Google Overhauls Gmail to Take On E-Mail Overload

gmail-logoNYTimes posted: On Wednesday, Google introduced a new in-box design for its e-mail service, Gmail.

In a blog post announcing the new design, the company said it wanted to help people quickly sort through their messages to determine which ones were important and which ones could wait until later.

The revamped Gmail automatically sorts incoming messages into categories, which appear as three tabs — primary, social and promotions — that users can toggle between in their in-box. The primary tab contains the e-mails that the service thinks are most important. Social contains message updates from various social networks, like LinkedIn, Tumblr and Yelp. Promotions contains newsletters, party invites and concert announcements. Users can also select to add additional tabs to help manage electronic bills, banking statements and messages from forum boards.

“We get a lot of different types of e-mail: messages from friends, social notifications, deals and offers, confirmations and receipts, and more,” wrote Itamar Gilad, a product manager at Google, in the post. “All of these e-mails can compete for our attention and make it harder to focus on the things we need to get done.”

Mr. Gilad said Google’s new in-box is “organized in a way that lets you see what’s new at a glance and decide which e-mails you want to read when.”

The new in-box will begin rolling out for the desktop first, and eventually be available on mobile and tablet applications.

Ubuntu 13.04 Raring Ringtail is out, What’s new?

ubuntu_rrCanonical has released Ubuntu 13.04 Raring Ringtail, most likely the last release of Ubuntu that will primarily cater for laptop and desktop users. For Ubuntu 13.04, Canonical focused on tightening up the core of the OS and  polishing the Unity interface in preparation for Ubuntu’s smartphone and tablet debut, which is slated to occur in October with the release of version 13.10. There’s also the usual slew of package updates, a new Linux kernel, and a couple of new features, too.

The first thing you’ll notice upon booting Raring Ringtail is that Unity, and the PC in general, is faster and more responsive. This is down to Canonical putting a lot of time and effort into tweaking Ubuntu’s core libraries, to reduce the CPU and memory usage of system processes, resulting in a snappier interface (Unity) and installed apps. This tightening of Ubuntu’s core should also reduce power consumption, which is good news for laptop users. While these changes will obviously help laptop and desktop users, their primary purpose is to prepare Ubuntu for its debut on smartphones and tablets, which generally have less RAM and weaker processors. While we’re discussing core changes, Ubuntu 13.04 now uses the Linux 3.88 kernel — a sizable upgrade from Ubuntu 12.10′s Linux 3.5 kernel (which had a nasty security vulnerability, incidentally).

Moving from the core and into userland, Ubuntu 13.04 features updated versions of Firefox, LibreOffice, and Python. The workspace switcher has been removed from the Unity launcher by default, and Ubuntu One (Canonical’s cloud storage service) can now be controlled from the system tray. If you add some social media accounts, such as Twitter or Facebook, there’s also a new “Friends” lens, which is a lot like the People app in Windows 8 — basically, you can browse your friends’ latest updates, like, retweet, and so on. Overall, though, not a whole lot has outwardly changed in Ubuntu 13.04 — it’s definitely more of a tweak-and-polish release. For a good overview of Ubuntu 13.04′s new features, watch the video below.

http://www.youtube.com/watch?v=fH2VHiIW_dE

If you want to try out Ubuntu 13.04, your best bet is to download the ISO and install it in VirtualBox — or, if you’re feeling daring, and perhaps a little disillusioned with Windows 8, how about you try running Ubuntu 13.04 as your primary OS? You might be pleasantly surprised. If you’d rather just dangle a toe or two in the water, there’s an excellent guided tour of 13.04 up on the Ubuntu website.

ubuntu-tv-pc-smartphone-tablet
The whole Ubuntu ecosystem: TV, PC, tablet, smartphone (in theory)

Looking ahead, Canonical now has its work cut out with Ubuntu 13.10, which will introduce the Ubuntu Touch interface for smartphones and tablets. Details are fairly scarce at the moment, in accordance with Canonical’s move to a closed-door development process, but it seems like Canonical is attempting to create a single version of Ubuntu that works across PCs, smartphones, tablets, and even TVs (See: Canonical outs Ubuntu TV: Brave or stupid?) Ever since the Unity interface was first introduced, we have presumed that Ubuntu was heading in the direction of mobile devices — and now we’re just six months away from it actually happening. It’s definitely a savvy move for Canonical, with the PC market slowly dying, but whether it can actually carve out a section of the mobile market from Apple, Google, and Microsoft remains to be seen.

Cross-posted from ExtremeTech.

 

Apple adds two-step verification option for Apple IDs

A new security option gives Apple’s customers a way to secure their Apple ID password using their phone.

Apple 2step Verification

Cross-posted from Cnet:

Apple today added an extra layer of security to its Apple ID system that can harden the password people use to log in to various Apple services.

Users with an Apple ID can now sign up for two-step verification of their password, a system that sends a four-digit passcode by text message to a user’s phone, and must be used on top of a regular password. In practice, this could keep an account from being compromised by an attacker, unless that person had access to the mobile device too.

The move comes a little less than a year after Apple required users to set up security questions for their online accounts, a common security measure that was notably absent. Once two-step verification is enabled, there are no longer security questions to remember.

“Apple takes customer privacy very seriously, and two-step verification is an even more robust process to ensure our user’s data remains protected,” an Apple spokesperson told CNET. “We are now offering our users the choice to take advantage of this additional layer of security.”

Of note, the feature is currently available only in the U.S., U.K, Ireland, Australia and New Zealand.

Apple is the latest tech company to employ the security feature, which was discovered earlier by 9to5mac, as an option. Google, which has quite a few more online services than Apple, added it as an option in early 2011. Others, including Facebook, Yahoo, PayPal, and Dropbox already had the option.

The need for that extra layer of security was highlighted in the woes of journalist Mat Honan, who was targeted in a cascade of account hacking last year. That all kicked off with Honan’s iCloud account and eventually led to access of his personal e-mail and Twitter accounts. That ultimately led to Apple reviewing its security processes for resetting account passwords. Evernote also said it plans to add it later this year, following a cyberattack earlier this month.

More recently, Apple itself was the target of a coordinated attack that used a vulnerability in the Java plug-in to gain access to corporate systems as well as employee computers. In a statement last month, the company said there was no evidence any data was taken. Apple was just one of several companies involved in a series of attacks that also targeted Facebook, The New York Times, The Wall Street Journal, and The Washington Post.

Apple’s user base at its various stores and other online stores continues to grow. Its last official number, released in January, put it at “over 500 million active accounts.”

Dropbox Makes PDF Viewing Less Painful, Adds Push Notifications For Shared Folders

Dropbox-Logo-BGJust a few days after adding a new set of features to Dropbox for Teams, the cloud storage company rolled out a new version of its iOS application which introduces a few useful additions as well. For starters, it has added an improved PDF viewer, which lets you navigate to any page in the document by tapping on the thumbnail. It’s rather awesome, in fact. The update also introduces push notifications for folders shared with you – a feature that’s now available on Android, too.

dropbox-pdf-viewerThe revamped PDF viewer will be particularly welcome for business users, as it not only offers the multi-page layout for easier navigation, it lets you search for keywords or phrases in the PDF file, too. An interesting side note on this – Dropbox is actually using a paid, third party component called PSPDFKit for the viewer. Dropbox’s Stephen Poletto shared this news on Twitter earlier today.

Another new addition which will again appeal to professionals on the service, is the ability to now sort files by the date they were modified – that’s handy for those using shared folders as they collaborate on files that are under revision.

A small thing, perhaps, in the grand scheme of things, but one that’s going to make life easier on a large number of users.

It’s also shows that Dropbox is thinking about the kind of things its business users need. The little pain points that, when combined, can add up to an overall poor experience.

The push notifications option will alert users when someone shares a folder with them. This feature will be handy for both consumers and enterprise alike. While it’s new to Android and iOS, the PDF viewer has not yet made its way to Android at this time. That should change soon, though, as Dropbox tries to keep its platform releases relatively close together.

The updated app is here on iTunes, and the Android version is here.

Credit: TechChurch

Dropbox tests two-factor authentication

Dropbox-Logo-BGh-online: Cloud backup provider Dropbox says it has begun a public test of two-factor authentication for its service. Dropbox had announced it would start offering the security measure after the service experienced a data leak at the beginning of the month.

Users who activate two factor authentication will have to enter a security code after logging in with their username and password. The security code can only be used once and is sent to the user’s mobile phone in a text message. To generate security codes, users can also use a variety of smartphone applications such as Google Authenticator. Details of the process are given on the two-step verification help page.

Two-factor authentication protects a user’s account even when an attacker gains access to the account password. The second factor, in this case the user’s mobile phone which receives or generates the security code, is needed to take over the account. When activating two-factor authentication on Dropbox, the user also receives a 16-character emergency code that can be used if the user loses their mobile phone or runs into problems with the code generator. The emergency code should be kept in a safe place, out of the reach of hackers. It would be prudent not to store it in the same place as the Dropbox account password. Web sites that have been using two-factor authentication for a while include Google and Facebook.

Users who want to take part in the test of two-factor authentication, have to explicitly activate the security feature for their Dropbox account and install the experimental version 1.5.12 of the Dropbox client. The current versions of the Dropbox smartphone applications for Android and iOS are already usable with the experimental feature.

http://h-online.com/-1676276

Firefox 17 to make add-ons more secure

logo-onlyh-Online: As suggested by some of its developers back in 2010, the Firefox browser will introduce enhanced separation between add-ons and the rest of the browser. With the change, which is planned to take effect with the release of Firefox 17, scripts on web pages will only be able to access the data belonging to add-ons if they are included in a whitelist.

The beta version of Firefox 15 already logs warning messages in the browser’s Error Console when a page that is not on the whitelist tries to access data from add-ons. This behavior has been included to make add-on developers aware of the new policy and to give them time to fix their add-on’s behavior before the release of Firefox 17.

In the current versions of Firefox, entire add-on objects can be shared by adding them tocontentWindow.wrappedJSObject which allows scripts on web sites to access all data belonging to these objects through the window.sharedObject variable. With Firefox 17, add-on developers are required to explicitly mark attributes with the __exposedProps__property which acts as a whitelist for objects that Firefox will share. Possible values for this property allow read-only access, write-only access and read and write access.

Web site code will not have to be modified. The change also does not affect add-ons that are passing numbers, booleans or strings from the add-on to the web page; only actual add-on objects are affected.

Mozilla recommends that add-on developers thoroughly test their code in the Firefox 15 beta, keeping an eye out for errors in the Error Console. Afterwards, they should test with a nightly release version of Firefox 17 and see whether their add-ons break. Add-ons developed with Firefox’s Add-on SDK should be automatically compatible after updating to the latest release of the SDK, but Mozilla recommends that developers test them after updating nonetheless.

http://h-online.com/-1672626

Microsoft unleashes Windows attack tool

TheRegister.co.uk wrote:

Attack Surface Analyzer explains what apps do to your beautiful Windows installation

Microsoft_LogoDevelopers, developers …. *&^%%!!# developers who break Windows!

That may well be a refrain that motivated Redmond to release a new software tool, Surface Analyzer 1.0, which explains how new apps impact Windows’ ability to repel the various varieties of naughtyware.

Microsoft explains the tool’s powers thusly:

Attack Surface Analyzer looks for classes of security weaknesses Microsoft has seen when applications are installed on the Windows operating system, and it highlights these as issues. The tool also gives an overview of changes to the system that Microsoft considers important to the security of the platform, and it highlights these changes in the attack surface report. Some of the checks performed by the tool include analysis of changed or newly added files, registry keys, services, Microsoft ActiveX controls, listening ports and other parameters that affect a computer’s attack surface.

Redmond expects developers will find the new application useful to fine tune their wares before imposing new worries on real, live, end-users. IT departments are also expected to find the tool useful.

The new version of Attack Surface Analyzer is a full 1.0 release, taking the tool out of beta. You can grab it here.

VirusTotal online scanner adds behavior analysis

VirusTotal-logoh-Online: The developers of the VirusTotal online virus scanner service are currently testing a new sandbox feature to provide users with more meaningful scan results. In a post on the company’s blog, software architect and developer Emiliano Martinez says that, for this purpose, samples uploaded to the service are executed in a controlled sandbox environment where their actions can be “recorded in order to give the analyst a high level overview of what the sample is doing”.

An analysis of the uploaded file’s behavior is then displayed in a new “Behavioral information” tab as part of the scan results. VirusTotal logs file and registry activities as well as new processes and code injections. The scanner also issues a notification when a file directly sends commands to certain device drivers.

With the free online service, users can submit URLs and files to be analyzed by various antivirus engines and scanners for malicious content such as viruses, worms and Trojans. However, it is often only the heuristics that flag up issues – which can be identified by result descriptions that contain keywords such as “Heur”, “Suspicious” or “Generic”. Occasionally, this causes legitimate files to be regarded as suspected viruses without giving users the option to establish whether there is an actual threat.

Even a sandbox analysis carries a residual risk as some Trojans quietly check whether they are being executed in a virtual environment when they’re launching. If this is the case, they will act inconspicuously, only launching their malicious payload on a real Windows system.

The behavior analysis is currently being carried out by the scan engines at a different time than the virus analysis. It only scans executable files that are less than 8 MB in size and were previously unknown to VirusTotal. Therefore, it makes sense to keep the results page open and reload it occasionally to check whether a new data has been added.

Martinez notes that the behavior analysis is still in its early days, and that there is no guarantee that uploaded files will undergo the added analysis. The company uses Claudio Guarnieri’s open source Cuckoo sandbox. Incidentally, VirusTotal is far from being the only online tool to use a sandbox: Anubis, MWAnalysis CWSandbox and ThreatExpert have offered similar services for quite some time.

http://h-online.com/-1651766

Third edition of vulnerability spotter Secunia PSI

secunia-psiVersion 3 of Personal Software Inspector (PSI), Secunia‘s free program updater, has been released with a much simplified user interface, enabling less technically astute users to keep their Windows applications up to date as well.

According to Secunia, the automatic updater has also been enhanced. PSI is now able to keep programs from more than 3,000 companies up to date, though, as before, PSI only cares about updates which fix security vulnerabilities. Version 3 also includes additional translations, including German. The software checks the user’s computer for outdated program versions known to contain vulnerabilities and either installs updates or provides links to download them.

Secunia has reintroduced a number of functions found in previous versions which had been missing from February’s beta version. The new version includes up to date programs in its list of detected applications again and there is now an indicator that shows installation progress.

PSI is free for private use. Secunia also offers a commercial alternative for businesses in the form of its Corporate Software Inspector, which has extended administration options.

http://h-online.com/-1628194

Google bringing new smarts to Search with Knowledge Graph

Google’s Knowledge Graph will display summaries of topics when your query is related to one of the 500 million items in Google’s new database of things.

Google_Knowledge-screen

Google has long sought to index the world’s information — and it’s now taking things a step farther with an effort to create “a database of everything in the world.” And it’s bringing this effort to your search results pages.

The new Knowledge Graph project, rolling out to English-language Google Search users over the next few days, provides more data snippets alongside its query results than the search engine currently provides. The results are based on Google’s new database of 500 million people, places, and things, says Jack Manzel, Product Management Director of Search at Google. Manzel says there are 3.5 billion attributes and connections between these things in the database.

You’ll be able to meander through lists of facts and connections when you are searching for items that are in the Knowledge Graph. As one Google example illustrates, if you search for Frank Lloyd Wright, you’ll get a fact box with a summary about him (from Wikipedia), a small collection of biographical facts, and picture links to the buildings he designed. If you click on Fallingwater, you’ll get another fact box about that house.

Google has both personnel and technology to curate what results appear in these fact boxes.

Continue Reading at Cnet: Google bringing new smarts to Search with Knowledge Graph