Sign up for our Technology Newsletter 
Does Intel Need Help?
As time runs out for Intel to bring its Internet-based TV service by the end of the year, the outfit has approached Samsung and Amazon to ask them to lend a hand. Intel has asked about providing funding and distribution for the service. It looks like the set-top box project could be scrapped if a strategic partner isn’t found soon.
OnCue was supposed to allow users to watch live TV, on demand, and other offerings. Intel said it would provide the hardware and services directly to consumers and that the box would come with a camera that can detect who is in front of the TV. More than 300 engineers are working on the project under Erik Huggers, the head of Intel Media. A version of the service running on Intel hardware is testing with 3,000 Intel employees. Goodness knows what content they are running. Intel is having difficulty getting content deals.
Intel has yet to announce any TV programming partners, and Time Warner Cable and other cable TV providers have been pressuring channel owners to shun pacts with Intel and other Internet-based TV providers. Samsung, which ships millions of smart TVs, could distribute the service as a bundle, while Amazon could provide access to its growing library of movies and TV shows.
Raspberry Pi Gets A Store
Raspberry Pi Foundation has opened a store to enable users to easily download applications that run on the credit-card sized computer.
The Raspberry Pi Foundation said it partnered with Indiecity and Velocix to create a store for applications that run on the Raspberry Pi computer. The Foundation said that the store itself is an application that runs under its Raspbian Linux distribution and at launch has 23 applications available for download.
The Raspberry Pi Store contains games such as Freeciv alongside applications such as Libreoffice and Asterisk. The Raspberry Pi Foundation said its store accepts compiled binaries, Python code, images, audio and video.
The Raspberry Pi Store will allow developers to charge for applications, with the Foundation saying that it hopes to see a mix of hobbyist and commercial software. The Foundation also asked users that download applications to review them in order to improve the results put out by its recommendations system.
While the Raspberry Pi was initially intended to help teach people how to program, the device has gained wider popularity due to the fact that its hardware can run many typical PC desktop applications. The Foundation’s Raspberry Pi Store will make it easier for users to find and install applications on the device, which can only be a good thing for the Raspberry Pi Foundation and Linux adoption.
Cloud Storage Specs Approved
The International Organization for Standardization (ISO) has ratified the Cloud Data Management Interface (CDMI), a set of protocols defining how businesses can safely transport data between private and public clouds.
The Storage Networking Industry Association’s (SNIA) Cloud Storage Initiative Group submitted the standard for approval by the ISO last spring. CDMI is the first industry-developed open standard specifically for data storage as a service.
“There is strong demand for cloud computing standards and to see one of our most active consortia partners contribute this specification in such a timely fashion is very gratifying,” Karen Higginbottom, chairwoman of the ISO committee, said in a statement. “The standard will improve cloud interoperability.”
The CDMI specification is a way to create an interface for accessing data in the cloud by preserving metadata about information that an enterprise stores in the cloud. With metadata associated with the information, companies can retrieve data no matter where it’s stored.
“With the metadata piece, it’s also complementary with existing interfaces. The standard can be used with Amazon, for file or block data and it can use any number of storage protocols, such as NFS, CIFS or iSCSI,” said SNIA Chairman Wayne Adams.
Based on a RESTful HTTP protocol, CDMI provides both a data path and control path for cloud storage and standardizes a common interoperable format for securely moving data and its associated data requirements from cloud to cloud. The standard applies to public, private and hybrid deployment models for storage clouds.
IBM Beefs Up
IBM is unveiling a new version of its Connections enterprise social networking (ESN) software, which businesses use to give their employees social media capabilities adapted for workplace collaboration, such as employee profiles and blogging.
Enhancements in IBM Connections 4.0 include a more interactive activity stream, broader support for mobile devices, more granular usage analytics and integration with email and calendar systems, according to Heidi Ambler, director of product management for IBM Social Software. It is available immediately.
“This new release helps customers grasp the power of social analytics, gives them anytime-anywhere access to the software and provides cutting-edge capabilities,” she said.
Instead of a list-like news feed, the new software has an activity stream in employee profiles that users can filter for relevance, as well as act on the notifications right from the Connections interface.
For example, users can trigger pop-up boxes from the activity stream notifications and see the latest comments made about a file, see who posted the latest version of it and add tags to it.
An integration with IBM’s own Lotus Notes-Domino and with Microsoft’s Outlook-Exchange email and calendar systems lets users manage email messages through Connections.
Patches Released For Firefox and Thunderbird
Comments Off on Patches Released For Firefox and Thunderbird
The release of Firefox 7 is important because the new version features better memory management and is the first step in Mozilla’s long term plan to make the browser more resource friendly.
Nevertheless, users who upgrade to it will also benefit from improved security as this release fixes six critical and two moderate severity security vulnerabilities.
Four of the critical patches are shared with Thunderbird 7 and address a use-after-free condition with OGG headers, an exploitable crash in the YARR regular expression library, a code installation quirk involving the Enter key and multiple memory hazards.
A moderate severity patch that provides defence against multiple Location headers caused by CRLF injection attacks is also common to both products.
In addition to these patches Firefox 7 also contains fixes for two critical and one moderate severity vulnerabilities, with one of them resulting in a potentially exploitable WebGL crash.
It’s worth pointing out that Microsoft previously motivated its decision to not include support for WebGL in Internet Explorer by saying that the 3D graphics library opens a large attack surface.
So far several serious vulnerabilities have been identified and patched in WebGL, which partially supports Microsoft’s assessment, but the library’s supporters claim this is no different than with other technologies.
Firefox 7 also updates Websocket, a protocol disabled in the past because of security issues, to version 8, which is no longer vulnerable to known attacks.
Adobe Patches Security Holes in Flash
Comments Off on Adobe Patches Security Holes in Flash
Adobe has released a security update for Flash Player in order to address several critical vulnerabilities, including one that is being exploited in the wild.
The Flash Player 10.3.183.10 for Windows, Mac and Linux, and Flash Player 10.3.186.7 for Android, contain patches for six security flaws.
One of them is a cross-site scripting (XSS) weakness that can be exploited to execute rogue actions on behalf of web sites or webmail providers if victims click on maliciously-crafted links.
“There are reports that this issue is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message,” Adobe warns in its security advisory.
XSS vulnerabilities are the result of improper user input validation and allow attackers to execute rogue code in the context of the current web site. For example, they can be leveraged to extract session cookies or load rogue forms into legitimate pages, which makes for very credible phishing attacks.
Adobe credits Google for reporting this cross-site scripting vulnerability, which is identified as CVE-2011-2444. This means it might have been detected in attacks against Gmail users.
Two other patched vulnerabilities allow for arbitrary code execution and are located in the AVM stack. One of them can also lead to a denial of service condition. Two remote code execution logic errors and a Flash Player security control bypass have also been addressed.
Users should deploy the new update as soon as possible because browser plug-ins like Java, Adobe Reader or Flash Player are amongst the most attacked pieces of software one can have on a computer. However, unlike Adobe Reader X (10.0) which features sandboxing technology, Flash Player doesn’t have any anti-exploitation mechanism built-in.
Flash Player 11 Launched With 3D Gaming
Comments Off on Flash Player 11 Launched With 3D Gaming
Adobe Systems announced Flash Player 11 and Adobe Air 3 software Wednesday to assist developers in building more sophisticated applications with dozens of new features across smartphones and tablets as well as desktop computers.
The releases are Adobe’s biggest in two years, and will be available free of charge in early October, said Anup Murarka, Adobe’s director of product marketing. The related tools, Flash Builder and Flex, will support new features in Flash Player 11 and Adobe Air 3 by the end of the year.
The releases will enable delivery of 2D and 3D games over the Internet to various devices, Murarka said. Developers of enterprise applications will also find the 3D capabilities popular for data-centric apps. Enterprises, for example, will be able to build application dashboards to “visualize complex data sets” with 3D images, he said.
Developers will also be able to use the tools to more deeply integrate business software like Excel and Outlook in devices and to access hardware programming interfaces for functions such as Near-Field Communication being used more widely in smartphones, Murarka said.
The new versions will also help developers build more secure applications with the ability to leverage cryptographically secure random number generation, he said.
Samsung Asks ITC To Ban Apple Products
July 6, 2011 by admin
Filed under Consumer Electronics
Comments Off on Samsung Asks ITC To Ban Apple Products
Samsung requested that the U.S. International Trade Commission ban the importation of Apple’s iPhones, iPads and iPods, ratcheting up its fight with Apple.
The filing, dated Tuesday, states Apple’s iPhone, iPod digital music player and iPad tablet infringe on five of Samsung’s patents involving telecommunications standards and user interface inventions.
Samsung also filed a fresh patent lawsuit against Apple in a Delaware federal court on Wednesday.
The complaints are the latest salvo in a growing legal battle between the two electronics giants.
In April, Apple sued Samsung in a California federal court, claiming the South Korean firm’s Galaxy line of mobile phones and tablets “slavishly” copies the iPhone and iPad.
Samsung then countersued in California, and Apple last week filed another lawsuit in South Korea. An Apple spokesman could not be immediately reached on Wednesday.
As well as its own phones and tablets, Samsung manufactures microchips for Apple’s gadgets, a business that brought in about $5.7 billion in revenue for the South Korean company last year.
Before banning the importation of Apple’s popular devices, the ITC would first have to agree to look into Samsung’s allegations, a process that could be quite lengthy.
Facebook’s Users Info Was Leaked
May 12, 2011 by admin
Filed under Around The Net
Comments Off on Facebook’s Users Info Was Leaked
Facebook users’ personal information could have been accidentally leaked to third parties, in particular advertisers, over the past several years, Symantec Corp said in one of its blog postings.
Third-parties would have had access to personal information such as profiles, photographs and chat, and could have had the ability to post messages, the security software company stated.
“We estimate that as of April 2011, close to 100,000 applications were enabling this leakage,” the blog post said.
” … Over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties,” posing a security threat, the blog post said.
The third-parties may not have realized their ability to access the information, it said.
Facebook, the world’s largest social networking website, was notified of this issue and confirmed the leakage, the blog post said.
It said Facebook has taken steps to resolve the issue.
“Unfortunately, their (Symantec’s) resulting report has a few inaccuracies. Specifically, we have conducted a thorough investigation which revealed no evidence of this issue resulting in a user’s private information being shared with unauthorized third parties,” Facebook spokeswoman Malorie Lucich said in a statement.