Google plans to start sales of second-gen Nexus 7 tablet from July

Google Inc will launch a new version of its Nexus 7 tablet powered by Qualcomm Inc's Snapdragon processor around July, as the software giant pushes deeper into the cut-price mobile hardware market.

Google is aiming to ship as many as eight million of the Asustek-made tablets in the second half of the year, throwing down the gauntlet to other low-end tablets such as Amazon.com Inc's Kindle Fire and Apple Inc's iPad mini, the sources with knowledge of the new product said.

This is the first time details about the timing and sales targets for Google's new tablet have been unveiled, although the company has not publicly released any information.

Google, which gets almost all of its revenue from online advertising, wants the aggressively priced Nexus tablets to be a hit as more Nexus users would mean more exposure for Google's ads.

The latest version will have a higher screen resolution, a thinner bezel design and adopt Qualcomm's chip in place of Nvidia Corp's Tegra 3, which was used in the first Nexus 7s released last year, the sources said, declining to be identified because they are not authorized to speak to the media.

In a blow to Nvidia, Google weighed both U.S. chipmakers' processors but finally decided on Qualcomm's for power reasons, one of the sources added.

Qualcomm and Nvidia are competing aggressively in the tablet market as they seek to expand from their traditional strongholds of cellphones and PCs respectively.

A Google spokesman declined to comment on its new tablet. Qualcomm and Nvidia also declined to respond to questions.

Google and other traditionally non-hardware companies like Amazon and Microsoft Corp have begun making inroads into mobile devices as consumers increasingly access the Web on the go.

Google introduced its first tablet last June, hoping to replicate its smartphone success in a hotly contested market now dominated by Kindle Fire and iPad.

The Nexus 7 joined the ranks of smaller, 7-inch tablets popularized by Amazon and Samsung Electronics, among others.

Pricing is yet to be determined and Google's plans are fluid, the sources said. Market leader Apple is expected to launch new iPads this year as well, possibly forcing its competitors to change their assumptions.

Google may choose to sell the new gadget for $199, the same as the first generation rolled out last June, while the old model may be discounted, one of the sources said. Alternatively, the new tablet could be priced more competitively at $149 and the previous model discontinued, the source added.

The cheapest iPad mini goes for more than $300.

CORE STRENGTHS

Though pricing has not been finalized, discounting could play to Google's and Amazon's strengths by getting cheaper hardware into more consumers' hands to drive revenue from their core Internet-based businesses.

"This is the 'zero margin strategy'," said Fubon Securities analyst Arthur Liao. "Ninety-seven percent of Google's revenue comes from advertisement, so it needs to sell more mobile devices in order to reach more consumers."

The Internet search giant, which has never disclosed tablet sales, plans to ship six to eight million of the new Nexus 7s in the second half of this year, the sources said. That compares to an estimated 4.6 million Nexus 7s sold in the same period last year, according to Enders Analysis mobile industry analyst Benedict Evans.

The large volume could help to accelerate development of tablet-specific applications for its Android operating software.

Asustek, a netbook PC pioneer, will continue to co-brand with Google on the new Nexus 7. The Taiwanese company has said it aims to ship over 12 million tablets this year, almost double last year's shipments.

Author: dfgdfg,

Categories: Google, Nexus, secondgen, sources, Tablet

11 Security Holes Addressed by Google in Chrome 26

Chrome 26 is officially out and, as always, the latest stable channel update comes with a number of improvements in the security section. However, on this occasion, only 2 high-severity vulnerabilities have been addressed.
One of the high-severity flaws has been uncovered by Atte Kettunen of OUSPG. The expert has been rewarded with $1,000 (780 EUR) for a use-after-free issue in Web Audio.

By fixing the other high-severity bug, Google ensures that isolated websites run in their own processes.

Of the four medium-severity vulnerabilities, one – a use-after-free with pop-up windows in extensions – affects only the Linux variant.

Five low-severity bugs have also been identified.

Most of the issues have been found by the Google Chrome Security Team and members of the Chromium development community.

Subho Halder, Aditya Gupta, and Dev Kar, all three of xys3c, and “t3553r” have also been credited for finding security holes.

Author: dfgdfg,

Categories: Chrome, Google, Holes, Security

Pwn2Own ends with Oracle Java, Reader and Adobe Flash exploits

Day two of the Pwn2Own competition at CanSecWest was again successful for French Vupen security, as they succeeded in exploiting Adobe Flash on Internet Explorer 9 on Windows 7 by chaining together three zero-days (an overflow, a ASLR bypass technique and a IE9 sandbox memory corruption) and earning themselves another $70,000.

George Hotz exploited Adobe Reader XI (also on IE 9 on Win7), and Ben Murphy - the last contestant to target Java - has also managed to earn a prize even though he wasn't there, because James Forshaw, a winner from the previous day, agreed to serve as proxy and demonstrate the attack.

All in all, ZDI has awarded over half a million dollars in cash prizes and, of course, the compromised laptops and ZDI reward points.

The Google financed Pwnium hacking contest - also held at CanSecWest - this year requires contestants to "break" Chrome OS but has so far not witnessed a successful exploitation.

In the meantime, Mozilla has already fixed the use-after-free zero-day flaw exploited yesterday by Vupen Security, and Google has issued a Chrome update that fixes the flaws discovered by the MWR Labs team.

Author: dfgdfg,

Categories: Adobe, Google, Hacking, Mozilla, Pwn2own, Windows

Google begins scanning of Chrome Extensions & Stops Auto-Install

Google has taken two steps to prevent its Chrome browser becoming an attack vector for malware that runs as extensions to the browser.

Like many other browsers, Chrome allows users to install “extensions”, apps that add functionality. Google even runs the “Chrome Web Store” to promote extensions.

Security outfit Webroot recently pointed out that some of the extensions in the store are illegitimate, data-sucking privacy invaders that trick users with offers to do things like change the colour of Facebook and then suck out all their data.

Google has responded in two ways, one of which is a new service “To help keep you safe on the web” that will see the company “analyzing every extension that is uploaded to the Web Store and take down those we recognize to be malicious.”

Changes are also coming in the forthcoming version 25 of the browser, which will no longer allow extensions to install without users’ knowledge. That’s currently possible because Chrome, when running on Windows, can is designed to allow unseen installs “to allow users to opt-in to adding a useful extension to Chrome as a part of the installation of another application.”

“Unfortunately,” Google now says in a blog post, “this feature has been widely abused by third parties to silently install extensions into Chrome without proper acknowledgement from users.”

Chrome 25 will therefore remove the auto-install feature, replacing it with a new system that presents the Windows Vista-esque screen below when extensions try to ingratiate themselves with the browser.

As ever, Google’s blog posts and support notice on the changes position them as responsible enhancements that show, yet again, Google is doing the world a favour.

A more critical analysis could consider the announcements in light of malware found in Google Play and take Google’s decision to more aggressively curate the Chrome Web Store as an admission it needs to devote more attention to this stuff, lest Chrome and other Google products become malware-ridden quagmires that users don’t trust.

Author: dfgdfg,

Categories: Chrome, Chrome extensions, Google, Security

Chinese government blocks Google.com, Gmail, Google+, Maps, Docs, Analytics, Drive, more

Google has experienced a precipitous drop in traffic from China, which a Web-monitoring group attributed to the search engine being "blocked" by the government.

Data provided by Google's Transparency Report shows a sharp drop off in traffic -- to roughly half the normal amount -- to Google's Web sites as of early this morning California time.

GreatFire.org, which performs real-time monitoring, suggested that the drop meant the Chinese government is "one step closer to fully separating the Chinanet from the Internet."

It wasn't immediately clear whether the block was intended to be long-lasting, or whether it's been lifted and Chinese Internet users will be able to connect to Google when they wake up. It's 3:50 a.m. in Beijing right now.

Google has been wrestling with censorship in China for more than half a decade. In April, Google Drive was blocked. Even after switching to a Hong Kong domain in 2010, sensitive topics remained off-limits.

Google has issued our representatives a statement today saying: "We've checked and there's nothing wrong on our end."

Author: dfgdfg,

Categories: Censorship, China, Google

Google adds calculator to search results

Google has added a calculator to its search results.

Google has beefed up its built-in calculator function, adding an interface with 34 buttons. When a user types a sum such as "2 + 2" or "4 x 5," they are now confronted by the visual interface shown above — previously, Google would simply spit out the answer as text. The calculator includes functions for processing sines, cosines, and tangents as well as dedicated buttons for Pi and Euler's number and once the calculator is displayed, users can also tap numbers and scientific functions to send it a new equation. The company's search box will also still work.

Prior to this addition, Google allowed users to type into its search any equation. The search engine would then spit out the answer. However, this is the first time that Google has displayed an actual calculator its users can interact with.

Author: dfgdfg,

Categories: Google, Google Search, Search Improvement

Google Exploits Safari Flaw to Track Users Online

The Wall Street Journal has caught Google with its hand in the cookie jar of Apple’s Safari users, after manipulating Safari browser flaws to enable tracking users behaviours when browsing via cookies.

Search giant Google has been accused by the Wall Street Journal of bypassing the browser’s security settings by allowing a site to set tracking cookies.

Safari for Mac and PC, as well as Safari in-built into iOS devices, are thought to be affected. The browser was subject to tests by the Journal which show that Google used code in its advertisements to bypass Safari’s security, which by default blocks such tracking activity.

The aim of the code was to allow users who had signed into Google+ in Safari to access the ‘+1′ button within ads, provided by Google’s DoubleClick network.

“Don’t be evil,” the company said. While this may not classify as evil per se, it has already gained the attention of the online privacy advocacy group, the Electronic Frontier Foundation (EFF), reiterating the need for ‘Do Not Track’ rules on the Web.

Safari’s security would normally prevent ads from dropping a tracking cookie in such a case because it blocks cookies coming from advertising networks. But the code Google is accused of using ’tricked’ the browser into thinking the code was submitting a web form to Google; form cookies are not blocked, as it allows the browser to see whether the form was in fact sent.

The exploit isn’t new. It was first discovered in 2010 by Stanford researcher Jonathan Mayer and confirmed web developer and researcher Anant Garg.

But Google, while the biggest name on the list of the accused, was not the only one to do it. The Journal says that other advertising networks do similar things, such as the Media Innovation Group, Gannet’s PointRoll, and Vibrant.

Google’s DoubleClick adverts containing the privacy-circumventing code were found on major websites, including AOL.com, Match.com, TMZ.com and YellowPages.com, according to CNET reports. The Journal’s outside advisor found that 22 of the top 100 websites had Google’s Safari-busting tracking code, and that 23 different sites install the same code on Safari’s iOS browser.

The cookies were set to expire after 12 to 24 hours, but Safari can add even more cookies to a users’ browser once the first cookie as been left.

After Google was caught with its hand in the cookie jar, it said that “the Journal mischaracterizes what happened and why,” after it disabled the code. ”We used known Safari functionality to provide features that signed-in Google users had enabled. It’s important to stress that these advertising cookies do not collect personal information,” the company said.

Apple, however, was quoted as saying that it is “working to put a stop” to the circumvention of its privacy settings and security features.

Microsoft has weighed in, taking a cheap shot at its closest rival, by saying that “this type of tracking by Google is not new”. The Internet Explorer blog continued: “The novelty here is that Google apparently circumvented the privacy protections built into Apple’s Safari browser in a deliberate, and ultimately, successful fashion.”

Rachel Whetstone, senior vice-president for communications and public policy at Google, expanded on the Journal’s findings:

“Unlike other major browsers, Apple’s Safari browser blocks third-party cookies by default. However, Safari enables many web features for its users that rely on third parties and third-party cookies, such as “Like” buttons. Last year, we began using this functionality to enable features for signed-in Google users on Safari who had opted to see personalized ads and other content — such as the ability to “+1” things that interest them.

To enable these features, we created a temporary communication link between Safari browsers and Google’s servers, so that we could ascertain whether Safari users were also signed into Google, and had opted for this type of personalization. But we designed this so that the information passing between the user’s Safari browser and Google’s servers was anonymous — effectively creating a barrier between their personal information and the web content they browse.

However, the Safari browser contained functionality that then enabled other Google advertising cookies to be set on the browser. We didn’t anticipate that this would happen, and we have now started removing these advertising cookies from Safari browsers. It’s important to stress that, just as on other browsers, these advertising cookies do not collect personal information.”

Author: dfgdfg,

Categories: Google, Privacy, Safari, WSJ

Google will pay you $25 for your Web Privacy

The search giant is promising up to $25 in Amazon gift cards if you let it track the Web sites you visit and how you use them. Through a new project known as Screenwise, you install a browser extension that monitors every site you check out.

Google's stated goal is to find out how everyday people use the Internet in an attempt to help it improve its own products and services.

Those of you not shy about sharing your Web sites can score a $5 Amazon gift card when you sign up and download the Screenwise browser extension. You're then eligible for another $5 card for every three months that you stick with the program until the $25 max kicks in. However, the company is thinking about what further amounts it could add for people who last more than 12 months.

According to Google, "it's our way of saying 'Thank you.'"

To launch the project, Google is teaming up with Knowledge Networks, a company that rounds up panels of people to conduct online research.

To grab the deal, you have to be 13 or older, have a Google account, and use the Chrome browser. But before you try to jump on it right now, Google says it's already overwhelmed with interest and is advising people to come back to the Screenwise page at a later date for more details.

But apparently there's more to Screenwise than just the $25 browser extension project. A more extensive and expensive option asks you to set up a data collector router and then install the Chrome extension on each computer you use, says Ars Technica.

In return for collecting Web site data on every PC in your home, Google will pay you $100 just for signing up and $20 a month for as long as you participate, maxing out at a full year. Though similar to the $25 project, this one will look at different types of data.

Though Screenwise is strictly opt-in, the project comes at an odd time when Google is on the hot seat over changes to its privacy policies.

Author: dfgdfg,

Categories: Amazon gift card, Google, Screenwise

Google Unveils Dart, an alternative to Javascript

Google today launched an "early preview" of Dart, a programming language the company hopes will help Web application programmers overcome shortcomings of JavaScript that Google itself feels acutely.

Programmer and project leader Lars Bak detailed the project in a talk today at the Goto conference conference today in Denmark and in a blog post. Dart is geared for everything from small, unstructured projects to large, complicated efforts--Gmail and Google Docs, for example.

"If we want to focus on making the Web better over time, we have to innovate," including with new programming languages, Bak said in an interview today.

Google also unveiled a Dart language site including open-source tools for writing Dart programs, code samples and tutorials, supporting libraries of supporting software, the Dart language specification, and forums for discussion.

Google is a big company, though, and others within the company remain strong JavaScript adherents. And Bak, while not denying Google has big ambitions, was quick to proclaim JavaScript alive and well.

"It's not going to replace JavaScript," Bak said. "JavaScript is is a cornerstone of the Web today, and it will continue to be for a long, long time."

Bak bristled at some of complaints about Google's approach to creating Dart in-house and not through a more collaborative approach.

"I don't buy the argument that before writing any line of code or designing any features, you put it in a standards committee, because that would just be a lot of screaming," Bak said. "You have to have coherent design before you start adopting Dart as a standard."

Making a standard is a goal, though. "It will be fairly lonely to create a standards committee when here's only us in it. We first have to get the backing of other partners before we can make a standard that's useful," he said.

Google is releasing Dart now for the next step in its maturation: outside feedback and participation. "We hope the other browser vendors will be excited," Bak said, adding that today is the first that Google has shared details about Dart with them or others.

Google is evaluating the best way to integrate Dart directly into its Chrome browser, something Bak is keen on. One reason: it will enable a "snapshotting" technology that dramatically improves a Web app's start-up time. Snapshotting involves taking an application and "serializing" it into a single block of data.

In one test of snapshotting, a 55,000-line Dart program loaded in 60 milliseconds compared to 640 milliseconds without it, Bak said. A conventional JavaScript program would load in comparable time as Dart without snapshotting, he said. "I can see a lot of optimizations that 'll be applicable to Dart" when it's integrated directly into a browser, he added.

Here's Bak's quick description of Dart:

Dart's design goals are:

• Create a structured yet flexible language for Web programming.

• Make Dart feel familiar and natural to programmers and thus easy to learn.

• Ensure that Dart delivers high performance on all modern Web browsers and environments ranging from small handheld devices to server-side execution.

Dart targets a wide range of development scenarios: from a one-person project without much structure to a large-scale project needing formal types in the code to state programmer intent. To support this wide range of projects, Dart has optional types; this means you can start coding without types and add them later as needed. We believe Dart will be great for writing large web applications.

Dart programs will be able to run within a Dart virtual machine--essentially a layer of software that acts as a computer to execute programs. They'll also be able to run using a compiler that translates Dart code into JavaScript code for browsers that don't support Dart, Bak said.

Google's Chrome browser has served as a vehicle to get the company's technology such as WebM and SPDY useful for at least a portion of Web users. Though the 2010 Dart/Dash memo said Google planned build Dart support into Chrome, Bak was cautious about making any definite statements beyond saying browser integration brings benefits. It's notable, though, that Bak led development of Chrome's V8 JavaScript engine, so he's hardly a stranger to the Chrome team or to the challenges of improving Web-app speed.

Building Dart into Chrome could let Google build Dart versions of its advanced Web apps that--if the language lives up to its billing--could be better than those Web apps today.

"Google has a lot fairly big Web applications. That includes Gmail and Docs. I hope many of these apps will be converted into Dart," Bak said--but cautioned that was his personal option, not an explicit plan.

Introducing new programming languages is tough. Though many hope that computing can improve by reforming or replacing languages, the incumbent power of existing languages is strong. Educating thousands or millions of programmers, building developer tools, and creating supporting libraries of code all can take years. As newer languages such as Java, JavaScript, and C# attest, though, it is possible.

Google also is trying to gain a foothold for Go, a programming language geared more for native software that today would most likely be written with C or C++.

Dart is designed to address several shortcomings Google sees with Web programming today, according to the Dart technical overview:

• Small scripts often evolve into large web applications with no apparent structure--they're hard to debug and difficult to maintain. In addition, these monolithic apps can't be split up so that different teams can work on them independently. It's difficult to be productive when a Web application gets large.

• Scripting languages are popular because their lightweight nature makes it easy to write code quickly. Generally, the contracts with other parts of an application are conveyed in comments rather than in the language structure itself. As a result, it's difficult for someone other than the author to read and maintain a particular piece of code.

• With existing languages, the developer is forced to make a choice between static and dynamic languages. Traditional static languages require heavyweight toolchains and a coding style that can feel inflexible and overly constrained.

• Developers have not been able to create homogeneous systems that encompass both client and server, except for a few cases such as Node.js and Google Web Toolkit (GWT).

• Different languages and formats entail context switches that are cumbersome and add complexity to the coding process.

The priority right now is to hear what the rest of the world thinks and to get them participating in Dart's development, Bak said.

"At this point it is mostly the language we are focused on," he said. "We hope to get positive feedback on the language."

Author: dfgdfg,

Categories: Dart, Google, Programming

Google Map 3D Now Shows You Helicopter View

Google is adding a new "helicopter view" option for directions in Google Maps, enabling you to see your trip from above in full 3D glory. Google is making use of its Earth view engine for this and it's a great way of both making people aware that they can see 3D content in Google Maps but also a way making trip planning more fun.

"Getting directions is one of the most popular features on Google Maps, whether it be for driving, walking, biking or transit," Paul Yang, a Google Maps engineer, wrote.

"Today, we are launching a new feature that allows you to bring your upcoming trip to life, by allowing you to preview your route in 3D," he announced.

The feature is now available to all users, but you need the Earth view plugin to make use of it. Enabling the feature is easy. Just plan out a route, like usual.

You'll see the regular directions page, but there is now a 3D button next to the starting point. Hitting it will switch from the 2D map view to the 3D Earth view.

Then you'll be able to follow along as your trip is played back via the 3D engine. You can pause it at any moment and then move around, zoom in and check out the view from different angles.

You can also jump directly to another part of the trip by clicking on any step from the list on the left. Of course, once you're done, you can switch back to the 2D view by clicking on the 2D button.

The big caveat is that you have to install the Google Earth plugin for any of this to work. The plugin is available for most browsers on Windows, Google Chrome, Internet Explorer, Firefox, and Mac OS X, Google Chrome, Safari, Firefox. Linux users are out of luck.

Author: dfgdfg,

Categories: Google, Google map

Android Bug Allows Hackers to Install Malicious Code Without Warning

It's been more than a month since researchers reported two serious security vulnerabilities in Android, but so far there's no indication when they will be purged from the Google-spawned operating system that's the world's most popular smartphone platform.

The first flaw allows apps to be installed without prompting users for permission. The permission-escalation vulnerability permits attackers to surreptitiously install malware in much the way a proof-of-concept exploit researcher Jon Oberheide published last year did. In that case, an app he planted in the Android Market and disguised as an expansion pack for the Angry Birds game secretly installed three additional apps that without warning monitored a phone's contacts, location information and text messages so data could transmitted to a remote server.

“The Android Market ecosystem continues to be a ripe area for bugs,” Oberheide wrote in an email. “There are some complex interactions between the device and Google's Market servers which has only been made more complex and dangerous by the Android Web Market.”

The second bug resides in the Linux kernel where Android originates and makes it possible for installed apps with limited privileges to gain full control over the device. The vulnerability is contained in code device manufacturer have put into some of Android's most popular handsets, including the Nexus S. The bug undermines the security model Google developers created to contain the damage any one application can do to the overall phone.

Oberheide and fellow researcher Zach Lanier plan to speak more about the vulnerabilities at a two-day training course at the SOURCE conference in Barcelona in November. In the meantime, they put together a brief video showing their exploits in action.



One of the hopes for Android a few years back was that it would be a viable alternative to Apple's iOS, both in terms of features and security. With the passage of time, the error of that view is becoming harder to ignore. And if i'm not wrong, Google developers have updated Android just 16 times since the OS debuted in September 2008. The number of iOS updates over the same period is 29.

It's a far cry from the approach Google takes with its Chrome browser, which is updated frequently, and has been known to release fixes for the Flash Player before they're even released by Adobe.

Even more telling, when a new version of iOS is released, it's available almost immediately to any iPhone user with the hardware to support the upgrade. Android users, by contrast, often wait years for their phone carriers to supply updates that fix code execution vulnerabilities and other serious flaws.

Owners of the Motorola Droid, for instance, are stuck running Android 2.2.2 even though that version was released in May 2010 and contains a variety of known bugs that allow attackers to steal confidential data and remotely execute code on handsets the run the outdated version.

Oberheide has more here.

Author: dfgdfg,

Categories: Android, Android Malware, Google, Malware, Vulnerability

Google Wallet to be launched soon

The pieces appear to be falling into place for the launch of Google Wallet today.

Last night, tech-media blog TechCrunch posted an image purporting to be from Google Wallet partners, showing documentation on the service. That documentation says that "Google Wallet is launching September 19, 2011."

Then this morning, another blog, GigaOm, posted an image, taken by one of its reporters at a coffee shop in San Francisco, of a Google Wallet payment reader. The reader provides directions on it, saying users must "tap" their smartphone against the device in order to "pay by smartphone."

The offering, which relies upon near-field communications (NFC) technology to work, allows users to pay for products by simply tapping their smartphone against the Google Wallet-enabled reader.

However, there are a few barriers to entry to get Google Wallet running. For one, users need the Android-based Nexus S smartphone, which has an NFC chip in it. In addition, the service is only available with MasterCard's PayPass system. According to the Google Wallet site, the service will work with Citi MasterCard credit cards and the Google PrePaid Card. In addition, Google Wallet can store "gift cards from participating merchants," Google says.

Mobile payment systems are viewed by many as the next big thing in e-commerce. A slew of companies are vying to carve out a portion of the mobile-payment service in addition to Google, including PayPal, Visa, and American Express. There is also rampant speculation that Apple's iPhone 5 will come with near-field communications, paving the way for that company to also enter the space.

However, such fragmentation could prove troublesome for consumers. In order for mobile-payment services to work, several stakeholders need to be on-board, including merchants, credit card companies, and mobile device vendors.



Exactly when Google Wallet will launch, however, still remains to be seen. The service's official Web site still says that it's "coming soon," and so far, Google has remained tight-lipped on the launch.

Author: dfgdfg,

Categories: Google, Google Wallet, NFC

Google Chrome 14 Released

Google Chrome 14 has now been released to the stable channel, making it the first time more than 100 million users will get a chance to see this latest Chrome version in action.

Google Chrome 14 doesn't boast an impressive list of new features or updates, with most of the new things, at least the interesting ones, happening under the hood.

That said, Google Chrome 14 lays the groundwork for future developments with Native Client, Google's technology for running native code from the web, reaching a mature state.

Native Client is enabled by default in Google Chrome, enabling developers to create more powerful and faster web apps than what's been possible before.

"Today, we’re happy to ship a new release to the Stable channel of Chrome, following up on last month’s Beta channel release. This release contains two significant technologies which allow developers to create even more powerful web apps and games," Brad Chen, Software Engineer at Google, announced.

"The Web Audio API enables developers to add fancy audio effects such as room simulation and spatialization," he listed one of the big new features in Google Chrome 14.

"Native Client is an open-source technology which allows C and C++ code to be seamlessly and securely executed inside the browser," he explained.

"Currently, Native Client only supports applications listed in the Chrome Web Store, but we are working to remove this limitation as soon as possible," he added.

Native Client holds a lot of promise and Google has been working on it for a couple of years. It hasn't been easy, but Google has reached a point where it can enable developers to write code once, put it up on the web and have it run, almost as fast as native code running on 'bare metal,' on any (x86) operating system supported by Chrome.

As always, if you already have Chrome installed, it will automatically update itself to the new version soon. If you haven’t taken Chrome for a spin yet, you can download it from www.google.com/chrome.

Author: dfgdfg,

Categories: Google, Google Chrome, Google Chrome 14

Exclusive: Google Buys Motorola For $12.5 Billion

Nobody saw this coming: Google just announced that it is acquiring Motorola Mobility. The search and online advertising company is buying the company for approximately $12.5 billion (or $40 per share), in cash. As the press release puts it,

The acquisition of Motorola Mobility, a dedicated Android partner, will enable Google to supercharge the Android ecosystem and will enhance competition in mobile computing. Motorola Mobility will remain a licensee of Android and Android will remain open. Google will run Motorola Mobility as a separate business.

According to a blog post, Larry Page CEO & co-founder of Google writes that Google has acquired Motorola not only because of its strength in Android smartphones and devices, but also for being a “market leader in the home devices and video solutions business.”

He said the move is to also strenghten the company's patent portfolio as it will “enable us to better protect Android from anti-competitive threats from Microsoft, Apple and other companies”.

Full press release is as follows:

Google to Acquire Motorola Mobility

Combination will Supercharge Android, Enhance Competition, and Offer Wonderful User Experiences

MOUNTAIN VIEW, Calif. & LIBERTYVILLE, Ill.–(BUSINESS WIRE)–Google Inc. (NASDAQ: GOOG) and Motorola Mobility Holdings, Inc. (NYSE: MMI) today announced that they have entered into a definitive agreement under which Google will acquire Motorola Mobility for $40.00 per share in cash, or a total of about $12.5 billion, a premium of 63% to the closing price of Motorola Mobility shares on Friday, August 12, 2011. The transaction was unanimously approved by the boards of directors of both companies.

“Motorola Mobility’s total commitment to Android has created a natural fit for our two companies. Together, we will create amazing user experiences that supercharge the entire Android ecosystem for the benefit of consumers, partners and developers. I look forward to welcoming Motorolans to our family of Googlers.”

The acquisition of Motorola Mobility, a dedicated Android partner, will enable Google to supercharge the Android ecosystem and will enhance competition in mobile computing. Motorola Mobility will remain a licensee of Android and Android will remain open. Google will run Motorola Mobility as a separate business.

Larry Page, CEO of Google, said, “Motorola Mobility’s total commitment to Android has created a natural fit for our two companies. Together, we will create amazing user experiences that supercharge the entire Android ecosystem for the benefit of consumers, partners and developers. I look forward to welcoming Motorolans to our family of Googlers.”

Sanjay Jha, CEO of Motorola Mobility, said, “This transaction offers significant value for Motorola Mobility’s stockholders and provides compelling new opportunities for our employees, customers, and partners around the world. We have shared a productive partnership with Google to advance the Android platform, and now through this combination we will be able to do even more to innovate and deliver outstanding mobility solutions across our mobile devices and home businesses.”

Andy Rubin, Senior Vice President of Mobile at Google, said, “We expect that this combination will enable us to break new ground for the Android ecosystem. However, our vision for Android is unchanged and Google remains firmly committed to Android as an open platform and a vibrant open source community. We will continue to work with all of our valued Android partners to develop and distribute innovative Android-powered devices.”

The transaction is subject to customary closing conditions, including the receipt of regulatory approvals in the US, the European Union and other jurisdictions, and the approval of Motorola Mobility’s stockholders. The transaction is expected to close by the end of 2011 or early 2012.

Author: dfgdfg,

Categories: Android, Google, Google Acquires Android partners, Motorola

Security researchers hack Google’s Chrome OS

Google has billed its Chrome operating system as a security breakthrough that's largely immune to the threats that have plagued traditional computers for decades. With almost nothing stored on its hard drive and no native applications, there's no sensitive data that can pilfered and it can't be commandeered when attackers exploit common software vulnerabilities.

But according to two researchers who spent the past few months analyzing the Chrome-powered Cr-48 beta released in December, the browser-based OS is vulnerable to many of the same serious attacks that afflict people surfing websites. As a result, users remain susceptible to exploits that can intercept email, documents, and passwords stored on centralized servers, many of which are maintained by Google.

“Even though they put these awesome security protections in place, we're just moving the security problems to the cloud now,” Matt Johansen, a researcher with WhiteHat Security said. “We're moving the software security problem that we've been dealing with forever to the cloud. They're doing a lot of things right, but it's not the end all and be all for security.”

Virtually all of the threats identified by Johansen and his WhiteHat colleague Kyle Osborn stem from Chrome's reliance on extensions, which are essentially web-based applications. A fair number of the extensions they analyzed contain XSS, or cross-site scripting, bugs, which have the potential to inject malicious code and content into a visitor's browser and in some cases steal credentials used to authenticate user accounts.

As they went about testing what kind of attacks various XSS vulnerabilities could allow, Johansen and Osborn noticed something curious: a bug in one extension often allowed them to hijack the communications of a second extension, even when the latter one had no identifiable security flaws. At the Black Hat security conference in Las Vegas on Wednesday, they demonstrated this weakness by exploiting an XSS hole in one extension to steal passwords from an otherwise secure account on cloud password storage service LastPass.

“If any of the other vulnerable extensions have an XSS hole, we can utilize JavaScript to hijack that communication,” Johansen said. “LastPass is doing absolutely nothing wrong here. You can have an extension that's perfectly fine, but if you have another that has a cross-site scripting error in it we can still access information in secure applications.”

The discovery has generated a quandary for the researchers.

“Whose problem is this to fix?” Johansen continued. “We don't really have an answer for that. LastPass did everything correctly. It's the other extension developers that developed an extension with a vulnerability in it.”

After being informed of the specific attack, LastPass made changes to its Chrome extension that prevented it from being carried out, so it's reasonable to assume extension makers foot some of the responsibility for preventing their apps from being compromised by others. But Johansen couldn't rule out the possibility that vulnerabilities and other apps could probably make LastPass vulnerable again. He said Google might be able to fix the problem by overhauling the application programming interfaces extension developers use.

The researchers also demonstrated an XSS vulnerability in Scratchpad, a text-editor extension that's bundled with Chrome. By sharing files with names containing JavaScript commands stored on Google Docs they were able to obtain the Google session cookies of anyone who used a Chromebook to view the documents. An attacker could exploit the vulnerability to read a victim's email, or to send instant messages to everyone on the victim's contact list. If any of the contacts are using Chromebooks, they could be similarly vulnerable to booby-trapped filenames stored on Google Docs.

A Google spokeswoman defended the security of Chromebooks and said the vulnerabilities enumerated by the researchers weren't unique to the cloud-based OS. In an email, she issued the following statement:

This conversation is about the web, not Chrome OS. Chromebooks raise security protections on computing hardware to new levels. They are also better equipped to handle the web attacks that can affect browsers on any computing device, thanks in part to a carefully designed extensions model and the advanced security available through Chrome that many users and experts have embraced.

The researchers stressed Google engineers were extremely quick to fix the Scratchpad vulnerability and awarded them a $1,000 bounty for their report. But they remain convinced that the security of Chrome OS in many cases is only as strong as its' weakest extensions. They also pointed out that penetration-testing tools such as the Browser Exploitation Framework could be used to help streamline attacks in much the way Metasploit is used to manage exploits for traditional machines.

And, Johansen said, Chrome hacking through XSS may be only the beginning, since the flaws are among the easiest to find and exploit.

“Who knows what we're going to be looking for months or years from now when Google can figure out a way to thwart the cross-site scripting threat,” he said. “Why would we be trying to write buffer overflows when we can just write a simple JavaScript command.”

Author: dfgdfg,

Categories: Chrome, Cross-Site Scripting (XSS), Google, Privacy, Security

Google + : Some Fundamentals Tips You Need to Know

Adopting a new social network like Google+ is taxing enough--re-adding friends, creating "Circles", adjusting privacy settings, etc.--so learning to navigate can be a bit overwhelming.

1. Bold, italics, and strikethough. Do you miss the funky fonts and formatting you had in MySpace? Neither do we. Google+, however, gifts you with three simple formatting tricks: *bold*, _italics_, and -strikethough-.

2. Tag friends in posts. Get a friend's attention in a post by tagging them. Type "+" or "@" followed by their name. You'll see an autocomplete drop-down menu show up as you type their name, which presumably includes people in your circles and extended circles.

Your friend will be notified they've been tagged in a post, and post visibility will automatically be set to just that person. Don't forget to add more circles and friends (if you want to) before sharing.

3. Use permalinks. Permalinks come in handy for sharing and cleaner viewing of single posts. Just click the timestamp of any post and you'll be taken to a new page displaying just that post.

4. Quickly share post on Twitter and Facebook. Oh, the irony. To share a post with your Twitter or Facebook network, use the Extended Share for Google Plus Chrome extension. Upon installation, you'll see a new option ("Send to...") below each post in your stream.

5. Edit photos. Here's a nice feature for any on-the-fly photo editing. Go to your photos (accessible via your profile), select a photo. Click "Actions" > Edit photo, and you'll be presented with several photo filters. Scroll through other photos in the album for consecutive editing.

6. Send a "direct message". To send a message to just one friend, tag them in the beginning of a post and let them know it's a private message. Then, comment on the post to establish your own, private thread.

7. Let friends e-mail you from your profile. With this setting, you can let people e-mail you directly from your profile. Head to your profile, then select "Edit profile".

Below your profile photo, you'll see a grayed out "Send an email". Click it, and check "Allow people to email me from a link on my profile". Then adjust the privacy settings below.

Author: dfgdfg,

Categories: Google, Google +, Google Plus Tips, How-tos

co.cc : Google De-Indexes All .Co.Cc Domain Extensions

Google has just blocked more than 11 millions of .co.cc websites from its search engine result pages due to the fact that majority of them leverage that avenue for spam activities.

The domain .co.cc is offered by a Korea company (http://co.cc) that actually owns the domain name .co.cc, so it is not yet officially autorized as a second-level domain like co.au or co.uk.

According to google they see the firm as a "freehost" and has the right to block the whole domain "if we see a very large faction of sites on a specific freehost are spammy or low-quality", according to Matt Cutt, head of Google's web spam team.

In a recent blog post, the company said "To help protect users we recently modified those [malware-scanning] systems to identify bulk subdomain services which are being abused. In some severe cases our systems may now flag the whole bulk domain.

Recently the Anti-Phishing Working Group released  a 29-page report stating that .cc top-level domain hosted 4,963 phishing attacks in the second half of 2010, thats almost double the number found under any other extension.

Reason was due to a large number of attacks originating from .co.cc addresses, the APWG said.

The registry offers single sub-domain for free and allows customers to bulk-register 15,000 addresses at a time for a mere $1000 or about seven cents a name.

The stats on their website claims to have 5,735,855 individual accounts and a total of 11,383,736 registered domains, making it one of the largest domain extensions in the world even bigger than both .org and .uk over two million domains.

Author: dfgdfg,

Categories: co.cc, Domain Names, Google, Tech News

Exclusive: Google to Rebrand Blogger & Picasa into Google +

Mashable just learned that Google is intending to retire two of its popular and biggest branded products and incorporate them into Google branded services in next six weeks.

The move is part of a larger effort to unify its brand for the public launch of Google+, the search giant’s social initiative.

According to two sources familiar with the matter, Google intends to rename Picasa “Google Photos” and Blogger will become “Google Blogs.” Several other Google brands are likely to be affected, though our sources made it clear that YouTube would not be rebranded.

According to their source, the move isn't without precedent; Google acquired Jotspot in 2006 and rebranded it as Google Sites in 2008 in 2007 and they also acquired VOIP platform GrandCentral and relaunched it as Google Voice in 2009.

Picasa a very popular photo sharing site was acquired in 2004 and Blogger (co-founded by Evan Williams of Twitter) was acquire in 2003 and is one of the top most visited websites in the world.

As it now seems this drastic move will sadden some existing bloggers, but it gives Google the ability to completely integrate both services into Google+

Author: dfgdfg,

Categories: Blogger, Google, Google +, Picasa, Tech News

Gmail Redesign: It's Light and Simple but looks good

If you’re feeling daring, Google is offering users the chance to take the new, redesigned Gmail for a test drive ahead of its full-on rollout. And the first thing many people are going to notice: the new e-mail interface has a lot in common with Google+ (Google Plus).

Google’s “New Look” overview website, which is going to be detailing the cosmetic changes hitting the search giant’s services over the next little while, has the full instructions for how to activate the “Preview” and “Preview (Dense)” themes. But essentially, you just activate one or the other under the “Themes” tab in Gmail’s Settings and off you go.

So why two Preview themes? Well, Google says in its blog entry that eventually, the new-look Gmail will automatically adjust how much information is packed onto the screen based on the display resolution and other factors. But for now, it’s a manual switch. Moreover, you can switch between old Gmail and the new design at will until Google is ready for the full rollout, at which point it will become the default.

Overall, the new Gmail design looks very polished, with that same overall minimalist, appealing design that’s drawn praise from early users of Google+. The caveat, for now, is that some Google Labs features may not display quite correctly in this early version, but fixes are promised, along with updated versions of some of the other Gmail themes.

On a final note, the promised Google Calendar updates are apparently close enough to ready that users will start to see that redesign, with similar design principles, go live over the next couple of days, so keep an eye out.

Author: dfgdfg,

Categories: Gmail, Google, Google Redesign, Tech News

Google + Project: Finally Arrives, threathens Social Giants, Facebook

Google took its biggest leap yet onto Facebook’s turf on Tuesday, introducing a social networking service called the Google+ project — which happens to look very much like Facebook.

The service, which will initially be available only to a select group of Google users who will soon be able to invite others, will let people share and discuss status updates, photos and links.

But the Google+ project will be different from Facebook in one significant way, which Google hopes will be enough to convince people to use yet another social networking service. It is designed for sharing with small groups — like colleagues, college roommates or hiking friends — instead of with all of a user’s friends or the entire Web. It also offers group text messaging and video chat.

“In real life, we have walls and windows and I can speak to you knowing who’s in the room, but in the online world, you get to a ‘Share’ box and you share with the whole world,” said Bradley Horowitz, a vice president of product management at Google who is leading the company’s social efforts with Vic Gundotra, a senior vice president of engineering.

The debut of Google+ will test whether Google can overcome its past flops in social networking, like Buzz and Orkut, and deal with one of the most pressing challenges facing the company.

At stake is Google’s status as the most popular entry point to the Web. When people post on Facebook, which is mostly off-limits to search engines, Google loses valuable information that could benefit its Web search, advertising and other products.

Google+ may already be too late.

In May, 180 million people visited Google sites, including YouTube, versus 157.2 million on Facebook, according to comScore. But Facebook users looked at 103 billion pages and spent an average of 375 minutes on the site, while Google users viewed 46.3 billion pages and spent 231 minutes.

Advertisers pay close attention to those numbers, and to the fact that people increasingly turn to Facebook and other social sites like Twitter to ask questions they used to ask Google, like a recommendation for a restaurant or doctor, because they want more personalized answers.

Mr. Gundotra and Mr. Horowitz said that knowing more about individual Google users will improve all Google products, including ads, search, YouTube and maps, because Google will learn what people like and eventually be able to personalize those products.

“To think we could achieve Google’s stated mission of organizing the world’s information absent people would be ludicrous,” Mr. Horowitz said.

But Google has been criticized for failing to understand the importance of social information on the Web until competitors like Facebook and Twitter had already leapt ahead. Part of the blame, analysts say, falls on Google’s engineering-heavy culture, which values quantitative data and algorithms over more nuanced, touchy-feely pursuits like socializing.

Exhibit A is Buzz, a social sharing tool for Gmail users. It automatically included users’ e-mail contacts in their Buzz network, setting off widespread criticism that Google invaded users’ privacy and failed to understand that people’s e-mail contacts are not necessarily their friends.

Google quickly changed the service so it did not automatically connect friends. In March, Google settled with the Federal Trade Commission over charges of deceptive privacy practices related to Buzz and agreed to 20 years of audits.

Mr. Gundotra and Mr. Horowitz, both of whom worked on Buzz, say they were chastened by the experience. They said Google+ grew out of those mistakes, because they realized how much people care about controlling the information they share.

And unlike its approach with Buzz, which was tested only by Google employees before its broad introduction to the public, Google is calling Google+ a project to emphasize that it is not a final product, saying it will undergo many changes to fix problems and introduce new features. Still, its new Web site, plus.google.com, is Google’s most fully formed social networking tool yet.

Mr. Gundotra and Mr. Horowitz said they took pains to mimic people’s relationships in real life and eliminate the social awkwardness that things like friend requests and oversharing can generate on other sites.

Google+ users will start by selecting people they know from their Gmail contacts (and from other services, once Google strikes deals with them). They can drag and drop friends’ names into different groups, or circles, and give the circles titles, like “sisters” or “book club.”

Unlike on Facebook, people do not have to agree to be friends with one another. They can receive someone’s updates without sharing their own. Users can also view their Google+ page the way their friends see it, to ensure their bosses do not see pictures from Saturday night, for instance.

Google+ users will see a toolbar on top of any Google site they use, where they can click to share something or see updates from friends. Eventually, the toolbar could appear on other Web sites. Google+ will also improve the usefulness of other Google products that have not gained traction, like Latitude for sharing your location and +1 for giving a thumbs-up to a particular site in search results, the executives said.

When users visit their Google+ homepage, they see three columns and a stream of status updates in the middle that looks remarkably like Facebook. But Google said that besides an easier way to share with select groups, Google+ has several other features that distinguish it from competitors.

It offers high-definition group video chat, called Hangouts, that other members of a group can join as it is happening. Users can search a section called Sparks to see articles and videos from across the Web on certain topics, like recipes or Alzheimer’s disease, and share them with relevant groups of friends.

And on the Google+ mobile app for Android phones and iPhones, people can chat with groups using a feature called Huddle. Photos and videos shot with cellphones are automatically uploaded to a private album, so Google+ users can quickly view and post them from their phones or later on a computer.

With these services, Google will compete with a host of start-ups, like Path for sharing with small groups, SocialEyes for video chat, Flipboard for articles on certain topics and GroupMe for group texting.

“The notion that online sharing is broken is not an insight that is unique to us,” Mr. Horowitz said. “We have a way to bring in millions of users in a way that is challenging for a start-up.” 

Author: dfgdfg,

Categories: Facebook, Google, Social Media