Abstract: A pay-per-use computer, or other electronic device that uses local security, may use a security module or other circuit for monitoring and enforcement of a usage policy. To help prevent physical attacks on the security module, or the circuit board near the security module, a second circuit may be mounted over the security module to help prevent access to the security module. Both circuits may be mounted on a interposer and the interposer mounted to the circuit board, creating a stack including the first circuit, the interposer, the security module, and a main PC board. When the PC board includes dense signal traces under the security module a three dimensional envelope is created around the security module. When the first circuit is a high value circuit, such as a Northbridge, the risk/reward of attacking the security module is increased substantially and may deter all but the most determined hackers.

Abstract: A computer is configured for either full operation with metering or limited mode operation. When in limited mode operation, the system memory may be partitioned into active and restricted memory. The active memory may be limited to an amount needed to execute a limited mode operation application. The remaining restricted memory may be made inaccessible to the computer's processor. To verify the restricted memory remains unused, it may be filled with a pattern and the pattern periodically verified to determine that unauthorized programs are not using the restricted memory.

Abstract: A host device comprises a controller and a connector. The host connector comprises fixed-function and multi-function pins. A first group of host connector pins comprises one or more of the fixed-function pins and a second group of pins comprises the remainder of the fixed-function pins and the multi-function pins. The host connector can be releasably attached to a connector of an accessory device. The first group of host connector pins can be used to discover the functions of the accessory connector. The host device can select functions to be enabled at the host and accessory connectors from among the functions mutually supported by the two connectors. The host can enable the selected functions at the host connector and can instruct the accessory to enable the selected functions at the accessory connector. The host can reconfigure host connector functions in response to a different accessory being attached to the host.

Abstract: A host device comprises a configurable connector. The host device connector can be connected to a configurable connector of an accessory device. The host device can select connector functions to be enabled for connecting to the accessory device connector. The selection of connector functions can be based on accessory device information such as accessory device power consumption, power configuration and application information. The accessory device can exclude connector functions supported by the accessory device from the list of accessory device functions sent to the host device. The accessory device can exclude connector functions based on information about the host and connector devices. Single or mutual authentication can be performed before connection functions are enabled at either device. Host and accessory devices can require that a host device be licensed to use an accessory device connector function or to gain access to accessory device resources. Tiered licensing policies can be supported.

Abstract: An accessory-specific user experience can be invoked at a mobile host device attached to an accessory device. The mobile device can receive accessory device information from the accessory and transmit the accessory device information to an online marketplace. The mobile device can receive information indicating accessory-specific goods or services available from the online marketplace and display the received information as part of the invoked user experience. The accessory device information can comprise accessory usage categories as well as additional information about the accessory. A marketplace can select accessory-specific goods or services based on the received accessory device information based on matching between accessory attribute values associated with the goods and services and accessory attributes values contained in the received accessory device information.

Abstract: A form of removable memory, such as a universal serial bus (USB) flash device, may enable a subscription-based computing system from any PC. The device may include an execution unit including a processor, a private memory including an encrypted application, a computing system interface, a cryptographic unit including a secure storage with a number of metering units, and a computer-readable medium. The computer-readable medium may include instructions for routing messages and data from the execution unit through the computing system interface to a connected computing system. Further, encrypted application data may be routed through the cryptographic unit to the execution unit to thereby transform the encrypted application into executable data for use by the computing system. Also, the device may decrement a number of metering units stored at the device during execution of the encrypted application by the computer.

Abstract: A host device comprises a controller and a connector. The host connector comprises fixed-function and multi-function pins. A first group of host connector pins comprises one or more of the fixed-function pins and a second group of pins comprises the remainder of the fixed-function pins and the multi-function pins. The host connector can be releasably attached to a connector of an accessory device. The first group of host connector pins can be used to discover the functions of the accessory connector. The host device can select functions to be enabled at the host and accessory connectors from among the functions mutually supported by the two connectors. The host can enable the selected functions at the host connector and can instruct the accessory to enable the selected functions at the accessory connector. The host can reconfigure host connector functions in response to a different accessory being attached to the host.

Abstract: Portable parameter-based licensing techniques are described. These techniques allow licenses to be decoupled from any particular host device and utilized in a portable and flexible fashion. In at least some embodiments, license data that includes a license to use computer-related functionality can be stored in a secure execution environment. The secure execution environment can be provided by a suitable secure execution environment hosting device(s) (SEHD), such as a portable flash memory device for instance. The license data in the secure execution environment can then be utilized to authorize use of the computer-related functionality, according to the license, on any number of host devices not responsible for providing the secure execution environment. As a result, the owner of the license can use the computer-related functionality without being restricted to any particular host device.

Abstract: A method of managing software issues includes receiving issue data from a remote host, where the issue data is related to an issue associated with a software application installed on the remote host. The method identifies a potential solution for the issue and sends solution data to the remote host, where the solution data is related to the identified potential solution. Feedback data may be received from the remote host, where the feedback data is indicative of a degree to which the identified potential solution was effective in resolving the issue.

Abstract: The described implementations relate to capturing a computing experience. In one case, a user session capture tool can launch a remote user session where a user-interface and user inputs are gathered from a single computing device. Remote user session data produced by the remote user session can be analyzed to determine user activity.

Abstract: This disclosure provides techniques for dynamic content caching and retrieval. For example, a computing device includes cache memory dedicated to temporarily caching data of one or more applications of the computing device. The computing device also includes storage memory to store data in response to requests by the applications. The storage memory may also temporarily cache data. Further, the computing device includes system software to represent to the applications of the computing device that the portions of the storage memory utilized to cache content are available to store data of the applications. In addition, the computing device includes application programming interfaces to provide content to a requesting application from a cache of the computing device and/or from a remote content source.

Abstract: Server-side validation of hardware specific software product licenses is described herein.

Abstract: Techniques described herein describe a proxy used in an instant messaging system. The proxy, upon receiving an instant message (IM) from a first mobile device and addressed to a second mobile device, dynamically determines whether, and for how long to store the IM on a local proxy. Otherwise the IM is forwarded to a server.

Abstract: Techniques described herein describe a dynamic time weighted network identification and/or fingerprinting method. A method includes identifying one or more machines connected to a network of machines; performing an address resolution procedure on each of the one or more machines to determine one or more machine specific identifiers associated with each of the one or more machines; and applying a dynamic weighting to each identified machine on the network of machines as a function of a determined transience of each identified machine.

Abstract: The described implementations relate to verifiable advertisement (Ad) presentation in a computing realm, such as a web-based computing realm. In one case verifiable advertisement presentation (VAP) tools can receive advertising (Ad) content to be presented on the computing device. The Ad content can include device-specific data that is uniquely associated with the computing device. The Ad content can be presented on the computing device. The VAP tools can validate that the Ad content was presented on the computing device. In some cases, the validation can include performing a validation function on at least one portion of the Ad content. Performing the function can serve to identify whether the presented content matches sent Ad content.

Abstract: A security module for a pay-per-use computer supplies an appropriate BIOS for a given mode of operation. A power manager in the security module powers only essential circuits until the BIOS is operational to help prevent substitution of a non-authorized BIOS. The security module also includes a capability to monitor and restrict data lines on a bus between a main computer processor and computer system memory. When the computer is operating in a restricted use mode, data lines may be restricted to allow only minimal access to the computer system memory. Bus transactions may be monitored to ensure that only valid transactions are occurring and are within the designated memory space.

Abstract: Operating system states capture and loading technique embodiments are presented that involve the capture and loading of baseline system states. This is accomplished, in one embodiment, by storing the states of a computer's operating system memory that it is desired to restore at a future time. No changes are permitted to the persisted storage associated with the computer. Instead, changes that would have been made to the persisted storage during an ensuing computing session, had they not been prevented, are stored in a separate computing session file. Whenever it is desired to return the operating system to its baseline condition, the stored baseline system memory states are loaded into the operating system memory, in lieu of the operating system memory's current states.

Abstract: Described is a technology by which a single physical storage device such as a USB flash memory device is able to boot different computing devices via corresponding different operating systems. The storage device includes a selection mechanism that determines which virtual disk (corresponding to a LUN) is seen by the host as the currently active LUN having sector 0, and therefore is the boot disk. The selection mechanism also may select which (if any) other LUNs are visible to the host. The selection mechanism and accompanying indicator may be operated when the storage device is disconnected, e.g., via manual switches and/or LEDs, buttons and/or a display (e.g., via internal power). Also described is allowing each LUN to have a user-friendly name.

Abstract: Described is a technology by which files that are hardware protected on a storage device, such as a USB flash drive, are managed on a host, including by integration with an existing file system. Each file maintained on a storage device is associated with a protection attribute that corresponds to that file's device hardware protection level. Requests directed towards accessing metadata or actual file data are processed based upon the protection attribute and a state of authentication, e.g., to allow or deny access, show file icons along with their level of protection, change levels, and so forth. Also described is splitting a file system file table into multiple file tables, one file table for each level of protection. Entries in the split file tables are maintained based on each file's current level; space allocation tracking entries are also maintained to track the space used by other split tables.

Abstract: A security circuit in a computer monitors data busses that support memory capable of booting the computer during the computer reset/boot cycle. When activity oil one of the data busses indicates the computer is booting from a non-authorized memory location, the security circuit disrupts the computer, for example, by causing a reset. Execution from the non-authorized memory location may occur when an initial jump address at a known location, such as the top of memory, is re-programmed to a memory location having a rogue BIOS program.