Salesforce Pushes “Social Enterprise”

At its Dreamforce conference in San Francisco this morning, Salesforce.com announced a number of new products in what it called the “social enterprise” and indicated a push toward HTML 5 as its method for delivering mobile applications.

To create a social enterprise, companies need a new database with “deep customer profiles,” an employee social network, and a customer and product social network.

For creating the customer database you will need an upcoming version of Salesforce (known as Winter 12, due this fall). It lets users follow their customers on LinkedIn, Twitter, and FaceBook. Database.com, a cloud-based database for storing and accessing information about customers is now ready for shipment.

For the employee social network, Salesforce pushed its Chatter application with new extensions including Chatter Now, which adds presence, chat (instant messaging), and screen sharing features. Other tools include the Chatter Connect API to hook into other systems, like SharePoint, in-line filters, and workflow approvals. Most impressive, a new feature, called Chatter Customer Groups, lets an enterprise allow its customers to securely participate in Chatter conversations.

iOS 5 beta 7 arrives

Apple this afternoon released yet another beta version of its iOS 5 software to developers, the seventh time it’s done so since offering a test version of the software in June.

Apple has said it will release iOS 5 to users as a free update this fall. The company typically seeds several beta versions of its major software releases to developers ahead of time to work out any bugs and give the developers time to integrate new features and APIs into their applications. This is just the latest in a long series of software releases leading up to the public availability.

The new version of iOS brings an overhaul of the notifications system, alongside a new messaging platform called iMessage that lets iOS users text and chat with one another free of charge. The software is also deeply tied to Apple’s upcoming iCloud service, which will be used to ferry photos, applications, and settings back and forth between iOS devices, as well as serve as a free backup solution.

Along with the new beta build of iOS 5, Apple released a new developer build of iTunes 10.5, its Apple TV software, and Xcode 4.2.

Facebook’s changes to privacy controls

Facebook is making it easier for users to control who sees their information, and to have more say over the photographs they appear in, as the world’s No. 1 social networking service seeks to assuage privacy concerns.

The changes will enable Facebook’s 750 million users to quickly access and modify their privacy settings each time they share information on the online network, rather than forcing them to click through various specialized sections of the website.

When a person uploads a photograph to Facebook and “tags,” or labels, their friends in the picture, the friends will now have the power to approve the tag before the picture is linked to their personal profiles. Previously, users could only un-tag themselves from undesirable photos after the fact.

Privacy has been an ongoing challenge for advertising-supported Facebook, which must balance its commercial interests in having people share more of their lives on the service with users’ sensitivities about having sufficient control over their personal information.

Skype buys GroupMe mobile messaging service

Skype has announced that it has purchased GroupMe, a mobile messaging service that is barely a year old. Skype, which itself is being purchased by Microsoft, claims that GroupMe will compliment Skype’s existing messaging services and help it build a more complete messaging system.

GroupMe offers apps for the iPhone, Android, BlackBerry, and Windows Phone 7, and it can work with basic SMS services for those without a smartphone. As implied by its name, it allows users to start and participate in group chats, complete with photo sharing, location mapping, and even conference calling. While some of GroupMe’s features overlap with Skype’s existing services, Skype says that GroupMe will complement Skype’s existing voice, video, and text-based messaging services. Skype had previously announced the acquisition of Qik, a mobile video calling service, earlier this year. It seems that Skype will integrate GroupMe, Qik, and its own services into one messaging umbrella.

GingerMaster Malware Seen Using Root Exploit for Android Gingerbread

The evolution of mobile malware seems to be accelerating, especially as it applies to Android malware. The newest example of this rapid change is the appearance of GingerMaster, a variant of the DroidKungFu malware that now sports a root exploit for Android 2.3 and gives the attacker complete control of the infected device.

The new piece of malware, discovered by researchers at North Carolina State University, uses a jailbreak exploit for Android 2.3, also known as Gingerbread, that is packaged in an infected app as a seemingly legitimate file. Once that exploit runs, it gives the malware root privileges on the phone and also begins collecting data about the device for transmission to a remote server.

The GingerMaster malware exists in infected apps by registering a receiver so that it will be notified when the system finishes booting. Insider the receiver, it will silently launch a service in the background. The background service will accordingly collect various information including the device id, phone number and others (e.g., by reading /proc/cpuinfo) and then upload them to a remote server.

Once the GingerMaster malware is installed and has root privileges, it then reaches out to a remote command-and-control server and asks for instructions. It then has the ability to download and install apps on its own, without the user’s permission.

There’s no indication that GingerMaster is in any apps in the official Android Market. No further information is available at this time.

AntiSec Hackers Release Sensitive VDI Documents

AntiSec hackers have made good on their threat to release sensitive emails and company documents stolen in a breach operation against defense contractor Vanguard Defense Industries (VDI).

The Tech Herald previously reported that the AntiSec hacker collective had breached the email account of Richard Garcia, the Senior Vice President of defense contractor VDI.

The firm was apparently targeted due to their business relationships with multiple federal and local law enforcement agencies, and Garcia was specifically targeted because he formerly was the Los Angeles Assistant Director for the FBI, and the agency and their affiliates have been singled out by the AntiSec hackers as being favored targets for malicious assaults.

The Pastebin announcement from AntiSec states:

We are releasing 1GB of private emails and documents belonging to Vanguard Defense Industries(VDI), a defense contractor that sells arms to law enforcement, military, and private corporations. The emails belong to Senior Vice President of VDI Richard T. Garcia, who has previously worked as Assistant Director to the Los Angeles FBI office as well as the Global Security Manager for Shell Oil Corporation. This leak contains internal meeting notes and contracts, schematics, non-disclosure agreements, personal information about other VDI employees, and several dozen “counter-terrorism” documents classified as “law enforcement sensitive” and “for official use only”.

The announcement also indicates that the breach may have uncovered evidence that financial giant Merrill Lynch may have tipped off VDI about Standard and Poors (S&P) plans to downgrade the U.S. government’s credit rating:

Additionally we found evidence of a Merrill Lynch wealth management advisor giving private advance notice to Garcia about upcoming S&P US credit rating downgrades.

The hacking operation may have exploited two outdated plugins employed on the firm’s website which uses WordPress, a platform known to have vulnerabilities if not properly maintained.

The success of the operation may have also been due to Garcia’s use of a weak password – reportedly “Gloria88” – which is short, uncomplicated, and lacks non-alphanumeric characters.

Dropbox release update

Version 1.1.4 has been released. Unless you are using a Mac or Linux system, you can skip this update. Here are the fixes:

  1. Integration support for Mac OS X Lion 10.7
  2. Backport a fix from 1.2.x to a rare issue (from 1.2.x) where certain Mac OS X machines wouldn’t upload files automatically.
  3. Backport a fix from 1.2.x that caused the tray menu to become unresponsive on certain Linux machines.