Security researchers from antivirus vendor ESET discovered a piece of cyberespionage malware targeting Tibetan activists that uses unusual techniques to evade detection and achieve persistency on infected systems.

The malware, which was dubbed Win32/Syndicasec.A, bypasses the UAC (User Account Control) mechanism in Windows to run arbitrary commands with elevated privileges without prompting users for confirmation.

It exploits a design flaw in the Windows UAC whitelist functionality that was documents back in 2009 by a developer named Leo Davidson. In fact, the malware uses Davidson's proof-of-concept code with almost no modifications, said Alexis Dorais-Joncas, Security Intelligence Team Lead at ESET, Thursday in a blog post.

This technique is used to execute a second malicious component that registers a piece of Javascript code in the Windows Management Instrumentation (WMI) subsystem. WMI is a default Windows service that can execute scripts written by system administrators to automate administrative tasks.

To read this article in full or to leave a comment, please click here

SAP has abruptly reorganized its development strategy, with SuccessFactors CEO and cloud strategy chief Lars Dalgaard leaving the company and executive board member Vishal Sikka now tapped to lead a single software development unit.

Sikka has been a champion of SAP's HANA in-memory database platform, which has been positioned as the future convergence point for all of SAP's technologies. After Friday's announcement, those plans may speed up. All SAP development staffers will report to Sikka as of June 1.

As for Dalgaard, he will leave SAP as of June 1 "to become an investor," and will "continue to play an active role as an advisor to the SAP cloud business," SAP said. Dalgaard's exit comes less than two years after SAP purchased SuccessFactors for US$3.4 billion.

Dalgaard was scheduled to appear earlier this month at SAP's Sapphire conference but ended up canceling due to a death in the family. He also has a child who has been battling leukemia.

To read this article in full or to leave a comment, please click here

If you recall, Hurricane Sandy last fall flooded data centers, forced major network hubs to run on generators, and even sparked a fuel bucket brigade to keep servers running.

Well, take note: It looks like we’re in for another bad hurricane season. Federal officials said today that the East Coast could easily see a repeat of last year.

Oh, and by the way, the GOES-13 satellite that helps them track Atlantic storms is offline and officials haven’t been able to get it operating properly since yesterday.

The Atlantic hurricane season, which begins June 1, will be an “above normal and possibly extremely active hurricane season,” Kathryn Sullivan, an ex-astronaut and acting administrator of the National Oceanic and Atmospheric Administration (NOAA), said at a briefing Thursday.

To read this article in full or to leave a comment, please click here

Google plans to upgrade the security of its SSL (Secure Sockets Layer) certificates, an important component of secure communications.

SSL certificates are used to encrypt communication and verify the integrity of another party with which a user is interacting. Its strength lies in the length of the private signing keys used for the certificates.

Keys that are less than 1,024 bits are considered weak, and 512- and 768-bit keys have been factored to reveal a private key. Google has been using 1,024-bit keys, but will move to 2,048-bit keys, wrote Stephen McHenry, Google's director of information security engineering, in a blog post Thursday.

"We will begin switching to the new 2048-bit certificates on August 1st, to ensure adequate time for a careful rollout before the end of the year," he wrote. "We're also going to change the root certificate that signs all of our SSL certificates because it has a 1024-bit key."

To read this article in full or to leave a comment, please click here

Manuel Araoz, a 23-year-old developer in Argentina, has an idea for Bitcoin that doesn't focus on money.

Araoz, who works in game development, launched a service this week called Proof of Existence. It's essentially a notary public service on the Internet, an inexpensive way of using Bitcoin's distributed computing power to allow people to verify that a document existed at a certain point in time.

Araoz envisions it as a way to fight efforts to distort or lie about data. "My idea was to give journalists or private statistical agencies the ability to certify data at a certain point in time. If someone denies the data, you have something that proves the data existed," he said.

The Bitcoin system uses a distributed computing network to transfer the virtual currency from computer to computer. Part of the system involves "miners," or computers that cryptographically verify those transactions, which are entered into a public ledger called the "blockchain."

To read this article in full or to leave a comment, please click here

Commuting is tough. Working out of your car all day is tougher. From traveling salesmen to offsite service professionals to couriers, millions of people worldwide spend their nine-to-five hours behind the wheel. And they need to stay in touch—online, dialed in, and powered up—all day. That’s not easy to do when you’re constantly on the move.

Allow us to show you how to remain a useful member of the information age even when your workdays can take you on trips of dozens or hundreds of miles.

Power

Few cell phones and far fewer laptops will get you through an entire day of serious work without being plugged in and recharged at some point along the way. Fortunately, your car is a mobile electricity generator. How best to get power out of your vehicle and into the gadgets that need it?

Many of today’s automobiles feature USB ports, which are fine for recharging your phone. But if you want to charge your notebook (or even most tablets) you’ll need something with more juice. Here are two options that give you a standard A/C adapter via your 12-volt cigarette lighter socket.

To read this article in full or to leave a comment, please click here

My, how quickly the tables can turn in the fickle world of consumer technology.

When Microsoft’s designers and engineers took to the drawing board to dream up Windows 8, the 9.7-inch iPad was the 800-pound gorilla of the tablet market, gobbling an insane amount of market share and laughing at Android’s attempts to break Apple’s stranglehold on slates. The future, it seemed, lay in big screens.

Then the Kindle Fire, the Nook tablet, and Google’s Nexus 7 appeared. Consumers fell in love with smaller, cheaper tablets overnight, and on October 23, 2012, Apple capitulated to popular demand and released an iPad mini of its own.

Three days later, Microsoft released Windows 8 to the public. With a design optimized for 10-inch-plus displays, it was already behind the times.

To read this article in full or to leave a comment, please click here

Yahoo has acquired PlayerScale, a startup developer of infrastructure software for cross-platform gaming, adding to its string of recent acquisitions.

The Internet giant said in a Twitter message Thursday that it would continue to support the gaming development platform, which PlayerScale claims powers games played by over 150 million people worldwide and is adding over 400,000 new users every day.

The financial terms of the deal were not disclosed.

"We will continue to support our existing product and deliver new services to help you grow and manage your success in cross-platform gaming -- whether it's casual, social or mobile," PlayerScale CEO Jesper Jensen said in a post on his company's website.

To read this article in full or to leave a comment, please click here

Google has released a beta version of Chrome that introduces what the company describes as “richer” notifications from the browser’s apps and extensions.

The Chrome browser has been able to display this type of notification for more than two years, but Google has now revamped the interface and functionality for these alerts, the company said on Thursday.

Google

The purpose of the enhancements is to boost the effectiveness of these notifications, which remind users of meetings logged in Google Calendar, alert them about incoming Gmail or IM chat messages and display urgent headlines from news applications.

To read this article in full or to leave a comment, please click here

For all the controversy surrounding Windows 8, it's a solid OS under the hood. And based on a list of API clues discovered by a former Nokia and Silverlight developer, it should only get better with the Windows Blue update.

Based on an extensive examination of the software APIs found within Windows Blue (now offically called Windows 8.1 by Microsoft), developer Justin Angel compiled a lengthy list of more than 25 features that he says will be included in the updated OS: the possibility of ultra-HD "4K" screen support, lock-screen calls, HDR photo support, better multi-screen formatting, and much more. 

Angel teased out the new features by examining the APIs he found in the leaked build of Windows 8.1 (version 9385), which appeared online at the beginning of May. Other Microsoft watchers have installed and played around with the leaked OS—Paul Thurrott published a thorough examination of its forward-facing features—but Angel's API deep-dive reveals even more hidden secrets.

Microsoft representatives declined to comment on what they called rumors and speculation. Angel is no stranger to diving deep into Microsoft products. Last December, he made news when he discovered a method to pirate Windows Store downloads by turning trial versions into full-version apps.

To read this article in full or to leave a comment, please click here

Intel’s upcoming family of Core processors, code-named Haswell, will offer 50 percent more battery life in laptops than did their “Ivy Bridge” predecessors, Intel said on Thursday.

Haswell chips were designed with laptops and tablets in mind, and the main focus was on lowering power consumption, said Rani Borkar, corporate vice president and general manager of the Intel Architecture Group, in a media briefing.

The longer battery life won’t come with a cost to performance, according to Borkar. And in idle or standby mode the chips will do even better, extending battery life by up to 20 times, she said.

The improvements are vital for Intel and its PC-making partners. PC sales are in one of their worst slumps ever, with users snapping up tablets and smartphones instead for mobile computing. Any improvements Intel can offer will help keep the PC market alive.

To read this article in full or to leave a comment, please click here

Deploying an update of its DB2 database, IBM is pitching its SmartCloud infrastructure as a service (IaaS) for use in data reporting and analysis.

“We’re the only player in the marketplace that has [a cloud service] for data-in-motion—being able to analyze data in real time,” said Bob Picciano, IBM’s general manager for Information Management.

Starting in the second half of this year, the IBM SmartCloud IaaS will start using version 10.5 of IBM’s DB2 database, which should be generally available by early June. One new set of technologies that will come with this database, collectively called BLU Acceleration, can speed data analysis by 25 times or more, IBM claimed.

IBM also announced that SmartCloud can now run copies of SAP’s HANA in-memory database, initially for test and development jobs.

To read this article in full or to leave a comment, please click here

SoftBank has received all the necessary state approvals for the Japanese mobile carrier to acquire a majority stake in Sprint Nextel for US$20 billion, the companies announced.

On Thursday, California Public Utilities Commission voted to approve the transaction, giving the companies the final state approval needed for the transaction. The two companies filed applications in 23 states and the District of Columbia.

Still on the table for Sprint is a $25.5 billion counteroffer from Dish, a satellite TV service provider. This week, SoftBank gave Sprint permission to negotiate with Dish.

Still, Sprint and SoftBank appear to be moving forward with their deal. The companies continue to work with the U.S. Federal Communications Commission and other agencies on approval of the deal, they said in a press release. The two companies anticipate closing the deal by July 1, they said.

To read this article in full or to leave a comment, please click here

U.S. companies should be allowed to take aggressive countermeasures against hackers seeking to steal their intellectual property, contends the private Commission on the Theft of American Intellectual Property.

The 100-page report, released this week, stops just short of recommending that the U.S. allow businesses to actively retrieve stolen information from within an intruder’s network, and to disable or destroy it without any limitations.

However, the report does make clear that some so-called hack-back options be available if simpler attempts to deter IP theft fail, which will likely gain the attention of rights advocacy groups.

The commission is co-chaired by Dennis Blair, former U.S. Director of National Intelligence and Jon Huntsman, former U.S. Ambassador to China.

To read this article in full or to leave a comment, please click here

Microsoft has made it official: The new-and-improved Kinect that will ship with the Xbox One later this year will also come to Windows in 2014.

The Windows version will offer the same improvements found in the Xbox One’s Kinect. The device has a wider field of view, better depth detection, an improved noise-canceling microphone, more precise skeletal tracking, and ambient light detection.

But don’t expect Kinect to replace your PC’s mouse and webcam anytime soon. Microsoft still envisions Kinect primarily as a product for businesses and organizations, though the company expects consumers to interact with the motion controller in public places.

Microsoft

To read this article in full or to leave a comment, please click here

Welcome to the dawn of the SSD age. Solid-state drives now offer great performance at affordable prices, which is why more and more users are choosing them in new PCs and adding them to older ones.

I'm a big fan myself, but I want to share a cautionary tale. About six months ago, an acquaintance of mine installed an SSD in his laptop. Initially, he was delighted: the drive helped his system boot faster and run longer between trips to the wall socket.

Then, one day, out of the blue, the drive died. No clicking, no "imminent failure" message, no warning of any kind--just a dead drive.

It's under warranty, but so what? He has a laptop that won't boot and data he can't access.

To read this article in full or to leave a comment, please click here

Thin clients introduced this week by Dell and Hewlett-Packard have faster processor than existing thin clients as well as high-definition graphics capabilities, so they could be alternatives to traditional PCs as computing continues moving to the cloud.

The desk-side thin clients also have advanced virtualization features for virtual desktops to host multiple applications in one session. They were announced at the Citrix Synergy conference in Los Angeles.

Dell introduced its first quad-core thin clients called the Wyse D90Q7 and Z90Q7, and also its first dual-core thin client, the Xenith Pro 2. HP upgraded its TM40 thin client to run Advanced Micro Devices’ A-series processors code-named Richland, which are an upgrade from Intel’s third-generation Celeron processors. The thin clients are optimized to work with Citrix’s virtualization stack, which includes Xen hypervisors and server and client software.

The latest thin clients are PCs with network connectivity but no local storage. Virtual desktops on thin clients typically run applications stored in remote servers, using virtualization technologies from Microsoft, Citrix and VMware. The new thin clients have the ability to run high-definition games delivered over the cloud or full instances of Windows 8 complete with touch interaction.

To read this article in full or to leave a comment, please click here

It's been almost a year since Microsoft moved its newly acquired Skype for Linux out of beta with the release of version 4.0, surprising more than a few Linux fans with its apparent commitment to maintaining a telephony client for the free and open source operating system.

This week, however, that commitment became even harder to dispute given the release of yet another significant update to the software.

“We rolled up our sleeves and reconsidered the heart of the Skype for Linux client,” wrote Skype software engineer Marco Cimmino in a blog post on Monday. “Not only did we conquer the navigation issues and bugs from previous releases, but we increased the stability when logging in from a Microsoft Account.”

The new version 4.2 of the proprietary Voice over Internet Protocol (VoIP) client brings a number of tweaks and enhancements, in fact. Here's a rundown of some of the highlights.

To read this article in full or to leave a comment, please click here

Box has acquired an unreleased application called Folders, designed to give iPhone and iPad users a mobile front-end interface for the cloud storage and file management and sharing service as well as for competitors Google Drive and Dropbox.

The Folders technology will be deeply integrated with Box’s own iOS application, which will be upgraded with the Folders improvements later this year, Box’s Vice President of Engineering Sam Schillace said in a blog post on Thursday.

“When we saw Folders we saw a beautiful experience and set of design patterns that we had to bring to Box’s users,” he wrote, adding that Box’s iOS app will become “cleaner, faster and more beautiful.”

Folders includes a PDF viewer, a music player, document, photo and video viewers, a photo and video recording tool and the capability to create and edit notes.

To read this article in full or to leave a comment, please click here

Foxit Software's PhantomPDF (in both Standard and Business editions) make a good choice for basic office needs, but it suffers from an identity crisis once you get to the high-end features. Foxit's download page makes the bold claim that it is "Better than Adobe Reader and Acrobat," but a more accurate statement would be that it might be better, in very specific circumstances that may or may not apply to you.

To read this article in full or to leave a comment, please click here

Samsung released data this morning showing that their newest flagship model, the much hyped Galaxy S4, has been a huge success with consumers.  Since its release on April 27, the S4 has sold 10 million units.  To celebrate the milestone, the manufacturer announced the production of a slew of new colors to supplement the stock white and black models that are currently available.

Ten million sales is a pretty impressive benchmark for the Galaxy S4, and reaching it in under a month shows a clear trend of rising popularity for Samsung’s phones.  The S4’s predecessors, the S3 and S2, took 5 and 2 months, respectively, to reach the same level of sales.

Samsung’s Galaxy series is well known for integrating innovative features like Air View and Air Gesture technology, which economize your finger movements and make for a faster, easier experience.  Each model in the series has also boasted impressive hardware, with the S4 feeding its 5-inch AMOLED screen and 13 MP camera with a super fast Qualcomm Snapdragon processor.

Perhaps intended as a gesture of gratitude to Samsung fans, the company also announced the imminent arrival of several new colors to the S4 line.  The stock White Mist and Black Forest models will soon be accompanied by Blue Arctic, Purple Mirage, and Brown Autumn.  There will also be a Red Aurora model, which is being reported as an AT&T exclusive color.  It should make for an exciting summer for Samsung fans.

To read this article in full or to leave a comment, please click here

Lyft, the ridesharing service known for its fleet of pink mustache-festooned cars, is eyeing international expansion supported by its biggest funding round yet.

The company will be looking at entering new markets, including overseas, between now and the end of 2014, Lyft co-founder John Zimmer said Wednesday.

Specific countries of interest were not named. Lyft currently operates its cars in San Francisco, Los Angeles, Seattle, and Chicago.

Zimmer’s remarks were made on the eve of Lyft’s first anniversary, and its official announcement of having secured a new round of funding from Andreessen Horowitz. The amount of funding, Lyft’s largest yet, was $60 million, Zimmer said.

To read this article in full or to leave a comment, please click here

Windows 8 has changed the way we navigate the desktop, so it’s not surprising that Microsoft has a pair of new wireless mice designed specifically for Windows 8 (they’re also compatible with Windows 7 and the Mac OS X OS).

Sculpt Mobile Mouse

Microsoft’s Sculpt Mobile Mouse will fit into the tightest backpack or pocket while you’re on the go, and it will keep you from swearing at your notebook’s annoying trackpad or touchscreen when you reach your destination.

Microsoft

The mouse is very small—in fact, it’s almost as long as it is wide. As such, the mouse isn’t the most comfortable to grip if you have large hands: Your palm will drag over the surface, but the high arc will keep your fingers resting happily. Those with smaller paws will appreciate its ambidextrous design and the rubber sides that provide a good grip.

The mouse uses Microsoft’s BlueTrack laser technology, which enables it to track over any almost any surface (except for clear glass or mirrored surfaces). When you’re on the road, the only available mouse pad might be the fabric covering your leg, and the Sculpt Mobile works just fine in that scenario.

To read this article in full or to leave a comment, please click here

A freelance Java developer claims it took him only 30 days to build and launch a basic open source office suite that runs on multiple OSes.

Called Joeffice, it works on Windows, Mac OS X, and Linux as well as in browsers, according to the developer, Anthony Goubard. It includes a very basic word processor, spreadsheet program, presentation program and database software, Goubard said.

The office suite was built with NetBeans and uses many popular open source Java libraries, Goubard said. That allowed him to built the program in 30 days, he said, a process that he documented daily on YouTube.

To read this article in full or to leave a comment, please click here

Ericsson may have a contender for oddest networking product if it commercializes the wireless bus windows it demonstrated at this week's CTIA Wireless trade show.

The windows would have built-in, translucent antennas connected to an internal Wi-Fi system for passenger use while on the road. In the example Ericsson showed at CTIA, the dual-band Wi-Fi antenna was just a square of barely visible red metal embedded between layers of glass.

The mobile infrastructure giant demonstrated the concept on the upper level of its booth at CTIA, above a showcase of other technologies designed for so-called heterogeneous networks with both Wi-Fi and cellular radios. On Tuesday, the company announced enhancements to its network management software that will allow carriers to do a better job shifting subscribers between the two systems for the best possible coverage.

Stephen Lawson

Ericsson's solution had its origin in a problem for wireless users on buses, cars and trains. For insulation and sun protection, some windows are now being built with thin, translucent layers of aluminum sandwiched between glass. Combined with the metal that covers the rest of a vehicle, those windows essentially create a so-called Faraday cage, a box that blocks all outside radio waves, said Bryan Coley, a marketing program manager at Ericsson.

To read this article in full or to leave a comment, please click here

Europe's Digital Agenda Commissioner on Thursday set out plans for the E.U. to produce more micro- and nano-chips than the U.S. in the next seven years.

"I want to double our chip production to around 20 percent of global production. I want Europe to produce more chips in Europe than the United States produces domestically. It's a realistic goal if we channel our investments properly," said Commissioner Neelie Kroes as she announced a strategy to use public financing to supplement industry funding.

The strategy will see €5 billion ($6.5 billion) in public funds going to R&D. Around 30 percent of that will come from the E.U. with the rest coming from national and regional funds and the European Investment Bank.

In a strategy paper published last December, companies and institutes in Europe's nanoelectronics sector promised to stump up €100 billion over the seven years if the E.U. kept its side of the bargain.

To read this article in full or to leave a comment, please click here

As Ethernet marks its 40th birthday this week, some of those celebrating will also be looking ahead to yet another use for the nearly ubiquitous technology: the cloud.

On Thursday at the Ethernet Innovation Summit, which will include a commemoration of Ethernet's invention on May 22, 1973, a group of cloud vendors and users are launching the CloudEthernet Forum. It will be announced on the second day of the event in Mountain View, California, with the backing of Alcatel Lucent, Juniper Networks, Tata Communications, Citrix, and other founding members.

Ethernet, originally a LAN, increasingly is also used for WANs (wide-area networks) operated by enterprises and service providers. The CloudEthernet Forum aims to make Ethernet better suited to large-scale cloud services that may operate across many data centers.

Enterprise and service-provider clouds have grown to the point where they may have millions of virtual machines and, in the case of public clouds, thousands of customers. At that level, Ethernet can start to show some limitations, said James Walker, president of the CloudEthernet Forum.

To read this article in full or to leave a comment, please click here

Cloudian

Cloudian is integrating its platform with Citrix's CloudPortal Business Manager as it aims to make it easier to roll out and manage storage as a service.

CloudPortal Business Manager is a services delivery platform that lets enterprises and service providers control user management, provisioning and other operational aspects of a cloud from a single interface. This is functionality Cloudian will take advantage of, according to Jay Desai, vice president of product management at Cloudian, whose platform is used to provide storage for private, public and hybrid clouds.

To read this article in full or to leave a comment, please click here