (LBS) for both PC and mobile phone users.
Latitude enables you to track friends, family, employees and so on — and vice-versa — in real time. Whether this is a good thing (hey, you'll always know where your buddy is in the stadium parking lot), or a preview of a corporate 1984 world where your boss can track your every move, will be determined by how we'll use the service. It's no surprise that at least one privacy group has already voiced security concerns over Latitude.
For now, though, most questions center on how people can use Latitude and how it does its location voodoo.
Can I use Google Latitude? According to Google, if you have any mobile device that supports Google Maps for Mobile v3.0 and above, you're probably good to go. These include Android-powered devices with Maps v3.0 and above; most color BlackBerry devices; most Windows Mobile 5.0 and above devices; and most Symbian S60 devices.
In the near future, you'll also be able to use Latitude on iPhone and iPod Touch with the Google Mobile App in the U.S., and on many Sony Ericsson devices. In addition, you can use Latitude today on a Linux, Mac or Windows PC by using the Latitude iGoogle gadget (you'll need a Google Account) and iGoogle, Google's personalized Web portal.
How do I get it? Mobile users need to first have Google Maps 3.0 or above installed. After that, you can install Latitude. PC users can install the gadget by starting from the Google Latitude site.
I don't have a Global Positioning System chip in my phone. Can I still use Latitude? You betcha. Latitude can use Wi-Fi access points, cell towers or GPS to work out your location.
How does Latitude do that? Google is using technology from Skyhook Wireless in the Latitude service. According to Nick Brachet, Skyhook's chief technology officer, the company's XPS hybrid-positioning system is "a software-only location solution that allows any mobile device with Wi-Fi, GPS or a cellular radio to determine its position with an accuracy of 10 to 20 meters. What sets XPS apart is that it uses land-based Wi-Fi access points, GPS satellites and cellular towers to determine location information."
In other words, Skyhook's software can use any of the three kinds of signals — Wi-Fi, 2G/3G/4G mobile or GPS satellite — that a device can pick up to work out its location. By leveraging these wireless capabilities, Skyhook's software can combine positioning data from satellites, carrier assistance servers and Wi-Fi base stations to significantly speed up positioning, or TTFF (time to first fix). TTFF for some devices can be up to a minute, but the addition of Skyhook's XPS can reduce TTFF to a few seconds.
I thought you had to have GPS to work out your location. How does Google/Skyhook get around that? The technique that Skyhook uses to work out your location is actually the same one that any GPS device uses: triangulation.
Here's how it works: When Latitude turns on, it automatically tries to reach any available GPS satellite, cell tower or Wi-Fi access point (AP). Once it establishes three or more links, it starts working out your location.
It does this essentially by figuring out, for example, that if you're two blocks from the cell tower at the church, and you're right under the Wi-Fi AP at the coffee shop, and you're at x distance from a GPS satellite, you must be at Buster's Coffee Shop. Typically, devices can use up to 24 reference points to work out your location.
Now, by itself your mobile device doesn't have the CPU horsepower to work that out. It takes the raw data and transmits it via a GSM, CDMA or Wi-Fi link to an assistance server. This technique is called A-GPS (Assisted GPS). Your mobile device or computer works together with the server to plot out your location.
And this is the important part for Latitude: Since the assistance server has the results of the calculation, it's easy to share your position with anyone else who uses Latitude and has your permission to see your location.
How does the system know where Wi-Fi APs and cell towers are? Skyhook keeps a database of public Wi-Fi AP locations, and Google has a database of Wi-Fi AP and cell tower locations. Together, these tens of millions of fixed locations give Latitude the grid it needs to work out your location.
How accurate is Latitude? It depends. If all you're working with is Wi-Fi APs, as would be the case with an iPod Touch or most PCs, it can only work out your location within about 200 meters. If you're using multiple cell towers, say you're in a city, you can get it down to a 100-meter circle. In the country, you may be as far out as 300 meters. And with GPS, you can lock down your location to a few meters. If you combine systems, you can be within GPS's accuracy range.
Many variables can interfere with your accuracy, however. Unfortunately, there are no hard and fast rules on determining how accurate Latitude or any other LBS application will be at any given location. For example, if you're inside a large building, you probably won't get a GPS signal. On the street, you may get the GPS, but you'll lose the Wi-Fi signals.
One way or the other, though, we're entering an age where you can always keep track of where you're at, who's near you and what businesses are close by. The flip side, of course, is that they can also track you.
By Steven J. Vaughan-Nichols
computerworld
Tuesday, February 3, 2009
Microsoft Outlines Windows 7 SKUs; Targets Netbooks
Microsoft has officially announced the five versions of Windows 7 it will sell at launch within the United States, together with a version specifically designed for low-cost netbooks.
The five versions available for U.S. customers will be: Windows 7 Starter, Windows 7 Home Premium, Windows 7 Professional, Windows 7 Enterprise and Windows 7 Ultimate. But Microsoft will only sell Windows 7 Home Premium and Windows 7 Professional at retail, in a bid to eliminate some of the confusion caused by a plethora of Windows Vista versions.
A sixth version, Windows 7 Home Basic, will only be sold in emerging markets, Microsoft said.
Microsoft did not release the prices of the new Windows 7 versions, and offered no additional details as to when they would launch. Most expect Windows 7 to ship near the end of 2009, however. Microsoft also declined to say when it would stop selling Windows Vista.
"We've learned a lot over the years as we've released versions of Windows to the market. We spent a lot of time listening to customer and partner feedback," Microsoft said in a document describing the changes that was released to PCMag. "We heard from customers that they liked the choices Windows Vista offered, but that upgrading sometimes meant tradeoffs. Customers told us that they want us to make it simpler to identify which version is right for them."
And that means that a single version – Home Premium – will be offered to consumers, with a separate version – Professional – offered to businesses. Both the Home Professional and Business SKUs will contain discrete features that aren't overlapped to the other.
So why not leave it at that? "When you have a customer base of more than one billion, two options can't satisfy all of their varied needs," Microsoft explained. "For that reason we will continue to offer a few targeted SKUs for customers with specialized needs."
Windows 7 Ultimate Edition, meanwhile, won't be sold directly to consumers. Instead, Windows 7 Ultimate will be an upgrade offered only as an add-on, which also means that consumers will be forced to pay for Windows 7 Home Premium or Windows 7 Professional, and then pay again for the upgrade. However, Microsoft will roll out all of the versions on a single disc, allowing users the choice of either buying offline media or applying for an online upgrade key that will unlock the additional capabilities.
"Ultimate combines all of the features of Windows 7 Home Premium plus provides access to all of the Enterprise features including BitLocker, BitLocker To Go, AppLocker, BranchCache, DirectAccess (accessing a corporate network without Remote Access Server installed), MUI, etc.," Microsoft said. BitLocker and AppLocker lock down data and applications, respectively.
And Ultimate Extras? Gone. "Our new approach to planning and building Windows doesn't have the capacity to continue to deliver features outside the regular release cycle," Microsoft said.
Perhaps the largest change, however, is Microsoft's recognition of the netbook market. Previously, Microsoft sold its Starter software only into emerging markets. Now, the company has positioned Starter as an ideal entry point for extending Windows 7 into netbooks. The catch? Like other Starter editions, that netbook will only run three applications at a time, an arbitrary limitation the software imposes. Those limitations ignore background services like antivirus applications, but trigger when the controlling antivirus application is opened, Microsoft's documents say.
Starter is described as a "worldwide entry-level SKU". "Windows Starter has been our entry-level offering in emerging markets with Windows XP and Windows Vista," Microsoft's documents say. "With Windows 7 we are making Windows 7 Starter our worldwide entry-level offering for small notebook PCs (also known as netbooks).
"While these PCs with sufficient hardware will be able to run any Windows 7 SKU and we believe that most consumers will want the rich experience offered by Windows 7 Home Premium or Windows 7 Professional, we recognize that some consumers want a very low price point for their small notebook PC and only have basic computing requirements," Microsoft added. "Windows 7 Starter meets the needs for a certain segment of customers with reduced computing requirements."
One interesting twist: Microsoft claims that any netbook should be able to run essentially any version of its Wndows 7 operating system: "However, Windows 7 was designed in a way that any edition of the OS should be able to run on small notebook PCs with sufficient hardware," the documents say.
That, in part, is because the company said it has "invested significantly in engineering efforts around improving performance, reliability, and compatibility in Windows 7."
On the business front, Microsoft will offer Windows 7 Professional, with the capabilities of joining a managed network, backing up data over the network, and encrypting data. The software will also allow users the option of location-aware printing, such as printing to a home printer while at home, and defaulting to a shared printer in an office environment.
Enterprise will offer a step up for Professional users, and will only be available through volume licensing. With that version, business users will have the option of using BitLocker data encryption on internal and external drives, locking apps with AppLocker, improved remote access without the need for a VPN with DirectAccess, and a decrease in the time to open a shared file with a service called BranchCache. Both of the latter services will require Windows Server 2008 R2, Microsoft says.
Microsoft to offer XP-to-Windows-7 upgrades
Microsoft Corp. today confirmed that it will sell what it calls "upgrades" for Windows 7 to users running the aged Windows XP operating system.
Those users, however will have to do a "clean" installation of Windows 7, meaning that all data on the machine will be lost.
"Regarding XP, customers can purchase upgrade media and an upgrade license to move from Windows XP to Windows 7," a company spokeswoman said in an e-mail this morning. "However, they will need to do a clean installation of Windows 7."
In a follow-up reply to questions, the spokeswoman fleshed out what Microsoft means by upgrade. "The 'upgrade' part is referring to the license," she said. "You will be able to get the discounted 'upgrade' license, but it will include full bits."
That's how David Smith, an analyst at Gartner Inc., interpreted "upgrade" in Microsoft's description of what it would offer XP owners. "They're talking about the upgrade price," he said, pointing out that most software vendors use the term upgrade to designate a lower-priced version aimed at existing customers.
Although Microsoft today spelled out the six planned versions of Windows 7, it declined to provide pricing for them, or for the XP upgrade licenses.
Typically, an operating system upgrade offers users the choice between an in-place migration of the machine -- including installed applications and all data -- and a fresh installation, which overwrites the hard drive's contents. When Microsoft launched Windows Vista in January 2007, for example, it offered those upgrade paths to people then running XP .
Smith and other analysts applauded Microsoft's decision to not provide in-place upgrades from XP to Windows 7. "I'm not a big fan of them," said Smith. "They're tough enough from one version to the next, and from two versions [behind], it would be pretty challenging, technically."
Michael Gartenberg, formerly an analyst at JupiterResearch and now a vice president of mobile strategy with JupiterMedia, agreed. "For most end users, it will probably mean that they end up with a more reliable installation," he said.
Microsoft benefits, too. "It makes life a lot easier for Microsoft by not having to support an XP to Windows 7 transition," said Gartenberg, who is a Computerworld.com columnist. "It means that it's something they can get out the door earlier."
Microsoft has been aggressively pushing Windows 7's timetable. Just two weeks after it launched the first -- and in the end, the only -- public beta of the new operating system, the head of Windows development said the company is moving directly to a "release candidate" version of the operating system.
But the process of upgrading a PC from Windows XP to Windows 7 won't be easy, Gartenberg predicted. "It's a double-edged sword. For many consumers who may be looking to go directly from XP to Windows 7, the idea of doing a clean install, backing up their applications, backing up their data, can lead to a lot of hassles," he said.
"Considering that there's a lot of XP out there, one has to wonder why Microsoft is taking this approach," Gartenberg added. "It's not going to be the simplicity of sticking a disc in the drive and upgrading. We'll have to see if that affects the upgrade market."
Microsoft said it was working on ways to help Windows XP users make the move, but it did not get more specific. "Microsoft plans to have other tools and ways to help people get through that process, but we don't have full details on that at this time," a company spokesman said today.
By Gregg Keizer
computerworld
Those users, however will have to do a "clean" installation of Windows 7, meaning that all data on the machine will be lost.
"Regarding XP, customers can purchase upgrade media and an upgrade license to move from Windows XP to Windows 7," a company spokeswoman said in an e-mail this morning. "However, they will need to do a clean installation of Windows 7."
In a follow-up reply to questions, the spokeswoman fleshed out what Microsoft means by upgrade. "The 'upgrade' part is referring to the license," she said. "You will be able to get the discounted 'upgrade' license, but it will include full bits."
That's how David Smith, an analyst at Gartner Inc., interpreted "upgrade" in Microsoft's description of what it would offer XP owners. "They're talking about the upgrade price," he said, pointing out that most software vendors use the term upgrade to designate a lower-priced version aimed at existing customers.
Although Microsoft today spelled out the six planned versions of Windows 7, it declined to provide pricing for them, or for the XP upgrade licenses.
Typically, an operating system upgrade offers users the choice between an in-place migration of the machine -- including installed applications and all data -- and a fresh installation, which overwrites the hard drive's contents. When Microsoft launched Windows Vista in January 2007, for example, it offered those upgrade paths to people then running XP .
Smith and other analysts applauded Microsoft's decision to not provide in-place upgrades from XP to Windows 7. "I'm not a big fan of them," said Smith. "They're tough enough from one version to the next, and from two versions [behind], it would be pretty challenging, technically."
Michael Gartenberg, formerly an analyst at JupiterResearch and now a vice president of mobile strategy with JupiterMedia, agreed. "For most end users, it will probably mean that they end up with a more reliable installation," he said.
Microsoft benefits, too. "It makes life a lot easier for Microsoft by not having to support an XP to Windows 7 transition," said Gartenberg, who is a Computerworld.com columnist. "It means that it's something they can get out the door earlier."
Microsoft has been aggressively pushing Windows 7's timetable. Just two weeks after it launched the first -- and in the end, the only -- public beta of the new operating system, the head of Windows development said the company is moving directly to a "release candidate" version of the operating system.
But the process of upgrading a PC from Windows XP to Windows 7 won't be easy, Gartenberg predicted. "It's a double-edged sword. For many consumers who may be looking to go directly from XP to Windows 7, the idea of doing a clean install, backing up their applications, backing up their data, can lead to a lot of hassles," he said.
"Considering that there's a lot of XP out there, one has to wonder why Microsoft is taking this approach," Gartenberg added. "It's not going to be the simplicity of sticking a disc in the drive and upgrading. We'll have to see if that affects the upgrade market."
Microsoft said it was working on ways to help Windows XP users make the move, but it did not get more specific. "Microsoft plans to have other tools and ways to help people get through that process, but we don't have full details on that at this time," a company spokesman said today.
By Gregg Keizer
computerworld
Subscribe to:
Posts (Atom)
