ANKUR JAIN

Google Inc. has quietly patched a security bug in its Gmail service, but the company is downplaying the severity of the risk to its users.

Google confirmed that it made “modifications” to Gmail to cover an attack vector that allowed malicious hackers to take complete control of a victim’s Gmail account.

The elhacker.net advisory described how a Gmail user token could be used in conjunction with other hacking tricks to take control of the victim account.

However, Google spokesperson Sonya Boralv told Ziff Davis Internet News that a successful attack would require the victim to open up an authenticated token and willingly give it to the attacker.

The risk of an actual attack is so slim, she said the company did not consider it a security vulnerability. Boralv said the authentication token is totally encrypted and cannot be sniffed by an attacker.

“Nevertheless, we have made some modifications to Gmail to mitigate these kinds of issues in the future,” Boralv added.

In the face of concerns that Google never notified users of the Gmail issue, Boralv insist that the company follows security best practices.

“We take security very seriously, investigate vulnerability reports immediately and resolve them with highest priority. We looked into this issue and learned that it can only occur if a user knowingly provides their authentication token,” she said.

To avoid this problem, Boralv said, Google tries to educate its users not to provide sensitive information to unidentified individuals. Google also provides anti-phishing guidance to its users.

“All Google products are put through a rigorous security review process to identify security issues and fix them before the product is released. If security vulnerabilities are identified after the product is available, we fix them immediately and automatically update the service for our customers,” Boralv said.

Google has officially launched Analytics, a robust new web analysis system that provides site owners with traffic metrics and massive amounts of useful marketing data. Based on technology originally developed by a Californian company called Urchin that Google acquired in March, Analytics integrates with Google’s popular AdWords system, and will vastly improve the quality and quantity of data provided to existing AdWords users. Those of you that don’t use AdWords can still use Analytics by adding a simple javascript snippet to your web site.

Analytics features an elegant user interface that leverages modern web technologies like Flash and DHTML. Although it seems a little rough around the edges (the Flash components don’t display correctly in Firefox on my Linux system) the service is moderately impressive. It can export data in several formats, including XML and CSV. With Analytics, you can determine where your visitors are coming from, which links on your site are getting the most hits, how long the visitors spend on various pages of your site, and more:

Although it may not be especially useful compared to some of the critical features, the geographical map overlay is probably one of the coolest features. Analytics will generate a Flash-based map of the world that shows you which regions your traffic comes from. You can click individual regions to get additional statistics, and you can use Flash’s built-in zoom feature to get a closer look at specific locations.

The site overlay mechanism is one of the other particularly interesting features. It will superimpose click statistics on top of your actual page so that you can (hypothetically) see what people are clicking just by browsing your site. During my experiments with Analytics, I had some trouble getting the site overlay feature to work correctly. Clicking the individual links in the site overlay caused the Analytics start page to load in the iframe rather than the actual content.

Search Engine giant Google, is offering free wi-fi Internet service called Google WiFi in a limited way to two public sites near the company’s Mountain View, California, headquarters — a pizza parlor and a gym — located in the heart of Silicon Valley.

The company has already launched a sponsored Wi-Fi “hotspot” in San Francisco’s Union Square shopping district in April with a start-up called Feeva.

“Google WiFi is a community outreach program to offer free wireless access in areas near our headquarters,” the Google Spokesman described. The service is still in development stage and the company is collecting the feedback from the users.

With the offering of WiFi service, Google expands to another competitive market of Internet Service Providers and telecommunication companies all the more since it introduced an instant messaging and Web telephone calling service called Google Talk in August.

Google has submitted a bid to offer a free WiFi Internet Services across the city of San Francisco in 2006. Google spokesman Nate Tyler said “It is also an opportunity to make San Francisco a test-ground for new location-based applications and services that enable people to find relevant information exactly when and where they need it. We anticipate that the services we develop on this network will ultimately benefit end users and Google partners.”

A similar offer was made by Google for Mountain View as well. Mountain View, with a population of about 70,000 people — about one-tenth that of San Francisco — would be the first city to be converted to a free wireless Internet zone by Google.

Suse Linux founder Hubert Mantel announced his resignation from Novell Tuesday in a mass e-mailing.

Mantel said in a brief letter, sent to recipients in a Suse mailing list, that he could no longer work for the company, which acquired Suse in January 2004.

“Too late for me. I just decided to leave Suse/Novell,” Mantel wrote. “This is no longer the company I founded 13 years ago.”

Mantel’s exit is the latest executive departure from Novell’s Nuremberg, Germany-based Suse unit. In October, former Novell EMEA (Europe, Middle East and Asia) and Suse channel chief Petra Heinrich announced her exit and took a new position at Open-Xchange, an open-source e-mail company based in Germany. And in May, former Novell EMEA president and onetime Suse president Richard Seibt left Novell.

Mantel said Novell likely will fill his role at Suse, which was similar to those of Linus Torvalds and Andrew Morton in the development of the Linux kernel. Mantel also indicated that he sent his letter of resignation to Novell’s upper management.

“I have been the maintainer of the Suse kernel for more than a decade now,” Mantel wrote. “I’m very confident the Novell management will find a competent successor very quickly. After all, there are lots of extremely skilled people over there in the Ximian division.”

Links

Novell Channel Chief To Leave Company

Novell Layoffs Cast Cloud Over Big-Business Linux

Novell Names Hovsepian President, COO

Novell To Slash 600 Jobs, Sell Celerant Consulting

Microsoft Corp. on Tuesday said it expects to sell as many as 3 million Xbox 360s in the first three months after its launch — a strong start in its battle to dominate the market for next-generation gaming consoles.

Some big retailers in the United States have stopped accepting early orders for Xbox 360.

The company set that target nearly two weeks after trying to play down industry expectations. At its latest earnings announcement, it warned that initial Xbox sales might not be as high as some in the gaming industry have expected.

“In GameStop stores, the reservation process is closed,” said Chris Olivera, a spokesman for GameStop Corp., the biggest U.S. video game retailer, adding that advance orders at GameStop’s recently acquired Electronics Boutique stores were due to close “relatively soon.”

Best Buy Co. Inc., the No. 1 U.S. electronics chain, said on its Web site that it had stopped taking orders for the Xbox 360.

Lee, the CFO of Microsoft’s home and entertainment group, declined to say how many consoles would be on retailers’ shelves on November 22 when the Xbox 360 launches, saying that Microsoft would have enough machines for a solid release and steady supply thereafter.

Microsoft has contracted with three electronics manufacturers to build the Xbox 360: Flextronics International Ltd., Wistron Corp. and Celestica Inc. The Celestica plant is expected to come online in early 2006.

Redmond, Washington-based Microsoft’s Xbox 360 will debut at least three months before its main rival Sony begins selling the PlayStation 3, the gaming industry leader’s next-generation console.

Current-generation Xbox sales have slowed ahead of the launch.

Microsoft had cautioned on October 27 that early Xbox 360 sales would not be as high as expected. And Microsoft’s shares initially sold off on the news.

IBM (NYSE:IBM - news) on Tuesday launched a set of software tools it hopes will spur wider interest in its upcoming Cell microprocessor that is key to the computing giant’s return to profitable chipmaking.

International Business Machines Corp. has developed Cell jointly with Sony Corp. (6758.T) and Toshiba Corp. (6502.T), for use in Sony’s PlayStation 3 video game console due out next year.

“We view this as the jumping-off point where communities of interest can get started surrounding Cell and people can explore the full power of the architecture,” said Ted Maeurer, head of the Sony Toshiba IBM Design Center in Austin, Texas.

IBM is banking on the chip to help revive its flagging microchip division, which has lost more than $1 billion since 2002.