© abardwell

At the recent CanSecWest Applied Security Conference that was held in Canada, three computers running Mac OS X, Vista and Ubuntu Linux respectively were offered for hacking. None of the three were compromised remotely, i.e., via network access, on the first day.

The second day, with rules relaxed a bit by allowing hackers access to all applications that come bundled with the OS, the Mac OS X fell via a Safari web-browser vulnerability. The hacker setup a malicious web site and was able to gain access to the computer after Safari was pointed to that site. Lesson here, don't go to sites that you are not familiar with.

The third day saw Vista fall after the contest allowed third party applications to be probed for vulnerabilities. Adobe Flash was found to be vulnerable, making Vista fall.

Of all three, only Ubuntu Linux was left standing! Talk about security! Bwahaha. See full article.

Related Entries:

Apparently it's not all Fun and Games - 25 September 2006

Linux should use Vista's UAC - 28 April 2007

Windows Vista no more secure than XP: Report - 31 May 2007

Snorting with Red Hat Enterprise Linux - 23 June 2007

Contents of this feed are a property of Creative Weblogging Limited and are protected by copyright laws. Violations will be prosecuted. Please email us if you'd like to use this feed for non-commercial activities at feeds - at - creative-weblogging.com.

I often remind my clients that, just like the rest of us, high-tech businesses are subject to the rules and laws of misleading advertising. As new service delivery models and technologies proliferate in the market, the phrases we coin and the terms we use to describe them often evolve into de facto standards. And where there is a perceived standard, liability for inaccurate marketing follows.

In the consumer sphere, "high definition" tv is the current target. In my view, "software as a service" is not far behind. There is a perception that having a SAAS-delivered solution tells customers and investors that you're on the bleeding edge; "SAAS" is this year's "ASP". But are all SAAS providers actually providing SAAS? The answer depends on whether SAAS has the market perceives the term as a generic description of service delivery or something more.

Maintenance fees should not exist in a SAAS model, for example. The essence of SAAS is access to the best and the latest version of the application, all the time. Similarly, is it fair to call other remote desktop technologies SAAS? Is the customer receiving the same perceived benefits (including scalability and security)in those cases as it would if it were paying for a mutli-tenant, scalable application that is hosted and managed in a robust environment? Time will tell.

Venture Intelligence recently spoke to Ashish Dhawan who over the last two years has been sounding a skeptical note on unsustainable valuation levels linked to the ever-inflating public markets. What does he feel about the current investing climate when the public markets have corrected significantly? Read on… Venture Intelligence: The recent correction in the capital markets justifies your

The security sector has been hot since 9/11. It’s sexy enough so that companies in the normally out-of-favor chip sector can get funding – as long as they are focused on making security chips.

Sunnyvale-based Stretch is announcing today that it has taken a tranche of $15 million from its second round of venture capital from Worldview Technology Partners, Oak Investment Partners, and Menlo Ventures. That brings the total raised since 2002 to $100 million.

Craig Lytle, CEO of Stretch, says the company is using the money to expand as it rolls out new versions of its chips. The chips are a hybrid of a RISC microprocessor and an FPGA, or field programmable gate array. The microprocessor gives the chip its fast performance and the FPGA makes it flexible.

Stretch has tailored the software around the chip and the system so that it can be used in surveillance cameras. Its chips thus sit alongside image processors made by Pixim, a Mountain View, Calif., company that also added $5 million (our coverage) to its second-round funding recently. Beyond surveillance chips, the Stretch chips can be used in a variety of markets where low-cost, high-performance and programmability is important. Other customers include those in wireless, broadcast and machine vision industries.

The company has 60 employees and began shipping its first chips in 2005. It shipped a second-generation chip in October and is now planning a third generation. Surveillance chips are going into security cameras that are increasingly sophisticated. And those cameras are being used in places like London, where there is roughly one camera for every six people, and China, which is beefing up security for the Beijing Olympics. Las Vegas casinos are also heavy users, Lytle said.

These cameras now have high-quality H.264 video where you can discern faces in the images. Stretch’s chips take the analog video and compress it into a form that can be stored and transmitted more easily. It competes with digital signal processors produced by Texas Instruments and others. Lytle said his company can make its chips for as little as quarter of its rivals.

Customers include surveillance camera makers who put the chips into new Internet-based cameras or digital video recorders that store security video. The surveillance camera market is expected to grow from $4.9 billion in 2006 to $9 billion in 2011, according to market researcher iSuppli. Surveillance camera chips themselves are expected to more than double to $1.25 billion in 2011.

The company was founded in 2002 by Albert Wang, who formerly served as chief scientist at both Synopsys and Tensilica. Stretch has licensed processor technology and tools from Tensilica.

ConvoCast is easy to explain to anyone who uses social networks and listens to the radio. It’s a sort of widget for a radio station web site, that lets a radio show listener go to a radio station’s web site and talk with the host and other audience members by leaving audio comments over the phone, or written comments.

In fact, it doesn’t look so different from Facebook’s interface, as you can see from the example below — a test the company made for a New England sport show.

Los Angeles-based ConvoCast’s idea is that there’s a large number of people who want to respond to radio shows, who can’t get through on the call-in phone lines.

The way ConvoCast works is that a radio station owner installs the company’s social network widget on its own site, on the homepage of a radio show. The widget and the site data is hosted on ConvoCast’s own servers. To counter abusive users, it also provides an administrative section, so a station can pull down offensive content. More here.

The big difference between this application, and say, a podcast, is that the radio station has an established listener base, and a sales team that already has connections with local advertisers. The ConvoCast widget includes space for banner advertising, that a station’s sales team can sell to local advertisers, which may also prove valuable as a component of a larger radio advertising package.

A number of radio station owners and affiliated companies are interested in the offering, Convocast tells me. It is working with a number of undisclosed local radio partners to test the service out. It is also looking at offering Facebook applications, in order to attract Facebook users to radio shows.

Iovation, a Portland, Oregon company that aims to track and prevent online fraudsters, has closed off its first round of funding at $15 million.

The basic idea behind Iovation’s product is keeping track of millions of computers to pinpoint the few that are used for fraudulent activities, a scheme the company calls “device reputation fraud management.” Iovation sells its software to online retailers, banks, social networking sites and others.

Of the funding, $10 million was closed last November, provided by Intel Capital. The additional $5 million came from SAP Ventures and European Founders Fund.

Navigation 2.0 arrives today with Dash Navigation’s Dash Express GPS navigator (global positioning system). The gadget represents a new generation of smarter car navigation devices because it has two-way communication between Dash and the user.

One-way GPS systems from the likes of Garmin, Mio Technology, Magellan, and TomTom and can only be so helpful to you. They can show you where to go, using satellite signals to fix your location as you drive. You can search the on-board memory of the devices for  “points of interest” that you may want to visit, like the city hall in a town. Some of them even send you traffic conditions over a one-way radio for a fee of $10 a month or more.

But Dash connects your gadget back to the company’s servers over cell phone (the nationwide GSM/GPRS network of Jasper Wireless) or Wi-Fi wireless Internet connections.

Dash uses “crowdsourcing,” where its own fleet of users communicates back their positions, speeds, and other data (including traffic reports from Inrix in Kirkland, Wash.) so that Dash can calculate traffic on both freeways and major side streets. This is a big advantage over other kinds of GPS navigation systems, and Dash recently decided to cut its price from $600 to $400. It goes on sale today at Amazon.com.

“There is an element of Web 2.0 meets GPS here,” said Mark Williamson, director of services for Dash. “Others get you from point to point. We can tell you what is around you.”

My colleague Matt isn’t so fond of the Dash Express, which I will acknowledge has some drawbacks. One of the problems is that it costs $12.99 a month to use some of the best features of beyond GPS navigation. The question is whether users are going to care about all of the slight advantages that Dash has over other dumb GPS gadgets. (more…)

Open source has gone mainstream, but now what?

That’s what I asked leading open source investor Larry Augustin (pictured left; he founded VA Linux, SourceForge, and backed many more) and Harold Goldberg, chief executive of Zend, at the InfoWorld Open Source Business Conference, which just wrapped up.

All the evidence suggested open source has arrived: This year, some 40 percent of the conference came from the IT departments of large, traditional tech companies, Goldberg estimated — far more than previous years, when early dilettantes dominated, such as VCs and lawyers. Also, Microsoft, the embodiment of “un-open source” software, said it wants to warm up to the source community. Finally, you no longer have to convince anyone that open source can make money, Augustin and Goldberg said: This past year Citrix acquired open source virtualization company XenSource and Sun acquired open source database company MySQL for large sums of money.

But….is that all there is? Even Goldberg, optimistic overall, conceded he was disappointed when he heard that MySQL, rather than going public, had been purchased by Sun.

There aren’t a lot of open source companies making it big on their own. Basically, there’s Red Hat and … Red Hat. That’s because the first big wave of open source companies is just now reaching maturity, Augustin said. So there aren’t many mature companies period, and it makes sense that there’d be even fewer that have stayed independent.

Acquisitions aren’t the end of the world, either, Goldberg and Augustin said, as long as the company takes the right steps to sustain the community. (When it comes to building an open source business, as Rob Bearden said yesterday, “Community is everything.”)

Overall, Augustin and Goldberg seemed excited about these trends, but not everyone shared their view.

I had a chance to interview Bob Bickel, who launched his new company Ringside Networks at the conference (I’m going to post about it later tonight), and he described OSBC as “depressing.” It’s great that the big guys are using open source, he said — unless you thought open source could be something more.

Bickel’s version of what would spell success? A company that could go big by “offering IBM’s software portfolio in open source.” Instead, he said, everyone at the conference (even Ringside) wants to use open source as a marketing tool, not a full business model.

Bickel used to be the vice president of strategy and corporate development at JBoss (which has since been acquired by Red Hat), and he recalled sitting down with JBoss‘ chief executive in 2002 to outline the company’s long-term strategy. Since then, there hasn’t been much new. Everything at this week’s conference was a sort of rehash of what was known long ago: The whole conference is “basically that Powerpoint presentation dragged out,” Bickel said.

For now, Bickel is hoping to see more innovation from social networks.

Augustin also said he’s bullish about that at market, and pointed to Ringside Networks as an exciting example. (You see? It all connects.) In general, Augustin said companies wanting to break into open source should look at consumers to see where to go next.

“At this point, it’s the consumer market that’s driving the enterprise market,” he said.

The Snap Summit 2.0 conference yesterday in San Francisco was supposed to be about the new wave of social applications, but it turned into a Facebook conference.

Here’s why: The number of Facebook applications and downloads just keeps growing — at a faster rate than other social network companies are experiencing.

Dave Morin, the senior platform manager at Facebook, was the event’s main attraction. He opened his talk with a story about a woman he had met outside. She had created a Facebook application “Easter Eggs” three weeks ago. She built it in a week with the Ruby on Rails programming tools. She released it and saw it grow to more than 300,000 users. She sold the application on Tuesday. While this is an unusually good scenario, there are still many developers trying their luck: More than 100 such apps are launching every day.

And now Facebook’s going to be launching a new e-commerce technology, giving users and applications better ways to make, bill and receive payments in a “frictionless way,” meaning applications can make money beyond just through advertising.

So there’s even more reason for developers to jump in and build applications.

Facebook now has 67 million active users. It’s like an obsession for many, despite the general skepticism about the revenue potential of social networks and the widgets that live on them.

Stanford professor BJ Fogg is actually paid to teach on the psychology of Facebook. During his talk at the Snap Summit 2.0, he recounted lessons that came from teaching students who created Facebook applications. These apps had 16 million users by the end of the ten-week class.

Fogg recounted facts well-known to insiders, but which served to remind of the astounding growth of Facebook applications in the early days — such as iLike, a music discovery app, which hit nearly a million users a week after it launched on Facebook’s developer platform in May of last year. “I would wager that no company grew so fast in history,” he said. “It was clear that something special was happening.”There are a half-dozen hooks that explain Facebook’s appeal, he said. One of them he calls “mass interpersonal persuasion,” or a clever use of psychology to get users to do something with their friends. There are 30,000 applications today because people persuade their friends to install, use and share applications. The most persuasive ones of all are the ones that don’t seem like they’re a sales pitch.

Users pay attention to how popular applications are, Fogg said. If they catch on in a viral fashion and the install rates are high, then they are more likely to adopt it. The apps developers have to measure and test their ideas. Don’t sit around brainstorming until your ideas are perfect. Put it out there. If the metrics are good, go for it and then iterate rapidly on the application until you get it right.

Back to Morin: He said Facebook is continuing to upgrade the profile page that users see when they log into the site. Those changes are aimed at making sure a user knows what’s new with friends as well as the actions that a user can take. There are 4 billion pictures on Facebook, but you only see the new ones that your friends have posted. The “wall,” where friends can leave notes or pictures, will be the centerpiece of the profile page. It will add something called “tabs” as a new point of information integration to the page as well. These are things that will increase application usage, Morin said.

During Q&A, Morin shed light on more details on the e-commerce plans. The company will build native support for credit-card purchases, he said. Facebook wants a simple and secure payment system for users, he said. It will include allowing subscription services. It’s coming in the next couple of quarters, which one VC said means “an e-commerce Facebook Christmas.”

One question popped up about TechCrunch’s story on a preferred application provider program at Facebook. The program would would give stronger showcasing to applications Facebook’s managers decide they liked, according to the story. In response, Morin said, “Yesterday there was an article on TechCrunch on a preferred app program or something like that. It’s something we thought about. It’s not something that is being worked on. We know that developer programs have had versions of this. We’ve always tried to approach the market in a very agnostic way. In a fair way. So it’s not something that we are necessarily working on. We are doing these developer roundtables and bringing in developers that are trusted. We’ve worked with larger developers on some things. But there is no formal program at this point.”

In the latter part of the day, the discussion turned to fear and greed. Does the credit crunch mean the good times are over for the Web 2.0 industry? Some applications developers have been impatient about getting funding, so they can grow their applications into companies and then sell them.

There have been very few sales, with one of them in the low millions, for Facebook developers, said Jeremy Liew, a partner at Lightspeed Venture Partners. That’s even the case with developers who have a top-25 Facebook app. He said people should be patient because Facebook applications are really just nine months old. The bigger valuations and investments are yet to come. Liew said he signed three term sheets in three weeks, presumably on social networking companies.

But Seth Cohen, CEO of the application network SocialMedia, was less optimistic. He said it has yet to be determined whether the sale of Bebo for $850 million to AOL marks the peak of the social networking valuations, given the current decline in optimism about the economy. Some areas such as Facebook gaming or Facebook dating apps might be ripe for acquisitions. But not every category.

“VCs are cutting down funding and exits will be suboptimal,” he said. Still, he said the big brands have yet to pour money into Facebook and he expects that to happen.

The month is drawing to an end, which can only mean one thing: Time to argue about various reports on Google’s performance. So far we have one good and one bad. Let’s dive in.

First, the bad. Google had another flat month in terms of paid click growth in February, according to Silicon Alley Insider (which received the comScore data early from a source). The month looks like it saw a 3 percent increase in the clicks year-over-year, but because this is a leap year, you can actually knock that number down to 0 percent growth — same as last month. This looks bad because previous months leading up to January had all seen double digit growth (though it was declining).

As happened last month, Google stock is getting slammed right now, down over 3 percent in after-hours trading. The thought is that Wall Street was hoping for a 5 to 7 percent growth in paid clicks this month.

It’s time to question once again just what this actually means — if anything. After all, following last month’s report people were using words like “disaster” in association with the figures, only to have others come back a few days later to explain that the decline in paid clicks is actually a part of Google’s longer term plans. You see, Google took steps to make sure that less accidental clicks took place on its advertisements, this in turn led to a rise in relevant ads and more importantly, revenue-per-click (our coverage).

At the time, we wrote:

ComScore’s researchers note that they would not be surprised at all to see this trend continue into 2008 — paid clicks go down, but revenue remains steady or improves.

So at least some people out there were expecting today’s results.

Things get even more interesting when you consider the positive report that came out today as well. Last month, Google was once again able to improve its share of the U.S. search market. The search engine accounted for 58.7 percent of searches compared to 56.9 percent in January according to the new numbers from Nielsen (as reported by CNET). These numbers mirror the recently reported comScore numbers for last month, released last week.

So, on one hand Google’s dominance continues to grow, but on the other the company may be stagnating. It’s just another month for Larry and Sergey (be sure to check out our coverage of their “hardships” this past year as well).

[photos: flickr/yodel anecdotal and flickr/james cridland]