Pirated copies of a Windows 7 build pegged by many as the beta Microsoft will release next month have leaked to the Internet, according to searches at several BitTorrent sites today.
A search on the Pirate Bay BitTorrent site, for example, returned two Windows 7 Build 7000 listings, both of which had been posted Friday.
As of Saturday afternoon, one torrent on Pirate Bay showed more than 1,800 "seeders" -- the term for a computer that has a complete copy of the torrent file -- and about 8,500 "leechers," or computers that have downloaded only part of the complete torrent. The torrent is a disk image of the 32-bit version of Windows 7 Ultimate, Build 7000, according to users commenting on the site and elsewhere on the Internet.
Pirate Bay and other BitTorrent sites, including Mininova, listed the beta build as a 2.44GB download.
This is not the first time Windows 7 has escaped from Microsoft's limited testing pool. Just hours after the company unveiled an earlier version at its Professional Developers Conference in late October, the alpha edition hit BitTorrent.
Users first reported the newest Windows 7 leak on Neowin.net's forums Friday, with the opening message and screenshots coming from someone identified as "+fivestarVIP", who said he was from Beijing, China.
Build 7000 is what Microsoft will issue next month as Windows 7 Beta, according to other reports by Windows bloggers who have copies. Paul Thurrott, for example, posted a review and screenshots of Build 7000 today on his "SuperSite for Windows" site, naming it as the Beta build.
Although Microsoft has promised to open the beta to all users in early 2009, it has been mum on an exact release date. Information published on its own Web site earlier this month, however, hinted that the beta will be available no later than Jan. 13.
Some commentators and bloggers have maintained that Microsoft may release the beta as early as Jan. 7, after CEO Steve Ballmer delivers a keynote that evening at the Consumer Electronics Show in Las Vegas, where he is expected to talk about Windows 7.
The successor to the perception- and problem-plagued Windows Vista will ship in late 2009 or early 2010, according to previous statements by Microsoft executives.
Wednesday, December 31, 2008
Saturday, December 27, 2008
Microsoft has a new certified professional in its ranks -- and she's 9 years old.
The girl, from the Tamil Nadu region of India, passed Microsoft's exam this week, according to Indian media reports. She's now the youngest person to ever do so, breaking a previous record held by a 10-year-old from Pakistan.
Microsoft's Certified Professional exam is designed for IT professionals. As you'll see, though, being ahead of her age is nothing new for this young gal. She explains her story in the video below.
Tuesday, December 23, 2008
Microsoft has once again put Windows XP on life support, extending the OS's death date to May 30, 2009. This reprieve comes two months after rumors swirled about another potential bail out.
In the new agreement -- first discovered by ChannelWeb -- distributors can purchase XP licenses until January 31, 2009, the original date in which XP was supposed to turn to dust, but take delivery against those orders through May 30.
Windows XP was supposed to stop shipping on January 30, 2008, but that date has been extended several times. It will live on Netbooks until 2010. XP is also still a booming business: Dell started charging $150 per Vista downgrade -- three times as much as the original fee.
Meanwhile, Windows 7's rumored release date hovers around October 2009. With each extension of Windows XP's death, Microsoft inches closer to Windows 7's release, thereby sublimating Vista and its skimpy chances at some kind of late-blooming success. Given the market's resistance to Vista -- and Microsoft's own perceived uncertainty -- we should expect Windows 7 to arrive sooner rather than later so the monstrous software company can save face.
Monday, December 22, 2008
Samsung will roll out a mobile phone based on the Google Android operating system by the second quarter of 2009, according to a report from Korean news agency ETNews. While details are sketchy, Samsung will reportedly release the phone via cellular carriers Sprint Nextel and T-Mobile.
The phone will likely be a touchscreen model similar to Samsung's Instinct and Omnia handsets, both of which more closely resemble the Apple iPhone than HTC's less sleek T-Mobile G1, currently the only Google Android phone on the market. Samsung's device will provide all the Google essentials we'd expect, include search, mapping, mail, and instant messaging, the report states, but it's a safe bet that other Google tools will be added as well.
It would appear that Samsung has high hopes for its Google phone. It has reportedly "accelerated" development of the project, adding 30 Linux and Java experts to a design team that now has up to 80 members. It seems likely that Samsung will beat other Open Handset Alliance members to market, including Asus, LG, Motorola, and Sony Ericsson, all of whom have Android-based projects in the works.
The growing interest in the Android OS, as well as the staggering popularity of the iPhone, which now commands over 30 percent of the U.S. smartphone market, is more bad news for Microsoft's Windows Mobile, which is declining in popularity among end users and phone manufacturers alike.
Let's hope the Samsung handset will borrow some of the iPhone's elegance, but a slide-out keyboard would be nice too.
Saturday, December 20, 2008
Attackers are exploiting the just-patched vulnerability in Internet Explorer (IE) by hiding malicious ActiveX controls in Microsoft Word documents, a security company said Thursday.
"Inside the document is an ActiveX control, and in that control is a line that makes it call out to the site that's hosting the malware," said David Marcus, the director of security research and communications for McAfee Inc.'s Avert Labs. "This is a pretty insidious way to attack people, because it's invisible to the eye, the communication with the site."
Embedding malicious ActiveX controls in Word documents isn't new -- Marcus said he had seen it "a time or two" -- but using an ActiveX control to ping a hacker's server for attack code is "definitely an innovation," he added. "They're stepping it up."
The rogue docments can be delivered as attachments to spam e-mail or offered up by hacked sites.
Attackers have been exploiting the IE bug since at least Dec. 9, when reports first surfaced about malicious code found in the wild and on several Chinese hacker servers. McAfee was one of the first security companies to report the emerging exploit.
Since then, Microsoft acknowledged the bug, then offered up a series of advisories urging users to take protective steps until a fix was available.
Wednesday, the company released the patch.
Although other researchers continue to claim that thousands of legitimate Web sites have been compromised, then used to serve "drive-by" attacks against unpatched browsers, Marcus wasn't certain about the numbers he's seen bandied about. "But absolutely, there's been a lot of activity around this," he said. "A lot of the bad guys have embedded IFRAMES in their sites to attack IE."
According to other reports, the IE exploit has been added to one or more multi-strike hacker toolkits that try several different exploits when users visit a compromised or malicious site. "If it's not in one of those yet, it probably will be," said Marcus. "Some of the exploits in those kits are years old, so a good one like this, unpatched until yesterday, will make its way into them."
Marcus recommended that users be cautious about opening Word documents, keep their security software up-to-date, and apply the IE patch as soon as possible.
Friday, December 19, 2008
Click fraud is a very complex issue. Unfortunately, much of the information available has been misinterpreted due to that complexity. In this video, Shuman Ghosemajumder of Google gives some information that will hopefully clear up that gray area.
For starters, click fraud is driven by 2 major incentives:
1. Attacking advertisers - when an advertiser tries to hide one of his competitors
2. Inflating affiliates - when an AdSense publisher tries to fraudulently increase his own revenue by generating false clicks
Methods of click fraud stem from simplistic techniques to sophisticated techniques. Simplistic methods include manual clicks such as when a fraudster personally clicks ads on his own computer. It gets a little more sophisticated when a fraudster organizes botnets and uses them for click fraud. Click farms, which consist of individuals or organizations that try to hire people to click on ads continuously, fall somewhere in the middle of the simple and sophisticated click fraud techniques.
Shuman does point out that: “the impact of invalid clicks at Google is minimal.”
Google detects click fraud through simple rules and statistical anomaly detection. Google’s simple rules consist of certain rules they have already defined as what they classify as an invalid click. Since some simple rules can be easily broken, statistical anomaly detection is more effective because it looks at specific activities on websites and compares the expected behavior to the observed behavior. This data gives Google a better understanding of how to detect invalid clicks.
For advertisers wanting to take proactive measures to prevent click fraud, Shuman advises keeping the return on investment (ROI) as the central focus. Research and gather as much data as possible, test everything, and track all results. If you apply these actions and your ROI drops for no reason, you have a good reason to suspect undetected click fraud and should file a claim.
Tuesday, December 16, 2008
Google's chief of user experience Marissa Mayer told TechCrunch' Michael Arlington at yesterday's Le Web' 08 conference in Paris that Chrome is coming out of beta. Period. No further explanation was provided and the company did not even issued a press release. The only official information is a low-key Google blog post.
It is very unusual for any vendor to move such a young product out of beta after just 100 days of availability. That is especially true for Google, which had no problems with freezing flagship products in beta for years so far. Gmail is five years old and still carries the beta label, as does the three-year old Docs service.
What about Chrome? If we leave aside for a moment that the 1.0 version is virtually identical with the most recent beta version that preceded it, the removal of a beta label typically implies that a product is reliable enough for everyday use and that it is feature complete. Such a message tries to attract users who were previously put off by a beta product, which usually yells “be careful, bugs!” If you think about it, beta always means "work in progress." Also, any product development team typically aims to test a feature-complete version of a product in a beta or at least release candidate phase, before rolling it out as a final. Chrome may be lightning-fast, but, in our opinion, Chrome is not only rough around the edges. It is also far from being feature-complete.
Stable enough for everyday use? Feature complete?
The company's blog post states that audio and video plug-ins are improved, claiming "better performance and stability." The 1.0 Chrome release still has issues with the Flash plug-in and stopped working on several websites we accessed. Yes, there were thirty-something tabs open, but the Flash plug-in should not crash in a 1.0 browser release regardless of the number of open tabs. Simply put, Chrome 1.0 is as stable as the 0.4.154.22 beta was and Google can’t wiggle itself out of this claim.
Google highlights a bookmark manager and more granular privacy controls in a manner that implies changes in the 1.0 version whereas, in fact, they were first rolled out nearly a month ago in a release with version number 0.4.154.22, followed shortly by a bugfix-only release with the version number 0.4.154.22. The latter was the 13th release in a row, followed by yesterday's 1.0 release.
Google may have a different definition of what is feature-complete and not and it may want to keep the browser as streamlined as possible. But Chrome needs more security and privacy options, its minimal user interface and the variety of configuration options could use some improvements. Right now, Chrome seems to appeal to a very specific user group that looks for uncompromised performance, whereas Firefox appeals to a much broader range and provides a much more reasonable compromise between feature set and streamlined browser design. The product itself is clearly not yet competitive enough to play with the big boys.
Chrome is not a final version in a traditional sense. It is just not a good idea to replace a beta label simply with a final label and hope that it magically becomes final as a result.
The only reasons that make sense to us are marketing related. Beta browsers tend to be stuck below the 1% market share level and are not as strongly adopted as “final” browsers. Perhaps Google got tired of being compared to the market shares of Opera and IE8 Beta? From our perspective, the decision to remove the beta label is a sign of desperation and pure marketing move designed to inflate Chrome's market share.
Also, think about Google’s intention to bundle Chrome with PCs. If you were a PC vendor, would you give your customers a beta browser? As a customer, would you like to get beta software on your PC? Of course not.
The bottom line is: End-users do not benefit from Chrome 1.0 compared to Chrome 0.4.154.22 beta in any way. From a marketing perspective, the removal of the beta status will probably drive Chrome's market share, but the gains will be short lived, if there aren’t any substantial updates that do not offer widespread plug-in support and new end-user features in a timely manner.
Delivering the features users want may be the easiest way to drive user numbers up and create a loyal following. Resort to cheap tactics like pushing a beta product into an official 1.0 status out of the blue is a risky attempt to inflate user numbers and may backfire. As a final product, Chrome has lost its beta benefit in browser comparisons and may not fare as well anymore. Even worse, the credibility of final versions delivered by Google may suffer.
I would have no problem with their removal of the beta label at all if a) Chrome 1.0 brought a jump in quality compared to the most recent beta version or b) if Google provided a Chrome roadmap months in advance, as Mozilla does, to let users know which beta release should be considered the final candidate release.
We still believe that Chrome may become a fantastic browser overall. But yesterday’s 1.0 rollout was wrong. Chrome should still be labeled as a beta product. Sure, it is difficult to downgrade it back again to a 0.9 version. But what about an upgrade to 1.5 beta?
By Christian Zibreg
Monday, December 15, 2008
As Firefox and Chrome battle it out with new betas and rumored release dates, a newly completed analysis is answering the question over which browser has the most bugs.
Mozilla released Firefox 3.1 beta 2 this week and is now working on a third beta set to debut in early January. Google executives, meanwhile, reportedly indicated during a Web conference interview that Chrome is on the brink of coming out of beta altogether.
Testing, 1, 2, 3
In contrast to what those timelines might suggest, Chrome is being called the buggiest browser of all in a review released Wednesday. Open software testing community uTest used its crowdsource-based model to sign up 1,300 volunteer testers for the project. Each tester compared Firefox 3.1's first beta with Chrome's third beta (0.3.154.9) and Internet Explorer 8 beta 2. Neither Opera nor Safari was included in the analysis.
The testers competed for eight days to see who could uncover the most problems. uTest then verified and compiled the results to determine how each browser fared.
The test's overall message is positive: uTest uncovered no major security flaw in any of the three browsers covered. "We're very encouraged by it," says spokesperson Matt Johnston. "In years past, we wouldn't have been able to say that."
The community did, however, discover 672 bugs across the browsers -- an average of almost one bug found for every 15 minutes of testing. All were user interface-related functional or technical issues, Johnston says. One bug, for example, caused a newly opened tab to have faulty color properties. Another caused a blip when trying to import favorites from another browser.
"They were general usability and functional things," Johnston explains.
So here's the breakdown, browser-by-browser:
• Internet Explorer 8 beta 2: 168 bugs identified
• Firefox 3.1 beta 1: 207 bugs identified
• Chrome 0.3.154.9: 297 bugs identified
Among those bugs, 101 were labeled as "showstoppers," or more serious flaws that warrant immediate attention. Firefox had the highest percentage of those, at 24 percent. Twelve percent of Chrome's bugs were deemed "showstoppers," while 9 percent of IE's received the designation.
As for overall usability, Firefox had the highest number of "excellent" ratings, followed by Chrome, then IE -- which did not receive a single "excellent" score. Firefox also came out on top in ratings for general preference.
(The uTest community, by the way, is by its own reporting a fairly tech-savvy crowd. Nearly 80 percent of the members list "software tester" as their full-time professions.)
Putting It All Together
The Chrome-tarnishing results may not be entirely surprising. Chrome -- the newest browser of the three -- has seen numerous bugs and compatibility issues since its debut. Still, each release has made the product more stable than the last. And though Chrome has the smallest market share of the three browsers included here, Google has suggested its biggest push won't start until the software is deemed stable enough for a full release. Then, recent reports indicate, the company will "throw [its] weight behind it," heavily promoting Chrome and possibly even inking deals to have it preinstalled on new PCs.
With the notion that such a full release could be right around the corner, though, one has to hope Google has one serious update ready to roll out. Otherwise, if the uTest results are to be believed, that first full version may still be a bit too buggy for the masses.
Saturday, December 13, 2008
Last week, Xbox Live Director Larry "Major Nelson" Hyrb announced Microsoft's Xbox Live "Friendship is Free" program.
Under the program, eight popular Xbox Live Arcade titles-- A Kingdom for Keflings, Aegis Wing, Bomberman Live, Hardwood Hearts, Hardwood Spades, UNO, Small Arms and Super Street Fighter II Turbo HD Remix--will be free to play online for Xbox Live Silver members all this month.
Normally, gamers have to pay US$8 a month, $20 for three months, or $50 a year to have access to Xbox Live Gold accounts and unlimited online gameplay.
Of course, a caveat to this "Friendship is Free" program exists in the fact that you have to pay for most of the games (the Major confirmed this in an email), although Aegis Wing is free. If you want a free copy of "Friendship is Free" headliner A Kingdom of Keflings, you could try to win one via GamePro Arcade's latest contest!
Friday, December 12, 2008
Intel on Wednesday said it finished development work on manufacturing technology that will allow it to produce chips with circuitry just 32-nanometers in size, a billionth of a meter, by the fourth quarter of next year.
The new production technology will enable the company to lower costs and power consumption in chips, while adding more speed and functionality. In general, microprocessing speeds are directly related to the number of transistors on a chip, and the smaller the transistor, the more can be packed together on a single chip die. Smaller production technology lowers costs by enabling companies to increase output.
The development also means Intel will for the fourth consecutive time match its "tick-tock" strategy, a target to introduce an entirely new microprocessor architecture alternating with new production technology roughly every twelve months.
At a technical conference later this month, Intel engineers plan to detail how they will transition from the current crop of 45-nanometer processors to chips that are built on a new 32-nm manufacturing process. Intel is developing this new line of processors under the code name “Westmere,” and Intel plans to bring the first of these 32-nm microprocessors to the market in late 2009. At the same conference, IBM and Taiwan Semiconductor Manufacturing also plan to detail their efforts at developing and manufacturing 32- and 22-nm processors.
Wednesday, December 10, 2008
Sun patched at least 14 vulnerabilities in Java last week as it updated the popular software to version 6.0, build 11.
The release notes for Java 1.6.0_11, as Sun dubbed the update, skimped on details about the security flaws that were patched, but listed a total of 14 alerts, each of which will presumably provide information about at least one vulnerability.
Those alerts have not yet been published, however, leaving users in the dark about the specifics of what has been patched.
Sun also addressed 34 non-security problems with 1.6.0_11, ranging from a data corruption bug to a compatibility issue with some Java-based games.
Windows users, who account for the bulk of Java's installs, can update by clicking on the Java icon in the Control Panel, clicking on the "Update" tab, then clicking the "Update Now" button. Users running other operating systems can grab the newest version from Sun's Web site.
Mac OS X users must wait for Apple to craft its own Java update. Unlike rivals like Microsoft , Apple maintains its own version of Java and is responsible for delivering patches to Sun's software.
If the past is an accurate indicator, Apple's customers may not receive yes this Java fixes for months. When Apple refreshed Java in late September, for instance, it fixed more than two dozen vulnerabilities, some of which had been patched in updates for Java for Windows, Linux and Solaris as far back as March 2008 .
Apple has been frequently criticized for its sluggish patching of third-party components, particularly open-source code, that it bundles with its operating system. More than a year ago, Charles Miller, a researcher with Independent Security Evaluators, called Apple's inability to keep up with open-source fixes "negligent." More recently, Miller and others took Apple to task for not scheduling updates , instead releasing them at any time during the month.
Users can check to see which version of Java their machine is currently running by visiting this page on the Sun site.
Monday, December 8, 2008
The Symbian Foundation is on track to take over Symbian as an open-source operating system in 2010 and will put out its first distribution of software for developers in the first half of next year, its executive director said Thursday.
The foundation is the successor to the Symbian consortium that has administered the OS since 1998. It is being formed after Nokia agreed to buy the remaining part of Symbian, a deal that closed on Tuesday. The world's largest handset maker, which has been perceived as dominating Symbian since its creation, is releasing the platform as competition for developers grows among Google's Android, Apple's iPhone and other systems.
Nokia, Motorola, NTT DoCoMo, LG Electronics, Samsung, Sony Ericsson, AT&T and other companies agreed in June to form the foundation. Six new members, including AOL, Fujitsu's Cell Telecom division, and Intrinsyc, were announced Thursday at the Symbian Partner Event in San Francisco. That brings total membership to 64, the group said.
The distribution of code coming in the first half of 2009 won't be entirely open source. It will be released to members of the foundation, under a new partner organization that eventually will supplant Symbian's current partner program, said Lee Williams, executive director of the Symbian Foundation. It will include elements of Symbian and of Nokia's Symbian-based S60 platform. The group is already working on code for that distribution.
The open-source OS coming in 2010, will unite Symbian with S60 as well as two other platforms built on it: UIQ and NTT DoCoMo's MOAP (Mobile Oriented Applications Platform).
The foundation is now defining roles within its organization and starting to work on recruiting for those jobs, Williams said. By the end of April, there will be staffers answering calls and e-mail for developer support and other needs, he said.
Saturday, December 6, 2008
Opera Software is giving developers and users an early look at its Opera 10 browser, which features a new version of its rendering engine that the company says offers 30 percent improvement in the speed of loading Web pages.
An alpha version of Opera 10 is available online. The rendering engine, called Opera Presto 2.2, is the foundation of all of Opera's browsers, including the popular Opera Mobile. It also runs on the server that powers the Opera Mini, Opera's thin-client browser that is used on cell phones.
Jan Standal, director of consumer product management and developer relations at Opera, said better loading speed and support for Web standards are the key design goals for Opera 10's release.
Support for Web Font, a technology that allows a Web developer to specify any font that's available on the Internet rather than depend on ones available locally, also is available in the alpha release of Opera 10 as part of the Presto 2.2 software, Standal said.
Opera expects to release a beta of Opera 10 in early 2009 and a full version of the browser before midyear, he said.
While Opera's desktop browser has only a very small market share in the U.S., the software is more popular with users in Europe and Asia.
Friday, December 5, 2008
Researchers at BitDefender have discovered a new type of malicious software that collects passwords for banking sites but targets only Firefox users.
The malware, which BitDefender dubbed "Trojan.PWS.ChromeInject.A" sits in Firefox's add-ons folder, said Viorel Canja, the head of BitDefender's lab. The malware runs when Firefox is started.
Firefox has been continually gaining market share against main competitor Internet Explorer since its debut four years ago, which may be one reason why malware authors are looking for new avenues to infect computers, Canja said.
Users could be infected with the Trojan either from a drive-by download, which can infect a PC by exploiting a vulnerability in a browser, or by being duped into downloading it, Canja said.
When it runs on a PC, it registers itself in Firefox's system files as "Greasemonkey," a well-known collection of scripts that add extra functionality to Web pages rendered by Firefox.
BitDefender has updated its products to detect it, and other vendors will likely follow suit quickly, Canja said. Users could avoid it by only downloading signed, verified software, but that's a measure that restricts the usability of a PC, he said.
The malware is not present in Mozilla's repository of add-ons, Canja said. Mozilla had taken steps to ensure that its official site hosting add-ons -- also called extensions -- are free from malware.
In May, Mozilla acknowledged that the Vietnamese language pack for Firefox contained a bit of unwanted code. Although widely reported as a virus, the language actually contained a line of HTML code that would cause users to view unwanted advertisements.
Mozilla now scans new add-ons for malware. However, those scans will only detect known threats, and there was no signature in the security software Mozilla was using at the time that could detect the code.
Mozilla said the code probably ended up in the language pack after the PC of its developer became infected. More than 16,000 people downloaded the language pack, but only about 1,000 people regularly use it.
After the incident, Mozilla said it would scan add-ons in its repository when antivirus signatures were updated.
Tuesday, December 2, 2008
The terrorists that attacked various locations in south Mumbai last week used digital maps from Google Earth to learn their way around, according to officials investigating the attacks.
Investigations by the Mumbai police, including the interrogation of one nabbed terrorist, suggest that the terrorists were highly trained and used technologies such as satellite phones, and global positioning systems (GPS), according to police.
Google Earth has previously come in for criticism in India, including from the country's former President, A.P.J. Abdul Kalam.
Kalam warned in a 2005 lecture that the easy availability online of detailed maps of countries from services such as Google Earth could be misused by terrorists.
A Google spokeswoman said in an e-mail Monday that Google Earth's imagery is already available through commercial and public sources. Google Earth has also been used by aid agencies for relief operations, which outweighs abusive uses, she said.
Indian security agencies have complained that Google Earth exposed Indian defense and other sensitive installations. Other nations, including China, have made similar complaints regarding military locations.
However the places attacked by terrorists last week did not come under the category of defense or sensitive installations. The information available to the terrorists on Google Earth about the locations they attacked is also available on printed tourism maps of Mumbai. The locations included two hotels, a restaurant, a residential complex and a railway station.
John Ribeiro, IDG News Service