PC Hacks - Tips and Tricks

Free up PC disk space with Disk Space Fan

noreply@blogger.com (Gabriel) — Tue, 15 Jun 2010 15:26:00 +0000

Disk Space Fan is a freeware and it is a nice disk space analysis tool for Windows. It helps you to free up disk space by quickly finding and deleting big, useless files. It displays disk space usage with a nice chart. You can navigate the folders easily with the chart. It is also intergrated with Windows Explorer to open, delete and browse files or folders.

Once download and install the utility, users will be brought to a simple interface. On high level, it will display the full capacity, usage as well as the free capacity of the particular drive. In order to figure out the details, just select the desired directory such as C:\ or specific folder by browsing directly followed with a single click on ‘Scan’ button to activate the scanning.

Features:-

Scans directories and drives to find out the useless and larger files.

Diagram of a flower show in the form of free disk space

Browse/open/delete files on ringschart

Preview a picture on ringschart

Support for Unicode

Save scan history

Network path support

Full compatibility with 32 and 64 bit Windows

Download Disk Space Fan here

Google @ Intel ISEF 2010

noreply@blogger.com (Gabriel) — Sun, 09 May 2010 15:21:00 +0000

"On Monday, several thousand high school students will descend on San Jose for this year’s Intel International Science and Engineering Fair (ISEF). A project of the Society for Science & the Public, Intel ISEF brings together more than 1,500 high school students from over 50 countries to showcase and discuss their research and compete for millions of dollars in prizes. We’re particularly excited about this event because this year Google is the Premier Sponsor and Silicon Valley Host of the event.

We’re getting ready to launch an action-packed week of events and activities that celebrate the accomplishments of the Intel ISEF finalists and the role that technology plays in the future of science. Our schedule includes:

Ongoing speaker series at our booth
Interactive booth with product demos (the Street View car will be there!)
Welcome Party on Tuesday evening for Intel ISEF participants
$10,000 prizes for the three winners of our Google Special Awards

If you’re attending the fair, check out our Science Fair Portal to keep up-to-date with any changes to our events schedule. We look forward to seeing you there!

Posted by Josh Weaver, ISEF alum and Tech Lead for Street View

Intel's Moorestown Atom Opens New Front in Smartphone Competition

noreply@blogger.com (Gabriel) — Sun, 09 May 2010 15:18:00 +0000

Intel yesterday officially announced its Atom Z600 family of processors, along with the platform that supports it, known as Moorestown. It's a big and long-awaited move, one Intel hopes will help it compete in the high-end smartphone and tablet market. But although Moorestown is a step in the right direction, Intel still faces a lot of challenges in its competition with ARM-based processors for the smartphone market.
The Moorestown platform is based around the Atom Z600 family of processors, which Intel calls a "system-on-chip" (SoC). This processor (known as Lincroft) is a 45nm chip that combines a single CPU core with integrated 3D graphics, video encode and decode, memory, and display controllers. The platform also includes an I/O Controller Hub (MP20, known as Langwell) along with a power management chip called a Mixed Signal IC. Makers of smartphones or tablets would then have to add to it various wireless options, depending on the types and networks they want to support, along with a screen, antennas, memory, and so on.

In other words, Moorestown is more integrated than Intel's previous Atom-based platforms, but it still involves a number of chips to create a full system. Pretty much every smartphone relies on separate chips for applications processing and for wireless options, but many of today's chips are more integrated, and some are available with the memory as part of the package. In other words, this still isn't quite as integrated as some of the competitors, so it's more suited for larger smartphones and tablets than for smaller units. Intel hopes to address this with the next version, codenamed Medfield, which will integrate the controller hub onto the processor.

Intel says the new platform requires significantly lower power to run than the previous-generation Atom, including a 50-times reduction in idle power, 20-times reduction in audio power, and a 2-to-3-times reduction in browsing and audio. The company says it delivers higher performance, particularly for JavaScript and graphics, and support for 1080p video decoding and 720p video recording. Intel says it provides a 'PC-like visual experience' while operating in a smaller power envelope.

The Z600 family is available at a number of frequencies, ranging up to 1.5 GHz for high-end smartphones and 1.9 GHz for tablets and 'Mobile Internet Devices.' That high-end part in particular should be faster than the ARM-based designs we've seen to date--but even Intel's own positioning points out that it is destined for larger machines.

Obviously, we'll have to wait to see final device to really tell battery life and to see how it performs in the real world, but this should be a step in the right direction. However, since I saw the first demonstration of Moorestown a year ago, we've seen a number of more powerful ARM-based processors running at up to 1 GHz, including the Qualcomm Snapdragon, Nvidia Tegra 2, and the Apple A4. In addition, a number of chip designers are working on ARM-based processors with two or more cores.

More important may be the question of software, particularly in the smartphone market. Intel has made a big deal of the fact that the Atom is an Intel Architecture (x86) processor, that there are huge numbers of applications designed to work on this architecture, and that indeed virtually every Internet site works on x86. But the vast majority of those applications are designed for Windows or Macintosh computers, not phones. Meanwhile, the phone vendors and the applications makers are all pretty used to writing for ARM-based phones, and this is something different.

Intel says the new platform is designed to work with its Moblin version of Linux, MeeGo OS http://blogs.pcmag.com/miller/2010/02/mwc_smartphone_platform_compet.php (an open source combination of Moblin and Nokia's Maemo), and Android. But of course, even applications written for Maemo and Android will need to be tested on the new platform.

Now these are indeed big challenges. But Intel has some unique advantages as well, including that huge base of x86 software compatibility, its advanced manufacturing technology, its relationships with many hardware makers, and of course, the performance of the parts.

I can easily imagine Atom Z600-based tablets running Android or even full Windows that could be smaller than today's tablet PCs but that run faster than the iPad or the other ARM-based tablets we've seen. I expect we will see at least a few smartphones, likely fairly large devices, aimed at the very high end of the market. Still, if the software issues are resolved and the battery life really is as good as Intel claims, such machines could be more powerful than today's smartphones. However, it seems unlikely any large smartphone maker will make a
Moorestown-based the focus of their line this year.

Over the next few months, we should see devices based on the new platform. It's only then that we'll be able to judge how well it really works.

Here's ExtremeTech's take and a more detailed history from AnandTech.

Twittelator: Best Twitter app for iPad

noreply@blogger.com (Gabriel) — Sun, 09 May 2010 15:17:00 +0000

Twittelator is a new twitter app for iPad with lots of new features. Twittelator’s iPad version offers support for multiple Twitter accounts, in-line viewing of linked images, conversation view, the ability to view nearby tweets on a map, and auto-splitting of longer tweets, among other features. Also new in this update is a “Channels” area that collects must-follow Twitter accounts into various categories and subcategories like “Business,” “Health,” “Sports,” “Tech,” “Coffee & Tea,” “Cloud Computing,” and, of course, “Apple.” This Channels feature is a killer way to help new Twitter users find good accounts to follow, and it’s built right into the app.

See Also: 59 Twitter Mobile Apps

See Also: 110+ Best Twitter Tools

Features:-

Auto-ReTweet or editable ReTweets

Twitter Lists: create, edit, load – see other’s too

Geotag tweets and get maps of users

Video: record, edit and tweet video

Create and tweet audio clips and photos

Unlimited drafts and offline tweeting

Create lists of friends

Follow lists and see who’s following you in their lists

Post map of your location

Built-in browser to view links, movies, audio

Get details and follow any user

Find nearby tweeters and map their location

Advanced searching (save them too)

Email, ReTweet, and copy tweets

Trending Topics

Stock Portfolio

English, Español, Deutsche and ???

Download Twittelator for iPad here

Make your PC more energy efficient with Granola

noreply@blogger.com (Gabriel) — Tue, 04 May 2010 03:06:00 +0000

Granola is an intelligent software power management solution for x86 servers, laptops, and PCs running Linux and Microsoft Windows. Granola automatically optimizes a system to use energy more efficiently without compromising performance or availability. The Granola Power Management Daemon when installed on a server, laptop, or PC, matches the energy consumed by the system to the load on the system automatically.

Granola typically lowers total system energy use by 10-35% even when a system is 100% utilized. Granola also tracks the energy saved for use in estimating cost savings and carbon emission reductions.

Features:

* FREE for personal use

* Energy savings without compromising performance and availability

* Supports x86 platforms running Linux and Microsoft Windows on physical/virtual servers

* Immediate energy saving for most deployments <5 years old

* User-level max, min, and auto energy and performance policy management

* User-level reporting of energy savings without additional hardware required

* No measurable overhead (<1%).

* Energy savings and software complimentary to consolidation techniques such as virtualization

* Installation takes less than 5 minutes on average

* Little to no maintenance

Download Granola App here

©2010 TechnoBuzz.net. You can follow us on twitter or join our facebook fanpage and Subscribe via Email.
.

USB Guardian: Protect your PC against USB viruses and worms.

noreply@blogger.com (Gabriel) — Tue, 04 May 2010 03:04:00 +0000

USB Guardian is a special software application that prevents your computer from getting infected with nasty viruses an worms like Conficker (aka Downandup, Downadup and Kido!) The software allows you to safely enjoy file sharing using just an USB thumb drive for copying the files . Movies, mp3s, documents and pictures can be copied from one computer to another without worrying of getting infected with worms and viruses trough USB drive.

The interface is very clean and well organized so that one can access all functions with minimum effort. You can find more details about how USB Guardian protects your PC against worms and viruses on this page. It is possible to give a USB flash drive / USB memory stick a behaviour that is very similar to autostarting CD’s and DVD’s.

Download USB Guardian here

Windows 7 One-Click Online App-Installer: Allmyapps

noreply@blogger.com (Gabriel) — Mon, 03 May 2010 14:39:00 +0000

Got the new Windows 7 PC and want to install some of the best App in your wondows 7 PC with a one click than you have to try allmyapps. Allmyapps lets you select all your favorite apps and roll them into a bulk installer to make rebuilding easy. Using the website is straightforward, just select programs you want to install and add them to your list. When the list is ready click on the “Install” button. AllMyApps hosts a huge collection of popular (and not) software which you can browse by categories or alphabetically. The site is free and doesn’t require any sign up.

Features of AllmyApp:-

# Build a lists of your favorite software and install all in a single setup.

# Hosts huge collection of popular and no so popular software.

# Search and browse by categories or alphabetically.

# Check out most popular and latest additions.

Try Allmyapps here

©2010 TechnoBuzz.net. You can follow us on twitter or join our facebook fanpage and Subscribe via Email.
.

AMD Pushes Affordability With Six-Core Desktop Chip

noreply@blogger.com (Gabriel) — Wed, 28 Apr 2010 18:02:00 +0000

It's not really a surprise, but AMD today announced its entry into the six-core desktop chip market, with its Phenom II X6 chip, which had been code-named Thuban. This chip, manufactured on Global Foundries' 45nm process (which is used in the current quad-core Phenom IIs as well) is similar to AMD's six-core Operton server chips, but designed for the desktop environment.

In some respects, AMD's entry is similar to Intel's Core i7-980X Extreme processor, known as Gulftown, which was introduced last month. But in other ways, it points out the different approach AMD is taking to the market. While Intel is emphasizing peak performance and "hyperthreading" (allowing two threads to run on each core), AMD is emphasizing its overall chip platform, including discrete graphics, as well as affordability.

The Phenom II X6 is meant to be paired with AMD's 890FX chip set, which adds native support for 6 Gb/second SATA drives, and AMD's ATI Radeon HD 5800 series discrete graphics boards. The chip set supports AMD's Overdrive utility for overclocking, as well as 'Black Edition' certified high-speed memory. The graphics boards, which are coming out in more flavors, support Direct X 11 and ATI's Eyefinity technology, which lets them work with up to six monitors. And AMD says all the initial motherboards will support USB 3.0 through an external NEC controller. But the new procesors don't require the new chipset; they were designed to also work in existing AM2+ and AM3 sockets with a software upgrade, and in the existing 125W TDP power envelope.

The new chip is AMD's first to support what it calls 'Turbo Core,' which lets up to three cores run faster while the other three run in a lower power state, to better support applications that don't need all of the cores. This is similar in intent to Intel's 'Turbo Boost' technology, though AMD's method isn't quite as flexible. Still, the company says it should allow the 3.2GHz model 1090T to be run at up to 3.6 GHz.

While the products do not support symmetric multithreading, AMD executives have stressed that more cores are always better than more threads, saying additional threads typically provide an extra 20% performance uplift in applications that can use them, while extra cores typically provide an extra 80% improvement. So AMD will be emphasizing relative affordability, saying the initial high-end chip, that 3.2 GHz version, will sell for under $289, much less than Intel's current six-core offerings; indeed, these chips should be priced more competitively with Intel's 4-core, 8-thread chips. I'll be interested in seeing how it performs in comparison.

Update: Here are early reviews from ExtremeTech, Legit Reviews, Techware Labs, and Toms Hardware.

Intel's 6-core Core i7-980X nearly always wins the benchmarks, but it's notably more expensive. The 6-core AMD Phenom II X6 1090T seems to more than hold its own against the 4-core /8-theread Core i7-920, but the results vary greatly depending on the application.

InterOp Speakers: Time to Rethink Corporate Networks

noreply@blogger.com (Gabriel) — Wed, 28 Apr 2010 18:02:00 +0000

Corporate networks need to be completely transformed, according to the keynote speakers this morning at the annual InterOp conference in Las Vegas. Executives from HP, Avaya, and Cisco all emphasized a need for companies to rethink and change their networks. Of course, they have some selfish interests: All the companies would like to see their new equipment and services replace that of their competitors. But they also have a point. Corporate networks have been built up piecemeal over many years and are now very complex, and probably ripe for simplification and consolidation.

Randy Mott, Hewlett-Packard's CTO, said he thought the big theme of this decade in networks would be transforming the infrastructure away from 50 years. He talked about how HP moved from 85 data centers in 29 countries in 2006 to 6 data centers in 3 locations today, along the way cutting the number of servers by 40 percent while increasing processing power 250 percent. He talked about this experience has led HP to understand how other companies can change their networks, and discussed the importance of an open architecture, standards-based network.

Marius Hass, Senior VP and GM of HP's network business talked about the need to simplify and converge the infrastructure, noting that the average company today spends 70 percent of its IT budget on maintenance, rather than on new applications. He said a combination of simplification and virtualization can help reduce the cost of management, leaving more for more important applications. And he talked about how HP could provide the whole data center solution these days, following its acquisitions of networking provider 3Com (which just closed) and security provider Tipping Point.

Avaya President and CEO Kevin Kennedy also agreed that a "new type of network" is required, and he pushed for a "converged all-IP network" and talked about Avaya's December acquisition of Nortel enterprise solutions. His big example was the Winter Olympics in Vancouver, and how it had the bandwidth requirements of 3 Super Bowl Sundays every day for 17 days, and needs 20 times the bandwidth of the previous Summer Olympics, even though the winter event is typically 40 percent smaller.

Kennedy pushed 'Real-Time Communications' as the core requirement of emerging networks, and said older networks simply weren't 'good enough' for the kinds of demands that are coming today, and emphasized SIP as a protocol for consolidating existing technologies and protocols in a unified communications network.

Brett Galloway, Senior VP of Cisco's Wireless, Security and Routing Technology Group talked about 'Borderless Networks.' He noted that when he first started attending InterOp conferences it was all about making sure products could work together. Now we take that for granted, so it's time to 'rethink how we architect our networks.'

He talked about how immersive video experiences, mobility and security were driving the need to these new networks as "work isn't a place; it's a thing you do" wherever you are. In terms of new products, he announced Cisco's "CleanAir Technology" which is designed to manage wireless networks to identify and reduce RF interference. He showed all the kinds of products that can interfere with wireless performance, from Bluetooth headsets to cameras, microwave ovens, and RF jammers.

Spiceworks Integrates Rackspace Cloud-Based Email Services

noreply@blogger.com (Gabriel) — Mon, 26 Apr 2010 18:00:00 +0000

Today, Rackspace and Spiceworks have announced that they've entered a partnership that will enable SMBs to manage their cloud-based Rackspace e-mail hosting services through Spiceworks' free social IT management application. This is designed to streamline the IT professionals' workloads by allowing them to monitor and administrate Rackspace cloud email services within the Spiceworks IT dashboard instead of launching a separate portal.

With the partnership, Rackspace extends the functionality and reach of its hosted email services (including Rackspace Email, Microsoft Exchange, or a hybrid of both), through the use of Rackspace's APIs. Spiceworks benefits by continuing to provide SMB IT professionals with free management capabilities for their on-premise, cloud-based, or hybrid IT infrastructure.

Besides monitoring e-mail, IT professionals will be able to manage domains and collaborate with Spicework's social IT management application and community of 950,000 IT professionals.

Hands On: Microsoft Office 2010

noreply@blogger.com (Gabriel) — Sun, 25 Apr 2010 04:02:00 +0000

With the release of Microsoft's latest productivity suite, Office 2010, coming in less than a month (it will be available for download starting May 11th and in retail stores this June), the question you have to ask yourself is this: Is it worth upgrading from Office 2007? That depends on your small-business needs. If Office 2007 is working for you, then maybe you can live without the razzle dazzle of Office 2010. But if you want to take advantage of the of the upgrade's stellar collaboration features, it's a must have.

The new ribbon interface for all apps enhances usability, and all apps now sport excellent graphic tools, such as image editing and the ability to embed and edit videos in PowerPoint. For heavy-duty spreadsheet users, the 64-bit version allows you to use massive data sets in Excel.

If you haven't made your decision yet, check out our hands-on review for a closer look at Microsoft Office 2010 at PCMag.com.

Why Was GMail China's Target?

noreply@blogger.com (Gabriel) — Sun, 25 Apr 2010 03:47:00 +0000

Mikko Hypponen of F-Secure is a fairly major rock star in the security business (think somewhere between Ziggy and Bob Marley). Yes, he's a vendor, but you have to respect his insight and experience.

So I took it seriously when Mikko said he thinks that there's an angle to the Aurora attacks of late last year that hasn't gotten the attention it deserves: The nature of the attacks reinforces the idea that the attackers were primarily concerned with espionage against government opponents, and not the usual industrial espionage and simple criminality you typically find in the digital underground economy.

Consider the sort of people we're talking about as victims here: Dissidents, free speech advocates, non-governmental organizations, and their attorneys. Knowing that they're frequent targets of government spooks they like using webmail accounts, particularly GMail and Yahoo! Mail. Many will use Linux in order to avoid Windows malware which might reveal their personal information.

Note that there were many other companies attacked in the same attack campaign. But it's not hard to conjure up reasoning why someone going after Chinese state enemies would attack many of those. Most of the companies have not been identified, but some have:

Adobe—An important software company with broad market reach on Windows, Mac and Linux
Yahoo!—As I mentioned, also an important provider of online services.
Rackspace—One of the largest server farms in the business
Gipson, Hoffman & Pancione—A law firm doing work for organizations of interest to the Chinese government
Northrop Grumman, Dow Chemical and Juniper Networks—Military and other significant industry. Frequently target of such attacks.

So how do you spy on such people? You compromise their GMail credentials. Mikko is convinced that GMail was the main object of the attack, but remember that GMail is served by the same Gaia authentication system as the rest of Google's services. If you get someone's GMail account, you also have their Google Docs account, for example,

But back to e-mail: As SANS mentioned in today's Tip of the Day, e-mail is more like a postcard than an envelope: It's in plain text, so anyone snooping the network can see it too. So if you care, and you're sophisticated about it, you can use a program like PGP to encrypt your e-mail. Used correctly, PGP is, to all practical purposes, uncrackable. But using PGP correctly can be a big pain, so people take shortcuts: they share secret keys, they don't properly secure their secret keys or their whole keyring.

As Adi Shamir (the 'S' in RSA) said in his 2004 Turing Lecture, one of the 3 laws of security is that 'Cryptography is typically bypassed, not penetrated.' Thus it is with PGP: Nobody cracks it; instead they crack the system that it's on and either keylog it or steal the keyring. The more people have a single secret key, the easier this is to do.

Mikko says that they have seen malware designed to steal a PGP keyring. I'm guessing it was designed for a targeted attack because very few people have the patience to use PGP and use it correctly.

If Google (and the other webmail providers) want to do something about this, they can find a way to make it easier to use PGP as part of GMail and its competitors. Right now it's generally a very manual cutting and pasting affair.

Your take-away from all this is that you really can't trust content on public e-mail systems unless you go to extraordinary, and inconvenient, measures to secure that content. And even people who think they've gone to such measures are just better-defended, not invulnerable. If you're fighting the state you have to be willing to take some risks.

Lessons of the McAfee False Positive Fiasco

noreply@blogger.com (Gabriel) — Fri, 23 Apr 2010 17:54:00 +0000

I feel really sorry for the McAfee users who got burned by a really bad false positive detection they put out the other day. Many McAfee VirusScan Enterprise customers using Windows XP SP3 had their svchost.exe (a key Windows system binary which hosts Windows services in its process space) flagged as malicious. I was tempted to feel sorry for McAfee too; we all make mistakes and things must be bad there right about now. But it's hard to feel sorry for them, given what's turned up.

The most shocking revelation was uncovered by Ed Bott at ZDNet: McAfee has admitted to their customers that they followed shoddy quality assurance procedures in this matter. Specifically, the release was not tested on Windows XP SP3, the configuration on which it borked the system. It's hard to think of a worse single configuration to leave out. Late last night McAfee confirmed the report.

This sort of thing has happened in the past, and the danger of it increases all the time. The nature of malware has forced AV vendors to push out ever more frequent definition updates, to the point where Symantec's "pulse updates" come out every 5 to 15 minutes. The pressure to keep up with malware—not to mention the pressure to keep costs down—can lead vendors to scrimp on testing. This appears to be what McAfee did.

You might well ask what McAfee is doing scanning Windows system binaries anyway. I know I did. It turns out that they do whitelist these files as a general matter, but in this case things got complicated: Like most security products, McAfee's scan memory for signs of infection. The malware (W32/Wecorl), the definition for which generated the false positive, is one which attempts to attack svchost.exe by inserting itself into the file and modifying the program to run it. It's a classic file virus. McAfee scanned the file because the false positive occurred in a memory scan of the svchost.exe process; this caused it to flag the file.

Exactly what happened is better explained by McAfee in a FAQ they posted last night. 3 specific versions of svchost.exe under XP SP3 were affected, and McAfee provides the MD5 hashes. It seems Microsoft changes this file in updates without changing either the size or file version.

If you still need to remediate systems, McAfee has provided a FAQ for that too. McAfee also says they are adding new QA protocols to ensure this don't happen again.

Analysts and other vendors are spouting off about this, and some of the talk is misleading or distasteful. Prevx CEO Mel Morris issued a statement mischaracterizing the malware involved in the false positive and insinuating that products such as theirs, which don't rely on implementation-specific definitions, don't have such problems. There is a lot to be said for Prevx's approach, but to imply that they are immune from false positives due to programmer or testing error is just plain dishonest.

David Ulevitch of OpenDNS, not a McAfee competitor, argued that this incident shows the advantage of cloud-based solutions: 'Fixing 1000 cloud-based scanners is a heck of lot easier than fixing millions of desktop end-points.' McAfee, of course, uses some cloud-based scanning through their Artemis system, and one of the measures they plan to use in reaction to this incident is to create an expansive whitelist in Artemis. Personally, I don't see a huge advantage for cloud-based systems here; whitelists are fairly static things. And removing the definition wasn't the hard part of the remediation: That was getting a usable svchost.exe back on the system.

Sunbelt Software is offering a deal (6 months of free maintenance) to angry McAfee customers. Business is business I guess, Don't assume that Sunbelt is immune from such problems, but then they don't claim to be.

As I said above, this sort of problem is not unprecedented; if the false positive had been on sol.exe (Windows Solitaire) it would have been embarrassing, but a minor affair. This was a perfect storm of bad news for McAfee and their customers. But in this business you make a lot of your own weather, and McAfee's inadequate testing is the culprit here.

Microsoft Office RTMs: Do We Take It For Granted?

noreply@blogger.com (Gabriel) — Tue, 20 Apr 2010 03:52:00 +0000

Microsoft has announced that Office 2010 and the products that go with it (SharePoint, Visio, and Project) have been released to manufacturing and will be available to Volume License customers next week; to other corporate customers in May (with a formal launch May 12); and to the rest of us in June. I was actually a bit surprised by how little attention the announcement got, considering just how many of us use Microsoft Office.

It may be that we all take Microsoft Office pretty much for granted, because most of the time we use the same basic features over and over again and notice it only when something doesn't work the way we expect it to. Office has long had very little competition in packaged software: Corel's WordPerfect Office is still available at a good price, and OpenOffice, the open source alternative now sponsored by Oracle, is available for free. Both do a fine job with basic word processing and spreadsheets and offer pretty good compatibility with the Microsoft Office formats. So I do know personal users who are quite happy with OpenOffice.

But Microsoft Office has a deeper array of features, and it just does more. You can complain about some of the formatting features in Word or PowerPoint or about the quirks in Outlook, but you'll certainly find more features than you will in the competitors. And while there are decent alternatives to those products, for most organizations, Microsoft Excel is really the indispensable product in the suite. Every significant financial department I know uses Excel--and that includes features like PivotTables and macros. There's really no good alternative. That means in just about any office, you'll have some people using some features that require Microsoft Office, and since organizations love to standardize, Office becomes the standard for almost everyone.

Microsoft Office has been behind in one really important feature, though: collaboration. That's been where Google Docs and other Internet-based productivity suites (such as those from Zoho and Glide) have had a big advantage. Microsoft has added collaboration features to Office 2010, but I'm not ready to judge them yet. That's clearly going to be a big battleground over the next year or two.

Google Docs just got a lot of attention for its recent upgrade, which the company says offers more competitive features, better compatibility and a new HTML 5-based way of working offline. It sounds good, but I haven't tried it yet.

But in many ways, the real competition to Office 2010 is more likely to be the older versions of Office that people are running to day. Simply put, Office 2003 or 2007 both work pretty well, and not everyone will see the reason to upgrade. Indeed, I know many workers who found the UI change between 2003 and 2007 to be quite jarring, even though in the long run, most tended to like it.

In addition to better collaboration tools, Microsoft Office 2010 features a new 'ribbon UI' for Outlook, a couple of impressive new tools for Excel, and the ability to crop videos directly in PowerPoint. PC Mag's first look at the beta is here and my intial impressions are here. I'm sure we'll both have more to say as we get our hands on the final product, but I have to say I've found many of the new features quite useful.

Still, it's interesting how little attention Office is getting, at least in the media. Microsoft says 7.5 million people have downloaded beta copies, so someone much care. But my guess is, at this point, Office is good enough, and most people just take it for granted.

Claim victory over your e-mail

noreply@blogger.com (Gabriel) — Mon, 19 Apr 2010 00:55:00 +0000

No doubt you've opened an e-mail and thought, 'Hmmm, not sure what to do with this. I'll deal with it later!'—and promptly closed the message. If you do this over and over again, it doesn't take long to end up with several hundred (or thousand) messages in your Inbox.

Developing a new approach to processing your Inbox will help you to gain more control, improve your response time, and keep up with critical actions and due dates.

Tip #1: Set up a simple and effective e-mail reference system

The first step toward an organized Inbox is understanding the difference between reference information and action information.

•	Reference information is information that is not required to complete an action; it is information that you want to keep in case you need it later.
•	Action information is information you must have to complete an action.

Most people receive a considerable amount of reference information through e-mail. Sometimes as much as one-third of your e-mail is reference information. So it is essential to have a system that makes it easy to transfer messages from your Inbox into your e-mail reference system. An E-mail Reference System is a series of e-mail file folders where you store reference information to ensure you have easy access to it later. Learn more about setting up an E-mail Reference System. Once you take care of filing your reference information, you can use the next three steps to handle e-mail you have to do something with, your action information.

Find three more tips for claiming victory over your email at the full article on Microsoft At Work, here.

By Sally McGhee, Consultant and Productivity Expert

"

Selling Blackberry Travel Mini Charger 8300 8100 8800

noreply@blogger.com (Gabriel) — Fri, 16 Apr 2010 16:49:00 +0000

Selling Blackberry Travel Mini Chargers 8300 8100 8800

Conventional Password Wisdom Challenged

noreply@blogger.com (Gabriel) — Fri, 16 Apr 2010 14:54:00 +0000

Nobody will argue that '123456' is a good choice for a password. If you use a common word or phrase to password-protect a sensitive account, hackers can break in using a dictionary attack that simply tries thousands of common passwords. Hacking skillz aren't even required if your password is one of the ten most common; any Joe can crack that account in a few minutes. We advise everyone to use strong passwords. Remembering a password like ru4P^xfR can be tough, but if you use a password manager, you need to remember only one mega-strong master password.

It all makes sense, right? But a recent study by Microsoft researcher Cormac Herley casts doubt on much of the accepted wisdom regarding passwords. In particular, following certain password rules 'shields [users] from the direct costs of attacks, but burdens them with far greater indirect costs in the form of effort.' Herley contends that users who ignore security advice aren't lazy or stupid; rather they're acting rationally. The advice is complex, and the benefits are 'largely speculative or moot'.

The paper correctly notes that dictionary attacks aren't the best way to break security. Getting the user to give away security credentials through phishing or keylogging is much more effective, and a password's strength is totally irrelevant when it's stolen. He particularly slams the common requirement that users change passwords at specified intervals. A hacker who steals your password is going to use it right away; he won't wait two months. 'Insisting that users choose a unique strong password for each [[account]] which they change often and never write down is clearly a large burden.'

The study also points out that teaching users to recognize phishing
URLs is a losing proposition, not worth the time spent. Herley
calculates that a task requiring one minute per day from every working
adult in the U.S. costs about $15.9 billion per year. Unnecessary
security advice 'treats as free a resource that is actually worth $2.6
billion an hour.'

He definitely has a point, but don't go changing all your passwords
to '123456' just yet. Using different passwords for different accounts
and Web sites really is beneficial, as is using complex,
non-guessable passwords. You can cut down on the time and effort
required by using a password manager and letting it generate strong
passwords for you.

And rather than trying to recognize
phishing URLs yourself, rely on antiphishing tools such as Norton
SafeWeb (built into Norton Internet Security 2010 and Norton 360 Version 4.0) and McAfee's SiteAdvisor. When good security advice is managed
automatically, you get all the protection and none of the wasted effort.

Java Update Patches Zero-Day Bug

noreply@blogger.com (Gabriel) — Fri, 16 Apr 2010 14:30:00 +0000

Sun—whoops, make that Oracle—issued an update today to Java 6 to address a vulnerability revealed recently, one which had led to zero-day exploits.

Java 6 Update 20, now available through Java's automatic updates or download, has 3 other fixes, all of which appear to be improvements in error messages and logging. It's hard to say now because the links to the specific bug reports from the update release notes don't work, at least not yet.

With respect to Tavis Ormandy's bug, as Ormandy said himself: 'They've completely removed the vulnerable feature, literally replaced with return 0.' The error was rooted in bad support of a particular programming construct, and Sun has simply withdrawn support for that construct. Ormandy adds: 'I'm told there may be stale npapi plugin after upgrade.' It's not clear exactly what this means, but it sounds like it will require another update eventually. But the immediate problem, namely a zero-day vulnerability, has been addressed.

HP Pushes New Virtualization Services

noreply@blogger.com (Gabriel) — Fri, 16 Apr 2010 14:24:00 +0000

HP is rolling out a series of enterprise-focused services to help businesses evaluate their current IT roadmap, and design a new client model that features both regular PCs and virtual desktops, eWEEK reports.

HP Client Infrastructure Services comes at a time when businesses are finally beginning to refresh aging desktop PCs, now that Windows 7 is on the market. It's also at a time when virtualization, cloud computing, and mobile devices have given workers newfound abilities and expectations for business computing, the report said.

HP's new services span client strategy, virtualization, integrated client management, and application rationalization.

TeamViewer Extends Multiplatform Solution to Linux

noreply@blogger.com (Gabriel) — Fri, 16 Apr 2010 14:24:00 +0000

Linux is often the OS of choice for IT professionals around the world. But what happens when these Linux users are called to support clients working on Windows or Mac systems? TeamViewer GmbH has offered a solution by making its popular TeamView desktop sharing software, which made PCMag's list of the Best Free Software 2010, available for Linux. With TeamViewer multiplatform capabilities,

Linux, Windows and Mac users are able to connect for online collaboration, teamwork, and IT support. The Linux version features VoIP and instant chat, allowing partners to collaborate in real-time through the. The software is available as a free download for non-commercial use at TeamViewer.com.

InVisage Quantum Dot–Based Camera Sensors: How They Work

noreply@blogger.com (Gabriel) — Wed, 14 Apr 2010 16:05:00 +0000

Perhaps the most interesting pure technology demonstration I saw at this year's Demo Spring 10 conference last month was the QuantumFilm technology introduced by InVisage
Technologies, which is aimed at replacing the traditional CMOS image sensor. InVisage created the material and the manufacturing technique, based on
research done at the University of Toronto by professor Ted Sargent,
who is now the company's chief technology officer. I wrote about it a bit at the show, but I've gathered more details.

Effectively. the technology works by suspending very small 'quantum dots'--tiny semiconductors that absorb light and emit electrons--within a special polymer film. The film, which looks completely black, is then 'spun' or painted on top of a traditional CMOS wafer.

What makes this different from current sensor technology is that the film captures all the light that hits the top of the chip in a layer only 500 nanometers thick; and it can send light directly to the silicon chip, according to the company. This is opposed to a conventional CMOS image sensor, where light typically has to pass through layers with metal connections before it hits a photo detector, which blocks out about half the photons.

By putting the film on top of the chip, and by having more efficient materials, InVisage says it can create a sensor that is four times more sensitive to light with twice the dynamic range of the typical CMOS sensor. As a result, it can manufacture the chip on a 1.1-micron process node (as opposed to most image sensors, which are produced at much finer nodes) yet still get much better images. The film can be added very simply. just like adding a layer of photoresist on a wafer. The chips will be made by TSMC, the leading foundry.

The company says this will enable higher resolution for cameras and much better low-light performance, particularly in contrast with the tiny sensors used in today's camera phones. As a result, you'll get better pictures and videos.

The company expects to have samples of the chip in the fourth quarter of this year, with production starting in mid 2011. Although it's up to handset manufacturers exactly when the end products will roll out, that could happen as soon as late 2011.

Obviously, this technology will face lots of competition from more traditional CCD and CMOS sensors. It will be interesting to watch and see what develops.

Google Upgrades Postini Enterprise Messaging Security

noreply@blogger.com (Gabriel) — Wed, 07 Apr 2010 17:03:00 +0000

Google announced enhanced security features for Postini, the search engine's enterprise messaging service.

Postini now features Health Check, a new Google Message Security reporting console. 'Health Check helps you maximize the effectiveness of your spam filters,' said Postini team member Gopal Shah in a Google blog post. 'Think of it as a self-service 'tune-up' for your Postini filters. It gives admins a comprehensive report that will help them check how current configurations impact the effectiveness of antispam and antivirus filters.'

Shah said that users can configure Health Check to identify risky user-defined settings, optimize Approved Sender Lists, and fine tune firewall settings, as InformationWeek reports.

Google Message Security starts at $12 per user per year as a standalone service, but is also included in the standard $50 annual subscription price for Google Apps Premiere.

noreply@blogger.com (Gabriel) — Wed, 07 Apr 2010 16:39:00 +0000

A really dangerous idea has escaped into the wild: Acrobat PDF files can be used as viruses: Jeremy of sudosecure.net has demonstrated a proof of concept of a PDF virus: a malicious PDF containing an embedded executable which modifies other PDFs to include malicious code.

In many senses this is nothing new: It's an old-fashioned file virus straight out of the 1980's, except using PDFs instead of EXE files. The actual mechanism used by Jeremy is just a slight furtherance of recent work by Didier Stevens (and in fact that discovery was probably made by others earlier, but didn't receive attention).

Many reports, including Jeremy's initial report, call this a worm, but it's better-described as a virus. Worms can travel on their own, but this code needs the user to open the PDF in order to spread. This attack is, in fact, a classic virus.

Recall that the method Stevens demonstrated allowed a PDF with an embedded executable to run that executable after the user clicked through on a potentially-ambiguous dialog box. Foxit and possibly other readers actually ran the executable with no user confirmation, but Foxit has since fixed this so that their program works much like Adobe's. This method has the advantage of working even if the user has disabled JavaScript.

But most users have JavaScript enabled, the default with Adobe Acrobat and Reader, and many enterprises use JavaScript in PDFs for forms processing and other applications. Thus the possibility of a PDF virus exploiting one of these vulnerabilities has to be considered as well. I personally consider these to be more worrisome because they can execute without the user having to click any dialog boxes. It's not hard to imagine a return to the old days of Windows vulnerabilities when attackers sat on new malcode distributions waiting for a new unpatched vulnerability to come along. The same thing could happen with PDFs.

Abandoned Root Certificate Found in Firefox

noreply@blogger.com (Gabriel) — Wed, 07 Apr 2010 16:38:00 +0000

A modest panic spread today with reports that an unknown and unidentified root certificate was in the Firefox trusted root certificate store. The stories turn out to overstate the matter some; the certificate should pose no threat to anyone and it's being removed by Mozilla on a normal schedule.

It began with a newsgroup posting in mozilla.dev.security.policy proposing that the 'RSA Security 1024 V3' root certificate authority be removed from the trusted root store, as the owner of this certificate was not clear. The poster also filed a Bugzilla entry. She noted that the certificate appears in Apple's certificate store as well, though not Microsoft's.

What's going on? A rogue certificate? How could a certificate with the name 'RSA Security' not be owned by RSA? The answers basically came in a blog entry by Johnathan Nightingale, Director of Firefox Development in which he explains that the certificate did and does belong to RSA, but is no longer in use. It was added at RSA's request several years ago. Mozilla requires each trusted root to have 'a clear and active owner' and RSA didn't take clear ownership quickly enough, leading Mozilla to move to remove the certificate. RSA eventually confirmed that the certificate is theirs, but inactive.

The certificate remains in the product, but the process of removing it is underway. It's hard to see how an inactive certificate could be abused in the meantime, and any fears that it was owned by some rogue organization have been dispelled.

Adobe Gives Guidance on Shutting Off Embedded Executes

noreply@blogger.com (Gabriel) — Wed, 07 Apr 2010 16:37:00 +0000

Adobe has issued a blog entry to instruct users and administrators on mitigation techniques for the ability to execute embedded executable code with user consent. That capability, reported recently by researcher Didier Stevens, is turned on by default in Acrobat and Reader, as well as other PDF client software.

Users should go to Edit-Preferences, choose the Trust Manager on the left, then on the right uncheck the box indicated in the screen capture below. Click the image for a full-size version.

The Adobe blog entry includes the registry key controlled by this setting so that administrators can push out the setting through the network. A second key allows administrators to prevent users from changing that setting.