Contact Me By Email

Thursday, February 17, 2011

Bulk of browsers found to be at risk of attack | Browsers & Add-Ons | Macworld

Bulk of browsers found to be at risk of attack | Browsers & Add-Ons | Macworld

About eight out of every 10 Web browsers run by consumers are vulnerable to attack by exploits
of already-patched bugs, a security expert said today.

The poor state of browser patching stunned Wolfgang Kandek, CTO of security risk and compliance management provider Qualys, which presented data from the companyʼs free BrowserCheck service Wednesday at the RSA Conference in San Francisco
“I really thought it would be lower,” said Kandek of the nearly 80 percent of browsers that lacked one or more patches.

BrowserCheck scans Windows, Mac and Linux machines for vulnerable browsers, as well as up
to 18 browser plug-ins, including Adobeʼs Flash and Reader, Oracleʼs Java and Microsoftʼs Silverlight and Windows Media Player.

When browsers and their plug-ins are tabulated together, between 90 percent and 65 percent of all consumer systems scanned with BrowserCheck since June 2010 reported at least one out-of- date component, depending on the month. In January 2011, about 80 percent of the machines were vulnerable.

Even worse, about 30 percent of browser plug-ins are perpetually unpatched, a rate triple that of Windows, where Qualysʼ data has shown that, on average, about 10 percent of all PCs never receive Microsoftʼs patches.

When plug-ins were excluded, browsers fared better: Only about 25 percent of the scanned machines had an unpatched browser on board last month.
Kandek read those results as proof that browser updates were applied more regularly by users. “The lower percentage shows that updating works pretty well for [browsers],” he said.

Unlike most plug-ins, browsers either silently self update — as does Googleʼs Chrome—or automatically check for new patches, a practice of Microsoftʼs Internet Explorer (IE) and Mozillaʼs Firefox.

The most likely plug-in to require a patch is Oracleʼs Java, which was outdated on more than 40 percent of the scanned systems. Adobeʼs Reader was second, with about 32 percent of the computers reporting a vulnerable version. Appleʼs QuickTime took third, with less than 25%.
Java was also in the top spotlast year when Qualys unveiled statistics from BrowserCheckʼs first three months of operation.
“I bet that most people donʼt even know that they have Java, or how it installs,” said Kandek. “Exploit writers have recognized that, and have been adding Java exploits in their toolkits.”

Although Oracle usually releases Java updates quarterly, last week it rushed out an emergency patch to quash a critical bug.
Kandek said he sees two solutions.
“A single updater would be the right thing [to have],” he said, referring to calls heʼs made before that Microsoft take on the responsibility for patching important third-party plug-ins.

“All the different patching mechanisms are confusing, a bit of this and some of that,” Kandek
added, arguing that that was one reason why so many plug-ins go unpatched.

A second answer may come with the newest round of browsers—such as Firefox 4, IE9 and Chrome—that support HTML5, the Web standard that can handle the audio and video processing now done by many of the most popular plug-ins, including Flash, QuickTime and Windows Media Player.
“Moving more functionality into the bowsers with HTML5 would help, because then you donʼt need those plug-ins,” Kandek said.

He also applauded Google for updating Flash alongside Chrome, and for integrating a bare- bones HTML-based PDF viewer into its browser, moves rivals have not mimicked.

Jennings Explains Jeopardy Loss to Watson - PCWorld

Jennings Explains Jeopardy Loss to Watson - PCWorld

In the final analysis, Watson's dismantling of human Jeopardy champions Ken Jennings and Brad Rutter was so one-sided as to render any rematch unlikely: After all, Watson will only get better; Jennings and Rutter, not so much.

Jennings, in an article he wrote for Slate, offers his explanation of why the computer prevailed. (And, for the handful of you who may not have fully appreciated the "overlord" message that Jennings penned underneath his Final Jeopardy response, we'll provide the background.)

From Jennings:
"I expected Watson's bag of cognitive tricks to be fairly shallow, but I felt an uneasy sense of familiarity as its programmers briefed us before the big match: The computer's techniques for unraveling Jeopardy! clues sounded just like mine. That machine zeroes in on key words in a clue, then combs its memory (in Watson's case, a 15-terabyte data bank of human knowledge) for clusters of associations with those words. It rigorously checks the top hits against all the contextual information it can muster: the category name; the kind of answer being sought; the time, place, and gender hinted at in the clue; and so on. And when it feels "sure" enough, it decides to buzz. This is all an instant, intuitive process for a human Jeopardy! player, but I felt convinced that under the hood my brain was doing more or less the same thing."
Continuing the case that his foe showed more human-like qualities than may have been apparent, Jennings reaches for geek self-deprecation:
"Indeed, playing against Watson turned out to be a lot like any other Jeopardy! game, though out of the corner of my eye I could see that the middle player had a plasma screen for a face. Watson has lots in common with a top-ranked human Jeopardy! player: It's very smart, very fast, speaks in an uneven monotone, and has never known the touch of a woman."
(Rim shot)

"But unlike us, Watson cannot be intimidated."
And it was with his on-air final comment - "I for one welcome our new computer overlords" -- scribbled under his Final Jeopardy response, that Jennings best summed up his attitude toward this failed attempt to beat IBM's best: There's not much left to do but laugh.
I'm sure I wasn't alone in laughing out loud at the overlord line, which, as most of you know, is based on what might be called the overlord of all Internet memes. However, I know from experience that even the most well-known memes may require explaining to those who have better things to do with their lives than keep up with such conventions.

Hence the Web site "Know Your Meme" has joined and IMDb in the pantheon of indispensible Internet sources. Here's KYM on overlord:
"The Overlord meme is a popular snowclone based on the following phrasal template: 'I, for one, welcome our new X overlords (or masters).' X in the phrase refers to (often in a humorous or overgeneralized fashion) any powerful entity with overwhelming strength; Sometimes that entity is a government or corporate power, but has also been seen applied to kittens walking on their hind legs as farcical declaration of rapid evolution. ... The 1977 film adaptation of the classic H.G. Wells short story Empire of the Ants (starring Joan Collins) is allegedly the origin of the phrase 'I, for one, welcome our new insect overlords.' "
But it is The Simpsons that receive credit for popularizing the meme to an extent such that Ken Jennings would use it to express his final capitulation to Watson.
"The quote gained popularity after the 1994 episode of The Simpsons, 'Deep Space Homer,' when news announcer Kent Brockman believes the Earth to be under invasion by giant space ants. Fearing for his life, he announces his willingness to collaborate with the insectoid invaders: 'One thing is for certain: there is no stopping them; the ants will soon be here. And I for one welcome our new insect overlords. I'd like to remind them that as a trusted TV personality, I can be helpful in rounding up others to toil in their underground sugar caves.' "

So all hail Watson, for resistance is futile.

AppleInsider | Apple's Steve Jobs to meet with President Obama on Thursday

AppleInsider | Apple's Steve Jobs to meet with President Obama on Thursday

Though recent reports have alleged that Jobs' health has continued to decline, the executive is scheduled to attend a business leaders' event with President Obama Thursday evening, a source told ABC News.

Google's Schmidt, who will step down as CEO in April; GE CEO Jeffrey Immelt, the newly named chairman of the White House Council on Jobs and Competitiveness, and Facebook's Zuckerberg will also be in attendance, according to sources familiar with the meeting.

“The president and the business leaders will discuss our shared goal of promoting American innovation, and discuss his commitment to new investments in research and development, education and clean energy,” a White House official said.

Jobs and President Obama met in October of last year to discuss the US technology industry and the economy. At the time, White house press secretary Robert Gibbs said that the President was "eager" to talk with the CEO.

In December 2010, Obama cited Jobs as an impressive example of the American dream.

"Something that's always been the greatest strength of America is a thriving, booming middle class, where everybody has got a shot at the American dream. And that should be our goal. That should be what we're focused on," the President said. "How are we creating opportunity for everybody? So that we celebrate wealth. We celebrate somebody like a Steve Jobs, who has created two or three different revolutionary products. We expect that person to be rich, and that's a good thing."

Though Jobs has kept a relatively low profile during his medical leave, which he announced in January, rampant speculation on his condition continues to abound. Jobs stayed on as Apple's chief executive and continues to be involved in major strategic decisions as he works from home.

RadarOnline reported Wednesday that Jobs had been spotted at the Stanford Cancer Clinic in Palo Alto, Calif. According to a recent report, Jobs, who turns 56 next week, had been in a "down cycle" for weeks and appeared "increasingly emaciated."

Digital books pushing print to the grave

Wednesday, February 16, 2011

BBC News - Apple reveals labour abuses at Chinese suppliers

BBC News - Apple reveals labour abuses at Chinese suppliers

Man walks past iPad advert

US electronics giant Apple has revealed labour and safety abuses at companies that supply components for its products.

It found a total of 49 workers "hired before reaching the legal age".

The firm also found 137 workers at a Wintek facility near Shanghai, had suffered adverse health effects after exposure to n-hexane, a chemical used in some processes.

Apple says it will reaudit Wintek, which also supplies Nokia, in 2011.

The findings were published in its annual supplier responsibility report.

A series of suicides at the Foxconn Technology Group last year drew attention to the working conditions of those who assemble devices such as the iPhone for Apple and other companies.

The company said it was working with Foxconn to prevent any further deaths and stated that Foxconn's response to the situation had "definitely saved lives".