Just because the Moscone Center in San Francisco hosts a veritable plethora of techie conventions doesn't mean they offer Wi-Fi. If your phone can pick up a 3G signal, though, you might not care, and you might not have to pay for it, either. Thanks to PdaNet's phone app and laptop drivers, and your unlimited data plan that you're already paying for, you can use many of the major smartphones as your Internet connection.

After connecting your Android and running the PdaNet app, you'll need to finalize the connection from the PdaNet system tray icon.

From the improbably-named software publisher June Fabrics, PdaNet is known for offering tethering solutions for PalmOS, but it also offers an iPhone, Windows Mobile, and BlackBerry version. (Note that the iPhone version requires jailbreaking.) We'll be focusing on the Android version, which is available for Windows 32-bit, , and Mac. The installation is surprisingly simple, and doesn't involve rooting your Android phone.

There are two ways to install it. You can download it directly to your phone, connect your phone to your computer, then mount the phone as a drive and run the EXE from there. Or you can download it directly to your computer and run it. If you run it from your phone, the on-screen instructions will tell you when you need to disconnect your phone to complete the installation.

You'll be prompted again to enable USB debugging on the Android, and then to connect the USB cable. Once connected, it will install the PdaNet app on your phone. To create the connection, you'll need to connect the USB cable, run the PdaNet app on the phone, and then complete the connection by choosing "Connect" from the system tray context menu. If the Windows driver warns you that it's unverified, install it anyway.

PdaNet for Android has one limitation. After 30 days, it will require you to buy a license for $23.95, otherwise it will block access to secure HTTPS Web sites such as Gmail. That's a tempting carrot, but for those who don't need access to secure sites, the free version should be more than enough.

The connection itself was smooth and nearly flawless. Users can tether their Androids with a USB cable, or they can connect their phones to their laptops via Bluetooth DUN. PdaNet warns users that Bluetooth connections can be hamstrung by baud rate, so browsing on your laptop can appear slower than on your phone. However, the company says that there should be no perceptible slowdowns over USB.

I noticed occasional hiccups when waking the laptop from hibernating, but otherwise there were no connection problems. To get around those apparent connection loss situations, I disconnected and then re-established the tether. The program is light on your system resources, and a strong choice for those who want the benefits of tethering without the risks involved in rooting.

Mozilla made public the first beta of Thunderbird 3 today. Code-named Lanikai and available for Windows, Mac, and Linux, the milestone makes few noticeable changes to the open-source and free desktop e-mail client. This is not surprising, though, as Mozilla Messaging announced that the goal of this release was to fix problems created by upgrading the Gecko engine that powers the program.

Lanikai is the first semi-stable release of Thunderbird to use Gecko 1.9.2, which is the same engine that Firefox 3.6 uses. The changes made from Thunderbird 3 to the 3.1 beta test version include Mac OS X 10.6 upgrade path from Thunderbird 2 improvements, fixes for autocomplete, tabs, activity manager, minor interface improvements and corrections, and a spate of stability and memory corrections.

One new security feature is that Lanikai requires extensions to come from a secure server using the HTTPS protocol or be digitally signed. Absent either of these, the extension won't install.

The full list of bug fixes is available here.

There are also several known issues that persist in Lanikai. These include a conflict with the Kaspersky Anti-Spam add-on, an occasional plain-text e-mail interface bug that forces buttons out of the pane, and an occasional offline bug that prevents e-mails written in Offline mode from being automatically sent when the Internet connection is restored. They must instead be sent manually from the Drafts folder.

As noted when Lanikai entered the alpha phase of development, Mozilla Messaging is attempting to follow in the footstep of the Firefox release schedule. The final version of Thunderbird 3.1 is expected sometime in June, though that could easily change.

Check Software Update! Apple has released Safari 4.0.5, which brings a number of performance enhancements and bug fixes to Apple's browser. According to the updater, the following has been addressed:

The update is available for Windows and OS X, but on the Mac side the specific problems addressed are issues with RSS feeds setting values in cookies, even if you have blocked cookies, and potential problems with WebKit's loading of CSS, XML, and HTML scripts that could cause arbitrary code execution or crashing.

For specifics on the issues addressed, see this Apple knowledgebase document: http://support.apple.com/kb/HT4070

The Safari update is 31.8MB, and does require a restart to fully install. Be sure to back up your system before installing, and also have an alternative browser available as a backup. Keep in mind that third-party add-ons may be affected by the update, so check their functionality after updating, and be prepared to remove or reinstall them if needed.

Questions? Comments? Post them below or email us!
Be sure to check us out on Twitter and the CNET Mac forums.

Originally posted at MacFixIt

By Mozilla's lights, Firefox 3.6 has been a runaway success. The publisher of the open-source browser says that more than 100 million users have downloaded Firefox 3.6 since its launch in the middle of January. However, not all Firefox users have upgraded from Firefox 3 or Firefox 3.5, and Mozilla wants to change that.

Users of older versions of Firefox will start seeing this pop-up, asking them to upgrade.

As of Thursday, users of older Firefox versions will start seeing a pop-up encouraging them to upgrade. The window will come with three choices: Ask Later, No Thanks, or Get the New Version. The pop-up will appear after 60 seconds of keyboard inactivity, which Mozilla called a courtesy toward users and their workflows. Selecting "Ask Later" will defer the window for 24 hours. If a user has chosen No Thanks but decides later to upgrade Firefox, running the "Check for Updates" option from the Help menu will bring up the upgrade window.

One reason that many users cite for not upgrading Firefox is a legitimate concern about add-on forward compatibility. In the press release announcing the push, Mozilla stated that more than 90 percent of Firefox add-ons are compatible with Firefox 3.6. Users can also try to force older add-ons to be compatible by using the MR Tech Toolkit or Nightly Tester Tools add-ons, which add a "force compatibility" option to the add-on context menu, but these tricks also decrease the stability of the browser.

If you use an older version of Firefox, tell us why and which version in the comments below.

Moshe Ben Abu announced his Internet Explorer exploit on Twitter.

An Israeli security researcher has published exploit code for an unpatched hole in Internet Explorer that Microsoft disclosed two days ago.

Microsoft had warned in an advisory that a new vulnerability in IE 6 and IE 7, which could allow an attacker to take control of a computer, had been targeted in attacks.

Releasing the exploit code publicly increases the chances of attacks on the zero-day hole and could pressure Microsoft to issue a patch before its next scheduled Patch Tuesday in four weeks.

Researcher Moshe Ben Abu announced his work in a blog post on Wednesday and said it was being included in the open-source Metasploit exploit database.

He was able to create the exploit code after figuring out where an existing exploit was in the wild, based on information in a McAfee blog post, he told Ryan Naraine of the Zero Day blog at CNET sister site ZDNet. It took him about 10 minutes to de-obfuscate the exploit and pinpoint the vulnerability, he said.

Ben Abu told CNET that he would have found the original exploit code sooner or later without McAfee's help.

Asked how serious the zero-day hole is, he wrote in an e-mail to CNET: "The exploit covers Internet Explorer versions 6 and 7, which are not the latest version [IE 8] but many users still use it. In addition, the exploit is quite unstable, with about 60 percent to 70 percent success rate. So I guess it is critical, but not for users who update their Windows with the latest IE."

Microsoft's advisory on the vulnerability includes information on workarounds but suggests that IE 6 and IE 7 users upgrade to IE 8 immediately.

A McAfee spokesman said the company would be more careful about the details provided in its blog posts in the future.

"McAfee Labs does not support the release of exploit code, particularly in advance of a security patch being made available. We regularly sanitize blog content to prevent providing information that might assist attackers, while at the same time providing a service to customers and the security community to help improve protection levels," the spokesman said in a statement via e-mail. "The post in question did not contain enough information to directly lead anyone to exploit code. However, we regret that in this unique situation the post did contain details that may have given exploit writers a starting point to hunt for exploit code. Future blog posts will be subject to additional sanitization."

Updated at 11:44 a.m. PST with comment from McAfee and updated at 10:37 p.m. PST with comment from Ben Abu.

Originally posted at InSecurity Complex

All those Android smartphone owners who have been wondering when they can ditch the outmoded Opera Mini 4.2 browser in favor of the latest beta can now unfold their pouts, stop that kicking, and remove their pounding fists from the floor. Opera Mini 5 beta for Android has arrived.

Opera adds Android to its Mini 5 beta lineup.

On Thursday, Opera Software pushed out the Android version of its Mini 5 browser that improves the browser experience for Java phones by leaps and bounds. The beta build is equipped with an updated interface that includes a new "speed dial" start screen featuring thumbnails of most-visited sites. The browser also supports tabs, a first for Mini but old hat on Opera Mobile.

Opera Mini 5 beta (beta 2, actually) and the nearly identical Opera Mobile 10 beta (for Symbian and Windows phones) have been making the mobile rounds since September. We're fans of the latest advances to come to the free browser, and we're looking forward to Opera making those changes final and retiring Opera Mini 4.2 (and Opera Mobile 9.6, while they're at it.) We just wish that Opera had submitted Mini 5 beta to the Android Market sooner.

Here's our hands-on review of the very similar Opera Mini 5 beta for Java phones. Keep an eye out for an updated hands-on.

There's no confirmation from Opera, but we're speculating that Opera could officially flip the switch on at least one of the Opera Mini 5 variants at the CTIA trade show later in March.

To download Opera Mini 5 beta for Android, check the Android Market from your smartphone or point to mobile browser to www.opera.com/mini/next/.

Related: Opera Mini now on Windows Mobile. Yeah, you read that right Opera Mini browser for iPhone? Opera Mini and Mobile betas bestowed with sync

Originally posted at Android Atlas

LimeWire's peer-to-peer file-sharing network is notorious as a malware ghetto, where distributed files that have legitimate-sounding names turn out to be Trojan horses hiding pernicious threats. In an effort to attract more users to the LimeWire premium upgrade and to protect those users better, the company signed a deal with AVG on Tuesday to extend download file scanning and blocking to LimeWire Pro users.

By integrating AVG's antivirus SDK engine, all files that LimeWire Pro users download will now be scanned before they run. A pop-up will appear letting users know when a file has been scanned or blocked.

This is a smart move to make, as users become more aware of the risky nature of running audio, video, and program executables from unverifiable sources without scanning them first. However, many security suite options already offer download scanning. Most of the premium ones, such as Norton, McAfee, Kaspersky, and ESET, and some of the free ones, such as AVG, Avast, and Avira, will block a malicious download before anything gets saved to your hard drive. Nearly all will prevent an already-downloaded file from running.

LimeWire pointed out in a press release that it has 50 million users worldwide but didn't specify how many of those were premium-version users who would receive the AVG protection.

Share a mouse and keyboard between computers

Portable & quick PDF reader

Clear, reliable and free file sharing software

Control a remote computer from your PC

Advanced Task Manager replacement

Control a remote computer from your PC

Collection of video & audio codecs

Produce a digital photo album

Remember Scrabulous, the Facebook-powered Scrabble knockoff that was all the rage a couple years back? I was a serious addict, but lost interest after all the name changes, lawsuits, redesigns, etc.

Thanks to my evil friend Denny, my addiction is reborn--and mobile. Words With Friends is a two-player crossword challenge that offers turn-based, Scrabulous-like competition. It's not perfect, but I'm loving it.

So I'm getting creamed. Can I help it if I draw bad letters?

The game lets you complete online against random players and/or friends. (Built-in Facebook/Twitter links let you post an invitation as a status update.) You can have up to 20 matches going at once, with push notifications letting you know when it's your turn.

There's also an in-game chat option. You can tell when an opponent is online when you see a pair of eyeballs next to the Chat button.

The game itself plays much like Scrabble, though with a slightly different distribution of the bonus squares (double word score, triple letter score, etc.). A double-tap is all it takes to zoom into the board for easier tile placement or back again for a full-board view.

It would be nice if WWF had a few more amenities, like a button for clearing your tiles or a list of legal two-letter words. But my big complaint is that the game doesn't keep a tally of your potential word score as you place your tiles. It's only after you make your play that you find out your total for the turn. (What, I'm supposed to do math in my head?)

WWF also suffers from some performance issues, like seemingly endless lag when attempting to submit your turn. Most of the time, the game worked fine, but it's frustrating when it doesn't.

Developer Newtoy offers a free, ad-supported version of Words With Friends and a $2.99 ad-free version.

The ads get pretty annoying pretty quickly, so I may just bite the bullet and pay my 3 bucks. On the other hand, Words With Friends is such a distraction (albeit an incredibly enjoyable one), the smarter move would be to delete it altogether.

Eh, I'm probably not that smart. In fact, my username is justrick if you want to challenge me to a game. Update: Too many challenges! Sorry I can't accept them all. In the meantime, check out "Five perfect puzzle games for the iPhone."

Originally posted at iPhone Atlas

Launch your portable applications

Brand new major update to the popular chat & VOIP client

Apple-owned FileMaker on Tuesday unveiled the next major version of its database product, FileMaker Pro 11.

In a recent study, the company found that 80 percent of the people who look at FileMaker already have a task in mind. With this type of feedback, FileMaker set out to make the new version faster and more productive for new users.

"It's very much a back to basics release for us," Ryan Rosenberg, vice president of marketing and services at FileMaker, told CNET. "We think ease of use is the core proposition in a database."

To help users get started, FileMaker added a new "Invoices" template, a task many new users want to get up and running with quickly. FileMaker now has 31 starter templates included in the application.

Creating an invoice in FileMaker Pro 11

One of the big new features of FileMaker 11 is charting. Rosenberg explained that unlike a spreadsheet, charts created with a FileMaker database will update dynamically as the user browses data or views an invoice, for example. The charts can also be published to the Web using FileMaker's built-in tools.

On-the-fly reporting is also new, allowing users to create spreadsheet-like documents with totals and subtotals. Rosenberg likened these to pivot tables in spreadsheets.

The new version also adds an Inspector, a feature many people are used to seeing in applications like Photoshop and Microsoft Office. The Inspector shows a palette on your desktop, allowing you to quickly choose to align text, change colors and other simple tasks.

A new media library

FileMaker 11 is now a Cocoa application, which means that it is fully native on Mac OS X. There are four versions of the database app available: FileMaker Pro, FileMaker Pro Advanced, FileMaker Server, and FileMaker Server Advanced.

Pricing starts at $299.

Originally posted at News - Apple

Security firm Panda says it found several types of malware on an HTC Magic on an Android-based device from Vodafone.

An employee at Spanish antivirus firm Panda Security received a new Android-based Vodafone HTC Magic with malware on it, according to researchers at Panda Labs.

"Today one of our colleagues received a brand new Vodafone HTC Magic with Google's Android OS," researcher Pedro Bustamante wrote on the Panda Research Blog on Monday.

"The interesting thing is that when she plugged the phone to her PC via USB, her Panda Cloud Antivirus went off, detecting both an autorun.inf and autorun.exe as malicious," he wrote. "A quick look into the phone quickly revealed it was infected and spreading the infection to any and all PCs that the phone would be plugged into."

The malware began "phoning home" for instructions, Bustamante wrote. It's likely the user's credentials would have been stolen, he speculated.

The malware turned out to be related to the Mariposa botnet, but there was other malware on the device too--Conficker and a Lineage password-stealing Trojan, he said.

A Vodafone spokesperson did not return an e-mail from CNET seeking comment, but The Register published a statement from Vodafone that said it is investigating the matter.

"Following extensive quality assurance testing on HTC Magic handsets in several of our operating companies, early indications are that this was an isolated local incident," the statement said.

Last week, three people were arrested in Spain on charges of operating a massive botnet composed of 12.7 million PCs that stole credit card and bank log-in data and infected computers in half of the Fortune 1,000 companies and more than 40 banks. The botnet was dubbed "Mariposa," which means butterfly in Spanish.

Updated at 1:07 p.m. PST with background on Mariposa-related arrests.

Originally posted at InSecurity Complex