Think of it as the equivalent of iTunes for Android.

Developers will be able to upload apps–including games and other digital content–to Amazon, which in turn will promote and distribute them on Amazon.com and also on mobile phones. (I can hear the promotions now: “If you liked that app…what about this one?”)

In a blog post aimed at developers, Amazon writes that it’s trying hard to get developers recognized among the hundreds of thousands of apps out there: “Amazon’s innovative marketing and merchandising features are designed to help customers find and discover relevant products from our vast selection, and we’re excited to apply those capabilities to the apps market segment.”

For the past few months, Amazon employees have been reaching out to developers to find out pain points and drum up support for this day.

So far, it looks like Amazon has listened to concerns. The developer portal looks insanely easy to use–anyone with a regular Amazon username and password can access it. Right now, the annual fee of $99 has been waived, and once you agree to a seven-page app-store distribution agreement, you can start uploading applications to the network, and eventually see metrics on how well they are performing.

Much of it sounds like iTunes.

Amazon will share 70 percent of revenues with developers, and the distribution agreement hints it will go worldwide. For now, it will be limited to the U.S. Amazon will handle all the bill processing, which is complex, especially on a global basis. Google learned this the hard way, and continues to support only paid apps in some countries. Amazon will also have some sort of approval process, but it’s unclear how rigorous that will be.

Launching an app store is not a stretch for Amazon. It’s been selling MP3s on phones for some time and has a large digital catalog, spanning books and videos. It also has a built-in payment system and access to tens of millions of Amazon customers, many of whom have their credit card information on file, as with iTunes or PayPal.

The one question is whether the business will provide enough scale for an e-commerce company of its size. After all, most applications today are free, or really cheap. And at least for now, Amazon is limited to the Android operating system.

True, Android is quickly gaining on Apple, especially in the U.S. According to Nielsen’s latest figures, the iPhone’s market share is 28.6 percent vs. RIM’s BlackBerry and Google’s Android platforms, which are essentially tied in second place with 26.1 percent and 25.8 percent, respectively.

There are two potential scenarios that will help pencil this out: The app store could help drive more sales of other content or products on the phone for Amazon. A more farfetched scenario is that Amazon does such a good job that other platforms or handset makers, like BlackBerry, Windows Phone, HTC or Samsung, will choose to outsource or adopt Amazon’s platform for a cut of the revenues.

However, we’re starting to get more information about how the McDonald’s incident appears connected to hacking incidents at other sites. Chicago Business is reporting that the company responsible for McDonald’s email marketing is Silverpop Systems, and that it had been operating under a subcontract from Chicago-based Arc Worldwide.

So who else is a customer of Silverpop? Yesterday I received an email from someone who’s a customer of deviantArt, a social network where artists share their creations. DeviantArt has a base of 13 million users. Got an account there? You’d better change any passwords that overlap with other sites. The site advised customers that their accounts were compromised, and blamed Silverpop.

It could extend much further yet. Silverpop has more than 100 clients, and not all of them are publicly disclosed, though here are a few, found on its client quotes page and its case studies page: Stamps.com, Pitney Bowes/Mapinfo, Encyclopedia Britannica, Santander Consumer Finance and watchmaker Fossil. There’s no word how any of those other companies are affected, if at all.

Silverpop CEO Bill Nussey said in a blog message to customers that the FBI is investigating the incident, and that only a small percentage of Silverpop customers have been affected. He also said that Silverpop was “among several technology providers targeted as part of a broader cyber attack.” Stacy Kirk, a Silverpop spokeswoman, wouldn’t say anything beyond what’s in Nussey’s message.

I’m beginning to wonder if there’s some indirect connection between what happened to Silverpop and what happened to Gawker. I’m speculating here, but it’s no stretch of the imagination that numbering among deviantArt’s 13 million users are some of the 1.5 million people whose accounts were compromised in the Gawkergate affair. And the FBI is investigating both. Thomas Plunkett, Gawker’s technology chief, told me by email that there’s no evidence of a connection. Then again, as Business Insider tells it, he hasn’t yet had his meeting with the FBI.

Maybe I’m looking for connections that aren’t really there, but it’s really not hard to see how the breach at Gawker could turn out be the start of a domino effect that’s much larger than anyone has yet realized. There certainly is a lot of grumbling about changing passwords today.

If you know more more about any of this, get in touch!

Below is the email to deviantArt users.

From: deviantART.com (address deleted)
Date: Mon, Dec 13, 2010 at 5:54 AM
Subject: RE: Email Notice

Silverpop Systems, Inc., a leading marketing company that sends email messages for its clients, told us that information was taken from its servers. This was probably part of a sweep by spammers. As a result, email addresses belonging to deviantART members were copied. Corresponding usernames and birth date may also have been removed.

We can assure you that nothing occurred on our systems with respect to this incident and no access was gained to private information on deviantART’s servers.

As a member of deviantART, you certainly have a right to know when an incident of this kind occurs. Unfortunately spammers are an unavoidable part of living on the Web.

The likely result of this event might be an increase in spam to your email. Experts have told us that there is an increase in email scams out there on the Internet and you should be cautious. Only click links or download attachments from people you know, particularly if they ask for personal information, and be sure that your email service provider has adequate spam filters.

Because we value the information that members give us, we have decided not to rely on the services of Silverpop in the future and their servers will no longer hold any data from us.

Denton being Denton, he made his mea culpa in a relatively obscure corner of his blog network–an open comments thread with Gawker readers. And if you had a bit too much of the wrong kind of skepticism, you might think that this photo Denton posted to the thread was a bit cavalier:

But nope, says Denton. That’s real contrition: “Okay, here you go. That’s me on the left and Tom Plunkett, our CTO, on the right. We’re looking appropriately glum. It didn’t take any acting.” (Also worth noting that Denton was responding directly to a reader request for “a photo of yourself wearing a dunce cap or something of that nature. With a big ‘I’m sorry’ sign.”)

In more important news: Denton’s sites, which stopped posting yesterday afternoon as a result of the attack, are now back up again. And if you’ve ever left a comment on one of the sites, you should go there and change your password, then do the same at any other site where you’ve used the same login/password combo.

A few other notes:

• Gawker Media says that readers who used Twitter or Facebook logins to leave comments on the blog network haven’t been affected. But people who used the same login on Gawker as they have on Facebook or Twitter may very well be in trouble. Which may be one reason so many Twitter users I know are now promoting a bogus weight-loss berry.
• There’s a Google document that contains some of the hacked email/login info, and something called Hint has been emailing some hacked commenters with a reminder to change their passwords. (Who are they? Why do they want to associate their yet-to-launch site with a security breach? Anyone?) But not finding your info on the document and not getting an email doesn’t mean you don’t have a security problem. Play it safe and change your password now, regardless.

Both showed technologies at D: Dive Into Mobile aimed at making the headsets useful for more than just making cellphone calls. And on Thursday, Plantronics plans to announce what sounds like another pretty nifty feature. Dubbed InstantMeeting, it is a piece of software that makes it possible to dial in to a meeting with the press of a button–instead of having to go through the usual process, which involves calling a number, entering a conference code and then maybe a password to boot.

For now, InstantMeeting is a program for the BlackBerry (see image) and Android, though Plantronics says that an iPhone version is in the works, as is a Skype version and one that can connect directly to Microsoft’s Outlook software–the place where that call-in data often is buried. Those other versions should come early next year.

As for the Android and BlackBerry programs, a free trial version allows 20 free dial-ins, while the premium version, which allows for unlimited dial-ins, will sell for $2.99. However, Plantronics says that those who download the free trial version on Thursday will get 1,000 free calls.

I’ll have to see it in action to believe it, but it sure sounds like a time-saver. Plus, if it works, when your phone drops the call, you can just press one button to dial back in. Of course, as with Jawbone’s Thoughts application for the iPhone, I don’t actually need a headset to use InstantMeeting.

LastPass, a cross-platform password manager, has acquired the social bookmarking and browser synchronization service Xmarks.

The San Francisco-based Xmarks has been in the midst of some tumult of late, as it closed down in September and then quickly opened back up again in an effort to keep its service running for a large group of active users.

That happened after user outcry, spurring the company to try to stay afloat.

SInce then, Xmarks has been trying to land itself safely.

The start-up had multiple offers to keep the operation running, as well as pledges from almost 30,000 fans willing to pay $10 to $20 a year for a new “freemium” business model.

Enter LastPass, based in Vienna, Va., whose CEO Joe Siegrist said in an interview that he wanted to help keep the service operating.

“They had a large dedicated audience, but their free offering and advertising model was not working,” he said. “We really want to figure something out that could keep it going.”

Siegrist said LastPass offered a robust free service, but relied on a small group of users who pay to upgrade to a premium offering.

The browser add-on for cross-platform synchronization operates in the cloud.

And that is going to be the fate of Xmarks–which had been called Foxmarks initially.

It had been seed-funded in 2006 by well-known entrepreneur Mitch Kapor and also got an additional investment from First Round Capital.

Xmarks garnered another $5 million in funding from Redpoint Ventures in 2008,

That year, it also hired Silicon Valley entrepreneur James Joaquin as CEO, whose job it was to carve out a business with Xmarks’ assets, including using its mass of data.

Xmarks had certainly been growing its user base and bookmarked Web addresses strongly, via a browser widget that recorded bookmarking information.

Earlier this year, it tried out an advertising product called SearchBoost, which gave advertisers additional analytics about their ads, as well as organic search results.

But all that ultimately did not translate into a viable business for Xmarks.

“We think this will make a great ending and beginning for Xmarks,” said Joaquin.

Both Xmarks and LastPass declined to provide financial details of the transaction.

Here is the blog post by LastPass and Xmarks about the integration:

Today we’re excited to announce that Xmarks has been acquired by LastPass, makers of a leading cross-platform password manager. It’s a great opportunity that ensures the survival of Xmarks as the same service that you know and love.

In the last few years, we’ve attracted over 4.5 million users syncing more than 1 billion bookmarks across 5 million computers. Most importantly, we’ve provided a simple solution to help people easily access their bookmarks, wherever and whenever they needed to. We’ve had thousands of users tell us that Xmarks has become an integral part of their browsing experience. You can rest assured that LastPass will continue to build upon the service in the coming months.

We’re also committed to keeping Xmarks free while implementing a viable long-term plan. Xmarks is transitioning to a “freemium” business model, the same model that allowed LastPass to grow into a thriving, profitable business. The browser add-on and the vast majority of what users have enjoyed remains free. Users can then opt to purchase Xmarks Premium for $12 per year, which includes new enhanced features like Android and iPhone mobile phone apps, priority support, and more. The Xmarks and LastPass Premium offerings are also available bundled together at a reduced subscription rate of $20 per year. For those of you who pledged your financial support, you can make good on your pledge today and upgrade.

The restructuring of the Xmarks offerings will accelerate the introduction of new features and service improvements. The two services will continue to require separate downloads and will be administered through two distinct extensions and websites, although there are plans to integrate them in the future.

We believe the acquisition will prove to be a success because of the common mission shared by LastPass and Xmarks. Xmarks complements LastPass’ vision of secure, universal access to the information that gives you entry to your digital life. By joining LastPass, Xmarks will also be able to accelerate the introduction of new features and developments. As the ultimate cross-browser, cross-platform team, Xmarks and LastPass will work together to help more people simplify their digital lives and access their data from anywhere, at any time.

We’re excited to join forces with LastPass and be a part of a team that will continue to provide the best data-syncing tools out there! We hope you will support both of these great services through your business and your Premium subscription. For more information, please see the FAQs.

The Xmarks & LastPass Teams

BoomTown arrived late to the Facebook mobile event for the press due to traffic related to the parade today for the San Francisco Giants’ World Series victory–and where I would much rather be right now.

Go Giants!

10:53 am PT: In any case, I am here in the cafeteria of Facebook again, where the company continues its attempts to take over the known digital universe before Google does.

Currently, the social networking giant notes “200 million people around the world are now actively using Facebook from a phone, more than triple the number just one year ago.”

Thus, some new tries of a lot of stuff, such as single sign-on.

Meaning you sign on a Facebook and it signs you on all over the Web (or at least at those in partnership with the company).

Such as at Groupon and Zynga.

This single sign-on stuff has been tried by many before, a kind of Holy Grail of the Web, and where everyone has failed.

But it also the proverbial camel’s nose poking in your digital tent.

As in, the whole Facebook body is surely coming in next.

Facebook’s exec in charge of all this, Eric Tseng, talks about a virtuous circle of single sign-on, happy users and happy developers, sounding as if this is the single biggest problem facing humanity.

A password crisis! Silicon Valley to the rescue!

Perhaps the only issue the now damaged administration of President Barack Obama could actually get some legislation passed on now.

“My fellow Americans, we have too long be stuck in a miasma of forgetting which name of our dog we used for our password plus the number one…”

How much do I want to be at Giants parade right now? Much!

11:02 am: Next, we move onto more ability to show your location to friends on Facebook better and make sense of it by opening location APIs.

More heavy pontificating about what a disaster it is that we cannot properly see where our friends are on Facebook in the real world.

Of course, this leaves out the pertinent point that my “friends” on Facebook are exactly those I do not want to run into at the Starbucks on El Camino Real in Palo Alto, Calif.

Loopt Founder Sam Altman comes up to show off the integration with Facebook Places, where this problem is solved anyway.

“We believe data wants to be unified,” says Altman.

Certainly if you are the Borg, you want it to be unified. Me, not so much.

11:11 am: Now comes the attempted Groupon-killer from Facebook, which is creatively called “Deals.”

This is essentially allowing Facebook Places to locate a person and then merchants to offer deals when a user is nearby via a platform offered by Facebook.

You can do individual deals, such as getting a beer at a bar when you check in. Then, there is a loyalty deal on the phone, taking the place of that dog-eared card you always lose.

And there is the “friend deal.” This is not friends with benefits, sadly.

It means if you check in and bring a lot of folks, one eats free–which sounds just a little naughty.

Also, there is one deal type related to charity.

For the Gap, for example, you get a free jeans if you are among the first 10,000 to check in at a Gap store. There are 500 million Facebook users, so you do the math.

Essentially, it is about getting stuff if you check in, including experiences.

So, just like little white mice in Facebook’s lab, we push the button, we get the cheese. Sigh.

But I wonder if I check in right now, I can be transported to the Giants parade via a time machine. Now that might be something worth handing over my privacy to Facebook.

“The big takeaway for today is that there is obviously a lot of change in the social space,” says Facebook CEO and Co-founder Mark Zuckerberg. “You can rethink any product area and make it be social.”

Indeed, you can. And Facebook obviously is going to be plowing on through a lot of them in order to solidify its stranglehold on the consumer.

11:23 am: Q&A!

The first question is on privacy and third-party developers giving up your location.

Yes, that!

Zuckerberg makes assurances that the current privacy steps now in place are working just fine and also users need to consent.

“The place information about people is not public,” he says.

There is question from Ben Parr of Mashable, about whether there is an iPad app for Facebook coming.

“It’s not mobile…it is a computer,” declares Zuckerberg, dismissing the very good question.

“I think Apple would disagree with you,” countered Parr, correctly.

“Well, sorry,” said Zuckerberg with more than a little bit of snark.

For a second, he sounds just like the guy from the Facebook movie.

But Zuckerberg quickly declares his love of Apple products and apologizes, although he should not have as it was a funny exchange.

A question about single sign-on. Zuckerberg notes that it has been tried, but the experience was bad.

“What we think is going to happen now is that it is so easy when it works, it is a whole different experience,” he said, comparing it to the way YouTube made video uploading on the Web easier.

Zuckerberg’s goal is that all apps become social, which is also a virtuous circle for Facebook, of course.

A question about the deals offer. It seems for Zuckerberg that Facebook is not getting a cut from retailers right now, as Groupon does.

Ruh-roh, Andrew Mason!

Zuckerberg then notes that the Places offering is going well, without giving a lot of specifics.

At the end, PR maven Brandee Barker wraps it up by saying what I have been thinking this entire time:

“Go Giants!”

Today at 8 am PT, Twitter will turn on OAuth for user authentication, which would seem like something only nerds should care about.

In fact, everyone should.

With third-party apps no longer given access to Twitter passwords, in this highly unprotected digital world, the consumer is a little bit more protected.

I myself cringe every time an app asks for basic authorization–my password for Twitter–so I can use whatever it is offering.

Since so much of the Web has become social, connecting services to each other tightly–so that they all work together–is a must.

What it also does is create untold security issues.

But OAuth–which is used by an increasing number of big sites–mitigates some of that, allowing you to sign in to Twitter itself and then let the service authenticate.

Here at All Things Digital, we are also updating our mobile app to use OAuth, since it will render the old way obsolete.

And it couldn’t come soon enough.

Here is the Twitter blog post on the changeover:

Twitter Applications and OAuth

Monday, August 30, 2010

If you are like most Twitter users, you have used use a third-party Twitter application to read or send Tweets. As of August 31, Twitter applications will all use OAuth, an authentication method that lets you use apps without them storing your password.

What does this mean for me?

The move to OAuth will mean increased security and a better experience. Applications won’t store your username and password, and if you change your password, applications will continue to work.

With OAuth, you still individually approve each application before using it, and you can revoke access at any time. To see which applications you have authorized or to revoke access, just go to the Connections section under Settings.

One thing to note–to continue to use your favorite applications, you should make sure you are running the latest version of the app. Otherwise, you may soon find that it doesn’t work anymore.

Tell me more about OAuth

In order for Twitter applications to access your account, developers have been able to choose one of two authentication methods: Basic Authentication or OAuth. Both require your permission, but there is an important difference. With Basic Auth, you provide your username and password for the app to access Twitter, and the application has to store and send this information over the Internet each time you use the app. With OAuth, this isn’t the case. Instead, you approve an application to access Twitter, and the application doesn’t store your password.

Fortunately, developers have known about our transition to OAuth since last December, so they’ve had time to update their apps. And many apps, including Echofon, TweetDeck, Twitterrific, Seesmic, and Twitter for Android, iPhone, and BlackBerry, are already using OAuth. We appreciate the work and time that developers have invested in this update in order to keep you safe.

[Image credit goes to hueniverse.com, a most excellent blog about all things OAuth and web standards.]

Not much to them, I’m told. Or, rather, not much to their assertion that Apple (AAPL) is at fault here. There’s no security hole in iTunes, and if you’ve been unfortunate enough to have hundreds of dollars in unauthorized purchases charged to your iTunes account, it’s likely because you’ve fallen victim to a bot attack or phishing scam–a variation on the one that’s been around for years now. Sources close to Apple tell me iTunes has not been compromised and the company isn’t aware of any sudden increase in fraudulent transactions.

As for an official comment, Apple offers this bit of common sense advice:

“ITunes is always working to prevent fraud and enhance password security for all of our users. But if your credit card or iTunes password is stolen and used on iTunes we recommend that you contact your financial institution and inquire about canceling the card and/or issuing a chargeback for any unauthorized transactions. We also recommend that you change your iTunes account password immediately.”

PayPal declined comment on the issue, but told me that any unauthorized charges sent through its service will be reimbursed.

[Image credit: Ars Technica]

As a point release, it’s a nice little update, with a new password-protection feature that locks the device when it’s in sleep mode and social networking integration that allows for the sharing of book excerpts via Facebook and Twitter. But as an effort to make the Kindle more competitive with some newly arrived and formidable rivals, it falls a bit short.

[Image credit: Ars Technica]

Well, guess what Google (GOOG) has unwittingly been collecting these past three years?

That’s right, payload data. And it has been collecting them from Wi-Fi networks not protected by passwords–in the United States, Germany, France, Brazil, Hong Kong and elsewhere.

“It’s now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) Wi-Fi networks,” Google Senior VP of Engineering and Research Alan Eustace said in a post on Google’s official blog Friday.

“So how did this happen?” he asks, quickly supply the answer: “Quite simply, it was a mistake. In 2006 an engineer working on an experimental WiFi project wrote a piece of code that sampled all categories of publicly broadcast WiFi data. A year later, when our mobile team started a project to collect basic WiFi network data like SSID information and MAC addresses using Google’s Street View cars, they included that code in their software–although the project leaders did not want, and had no intention of using, payload data.”

But they captured it just the same. And now Google is in the uniquely uncomfortable position of sitting on a pile of exactly the sort of customer data that privacy advocates worried that it was collecting. Until the company figures out what to do with the information, Google has temporarily grounded its Street View cars and promised to stop collecting Wi-Fi network data entirely.

“The engineering team at Google works hard to earn your trust–and we are acutely aware that we failed badly here,” Eustace concluded. “We are profoundly sorry for this error and are determined to learn all the lessons we can from our mistake.”

I’m sure the European privacy commission and regulators in the United States will make quite sure of that.

For years, there have been software programs and Web sites that try to corral portions of this information. Some of these digital products offer to organize your online IDs and passwords. Others focus on financial, health, or other information.

But a couple of relatively new products aim to digitally collect your important data in all these categories in one easy-to-access place: either on your computer or on the Web. One is Orggit, launched last fall by a Chicago-based company called Morgan Street Document Systems. The other is InformationSafe, launched in January by New York company Ascend Partnerships.

Orggit, available at orggit.com, costs $50 a year. InformationSafe, available at infosafe.com, is $50 for a desktop version or $50 a year for a Web version. A backup service for the desktop version of InformationSafe is $30 a year.

I’ve been testing both, and found each fairly easy to use and potentially very valuable, especially as your life gets more complicated. It’s a real bonus to be able to find everything in one place, even scanned paper documents. Both products work on either Windows PCs or Macs.

They also share some important downsides. As you might expect, they are only effective if you take the time and effort to enter all your information, from passwords to credit-card information to all the medications you take, and more. That can be a chore, even though both products try to make it easier with predefined templates for each type of data.

Another downside: security. Anything stored digitally, especially online, is vulnerable to criminal hackers. Both products offer multiple log-in plans, not just passwords but things like photos or important dates in your life that you must identify. Both also use a tough form of encryption typically favored by the government and banks. But there are no guarantees.

On this issue, InformationSafe has the edge. While it offers a Web-based version, it also comes in a version that exists only on your local computer, or on a removable drive. The company says this local version is chosen by 80% of its users. Orggit is purely Web-based, and can be accessed from any computer or from Orggit’s nicely designed free iPhone app.

InformationSafe’s desktop version is less convenient, because it can’t be accessed remotely. But it’s more secure. Still, even data stored only on a local computer or drive can be compromised by a determined hacker who targets it when the machine is online, or if it is lost or stolen and falls into the wrong hands.

Orggit’s iPhone app

You could use InformationSafe on a PC that you never connect to the Internet, but you’d be unable to use the company’s optional backup service and could lose everything if the hard disk fails, unless you faithfully back it up locally.

Each product is divided into logical sections, such as finance, health, insurance, passwords, and so forth. Orggit has a simpler layout, with colorful icons and a quicker, easier way to download reports on what’s in your wallet and on your health data. InformationSafe has many more canned templates, but you can enter almost anything into Orggit as well.

Each allows you to type in your information using the templates, or to upload digital or scanned documents, such as a living will or the image of a driver’s license. Each also allows you to type notes on everything you store.

Orggit has a special health feature InformationSafe lacks. Once you sign up, you get a physical wallet card with a toll-free number that can be called by emergency or medical personnel to gain access to your vital medical information. This phone number also is displayed in the iPhone app.

Also, Orggit allows you to store separate sets of information for up to 10 family members or other people, who can share some or all of their information with each other. InformationSafe allows the entry of information about other people, but it is basically designed for a single user; and sharing, while possible, is more limited.

InformationSafe has a more staid look and feel, but it isn’t hard to navigate. However, its local and Web versions aren’t connected, are purchased separately and don’t synchronize with each other even if you have both.

You can get Web backup of the local version for a fee, but this backup isn’t visible from the Web. The company says it is working on this feature.

If you’re comfortable with digital storage, these two products offer an effective way to organize the details of your life.

Find all of Walt Mossberg’s columns and videos online, free of charge, at the All Things Digital Web site, walt.allthingsd.com. Email him at mossberg@wsj.com.

]]> http://allthingsd.com/20100512/gathering-vitals-of-your-so-called-scattered-life/feed/ 0 http://allthingsd.com/20100420/well-at-least-google-didn%e2%80%99t-ahem-lose-it-in-a-redwood-city-bar/ http://allthingsd.com/20100420/well-at-least-google-didn%e2%80%99t-ahem-lose-it-in-a-redwood-city-bar/#comments Tue, 20 Apr 2010 14:15:29 +0000 John Paczkowski http://digitaldaily.allthingsd.com/?p=38708 So that “intellectual property” that was stolen in the “highly sophisticated and targeted attack” against Google late last year? Turns out it was some pretty serious stuff–the source code to Single Sign-On, the password system that controls access to most of Google’s services.

Obviously, a significant and worrisome theft. Single Sign-On, or Gaia as it’s known internally, is used to authenticate users of Gmail and a number of other Google online applications, including some designed for business.

Little wonder then that Google (GOOG) responded with such outrage to the attack. While the company was quick to add further layers of security and encryption to Single Sign-On once it discovered it had been compromised, the possibility that the source code to one of the most widely used online password systems in the world is in the hands of someone with malicious intent is troubling.

As the New York Times, which broke the story, notes, access to the system’s source code could reveal some exploitable security vulnerabilities that may have eluded Google’s engineers. And that would be bad news indeed.

]]> http://allthingsd.com/20100420/well-at-least-google-didn%e2%80%99t-ahem-lose-it-in-a-redwood-city-bar/feed/ 0 http://allthingsd.com/20100330/feeling-at-home-with-a-router/ http://allthingsd.com/20100330/feeling-at-home-with-a-router/#comments Wed, 31 Mar 2010 04:02:29 +0000 Katherine Boehret http://solution.allthingsd.com/?p=1146 Like a hornets’ nest, the home router sits undisturbed by those who know better than to touch it. This antenna-enhanced box sends data to and from desktops, laptops, smart phones and TiVos (TIVO) throughout the house. Its indicator lights glow, signaling all is well with the network.

But setting it up can be a major ordeal. People beg their techie friends for help. Some sit for hours on the phone with customer support. A few brave souls muddle through a sea of acronyms and secure codes in an attempt to install the router. Once it is set up, many are afraid to change its settings for fear of disrupting it and losing Internet connectivity.

Enter Valet (TheValet.com), a new wireless router designed for people who are tired of being intimidated by a blinking box. Valet is designed by the people who brought us the Flip video camcorders, the ultra simple handhelds with ultra simple software that just work. And it comes from Cisco (CSCO), which also owns Linksys—a router brand that people know and trust.

I’ve been using Valet for the past week, but it took me only 10 minutes, from start to finish, to get it going, thanks to a simple USB key that plugs into the computer and sets everything up in the background in less than five minutes. I tried it on a Windows 7 PC running and on an iMac, as well as on mobile devices, including a BlackBerry, Palm (PALM) Pre and the HTC HD2. The Valet is available Wednesday for $100 on Amazon.com (AMZN), TheValet.com and Staples (SPLS) stores. Over the next two weeks, it will be sold at Best Buy (BBY), Target (TGT) and Wal-Mart (WMT). There’s also the $150 Valet Plus, with a Wi-Fi range about 20% greater than the Valet.

I ran into a bug while trying to install the Valet software on a Mac: I plugged in the USB key but its built-in software didn’t install and I got a message telling me that Valet wasn’t able to set up on my computer. A Cisco representative said this was a rare Mac bug that will be fixed over this week and next week.

Along with its simple setup, Valet automatically creates a guest network to go with the main network so visitors can log onto a household’s Wi-Fi—either with or without a password, depending on settings—and not gain access to files shared within that network. The Valet software has parental controls that make it a cinch to set up restrictions like blocking certain Web sites or cutting off Internet access after a certain time on school nights or weekends.

The Valet isn’t the first router to enable parental controls and guest-network access. Apple Inc.’s (AAPL) $179 AirPort Extreme Base Station allows users to set up guest networks. Likewise, Netgear’s (NTGR) six most recently introduced routers, priced from $70 to $190, offer guest networks and parental controls. But just as the Flip camera’s built-in software simplified the process of editing, uploading and sharing home videos, the Valet’s software makes networking approachable for anyone—regardless of technical skill.

The Valet comes in a box with a USB Easy Setup Key, wireless router, Ethernet cable and power adapter (the last two are hidden under the box’s interior packaging). Instructions on the box told me to plug the USB key into a PC or Mac. Then on-screen directions popped up, instructing me to plug the Valet router into the wall with the power adapter and then into my home’s modem using the Ethernet cable. I selected the “connect” option on the computer screen, and four minutes later, the network was set up.

The device’s software, called Cisco Connect, is divided into four categories: Computers & Devices, Parental Controls, Guest Access and Settings. With these, I could quickly see how many devices were connected to my network and learn the name and password for the guest network if I forgot it. (Valet networks have pre-set, randomly selected names and passwords that people can easily change. My network’s default name was RubyPanda and its password was mango62—both simple word/number combinations that are easy to remember.) If the guest network is password-protected, guests have to enter that password on a Web browser page, like at a hotel. This could be confusing for people used to entering network passwords at the operating-system level, right as they select the Wi-Fi network. A Cisco representative said using a Web browser page is a more consistent way of entering passwords and it saves people from having to answer questions they may not be able to answer if they’re logging onto the main network, like the name of the “WPA key.”

If people get stuck during setup, which happened with me when I ran into the Mac bug, a screen immediately displays a customer-service number for Valet that’s available 24 hours a day, seven days a week. I spoke to a woman who tried several troubleshooting methods, but she didn’t know about Valet’s rare Mac bug. Once a computer is set up with the Valet network, the USB key can be taken to other computers to update them with the same network passwords and settings.

Using the parental controls couldn’t have been easier. After a password is set up, Web content can be blocked at a teen or child level on some or all devices. Specific sites can be blocked, and when I blocked Facebook on a connected Mac, it wouldn’t open on that computer without the parent password. Time restrictions on Internet usage can be set up here, with different settings for school nights and weekends.

Though the $100 Cisco Valet is more than twice as expensive as some wireless routers, its built-in software puts great emphasis on simplicity and ease of use, and turns setting up and using a a home network into an unusually pleasant experience.

Edited by Walter S. Mossberg.

Write to Katherine Boehret at mossbergsolution@wsj.com

]]> http://allthingsd.com/20100330/feeling-at-home-with-a-router/feed/ 0 http://allthingsd.com/20100202/twitter-under-attack/ http://allthingsd.com/20100202/twitter-under-attack/#comments Tue, 02 Feb 2010 13:31:23 +0000 John Paczkowski http://digitaldaily.allthingsd.com/?p=34059 According to Sophos’s 2010 Security Threat Report, there has been a dramatic rise in attacks on social networks in the past year. So reports this morning from a number of Twitter users claiming they’ve received an email from Twitter asking them to reset their passwords after a suspected phishing attack are certainly cause for concern–either because they have indeed fallen victim to a phishing attack or because they’re about to fall victim to one by following the email’s instructions (see text below; click to enlarge).

Certainly, it’s difficult to determine if the email is genuine. After all, its subject line is “Please change your twitter password,” and conventional wisdom is to never click a password-reset link in an email. That said, Twitter users who received it and followed its instructions have regained access to the service after being locked out.

So, if you’ve received such an email, tread carefully.

As of this writing, Twitter has not commented on these reports on its blog or status page, though that doesn’t necessarily mean anything. In any event, I’ve asked the company for an explanation and will update here if and when I receive one.

UPDATE: Twitter just sent me the following comment:

As part of Twitter’s ongoing security efforts, we reset passwords for a small number of accounts that we believe may have been compromised offsite. In one case, a number of accounts posted updates indicative of giving their username and password to untrusted third parties. While we’re still investigating and ensuring that the appropriate parties are notified, we do believe that the steps we’ve taken should ensure user safety. We’ll continue provide updates as warranted at @safety and @spam. We do, as always, encourage our users to read our help pages on what to do if your account is compromised: http://twitter.zendesk.com/forums/10713/entries/31796 and how to stay safe on Twitter: http://twitter.zendesk.com/forums/10711/entries/76036.

[Image credit: Andrew R.H. Girdwood]

]]> http://allthingsd.com/20100202/twitter-under-attack/feed/ 0 http://allthingsd.com/20100127/premium-buys-encryption-for-evernote/ http://allthingsd.com/20100127/premium-buys-encryption-for-evernote/#comments Wed, 27 Jan 2010 23:06:06 +0000 Walter S. Mossberg http://mailbox.allthingsd.com/?p=546 Your review of the Evernote notes-storage service last week made it sound tempting. But do they encrypt my notes on their servers so a hacker can’t steal them? And what happens to my notes if they go out of business?

A: Evernote isn’t a purely cloud-based (Internet-based) system. It does store your notes on its servers, for Web access, but it also exists as a synchronized local application on Windows, Mac and every major smart phone. So your notes are stored locally on the hard disks of your various computers. Local storage is available on the iPhone app, and the company says it plans to add local storage to Android phones soon. Thus, even if the company went out of business, the notes on your Mac or PC or iPhone would be safe.

Evernote says it doesn’t encrypt data on its servers because it indexes all your notes for quick searching, and performs image recognition on photo notes, and it claims encryption would prevent that. Your user name and password, however, are always encrypted in transit, according to the company, and passwords aren’t stored on its servers—even if you have a free account. For premium users ($5 a month or $45 a year) all of the data, not just user names and passwords, are encrypted.

Also, the service allows users to encrypt all, or any part, of any note, and the company says it doesn’t receive the key to decrypt this material. The only part of a wholly encrypted note that the company would hold on its server would be its title and tags, if any.

I’m looking for a lightweight laptop, ideally under five pounds and with long-lasting battery life. I’m confused by all the models. Can you help me to narrow it down to a handful?

A: Unless you are looking for a tiny netbook, I suggest you consider a couple of options. One is a new category of Windows laptops variously called things like “ultrathin” and “thin and light.” All are well under five pounds in weight and many have good battery life. I reviewed three of these laptops—models from Toshiba, Hewlett-Packard (HPQ) and Lenovo—back in November, and you can read the column at http://bit.ly/m3JQn.

The second option worth considering is a Mac, which I believe has superior software and security, albeit at a higher price. Apple’s (AAPL) MacBook and 13″ MacBook Pro, while heavier than this new batch of Windows machines, weigh slightly under five pounds and have strong battery life. My review of the latest MacBook, from October, is available at http://bit.ly/7brVJk.

You can find Mossberg’s Mailbox, and my other columns, for free at the All Things Digital site, http://walt.allthingsd.com.

]]> http://allthingsd.com/20100127/premium-buys-encryption-for-evernote/feed/ 2 http://allthingsd.com/20100121/google-when-good-isn%e2%80%99t-good-enough/ http://allthingsd.com/20100121/google-when-good-isn%e2%80%99t-good-enough/#comments Thu, 21 Jan 2010 21:10:59 +0000 John Paczkowski http://digitaldaily.allthingsd.com/?p=33221

]]> http://allthingsd.com/20100121/google-when-good-isn%e2%80%99t-good-enough/feed/ 0 http://allthingsd.com/20091221/ford-to-enable-wifi-hotspots-in-some-cars-boomtown-rejoices/ http://allthingsd.com/20091221/ford-to-enable-wifi-hotspots-in-some-cars-boomtown-rejoices/#comments Mon, 21 Dec 2009 11:00:51 +0000 Kara Swisher http://kara.allthingsd.com/?p=22139

Last week, when BoomTown was taking a taxi from JFK Airport, I was more of a geek loser than usual, using my USB broadband modem to connect and write a post (while, I will be honest, also watching the latest Serena-screws-up-again episode of “Gossip Girl”).

With all the potholes and traffic, the jostling cut off the connection several times, which was deeply annoying, since I need to be jacked into the matrix 24/7.

Now comes news that Ford (F) will make the next generation of its Sync-enabled vehicles into Wi-Fi hotspots, allowing you to connect to the Internet everywhere much more seamlessly in a moving car. They will be available next year.

Oh, joy! Now, I can monitor celeb disasters constantly on TMZ, continue to not confirm friend requests on Facebook and obsessively Gowalla myself while moving at 80 miles per hour, which should freak some people out.

While there are lots of in-car wireless solutions, such as MiFi, this one seems like it could be one of the easier ones, allowing you to use any USB modem to connect to the automobile, which then provides access to anyone in it with a password (yes, you can stop that snotty BMW next to you in traffic on 101 from stealing your signal).

Ford’s Sync cars are a lot like many other digitally souped-up ones, with lots of data, voice-operated info and hands-free calling, but this is a welcome new innovation.

Here is a video by Ford showing the system, in which one kid in the backseat is using an Apple (AAPL) laptop and one a Microsoft (MSFT) PC:

And here is an interview I did in October, in which Ford’s digital guru Scott Monty said: “Social media is the cocaine of the communications industry”:

Finally, here’s the official Ford press release:

FORD SYNC GOES WIFI TURNING CAR INTO MOBILE INTERNET HOT SPOT FOR PASSENGERS WHILE ON THE GO

• Next-generation SYNC® system to incorporate in-car WiFi system powered by customer’s USB mobile broadband modem, turning entire car into hot spot

• New capability will be standard on select SYNC-equipped vehicles with no additional hardware or subscriptions required beyond the user-supplied mobile broadband modem

• Standard WiFi Protected Access 2 (WPA2) security protocols will be in force, and only owner-permitted devices will be able to access the network, helping ensure secure, robust connectivity for in-car users

DEARBORN, Mich., Dec. 21, 2009–Ford Motor Company will turn vehicles into rolling WiFi hot spots when it introduces the second generation of its popular SYNC® in-car connectivity system next year.

Inserting an owner’s compatible USB mobile broadband modem–sometimes called an “air card”– into SYNC’s USB port will produce a secure wireless connection that will be broadcast throughout the vehicle, allowing passengers with WiFi-enabled mobile devices to access the Internet anywhere the broadband modem receives connectivity.

“While you’re driving to grandma’s house, your spouse can be finishing the holiday shopping and the kids can be chatting with friends and updating their Facebook profiles,” said Mark Fields, Ford president of The Americas. “And you’re not paying for yet another mobile subscription or piece of hardware because Ford will let you use technology you already have.”

Studies by the Consumer Electronics Association show that as many as 77 million adults make up the so-called technology enthusiast drivers population, more than half of whom express the desire for a connected communications and information system in their vehicles. Even among the general population, more than one third of Americans would be interested in the ability to check email and access Web sites in their vehicles.

Upgradeable and secure

The USB port provided by SYNC lets owners leverage a variety of devices, including the mobile broadband modem. And through simple software updates, SYNC can be adapted to connect with the latest devices.

“The speeds with which technology is evolving, particularly on the wireless front, makes obsolescence a real problem,” said Doug VanDagens, director of Ford’s Connected Services Solutions Organization. “We’ve solved that problem by making SYNC work with just about any technology you plug into it. By leveraging a user’s existing hardware, which can be upgraded independent of SYNC, we’ve helped ensure ‘forward compatibility’ with whatever connectivity technology comes next.”

The SYNC WiFi capability is a simple solution for bringing internet into the vehicle, versus competitive systems on the market. Being factory-installed, the hardware is seamlessly integrated into the vehicle, whereas competitor’s systems are dealer-installed and require a bulky bolt-in receiver and transmitter that take up cabin space. Also, competitive systems cost approximately $500 for equipment and installation, not to mention the monthly subscription fee.

“Using SYNC with existing mobile devices helps Ford provide the most value, the most flexibility and the most convenience for owners,” said Fields. “Constant connectivity is becoming a routine part of our customers’ lives, and we’re making existing technology more accessible without adding costs: That’s the kind of value Ford drivers have learned to expect.”

Using the SYNC WiFi system, a signal will be broadcast throughout the vehicle. Default security is set to WiFi Protected Access 2 (WPA2), requiring users to enter a randomly chosen password to connect to the Internet. When SYNC sees a new WiFi device for the first time, the driver must specifically allow that device to connect, preventing unauthorized users from “piggybacking” on the SYNC-provided signal.

]]> http://allthingsd.com/20091221/ford-to-enable-wifi-hotspots-in-some-cars-boomtown-rejoices/feed/ 13 http://allthingsd.com/20091030/will-you-remember-your-payphrase/ http://allthingsd.com/20091030/will-you-remember-your-payphrase/#comments Fri, 30 Oct 2009 12:00:22 +0000 Geoffrey A. Fowler http://voices.allthingsd.com/?p=17220 We already have a ton of passwords to remember. Now Amazon.com (AMZN) wants us to remember something new–PayPhrase–which has already sparked an online pile on.

The program, which Amazon announced Wednesday, is supposed to replace ordinary login and password combinations with a phrase and PIN combination that are linked to a specific account and shipping address. The distinction is subtle: You have one Amazon login and password (which aren’t going away), but you can have multiple PayPhrases that are linked to specific aspects of your account, like different shipping addresses or credit cards.

Read the rest of this post on the original site

]]> http://allthingsd.com/20091030/will-you-remember-your-payphrase/feed/ 0 http://allthingsd.com/20091007/a-windows-to-help-you-forget/ http://allthingsd.com/20091007/a-windows-to-help-you-forget/#comments Thu, 08 Oct 2009 01:02:03 +0000 Walter S. Mossberg http://ptech.allthingsd.com/20091007/a-windows-to-help-you-forget/ In just two weeks, on Oct. 22, Microsoft’s long operating-system nightmare will be over. The company will release Windows 7, a faster and much better operating system than the little-loved Windows Vista, which did a lot to harm both the company’s reputation, and the productivity and blood pressure of its users. PC makers will rush to flood physical and online stores with new computers pre-loaded with Windows 7, and to offer the software to Vista owners who wish to upgrade.

With Windows 7, PC users will at last have a strong, modern successor to the sturdy and familiar, but aged, Windows XP, which is still the most popular version of Windows, despite having come out in 2001. In the high-tech world, an eight-year-old operating system is the equivalent of a 20-year-old car. While XP works well for many people, it is relatively weak in areas such as security, networking and other features more important today than when XP was designed around 1999.

After using pre-release versions of Windows 7 for nine months, and intensively testing the final version for the past month on many different machines, I believe it is the best version of Windows Microsoft (MSFT) has produced. It’s a boost to productivity and a pleasure to use. Despite a few drawbacks, I can heartily recommend Windows 7 to mainstream consumers.

Like the new Snow Leopard operating system released in August by Microsoft’s archrival, Apple (AAPL), Windows 7 is much more of an evolutionary than a revolutionary product. Its main goal was to fix the flaws in Vista and to finally give Microsoft customers a reason to move up from XP. But Windows 7 is packed with features and tweaks that make using your computer an easier and more satisfying experience.

The new taskbar shows small previews of many windows and allows for larger previews.

Windows 7 introduces real advances in organizing your programs and files, arranging your taskbar and desktop, and quickly viewing and launching the page or document you want, when you want it. It also has cool built-in touch-screen features.

It removes a lot of clutter. And it mostly banishes Vista’s main flaws—sluggishness; incompatibility with third-party software and hardware; heavy hardware requirements; and constant, annoying security warnings.

I tested Windows 7 on 11 different computers, ranging from tiny netbooks to standard laptops to a couple of big desktops. These included machines from Lenovo, Hewlett-Packard (HPQ), Dell (DELL), Acer, Asus, Toshiba and Sony (SNE). I even successfully ran it on an Apple Macintosh laptop. On some of these machines, Windows 7 was pre-loaded. On others, I had to upgrade from an earlier version of Windows.

In most cases, the installation took 45 minutes or less, and the new operating system worked snappily and well. But, I did encounter some drawbacks and problems. On a couple of these machines, glacial start-up and reboot times reminded me of Vista. And, on a couple of others, after upgrading, key features like the display or touchpad didn’t work properly. Also, Windows 7 still requires add-on security software that has to be frequently updated. It’s tedious and painful to upgrade an existing computer from XP to 7, and the variety of editions in which Windows 7 is offered is confusing.

Finally, Microsoft has stripped Windows 7 of familiar built-in applications, such as email, photo organizing, address book, calendar and video-editing programs. These can be downloaded free of charge, but they no longer come with the operating system, though some PC makers may choose to pre-load them.

In recent years, I, like many other reviewers, have argued that Apple’s Mac OS X operating system is much better than Windows. That’s no longer true. I still give the Mac OS a slight edge because it has a much easier and cheaper upgrade path; more built-in software programs; and far less vulnerability to viruses and other malicious software, which are overwhelmingly built to run on Windows.

Now, however, it’s much more of a toss-up between the two rivals. Windows 7 beats the Mac OS in some areas, such as better previews and navigation right from the taskbar, easier organization of open windows on the desktop and touch-screen capabilities. So Apple will have to scramble now that the gift of a flawed Vista has been replaced with a reliable, elegant version of Windows.

Here are some of the key features of Windows 7.

New Taskbar: In Windows 7, the familiar taskbar has been reinvented and made taller. Instead of mainly being a place where icons of open windows temporarily appear, it now is a place where you can permanently “pin” the icons of frequently used programs anywhere along its length, and in any arrangement you choose. This is a concept borrowed from Apple’s similar feature, the Dock. But Windows 7 takes the concept further.

For each running program, hovering over its taskbar icon pops up a small preview screen showing a mini-view of that program. This preview idea was in Vista. But, in Windows 7, it has been expanded in several ways. Now, every open window in that program is included separately in the preview. If you mouse over a window in the preview screen, it appears at full size on your desktop and all other windows on the desktop become transparent—part of a feature called Aero Peek. Click on the window and it comes up, ready for use. You can even close windows from these previews, or play media in them.

I found this feature more natural and versatile than a similar feature in Snow Leopard called Dock Expose.

You can also use Aero Peek at any time to see your empty desktop, with open windows reduced to virtual panes of glass. To do this, you just hover over a small rectangle at the right edge of the taskbar.

Taskbar icons also provide Jump Lists—pop-up menus listing frequent actions or recent files used.

Desktop organization: A feature called Snap allows you to expand windows to full-screen size by just dragging them to the top of the screen, or to half-screen size by dragging them to the left or right edges of the screen. Another called Shake allows you to make all other windows but the one you’re working on disappear by simply grabbing its title bar with the mouse and shaking it several times.

File organization: In Windows Explorer, the left-hand column now includes a feature called Libraries. Each library—Documents, Music, Pictures and Videos—consolidates all files of those types regardless of which folder, or even which hard disk, they live in.

Networking: Windows 7 still isn’t quite as natural at networking as I find the Mac to be, but it’s better than Vista. For instance, now you can see all available wireless networks by just clicking on an icon in the taskbar. A new feature called HomeGroups is supposed to let you share files more easily among Windows 7 PCs on your home network. In my tests, it worked, but not consistently, and it required typing in long, arcane passwords.

Touch: Some of the same kinds of multitouch gestures made popular on the iPhone are now built into Windows 7. But these features won’t likely become popular for a while because to get the most out of them, a computer needs a special type of touch screen that goes beyond most of the ones existing now. I tested this on one such laptop, a Lenovo, and was able to move windows around, to resize and flip through photos, and more.

Speed: In my tests, on every machine, Windows 7 ran swiftly and with far fewer of the delays typical in running Vista. All the laptops I tested resumed from sleep quickly and properly, unlike in Vista. Start-up and restart times were also improved. I chose six Windows 7 laptops from different makers to compare with a new MacBook Pro laptop. The Mac still started and restarted faster than most of the Windows 7 PCs. But the speed gap has narrowed considerably, and one of the Lenovos beat the Mac in restart time.

Nagging: In the name of security, Vista put up nagging warnings about a wide variety of tasks, driving people crazy. In Windows 7, you can now set this system so it nags you only when things are happening that you consider really worth the nag. Also, Microsoft has consolidated most of the alerts from the lower-right system tray into one icon, and they seemed less frequent.

Compatibility: I tried a wide variety of third-party software and all worked fine on every Windows 7 machine. These included Mozilla Firefox; Adobe (ADBE) Reader; Google’s (GOOG) Picasa and Chrome; and Apple’s iTunes and Safari.

I also tested several hardware devices, and, unlike Vista, Windows 7 handled all but one smoothly. These included a networked H-P printer, a Canon (CAJ) camera, an iPod nano, and at least five external flash drives and hard disks. The one failure was a Verizon (VZ) USB cellular modem. Microsoft says you don’t need external software to run these, but I found it was necessary, and even then had to use a trick I found on the Web to get it to work.

System Requirements: Nearly all Vista PCs, and newer or beefier XP machines, should be able to run Windows 7 fine. Even the netbooks I tested ran it speedily, especially with the Starter Edition, which lacks some of the powerful graphics effects in the operating system. (Other netbooks will be able to run other editions.)

If you have a standard PC, called a 32-bit PC, you’ll need at least one gigabyte of memory, 16 gigabytes of free hard-disk space and a graphics system that can support Microsoft technologies called “DirectX 9 with WDDM 1.0.” You’ll also need a processor with a speed of at least one gigahertz. If you have a newer-style 64-bit PC, which can use more memory, you’ll need at least two gigabytes of memory and 20 gigabytes of free hard disk space. In either case, you should double the minimum memory specification.

Aero Peek lets you see your desktop by making your windows transparent.

Installation, editions and price: There are four editions of Windows 7 of interest to consumers. One, a limited version called Starter, comes pre-loaded on netbooks. A second, called Professional, is mainly for people who need to tap remotely into company networks (check with your company to see if you need this). A third, called Ultimate, is mainly for techies who want every feature of all other editions. Most average consumers will want Home Premium, which costs $120 for upgrades.

The system for upgrading is complicated, but Vista owners can upgrade to the exactly comparable edition of Windows 7 while keeping all files, settings and programs in place.

Unfortunately, XP owners, the biggest body of Windows users, won’t be able to do that. They’ll have to wipe out their hard disks after backing up their files elsewhere, then install Windows 7, then restore their personal files, then re-install all their programs from the original CDs or downloaded installer files. Then, they have to install all the patches and upgrades to those programs from over the years.

Microsoft includes an Easy Transfer wizard to help with this, but it moves only personal files, not programs. This painful XP upgrade process is one of the worst things about Windows 7 and will likely drive many XP owners to either stick with what they’ve got or wait and buy a new one.

In my tests, both types of installations went OK, though the latter could take a long time.

Bottom line: Windows 7 is a very good, versatile operating system that should help Microsoft bury the memory of Vista and make PC users happy.

Correction: The edition of Microsoft’s Windows 7 operating system aimed at business users is called Windows 7 Professional. This week’s Personal Technology column erroneously stated it was named Business.

Write to Walter S. Mossberg at walt.mossberg@wsj.com

]]> http://allthingsd.com/20091007/a-windows-to-help-you-forget/feed/ 0