Internetnews Blog

Google's Chrome browser updated for security fixes

2009-11-06T16:09:39Z

From the 'Auto-Update' files:Google is updating the stable version of its Chrome browser to version 3.0.195.32.The new release fixes two security issues and addresses a number of stability issues including a top crash condition and a bug that could... The flaw stems from Chrome's setInterval JavaScript function usage.

"I think the root cause of this is also behind lots of the various 100 percent CPU reports seen on various sites (gmail, nytimes, etc) since it's very easy to leak a setInterval()," A Google developer wrote in the bug report.

That's a pretty serious flaw and it affected major websites including Google's own Gmail. I always wondered why Gmail behaved so erratically on Chrome and now I know.

As opposed to every other major browser vendor, Google has an automated update process for its users. As such existing Chrome users will automatically be updated to the 3.0.195.32 version without the need to click on their own to visit Google for an update.]]>

Mozilla updates Firefox 3.5.5 for 'annoying' bug

2009-11-06T15:11:04Z

From the 'Quick Fix' files:For the most part, Mozilla issues updates to its open source Firefox browser for both security and stability related issues. That's not the case with the new 3.5.5 update out today.Firefox 3.5.5 has no listed... Aha! So that's why I didn't notice any 'big' issues with Firefox 3.5.4 myself, I run Linux and wasn't (personally) affected by the GIF flaw. Seeing as GIFs are pervasive across the web, this can be one very annoying flaw that could potentially have triggered frequent crashes of Firefox.

The other two critical fixes are also crash related items, one of which is a startup crash related to font handling.

No these are not major security issues but an annoying issues like these that negatively impact user experience is something that needs to be addressed rapidly - which is precisely what Mozilla has done.]]>

Zoho takes pride in Microsoft's 'Fake Office' zing

2009-11-06T00:03:14Z

When the big boy kicks sand in your face, you can either go home and sulk or make jokes about what big feet the bully has. You’ve gotta love upstart Zoho for taking the second course of action. An early... “Wow, wow, wow — Fake Office! That is indeed a badge of honor for us. We just have a polite suggestion to Microsoft: to be perfectly consistent, Microsoft should also label their Bing ‘Fake Search’ — fair is fair, right? For the record, we actually think Bing brings a welcome dose of competition and we certainly don’t think Bing is by any means fake, but with Microsoft marketing terming the entire competitive landscape to their number 1 cash cow ‘fake’, we have to wonder if that would apply to their own effort at competing with the other dominant vendor.”

And more:

“Seriously, the whole ‘fake office’ designation illustrates the main problem Microsoft faces. In their world view, with their quaint ‘Release to Manufacturing’ rituals, the fact that a Zoho user has no CD or DVD to buy, no bloatware to download, nothing to install, simply just visit a web site, log-in (using Google or Yahoo accounts, if they must), and they are on their way to Work Online, must all feel a bit, well, fake. But take it from us Microsoft: there is nothing fake about browser-based applications, no matter how you wish to keep the world on your ‘manufacturing’ world-view of software, with your proprietary lock-ins and your 90 percent operating margins.”

In light of Markezich’s comments, Sembu finished by ‘thanking’ Microsoft for the Fake Office name and announced a new site FakeOffice.org site to help make Zoho’s case.

]]>

Senate committee clears data breach bills

2009-11-05T23:55:53Z

A pair of bills that would require businesses to notify consumers in the event of a data breach cleared the Senate Judiciary Committee Thursday, moving on to the full Senate for consideration. The Data Breach Notification Act, sponsored by Dianne... Additionally, the Leahy bill would require businesses to implement preventive security policies to guard against threats to their databases. Like Feinstein's bill, it would also apply to federal agencies.

Both bills would set federal guidelines to add some certainty to the patchwork of at least 45 state laws governing data breaches, and both enjoy the support of the Business Software Alliance (BSA), the leading lobbying arm of the software industry and many hardware firms.

"BSA commends Chairman Leahy, Sen. Hatch and Sen. Feinstein for their leadership on data security and data breach notification," Robert Holleyman, the group's CEO, said in a statement.

The group said that both laws would be "manageable for business."

Leahy's bill would also entail some changes in the shape of the federal government, directing the Federal Trade Commission to establish an Office of Federal Identity Protection, and requiring the Department of Justice to create an agency-wide chief privacy officer.

Both Leahy and Feinstein have introduced versions of the bills in previous Congresses, only to see them stall.

"The loss of data privacy is not just a grave concern for American consumers; it is also a serious and growing threat to the economic security of American businesses, and is a growing threat to our national security," Leahy said in a statement. "The time for Congress to enact comprehensive data privacy legislation has come. I hope that the Senate will consider this legislation promptly."

]]>

Google brings Closure to open source JavaScript devs

2009-11-05T21:13:23Z

From the 'Open Source Development' files:Google builds a lot of its own tools as part of its development efforts. Sometimes we get all 'get lucky' and the tools become open source and available too.That's what has happened today with... In addition to the compiler, Google has also open sourced Closure Templates, a Closure Library and a Closure Inspector. The tools all have the common goal of improving JavaScript.

Another interesting factoid about this whole effort is that Closure was not an official Google effort at first, but rather came out of Google engineers own 20 percent time (time that Google let's people work on their own projects).

Those pet projects are now used by Google in its own infrastructure and starting today available to anyone.

"Today, each Closure Tool has grown to be a key part of the JavaScript infrastructure behind web apps at Google," the Closure Tools team wrote in a blog post." That's why we're particularly excited (and humbled) to open source them to encourage and support web development outside Google."

]]>

Cisco's Chambers & EMC's Tucci: Buddies in Bad Times

2009-11-05T15:24:51Z

From the 'Former Wang Employees' files:Sometimes is not what you know that's important, it's who you know -- right?This week, Cisco, EMC and VMware entered into a partnership for delivering integrated virtual data center solutions. Aside from the news itself,...]]> "I trust Joe with my life," Chambers said.
Trust is a key component of the new Cisco/EMC/VMware partnership, for both the partners involves as well as for customers. All parties need to trust each other to do the right thing to get the best solution.

Cisco and EMC both have plenty of other partners, and in a limited way also have some overlapping solution and service sets. To actually get a 'one throat to choke' from the vendors that will be responsible for a joint solution is a big deal and in my view will be the real proof point for the success (or failure) of the new venture.

But why didn't Cisco just try and buy EMC? Or merge with them? Wouldn't that be an option?

During Cisco's first quarter fiscal 2010 earnings call, Chambers explained his strategy for when it makes sense to buy, build or partner.

"General rule of thumb, partner big to big, acquire big to small," Chambers said.

It's an idea that makes a lot of sense, as Chambers wants and need to be in control. If the general friendship between Tucci and Chambers did not exist, the partnership might still exist, but it just would seem as honest, would it?

Adobe updates Shockwave for 5 critical vulnerabilities

2009-11-04T15:58:34Z

From the 'Shocking Updates' files:Adobe Shockwave users, it's time to update.Adobe has issued an updated version of its Shockwave Player to address 5 critical vulnerabilities. The flaws affect Adobe Shockwave Player 11.5.1.601 and prior versions. The new version is...

Sun updates Java 6 for the 17th time

2009-11-04T15:28:22Z

From the 'Still Owned by Sun' files:If you're like 80 percent of all web users, chances are that you're running Java. Have you updated to the latest version yet?Yesterday, Sun released Java 6 Update 17, fixing multiple vulnerabilities. Among the... "The Java Runtime Environment (JRE) Java Update mechanism running on non-English versions of the Windows operating system does not update the JRE when a new version is available," Sun wrote in its advisory.
Yeah, it's a simple item but an important one.

For many users, checking Java isn't something they think about. If a dialogue box pops up that says an update is required, well then it's likely they'll update.

Speaking about Java updates, Mozilla recently launched its own effort to help ensure that users have the most up-to-date plugins (and Java is a plugin for a browser too). So Firefox users have at least one other mechanism beyond Sun's Update checker to rely on.]]>

AMD opening shop in the Middle East?

2009-11-04T01:03:25Z

It looks like AMD and Globalfoundries are going to set up shop in Dubai after taking a hefty chunk of change from an investment firm based in the emirate. AMD CEO Dirk Meyer told Emirates Business that the firm is...

Creative: cooking up an e-reader?

2009-11-03T18:13:59Z

(Two new e-reader entries: left, Spring Design's Alex; right, B&N's Nook.) Creative Labs, maker of the Zen MP3 player, PC speakers and other hardware, surprised investors by showing off a prototype of a touchscreen e-reader during a recent annual...

Google Chrome 4 Beta debuts including bookmark sync

2009-11-03T15:44:33Z

From the 'Delicious Feature' files:Google's Chrome 4 web browser is now in Beta. Chrome 4 has been in the dev-channel cycle since August and has one key differentiating feature over its predecessors in the Chrome 3 browser series, bookmark... While having browser sync is not a new idea, delicious has been doing it for years and there have multiple add-on efforts for Firefox to include synchronization, Google's approach is a little different.

Google is directly integrating the sync into the browser and leveraging the power of the Google cloud to do it. This narrows the gap between desktop and cloud computing and brings Chrome into the Google online services fold.

Browser sync also give us a very early preview of what Google has in store from Chrome OS, it's netbook operating system. Chrome OS is of course based on the Chrome browser and I can see Google leveraging the same kind of sync XMPP engine on the desktop to sync and backup a whole lot more than just user's bookmarks.]]>

Open Source Skype? Not yet, but soon

2009-11-02T21:02:35Z

From the 'Codecs, Codecs, Codecs' file:Is Skype going open source? Apparently so."Yes, there's an open source version of Linux client being developed. This will be a part of larger offering, but we can't tell you much more about that... On the codecs side, as the open source Ogg Theora and Vorbis efforts continue to improve, I think that the gap between the proprietary patented codecs and open ones will narrow.

There are some other benefits to having an open source Skype, that could specifically benefit Linux users.

With an open source Skype the potential for more optimized integration in the future with PulseAudio and other Linux media sub-systems could ultimately make Linux a superior platform to Windows for Skype. ]]>

Google Back to Full Speed on Chrome browser dev

2009-11-02T19:39:36Z

From the 'Code Yellow Alert' Files:Google Chrome development is moving along full speed ahead. Why is this news? Well let me tell you...Early last week, Google developer Anthony LaForge (no not Geordi, he's working on the warp core still...)... Should Microsoft be concerned? I think so.

According to a new set of stats from Net Applications, Chrome is gaining on IE (though very marginally). Net Applications pegged Chrome usage at 3.6 percent in October up from 3.2 percent to 3.6 percent in September. Yeaah it's small, but that's why Chrome Frame is so important to Google.

With Chrome Frame, Google's addressable footprint is (theoretically) as big as IE's. No, we don't quite know at this point how many people have downloaded Chrome Frame, but the opportunity is still large for Google.
]]>

Firefox 3.6 Beta 1 doesn't know about:me, but it's fast

2009-11-02T15:02:22Z

From the 'Where Did the Features Go?' files:The first official Mozilla Firefox 3.6 Beta release is now available, bringing with it a whole bunch of improvements to the open source web browser. It's also (to my naked eye) missing... Among them is the Taskfox/Ubiquity integration. Ubiquity (renamed Taskfox) is a Mozilla effort to have a command-line type tool for various browser and site actions. At one point it was supposed to be Firefox 3.6, but it's not in the Beta 1 release.

Another (minor) item, I was looking for but didn't find is the about:me command. At one point about:me was supposed to be integrated into Firefox 3.6 but it's not in the Beta (though it is available as an add-on). The idea with about:me is to provide users with a simple command to show them information about their browser usage. A minor feature, but a nifty one that I for one sure hope lands in a future Firefox release.

Minor complaints aside, Firefox 3.6 fixes one big issue that has always bugged me about Firefox tab behavior. In Firefox 3.6 new tabs (when clicked from a link) are opened in the adjacent tab and not in new tab at the far end of the browser. FINALLY.

The tab fix is one that I had hoped for in Firefox 3.5, but didn't make it in, it's great that it's in now. It also clearly gives us all hope that just because a particular feature isn't in one release, doesn't mean we won't see it sooner rather than later.]]>

This tech news is not embargoed

2009-10-30T22:51:44Z

Embargoes — can’t live with them, can’t live without them. That was one of several themes running through a spirited discussion among tech journalists and PR people last night. For the uninitiated, embargoes are the controversial process where a tech... While Tweney continues to selectively agree to embargoes (as does InternetNews.com), he said he recently “punished” a PR firm by refusing to communicate with them for six weeks after a competitor was allowed to publish an embargoed story ahead of everyone else. He said the PR firm’s excuse was that the vendor, a handset manufacturer, had leaked the news to a blog directly without the PR firm knowing.

The New York Times Darlin said embargoes are generally used as a tool by PR firms to co-opt the media. That said, Darlin said the Times often accept embargoes because they ensure reporters don’t miss a story and they have more time to do a thorough job.

That thoroughness is limited. Once you’ve agreed to an embargo, you can’t share that news ahead of time with the analysts and competitors you might otherwise call for comment. Vendors will sometimes provide a list of analysts that have been pre-briefed on their news.

While many took shots at the embargo process and the games PR folk sometimes play, Chris Preimesberger, an editor at eWeek, said embargoes help him get his job done.

“They give me the background information and the time to do the piece right,” said Preimesberger, during a follow up Q&A session. He estimates 75 to 80 percent of the stories eWeek does are facilitated by the embargo process, the rest are breaking news.

“I have no problem with the process and don’t feel like I’m being manipulated,” said Preimesberger.

In search of alternatives

The discussion rolled on with a few stabs at a solution or alternative ideas. None seemed to resonate well except for Foremski’s idea that vendors hold a virtual press conference so everyone can get the information at the same time and go from there.

Rafe Needleman of CNET said he hates embargoes, but the advance time helps give stories more “thoughtfulness.”

That said, he notes other sites that do skimpy stories based on rumors and half-truths benefit by being first out with the news. “Readers often reward velocity,” he said.

Tweney probably summed up the feelings of many by noting that no good journalist is going to pass up an exclusive. While most embargoes aren’t exclusive, he said the embargo process puts a story on the same continuum. “Even if you’re one of 25 others getting the story” that’s worth something, he said.

]]>