Abstract: A broker module of a computing device receives requests from an isolated application to access one or more items of an item source. In response to a request, storage item objects representing items of the item source are generated and returned to the isolated application for each item of the item source that the isolated application is authorized to access. Whether the isolated application is authorized to access a particular item can be based on particular item sources and/or particular item locations.

Abstract: A file access request is received from an application. One or more file types for the file access request are identified, and one or more file hosts supporting files of the identified one or more file types are also identified. A user interface is displayed, the user interface including a hosted area. Within the hosted area, at least one of the one or more file hosts displays a portion of the user interface identifying one or more files of at least one file host that can be selected for retrieval, or one or more locations that can be selected to which the one or more files are saved.

Abstract: Phishing detection, prevention, and notification is described. In an embodiment, a messaging application facilitates communication via a messaging user interface, and receives a communication, such as an email message, from a domain. A phishing detection module detects a phishing attack in the communication by determining that the domain is similar to a known phishing domain, or by detecting suspicious network properties of the domain. In another embodiment, a Web browsing application receives content, such as data for a Web page, from a network-based resource, such as a Web site or domain. The Web browsing application initiates a display of the content, and a phishing detection module detects a phishing attack in the content by determining that a domain of the network-based resource is similar to a known phishing domain, or that an address of the network-based resource from which the content is received has suspicious network properties.

Abstract: A system level search user interface that includes both a data entry portion and an application identification portion is displayed. User data input as a search term is displayed in the data entry portion, and identifiers of each of one or more applications of multiple applications on the computing device that can be searched using the search term are displayed in the application identification portion. The search term is provided to one application of the multiple applications for that one application to generate and display search results based on the search term while the display of at least the data entry portion of the system level search user interface is maintained.

Abstract: A system level search module receives system level search user interface registration information for an application of the computing device. The registration information includes an indication of how the system level search module can launch the application. The registration information is added to a registration store, and the application is included as one of one or more applications that can be searched using the system level search user interface.

Abstract: A search term suggestion engine of a computing device receives characters of user data as the characters are input. The user data is at least part of a search term to be provided to one of multiple applications to search for the search term. An indication of multiple suggestion sources is received from the one application, and one or more suggested search terms are obtained, from the multiple suggestion sources, based on the received characters. One or more suggested search terms can also be obtained from the multiple suggestion sources based on one or more linguistic alternatives for the received characters. The one or more suggested search terms are combined into a combined set of suggested search terms, and the combined set of suggested search terms is returned to a search user interface for presentation to the user.

Abstract: Collection user interface techniques are described. In one or more implementations, a plurality of inputs are recognized as gestures received via interaction with a user interface to navigate through a file system of a computing device and select representations of objects managed by file system of the computing device, at least two of which are accessible via different devices. In response, copies of the representations are displayed by the computing device in a collection portion of the user interface. An option is output in conjunction with the collection portion by the computing device that is selectable to initiate a command to be performed using the objects that have corresponding representations included in the collection portion.

Abstract: Techniques for managing operations via a user interface are described. In implementations, a user interface is displayed that includes an option to cause serial processing of multiple operations. In response to a user selection of the option, the multiple operations are processed serially.

Abstract: A system level search user interface that includes both a data entry portion and a search identification portion is displayed. Data input by a user as a search term is displayed in the data entry portion, and identifiers of each of one or more scopes on the computing device that can be searched using the search term are displayed in the search identification portion. Search results based on a selected scope are displayed in a search results portion of the system level search user interface. A set of keyboard shortcuts allow users to quickly search using any of the scopes, and see previews of a number of results that each of the scopes return. Additionally, the system level search user interface allow users to easily focus on different search result entries, and efficiently change scopes for searching.

Abstract: Application file system access techniques are described. In implementations, a request is received by one or more modules via an application programming interface from an application that is executed on the computing device to access a file system of a computing device. A portion is exposed in a user interface by the one or more modules, the portion having an option that is selectable by a user to confirm that access is to be granted, the portion exposed such that the application is not aware of what is contained in the portion. Responsive to selection of the option, access is granted to the application by the one or more modules such that the application is not aware of where in the file system the access is granted.

Abstract: Embodiments of proofs to filter spam are presented herein. Proofs are utilized to indicate a sender used a set amount of computer resources in sending a message in order to demonstrate the sender is not a “spammer”. Varying the complexity of the proofs, or the level of resources used to send the message, will indicate to the recipient the relative likelihood the message is spam. Higher resource usage indicates that the message may not be spam, while lower resource usage increases the likelihood a message is spam. Also, if the recipient requires a higher level of proof than received, the receiver may request the sender send additional proof to verify the message is not spam.

Abstract: A method and system for determining the reputation of a sender for sending desirable communications is provided. The reputation system identifies senders of communications by keys sent along with the communications. The reputation system then may process a communication to determine whether it is a desirable communication. The reputation system then establishes a reputation for the sender of the communication based on the assessment of whether that communication and other communications sent by that sender are desirable. Once the reputation of a sender is established, the reputation system can discard communications from senders with undesired reputations, provide to the recipient communications from senders with desired reputations, and place in a suspect folder communications from senders with an unknown reputation.

Abstract: Disclosed are systems and methods that facilitate securing communication channels used in a challenge-response system to mitigate spammer intrusion or deception. The systems and methods make use of unique IDs that can be added to outbound messages originating from a sender, a recipient, and a third-party server. The IDs can be correlated according to the relevant parties. Thus, for example, a sender can add a signed ID to an outgoing message. A challenge sent back to the sender for that particular message can echo the same ID or a new ID derived from the original ID to allow a sender to verify that the challenge corresponds to an actual message. The IDs can include cookies as well to facilitate correlation of messages and to facilitate the retrieval of messages once a sender is determined to be legitimate.

Abstract: Various embodiments provide protection against web resources associated with one or more undesirable activities. In at least some embodiments, a method detects and responds to a user-initiated activity on a computing device. Responding can include, by way of example and not limitation, checking locally, on the computing device, whether a web resource that is associated with the user-initiated activity has been identified as being associated with a safe site. Furthermore, in at least some embodiments, the method checks remotely, away from the computing device, whether the web resource is identified as being at least possibly associated with one or more undesirable activities.

Abstract: Various embodiments provide protection against web resources associated with one or more undesirable activities. In at least some embodiments, a method detects and responds to a user-initiated activity on a computing device. Responding can include, by way of example and not limitation, checking locally, on the computing device, whether a web resource that is associated with the user-initiated activity has been identified as being associated with a safe site. Furthermore, in at least some embodiments, the method checks remotely, away from the computing device, whether the web resource is identified as being at least possibly associated with one or more undesirable activities.

Abstract: A method and system are disclosed. The method includes receiving a first request from a user at a dispatcher that corresponds to a first transaction. The method further includes creating at the dispatcher a unique identifier that is associated with the user. The unique identifier is based on data that is received from the user. A server is then assigned to the first request by adding an entry to a mapping table that is maintained by the dispatcher. The unique identifier is then associated with the assigned server.

Abstract: A system and method for a cell switching optical network. A block of data is buffered at an edge node and sliced into data slices. Slice headers are pre-appended to each data slice. The data slices are then scheduled for transmission onto an optical switching network during fixed time slots defined on a per carrier wavelength basis.

Abstract: Email spam filtering is performed based on a combination of IP address and domain. When an email message is received, an IP address and a domain associated with the email message are determined. A cross product of the IP address (or portions of the IP address) and the domain (or portions of the domain) is calculated. If the email message is known to be either spam or non-spam, then a spam score based on the known spam status is stored in association with each (IP address, domain) pair element of the cross product. If the spam status of the email message is not known, then the (IP address, domain) pair elements of the cross product are used to lookup previously determined spam scores. A combination of the previously determined spam scores is used to determine whether or not to treat the received email message as spam.

Abstract: Disclosed are signature-based systems and methods that facilitate spam detection and prevention at least in part by calculating hash values for an incoming message and then determining a probability that the hash values indicate spam. In particular, the signatures generated for each incoming message can be compared to a database of both spam and good signatures. A count of the number of matches can be divided by a denominator value. The denominator value can be an overall volume of messages sent to the system per signature for example. The denominator value can be discounted to account for different treatments and timing of incoming messages. Furthermore, secure hashes can be generated by combining portions of multiple hashing components. A secure hash can be made from a combination of multiple hashing components or multiple combinations thereof. The signature based system can also be integrated with machine learning systems to optimize spam prevention.

Abstract: Phishing detection, prevention, and notification is described. In an embodiment, a messaging application facilitates communication via a messaging user interface, and receives a communication, such as an email message, from a domain. A phishing detection module detects a phishing attack in the communication by determining that the domain is similar to a known phishing domain, or by detecting suspicious network properties of the domain. In another embodiment, a Web browsing application receives content, such as data for a Web page, from a network-based resource, such as a Web site or domain. The Web browsing application initiates a display of the content, and a phishing detection module detects a phishing attack in the content by determining that a domain of the network-based resource is similar to a known phishing domain, or that an address of the network-based resource from which the content is received has suspicious network properties.