Abstract: The instant invention broadly contemplates an energy saving subsystem comprising a secondary CPU that utilizes less power than a main CPU, thereby allowing an electronic device (e.g. a laptop PC) having the secondary CPU to use less power and run for longer periods of time on a limited power supply. Thus, the invention permits the electronic device to be utilized for extended periods and extends the battery life.

Abstract: In the context of computer systems, the generation of preboot passwords at a server instead of at a client. Preferably, preboot passwords generated at the server are distributed to the client, and a process is offered whereby a user can establish his/her own proxy, not known to the server, that can be used to release the stored passwords to the client hardware. Since the passwords are generated at the server, management of the passwords is greatly facilitated since they are generated at the site where they are stored. This also makes it easy to implement management features such as a group policy, since the password generation software will be able to make logical connections between users and hardware.

Abstract: The instant invention provides an apparatus, method and program storage device enabling a three-dimensional user interface for the movement of objects rendered upon a display device in a more realistic and intuitive manner. A Z distance is set whereupon a user crossing the Z distance is enabled to select an object, i.e. pick it up. As the user breaks the Z distance again, the object selected will move with the user's hand. As the user breaks the Z distance once more, the object will be released, i.e. dropped into a new position.

Abstract: The invention includes a method, apparatus, and program storage device for providing a combined tap sequence and camera based user interface. The invention provides, among other features, an apparatus comprising: an accelerometer; a laser light generating module; wherein the laser light generating module provides a plane of laser light over a surface coupled to the accelerometer; at least one camera; at least one processor; and a memory; wherein the memory stores instructions, executable by the at least one processor, enabling the apparatus to ascertain an occurrence of an input event utilizing inputs from the accelerometer and a location of the input event utilizing inputs from the at least one camera.

Abstract: A technique for controlling operation of a device with a virtual touchscreen includes defining an area of a surface, associated with the device, as the virtual touchscreen. An operation within the device is then initiated based on activity within the virtual touchscreen. An overlay may be provided, on a display screen of the device, to indicate a location of the virtual touchscreen with respect to, for example, a keyboard of the device.

Abstract: A technique for creating a virtual touchscreen includes capturing, with a first infrared camera, a first reflection from an object that is at a known position adjacent a surface associated with a device. A second reflection from the object (at the known position) is captured with a second infrared camera. The first and second reflections are correlated with the known position to provide a two-dimensional position for the object that is calibrated with respect to the surface.

Abstract: The invention provides a system comprising: a CPU; a memory in communication with the CPU; instructions stored in the memory and executable by the CPU to establish a collaborative web browsing session, the instructions further comprising: instructions enabling at least one peer device to join the collaborative web browsing session at a web site hosted by an automated peer.

Abstract: Systems and arrangements for permitting the transmission of fingerprint authentication data to a system remotely, while also permitting the system to employ such data as well as passwords in order to operate a computer system, while ensuring a reliable level of security for any group or organization using such systems and arrangements.

Abstract: A system for preventing redirection loops during collaborative web browsing is provided comprising: a CPU; a memory in communication with the CPU; instructions stored in the memory and executable by the CPU to prevent redirects encountered during a collaborative web browsing session, the instructions further comprising: instructions enabling a device to join a collaborative web browsing session; instructions enabling detection of a redirection loop; and instructions enabling termination of the redirect loop.

Abstract: A system for collaborative web browsing is provided comprising: a CPU; a system memory in communication with said CPU; a display medium; and instructions stored in the system memory and executable by the CPU, the instructions comprising: enabling a device to join a collaborative web browsing session; enabling a data navigation module to provide, upon an object appearing upon the display medium being selected by a user, outgoing navigation data that enables a rendering of the object to be distinguished from other objects rendered upon at least one other display medium of at least one other device.

Abstract: A method, computer readable medium and computer system for repairing a failed network connection between a client system and a network is disclosed. In a first aspect, the method preferably includes collecting real time connectivity information by the client system and utilizing the real time connectivity information by the client system to establish a connection with the network. In a second aspect, a computer system coupled to a network includes at least one network adapter for monitoring and collecting real time connectivity information from the network, memory for storing the real time connectivity information, and a processor coupled to the memory and to the at least one network adapter, where the processor is configured to execute program instructions for utilizing the real time connectivity information to repair a failed network connection between the computer system and the network.

Abstract: The employment of a process of applying user-defined defaults to a management engine or analogous arrangement, wherein a system BIOS calls or recalls such defaults, as needed, from NVRAM responsive to the need for a reset of defaults.

Abstract: A method for theft deterrence of a computer system is disclosed. The computer system includes a trusted platform module (TPM) and storage medium. The method comprises providing a binding key in the TPM; and providing an encrypted symmetric key in the storage medium. The method further includes providing an unbind command to the TPM based upon an authorization to provide a decrypted symmetric key; and providing the decrypted symmetric key to the secure storage device to allow for use of the computer system. Accordingly, by utilizing a secure hard disk drive (HDD) that requires a decrypted key to function in conjunction with a TPM, a computer if stolen is virtually unusable by the thief. In so doing, the risk of theft of the computer is significantly reduced.

Abstract: A technique for identifying a user of a device includes receiving a tracking mechanism trigger and capturing (e.g., periodically) identifying information on the user of the device in response to the trigger.

Abstract: A technique for cataloging documents based on user activity includes assigning documents to a relevant document list based on activity of a user of a device. In this case, at least two of the documents are associated with different applications. The technique then provides the relevant document list to the user.

Abstract: Methods and arrangements for ensuring that, when a computer system is stolen or otherwise misplaced, the system is rendered unusable (i.e., locked down). Conventional solutions have required software running on the system to perform the lockdown action, but in accordance with at least one preferred embodiment of the present invention is the linkage of TPM (Trusted Platform Module) and AMT (Active Management Technology) solutions whereby an AMT arrangement can remove secure data or identifiers so that any encrypted data present on the system will become unusable.

Abstract: Arrangements for employing a system BIOS (basic input/output system) to handle email during a suspended state (such as an “S3” state as will be better understood herebelow). Preferably, the BIOS is employed to “jump” between two suspended images such that, e.g., two more powerful OS's can be employed to manage the mail function.

Abstract: In accordance with at least one presently preferred embodiment of the present invention, there is broadly contemplated herein the managing of a POP not solely in the BIOS but at least partly in a more secure location. In accordance with a particularly preferred embodiment of the present invention, this location could be in a NVRAM (non-volatile random access memory) inside a TPM (trusted platform module). Most preferably, this location will contain code that the BIOS preferably will need to access and employ in order to complete the booting of the system.

Abstract: In a system with a main memory, a network adapter, and a display, a transaction security module in communication with the network adapter. The transaction security module acts to: establish a secure identification item with an entity which positively identifies the entity; accept an application OS of the entity; and initiate a guest OS with the entity; the network adapter acting to connect with the entity subsequent to initiation of a guest OS; and the display acting to display the secure identification item subsequent to connection with the entity.

Abstract: Methods and arrangements for managing a flash drive, hard disk, or connection between the two, in a manner to ensure that sensitive data is not decrypted at any time when it would be vulnerable. Accordingly, in a first implementation, the data may preferably be encrypted as it first goes into a flash drive and decrypted when it comes out of the flash drive. In another implementation, the flash drive may be logically bound to the hard disk, so that they would both use the same encryption key. In yet another implementation, if a hard disk is moved to another system, then the flash drive may also preferably be simultaneously moved.