The newest version of Avast is better suited for touchscreen displays.
The march of technology is inevitable, and not just on the hardware side. As luck would have it, no sooner did we finish our annual antivirus roundup (look for it in the April issue of Maximum PC), Avast, one of the contenders, comes out with a new version. That's bound to happen when you're evaluating 10 different programs, but timing aside, here's what Avast 8 brings to the table.
Russian security firm Group-IB claims to have uncovered a critical Adobe Reader vulnerability that is currently being exploited in the wild by attackers in order to circumvent the ubiquitous PDF viewer’s sandbox, a security feature Adobe first introduced as part of Reader X nearly two years ago. Even though this zero-day vulnerability is said to have a few “limitations”, they don’t seem to be crippling enough to stop it from being sold on the black market for anywhere between $30,000 and $50,000.
It’s just not all of us who have become blasé about browser updates, but even browser developers themselves seem to be having a hard time keeping up with all the frequent updates. The Google Chrome team must have been very jaded when they released the latest stable version of their browser late last month, as they totally forgot to mention one of the most important changes inside—one that took over two years for them to put together.
Adobe on Monday announced the availability of Flash Player Protected Mode for Mozilla Firefox. Essentially a sandboxed version of the popular browser plugin, Flash Player Protected Mode for Firefox is currently in beta. Hit the jump for more.
We're all for beefing up the security in Adobe's Acrobat products, and that's one of the things the software maker has done with its new Acrobat X family, which includes Acrobat X, Reader X, the Acrobat X Suite, and new document exchange services at Acrobat.com.
The Acrobat X platform employs sandboxing security technology (Protected Mode in Reader) designed to mitigate the risks of viewing PDF files.
Acrobat X also brings a bunch of new features to the table, including new guided Actions to simplify multi-step document preparation and publishing processes, new customization capabilities in PDF Portfolios, and new document services available at Acrobat.com to help streamline collaboration.
Adobe is no stranger to criticism. The company has consistently drawn flak for its piss poor security track record. In fact, it would be reasonable to believe that Adobe is inured to the constant castigation.
But it now seems to be making more serious efforts to plug the many holes in its software. Back in April, it introduced an automatic updater for its Acrobat and Reader products, giving it the ability to tackle critical security issues speedily. And now it has turned its focus to “sandboxing,” a security mechanism that involves running the concerned software in an isolated environment - the sandbox.
Initially, the new feature, dubbed “Protected Mode, will only be used to sandbox “write calls.” But a subsequent update will also help stave off exploit code that tries to copy sensitive information from the user’s machine. "In the first release, everything that is involved in rendering a PDF has to happen within the sandbox.”
Adobe expects to have the next version of Reader ready before the end of the year.
Now, Dell’s Kace subsidiary is offering a “virtualized and contained” version of Firefox 3.6 (with Adobe Reader and Flash plugins) called the Secure Browser. According to the company, the Secure Browser provides a safer web experience by limiting all malicious downloads and hostile changes within the sandbox, effectively shielding the operating system from such threats.
I've been a relatively fortunate mobile phone owner. I've dropped various phones countless times throughout my geek life, including the extended cleaning of my first-ever iPhone by accidentally introducing it to my apartment complex's pool. I've broken countless critical features on my phones as a result of this clumsiness, the smashing of a phone against the car keys in my pocket, and the general wear-and-tear of a semi-busy lifestyle. In college, I had a flip-phone that was anything but, the exterior having been beaten up and bruised enough to transform the phone's external screen into a strobe light of-sorts whenever anyone called. Awesome for parties; useless for caller ID.
I've never lost my phone, though. And every day I board a train to head to work, sit in a taxicab, or go about my business without really paying much attention to where I last put my dialing device, I wonder: Is this it? Will today be the day that some unscrupulous person gets a hold of my iPhone and, by proxy, my entire online life?
In some ways, someone already has.
This isn't some kind of "won't somebody think of the children" scare tactic. It's a simple reality: You're hearing a lot about the wonders of cloud computing at this year's CES. And while that has different applications for the enterprise level than consumer, the practical reality of it for most PC users (and laptop users especially cough-cough-Chrome OS-cough) is that you're taking the data that would otherwise reside on a system within your control and placing it in the hands of another entity.
Cloud applications can be super-useful when you let others run the services that improve your geeky life. Your data, however, is your own--the more consumers coalesce their computing lives into access points, the more this data becomes ripe for abuse... or worse.
The benefits of Google Wave are yet to be seen by the mass public. Google released an internal developer sandbox earlier this year and eventually rolled out a consumer preview to 100k users in September. Now, Google has announced its next step in the rollout process: the federation sandbox.
Federated distribution models mean that companies can build and host their own Google Wave servers and integrate them with other servers. The features and promises from Google about Wave’s capabilities mean that corporate collaboration will take on a whole new meaning. This next step, allowing corporations to control their own servers, means that Wave will more likely be adopted into business use.
The federation sandbox is strictly experimental for the current time. They have released about 40k lines of code for inspection and the Wave Federation Protocol and Conversation model. They have also demoed a terminal based Wave client.