Summary: Microsoft is the biggest enterprise software company in the world and one of the most profitable. But it’s flagship product, Windows, is the walking undead, thanks to Microsoft’s two huge gaffs: missing out on mobile, and Windows 8, which turned Windows into something the typical consumer doesn’t recognize.
By building its own Surface PCs and smartphones (with the purchase of Nokia’s mobile phone unit), Microsoft has ditched the strategy that originally made Windows win the world. Instead of leaving the PC hardware to many partners, Microsoft wants it all.
To no one’s surprise, this isn’t going over well so far. Sales of Surface PCs are lukewarm and one of Microsoft’s biggest hardware partners, HP, is openly running to Google and calling Microsoft a competitor.
But Google didn’t cause Microsoft’s death spiral. Neither did Steve Jobs.
The credit goes to something called free open source software (FOSS) and an operating system called Linux, which came from a guy in his dorm room 22 years ago named Linus Torvalds.
If there’s a bug that needs fixing, or a feature that needs adding, users are free to do it themselves.
When software developers give their work away under an open source license, users will fix bugs and add new features the original programmer never even thought of. As the project grows in popularity, the developer makes money by offering support services. Red Hat has grown into a $1.3 billion company this way.
The Linux operating system (which in Linux-speak is called a “kernel”) is proof that open source is an extremely efficient way of working and it’s not the only example. There are lots of other open source projects like databases, storage software, networking software, Office software, and so on.
In fact, Android is a form of Linux. http://en.wikipedia.org/wiki/Android_(operating_system). So is ChromeOS, based on the Linux distribution Gentoo.
Linux Foundation Executive Director Jim Zemlin is likely one of a handful of people in the world who has had a front row seat to the largest collaborative development effort in the history of computing, Linux. He understands that speed of innovation and quality of software development is dictated by forward thinkers who are working in collaboration.
That is why he was recently invited to speak at TEDx about what the technology industry has learned from Linux, and specifically its creator Linus Torvalds, and how some of those lessons can be applied to a variety of efforts and projects across geographies and disciplines.
Linux has been pretty successful and the TEDx audience was eager to learn how it has achieved such success and how they could apply some of the Linux community’s best practices to their own work. In true Zemlin style, the lessons seemed a little surprising at first but as he elaborated, the audience soon understood how Linux has become the largest shared technology resource known to man. It runs the Internet, our smartphones, televisions, the world’s high performance computing systems and eight out of 10 of the world’s stock exchanges. It’s literally the foundation for our global economy, he explained.
He attributes the success of Linux during his talk to four primary principles:
Don’t Dream Big
Zemlin quotes poet David Frost in his first point about not dreaming big: “Don’t aim for success if that’s what you want. Do what you love and believe in and it will follow.” This is exactly what Linus Torvalds did when he put his Linux operating system on the Internet in 1991 and said he didn’t think it would be much, just something he was doing for fun.
Give It All Away
Zemlin also makes an important point about how companies make money from software that is given away. By giving Linux away, Linus Torvalds and the entire Linux community have created more value than anyone could have imagined. Linux today is estimated to be worth more than $10B. IBM and Red Hat continue to see increasing shareholder value, while companies using largely closed development models have seen little return to their shareholders.
Zemlin says that even Apple gets the value of Linux and open source software. Inside every iPhone and iPad, there is free software. He says,” Apple knows something that many people don’t. When you stand on the shoulders of giants you can innovate at higher levels.”
Don’t Have a Plan
He goes on to explain that the plan for Linux is there is no plan and shares with the TEDx audience how self-forming communities result in faster, better collaboration. Seven changes are made to Linux every hour, 24 hours a day, because people are self-motivated and care about what they’re working on.
Don’t Be Nice
His last point is perhaps the most entertaining and provocative. Zemlin talks here about the value of flame wars, defending ideas and ridiculing code. The result? Better software. He cites a UC Berkeley study that found groups that are encouraged to debate rigorously and defend their ideas, opposed to traditional brainstorming where every idea is a good idea, come up with better ideas.
I don’t want to spoil the ending so I’ll just say that he makes the argument that the future is one where you can enrich yourself while at the same time enriching others. Check out the 18-minute talk here and share. If this TEDx Talk inspires you, let the TED team know and help us spread the word about Linux.
“The Linux kernel changes eight times an hour. There are 10,000 lines of code added a day, 8,000 lines of code subtracted. Even Amazon and Google couldn’t keep up with that level of development on their own,” Zemlin says.
Ingenious people have modified Linux to work on huge supercomputers, and on tiny devices, like the $25 Raspberry Pi PC. (Pi, in turn powers all kinds of other amazing inventions). Today, Linux runs everything from automobiles to televisions, Zemlin says.
Plus, many of the developer tools used to write Linux are also open source. Torvalds invented Git, a tool for managing open source projects. That lead a few other guys, who had never even met Torvalds at the time, to use it for a company called GitHub. GitHub has since become the most popular place to store and share other open source projects.
Google, Twitter, Facebook and others have given away lots of open source developer tools, too.
This all adds up to a non-profit organization, the Linux Foundation, with a $25 million annual budget. The money, and engineering talent, comes from companies like HP, IBM, Oracle, Intel, Samsung, Google, Cisco and others, the Foundation says.
Microsoft spent a decade being an enemy of open source. Today Microsoft does offer lots of software via its own open source licenses, but not its biggest products like Windows, Windows Phone, Windows Server, SQL Server, etc.
Microsoft is still forced to keep up. Its execs have vowed to release new versions of all of its software every year, instead of its previous three-to-five year cycle.
But it’s on its own to build the software, fix the bugs, and so on. Meanwhile, a $25 million organization is producing 18,000 code changes a day and giving it all away for free.
Thanks to Linus Torvalds.
This doesn’t surprise me at all, people tend to forget that Microsoft is well in it’s rights to put something like that in, after all they own it not you, you paid a license to use, NOT own. In reality, kill switches are nothing new, all recent versions of Windows OS’s have one built in, that’s why you have to activate your version of Windows. (more…)
Best Buy is completely dropping the ball this holiday season. We’re hearing reports that customers who bought items on BestBuy.com on Black Friday (yes, nearly a month ago) will not be receiving their orders this year, with some of them even being cancelled right before Christmas.
Best Buy’s official statement on the matter, as relayed to FOX 9 is this:
“Due to overwhelming demand of hot product offerings on BestBuy.com during the November and December time period, we have encountered a situation that has affected redemption of some of our customers’ online orders. We are very sorry for the inconvenience this has caused and we have notified the affected customers.” (more…)
The flooding in Thailand hasn’t just caused hard drive prices to go up. According to Reuters, it’s also putting the squeeze on PC makers like Asus. The news agency reports that Asus only has enough mechanical hard drives in its inventory to last through this month.
I mentioned the other day: http://jet-computing.com/drive-availability-decreases-30/ Asus added that it has hard disk drive (HDD) inventory until the end of November.”Substitutes for HHD are very few, so if the situation persists, not only notebook production will be affected but also desktops, and other component shipments will also drop,” Asustek CFO David Chang told Reuters.
Not surprisingly, Asus intends to revise its fourth-quarter financial projections this week to account for the developments in the hard-drive market. Reuters quotes Chang as saying some hard-drive prices are “surging 20-40 percent.”
We’re seeing even greater increases in retail listings. At Amazon, for example, Western Digital’s 1TB Caviar Black has skyrocketed to $199.99, up from around $90 less than a month ago.
Hard drives are actually cheaper at Best Buy than they are at e-tailers like Newegg and TigerDirect curently, because Best Buy hasn’t raised their prices yet. I guess the creaky bureaucracy at a large national retailer takes longer to react to stuff like this. Either that, or they’ve been sitting on warehouses full of surplus hard drives they figure they can unload now that everyone else is charging more… $79.99 Western Digital 2TB green last week, $75 Seagate 2TB LP this week.
So does rising hard-drive prices mean you should buy a solid-state drive (SSD) now?
I would say no, in my opinion SSDs are not stable enough to suit my taste. The only models that seem to be worth anything are the Intels, various other models namely the OCZ seem to suffer from a high failure rate. I will be writing an article on SSD’s soon so be on the look out for it.
If you really need a new drive now, you can use a site like Camelcamelcamel, which tracks Amazon prices, to check price changes and see if the HDD price you find is a good deal or not. (The Western Digital Caviar Green 2TB Desktop Hard Drive, having jumped from a low of $69.99 to $149.99 since October 11, is not a great deal on Amazon now, for example, but you might be able to find it cheaper elsewhere with some effort.)
Students! Don’t get scammed for back to school computer shopping. There is only a few days left before returning to school and technology companies are gearing up for one of the most busiest seasons of the year.
Having a laptop is not mandatory for college studies, students often justify the purchase by saying that they need it desperately for school. Several large computer stores that have ‘Back to School’ specials for students, are just in it for the revenue and scamming the customers. These large computer stores want to extract as much money as possible from customers and are willing to go the distance in confusing students and their parents in order to make that extra profit. For example, I was told shamelessly straight to my face when buying a netbook that the company does not make a lot of money from the sale of a laptop and that I should purchase something else.
This is why all associates are forced to upsell and skew the truth. These people tell you that you need a CD created in order for your computer to have a backup. This extra service is only $60. For extra $100 they will setup your computer to be “ready to use”. This is a major scam because anyone can do this setup by themselves with only a few clicks of the mouse when they boot up their system for the first time. I was once told that I can get a recovery disc created by them for only $100, as the laptop I was purchasing did not come with one. When I asked if I could do it, I was told that it wasn’t possible, however I could bring the laptop back later on to do so. When I got home and booted the computer for the first time, it gave me an option to burn a recovery CD which was a breeze to make.
However, even if you do not buy into the “setup your computer” argument the associate will tell you that there are tons of viruses out there that will destroy your precious data and you will have to buy antivirus. Another reason to try Linux Mint.
But don’t worry because its on special for just $80. Another tactic they like to use is to sell you extended warranty that is about $120 to $250. This enables you to bring the computer back to the place you bought it instead of shipping it to the manufacturer. Just a side note: Manufacturers have a great service and will replace your computer for free if its still in warranty and shipping is paid by them. I shipped several laptops back to various manufacturers and the service is very fast, professional and efficient. However, be careful with your data as you could lose everything!
After pressuring you to hand over hundreds of dollars for a laptop or a netbook, they try to sell you optical drives, mice, cases and many other peripherals. Many times I have overheard associates lying to customers about what they need just to sell the extra package so that they can get a bonus/commission or just to get their manager off their backs. Even though associates in these large stores try to be polite and smile to your face, they are scamming you for hundreds of dollars out of your hard earned money just because you are unaware about what you really need. And if that fails, many stores increase the price of the product and try to sell you the whole “better value” package, without having the option to buy the computer without those unnecessary “upgrades”.
Another money waster is when students drag their parents to an Apple store and demand the latest computer hardware for their University studies. Apple computers are very expensive but all that students see is the nice shiny box and the cool factor. Being like everyone else is not cool and PCs are hundreds of dollars cheaper and do the same thing that most Apple laptops do. Save yourself or your parents some cash and get a PC laptop instead. Apple products will not increase your grades and will not make you any cooler either. Better yet, get a decent used laptop and run Linux Mint.
Therefore, this back to school season do some serious research about what you need and don’t need and do not be pressured into buying additional things that you might regret later or realize that it was a waste of your money. Majority of these businesses are making huge profits on the ignorance of many individuals about technology and computers.
A few good examples that you should think about might include:
Do students really need the latest MacBook Pro for $2000 to type essays that can be done on a Netbook or a regular laptop?
Do you need to pay additional $130 for Microsoft Office if LibreOffice is free to download and use?
Do you need a firewall and Antivirus if you are smart about what files to open and follow some simple security rules? Or you can download AVG Free Anti-virus or Avast and many universities provide you with anti-virus for free while you are their student.
Do you need additional warranty for $200 if shipping to a manufacturer is free and can be easily set up online? How long do you expect your laptop to last you?
Do you really need to pay hundreds of dollars for an extended warranty if your netbook costs $350 and it is cheaper to buy a new one than keep fixing an old one in 3 years?
Campuses typically have computer halls brimming with computers for students to use. These typically go unused and are only full during mid-terms and finals. Part of your college tuition grants you access to some of the most cutting-edge technology and research in the world. From journal subscriptions to reference e-books to high-tech computers, you have all kinds of resources to help you with your school work, and won’t have to pay extra for any of it. So utilize it.
Try to see through manipulative associates in big computer stores that try to scam you for hundreds of dollars and make you think that you need every one of the things they offer or your computer will blow up. Play it smart and use the money you save for your books or tuition instead because those things are not getting any cheaper….
Google Chrome’s rise in popularity has been remarkably fast and it has just hit a new milestone. More than 20% of all browser usage has hit 20 percent market share, according to StatCounter. Net Applications has Chrome cracking 13 percent. Either way, Chrome is growing fast versus IE and Firefox.
Chrome rose from only 2.8% in June 2009 to 20.7% worldwide in June 2011, while Microsoft’s Internet Explorer fell from 59% to 44% in the same time frame. Firefox dropped only slightly in the past two years, from 30% to 28%.
Most Internet researchers agree that Google’s Chrome Web browser is steadily gaining market share at the expense of established rivals, Microsoft Internet Explorer and Mozilla Firefox.
Two top browser researcher disagree on just how much market share Chrome has worldwide. StatCounter said Google claimed 20.7 percent browser share for June, up from 2.8 percent a year ago. Net Applications claimed Chrome actually corralled 13.1 percent, up from 12.5 percent through May.
More broadly, StatCounter said Firefox is next in line to be passed by Chrome at 28.3 percent, with IE at 43.6 percent. On the (much) lower end of the scale, Safari is at 5 percent, with Opera claiming 1.7 percent through the month. Net Applications meanwhile has IE at 53.7 percent, Firefox at 21.7 percent, Safari at 7.5 percent and Opera at the same 1.7 percent. While there is a wide differential between both firms’ figures, it’s clear Chrome is gaining share and momentum.
From Google Chrome officials own lips at Google I/O in May, Chrome had racked up more than 160 million users, up from 120 million in December. If that trend holds true, Chrome should crack the 200 million mark in October. Looking at some numbers based on StatCounter’s stats and guessed Chrome could pass Firefox this November and IE by June 2012. Assuming Chrome’s ascent continues at its average growth rate over the past six months (consider that it took Chrome only two years to hit 10 percent share) Chrome could even hit 50 percent share by November 2012.
Chrome first hit 10% in August 2010 and was still at 19% in May before surpassing 20% in June. If Chrome’s numbers seem a bit high that’s because StatCounter’s method of tracking highlights Google’s strength: attracting power users. Net Applications, another usage tracker, shows Chrome rising fast as well, up to more than 13% usage compared to Microsoft’s 54% and Firefox’s 22%.
“It is a superb achievement by Google to go from under 3% two years ago to over 20% today,” StatCounter CEO Aodhan Cullen said in a press release. “While Google has been highly effective in getting Chrome downloaded the real test is actual browser usage which our stats measure.”
But the groups count differently. While Net Applications tracks a browser’s total number of users, StatCounter measures the total number of website clicks. That means a Chrome user who surfs the Web more often than an Internet Explorer user has more weight in the StatCounter ranking. The discrepancy between the two groups’ findings suggests that users who spend the most time online have switched from Internet Explorer to Chrome or Firefox. There are many reasons for Chrome’s upswing and accelerated release cycles, which means Google is putting snazzy new features that other browsers lack in front of users faster. Case in point: the Chrome Speech capabilities to enable voice search on the desktop.
Chrome advertising and marketing for the browser and Chrome Operating System have also been playing their parts in the growth. Google last year began advertising Chrome on ESPN.com, the New York Times and other high-profile Websites for a year. In May, Google began pushing Chrome as the center of users life experiences, planting a marketing seed for Chrome OS notebooks.
The first Samsung Series 5 Chromebook launched June 15, while it’s unclear how many Series 5 Samsung sold through Amazon.com and Best Buy online. Google made Series 5 Chromebooks vailable for flights as well now. Virgin America is maintaining its reputation as the darling airline of the tech sector, and today it announced a new partnership with Google that will give travelers the option to test Google’s Chromebooks in their flight beginning tomorrow.
The promotion will last until September 30, and passengers will be able to check out a Chromebook at their departure gate and use it freely with Gogo in-flight Internet on their whole flight. In addition to the currently available Chrome apps, Virgin America has co-developed a special Chrome app with Google that includes discussion boards about Virgin America’s trip destinations, city guides based upon data from UrbanDaddy, and information about packing and travel planning. The app will be available in the Chrome Web Store later this month.
Chrome’s rise has been most pronounced in South America where it is the second-most used browser ahead of Firefox and behind Internet Explorer. In the United States, “Chrome has risen to 16% behind market leader IE on 46.5% and Firefox on 24.7%,” StatCounter said. StatCounter measures 15 billion page views per month, including 4 billion from the United States across a network of more than three million websites. Data from Net Applications, which tracks unique visitors to 40,000 websites, show that IE usage dropped from 60.5% in August 2010 to 53.7% in June 2011, while Chrome rose from 7.5% to 13.1% in the same period.
Net Applications also tracks usage of mobile devices, and has found that more than 5% of all Web browsing is now occurring from smart-phones and tablets. The trend toward mobile browsing is even more pronounced in the U.S., where 8.2% of all browsing takes place on mobile devices. Of that, 2.9% of U.S. Web browsing comes on the iPhone, 2.6% on Android devices, and 2.1% on the iPad with BlackBerry next at 0.57%.
That means Apple’s iOS accounts for 5% of U.S. Web browsing, making it the most popular mobile platform.
Google is unveiling the Chromebook this week – a laptop that runs on Chrome OS. The Chrome OS is a cloud based operating system which means that all your data (or most of it) will be stored on a remote server rather than on the local hard drive. Another way of saying it is you can literally rip apart and destroy your Chromebook (assuming you have deep pockets) and still get a good night’s sleep because your data is safely backed up somewhere on the net.
“Google Chrome OS is designed around the concept of “expendable” terminals that you can lose, drop or simply throw away without fear of losing your data, which is safely stored into the cloud. However, one thing is certain, with all your data being available into the cloud, in one place, available 24/7 through a fast internet link, this will be a goldmine for cyber-criminals. All that is necessary here is to get hold of the authentication tokens required to access the cloud account.”
The following are some of the advantages of Chromebook as touted by Google.
- Boots in 8 seconds flat.
- Full support for Adobe Flash and the latest web standards.
- Share your Chromebook with friends and family without giving them access to your email and personal data.
- Automatic OS updates provided seamlessly over the net.
- Secure out of the box – Providing multiple layers of protection,including sandboxing, data encryption, and verified boot.
- 3G and WiFi support.
- The Chromebook is a computer designed to work with Chrome OS
- The boot process verifies your Chrome OS install ensuring that it is not tampered with and thus free of viruses and other malware. If there is any tampering, the system is repaired automatically
- The Chromebook runs Chrome OS
- Chrome OS is a Linux-based OS that is optimized to run ONLY the Google Chrome browser
- Chrome OS does not have any applications installed on it other than the Chrome browser
- One cannot install traditional Windows, Mac OSX, or even Linux apps on Chrome OS
- All your work needs to be done online using tools such as Google Docs (office applications), Piknik(Image editing), GMail (email), etc.
- One can install web apps from the Google Chrome Web Store (now including the popular Angry Birds)
- Chrome OS is stateless. i.e. since all your operations are performed on the cloud your netbook itself stores nothing. You can discard it log in from another device and have the same experience.
- Chrome OS keeps up to date automatically
- Chrome OS keeps your data encrypted so even if your device gets lost, your data is safe
Google has brought in Samsung and Acer to market the first set of Chromebooks.
If the price is right, this could be an exciting proposition for any one. In fact, Google says it will offer Chromebooks to the student community for a monthly fee of $20 per student and for the business community for a monthly price of $28 per user, which is exciting if this price also includes a data plan.
“Both hardware- and software-wise, [Chromebooks] are nothing special: You can download Chrome OS’s open source brother, Chromium OS, for free — and at around $400 for a Chromebook, you would certainly expect some better hardware than what Samsung and Acer are offering. In fact, for around $300 you can get a cheaper and more powerful netbook with Windows 7 pre-installed — and it only takes about 30 minutes to wipe Windows and install Chrome OS yourself.”
If you can install your own OS, then (1) you are smart enough to install a regular Linux distro, and (2) you probably like to install your own stuff, so Chrome is not the best option for you. Except, maybe, if you want to give the net-book to someone else.
Google’s Sundar Pichai noted at the Google I/O Day 2 keynote that the company’s most important products – Gmail, Calendar and Docs will be receiving offline support in the near future. That pretty much means this summer. Google had said that the feature was set to debut this past spring but the project has been delayed for some reason.
The keynote was every bit as news-heavy and action-packed as the first day keynote: Google also unveiled some Chrome OS upgrades that give users more control over locally stored files, along with announcing several key HTML5-related updates to its Chrome browser. But the announcement that got some of the biggest cheers was this one: Angry Birds will become available as a desktop app in the Chrome Web Store!
The Samsung Chrome OS laptop will have a 12.1 inch display, “all-day” battery usage, Wi-Fi and an option for Verizon 3G service. The Wi-Fi only version will cost $429, while the 3G version will go for $499. The Acer Chrome Book will have an 11.6-inch screen and Wi-Fi, and will sell for “$349 and up.”
Google’s slogan for the Chromebooks is “Chromebook: Nothing but the web.” The argument behind it is this: The Chromebook is almost completely an internet device. If you can do your work and access your content on the web, you don’t need the virus updates, slow local services, and endless startup process that can plague a conventional PC.
But Google clearly knows that asking users to give up the security of a local hard drive and conventional desktop software is a hard sell. So it tried to make businesses a particularly compelling offer.
Google wants businesses to use the new Chromebooks to quickly and inexpensively update their laptops to run a modern OS. Google says half of all company-owned PCs in America still run Windows XP.
To make the Chromebooks fit in better in the office, Google is working on a “Chrome Box”, a flat square box that connects Chromebooks to large monitors and company file systems.
Google says it is offering businesses the Chromebooks, the Chrome Box, full support, full warrantee service and automatic end-of-life equipment replacement at a price of $28 per month per user.
$336/yr or $1008 over 3yrs (typical corporate lifespan of laptop) isn’t bad if (BIG IF) the helpdesk/support link can be removed from the loop.
In short, Google is seriously upping the ante in its challenge to Microsoft in the workplace. It’s already making inroads with its Google Docs cloud-based productivity apps, but now it has dramatically sweetened its offer to provide the OS and even the hardware, too. At this price, Google’s offer could be a very attractive to many businesses.
A similar offer is being extended to education, but the price per month per user for schools is only $20.
Improvements to OS
The biggest problem with the Chrome OS to date is that it’s been so completely about the web that you really miss being able to do things like download and install apps or play music or video content on the local hard drive. You just couldn’t do that in the first iteration of Chrome OS.
Knowing this Google appears to have made some real-world concessions in response to the problem. It has added a file manager, where you can store music and video files you’ve downloaded. There’s also a new media player in the OS that you can use to play the content. This alone makes me want to give Chrome OS another chance.
Google says the OS will stream content from Hulu and Netflix and the new media manager will plug into the new Google Music Beta and Google Movies services. The OS handles photos better now too. Users can now plug in a camera to the Chromebook, move photos from the camera, then store them in the cloud.
Chrome Browser Improvements
Google announced recently that several cool new HTML5 tricks for its Chrome browser. Google has been a strong proponent of HTML5, which it says developers can use to develop one version of a Website or service that will have advanced capabilities, and most importantly, work on “all modern browsers.”
Google has built some impressive APIs for the Chrome browser that will help developers create cool web pages faster. For instance, developers can use a Google API to build voice recognition into their apps. Google says it has also improved the hardware acceleration of its browser, which revs up the graphics card in the PC to render highly dense, colorful animated graphics.
Chrome Web Store
Google also made several announcements about its Web App Store, where Chrome users can grab apps to run in the Chrome browser. Google says that people spend twice as much time in Chrome apps compared with apps on other platforms, and make two and a half times more purchases within the apps.
When the guy who made Angry Birds took the stage here it was clear that the popular game had come to the desktop as a Chrome App. Huge applause. Developers, it appears, love Angry Birds too. (It occurred to me that employers everywhere should mourn the time and productivity that just went out the window with the announcement of a desktop-based game as addictive as Angry Birds.)
The only thing developers love more: Keeping as much money as possible from the sale of their apps. Google got uproarious applause with the announcement that it will take only a 5 percent flat commission on each app sold by a developer at the Web Store. Apple, by contrast, takes a 30 percent commission on app sales.
With the news that Chromebooks will be available to the public on June 15, there is some pressure here for the company to deliver on that promise. The fact that they have already announced when Chrome OS will be available, up’s the ante for whatever team is working to bring this feature to the masses.
Lets hope this becomes a winner.
The flaw lets Amazon accept as valid some passwords that have extra characters added on after the 8th character, and also makes the password case-insensitive.
For example, if your password is “Password,” Amazon.com will also let you log in with “PASSWORD,” “password,” “passwordpassword,” and “password12345.”
It appears to affect only older Amazon.com accounts, which have not had their passwords changed in the past several years.
Amazon did not respond to a request for comment. I seem to recall this sort of thing happening to Southwest Airlines as well, have to dig that up.
Observers speculate that Amazon was using the unix crypt() function to encrypt older passwords, in addition to converting them to uppercase, before storing them in its servers. While encrypting stored passwords is a wise idea, crypt() truncates longer passwords, discarding anything after the 8th character.
Since newer passwords are not affected by the flaw, Amazon appears to have corrected the problem for new passwords — but without updating the older, stored passwords.
The fix is straightforward for those with older passwords: Simply log on to Amazon.com, and change your password. You can even then change your new password back to your old password, and you’ll magically be safer than you were before. You should changing your passwords on a regular basis anyway, so now is as good as time as any.
If you need help: http://www.amazon.com/gp/help/customer/display.html?nodeId=468538
While on the subject of security, here is an example of a socially engineered hack, that anyone could fall for. Be aware, no website will send you such an email, NOT Ebay, NOT Facebook, and NOT Amazon.
From: Sent: Tuesday, March 23, 2010 11:16 PM To: <[redacted]@hotmail.com> Cc: Subject: Your Amazon.com password has been changed
This is an important message from Amazon.com
As a precaution, we’ve reset your Amazon.com password because you may have been subject to a “phishing” scam.
Here’s how phishing works:
A scam artist sends an e-mail, which is designed to look like it came from a reputable company such as a bank, financial institution, or retailer like Amazon.com, but is in fact a forgery. These e-mails direct you to a website that looks remarkably similar to the reputable company’s website, where you are asked to provide account information such as your e-mail address and password. Since that web site is actually controlled by the phisher, they get the information you entered.
Go to amazon.com/phish to read more about ways to protect yourself from phishing.
To regain access to your Amazon customer account:
1. Go to Amazon.com and click the “Your Account” link at the top of our website.
2. Click the link that says “Forgot your password?”
3. Follow the instructions to set a new password for your account.
Please choose a new password and do not use the same password you used with us previously.
Thank you for your interest in Amazon.com
A security researcher has tapped Amazon’s cloud computing service to crack Wi-Fi passwords in a fraction of the time and for a fraction of the cost of using his own gear; return of the caveman attack it seems has become more prevalent. Malicious hackers could quickly set up brute-force attack systems using the cloud, but critics say real-world password cracks might not come so easily.
Thomas Roth of Cologne, Germany told Reuters he used custom software running on Amazon’s Elastic Compute Cloud service to break into a WPA-PSK protected network in about 20 minutes. With refinements to his program, he said he could shave the time to about six minutes. With EC2 computers available for 28 cents per minute, the cost of the crack came to just $1.68.
“People tell me there is no possible way to break WPA, or, if it were possible, it would cost you a ton of money to do so,” Roth told the news service. “But it is easy to brute force them.”
Roth is the same researcher who in November used Amazon’s cloud to brute force SHA-1 hashes. Roth said he cracked 14 hashes from a 160-bit SHA-1 hash with a password of between one and six characters in about 49 minutes. He told The Register at the time he’d be able to significantly reduce that time with minor tweaks to his software, which made use of “Cluster GPU Instances” of the EC2 service.
As the term suggests, brute force cracks are among the least sophisticated means of gaining unauthorized access to a network. Rather than exploit weaknesses, they try huge numbers of possible passwords until the right phrase is entered. Roth has combined this caveman approach with a highly innovative technique that applies it to extremely powerful servers that anyone can rent at highly affordable rates.
Roth’s latest program uses EC2 to run through 400,000 possible passwords per second, a massive amount that only a few years ago would have required the resources of a supercomputer. He is scheduled to present his findings at next week’s Black Hat security conference in Washington, DC.
Roth used a Cluster GPU instance from Amazon EC2. This has 22 GB of memory, two Intel Xeon X5570s using quad-core Nehalem architecture, two Nvidia Tesla Fermi M2050 GPUs and 1,690 GB of instance storage, Roth wrote in his blog.
It also offers a 64-bit platform and uses 10 gigabit Ethernet for “very high” I/O (input/output) performance, Roth said.
Using this platform, Roth claims he cracked all hashes from a file for passwords one to six characters long in 49 minutes.
However, Sophos security expert Paul Ducklin pointed out that Roth recovered 10 of 14 passwords on a challenge list while Ducklin recovered eight out of those 14 by merely using his MacBook Pro, running in the background, in the same time.
Further, Ducklin said that real-world password hashing schemes are more complex than the one used in the challenge list.
Ducklin added that the attack worked against very weak passwords used with a very weak password hashing system.
The System Roth Attacked
Roth reportedly claims that his attack can break wireless networks secured by applications using the WPA-PSK standard.
WPA stands for WiFi Protected Access. The WPA protocol implements the bulk of the IEEE 802.11i standard. However, it’s not a strong protocol, as it was unveiled as an intermediate measure to replace the WEP protocol while 802.11i was being readied for release.
WEP, or Wired Equivalent Privacy, is a security algorithm for IEEE 802.11 wireless networks that was introduced as part of the original 802.11 protocol in 1997. It’s relatively easy to crack and was superseded by WPA in 2003.
WPA has been replaced by WPA2, which requires testing and certification by the WiFi Alliance.
PSK stands for Pre-Shared Key Mode, which is also known as “Personal Mode.” It’s designed for home and small-office networks that don’t require an 802.1x authentication server.
The real story is the availability to the citizen that was once was restricted to governements, computing power that can break ‘approved’ encryption. As always it is the end to end authentication and encryption that matters.
Google in December unveiled a beta version of its Chrome OS notebook, dubbed Cr-48. Google plans to release two, Intel-based Chrome OS notebooks from Acer and Samsung in mid-2011, with Verizon Wireless providing cellular connectivity. No pricing information was released for the upcoming Acer and Samsung devices; Google said its partners will hold their own launch events in the future with more details. Google has announced that it has partnered with Verizon Wireless to provide 3G wide area network (WAN) coverage on every Chrome OS device. Each device will receive 100MB of data for free each month for two years. The Cr-48 has a 1.6 GHz Atom – 64-bit instruction set and hyperthreading but no virtualization bits. Rumors are that the production units will be true dual-core, not hyperthreaded. A machine like that can run a lot more than a browser!
My prediction on pricing will be under $100 and probably about $50.
The reason is that Google can come in below the price of the Amazon Kindle and under the price of many netbooks and most Android tablet PCs.
I think Google will subsidize its hardware partners because it is a thin browser that looks in Google search and advertising. If they can make $10 per month, then a $50 subsidy makes sense.
Google will be able to do the locking of search and browser because it is a dedicated device for that purpose and not like Microsoft Internet Explorer was a locking after the fact to a monopoly OS.
You will be buying a locked in situation and you will know that from the get-go to devices that start with no market share.
Why is there Google Android devices and Google Chrome devices
There are two because they serve different purposes. Google Android is a thicker and more flexible and more open software which is to compete with Apple iPhone and Tablets by using many hardware and software partners.
Google Chrome can go thinner, more closed, better security, less to hack but able to deliver to Google search and advertising domination. Chrome can also require more leverage of the Google cloud solutions (Gmail, Google Docs etc…)
Google can then subsidize based on estimate of the per seat revenue they expect each month or year from another person just playing with Google’s stack.
I think Google will not go totally free right away because there will be need to ramp up production and to not have it perceived a free and disposable.
Cheap Google Chrome OS notebooks could also eventually compete for the $10-20 netbooks for the developing world.