Category: Computers, Science & Technology

This is a pretty decent update to DropBox!

Dropbox Desktop Update Adds Drop-Down Menus

“Dropbox on Tuesday launched a new version of its desktop client for Mac and Windows with a refreshed look and feel.

The latest version, Dropbox 2.0, should give users more visability into activity on their account and faster access to files. There’s a new drop-down menu (left), which essentially serves as a news feed from which users can see what’s going on with their account. From the new Dropbox menu icon, users can see recently added or changed files, view and accept pending invitations and shared files from other users, and see the overall status of their Dropbox sync.

‘If someone shares a link with you, you can now get to it immediately — directly from the Dropbox menu,’ according to a Tuesday post on the Dropbox blog. ‘You’ll get notifications in real time as people share with you, and can see them later just by clicking the Dropbox icon.’

From the new Dropbox menu icon, users can also quickly share recently changed files with other users.

In addition, Dropbox mobile users will also now get notifications when someone has shared a folder with them, the company said. This feature is available on the latest versions of the Dropbox iOS and Android apps.

Meanwhile, the new desktop version can be downloaded directly from the Dropbox website.

Dropbox, founded in 2007, hit 100 million users this past November. The company also last year partnered with Vimeo to ease the video-uploading process, and added the ability to share stored files inside Facebook Groups.”

Yep, Google has announced the end of Google Reader! Ouch!

Google Unplugs Reader, Sending Its Loyal Users Elsewhere

“On Wednesday evening, Google announced the imminent passing of Google Reader, age 7. Scheduled demise: July 1. According to its 2005 birth announcement, Reader was ‘a service we hope helps you spend more time reading what’s important to you.’ It was an RSS reader, basically a geeky way to get lots of news articles and blog posts from all manner of sources (remember: no Twitter back then), and organize it all conveniently. Though the service was never wildly popular, for a smattering of dedicated users it was essential.

Now those users are progressing through the Seven Stages of Internet Grief: denial, tweeting, anger, tweeting, bargaining, tweeting, and acceptance, or more precisely, figuring out a new way to get a satisfying news fix. Feedly, a popular news reader app for iOS, Android, and other platforms, has already said it will clone Google Reader and offer its users a new home.

I use Google Reader for two or three hours a day—it’s the official Google web app on my Mac when I’m at work or at home. During commutes I use Reeder, a third-party Google Reader app, on the iPhone. Mobile users could certainly shift to aggregators like Pulse or Flipboard, and indeed they are pretty and get the job done.

But serious RSS users aren’t into it for the luscious jpegged beauty. RSS feeds, taken straight, are a wall of text. That’s useful when you want to let news wash over you, to scan screenfuls of headlines without waiting for extraneous pictures to load. When I want to absorb a lot of information fast—which is to say, always— I don’t have time for Flipboard. I want exactly what Google will be taking away from me this summer.

Most people, if they’ve ever even heard of RSS, probably don’t use it as much as they used to, given the proliferation of social news sources like Facebook and Twitter. In this context, the end of Reader isn’t much of a surprise. (Reedly says as much on its announcement page.) Plus, Google’s been thinning its product portfolio for a while, as the company moves from a scattershot, invest-in-everything philosophy to a much more disciplined approach. Larry Page calls this putting ‘more wood behind fewer arrows.’

So, yes. Fine. This may make a certain kind of business sense for Google. But consider: Right now, the company is in the enviable position of having a suite of products that many users find indispensable — but not irreplaceable. There are other RSS readers, as well as other search engines, email programs, and productivity tools. Reminding your most loyal users that, in fact, you’re not the only game in town — oh, and it’s quite possible to switch — doesn’t seem quite as savvy.”

Check it out! Always know where your towel is!

Though Douglas Adams has shuffled off this mortal coil, Google decided to celebrate today with a new Google Doodle! Check it out while you are “surfing” today!

Check the video on YouTube to see everything it does:

So, the Chrome OS wasn’t hacked (as discussed in an earlier article posted here), but ALL the big browsers got pwned at “Pwn2Own!”

Fail: Chrome, Firefox, and IE all crack during hacking competition

“Chrome, Internet Explorer, and Firefox all fell to the mercy of the hackers today. That is, in a controlled environment.

Security firms Vupen and MWR Labs were able to crack the browsers during a condoned bug-hunt today, with one company winning $100,000 for finding a huge hole.

The Pwn2Own competition is an event at the CanSecWest conference in Vancouver. HP’s DVLabs created the competition as part of its Zero Day Initiative: an attempt to get more people to find and report bugs as opposed to exploiting them for personal gains. This year’s Pwn2Own competition turned up a number of interesting hacks, with three major browsers all falling: Firefox, Internet Explorer, and Chrome.

Vupen, a security research firm based in France, cracked both Firefox and Internet Explorer. It roughly explained the attack in a tweet (warning: A lot of security vocabulary is incoming), ‘We’ve pwned Firefox using a use-after-free and a brand new technique to bypass ASLR/DEP on Win7 without the need of any ROP.’

The technique involves recalling memory that the browser had previously ‘freed,’ (user-after-free), after which they were able to mess with the technology that protects a computer system from letting bad code execute.

In Internet Explorer’s case, Vupen says it found two separate ‘zero-days,’ or previously unknown holes in a system, and used them to get inside a Microsoft Surface Pro tablet. From there, the company was able grab hold of Windows 8.

The company explained, again, in a tweet, ‘We’ve pwned MS Surface Pro with two IE10 zero-days to achieve a full Windows 8 compromise with sandbox bypass.’

Lastly, U.K.-based security firm MWR Labs cracked Chrome and also gained full control of the operating system, this time Windows 7. It also ‘demonstrated a full sandbox bypass exploit.’ The company explained in a blog post that it found a zero-day in Chrome ‘running on a modern Windows-based laptop.’ It was able to exploit the vulnerability by performing a very similar attack to what took down Facebook, Microsoft, and a number of other well-known companies: It had the laptop visit a malicious website. From there the website probed Chrome and was able to get control of the area of the browser that executes code ‘in the context of the sandboxed renderer process,’ or the protective area that allows code to run, but restrict it from using any other part of the system but the CPU and memory.

The sandbox cannot, however, protect against any attacks against the kernel, or the root of the operating system, it exists in and that’s exactly what MWR took advantage of. It found a vulnerability in the kernel, exploited it, and gained full access to the Windows 7 system.

Shabam.

All of these browsers had been previously patched in preparation for the competition, showing just how much can be missed and how valuable these types of bug-finding events are. MWR won $100,000 as a result. Of course, both MWR and Vupen properly disclosed all the documentation of its findings to the appropriate browser security teams.”

Can you imagine Microsoft offering expert hackers a challenge, with big financial incentives, to try and hack Windows. Huh!? Yeah, right!! You gotta admit, if you want security, Chrome would be the way to go!

No Winning Exploit Found For Chrome OS At Annual Hacking Competition, Pwnium 3

“Google’s operating system Chrome OS survived all attempts to hack it at this year’s Pwnium 3 competition, which took place at the CanSecWest security conference in Vancouver, BC this week. Google, which was offering up $3.14159 million in prize money (get it, Pi money?), said that there was no winning entry, but it was in the process of evaluating some exploits for partial credit.

The focus for this year’s Pwnium 3 was on Chrome OS – and the big push from Google to focus on its operating system, recently introduced in the new, high-end Chromebook Pixel touchscreen laptop, also included increased rewards for hackers finding exploits as well. Although in previous years, rewards maxed out at $60,000 for Chrome browser exploits, the company had earmarked up to $3.14 million for hacks on the OS. That was largely just a clever marketing gimmick, however – the actual potential payouts were much lower:

The two reward levels offered this year included:

• $110,000: browser or system level compromise in guest mode or as a logged-in user, delivered via a web page.
• $150,000: compromise with device persistence — guest to guest with interim reboot, delivered via a web page.
• And, as always, partial credit was offered to those for incomplete or unreliable exploits.

The hacks had to be demonstrated against a base Wi-Fi model of the Samsung Series 5 500 Chromebook, running the latest stable version of the Chrome operating system. Hackers could use any of the installed software, including the kernel and drivers, to attempt their attacks.

A Google spokesperson confirmed the Pwnium 3 hacking contest completed without a winning entry, via the following statement:

Pwnium 3 has completed and we did not receive any winning entries. We are evaluating some work that may qualify as partial credit. Working with the security community is one of the best ways we know to keep our users safe, so we’re grateful to the researchers who take the time to help us in these efforts.

Chrome OS, which is a Linux-based operating system running a Chrome browser, may have been more difficult to hack thanks to ten bug fixes which arrived just before the competition. Six of these were high-level bugs and four earned payouts of $1,000-$2,000 from Google’s ongoing efforts to rewards researchers for finding bugs.

Pwnium 3 ran alongside the browser-focused Pwn2Own, which wraps up today. During day one of that event, all browsers except Safari proved vulnerable to attacks, but only because none of the entrants decided to take on Safari this year. The Chrome browser issue discovered yesterday has now been fixed. During day 2, Adobe Reader, Flash and Java also fell.”

Scan an object and then 3D print the object? So, is this a first generation Star Trek replicator?

MakerBot announces 3D ‘Digitizer’ prototype to scan your world, then print it out

“MakerBot founder Bre Pettis today announced the Digitizer Desktop 3D Scanner prototype it intends to sell alongside its Replicator 3D printers. The scanner uses a combination of cameras and lasers to scan an object and create a digital file that can then be printed using one of MakerBot’s replicators. The company says you won’t need any experience with design or 3D modeling software to make use of the scanner, and wants to see it used by businesses, educational facilities, and in the home. The Digitizer will launch this fall, Pettis said.

‘The MakerBot Digitizer is an innovative new way to take a physical object, scan it, and create a digital file — without any design, CAD software or 3D modeling experience at all — and then print the item again and again on a MakerBot Replicator 2 or 2X Desktop 3D Printer,’ Pettis said. The Digitizer is capable of scanning objects up to 8 inches by 8 inches in less than three minutes. As the Digitizer scans your object, it spins in a circle on top of a platform. ‘This is kind of like what happened when Flynn (in Tron) gets digitized into the game grid,’ Pettis said. ‘This takes us from being a 3D printer company into being a company that’s building out a 3D ecosystem.’

Before Pettis revealed the actual Digitizer, he delved into some of the ways people around the world are using MakerBot. One dad made orthotics so his daughter could appear tall enough to ride a rollercoaster, payments startup LevelUp prototyped a new phone scanner, and Pettis himself made shot glasses. Some MakerBot-built products will have an even bigger impact on our lives, Pettis said. ‘Our biggest customer is NASA, which just makes the nerd in me so happy,’ he said. ‘They can make cheap prototypes on our machines before using their high end one.'”

This is my very favorite Open Source defragmenter! I install it on every system that I build. Keeping your disk drive defragged and optimized is a huge benefit in performance.

UltraDefrag Version 6.0

“UltraDefrag is a powerful Open Source Defragmentation tool for the Windows Platform. It can defragment any system files including registry hives and paging file. Also one of the main goals of UltraDefrag is doing the job as fast and reliable as possible.

• All disk processing algorithms were optimized for speed and efficiency.
• Support to optimize FAT disks was added.
• The ability to specify the file sorting order and criteria was added for optimization.
• Additional filters for fragment and file size were added.
• Optimization now makes use of all specified filters.
• The ability to minimize the window to the system tray was added.
• The ability to display the progress on the task bar icon was added for Windows 7® and above.
• File fragmentation reports are now no longer stored in the root folder of the drive, but in a sub-folder of the installation folder, so they are no longer left behind after removing UltraDefrag.
• The Explorer context menu handler is now configurable too.

This is a nice, clean, professional document that helps introduce a new user to the free, Open Source, LibreOffice. Very nice! Download it by “right-clicking” on the link below, and download the PDF.

LibreOffice 4.0 Getting Started Guide

LibreOffice is developing a Certification Program! Pretty neat!

LibreOffice Certification Program

“Certification is a key milestone for building the LibreOffice ecosystem, and increase the number of organizations capable of adding value around LibreOffice (and, hopefully, help to spread the adoption over proprietary and open source office suites). Certification is also going to be an additional opportunity for The Document Foundation, at least in the medium to long term, in order to sustain the growth of the ecosystem.

TDF certification model will be different from that of proprietary software companies, as TDF – for instance – cannot leverage discounts over list prices (one of the typical advantages of certified partners). Developing a new certification model is both a challenge and an opportunity, for TDF and for its partners.

TDF (informal) ecosystem already includes the resources for creating this new model of certification program, and to make it interesting for the market (i.e. individuals and companies which are not yet thinking about becoming TDF partners, but have the potential to do so). In any case, TDF certification will not be related to the sheer dimension of the business, although companies able to generate a larger business should also contribute more to the project.

Before starting to outline the certification program, it should be absolutely clear that it is not supposed to become a source of competition for TDF corporate sponsors (today: Canonical, RedHat and SUSE), for TDF partners like Lanedo, and for TDF members who provide VAS (value added services) to the market. On the contrary, it provides a method of regulating the quality of the services provided by these entities and a method of recognising that certain services conform to clear and transparent regulatory criteria. This will help build and sustain the ecosystem.

The main focus of the certification program is the corporate environment, although TDF – in the future – might also create an end user training program as a by-product of the corporate training (although most end users will ask for a basic training program, and possibly for a certification like ECDL, which might become a secondary source of income, based on trainings for the trainers). Although there might be a large request for end user certification, this is not as important as professional certification as it is not going to help building the ecosystem.

Individual Certifications:

Certified Developer

Is able to hack LibreOffice code to develop new features or provide L3 Support to enterprise users, researching and developing solutions to new or unknown issues, designing and developing one or more courses of action, evaluating each of these courses in a test case environment, and implementing the best solution to the problem. Once the solution is verified, it is delivered to the customer and given back to the community. Certified Core Developers need to be present TDF members, and part of their certification is peer review by the Engineering Steering Committee.

Certified Migration Professional

Is able to coordinate the migration process from MS Office to LibreOffice, working with the customer to manage the change in all aspects (integration, development of macros and templates, training and support) in order to have a smooth transition.

Certified Professional Trainer

Is able to teach the use of LibreOffice at basic, intermediate or advanced level.

Certified L1 Support Professional

Is able to handle basic customer issues, gathering the customer’s information and determining the customer’s issue by analyzing the symptoms and figuring out the underlying problem. Technical support specialists in this group typically handle straightforward and simple problems like verifying the proper hardware and software set up, and assisting with application menus. In a corporate environment, the goal for this group is to handle 70%-80% of the user problems before finding it necessary to escalate the issue to L2 support.

Certified L2 Support Professional

Is able to assist L1 support personnel in solving basic technical problems and investigating elevated issues by seeking for known solutions related to these more complex issues. If a problem is new or a solution cannot be determined, is responsible for raising this issue to L3 support. Technical support specialists in this group typically handle complex functional problems. Within a migration project, is able to develop macros and/or templates reproducing those developed for MS Office, in order to offer to end users of the suite the same functionalities they were used to.”