All posts by Simon LR

HP Reveals TouchPad Pricing And Launch Dates

HP has officially revealed the launch date for the much awaited TouchPad tablet running webOS. Lucky folks in the U.S can expect it on July 1st, with a staggered release for the United Kingdom, France, Germany and Ireland in the near days after and Canada on the calendar for mid-July. The device will be available from the usual retailers (Best Buy, Staples and Walmart to name a few) and while there is no word on carriers picking it up immediately, HP did mention a partnership with AT&T to deliver a “connected” version later on in the summer – hopefully this means it will be 4G LTE compatible for faster data rates.

Although the previous rumor pegged the TouchPad in the $699 range, HP has also confirmed model pricing to be $499 for the 16GB version and $599 for the 32GB version. The TouchPad is expected to be shipping with the latest release of webOS, 3.0, which brings along Touch-to-Share with the Pre 3 or Veer smartphones – allowing users to simply place their phones on the display of the tablet to quickly pass along an open webpage.

At the heart of the TouchPad is webOS, a mobile platform written entirely with the “connected web” in mind. With multitasking, a flash capable browser and a growing ‘App Catalog’, HP is looking to fit into the tablet market somewhere between the Apple iPad 2 and the BlackBerry PlayBook.

For more information and official statement see HP Palm’s Official Blog for the press release and a full list of retailers.

New Angry Birds Installation, Mine And Dine, Coming Soon

Angry Birds Logo
Of course you’ve heard of Angry Birds, it’s just about the only game to take the mobile industry by storm overnight and influenced an  elaborate birthday cake with actual game play and completely edible. Rovio Mobile, developers and publishers of the game have given a sneak-peek at the new and upcoming levels on their YouTube page. While the gameplay has stayed relatively the same through-out each and every episode – the scenery, environment and music is an extremely welcome change to the addictive game.

The video shows off an underground level, complete with pigs in mining gear, precious crystals and boxes of explosives. Fans of the game are sure in for a treat when it’s released and hopefully Rovio can expect to see numbers like 1 million downloads in 24 hours again. It’s nice to see that Rovio is continuing to build on the game, but it would be even nicer to see some change or enhancements to the gameplay in order to keep it refreshing and fun.

Be sure to check the App Store, Android Market, your favorite software repository or simply click on over to Rovio’s site for more information on acquiring the game once it’s officially released.

DSLReports.com Reporting Intrusion And Theft of User Data

The extremely popular broadband Internet service review site, DSLReports.com, is advising of a data breach and theft of user credentials and e-mail addresses. Forum members received an e-mail advising them of an attack that occurred on Wednesday during the hours of 2:00 PM and 6:00 PM, wherein “a large botnet” of compromised machines performed an SQL injection attack and retrieved random membership details from a large number of accounts stored in their database which held accounts as old as 10 years.


There is an ongoing discussion in the forums where Justin Beech, founder of DSL Reports, advises that although compromised accounts have had their passwords reset, the attackers may be using the stolen credentials to gain access to other services such as PayPal or Amazon as many users frequently set the same password for online logins. While warning e-mails were sent out to users roughly 6 hours after the attack started, Justin advises that measures were taken to stop the breach before attackers reached 8% of their goal.

Many posters are outraged by the lax security involving the storage of plain-text passwords and lack of mechanisms to mitigate against widely known attacks, like SQL injection on live web applications. Other posters are commending Justin on his open style of reporting the breach and talking one-on-one with members in an effort to show his dedication to resolving the issue.

All users with accounts of DSLReports.com should be changing their passwords for the forums as well as any others that may be tied to their membership e-mail address.

Nokia Knocking Off 4,000 Employees And Outsourcing 3,000 More.

In a last ditch effort to reorganize and refocus their efforts, Nokia will be laying off employees and outsourcing some efforts to consulting agencies. The BBC is reporting that Nokia has announced the loss of 4,000 worldwide jobs and the movement of over 3,000 employees to Accenture, a consulting group, who will be taking over the development of Symbian.

In 2009, Accenture acquired the Symbian Professional Services Operation from Nokia in an effort to provide independent services to an open source ecosystem.

With Nokia planning on manufacturing more than 150 million Symbian devices in the future, Accenture will be providing essential services to the continued growth and support of the platform.

The recent news comes out of the decision for Nokia to adopt Windows Phone 7 as their main smartphone platform and ultimately bench MeeGo and Symbian for the long term future. Over 1,400 employees in Finland are expected to be let go, with the majority of them being MeeGo developers, Symbian architects and R&D researchers. Reductions in the UK are expected to be roughly 700 employees and it is said that Nokia will be saving upwards of 1.4 billion euros from recent restructuring by the year 2013.

Nokia is said to be providing assistance to employees with offering long-term re-employment programs with partners for affected employees. Accenture will be taking up employees from China, Finland, India and the United States in an effort to provide positions for talented Symbian employees.

via BBC

Nokia’s C2-06 Touch And Type Slider Pictured

A device from the unconfirmed Nokia C2-series portfolio has made an appearance in the form of pictures. Showing off more touch-and-type functionality, the C2-06 is a low end feature phone likely to be aimed at emerging markets.

The C2-06 is reported to be pairing a resistive touch screen with a resolution of 320×240 to a portrait sliding 12 key number pad for input. The device runs Symbian S40 and has a 2 megapixel camera and loudspeaker grille on the back. From current pictures, the device lacks an LED flash but makes up for that with apparent dual SIM functionality. In order to do this, 2 separate GSM radios would be required to keep both lines active at the same time. The C2-06 is said to be quad-band (850, 900, 1800 and 1900 MHz) and features a 1020mAH battery that is rated at 480 hours of standby time and 300 minutes of talk time.

There is a microUSB port for data transfer and charging, as well as a legacy 2mm Nokia barrel plug and 3.5mm headset jack on the top. The model lacks WiFi, 3G as well as GPS in order to reduce costs and allow for almost 20 days of battery standby. No pricing is available, but judging from the reduced feature set it should be available off-contract for a very respectable price.

via Hackintosh-India

Google Brings Enterprise Control To Android

With Android being one of the leading smartphone operating systems and very rapidly climbing the charts in deployment, it’s well received news that Google is aligning their mobile offerings to include enterprise-level controls to compete in the business market.Google has updated their Device Policyapplication to include the ability for users to control their Android devices by way of tracking it via GPS, activating the ringer or resetting the PIN or password on the device. In the event that an employee or regular Apps user loses their device, they can use the online remote functionality to retrieve or secure their phone. Administrators and users can set up multiple devices in a new page that provides detailed information about each synchronized device (a tablet or smartphone) and plots the last known location. Devices must be running Android 2.2 or higher in order to use this feature.

Continuing along with the ability to remotely secure a device, Google Apps administrators now also have the option to force encryption for data stored on the device (supporting Android 3.0/Honeycomb tablets with encrypted storage). This will greatly reduce some of the risks that organizations take when employees wish to bring personal devices to work, it will allow security provisioning for any data exfiltration to ensure it is stored properly. Presumably, this can be done on a device-by-device basis allowing administrators to specifically select which devices have this set.

The last minor, yet very welcomed addition is Google Apps Lookup, which provides a much easier way for users to search their corporate address book for a contact. Similar to Microsoft’s Exchange Global Address List (GAL), mobile users can enter the name of a contact (by speech or text input) and the app will automatically search the online Apps directory for the contact and provide all the available information for the user to interact with as a regular contact in their device address book. This feature is available to Android devices running 2.1 or higher and must be enabled by the Apps administrator.

With personal devices making their way into the corporate environment, many organizations are feeling the weight of providing support for numerous devices yet retaining control and security over sensitive information. Google is taking steps in the right direction to take Blackberry head-on with some competition in the enterprise market.

Via Google Enterprise Blog

HP’s webOS 3.0 Gets Screen Captured

When HP announced the TouchPad at their press event, they also proclaimed it would be shipping with a new release of webOS their operating system based on Linux and web technologies. They’ve recently opened up their webOS 3.0 Developer Beta and are providing exclusive access to the new SDK which comes bundled with an emulator. The PreCentral blog has posted screen captures of some of the features in webOS 3.0 including a change from Google Maps to Bing Maps, a new spacious and glorious looking virtual keyboard and a very plain looking Messaging and Music interface.

Bing Maps has replaced the aging and old Google Maps app on webOS. Many webOS users complain about the slow functionality of Google Maps on their devices, hopefully this allows for the much needed faster interface as well as leveraging their existing partnerships for an overall better experience.

HP has also enabled the previously hidden virtual keyboard (all their currently available devices have physical keyboards) showing off a full 5 rows, complete with size adjustment and what looks like a button that moves the cursor to the next text field for input.

Both the Messaging and Music applications are very sparse looking, granted they are not filled up with any content. The Music player has a very minimalistic feel that provides straight forward and quick access to playback controls as well as playlist and song selection. The Messaging application uses their very popular Synergy service that integrates multiple IM services into one seamless view. Contacts on the left and content on the right, it’s very clean and concise.

The TouchPad is rumored to be available by June 2011 and coming in at a $699 price point puts it head to head with some of the competition including the Blackberry Playbook, iPad 2 and the Samsung Galaxy Tab. Hopefully webOS can shine through with the existing multitasking and integration features as well as building up their ecosystem and App Catalog.

Blackberry Bold Touch Gets Touched And Pictured

When it comes to Blackberry leaks and news about Research in Motion, it’s normal that folks at Boy Genius Report (BGR) are behind it and today is no different. BGR has gotten a hands-on with the leaked Blackberry Bold Touch (Dakota) and posted up some device pictures for your viewing pleasure.

As you can see above, the Bold Touch sports a 2.8capacitive touch screen with a resolution of 640×480 pixels paired with an industry-standard QWERTY keyboard and optical trackpad. It has just under 7GB of internal storage backing a 5MP camera and NFC support. It’s rumored to be shipping with OS 6.1 and bringing a host of new features including mobile hotspotfunctionality, a new BlackBerry Messenger interface and polished development framework that brings supports for geo-location, augmented reality and access control.

As well as sporting a new thin design and an entire metal encased bezel, the Bold Touch is the slimmest Blackberry to date – measuring in at just 10.5mm. Rumored to be announced at Blackberry World, being held in Orlando Flora this coming May, the Bold Touch should be available for consumers by late July. From the pictures shown, the hardware has yet to be branded with the Boldmoniker and still looks a bit unpolished. The camera flash module is boxy and doesn’t seem to flow with the rounded design language of the rest of the device. Chances are this is the Blackberry that a lot of users have been pining for a portrait device that brings the features of a touch screen with the tactility of a physical keyboard.

MySQL.com Database Compromised By Blind SQL Injection

An email was sent out earlier today on the Full-Disclosure mailing list, detailing the compromise of numerous MySQL websites along with portions of their database containing usernames and passwords.

mysql_logo

MySQL offers database software and services for businesses at an enterprise level as well as services for online retailers, web forums and even governments. The vulnerability for the attack, completed using blind SQL injection and targeted servers including MySQL.com, MySQL.fr, MySQL.de and MySQL.it, was initially found by "TinKode" and "Ne0h" of Slacker.Ro (according to their pastebin.com/BayvYdcP dump of the stolen credentials) but published by "Jackh4x0r".

The stolen database contain both member and employee email addresses and credentials, as well as tables with customer and partner information and internal network details. Hashes from the database have been posted, with some having been already cracked.

A submission to XSSed.com also details an XSS (Cross Site Scripting) vulnerability affecting MySQL.com that may have provided a secondary entry point for compromising visitors or employees with the organization since early January of 2011.

This is definitely a shame for the folks behind MySQL since they were bought by Sun and later on by Oracle (through the Sun acquisition). MySQL is used by millions of users for small and medium sized databases, including by the popular blogging software WordPress.

The email sent to Full Disclosure lists out all the databases, tables and even some password hashes for the users at MySQL.com. There has been no response from MySQL on this issue yet. We have contacted them for a comment and will update this post once more information becomes available.

More updates coming soon….

Update: This hack also compromised the database at Sun.com, more info on this at http://tinkode27.baywords.com/

Windows Phone 7 ‘NoDo’ Update Is Ready

The long awaited update for Windows Phone 7 is finally ready and will slowly be trickling out to handsets during the week. NoDo’ is the internal name (supposedly in jest of Google’s Donutmoniker) for the update and it brings along the much anticipated copy and paste feature, improved Marketplace searching and better Facebook contact integration. Although this update was first estimated to be available early February, Microsoft delayed to ensure compatibility and functionality for all handsets. Recent updates for Windows Phone 7 handsets were met with some troubles for Samsung devices and again were subsequently held off from public accessibility.

Microsoft has updated their Windows Phone 7 update history page to include the updates slated for March. The version numbering is bumped from 7.0.7008.0 to 7.0.7390.0 and a consumer-friendly changelog is present. In addition to core usability updates many other changes have been made, such as

    • Faster apps and games. Nobody likes to wait. That’s why we’ve whittled down the time it takes for apps and games to start up and resume. It’s all part of our focus on getting you to the things you love, easier and faster.

    • Other Marketplace improvements. We’ve improved the stability of Marketplace while you download apps.

    • Wi-Fi improvements. We now display your phone’s Media Access Control (MAC) address in Settings. (You might need this info if you try to connect to a Wi-Fi network that uses MAC address filtering.

    • Outlook improvements. We’ve improved the experience of viewing iPhone photo attachments you receive from a non-Exchange-based email account (such as a Google Mail, Hotmail, or Yahoo! Mail account), using the Global Address List (GAL) when connecting to Exchange Server 2003 using Exchange ActiveSync, and working with email display names that contain brackets (for example, "David Alexander [Contoso]").

    • Messaging improvements. We’ve improved the experience of receiving Multimedia Messaging Service (MMS) messages if your phone uses a PIN-locked SIM.

    • Camera improvements. We’ve improved the stability of switching between camera and video modes.

    • Audio improvements. We’ve improved the experience of using a Bluetooth headset to make calls when you’re playing music or videos.

    • Other performance improvements. This month’s update also includes software from several phone manufacturers that improves the performance of specific models. Naturally, if you don’t have one of the affected models, we won’t install this portion of the update on your phone.

Since Windows Phone 7 lacks the integrated carrier customizations that many other platforms allow, Microsoft should have an easy time rolling out updates to all handsets in a timely fashion. Hopefully the days of market and localization-based update pushing are over and this can usher in a fast, seamless and user-friendly method of updating smartphones. Unfortunately, it does appear that you will need to connect your device to a computer in order to update through the Zune suite no OTA at this time.