The Technology Pool

Experts sound major alarm for critical Windows bug

Wed, 14 Mar 2012 15:11:00 GMT

Microsoft today released six security updates that patched seven vulnerabilities, including a critical Windows bug that hackers will certainly try to exploit with a network worm, according to researchers.

"This is a pre-authentication, remote code bug," said Andrew Storms, director of security operations at nCircle Security, referring to MS12-020, the one critical bulletin today and the update that he, other researchers and even Microsoft urged users to patch as soon as possible.

"It will allow network execution without any authentication, and has all the ingredients for a class worm," said Storms.

"I'm particular spooked by this one," said Jason Miller, manager of research and development at VMware. "Hackers want [vulnerabilities] that don't require authentication and are in a part of Windows that's widely used. I guarantee that attackers are going to look at this closely."

MS12-020 patches a pair of bugs in Windows' Remote Desktop Protocol (RDP), a component that lets users remotely access a PC or server. RDP is frequently used by corporate help desks, off-site users and IT administrators to manage servers at company data centers and those the enterprise farms out to cloud-based service providers like Amazon and Microsoft.

The critical vulnerability, dubbed CVE-2012-0002, could be exploited by an attacker who simply sends specially-crafted data packets to a system with RDP enabled, said Microsoft.

"Absolutely, this will be very attractive to hackers," said Amol Sarwate, manager of Qualys' vulnerability research lab, echoing Storms and Miller. "It doesn't look like it's that complicated to come up with the code sequence [to trigger the bug]."

Microsoft raised all its usual flags, and more, for MS12-020, tagging it with an exploitability index rating of "1," meaning it expects reliable exploits to appear within 30 days, and ranking the update as the one to patch before all others.

In a post to the company's Security Research & Defense (SRD) blog, Suha Can and Jonathan Ness, a pair of Microsoft engineers, went even further. "[We] strongly encourage you to make a special priority of applying this particular update," said Can and Ness.

Ideally, customers will quickly apply the patch, but Microsoft also offered a temporary workaround.

The workaround, which Microsoft automated using its Fix-it support tool, adds another layer of security by requiring Network Level Authentication, or NLA, to force authentication before an RDP session begins. The Fix-it tool applies to Windows Vista, Windows 7, Server 2008 and Server 2008 R2.

Windows XP and Server 2003, however, do not support NLA; for the former, Microsoft's released an additional Fix-it tool that adds NLA support to Windows XP Service Pack 3 (SP3) desktops and laptops.

Links to the Fix-it tools can be found on the SRD blog.

Several researchers applauded Microsoft's workarounds, in large part because unlike the patch, they don't require a system reboot, which may make server administrators skittish about applying MS12-020 itself.

"NLA a really good option," said Wolfgang Kandek, chief technology officer at Qualys. He and others expect that many Microsoft customers will enable NLA first, then later patch the vulnerability by deploying MS12-020.

"It's going to be enough to mitigate the first wave of attacks," argued Storms, of enabling NLA.

Storms and Miller agreed that that first wave will be, as Miller put it, a "scattershot" style attack where hackers use search engines and port sniffing to find as many RDP-enabled machines as possible. Later, targeted attacks aimed at administrators' PCs -- which they use to remotely manage their companies' data servers -- or those launched from bots already inside a network, seem likely.

Microsoft downplayed the threat to some degree, saying both in the MS12-020 bulletin and in the SRD blog that RDP was not turned on by default in any supported version of Windows.

Miller thought that was misleading. "I'm a little concerned that Microsoft is implying that RDP is not commonly used," said Miller. "It's used by server administrators and help desks.... It's a really good technology ... and enabled on a lot of corporate networks."

Storms pitched in as well.

"RDP is the way to remotely manage your servers," said Storms. "Let's be honest, it's enabled more often than not, and [switched on] on virtually every server."

"It's unfair to say it's not really widely used," added Miller. "I use it to connect to 40 to 50 machines a day in my job."

Because of what the experts said was the wide use of RDP, they thought Microsoft underplayed the severity of the vulnerability. "They're making a call to action, but without raising too many red flags," said Storms. "They're trying to get across [that this is significant] without saying it's doomsday."

Kandek wished Microsoft had a deployment priority higher than "1," the ranking the company assigned MS12-020. "This is more a '1+,'" Kandek said.

The biggest unknown is how fast hackers will figure out how to exploit the vulnerability, and thus how quickly Windows users will face attacks.

Kandek, Miller, Storms and Sarwate couldn't agree on a timeline, but all thought that active exploits would be in circulation quickly.

And even if they're not, there have been threats that wreaked havoc weeks or months after a Microsoft patch.

"I don't want to compare this to Conficker," said Miller, talking about the worm that infected millions of Windows PCs in late 2008 and early 2009. "But that did its worst 30 days, 60 days after the patch [of the exploited bug]."

Miller had a point: Although Conficker first appeared just 11 days after an October 2008 emergency, or "out-of-cycle" update, it only gained traction in January 2009, and peaked with a media frenzy three months after that.

Microsoft also released three other updates for Windows, and one each for Visual Studio and Expression Design, but the experts said they were small potatoes compared to MS12-020.

"It's all about RDP today," said Storms. "Either enable NLA or install the patch ... today."

March's six security updates can be downloaded and installed via the Microsoft Update and Windows Update services, as well as through Windows Server Update Services.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld.

More ...

IPhone Bug: Apple Responds To Reports Of Creepy Software Glitch

Fri, 03 Feb 2012 14:27:00 GMT

It’s a new facet of Apple's iMessage for iOS 5 leaving iPhone owners vulnerable to losing control of who sees their text messages?

Writer Sam Biddle of the popular tech site Gizmodo has highlighted what he deems a major security and privacy issue in a post titled "The Apple Bug That Let Us Spy On A Total's Stranger's iPhone." The "bug" of the title refers to an apparent hole in iOS 5 that potentially allows strangers, thieves, stalkers and oblivious buyers of stolen iPhones to read every incoming and outgoing message that a certain iPhone owner sends over iMessage, whether they want to or not.

Biddle's article provides a real-life example of how this works: Apparently, a friend of Biddle's took her son's iPhone into an Apple store for a mundane repair. After the employee at Apple's Genius Bar had finished his work on the son's iPhone, he inserted his own SIM card into the iPhone he was repairing to ensure that his repairs had worked. After finding that they had, he removed his SIM card and replaced the son's SIM card into the slot, returning the iPhone to the family as good as new.

Alas, this is not the end of the saga. Afterward, the son was able to see every iMessage that this Apple store Genius was both sending and receiving -- some of them lewd and decidedly inappropriate for a minor. Everything the Apple store employee, who Biddle identifies only as Wiz, was sending on his own iPhone was being duplicated on the son's iPhone. Wiz was presumably unaware that his personal life, and the personal lives of his friends and lovers, were being broadcast to the high school student whose iPhone he had fixed days prior in the Apple store where he worked.

Biddle provides a frightening summary of what this bug could mean should your SIM card happen to get inserted into another iPhone:

You probably underestimate how much of yourself you casually pour into texts each day. We know enough about this guy to stalk him, blackmail him, and harass him, using nothing more than what we've picked up. Based on only a handful of chitchat breadcrumbs and some Google work, we pinned down [his] home address, his Facebook profile, email address, personal information about friends, where he exercises, and—drumroll—the Apple store where he works. Yep! This Apple bug screwed an Apple employee—at the same store where our pal took her phone.

So, who does this affect? Well, people who have their iPhones stolen, certainly. Ars Technica examined the still-nascent issue of iMessages appearing on stolen iPhones back in December, and a guess by iOS security expert Jonathan Zdziarski back then as to what is happening with iMessages and stolen phones seems spot-on two months later:

"I can only speculate, but I can see this being plausible," Zdziarski told Ars. "iMessage registers with the subscriber's phone number from the SIM, so let's say you restore the phone, it will still read the phone number from the SIM. I suppose if you change the SIM out after the phone has been configured, the old number might be cached somewhere either on the phone or on Apple's servers with the UDID of the phone."

In other words, iMessage may be pulling the old phone number from a cache somewhere and continuing to use it on the device if the SIM was removed after it was configured as a new phone.

If your old phone number remains imprinted to the phone itself, then, you are presumably at risk of revealing all of your iMessages to the thief and whoever he or she sells your phone to no matter what you do. Extrapolating outwards, the risks for privacy intrusion are also rather high -- if Gizmodo's report is true, then, hypothetically anyone with access to your iPhone could simply remove your SIM card, momentarily place it in his or her own iPhone, and then return the SIM to yours, and your iMessages would automatically be copied to that person's iPhone without your complicity or knowledge at any point. A frightening scenario, if true.

Apple responded to the fracas in a statement to Jim Dalrymple, an Apple watcher who writes for The Loop, saying that the employee simply "didn't follow protocol" (MG Siegler of Techcrunch points out that Apple Geniuses are supposed to use test SIMs, not personal SIMs, when fixing customer's iPhones). From The Loop:

“This was an extremely rare situation that occurred when a retail employee did not follow the correct service procedure and used their personal SIM to help a customer who did not have a working SIM,” Apple representative Natalie Harrison told The Loop. “This resulted in a temporary situation that has since been resolved by the employee.”

Dalrymple called the resulting situation in which the customer received all of the employee's incoming and outgoing iMessages a "perfect storm" with three easy fixes (via Techcrunch):

Remote Wipe and then call your carrier/de-active your SIM (de-register must be within 24 hours after Remote Wipe) or Activate a replacement phone with a replacement SIM using your same phone number or Change your Apple ID password (only works if you use an Apple ID with iMessage)

Gizmodo isn't satisfied with this response. This still does not address what happens to iPhone owners with stolen phones, or iMessage users who aren't aware that their SIM card has been placed in a different phone -- the fact that your personal messages are turning up on another device without your knowledge still feels like a major security and privacy lapse. With the upcoming iOS 5.1 having entered Beta testing, we'll have to see if Apple's developers are able to resolve the great iMessage kerfuffle of 2012 and come up with a more satisfactory solution to what, for many, remains a dangerous, too-shadowy facet of an otherwise beloved, cash-saving iPhone feature

More ...

IPhone Bug: Apple Responds To Reports Of Creepy Software Glitch

Fri, 03 Feb 2012 14:27:00 GMT

It’s a new facet of Apple's iMessage for iOS 5 leaving iPhone owners vulnerable to losing control of who sees their text messages?

Biddle provides a frightening summary of what this bug could mean should your SIM card happen to get inserted into another iPhone:

In other words, iMessage may be pulling the old phone number from a cache somewhere and continuing to use it on the device if the SIM was removed after it was configured as a new phone.

Dalrymple called the resulting situation in which the customer received all of the employee's incoming and outgoing iMessages a "perfect storm" with three easy fixes (via Techcrunch):

More ...

Chrome edges Firefox, grabs second browser spot

Thu, 01 Dec 2011 21:02:00 GMT

Google's Chrome edged Mozilla's Firefox last month to take the number two spot in the browser popularity wars, an Irish metrics company said today.

Data from StatCounter, which tracks browser usage through the free analytics tools it offers websites, had Chrome with a 25.7% global share in November, a half-percentage point higher than Firefox's 25.2%.

In September, Computerworld used StatCounter's numbers to project that Chrome would pass Firefox no later than December 2011.

According to StatCounter, Chrome has gained 10.8 percentage points of usage share this year alone, vacuuming up nearly all the losses posted by Firefox (5.5 points) and Microsoft's Internet Explorer (6.3 points).

Internet Explorer (IE) accounted for 40.6% of all browsers used last month, StatCounter said.

Rival Web measurement firm Net Applications saw the Chrome vs. Firefox tussle differently. Its tracking put Chrome behind Firefox in November, controlling 18.2% of the market compared to Firefox's 22.1%.

But if both browsers keep to their recent trends in Net Applications' accounting, Chrome will pass Firefox in April or May 2012 to slip into second place behind IE. By that time, IE's share will have fallen to 47%-49%.

Both StatCounter and Net Applications noted an anomaly last month: IE either gained usage share or held stable.

Net Applications, for example, had IE holding steady at 52.6%, the same as in October, while StatCounter said IE had boosted its share by four-tenths of a point to 40.6%.

IE typically loses users each month in both companies’ eyes, sometimes in large amounts: In October, Net Applications said IE had posted a 1.8-point decline, while StatCounter had IE down 1.5 points that month.

Vince Vizzaccaro, vice president of marketing for Net Applications, did not have an explanation, only a suspicion, for the turn-around. "We believe there may be some anomalous data from last month," Vizzaccaro said in an email reply to questions.

If the data holds up, IE's turn-around from its precipitous decline in October will have been remarkable.

Microsoft did not address that today, but instead beat the IE9-on-Windows 7 drum one more time, citing Net Applications' claim that globally the browser is now more popular than either Chrome or Firefox on Windows 7.

IE9 on Windows 7 passed rivals in the U.S. months ago.

Among individual editions of IE and figuring in all operating systems, Net Applications still had IE9 in second place behind IE8, with the former posting a 10.3% worldwide share and the latter 28.2%.

But IE6 -- the browser Microsoft has been trying to kill for the last two years -- got a reprieve of sorts in November, boosting its share by half a point to 8%. Previously, IE6 had had a years-long string of losses.

StatCounter's take was at odds with its U.S. rival: The Irish Company said IE6's share had dropped nearly three-tenths of a point to 2.2%, a decline in its usual ballpark over the last year.

Apple's Safari -- the clear-cut No. 4 browser -- remained flat (StatCounter) or lost share (Net Applications), during November. According to Net Applications, Safari fell four-tenths of a percentage point to end the month at 5%, essentially back at its September position.

Originally written by Gregg Keizer who covers Microsoft, security issues, Apple, Web browsers and general technology breaking news

More ...

Android malware explodes, jumps five-fold since July!!

Mon, 21 Nov 2011 13:46:00 GMT

Malware targeting Google's Android mobile operating system exploded in the last several months, its volume quintupling since July, Juniper Networks said today.

The rash of infected apps aimed at Android owners shows no sign of abating, said Dan Hoffman, Juniper's chief mobile security analyst and a member of the company's global threat center.

"We're seeing a mix of the traditional hacking community [working] on malware very similar to organized efforts on the PC side, as well as people who are just a little smart, the '15-year-old kid crowd,' who are able to hide some malicious content in an app," said Hoffman in an interview today.

According to Juniper's research, the number of Android malware samples -- each defining a different piece of attack code, or a variant of one discovered earlier -- increased by 472% since July 2011. The bulk of that growth occurred in September and October.

"We've seen an exponential growth in Android malware over the last several months," Juniper said in a blog post that accompanied Juniper's recently-published mobile threat report.

The prime threat remains purposefully-malicious Android apps that are crafted by criminals, often pirated versions of legitimate applications, then planted in either Google's official Android Market or in one of the scores of alternate download sites, which are especially popular in Asia -- China in particular.

"That is very clearly the threat now," said Hoffman, who added that the hackers' strategy would likely continue indefinitely.

That's because Google doesn't control what apps can be installed on an Android mobile device, as Apple does with code-signing technologies for iOS apps, and so makes third-party app download centers possible. Nor does Google vet apps submitted to the Android Market.

Other security researchers have noted the same when they have found malicious apps in the Android Market or in unsanctioned e-stores.

At least three different waves of malware -- in March, June and finally July -- infiltrated the Android Market this year. The malicious apps were removed by Google only after they had been downloaded by an unknown number of users.

Far more attack apps have appeared in Chinese app stores that distribute Android software.

Juniper speculated that the hackers now crafting Android malware are those who used to specialize in Symbian and Windows Mobile attack code. But as those operating systems' share plummeted -- Web metrics company Net Applications put their shares during October at 3.5% and 0.07%, respectively, down from 8% and 0.2% a year ago -- the criminals have abandoned those platforms and jumped on Android.

And those hackers know their stuff

"Together, the Symbian and Microsoft Windows Mobile platforms are the oldest and most researched mobile platforms, and devices running those mobile operating systems have been the targets of the most prolific and effective malware known to affect mobile devices," said Juniper.

While Google's practice of not policing the Android Market, and its inability to restrict all apps to its own distribution channel, has been pegged as the primary reason for the OS's vulnerability, Hoffman argued that the policy also gave users the means to protect themselves.

"There may be a better vetting process on iOS, but a really critical point is that Android users have the benefit of a security marketplace," said Hoffman, referring to the large number of anti-malware programs available for Google-powered smartphones and tablets.

"In iOS, consumers and even enterprise don't have a choice," Hoffman said. "There's no benefit of competition because users are completely reliant on Apple for security."

Hoffman has a point: When Lookout Security, a leader in Android-based antivirus software, recently introduced a version for iOS it was unable to provide any malware scanning capabilities in the app.

Not surprisingly for someone who works for a security firm, Hoffman also argued that it wasn't up to the OS provider to guarantee a secure device; users have responsibilities, too.

"No matter what policies an app store may have, the real way is to protect a device is to protect it with security software," Hoffman said. "You have to protect your mobile devices just like you protect your PCs."

Juniper's mobile threat report can be downloaded from its website (registration required).

Written by Gregg Keizer whom covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His e-mail address is gkeizer@computerworld.com.

More ...

How to Sync Your PC, Smartphone, and Tablet

Thu, 29 Sep 2011 18:09:00 GMT

A few years ago businesspeople carried a laptop on the road, used a desktop PC in the office, and worked on another PC at home. Maybe they had a BlackBerry, too--but only if they were real big shots.

These days almost everyone has a smartphone, whether it runs Android, iOS, Windows Phone 7, or BlackBerry OS. You may also carry a tablet with a different OS than your phone. And you might pack an ultralight MacBook Air in addition to your Windows-based computer at home or at the office.

Managing those disparate devices, with their assorted operating systems, applications, and connectivity options, can be a nightmare. But with the right mix of software and services, you can easily handle multiple platforms and integrate your data.

I use several platforms. At home, I'm on Windows 7, when I'm working on my desktop PC. For travel, I recently shifted to a MacBook Air running Mac OS X Lion. I also have an iPad 2, which I use mostly for occasional email checking and Web browsing. My main mobile phone is an iPhone--but a Droid X, which runs Android, has replaced my office landline.

As you can see, I own a fairly eclectic mix of devices and platforms. It's quite a juggling act, keeping all of them in sync. Thanks to some useful applications, though, it gets much easier.

What Do You Need to Sync?

Before you start downloading a bunch of cloud-connected apps, take a second to lay out your needs. For example, if you mostly work at home, and you attend relatively few meetings, you might not need to sync your calendar across multiple devices. If you're a writer or some other creative type on the go, you may want a way to log your constant stream of ideas electronically. If you're working on a joint project, you may need to share a variety of documents with your colleagues.

Another key point is to understand which of your platforms need to share data, and which types of data you need to share. For example, I have a Wi-Fi-only iPad 2 that I use exclusively as an email and Web-browsing tool; I don't really need to access my work data with it, though I do use it infrequently as a note-taking tool.

If you work in a corporate environment, you have to take your company's IT policies into consideration, as well. Your IT managers may have their own ideas about which kinds of information the company wants living in the cloud versus on its own servers. Be sure to touch base with your IT department if you think you might want to share potentially sensitive or proprietary information across devices or platforms.

The bottom line is that your integration needs will vary depending on what you do, how much you travel, and which platforms you carry with you. With that in mind, it's time to take a look at a few different scenarios, as well as applications that might be useful in each case.

Syncing Browser Data

Maybe you don't create a ton of documents, but you are a heavy-duty Web user. Fortunately, all the major browsers now allow you to sync bookmarks, passwords, and other data across platforms. Google Chrome is the most transparent, assuming that you have a Gmail login--just enable sync under the 'Personal Stuff' tab on the Chrome options panel.

Firefox is more painful to sync: You have to enter a special passcode on all systems where you wish to enable Firefox Sync. It's enough of an annoyance that it's one reason I generally avoid using Firefox now.

You can sync Internet Explorer bookmarks, but the task requires you to download and install Windows Live Mesh. That isn't a bad thing, though, as Live Mesh also lets you share more than just IE settings: You can sync Office templates across computers, and also sync important folders with Windows Live SkyDrive, Microsoft's cloud-storage service.

Syncing Notes

Perhaps you just want to keep notes across multiple devices, but you don't always work in the same location. Maybe you're out shopping, and an idea comes to you, so you need to jot it down on the notepad in your mobile phone. Or maybe you've settled into your airliner seat, and you want to enter a quick note on your smartphone before shutting it down for takeoff.

In this case, one of the best online choices is Evernote. A free note-taking application at first glance, Evernote is actually a cloud-based service. Every time you write a note in Evernote, your local notebook syncs up with the Web-based version. Evernote also manages to maintain a consistent interface across its desktop, Web, and laptop versions, though the mobile versions do look different

Evernote offers a slick array of options that can help you integrate it into different platforms. An Outlook plugin, for instance, lets you easily add email entries to Evernote. You can have multiple notebooks, share specific notebooks with other users, and add tags to entries. Evernote even has a small marketplace of Evernote-related applications.

Managing Documents Across Devices

You prepare a lot of documents, but moving them back and forth between different platforms can be a chore. Not to worry, however: You have a few different ways to sync your documents, depending on whether you need to be able to create and edit them on each of your devices, or whether you can get by with editing files on PCs and simply viewing them on your smartphone or tablet.

For instance, if you primarily edit and create on a Windows PC but you need to view documents on non-Windows platforms, you'll probably do fine with Dropbox, a cloud-based storage application and service. Dropbox creates a folder on your system that you can share with other devices, using a Dropbox account you create. You can specify folders for sharing with other users, too. It's easy and simple. You get 2GB of free storage, but prices increase rapidly after that: The next tier is 50GB and costs $10 per month. (You can increase your free storage by referring other users.) Dropbox is great because it works across most platforms--I have Dropbox running on Mac OS, Windows 7, Windows Vista, iOS, and Android.

On Windows and Mac OS, Dropbox creates a folder that behaves just as any other data folder does, but any document you place in the Dropbox folder becomes available across all your Dropbox-enabled devices. Dropbox is an app on Android and iOS, but you still have access to all your files through the app; you can use it to read common formats (images, music, movies, Word/Excel/PowerPoint documents, PDFs, and so on), or send a file to another app that can better handle that file's format.

Another sharing tool is Live Mesh, which I mentioned previously in the section on browser-sync tools. Although it's more Windows-centric, Windows Live Mesh also runs on Macs. The only mobile devices it currently supports are Windows Phone 7 handsets, but Android and iOS clients are in development.

Creating and Editing Office Documents on the Go

What if you need to create and edit on multiple platforms? Even if you usually start your Microsoft Office documents on a desktop PC, sometimes you'll want to make changes when you're viewing them on a laptop, tablet, or smartphone.

Syncing related devices, such as a Windows Phone 7 handset and a Windows PC, is fairly straightforward. In that case you're likely running Office--and with tools such as Live Mesh or Dropbox, you can easily move documents back and forth. However, this arrangement assumes that you have client software running on both your PC and your mobile device.

If you have a mix of Mac OS, iOS, and Windows devices, you can still use Microsoft Office or Office-like tools. Versions of Office run on Mac OS and Windows, allowing easy document exchange. For instance, I have Mac Office 11 on the MacBook Air, Office 2010 for Windows on my desktop PCs, and Quickoffice HD on my iPad. (I don't have Quickoffice for the iPhone, because I use my phone mainly for browsing, not editing.) Quickoffice is also available for Android devices.

But you might not want to pay for client software on multiple systems--that can get expensive, fast. You can save money by sticking to a cloud-based office suite. The downside of such services, of course, is that if you aren't connected to the Internet, you don't have access to the apps. Also, if the cloud service itself is down, then none of your devices can use the service.

On the upside, using cloud-based services is cheaper than buying several office suites (at their most basic level, the services are usually free), and you can more easily share documents with other people.

The granddaddy of these services--in product maturity, if not age--is Google Docs. It's free for individual users; paid subscriptions, plus support, are offered for businesses.

Microsoft has a similar service called Office Live; it works well, but the individual apps are a little less elegant than Google Docs. Microsoft also provides Office 365, a paid version. Office 365 is a more-robust package for small businesses, integrating a host of client- and cloud-based applications, but it requires a per-user monthly subscription.

Overall, sharing and editing office documents is much easier today than it was even two years ago. Getting everything to flow in both directions seamlessly still takes a little time and effort. But document syncing is more powerful now, and it makes working across long distances much easier.

Syncing Contacts and Calendars

Of all the usage scenarios, this one may be the most difficult to deal with. But the problem itself is easier to parse when it comes to platforms. Business users often work with three devices: a desktop PC, a laptop, and a smartphone.

If you're running some flavor of Microsoft Office, syncing the calendar and contact manager on your PC with those on your smartphone has become a little easier: A number of iOS and Android tools can sync Office schedules and contacts with mobile devices.

On the iOS side, syncing is built in, though you do need to run iTunes. You have to sync your contacts and calendar on a per-device level, so if you have both an iPad and iPhone, you'll need to set them up individually.

Android gets a little tricky--on this platform, you need a third-party app to sync contacts and appointments with Outlook. One app I've found that works well is MyPhoneExplorer. You have to install both the MyPhoneExplorer app on your Android device and client software on your PC. The user interface is a little 20th century; once configured, however, the app seems to work well.

It's a Multiplatform World

Even if you religiously stick with one brand in order to minimize integration hassles, you may still need to work with other platforms. Fortunately, with the right tools it's not hard to ensure that all of your documents and devices integrate seamlessly.

Originally published on www.pcworld.com, By - Loyd Case

More ...

How Apple Crushed HP - Hewlett-Packard

Fri, 19 Aug 2011 19:53:00 GMT

Hewlett-Packard's decision to surrender in smartphones and tablet computers and possibly get rid of its personal computer business underscores how Apple has transformed consumer electronics in just four years.

HP's new CEO Leo Apotheker is now trying to turn the Silicon Valley stalwart into a twin of East Coast archrival IBM Corp. In doing so, he is acknowledging that his company has failed to balance the demands of both the consumer and corporate markets. As a result, it needs to exit most of its consumer businesses, just as IBM did six years ago.

Apple is the hottest consumer electronics company on the planet. The iPhone's debut in 2007 brought ease of use and an intuitive design unmatched by predecessors, including smartphone pioneer Palm, which HP bought last year in hopes of getting a foothold in mobile devices. Apple followed in 2010 with the iPad tablet computer and managed to persuade people to buy a product they never knew they needed.

Rather than remain locked in a futile fight with a company that seems to have found the magic touch on making hit consumer products, HP is whittling its competition to the other business technology specialists — namely, IBM, Oracle Corp. and Cisco Systems Inc.

"Apple singlehandedly knocked HP out of the PC, smartphone and tablet business," Gleacher & Co. analyst Brian Marshall said in an interview.

HP's overhaul, announced Thursday, has three parts:

— HP will stop making tablet computers and smartphones by October.

— It will try to spin off or sell its PC business, the world's largest. By the end of next year, HP computers could be sold under another company's name.

— The company plans to buy business software maker Autonomy Corp. for about $10 billion in one of the biggest takeovers in HP's 72-year history. That would expand HP's software and services offerings, where IBM is strong.

HP, the largest technology company in the world by revenue, will continue to sell servers and other equipment to business customers, just as IBM now does. Those businesses currently don't generate as much revenue for HP as PCs, but they have higher profit margins.

Apotheker would not say whether any jobs will be cut. HP plans to take a charge of about $1 billion for restructuring and related costs, some of which could go for severance payments. HP employs more than 300,000 people worldwide.

HP's move toward an IBM-style business model, which is focused on selling to corporations and governments, makes sense considering that Apotheker spent most of his career at German business software maker SAP AG, another company that catered to the technology needs of companies and government agencies.

"This is his bread and butter," Marshall said. "Now he has to deliver."

Investors appeared underwhelmed and sent HP's stock down 6 percent Thursday on a day the broader market declined, with the Standard & Poor's 500 index falling 4.5 percent. In morning trading Friday, HP lost another 20 percent, or $5.81, to $23.70.

Apotheker is seeking radical changes to help erase the stain of scandal and leave his imprint on a massive company he inherited last year. His predecessor, Mark Hurd, resigned under pressure a year ago, after an investigation found expense reports that were allegedly falsified to conceal a relationship with an HP marketing contractor.

In trying to ditch most of HP's consumer businesses, Apotheker is reversing a decade-long binge on computer hardware.

The area where HP has been most visibly lacking is mobile devices.

HP has been hopelessly outmatched in smartphones and tablets despite its $1.8 billion acquisition last year of Palm Inc., whose webOS software was the crown jewel of the deal. The software powered the fledgling TouchPad tablet and HP-powered smartphones that are being discontinued in Thursday's announcement.

The software was well-reviewed, but iPhones and iPads and smartphones running Google Inc.'s Android operating system — made possible after Apple paved the way — have dominated the fastest-growing parts of the consumer technology market. HP was left in the margins. WebOS smartphones had a worldwide market share of less than 1 percent, according to Gartner.

HP will try to find ways to keep webOS alive, which could include using it in other devices such as PCs and printers or licensing it to handset makers, Apotheker said in an interview. He said he was disappointed with the designs of HP's mobile devices and believed the business would have required too much money to turn around.

"We have better opportunities to invest our capital," he said.

HP executives likely decided that "they were too late to the tablet market to make a dent," said Forrester Research analyst Charles Golvin. "They recognized they did not have a high probability of success."

HP conceivably could try to license webOS for use in cars and consumer electronics devices made by other companies, Golvin said. But even that is challenging because Google is targeting many of the same markets with its Android system, which is free.

"This begs the question of how much longer it will be before the other shoe drops and they close the Palm business entirely," Golvin said.

The diminishing of the Palm business will be striking to many technologists.

Jon Rubinstein, the former CEO of Palm, said in December that Palm sold itself because executives realized the business could be small and successful, but couldn't sustain itself on its own in the long run.

Rubinstein, who was an Apple executive before leading Palm, said HP seemed to be the best choice because, given its size, it could help Palm bring its products to more people.

In PCs, HP is acknowledging that it needs to reverse course on a path begun two CEOs ago, under Carly Fiorina. She pushed through the controversial decision to spend $19 billion for Compaq Computer. That set the stage for HP's ascent to become the world's top PC maker.

PCs are HP's biggest revenue generator, but the business is also HP's least profitable, a result of falling prices for computers and brutal competition.

HP's effort to jettison its PC business is another concession to Apple's increasing dominance of consumer electronics, said Shaw Wu, an analyst with Sterne Agee. The PC division also had become a drag on HP's stock even though it still accounts for about 15 percent of the company's earnings, Wu said.

"Apple is such a fierce competitor that HP probably realized it was going to have to cut its losses," Wu said. "And it makes sense to cut your losses sooner than later."

The decision also makes HP's trajectory look similar to rival IBM's. A key player in building the PC market in the 1980s, IBM sold its PC business in 2005 to focus on software and services, which don't cost as much in labor and components as building computer hardware.

The acquisition of Autonomy mirrors a key element of IBM's transformation from stodgy mainframe seller into a software and services powerhouse, which has made IBM the envy of many large technology companies.

HP's net income increased in the fiscal third quarter, which ended July 31, but its lower-than-expected outlook for the current period weighed on the stock. The company, which is based in Palo Alto, Calif., also cut its full-year revenue outlook.

___

AP Technology Writers Michael Liedtke and Rachel Metz in San Francisco and Barbara Ortutay in New York contributed to this report.

More ...

HP Hewlett-Packard to Spin Off PC Division of Business!!

Thu, 18 Aug 2011 19:11:00 GMT

The Wall Street Journal reported today that Hewlett-Packard will spin off its global PC business. No further details are available from the company, which announces its quarterly financial results Thursday afternoon.

HP also was said to be in negotiations to acquire U.K. enterprise software company Autonomy Corp. for $10 billion.

More ...

Netgear pushes 10GB network gear for small - midsize businesses

Tue, 09 Aug 2011 15:36:00 GMT

Move over, gigabit Ethernet: 10GB is trickling down to small and medium-sized businesses. Netgear says its new ProSafe 52-Port Gigabit Stackable Smart Switch (GS752TXS) is the first in its class to ship with four 10GB uplinks (as opposed to the gigabit connections that have been the norm up to now).

Netgear's ProSafe line of smart switches bridges the gap between inexpensive consumer products that can't support the demands of today's small businesses, and pricey enterprise gear that already supports 10GB, but typically require the attentions of an IT pro with advanced network skills.

The ProSafe GS752TXS's boasts a web-based interface (no need to learn geeky command line stuff), and its increased bandwidth makes it a good fit for a growing number of scenarios that apply to small and mid-sized businesses as well as their better-heeled enterprise cousins.

Netgear officials cite as an example the trend to virtualization, which allows businesses to set up multiple servers on a single physical machine--for example, you could run both your web and e-mail servers on a single computer, which generally saves money on both equipment and operating costs. Virtualization also provides great flexibility since you can easily move a virtual server to a different physical machine as your business grows.

Another plus: You can stack (or connect) up to six ProSafe GS752TXS switches, to create a single large virtual switch that supports up to 288 network connections. Stackability means that you can configure all six connected machines simultaneously through the web interface--a big time-saver.

Finally, Netgear says the GS752TXS's MSRP of $2100 (which also pays for a lifetime warranty) is about half of what you'd pay for a fully-managed, comparably sized enterprise-level switch.

Note, however, that the benefits of 10GB switches don't apply only within the local area network since small businesses don't typically enjoy Internet connectivity that's speedy enough to profit from the increased bandwidth.

The Netgear ProSafe 52-Port Gigabit Stackable Smart Switch (GS752TXS) is available now, the company says.

Originally published on www.pcworld.com. - Click here to read the original story.

More ...

HTC infringes on 2 Apple Patents, may lose rights to import smartphones!

Mon, 18 Jul 2011 20:41:00 GMT

A judge at the U.S. International Trade Commission has made an initial determination that HTC infringed two Apple patents, HTC said Friday.

If the judgment is made final, HTC could be banned from importing phones to the U.S.

It's the latest blow to Google's Android operating system, which is being attacked by competitors including Apple, Microsoft and Oracle.

The initial determination will now be reviewed by a larger panel of ITC judges, who can uphold or reject it.

The two patents appear to be fundamental to Android, according to Florian Mueller, a patent expert. "They are very likely to be infringed by code that is at the core of Android," he wrote in a blog post. The same patents are also at the heart of a dispute between Apple and Motorola, he said.

Apple could choose to license the technology to HTC, but Mueller thinks Apple won't do so unless HTC has patents that Apple needs in return.

Friday's ruling responds to one of two ITC complaints filed against HTC by Apple. HTC has also filed its own ITC complaint against Apple.

HTC said it didn't have access yet to the full opinion, and it sought to downplay the decision.

"Apple filed suit on 10 of its patents against HTC, but based on the judge's initial decision today only prevailed on 2 of those patents. HTC will vigorously fight these two remaining patents through an appeal before the ITC Commissioners who make the final decision," Grace Lei, general counsel for HTC, said in a statement.

"We are confident we have a strong case for the ITC appeals process and are fully prepared to defend ourselves using all means possible," she said.

HTC also noted that the ITC has ruled that Apple infringed patents assigned to S3Graphics, a company HTC is in the process of acquiring, as part of a separate investigation.

Android is being attacked from other sources as well. Microsoft appears to have been approaching Android handset makers requesting that they license its technology, and HTC is one of the biggest vendors to have complied so far.

Separately, Oracle is battling Google for allegedly infringing Oracle's Java patents and copyrights in Android. Apple has lodged complaints against other Android handset makers as well, including Samsung.

More ...