Saturday, March 27, 2010

Nvidia's GTX 480: First Fermi Benchmarks [Graphics Cards]


Nvidia's GTX 480: First Fermi BenchmarksCan a three billion transistor GPU that eats power supplies for lunch find love and glory in the hearts of gamers?

Enrico Fermi gained fame as a key player in the Manhattan Project, which gave the world nuclear fission and the first atomic bomb. Nvidia's Fermi GPU architecture – now seeing the light of day as the GeForce GTX 480 – hopes to create its own chain reaction among PC gamers looking for the latest and greatest graphics cards.

Originally code-named GF100, the GTX 480's long and controversial gestation saw numerous delays and lots of sneak peeks, but Nvidia's new graphics card has finally arrived. Sporting 1.5GB of fast DDR5 memory and an exotic heat-pipe based cooling system, Nvidia's managed to squeeze this three billion transistor monster onto a card just 10.5 inches long.

Can Nvidia's long-awaited 480 GTX capture the graphics performance crown? And if it can, is the price of glory worth the cost?

Fermi Graphics Architecture in a Nutshell

Nvidia designed the GTX 480 architecture from the ground up as a new architecture, with the goal of combining best-of-class graphics performance with a robust compute component for GPU compute applications. The architecture is modular, consisting of groups of ALUs ("CUDA cores") assembled into blocks of 32, along with texture cache, memory, a large register file, scheduler and what Nvidia calls the PolyMorph Engine. Each of these blocks is known as an SM, or streaming multiprocessor.
Nvidia's GTX 480: First Fermi Benchmarks
The warp scheduler ensures that threads are assigned to the compute cores. The PolyMorph engine takes care of vertex fetch, contains the tessellation engine and handles viewport transformation and stream output.

Each CUDA core inside the SMs are scalar, and are built with a pipelined, integer ALU and a floating point unit (FPU) which is fully IEEE 754-2008 compliant. The FPU can handle both single- and double-precision floating point operations. Each SM has a 64KB memory pool. When used for graphics, the 64KB is split into 16KB of L1 cache and 48KB of shared memory. The SMs belong to blocks of four graphics processing clusters (GPCs) connected to the raster output engines. The GPCs share 768MB of L2 cache. Six memory controllers manage access the GDDR5 memory pool.

It's About Geometry Performance

Prior generations of GPUs built on DirectX 10 and earlier radically improved texturing and filtering performance over time. Better image quality came through effects like normal mapping (bump mapping) to create the illusion of greater detail with flat textures.

DirectX 11 supports hardware tessellation. Hardware tessellation works with a base set of geometry with predefined patches. The DX11 tessellation engine takes that patch data and procedurally generates triangles, increasing the geometric complexity of the final object. This means that heads become rounder, gun barrels aren't octagons and other geometric details appear more realistic.
Nvidia's GTX 480: First Fermi Benchmarks
The hardware tessellator that's built into the PolyMorph Engine is fully compliant with DirectX 11 hardware tessellation. Given that both major GPU suppliers are now shipping DirectX 11 capable parts, we may finally see the end of blocky, angular heads on characters with hardware tessellation.

Image Quality Enhancements

The 480 GTX increases the numbers of texture and ROP units, as well as scaling up raw computational horsepower in the SMs. This allows the card to take effects like full scene anti-aliasing to the next step. Nvidia suggests that 8x anti-aliasing is possible in most games with only a slight performance penalty over 4x AA. The new GPU will also enable further AA capabilities, such as 32x CSAA (coverage sample anti-aliasing) and improved AA with transparent objects.
Nvidia's GTX 480: First Fermi Benchmarks

As with prior Nvidia GPUs, the company is talking up performance in GPU compute. This translates directly into more robust image quality effects, including physics and post-processing effects such as better water effects, improved depth-of-field and specialized effects like photographic background bokeh.

Read here for a deeper dive into Fermi graphics architecture.

The GeForce 480 GTX

When Nvidia rolled out the GF100 graphics architecture in January, they talked about a chip with 512 CUDA cores. As it turns out, the 480 GTX is shipping with only 480 cores enabled – one full SM is disabled. It's uncertain whether this is because of yield problems. Even using a 40nm process, the GTX 480 chip is massive. Alternatively, Nvidia may have disabled an SM because of power issues – the GTX 480 already consumes 250W at full load, making it one of the most power hungry graphics cards ever made.
Nvidia's GTX 480: First Fermi Benchmarks

Note that the "480" in GTX 480 doesn't refer to the 480 CUDA cores. Nvidia is also launching the GeForce GTX 470, which ships with 448 active computational cores. See the chart for the speeds and feeds, alongside the current single GPU Radeon HD 5870.

What's notable, beyond the sheer number of transistors, is the number of texture units and ROPs – both exceed what's available in the Radeon HD 5870. It's also worth noting the maximum thermal design power. It's rated at 250W, or 62W more than the Radeon HD 5870. In practice, we found the differences to be higher (see the benchmarking analysis for power consumption numbers.)

Power and Connectivity

Since the new cards are so power-hungry, Nvidia's engineers designed a sophisticated, heat-pipe based cooler to keep the GPU and memory within the maximum rated 105 degrees C operating temperature. When running full bore, the cooling fan spins up and gets pretty loud, but it's no worse than AMD's dual GPU Radeon HD 5970. It is noticeably louder than the single chip Radeon HD 5870, however.

The cooling system design helped Nvidia build a board that's just 10.5 inches long, a tad shorter than the Radeon HD 5870 and much shorter than the foot-long Radeon HD 5970. Given the thermal output, however, buyers will want to ensure their cases offer robust airflow. Nvidia suggests a minimum 550W PSU for the GTX 470 and a 600W rated power supply for the 480 GTX. The 480 GTX we tested used a pair of PCI Express power connectors – one 8-pin and one 6-pin.
Nvidia's GTX 480: First Fermi Benchmarks

Unlike AMD, Nvidia is sticking with a maximum of two displays with a single card. All the cards currently shipping will offer two dual-link DVI ports and one mini-HDMI connector. Any two connectors can be used in dual panel operation. Current cards do not offer a DisplayPort connector.

Nvidia is also beefing up its 3D Vision stereoscopic technology. Wide screen LCD monitors are now available with 120Hz refresh support in full 1920x1080 (1080p) resolution. One card will drive a single 1080p panel. If your wallet is healthy enough to afford a pair of GTX 400 series cards, 3D Vision is being updated so that you can have up to three displays running in full stereoscopic mode.

What's the price of all this technological goodness? Nvidia is targeting a $499 price point for the 480 GTX and $349 for the 470 GTX. Actual prices will vary, depending on supply and overall demand.

The burning question, of course, is: when can you get one? Rumors have been flying around about yields and manufacturing issues with the Fermi chip. Nvidia's Drew Henry stated categorically that "tens of thousands" would be available on launch day. We'll just have to wait to see what that means for long term pricing and availability.
Nvidia's GTX 480: First Fermi Benchmarks

It's possible we're seeing the end of the era brute force approaches to building GPUs. The 480 GTX pushes the edge of the envelope in both performance and power consumption – and that's with 32 compute units disabled. So even at 250 watts or more, we're not seeing the full potential of the chip.

In the end, the 480 GTX offers superlative single GPU performance at a suggested price point that seems about right. It does lack AMD's Eyefinity capability and its hunger for watts is unparalleled. Is the increased performance enough to bring gamers back to the Nvidia fold? If efficiency matters, gamers may be reluctant to adopt such a power-hungry GPU. The performance of the Radeon HD 5870 is certainly still in the "good enough" category, and that card is $100 cheaper and consumes substantially less power. If raw performance is what counts, the 480 GTX will win converts. Only the fickleness of time, availability and user desires will show us which approach wins out over the long haul.

GTX 480: Best Single GPU Performance

Our test system consisted of a Core i7 975 at 3.3GHz, with 6GB of DDR3 memory running at 1333MHz, running on an Asus P6X58D Premium motherboard. Storage included a Seagate 7200.12 1TB drive and an LG Blu-ray ROM drive. The power supply is a Corsair TX850w 850W unit.

We're adding in performance of 3DMark Vantage as a matter of interest; FutureMark's 3D performance test is increasingly antiquated, and not really a useful predictor of gaming performance.

We tested six different graphics cards, including a standard Radeon HD 5870 and the factory overclocked Radeon HD 5870 XXX edition. We also included results from older Nvidia cards, including the aggressively overclocked eVGA 285 GTX SSC and a reference 295 GTX. Also included was an HIS Radeon HD 5970, built with two Radeon HD 5870 GPUs.

For the most part, the Radeon HD 5970 won most of the benchmarks. One interesting point is the recently released Unigine 2.0 DX11 test. If you scale up tessellation to "extreme" the GTX 480 edges out the dual GPU AMD solution.

1920x1200, 4xAA

Let's check out performance first at 1920x1200, with 4xAA.
Nvidia's GTX 480: First Fermi Benchmarks
The GTX 480 wins about half the benchmarks against the single GPU Radeon HD 5870, and essentially ties in the rest. Where it does win, however, it generally wins big.

The GTX 480 "wins" in another test – power consumption – but not in a good way. The system idled at 165W with the GTX 480, exceeded only by the dual GPU HD 5970's 169W. However, at full load, the 480 GTX gulped down 399W – 35W more than the 5970 and fully 130W more than the Radeon HD 5870 at standard speeds.

Up next, how do the cards perform under more challenging conditions?

1920x1200, 8xAA

Now let's pump up the AA to 8x and see what happens. Note that our Dawn of War 2: Chaos Rising and Call of Pripyat benchmarks drops off the list, since we used the in-game AA setting for Chaos Rising, which only has a single, unlabeled setting for AA. The STALKER test doesn't support 8xAA.

Note that "NA" means the card doesn't support DirectX 11

What's immediately evident is that the GTX 480's performance drops less dramatically with 8x AA enabled than with the other cards. The dual GPU Radeon HD 5970 still wins most of the tests, but the GTX 480 is the clear winner in all the benchmarks except for the older Crysis test – and that's a dead heat.

So Nvidia's assertion that the card can run in 8xAA mode with only a small performance penalty looks accurate. With Nvidia's cards, though, it may be more interesting to run CSAA with transparency AA enabled, assuming the game supports it.

In the end, the 480 GTX, given the current state of drivers, is priced about right – assuming you can actually buy one for $499. It's about $100 cheaper than the Radeon HD 5970, and users won't have to worry about dual-GPU issues. At $100 more than a Radeon HD 5870, it's the fastest single GPU card we've seen. If raw performance is what you want, then the 480 GTX delivers, particularly at high AA and detail settings.

The real kicker, however, is power consumption. Performance counts, but efficiency is important, too. The GeForce 480 GTX kicks out high frame rates, but the cost in terms of watts per FPS may be too high for some.
Nvidia's GTX 480: First Fermi Benchmarks

The Role of Drivers

Drivers – those magical software packages that actually enable our cool GPU toys to work – are a critical part of the performance equation. It's no surprise that AMD released versions of its Catalyst 10.3 drivers, which offered big performance improvements in a number of popular games. AMD has had a good nine months to tune and tweak their DirectX 11 drivers. The timing of this driver release is also no surprise, as both AMD and Nvidia have, in the past, released performance enhanced drivers just as their competitor was about to ship a new card.

The 480 GTX was surprisingly weak on some game tests, while performance on other tests was nothing short of excellent. It's very likely that performance will increase over time, although some games which have a stronger CPU element, such as real-time strategy games, may not see massive performance gains.

Both Nvidia and AMD have extensive engineering staff dedicated to writing and debugging drivers. AMD has committed to a monthly driver release, but is willing to release hotfix drivers to improve performance on new, popular game releases. Nvidia's schedule is somewhat irregular, but the company has stepped up the frequency of its driver releases in the past year, as DirectX 11 and Windows 7 have become major forces.

Developing drivers for a brand new architecture is a tricky process, and engineers never exploit the full potential of a new GPU at launch. As we've seen with Catalyst 10.3, sometimes a new driver can make an existing card seem new all over again.

Average versus Minimum Frame Rate

A few years ago, Intel commissioned a study to find out what the threshold of pain was when it game to playing games. At what point will lower frame rates affect player experiences? Their research uncovered two interesting data points. First, if a game could maintain a frame rate above 45 fps, then users would tend to remain immersed in the gaming experience. The other factor, however, are wide, sudden variations in frame rate.

If you're humming along at 100fps, and the game suddenly drops to 48 fps, you notice, even though you're still above that magical 45 fps threshold.
Nvidia's GTX 480: First Fermi Benchmarks
Modern game designers spend a ton of time tweaking every scene to avoid those sudden frame rate judders. Given the nature of PC games, with its wide array of processors and GPUs, gamers will still experience the jarring effects of low frame rates or sudden drops in performance. The goal is to keep those adverse events to a minimum.

One older benchmark we no longer run, but is worth checking out for these effects, is the RTS World in Conflict. The built-in benchmark also has a real time bar that changes on the fly as the test is run. Watching the bar drop into the red (very low frame rates) during massive explosions and debris flying was always illuminating.

That's why we're generally happy to see very high average frame rates. A game that will run at 100 fps will more likely stay above that 45 fps barrier, though you may see certain scenes drop.

Direct X 11 Gaming

PC game developers seem to be taking up DirectX 11 more quickly than past versions of DirectX. There are some solid reasons for that. Even if you don't have a DX11 card, installing DX11 will improve performance, since the libraries themselves are now multithreaded.

Here's a few good games that have been recently released with DirectX 11 support:

Metro 2033. This Russian-made first person shooter is one of the more creepily atmospheric titles we've fired up recently. The graphics are richly detailed, and the lighting effects eerie and effective.
DiRT 2. Quite a few buyers of AMD cards received a coupon for DiRT 2 when the HD 5800 series shipped. The game offers colorful and detailed graphics and good racing challenges, although the big deal made about the water effects was overblown – the water doesn't look all that good, maybe because the spray looks unrealistic.
Battlefield: Bad Company 2. While it's had a few multiplayer teething problems, BC2 has consumed vast numbers of hours of online time, plus has a surprisingly good single player story.
S.T.A.L.K.E.R.: Call of Pripyat. This is the actual sequel to GSC's original STALKER title. It seems like a substantial improvement over the Clear Sky prequel. The tessellation certainly helps immersion as you fight alongside or against other stalkers.
Aliens vs Predator. The new release of the venerable title from Rebellion and SEGA also make use of hardware tessellation, making the Aliens look even more frightening and all too realistic.
Nvidia's GTX 480: First Fermi Benchmarks

Nvidia's GTX 480: First Fermi BenchmarksMaximum PC brings you the latest in PC news, reviews, and how-tos.


Printable Nanotube RFID Tags Could Make Wireless Checkout Aisles a Reality [Supersupermarkets]


Printable Nanotube RFID Tags Could Make Wireless Checkout Aisles a RealityWireless checkout is many a grocer's dream. It's like Amazon's one-click shopping in the real world, maximizing efficiency for the customer and cutting costs for the supermarket. A new printable RFID tag could make it a reality.

RFID checkout is far from being a new idea—it's already seen small scale implementation in various pockets around the world—but it has never been cheap enough to be a viable, cashier-replacing option. Current RFID tags, made with silicon, cost about 50 cents each to produce, so stamping one on every single item in the store just doesn't make sense.

But a collaboration by researchers at Sunchon National University in Suncheon, South Korea and Rice University in Texas has yielded a new RFID tag that can be printed directly on paper or plastic packaging, eliminating the need for silicon altogether and bringing the cost down to 3 cents a tag. Now we're talking.

The invention was made possible by the wonders of nanotechnology (what isn't these days?). The researchers developed a semiconducting ink, made with carbon nanotubes, that is capable of holding an electric charge. They're currently refining their invention, trying to pack more data into smaller tags and bring the cost down to one cent each.

A fifty-fold reduction in price makes RFID a much more attractive checkout alternative. I just hope someone's still going to bag my groceries. [Wired]


NVIDIA unleashes GeForce GTX 480 and GTX 470 'tessellation monsters'


Let's get the hard data out of the way first: 480 CUDA cores, 700 MHz graphics and 1,401MHz processor clock speeds, plus 1.5GB of onboard GDDR5 memory running at 1,848MHz (for a 3.7GHz effective data rate). Those are the specs upon which Fermi is built, and those are the numbers that will seek to justify a $499 price tag and a spectacular 250W TDP. We attended a presentation by NVIDIA this afternoon, where the above GTX 480 and its lite version, the GTX 470, were detailed. The latter card will come with a humbler 1.2GB of memory plus 607MHz, 1,215MHz and 1,674MHz clocks, while dinging your wallet for $349 and straining your case's cooling with 215W of hotness.

NVIDIA's first DirectX 11 parts are betting big on tessellation becoming the way games are rendered in the future, with the entire architecture being geared toward taking duties off the CPU and freeing up its cycles to deliver performance improvements elsewhere. This is perhaps no better evidenced than by the fact that both GTX models scored fewer 3DMarks than the Radeon HD 5870 and HD 5850 that they're competing against, but managed to deliver higher frame rates than their respective competitors in in-game benchmarks from NVIDIA. The final bit of major news here relates to SLI scaling, which is frankly remarkable. NVIDIA claims a consistent 90 percent performance improvement (over a single card) when running GTX 480s in tandem, which is as efficient as any multi-GPU setup we've yet seen. After the break you'll find a pair of tech demos and a roundup of the most cogent reviews.

Continue reading NVIDIA unleashes GeForce GTX 480 and GTX 470 'tessellation monsters'

NVIDIA unleashes GeForce GTX 480 and GTX 470 'tessellation monsters' originally appeared on Engadget on Fri, 26 Mar 2010 19:01:00 EST. Please see our terms for use of feeds.

Permalink   |   | Email this | Comments


Novatel NovaDrive cloud-based unlimited storage preview


Hold onto your hats, it seems Novatel, maker of some of the finest 3G / WiFi devices has decided to stretch its legs from connectivity into the realm of data storage. Not only is the cloud-based storage accessible through their software for Windows or Apple, but they're thoughfully built a nice mobile site so your cellphone can get in on the fun. Other notables include the ability to mail files to your file server, easy online collaboration for a team, and you can even send folks links to files who don't have access to your server and track when and if they download it. NovaDrive also touts "unlimited" storage -- though, we'd bet they'll drop the fair use hammer quick if you go too wild -- for roughly $50 a year for the personal version and $150 for the team fileserver version. Not too shabby if online storage is your thing, and even if it isn't, Novadrive has a 30-day demo that won't cost you one red cent, so feel feel to give it a whirl.

Novatel NovaDrive cloud-based unlimited storage preview originally appeared on Engadget on Sat, 27 Mar 2010 12:59:00 EST. Please see our terms for use of feeds.

Permalink   |  sourceNovaDrive  | Email this | Comments


Cisco sinks funding into WiMAX-supporting Grid Net, looks to ride the 'smart energy' wave


Here's an interesting one. Just days after Cisco admitted that it was killing its own internal development of WiMAX kit, the networking mainstay has sunk an undisclosed amount of cheddar into a company that holds WiMAX in the highest regard: Grid Net. Said outfit has close ties to GE, Intel, Motorola and Clearwire, all of which have also voiced support (and invested real dollars) for the next-generation wireless protocol in years past. Last we heard, Cisco was doing its best to remain "radio-agnostic," and while some may view this as flip-flopping, we view it as brilliant; it's costly to develop internally, but buying stake in a company that's already well versed in a given technology allows Cisco to keep WiMAX at arm's reach without incurring the risk associated with building within. Beyond all that, we think that Cisco's just trying to get in early on the energy management biz, particularly after the US government announced that it would be funding the distribution of loads of in-home energy monitors in the coming years. According to Grid Net, it intends to "use the proceeds from this investment to promote its real-time, all-IP, secure, reliable, extensible, end-to-end Smart Grid network infrastructure solutions," though specifics beyond that were few and far between. Verizon mentioned that it would soon be using its LTE network for all sorts of unorthodox things -- we suppose WiMAX backers are planning to allow the same.

Cisco sinks funding into WiMAX-supporting Gr! id Net, looks to ride the 'smart energy' wave originally appeared on Engadget on Fri, 26 Mar 2010 21:10:00 EST. Please see our terms for use of feeds.

Permalink Digg  |  sourceGrid-Net  | Email this | Comments


Friday, March 26, 2010

Rumor: Google's Set Top Box Won't Replace Your Current One, But "Daisy-Chain" Them [Google]


Rumor: Google's Set Top Box Won't Replace Your Current One, But "Daisy-Chain" ThemGoogle's upcoming set top box won't replace what you've already got, VideoNuze has reportedly been told by sources. Instead, it'll daisy-chain between the boxes and the TV via HDMI, bringing the best of the web to your TV.

All we know for certain so far is that the box will be built by Sony and Intel, run on Android, and use Google Chrome as a browser. VideoNuze's "additional information" heard from sources will show Google "contemplating an entirely novel strategy for its set top box."

"In other words, the MVPD's set-top's HDMI output would be connected to the Google TV set-top's HDMI input, and then its HDMI output would be connected to the TV. The authorized TV channels would still be delivered, but Google TV would collect data from the MVPD's set-top and introduce an entirely new UI for users to control their TV experience, to include searching and browsing channels. It would also add a host of new interactive web-type capabilities around the content."

Jason already ran through his wish list of features, which would include all Google services as well as support for Hulu and other streaming sites. [VideoNuze via SlashGear]


Microsoft's budget 720p HD-5000 LifeCam reviewed (video)


Microsoft's budget 720p HD-5000 LifeCam reviewed (video)
A week after becoming a reality, Microsoft's LifeCam HD-5000 webcam has been given the review treatment by Mobile + Netbook and, while it delivers what looks to be generally excellent quality video, it doesn't score perfectly high marks. For one thing, this cam does not feature onboard hardware encoding, which resulted in 40 percent CPU utilization for this tester when recording at 720p on a Core i5 750 processor -- ouch. This also means that the cam will not be usable for Skype HD, as that service requires onboard hardware encoding. But, other than some slow focus issues, the camera delivered quite good quality and color and, at just $50 MSRP (we're seeing them for $40 online), it's still quite a bargain.

Continue reading Microsoft's budget 720p HD-5000 LifeCam reviewed (video)

Microsoft's budget 720p HD-5000 LifeCam reviewed (video) originally appeared on Engadget on Fri, 26 Mar 2010 09:11:00 EST. Please see our terms for use of feeds.

Permalink   |  sourceMobile + Notebook  | Email this&nbs! p;|  ;Comments


Vitality GlowCap hands-on


We just got a quick look at one of those Vitality GlowCap bottles. It's about as dead simple as it looks: the LED at the top of the cap glows (orange, but there's also a blue mode that must mean something else like "you're all going to die"), and with the right amount of adult supervision you can push down and twist off the cap. All the details of the service, which involves patent recognition to figure out the best way to remind you and incentivize you to take your pills via phone calls, flashing lights, and social network reminders, aren't completely ironed out, but it sounds like Vitality is paying AT&T up front for the bandwidth -- at least you won't have another charge on your AT&T bill to worry about. Not shown is a base station that the GlowCaps connect to over 2G wireless (more unclarity here, but rest assured your prescription infos will be beamed over the internet via AT&T's network), and which does the primary flashing when you need to take a pill.

Vitality GlowCap hands-on originally appeared on Engadget on Thu, 25 Mar 2010 11:51:00 EST. Plea! se see o ur terms for use of feeds.

Permalink   |   | Email this | Comments


ASUS O!Play AIR reviewed, deemed 'capable'


When we first saw the ASUS O!Play Air set-top box the latter part of last year, we were interested -- when looking for a networked media player, it's definitely good to have options. Now that the kids at Bit-Tech have got their hands on a review unit, however, are enthusiasm has dampened quite a bit. Sure, it looks good in print: HDMI 1.3, composite video and audio output (for lovers of antiques), eSATA and USB ports, CF, SD+MMC, MS+MS Duo card readers, and 802.11n -- none too shabby, eh? Once you got past the "greasy plastic outer surface," however, things were not so awesome. The interface felt "sluggish" as the reviewer "repeatedly watching the timer... waiting for menus to load," and the device itself eschews support for Dolby TrueHD and DTS MasterHD in lieu of multichannel HD LPCM audio over HDMI -- a tongue twister for sure, but also a deal-breaker for some. On the other hand, the kids did find the UI intuitive, and an automatic media preview especially helpful for wonky filenames. The question remains -- is it worth it for $130?

ASUS O!Play AIR reviewed, deemed 'capable' originally appeared on Engadget on Thu, 25 Mar 2010 14:07:00 EST. Please see our terms for use of feeds.

Permalink   |  sourceBit-Tech  | Email this | Comments


Isabella's Vizit touchscreen, cell-connected photo frame goes hands-on


Buying and pre-setting up a $280 touchscreen photoframe for your mom (Isabella calls the target market "parents of parents") sounds like a tall order, and you add in the $6 a month service fee on top of that and you're really buying in here with the Vizit photoframe. So, how does it perform? In a word: sluggish. Shuffling through pictures or the mystery-meat carousel is an exercise in patience, thanks to some slow Flash Lite UI performance, but at least the menus are simple and friendly, and the touchscreen is responsive enough that if you're prepared for the pace, it's not that frustrating of an experience. The actual service aspects are much more impressive, pushing and pulling photos all over the place, with an integrated web app for managing a white list of contacts. The advantage of the AT&T service plan is that your mom won't have to do any work setting this up -- when you buy the device it's tied to an online account that you can set up for her before she even gets it -- and that the device can also receive OTA firmware updates, so expect further functionality (like video playback, for instance) going forward. There's a video after the break with the CEO of Isabella, showing us what's what.

Continue reading Isabella's Vizit touchscreen, cell-connected photo frame goes hands-on

Isabella's Vizit touchscreen, cell-connected photo frame goes hands-on originally appeared on Engadget on Thu, 25 Mar 2010 15:56:00 EST. Please see our terms for use of feeds.

Permalink   |   | Email this | Comments


Mobinnova Beam netbook spotted running Android, sporting other improvements


Mobinnova had already mentioned that it planned to ditch Windows CE in favor of Android for its Beam netbook before the device was actually released, and it looks like it's now finally made the jump, as evidenced by Laptop Magazine's recent hands-on with the netbook. Whats' more, the 8.9-inch device was also seen sporting a few other minor improvements, including some new media playback keys on the keyboard, and CinemaNow pre-installed on the system for downloading movies. Expectedly, you won't have access to Android Market, btu Mobinnova says it will include some games that "leverage the Tegra chip's multimedia prowess," and that it's even working on its own app store for the device.

Mobinnova Beam netbook spotted running Android, sporting other improvements originally appeared on Engadget on Thu, 25 Mar 2010 17:03:00 EST. Please see our terms for use of feeds.

Permalink I4U News  |  sourceLaptop Magazine  | Email this | Comments


Thursday, March 25, 2010

American Marketing Assoc Webinar: 3/31 4pm EST Practical Marketing Through Social Channels - a few spots left -


NYC's Depressingly Congested Traffic, Mapped by Taxicab GPS [GPS]


NYC's Depressingly Congested Traffic, Mapped by Taxicab GPSWhy I take the subway: This is what NYC traffic congestion looks like, charted by the GPS units built into cabs. The real surprise is that average travel speeds remain a crushingly slow 7MPH, even when everybody's at work. [NYT]


Law Enforcement Appliance Subverts SSL [SSL]


packet_forensicsThat little lock on your browser window indicating you are communicating securely with your bank or e-mail account may not always mean what you think its means.

Normally when a user visits a secure website, such as Bank of America, Gmail, PayPal or eBay, the browser examines the website's certificate to verify its authenticity.

At a recent wiretapping convention however, security researcher Chris Soghoian discovered that a small company was marketing internet spying boxes to the feds designed to intercept those communications, without breaking the encryption, by using forged security certificates, instead of the real ones that websites use to verify secure connections. To use the appliance, the government would need to acquire a forged certificate  from any one of more than 100 trusted Certificate Authorities.

The attack is a classic man-in-the-middle attack, where Alice thinks she is talking directly to Bob, but instead Mallory found a way to get in the middle and pass the messages back and forth without Alice or Bob knowing she was there.

The existence of a marketed product indicates the vulnerability is likely being exploited by more than just information-hungry governments, according to leading encryption expert Matt Blaze, a computer science professor at University of Pennsylvania.

"If company is selling this to law enforcement and the intelligence community, it is not that large a leap to conclude that other, more malicious people have worked out the details of how to exploit this," Blaze said.

The company in question is known as Packet Forensics, which advertised its new Man-In-The-Middle capabilities in a brochure handed out at the Intelligent Support Systems (ISS) conference, a Washington DC wiretapping convention that typically bans the press. Soghoian attended the convention, notoriously capturing a Sprint manager bragging about the huge volumes of surveillance requests it processes for the government.

According to the flyer: "Users have the ability to import a copy of any legitimate key they obtain (potentially by court order) or they can generate 'look-alike' keys designed to give the subject a false sense of confidence in its authenticity." The product is recommended to government investigators, saying "IP communication dictates the need to examine encrypted traffic at will" and "Your investigative staff will collect its best evidence while users are lulled into a false sense of security afforded by web, e-mail or VOIP encryption."

Packet Forensics doesn't advertise the product on its website, and when contacted by, asked how we found out about it. Company spokesman Ray Saulino initially denied the product performed as advertised, or that anyone used it. But in a follow-up call the next day, Saulino changed his stance.

"The technology we are using in our products has been generally discussed in internet forums and there is nothing special or unique about it," Saulino said. "Our target community is the law enforcement community."

Blaze described the vulnerability as an exploitation of the architecture of how SSL is used to encrypt web traffic, rather than an attack on the encryption itself. SSL, which is known to many as HTTPS://, enables browsers to talk to servers using high-grade encryption, so that no one between the browser and a company's server can eavesdrop on the data. Normal HTTP traffic can be read by anyone in between - your ISP, a wiretap at your ISP, or in the case of an unencrypted WiFi connection, by anyone using a simple packet sniffing tool.

In addition to encrypting the traffic, SSL authenticates that your browser is talking to the website you think it is. To that end, browser makers trust a large number of Certificate Authorities - companies that promise to check a website operator's credentials and ownership before issuing a certificate. A basic certificate costs less than $50 today, and it sits on a website's server, guaranteeing that the website is actually owned by Bank of America. Browser makers have accredited more than one hundred Certificate Authorities from around the world, so any certificate issued by any one of those companies is accepted as valid.

To use the Packet Forensics box, a law enforcement or intelligence agency would have to install it inside an ISP, and persuade one of the Certificate Authorities - using money, blackmail or legal process - to issue a fake certificate for the targeted website. Then they could capture your username and password, and be able to see whatever transactions you make online.

Technologists at the Electronic Frontier Foundation, who are working on a proposal to fix this whole problem, say hackers can use similar techniques to steal your money or your passwords. In that case, attackers are more likely to trick a Certificate Authority into issuing a certificate, a point driven home last year when two security researchers demonstrated how they could get certificates for any domain on the internet simply by using a special character in a domain name.

"It is not hard to do these attacks," said Seth Schoen, an EFF staff technologist. "There is software that is being published for free among security enthusiasts and underground that automate this."

China, which is known for spying on dissidents and Tibetan activists, could use such an attack to go after users of supposedly secure services, including some Virtual Private Networks, which are commonly used to tunnel past China's firewall censorship. All they'd need to do is convince a Certificate Authority to issue a fake certificate. When Mozilla added a Chinese company, China Internet Network Information Center, as a trusted Certificate Authority in Firefox this year, it set off a firestorm of debate, sparked by concerns that the Chinese government could convince the company to issue fake certificates to aid government surveillance.

In all, Mozilla's Firefox has its own list of 144 root authorities. Other browsers rely on a list supplied by the operating system manufacturers, which comes to 264 for Microsoft and 166 for Apple. Those root authorities can also certify secondary authorities, who can certify still more - all of which are equally trusted by the browser.

The list of trusted root authorities includes the United Arab Emirates-based Etilisat, a company which was caught last summer secretly uploading spyware onto 100,000 customers' Blackberrys.

Soghoian says fake certificates would be a perfect mechanism for countries hoping to steal intellectual property from visiting business travelers. The researcher published a paper (.pdf) on the risks Wednesday, and promises he will soon release a Firefox add-on to notify users when a site's certificate is issued from an authority in a different country than the last certificate the user's browser accepted from the site.

EFF's Schoen, along with fellow staff technologist Peter Eckersley and security expert Chris Palmer, want to take the solution further, using information from around the net so that browsers can eventually tell a user with certainty when they are being attacked by someone using a fake certificate. Currently browsers warn users when they encounter a certificate that doesn't belong to a site, but many people simply click through the multiple warnings.

"The basic point is that in the status quo there is no double check and no accountability," Schoen said. "So if Certificate Authorities are doing things that they shouldn't, no one would know, no one would observe it. We think at the very least there needs to be a double check."

EFF suggests a regime that relies on a second level of independent notaries to certify each certificate, or an automated mechanism to use anonymous Tor exit nodes to make sure the same certificate is being served from various locations on the internet - in case a user's local ISP has been compromised, either by a criminal, or a government agency using something like Packet Forensics' appliance.

One of the most interesting questions raised by Packet Forensics product is how often do governments use such technology and do Certificate Authorities comply. Christine Jones, the general counsel for GoDaddy - one of the net's largest issuers of SSL certificates -  says her company has never gotten such a request from a government in her 8 years at the company. "I've read studies and heard speeches in academic circles that theorize that concept, but we never would issue a 'fake' SSL certificate," Jones said, arguing that would violate the SSL auditing standards and put them at risk of losing their certification. "Theoretically it would work, but the thing is we get requests from law enforcement every day, and in entire time we have been doing this, we have never had a single instance where law enforcement asked us to do something inappropriate."

VeriSign, the largest Certificate Authority, declined to comment.

Matt Blaze notes that domestic law enforcement can get many records, such as a person's Amazon purchases, with a simple subpoena, while getting a fake SSL certificate would certainly involve a much higher burden of proof and technical hassles for the same data.

Intelligence agencies would find fake certificates more useful, he adds. If the NSA got a fake certificate for Gmail - which now uses SSL as the default for e-mail sessions in their entirety (not just their logins) -  they could install one of Packet Forensics' boxes surreptitiously at an ISP in, for example, Afghanistan, in order to read all the customer's Gmail messages.  Such an attack, though, could be detected with a little digging, and the NSA would never know if they'd been found out.

Despite the vulnerabilities, experts are pushing more sites to join Gmail in wrapping their entire sessions in SSL.

"I still lock my doors even though I know how to pick the lock," Blaze said.

Law Enforcement Appliance Subverts has been expanding the hive mind with technology, science and geek culture news since 1995.