There's only four weeks to go until the next IE9 developer preview, and it looks like Chinese leak site Cnbeta might have got its hands on the new build already.

I'm not quite sure what to make of the screenshots, nor the Google translation. The Developer Previews (Internet Explorer Test Drive) are not meant to have a user interface -- they're just there to show off the Trident rendering engine. That means we're probably looking at the beta version of IE9 in these screenshots. Does that mean the private beta has begun -- or are these simply fakes?

As you can see above, IE9 seems to gained a proper download manager. After the break there's a couple more images -- one of the very Chromeish 'new tab page', and one that hints at restartless add-on management.

Looking at the SunSpider performance graph, I'm not sure if these images are real -- or whether this beta build sports the latest version of the Trident rendering engine. When I tested IE's JavaScript performance last month, it was about the same speed as Firefox 3.6 -- not some 10 times slower than Chrome.

[via Neowin]

Read more →

There's no exploitation in play here, just the wholesale harvesting and presentation of superficial data for roughly one-fifth of Facebook's half-billion strong user-base.

Ron Bowes, of Skull Security, posted the torrent to the Pirate Bay after realizing that his pet project had become something that others might be interested in. He had basically crawled the Facebook directory, and indexed the results. What he got was a list 171 million entries long, representing 100 million unique users, their names, and their Facebook URLs. He packaged it all into a database and posted the 2.8GB file as a torrent.

It's important to note that there isn't any other information in the database. Shortly after word got out about the torrent, the BBC posted a story about it, and quoted a random user in the comments section as stating that it was "awesome and a little terrifying." Honestly, the only thing terrifying about any of this is the thought of going through the Facebook directory. Seriously, I looked, and there are so many people with my name that I would never find myself.

Bowes has stated that, though there isn't any real information aside from names and a URLs in the database, any number of contact details may be present on a user's Facebook page -- it all depends on how that user has his privacy settings set. Basically, with this database in hand, a potentially malicious user could sift through all the names and come across the user he was looking for, see that user's Facebook landing-page (the little page with their name, picture, and a few friends) -- and that's about it.

But regardless of the harmless nature of the database, this torrent has become a big deal, because simply being in the cavernous Facebook directory is an option in itself. Now that there's a torrent containing the most basic contact information for 100 million users, that particular privacy setting has become null for the users on that list.

So, in the end, this is just one more reminder for everybody on Facebook to check their privacy settings.

The Android Market is doing away with its current copy protection scheme for apps, because breaking protection to pirate the apps is a little bit too easy for the comfort of the developers who sell their software in the market. To protect its relationship with the all-important dev community, Google has launched a "licensing service" that verifies whether an app was legitimately purchased.

This kind of scheme isn't uncommon, but it's sometimes unpleasant for users. In a perfect world, your Android phone would always have reception, and a licensing server would always be up and running to authenticate the apps you've bought. There are bound to be a few problems, though, and it's not clear how Google will address them. I'm not going to assume the worst, but I do wonder what happens when you have an offline app and you're in a service black hole. Can it run without being able to access the licensing server?

Google could protect developers without checking apps every single time they run, but there are other possible worries, like legitimate apps failing the licensing check due to glitches (a la Microsoft and Windows Genuine Advantage). On the plus side, Google has some of the best server infrastructure in the world, so it's very unlikely these servers will go down for any length of time.

Currently, this type of authentication is available to any developer who wants it, but it's not mandatory. It'll be interesting to see how many app creators start using it right away.

[via Engadget]