Archive for January, 2010
 iPhone only: Fring, a VoIP and chat app for the iPhone, got a nice update this week that lets users make video and voice calls over a 3G connection. Best of all, it’s still free.
We’ve mentioned Fring before because it’s a great way to turn your iPod touch into an iPhone, but until now the only way you could make calls with it was via Skype. The new update bypasses the need for Skype and lets you call or video chat with your contacts right from Fring using your iPhone’s 3G connection (and, of course, Wi-Fi when you’re near a hotspot).
If you already have Fring on your iPhone, you don't need to download anything else. The app will auto-update the next time you open it. If you get an error message on your first attempt at a voice or video call, click on More -> Go Offline and open Fring a second time.
Even if you don’t have access to a 3G connection (we’re looking at you, unlockers), Fring is a great app to have around anyway. It keeps you connected to all the friend and buddy lists you have spread out all over the place on AIM, Google Talk, MSN, and so on.
Tags: google, VOIP
Possibly Related posts
Comments Off
In designing Chromium, we’ve been working hard to make the browser as secure as possible. We’ve made strong improvements with the integrated sandboxing and our up-to-date user base. We’re always looking to stay on top of the latest browser security features. We’ve also worked closely with the broader security community to get independent scrutiny and to quickly fix bugs that have been reported. Today, we are introducing an experimental new incentive for external researchers to participate. We will be rewarding select interesting and original vulnerabilities reported to us by the security research community. For existing contributors to Chromium security — who would likely continue to contribute regardless — this may be seen as a token of our appreciation. In addition, we are hoping that the introduction of this program will encourage new individuals to participate in Chromium security. The more people involved in scrutinizing Chromium’s code and behavior, the more secure our millions of users will be. Such a concept is not new; we’d like to give serious kudos to the folks at Mozilla for their long-running and successful vulnerability reward program. Any bug filed through the Chromium bug tracker (under the template “Security Bug”) will qualify for consideration. As this is an experimental program, here are some guidelines in the form of questions and answers: Q) What reward might I get?
A) As per Mozilla, our base reward for eligible bugs is $500. If the panel finds a particular bug particularly severe or particularly clever, we envisage rewards of $1337. The panel may also decide a single report actually constitutes multiple bugs. As a consumer of the Chromium open source project, Google will be sponsoring the rewards. Q) What bugs are eligible?
A) Any security bug may be considered. We will typically focus on High and Critical impact bugs, but any clever vulnerability at any severity might get a reward. Obviously, your bug won’t be eligible if you worked on the code or review in the area in question. Q) How do I find out my bug was eligible?
A) You will see a provisional comment to that effect in the bug entry once we have triaged the bug.
Q) What if someone else also found the same bug?
A) Only the first report of a given issue that we were previously unaware of is eligible. In the event of a duplicate submission, the earliest filed bug report in the bug tracker is considered the first report. Q) What about bugs present in Google Chrome but not the Chromium open source project?
A) Bugs in either build may be eligible. In addition, bugs in plugins that are part of the Chromium project and shipped with Google Chrome by default (e.g. Google Gears) may be eligible. Bugs in third-party plugins and extensions are ineligible. Q) Will bugs disclosed publicly without giving Chromium developers an opportunity to fix them first still qualify?
A) We encourage responsible disclosure. Note that we believe responsible disclosure is a two-way street; it’s our job to fix serious bugs within a reasonable time frame.
Q) Do I still qualify if I disclose the problem publicly once fixed?
Q) What about bugs in channels other than Stable?
A) We are interested in bugs in the Stable, Beta and Dev channels. It’s best for everyone to find and fix bugs before they are released to the Stable channel.
Q) What about bugs in third-party components?
A) These bugs may be eligible (e.g. WebKit, libxml, image libraries, compression libraries, etc). Bugs will be ineligible if they are part of the base operating system as opposed to part of the Chromium source tree. In the event of bugs in a component shared with other software, we are happy to take care of responsibly notifying other affected parties.
Q) Who determines whether a given bug is eligible?
A) The panel includes Adam Barth, Chris Evans, Neel Mehta, SkyLined and Michal Zalewski.
Q) Can you keep my identity confidential from the rest of the world?
A) Yes. If selected as the recipient of a reward, and you accept, we will need your contact details in order to pay you. However — at your discretion, we can credit the bug to “anonymous” and leave the bug entry private.
Q) No doubt you wanted to make some legal points?
A) Sure. We encourage participation from everyone. However, we are unable to issue rewards to residents of countries where the US has imposed the highest levels of export restriction (e.g. Cuba, Iran, North Korea, Sudan and Syria). We cannot issue rewards to minors, but would be happy to have an adult represent you. This is not a competition, but rather an ongoing reward program. You are responsible for any tax implications depending on your country of residency and citizenship. There may be additional restrictions on your ability to enter depending upon local law.
We look forward very much to issuing our first reward and featuring it on our releases blog. We’re happy to take questions at security@chromium.org. Alternatively, feel free to leave a comment. We will update this blog post with answers to any popular questions. Finally, if you’re interested in helping out Chromium security on a more permanent basis, we have open positions. Posted by Chris Evans, Google Chrome Security
Tags: google, interesting
Possibly Related posts
Comments Off
 Firefox: Mozilla’s out with the 1.0 of its Weave project, and it delivers on what it first promised—quiet, complete syncing of bookmarks, passwords, preferences, history, and even open tabs. It also heralds the coming of a really cool mobile experience.
If Weave synced your currently installed add-ons, you’d be up and running after a fresh Firefox installation in 2 minutes. As it is, Weave is still a very efficient and lightweight sync of your core Firefox experience, allowing you to maintain multiple Firefox installations across computers and operating systems. Xmarks does bookmark and password syncing too, and across other browsers, but Weave doesn't offer site "discovery" services or other value-added stuff—just a way to automatically connect your Firefox browsers, and even browsing sessions.
That syncing of open tabs is where Firefox Mobile, just out in a third release candidate, will really shine. As Jay Sullivan told us, the idea is that the minute you step away from your desktop or laptop and wake your phone up, Firefox Mobile will pick up on the tabs you had open while you were sitting down.
Weave syncs through Mozilla’s servers. If you’d rather sync up your passwords and bookmarks to your own hardware or cloud space, Mozilla offers instructions on setting up your own server.
Weave 1.0 is a free download, works wherever Firefox 3.5 or higher (or Firefox Mobile) does.
Tags: firefox, google
Possibly Related posts
Comments Off
 Google’s Toolbar does a few nifty things, but it is, well, a browser toolbar. And it might track your browsing without permission. Here’s how to get most of its features without having to install it, or nearly any extra software.
At its heart, the Google Toolbar is a horizontal strip that offers a Google search box—which your browser already provides, to the right of your address bar—and links to Google services and web tools. For nearly all of those extra tools, you can simply add a bookmarklet, a tiny little web script program, to your browser's own bookmarks bar by dragging it from the spot we've linked to. That way, you can rename, rearrange, and pick and choose the web tools you want to have handy at all times.
If you’re more of a keyboard fan, or don’t like the clutter of the bookmark bar, you can activate those bookmarks using tricks like keyword bookmarking in Firefox. The CyberNet blog details how to set up keyword bookmarks in Opera. If you're a Safari user on a Mac, you can quickly access any bookmarks in your bookmarks bar based on location—Cmd+1 activates the first bookmark (or, in this case, bookmarklet), Cmd+2 the second, and so on. If you're using Quicksilver, it can expand to cover your bookmarks for convenient access. Internet Explorer user? You can kind of get there with a registry hack, or by installing IE7Pro, which, oddly enough, works on Internet Explorer 8.
Onward, now, to the toolbar liberation.
 Automatic Form Filling: Certain browsers, Internet Explorer among them, have built-in tools for automatically filling forms with standard information. That’s not all that secure a method, mind you. Password service LastPass stores your password data in the cloud, and can also remember multiple sets of form data for different sites and situations. Better still, if you don’t want to install any of the LastPass extensions and add-ons, you can simply grab a “LastPass Fill Forms” bookmarklet and activate it when needed. You’ll be prompted for your password if you haven’t logged into LastPass in some time, and after that, your tedious order forms are filled and gone.
 Translate text on the fly: If you’re an English speaker without much need for Google’s other language translations, install the To English bookmarklet and activate it on any page that needs activating. If you’d like to translate to other languages, grab Google Operating System’s translate bookmarklet, which drops a little JavaScript toolbar onto your page that, like the To English bookmarklet, automatically detects the language of the page you’re on.
Gmail checking & default composing: As for checking Gmail, there are plenty of addons for Firefox, Google Chrome, and even a desktop application made by Google to ping you when new messages are available. As for making Gmail your default mail link handler, you can do that with Google’s desktop apps, in Firefox’s settings, and in Ubuntu’s Preferred Applications dialog.
 Web history access: You still need to be logged into your Google account and have it enabled in your account, but by installing this user script, as explained by Google Operating System, you’ll get more personalized search results and a convenient log of everything you’ve looked at. And if that starts to freak out your privacy receptors, you can always turn it off.
 Make Goo.gl shortened links: This bookmarklet at Marklets.com will give you a quick goo.gl shortlink to whatever site you’re on. If you’d rather enter a URL for a more complex site manually, Alexandre Gaigalas’ webapp can make them for you, too.
View SideWiki comments: It’s not the most beautiful browser trick you’ve seen, and it’s for a service that hasn’t really taken off. But if you know there’s a good SideWiki conversation happening on a page, you can get at them with the SideWiki Comments bookmarklet stashed in the middle of Digital Inspiration’s explanation post.
Search sites via Google: Accomplished, without having to click anywhere, through the use of keyword bookmark searches.
 Social sharing: AddThis is the little click-able button you see on nearly every news and blog site, combining the multitude of news, social, and bookmarking services into one pop-out list. Put the AddThis bookmarklet in your browser, and it’ll do the same when clicked or activated, popping out with pretty much the definitive list of sharing services to choose from, with the heavy hitters available right out front.
Add to Google Bookmarks: Grab the Bookmark link from Google Operating System’s post, and you’re good to go.
Highlight search terms: The Word Highlight user script not only highlights the terms you were looking for on a results page, but hit your Ctrl button and the / key, and you can type a word and see it highlighted everywhere on the page. Requires Greasemonkey on Firefox, a current version of Chrome or Opera, or GreaseKit on Safari.
 Everything else: One thing the Google Toolbar offers is a huge number of buttons to access all of the search firm’s many, many, many services. You can, of course, just bookmark your favorites, but for the search-able Google tools, we recommend either a smart keyword search, as described near the top of this post, or the Quix bookmarklet, an all-in-one tool that provides access to tons of services, many of them Google-based, from two-letter shortcuts.
We didn’t cover everything that the Google Toolbar does—like add a Chrome-like new tab page to Firefox, which you can approximate with Speed Dial—but we tried to cover the tools that would work on nearly any browser, any system. Tell us what we missed, and what bookmarklets or apps can or can't make up for it, in the comments.
Tags: firefox, gmail, google, internet, ubuntu
Possibly Related posts
Comments Off
About 18 months ago, we published a graph showing that Unicode on the web had just exceeded all other encodings of text on the web. The growth since then has been even more dramatic.
Web pages can use a variety of different character encodings, like ASCII, Latin-1, or Windows 1252 or Unicode. Most encodings can only represent a few languages, but Unicode can represent thousands: from Arabic to Chinese to Zulu. We have long used Unicode as the internal format for all the text we search: any other encoding is first converted to Unicode for processing.
This graph is from Google internal data, based on our indexing of web pages, and thus may vary somewhat from what other search engines find. However, the trends are pretty clear, and the continued rise in use of Unicode makes it even easier to do the processing for the many languages that we cover.
Searching for “nancials”?
Unicode is growing both in usage and in character coverage. We recently upgraded to the latest version of Unicode, version 5.2 (via ICU and CLDR). This adds over 6,600 new characters: some of mostly academic interest, such as Egyptian Hieroglyphs, but many others for living languages.
We’re constantly improving our handling of existing characters. For example, the characters “fi” can either be represented as two characters (“f” and “i”), or a special display form “fi”. A Google search for [financials] or [office] used to not see these as equivalent — to the software they would just look like *nancials and of*ce. There are thousands of characters like this, and they occur in surprisingly many pages on the web, especially generated PDF documents.
But no longer — after extensive testing, we just recently turned on support for these and thousands of other characters; your searches will now also find these documents. Further steps in our mission to organize the world’s information and make it universally accessible and useful.
And we’re angling for a party when Unicode hits 50%!
Posted by Mark Davis, Senior International Software Architect
Tags: google, search engines
Possibly Related posts
Comments Off
|
Entries (RSS)