Category: Software

Mozilla allows Firefox to rust

Red-Panda-pik-2-10alwllBig cheeses at the Mozzarella Foundation have announced that its Firefox browser will ship with a large dose of rust.

For those who came in late, Rust is a programming language developed as a safer alternative to C++ with a unique construction that reduces the chances of having dangerous memory exploits. It also never sleeps.

The first ever Rust components will arrive in Firefox 48, scheduled for release on 2 August, 2016, just two days before the anniversary of Britain entering WW1.

Memory corruption issues such as use-after-free and buffer overflows are the main source of security bugs and the reason why our editor keeps banging on the door of the Kite, even when it closed months ago.

Mozilla has been a key player behind Rust for the last seven years ago and teased a version of the browser with Rusty features last year. What we will see is a new media stack component that’s entirely coded in Rust. Media components are the most likely to execute malicious code when parsing multimedia files.

Those testing Firefox are yet to see a crash or issue in the Rust media component, a spokesMozilla said.

In mid-June, Mozilla released the first versions of Servo, a minimal browser created in Rust code alone.

Oracle asks a Judge to forget Java ruling

Consulting-the-Oracle-JWW-1884Optimistic lawyers working for Oracle have asked a Judge to set aside a landmark jury trial which prevents it screwing shedloads of cash from Google and its Android operating system.

A jury found Google rightfully helped itself to Oracle programming code to create the Android operating system.

The law allows use of copyrighted material in limited circumstances based on the scope of use, to what extent the purpose is commercial, and the effect of the use on the material’s value or market potential.

For six-years, Oracle had been seeking up to $9 billion in damages from Google. A judge already rejected a bid in May by Oracle to get the verdict thrown out. But the software and cloud company hasn’t given up.

It has filed a motion in San Francisco U.S. District Court again asking the same judge, William Alsup, to toss the verdict. It has cited case law suggesting use is not legal if the user “exclusively acquires conspicuous financial rewards” from its use of the copyrighted material. Google, said Oracle, has earned more than $42 billion from Android.

It is unlikely that Judge Alsup would agree. He had noted in rejecting Oracle’s first attempt at scuttling the verdict that the jury could have “reasonably found” that the commercial use also “served non-commercial purposes as well, i.e., as part of a free and open software platform, namely Android.”

Google has consistently argued that the Java code was free and open to all and that its use of the code was transformative. More over Sun Microsystems, which created Java in the 1990s long before it was bought by Oracle, had no problem with Google using the code without a license.

Larry Page, CEO of Google’s parent company Alphabet, told the court said that Google did not pay for free and open things.

Bulgaria goes Open Source

Rila Monastery, BulgariaThe Bulgarian government has issued an edict demanding that all its software should be open sauce.

On the face of it, it is a brave move, not because of the technology involved, but because it cuts politicians from a lucrative source of income – bribes from software companies.

Under the amendments to the Electronic Governance Act, all software written for the government will have to be open-source and to be developed as such in a public repository.

Sadly, this does not mean that the whole country is moving to Linux and LibreOffice, neither does it mean the government will force Microsoft and Oracle to give the source code to their products. Existing contracts will still stand. What it means that whatever custom software the government procures will be visible and accessible to everyone.

A new government agency will enforce the law and will set up the public repository. Bozhidar Bozhanov who helped get law accepted said that the battle is not over.

“The fact that something is in the law doesn’t mean it’s a fact, though. The programming community should insist on it being enforced. At the same time some companies will surely try to circumvent it,” he wrote.

However he said that it was a good step for better government software and less abandonware.

Microsoft pays out over Windows 10 update fiasco

live_tv_windows_10Software giant Microsoft has paid out $10,000 to a woman for its aggressive Windows 10 update campaign.

Teri Goldstein’s computer started trying to download and install the new operating system when she didn’t want it and it crashed. She said it caused her travel-agency business to slow to a crawl. It would crash, she says, and be unusable for days at a time.

When outreach to Microsoft’s customer support didn’t fix the issue, Goldstein took the software giant to court, seeking compensation for lost wages and the cost of a new computer.

She won. Last month, Microsoft dropped an appeal and Goldstein collected a $10,000 judgment from the company.

Vole denies wrongdoing, and a spokeswoman said Microsoft halted its appeal to avoid the expense of further litigation. However, the case shows the level of anger users have about the forced update programme.

Forced update screens were seen on bill-boards and television news, driving users to despair and making Microsoft appear like an autocratic paternalist father who insists on getting his own way.

“We’re continuing to listen to customer feedback and evolve the upgrade experience based on their feedback,” Microsoft said in a statement. But clearly it didn’t.

The outfit was slammed for not offering users a transparent or easy choice in the matter. Absent from Microsoft’s series of upgrade prompts was a basic “no thanks” or “never update” button.

It is pretty clear that Microsoft’s game plan was to centralise users onto one operating system so it did not have to waste time patching old versions systems. Vole wanted to have a  billion devices running the software by mid-2018. There were 300 million at last count. All that Microsoft seems to have done with its campaign is hack off the other 700 million.


Apple’s open OS is a security nightmare

Safe-with-Open-Door_Silver-Trading-Company_iStock_000016460757_ExtraSmallSome security experts who inspected Apple’s new version of iOS were surprised; it appears that the security geniuses at Jobs’ Mob had forgotten to encrypt the operating system.

Suddenly crucial pieces of the code destined to power millions of iPhones and iPads were laid bare for all to see making it a doddle to find security weaknesses in Apple’s flagship software.

The Tame Apple Press insists that is all deliberate and the secretive company may have adopted a bold new strategy intended to encourage more people to report bugs in its software.  However, the smart money is on the fact that this is a cock-up.

Apple has so far said it would strengthen security and privacy features and yet here it is showing an unencrypted version of the Kernel which controls how programs can use a device’s hardware and enforces security.

The Tame Apple press insists that does not mean that the security of iOS 10 is compromised. Butit makes finding flaws easier and reduces the complexity of reverse engineering considerably.

However on the plus side opening the iOS for anyone to examine could weaken the trade in holes  market by making it harder for certain groups to hoard knowledge of vulnerabilities and make the iOS more stable.

However for that to happen it would require such a psychological change in Apple that it is nearly impossible to consider. For a start, Apple would have to admit that there is a flaw and fix it straight away. Apple’s current policy when notified if there is a flaw is to ignore it until enough people complain and then issue a patch a few months later.

Apple does not offer “bug bounty” cash payments to people that disclose flaws they have found in its products, for example. So if you reverse engineer or find a hole in the iOS you would never take it to Apple, you would flog it to the government, or one of those dodgy security outfits which help them.


Microsoft Azure doing rather well on Linux

microsoft-open-sourceSoftware king of the world Microsoft has made a killing by enabling its Azure virtual machines to run Linux.

When Vole started the service 25 percent of its Virtual Machines were running Linux and now it is nearly one in three.

During his keynote at DockerCon 2016 in Seattle, Azure Chief Technology Officer Mark Russinovich said that Microsoft was adding more container support to its cloud and server products.

Russinovich showed off Windows Server support coming soon to the company’s Azure Container Service (ACS) while everyone yawned.

Microsoft made Azure Container Service generally available in April 2016, but for Linux containers only. Last year, company execs said Microsoft also would bring Windows Server support to ACS.

ACS allows developers to orchestrate applications using Apache Mesos or Docker Swarm. Users can migrate container workloads to and from Azure without code changes.

Russinovich showed a preview of SQL Server on Linux running on a Docker container. SQL Server for Linux is currently in private preview and is due to be available by mid-2017.

Russinovich announced that Docker Datacenter is available in the Azure Marketplace. In addition, Docker Datacenter can manage a hybrid container-based application running across Azure — and for the first time — Azure Stack on premises.

The way that Microsoft is integrating Linux into its cloudy world is amazing, given that it is not that long ago that its CEO called Linux a cancer and was doing its best to kill it off.

Adobe disappoints Wall Street

adobeSoftware maker Adobe appears to have disappointed the cocaine-nose jobs of Wall Street with its latest results. They are weeping…

It was not as if the results were bad, in fact Adobe Systems second-quarter revenue and full-year revenue forecast just about met analysts’ estimates, it is just that Wall Street hoped that they would see increased demand from the outfit’s Creative Cloud package of software tools.

Adobe has been focused on selling its software through web-based subscriptions, which ensures a predictable and recurring revenue stream. This helped Adobe’s cash rise for nine straight quarters and should mean that growth would be predictable going forward as most of the company’s clients were now on the subscription model

However Adobe’s forecast for the current quarter was largely below estimates – mostly because Adobe is always conservative on its outlooks and Wall Street suddenly seems to think that is a weakness.

Adobe’s second-quarter revenue rose 20.4 percent to $1.40 billion as more customers subscribed for Creative Cloud, which includes graphic design tool Photoshop, web design software Dreamweaver and web video building application Flash.

Revenue from the digital media business, which houses Creative Cloud, jumped 26 percent to $943 million, but fell just short of analyst’s estimates of $944.3 million, according to FactSet StreetAccount.

Adobe forecast third-quarter total revenue of $1.42-$1.47 billion, implying year-over-year growth of 16.4-20.5 percent. But the forecast was largely below analysts expectations of $1.47 billion.

Wall Street analysts expect the company’s revenue to rise between 19-22 percent over the next four quarters.
Adobe’s second-quarter net income rose 65 percent to $244.1 million, or 48 cents per share. Excluding items, Adobe earned 71 cents per share, beating analysts’ estimates of 68 cents.

US software worth $1.07 trillion

US dollarSoftware trade outfit, BSA The Software Alliance said that in 2014, the software industry had a $1.07 trillion impact on US gross domestic product.

It is being driven by 2.5 million jobs directly related to the software industry and an additional 7.3 million positions for people in real estate, professional services and other fields the industry supports.

Most of the work is found in California which has 408,143 software jobs (not including supported jobs in other fields) that contributed about $90.53 billion to the GDP.

New York and Texas came in second and third, respectively, in regard to GDP, with New York’s 147,361 software jobs contributing $37.16 billion and Texas’ 200,000 jobs adding about $30 billion.

Alaska’s 1,325 software jobs contributed $248 million to the GDP. Also toward the bottom were Montana, North Dakota and Maine.

In Texas the reason the software companies are there is because of a friendly tax environment has helped attract companies to major cities like Austin, Houston and Dallas.

The numbers appear realistic, unlike the figures that the organsisation cobbled together on piracy.

Oracle appeal blasted by Judge

A US judge has blasted Oracle’s defence when it tried to get a jury verdict against it set aside.

For those who came in late Google successfully made its case to a jury last month that its use of Java APIs in Android was “fair use,” and the verdict rejected Oracle’s claim that the mobile system infringed its copyrights.

Oracle filed a motion arguing that the judge should decide as a matter of law that fair use didn’t cover it.  However US District Judge William Alsup shot down the motion on Wednesday and also denied Google’s motion making similar arguments.

Alsup defends how he ran the trial. The evidence and instructions presented to the jury were a mix of mandates from the appeals court, which overruled Alsup on the key issue of API copyrightability, and modifications urged by both sides’ lawyers.

“The final jury charge culminated an exhaustive and iterative process of proposals by the judge followed by critiques by counsel,” Alsup wrote.

He then goes on to dismantle Oracle’s suggestion that its case was so strong that the jury’s verdict should be ignored.

“Oracle has portrayed the Java programming language as distinct from the Java API library, insisting that only the language itself was free for all to use,” Alsup wrote.

He added that in order to write the Java programming language, 62 classes (and some of their methods), spread across three packages within the Java API library, must be used or the language itself will fail.

The 62 “necessary” classes are mixed with “unnecessary” ones in the Java API library and it takes experts to comb them out. Oracle said it was fair to use the 62 “necessary” classes given that the Java programming language itself was free and open to use without a license.

He said that Oracle’s argument boils down to saying that it was okay to use the language, and okay to use the 62 “necessary” classes, but that Google “should have scrambled the functionalities among a different taxonomy of packages and classes.”

This would mean programmers would have to learn two different systems of “structure, sequence and organisation,” and the jury could reasonably have found that such a division “would have fomented confusion and error.”

He gave this analogy. All typewriters use the same QWERTY keyboard—imagine the confusion and universal disservice if every typewriter maker had to scramble the keyboard. Cleary he has not heard of the French keyboard that does just this.

Alsup said that Oracle’s cross-examination had been harsh and focused on character assassination of Schwartz who it claimed resented Oracle for its treatment of Schwartz after the buyout.

“That Oracle resorted to such impeachment underscored how fact-bound the issue was, another classic role of a jury to resolve.”

Alsup said that the jury could have reasonably concluded that Google’s copying of a “tiny fraction of one percent” of the copyrighted works represented the “bare minimum… to preserve inter-system consistency in usage.”  He thought it was reasonable to decide that Android “caused no harm” to the market for the copyrighted work, which was Java Standard Edition, built for use on desktop and laptop computers.

Java Mobile Edition was in decline before Android was even released and the jury could have determined Android had no negative impact “beyond the tailspin already predicted within Sun,” Alsup said.

The comments are important because they show what Oracle’s appeal plan will be and how Alsup is defending how he ran the court.

Google has killed open source claims Oracle

screaming babyOracle has had huge sulk over losing its Java court battle to Google and is saying some surprisingly strange things in the tech press about it.

Probably the daftest is a comment by Annette Hurst is an attorney at Orrick, Herrington & Sutcliffe who represented Oracle in the recent Oracle v. Google trial. In an op-ed she claimed that Oracle’s loss means that Open Source is dead in the water.

For those who came in late, Google successfully argued that its use of Java APIs, about 11,500 lines of code in all, was protected by “fair use.”

Hurst said that rather than developers celebrating that they will not be sued by copyright trolls for using bits of code, they should be worried that the free software movement itself now faces substantial jeopardy.

She said that Google argued that Java APIs have been open, any use of them was justified and all licensing restrictions should be disregarded. In other words, if you offer your software on an open and free basis, any use is fair use.

However if that narrative becomes the law of the land, the GPL is toast.

“No business trying to commercialise software with any element of open software can afford to ignore this verdict. Dual licensing models are very common and have long depended upon a delicate balance between free use and commercial use. Royalties from licensed commercial exploitation fuel continued development and innovation of an open and free option. The balance depends upon adherence to the license restrictions in the open and free option. This jury’s verdict suggests that such restrictions are now meaningless, since disregarding them is simply a matter of claiming “fair use,” Hurst said.

She said that it was hard to see how the GPL can survive such a result. Software businesses will have to accelerate their move to the cloud where everything can be controlled as a service rather than software. Consumers can expect to find decreasing options to own anything for themselves, decreasing options to control their data, decreasing options to protect their privacy.

“Developers beware. You may think you got a win yesterday. But it’s time to think about more than your desires to copy freely when you sit down at a keyboard. Think about the larger and longer term implications. You should have been on Oracle’s side in this fight. Free stuff from Google does not mean free in the sense Richard Stallman ever intended it,” Hurst said.

True, but what difference would have made to developers who instead of being allowed to write code which included similar APLs?  The would risk being sued into a coma by Oracle or any other copyright troll who thought they saw a couple of lines of their code in a trillion word program.