Latest Entries »

The U.S. National Institute of Standards and Technology (NIST) is developing a guide for testing third-party apps to ensure that they are secure and don’t introduce any vulnerabilities.

The government agency has prepared a draft of its recommendations, “Technical Considerations for Vetting 3rd Party Mobile Applications,” and is seeking industry feedback by Sept. 18. The aim is to help enterprises make full use of commercial mobile programs.

“Agencies and organizations need to know what a mobile app really does and to be aware of its potential privacy and security impact so they can mitigate any potential risks,” said NIST computer scientist Tom Karygiannis in a statement announcing the release of the draft.

The draft publication “describes tests that allow software security analysts to discover and understand vulnerabilities and behaviors before the app is approved for use,” Karygiannis said.

The document, once finished, will give organizations a guide for testing third-party apps that they may want to use for official business. It will also detail the different types of vulnerabilities commonly found on Android and Apple iOS devices.

Many of today’s mobile apps, such as calendars, require access rights to various parts of the device’s OS. Granting permissions to these apps, however, can introduce security vulnerabilities to a secured system. For instance, giving a collaboration app access to a contact list could inadvertently reveal names on the list that should remain private.

Mobile devices can also gather a lot of data unbeknownst to the owner of the device. Malware, for instance, could be surreptitiously installed to record phone conversations, or users could be secretly tracked through the phone’s GPS functionality.

In addition to offering techniques for testing and vetting apps, the publication will also provide descriptions of undesirable behavior, how to manage an app through its entire life cycle, and examples of how vulnerabilities could lead to system compromises.

Beyond security, the publication will also detail how to manage the power that apps can consume on a device.

An agency within the U.S. Department of Commerce, NIST works with industry to develop standards and technologies to encourage innovation, advance U.S. economic competitiveness and improve the quality of life.


As expected, Apple today released the second public beta of OS X Yosemite.

The update, pegged as build “14A329r,” followed the debut of the sixth developer preview on Monday. Then Computerworld had predicted that Apple would ship the public beta today after concluding that the company would refresh the beta after every second developer preview.

This week’s sixth developer preview and second public beta are nearly identical in content and operation.

Apple delivered the first public beta on July 24, four weeks ago today, and three days after the fourth developer preview.

This summer’s public beta was the first for an Apple operating system since 2000, when the company charged $29.95 for the privilege of running an early version of what later became OS X 10.0, a.k.a. Cheetah.

The public beta can be installed only on Macs running OS X Mavericks, which Yosemite will replace, probably on Oct. 22. Apple has also advised users contemplating the public beta to first back up their Mac with Mavericks’ built-in backup utility, Time Machine.

Yosemite requires an iMac from the mid-2007 model on; 13-in. MacBook from late 2008 (aluminum case) or early 2009 (plastic case) forward; MacBook Pro from mid- and late-2007 and on; MacBook Air from late 2008 and later; Mac Mini from early 2009 and after; or Mac Pro from early 2008 and later.

Participants in the Yosemite public beta will be able to install the final edition in place of the preview when the polished version launches this fall.

If Apple hews to a once-every-four-weeks schedule for the public beta, it has two more opportunities for a refresh before Computerworld’s projected Oct. 22 release: on Sept. 18 and Oct. 16. It’s possible that Apple will skip the fourth beta since it would appear less than a week before the final.

The second Yosemite public beta can be retrieved by those already running the first build from the Mac App Store by selecting “Software Update…” from the Apple menu on the top-of-the-screen menu bar.

Yosemite, like its predecessor Mavericks, will be free to download from the Mac App Store when it reaches final form.

Apple’s first public OS beta in 14 years hit its second build on Thursday.


Google appears to be redesigning Glass to make the wearable computer look less nerdy and more like ordinary eyeglasses.

With the company’s computerized eyeglasses, users can take photos and video, view maps and weather reports and read news stories with a tiny see-through display screen that sits above the user’s right eye.

Google received a patent on Aug. 12 for a new design for Google Glass that would replace a separate display screen with an image shown in front of or inside the right lens frame. (Image: U.S. Patent Office)

That display screen, as helpful as it is, also draws attention to users wearing Glass. Some users have complained that Glass looks dorky, while some businesses, including a cafe and a casino, have banned people from wearing them in their establishments for fear that users might be surreptitiously recording others.

Now it appears that Google is working to give Glass wearers a look that would more easily blend in with regular eyeglass wearers.

The company last week received a U.S. design patent for a wearable display device that is part of the eyeglasses, but that doesn’t stick out in front of them.

Sergey Brin, CEO and co-founder of Google, wears the company’s Glass during a product demonstration at the Google I/O 2012 conference in San Francisco. (Image: Stephen Lam / Reuters)

The new computer, which would be built into the frames of the glasses would give users an image, like a map or weather forecast, in front of or in the right lens.

However, it’s unclear whether Google will use the new design.

“We hold patents on a variety of ideas,” a Google spokesperson said in an email to Computerworld. “Some of those ideas later mature into real products or services, some don’t. Prospective product announcements should not necessarily be inferred from our patents.”

While creating Glass without a separate display screen could make the wearable computers more marketable, it also could fire up a privacy storm with people concerned that they would no longer be able to distinguish computerized eyeglasses from regular glasses.

“Google Glass has other problems, like being pointless and annoying, but making you look like a total geek is part of the problem, so changing the look is good,” said Ezra Gottheil, an analyst with Technology Business Research. “Being undetectable is a problem too, however. People are getting pretty upset about potentially being videoed without their knowledge& I imagine some will call for some kind of notification that a recording is being made, and a penalty for disabling it.”


Jumping into the growing NoSQL market, Microsoft has debuted a simple data store through the Azure cloud hosting service.

The document database is well suited for organizations or startups that need a back-end database for storing data on a mobile or Web application, according to Vibhor Kapoor, Microsoft Azure product marketing manager, who introduced the service in a blog post Thursday.

The Azure DocumentDB service, now in preview, is the first NoSQL-styled document database from Microsoft. Azure also offers a number of other NoSQL databases from other vendors, including those from MongoDB, MongoLabs, Nodejitsu, Redis and RavenHQ.

In addition to providing basic document storage capabilities, the service also offers query processing and transaction semantics, two features usually found in relational database systems.

A number of NoSQL databases have sprung up over the past decade to address the need of storing and accessing large amounts of information very quickly, sometimes across multiple servers. Traditional SQL databases have been hard-pressed to scale to the sizes typically required for such work.

Microsoft also announced a number of other initiatives around its cloud service. It is offering the Bing search as a service that can be embedded within third-party applications. Apache HBase database software is now available within Azure’s Hadoop service. And Azure now offers over 300 virtual machine images pre-configured for a variety of tasks.


Intel is taking more steps to provide what it calls “wire-free” computing by 2016, a plan the company first talked about publicly in June at the Computex trade show.

The company is developing a smart dock through which laptops can wirelessly connect to monitors and external peripherals, it said in a blog entry.

The dock will remove the need to plug HDMI or DisplayPort display connectors directly into laptops. The wireless dock will provide USB 3.0-like speeds to transfer data to external peripherals.

“When you walk in the office with your laptop, it will automatically link with your wireless-enabled monitor or projector to deliver an HD streaming experience without the hassle of plugging into your HDMI or DisplayPort,” Intel said.

The chip maker is also developing technology so wireless monitors automatically start and link up when laptops are within a specific distance. Intel calls this “proximity-based peripheral syncing” technology.

Intel demonstrated the technology in a video accompanying the blog post. Users could also log on with face recognition, without the need to touch the keyboard.

Intel has said most of its wire-free computing will be based on WiGig, a fast-growing wireless data transfer technology. WiGig is considered faster than the latest Wi-Fi technology. Intel is also considering WiGig to connect wireless keyboards and mice to laptops.

The company also wants to get rid of power adapters and is developing wireless charging technologies for laptops. Intel at Computex showed laptops charging on a table equipped with a charging pad based on A4WP’s Rezence magnetic resonance technology.

Intel will talk about wire-free computing for business PCs at the Intel Developer Forum next month in San Francisco. The company will share details about wireless docking and displays as part of vPro, Intel’s platform for managing PCs remotely.

Intel wants to make laptops easier to use, so they are more like smartphones and tablets, said Dean McCarron, principal analyst at Mercury Research.

“If they don’t make investment like this, an old-school laptop starts looking really old,” McCarron said. “The goal of all this stuff is to make things seamless and transparent.”

The wire-free development also underscores the importance of WiGig, with more companies investing in the technology, McCarron said.

Qualcomm last month purchased Wilocity, which develops WiGig technology, for an undisclosed amount. Qualcomm will put WiGig in its Snapdragon mobile chipsets so smartphones and tablets can wirelessly stream 4K video to external displays.

Wireless charging will be a big deal for laptops, but it’s not clear which technology will win, McCarron said. The competing wireless charging technology to Rezence is Qi, which was developed by the Wireless Power Consortium.


Want to Google the name of a restaurant in English and then ask for the weather in Japanese? On Android it no longer requires switching back and forth between language settings.

For voice searches, users can now select up to five languages in the search app from the more than 50 supported, Google said Thursday. The app already supported that many languages, but users had to change their settings every time they wanted to switch between them. Now it recognizes automatically the language being spoken.

The change lets people search information in different languages back-to-back. That means you can ask for the weather in Spanish and then dictate a text in French, Google explained.

For now, the update is only for voice search with the latest version of the search app on Android, a Google spokeswoman said.

Getting it to work requires a one-time change to the language settings in the apps menu. Some languages are available in quite a few dialects. For Spanish, there’s different versions for El Salvador, Spain, Mexico and other countries. For Chinese, there are three versions of Mandarin and also Cantonese. A handful of forms for Arabic are supported.

Results are displayed in the language spoken, assuming the app detects it. In one test, spoken results were given for the local weather in Japanese, but not in Spanish.

Google said it will add more languages over time.

On the desktop, people can select their preferred language for all Google services via their Google+ page. But as it works now, only one language can be chosen.


As Google decides whether or not to build out gigabit broadband in Silicon Valley, AT&T said Wednesday that it will jump in.

AT&T said it will bring its AT&T GigaPower network to Cupertino, Calif. So far, however, the company has yet to say when. In April, AT&T said that it would bring its GigaPower network to up to 100 “candidate municipalities,” including other Silicon Valley cities such as Campbell, Mountain View, and San Jose. It has already committed to Houston and San Antonio, Tex., Jacksonville and Miami, Fla., Nashville, Tenn., Overland Park, Kan., and four cities in North Carolina: Charlotte, Greensboro, Raleigh-Durham, and Winston-Salem.

AT&T’s plans will put a bit of pressure on Google, which announced a contest to bring its own gigabit Google Fiber to the Bay Area earlier this year. In addition to its hometown of Mountain View, Google has said that San Jose, Santa Clara, Sunnyvale, and Palo Alto are in the running.

Broadband providers are slowly building out gigabit networks in major metropolitan areas around the country, providing a challenge to what, historically, has been a high-speed broadband market served mainly by Verizon’s FiOS technology on the East Coast. CenturyLink has announced plans for gigabit networks for businesses and consumers, and Cox Communications said in May that it planned gigabit deployments in Phoenix, Las Vegas, and Omaha. Comcast has also quietly begun deploying high-speed fiber connections to the home, although it has never announced a gigabit plan. (Home users can buy an 505-Mbit/s “Extreme 505″ plan” for a whopping $400 per month, however.)

An independent ISP,, began deploying gigabit service to the North Bay town of Sebastopol, Calif., several years ago, and has quietly expanded its DSL service to other North Bay cities. It recently announced a gigabit buildout in the distant East Bay town of Brentwood, where customers will pay $40 per month for a bundle that includes gigabit broadband and voice.

Other ISPs, like WebPass, use microwave backhauls to bounce signals among the various skyscrapers of San Francisco. WebPass only delivers synchronous services of up to 200 Mbits/s, but for $55 per month–much less than what incumbent providers offer.


Hewlett-Packard reported a slight uptick in revenue for the second calendar quarter as its PC sales increased again.

HP’s revenue climbed 1 percent to $27.6 billion for the quarter ended July 31, the company announced Wednesday. It was the first year-on-year revenue growth HP has reported in three years.

The modest rise came almost entirely from PCs, however, and it’s unclear how long that business will keep recovering. Companies are still refreshing PCs after Microsoft ended its support for Windows XP, but those gains won’t go on forever.

Still, HP is benefitting for now. Sales in its Personal Systems Group were up 12 percent last quarter to $8.7 billion, HP said. Most of that increase was from sales to businesses.

Its Enterprise group also reported growth, with sales up 2 percent to $6.9 billion. Revenue from HP’s print division was down 4 percent, however, and revenue also declined from enterprise services and software.

Overall, HP’s revenue beat the expectation of financial analysts, who had expected revenue to decline by 1 percent from last year, according to Thomson Reuters.

HP’s profit for the quarter was $985 million, down 29 percent from a year earlier, due partly to restructuring costs related to layoffs.


When President Barack Obama takes executive action on immigration, he’s expected to give final approval to a rule allowing spouses of H-1B visa holders, now barred from working in the U.S., to get jobs. There could be more changes as well as the Obama administration has met with various tech groups to collect wish lists.

Obama is expected to use his executive authority over the coming weeks to make significant changes to immigration rules in the absence of congressional action.

A roadmap for the president is the Senate’s comprehensive immigration reform bill (S. 744), which has stalled in the House. Obama is being urged to adopt provisions of the bill that don’t require congressional action.

The House isn’t expected to vote on the bipartisan Senate bill, which passed in 2013.

Two key items believed to be getting consideration by the administration were included in the Senate bill.

First: The U.S. now issues 140,000 employment-based permanent visas or green cards each year, half of which go to dependents. The Senate bill exempts dependents from the cap, effectively doubling the number of green cards available to principals.

The idea of only counting principals and not dependents, including children, against the cap extends to family permanent residency as well. That provides an opportunity to create broad-based support for principals-only reform.

A draft letter from several groups to the president calls for the elimination, or at least a reduction, in the “egregious backlogs for legal immigration by counting only principals against the limits set by the Immigration Act of 1990.”

The letter was signed by the IEEE-USA, the Semiconductor Industry Association, the Society for Human Resources Management, and the League of United Latin American Citizens, among other groups.

Former U.S. Rep. Bruce Morrison (D-Conn.), who chaired the House Immigration subcommittee responsible for drafting the 1990 immigration reform legislation that created the present system, believes the White House has the ability, via executive action, to allocate all available employment-based green cards to principals only.

Second: The tech industry also wants Obama to use executive action to “recapture” unused green cards from prior years, and make them available to people now in the permanent residency backlog. The Congressional Budget Office estimates that recapturing unused green cards from 1992 to 2013 would add about 250,000 visas.

The “recapture” action was also sought in the Senate bill.

According to a several sources, some in the high-tech industry may ask the White House to establish an H-1B priority system. The priority system idea was not part of the Senate bill.

The U.S. now uses a lottery system to distribute visas if the 85,000 cap is oversubscribed. A priority system would give preference to firms that aren’t dependent on H-1B visas. This may hurt the major users of H-1B visa, offshore outsourcing firms based both in the U.S. and India.

If a company has 51 or more full time employees and 15% of those workers are on an H-1B visa, it is categorized by the U.S. as H-1B dependent and subject to special rules. There is also opposition within the tech industry to a priority system, so it may lack the support needed.

More certain is final White House approval of a rule to allow spouses of H-1B visa holders who are seeking green cards with authorization to work. For now, spouses can’t hold jobs.

The U.S. received nearly 13,000 written comments on the proposed rule before the comment period closed last month.

Writing in opposition was the Society of Professional Engineering in Aerospace (SPEEA), whose members are employed as scientists and in technical positions at several large companies, including Boeing.

SPEEA said that there is “the strong likelihood” that spouses will have science, technology, engineering and math degrees (STEM), and that in many cases may work for the same employer are their H-1B holding spouse. It warned that if the rule is adopted, “employers will likely exploit this opportunity by preferentially hiring H-1B workers with STEM-degreed spouses in order to acquire two STEM workers with one H-1B visa.”

The U.S. Chamber of Commerce, supports of the rule, arguing that employed spouses “will improve the likelihood that highly skilled H-1B workers will seek to stay in the U.S. on a permanent basis and remain in the U.S. labor force.”

The Obama administration, according to Politico, met with tech and other business sectors earlier this month to discuss immigration issues.

Senator Jeff Sessions (R-Ala), a critic of the H-1B program, said this week in a statement that “the same group of CEOs” that helped to write the Senate immigration bill “is now scheming with the White House to extract by executive fiat what was denied to them by the American people and Congress.”


Generic Android tablets with 7-inch screens and quad-core chips that deliver decent performance could soon sell for under US$35.

Tablets with low-resolution screens are already selling for $45 on Amazon, many of which have single- or dual-core processors from a Chinese chip company called Allwinner.

But the prices could fall under $35 when Allwinner ships its “fully formed” quad-core A33 chip for only $4, said analyst firm Linley Group in a newsletter this week.

The chip’s quad-core processors will deliver better performance than older chips, and be capable of supporting 1280 x 800 displays, the analyst group said. The chip is based on ARM’s Cortex-A7 design and has a Mali-400MP2 GPU, which is capable of rendering high-definition video.

The cheap tablets will likely come from no-name vendors in China, and won’t offer the bells and whistles of Samsung or Apple tablets, but they could increase price pressure on brand names like HP and Acer, which have entry-level tablets priced around $100.

They’ll be most suited to first-time buyers or users who aren’t picky about hardware or software but certainly not power users, said Jim McGregor, principal analyst at Tirias Research. That’s because they’ll likely have limited memory, storage and fewer ports than more expensive devices.

“Users eventually will move up in performance,” McGregor said.

The tablets would almost be disposable items, said Nathan Brookwood, principal analyst at Insight 64.

And they could be here soon.

Mass production of the chip has already begun and prototype tablets have already been built.

A lot would come from Shenzhen, China, where a bulk of the device development is taking place, said Brookwood.

“This Shenzhen ecosystem, it’s absolutely scary what they are doing,” he said. “They operate on very thin margins. The kind of margins that no U.S. vendor can think about running on.”

The no-name tablets usually don’t come with customer support, and some may not have the Google Play store.



Get every new post delivered to your Inbox.

Join 112 other followers