Archive for September, 2008

Cone release today the 2008 Cone Business in Social Media Study Fact Sheet.  The survey presents the findings of an online survey managed by Opinion research corporation across 1, 092 adults comprising of 525 men and 565 Women 18 years of ager and older.

Social Media was defined as : Technology facilitated dialogue among individuals or groups, such as blogs/microblogs, forums, wikis, content sharing, social networking, social bookmarking and social gaming.

Among the findings were approximately 59% of Americans have interacted with companies on a social media website over a years time.  59% ? Wow, that seems like an awfully high number, which begs the question, what exactly defines “interacting” with a company or brand on a social media website?  Are people really reporting “interaction” with a company or is this really a reflection on actually visits to social media sites.  I would also have liked to have seen a breakdown in age groups.  Was the population size skewed to 18-30 year olds?  Are the baby boomers and seniors now interacting at a higher rate than last year?

In the study, it reports:

• 13% – Interact 2 or more times a week
• 12% – Interact Once a week
• 13% – Interact 1-2 times a month
• 21% – Interact a few times a year

There has been quite a bit of talk going on over the past couple weeks which looks like a scary new browser exploit affecting all the major desktop platforms — Microsoft Internet Explorer, Mozilla Firefox, Apple Safari, Opera and Adobe Flash.

The threat, called Clickjacking, was to be discussed at the OWASP NYC AppSec 2008 Conference but, at the request of Adobe and other affected vendors, the talk was nixed until a comprehensive fix is ready.

The two researchers behind the discovery — Robert Hansen and Jeremiah Grossman — have released some  information to highlight the severity of this issue.

So, what exactly is Clickjacking?

According to reports from the conference, the issue is indeed zero-day, affects all the major browsers and has nothing to do with JavaScript:

“In a nutshell, it’s when you visit a malicious website and the attacker is able to take control of the links that your browser visits.  The problem affects all of the different browsers except something like lynx.  The issue has nothing to do with JavaScript so turning JavaScript off in your browser will not help you.  It’s a fundamental flaw with the way your browser works and cannot be fixed with a simple patch.  With this exploit, once you’re on the malicious web page, the bad guy can make you click on any link, any button, or anything on the page without you even seeing it happening.  “A normal user wouldn’t have any idea of what is going on.  People in this audience may see something a little different from what they would expect and you would definitely see the results in the page’s source code.”  Ebay, for example, would be vulnerable to this since you could embed javascript into the web page, although, javascript is not required to exploit this.  “It makes it easier in many ways, but you do not need it.”  Use lynx to protect yourself and don’t do dynamic anything.  You can “sort of” fill out forms and things like that.  The exploit requires DHTML.  Not letting yourself be framed (framebusting code) will prevent cross-domain clickjacking, but an attacker can still force you to click any links on their page.  Each click by the user equals a clickjacking click so something like a flash game is perfect bait. The issue and fix will probably be originally released on http://ihackcharities.org”.

What makes this even scarier is that an average user would have no idea that a clickjack attack was happening.
Apparently the threat scenario has been discussed with both Microsoft and Mozilla and they agreed independently that this is a tough problem with no easy solution at the moment.

I have been meaning for a while to try a (in my opinion) very cool tool to use while writing posts in your blog. The product is a firefox plugin called Zemanta.

Zemanta is a platform for assisted on-line content production for any web user. A blog, an article or a web page is fed into its system which then recognizes the content and returns suggested images, smart links, keywords and relevant related stories from the Internet.

I have not had too much time to play with it, however, I am amazed at its intelligence and filtering capabilities. Once the plugin is installed in firefox, zemanta will appear on the right sidebar of your(in my case, wordpress)admin. As you type your content, Zemanta suggests tags, categories, links, pictures, and news articles.  I might be wrong, but it appears to be delivering more and more specific results as the topic lengthens.

I will try to do a more indepth review soon, but for now…. Cool Product, Cool Tool, I like it!

Anyone else used Zemanta?  I would love to hear your feedback, tips/tricks, issues etc.

In the wake of Yahoo hiring Bain & Co to help make process and structural changes to the company, the rumoured Yahoo re-org is likely to be anytime now.

“we’re continuing the work already underway to get fit as an organization: actively looking for ways to make process and structural changes to our business that will allow us to work more efficiently, with more scale. we’ve enlisted the help of Bain & Co. to work with the leadership team on identifying ways to leverage our strengths, and to improve and accelerate our performance”.

Full Jerry Yang memo on Valleywag

T-Mobile announced the G1 today, the first mobile phone to support Google’s Android operating system.

At a glance, the G1 features a 480×320 65K color touchscreen display with a slide-out full QWERTY keyboard, a 3-megapixel camera, 3G antenna and Wi-Fi. Even though Google’s phone does not look and feel as stylish as Apple’s iPhone, it has many chances to capture the hearts of users as the Android OS is open-source unlike the iPhone. Apple strictly controls which apps are available and this has proven a major point of contention over the past few weeks.

Other relevant Information / likely features
★Can buy in-store, but only available in stores within 5 miles of a 3G covered area.  Otherwise you have to purchase it on t-mobile.com
★3.1mp camera – NO VIDEO RECORDING
★No stereao bluetooth (A2DP)
★Expandable up to 8GB
★One touch access to Search, Maps, Calendar, Gtalk, Youtube and Gmail
★GPS
★Must have dataplan and gmail account to use gmail
★Approx 5 hour talk time, 130 hour standby
★$199

APPLE ULTRACOMPACT USB POWER ADAPTER EXCHANGE PROGRAM

Apple apparentlely has been forced to recall the chargers that shipped with the iphone 3G.

I just recieved a text message from Apple on my iphone 3G that read:
“A Free Message from Apple.  Important Safety Notice:
Apple has announced an exchange program for the ultracompact USB power adapter that came with the iphone 3G.  Findo out how to get a replacement adapter at http://www.apple.com/support/usbadapter/exchangeprogram/

Thankfully there have been no reported injuries so far, and apple has released the following statement on their … website.

Important Safety Notice
Today Apple announced the Apple Ultracompact USB Power Adapter Exchange program.
Apple has determined that under certain conditions the new ultracompact Apple USB power adapter’s metal prongs can break off and remain in a power outlet, creating a risk of electric shock.  We have received reports of detached blades involving a very small percentage of the adapters sold, but no injuries have been reported.
The ultracompact USB power adapters were supplied with every iPhone 3G sold in the following countries, and may also have been purchased separately as an accessory:
â–ªUS
â–ªJapan
â–ªCanada
â–ªMexico
â–ªSeveral Latin American countries (click here for a detailed list of countries)

Note: Apple USB power adapters supplied with original iPhones or supplied with iPhone 3G units sold in other countries are not affected.
Customer safety is always Apple’s top priority, and therefore we have voluntarily decided to exchange every ultracompact power adapter for a new, redesigned adapter, free of charge.
Users with ultracompact power adapters should immediately stop using them until they exchange them for a new, redesigned ultracompact adapter.
In the meantime, they should charge their iPhone 3G by connecting it to their computer with the USB cable that came with their iPhone or by using a standard-sized Apple USB Power Adapter (with fold up prongs) or with a third party adapter designed to work with the iPhone, such as a car charger.

iphone update available!

Friday, September 12, 2008
Noticed the iphone 2.1 software update is now available this morning.
From update:

• iPhone version 2.1 contains many bug fixes and improvements, including the following:
• decrease in call set-up failures and call drops
• significantly improved battery life for most users
• dramatically reduced time to backup to iTunes
• improved email reliability, notably fetching email from POP and Exchange accounts
• faster installation of 3rd party applications
• fixed bugs causing hangs and crashes if you have lots of 3rd party apps
• improved performance in text messaging
• faster loading and searching of contacts
• improved accuracy of 3G signal strength display
• repeat alert up to two additional times for incoming text messages
• option to wipe data after ten failed passcode attempts
• Genius playlist creation

Upgrade status

9:55 Start Download

9:59 237.8 MB Download is complete

9:59 Auto Started backup – We will now see how much faster the backup is!

10:29 Backup Completed

10:29 Auto Software/firmware installation begins

10:40 Iphone Upgrade Complete

Total Time : ~45 min

Impression: Much faster backup time, not much change in software/firmware installation.  We got what was advertised to us.  Faster backup.