Archive

Archive for the ‘Internet’ Category

Chrome Can Now Control Another Desktop Remotely With New Extension

October 9, 2011 Leave a comment

The Chrome remote desktop extension lets a person remotely control another computer over the network, in this case using Chrome on a Mac to control a Windows machine also running Chrome. (Credit: Google)

“Months of work on “chromoting” have reached fruition with Google’s release on Friday of a new Chrome extension to let a person on one computer remotely control another across the network.

The Chrome Remote Desktop beta version, which arrived Friday, is a browser-based equivalent of remote desktop software for conventional operating systems.

Such software is handy for IT administrators managing employees’ machines, people taking care of their relatives’ computers, or individuals getting access to their own machines from afar.”

Google Mobile Search is Threatened by Apple’s Siri

October 6, 2011 Leave a comment

“One day after Tim Cook’s first presser as Apple’s new CEO, the Internet is scurrying to analyze whether the lack of a radically redesigned iPhone 5 will give competitors a leg-up on Apple. Hardware-wise, maybe not, depending on what the competition has up its sleeve.

But there’s one element to the iPhone 4S—software, we might add—that is likely to eventually hit Apple’s competition where it hurts: the new “virtual intelligent assistant” known as Siri.

Introduced during Apple’s iPhone event in Cupertino on Tuesday, Siri offers iPhone 4S users a way to interact with their devices, apps, and data with natural language voice commands.

Users can send and receive texts or e-mails simply by talking to Siri, find out whether there will be rain today, create new Reminders and calendar items, ask for directions, move appointments, and more.

Not only that, but users can ask Siri to look up a plethora of information, such as restaurant reviews from Yelp or even simple facts from Wikipedia or Wolfram Alpha. Cooking and need to convert a recipe’s tablespoons to teaspoons? Ask Siri and get the answer back almost instantly without having to type a single character…

For Google, this is not good news. Google’s mobile search users (on any platform) are increasingly important to the company as more people begin to use their phones to look up local information such as directions, restaurant listings, reviews, and more.

Google Places, which works in conjunction with Google Maps, Google Plus, and Google Offers and allows businesses to pay for higher placement, was born almost entirely out of watching how and what users search for on their mobile devices.

Mobile ads attached to those queries are exploding right now—arguably moreso than just regular browser ads—and while Google doesn’t live or die by that revenue alone, it’s certainly not something to be taken lightly.”

Adobe Announces Creative Cloud and Touch Suite for Tablets

October 4, 2011 Leave a comment

“Adobe has announced a new suite of mobile applications for content creators that will allow users to do graphical work on tablet devices like the iPad. Adobe is also launching a new Web service called Adobe Creative Cloud that can be used to sync and share content between devices.

The Adobe Touch suite consists of six tablet applications, including a photo editor, a collage toool, a Creative Suite file presenter, a vector drawing program, a social color palette manager, and software for designing wireframes.

Although the flagship mobile photo editing application is called Adobe Photoshop Touch, it’s not a fully-featured port of its namesake—it’s a lightweight tool that offers a selection of “core” Photoshop features with a finger-friendly user interface…

Alongside the new tablet applications, Adobe also announced the Creative Cloud, a hosted storage, synchronization, and sharing service for users of Adobe Touch applications or Adobe Creative Suite.

The Creative Cloud will allow content creators to easily move their work between desktop computers and mobile devices. It will also have social features and integration with Adobe’s digital publishing technologies.”

Massive Security Vulnerability Found In HTC Android Devices

October 2, 2011 1 comment

“In recent updates to some of its devices, HTC introduces a suite of logging tools that collected information. Lots of information. LOTS. Whatever the reason was, whether for better understanding problems on users’ devices, easier remote analysis, corporate evilness – it doesn’t matter. If you, as a company, plant these information collectors on a device, you better be DAMN sure the information they collect is secured and only available to privileged services or the user, after opting in.

That is not the case. What Trevor found is only the tip of the iceberg – we are all still digging deeper – but currently any app on affected devices that requests a single android.permission.INTERNET (which is normal for any app that connects to the web or shows ads) can get its hands on:

  • the list of user accounts, including email addresses and sync status for each
  • last known network and GPS locations and a limited previous history of locations
  • phone numbers from the phone log
  • SMS data, including phone numbers and encoded text (not sure yet if it’s possible to decode it, but very likely)
  • system logs (both kernel/dmesg and app/logcat), which includes everything your running apps do and is likely to include email addresses, phone numbers, and other private info

Normally, applications get access to only what is allowed by the permissions they request, so when you install a simple, innocent-looking new game from the Market that only asks for the INTERNET permission (to submit scores online, for example), you don’t expect it to read your phone log or list of emails.

But that’s not all. After looking at the huge amount of data (the log file was 3.5MB on my EVO 3D) that is vulnerable to apps exploiting this vulnerability all day, I found the following is also exposed (granted, some of which may be already available to any app via the Android APIs):

  • active notifications in the notification bar, including notification text
  • build number, bootloader version, radio version, kernel version
  • network info, including IP addresses
  • full memory info
  • CPU info
  • file system info and free space on each partition
  • running processes
  • current snapshot/stacktrace of not only every running process but every running thread
  • list of installed apps, including permissions used, user ids, versions, and more
  • system properties/variables
  • currently active broadcast listeners and history of past broadcasts received
  • currently active content providers
  • battery info and status, including charging/wake lock history
  • and more

Let me put it another way. By using only the INTERNET permission, any app can also gain at least the following:

ACCESS_COARSE_LOCATION Allows an application to access coarse (e.g., Cell-ID, WiFi) location
ACCESS_FINE_LOCATION Allows an application to access fine (e.g., GPS) location
ACCESS_LOCATION_EXTRA_COMMANDS Allows an application to access extra location provider commands
ACCESS_WIFI_STATE Allows applications to access information about Wi-Fi networks
BATTERY_STATS Allows an application to collect battery statistics
DUMP Allows an application to retrieve state dump information from system services.
GET_ACCOUNTS Allows access to the list of accounts in the Accounts Service
GET_PACKAGE_SIZE Allows an application to find out the space used by any package.
GET_TASKS Allows an application to get information about the currently or recently running tasks: a thumbnail representation of the tasks, what activities are running in it, etc.
READ_LOGS Allows an application to read the low-level system log files.
READ_SYNC_SETTINGS Allows applications to read the sync settings
READ_SYNC_STATS Allows applications to read the sync stats

 

 

Update (4th Oct 2011): HTC Confirms Flaw, Promises Patch

 

Windows Client Announced for Ubuntu One Cloud Storage

October 1, 2011 Leave a comment

“Ubuntu One, the cloud storage service available for Ubuntu versions 9.04 and higher, now has an official Windows client.

Previously available as a beta, Ubuntu One for Windows gives XP, Vista, and 7 users a free 5GB of cloud storage space in which to keep their files.

Ubuntu One works a bit differently than, say, Dropbox, a competing cloud storage service: for example, if you’d like to sync your My Documents and My Pictures folders, Dropbox would require you to store them within your Dropbox folder, while the Ubuntu One client allows you to select folders anywhere on your hard drive for syncing.

Once synced, your files can be accessed from Ubuntu, Windows, and Android devices, as well as through the Ubuntu One web site.”

IDF 2011: Another Wrap Up

September 21, 2011 Leave a comment

In addition to the wrap-up of IDF 2011 by AnandTech posted earlier, here is another wrap-up from Engadget if you still have not had your fill of those wonderful little toys…

Spending a Week With Google Wallet

September 20, 2011 Leave a comment

“Contactless payments have been something of a curiosity in the credit card industry.

MasterCard’s PayPass has been around for the better part of a decade, but merchants and banks alike seem hesitant to adopt the technology required to make the system work, and inconsistent implementation adds to the confusion — particularly for customers.

Google’s new mobile phone-based Wallet service has the potential to transform the technology from its current status as a transaction turkey, to a future as a checkout champion.

But will it work? We spent a week with a Wallet-enabled Nexus S 4G, using the device to pay whenever we encountered a MasterCard PayPass terminal.”

The BEAST Breaks SSL Encryption

September 20, 2011 Leave a comment

“Researchers have discovered a serious weakness in virtually all websites protected by the secure sockets layer protocol that allows attackers to silently decrypt data that’s passing between a webserver and an end-user browser.

The vulnerability resides in versions 1.0 and earlier of TLS, or transport layer security, the successor to the secure sockets layer technology that serves as the internet’s foundation of trust.

Although versions 1.1 and 1.2 of TLS aren’t susceptible, they remain almost entirely unsupported in browsers and websites alike, making encrypted transactions on PayPal, GMail, and just about every other website vulnerable to eavesdropping by hackers who are able to control the connection between the end user and the website he’s visiting.

At the Ekoparty security conference in Buenos Aires later this week, researchers Thai Duong and Juliano Rizzo plan to demonstrate proof-of-concept code called BEAST, which is short for Browser Exploit Against SSL/TLS.

The stealthy piece of JavaScript works with a network sniffer to decrypt encrypted cookies a targeted website uses to grant access to restricted user accounts. The exploit works even against sites that use HSTS, or HTTP Strict Transport Security, which prevents certain pages from loading unless they’re protected by SSL.”

IDF 2011: Wrap Up

September 17, 2011 1 comment

“Since we posted a ton of IDF coverage in Pipeline over this past week I thought I’d round it all up here in a post in case anyone missed it. Below is everything we covered at IDF:

Ivy Bridge

Counting Transistors: Why 1.16B and 995M Are Both Correct
Ivy Bridge: 1.4B Transistors
Ivy Bridge Overclocking: Ratio Changes Without Reboot, More Ratios and DDR3-2800
Ivy Bridge CPU Architecture Details Revealed
And Now: Ivy Bridge GPU Architectures Detailed
Ivy Bridge Will Bring a 35W Quad-Core i7
Ivy Bridge Configurable TDP Detailed
Ivy Bridge GPU Performance: Up to 60% Faster than SNB & Better QuickSync

AMD

AMD’s 28nm GPU Demoed, Release Later This Year
Look Out Bulldozer, Here Comes Trinity: AMD’s 2012 Demo on Video at IDF
AMD Sets World Overclocking Record with 8.429GHz Bulldozer Processor
Pricing Revealed for First AMD Bulldozer FX Chips

Smartphones & Tablets

Google: All Future Versions of Android Will be Optimized for Intel x86
Intel’s Unified Design: Core & Atom Now Under One Roof
Intel Oculus: Preparing Intel for Competition in Smartphones & Tablets
Intel’s Medfield Gingerbread Smartphone Reference Platform
Intel’s Honeycomb Reference Tablet: 8.9mm Thick, Medfield Inside

Notebooks & Ultrabooks

Ultrabooks on Video: Rapid Start & Smart Connect
LG’s Shuriken Self Refreshing Panel Aims to Improve Notebook Battery Life by Up to an Hour
Meet the Ultrabooks: OEM and ODMs Show Off Designs at IDF

Thunderbolt

LaCie’s Little Big Disk Thunderbolt Chassis at IDF
Tons of Thunderbolt Peripherals at IDF
Meet the 2012 Thunderbolt Controllers: Cactus Ridge

SSDs

Intel Discloses Cherryville & Hawley Creek SSDs: Intel’s Fastest SSD in Q4

Intel’s Partners & Sandy Bridge E

First Look at Gigabyte’s UEFI Setup on X79
IDF 2011: Lucid Announces Virtu Universal MVP Featuring HyperFormance Technology
Kingston Shows off Business SF-2281 SSD & 64GB Sandy Bridge E
X79 Motherboards from Gigabyte & MSI at IDF 2011
Sandy Bridge E: Live at IDF
Corsair Enters the Gaming Keyboard & Mouse Market with Vengeance

The Future

Rattner Shows off Near Threshold Voltage Intel Architecture CPU
Intel and Micron Develop Hybrid Memory Cube, Stacked DRAM is Coming
First Shot of Haswell, Working Demo at IDF
Haswell Design Complete
Haswell Will Enable 10 Days of Connected Standby Battery Life

Intel Creates a Trail Along the River of Java

September 17, 2011 Leave a comment

“While Google is thinking of replacing JavaScript with Dart and Microsoft is working on accepting it as a first-class language, Intel is hard at work making JavaScript work harder.

River Trail is an open source parallel JavaScript engine.

Why Intel?

Well they have a lot of multicore processors and River Trail makes use of them. It extends JavaScript with a few simple data-parallel instructions but the result is still recognizably JavaScript. It works with HTML5, Canvas and WebGL, in particular. It makes use of OpenCL as an intermediate language so it could work on any hardware not just Intel’s.

Brendan Eich, the inventor of JavaScript, was present at the presentation of River Trail at the Intel Developer Forum and commented that he would lobby for it to be part of the ECMAScript standard.”