Top 10: Moto split, Mac hack, Microsoft secrets

Conferences this week put the spotlight on security news with a MacBook Air being hacked in two minutes during a competition and research finding that Microsoft patches holes faster than Apple. Otherwise, H-1B visas were back in the news, word seeped out that Microsoft is planning software to compete with Google Docs and Google Apps, and Motorola announced — finally! — that it will divide into two separate companies.

1. Microsoft prepares ‘Albany’ to compete with Google : Microsoft’s “Albany” project is combining Office, Office Live Workspace, Windows Live OneCare, and the Windows Live service suite in an effort to take a shot at Google Docs and Google Apps hosted productivity suites, according to sources. The secret project is expected to lead to a software package that will be available in stores. Microsoft is tapping select testers to give the Project Albany beta a whirl with the initial test focus on a unified installer for the software package, the sources said. Microsoft would confirm only that it has sent out beta invites for a product with the code-name Albany, but otherwise mum’s the word.

[ Video: Review the week in IT news with the World Tech Update ]

2. Black Hat: Who patches security holes faster, Microsoft or Apple? : Apple’s witty advertisements that take jabs at Microsoft, suggesting Apple products are more secure, might not square with reality, according to research released at Black Hat. Swiss Federal Institute of Technology researchers found that Microsoft outpaces Apple when it comes to issuing patches. The researchers looked at what are called zero-day patches, those that are made available the day a vulnerability becomes publicly known, examining medium- and high-risk bugs for the past six years. “Apple was below 20 [unpatched vulnerabilities at disclosure] consistently before 2005,” researcher Stefan Frei said. “Since then, they are very often above. So if you have Apple and compare it to Microsoft, the number of unpatched vulnerabilities are higher at Apple.”

3. Motorola to split in two and Nokia and Samsung winners in Motorola split : In this week’s installment of the news we’ve all been expecting, Motorola is splitting into two companies, one that will make mobile devices and the other network infrastructure. The plan needs regulatory approval, but assuming that happens, the division will take place next year. According to analysts, the distraction of all of that spells good news for Nokia and Samsung, which could continue to make inroads on Motorola’s tumbling market share.

4. Utilities explore energy-saving incentives for IT : Representatives of 19 North American utility companies met to consider how to cut IT energy consumption with incentives including rebates. Led by Pacific Gas & Electric, the meeting in San Francisco was said to be the first for North American utilities specifically targeting IT. Datacenters were an obvious topic of discussion, but desktop PCs and other equipment were also considered.

[ InfoWorld’s Ted Samson has discussed a federal government program to help datacenter operators cut energy waste and costs and also highlighted the return-on-investment that green IT can provide ]

5. Gone in 2 minutes: Mac gets hacked first in contest : Researcher Charlie Miller made a cool 10 grand and won a MacBook Air after hacking into the laptop in two minutes at the CanSecWest security conference. Miller has mad skills when it comes to hacking Apple products — last year he was one of the first researchers to hack an iPhone. He had to sign an agreement at the competition this week that he wouldn’t discuss details of the bug he exploited to break into the MacBook Air until contest sponsor TippingPoint filled Apple in. Within hours of the contest on Thursday, Apple engineers were working on a patch.

6. H1-B backers seek White House help for foreign students : Supporters of changes in H-1B visas took their pleas to the Bush administration after not making progress with Congress. They’re asking for a time extension so that foreign graduates of U.S. universities can remain in the country on student visas for 29 months instead of the year now allowed. The proposal wouldn’t boost the government cap on H-1B visas issued every year to skilled non-U.S. workers, but it would give students extra time to earn the degrees needed to qualify for such visas.

7. Universities build open-source enterprise applications : A group of U.S. universities is building big, mission-critical enterprise applications that have been the territory of SAP, Oracle, and Microsoft. And they’re using an open-source software model for their work. A financial management application, Kuali Financial System, is the first application they’ve produced, and it’s available under a variant of the Apache 2.0 license. First deployment was to Strathmore University, a small school in Nairobi, Kenya, which estimates that it cut deployment costs in half by going with the open-source software over commercial software.

8. Analyst: Money will fuel mobile spying programs : Financial gain from selling spying tools is expected to lure more sophisticated programmers to that dark side, according to Jamo Niemela, a senior antivirus researcher at F-Secure in Finland. He spoke at the Black Hat conference in Amsterdam this week, predicting that the path for spying programs for mobile phones will follow that of malware and PCs. Hackers sell tools that are easy to use to less-savvy hackers instead of doing the PC hacking work themselves. Researchers are led to believe from anecdotal evidence that companies are trying to cope with mobile spyware on phones. “There have been certain cases of corporate customers asking very detailed questions about spy tools and not mentioning why they need the information,” Niemela said.

9. Sun ships servers open to attack : Whoops! Sun shipped servers in the Sparc Enterprise T5120 and T5220 lines with unsafe configurations in disk images that could enable remote attackers to take over the servers. The company issued a security alert Feb. 12, but it wasn’t picked up by third-party security vendors until this week. The Sun advisory told customers how to figure out if they had one of the buggy servers and what to do to lock down affected machines, but didn’t offer much in the way of details beyond that.

10. Red Hat: Open source benefits from U.S. unpopularity : Speaking at the Open Source Business Conference held in San Francisco this week, Red Hat CEO Jim Whitehurst claimed that the negative opinion of the U.S. found abroad has actually been a boost to open-source companies. “I never thought I would say this but actually, being very unpopular in the world, as frankly the U.S. is these days, is a huge benefit to open source,” Whitehurst said. Outside the United States, open source is seen from a public policy perspective as a fundamental good, and people are resentful of sending billions of dollars back to the U.S. in “intellectual property taxes,” so they turn to open-source software in order to operate without the shackles of U.S. intellectual property law.

[ Check out InfoWorld’s open-source roundtable discussion ]