(Credit:
CNET)
There are a few sales over the Thanksgiving long weekend here in the U.S. with some developers slashing prices on many popular iPhone games. Huge iPhone game developer, Gameloft, is having a 99 cent sale on many of their popular game titles throughout the weekend. EA Games is also in on the action, offering price cuts to several of their big titles. Some games I've talked about here like Madden NFL 10, FIFA 10, and NBA Live are $6.99 for a limited time (usually $9.99) and there are a lot of other great deals. If you've been waiting for the prices to drop on some of the bigger games, now is the time to check out the iTunes App Store--you just might be pleasantly surprised.
This week's apps include a stylish clock app and a new Star Wars game that lets you relive some of the great moments of the original movie.
Choose from many different clock skins
(Credit: Screenshot by Jason Parker/CNET)PerfectClock (Free for a limited time) lets you display stylish-looking clocks on your iPhone screen that are perfect for when your phone is sitting in an iPhone Docking Station. The app comes with a handful of clocks you can choose from, or you can easily download free clock skins from within the app. Along with the beautiful designs, PerfectClock lets you set alarms, offers a number of different ways to display information on screen (date, month, day of week) and you can disable the auto-lock so the clock stays visible while you're charging it.
PerfectClock also comes with a number of ambient sound loops like rainforest sounds, ocean waves, and more. That way if your iPhone charges on your bed-side table, you can set PerfectClock to play sounds of nature for a set amount of time (and even fade out) while you doze off to sleep. Overall, if you would like to use your iPhone as your main alarm clock and want a few more options, or would just like to check out some of the imaginitive clock designs, you should download this app.
Try to avoid Darth Vader's crosshairs as you fly down the trench
(Credit: Screenshot by Jason Parker/CNET)Star Wars: Trench Run ($4.99) lets you relive the moments leading up to the destruction of the Death Star from Star Wars IV: A New Hope. You can play arcade mode and choose between a dog fight with Tie fighters on the surface of the Death Star, or Trench Run, where you fly your X-Wing fighter down the trench evading Darth Vader and blowing away gun towers. The mission mode lets you fight your way through the ending moments in sequence on up to firing your rockets in to the exhaust port and blowing up the Death Star. The controls are fairly simple: tilt your iPhone to steer your X-Wing and touch the right side of your screen to fire your weapons. You also can use a Force slow down skill by touching the left side of the screen--a great option when the action gets particularly intense.
Though Star Wars: Trench Run is a fun diversion for a little while, the game doesn't offer much in the way of long-term replay value. Once you've done each of the missions and played the different types of game modes a few times, the action gets kind of repetative. Still, with orginal sound effects and music by John Williams paired with smooth 3D graphics, this game will appeal to Star Wars fans who dreamed of doing the trench run so long ago (myself included).
What's your favorite iPhone app? Have you found any good holiday app deals? Do you have a better clock app to share? What do you think of Star Wars: Trench Run? Let me know in the comments!
Sometimes it's the little things that count.
The most prominent feature of Firefox 3.6 is Personas, which let you reskin the browser with thousands of different looks. But my single favorite change is a subtler change to the open-source browser's user interface.
CNET News Poll
Specifically, when you open a link in a new tab, it appears immediately to the right of the active tab. Before, the new tabs would appear to the far right of the strip of tabs.
Yup, that's it. For those of us who spend hours a day in a browser, though, the new tab behavior helps group related tasks together. I constantly shuffle among dozens of tabs, and the new approach automatically brings some organization to my cluttered life.
However, I know it's not everybody's favorite browser behavior. So along with explaining why I like it, I'll also take some potshots and share instructions on how to get the old way back.
Why it's better
The more things I do with a browser--and the number has increased steadily for years now--the more important it becomes to be able to find different tasks amid the chaos. Microsoft and Apple understand this, as evidenced by the new taskbar features in Windows 7 and dock expose in Mac OS X 10.6, aka Snow Leopard. Those features make it easier to pluck out the one window you need from among the many you may have open.
There's a pattern to how I spawn the dozens of tabs I use as a day progresses. On a variety of pages--Gmail, Google Reader, Yahoo Finance, somebody's blog post--I'll encounter a host of links to other pages. I'll middle-click my mouse button to open interesting pages as background tabs, then use Ctrl-Tab to switch to the new pages when I'm ready. I repeat this pattern many times a day.
With the old behavior, each tab appeared to the far right of the tab strip. That's fine when getting started, but when I've moved halfway across the list and want to open another batch, I want the new ones--call them children--to open next to their parent tab. When I go away and come back, or when I lose place juggling tasks, it's easier to find my bearings again.
It's like being in a library. When you're in the European history section, you don't want to find books on rewiring your house and on vegetarian cooking.
As a longtime Firefox user, I didn't realize tab positioning could be better. When I started using Google's Chrome, which introduced the new tab behavior to me, the scales were lifted from my eyes. I immediately could get to the next tab with a quick press of Ctrl-Tab on the keyboard rather than have to use the mouse to click over to the far end of the list. I use both browsers daily, but until the Firefox 3.6 beta arrived, the new-tab position had become a sore point for me when in Firefox.
The change is actually a big deal in a couple ways. First, even seemingly minor changes in software can be disruptive. Old habits die hard, and computer users wrestling with constant change can get angry when more is foisted upon them.
Second, though, browsers are assuming an ever greater role in what people do in their personal and professional lives, and keeping one's bearings is commensurately important. That's especially true for those people for whom a gaggle of browser tabs represents a collection of chores going on in parallel.
Internet Explorer 8 categorizes related tabs by color.
(Credit: Screenshot by Stephen Shankland/CNET) How the competition handles it
Tabs are now universal among browsers, but new-tab behavior isn't. Firefox and Chrome handle it the way I like best, but how do others tackle the issue?
First, let's look at Internet Explorer 8. Microsoft showed it understands some of the challenges of tab management in its latest version of its browser by coloring child tabs the same hue as their parents, but I have a gripe with how it works. Specifically, although child tabs get the same color as their parents for easy grouping and arrive to the right, grandchild tabs are the same color as child tabs. Similarly, grandchild tabs appear to the far right of the whole group of child tabs.
In my mind, I consider grandchild tabs a separate group from the child tabs. But with IE, grandchildren get the same color and position treatment as children. The only way to get a new color is to start a fresh empty tab There's no easy way to give grandchildren a new color without causing some confusion, though--should the child be the same color as the original parent or change color to be grouped with the grandchildren?
Next is Opera, which gives users a choice. By default, it opens new tabs to the far right, which I don't like, but in the Advanced|Tabs section of the preferences dialog box, you can check "Open new tab next to active." Huzzah!
There's a subtle change here I don't care for, though. Tabs always appear immediately to the right of the active tab. I'd rather have all one tab's children appear in sequence to the right. For example, if a parent tab is in position 1, then the first child would be in position 2, the second in position 3, and the third in position 4. Opening three child tabs in Opera leaves the parent in position 1, the third child in position 2, the second child in position 3, and the first child in position 4.
Last, there's Safari. It does it the old way I loathe with no option to change. Too bad.
Firefox can show thumbnail previews of new tabs, but I find them hard to recognize in front of busy Web pages.
(Credit: Screenshot by Stephen Shankland/CNET) Why it's not enough
Most browser makers are excited about the fact that their software is subsuming more and more computing tasks that previously ran on computer operating systems. But as browsers inherit this central importance, they also inherit some of the hassles.
The new tab positioning behavior in Firefox is a step in the right direction, but there's more that needs to be done. Moving from one tab to a related adjacent one, whether through a keyboard command or mouse clicking, is a minor change. But things get harder when you need to switch from one group of tabs to the next.
There's work under way here. Opera is perhaps the leader with the ability to show thumbnails as you use Ctrl-Tab to cycle your list of open tabs.
Firefox has been noodling with the approach too. It tried then dropped tab thumbnail previews earlier, but the technology is still present. Using the about:config system for tweaking the browser (more on this later), you can change the "browser.ctrlTab.previews" setting to "true."
But for reasons that aren't clear to me, I don't find this effective either in Firefox or Opera. Perhaps I haven't used it enough, or the thumbnails are too small to be immediately recognizable, or they're just hard to see against the noisy background. There's a good reason that Apple dims the background most of the way to black when using Expose.
Aero Peek in Windows 7 lets the task bar show a glimpse of Firefox and IE tabs.
(Credit: Screenshot by Seth Rosenblatt/CNET)Windows itself is helping, too. The new taskbar in Windows 7 can show individual tabs, once browsers support the feature. It's in Internet Explorer 8, and it's in the new Firefox 3.6 beta.
Add-ons such as Firefox Showcase can further tweak Firefox. (Indeed, for a wealth of options, check Mashable's handy Firefox tab management guide.)
More interesting to me, though, is work under way to expand Firefox's "awesome bar" abilities. Today, typing in it opens Web pages and retrieves ones you've already visited or bookmarked. In the future, it could be able to move you to another open tab, too. I'm a keyboard guy, so particularly appreciate this idea.
You can get a taste of the idea now. If you've enabled the "browser.ctrlTab.previews" option, hitting Ctrl-Shift-Tab will not only show you thumbnail previews, but will put a cursor in a search box.
Typing the letters of the Web page name will winnow down the thumbnails. For example, typing "netap" will cull my open tabs so only Net Applications and NetApp show. If you have a bunch of similar tabs all open, this might not help much, of course.
However, the feature only works with the tabs of one browser window, so if you can't use it to search among other browser instances.
How to get the old way back
Perhaps I've convinced you that the new approach is better. But perhaps not--in which case I encourage you to share your thoughts in the comments so people will hear more than my opinion.
For those who don't like the new tab positions, you can revert to the old method.
To get the old style back for new tab position, use Firefox's about:config system.
(Credit: Screenshot by Stephen Shankland/CNET)First type "about:config" in the Firefox address bar. You'll get a warning that you're tinkering with Firefox's innards and you should be careful, but this isn't brain surgery, so don't be frightened. Click the "I'll be careful, I promise" button, and you'll see a big list of all the browser settings that can be tweaked.
Next, in the text box labeled "Filter:", type "tabs.insertRelatedAfterCurrent"; you should see just one entry below. In the column marked "Value," double-click on the word "true" to change it to "false." You're done.
But I'd encourage you to at least give the new way a try. If you don't like it, you can always change back.
Mozilla Messaging has released the first release candidate of a Thunderbird 3, software it hopes will significantly improve how people read, write, catalog, and search their e-mail.
Mozilla released the software Tuesday for Windows, Mac, and Linux, several days later than predicted earlier this month but close to a year later than Mozilla planned in 2008. A final version of Thunderbird 3 is expected not long after the release candidate.
Thunderbird 3 has been years time in the making. For its next versions, the Mozilla Messaging group hopes to release new versions more frequently, said Mozilla Messaging programmer Dan Mosedale.
"Part of the plan for Thunderbird is to move our development process in a more agile direction...Rather than having super long releases, we'd like to release significantly more frequently than we have historically done," said a draft Mozilla proposal for what to do in the post-Thunderbird 3 era Mosedale posted. He proposed major Thunderbird releases every four to six months, starting with version 3.1, and also laid out some ideas for Thunderbird after version 3.1.
Thunderbird 3.0 adds a variety of features, according to Mozilla and the Thunderbird 3 RC1 release notes:
• A more elaborate search option to locate specific messages. People can employ a variety of methods to sift the wheat from the chaff.
• An e-mail archive a la Google's Gmail. Rather than filing every message in a folder, an organizational technique that can be hard to maintain with high volumes of messages, people can move them out of the inbox into the archive where search can find them later.
• A streamlined interface that cleans up the toolbar and moves some of its functions to the frame around e-mail messages.
• A new plug-in system designed to be easier to use to replicate some of the success of the Firefox browser. The browser, by the way, is built in so plug-ins can use it.
• A tabbed interface that can reduce clutter of e-mails, e-mail folders, and other tasks. A tab can, for example, house a version of Yahoo's online calendar.
• An easier process to set up new e-mail accounts. The software has preset settings for several e-mail services.
• "Smart folders" that can be customized in a variety of ways. For example, users with multiple e-mail accounts can create a smart folder that provides a unified inbox for all the accounts.
• An easier way to add people to the address book by clicking a star icon next to the sender's name.
Be sure to check the list of Thunderbird 3 RC1 issues if you're the cautious type.
The present interface for developers to upload their Chrome extensions.
(Credit: Screenshot by Stephen Shankland/CNET)
Google has opened up its gallery for developers to share Chrome extensions, a step that soon should make it easier for people to customize the open-source browser.
Aaron Boodman, a leader of the Chrome extensions effort, announced the move on a mailing list posting Monday, and programmer and "gallery master" Lei Zheng shared details in a blog post.
So far, only uploads are permitted. Google plans to let some testers use the gallery to download extensions, too "in the next few days," Zheng said. "We are making the upload flow available early to make sure that developers have the time to publish their extensions ahead of our full launch."
Extensions, a major asset of the Firefox browser and the headline feature of the upcoming Chrome 4 beta, let people modify the browser more to their liking. With them, the browser itself doesn't have to be bogged down with numerous features and configuration options that most people don't want.
One feature of Google's system is that add-ons are automatically updated on Chrome users' computers once the developer uploads a new version.
For developers, the extensions gallery comes with a set of terms and conditions.
One nugget in the legalese: expect Google to use a rating system, as it does for other sites including Android applications and YouTube videos. It's all part of Google's philosophy of using user data to help automatically manage its Web properties in a way that, the company hopes, will be helpful to those who use its sites.
According to the terms and conditions: "The gallery will allow users to rate products. Along with other factors, product ratings may be used to determine the placement of products on the gallery with higher rated products generally given better placement, subject to Google's right to change placement at Google's sole discretion. For new developers without product history, Google may use or publish performance measurements such as uninstall rates to identify or remove products that are not meeting acceptable standards, as determined by Google."
The World Wide Web Consortium has published a draft of an interface that browsers can use to manipulate files better, one of a series of steps aimed at gradually improving the sophistication and polish of Web site interfaces.
The draft File API (application programming interface) defines a number of ways that browsers and Web sites can handle files better. One big part of it: being able to select multiple files for upload, such as on photo-sharing sites or Web-based e-mail, a task that often relies on Adobe Systems' Flash today.
But there are other aspects, too. For example, the Files interface governs the use of "blobs," or packages of raw binary data such as video files. Google has touted blobs for its Gears browser plug-in as a way to divide large videos into small chunks so that uploads can be more easily resumed if a network problem interrupts the process.
Another benefit: files are handled asynchronously, which means the browser won't freeze up while a file is being uploaded or otherwise handled, and the browser reports progress on file transfers.
The technology is one example of work to transform the Web into a better foundation for interactive applications, a move that usurps some power from computer operating systems such as Windows and that's embodied most boldly in Google's Chrome OS project.
Here's one example of use of the Files interface provided by Mike Smith, who works for the W3C on matters relating to HTML--Hypertext Markup Language, the language used to describe Web pages:
A user uses a Web-based application for reading and sending e-mail. She wants to attach multiple files to particular messages. The Web application provides an user interface that allows her to select multiple files to attach at the same time. After she selects the files, they are uploaded to the Web application asynchronously, allowing the user to perform other actions while they are uploading (for example, finishing the rest of the message she was composing before you added the file attachments). As the attachments are uploaded, the Web applications shows progress bars to indicate how much of the contents of the files have uploaded thus far.
The interface can work in conjunction with various standards including the drag-and-drop support in the HTML 5 now under development and the Web Workers technology that lets browsers better perform multiple operations simultaneously.
The interface also can help Web applications process the contents of files. For example, Smith describes a lyrics finder:
A user has on her local file system a playlist file from her favorite desktop music player. The playlist contains a list of song titles and information, and she wants to be able to easily fetch the lyrics for particular songs without needing to manually search for the lyrics on the Web. So a site can provide a Web-based application that allows her to upload her playlist. The Web application then parses the file and then presents a user interface to her, show in the contents of the file as a hyperlinked, sortable list. She can then retrieve the lyrics for any given song just by clicking on a particular song title.
Arun Ranganathan, Mozilla's standards evangelist and chairman of the WebGL working group, wrote the specification, according to Chris Blizzard, Mozilla's director of developer relations.
Standards for the Web are advancing rapidly with W3C representatives including Microsoft working in conjunction with a parallel effort, WHATWG. New standards require actual implementation in browsers before they are accepted as finished, a fact that can lead to some chaos but that helps ensure the new ideas are tested in the real world.
Firefox 3.6, in beta testing now, will support most of the Files API, according to Blizzard.
Last week, Microsoft showed off some browser technology that could help Internet Explorer leapfrog the competition. But if Mozilla succeeds in its hope, Microsoft could be playing catch-up instead.
The technology in question is hardware-accelerated graphics and text using interfaces called Direct2D and DirectWrite that provide an easy way to use graphics cards' computing power. They're built into Windows 7, and Microsoft is bringing them to Windows Vista but not Windows XP.
The performance boost from Direct2D and DirectWrite was the centerpiece of Microsoft's demonstration of Internet Explorer 9 goodies shown last week. Online maps flashed on the screen quickly and tracked mouse movements responsively; text was clearer and changed sizes more gracefully.
But the day of Microsoft's demo, Mozilla evangelist Chris Blizzard had this to tweet: "Interesting that we're doing Direct2D support in Firefox as well--I'll bet we'll ship it first."
There's work to back up his rhetoric. On Sunday, Bas Schouten, the programmer who's been leading the work for Mozilla, posted a prototype of Firefox using the Direct2D and DirectWrite.
However, any Firefox fans tempted to crow about a victory should be cautious. Mozilla wouldn't commit to including the technology, much less to a release schedule such as Firefox 3.7 due in the first half of 2010. "We are currently investigating Direct2D for Firefox, but do not have a target for shipping it in Firefox at this time," the organization said in a statement..
Several Web pages arrive significantly faster using Direct2D rendering technology in Firefox.
(Credit: Bas Schouten) The race is on
Microsoft declined to comment for this story, referring readers just to last week's blog post about coming Internet Explorer 9 features. "While we're still early in the product cycle, we wanted to be clear to developers about our approach and the progress so far," the company said while sharing a Direct2D demonstration video.
There's no doubt the race is on, though, given the potential benefits of the new interface and the commercial success of Window 7. Microsoft is lighting a fire under its developers, but the company's browser has lagged Firefox and other rivals in many technological areas for years, and many Web developers loathe earlier versions of IE still widely used. IE's market share has steadily eroded, though it remains dominant overall.
The attention is giving Google ideas, too. In a Chrome issue logged Sunday, Chrome programmer Peter Kasting pointed to Schouten's blog post on the subject as "motivation."
"If we can speed up the rendering time, the most noticeable benefit will probably be smoother-feeling scrolling," Kasting said. He also directed attention in October to DirectWrite support in Chrome, though cautioning that it might not work with the browser's present "sandbox" design to isolate elements of the browser for security reasons.
Mozilla has its own results to show off, too. Schouten offered a graph showing improved performance displaying a variety of Web pages. Facebook, Google, and Twitter rendered on the screen in half the time using the Direct2D; Slashdot and a Wikipedia entry were barely changed. One taxing page using the Scalable Vector Graphics format (SVG) to show movable, resizable graphics showed more than twice as fast, dropping from about 11 milliseconds to less than 4 milliseconds.
Microsoft's DirectWrite permits smoother display of many fonts.
(Credit: Microsoft) What actually changes?
Direct2D replaces an older technology called Graphics Device Interface (GDI) used in Windows XP. Both offer a way for programs to tap into computing hardware without having to worry about the particulars of video card capabilities and settings, but Direct2D taps into hardware acceleration features.
The technology lets programmers control basic elements such as transparent boxes, curved lines, and resizable photos. Out of these, user interface elements are constructed; Direct2D calls upon a computer's graphics processor to speed that up. It's particularly helpful for dynamic situations that change element properties such as color, size, or opacity.
DirectWrite offers a similar graphics chip boost to the task of displaying text. That may not sound computationally intense, but some parts of it are. In particular, DirectWrite offers a more sophisticated mechanism for displaying text to take advantage of something called sub-pixel positioning of letters.
Each pixel on an LCD screen is actually made of three tiny slices--for red, green, and blue components--and sub-pixel technology subtly draws letters using pieces of these pixels to make the overall appearance smoother. The older GDI permitted some sub-pixel positioning, but only smoothed letters in the horizontal direction; DirectWrite smooths curves vertically as well.
Using the graphics chip in Direct2D and DirectWrite operations brings several advantages. Performance is the first: some operations are faster or smoother, and having more power on hand lets programmers tackle more ambitious projects. Second, the general-purpose central processor, relatively inefficient at handling graphics tasks, is unburdened, freeing it up for other tasks and saving battery power.
Firefox already has a graphics system of its own called Cairo. Schouten has been adding a Direct2D and DirectWrite.
Firefox is of course a browser that doesn't just work on Windows. The DirectWrite technology helps that operating system catch up to its rivals, said Mozilla's John Daggett in a blog post Sunday. "Platform APIs [application programming interfaces] on Mac OS X and Linux already do a good job rendering Postscript CFF [Compact Font Format] fonts," he said. "This just brings them up to parity under Windows 7."
Direct2D is used elsewhere in the browser. "We've made significant progress and are now able to present a Firefox browser completely rendered using Direct2D, making intensive usage of the GPU," or graphics processing unit, Schouten said. And because Cairo is used by other open-source software, other projects will benefit from the work, he added.
The Direct2D work is Mozilla's second hardware acceleration effort; the company also is working on one using a different hardware acceleration interface called OpenGL for mobile devices using Nvidia's Tegra chips, according to Mozilla.
This Mozilla demonstration of photos and Scalable Vector Graphics (SVG), with transparency and click-and-drag resizing, works more than twice as fast Direct2D graphics.
(Credit: Screenshot by Stephen Shankland/CNET) The interactive Web
Microsoft went out of its way to emphasize that the Direct2D and DirectWrite work will help existing Web pages without programmers having to change a line of code. Dean Hachamovitch, general manager of Internet Explorer, contrasted that to other hardware acceleration efforts including Native Client and O3D from Google and WebGL from Mozilla and the Khronos Group.
Native Client, O3D, and WebGL are part of a long list of developments designed to transform the Web into a foundation not just for static pages but also for interactive applications. Those technologies, though, require new programming skills and tools.
Mozilla, Google, Apple, and Opera have been pushing this interactive Web agenda, and Microsoft is showing signs of interest, too. However, for now, Microsoft emphasizes that Direct2D support will help the existing Web. But the browser makers have their eyes on interactive technology as well. Direct2D will help with complex sites that use 2D graphics interfaces such as SVG and Canvas, Mozilla said.
Added Schouten, "As Web sites become more graphically intense, dynamic graphics will start playing a larger role, especially in user interfaces."
With most computers threatened by attacks coming through Web applications, it's no surprise that security would be a key piece of Chrome OS, Google's browser-based operating system that stores data in the cloud.
In this video, Google security engineer Will Drewry explains how Chrome OS separates user data from root or system data, which makes the system more secure and easier to re-install the operating system.
(Credit: Google)Google showed off its new lightweight operating system designed for Netbooks and cloud computing on Thursday. As anticipated, it will rely on many of the same security features and concepts used by the Chrome browser.
"The browser is the operating system. We've expanded the browser to add operating system functionality," Caesar Sengupta, a group product manager at Google, said in an interview.
Chrome OS uses a combination of operating system-level protections and exploit mitigation techniques to limit the attack surface, or amount of code that can be targeted in an attack, and to reduce the likelihood of an attack being successful. "The biggest security impact is that all applications run within the browser," Sengupta said.
Chrome relies heavily on sandboxing, keeping different processes and applications in separate partitions. This limits the interaction between applications and the OS kernel.
For example, with conventional operating systems, if an application crashes, it can crash or otherwise affect other programs that are running, Sengupta said. "But if everything is sandboxed, that becomes more difficult to do," he added.
Many systems are compromised by deceptive attacks, such as when a user opens an innocent-looking PowerPoint file which unleashes a virus or other malware that can get access to everything on the computer.
With Chrome, "applications can't just download any binary and run it," Sengupta said.
Chrome has a verified boot process that uses cryptography to ensure that the Linux kernel, the nonvolatile system memory, and the partition table are not tampered with when the system starts up, according to a security overview of Chrome. (Google security engineer Will Drewry explains the security concepts of Chrome OS in a video on YouTube.)
"Right now, on your conventional operating system, any kind of process can run, which makes it difficult to predict what any process will do," Sengupta said. "On Chrome, because the whole operating system is essentially signed by Google, there is a lot we can do to make it secure."
If an application manages somehow to break out of the browser sandbox, to get through the kernel hardening and processing infrastructure, and manages to change something on the operating system, the changes will be detected the next time the user boots up the machine. "As soon as it detects something is different and not signed by Google, it will warn the user and try to clean itself again," Sengupta said.
Cleaning up is easier than with a standard operating system, too, because the system data is separated from the user data, which includes user preferences, system settings, and a local cache of data stored on the Google servers in the cloud, he said.
All user data stored by the operating system, browser, and any plug-ins are encrypted and users cannot access each others' data on a shared device, according to the Chrome OS security page.
Meanwhile, Chrome will automatically update to get the most recent software and patches for the operating system, just like the Chrome browser updates in the background while users are online, Sengupta said. Users will not run the risk of having their system get infected or compromised before they can install updates, as happens with Windows and other software.
In addition, the antiphishing technology found in the Chrome browser will protect Chrome OS users from inadvertently visiting malicious Web sites, he said.
Google is publishing detailed design documents on Chrome OS, which will allow security experts to scour the code for weaknesses over the next year before the operating system is released to the public, according to Sengupta.
There are some security and networking technologies that are supported in other operating systems that Google is passing on, at least for now.
Google will keep an eye on biometric authentication technologies, but believes that the cost/reliability trade-off is not where it needs to be just yet, according to the security overview for Chrome OS. Smart cards and USB crypto tokens are "interesting technology, but we don't want our users to have to keep track of a physically distinct item just to use their devices," the overview concludes.
Google is likewise not interested in Bluetooth, a wireless protocol widely used in laptops and handheld devices, for authentication. "Bluetooth adds a whole new software stack to our login/screenlocker code that could potentially be buggy, and the security of the pairing protocol has been criticized in the past," the security overview says.
Updated November 24to clarify that Bluetooth is not being considered for authentication.
Amid promises to "reinvent the Web," the browser Opera debuted a new beta feature earlier this year called Unite that has been deemed stable enough to offer to all users. Opera's own hype aside, the Unite service provides people with the capability to serve files, host and stream music, and send messages to each other from inside the browser itself--a feature that is unique among the big five browsers. Opera 10.10 is available for Windows, Mac, and Linux.
Much like Opera's built-in e-mail client, Unite is basically a cloud-based, customizable server that includes multiple services, but its open API allows you to write and share your own services. The initial offering includes the default Unite Home, which is the Opera Unite Web page that is given to each user, a media player for creating your own publicly available music stream, the "fridge" for a Facebook-style message wall, an instant messenger with a public/private toggle, a photo sharing app, and file serving and Web hosting capabilities.
Besides including Unite, Opera 10.10 also includes an array of bug fixes, mostly aimed at smoothing out the Unite experience, tweaking mail, news, and chat features, and fixing three security problems. Two are relatively minor, one concerning an error message leak and the other a buffer overflow. The third error Opera is refusing to disclose at this time, but stated that it was discovered by the Google Security Team's Chris Evans. The full changelog for Opera 10.10 is available.
As I've tested Unite over the past few months, it's generally been a stable experience, with a few hiccups to be expected by the beta. However, it hasn't exactly set the browsing world on fire, either, and its target audience is still hard to define. Do you have an opinion on Unite? Let me know in the comments.
Retailers aren't the only ones gearing up for the holiday season. Criminals are also out in force.
To highlight the increased crime during the holidays, security company McAfee has come up with the "12 Scams of Christmas" ranging from bogus electronic greeting cards that deliver malware instead of cheer to fake charities that steal your money and your identity.
It's especially important to be extra careful this time of year, says McAfee's David Marcus. "The bad guys know people are spending more time online, they're paying more bills online so [the criminals] stand a chance of being a bit more successful this time of year.
In a podcast interview (scroll down to listen), Marcus counted down the 12 scams of Christmas starting with:
- Charitable phishing scams: Marcus warns consumers to be wary of e-mails that appear to be from legitimate charities. Not only will they take your money and deprive charities of needed funds, but they will also steal your credit card information and identity.
- Fake invoices from delivery services: During this period, scammers will send out fake invoices and delivery notifications appearing to come from Federal Express, UPS, the U.S. Postal Service or even the U.S. Customs Service saying that they were unable to deliver a package to your address. They ask you to confirm your address and give them credit card information to pay for delivery.
- Social networking friend requests: Bad guys take advantage of this social time of year by sending out authentic looking friend requests via e-mail. Marcus recommends that you not click on those links but sign into Facebook and other services and look for friend requests from the site itself. Clicking on a link could install malware on your computer or trick you into revealing your password.
- Holiday e-cards: Be careful before clicking on a holiday e-card, especially if it's from a site you haven't heard of. This is a way to deliver malware, pop-ups, and other forms of unwanted advertising. Some fake e-cards will look like they come from Hallmark or other legitimate companies, so pay close attention and make sure it's from someone you know. If you're going to send an e-card, be sure you're dealing with a reputable service lest you risk infecting yourself and your friends.
- Fake "luxury" jewelry: If you see an offer for luxury gifts from companies like Cartier, Gucci, and Tag Heuer at a price that's too good to be true, it probably isn't true. These links could lead you to malware and take your money or merchandise that will probably never arrive (or be fake if it does). Some of these sites, according to McAfee, even display the logos of the Better Business Bureau.
- Practice safe holiday shopping. Make sure your wireless network is secure and be sure you're shopping on sites that are secure. Though it isn't an iron clad guarantee, you should look for the lock icon in the lower right corner of your browser and make sure the Web page starts with https. The "s" stands for "secure."
- Christmas carol lyrics can be dangerous: Bad guys know that people are searching for holiday related sites for music, holiday graphics, and other festive media. During this time, they create fraudulent holiday related sites.
- Job search related scams: With the unemployment rate at 10.2 percent, there are plenty of job seekers looking for work. Beware of online offers for high paying jobs or at-home money making schemes. Some of these sites ask for money up front, which is a good way for criminals not only to steal your "set up fee" but misuse your credit card too. Marcus said that some "get rich quick" sites are all about money laundering, asking you to accept an inbound financial transfer and pay them.
- Auction site fraud: McAfee has observed a rise in fake auction sites during the holidays. Make sure you're actually going to eBay or whatever site you plan to deal with.
- Password stealing scams: Criminals use low-cost tools to uncover passwords, in some cases planting key logger software to record keystrokes. Once they get your passwords, they gain access to bank accounts and credit card accounts and send spam from your e-mail accounts.
- E-mail banking scams: A common type of phishing scam is sending out official looking e-mails that appear to come from your bank. Don't click on any links but type in your bank's Web address manually if you need to access your account.
- Files for ransom: Hackers use malware to gain control of your computer and lock your data files. To access your own data you have to pay them ransom.
Listen to Larry's interview with McAfee's David Marcus
Listen now: Download today's podcast
(Credit:
CNET)
With more than 100,000 apps in the iTunes App Store and huge success around the world with the iPhone, it would appear Apple has done just about everything right with the launch of its first mobile handset. But as any iPhone app developers will tell you, the app approval process is less than ideal, with some developers waiting well beyond Apple's 14-day waiting period and sometimes longer to get their apps approved. Though Apple has stated it is working on the app approval process, there has been little in the way of progress if you ask iPhone app developers.
Recently, Apple added an automated system for weeding out developers who use Apple's private APIs, a process that may be part of a larger plan to cut down on some of the wait time. Unfortunately, developers are still struggling to get their apps to the iTunes store, finding out at the end of the 14-day waiting period that it was the automated system that turned them down. Hopefully, as more time passes, Apple will be able to figure out a way to make the process more efficient while still being able to provide high-quality and secure apps for everyone. Happy iPhone app developers mean more and better apps, so it's in all of our best interests for Apple to make the process better.
This week's apps include a new (to iPhone) multiservice chat client and a stunt-racing game with beautiful 3D graphics.
Use the tabs at the top to switch conversations
(Credit: Screenshot by Jason Parker/CNET)Trillian ($4.99) is a popular multiservice chat client on Windows machines that you can now use on your iPhone. Multiservice chat clients are ideal for those who have accounts across several services like Yahoo, Google, ICQ/AIM, and MSN, and want to use just one client to access them all. The interface is fairly intuitive, letting you add your user names and passwords for each service, and then letting you log on to all or specific services with only a few taps on your touch screen. Trillian does not support landscape mode for typing yet, but the developers say it is coming soon.
Once you're logged in, the Trillian interface looks a lot like it does in the Windows client, complete with your buddies' avatars, contact categories (friends, coworkers, etc.), and color-coded icons to indicate which service your friends are using. The way Trillian handles multiple chat sessions on the iPhone client is excellent, with a touch-scrollable tabbed interface, making it easy to switch conversations quickly. Also especially useful (and clever) is the push notification system, that sends you the first message of a chain so you know someone is trying to reach you, but doesn't send a huge list of messages when you don't want them. At this time, you can only stay logged-in (with the app suspended) for a maximum of 24 hours, but the folks at Trillian say it will be lengthened to seven days in future updates. Though the price is a little steep in my opinion, Trillian is a high-quality chat client that will appeal to those who use multiple services.
The screenshot doesn't do it justice, but this game looks and plays great
(Credit: Screenshot by Jason Parker/CNET)Jet Car Stunts is a stunt-racing game that runs surprisingly smoothly on first gen iPhones on up to the 3GS. Beyond the beautiful graphics, the driving control system is excellent, using the accelerometer for steering and onscreen controls for gas and brakes. What makes the game unique from other racing games are the controls for your rocket boost to complete big jumps, and the braking system that works both on the ground and in the air.
You can choose from two different game types including Time Trial and Platforming. In Time Trial, you race five laps around a track with corkscrew twists, tight turns, and huge jumps, to qualify for bronze-, silver-, or gold-medal times. Platforming has no time limit, but instead records the number of tries it takes you to complete difficult tracks--and they get very difficult in both game types. Time Trial has three skill levels, with four tracks to complete in each to move on the next skill level. Platforming has five difficulty levels, with five tracks in each to pass before moving on. Overall, Jet Car Stunts is one of the more unique racing games and features excellent graphics, extremely smooth controls, and plenty of replay value, with increasingly challenging tracks. I've had the game for a week and I still can't get over both how good it looks and how smooth it plays.
What's your favorite iPhone app? Were you waiting for a big-name multiservice chat client like Trillian before spending your money? Is Jet Car Stunts hard or am I just not good enough? Let me know in the comments!
