Just because the Moscone Center in San Francisco hosts a veritable plethora of techie conventions doesn't mean they offer Wi-Fi. If your phone can pick up a 3G signal, though, you might not care, and you might not have to pay for it, either. Thanks to PdaNet's phone app and laptop drivers, and your unlimited data plan that you're already paying for, you can use many of the major smartphones as your Internet connection.

From the improbably-named software publisher June Fabrics, PdaNet is known for offering tethering solutions for PalmOS, but it also offers an iPhone, Windows Mobile, and BlackBerry version. (Note that the iPhone version requires jailbreaking.) We'll be focusing on the Android version, which is available for Windows 32-bit, , and Mac. The installation is surprisingly simple, and doesn't involve rooting your Android phone.

There are two ways to install it. You can download it directly to your phone, connect your phone to your computer, then mount the phone as a drive and run the EXE from there. Or you can download it directly to your computer and run it. If you run it from your phone, the on-screen instructions will tell you when you need to disconnect your phone to complete the installation.

You'll be prompted again to enable USB debugging on the Android, and then to connect the USB cable. Once connected, it will install the PdaNet app on your phone. To create the connection, you'll need to connect the USB cable, run the PdaNet app on the phone, and then complete the connection by choosing "Connect" from the system tray context menu. If the Windows driver warns you that it's unverified, install it anyway.

PdaNet for Android has one limitation. After 30 days, it will require you to buy a license for $23.95, otherwise it will block access to secure HTTPS Web sites such as Gmail. That's a tempting carrot, but for those who don't need access to secure sites, the free version should be more than enough.

The connection itself was smooth and nearly flawless. Users can tether their Androids with a USB cable, or they can connect their phones to their laptops via Bluetooth DUN. PdaNet warns users that Bluetooth connections can be hamstrung by baud rate, so browsing on your laptop can appear slower than on your phone. However, the company says that there should be no perceptible slowdowns over USB.

I noticed occasional hiccups when waking the laptop from hibernating, but otherwise there were no connection problems. To get around those apparent connection loss situations, I disconnected and then re-established the tether. The program is light on your system resources, and a strong choice for those who want the benefits of tethering without the risks involved in rooting.

Mozilla made public the first beta of Thunderbird 3 today. Code-named Lanikai and available for Windows, Mac, and Linux, the milestone makes few noticeable changes to the open-source and free desktop e-mail client. This is not surprising, though, as Mozilla Messaging announced that the goal of this release was to fix problems created by upgrading the Gecko engine that powers the program.

Lanikai is the first semi-stable release of Thunderbird to use Gecko 1.9.2, which is the same engine that Firefox 3.6 uses. The changes made from Thunderbird 3 to the 3.1 beta test version include Mac OS X 10.6 upgrade path from Thunderbird 2 improvements, fixes for autocomplete, tabs, activity manager, minor interface improvements and corrections, and a spate of stability and memory corrections.

One new security feature is that Lanikai requires extensions to come from a secure server using the HTTPS protocol or be digitally signed. Absent either of these, the extension won't install.

The full list of bug fixes is available here.

There are also several known issues that persist in Lanikai. These include a conflict with the Kaspersky Anti-Spam add-on, an occasional plain-text e-mail interface bug that forces buttons out of the pane, and an occasional offline bug that prevents e-mails written in Offline mode from being automatically sent when the Internet connection is restored. They must instead be sent manually from the Drafts folder.

As noted when Lanikai entered the alpha phase of development, Mozilla Messaging is attempting to follow in the footstep of the Firefox release schedule. The final version of Thunderbird 3.1 is expected sometime in June, though that could easily change.

Check Software Update! Apple has released Safari 4.0.5, which brings a number of performance enhancements and bug fixes to Apple's browser. According to the updater, the following has been addressed:

1. Performance improvements for Top Sites
2. Stability improvements for 3rd-party plug-ins
3. Stability improvements for websites with online forms and Scalable Vector Graphics
4. Fixes an issue that prevented Safari from changing settings on some Linksys routers
5. Fixes an issue that prevented some iWork.com users from commenting on documents

The update is available for Windows and OS X, but on the Mac side the specific problems addressed are issues with RSS feeds setting values in cookies, even if you have blocked cookies, and potential problems with WebKit's loading of CSS, XML, and HTML scripts that could cause arbitrary code execution or crashing.

For specifics on the issues addressed, see this Apple knowledgebase document: http://support.apple.com/kb/HT4070

The Safari update is 31.8MB, and does require a restart to fully install. Be sure to back up your system before installing, and also have an alternative browser available as a backup. Keep in mind that third-party add-ons may be affected by the update, so check their functionality after updating, and be prepared to remove or reinstall them if needed.

---

Questions? Comments? Post them below or email us!
Be sure to check us out on Twitter and the CNET Mac forums.

Originally posted at MacFixIt

By Mozilla's lights, Firefox 3.6 has been a runaway success. The publisher of the open-source browser says that more than 100 million users have downloaded Firefox 3.6 since its launch in the middle of January. However, not all Firefox users have upgraded from Firefox 3 or Firefox 3.5, and Mozilla wants to change that.

As of Thursday, users of older Firefox versions will start seeing a pop-up encouraging them to upgrade. The window will come with three choices: Ask Later, No Thanks, or Get the New Version. The pop-up will appear after 60 seconds of keyboard inactivity, which Mozilla called a courtesy toward users and their workflows. Selecting "Ask Later" will defer the window for 24 hours. If a user has chosen No Thanks but decides later to upgrade Firefox, running the "Check for Updates" option from the Help menu will bring up the upgrade window.

One reason that many users cite for not upgrading Firefox is a legitimate concern about add-on forward compatibility. In the press release announcing the push, Mozilla stated that more than 90 percent of Firefox add-ons are compatible with Firefox 3.6. Users can also try to force older add-ons to be compatible by using the MR Tech Toolkit or Nightly Tester Tools add-ons, which add a "force compatibility" option to the add-on context menu, but these tricks also decrease the stability of the browser.

If you use an older version of Firefox, tell us why and which version in the comments below.

An Israeli security researcher has published exploit code for an unpatched hole in Internet Explorer that Microsoft disclosed two days ago.

Microsoft had warned in an advisory that a new vulnerability in IE 6 and IE 7, which could allow an attacker to take control of a computer, had been targeted in attacks.

Releasing the exploit code publicly increases the chances of attacks on the zero-day hole and could pressure Microsoft to issue a patch before its next scheduled Patch Tuesday in four weeks.

Researcher Moshe Ben Abu announced his work in a blog post on Wednesday and said it was being included in the open-source Metasploit exploit database.

He was able to create the exploit code after figuring out where an existing exploit was in the wild, based on information in a McAfee blog post, he told Ryan Naraine of the Zero Day blog at CNET sister site ZDNet. It took him about 10 minutes to de-obfuscate the exploit and pinpoint the vulnerability, he said.

Ben Abu told CNET that he would have found the original exploit code sooner or later without McAfee's help.

Asked how serious the zero-day hole is, he wrote in an e-mail to CNET: "The exploit covers Internet Explorer versions 6 and 7, which are not the latest version [IE 8] but many users still use it. In addition, the exploit is quite unstable, with about 60 percent to 70 percent success rate. So I guess it is critical, but not for users who update their Windows with the latest IE."

Microsoft's advisory on the vulnerability includes information on workarounds but suggests that IE 6 and IE 7 users upgrade to IE 8 immediately.

A McAfee spokesman said the company would be more careful about the details provided in its blog posts in the future.

"McAfee Labs does not support the release of exploit code, particularly in advance of a security patch being made available. We regularly sanitize blog content to prevent providing information that might assist attackers, while at the same time providing a service to customers and the security community to help improve protection levels," the spokesman said in a statement via e-mail. "The post in question did not contain enough information to directly lead anyone to exploit code. However, we regret that in this unique situation the post did contain details that may have given exploit writers a starting point to hunt for exploit code. Future blog posts will be subject to additional sanitization."

Updated at 11:44 a.m. PST with comment from McAfee and updated at 10:37 p.m. PST with comment from Ben Abu.

Originally posted at InSecurity Complex

All those Android smartphone owners who have been wondering when they can ditch the outmoded Opera Mini 4.2 browser in favor of the latest beta can now unfold their pouts, stop that kicking, and remove their pounding fists from the floor. Opera Mini 5 beta for Android has arrived.

On Thursday, Opera Software pushed out the Android version of its Mini 5 browser that improves the browser experience for Java phones by leaps and bounds. The beta build is equipped with an updated interface that includes a new "speed dial" start screen featuring thumbnails of most-visited sites. The browser also supports tabs, a first for Mini but old hat on Opera Mobile.

Opera Mini 5 beta (beta 2, actually) and the nearly identical Opera Mobile 10 beta (for Symbian and Windows phones) have been making the mobile rounds since September. We're fans of the latest advances to come to the free browser, and we're looking forward to Opera making those changes final and retiring Opera Mini 4.2 (and Opera Mobile 9.6, while they're at it.) We just wish that Opera had submitted Mini 5 beta to the Android Market sooner.

Here's our hands-on review of the very similar Opera Mini 5 beta for Java phones. Keep an eye out for an updated hands-on.

There's no confirmation from Opera, but we're speculating that Opera could officially flip the switch on at least one of the Opera Mini 5 variants at the CTIA trade show later in March.

To download Opera Mini 5 beta for Android, check the Android Market from your smartphone or point to mobile browser to www.opera.com/mini/next/.

Related:
Opera Mini now on Windows Mobile. Yeah, you read that right
Opera Mini browser for iPhone?
Opera Mini and Mobile betas bestowed with sync

Originally posted at Android Atlas