Sign up for our Technology Newsletter 
Google Defends New Privacy Policy
February 6, 2012 by admin
Filed under Around The Net
Comments Off on Google Defends New Privacy Policy
In a letter sent to eight members of Congress, Google yesterday defended its decision to consolidate its privacy policies and users’ personal information.
The 13-page letter explains Google’s decision to change its privacy policies and answers specific questions from the legislators. In sum, Google contended that its approach to privacy remains the same, that users still have control over how they use the company’s various online services, and that private information stays private.
“Some have expressed concern about whether consumer can opt out of ourupdated privacy policy,” wrote Pablo Chavez, Google’s director of public policy, in the letter.
“We understand the question at the heart of this concern. We believe the relevant issue is whether users have choices about how their data is collected and used. Google’s privacy policy – like that of other companies – is a document that applies to all consumers using our products and services. However, we have built meaningful privacy controls into our products, and we are committed to continue offering those choices in the future,” he added.
Google stirred up something of a privacy firestorm last week when company executives disclosed plans to rewrite privacy policies and to meld user information across its various products and services.
.
IBM Goes Social
December 12, 2011 by admin
Filed under Around The Net
Comments Off on IBM Goes Social
Responding to increased use of tablets within business settings, IBM will launch on Wednesday several mobile applications designed to let employees use IBM enterprise social collaboration software with iPads and other mobile devices.
The new applications, free to customers with active licenses of the IBM software, have been built specifically for tablet interfaces and have security, IT management and compliance features.
“The apps are very lightweight and talk directly back in a secure manner to the enterprise systems that people who don’t have these devices are using inside the company,” said Rob Ingram, senior manager of IBM’s Mobile Collaboration Strategy.
One of the applications lets employees use IBM Connections via iPads, while another one is for LotusLive Meeting users to participate in online meetings using iPhones or Android, BlackBerry or iPad tablets.
For IBM Sametime, another application lets employees engage in one-on-one or group instant messaging sessions on iPad and Android tablets. There is also one application for Lotus Symphony Viewer that lets users view ODF-based files, including documents, spreadsheets and presentations, on iPads, iPhones or Android devices.
There are also applications for managing telephony tasks within IBM Sametime from tablets and for Android device users to add widgets to home screens as shortcuts to their Lotus Notes mail and calendar.
RIM’s Playbook Gets Jailbroken
December 7, 2011 by admin
Filed under Consumer Electronics
Comments Off on RIM’s Playbook Gets Jailbroken
Three hackers say they have taken advantage of a vulnerability in Research In Motion’s PlayBook tablet to gain root access to the device, a claim that could damage the BlackBerry maker’s stellar reputation for security.
Root access means a user has permission to change any file or program on a device and can control hardware functions.
In a response to questions concerning the issue, RIM said it is investigating the claim, and if a “jailbreak” is confirmed will release a patch to plug the hole.
The three hackers – who identify themselves as xpvqs, neuralic and Chris Wade – plan to release their data within a week as a tool called DingleBerry.
Apple’s iOS and Google’s Android operating systems are frequently attacked by users who want to run programs that have not been authorized by the manufacturers, but breaches of RIM’s software are more rare.
The PlayBook runs on a different operating system than RIM’s current BlackBerry smartphones. However, the QNX system will be incorporated into its smartphones starting next year.
Patches Released For Firefox and Thunderbird
Comments Off on Patches Released For Firefox and Thunderbird
The release of Firefox 7 is important because the new version features better memory management and is the first step in Mozilla’s long term plan to make the browser more resource friendly.
Nevertheless, users who upgrade to it will also benefit from improved security as this release fixes six critical and two moderate severity security vulnerabilities.
Four of the critical patches are shared with Thunderbird 7 and address a use-after-free condition with OGG headers, an exploitable crash in the YARR regular expression library, a code installation quirk involving the Enter key and multiple memory hazards.
A moderate severity patch that provides defence against multiple Location headers caused by CRLF injection attacks is also common to both products.
In addition to these patches Firefox 7 also contains fixes for two critical and one moderate severity vulnerabilities, with one of them resulting in a potentially exploitable WebGL crash.
It’s worth pointing out that Microsoft previously motivated its decision to not include support for WebGL in Internet Explorer by saying that the 3D graphics library opens a large attack surface.
So far several serious vulnerabilities have been identified and patched in WebGL, which partially supports Microsoft’s assessment, but the library’s supporters claim this is no different than with other technologies.
Firefox 7 also updates Websocket, a protocol disabled in the past because of security issues, to version 8, which is no longer vulnerable to known attacks.
Adobe Patches Security Holes in Flash
Comments Off on Adobe Patches Security Holes in Flash
Adobe has released a security update for Flash Player in order to address several critical vulnerabilities, including one that is being exploited in the wild.
The Flash Player 10.3.183.10 for Windows, Mac and Linux, and Flash Player 10.3.186.7 for Android, contain patches for six security flaws.
One of them is a cross-site scripting (XSS) weakness that can be exploited to execute rogue actions on behalf of web sites or webmail providers if victims click on maliciously-crafted links.
“There are reports that this issue is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message,” Adobe warns in its security advisory.
XSS vulnerabilities are the result of improper user input validation and allow attackers to execute rogue code in the context of the current web site. For example, they can be leveraged to extract session cookies or load rogue forms into legitimate pages, which makes for very credible phishing attacks.
Adobe credits Google for reporting this cross-site scripting vulnerability, which is identified as CVE-2011-2444. This means it might have been detected in attacks against Gmail users.
Two other patched vulnerabilities allow for arbitrary code execution and are located in the AVM stack. One of them can also lead to a denial of service condition. Two remote code execution logic errors and a Flash Player security control bypass have also been addressed.
Users should deploy the new update as soon as possible because browser plug-ins like Java, Adobe Reader or Flash Player are amongst the most attacked pieces of software one can have on a computer. However, unlike Adobe Reader X (10.0) which features sandboxing technology, Flash Player doesn’t have any anti-exploitation mechanism built-in.
Flash Player 11 Launched With 3D Gaming
Comments Off on Flash Player 11 Launched With 3D Gaming
Adobe Systems announced Flash Player 11 and Adobe Air 3 software Wednesday to assist developers in building more sophisticated applications with dozens of new features across smartphones and tablets as well as desktop computers.
The releases are Adobe’s biggest in two years, and will be available free of charge in early October, said Anup Murarka, Adobe’s director of product marketing. The related tools, Flash Builder and Flex, will support new features in Flash Player 11 and Adobe Air 3 by the end of the year.
The releases will enable delivery of 2D and 3D games over the Internet to various devices, Murarka said. Developers of enterprise applications will also find the 3D capabilities popular for data-centric apps. Enterprises, for example, will be able to build application dashboards to “visualize complex data sets” with 3D images, he said.
Developers will also be able to use the tools to more deeply integrate business software like Excel and Outlook in devices and to access hardware programming interfaces for functions such as Near-Field Communication being used more widely in smartphones, Murarka said.
The new versions will also help developers build more secure applications with the ability to leverage cryptographically secure random number generation, he said.
IMs To Overtake Emails In Workplace
Comments Off on IMs To Overtake Emails In Workplace
Many CIOs predict that real-time communication technologies, such as instant messaging, SharePoint, Chatter and Yammer will outpace traditional email in the workplace in the next five years.
That’s the conclusion of a Robert Half Technology survey of more than 1,400 CIOs at U.S. companies with more than 100 employees. The survey was published last month.
More than half (54%) of the CIOs polled said real-time workplace communication tools will surpass traditional email in popularity within five years. The prediction was a bit lukewarm, however: 13% of the respondents said real-time messages will be “much more popular” than email, while 41% said they’ll be “somewhat more popular.”
Robert Half Technology, an IT staffing firm, said a transition to real-time tools could yield workplace benefits, potentially making it easier to work as a team, solve problems, share ideas and manage documents.
Twitter Toying With Money Making Ideas
June 29, 2011 by admin
Filed under Around The Net
Comments Off on Twitter Toying With Money Making Ideas
Twitter is considering the option of placing ads into the live stream of messages, according to the Financial Times. The addition of “promoted tweets” — a more palatable way to say advertising — within the live Twitter stream is bound to turn off many users, at the same time as it attracts businesses looking to reach some of the company’s 300 million users.
Twitter’s executives have been in discussions with strategists at the Cannes Lions International Advertising Festival in France this week to find a way to increase revenues, which disproportionately trail those of social media companies such as Facebook.
Twitter is expected to generate revenues of about $100 million this year. Facebook, by contrast, reaps $3.5 billion from display advertising, according to a forecast by Enders Analysis.
A few other ideas leaked out of these meetings. One was that Twitter would offer mass coupon deals, which hold potential given the real-time nature of interacting on Twitter. A brand profile, which would allow advertisers to pre-schedule their company’s Tweets, is also being considered.
Apple Admits To Security Issues
Apple has finally acknowledge and has promised an update for Mac OS X that will find and remove the MacDefender fake security software, and warn uninfected users when they download the infectious program.
The announcement — part of a new support document that the company posted late Tuesday — was the company’s first public recognition of the threat posed by what security experts call “scareware” or “rogueware.”
Apple has taken criticism for not publicly responding to the MacDefender threat.
“In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants,” Apple said in the document. “The update will also help protect users by providing an explicit warning if they download this malware.”
Apple also outlined steps that users with infected Macs can take to remove the scareware.
Andrew Storms, director of security operations with nCircle Security, was surprised that Apple said it would embed a malware cleaning tool in Mac OS X.
Terror Alerts To Be Issued Via Facebook, Twitter
April 10, 2011 by admin
Filed under Around The Net
Comments Off on Terror Alerts To Be Issued Via Facebook, Twitter
The U.S. government may start issuing terror alerts via Facebook and Twitter, according to a news service report.
The Associated Press reported Thursday that the U.S. Department of Homeland Security is working to re-design the current color-coded terror alert system. The new system, according to the report, would have only two levels of alerts — elevated and imminent.
Those alerts would be conveyed out to the public in part via social networking sites Facebook and Twitter . The AP article is based on a 19-page draft of the plan that the news service obtained.
“The new terror alerts would also be published online using Facebook and Twitter ‘when appropriate,’” the news agency reported, “but only after federal, state and local government leaders have already been notified.”
The new system is expected to be in place by April 27.
Zeus Kerravala, an analyst at Yankee Group Research, said the fact that the U.S. government is entrusting something as critical as terrorist alerts to Facebook and Twitter shows how important social networking sites have become to people’s lives.