The Apple execs are rumoured to be on their way over. They’re meeting with the major mobile networks in the UK to talk about the April release of the iPad.  Apple announced last week that the release of the Wi-Fi and WiFi/3G models is to be delayed, with the data and pricing plans for the 3G version yet to be announced.

Orange, O2 and vodafone are siad to have been shortlisted for exclusive distribution rights for the 3G iPad. However, this may well all depend on how much the companies are willing to sibsidise the chic but expensive iPad. Apple usually give guidelines to operator on how much of a subsidy they want. Vodaphone has confirmed interest in having the rights for the 3G iPad. But do you need 3G in an iPad? I suppose the if you hook up with a mobile operator though, you get that subsidy.

Since the UK release delay letdown, Apple pulled the US pricing list and data plans from the UK store. Play.com and Expansys are planning to sell the iPad. But only the Wi-Fi version has been listed on Play so far.

Active Directory Explorer is an advanced veiwere and editor of AD. It makes for easier navigation of an AD database. You can define favourite locations, view attributes and object properties with out annoying dialogue boxes. You can view object schemas, edit permissions and perform detailed searhes that can then be saved for future use. Genious!

With AD Explorer you also have the ability to take snapshots of the database. These can then be saved for offline viewing and comparisons.  This can be navigated as if it were live. The conmparison functionality means that you can easily compare 2 snapshots to see what has changhed between them.

Usefull bit of kit, but why isn’t this built in with AD? That way you can start collecting snap shots fom the start. I think it would make an admins life allot easier. You can download this at:

http://technet.microsoft.com/en-us/sysinternals/bb963907.aspx

Patch Tuesday released two important patches this month. Plugging a total of eight voles in windows and office. Microsoft also warns of another zero-day attack in Internet Explorer.

One vulnerability in Movie maker affects Movie Maker in Vista and XP. A hacker could send a dirty movie maker or producer file to a victim via e-mail. If the file is open by the recipient, malicious code is then released onto the machine. Producer 2003 is also affected, but has not been updated as it is a free download. Microsoft say that Producer 2003 “does not offer a means for automatic update”.

The answer according to Microsft, is to uninstall Producer 2003 or disassociate the project file type from the application using a Microsoft Fix It.

Another patch fixes 7 flaws present in all versions of Excel (including Mac), supported versions of Excel viewer and Sharepoint 2007. Same principle applies again, the attack can only be launched once an infected Excel file is opened. Microsoft has recomended these patches be applied staright away. Even though they have only been ranked as “important”.

The warning of the zero-day vulnerability affecting IE6 and IE7 is already being exploited. Versions that are vulnerable are Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7. Microsoft has said that IE 8 is safe, also IE 5.01 SP4 on Windows 2000 SP4. Good to know.

How it works is due to an invalid pointer reference. Hackers are able to launch malware when the pointer reference is accessed after an object has been deleted.

Microsoft believes the attacks that have occured so far to be targeted. A patch will be released for the next patch Tuesday or as a one off  before then.

I have to admint, I’m not a Mac efficienado in any way shape or form. So when I was asked to install Windows 7 on an iMac in a dual boot scenario,  my eybrows were raised. But, you know what, it was so simple.

OS X has a handy little application installed called Boot Camp. Very Simple to use. First thing to do is make sure your Mac is up to date. This is a little bit tedious and may involve a couple 0f updates but has to be done.

Then launch Boot Camp from the utilities folder and create you partition. Boot Camp provides a GUI slider that lets you select the size of you partition. The size you need depends on what you want to do with your Wndows OS. The rcomended minimum is at least 5GB. But I’d probably go with a minimum of 15GB at least.

Then click on the “Start the Windows Installer” button and pop your windows disk in, click Start Installation. You can also install XP and Vista. The Mac then boots from the Windows disc and you’re away. When it comes to selecting the partition, you’ll find one called BOOTCAMP. Select that and then format. Follow the instruction all the way.

Once you are logged into you Windows OS you will need to put your OS X disc in. This is to install Boot Camp to your Windows OS so that you can boot back into OS X. This should start up automaticaly and will install some Mac specific drivers too. Once that’s installed you’ll find an icon for under the hidden icons buttton. Click on this to restart in OS X. Or, when you reboot hold down the option key to get the option screen. Easy! 

There is an excellent guide on the Apple site: http://www.apple.com/support/bootcamp/

But it doesn’t stop there. If you want to be really slick with it, there’s a little application that you can install that will give you a GUI dispaly at start up. From this you can then select the OS you want to log into. No Option key needed!

The applicatuion is call rEFIt, it’s free and you can down load it here: http://refit.sourceforge.net/doc/c1s1_install.html

Make sure you install this under OS X. You might want to go with the manual install straight off as the automatic one didn’t work for me. But after it’s installed it’s all done automatically, no extra config needed.

You may be asking why? Why would you want to do that? Windows and Mac, together?

Why not?…I think I’ve been converted a little bit.

Several vulnerabilities have been found in the Windows Version of Apache. One critical code injection flaw and two lower key security bugs. The most serious of the three flaws is in a core component of Apache 2.2.14, and possibly earlier versions. The bug creates a opening that allows hackers to execute code on systems. Meaning that malware can be planted or data extracted.

 This opening stems from a bug in mod_isapi. This imliments the IS extention API. Good news though. The bug can easily be fixed by upgrading to the latest version, 2.2.15. Australia’s Sense of Security have published a video that illustrates the potential risk, with the aim to encourage people to upgrade.

The update also fixes two other bugs that are unrelated. The risks posed by these are denial of service and information disclosure. So, well worth getting this done if you run the affected version. You can find more out about those here:

http://secunia.com/advisories/38776/

Rumour has it that Windows 7 SP1 will be with us in the final quarter of this year. Although Microsoft has not made the date official. But the rumor mill has started up and are coming from some fairly reliable sources.

TechARP.com have made this latest prediction, and have been accurate in the past with service packs for Vista and XP. So i’d be inclined to think that the service pack will be out at the end of this year.

A registry key has already been discovered that points to SP1. Leading to the conclusion that the service pack will be out soon. But Microsoft will not confirm either way.

The counter argumenmt to this speculatuion is that if Microsoft didn’t bring forward the release of it’s service pack for Vista. And this was much needed. Then why would it do it for Windows 7. especialy considering how well 7 has been recieved. However, if you do the maths…The end of the year sounds about right really. Ask you IT support team about this and how it might impact your business.

It’s been reported by Neowin that Newegg has shipped out fake Intel i7 processors. Consumers have been said to have recieved  a piece of scrap metal for the processor and a clay mold for the heatsink. So not really much of an effort to counterfeit then. Intel are now in the process of investigating how this has happened and how many have been shipped.

Intel have confirmed at least one case of these fakes having been recieved by a consumer. It has been said that 300 fakes were accidently mixed in with a batch of 2,000 by Newegg’s distributor. But exactly how much of an accident this was remains to be seen. There has even been speculation that cease-and-disist letters have been sent out to websites that have published the news.

Newegg at first claimed that these fakes are “demo units”, but Intel contradicted this by confirming them to be counterfeit. However, Newegg themselves have now also confirmed the existence of these fakes. And have ended their relationship with the supplier in the following statement:

Newegg is currently conducting a thorough investigation surrounding recent shipments of questionable Intel Core i7-920 CPUs purchased from Newegg.com.

We have always taken pride in providing an exceptional experience for each customer, and we apologize for any inconvenience to our valued customers. We take matters like this extremely seriously, and are working in close cooperation with Intel and the appropriate law enforcement authorities to thoroughly investigate this incident.

There have been complaints that the browser choice ballot is not generating the “random” choice that it should do. Rob Weir of IBM has complained that the ballot is favouring some browsers over others. The ballot has come about after the European Commission’s investigation of anti trust complaints against the company. Opera felt it to be unfair that IE was bundled together with Windows operating systems.

Microsoft has now updated the algorythem that generates the ballot screen. And Weir is now satisfied that the choice is truley random. Microsoft said:

“We can confirm that we made a change to the random icon order algorithm in the browser choice screen for Europe. We are confident the algorithm change will be an improvement. As always, we are grateful for the feedback we get from developers, and we thank those who commented on the topic and suggested changes.”

Microsoft have not confirmed when the change was made, but it apears to have been some time last week. Suprisingly, Wier’s testing showed that Chrome was recieving the top slot in the ballot, and IE more likely to recieve the last spot.

Argos have exposed customers credit card details and CCV security numbers in their e-mail reciepts. A customer who checked his e-mail reciept found buried in the HTML source code, was his full credit card number and security code. Meaning that if any of these e-mails were to be intercepted the credit card details could potentialy be found, and somebody elses hard earnt money spent. The custemer who exposed this breach had recently had his details fraudulently misused, but this has not been linked to Argos.

Worryingly, it’s  unknown how long this exposure has been going on for, and the number of consumers affected. Argos have said the fault has already been corrected. They are currently working with the Infomation Commissioner’s office to deal with the breaches effects.

It seems however that the whole thing could have been easily avoided, if Argos had simply had a good content filtering product in place. This would have meant that ecryption of the e-mail reciepts was enforced, or that the data was blocked from being sent out at all. The basic default or stanadard security rules of most content filtering packages would do this.

This incident just goes to show how important it is to filter both inbound and outbound mail. And pretty awesome (in the true sense of the word), that a company as large as Argos hasn’t enforced this basic security procedure.

Development for Essential Business Server, MS’s mid-market server software bundle, has been haulted. Microsoft is placing all bets on cloud computing for the m0re economicaly concious IT markets. EBS bundled Server 2008, Exchancge 2007, and server management tools together in one package. It will be discontinued as of the 30/06/2010.

Microsoft has said that the decision to discontinue the package was based on the fact that more and more mid-size businesses are turning to cloud computing or virtualisation as a means of saving money. These technologies are also improving the efficiency of businesses and therefore increasing competition.

Microsoft will still be selling it’s small buisiness sever. EBS will still be supported for the lifecycle period of its components. Microsoft will also be making the individual parts of EBS free to EBS owners. But only until the end of the year after it has been discontinued. Aiming to get all those on EBS onto the standalone components.

Microsoft has also said that this will not mean jobloss for any of the EBS develpment team. They will be intergrated into the Cloud and Server devision.

A servere veulnerability has been found by computer boffins in the worlds most prolific software package. The hole would allow hackers to retrieve a machine’s private cryptographic key.

The bug is in the OpenSSL cryptographic library. Which is pretty scarey stuff as the open-source package is used worldwide in OSs and applications. It could potentialy be applied to many devices. Smartphones and Media-players with anti-copying mechanisms will be most easily affected.

Wherever the origin of infomation is needed to be verified is where the OpenSSL library come in, and it does much more than just  SSL. However, the issue is said to be easily fixed. Scientist at Michigan University say applying cryptographic “salt”  to an error-checking algorithm will do the trick. This extra randomization will make the attack impossible. OpenSSL engineers are currently pushing out a patch, so don’t panic.

The process of carrying out the attack in the real world is somewhat impracticle. To grab bits of a key you have to inject slight fluctuations in a devices power supply as it is processing the encrypted data. It took the boffins over 100 hours to deduce an entire key. So..not very likely some one will actually do this is it? The boffins also said:

“This is probably not as much of a threat to a server system as it is to a consumer device, The place where this would be more applicable would be if you want to attack a Blu-ray player (where) you have an environment where someone is giving you a device that has a private key to protect intellectual property and you have physical access to the device.”

Right. So getting into a comms room and doing this to a server for over one hundred hours undetected seems unlikely. But if the machine overheats or experiences fluctuations “naturaly”, it will leek secret data. This could then be intecepted by attackers. tghe boffins have also tried natural radiation and laser sources.

It may also be possible to apply this method to other crypto libraries, such as the one created by Mozilla.

Sounds like pulling this off would take a highly trained team of covert opperatives. So I don’t think you avarage business has much to worry about.

Survey data is begining to show an increase in the demand for permanent and temporary positions in the job market. The job servey ran by KPMG in February showed a sharp increase for permanent positions since July 2007. Fourty Three percent of companies said they are increaseing permanent positions. Temporary billings from agancies are also slowly continuing to rise.  Vacncies have risen overall for five consecutive months.

The Clerical and Admin sector are in front when it comes to the demand for permanent staff. But the IT sector is in a strong second place. Permenant salaries have also shown a growth, with a small increase for temp rates. This could be down to a skill shortage or the fact that candidates are now demanding more.

But there are still widespread fears of  jobcuts for workers. Pay is still frozen as inflation rises, which means earning shrink in value. But it seems that you will be able to look on the bright side, if your a techie.

Microsoft has confirmed a potentialy dangerous and unpatched velnerability in Internet explorer, when the F1 button is pressed in earlier versions of windows.

The bug is within the VBS that is intergrated with Internet Explorer. Making it potentialy possible to create a website that tricke the use into pressing the F1 button. The site then pushes out malware to the user. A pretty clever thechnique for getting malware onto a network, and no doubt effective. however, this only works on older versions of windows, XP, 2000 and server 2003. Vista, 7 and Server 2008 are not affected.

Micrsoft have said that they are not aware of any attacks that are using this technique. But now that the cat’s out of the bag it’s surely only a matter of time. They have criticised security researchers, saying that they should have come to them first before releasing the infomation. Microsoft published th folowing statement regarding the matter:

“Microsoft is concerned that this new report of a vulnerability was not responsibly disclosed, potentially putting computer users at risk. We continue to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone’s best interests. This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed.”

The Redmond Security bods are still looking into vulnerability. But a patch is likely to be on the cards, obviuosly. MS have not said when it will arrive, but the next patch Tuesday is drawing near. Probably too near, it looks likely that the patch will not be released till April/May time.

Apple recently issued a report on it’s suppliers. The report is on the performance of suppliers in relation to the guidelines they have been given. The report revealed that three suppliers have been using child labour. In total the companies have employed eleven 15yr old workers. One company had tryed to cover it up.

Also reported is that 50 factories are working employees for longer than allowed with a 60hr week. Twenty four have been paying less than minimum wage. Only 61% met safety standards, and only 57% had the required environmental permits. All very worrying. Though some may feel that 15 yrs is old enough you can’t ague with the stats on other conditions.

But that’s not all. Most of the suppliers that Apple use said it was the first time ever that they had been audited. However, 133,000 workers have been audited last year in comparison to only 2,000 in 2007. So Apple is stepping up it’s responsabilities. But all this may put a dark cloud in consumers minds, and that’s sometime a tough one to clear.

Microsoft have admitted that IE8 is still incompatible with over 2,000 frequently visity sites. This number has dropped by around 1,000 compared with last years figures. Back then more than 3,000 sites need to be run in compatability view.

In 2009, when IE8 was launched, it didn’t work too well with sites such as Apple, Royal mail, BBC, Amazon, PayPal, and even MSN. Ironic!

Microsoft offered it’s IE8 tools to surfers last year. This included a list of incompatible sites that would automaticaly render. Meaning, no need to manually switch to the non standard compatible option. This was appreciated by some as an effort by Microsoft to bring IE8 more in line with web standards. But others feel it’s just made for messier interwebs. Particularly after forcing developers to do a U-turn with IE6/7.

Marc Silbey revealed the usage of IE8 by surfers.  Of the 2,000 figure only 19% are running in full IE8 standards mode, with 42% in IE8 almost standards mode. With 26% in quirks mode and 14% in IE7 standards mode.

Microsoft have said that they are comitted to improving the browsers interoperability. So, what will this mean for the browser choice ballot. Perhaps the slick ads wont make the biscuit.

Acer have predicted that ASPs will rise this year. Which is pretty much unheard of. So consumers beware, the cost of you kit may rise, particularly affecting small businesses.

In the second half of last year Acer saw a revival int he PC business after recent doom and gloom. The future’s looking up, this revival is expected to pick up this year. Acer are aspiring to become a $30Bbn company before 2012. Which will mean a yearly growth of 15% between now and then. This should come from expansion in growing markets as waell as mature ones. the market demographics are expected to grow to include both young and old. Small businesss money is also expected to return this year, if only to rplace ageing devices. The company did not see oversupply in the compnents market either. Halting the decrease in tech prices. Further consolidation in the components, vendor and channel markets will help to drive prices up.

The Eurozone will be hit the hardest as currency is driven down by countries such as Spain and Greece. Prices could be up to 10 or 12 percent higher.

It’s not likely that consumers in th UK will see a 2 to 1 against the dollar any time soon. So it’s looking fruitfull for those companies who survived the crunch.

Microsofts vision for end to end trust is based around cloud computing. They are working towards a claims-based identity metasystem, and are making a call for the prevention/disruption of cybercrime.

Scott Charney,  CVP of  Microsofts TCG said:

“End to End Trust is our vision for realizing a safer, more trusted Internet. To enable trust inside, and outside, of cloud computing environments will require security and privacy fundamentals, technology innovations, and social, economic, political and IT alignment.”

Charney further explained it is key to impliment securer identity solutions. This will provide a securer private acces to cloud and onsite applications. Thus making for a more secure internet and enterprises.

Microsoft habve also previewed their U-Prove thechnology. Aimed at online providers to protect privacy and enhance security for online transactions. Microsoft will be releasing portions of the intelectual property for U-Prove as well as open source software development kits in java and C#, for some input and evaluation.

Details have also been released inregards to a new partnership with the Fraunhofer Institute. They will be working together on a project that will intergrate U-Prove and Microsoftws identy platform with the proposed future use of electronic identycards by the German Government.

Microsoft have also released (as part of their Buisiness ready security strategy) Forefront Identity Manager 2010. Enabling polocy based ID management accross diverse environments. It will provide the customer with more end user capability and provide administrative tools to the IT Proffessional.

Microsoft’s Operation b49, an initiative to erradicate the Waledac Botnet, is also another example of how microsoft is aggresively and collectively targeting cybercrime.

Charney Said:

“We are committed to collaborating with industry and governments worldwide to realize a safer, more trusted Internet through the creative disruption and prevention of cybercrime,”

If you would like to know more about Microsoft’s vision go to http://www.microsoft.com/endtoendtrust

Taiwanise smartphone manufacturer HTC are being sued by apple for 20 iPhone patent infringements.

The infringments pretty much cover everything on the iPhone, user interface, hardware and the underlying architecture. One of the infingments relates to the way the device in unlocked.

Apple have said that while they feel competition is healthy and encourage it, they draw the line at competitors directly stealing their technology. Competition should created new original technologies.

HTC has since issued a statement: “HTC is a mobile technology innovator and patent holder that has been very focused over the past 13 years on creating many of the most innovative smartphones. HTC values patent rights and their enforcement but is also committed to defending its own technology innovations. HTC only learned of Apple’s actions this morning via media reports, and therefore we have not yet had the opportunity to investigate the filings. Until we have had this opportunity, we are unable to comment on the validity of the claims being made against HTC.”

The lawsuit has been filed with the U.S. district court in delaware and the U.S. ITC. Apple wants a permanent injunction put in place that will stop the selling of HTC devices in the US. Pretty heavy stuff, and not a first. In a role reversal, Nokia filled a complaint in december 2009 with the ITC against Apple. Stating that MACs, iphones and iPods violate it’s interlectual property rights. The counter sue by Apple is still ongoing.

Microsoft has started it’s advertising campaing for IE8 in the UK by airing TV adverts. It’s all gearing up for the browser choice ballot.

Copies of Windows in Europe are now recieving an update for  the browser choice screen. The Ballot is an automatic update for XP, Vista and 7.  Users with IE as their default browser, will see an info screen regarding the update before they asked to to choose a browser.

The TV advertising campaign in the UK is aimed at raising the profile of IE8. Using what Microsoft calls 8 second demos. These demos present the new features of IE8.  Google has also started it’s own campaign for Chrome, using Newspaper, Billboard and Tube advertisments. The update will be pucshed out to 32 EU countries, which will mean around 195 million user will recieve it. So gaining the following of these users it well worth it’s while.

Windows Phone 7 is on the horizon, nearly. Only 8 months untill it makes it way into the hand of consumers.

Microsoft really had to pull it’s socks up at the Mobile Worlds Congress this year. And they certainly did, the new mobile platform has a very intuative interface and intergrated application set.

The home screen for Windows Phone 7 presents a number of slickley animated tiles that look vaguely familiar, Sony Erricson X1? These tiles have the capability to be linked to thing like Facebook accounts. the tiles display photographs or text info. Some what like a web widget. They can  also be configured for web page and application shortcuts.

Behind these tiles sit “hubs”, a series of touch screen controled sliding walls. These hubs accumilate infomation such as contacts or music, from your music or networking sites. There are also hubs for Office and games.

The intergrated software for the Music hub is called Zune, and all handsets with the Windows Phone 7 platform will be Zune compatible. Xbox live also has an intergration. And a promise has been made by Microsoft that third parties will be able to get involved in the hubs. Opertaors and manufacturers will not be able to change the home screen or hubs. So the user interface and functionality will always be consistent. But will be able to add their own hubs and tiles.

There will be three hardware buttons within the platform, home, search and back. There is also a multitouch capacitive screen. The browser is new and based on internet explorer. No Adobe Flash for the launch, but no objection by MS for the platforms enablement.

Can microsoft pull another one out of the bag after the success of Windows 7.