macarne's blog

MacBookPro6,1

Submitted on February 04 2010 (1 day ago)

  Chart performance of similar systems  

Summary

Section	Description	Score	Geekbench Score
Geekbench 2.1.4 for Mac OS X x86 (32-bit)
Integer	Processor integer performance	4006	5260
Floating Point	Processor floating point performance	8383
Memory	Memory performance	3114
Stream	Memory bandwidth performance	3016

System Information

Operating System	Mac OS X 10.6.2 (Build 10C3067)
Model	MacBookPro6,1	Motherboard	Apple Inc. Mac-F22589C8
Processor	Intel Core i7 M 620
Processor ID	GenuineIntel Family 6 Model 37 Stepping 2
Processor Frequency	2.66 GHz	Processors	1
Cores	2	Threads	4
L1 Instruction Cache	32.0 KB	L1 Data Cache	32.0 KB
L2 Cache	256 KB	L3 Cache	4.00 MB
Memory	4.00 GB 1067 MHz DDR3	FSB	4.80 GHz
BIOS	Apple Inc. MBP61.88Z.004C.B00.1001251657

Integer Performance

Integer	4006
Blowfish single-threaded scalar	1853 81.4 MB/sec
Blowfish multi-threaded scalar	5942 243.5 MB/sec
Text Compress single-threaded scalar	1959 6.27 MB/sec
Text Compress multi-threaded scalar	5482 18.0 MB/sec
Text Decompress single-threaded scalar	2152 8.84 MB/sec
Text Decompress multi-threaded scalar	6131 24.4 MB/sec
Image Compress single-threaded scalar	2007 16.6 Mpixels/sec
Image Compress multi-threaded scalar	5376 45.2 Mpixels/sec
Image Decompress single-threaded scalar	1672 28.1 Mpixels/sec
Image Decompress multi-threaded scalar	4146 67.7 Mpixels/sec
Lua single-threaded scalar	3209 1.24 Mnodes/sec
Lua multi-threaded scalar	8151 3.14 Mnodes/sec

Floating Point Performance

Floating Point	8383
Mandelbrot single-threaded scalar	2568 1.71 Gflops
Mandelbrot multi-threaded scalar	9174 6.00 Gflops
Dot Product single-threaded scalar	4173 2.02 Gflops
Dot Product multi-threaded scalar	8872 4.04 Gflops
Dot Product single-threaded vector	4982 5.97 Gflops
Dot Product multi-threaded vector	11541 12.0 Gflops
LU Decomposition single-threaded scalar	677 602.5 Mflops
LU Decomposition multi-threaded scalar	1810 1.59 Gflops
Primality Test single-threaded scalar	5008 748.0 Mflops
Primality Test multi-threaded scalar	9642 1.79 Gflops
Sharpen Image single-threaded scalar	6064 14.1 Mpixels/sec
Sharpen Image multi-threaded scalar	18583 42.8 Mpixels/sec
Blur Image single-threaded scalar	7964 6.30 Mpixels/sec
Blur Image multi-threaded scalar	26311 20.7 Mpixels/sec

Memory Performance

Memory	3114
Read Sequential single-threaded scalar	4172 5.11 GB/sec
Write Sequential single-threaded scalar	2748 1.88 GB/sec
Stdlib Allocate single-threaded scalar	3291 12.3 Mallocs/sec
Stdlib Write single-threaded scalar	2430 5.03 GB/sec
Stdlib Copy single-threaded scalar	2930 3.02 GB/sec

Stream Performance

Stream	3016
Stream Copy single-threaded scalar	2964 4.05 GB/sec
Stream Copy single-threaded vector	3907 5.07 GB/sec
Stream Scale single-threaded scalar	3376 4.38 GB/sec
Stream Scale single-threaded vector	3766 5.08 GB/sec
Stream Add single-threaded scalar	1535 2.32 GB/sec
Stream Add single-threaded vector	3994 5.56 GB/sec
Stream Triad single-threaded scalar	1660 2.29 GB/sec
Stream Triad single-threaded vector	2926 5.48 GB/sec

Wow the new MacbookPro6,1 is this real ?! Hope so ;)

iPhone PKI handling flaws

Introduction

The iPhone is obviously a consumer market product which was later enhanced to become an enterprise device. Unfortunately, it seems Apple messed up their corporate-oriented functionalities, ending up with something that proves to be hard to integrate in a public-key infrastucture in any secure way.

The following page summarizes our findings in terms of chain-of-trust management on iPhones, describes a major security flaw and how we could cope with the current situation (Jan 2010).

iPhone provisioning protocols

iPhones currently provide two provisioning protocols allowing to install certificates on a device. v2 was the version released with iPhone OS v2.0 and v3 released with iPhone OS v3.0.

iPhone OS v2

This protocol is quite straightforward: put an XML config file named something.mobileconfig served with filetype application/x-apple-aspen-config somewhere on a web server seen by the iPhone, point Safari to the corresponding URL and let it download the file.

XML configuration files are created with an Apple utility called the iPhone Configuration Utility (iPCU), which is a desktop-based program running on Windows or Mac OSX. Apple has not released specs for the XML config files it produces.

iPhone v3

This protocol is an attempt from Apple to streamline over-the-air provisioning to large numbers of iPhones. It is described in: Enterprise Deployment Guide

Provisioning an iPhone in v3 is done through several network exchanges:

1. iPhone accesses URL of provisioning server (hereafter: PS)
2. PS responds with a minimal mobileconfig file requesting credentials
3. iPhone POSTs a request to PS containing its signed credentials
4. PS responds with key specifications and the address of a SCEP server
5. iPhone performs SCEP request to SCEP server
6. SCEP server delivers a certificate

Shortcomings

There are several shortcomings to that process:

Certificate fail

In step 3, the iPhone signs its own credentials (including its IMEI or device serial number) using an Apple-signed certificate. To validate this certificate, the chain of trust must be established up to Apple’s root CA. Unfortunately, Apple does not provide access to this chain except by jailbreaking an iPhone and extracting it directly.

The following chain of trust was manually extracted from a jailbroken iPhone:

Signed requests from this iPhone use this key:
    CN=Apple iPhone Device CA
        keyid=xxxx
    issued by CN=Apple iPhone Device CA
        keyid=B2:FE:21:23:44:86:95:6A:79:D5:81:26:8E:73:10:D8:A7:4C:8E:74

The certificate for 'Apple iPhone Device CA' is:
    CN=Apple iPhone Device CA
        keyid=B2:FE:21:23:44:86:95:6A:79:D5:81:26:8E:73:10:D8:A7:4C:8E:74
    issued by CN=Apple iPhone Certification Authority
        keyid=E7:34:2A:2E:22:DE:39:60:6B:B4:94:CE:77:83:61:2F:31:A0:7C:35

The certificate for 'Apple iPhone Certification Authority' is:
    CN=Apple iPhone Certification Authority
        keyid=E7:34:2A:2E:22:DE:39:60:6B:B4:94:CE:77:83:61:2F:31:A0:7C:35
    issued by CN=Apple Root CA
        keyid=2B:D0:69:47:94:76:09:FE:F4:6B:8D:2E:40:A6:F7:47:4D:7F:08:5E

The certificate for 'Apple Root Certificate Authority' is:
AppleComputerRootCertificate.pem
    Serial Number: 1 (0x1)
    CN=Apple Root Certificate Authority
        keyid=2B:D0:69:47:94:76:09:FE:F4:6B:8D:2E:40:A6:F7:47:4D:7F:08:5E
    issued by CN=Apple Root Certificate Authority
        keyid=2B:D0:69:47:94:76:09:FE:F4:6B:8D:2E:40:A6:F7:47:4D:7F:08:5E

The last certificate in the chain is a self-signed root CA for Apple Root Certificate Authority.

Interestingly, the Apple root CA on top of the iPhone chain is not the same as the one published on the Apple web site. Fetching the root certificate published on Apple’s web site shows:

Serial Number: 2 (0x2)
    CN=Apple Root CA
       keyid=2B:D0:69:47:94:76:09:FE:F4:6B:8D:2E:40:A6:F7:47:4D:7F:08:5E

Different name (CN), different serial numbers (1 vs 2) but the same key id. It looks like somebody reused the same keyset to generate a second certificate. Hard to tell whether this is an oversight or intentional, but the fact is: you cannot technically relate an iPhone signature to the Apple root CA certificate published on their web site. Even with the same keyset, verification will fail because Subject and Serial are different.

SCEP fail

It looks like the iPhone SCEP client implements an old (draft) version of the SCEP protocol. As an example: sending back a chain of trust containing several certificates will lead to an error, the iPhone only accepts one certificate upon request of the CA chain. If you need to talk to a SCEP server, make sure it will accept old-fashioned requests.

mobileconfig fail

As seen above, installing mobileconfig files can happen over the air through v2 or v3 protocol. It is also possible to connect the iPhone to a desktop running iPCU and use it to transfer mobileconfig files through cable.

An interesting difference is that profiles downloaded over the air are not trusted by default, whereas profiles downloaded through iPCU over a cable are trusted. This translates into a red icon for non-trusted profiles and a happy green flag for trusted ones. As demonstrated below, trust does not depend on the medium being a cable or over-the-air download.

A close study of iPCU revealed that:

• iPCU generates its own set of keys upon install, and self-signs its own certificate
• Whenever a new iPhone is connected to that iPCU instance, iPCU inserts its own certificate into the iPhone trusted keystore.
• Further exchanges between this iPCU instance and a known iPhone are always trusted, as long as the iPCU certificate is present in the iPhone. This is also valid for mobileconfig files sent over the air: as long as they are signed by a trusted iPCU, they are trusted upon download.

An even closer study of the certificate used by iPCU revealed that it only contains Signature in key usage. This lead us to discover a serious security flaw as described below.

Security flaw

What was found

We observed that iPhones will trust mobileconfig files they receive over the air or through wire if they are signed by a trusted entity. However:

• The keystore used to lookup trusted CAs includes the default Safari keystore
• A signature-only certificate is enough to sign mobileconfig files

There are 224 trusted root Certificates in the iPhone keystore (v3.1). See: http://support.apple.com/kb/HT3580 for a complete list published by Apple.

It is relatively easy to obtain a signature certificate from many of them without any sort of verification. A demo signature certificate can be obtained from Verisign without need for anything other than a valid e-mail address (throwaway addresses work, too) for sixty days at no price and without providing any credit card details.

NB: Verisign is not to blame for this in any way. They distribute un-verified temporary certificates that you are not supposed to trust for anything, like most other certificate providers.

What was tried

• Create a throwaway e-mail address
• Use it to request a demo certificate from Verisign Level 1 for a person named Apple Computer, valid for sixty days
• Grab certificate in browser, back it up to a P12 on disk
• Create a mobileconfig file on iPCU: name it Security Update, declare it as issued by Apple Computer. Export it to disk without signature as a plain XML file.
• Using openssl smime and the P12 you got from Verisign, sign the mobileconfig file including the complete CA chain and put it onto a public HTTP server
• Open the link from Safari on iPhone and observe that the configuration is trusted by the iPhone.

A demonstration file can be found here:
http://dl.dropbox.com/u/4377334/update.mobileconfig

This config file is relatively harmless: it installs a new link to a famous Youtube video and is set to be removable by the end-user. You can visualize the certificates that were used to sign it with:

openssl pkcs7 -in update.mobileconfig -inform der -print_certs

NB: If you open the above link with Safari on an iPhone/iPod, it will not try to install as a mobileconfig because the file is not served with the correct file type. To see it in action you need to place it on a web server that serves these files with mime type application/x-apple-aspen-config and open the link on your iPhone.

On an iPod Touch, the installation screen looks like this:

Downloaded mobileconfig file

To be successful, profile installation needs to be validated by the end-user. Unless they know about this flaw it is quite likely that a default end-user would trust an update that claims to be issued by Apple and indicated as trusted by the device. A bit of social engineering is needed to both get the user to click on the link and accept the profile installation.

Exploiting the flaw

Parameters that can be set through mobileconfig on an iPhone include:

• Web proxy name and port
• Root certificates

By setting a new HTTP proxy, it is possible to re-direct all HTTP traffic from the iPhone to an arbitrary server on the net. Modifying root certificates makes it possible to act as man-in-the-middle to hijack SSL (HTTPS) connections too.

Edit (2010-02-03): subverting HTTP traffic by setting the APN proxy is far from obvious as it relates to settings active with your phone carrier. This would not work e.g. on a WiFi hotspot.

Obnoxious modifications can be brought to the phone like prohibiting the use of Safari, mail and other apps, or adding extra VPN, WiFi or e-mail settings. It is also possible to set up the profile as being non-removable by the end-user, which would force the iPhone owner to wipe it clean to remove the profile.

What could be done

There is absolutely no reason for an iPhone/iPod to trust root CAs for over-the-air mobileconfig downloads. Apple needs to define who should be able to download mobileconfig files onto a device, be it an end-user or a company, and devise a correct way to share keys between the device and its associated provisioning server.

In other words, iPhone lack an OTA (Over The Air) set of policies and associated keys for remote terminal control.

Possibly related posts: (automatically generated)

• iPhone App development step 2: Keychain
• Code Sign Errors: profile doesn’t match any valid certificate/private key…

First Long Range Business Jet with Direct Access to Challenging London City Airport from Virtually Anywhere in the Continental U.S.

(Teterboro, New Jersey, August 10, 2009) – Dassault Falcon has received approval from the Federal Aviation Administration (FAA) to perform steep approaches with slopes up to 6˚ for the Falcon 7X.  This approval allows U.S.-based Falcon 7X operators to fly directly into London City Airport (LCY), Lugano, Switzerland (LUG) and other airports requiring steep approach landings. 

“Business aviation is all about the need for efficiency and access to hard to reach places and an airport like London City combines the two,” said John Rosanvallon, President and CEO of Dassault Falcon. “Direct access to this important financial center is sure to benefit our U.S. based Falcon 7X customers, allowing them to be in meetings moments after landing.”

The 5,950 nm Falcon 7X offers more range capability than any other business jet approved for London City Airport.  The Falcon 7X can connect business hubs such as New York, Los Angeles, Mexico City, Sao Paulo, Cape Town and Tokyo with the heart of London nonstop (eight passengers, M.80, NBAA IFR Reserves).

To operate to and from London City Airport, an aircraft must demonstrate exacting performance in order to approach, land and take-off on the airport’s short runway (4,327 ft/1,319 m at landing and 3,934 ft/1,199 m at take-off). It also has to meet strict environmental standards with respect to aircraft noise. In the case of the Falcon 7X, the noise level was measured in the same category as a much smaller turboprop.

The Falcon 7X was first granted steep approach certification from the European Aviation Safety Agency (EASA) in 2008 and received full EASA approval for flights into London City in February of this year. Approval by both EASA and the FAA required dedicated flight tests and the development of Noise Abatement Departure Procedures.

In order for an operator to perform a steep approach, the flight crew must undergo one-day of specialized training.  A steep approach pilot training curriculum was developed in conjunction with CAE and is currently offered at its Burgess Hill facility in the United Kingdom and will be offered shortly at their Morristown, New Jersey facility in the United States.  Dassault is in the process of issuing an amendment to the Aircraft Flight Manual which will outline proper data and procedures for steep approach operations.

Announced at the Paris Air Show in 2001, the Falcon 7X is the first business jet with a digital flight control system and was simultaneously certified by both the EASA and the FAA on April 27, 2007. It features the award-winning EASy Flight Deck and is powered by three Pratt & Whitney Canada PW307A engines. Its 5,950 nm range (eight passengers, M.80 with NBAA IFR reserves) can comfortably connect 95% of the commonly used business aviation city pairs.

Dassault Falcon is responsible for selling and supporting Falcon business jets throughout the world. It is part of Dassault Aviation, a leading aerospace company with a presence in over 70 countries across five continents. Dassault Aviation produces the Rafale fighter jet as well as the complete line of Falcon business jets. The company has assembly and production plants in both France and the United States and service facilities on multiple continents. It employs a total workforce of over 12,000. Since the rollout of the first Falcon 20 in 1963, 2000 Falcon jets have been delivered to 67 countries worldwide. The family of Falcon jets currently in production includes the tri-jets—the Falcon 900DX, 900LX, and the 7X—as well as the twin-engine Falcon 2000DX and 2000LX.

Amazing jet and for me the nicest airport of the world, London City ;)

Help Shape Trillian for Mac – Alpha Build Now Available!

Today we’re pleased to announce that an alpha build of Trillian for Mac is being made available for download! We’ve worked hard on building a clean, fast, user-friendly product, and we hope you enjoy this early build. Trillian for Mac will utilize an “open” development approach with functional builds being released early and often. Help us make Trillian for Mac your ideal client by testing the alpha builds and providing your feedback and bug reports! A special area of our forums has been opened to gather user feedback, so please contribute – your comments will help shape our development priorities.

REMEMBER: This is an early alpha and may not work for you at all. Please download only if you’re interested in testing and helping with bugs! We currently require an Intel-based Mac and Leopard or higher!

TRILLIAN FOR MAC 1.0 ALPHA:

• Visit the new Trillian for Mac webpage.
• Download the alpha for Intel-based Macs and Leopard or higher now!
• Screenshots: Contact List, Chat Window, Login Screen
• Spread the word! Help us find bugs and add features! Retweet the news!

Early followers of our Mac version will notice we’ve replaced the previous skinned, customized interface in favor of something more tightly integrated with the operating system. We did this for two reasons: development time, and our belief that we can still create a unique-looking, beautiful piece of software without customizing the entire interface. This doesn’t mean skins and customization options are out of the picture! Rather, it means that in order to realistically build out the vast scope of features required to make Trillian for Mac a final v1.0 product, we’ve decided that building an entire skinning language wasn’t the best use of our early time.

This first public build covers important basic instant messaging features:

• Networks: Astra, Windows Live, Yahoo!, Facebook Chat, AIM, ICQ, XMPP, Google Talk, Bonjour, MySpaceIM.
• Contact list: identities, groups, MetaContacts, searching, drag-and-drop, inline renaming, avatars, service icons.
• Quick ‘click-to-type’ nickname and status changes, including iTunes tracking.
• Standard Trillian iconholder and avatar display.
• Smart tabbed conversation windows (tabs on demand) with typing indicators, bubble view, emoticons, links.
• Login screen and support for multiple accounts.
• Basic preferences screen, connection manager, full suite of per-connection preferences.
• File transfers and a file transfer manager.
• Activity history framework – logs are being written to disk in standard Trillian format (XML, LOG).
• Support for most standard Mac hotkeys for flipping through windows, opening preferences, etc.
• Basic dock integration and badging.
• Auto update.

What’s obviously missing right now, and what are we working on?

• Social network “feed” integration (Twitter, Facebook streams).
• Mail integration.
• Many major preferences and customization options – including things like list view, list size, and themes.
• Group conversations.
• Growl integration, “Status Item” support, and a general notification framework (think Win32 system tray stuff).
• Activity history viewer – you can’t view your logs yet, and there’s no auto-history in chat windows.
• Voice and video support.
• Setting your personal avatar.

To learn more and to download the build, visit our new Trillian for Mac page.

How great running MacOSX on Nokia N900 ? WOW ;)

WASHINGTON/TOKYO (Reuters) - Toyota Motor Corp faced scrutiny from Congress over its biggest ever safety recall as investors and consumers weighed the impact of an unprecedented halt in U.S. production by the No.1 automaker.

House Energy and Commerce Committee Chairman Henry Waxman said he would hold a hearing next month to consider "how quickly and effectively" the car maker responded to complaints about unintended and dangerous acceleration.

"Like many consumers, I am concerned by the seriousness and scope of Toyota's recent recall announcements," Waxman said in a statement.

The unusual action by the government comes just hours after the Toyota recall for accelerator problems was widened to include China and Europe.

Toyota this week suspended North American sales and production of eight models including its best-selling Camry after pressure from regulators.

Japan's largest company, studied for its devotion to quality, Toyota's recalls on the problems including sticking pedals and slipping floormats could amount to about 8 million vehicles -- more than the number of cars and trucks it sold worldwide in 2009.

In Tokyo, some worried about the knock-on effects to Japan's image and economy.

"If Toyota has hard times, there's a high probability that also Japan will," said Takeo Namekata, 62. "Particularly, trade will suffer."

REPUTATION SULLIED

Analysts say the financial impact will depend on how long the safety problems shut production and whether Toyota's famously loyal customers begin to abandon the brand, an issue hotly debated on blogs and online forums.

"I know in the next year or so, I am going to have to look at buying another car, and I am likely to buy used," said one reader of The Consumerist calling themselves theblackdog. "I don't think I could trust buying a used Toyota that was manufactured in 2005 or later, so I guess I will be scratching Toyota off of my list to look at."

Others, however, applauded Toyota's response.

"Although Toyota's reputation has been sullied since the recalls started taking place, the company is sending a message that it cares more about safety than income," wrote DREA on Business Pundit. "I bet that in the long run, this move will have been worth the risk."

Shares of Toyota have dropped 17.6 percent since January 21, when it announced it was broadening its recalls by a further 2.3 million vehicles. The stock ended down 2 percent in Tokyo on Friday.

RECKONING THE DAMAGE

Industry analysts and executives estimate that it will cost some $250 million in warranty costs alone to address the smaller of the two recalls underway in the United States.

The automaker also faces the fallout from the larger recall that began last year and was broadened this week for vehicles at risk of having floormats that can become jammed under accelerator pedals.

Then there are the still unknown costs for lost production, financial support to dealers and sales incentives the company has told its retailers it is considering in a bid to keep customers being wooed by rivals.

In addition, Toyota is certain to face lawsuits from people who claim injuries from the defects or class-action claims on behalf of consumers who will claim the crisis has damaged the value of their cars, analysts say.

Toyota has not released an estimate for the number of incidents of unintended acceleration. Consumer advocates say there are hundreds of such cases in Toyota vehicles.

Meanwhile, Toyota said it was racing to fix one of the recurring problems with sticky accelerator pedals that has forced it to shut down sales and production of most vehicles in the United States.

MONTHS OF WORK AHEAD

In consultations with its dealers on Thursday, Toyota said it would take months to complete repairs on the recalled vehicles since it would send notices to affected customers in batches of ten thousand to avoid overrunning repair shops.

CTS Corp the manufacturer of the accelerator pedals that led to the sales half said on Thursday that it has completed work on a redesigned accelerator pedal and was rushing that fixed part into production for Toyota.

Cars sold in Toyota's home market of Japan use accelerators supplied by Denso Corp. Toyota representatives said it was not clear if Denso could supply enough accelerators to help meet the demand surge caused by the U.S. recall. Denso said it was still reviewing the situation and declined further comment.

($1=89.70 Yen)

The old kindergarten lesson of sharing packs a powerful punch for small businesses looking to save money.

Sharing software, that is -- an affordable, easy, and even green way to save money for businesses looking to enhance their collaboration and productivity.  And for some companies the savings can reach upward towards $100,000 for the year! Alas, the flexibility of sharing has its downside: most of these a la carte tools don’t interconnect for smooth sailing, whereas packaged software may offer a comprehensive “suite” approach.

So while you resolve to get your collaborative groove on in 2010, we did the legwork to find cutting-edge software alternatives that dramatically cut your costs.

1. Continue with Google Docs for file sharing instead of spending on Microsoft Office Professional. According to one dabbler in the  Google and Office arts, “Office is much more "industrial strength" or "fully-featured" than  Google docs. But  Google docs is good enough for most purposes.”

Savings: $350 per person.

2, Google brings it again with the free Google Calendar and Gmail, which for many, especially younger workers who have grown up using it, is much more appealing than the pricy Outlook. The color-coding feature of Google Calendar is awesome, as is the text messaging to the phone for events and reminders. The ability to share calendars is a cool collaborative feature. It even lets you search for community calendars and add them to yours for reminders. Plus the ability to see several separate calendars all on one screen makes it easy to trace staff vacations down to the tiniest details. Outlook Calendar meanwhile is also powerful but seems limited to the corporate paradigm.

Savings: $115 per person plus the cost of operating an Outlook exchange server or purchasing that service on as ASP basis.

3. Consider the SAAS-impressive HighriseHQ.com instead of Salesforce.com. A good information management program is mandatory. Where Salesforce.com is expensive, particularly with multiples user accounts (starting at $3,900 per quarter) HighriseHQ.com has much of the same functionality for managing contacts but at a fraction of the price. Consider prices starting at $49 per month for 15 user accounts and up to 20,000 contacts in the database. Plus you can try it free first to see if it meets your needs.

Savings: up to $3,500 per quarter.

4. And who needs another body in the office? With Tungle doing much of the heavy-lifting of appointment scheduling, there’s no need to yell at anyone but the screen.

Savings: up to $50,000 per year.

Great article how to save money using web services.

I like this commercial if it is real or not I don`t know ;)

Transactional advertising network provider Adgregate Markets

, a finalist at the 2008 TechCrunch50 conference is launching ShopCloud, a platform for building portable shopping carts and other e-commerce applications.

ShopCloud’s platform lets developers build a variety of applications around e-commerce, including distributed shopping carts, lead generation forms, polls and surveys, and social media apps. The platform also promises security and the ability to build and run secure transactional applications even in non-secure content pages.

And the shopping cart technology is already being implemented on commerce sites. Adgregate Networks’ client Warner Bros. is using ShopCloud to power the CW channel’s

shopping cart. ShopCloud joins Adgregate’s ShopAds

product, a fairly innovative advertising network that enables customers to complete secure transactions within Flash-based ad banners.

The startup has seen a good amount of growth since it’s launch last year; recently acquiring widget business Gydget and scoring a deal with distribution deal with Google’s DoubleClick, enabling advertisers on that platform to integrate ShopAds widgets with just a few mouse-clicks.

get widgetminimize

CrunchBase Information

Adgregate Markets

Website:	adgregate.com
Location:	Sausalito, California, United States
Founded:	May, 2008

Adgregate Markets transforms online display ads into e-commerce markets.

Adgregate Markets is changing the dynamic of traditional banner advertising by aggregating micro-markets through fully transactional banner widgets. Our proprietary ShopAds… Learn More

Information provided by CrunchBase