You can go to https://code.google.com/apis/console/b/0/
Unlike Android and other free stuff these APIs are very promising for revenue generation as some of them are very unique to Google itself, and already some are being offered on a Pricing Tier. There are 18 APIs in total with 3 APIs having Pricing while the rest are in beta stages.
I am just listing down all the APIs in one place – Continue reading “Google APIs”
Now if only they could sell it better to counter MS exchange
Gmail is getting a cleaner, more modern look over the next few months. For a sneak peek at some of these changes, check out the “Preview” and “Preview (Dense)” themes on the Themes tab under Settings.
Now you can point your phone’s browser to gmail.com and get Gmail in 44 languages, complete with label support, an outbox for messages composed while offline, the ability to mute messages, and more. Watch the video or learn more.
Email is great, except when there’s too much of it. Priority Inbox automatically identifies your important messages and separates them out from everything else, so you can focus on what really matters. Learn more
Call any phone in the US and Canada for free and at insanely low rates internationally — right from inside Gmail. Make sure you have the voice and video chat plugin, then click “Call phone” at the top of your chat roster. This feature is only available in the US at this time.
We’ve pruned our pixels and made it easier to get to Contacts and Tasks. Once in Contacts, you can now sort by last name and add custom labels for phone numbers and other fields — two top requested features. Learn more
Share updates, photos, videos and more right inside of Gmail. Start conversations about the things you find interesting. Learn more at buzz.google.com or in the Help Center.
HTTPS encryption keeps your mail secure as it travels between your web browser and Gmail servers, so someone sharing your favorite coffee shop’s public wifi can’t maliciously read it. Banks and credit card companies use this same protocol to keep your online accounts safe. To protect your Gmail account, we’ve turned on the option to “always use HTTPS” for everyone. This added layer of security can make Gmail slower, so if you don’t use unencrypted wireless connections, you can choose to disable this option in your account Settings. Even if you change this setting, Gmail will always encrypt the login page to protect your password. Learn more
If you need more space for your email and photos, you can now buy 20 gigabytes of storage for only $5 a year. Extra storage is shared between Gmail and Picasa Web Albums and acts as an overflow if you use up your free storage. Learn more
Point your phone’s browser to gmail.com and enjoy Gmail complete with full label support, an outbox for messages composed while offline, the ability to mute messages, and more. Learn more
Ever included Bob (your boss) instead of Bob (your friend) on an email by accident? Oops! Turn on “Got the wrong Bob?” and Gmail will check if you meant to include Bob Smith rather than Bob Jones based on the groups of people you email most often.
With “Don’t forget Bob,” you can start composing an email to a group of people, and Gmail will suggest other contacts you might want to include. Check out these experimental features and more on the Labs tab under Settings.
Make Gmail look like a calm patch of grass or an old school video game. Can’t decide? Choose “Random” and cycle through a different theme each day. Check out all available themes from the Themes tab under Settings.
Turn on “Message translation” from the Labs tab under Settings, and whenever you receive an email in a language other than your own, Gmail will automatically translate it into a language you can understand with just one click.
Available in Gmail, Google Calendar, iGoogle and on your mobile phone, Tasks is the simple to-do list that’s with you everywhere you go. Click “Tasks” above your chat list to get started (no need to turn it on from the Labs tab anymore). Learn more
You can now drag labels onto messages and messages into labels, just like folders. The labels you use most often are easier to access right above your chat list. The rest are hidden but still accessible under “more.” Customize which labels you see from the Labels tab under Settings. Learn more
Instead of just links, see previews of photos, videos, and reviews right in your email. Turn on these and other experimental features from the Labs tab under Settings.
Oops, hit “Send” too soon? Give yourself a grace period of a few seconds to cancel sending, then edit your message before sending again. Turn it on from the Labs tab under Settings.
Take your to-do list everywhere you go. Just go to gmail.com/tasks from your mobile browser.
Make Gmail work even when you’re not connected to the internet. Turn on offline access from the Labs tab under Settings.
The buttons and menus at the top of your inbox look a bit different: there’s a new “Labels” button that makes labeling messages even easier. Turn on keyboard shortcuts and hit “L” to bring up your labels, and auto-complete will take it from there. Use the “Move to” button to label and archive in just one step — just like you would with a folder. Learn more
Gmail is usually all about speedy electronic communication, but for a limited time we went old school with snail mail. If you sent in a self-addressed stamped envelope, we’d send you some free Gmail stickers. Free stickers are no longer available, but you can see what they looked like on the Gmail blog.
Now you can preview PDFs right in your browser without waiting for them to download and open in another application. Just click the “View” link next to any .pdf attachments you receive.
Keep track of what you need to do with a lightweight task list right inside of Gmail. Just click and type to add new tasks, convert emails into tasks, and (most satisfyingly) check them off as you’re done. Once you turn on this Labs feature, look for the Tasks link to the left of your inbox under Contacts. Turn on tasks and more from the Labs tab under Settings. Learn more
Send SMS text messages right from Gmail. You chat from your comfy computer and reach your friends on the go; they get your messages as texts and can peck out replies on their little keyboards. Turn on SMS text messaging and more from the Labs tab under Settings. Learn more
From minimalist grays to dynamic mountain landscapes, choose from over 30 options to personalize the look and feel of your Gmail account. To get started, check out the Themes tab under Settings. Learn more
See and hear friends and family right from within Gmail. All you need is a webcam and a small download that takes seconds to install. Learn more
There’s a whole lot more to play with in Gmail Labs, our testing ground for experimental features. Google Calendar and Docs gadgets, a forgotten attachment detector, advanced IMAP controls, and canned responses are just a taste. Turn on these and more from the Labs tab under Settings. Learn more
Gmail is now available on the world’s first Android-powered phone, the T-Mobile G1. All of the features you love about Gmail on your computer, plus real time push email so you never need to refresh your inbox. Learn more
Express yourself with emoticons from 
to 
or even 
. Click the button when composing a message in “Rich formatting” mode, or choose the new emoticons tab in chat, and express yourself to your 
‘s desire. Learn more
Save multiple mobile drafts, compose and read recent email offline, use new shortcut keys and more. Download Gmail for mobile 2.0 for your BlackBerry or J2ME phone by going to m.google.com/mail in your mobile browser.
Try out features in development and let us know what you think. To get started with Labs, click the Labs tab under Settings.Learn more
Now with auto-complete when composing, automatic refreshing, and faster load times when viewing email. Learn more
Now you can talk to your AIM® friends using an integrated chat list right inside Gmail. Learn more
AOL and AIM are trademarks of AOL LLC
Better organize your email with new colored labels. Just click the color swatch next to each label to assign a color. Learn more
Chat with multiple people without multiple windows. Invite your friends to a group discussion. To start a group chat, click ‘Group chat’ from the ‘Options’ menu when chatting. Learn more
Start sending richer expressions to your friends. Learn more
Sync your inbox across devices instantly and automatically. Whether you read or write your email on your phone or on your desktop, changes you make to Gmail will be seen from anywhere you access your inbox. Another way to use Gmail on your iPhone is through the browser. By going to m.gmail.com you get the full Gmail experience including conversation view, search, and more. Learn how to set up IMAP on other devices.
Set up IMAP on your iPhone. Watch the video
Cyber Attacks-Protecting your assets and people from cyber attacks
Everyday we hear of new cyber attacks on organizations and countries. The latest attacks were on IMF and 200,000 accounts of Citibank and now the website of the US Senate. If some of the most powerful and technologically advanced organizations could not survive targeted attacks, how effective is your organization in handling cyber security. Sony Playstation, Google Gmail, PBS website are other famous targets that have been victimized.
Before we play the blame game by pointing to China for sponsoring hacker attacks, or Russian spammers for creating Bot Nets or ex Silicon Valley /American technology experts rendered jobless by off-shoring, we need to both understand which companies are most vulnerable, which processes need to be fine tuned and what is the plan of action in case your cyber security is breached.
Which companies are most vulnerable?
If you have valuable data, confidential in nature , in electronic form AND connectivity to internet, you have an opening. Think of data as water, if you have a small leakage all the water can be leaked away. To add to complexity, the attackers are mostly unknown, and extremely difficult to catch, and can take a big chunk of your credibility and intellectual property in a very short time.
The best people in technology are not the ones attending meetings in nicely pressed suits– and your IT guy is rarely a match for the talent that is now available on freelance hire for cyber corporate espionage.
Any company or organization that has not undergone through one real time simulated cyber attack or IT audit that focuses on data security is very vulnerable.
Which organizational processes need to be fine tuned ?
Clearly employee access even at senior management needs to be ensured for both technological as well as social vulnerability. Does your reception take the name of senior management if cold called. Do your senior managers surf the internet and use a simple password on the same computer and laptop. Do you have disaster management and redundancy plans.
A wall is only as strong as its weakest brick and the same is true of organizational readiness for cyber attacks.
What is the plan of action in case your cyber security is breached?
Lean back, close your eyes and think your website has just been breached, someone has just stolen confidential emails from your corporate email server, and complete client as well as the most confidential data in your organization has been lost.
Do you have a plan for what to do next? Or are you waiting for an actual cyber event to occur to make that plan.
I am elaborating an earlier article on https://decisionstats.com/top-25-most-dangerous-software-errors/ based on my continued research into cyber conflict and strategy. My inputs are in italics – the rest is a condensed article for further thought.
The Department of Homeland Security of the United States of America has just launched a list of top 25 errors in programming or creating software that increase vulnerability to hacking attacks. The list which is available at http://cwe.mitre.org/top25/index.html lists down a methodology fo measuring vulnerability called Common Weakness Scoring System (CWSS) and uses that score to rank the various errors as well as suggestions to eliminate these weaknesses or errors.
Measuring Weaknesses
The importance of a weakness (that arises due to software bugs) may vary depending on business usage or project implementation, the technologies , operating systems and computing environments in use, and the risk or threat perception.The Common Weakness Scoring System (CWSS) provides a mechanism for scoring weaknesses. and provides a framework for prioritizing security errors (“weaknesses”) that are discovered in software applications.
Identifying Weaknesses
For example the number 1 weakness is shown with
1CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’).
The rest of the weaknesses are
RANK SCORE ID NAME
[1] 93.8 CWE-89 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
[2] 83.3 CWE-78 Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)
[3] 79.0 CWE-120 Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’)
[4] 77.7 CWE-79 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
[5] 76.9 CWE-306 Missing Authentication for Critical Function
[6] 76.8 CWE-862 Missing Authorization
[7] 75.0 CWE-798 Use of Hard-coded Credentials
[8] 75.0 CWE-311 Missing Encryption of Sensitive Data
[9] 74.0 CWE-434 Unrestricted Upload of File with Dangerous Type
[10] 73.8 CWE-807 Reliance on Untrusted Inputs in a Security Decision
[11] 73.1 CWE-250 Execution with Unnecessary Privileges
[12] 70.1 CWE-352 Cross-Site Request Forgery (CSRF)
[13] 69.3 CWE-22 Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
[14] 68.5 CWE-494 Download of Code Without Integrity Check
[15] 67.8 CWE-863 Incorrect Authorization
[16] 66.0 CWE-829 Inclusion of Functionality from Untrusted Control Sphere
[17] 65.5 CWE-732 Incorrect Permission Assignment for Critical Resource
[18] 64.6 CWE-676 Use of Potentially Dangerous Function
[19] 64.1 CWE-327 Use of a Broken or Risky Cryptographic Algorithm
[20] 62.4 CWE-131 Incorrect Calculation of Buffer Size
[21] 61.5 CWE-307 Improper Restriction of Excessive Authentication Attempts
[22] 61.1 CWE-601 URL Redirection to Untrusted Site (‘Open Redirect’)
[23] 61.0 CWE-134 Uncontrolled Format String
[24] 60.3 CWE-190 Integer Overflow or Wraparound
[25] 59.9 CWE-759 Use of a One-Way Hash without a Salt
Details of each weakness is given by http://cwe.mitre.org/top25/index.html#Details
It includes Summary , Weakness Prevalence, Consequences, Remediation Cost, Ease of Detection ,Attacker Awareness and Attack Frequency .In addition the following sections describe each software vulnerability in detail- Technical Details ,Code Examples ,Detection Methods ,References,Prevention and Mitigation, Related CWEs and Related Attack Patterns.
Other important software weaknesses are –
[26] CWE-770: Allocation of Resources Without Limits or Throttling
[27] CWE-129: Improper Validation of Array Index
[28] CWE-754: Improper Check for Unusual or Exceptional Conditions
[29] CWE-805: Buffer Access with Incorrect Length Value
[30] CWE-838: Inappropriate Encoding for Output Context
[31] CWE-330: Use of Insufficiently Random Values
[32] CWE-822: Untrusted Pointer Dereference
[33] CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (‘Race Condition’)
[34] CWE-212: Improper Cross-boundary Removal of Sensitive Data
[35] CWE-681: Incorrect Conversion between Numeric Types
[36] CWE-476: NULL Pointer Dereference
[37] CWE-841: Improper Enforcement of Behavioral Workflow
[38] CWE-772: Missing Release of Resource after Effective Lifetime
[39] CWE-209: Information Exposure Through an Error Message
[40] CWE-825: Expired Pointer Dereference
[41] CWE-456: Missing Initialization
Mitigating Weaknesses
Here is an example of the new matrix for migrations that also list the top 25 errors . This thus shows a way to fix the weaknesses and relative impact on each weakness by the following mitigations.
http://cwe.mitre.org/top25/mitigations.html#MitigationMatrix
Effectiveness ratings include:
Within the matrix, the following mitigations are identified:
The following general practices are omitted from the matrix:
| M1 | M2 | M3 | M4 | M5 | CWE |
|---|---|---|---|---|---|
| High | DiD | Mod | CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) | ||
| Mod | High | DiD | Ltd | CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) | |
| Mod | High | Ltd | CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) | ||
| Mod | High | DiD | Ltd | CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) | |
| Mod | DiD | Ltd | CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) | ||
| Mod | DiD | Ltd | CWE-131: Incorrect Calculation of Buffer Size | ||
| High | DiD | Mod | CWE-134: Uncontrolled Format String | ||
| Mod | DiD | Ltd | CWE-190: Integer Overflow or Wraparound | ||
| High | CWE-250: Execution with Unnecessary Privileges | ||||
| Mod | Mod | CWE-306: Missing Authentication for Critical Function | |||
| Mod | CWE-307: Improper Restriction of Excessive Authentication Attempts | ||||
| DiD | CWE-311: Missing Encryption of Sensitive Data | ||||
| High | CWE-327: Use of a Broken or Risky Cryptographic Algorithm | ||||
| Ltd | CWE-352: Cross-Site Request Forgery (CSRF) | ||||
| Mod | DiD | Mod | CWE-434: Unrestricted Upload of File with Dangerous Type | ||
| DiD | CWE-494: Download of Code Without Integrity Check | ||||
| Mod | Mod | Ltd | CWE-601: URL Redirection to Untrusted Site (‘Open Redirect’) | ||
| Mod | High | DiD | CWE-676: Use of Potentially Dangerous Function | ||
| Ltd | DiD | Mod | CWE-732: Incorrect Permission Assignment for Critical Resource | ||
| High | CWE-759: Use of a One-Way Hash without a Salt | ||||
| DiD | High | Mod | CWE-798: Use of Hard-coded Credentials | ||
| Mod | DiD | Mod | Mod | CWE-807: Reliance on Untrusted Inputs in a Security Decision | |
| High | High | High | CWE-829: Inclusion of Functionality from Untrusted Control Sphere | ||
| DiD | Mod | Mod | CWE-862: Missing Authorization | ||
| DiD | Mod | CWE-863: Incorrect Authorization |
I have been watching for Revolution Analytics product almost since the inception of the company. It has managed to sail over storms, naysayers and critics with simple and effective strategy of launching good software, making good partnerships and keeping up media visibility with white papers, joint webinars, blogs, conferences and events.
However this is a listing of all technical contributions made by Revolution Analytics products to the #rstats project.
1) Useful Packages mostly in parallel processing or more efficient computing like
2) RevoScaler package to beat R’s memory problem (this is probably the best in my opinion as it is yet to be replicated by the open source version and is a clear cut reason for going in for the paid version)
http://www.revolutionanalytics.com/products/enterprise-big-data.php
- Efficient XDF File Format designed to efficiently handle huge data sets.
- Data Step Functionality to quickly clean, transform, explore, and visualize huge data sets.
- Data selection functionality to store huge data sets out of memory, and select subsets of rows and columns for in-memory operation with all R functions.
- Visualize Large Data sets with line plots and histograms.
- Built-in Statistical Algorithms for direct analysis of huge data sets:
- Summary Statistics
- Linear Regression
- Logistic Regression
- Crosstabulation
- On-the-fly data transformations to include derived variables in models without writing new data files.
- Extend Existing Analyses by writing user- defined R functions to “chunk” through huge data sets.
- Direct import of fixed-format text data files and SAS data sets into .xdf format
3) RevoDeploy R for API based R solution – I somehow think this feature will get more important as time goes on but it seems a lower visibility offering right now.
http://www.revolutionanalytics.com/products/enterprise-deployment.php
- Collection of Web services implemented as a RESTful API.
- JavaScript and Java client libraries, allowing users to easily build custom Web applications on top of R.
- .NET Client library — includes a COM interoperability to call R from VBA
- Management Console for securely administrating servers, scripts and users through HTTP and HTTPS.
- XML and JSON format for data exchange.
- Built-in security model for authenticated or anonymous invocation of R Scripts.
- Repository for storing R objects and R Script execution artifacts.
4) Revolutions IDE (or Productivity Environment) for a faster coding environment than command line. The GUI by Revolution Analytics is in the works. – Having used this- only the Code Snippets function is a clear differentiator from newer IDE and GUI. The code snippets is awesome though and even someone who doesnt know much R can get analysis set up quite fast and accurately.
http://www.revolutionanalytics.com/products/enterprise-productivity.php
- Full-featured Visual Debugger for debugging R scripts, with call stack window and step-in, step-over, and step-out capability.
- Enhanced Script Editor with hover-over help, word completion, find-across-files capability, automatic syntax checking, bookmarks, and navigation buttons.
- Run Selection, Run to Line and Run to Cursor evaluation
- R Code Snippets to automatically generate fill-in-the-blank sections of R code with tooltip help.
- Object Browser showing available data and function objects (including those in packages), with context menus for plotting and editing data.
- Solution Explorer for organizing, viewing, adding, removing, rearranging, and sourcing R scripts.
- Customizable Workspace with dockable, floating, and tabbed tool windows.
- Version Control Plug-in available for the open source Subversion version control software.
Marketing contributions from Revolution Analytics-
1) Sponsoring R sessions and user meets
2) Evangelizing R at conferences and partnering with corporate partners including JasperSoft, Microsoft , IBM and others at http://www.revolutionanalytics.com/partners/
3) Helping with online initiatives like http://www.inside-r.org/ (which is curiously dormant and now largely superseded by R-Bloggers.com) and the syntax highlighting tool at http://www.inside-r.org/pretty-r. In addition Revolution has been proactive in reaching out to the community
4) Helping pioneer blogging about R and Twitter Hash tag discussions , and contributing to Stack Overflow discussions. Within a short while, #rstats online community has overtaken a lot more established names- partly due to decentralized nature of its working.
Did I miss something out? yes , they share their code by GPL.
Let me know by feedback
Here is a RSS feed/website for all security incidents
http://www.us-cert.gov/current/ and http://www.us-cert.gov/cas/techalerts/
You can also see http://www.onguardonline.gov/tools/overview.aspx for tools to be secure online.
But the new measuring system is http://cwe.mitre.org/cwss/ to help being secure. It basically creates a score or an anlytical approach for measuring vulnerabilities.
Common Weakness Scoring System (CWSS)The Common Weakness Scoring System (CWSS) provides a mechanism for scoring weaknesses in a consistent, flexible, open manner while accommodating context for the various business domains. It is a collaborative, community-based effort that is addressing the needs of itsstakeholders across government, academia, and industry. CWSS is a part of the Common Weakness Enumeration (CWE) project, co-sponsored by the Software Assurance program in the National Cyber Security Division (NCSD) of the US Department of Homeland Security (DHS). CWSS:
and the top 25 errors in software are http://cwe.mitre.org/top25/index.html
You can use the list at http://cwe.mitre.org/top25/index.html and check your own corporate vulnerabilities. It is better to sweat in cyber peace than bleed in cyber war, huh. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
If you are new to using Chrome, there are many delightful features just beneath the surface.
If you are an Internet Explorer or Firefox or Safari or Arora or Opera or Sea Monkey browser user- this is one more reason to test, just test Chrome.
Ok so who Made chrome- (note the link i.e about:credits is what you type in chrome to see features)
DECISION STATS 