Mozilla augments Firefox's plug-in check

As it promised, Mozilla has created a page that checks for outdated plug-ins used by Firefox. Links to the plug-in download pages are also available so that users can obtain the most current versions of software from the likes of Adobe, Microsoft , Sun and Apple . A month ago, Mozilla debuted its plug-in checking with updates to Firefox 3.5.3 and Firefox 3.0.14, which automatically detected outdated versions of Adobe's Flash Player and prompted users to upgrade to the newest - and theoretically the most secure - edition of the browser plug-in. Mozilla is testing the page , which pings the company servers, then returns a list of plug-ins, noting those that are up-to-date and ones that should be updated.

At the time, Mozilla said it would follow that initial move with others, including the publishing of a page that Firefox users could visit to check the status of other vendors' plug-ins. According to Blair McBride, the Mozilla developer who announced the test plug-in check page on his blog today, Mozilla will add a built-in plug-in checking feature to Firefox 3.6, which is slated for release before the end of the year. "Firefox 3.6 will have this integrated to make sure users know when they have an outdated plug-in, without having to manually visit the Plugin Check page," said McBride. "Whenever you load a page that uses a plug-in that is out of date, you'll get [a] warning." The warning will read: "Some plugins used by this page are out of date." A button will be available to update the plug-in. Two weeks after introducing the plug-in check, Mozilla said it had convinced 10 million Firefox users to go to Adobe's site and grab the latest version of Flash. Firefox 3.6 will also sport changes to the browser's add-on too. "The Plugins tab of the Extension Manager (Tools/Add-ons) will indicate which of your plugins are out of date," promised McBride. Security experts have commended Mozilla on the moves.

The changes are to appear in the first, and likely only, beta of Firefox 3.6; that preview is slated to ship next week under Mozilla's published schedule. Last month, Wolfgang Kandek, the chief technology officer at security firm Qualys, called it "a great way to improve the security of Web browsers," as he noted that vulnerabilities in Adobe's Flash are frequently targeted by hackers. Earlier Tuesday, Mac users running Snow Leopard were told that QuickTime was out of date, even though they had installed Mac OS X 10.6.1, Apple's sole security update so far for the new OS. The problem, according to a post on Bugzilla , Mozilla's bug- and change-tracking database, was that Snow Leopard dubbed its version of QuickTime as 7.6.3, while its predecessor Leopard tagged it as 7.6.4. Later Tuesday, Mozilla had implemented a fix to the plug-in checking page to accurately report QuickTime 7.6.3 as the most up-to-date edition for Snow Leopard users. Mozilla has already caught one bug in the plug-in test page.

Microsoft greasing Windows 7 skids with early release of desktop tools

With the hope of sparking Windows 7 upgrades, Microsoft is planning an early release of its suite of desktop deployment tools.  The tools were originally slated to ship in early 2010, but Microsoft hopes to give customers the software in late October for use in rollouts of Windows 7 across corporate desktops. The news of the early release was announced by Ran Oelgiesser, senior product manager for MED-V, on the MDOP blog. The catch is that the Microsoft Desktop Optimization Pack (MDOP) R2 2009 is only available to volume licensing customers with Software Assurance contracts.

Slideshow: Snow Leopard vs. All the tools in MDOP R2 2009 will include support for Windows 7 except MED-V. Support for the new OS in MED-V 1.0 SP1 will come early in 2010, wrote Oelgiesser. Windows 7 Windows 7 is slated to ship to commercial customers on Oct. 22, but corporate users with volume licensing contracts have had access to Windows 7 since last month. MED-V runs multiple versions of Windows or applications concurrently without having to open multiple virtual machine sessions. The suite is a major part of Microsoft 's Optimized Desktop strategy, which addresses centralized management and deployment of physical and virtual resources. The software complements another MDOP tool called App-V, which is used for managing and deploying virtual PCs. The MDOP lineup also includes Asset Inventory Service; System Center Desktop Error Monitoring; Advanced Group Policy Management (AGPM) for change management via group policy objects; and the Diagnostics and Recovery Toolset, which helps in recovering a crashed PC. MDOP is composed of software from Microsoft's purchases of Softricity, Kidaro, AssetMetrix, Winternals Software and DesktopStandard.

According to Oelgiesser, App-V 4.5 SP1 will have various integration points with 32-bit versions of Windows 7, including with the AppLocker, Branch Cache and BitLocker ToGo features. The 64-bit version, App-V 4.6 will be available in the first half of 2010. Advanced Group Policy Management 4.0 features two new capabilities targeted at Windows 7. One allows users to manage group policies across different domains, and the other provides new search and filtering to ease tracking of group policy objects. In addition, the software will support 32-bit version of XP, Vista and Windows Server. Follow John Fontana on Twitter 

US company burned by China Web filter plans rival product

A U.S. company whose software code was allegedly stolen in China by a controversial, government-backed Internet filtering program will hit back by launching a rival product for a low price in China, the company said late Sunday. The Solid Oak program, called CyberSitter and targeted at parents, will be offered in languages including Chinese in a version due out next month. Solid Oak Software, which has said its code was copied in a program that China ordered be bundled with all new PCs, is exploring ways to offer its own Web filter for free or at a very low price in China, company President Brian Milburn, said in an e-mail.

A Chinese version of the product would compete with Green Dam Youth Escort, the program that Solid Oak says copied its code and that China originally ordered PC makers to include with all new computers sold in the country from July this year. But under heavy pressure from foreign PC makers and the U.S. government, China indefinitely postponed the mandate just hours before it was set to take effect. The Chinese government had paid the program's developers to allow all PC buyers to use the software for free for one year. Major PC makers including Lenovo and Acer began bundling Green Dam with new PCs until this month. The program also used blacklists apparently lifted from Solid Oak's software, according to the company and a group of U.S. researchers.

The program, which China said was meant to protect children from online pornography, was also found to block politically sensitive material such as negative references to a former Chinese president. One file found in the Chinese program contained an encrypted version of a years-old Solid Oak news bulletin, according to the researchers. Green Dam came under fire for concerns about system stability in addition to user privacy and freedom of speech. Solid Oak, which is based in Santa Barbara, California, is preparing legal action against PC makers that shipped Green Dam, though an update to the program in June removed some of the allegedly infringing elements. One Beijing high school recently removed the program from its computers after finding that it conflicted with software used for grading and attendance tracking.

Bryan Zhang, general manager of Jinhui Computer System Engineering, one of the designers of the Chinese software, declined to comment on the allegations of code theft. Green Dam "is a conglomeration of whatever components [the developers] managed to steal ... or otherwise appropriate from various sources, and duct tape together in the form of an alleged piece of software," Milburn wrote in his e-mail. "They should be utterly humiliated, not just because they stole much of the core functionality, but even more so because they intentionally inflicted such a miserable product on a population of innocent computer users," Milburn wrote. The new Solid Oak product will have a Chinese user interface available and a filtering function that the company reworked after much of its old proprietary code appeared online. That is the ultimate goal," company spokeswoman Jenna DiPasquale said in an e-mail. The filtering will be entirely URL-based, avoiding the need to translate keywords into Chinese. "We are working on a way to release it for free.

Perot wins key health-care IT outsourcing deal in India

Perot Systems has bagged a 10-year IT outsourcing contract in India, its first outside the U.S. The win reflects Perot's bid to grow its health-care business in markets other than the U.S., as well as in emerging markets like India, China, Brazil, and Mexico, company executives said on Friday. But only 4.1 percent of the company's revenue from the health-care industry was from outside the U.S., up from 2.5 percent two years ago, said Kevin Fickenscher, executive vice president for International Healthcare at Perot, in a telephone interview. In the second quarter, 48 percent of Perot's revenue came from the health-care industry.

Expansion outside the U.S. is a key focus area for Perot, said Raj Asava, Perot's chief strategy officer. The maturing health-care industry in these emerging markets has a big appetite and also funds to invest in technologies such as electronic health records and clinical information systems, Asava said. For its health-care business, the company is targeting emerging markets in the Middle East, China, India, and Latin America, besides more mature markets such as the U.K. and Germany. The contract with Max Healthcare, a large hospital chain in India, has an initial value of US$18 million, but could go up in value as more applications and services are added, Perot said. The deployment will be around the open source VistA (Veterans Health Information Systems and Technology Architecture) electronic health record and health information system, he added.

Besides running the applications already installed at Max, Perot will also deploy an electronic health records system and other IT infrastructure, Fickenscher said. Perot already has a services subsidiary in India with about 9,000 staff that offer outsourcing services to customers in the U.S., Europe, and other parts of the world. Multinational and Indian service providers are targeting India's growing services market, including in the telecommunications sector where a number of mobile service providers are outsourcing their IT infrastructure. About 60 percent of these staff do work for the health-care industry. The immediate opportunity for vendors of IT targeting the health-care industry is from private sector providers, but government run hospitals will soon follow, Fickenscher said.

Fugitive hacker headed back to U.S. for arraignment

A Miami man who for three years had evaded prosecution in connection with the theft and reselling of VoIP services is being extradited to Newark from Mexico today and is set to be arraigned in a New jersey federal courthouse on Friday. He had been free on $100,000 bail. Edwin Pena, 26, had been arrested in June, 2006, on multiple computer and wire fraud charges, and then allegedly fled the country about two months later.

Pena was apprehended in Mexico in February and federal prosecutors have been working to get him extradited back to the U.S. since then, according to Assistant U.S. Attorney Erez Liebermann . "He's been a fugitive for over three years," said Liebermann, who is prosecuting the case. "We're looking forward to proceeding with the prosecution." Pena faces 20 charges that include conspiracy to commit computer intrusion and conspiracy to commit wire fraud charge. According to a criminal complaint filed in U.S. District Court in New Jersey, Pena and co-conspirator Robert Moore of Spokane, Wash., sold more than 10 million minutes of VoIP service that had been stolen from 15 telecommunications providers. The U.S. alleges that from November 2004 to May 2006 Pena and a cohort hacked into the computer networks of VoIP service providers and routed calls made by customers of Pena's VoIP service through them. Prosecutors have contended that the lost minutes were valed at $1.4 million to the providers victimized in the alleged scam. In the fall of 2007, Moore pleaded guilty to conspiracy to commit computer fraud and began a two-year prison sentence. Federal investigators contend that Pena was the mastermind behind the scheme and Moore hacked the systems.

Voice-over-IP systems route telephone calls over the Internet or other IP-based networks. The complaint alleges that once Moore found unsecured networks, he would then e-mail Pena the key information needed to access vulnerable networks. Moore scanned telecommunications company networks around the world, searching for unsecured ports - the criminal complaint said that between June 2005 and October 2005, Moore ran more than 6 million scans of network ports within the AT&T network alone. Once the networks were accessed, prosecutors allege that Pena ran brute force attacks to find the proprietary codes needed to identify and accept authorized calls coming into the networks. According to court documents, Pena gained more than $1 million from the scheme. He allegedly would used the codes to surreptitiously route his clients' calls through the systems.

Some was spent to buy real estate in Miami, a 40-foot boat and luxury cars, including a BMW M3 and a Cadillac Escalade.