Abstract: A computer-implemented method for using guardian proximity to control computing activities of children. The method may include determining that a child is attempting to access a computing system and determining whether a guardian of the child is in proximity of the computing system. The method may also include limiting the child's access to one or more resources of the computing system if the guardian of the child is not in proximity of the computing system and permitting the child to access the one or more resources of the computing system if the guardian of the child is in proximity of the computing system.

Abstract: Computer-implemented methods for delegating access to online accounts and for facilitating delegates' access to these online accounts are disclosed. In one embodiment, a method for delegating access to an online account comprises receiving a request to delegate access to a first online account to a first delegate, identifying the first online account, identifying a contact record for the first delegate, and delegating access to the first online account to the first delegate by associating the contact record for the first delegate with the first online account. Corresponding systems and computer-readable media are also disclosed.

Abstract: A computer-implemented method for determining file classifications. The method may include determining identification information of a first file stored on a first computing system. The method may also include querying a second computing system for classification information by sending the identification information of the first file to the second computing system. The first computing system may receive, in response to the query, identification information of a second file. The first computing system may also receive the classification information. The classification information may indicate that the first file and second file are trusted. The first computing system may use the identification information of the second file to determine that the second file is stored on the first computing system. The first computing system may also apply the classification information to the first and second files by excluding the first and second files from a security scan.

Abstract: Computer-implemented methods and systems for circumventing malicious attempts to block the installation of security-software programs are disclosed. An exemplary method for performing such a task may comprise: 1) detecting, during installation of a security-software program, an error that is indicative of an attack on the security-software program, 2) identifying at least one executable file targeted by the attack on the security-software program, 3) circumventing the attack by dynamically obfuscating the executable file targeted by the attack, and then 4) completing installation of the security-software program.

Abstract: A method and apparatus for mitigating the performance impact of background or idle time processing during interactive computing sessions. One embodiment of the present invention is a method for mitigating performance impact of background or idle time processing on interactive applications comprising identifying executable and data pages in physical memory that are associated with an interactive application that is temporarily unused and preventing any of the identified executable and data pages from paging out.

Abstract: Client computers track visited websites and monitor confidential information transmitted to the visited websites. Upon subsequent identification of a website as malicious or compromised, it is determined whether the unsecure website was visited, and if so, whether any confidential information was exposed to the unsecure website. Clients compile statistical reports concerning confidential information transmitted to unsecure websites, and provide these reports to a central server. The central server uses statistical reports received from a wide distribution of clients to maintain comprehensive statistical data indicating exposure of confidential information to unsecure websites. This comprehensive statistical data can be used for purposes such as damage assessment, trend tracking and profiling of suspected malicious websites.

Abstract: File resources that are most likely to be used on a target computer are proactively cached, so that the resources are available before they are needed. This greatly reduces or eliminates associated user wait times. It is determined which file resources are most likely to be used, the cost of transmitting them to the cache, the cost of storing them in the cache and the amount of cache space available. Based on a weighted balancing analysis of factors such as these, specific file resources are proactively streamed for use on the target computer. The determination as to which resources are most likely to be used can be based on a variety of factors, such as usage patterns, schedule based information, user and group based information, target computer and network information, etc.

Abstract: A graphical payment identifier is used to facilitate the automatic processing of an electronic payment. A graphical identifier payment system receives a request from a payment processing entity for a onetime use graphical payment identifier. In response, a onetime use graphical payment identifier to be displayed by the payment processing entity is generated. A request for user payment information by the payment processing entity is encoded in the graphical payment identifier, which is transmitted to the payment processing entity for display. The graphical payment identifier being displayed by the payment processing entity is captured by a registered user operated computing device. In response, the requested user payment information is transmitted to the payment processing entity, such that the electronic payment is executed automatically, without the user manually entering the requested payment information or providing a credit card.

Abstract: A graphical authentication identifier is used to facilitate automatic authentication of a user. A graphical identifier authentication system receives a request from an authenticating entity for a onetime use graphical authentication identifier. In response to the received request, a onetime use graphical authentication identifier to be displayed by the authenticating entity is generated. A request for user authentication information by the authenticating entity is encoded in the graphical authentication identifier, which is transmitted to the authenticating entity for display (e.g., on a login screen). The onetime use graphical authentication identifier being displayed by the authenticating entity is captured by a registered user operated computing device.

Abstract: Techniques for providing improved perpetrator imaging are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for providing improved perpetrator imaging comprising identifying a client device as at least one of lost and stolen, detecting, on the client device, a difference in first pixel data associated with a first frame of a visual image and second pixel data associated with a second frame of the visual image, and capturing, on the client device, a plurality of photographs in response to detecting the difference.

Abstract: A method and apparatus for providing information associated with service providers using a social network is described. In one embodiment, a method of providing indicia of familiarity with the service providers comprises identifying one or more relationships between one or more service providers and a user using a social network associated with the user and generating information regarding the one or more relationships, wherein the information comprises a social distance between the user and each service provider of the one or more service providers where the social distance represents an indicia of familiarity between the user and each service provider of the one or more service providers.

Abstract: A computer, computer program product, and method prioritize a web crawler target link queue using referrer context information associated with a remote object link. An access statistics collection module detects links to remote objects and retrieves referrer context information for the links. An access statistics back end module receives and stores the referrer context information from the access statistics collection module. The referrer context information is analyzed by a target list prioritization module that uses the results of the analysis to prioritize a target queue of a web crawler. The referrer context information is an important resource in identifying information about how a link spreads, e.g., for threat detection or identification of popular links for indexing to produce more relevant search results.

Abstract: A graphical checkout identifier is used to facilitate automatic checkout of a user on a webstore. A graphical identifier checkout system receives a request from a webstore for a onetime use graphical checkout identifier. In response to the received request, a onetime use graphical checkout identifier to be displayed by the webstore is generated. A request for checkout completion information by the webstore is encoded in the graphical checkout identifier, which is transmitted to the webstore for display. The onetime use graphical checkout identifier being displayed by the webstore is captured by a registered user operated computing device. In response, the requested checkout completion information is transmitted to the webstore, such that the user is automatically checked out on the webstore, without the user manually logging in to the webstore or entering the requested checkout completion information.

Abstract: An anomalous process behavior manager uses statistical information concerning running processes to detect and manage process behavioral anomalies. The anomalous process behavior manager collects per process statistical data over time, such as resource allocation statistics and user interaction statistics. Current collected statistical data is analyzed against corresponding historical statistical data to determine whether processes are behaving in expected ways relative to past performance. Appropriate corrective steps are taken when it is determined that a process is behaving anomalously. For example, the process's blocking exclusions can be revoked, the process can be uninstalled, the process and/or the computer can be scanned for malicious code, the user can be alerted and/or relevant information can be shared with other parties.

Abstract: Electronic communication messages are routed according to a user's current physical location and the physical locations of communication devices. A plurality of communication devices such as telephones and computers are associated with the user. The physical locations of the plurality of communication devices are tracked. The current physical location of the user is also tracked in real-time. Incoming communication messages to the user and outgoing communication messages from the user are routed according to routing preferences based on at least the current physical location of the user and physical locations of at least one of the communication devices.

Abstract: A method and apparatus for accessing local system resources from a browser is described. The method for providing access to local computer system resources through a browser includes processing network traffic associated with a browser to identify at least one command parameters and communicating the at least one command parameter for execution using local computer system resources.

Abstract: A method for receiving verification that a source is authorized to provide mobile-computing-device policies for a first physical location. The method may include receiving a first mobile-computing-device policy and identifying the first physical location. The method may also include associating the first mobile-computing-device policy with the first physical location and implementing, based on the verification, the first mobile-computing-device policy at the first physical location. Systems and computer-readable media for verifying that a source is authorized to provide mobile-computing-device policies for a first physical location are also disclosed.

Abstract: In response to a user sending an electronic mail message to a recipient, a whitelist manager creates a temporary whitelist entry for the recipient on the user's whitelist. The temporary whitelist entry is set to expire after a set period of time. During the period of time that the temporary whitelist entry is in effect, electronic mail messages from the recipient are passed to the user without being subject to security screening. The whitelist manager keeps track of email traffic between the user and the recipient during this time period. If the nature of this email traffic is sufficient to establish that the recipient is legitimate, the whitelist manager converts the temporary entry to a permanent one. Otherwise, the whitelist manager disables the temporary entry, after which email from the recipient to the user is subject to normal security processing.

Abstract: A computer-implemented method comprising identifying a tag, receiving a setting, and associating the setting with the tag. The tag may be associated with an object. The computer-implemented method may also comprise performing an action based on the setting, and the action may be performed with respect to the object. A computer-implemented method may comprise receiving a tag from a user interface, identifying a module, and associating the tag with a module. Corresponding systems and computer-readable media are also disclosed.

Abstract: Whitelists are automatically shared between users and/or domains without compromising user/domain privacy. Potential trust partners with whom to share whitelist data are automatically identified. A handshaking procedure is carried out to confirm the trust relationship and verify the partner's identity. Once a trust partner is confirmed, the parties can exchange acceptance criteria specifying the types of whitelist data they want to receive. Each party can provide the other with the appropriate entries from its own whitelist. The parties keep each other updated, as their own whitelists change.