Category: Software

Apple’s open OS is a security nightmare

Safe-with-Open-Door_Silver-Trading-Company_iStock_000016460757_ExtraSmallSome security experts who inspected Apple’s new version of iOS were surprised; it appears that the security geniuses at Jobs’ Mob had forgotten to encrypt the operating system.

Suddenly crucial pieces of the code destined to power millions of iPhones and iPads were laid bare for all to see making it a doddle to find security weaknesses in Apple’s flagship software.

The Tame Apple Press insists that is all deliberate and the secretive company may have adopted a bold new strategy intended to encourage more people to report bugs in its software.  However, the smart money is on the fact that this is a cock-up.

Apple has so far said it would strengthen security and privacy features and yet here it is showing an unencrypted version of the Kernel which controls how programs can use a device’s hardware and enforces security.

The Tame Apple press insists that does not mean that the security of iOS 10 is compromised. Butit makes finding flaws easier and reduces the complexity of reverse engineering considerably.

However on the plus side opening the iOS for anyone to examine could weaken the trade in holes  market by making it harder for certain groups to hoard knowledge of vulnerabilities and make the iOS more stable.

However for that to happen it would require such a psychological change in Apple that it is nearly impossible to consider. For a start, Apple would have to admit that there is a flaw and fix it straight away. Apple’s current policy when notified if there is a flaw is to ignore it until enough people complain and then issue a patch a few months later.

Apple does not offer “bug bounty” cash payments to people that disclose flaws they have found in its products, for example. So if you reverse engineer or find a hole in the iOS you would never take it to Apple, you would flog it to the government, or one of those dodgy security outfits which help them.

 

Microsoft Azure doing rather well on Linux

microsoft-open-sourceSoftware king of the world Microsoft has made a killing by enabling its Azure virtual machines to run Linux.

When Vole started the service 25 percent of its Virtual Machines were running Linux and now it is nearly one in three.

During his keynote at DockerCon 2016 in Seattle, Azure Chief Technology Officer Mark Russinovich said that Microsoft was adding more container support to its cloud and server products.

Russinovich showed off Windows Server support coming soon to the company’s Azure Container Service (ACS) while everyone yawned.

Microsoft made Azure Container Service generally available in April 2016, but for Linux containers only. Last year, company execs said Microsoft also would bring Windows Server support to ACS.

ACS allows developers to orchestrate applications using Apache Mesos or Docker Swarm. Users can migrate container workloads to and from Azure without code changes.

Russinovich showed a preview of SQL Server on Linux running on a Docker container. SQL Server for Linux is currently in private preview and is due to be available by mid-2017.

Russinovich announced that Docker Datacenter is available in the Azure Marketplace. In addition, Docker Datacenter can manage a hybrid container-based application running across Azure — and for the first time — Azure Stack on premises.

The way that Microsoft is integrating Linux into its cloudy world is amazing, given that it is not that long ago that its CEO called Linux a cancer and was doing its best to kill it off.

Adobe disappoints Wall Street

adobeSoftware maker Adobe appears to have disappointed the cocaine-nose jobs of Wall Street with its latest results. They are weeping…

It was not as if the results were bad, in fact Adobe Systems second-quarter revenue and full-year revenue forecast just about met analysts’ estimates, it is just that Wall Street hoped that they would see increased demand from the outfit’s Creative Cloud package of software tools.

Adobe has been focused on selling its software through web-based subscriptions, which ensures a predictable and recurring revenue stream. This helped Adobe’s cash rise for nine straight quarters and should mean that growth would be predictable going forward as most of the company’s clients were now on the subscription model

However Adobe’s forecast for the current quarter was largely below estimates – mostly because Adobe is always conservative on its outlooks and Wall Street suddenly seems to think that is a weakness.

Adobe’s second-quarter revenue rose 20.4 percent to $1.40 billion as more customers subscribed for Creative Cloud, which includes graphic design tool Photoshop, web design software Dreamweaver and web video building application Flash.

Revenue from the digital media business, which houses Creative Cloud, jumped 26 percent to $943 million, but fell just short of analyst’s estimates of $944.3 million, according to FactSet StreetAccount.

Adobe forecast third-quarter total revenue of $1.42-$1.47 billion, implying year-over-year growth of 16.4-20.5 percent. But the forecast was largely below analysts expectations of $1.47 billion.

Wall Street analysts expect the company’s revenue to rise between 19-22 percent over the next four quarters.
Adobe’s second-quarter net income rose 65 percent to $244.1 million, or 48 cents per share. Excluding items, Adobe earned 71 cents per share, beating analysts’ estimates of 68 cents.

US software worth $1.07 trillion

US dollarSoftware trade outfit, BSA The Software Alliance said that in 2014, the software industry had a $1.07 trillion impact on US gross domestic product.

It is being driven by 2.5 million jobs directly related to the software industry and an additional 7.3 million positions for people in real estate, professional services and other fields the industry supports.

Most of the work is found in California which has 408,143 software jobs (not including supported jobs in other fields) that contributed about $90.53 billion to the GDP.

New York and Texas came in second and third, respectively, in regard to GDP, with New York’s 147,361 software jobs contributing $37.16 billion and Texas’ 200,000 jobs adding about $30 billion.

Alaska’s 1,325 software jobs contributed $248 million to the GDP. Also toward the bottom were Montana, North Dakota and Maine.

In Texas the reason the software companies are there is because of a friendly tax environment has helped attract companies to major cities like Austin, Houston and Dallas.

The numbers appear realistic, unlike the figures that the organsisation cobbled together on piracy.

Oracle appeal blasted by Judge

A US judge has blasted Oracle’s defence when it tried to get a jury verdict against it set aside.

For those who came in late Google successfully made its case to a jury last month that its use of Java APIs in Android was “fair use,” and the verdict rejected Oracle’s claim that the mobile system infringed its copyrights.

Oracle filed a motion arguing that the judge should decide as a matter of law that fair use didn’t cover it.  However US District Judge William Alsup shot down the motion on Wednesday and also denied Google’s motion making similar arguments.

Alsup defends how he ran the trial. The evidence and instructions presented to the jury were a mix of mandates from the appeals court, which overruled Alsup on the key issue of API copyrightability, and modifications urged by both sides’ lawyers.

“The final jury charge culminated an exhaustive and iterative process of proposals by the judge followed by critiques by counsel,” Alsup wrote.

He then goes on to dismantle Oracle’s suggestion that its case was so strong that the jury’s verdict should be ignored.

“Oracle has portrayed the Java programming language as distinct from the Java API library, insisting that only the language itself was free for all to use,” Alsup wrote.

He added that in order to write the Java programming language, 62 classes (and some of their methods), spread across three packages within the Java API library, must be used or the language itself will fail.

The 62 “necessary” classes are mixed with “unnecessary” ones in the Java API library and it takes experts to comb them out. Oracle said it was fair to use the 62 “necessary” classes given that the Java programming language itself was free and open to use without a license.

He said that Oracle’s argument boils down to saying that it was okay to use the language, and okay to use the 62 “necessary” classes, but that Google “should have scrambled the functionalities among a different taxonomy of packages and classes.”

This would mean programmers would have to learn two different systems of “structure, sequence and organisation,” and the jury could reasonably have found that such a division “would have fomented confusion and error.”

He gave this analogy. All typewriters use the same QWERTY keyboard—imagine the confusion and universal disservice if every typewriter maker had to scramble the keyboard. Cleary he has not heard of the French keyboard that does just this.

Alsup said that Oracle’s cross-examination had been harsh and focused on character assassination of Schwartz who it claimed resented Oracle for its treatment of Schwartz after the buyout.

“That Oracle resorted to such impeachment underscored how fact-bound the issue was, another classic role of a jury to resolve.”

Alsup said that the jury could have reasonably concluded that Google’s copying of a “tiny fraction of one percent” of the copyrighted works represented the “bare minimum… to preserve inter-system consistency in usage.”  He thought it was reasonable to decide that Android “caused no harm” to the market for the copyrighted work, which was Java Standard Edition, built for use on desktop and laptop computers.

Java Mobile Edition was in decline before Android was even released and the jury could have determined Android had no negative impact “beyond the tailspin already predicted within Sun,” Alsup said.

The comments are important because they show what Oracle’s appeal plan will be and how Alsup is defending how he ran the court.

Google has killed open source claims Oracle

screaming babyOracle has had huge sulk over losing its Java court battle to Google and is saying some surprisingly strange things in the tech press about it.

Probably the daftest is a comment by Annette Hurst is an attorney at Orrick, Herrington & Sutcliffe who represented Oracle in the recent Oracle v. Google trial. In an op-ed she claimed that Oracle’s loss means that Open Source is dead in the water.

For those who came in late, Google successfully argued that its use of Java APIs, about 11,500 lines of code in all, was protected by “fair use.”

Hurst said that rather than developers celebrating that they will not be sued by copyright trolls for using bits of code, they should be worried that the free software movement itself now faces substantial jeopardy.

She said that Google argued that Java APIs have been open, any use of them was justified and all licensing restrictions should be disregarded. In other words, if you offer your software on an open and free basis, any use is fair use.

However if that narrative becomes the law of the land, the GPL is toast.

“No business trying to commercialise software with any element of open software can afford to ignore this verdict. Dual licensing models are very common and have long depended upon a delicate balance between free use and commercial use. Royalties from licensed commercial exploitation fuel continued development and innovation of an open and free option. The balance depends upon adherence to the license restrictions in the open and free option. This jury’s verdict suggests that such restrictions are now meaningless, since disregarding them is simply a matter of claiming “fair use,” Hurst said.

She said that it was hard to see how the GPL can survive such a result. Software businesses will have to accelerate their move to the cloud where everything can be controlled as a service rather than software. Consumers can expect to find decreasing options to own anything for themselves, decreasing options to control their data, decreasing options to protect their privacy.

“Developers beware. You may think you got a win yesterday. But it’s time to think about more than your desires to copy freely when you sit down at a keyboard. Think about the larger and longer term implications. You should have been on Oracle’s side in this fight. Free stuff from Google does not mean free in the sense Richard Stallman ever intended it,” Hurst said.

True, but what difference would have made to developers who instead of being allowed to write code which included similar APLs?  The would risk being sued into a coma by Oracle or any other copyright troll who thought they saw a couple of lines of their code in a trillion word program.

 

Handbags drawn at dawn as Page snarls at Oracle lawyer

pearl-harborGoogle founder Larry Page had a handbags at dawn exchange with Oracle’s lawyer over the use of Java in Android.

Oracle is trying to screw billions out of Google for using Java applets in the construction of Andriod. Google said it  believed that the intellectual property was free for anyone to use.

Larry Page, chief executive of Google’s parent company, told jurors the Google unit said it should be able to use Java without paying a fee under the fair-use provision of copyright law.  If he loses then the software industry will grind to a halt as trolls feed on anyone who used a line of cost which was similar.

Page, whose vocal cords have been affected by a previous medical condition, spoke quietly into the microphone. “Sorry I’m a little bit soft,” he said to jurors.

Oracle attorney Peter Bicks sharply questioned Page about the importance of Android to Google’s business, pointing to documents noting billions of dollars in revenue, as well as earnings transcripts in which Page said 700,000 Android phones were “lit up” every day.  Things got a little testy when Page with his sore throat was asked to repeat stuff he had already said.

“Yes, I already testified I think Android is significant to Google,” said Page, who testified for about a half hour.

Bicks asked Page if Google paid Oracle for the use of Java, which was developed by Sun Micro systems in the early 1990s and acquired by Oracle in 2010. He said when Sun established Java it was open source.   Bicks asked the same question again and Page snarled that Google did not  pay for the free and open things.

Under questioning from Google attorney Robert Van Nest, Page said Google’s use of Java was consistent with widespread industry practice.

“I think we acted very responsibly and carefully around the intellectual property issues,” Page said.

Tame Apple Press reports that Apple Music is bad

a8a442ac275a36c2da0b85a42b625225The writing appears to be on the wall for Apple Music after one of Jobs’ Mob’s cheerleaders the New Yorker dismissed the Apple Streaming service as “bad.”

To put this into perspective, the article has the headline “Why Apple Music is so bad when the iPhone is so good,” thus providing Jobs’ Mob with a free advert for its self-reverential out-of-date iPhone.

The writer Om Malik’s theme is that Apple can either create great software, or great hardware but when the two need to work side-by-side, like with Apple Music, the result is pants.

“Apple has always been, and always will be, a hardware-first company. It produces beautiful devices with elegant designs and humane operating-system software,” he enthuses without any trace of irony that might otherwise rescue his reasoning.

Malik then makes the very good point that Apple releases two versions of the same hardware a year and this makes sense but it also applies the same refresh programme to software. As a result its software is nearly always out-of-date and unable to cope with the fast adapting software scene.

He said that Apple’s corporate DNA is that of a hardware company, its activities are meant to support hardware sales. For example, its “Made with iPhone” advertising campaign talks up the iPhone’s camera, and thus drives up hardware sales.

“All of Apple’s services, iCloud, Apple Music, Apple Photos, iMessage, exist to support the sales of phones, tables, and laptops. The executive team, the sales machine, and the manufacturing, software, and services components are all locked into the hardware schedule.”

He added that it was daft that the Apple Music update needs to be revealed at the World Wide Developers’ Conference.

“Why should Apple Music have to wait for the conference to make usability fixes when Facebook and Google, and every Internet-services-oriented company, does this on a routine basis?”

Malik describes a hardware company which is trying to be a software company and failing. In much the same way that Microsoft tried to be a hardware company and balls that up.  But what is more interesting from the New Yorker article is that while the premise is obvious, the fact that someone who is blindly an Apple fanboy is saying it.

Apple fanboys are having a tough time of things lately. Not only is their faith tested by the fact that Jobs’ Mob is failing to attract interest, they also have to cope with the fact that they are no longer seen as the industry innovators. Coupled with this, poor programming and software design is making the rather elderly designs look buggy.

In the past, Apple fanboys would never complain, instead they held fast to the reality distortion field even when their Apple Macs were catching fire. All that is starting to change, as Apple’s grip over its follows starts to slip. Without any inquisition, a new messiah, or at the very least good products with good software, we can see more of this coming.

The iPhone 7 will be another good test of this faith.  So far it appears to have little in the way of innovative technology and will look the same as the disappointing iPhone6S. If it contains the same rubbish software that we are being seen coming out of Apple with its Apple Music then that particular cash cow might as well be sent to the meat works.

 

Windows 10 now schedules its own update

windows-10-start-menu-customised-live-tilesSoftware King of the World Microsoft’s malware-like upgrade system is becoming even more intrusive by auto scheduling upgrades to Windows 10.

Over the weekend my wife’s Windows 8.1 machine started to get a note that it has already scheduled an update for May 24. Looking at the screen it is difficult to cancel the scheduled upgrade or to change the upgrade date.

It is not impossible, so Vole is not forcing you to upgrade on that date, but it is still annoying. However it is also possible that she might forget to stop it in time and it will upgrade when we least expect it.  The Goddesses’ computer runs fairly slowly at the best of times, and even an ordinary update takes hours.

To be fair it is better to upgrade now anyway. The free upgrade officially expires on July 29. However there is an element of “I don’t want to be told what to do”.  Besides the Goddess reacts badly to things changing on her PC and it may involve raising eyebrows or the tapping of feet.  Someone will pay, particularly if her Firefox shopping tabs are deleted.

Hopefully after July 29, Microsoft will deactivate its system upgrade system as it is a PR disaster of biblical proportions.

 

Google names new language software Parsey McParseface

71popSearch engine Google appears to have had some trouble naming its new language parsing model and dubbed it Parsey McParseface.

For those who came in late the name is similar to “Boaty McBoatface” which was the name the Natural Environment Research Council (NERC) was stuck with for its research submarine after it had a brilliant idea to let the internet decide the name.

In Google’s case it came up with the name itself. Jason Freidenfelds, a global communications representative for Google, told the Observer that the software was pretty good stuff.

“Language understanding is the next big uncracked nut in AI. If we can really solve natural language, it’ll improve everything from the Google app (understanding your questions as well as the meaning of all the text in the world), to Inbox (suggesting smart replies), to products yet to be invented.”

“We were having trouble thinking of a good name, and then someone said, ‘We could just call it Parsey McParseface!’ So… yup,” Mr. Freidenfelds said.

Parsey McParseface parses a sentence.

Although it sports a silly name, Parsey McParseface is the most sophisticated model out there. In terms of accuracy, it closes in on 96 to 97 percent accurate, which beats the previous record of 94 percent – or so it’s claimed.

The model is part of the overall framework SyntaxNet and will be released on TensorFlow.  Now, developers and researchers are able to run machine learning on more than one machine simultaneously, shortening the training process for some models from weeks to hours.

Just a pity about the name.