Apple Paves Mac OS X Lion Rollout with 10.6.8 Update

Apple is preparing its users for the arrival of Mac OS X Lion next month with a software update to Snow Leopard users. The 10.6.8 software update is now available to all users running Mac OS X Snow Leopard, and includes general operating system fixes alongside last-minute setups to roll out Lion through the Mac App Store.

The Mac App Store will be the only way to get Mac OS Lion, which will be available in in July priced at just $30 for registered Macs. Apple says the 10.6.8 update will "enhance the Mac App Store to get your Mac ready to upgrade to Mac OS X Lion," and the download weighs in at 275MB via the Software Download, or 1.01GB directly from Apple.

Mac OS X Lion promises to bring more than 250 new features to Mac users, including multitouch gestures, full-screen apps, the Mac App Store, and improvements to core apps. Lion will also introduce two new features designed to make running your Mac easier: Mission Control, a new, consolidated view of everything on a Mac; and Launchpad, an iOS-like app launcher. (See the 10 Roaring New Features in Mac OS X Lion.)

The 10.6.8 software update also addresses a pesky problem some Mac users have ran into over the past few weeks: Mac Defender, a fake antivirus program that tries to trick you into installing it on your system.

Once it's running on your system, Mac Defender will try to trick you into handing over your credit card information and claims that apps such as the Terminal are infected, in order for you to buy the fake antivirus program. In 10.6.8, Apple says, the OS can identify and remove known variants of Mac Defender, in addition to killing earlier variants of the malware through a software update in May.

Google Releases Reverse Image Search

A new feature in Google's image search engine now lets you upload or link an image to find out where else it's been used on the Web. To use this feature, simply go to images.google.com, click on the camera icon, and select "Upload an image". Alternatively, if you've a URL of an image, select "Paste image URL" instead. You could search by image even faster by using either a Chrome extension or Firefox extension.

Source: Google

Cisco's Cius tablet to ship next month

After delays, Cisco's Cius tablet will start shipping in volume next month, and the device will be one of the first available running Intel's latest Atom chip code-named Moorestown.

The tablet is unlikely to hit retail shelves, but will be available worldwide through distribution channels, said Molly Ford, a spokeswoman for Cisco. Ford declined to provide pricing for the device.

The tablet includes Google's Android 2.2 OS and a 7-inch touchscreen. It weighs around 680 grams (1.5 pounds). The device will come with Intel's low-power Atom Z650 processor, also known as Moorestown. Since its launch last year Moorestown has failed to find adopters, and this will be one of the earliest devices available based on it.

The chip is able to deliver PC-like performance and has strong video capabilities. It can decode video at a 1080p resolution and encode at a 720p resolution. Intel has said that Moorestown chips will enable multipoint videoconferencing.

An unbranded version of the Cius tablet was on display at an Intel booth on Thursday at the CEA Line Show being held in New York . An Intel spokesman said the tablet would later be updated to include the latest Honeycomb operating system.

Red Hat preps real-time messaging stack for the cloud

Anticipating greater use in large-scale cloud deployments, Red Hat has updated its real-time messaging platform with support for new networking and operating system capabilities, the company announced Wednesday.

Enterprise MRG 2.0 (Messaging, Realtime and Grid) includes drivers for 10G Ethernet, the latest version of the Ethernet, and embeds its real-time Linux kernel in the latest version of RHEL (Red Hat Enterprise Linux), version 6.1.

MRG is a stack of technologies designed to run high-throughput, low-latency messaging across many servers, aimed for use in time-sensitive operations such as stock exchanges and animation farms. The DreamWorks animation studio, for instance, uses MRG (pronounced merge) in the film animation process.

Beyond low-latency, high-throughput workloads, Red Hat also uses MRG as a key component of its OpenShift Platform-as-a-Service (PaaS) package, which was unveiled in May.

To improve network throughput, MRG expands on existing RDMA (Remote Direct Memory Access) Infiniband by including a new set of drivers for iWarp 10G Ethernet. The company claims that the new drivers will increase throughput by 100 percent over existing Ethernet and Infiniband connections.

Embedding the company's Linux real-time kernel in the latest version of RHEL means users can enjoy all the benefits of that operating system.

In addition to announcing MRG 2.0, Red Hat also made a number of other announcements during the webcast. The next version of its application server, JBoss 7.0, will be fully released in July. This will be the first version to include full support for Java Enterprise Edition 6.0, said Ashesh Badani, a Red Hat senior director of JBoss.

Intel's three new Core processors are 'ultrabook'-bound

This week,Intel quietly added three more Sandy Bridge devices to its website. Details are provided in the table below.

Model	Cores	Clock speed (base/TurboBoost in GHz)	L2cache (MB)	TDP (Watts)	Price
Core i7-2677M	2	1.8/2.9	4	17	$317
Core i7-2637M	2	1.7/2.8	4	17	$289
Core i5-2557M	2	1.7/2.7	3	17	$250

Intel's three new Core processors are ultrabook-bound

Because of their low power consumption and probable performance, the three new Core CPUs would seem to be suited to embedded devices, but Intel's website makes a point of saying embedded options aren't available. Designed specifically to work with the HM65, HM67, QM67, QS67, and UM67 chipsets, the new processors support up to 8GB of DDR3 memory, the company adds.

It's a fair bet, then, that the Core i7-2677M, i7-2637M, and 1.7GHz Core i5-2557M are mainly intended for the emerging category of notebook computers Intel has chosen to dub "ultrabooks."The latter strikes us as a rather needless marketing term, but refers to slim portables -- of which Apple's MacBook Air is the most well-known example -- that, among other things, use SSD (solid state disk) storage instead of hard disk drives. 

Asus says its UX21 will be just 2/3rds of an inch thick
One Windows-based poster child for the ultrabook category is the Asus UX21 (above), which was shown off at May's Computex show. The CNet report referenced earlier claims the UX21 will adopt the newly announced Core i5-2557M, and also repeats the rumor that Apple will soon use new Sandy Bridge Cores in a MacBook Air refresh.

Microsoft's Cloud BPOS suite suffers outage again

Microsoft's BPOS Cloud-hosted communication and collaboration suite suffered an outage on Wednesday, the latest in a string of technical problems in recent months.

The problem apparently lasted for more than three hours and involved a networking hardware problem that affected customers in North America, according to updates posted by Microsoft on the Microsoft Online Twitter feed and by administrators in discussion forums.

BPOS (Business Productivity Online Suite), which includes Exchange Online and SharePoint Online, has been hit by various outages dating back to August of last year.

Microsoft has at different times acknowledged the problems and apologized for them, pledging to do better.

In a statement on Wednesday, the company said the problem started at 11 am US Eastern Time, and confirmed that "network equipment issues" in the data center were to blame.

"All services have been restored. During this incident, customers were updated via social media channels, as access to the Service Health Dashboard was impacted by this incident. We apologize for any inconvenience this has caused our customers," the statement reads.

However, as outages continue, the performance and reliability of BPOS fall further into question at a particularly bad time for Microsoft, which plans to launch BPOS' next version, Office 365, next week.

Microsoft has very high expectations for Office 365, which will offer significant upgrades over BPOS and is designed to compete better against rival offerings like Google's Apps cloud-hosted collaboration and communication suite.

Mahindra Satyam to set up India technology centre with Saab

Saab's experience in services & solutions, with Mahindra's proven engineering practice would create highly efficient envt to skillfully address opportunities.

Swedish defence and security company Saab AB today said it has entered into an agreement with Mahindra Satyam to establish a joint technology centre at one of the IT solutions provider's facilities. 

The move to set up the 'Saab India Technology Centre (SITC)' furthers the intent declared by both companies at the Aero India show in February, 2011, and the decision strengthens the already strategic relationship between Saab and the Mahindra Group, a company release said. 

"This 300-seater dedicated centre would be established at one of the Mahindra Satyam sites and will be an extended arm of Saab working on new product development and product sustenance engineering. While supporting the internal operational excellence and optimisation initiatives within Saab, this centre will also support offset obligations for all Saab products and services in India," the Saab release said. 

The aim is to increase development in India in terms of identifying concrete programmes and technologies for SITC. The centre will provide a secure platform to facilitate development of aerospace and defence projects in India, the release said. 

According to Saab, India presents a huge opportunity for expanding its business in various verticals. 

Saab is of the view that engineering services is one of the key focus and growth areas within Mahindra Satyam, which currently runs some of the largest dedicated R&D centres for global majors across industry segments, including aerospace. 

Mahindra Satyam has the right operational expertise and technical maturity to ensure this centre delivers the set organisational targets, the release said. 

Google extends Chrome to spot insecure code

Google has updated its Chrome browser with an experimental extension designed to identify potentially insecure coding practices. DOM Snitch has been built for developers and testers to help them spot problems in client-side code.

"To do this, we have adopted several approaches to intercepting JavaScript calls to key and potentially dangerous browser infrastructure such as document.write or HTMLElement.innerHTML (among others)," explained Google Zurich security test engineer Radoslav Vasilev in a blog post.

Vasilev added that the tool would enable developers to spot insecure practices as they happen inside the browser, meaning they don't have to pause the app and go step-by-step with a debugging tool.

DOM Snitch also features security heuristics and nested views to allows even less experienced testers to spot potential problem areas. They are also able to export and share any insecure code found by the tool with others, said Vasilev.

Web application vulnerabilities are one of the most common ways for hackers to gain entry to systems, and often come about simply because security is not designed into the software from the beginning.

In January, application security vendor Veracode called on independent standards bodies to put their weight behind its list of the top 10 mobile app risks, in order to help drive the development of more secure applications.

The firm also introduced a free cross-site scripting (XSS) scanning service designed to enable developers to eradicate the errors responsible for more than half of the word's web application vulnerabilities.

IBM expands cloud disaster recovery services

IBM on Monday announced two cloud-based disaster recovery services for businesses: the IBM SmartCloud Virtualized Server Recovery and the IBM SmartCloud Archive.

Backup and disaster recovery are two services that enterprise IT organizations are increasingly assigning to the cloud, rather than to physical offsite facilities. IBM's new services were announced at the Cloud Leadership Forum conference in Santa Clara, Calif., and will be available July 19.

IBM's SmartCloud Virtualized Server Recovery is the next generation of the 2-year-old SmartCloud Managed Backup service, which the company says is now in use by hundreds of clients. Virtualized Server Recovery differs from the Managed Backup service in that it will use a single standardized virtualized server environment worldwide, says Allen Downs, a director of IBM's Global Technology Services. In contrast, the Managed Backup cloud service was designed for each customer.

The new service relies on VMware and IBM's best practices cloud architecture. It lets users monitor their backup and recovery and can be delivered in a public, private or hybrid cloud environment. Virtualized Server Recovery is available in three levels: Gold, Silver and a basic. Gold and Silver can be used for both backups and cloud test/dev uses. The Gold level features continuous backup and a one-minute failover SLA. Silver relies on backup data.

Users can choose to back up their data directly over the cloud, or to use an on-premise appliance that will act as a gateway to the IBM cloud. In any case, should disaster strike, users can fire up their servers and data in the IBM cloud via a portal. IT staff need not travel to an offsite location.

The IBM SmartCloud Archive is geared toward privacy and regulatory compliance, and supports the e-discovery necessities of advanced search, indexing and retrieval. It offers users a document and records management system that can archive, find and retrieve both structured and unstructured content.

The Virtual Server Recovery service is priced per VM and the Archive product, like the older Managed Backup service, is priced per gigabyte.

Mozilla retires Firefox 4 from security support

Unnoticed in the Tuesday release of Firefox 5 was Mozilla's decision to retire Firefox 4, the browser it shipped just three months ago.

As part of Tuesday's Firefox 5 release , Mozilla spelled out vulnerabilities it had patched in that edition and in 2010's Firefox 3.6, but it made no mention of any bugs fixed in Firefox 4.

That's because Firefox 4 has reached what Mozilla calls EOL, for "end of life," for vulnerability patches. Although the move may have caught users by surprise, the decision to stop supporting Firefox 4 with security updates has been discussed by Mozilla's developers and managers for weeks.

A mozilla.dev.planning mailing list thread that started May 17 evolved into a back-and-forth about the rapid-release schedule and its impact on Firefox 4.

But some Firefox 4 users may want to opt out of the upgrade, even though that leaves them at risk to exploits of already patched bugs.

One traditional area of concern is add-on compatibility, a pain point known to longtime Firefox users when they've moved from one version number to the next.

Mozilla has retired Firefox 4 from security support, and is prompting users to upgrade to the new Firefox 5.

Google builds developer tool to flag Web app vulnerabilities

Google has released an experimental extension for its Chrome browser that developers can use to scan their Web applications and flag code that could make them vulnerable to malware attacks.

The free tool, called DOM Snitch, is designed to sniff out potential security holes in Web applications' client-side code that could be exploited by attacks such as client-side scripting,Google said on Tuesday.

"To do this, we have adopted several approaches to intercepting JavaScript calls to key and potentially dangerous browser infrastructure such as document.write or HTMLElement.innerHTML," Google official Radoslav Vasilev wrote in a blog post.

In addition to developers, DOM Snitch is also aimed at code testers and security researchers, the company said.

The tool displays DOM (document object model) modifications in real time so developers don't have to pause the application to run a debugging tool, according to Google.

DOM Snitch also lets developers export reports so they can be shared with others involved in developing and refining the application, Google said.

Google is working on DOM Snitch and on server-side code testing tools such as Skipfish and Ratproxy because it believes that the number of security holes in Web applications is growing along with their overall sophistication and complexity.

Google revs up 'cloud' goodies for Indian enterprise space

Google, the $29-billion search engine giant, garners negligible revenue from the enterprise space, compared to its phenomenal success with web advertising, which accounts for almost 96 per cent of its total revenue.

With Google Apps for business users, Doug Farber, enterprise managing director (Asia Pacific), hopes to gradually alter the scenario. One of the first recruits of Salesforce — Google’s major competitor in the ‘cloud’ business —before joining Google, he’s cajoling businesses to offload their information technology-related work onto the cloud platform (using files and applications over the internet).

Globally, Google charges its clients around $50 per month, per head (also referred to as a licence). While the price is similar in India, sources say there are many re-sellers who offer discounts and hence, make the proposition more attractive for enterprises.

When asked about Google's 'Chromebook' strategy, Farber said, “While it's a bit early to comment, we plan to do that. There have been many inquiries from business process outsourcing, hotel chains and banks. For instance, Chromebook is a device which can simply be used in the morning shift and handed over to a person in the following shift. There's no reason it would add to a company's hardware and software costs.”

“Our enterprise offerings make a lot of sense, especially for small and medium-sized businesses (SMBs). Why, for instance, would a start-up want to pay around $30,000 for an email server, besides the related information technology maintenance costs? SMBs have limited resources. We help them save costs so that they can concentrate on developing their businesses,” said Farber.

IDC values Cloud computing industry in the Asian-Pacific region (excluding Japan) at about $1.3 billion in 2010, and is expected to expand by about 40 per cent per year until 2014.

Google, however, is not the lone player in the market. Microsoft, IBM, Amazon and Salesforce are well-entrenched players.

Mozilla ships Firefox 5, holds to new rapid-release plan

Mozilla today delivered the final version of Firefox 5, the first edition under the new faster-release regime it kicked off earlier this year.

The company also patched 10 bugs in Firefox 5, including one in the browser's handling of the WebGL 3-D rendering standard that rival Microsoft has called unsafe.Although the company said it added more than 1,000 improvements to the browser, most were minor bug fixes or tweaks. Among the most significant changes were enhanced support for HTML5 and new support for CSS (cascading style sheet) animations.

Mozilla also dropped a feature it had touted during the testing phase, dumping a tool that let users change development channels from, say, the final to either Beta or Aurora, rougher builds that precede the most stable edition. The company decided that few were using the channel switcher, and rather than devote time and resources to maintaining the feature, pulled it.

On the security front, Mozilla patched vulnerabilities in both Firefox 3.6 and Firefox 5.

Ten of the 11 bugs fixed in Firefox 3.6, which Mozilla said it will continue to support "for a short amount of time," were rated "critical," the company's most serious threat rating; the one exception was tagged as "moderate."

One of the moderate vulnerabilities patched in Firefox 5 was in the browser's implementation of WebGL , a 3-D rendering standard that both Chrome and Firefox rely on. The bug was reported to Mozilla by Context Information Security, which has cited several serious security issues with WebGL, including information theft.Users running Firefox 4 will be offered the upgrade to Firefox 5 through the browser's update mechanism, which is triggered when the "About Firefox" dialog is opened. In Windows, users can select "Help/About Firefox" from the Firefox button at the upper left of the browser Windows. On a Mac, "About Firefox" is the first choice under the Firefox menu. Firefox 5 can also be downloaded manually from Mozilla's site.

The next version of Firefox is currently on schedule for an early August release.

Nokia Announces a Unique All-Screen Smartphone, the Nokia N9

Nokia today announced the Nokia N9, built for people who appreciate a stunning blend of design and the latest smartphone technology.

The Nokia N9 introduces an innovative new design where the home key is replaced by a simple gesture: a swipe. Whenever you’re in an application, swiping from the edge of the display takes you home.

The three home views of the user interface are designed to give fast access to the most important things people do with a phone: using apps, staying up to date with notifications and social networks, and switching between activities.

The Nokia N9 also packs the latest in camera, navigation and audio technology for a great all-round experience.With no need for a home key, the all-screen Nokia N9 makes more room for apps to shine. The 3.9-inch AMOLED screen is made from scratch–resistant curved glass. The polycarbonate body enables superior antenna performance. This means better reception, better voice quality and fewer dropped calls.

The Nokia N9 features free turn-by-turn drive and walk navigation with voice guidance in Maps. With the new dedicated Drive app, you can get in your car and start navigating to your destination right away.

Fitted with the latest in wireless technology, Near Field Communication (NFC), the Nokia N9 allows you to easily share images and videos between devices by touching them together. Pair it with Bluetooth accessories like the new NFC-enabled Nokia Play 360° wireless music speaker only once, and you get a great surround sound music experience with just a tap.

The Nokia N9 will be available in three colors – black, cyan, and magenta with storage options to accommodate plenty of content: 16GB and 64GB. The Nokia N9 is scheduled to be in stores later this year, with availability and local pricing to be announced closer to the sales start.

Microsoft to help C++ developers leverage parallel programming

Microsoft this week introduced technology for C++ developers to leverage GPUs (graphics processing units) for parallel programming.

The company's C++ AMP (C++ Accelerated Massive Parallelism) technology is expected to become part of the next Visual C++ compiler and integrated with Visual Studio, said S. Somasegar, senior president of the Microsoft Developer Division, in a blog post. It also will leverage Microsoft DirectX technology for multimedia capabilities in Windows. "By building on the Windows DirectX platform, our implementation of C++ AMP allows you to target hardware from all the major hardware vendors," Somasegar said. C++ AMP will become an open specification, Somasegar said.

Using GPUs in parallel computing follows other trends, such as multicore programming, Somasegar said. "In the last few years, we have been seeing an additional trend of heterogeneous hardware where, for example, developers take advantage of the GPU for computational purposes for their data parallel algorithms," Somasegar said. "This has been successful in narrow verticals using niche programming models. Microsoft wants to bring to the mainstream the ability to write code that takes advantage of heterogeneous hardware like GPUs. So like we've done with multicore before, we are bringing this ability to the next version of Visual Studio."

Microsoft also announced enhancements to the next versions of its Parallel Patterns Library and C++ Concurrency runtime. "You can find easy-to-use C++ templates and runtime support to express algorithms for your domain expertise that scale on any provided hardware with PPL, Agent, and the C++ Concurrency Runtime. With C++ AMP and PPL, we aim to make the next version of Visual Studio the most productive environment for targeting heterogeneous hardware available," Somasegar said.

Microsoft releases Kinect SDK for PCs

Microsoft on Thursday released a beta version of a software development kit that lets hobbyists build applications for the Kinect sensor.

Microsoft launched the Kinect last year in conjunction with the Xbox 360 gaming console to let people play games without a controller. Kinect senses user movements so people control games by waving their arms and moving their bodies.

Now, developers can build applications that use the Kinect on PCs running Windows 7. The SDK is available only for noncommercial use, but Microsoft said it plans to release a commercial package in the future.

The SDK offers developers access to the raw streams from sensors in the Kinect including the depth sensor, color camera sensor and the microphone array.

Developers will also be able to track the skeleton image of one or two people moving in view of the Kinect for the creation of gesture-driven applications.

The SDK includes audio features such as noise suppression and echo cancellation. Developers will be able to access beam formation technology to identify the source of sounds. They'll also be able to access the Windows speech recognition API (application programming interface).

Developers can write using C#, C++ and any .Net language.

Huawei unveils 7-inch tablet running Android 3.2

Huawei unveiled a 7-inch tablet running version 3.2 of Google's Android mobile OS on Monday. It plans to sell the device in the Americas, Asia-Pacific and some European countries in the third quarter.

Huawei unveiled the new 7-inch tablet, called the MediaPad in a webcast on Monday.

The tablet is the first to use version 3.2 of Google's Android OS, details of which have not yet been posted on Android.com. Where the 1.x and 2.x versions were designed for smartphones, the 3.x versions are optimized for tablets.

Versions 3.0 and 3.1 were designed to run on 10-inch tablets, according Victor Xu, Huawei's chief marketing officer for devices. Android 3.2, however is specifically designed to run on a 7-inch tablet, he said.

Google's Greater China sales and operations director, Keven Tang, also took part in the webcast. "With Google's latest technology, Huawei's MediaPad will bring a lot of customer experience and more choice to the consumer," he said.

Huawei declined to reveal the price for the device. But the company said it would be sold through telecommunication operators as well as retail outlets.

The tablet is 10.5 mm thick and weighs 390 grams. In contrast, Apple's iPad 2 is 8.8 mm thick and weighs 613 grams.

The MediaPad's features include a Qualcomm dual-core 1.2Ghz processor, a 5-megapixel camera at the rear and a 1.3-megapixel camera in front, and an HDMI port. It can play back 1080p high-definition video.

Dell plugs hole in virtualization stack

Dell has filled the last big hole in its virtualization stack through a partnership with Netuitive, which makes analytics software for managing virtual infrastructure, Netuitive and industry analysts have confirmed.

One of the challenges with a virtual infrastructure is the dependencies that exist between its many discrete components, making management of the overall system complex.

Netuitive's software collects data about performance and utilization levels throughout the infrastructure, and analyzes these to build a picture of its overall health and any problems that might arise. Netuitive says its software has patented "self learning" capabilities.

Netuitive's software will be used as what Dell calls the Director component of VIS. The other parts are Advanced Infrastructure Manager, derived from its Scalent acquisition, and the Self-Service Creator, from a partnership with Dynamic Ops.

How important are unit tests?

A lot of the unit testing that gets done doesn't get done right. Now, what I mean by that isn't that devs don't know how to test their own functionality (though that's really the subject of another post), it's that they don't know how to perform the test itself properly. I'm gonna qualify that with a question. What happens to your unit test code once the tests are done? And while we're at it let me as you another question real quick. How many unit tests do you perform on a given scenario?

When I run my unit tests I always try to run them on several systems just to make sure I know what I'm gonna have to do to make it work. And the way you code a unit test that you're going to run again and again is completely different from the way you'll code it to run only once. I've seen all too many times when devs config a test to run only once. They typically forget something and they have to make a tweak to either the code or to the environment. Then they forget something else and they have to make another change. The problem is that just doing the test once doesn't build solid code. If you were going to run it several times you would fix your scripts as you went along and they would be very robust. They would check for environmental changes and other fixtures. You would make the changes to your script, and try again.

This brings up another good point about the scripts. You should always include code to completely reset your environment. That's what allows you to run your scripts again and again because you've got the code that also resets everything. And now we're getting into the crux of the first question I asked above. If you've coded the test properly by including all the tweaks needed to make it run on all the different servers you tested on, then your unit test code very easily turns into your production deployment code. That's the problem with only running a test a single time because you tend to assume it'll work and when you run the prod deployment things go wrong. But if you've run it several times and tweaked your code each time, you know what to expect in prod and you greatly reduce your chances of having a catastrophic error.

So writing solid unit tests and testing them properly actually saves you time because you can typically turn that code directly into deployment code. And the system feeds itself because as you make changes to the same apps during different release cycles, you build these libraries for effective testing, and resetting your environment. So a lot of times you don't have to even have to write that code again, or at least you only have to make very small changes. So take the time to do your unit testing properly and code-in all your tweaks and resets. You'll get so much more done and your deployments will go much smoother.

Attackers exploit latest Flash bug on large scale, says researcher

Hackers are aggressively exploiting a just-patched Flash vulnerability, serving attack code "on a fairly large scale" from compromised sites as well as from their own malicious domains, a security researcher said Friday.

The attacks exploit the critical Flash Player bug that Adobe patched June 14with its second "out-of-band," or emergency update, in nine days.

"CVE-2011-2110 is being exploited in the wild on a fairly large scale," said Steven Adair, a researcher with the Shadowserver Foundation, a volunteer-run group that tracks vulnerabilities and botnets. "In particular this exploit is showing up as a drive-by in several legitimate websites, including those belonging to various NGOs [non-government organizations], aerospace companies, a Korean news site, an Indian government Web site, and a Taiwanese university."

CVE-2011-2110 is the identifier for the Flash vulnerability assigned by the Common Vulnerabilities and Exposures database.

Attackers are also using the exploit in "spear phishing" attacks aimed at specific individuals, said Adair on the Shadowserver site.

Adair called the attacks "nasty" because the exploit "happens seamlessly in the background," giving victims no clue that their systems have been compromised.

When Adobe patched the vulnerability last week, it conceded that exploits were already in use.

Adair also said there's been an increase in Flash-based attacks. "There has been an ongoing assault against Flash Player for several years now, but especially so in the last three months," Adair said.

Intel’s 720 PCIe SSD achieves 2.2GB/s read speeds

In the 4th quarter of this year Intel is set to update its enterprise class SSD storage solutions. The two models on offer will be the 710 and 720.

The 710 is your typical SATA 3Gb/s SSD drive offering capacities of 100, 200, and 300GB. It will use 25nm MLC-HET flash chips, includes a 64MB cache, and has AES-128 encryption as standard. Read speeds top out at 270MB/s while write speeds reach an admirable 210MB/s. As this is an enterprise drive longevity and reliability are key, and Intel has upped the write cycles possible by moving to MLC-HET NAND. Typically a standard, consumer grade SSD will use MLC which has a much lower total write cycles, but more than acceptable levels for a typical PC or laptop configuration.

While the 710 may be an impressive drive that does a good job of replacing Intel’s ageing X25-E solutions, it’s the 720 drive where the real performance gains lie. I don’t think I’ve ever seen a real, as in coming to market in the next few months, SSD capable of the performance this drive will offer before. Saying that, Micron’s RealSSD may give Intel a run for its money as that’s due in the Fall, and NEC may leave both Intel and Micron for dust if it ever brings the “as fast as RAM” memory to market.

The 720 is Intel’s attempt at an SSD using a PCIe interface. It will offer 200GB and 400GB storage options, includes 512MB of cache and 34nm SLC flash chips. We hope you are sitting down for the read/write performance: the 720 can achieve 2.2GB/s reads and 1.8GB/s writes. All you need to do is place it in a PCie x8 slot to allow for that level of data transfer. Add to that AES-256 encryption and a guarantee of 36PB of writes, and Intel will surely take the performance and reliability crown in the SSD market later this year when they become available.

We must stress these are enterprise-class drives, and the 720 model is surely going to cost a small fortune to buy. But 2.2GB/s reads are going to be too tempting for some people who must have one for their home PC whatever the cost.

Intel has yet to formally announce the 710/720 or give them price points. We hope to hear more in the coming months in the lead up to their expected launch before the end of the year.