Cisco Systems on Windows Server 2008

Enterprises can now buy a networking appliance from Cisco Systems that runs basic Windows Server 2008 functions, a product designed for use in branch offices, Cisco and Microsoft announced Wednesday.

he companies said in February that they were working on a way for enterprises to run Windows Server 2008 services locally at a branch office on Cisco’s Wide Area Application Services (WAAS) networking appliance. The alternative for many companies is either to use a full Windows Server at every branch, which could be overkill, or run all functionality centrally, which could result in slow performance for branch workers.

With the new product, called Windows Server on WAAS, branch offices can host services locally including Active Directory, Microsoft Print Services, Microsoft Domain Name System Server and Microsoft Dynamic Host Configuration Protocol Server. That can improve performance for branch workers and reduce costs related to wide area network connectivity and branch systems management. An IT administrator can remotely manage the Windows Server functions using Microsoft System Center.

Cisco used embedded virtualization technology in its appliance to enable Windows Server 2008 to run on it.

Some companies that had early access to the product describe their experiences on a Web site set up by Microsoft and Cisco. Farm Credit Services of Mid-America had 180 Windows Servers companywide, including one in nearly every branch, said Jim Curtis, director of infrastructure. His goal with Windows Server on WAAS is to move most of the branch servers to the company’s data center to make better use of a small infrastructure support staff.

He currently runs Active Directory centrally, but once the appliance setup is complete he could move Active Directory to the branches as a read-only function, improving log-in times for workers and mitigating potential security issues, he said.

The product is one example of Cisco and Microsoft working together while they also compete in other markets, such as unified communications.

Pricing for Windows Server on WAAS starts at $10,000, including the hardware and the software license. Other configurations with more storage are also available.

The Worst Windows Flaws for The Past Decade

June 25, 1998, and June 30, 2008, marked two important milestones in Microsoft’s evolution of the Windows OS — the passing of the torch from Windows 95 to Windows 98, and the less seemly transition from XP to Vista.

In the 3,659 days between, users of Windows have been forced to bear witness to another evolution of sorts: bugs that left Windows open to exploits that appeared almost as fast as you could say, “On the Origin of Species.”

Uncovering — and exploiting — Windows vulnerabilities has made sport for many and careers for many more. Entire industries have sprung up to protect Windows users from previously unknown flaws, while malware authors have matured their practices from juvenile pranks to moneymaking criminal enterprises.

Caught in the middle of this never-ending onslaught is the innocent PC user and the besieged IT admin. And though Microsoft and the entire software industry have labored tirelessly to handle zero-day exploits and to develop protocols for reporting potential security problems, we’ve seen and experienced several colossal security meltdowns thanks to the humble Windows bug.

These errors, buried in millions of lines of code, have steered great corporations and turned the tide of fortunes. It’s high time they got the credit they deserve. Here are the worst Windows flaws we’ve endured since the introduction of Windows 98.

Password “password” would have been more secure
Bug identifier: VCE-2000-0979, MS00-072
Description: Share Level Password vulnerability
Alias: Windows 9x share password bypass
Date published: Oct. 10, 2000

Windows 9x introduced a nifty little concept wherein users could host a password-protected mini file server, aka a share, on their PCs. The idea was simple: Allow users of networked computers to host and share files securely. Only the padlock Microsoft used to lock the door came equipped with a gaping hole that rendered it useless.

“When processing authentication requests for a NetBIOS share, Windows 95/98 would look at the length of the password sent by the attacker and then only compare that number of bytes to the real password,” writes vulnerability expert H.D. Moore, who manages the Metasploit Framework project.

Oops. “This let the attack specify a password of zero bytes and gain access to the share,” without actually knowing the password at all, Moore explains.

“The real damage,” he continues, “was that by trying all characters of incrementing lengths, they could literally obtain the password for share from the server.”

If there’s one thing we’ve learned from the past decade of Microsoft patches, it’s that not everyone keeps on top of them. When Microsoft published this particular advisory, the patch that fixed the problem (MS00-057) had already been released two months prior.

With this bug, if you knew the layout of a Microsoft file system — which folders appear where — you could send a command to a Web server that essentially gave you total control.

As anyone who has spent any time using a Windows computer will tell you, it’s not hard to find your way around the hard drive. Documents go in a particular folder path; most applications are put in another folder path; and so on.

By using dots and backslashes (or their respective unicode representations) in the URL, this bug allowed you to navigate up and down the file system and execute commands, just by knowing a few simple rules and how Windows organizes itself. While account permissions for IIS are somewhat limited, a related exploit helped escalate privileges, giving remote users the ability to do whatever they wanted to with Windows servers simply by sending a few URLs.

“Originally found as an anonymous post in the PacketStorm forums, this resulted in nearly two straight years of mass ownage against Windows web servers,” Moore writes.

Upshot: Directory traversal opened up a new world for automated attacks that merely had to call a particular URL to do their dirty work.

Code Red: Deadly bug, disgusting soda
Bug identifier: MS01-033
Description: Unchecked buffer in index server ISAPI (Internet Server API) extension could enable Web server compromise
Alias: The Code Red bug
Date published: June 18, 2001

What happens when you send a ton of data at a Microsoft Web server? If it was the summer of 2001, well, you owned the network. At least that’s what happened a little more than a month after Microsoft released this obscure-sounding patch for IIS Web servers.

he nature of the bug was simple: Take an IIS server, invoke a buffer overflow, and commands spill into other parts of system memory. Because the commands were issued in the context of the system itself, the bug opened up for exploitation virtually all aspects of the server’s operation.

And exploitation happened, all right, on a scale that hadn’t been seen before.

On the afternoon of Friday, July 13, 2001, security engineers at eEye Digital Security received reports of a worm that was spreading rapidly through its customers’ networks. Fueled by a limited edition, crimson, caffeinated, high-fructose corn syrup-based beverage, Mark Maiffret and Ryan Permeh spent a weekend reverse-engineering the worm, and alerted the world to its presence.

What the worm did was probe vulnerable IIS servers, infect them, and create 100 threads of itself, which then spread to other computers. If the date was between the 20th of the month and the end of the month, it would attempt to spew data at www.whitehouse.gov. Permeh and Maiffret estimated that the worm could infect approximately 500,000 unique IP addresses per day.

Upshot: Code Red really drove home the importance of patching bugs soon after Microsoft released the patch, because the patches themselves give malware authors clues to exactly where they should look for new vulnerabilities.

Fastest infection. Ever.
Bug identifier: MS02-039
Description: Buffer overruns in SQL Server 2000 Resolution Service could enable remote code execution
Alias: The SQL Slammer bug
Date published: July 24, 2002

While technically not an OS bug, the SQL Slammer bug deserves honorary mention due to the sheer velocity with which vulnerable systems were infected. The bug targeted Microsoft’s database server. Vulnerable computers were subject to buffer overflows that, if properly crafted, could place commands into memory to cause the targeted system to execute those commands with the permissions of the database service.

Patching was complicated by the fact that admins needed to run an earlier patch before they could run the MS02-039 fix. The bug affected primarily corporate server systems, but also affected home users who had MSDE (Microsoft SQL Server Desktop Engine) installed. That made a number of home users, some of whom didn’t even know they had MSDE on their machines, unwitting participants in the carnage to come.

Because the Slammer worm primarily targeted servers running databases, it didn’t infect millions of machines. It did, however, spread rapidly — so rapidly, in fact, that it had infected roughly 9 out of 10 vulnerable machines within 10 minutes of being released on Jan. 25, 2003. The entire worm was only 376 bytes, and fit into a single packet of data.

The MS02-039 bug was “one of the biggest oversights of all time,” says Steve Manzuik, senior manager of security research at Juniper Networks, “not because it was an easy or obvious bug to find — it wasn’t.”

“At the time of the patch, no one realized that every vulnerable SQL installation was also listening on a UDP (User Datagram Protocol) port that they could be exploited over,” Manzuik explains. “Many administrators simply locked down access to the SQL TCP ports while forgetting about UDP.”

A postmortem by the Cooperative Association for Internet Data Analysis revealed that the worm was a model of efficiency, doubling the number of infected systems every 8.5 seconds, and flooding the Internet with so many infection attempts that routers shut down. When restarted, so many routers attempted to update their routing tables simultaneously that normal Internet traffic simply couldn’t get through the gridlock.

Billy Gates, stop making money! Make malware instead.
Bug identifier: MS03-026
Description: Buffer overrun in RPC interface could allow code execution
Alias: The Blaster Worm bug
Date published: July 16, 2003

The DCOM RPC interface is a common component of NT-based Windows OSes, including NT, 2000, XP, and Server 2003. In the summer of 2003, it became the subject of intense scrutiny.

As Microsoft described in the bulletin that accompanied the patch, a successful exploit only required the attacker to send a “specially formed request” to a vulnerable PC — a bit like dangling candy in front of a ravenously hungry baby.

By Aug. 11, the Blaster worm arrived, and though it spread rapidly, it was fairly easy to block with a firewall.

Unfortunately, protecting home systems with firewalls wasn’t common practice at the time. Home users’ PCs — connected directly to the Internet — got whomped by the worm. When the worm’s code crashed the infected computer’s RPC service, the computer would display a message warning of imminent shutdown, and unceremoniously reboot itself.

The worm had another message, this one to Microsoft’s founder, and embedded within its code: “billy gates why do you make this possible? Stop making money and fix your software!!”

But it was fixed. Or at least it would have been if people had patched their systems.

At the end of the summer, Microsoft released a second set of updates in MS03-039 that blocked additional ports that attackers could use to mess with the RPC service.

That sassy bug has a lot of spunk
Bug identifier: CVE-2003-0533, MS04-011
Description: Stack-based overflow in certain Active Directory service functions in LSASRV.DLL
Alias: The Sasser bug
Date published: April 13, 2004

In yet another example of ironic buffer-overflow goodness, this bug made the security subsystem of Windows the agent of evil itself. And, once again, malicious coders used Microsoft’s own patch to figure out exactly where to target the OS.

As Windows XP’s gatekeeper, LSASS (Local Security Authority Subsystem) manages the permissions of a PC’s user accounts. So when eEye — the same company that discovered the Code Red bug — quietly disclosed the details of this flaw to Microsoft in October 2003, it touched off six months of furious coding in Redmond that culminated in a patch that fixed 13 other Windows 98, NT, 2000, XP, and Server 2003 flaws, as well as the LSASS bug.

And, within 18 days, the Sasser worm was cruising the Internet, hopping from one unpatched machine to another. The poorly coded worm wreaked havoc, shutting down networks around the world. Even though a fix was already available, many users — in particular, corporate IT managers — still had not applied MS04-011. By May 1, 2004, work on fixing the unintended damage caused by Sasser had become a round-the-clock operation, says then director of the Microsoft Security Response Center, Kevin Kean, with “a number of war rooms and rotating shifts” for MSRC staffers.

WMF: Wherein malware is foisted
Bug identifier: CVE-2005-4560, MS06-001
Description: Vulnerability in graphics-rendering engine could allow remote code execution
Alias: Windows Metafile vulnerability, aka drive-by downloads
Date published: Jan. 5, 2006

Over the winter holidays in 2005, security researchers began discussing a newly discovered vulnerability in a Windows library used by the OS to display various kinds of graphics in apps and the OS itself.

The problem stemmed from a particular image file format, native to Windows since the days of Windows 3.0, called WMF (Windows Metafile). Used as the native format for storing graphics within Microsoft Office documents, support for WMF was by that point thoroughly embedded into Microsoft products.

WMF files contain function calls that a program sends to the GDI (Graphics Driver Interface). Someone discovered that WMF files can contain executable code as well. This would allow you to, say, create a WMF file that, merely by being viewing, invokes Internet Explorer to visit a particular URL, download a file, and execute that file. Special.

The aftermath of the discovery followed a familiar pattern. Microsoft issued a patch on Jan. 5, 2006, in record time. But for a long while, unpatched computers running vulnerable versions of gdi32.dll roamed the Internet, slurping up mountains of malware.

The bug had far-reaching effects, enabling malicious code to be foisted on unsuspecting users and executed in a variety of ways: previewing an e-mail containing the malicious WMF file in Outlook; viewing an image preview in Explorer; viewing a malicious WMF in certain third-party graphics programs; indexing a hard disk that contained a malicious file; following a URL link in an e-mail, IM, or on another Web page to a site where the malicious file was embedded in the Web page.

MDAC: The component that keeps on giving (headaches)
Bug identifier: CVE-2006-0003, MS06-014
Description: Vulnerability in MDAC (Microsoft Data Access Components) could allow code execution
Alias: MDAC RDS.Dataspace ActiveX bug
Date published: April 11, 2006

Way back in 1998, Microsoft issued a security bulletin about a component of IIS that ran under Windows NT Server called Microsoft Data Access Components. In the bulletin, MS98-004, Microsoft warned that a part of MDAC called the RDS (Remote Data Service) had a vulnerability that allowed unauthorized people to browse databases.

Flash-forward eight years to the spring of 2006. Microsoft released a security bulletin about a component of MDAC called RDS, which has a vulnerability that permits malicious Web servers to perform drive-by downloads against the unpatched PCs of unsuspecting victims. Eerily familar.

In the later case, it was an ActiveX control that allowed users to connect to RDS through IE and wreak havoc. The ActiveX control doesn’t behave as intended, and can be loaded and exploited if you visit the wrong Web site.

Of course, by 2006, MDAC isn’t just loaded on servers; you may have it on your PC. Moreover, the bad guys have changed tactics. No longer content to wait patiently for you to happen upon their malicious Web site, they spam you with links, buy ads based on Google searches, and load their pages with SEO (search engine optimization)-rich keywords. The result, however, is the same: Visit and be exploited.getRelatedBoxOne(“/article/08/10/06/41FE-windows-flaws_5.html”,”spBoxOne”)

In fact, the bad guys are now using off-the-shelf exploit software to put malware onto your machine. A tool called MPack that’s loaded on malicious Web sites can check to see what browser version you’re using and what patches you have installed. Based on this analysis, it delivers the exploits that will do the most damage. More galling is that they don’t even bother to hide what they’re doing, naming the Web page that performs the exploit “mdac4.php.”

Upshot: The MDAC RDS is a complex system, with a multitude of patches available depending on which version you have installed. Manually choosing the right patch can be a complicated task. But with such a serious flaw, you can’t afford to make a mistake. Patches like these have helped push advancements in Windows Update, which scan your system and pick the right patch automatically, so you don’t have to.

Resources and references from http://www.infoworld.com

Internet Explorer 8 Beta 2 is Coming…

More than two years ago, when Microsoft was in the final stages of testing Internet Explorer 7, Bill Gates promised more frequent browser updates, as often as every 9 to 12 months. And yet today, nearly two years after IE7’s release, the long-awaited Internet Explorer 8 has just reached the Beta 2 milestone.

IE8 Beta 2 Features

Accelerators

Accelerators let you efficiently complete your everyday browsing activities like mapping directions, translating words, emailing your friends, and more in just a few mouse clicks.

Common accelerator showing driving directions

InPrivate Browsing

Browse the web without saving your history with Internet Explorer 8’s InPrivate Browsing. Now you can shop for that special gift with confidence knowing your family won’t accidentally find out or use a shared computer without leaving a trace.

The InPrivate button on the Address Bar

Web Slices

Keep up with changes to the sites you care about most. Add a Web Slice and you won’t have to go back to the same website again and again for updates on news, stock quotes, online auctions, weather, or even sports scores. Learn more.

A common Web Slice

Search suggestions

Search smarter with detailed suggestions from your favorite search providers and browsing history. See visual previews and get suggested content topics while you type in the enhanced Instant Search Box.

A search showing visual content

SmartScreen Filter

New security features help to protect you against deceptive and malicious websites which can compromise your data, privacy and identity.

A blocked website because reported as unsafe

Dev-PHP Review

Dev-PHP is a lightweight development environment for PHP. Dev-PHP is hardly comparable with the likes of Zend Studio or Nusphere but is more than adequate for the PHP novice not willing to part with $299.

Dev-PHP is however more than a syntax editor. It provides syntax highlighting for CSS, JavaScript, HTML, XML and even SQL. Currently in alpha release, Dev-PHP also supports development of PHP-GTK applications, an internal web browser, class browser and convenient access to your PHP documentation.

Download Link:

Dev-PHP Download

The World Browser…

TheWorld Browser is a lightweighted, fast, secure, and yet powerful multi-tabbed web browser. It is IE based, can run on Windows 98/ME/2000/XP/Vista. It is completely free, doesn’t come with any spyware or adware, and when it’s uninstalled, it leaves nothing behind. So please feel safe about it, you aren’t taking any risks!

TheWorld Browser is developed using C++ / Win32 SDK, this enables it to be better executed and it will run faster and smaller amount of resources to operate.

Features of The World Browser

>Multi-threaded frame.
TheWorld Browser is the second multi-thread frame browser in the world the first is Internet Explorer 7.0), the multi-threaded window frame can avoid web page being out of response.

>Intelligent Ad. blocking Blacklist filter.
TheWorld can block popup ad. and float ad. automatically.
You can also use black list to filter ad., the black list filter is working from lower level of HTTP protocol, with regular expression, you can filter every page item that you want.

>Most powerful function.
Flash filter, unlock page script limited, zoom in/out page in all level, proxy quick switch, auto forms, quick media saver, privacy keeper, mouse gesture , custom hotkey, drag&drop link …

>More safety.
TheWorld Browser has special safe guard to keep you out of risk, more safe function is still in development…

>Built-in Download Manager.
Which is insist multi-thread download, resumable download, with a easy download manager, it can save you most time.

>Skin and plugins.
TheWorld Browser insist skin and plugins, now we had hundreds of skin and plugins to extend your browse experience, also, we insist Internet Explorer’s plugin.

Debian Comes to Live

Monday, September 01, 2008:  One of the oldest and most stable ‘free’ operating systems, Debian, has entered into a new phase of its life. The operating system is now available on live CDs as well. The current release of Debian’s Lenny (Lenny is the name of the version as Vista and XP are the names of the versions of Windows OS) is in beta stage and is available for users to download and try.

Windows and Mac users may not be much aware of what a Live CD is. The best thing about a Live CD is unlike Windows you don’t have to install it on your machine to use it; all you need to do is put the CD in the tray and restart the PC. Your PC will boot from the Live CD and you can use and test all the features of the operating system without installing anything on your hard drive. These Linux-based Live CDs are very helpful when your C drive of Windows gets corrupted and you have some critical data on it. You can simply put the Live CD and take back-up of your critical data, then do whatever you want to do with your C drive.

The GNU/Linux-based operating systems are gaining popularity these days as they are getting more and more user friendly and offering eye-candy looks. Another, or the major advantage of the GNU/Linux-based operating systems is they are virus-free. You will never have to install any anti-virus software or format your PC for removal of viruses. Another major advantage is that the Linux-based operating systems are available ‘free’ of cost as well; the GNU/Linux community defines the word free as in freedom, which implies you are free to do anything with the OS.

Now, coming back to Debian, it is one of the oldest and most stable operating systems. Many popular Linux-based operating systems are based on Debian — the most popular being Ubuntu. Till date, Debian did not have an option of Live CD, but last week, the Debian Live team announced the first beta of Debian Lenny’s Live images.

When you install a Linux-based system, you get most of the software along with it. For writing letters or word processing, there are OpenOffice.org and kOffice, free equivalents to MS Word, you get GIMP, an alternate to Photoshop, you get VLC and Amarok to watch movies and listen to song, you get PidGin, an awesome tool which allows you to log into Yahoo! Messenger, MSN, Gtalk and many more chat programmes simultaneously. In a nutshell, you will find almost everything you need for your day-to-day life in Linux. However, there are some commercial products which are not yet available for Linux.

Google’s Chrome Browser

Google takes aim squarely at Microsoft with the release of its new Web browser, Chrome. And Microsoft should be very afraid: Chrome lives up to its hype by rethinking the Web browser in clever and convenient ways that make using the Web a more organic experience than you’d get with either Microsoft’s Internet Explorer 8 or Mozilla’s Firefox 3.

Initially available for download for Windows Vista and XP, Google plans to expand its Chrome offerings to the Mac and Linux platforms as well. The company doesn’t offer any timeline for these versions, though. (For additional PCWorld.com coverage of Google’s new browser, see ” Chrome vs. the World” and ” Google’s Chrome: 7 Reasons for It and 7 Reasons Against It.”)

Chrome automatically detects the Web browser you’re using and prompts you through the process of installation (right down to telling you how to access downloaded files within Firefox, for example). When you first run the application, Chrome imports your bookmarks, passwords, and settings from Firefox or Internet Explorer. It even can grab username and password data, and it automatically populates those fields for you when you use Chrome for the first time to visit a particular site.

After running through a quick import checklist, Chrome opens on your desktop–and right away you begin to experience the Web in a new way. Chrome’s layout is very simple: You’ll see a row of tabs running along the top, a Web address bar, and a bookmarks bar that runs beneath the address bar. A separate recent bookmarks box appears at the right of the screen, as does a history search field.

Like its Google stablemates, Chrome has a remarkably minimalist interface. There is no full-scale menu bar and no title bar–and few distractions. All controls are buried beneath two icons to the right of the Omnibar (as Google refers to its address bar): a page icon for managing tabs and using Google Gears to create application-like shortcuts from your desktop to a Web site; and a wrench for history, downloads, and other browser options.

You can set your own home page, or you can use the ‘most visited’ sites page as your starting point. This page provides thumbnail images of your most frequently visited sites, shows recent bookmarks, and supplies a search field for searching your page history. You can change your default search engine, too: This option is located beneath the wrench icon, under Options .

Chrome’s design bridges the gap between desktop and so-called “cloud computing.” At the touch of a button, Chrome lets you make a desktop, Start menu, or QuickLaunch shortcut to any Web page or Web application, blurring the line between what’s online and what’s inside your PC. For example, I created a desktop shortcut for Google Maps. When you create a shortcut for a Web application, Chrome strips away all of the toolbars and tabs from the window, leaving you with something that feels much more like a desktop application than like a Web application or page. The lack of forward and back buttons means that if you browse between pages in a saved Web application you may find yourself a little confused if you want to go back a page. Chrome does let you right-click to navigate backward, however.

This being Google, search is an integral part of Chrome; and Google has added some clever features to make searching easier. Chrome goes beyond its Microsoft and Mozilla competition by searching your browser history’s page titles as well page content. The history results show the title of the page, as well as a thumbnail representation of the page (for some sites but not all; it was unclear why some sites were visually represented while others were not), but it doesn’t show the actual Web page address. The lack of URL information can make it difficult to identify the specific Web page you’re going to, especially if the site’s title bar description is not specific (because, say, different sections of the same site have identical title bar descriptors).

For example, earlier today I read an article on Macworld about an upcoming Apple launch event. To find the article in my browser history, I simply typed ‘apple event’ in the Omnibar. The resulting list showed every page I had visited that contained the phrase ‘apple event’. Conveniently, the Omnibar lets you search not just your history, but Google and other sites as well.

The default search engine is Google, as you might expect. However, you can choose from a list of nine other search engines, or you can manually add your own search engine. Type ‘google fish sticks’ to search for fish sticks on Google. The same syntax works for Yahoo, Amazon, Live Search, and other sites that are already recognized by Google or that you add. This feature, though nifty and promising, proved inconsistent in the early going: It worked for me most of the time on a Windows Vista PC, but two of my colleagues who were testing Chrome on Windows XP machines had trouble getting the feature to work. Google provides keywords to activate this search feature, but some of us had to edit the search engine keywords manually before the feature would function properly.

Chrome includes a number of features that appear in other browsers, such as a private browsing mode dubbed Incognito, tools for Web developers to use in viewing and troubleshooting source code, and the ability to restore all tabs from a previous session. Chrome also features tab isolation: If a Web page causes a problem with Chrome and leads to a crash, the crash will affect only the tab displaying the page and not the whole program. Internet Explorer 8 will offer a similar feature, but Chrome takes the idea a step further by adding a task manager that gives the user an idea of how much memory and CPU use a page is eating up, and by allowing you to kill anything that is causing a problem. Unfortunately, you have to configure this tool manually.

In my early testing, I ran into some problems. Chrome can be a little unstable, which is not surprising considering that it is a beta. Also, I have found that Flash does not work with Chrome on my Vista-based system, though my two colleagues running XP had no issues with Flash compatibility. They did, however, experience software crashes when searching in the history section. And when Chrome crashes, it takes everything with it unless you manually configure the browser to act otherwise (the configuration options are buried under the wrench icon, in the Options/Basics menu). In contrast, Mozilla Firefox and Microsoft Internet Explorer 8 automatically restore your previous session in the event of a crash.

The sites I visited that rely on JavaScript and Ajax seemed to work fine, but Microsoft’s Silverlight wouldn’t work with Chrome. Google’s browser uses WebKit, the same engine that powers Apple’s Safari Web browser–and Silverlight only works with Safari for Mac.

Google has produced an excellent browser that is friendly enough to handle average browsing activities without complicating the tasks, but at the same time it’s powerful enough to meet the needs of more-advanced users. The search functionality of the Omnibar is one of many innovations that caught my attention. PC World has chosen to rate this beta version of Chrome because of Google’s history of leaving products and services in long-term beta and in an ongoing state of evolution. In the past there has been some speculation that Google would develop their own operating system, but I think Chrome’s launch makes one thing is clear: The Web browser is Google’s operating system.