A test drive of Opera 10 shows it to be shaping up to be a very impressive release

Though still young in the development cycle, Opera 10, which hit the web today in beta 1 form, is shaping up to be a potentially must-have release for Windows, OS X, and Linux users alike. The smoking fast browser packs some great innovations and puts older competitors, like Firefox 3 on notice.

First of all, the new browser uses advanced compression technology to deliver better performance on low bandwidth connections like public Wi-Fi, dial-up, or throttled connections. Secondly, the browser is compatible with the highest current web standards. Built on the Opera Presto 2.2 engine, it scores a perfect 100/100 on the Acid3 compatibility test. The new engine adds Web Fonts support, RGBA/HSLA color, SVG improvements, and more.

Where the browser truly shines is its speed. It loads pages extremely fast. DailyTech took it for a spin on a Fedora 10 desktop installation, to try some page loads. DailyTech.com loaded in 1.2 seconds in Opera 10 beta 1, versus approximately 2.2 seconds in Firefox 3.0.10. Likewise, SportsIllustrated.com (via CNN) had first and second load speeds of 4 seconds and 1 seconds in Opera, versus 11 seconds and 9 seconds in Firefox. It may not sound like much, but like Internet Explorer 8, the difference over Firefox's latest build is noticeable -- and Opera 10 even appears to surpass IE 8 in load speeds.

One improved feature of the release is Speed Dial, an exclusive Opera feature which allows you to see and pick from your favorite sites when opening a new tab. Refined, it now supports up to 25 favorites, and the ability to set custom backgrounds. Opera 10 also adds nicer integration with web mail clients like Gmail.

Another highlight-reel addition is the ability to resize your tabs. By dragging a bar beneath the tabs downwards, the tabs become tiny thumbnail screenshots of the page. While primarily a graphical effect, it certainly adds "wow" factor to the browser, and gives it a decidedly next generation feel. The effect resembles the "Windows Peek" feature in the upcoming Windows 7.

Other additions include an impressive inline spell checker. Also, if you want a lightweight email client, akin to Microsoft Outlook or Mozilla Thunderbird, Opera sports a refined version of Opera Mail. And for developers, the new browser packs a new and improved version of Opera Dragonfly. The new version includes tools to edit the DOM and inspect HTTP headers of pages you're debugging.

The only real disappointment here is security/ad-blocking. While popup blocking is a breeze, it'd be nice to see a bit more selective JavaScript and Flash blocking, along the lines of NoScript. Currently it’s easy to block scripts on a site, but blocking via the menus is an all or nothing affair, making it impractical for sights that use JavaScript for content you actually want.

While the official release of Opera 10 may be some time away, the browser is already shaping up impressively. Ultra-fast and packing a great set of features, the browser definitely will lure away some Firefox users, and maybe even a few Safari or IE 8 users. It’s definitely worth a download, if only to take it for a quick test ride.

Update 1:
There is a good way to block ads after-all, that's actually been around since Opera 9. To access it, right click anywhere on a page that doesn't have linked content. Then select "Block Content" then proceed to click on all content you want block (ads) and finally click "Done" on the top of the page. White space will appear for a bit, but reloads will fix this. Also you can use .ini filters to further block ad content.

Also, Mozilla currently is beta testing Firefox 3.5, which is expected to deliver substantial speed improvements. Expect an upcoming article to look at speed between all the browsers' latest betas or releases.

[Submitted by Christo [PCD]]



Click to discuss this news item in the forums

Recent revisions to Facebook's terms of service resulted in debates regarding the organization's rights over user content. In effort toward creating a solution, Facebook has now returned their terms of service to its previous wording.

Does Facebook claim ownership to any of its users’ content on the site, even if that content has been deleted? A blog's commentary over the weekend regarding a change Facebook made on Wednesday to their terms of service sparked this question and created a firestorm of banter on the Web. In an attempt at fixing the situation, Facebook has now brought back their previous terms of service.

Upon logging into Facebook, users will find the most recent update on the site's terms of service: "Over the past few days, we have received a lot of feedback about the new terms we posted two weeks ago. Because of this response, we have decided to return to our previous Terms of Use while we resolve the issues that people have raised. For more information, visit the Facebook Blog."

The public has even been invited to share their thoughts on what should be in the new terms, via the site's group Facebook Bill of Rights and Responsibilities.

Company legal representative Suzie White explained the recent terms of service changes in a blog post, "We used to have several different documents that outlined what people could and could not do on Facebook, but now we're consolidating all this information to one central place...We've also simplified and clarified a lot of information that applies to you, including some things you shouldn't do when using the site."

Debates, which began on Sunday, resulted from a revision in the wording of Facebook’s policy where it covers what will happen to profile content (i.e., shared items, notes, photos, etc.) after an account has been deleted.

The Consumerist, a consumer advocacy blog, simplified Facebook's revised policy into one statement they believed to have summed it up: "We Can Do Anything We Want With Your Content. Forever." The Consumerist also brought attention to the fact that the new terms of service came without sentences explaining that Facebook's licenses on user content expire after the deletion of an account.

One Consumerist commenter reacted by stating that Facebook should now be called “The Information Blackhole". They went on to warn, "What goes in never comes out. Be careful what you huck in there."

Although most Facebook users were expected to be apathetic toward the terms of service changes, certain supporters of copyright reform and privacy became worried by the news. Examples of those hosting concern included photographers and writers wishing to keep uploaded photos or notes that were written on Facebook, in hopes of eventual profit from that work.

Certain prominent Twitterers and bloggers, such as music critic Sasha Frere-Jones, decided to delete their Facebook account all together, or at least to erase any uploaded content from the site.

On Monday, Facebook attempted to clarify the true purpose of the terms of service changes.

Facebook spokesman Barry Schnitt explained, "We are not claiming and have never claimed ownership of material that users upload."

"The new Terms were clarified to be more consistent with the behavior of the site," Schnitt continued. "That is, if you send a message to another user (or post to their wall, etc...), that content might not be removed by Facebook if you delete your account (but can be deleted by your friend)."

Schnitt’s statement also explained that Facebook's license only allows the organization to use user content "in connection with the Facebook Service or the promotion thereof." Furthermore, he shared how if a user’s content is not public, Facebook will abide with these privacy settings. So, if a profile and its uploaded content have settings which only allow contacts on that user’s friends list to see them, Facebook will not show any of the content to any person outside of that particular friends list. The networking site has communicated their disapproval in circumstances when pictures usually protected by Facebook's login wall or privacy settings have become accessible to the public on the Web.

Although Facebook's terms of service says that the organization does not have ownership over user content, they do have "an irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license (to)...use, copy, publish, stream, store, retain, publicly perform or display, transmit, scan, reformat, modify, edit, frame, translate, excerpt, adapt, create derivative works, and distribute" material, if it avoids violating any of the user’s privacy settings.

Later on Monday, Zuckerberg mentioned the issue in a post on the Facebook blog. "Our philosophy that people own their information and control who they share it with has remained constant. A lot of the language in our terms is overly formal and protective of the rights we need to provide this service to you. Over time we will continue to clarify our positions and make the terms simpler."

Zuckerberg went on to assure that Facebook takes these issues and their responsibility to help resolve them very seriously.


[Submitted by Christo [PCD]]

At a major hacking conference participants showed yet another supposedly secure technology just isn't very secure

The problem with any hot technology in the security world is that the desire to raise a product above the competition seems to invariably lead to boastful claims. Such claims make the technology a high profile target for hackers, and with the bright minds in the field, it takes little time to take many supposedly "unbeatable" countermeasures down. Thus was the case with RFID, recently shown to be extremely insecure, and now it appears that at least some types of biometrics are headed down the same path.

Nguyen Minh Duc, manager of the application security department at the Bach Khoa Internetwork Security Center at Hanoi University of Technology, is scheduled to demonstrate at Black Hat DC this week how he and his colleagues used multiple methods to hack top biometric facial recognition products and gain easy access to systems.

He and his colleagues hacked Lenovo's Veriface III, ASUS' SmartLogon V1.0.0005, and Toshiba's Face Recognition 2.0.2.32 systems, which come on the companies' webcam equipped laptops. These Windows XP and Windows Vista laptops use the webcams to scan the user's face, and if it matches the stored image, analyzed by an algorithm, it will log the user on. Facial recognition is considered by many in the security world to be less of a hassle then fingerprints and more secure than passwords.

The Vietnamese researchers showed that the tech might not be such a good idea, though, by using multiple means to crack it. The simplest way was to simply use a picture of the person to spoof the webcam into thinking it was the user. Given the ready availability of images on sites like MySpace and Facebook, this seems to be an easy route to access.

The researchers also showed that they could use a brute force attack generating multiple random fake faces to eventually gain access, for lack of a picture to use the easier route. States Profesor Duc in his paper on the hack, "The mechanisms used by those three vendors haven't met the security requirements needed by an authentication system, and they cannot wholly protect their users from being tampered."

He continues, "There is no way to fix this vulnerability. ASUS, Lenovo, and Toshiba have to remove this function from all the models of their laptops ... [they] must give an advisory to users all over the world: Stop using this [biometric] function."

He and his colleagues will be releasing a suite of tools for hacking facial recognition software at the Black Hat DC conference. The key to using spoofed images, he and his team found, was simply tweaking the lighting and angle of the photo until the system accepts it. Describes Professor Duc, "Due to the fact that a hacker doesn't know exactly how the face learnt by the system looks like, he has to create a large number of images...let us call this method of attack 'Fake Face Bruteforce.' It is just easy to do that with a wide range of image editing programs at the moment."

He breaks down the weakness further, stating, "One special point we found out when studying those algorithms is that all of them work with images that have already been digitalized and gone through image processing. Consequently, we think that this is the weakest security spot in face recognition systems, generally, and access control system of the three vendors, particularly."

Many government efforts in the U.S. and elsewhere are looking to use facial recognition software as a means to identify citizens in motor vehicles or at sensitive public locations like airports.

The Asus U2E is among the products that the hackers were easily able to gain logon to by spoofing the facial recognition software. The hackers broke into Lenovo, Toshiba, and ASUSTek systems with ease. (Source: ASUSTek)


[Submitted by Christo [PCD]]



Click to discuss this news item in the forums