“Flash, I love you – but we only have 90 days excluding public holidays and weekends to issue a fix for CVE-2013-6629!” Photo via Tom Simpson on Flickr
A selection of 8 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.
Google amends bug disclosure policy following Apple and Microsoft scuffle » V3
Project Zero courted controversy when it publicly disclosed flaws in Microsoft’s Windows 8.1 and Apple’s Mac OS X operating systems.
Google moved to address these concerns, arguing that it may have applied the policy too rigorously but that public disclosure is effective.
“For example, the Adobe Flash team probably has the largest install base and number of build combinations of any of the products we’ve researched so far,” read the [Google] blog post.
“To date, they have fixed 37 Project Zero vulnerabilities (or 100 percent) within the 90-day deadline. More generally, of 154 Project Zero bugs fixed so far, 85% were fixed within 90 days.
“Furthermore, recent well-discussed deadline misses were typically fixed very quickly after 90 days. Looking ahead, we’re not going to have any deadline misses for at least the rest of February.
I fixed all of my Adobe Flash vulnerabilities in five minutes by removing Flash from my computer. However, Google’s position of playing private security guard to the internet remains discomforting, and I can’t help feeling that it’s going to prove embarrassing in some horrible way – a sort of schadenfreude-in-waiting.
Qualcomm deal sparks China smartphone patent skirmishes » Reuters
From last Friday (I didn’t link to it then), but as Ben Thompson points out, this element of the deal could have big implications – given that Xiaomi became China’s biggest smartphone vendor in 2014:
The settlement has allowed wireless patent holders like ZTE and Huawei Technologies to seek royalties, while introducing a new risk of litigation to China’s younger handset industry at a time when domestic patent law is gaining traction.
“For the first time, the settlement is forcing domestic manufacturers to recognize the value of IP (intellectual property) and consider how to use it strategically, which companies do in the West,” said Wang Yanhui, secretary general of the Mobile China Alliance, an industry consortium. “That’s the real significance of the (Qualcomm) settlement.”
The competitive dynamics are particularly complex in China, the world’s biggest smartphone manufacturer and consumer, as large Chinese telecom equipment makers that hold many essential patents for wireless technology also compete in the phone market against younger, nimbler manufacturers.
The settlement could prove tricky for companies like Xiaomi Inc, a four-year-old Beijing-based smartphone maker whose weak patent position has proved a major vulnerability. In December, a court in India temporarily halted its shipments there after Swedish telecom firm Ericsson complained Xiaomi had not been paying its royalties.
Although Xiaomi has been reported by Chinese media to be one of the handset makers now targeted by ZTE’s lawyers, both companies declined to discuss the issue.
But in response to questions from Reuters, Bin Lin, Xiaomi’s president, said he expects Xiaomi to only attract more patent threats and litigation from rivals in the future, as does any young firm that enjoys explosive growth.
Rembrandt Technologies wins $15.7m jury verdict in patent infringement case against Samsung » PRNewswire
A Texas federal jury has awarded $15.7 million to Rembrandt Wireless Technologies LP after finding that Korean electronics giant Samsung Electronics Co. Ltd. infringed on two Rembrandt patents covering Bluetooth technology.
Jurors deliberated only one hour before issuing the Feb. 13 verdict. The five-day trial focused on two Rembrandt patents, U.S. Patent Nos. 8,023,580 and 8,457,228. In addition to the $15.7 million award, Rembrandt also will receive royalty payments on all Samsung Bluetooth sales for the life of the patents.
Rembrandt, a Pennsylvania-based business technology company, sued Samsung and Blackberry Ltd. in 2013. Blackberry settled before the trial. Rembrandt argued that its patents for Bluetooth “enhanced data rate” inventions were infringed by Samsung in its Galaxy S phones.
That’s a brief deliberation, and a brief trial.
New cloud storage integration for Office » Microsoft Office Blogs
Kirk Koenigsbauer, corporate VP of Office:
We want Office to be the preferred way to work with documents no matter where they’re stored. In November we announced a special partnership with Dropbox to make it easy to access, edit and share Dropbox files from the Office apps. And today, in addition to the existing Dropbox integrations, we’re pleased to announce two new integration features for an even broader set of cloud services: First, file picker integration for the iPad and iPhone; and second, Office Online integration for viewing and editing. While these may seem like small enhancements, these new features represent a big step forward for Office integration into the apps and services that are important to our customers.
This is huge. It’s actually all in that first sentence, which is all you need: “We want Office to be the preferred way to work with documents no matter where they’re stored.” Microsoft wants Office – its most lucrative monopoly – to endure. This is part of how it does that.
May 2012: once deemed evil, Google now embraces “paid inclusion”
Danny Sullivan, in May 2012, noting changes in how Google represented and collated its Flight Search, Hotel Search and Shopping categories so that they became pay-to-play for companies to appear – a reversal of Google’s previous stance:
paid inclusion isn’t necessarily bad, especially if it’s used to solve an otherwise difficult challenge in search, rather than being an excuse to generate revenue. However, it it still feels odd watching Google, having previously attacked the objectivity of its competitors over the practice, quietly adopt paid inclusion now that it’s the search market leader. That doesn’t sit right. At the very least, I kind of want someone at Google to acknowledge that it was wrong those years ago.
Postscript (7:30pm ET): Google, after seeing this article, sent along this statement about paid inclusion:
Paid inclusion has historically been used to describe results that the website owner paid to place, but which were not labelled differently from organic search results. We are making it very clear to users that there is a difference between these results for which Google may be compensated by the providers, and our organic search results.
I have to disagree.
The reason I’m linking to this now is that it’s pertinent to all the antitrust discussion that’s reopening in Europe over Google and particularly vertical search. Google presents its results as untouched by human hand, but there’s a whole lotta touching really going on. (One point on the headline: Sullivan means that paid inclusion used to be deemed evil, not Google.)
November 2013: Western Digital adds helium to enterprise hard drives » AllThingsD
Arik Hesseldahl:
It turns out that the insides of hard drives are pretty violent places. There’s a lot of high-speed motion, what with the disk platters spinning at several thousand rotations per minute, and the head moving back and forth across its surface. If you’ve ever held your arm out the window of a fast-moving car, you get some sense of the problem…
…The secret sauce to all this is that the drives are built to be hermetically sealed, which means they’re both perfectly airtight and leakproof. While the science behind doing all this has been well understood for a while, Cordan says that Western Digital is the first to figure how to do it in a repeatable manufacturing process. It adds an extra step or two to the manufacturing process, and thus some cost.
It gets more interesting: Hermetically sealed drives don’t let the helium out, but they also don’t let anything else in, including liquid. That makes them good for use in immersion-cooled data centers. These are small, dense collections of IT gear packed into a box the size of a shipping container and filled to the top with nonconductive liquid that keeps everything running at a constant temperature. (If you didn’t know that this was a thing, you’re not alone, because I didn’t, either.)
This came (via @jearle) after I happened across a Digitimes report about helium-filled drives. Presumably vacuum is next, since if a drive can survive being immersed then it must have tough joints.
Intel reportedly to delay launch of 14nm Skylake desktop CPUs » Digitimes
Monica Chen:
Intel reportedly has informed its motherboard partners that it will delay the release of its 14nm Skylake desktop CPUs and corresponding 100-series chipsets to the end of August, compared to its original schedule set for the second quarter of 2015, according to sources in Taiwan’s motherboard industry.
The delay will affect PC makers’ production and shipment plans for Haswell Refresh and Broadwell-U series products and may also delay the development of Broadwell models with a TDP of 65W, the sources noted.
PC makers will also not be able to unveil Skylake-based models during the upcoming Computex 2015 to be held in June in Taipei, thereby affecting PC sales in the second haft of 2015, said motherboard makers.
Intel is saying that it always planned to release Skylake in the second half of the year. For reference, the Pentium 4, introduced in 2000, had transistor sizes of 0.18 micron – or 180nm.
$1.75m in bitcoin stolen from Chinese exchange Bter » The Next Web
Abhimanyu Ghoshal:
Even as Bitcoin is starting to shake things up in the US, all is not well in the cryptocurrency world. China-based Bitcoin exchange Bter was hacked on Valentine’s Day and $1.75m worth of Bitcoin was stolen.
The company hasn’t revealed much about the breach, except that 7,170 BTC was taken from its cold (offline) wallet on February 14 via a single transaction (link) and that the platform is suspending operations until further notice.
I feel like we’re getting so used to this that $1.75m is like “yeah, sure”.
The Overspill: when there's more that I want to say 