In this First Look video, take a tour of the tweaks debuting in Firefox 3.6. It's not all small potatoes, as Mozilla lays the foundation for Firefox's future. Users can expect to see native support for the new skinning tech called Personas, as well as further development of HTML5 support. Oh, and one more thing: Mozilla says that it should be about 20 percent faster than Firefox 3.5.

Firefox 3.6 is available for Windows, Mac, and Linux.

Augmented reality is fast becoming a reality for mobile search apps of all stripes. Layars, which calls itself a "reality browser," was one of the first of interest to pop up on our iPhone radar. Not long ago, Yelp oh-so-quietly added its own way to slap its content over the world you see through your camera lens. The "monocle" feature originally surfaced as a hidden gem within Yelp 3.0. Now, in Yelp 4.0, Monocle has earned its place as a permanent feature on video-enabled 3GS iPhones.

Expect to see many more augmented reality apps pop up on a variety of mobile platforms, including Android and BlackBerry. As if on cue, a few days after Yelp's latest release, Zagat pushed out a similar feature for its competing restaurant and nightlife app, Zagat To Go 3.0.

Get a taste of Yelp's Monocle augmented reality mode, and of Yelp 4.0's other improvements and additions in the First Look video above.

Does your Mac feel sluggish? Internet surfing, downloading software, and just plain regular use are all major contributors to filling up your hard drive with useless files. As time goes by, your Mac starts to fill up with cache files, unused language files, and even leftover installers, making your whole system struggle to keep track of it all. You can go through and try to clean out a lot of these files manually, but knowing that it might take you a significant amount of time makes it easy to put off until later.

Fortunately, there are a number of utilities for Mac to tweak settings, clear out cache files, and optimize your system to give your Mac an extra bump in performance. But one program updated recently might be the best I've encountered on the Mac and it's so easy to use, there's simply no reason not to whip your Mac into shape.

CleanMyMac ($14.95) features a sleek gray and blue interface with a list of system maintenance options it performs on the left. You can do a full system scan to find all the junk files on your computer or just check the boxes next to specific areas you want to clean. CleanMyMac cleans areas including the system and Internet caches, user and system log files, old installers, leftover support files from old apps, and unused language files (probably the biggest offender for taking up space).

Before you scan, make sure to look through the preferences by hitting the button on the upper right. In this pane you'll be able to decide which areas CleanMyMac will attack by default. You also can select which languages you want to keep and clean out the languages you'll never use. Beyond its regular cleaning functions, CleanMyMac also has a Secure Erase feature you can select if you want to make sure the files you delete are unrecoverable. We don't recommend selecting this box (under the advanced settings) until you are absolutely sure your system runs normally after a cleaning.

Overall, CleanMyMac does a good job of cleaning out files you don't need and freeing up space on your hard drive. Its one-click scan tells you in advance how much space you will save (I recovered more than 2GB) and lets you decide what to clean. When you're finished, your Mac should feel a bit snappier in regular use, and with proper maintenance will continue to run at peak performance.

Microsoft on Thursday issued a cumulative critical patch for Internet Explorer that fixes eight vulnerabilities, including a hole targeted in the China-based attacks on Google and other U.S. companies.

The security update is rated critical for all supported releases of IE 5, 6, 7, and 8, according to the advisory. The more severe vulnerabilities could allow remote code execution if a user views a malicious Web page using IE, it said.

This IE security update was already planned for release on the next scheduled Patch Tuesday (February 9), Jerry Bryant, senior security program manager at Microsoft, said in a blog post.

Microsoft has known about the hole for at least four months, after it was privately disclosed it to the company, Bryant said.

"When the attack discussed in Security Advisory 979352 was first brought to our attention on January 11, we quickly released an advisory for customers two days later," he wrote. "As part of that investigation, we also determined that the vulnerability was the same as a vulnerability responsibly reported to us and confirmed in early September."

Installing the IE update addresses the vulnerability across all applications, even those using the same dynamic link library and which allow active scripting--which were discovered to be possible attack vectors, he said.

Microsoft also scheduled a Webcast to discuss the bulletin for 1 p.m. PST.

Microsoft acknowledged the hole a week ago, two days after Google disclosed the attacks launched against it and what is now believed to be more than 30 other companies. In the attacks, only IE 6 was targeted, Microsoft said.

Exploit code for the hole was published to the Internet the day after Microsoft went public with the IE warning.

"Microsoft continues to see limited and targeted attacks against Internet Explorer 6 only," Bryant said in a statement. "However, Microsoft recommends customers deploy the security update as soon as possible to protect themselves against the known attacks."

For an attack to be accomplished, an attacker would have to lure an IE user to a Web site hosting malware that was written to exploit the hole in the browser. This could be done by using social engineering and including a link to the malicious site in an e-mail that looks like it is coming from someone familiar or contains important information. Once a computer is infected, an attacker could take complete control of it.

Internet surfers should have already updated from IE 6, which is nearly 10 years old, said Oliver Lavery, manager of the vulnerability and exposure research team at nCircle.

"IE 6 is fundamentally much less secure than IE 8, regardless of patching. Yet IE 6 still had the largest market share of any version of IE as of December 2009--at 20.99 percent," he said. "This has created a situation of systemic vulnerability in many enterprises as the software many of their employees use every day is fundamentally not very secure."

Meanwhile, Trend Micro and Symantec said on Thursday that they had identified new malware samples that exploit the IE vulnerability used in the Google attacks. One new exploit that is being hosted on hundreds of Web sites is detected by Symantec as Trojan.Malscript, Symantec said in a statement. TrendLabs researchers said in a blog post that they discovered that the new scripts targeting the IE hole are versions of JS_DLoader.

Websense reported on its blog that targeted attacks like those that hit Google and using the IE hole appear to have started during the week of December 20 and are ongoing to government, defense, energy and sectors, and other organizations in the U.S. and the United Kingdom. Victims are receiving targeted e-mails with malware that appears to be a data-stealing Trojan, according to Websense.

Also on Thursday, Microsoft warned of a hole in the 32-bit versions of Windows and offered information on a workaround until a patch was released.

Updated 12:03 p.m. PST with Websense comment and 11:38 a.m. PST with comments from nCircle, Trend Micro, Symantec, and information on Microsoft security advisory about hole in Windows kernel.

Originally posted at InSecurity Complex

Mozilla debuted Firefox 3.6 on Thursday, introducing significant under-the-hood changes that make it faster, help it render content better, and a few visual tweaks, as well. Available for Windows, Mac, and Linux, the most apparent changes in Firefox 3.6 are improvements made to the TraceMonkey JavaScript rendering engine, making it about 20 percent faster than when it debuted in Firefox 3.5, according to Mozilla. Although this makes it more competitive with Google Chrome, but not faster, there's more to Firefox 3.6 than speed.

Firefox maintains its reputation as the most customizable browser around, introducing default support for the next generation of Themes, called Personas. Users will no longer have to download the Personas add-on to get its on-the-fly skinning power. However, Windows 7 interface support, including tab previews using the Ctrl+Tab hot key, jump lists, and multiple tab previews in Aero Peek will have to wait for another revision. Currently, these can only be activated by changing settings in about:config.

Several notable improvements keep Firefox abreast of current browsing tech. Significant under-the-hood changes include blocking third-party software from encroaching on Firefox's file system turf to increase stability; support for the Web Open Font Format, which means users viewing pages in other languages should see faster load times via downloadable fonts; and support for the File interface, which can help with tasks such as uploading multiple photos and is part of the draft HTML5-standard effort. Open, native video can be displayed full screen and supports poster frames, which is the preview image you see before a video begins, and the new CSS attributes gradients, background sizing, and pointer events will work in Firefox 3.6.

HTML5 support debuted in Firefox 3.5, and Firefox remains the leading Web browser that supports it. This is not insignificant, because even with Google Chrome grabbing more than 4 percent of the browser market in its first 16 months, Firefox maintains a commanding 24 percent that hasn't stopped growing, second only to Internet Explorer.

A deeper change to the browser is that it is now running scripts asynchronously, which can help to load a Web page faster by putting off some work until the high-priority chores are complete. Firefox 3.6 also isolates out-of-date plug-ins so they do not become a security risk.

Unlike Firefox 3.5, which was more about keeping the browser current rather than blazing new trails, Firefox 3.6 is once again taking some small but innovative steps. Expect more new features to debut in minor-point updates as the browser works towards Firefox 3.7.

Seesmic, which makes Twitter and Facebook apps for AIR, Windows, and mobile platforms, on Thursday is launching Seesmic Look, a new product designed for the Twitter watcher much more than the Twitter contributor or participant. The app lets you scan the feeds of popular Twitter celebrities, or show feeds for specific topics, like the NFL or Wall Street business. It can display tweets as they come in, or it can go into "playback" mode to let you catch up on what you missed.

Look is a pretty, touch-enabled app. Seesmic CEO Loic Le Meur says Look is optimized for a touch interface, "and therefore, tablets." Look is a Windows app now, but Seesmic will presumably port it to a Mac slate as soon as possible.

Le Meur believes that Look will help bring Twitter to a wider audience by making it easier to view Twitter streams. It's a smart move, considering that most Twitter users watch but don't tweet. Le Meur also thinks a Twitter-watching audience will be attractive to advertisers and sponsors.

A big part of the Look pitch is that you don't have to log in to Twitter to use it, reinforcing the point that it's designed for lurkers. It's a lean-back TV-watching experience for what most geeks think of as a highly participatory platform. But Look doesn't do a anything that Twitter.com does not do itself. It won't show you tweets that you wouldn't seen on a Twitter client like Seesmic or Tweetdeck. It's just a more approachable way to watch the Twitter world go by, without being reminded that you're not actually contributing.

Seesmic has its own categorized list of recommended accounts to follow in Look, and the company is also offering special channels to paid brand partners, like Red Bull. There's a search function, if you want to track a topic that's not in the category list.

If you do log in to Twitter on Look, you can also contribute to Twitter from it, even though it's clear that that app isn't designed for power users. If you're already a Twitter junkie, you'll be better-served by Seesmic Desktop or its competitors.

Originally posted at Rafe's Radar