In today’s mobile world, battery life is precious. Go to an airport and watch the road warriors jockey for position around the available power outlets and it becomes obvious how true this is. These travelers can attest to what helps preserve the current charge on batteries.

Keep batteries at room temperature whenever possible.
That means between 20 and 25 degrees Celsius or about 65 to 75 degree Fahrenheit. The worst thing that can happen to a lithium-ion battery is to have a full charge and be subjected to elevated temperatures. So don’t leave or charge mobile device’s battery in a car if it’s hot out. Heat is by far the largest factor when it comes to reducing lithium-ion battery life.

Consider a high-capacity lithium-ion battery, rather than carrying a spare.
Batteries deteriorate over time, whether they’re being used or not. So a spare battery won’t last much longer than the one in use. Also try to buy batteries with the most recent manufacturing date.

Allow partial discharges (usually).
Unlike NiCad batteries, lithium-ion batteries do not have a charge memory. That means deep-discharge cycles are not required. In fact, it’s actually better for the battery to use partial-discharge cycles — with one exception. Battery experts suggest that after 30 charges, you should allow lithium-ion batteries to almost completely discharge. Continuous partial discharges create a condition called digital memory, decreasing the accuracy of the device’s power gauge. So let the battery discharge to the cut-off point and then recharge. The power gauge will be recalibrated.

Avoid totally discharging lithium-ion batteries.
If a lithium-ion battery is discharged below 2.5 volts per cell, a safety circuit built into the battery opens and the battery appears to be dead. Unfortunately, in this situation, the device’s original charger will likely not be able to recharge the battery.

Only battery analyzers with the boost function can do the job.
For safety reasons, do not recharge deeply discharged lithium-ion batteries if they have been stored in that condition for several months. For extended storage, discharge a lithium-ion battery to about 40 percent and store it in a cool place that is not exposed to moisture.

Lithium-ion batteries are a huge improvement over previous types of batteries. Getting 500 charge/discharge cycles from a lithium-ion battery is not impossible, but does require a little attention to the battery’s well being.

The mobile technology enterprise is vital in staying ahead of the competition, Responza’s experts can help can help businesses determine the best mobile strategy to integrate with and enhance internal IT infrastructures. Call Responza experts at 206-762-5100.

Tips for users of Outlook – whether experts or beginners – can help them use Outlook better. Even experienced Outlook users may need these pointers to find old features in the new interface.

Right Click for Jumplists
New to Outlook 2010 is a Windows 7 integration feature that lets the user right-click on the Outlook icon on the taskbar and pop up a “jumplist” menu that lets the user create an e-mail message, appointment, meeting, contact, or task by selecting an item. (See Fig 1) Outlook doesn’t need to be open when the user clicks on an item, and the only part of the Outlook interface that opens is the part needed to perform the task selected.
Fig. 1

Outlook’s Mobile Options
In large corporations, IT managers may have set up Outlook’s mobile options for sending reminders, calendars, and messages to users’ mobile phones. But individual users can take advantage of this feature too by going into Mobile options (See Fig. 2) and selecting an SMS Service Provider; some offer free trials with no credit-card data required. The user can set up the SMS service to connect to a mobile phone number and get instructions for setting up the SMS account in Outlook. The user then chooses one of the buttons on the menu and sets up Outlook to send the reminders, messages, or calendars that the user need.

Fig. 2

Synch Outlook Calendar with Google Calendar
It may not be surprising that Microsoft doesn’t provide a tool for synching a user’s Outlook calendar with a Google Calendar. But Google does. Start by downloading Google Calendar Sync from this link:
http://dl.google.com/googlecalendarsync/GoogleCalendarSync_Installer.exe
Run the installer and follow the prompts. As shown in the screen shot (Fig 3), the user can choose different kinds of synching and different synching intervals—but the minimum is every ten minutes. Google Calendar Sync installs an icon in the Windows system tray. Right-click on that icon and choose Options to display the menu shown here.

Fig. 3

Create a New Search Folder
An underused feature of all modern e-mail apps is the “search folder”—a virtual folder that displays all messages that fit specified conditions. Outlook comes with four search folders built-in; the user can find them in the navigation pane under “Search Folders.” The user can create a new search folder either by right-clicking on the Search Folders folder on the navigation pane or by going to the Folder tab on the ribbon and clicking New Search Folder (See Figure 4). In the dialog box shown here, create your new search folder by specifying the criteria for the messages that you want to see inside the folder—for example, messages to and from your boss might go into a search folder named Urgent Mail, especially if the boss is in the habit of looking over your shoulder when you work.

Fig. 4

While users are learning to get the most from applications, Responza can help establish or tweak the network environment to optimize computer use and bandwidth consumption.
Call Responza experts at 206-762-5100.

Features users knew by heart in PowerPoint 2003 may be a little difficult to zero in on in the newest version of the software because they are scattered among various tabs.

This post covers 3-D Style, Arrow Style, Designs, Expand All and Collapse All, Print and Print Preview
Of all the Office 2007 and 2010 apps, PowerPoint’s tab and group structure seems to make the most sense. Even though there’s an initial adjustment, finding most options in the newer versions is fairly easy. There are, however, a few options that elude users.

3-D Style
Taking a two-dimensional shape to the next level — 3-D — is a simple task in PowerPoint 2003. The user selects the shape and chooses the preferred selection from the 3-D Style options on the Drawing toolbar. Not so fast in PowerPoint 2007 and 2010. The 3-D option isn’t in the first place users look.
First, select the shape. When the context Format tab appears, click Shape Effects. As in Figure A, there’s a 3-D Rotation option, but no 3-D Style or Format option, which is a bit strange.

Figure A

The 3-D Format option isn’t where expected.
Instead of clicking the Shape Effects drop-down, users must click the Shape Styles (group) dialog box launcher (shown circled in Figure B). Doing so displays the Format Shape dialog box and the 3-D Format option.

Figure B

Users must click the group’s dialog box launcher to apply the 3-D Format.

Arrow Style
The option to choose a style for an arrow is also in an unexpected spot. Users might look in the Shape Effects option – and won’t find what they are looking for.

In PowerPoint 2007 and 2010, select the desired arrow to format. When the context Format tab appears, click Shape Outline in the Shapes Styles group. Then, select Arrows, as shown in Figure C. Users may also click the group’s dialog box launcher, as the options are relative to the selected item.

Figure C

To find arrow options, click Shape Outline | Arrows.
Most of the items on the old Drawing toolbar (#1 and #2) can be found by clicking Shape Outline or Shape Effects (in the Shape Styles group on the context Format tab).

Designs
A number of predefined slide designs are available in the 2003 Slide Design task pane. Users simply select one and apply it to all slides, a group of slides, or just one slide. All of the task panes are gone in PowerPoint 2007 an 2010. User will find the Slide Design options on the Design tab. Users should note that they are not called designs anymore, but themes.

Users can click one of the options in the group or click the option’s More button (shown circled in Figure D) to see all of the available themes. This figure shows the Apothecary theme applied to an almost blank slide.

Figure D

Click the More button to see the gallery of themes.

Expand All and Collapse All
In PowerPoint 2003’s Outline view (click the Outline tab), users can collapse and expand each slide’s text. Simply right-click the slide and choose Expand or Collapse. Expanding and collapsing all slides is a quick click — the Expand All button on the Standard toolbar toggles between the two states.

Users can still right-click a slide and expand or collapse in Outline view. But the Expand All isn’t on any tab. In PowerPoint 2007 and 2010, it appears as a submenu of the right-click command. Right-click anywhere in Outline view, choose Expand or Collapse, and then choose Expand All or Collapse All, as shown in Figure E.

Figure E

Access to Expand All and Collapse All is still quick, but it’s two layers deep from a right-click.

Print and Print Preview
The Print option isn’t hard to find in PowerPoint 2007. Users click the Office button and choose Print. Set print options, click OK, and PowerPoint prints accordingly. That’s the way it worked in PowerPoint 2003 — set options, click OK.

The change is in PowerPoint 2010 (in all Office 2010 applications). Print options are on the File tab, in Backstage View. If users click Print, they will find a number of print settings.
The problem is that users have been trained to: Choose settings and click OK. In PowerPoint 2010, User must select print settings from several drop-downs. After setting all options, users click Print. Be careful not to choose settings and wait for the printout. It will never appear of users don’t click the big button that says Print.

Clicking Office | Print in PowerPoint 2007 is the route to Print Preview. The Preview button is in the bottom-left corner of the Print dialog box. In PowerPoint 2010, Print Preview is part of Backstage View. By clicking Print, users can preview the current slide automatically. Print Preview isn’t difficult to find, but it is annoying to users to suddenly need several clicks when one used to do. Users can alleviate the annoyance by adding Print Preview to the Quick Access Toolbar.

Responza is a valuable resource for companies searching for the best strategies for getting the most from technology systems.

It has been a couple years since “the cloud” arrived on the IT scene, yet some IT leaders still talk about it with breathless reverence. Even non-IT executives still proudly announce that they’ve “put that in the cloud” when any technology-related topic arises.

The fact of the matter is that the cloud is just another make vs. buy decision.

What is “the cloud”?
Definitions of cloud computing abound, but it has been overly complicated.

Essentially, the cloud is little more than “stuff outside your company.” That “stuff” could be processing power, storage, networks, applications or any other bit of technical wizardry. When the CIO says she’ll “put that in the cloud,” all she is really saying is she will take something that was done in-house and do it with someone else’s “stuff” (outsource it). Any aspect of internal “stuff” can be put into the cloud, from raw data that is stored on another party’s storage systems, to an internal application that is run on someone else’s hardware. Often, the cloud refers to a third party’s applications, analogous to the enterprise equivalent of gmail or hotmail to employees.

Conceptually, all the fancy cloud talk could be applied to anything a company does outside its walls. The toilet paper purchased from an outside vendor effectively comes “from the cloud,” and the same decision making process used to choose that vendor applies to making the decision to move into the cloud – or not.

Mysticism has “clouded” the process
A frightening part of the over-hyping of the cloud is that it has muddled the decision-making process for determining if the cloud is appropriate for a particular IT function. Mysticism seems to creep into any cloud-related discussion, obscuring the fact that deciding to move something into the cloud is merely a simple make vs. buy calculation. If email is under consideration for being moved into the cloud, the process is simple: Tally up the costs of the various servers, software and support, divide by the number of users; Compare that to the per-seat fees from various cloud vendors. Factors that denote reliability, security and support of the vendor can also be figured into the equation.

This process sounds amazingly similar to the process that Operations goes through when selecting vendors for critical components and parts. In companies that produce physical products, supply chain and purchasing groups are likely loaded with experts in this type of process and can assist in making an exceptionally thorough analysis of the various cloud vendors, and apply appropriate rigor to the process.

While those in IT may quip that those buying physical commodities could never understand the subtle nuances of the cloud, remember that the supply chain deals with production and design secrets all the time, and reliability is obviously a central concern since a critical vendor could hamper the ability to actually produce products.

Presenting the cloud in these terms can bring internal purchasing expertise onboard to help make better decisions and inspire more realistic discussions with peers. Rather than the cloud offering a voodoo-like panacea to every internal problem, all executives can approach it as a way to cut maintenance and administrative costs, or a way to allow IT to focus on more valuable activities than maintaining email servers or commodity functions and applications.

As with most emerging technologies, the cloud’s near-magical properties will soon wear thin. A rational look at cloud-based services and straight-forward analysis of the decision to utilize them just as any other third party vendor clears away the haze around the “cloud” and makes its use a far more practical solution.

Questions and confusion abound although the cloud concept is not new. Call Responza’s experts for assistance in implementing or tweaking a cloud strategy that meets your requirements and fits your specific needs.

The specs are awesome but users are definitely divided into two camps on the latest Droid device. Many consider it the best of the Android phones. And then again – many don’t.

Let’s look at the arguments for each camp.

The wrong.

Size. The device is just larger than is suitable for a lot of people. That big, bright, high-resolution screen is part of its appeal, but it also makes it awkward to stash in a side pocket and a little too big to fit comfortably in a shirt pocket.

Heat. It is impressively fast but at the cost of generating a level of heat that is literally uncomfortable. It may not be hot enough to fry an egg, but can cause a flinch, on occasion, when the back of the device is touched.

Battery Life. It is pretty significant if a device doesn’t make it through the work day – much less the entire day – without the battery dying. The device gives out before the crucial nine hour mark – which simply isn’t acceptable for business travel. Using the turn-by-turn GPS is a particularly big power gobbler.

Settings. The battery life could probably be extended by tweaking settings – if you could find them. Some settings are part of the OS, some are part of third-party apps, but all looked as if they were designed by a committee of mad scientists.

Default apps. More than 20 started by default. If you download the app called Task Killer – you can shut down the default apps. However, this too is a trick because within a minute or two, all of the default apps restart themselves. Gotcha.

Complexity. It is obvious why geeks love this device and its OS. It has plenty of complexity. It is Linux like in that it is a tweaker’s playground. All problems could probably be solved by rooting the device, downloading a new kernel, and starting from scratch. But who wants a device that requires constant babysitting.

The right.

Touchable. Unlike the old Windows Mobile OS, Android is made to be touched. The touch screen is responsive and quick and can be used without a long fingernail or stylus.

Icons. They are plenty big for touching, but smaller than the tiles on the new Windows Phone 7, which means more will fit on a home screen.

Storage. This device supports up to a 32 GB microSD in addition to the built-in 8 GB of internal memory.

Multitasking. When you really want to run other applications in the background, the Droid can do it.

Big screen. If a 3.8-inch screen seemed big, the Droid X’s 4.3 will seem huge….that is of course until you see the Dell Streak (that boasts a gi-normous 5 inch screen).

Turn-by-turn navigation. Droid is the only one providing the free turn-by-turn navigation that rivals that of a dedicated GPS device. The extra large screen on the Droid X also enhances the navigation experience.

Flash. Droid actually supports Adobe Flash – which the iPhone doesn’t.

Google integration. Naturally, since this is a Google product it is pretty fully integrated with Google’s services.

Infected PCs download fake antivirus

A massive takedown operation conducted by Dutch police and security experts at the end of October does not appear to have completely dissolved the Bredolab botnet that has created recent havoc, but it is unlikely to recover.

The latest look at the botnet by FireEye’s Malware Intelligence Lab shows that two domains are being used to issue instructions to infected computers. PCs that are infected with Bredolab are programmed to check in with certain domains in order to receive new commands.

One domain, which is on an IP (Internet protocol) address registered with a collocation facility in Kazakhstan, tells infected computers to download a fake antivirus program called Antivirusplus. Cybercriminals have found that fake antivirus programs can be a thriving business. If infected, users are badgered to buy the programs that offer little or no actual protection from threats on the Internet.

The second domain instructs computers compromised with Bredolab to send spam. That domain is hosted on an IP address assigned to a collocation facility in Russia.
The infected computers that are communicating with domains appear to have a variant of Bredolab installed. Malware authors frequently have to modify the code in order to avoid detection by antivirus software.

The Bredolab variant was submitted to VirusTotal, an online service that accepts malware samples and checks to see whether 42 different security software suites detect it. Tested were some of the most widely sold products from vendors such as Symantec, TrendMicro and McAfee. As of October 27, only one product detected it. The results, however, are not surprising: much new malware remains undetected for a short time. When vendors discover it, the sample is shared throughout the security community, increasing the chances that other security software will pick it up.

The main Bredolab botnet appears to have been taken out after Dutch police seized control of 143 command-and-control servers on October 25 and shut down their communication with infected PCs – which was estimated to total as many 29 million. A warning was issued to all infected computers by the Dutch police.

Working with Dutch police, Armenian authorities arrested a 27-year-old man on October 26 for allegedly controlling Bredolab. If he is extradited to the Netherlands, he could face between four and six years in prison.

The Bredolab variant that is still working may have come from the original Bredolab code, which may have been leaked and used by someone other than its author.

It is also possible that a portion of the Bredolab botnet was rented to some other cybercrimial gangs, who could then upload their own specific code to infected machines or use the computers for spamming.

Authorities have shut down most of Bredolab’s command-and-control servers, so that “a big portion of this botnet has been dismantled and is never going to recover”.

More arrests could be made because it is possible that some of the “bot herders” are still untouched and are committed enough to continue their operations even under extra scrutiny.

Most companies don’t satisfy every major segment of their customers.
This isn’t just true for certain types or sizes of companies but is a trait that can be seen across all companies. Its impact is obvious in how information, products and services are offered on websites. Typically, companies set their sites up in ways that make sense to their need instead of considering how their potential customers actually make buying decisions.

Most companies fall prey to the trap of using an array of general keywords for pulling traffic to their sites. What has been learned in recent research is that potential customers can’t be lumped into a single group – their needs and desires must be specifically articulated. This is especially true with websites and the search engine marketing (SEO) strategies that are applied to them.

Getting specific about the segments where potential customers shop is the best way to ensure that buying customers are attracted by keywords and that they go to the best places on websites to make their purchase decisions.

For example, instead of trying to attract people shopping for “automobiles” or “cars”, dealerships should name the types of vehicles people want to buy in their marketing strategies. Applying this to SEO, the dealership would use SUVs, crossovers and pick-up trucks instead of the more general terminology as the keywords that attract and guide visitors to their sites.

This takes more than guesswork. It takes an understanding of where website visitors go and where they spend the most their time. Website analytics (such as Google Analytics) should be used to gather this information. A comparison of analytics information to what is actually sold by their own businesses and by competitors provides a good measure of where their keyword attention should be focused. This can even help establish product or solution gaps and open up potential for new successful revenue streams.

Examinations of websites should work in tandem with keyword exercises. It is just as important to align website pages to correlate with the categories that appeal to customers as it is to identify and use the best keywords. Once visitors are on websites, they will leave if they can’t quickly find what they’re searching for.

Going back to the car dealership example, keywords of SUVs, crossovers and pick-up trucks should link to pages that are all about those particular vehicles – not a general automobile listing page.

It is also more effective to use keywords matching up to the search terms that customers would actually use. How many people use “automobile” terminology? In reality, they talk about “cars” and when they are shopping for one of their own they use the specific terminology for what they want to buy. Tools are available that help in targeting terms that are more likely used in searches (such as the keyword grader available to Google Adword users). These tools help to bucket keywords into segments so they can be appropriately applied to correlating website pages.

Developing a plan for SEO actually makes website development easier, not harder. There should never be any question about what needs to be created, expanded, or edited when the research is in hand to show what people are looking for.

BLADE (BLock All Drive-by download Exploits), the brainchild of researchers from College of Computing at Georgia Institute of Technology and SRI International, is positioned to help stem the tide of drive-by malware. A big deal according to Dasient.com – the company is tracking over 200 thousand different web-based malware threats.

What is the goal of drive-by malware?
“The goal of the drive-by exploit is to take effective, temporary control of the client web browser for the purpose of forcing it to fetch, store, and then execute a binary application (e.g., .exe, .dll, .msi, .sys) without revealing to the human user that these actions have taken place.”

Let’s look at how the researchers believe the process works.

The process
It all starts when a hapless victim stumbles onto a compromised official web site or possibly a knock off of an official site that’s serving drive-by malware. Next, the code injection process begins and consists of the following three phases:
• Shellcode injection phase: Code purposed to subvert the web browser is downloaded by exploiting a vulnerable component of the web browser.
• Shellcode execution phase: The downloaded code is then injected into the web browser process.
• Covert binary install phase: The web browser, now compromised, tries to retrieve malware from the attacker’s web server. That code installs on the victim’s computer and does all the damage we hear about.
The researchers also determined that drive-by malware somehow avoids the need for user permission to download and execute unsupported file type such as .exe, .dll, and .sys. With this information in hand, the research team developed BLADE.

BLADE’s design criteria
BLADE a browser-independent operating system kernel extension designed to prevent unauthorized content execution. This means BLADE intercepts all downloaded content that has not been okayed by the user and prevents it from executing.
To accomplish that, the research team implemented the following in BLADE:
• Real-time user authorization capture and interpretation: The key to BLADE working properly, user-to-browser interaction is monitored to capture information pertaining to a user authorizing a download.
• Robust correlation between authorization and download content: BLADE must be able to distinguish between user-initiated web-browser downloads and unauthorized ones.
• Stringent enforcement of execution prevention: Unauthorized content must not be allowed to execute.
• Browser agnostic enforcement: BLADE must not rely on how a web browser should work. This is critical, because new web-browser technology is introduced all the time.
• Exploit and evasion independence: BLADE must also be independent of any exploit that attackers use to subvert the web browser.
• Efficient and usable system performance: Web-browser performance must not be compromised, nor any delays allowed. In fact, BLADE should not have a perceptible impact on any computer operation.

How BLADE operates
To spot unsolicited download attempts, BLADE places the following processes in kernel space,
• User-interaction tracking: BLADE uses a screen parser, hardware-event tracer, and a supervisor to track the user’s physical interactions with the web browser, specifically when download authorization is asked for.
• Consent correlation: This process is required by BLADE to distinguish between transparent downloads and those requiring user permission.
• Disk I/O redirection: When BLADE locates un-authorized downloads, it redirects the code to a secure zone. The data is also prevented from loading into memory as an executable.

The following slide (courtesy of the research team) represents BLADE’s system architecture.

The key ingredient that makes BLADE work is its ability to discern whether the download is authorized or not. How that’s done is based on another fact about web browsers.

What the research team has found is that web browsers use a well-defined process to implement download confirmations. That means an application like BLADE, looking specifically for download authorizations, would only need a few examples from the different web browser in order to recognize most download authorization attempts.

The following slide (courtesy of the research team) explains how BLADE checks for authorization:

How effective is BLADE?
BLADE was tested using real-world circumstances as the following quote explains:
“Our testbed automatically harvests malware URLs from multiple whitehat sources on a daily basis and evaluates BLADE against potential drive-by URLs that were reported within the past 48 hours. To validate BLADE’s browser and exploit independence, each URL is tested against multiple software configurations covering different browser versions and common plug-ins. System call and network traces are used to test for missed attacks (false negatives).”

The research team has a web page at blade-defender.org that contains the results of their evaluation. Interestingly, their data seems to verify what other security experts have been saying about Adobe products:

According to the research paper, almost 19,000 trials have taken place, with zero false positives and zero false negatives. Meaning, BLADE prevented in-the-wild drive-by malware from installing in every case.

Not a cure-all
BLADE is designed to block drive-by malware that tries to write to the hard drive. Right now, that works, as a majority of drive-by malware uses that approach. But, security experts are aware of certain threats that reside in memory only and BLADE will not recognize them.

Then there is malware that installs by leveraging social engineering. BLADE is of no help, as the user willingly agrees to the download.
Finally, developers have expressed concern that BLADE may break legitimate applications like Windows Update that download software in the background.

Final thoughts
The research team’s work points out once again how important it is to keep the operating system and all applications up to date. With no vulnerabilities, drive-by malware cannot gain a foothold.

Two new studies have raised concerns about the transmission of private data by some iPhone and Android apps.

Last week, researchers from Duke University, Pennsylvania State University, and Intel Labs released the results of a study on 30 popular third-party Android apps. Using TaintDroid, a tool which the researchers created, they discovered that 20 of the studied applications exhibited “suspicious handling of sensitive data” and that 15 of the applications “reported users’ locations to remote advertising servers.”

In addition to location information, the researchers discovered instances of applications transmitting a device’s phone number, IMSI code (unique code that identifies a user of a GSM or UMTS network), ICC-ID (unique SIM card serial number), and IMEI number (unique identifier for an individual device). They found that one application transmitted information each time the phone booted.

“While this application displays a terms of use on first use, the terms of use does not specify collection of this highly sensitive data. Surprisingly, this application transmits the phone data immediately after install, before first use.”

Not only are applications transmitting information that could be used to personally identify an individual, they are also sending geographic location data. The researchers found that 50 percent of the studied applications “exposed location data to third-party advertisement servers without requiring implicit or explicit user consent.” And while two of these 15 did display a EULA when first run, neither EULA indicated that such data would be collected and sent to advertisers.

A second paper, written by Eric Smith, Assistant Director of Information Security and Networking at Bucknell University, raised similar privacy questions about iPhone applications. Instead of creating a tool to track transmitted data, Smith analyzed the network traffic sent from an iPhone through a specially configured wireless network.

“Packet captures were recorded using tshark12, the console-based libpcap capture utility. The resulting files were then analyzed using a suite of open-source tools including Wireshark, ngrep, and the Perl Net::Pcap libraries13 in order to determine what, if any, personally-identifiable information was being shared with third parties.”
Smith also analyzed browser cookies placed on the device by applications.

Of the 57 applications Smith evaluated, 68 percent transmitted the iPhone’s UDID (a unique device serial number), “to a remote server, owned either by the application developer or an advertising partner.” Some applications encrypted the data using SSL, but others transmitted the UDID and user’s name (either the logged-in user’s name or the iPhone’s user-assigned name) in plain text.

Applications were also found to place “extremely long-lived” tracking cookies on the iPhone. These cookies aren’t set to expire for several years. According to Smith, “these long-lived persistent cookies could allow for third parties to link UDIDs from old, discarded phones to individuals’ new phones as they upgrade to the newest iPhone model every few years.”

Choose apps wisely
In response to the Android study, a Google representative pointed out that users must approve the access when an application is installed. CNET quoted the representative:
“On all computing devices, desktop or mobile, users necessarily entrust at least some of their information to the developer of the application,” the representative said. “Android has taken steps to inform users of this trust relationship and to limit the amount of trust a user must grant to any given application developer. We also provide developers with best practices about how to handle user data…We consistently advise users to only install apps they trust.”

Under Apple’s latest iPhone Software License Agreement, users have already consented to having their location information collected.
“By using any location-based services on your iPhone, you agree and consent to Apple’s and its partners’ and licensees’ transmission, collection, maintenance, processing, and use of your location data to provide such products and services.”

What is the lesson here? Be VERY careful about the applications you install. If an application asks for access to information that doesn’t seem relevant to the application’s function, you might think twice about installing it. If you do allow an application to access your private data, know that the information may be used in ways you didn’t intend. William Enck, one of the Android researchers, made this point to CNET.

“Right now users have to be more diligent with the apps they install, look closely at the permission screen, and assume that that information may be misused.”

Office 2010 Web Apps help create a seamless experience whether working at the office, using a Windows smartphone, or cracking open your laptop at a coffee shop. By saving Office 2010 files to the Web, you can access and edit them using familiar tools. Here’s an introductory look at some things you can do with Office 2010 Web Apps.

1. Add files to Web Apps

The process of adding files to Office 2010 Web Apps is pretty simple. First, you need a Windows Live account (free!), and you need to be a registered user of an installation of Office 2010. You can then log in, click Add Files, and choose the files you want to upload to Web space. And just like that you have access to your files from any web-enabled device, which brings us to our next point.

2. Work on Office files from anywhere

Once a file is in your Windows Live SkyDrive account, it can be opened, edited, enhanced, and shared easily. The tools are almost identical to those in the desktop version of Office 2010, and the program features work in the same way.

3. Create a new file

Not only can you add and edit files you’ve created on a desktop system, but you can also use Web Apps to create new files in Word, Excel, PowerPoint, and OneNote. After you log in to your SkyDrive account, click the icon of the file you want to create on the right side of the browser window. You’ll have access to a new document where you can choose a template, add content, and save and share the file as you ordinarily would.

4. Use the Windows Live Sign-In Assistant

Windows Live offers a utility that signs you in automatically so you don’t have to stop and log in each time you want to work with Web Apps files. You will be prompted to install the Sign-In Assistant the first time you open a file in the Office 2010 Web Apps. Just click the link provided to start a wizard that walks you through the process of downloading and installing this useful tool.

5. Give users permission to share your files

The user permissions features in Windows Live lets you share your files with others. Create a folder to store the file by clicking New and choosing Folder. Add a name for the folder and click the Change link in the Share With selection (Figure B). Add the email addresses of those you want to share the file with or click Select From Your Contact List to display all Windows Live contacts and click the users you want to add. For each one, choose whether you want to assign the permissions that enable that person to add, edit, and delete files or simply view them in the folder. The users you specified will be able to access the files you add to the folder you just created.

6. Work collaboratively online

The Office 2010 Web Apps, including Word, PowerPoint, OneNote, and Excel, enable you to work online with others in real time. When you have given a user the necessary permissions for the file, the Office Web App lets you know when others are working with you in the file. You can click the lower-right corner of the status bar to display the list of others working in the file.

7. Download a file

You can move files from the online environment to your desktop and back. Hover the mouse over a file in SkyDrive, click More, and then choose Download. You will be prompted to choose the folder where you want to store the file. While you’re working in a file in Web Apps, you can open the file in your desktop application. When you save and close the file, any and all changes are synchronized with the online version.

8. Grab a snapshot of a workbook

If you want to download only a portion of the file you’re working on, you can click the File tab (in the Excel Web App) and choose Download A Snapshot. This downloads a copy of the workbook to your computer that includes only the values and the formatting so you can review the workbook as needed.

Overall, Office 2010 Web Apps gives you the power and reliability of Microsoft’s Office suite with the flexibility to work from anywhere. If you are a registered Office 2010 user and want to be productive anywhere and everywhere, then you should definitely look into Office 2010 Web Apps. Call Responza at 206-762-5100 to learn how to implement this service at your business today!