Microsoft takes fight to Google’s home turf with Office Online Apps

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

Microsoft has adopted a new strategy for its Office productivity tools. Rather than holding Office hostage on Windows devices in an effort to attract customers, it will try and make the suite the default productivity choice no matter what platform or device people are using—including Chrome OS and Chromebooks.

When Microsoft rolled out new and improved Office Online apps this week, it also published them in Google’s Chrome Web Store. The Office apps already worked in the Chrome browser and on Chromebooks, but pushing them in the Chrome OS outlet is a much more aggressive attempt to capture the attention of loyal Google users and drive the point that Google Docs isn’t the only available productivity suite.

Some see this turnabout as Microsoft’s admission that Chromebooks are more capable than the “Scroogled” marketing campaign implies. But Microsoft isn’t conceding that Chromebooks are work-worthy. It is merely admitting that the tech landscape has shifted, and it recognizes that it can’t rely on maintaining a virtual monopoly of the desktop OS market to drive Office sales or vice versa. The move is part of a larger strategy that began with Office Mobile for iPhone and Android and the recent addition of Office for iPad.

Read more »

3

Reverse Heartbleed puts your PC and devices at risk of OpenSSL attack

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

The Internet has been abuzz for the last week or so in response to the Heartbleed vulnerability in OpenSSL. While almost all of the attention has centered on patching Web servers and advising users to change their passwords, security researchers have discovered that individual client PCs and devices are also at risk thanks to "Reverse Heartbleed."

Meldium, a cloud identity and access management service, shared details of the Reverse Heartbleed threat in a blog post. An attacker can exploit Heartbleed to expose sensitive data on vulnerable servers, but that's not the only attack possible using this flaw. The "heartbeat" used in the Heartbleed attack can be initiated by either the client or the server, so a malicious server can also send bad heartbeat packets to an OpenSSL client to extract data.

“It’s the popularity and pervasiveness of the OpenSSL library that makes this vulnerability difficult to remediate fully,” said Tim Erlin, director of IT security and risk strategy for Tripwire. “While popular Web applications may be already patched, the myriad of appliances, embedded devices, and network infrastructure that may be vulnerable will take a lot longer to address. You can’t just disable the Internet for maintenance.”

Read more »

0

HP report: 80 percent of app vulnerabilities are really your fault

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

Let's be clear: There is no such thing as an invulnerable application. Some have more critical vulnerabilities than others as we discovered this week with the Heartbleed bug, but any application can be exploited given a dedicated attacker. According to the HP 2013 Cyber Risk Report, though, the application itself is not to blame for most vulnerabilities—you are.

HP compiled data from 2,200 applications scanned by HP Fortify on Demand and reports that 80 percent of the vulnerabilities discovered were not the fault of the application code itself.

“Many vulnerabilities were related to server misconfiguration, improper file settings, sample content, outdated software versions, and other items related to insecure deployment,” the report states.

Read more »

1

Is open source to blame for the Heartbleed bug?

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

By now you've likely heard about the Heartbleed bug, a critical vulnerability that exposes potentially millions of passwords to attack and undermines the very security of the Internet. Because the flaw exists in OpenSSL—which is an open source implementation of SSL encryption—many will question whether the nature of open source development is in some way at fault. I touched based with security experts to get their thoughts. 

Closed vs. Open Source

First, let’s explain the distinction between closed source and open source. Source refers to the source code of a program—the actual text commands that make the application do whatever it does.

Read more »

9

Patch Tuesday: Last call for Windows XP

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

This Patch Tuesday has much more significance than most. With only four security bulletins from Microsoft, it's relatively tame as far as Patch Tuesdays go, but today also marks the final patches and updates from Microsoft for Windows XP.

“So this is it, the last hurrah for the once beloved XP, the last kick at the can for patching up the old boat,” says Ross Barrett, senior manager of security engineering for Rapid7. “Sure, by today’s standards it’s a leaky, indefensible, liability, but… hey, do you even remember Windows 98? Or (*gasp*) ME?”

There are two Critical bulletins and two Important. All of them are capable of enabling remote code execution if successfully exploited.

Read more »

7

Don’t waste your money trying to upgrade your Windows XP PC

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

With the end of Windows XP support from Microsoft imminent, perhaps you’ve finally made the (very wise) decision to stop using the venerable operating system. I commend you. However, if you’re planning to simply install a newer operating system on your existing hardware, you should reconsider.

Sure, there's a good chance that your existing hardware meets the minimum system requirements for either OS: a 1GHz or faster processor, 1GB of RAM (2GB for 64-bit), 16GB of hard drive space (20GB for 64-bit) and a DirectX 9 graphics device with WDDM 1.0 or higher.

Toasty Tech
Read more »

143

10 tips to protect your tax return from theft and fraud

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

As far as cyber criminals are concerned, tax season means open season. This time of year is a favorite for phishing scams and fraud, second only to the holidays. With a little awareness and common sense, though, you can avoid being a victim and make sure your tax refund ends up in your pocket.

Follow these tips to stay safe and secure online during tax season.

Fred Touchette, senior security analyst with AppRiver, shared some thoughts about common tax season threats and how to avoid them.

Read more »

1