Can Acer Go High-End?

Most popular for its low-cost laptops, Acer doesn’t really inspire thoughts of premium products. But building high-end hardware could be the Taiwanese vendor’s best chance as it looks for a way to rescue its struggling business.

With consumers flocking to tablets and smartphones, Acer’s once-thriving PC business has been left in the dust. Quarterly financial losses have become routine at the company and its PC shipments declined more sharply in the past year than at any other major vendor, according to IDC.

The grim situation forced CEO J.T. Wang to resign from his post last Tuesday. Acer will also cut 7 percent of its global workforce and has assembled an advisory committee to come up with a new strategy, the company announced.

Bright spots are hard to find. The Wintel model that propelled Acer for years and helped it become the second-largest PC vendor in 2009 has been falling apart amid the demand for mobile gadgets. And Windows 8 and Intel’s Ultrabook strategy have failed to resuscitate the market.

It hasn’t helped that Acer is so reliant on sales to consumers, said IDC analyst Bryan Ma. The entire PC industry has been hurt by tablets, but Dell and Hewlett-Packard have at least managed to find cover selling PCs to businesses, which are still buying them. And Lenovo has capitalized on its position in China, now the world’s largest PC market.

“Acer didn’t really have the commercial PC business to protect themselves. That’s why they were hit harder,” Ma said.

Acer — whether to its benefit or detriment — has instead gained a reputation for low-priced PCs. Even in tablets it has tried to undercut rivals — its Iconia W4, an 8-inch Windows 8.1 tablet, starts at US$329.99, while its Iconia B Android tablet goes for $129.99. The low prices have helped keep the company on consumers’ radar, but at the expense of profits.

One option for Acer is to build a brand as a higher-end PC player. It took a step in that direction last year with the Aspire S7, a Windows laptop with a slender, aluminum chassis that sells for $1,200 and up. That product and its successors have had some success for the company, with sales of 2,000 to 3,000 units per month, said James Wang, an analyst with research firm Canalys.

“I think Acer has started to learn they are able to sell some expensive products,” he said.

Selling higher-end PCs could help stop the bleeding in Acer’s finances, but with the overall PC market still shrinking it’s unlikely to help it expand in any meaningful way. “You can’t really expect vendors in desktops and notebooks to find growth,” Wang said. “You win in the market by not falling in shipments.”

Source

Google Expands Malware Blocker

Google has expanded malware blocking in an early development build of Chrome to sniff out a wider range of threats than the browser already recognizes.

Chrome’s current “Canary” build — the label for very-early versions of the browser, earlier than even Chrome’s Dev channel — will post a warning at the bottom of the window when it detects an attempted download of malicious code.

Features added to the Canary build usually, although not always, eventually make it into the Dev channel — the roughest-edged of the three distributed to users — and from there into the Beta and Stable channels. Google did not spell out a timetable for the expanded malware blocking.

Chrome has included malware blocking for more than two years, since version 12 launched in June 2011, and the functionality was extended in February 2012with Chrome 17.

Chrome is now at version 30.

Canary’s blocking, however, is more aggressive on two fronts: It is more assertive in its alerts and detects more malware forms, including threats that pose as legitimate software and monkey with the browser’s settings.

“Content.exe is malicious, and Chrome has blocked it,” the message in Canary reads. The sole visible option is to click the “Dismiss” button, which makes the warning vanish. The only additional option, and that only after another click, is to “Learn more,” which leads to yet another warning.

In Canary, there is no way for the user to contradict the malware blocking.

That’s different than in the current Stable build of Chrome, which relies on a message that says, “This file is malicious. Are you sure you want to continue?” and gives the user a choice between tossing the downloaded file or saving it anyway.

As it has for some time, Chrome will show such warnings on select file extensions, primarily “.exe,” which in Windows denotes an executable file, and “.msi,” an installation package for Windows applications. Canary’s expansion, said Google, also warns when the user tries to download some less obvious threats, including payloads masquerading as legitimate software — it cited screen savers and video plug-ins in a  blog posting — that hijack browser settings to silently change the home page or insert ads into websites to monetize the malware.

Google’s malware blocking is part of its Safe Browsing API (application programming interface) and service, which Chrome, Apple’s Safari and Mozilla’s Firefox all access to warn customers of potentially dangerous websites before they reach them.

In Chrome’s case, the malware warning stems not only from the Safe Browsing “blacklist” of dodgy websites, but according to NSS Labs, a security software testing company, also from the Content Agnostic Malware Protection (CAMP) technology that Google has baked into its implementation of Safe Browsing.

Source

Will Skype 3RD Party API’s End?

Angry Developers, a breed not unlike Angry Birds but without the desire to fling themselves at naughty pigs, have started a petition asking Microsoft to withdraw its plan to switch off the desktop API for Skype.

The news follows Microsoft’s announcement that support for third party applications will end in December. The change.org petition explains, “The decision to discontinue Skype’s Desktop API impacts our ability to use Skype within my normal Skype calling activities.” It goes on to request that, “Skype/Microsoft provide continued support for third party Skype utilities that have become mission critical to Skype’s users.”

The API runs a range of services, including call recording clients, and in some cases third party hardware including certain headsets. Its discontinuation will most likely see problems for third party instant messaging (IM) services that rely on the API to aggregate IM services, as Skype does not use the Jabber protocol.

Microsoft’s explanation of this was fairly straightforward. It said, “The Desktop API was created in 2004 and it doesn’t support mobile application development. We have, therefore, decided to retire the Desktop API in December 2013.”

However, many developers who receive income from their products using the Skype API are unsatisfied with this.

Although Skype has had a mobile client dating back as far as Windows Mobile 5, it has never had parity with the desktop version and there remains some bewilderment as to why Microsoft has made this decision.

At the time of writing shortly after launch on Friday, the petition had 540 signatures and rising, showing that there is a groundswell of support for the initiative.

Source

HP To Support The iPad

Is your iPad out of warranty? Hewlett-Packard to the rescue.

HP updated its SmartFriend support service and will now troubleshoot problems with Windows, Android, Chrome OS, OS X and iOS products, according to a fact sheet describing the service.

“HP is expanding its HP SmartFriend service to provide 1:1 expert support for any brand of PC or tablet,” the company said. The plan previously supported PCs from HP and other vendors, as well as Macs.

Users can avail of the service to address general hardware, software and malware issues. HP says its agents can “remove viruses, improve PC performance, solve software errors, and connect devices to a wireless network with enhanced security.” The support is provided by phone or over the Internet, so don’t expect a technician to trot in and fix your iPad in person. But HP notes it can save you from driving to a store.

Unlike Best Buy’s Geek Squad service, HP’s service does not include hardware repairs. It can be tricky to change the battery or storage in tablets, so for iPads, the Genius Bars at Apple Stores may still be the best option for some repairs.

HP didn’t immediately comment on exactly what support it will provide for the iPad. HP printers offer wireless printing from iPads and iPhones. HP sells primarily Windows PCs and Android tablets, though on last Thursday it announced the Pavilion 14 laptop with Google’s Chrome OS.

While SmartFriend includes support for iOS devices, the service seems focused mainly on Windows products. Its technicians include “Microsoft Application Trainers, Microsoft Product Specialists, A+/MCP/MCSE Certified Professionals, Network Administrators and HTML Developers,” according to the fact sheet.

The service starts at US$9.99 per month and users can sign up for a pre-paid, monthly or yearly support plan. A “Complete Plan” supports two devices, while a “Family Plan” supports up to four devices.

Source

Java 6 Security Hole Found

Security firms are urging users of Oracle’s Java 6 software to upgrade to Java 7 as soon as possible to avoid becoming the victims of active cyber attacks.

F-secure senior analyst Timo Hirvonen warned about the exploit this weekend over Twitter, advising that he had found an exploit in the wild actively targeting an unpatched vulnerability in Java 6, named CVE-2013-2463.

PoC for CVE-2013-2463 was released last week, now it’s exploited in the wild. No patch for JRE6… Uninstall or upgrade to JRE7 update 25.

— Timo Hirvonen (@TimoHirvonen) August 26, 2013

CVE-2013-2463 was addressed by Oracle in the June 2013 Critical Patch Update for Java 7. Java 6 has the same vulnerability, as Oracle acknowledged in the update, but since Java 6 became unsupported in April 2013, there is no patch for the Java 6 vulnerability.

Cloud security provider Qualys described the bug as an “implicit zero-day vulnerability”. The firm’s CTO Wolfgang Kandek said he had seen it included in the spreading Neutrino exploit kit threat, which “guarantees that it will find widespread adoption”.

“We know about its existence, but do not have a patch at hand,” Kandek said in a blog post. “This happens each time a software package loses support and we track these instances in Qualysguard with our ‘EOL/Obsolete’ detections, in this case.

“In addition, we still see very high rates of Java 6 installed, a bit over 50 percent, which means many organisations are vulnerable.”

Like F-secure, Kandek recommended that any users with Java 6 upgrade to Java 7 as soon as they can.

“Without doubt, organisations should update to Java 7 where possible, meaning that IT administrators need to verify with their vendors if an upgrade path exists,” he added.

Source

Google Updates It’s SSL Certificate

Google has announced plans to upgrade its Secure Sockets Layer (SSL) certificates to 2048-bit keys by the end of 2013 to strengthen its SSL implementation.

Announcing the news on a blog post today, Google’s director of information security engineering Stephen McHenry said it will begin switching to the new 2048-bit certificates on 1 August to ensure adequate time for a careful rollout before the end of the year.

“We’re also going to change the root certificate that signs all of our SSL certificates because it has a 1024-bit key,” McHenry said.

“Most client software won’t have any problems with either of these changes, but we know that some configurations will require some extra steps to avoid complications. This is more often true of client software embedded in devices such as certain types of phones, printers, set-top boxes, gaming consoles, and cameras.”

McHenry advised that for a smooth upgrade, client software that makes SSL connections to Google, for example, HTTPS must: “perform normal validation of the certificate chain; include a properly extensive set of root certificates contained […]; and support Subject Alternative Names (SANs)”.

He also recommended that clients support the Server Name Indication (SNI) extension because they might need to make an extra API call to set the hostname on an SSL connection.

He pointed out some of the problems that the change might trigger, and pointed to a FAQ addressing certificate changes, as well as instructions for developers on how to adapt to certificate changes.

F-secure’s security researcher Sean Sullivan advised, “By updating its SSL standards, Google will make it easier to spot forged certificates.

“Certificate authorities have been abused and/or hacked in the past. I imagine it will be more difficult to forge one of these upgraded certs. Therefore, users can have more confidence.”

Source

HP Looks Beyond Windows

Hewlett-Packard has announced the availability of its latest Pavilion laptop with Google’s Chrome OS as the PC maker attempts to improve laptop sales by offering an alternative to the Windows OS.

The Pavilion 14 Chromebook has a 14-inch screen and runs on a dual-core Intel processor. The laptop is roughly 21 millimeters thick, and weighs 1.8 kilograms. It offers just over four hours of battery life, said David Conrad, director for product management at HP’s consumer products group.

The laptop is expected to ship on Monday in the U.S. starting at $329.99. The company did not immediately provide worldwide availability information.

HP wanted to widen its product offerings and the new Chromebook is targeted at those who do most of their computing on the Web, Conrad said.

“It’s really about choice. We have a very wide offering,” Conrad said. “We think the time is right for an additional choice for people to have a gateway to their Google digital lifestyle.”

The laptop has only 16GB of solid-state drive storage, but will offer 100GB of free Google Drive storage for two years.

The Chromebook has the same design as HP’s other PC offerings, which mostly run on Windows and have standard-capacity hard drives. But, with a lot of data moving to the cloud, the Chromebook provides a different usage model.

“We see this as another device to be used around the house. It’s easily managed,” Conrad said.

Source…

Mozilla Fixes Major Security Issues

Mozilla has fixed a number of security vulnerabilities in the latest versions of its internet applications, including Firefox 14, Thunderbird 14 and Seamonkey 2.11.

Following the release of its Firefox 14 browser for desktop operating systems on Tuesday, Mozilla said it has removed security holes in the Gecko rendering engine that all the applications run, some of which it rated as “critical”.

The bugs fixed included a code execution problem related to javascript URLs, a JSDependentString::undepend string conversion bug that can be exploited to cause a crash and a same-compartment Security Wrappers bypass issue.

Critical use-after-free problems, an out-of-bounds read bug, and a bad cast in the Gecko engine that could lead to memory corruption have also been addressed, Mozilla said.

These bugs were deemed “critical” due to their vulnerability to being exploited remotely by hackers that could execute arbitrary code on an unsuspecting victim’s system.

Source…

Is Internet Explorer Making A Comeback?

Microsoft’s Internet Explorer (IE) in April again managed to grab more user share, the third time in the year’s first four months, to stay well above the 50% mark and remain the world’s top browser, a Web analytics company said on Tuesday.

Google’s Chrome’s share also climbed in April, said Net Applications, ending that browser’s three-month decline.

IE boosted its share by about three-tenths of a percentage point last month to average 54.1% in April. That returns IE to a mark comparable to its September 2011 share.

Since Jan.1, IE has increased its usage share by 2.2 percentage points for a 4% gain since the end of 2011. The turnaround has been IE’s largest and longest since the browser began shedding share years ago to Firefox, then later, Chrome.

Microsoft has pinned its hopes almost entirely on IE9, the 2011 edition that runs only on Windows Vista and Windows 7.

On Tuesday, Microsoft again stayed on message, highlighting the gains made by IE9 on Windows 7 — the pairing the firm has said is the only metric it cares about — but ignoring the overall IE increases this year.

Source…

Yahoo Goes-DO NOT TRACK

Yahoo websites worldwide will comply with users “do not track” settings starting later this year, Yahoo announced Wednesday.

Most major browsers are now able to send a message to sites visited, indicating whether users want their surfing behavior to be tracked by cookies for the purposes of displaying personalized ads. In February the last major hold-out, Google, announced that its Chrome browser will include do-not-track support by the end of the year.

That message, an HTTP (hypertext transfer protocol) header accompanying a request to display a Web page, avoids the awkward paradox that to store a visitor’s preference not to be tracked by cookies, sites had to store a cookie containing that preference, and provides a consistent way to store and indicate such preferences across all Web sites that respect the do-not-track header.

Support for the do-not-track header has been in the works since last year, Yahoo said. All Yahoo sites will respect the header, including those of Right Media and Interclick, two Yahoo subsidiaries specializing in behavioral or data-driven advertising, the company said.

The company’s announcement comes the same day that the U.S. House of Representatives’ Subcommittee on Commerce, Manufacturing, and Trade is set to hold a hearing on balancing privacy and innovation, and in the same week that the U.S. Federal Trade Commission called for creation of a do-not-track tool for Internet users.

In a statement announcing its plans for allowing visitors to opt out of tracking, Yahoo maintained that allowing advertisers to regulate themselves was the best and quickest way to introduce protections to the market place without sacrificing innovation or value creation.

Source…

« Previous Page — Next Page »