- CollabNet offers online community
- The truth about anti-phishing toolbars
- Doing business in Second Life
- Symantec flaw figures in botnet hit
- Coversant pushes collaborative apps
- Sun exec departs over Java move
- Au revoir, Windows; bonjour, Linux
- To Microsoft: Hurry up, please, it's time
- Spam migrating to P2P networks
- IT to miss Turkey Day?
November 30, 2006 | Comments: (0)
CollabNet offers online community
CollabNet, whose products enable software developers to collaborate, has set up an online community for CollabNet and Subversion users.
The openCollabNet online community is based on "Web 2.0 principles" and is built around the Subversion version control system and CollabNet's product offerings. CollabNet defines Web 2.0 principles as the interactivity of tools, such as using Wikis, to enable joint collaboration on a document or project.
With the online community, users can share innovations and best practices. They receive access to community resources, product extensions, discussion forums, technical content and support.
CollabNet Enterprise Edition 4.5.1 also provides access to openCollabNet. Customers can participate in development of extensions to CollabNet and try new functionality.
Free versions of CollabNet Enterprise Edition and CollabNet Subversion are available as part of the new program. The free download of CollabNet Enterprise includes a license for as many as 15 users.
CollabNet is the primary corporate sponsor of the open source Subversion project. CollabNet Subverison is a version of the product that has been compiled, tested and certified by the company.
Posted by Paul Krill on November 30, 2006 11:21 AM
November 30, 2006 | Comments: (0)
The truth about anti-phishing toolbars
In recent weeks, there's been a kind of 'battle of the surveys' over the thorny issue of which anti-phishing technology is best. The scrum started back in September, when the folks behind IE7 took the opportunity to blog about the findings of a Microsoft-sponsored study of anti-phishing toolbars. That study, conducted by 3Sharp, compared anti-phishing toolbars from Microsoft, NetCraft, Google/Firefox, AOL, EarthLink, eBay, Geotrust, Netscape and McAfee and used 100 known phishing Web site URLs and 500 known good URLs to see how well each anti-phishing technology flagged both phish and legitimate URLs.
Not surprisingly, Microsoft's Phishing Filter (MPF) in IE 7 Beta 3 received the highest "composite score" followed closely by NetCraft's toolbar.
The folks over at Mozilla responded a couple of weeks ago, releasing the results of a study by "independent firm" SmartWare showing that -- no -- it's Mozilla Firefox 2.0 anti-phishing filter beat IE7, thus showing Microsoft that they know how to play the "sponsored study" game too.
As both the Microsoft and Mozilla studies indicate, it's easy to tweak your study in a way that benefits the particular anti-phishing technology you want to come out on top. That was clearly the case with the IE7 study, where IE7's toolbar didn't do the best job of spotting phish sites, but won on points using a scoring system in which blocking sites was what garnered the most points. And in each case, the sample phishing sites are more or less an unknown quantity that could, potentially, aid one type of anti-phishing tool over another.
What's been needed all along, of course, is a truly independent and scientific study of anti-phishing toolbars, and that's what we now have, courtesy of Carnegie Mellon University, which released a comprehensive study of ten toolbars. According to a report released by CMU's CyLab, none of them are all that great.
The study, which is dated Nov. 13, looked at anti-phishing toolbars from eBay, Earthlink's, GeoTrust's, Google/Firefox, McAfee (SiteAdvisor) and Microsoft (IE7), NetCraft, NetScape and Stanford University (SpoofGuard). The researchers, working with nothing more than government funding, conducted two experiments assessing the effectiveness of the toolbars using an automated test bed 100 phishing URLs and 100 unique domains from the Anti-Phishing WOrking Group. They found that just three of the 10 toolbars: SpoofGuard, EarthLink and Netcraft, were consistently able to identify over 75% of the phishing sites tested (Google's got that good, but only after the site had been live for a couple hours. IE7 hovered just below 70 percent, as did CloudMark.) But of those three top performers, SpoofGuard misidentified 38 percent of legitimate sites as phishing sites which, as the researcher spoint out, tends to undermine the value of SpoofGuard overall.
Four of the toolbars tested (GeoTrust TrustWatch, eBay, Netscape and McAfee SiteAdvisor) were not able to identify even half the phishing sites tested, CyLab reported.
From the report:
"Overall, we found that the anti-phishing toolbars that were examined in this study left a lot to be desired. SpoofGuard did a very good job at identifying fraudulent sites, but it also incorrectly identified a large fraction of legitimate sites as fraudulent. EarthLink, Google, Netcraft, Cloudmark, and IE7 identified most fraudulent sites correctly and had few, if any, false positives, but they still missed more than 15% of fraudulent sites. The other four toolbars we tested could correctly identify less than half the fraudulent sites, and one [McAfee SiteAdvisor] did not correctly identify any fraudulent sites."
Adding insult to injury (for users, anyway), CyLab found that many of the toolbars they tested were vulnerable to exploits such as CDN (Content Distribution Network) attacks the mask the true URL used in an attack. In the end, the CMU/CyLab researchers were left wondering how useful these anti-phishing toolbars even are.
"Even if it is possible to create a technically sound antiphishing toolbar, it is still unclear as to whether or not this would be beneficial to users. Usability problems plague all varieties of software, security software in particular. When using an anti-phishing toolbar, poor usability could mean the difference between correctly steering someone away from a phishing site and having them ignore the warnings only to become a victim of identity theft."
Suggested study topic for CyLab: IDS/IPS!
Posted by Paul Roberts on November 30, 2006 10:37 AM
November 29, 2006 | Comments: (0)
Anshe Chung's million-dollar profit in real-estate sales over 30 months wouldn't be all that impressive, really, were it not for one thing: The land she sells is made entirely of pixels.
Chung is one of some 1.7 million denizens of Second Life, a virtual 3D world that, frankly, reminds me a bit too much of "The Matrix" for my liking.
But Chung clearly has enjoyed success there -- and not just socially: After plunking down 10 bucks for membership three and a half years ago, she started an aggressive campaign of buying, dividing, and selling Second Life property (which is quite visually impressive). Her holdings, which include not only land but virtual malls, chains, and store brands, are now worth "several million Linden dollars" (the currency of Second Life), which she asserts is convertible into at least one million dollars, American. She claims that makes her the virtual world's first millionaire.
Her operations have since grown to include the development and sale of properties for large scale real world corporations, and have led to a real life "spin off" corporation called Anshe Chung Studios, which develops immersive 3D environments for applications ranging from education to business conferencing and product prototyping.
Now, this isn't the first instance of individuals reaping real monetary success from a virtual world. I remember back in the day of text-based RPGs such as Gemstone III, players were willing to fork over real-world cash for powerful weapons. That trend has continued with graphical RPGs such as Everquest and World of Warcraft.
But Second Life clearly has opened up a whole new world of financial opportunity, and it's not just entrepreneurial types like Chung who are taking advantage. As reported by InfoWorld Lead Analyst Jon Udell, companies like Sun have attempted to leverage the success of the virtual universe -- though with arguably limited success. (Media companies also have staked ground there.) Udell attended a "block party" IBM held there and found the experience to be less than satisfying: The venue seemed to detract from the experience more than enhance it.
And at least back in October, Udell's prediction for Second Life serving as the next big business platform was not particularly optimistic: "[If] history repeats itself, we'll find that fancy 3-D designs will ultimately prove no more compelling than fancy Web pages."
Virginia Hines, InfoWorld's VP and General Manager of InfoWorld.com, dipped her foot into the virtual waters of Second Life recently to investigate its b-to-b potential, as well as its applicability to a future version of InfoWorld IT Exec-Connect. Though she was impressed by the system's underlying technologies, deeming Second Life "a fascinating experiment and laboratory for all the social sciences," she came away with some healthy skepticism about the medium's business potential.
Among other things, she noted that it's not sufficiently usable and navigable to attract and retain new users. Moreover, the current residents of the world are more focused on playing than working, which means that "any effort to use Second Life for B2B marketing purposes will probably require enticing a new demographic into the community, as opposed to attracting current members."
Finally, she said that "many of the current corporate ventures in Second Life are hard to locate, fail to attract traffic, and offer little user value. Without a more grounded value proposition, the concept of being in Second Life just to 'establish a presence' doesn't seem very fruitful."
Have you had any experience in Second Life? Do you think there's potential here for some serious business opportunities?
Posted by Ted Samson on November 29, 2006 11:33 AM
November 28, 2006 | Comments: (0)
Symantec flaw figures in botnet hit
College and university networks around the world are being attacked by a fast moving malicious program that exploits a known hole in Symantec's corporate antivirus program, according to reports by Symantec and the Internet Storm Center.
Symantec says a new worm called W32.Spybot.ACYR spreads by taking advantage of a number of patched Microsoft vulnerabilities and a previously disclosed hole in Symantec's Client Security and Antivirus software. Symantec patched that hole back in May, but apparently some of its customers haven't applied that patch yet.
The botnet is hitting college and university networks primarily, with published reports citing infections as far away as Australia, and reports of infections at major universities in Arkansas, Texas, California and Minnesota in the U.S.
The program spreads using a built in FTP server dubbed "reptile" to spread and establishes a connection to an IRC command and control server once it has compromised a computer.
Symantec advised its customers to update their products to the latest available security updates and other software patches, and consider blocking Port 2967 at their firewall.
Posted by Paul Roberts on November 28, 2006 01:07 PM
November 28, 2006 | Comments: (0)
Coversant pushes collaborative apps
Coversant on Tuesday announced open source developer kits for building XMPP-based (Extensible Messaging and Presence Protocol) collaboration applications.
Collectively known as SoapBox Studio, the free kits function with x86, x64 and IA64 platforms on the .Net Framework and Novell's Mono platform. The kits are accessible here at the company's new online Developer Community.
"It's time to inspire a new era of integrated XMPP messaging and collaboration development," said Jason Frankel, CEO of Coversant, in a prepared statement released by Coversant. "Through our new developer community, Coversant will be working closely with software publishers to give their customers the ability to collaborate on content and communicate more effectively."
SoapBox Studio is licensed under the GNU Lesser General Public License (LGPL). The kits formerly were called the SoapBox Framework.
Posted by Paul Krill on November 28, 2006 12:59 PM
November 27, 2006 | Comments: (0)
Sun exec departs over Java move
Sun Microsystems has had a prominent executive leave over Sun's decision to offer Java via an open source paradigm, a Sun representative confirmed on Monday evening.
Graham Hamilton, who had been a Sun Fellow for the Java platform team, has left the company. He had focused on use of Java in large-scale enterprises and in Web development. Also, he concentrated on attracting new developers to Java.
Sun on November 13 announced intentions to offer Java via the GNU General Public License, after years of developers and others in the industry clamoring for an open source path for Java.
Hamilton, who joined the Java team at Sun in 1995, was one of the designers of the Java Community Process for amending Java. He also was the lead architect for Java Platform Standard Edition (Java SE) releases 1.3, 1.4, and 5.0.
But apparently, he did not see eye to eye with Sun's open source move for Java.
"Sun thanks Graham for his many contributions to the company and to Java technology," Sun said in a prepared statement. "Graham is widely respected by Sun employees and developers around the world. While it is always sad to see an employee of his caliber depart, we wish him well in all his future endeavors."
James Gosling, Sun vice president and Fellow, will take over for Hamilton.
Posted by Paul Krill on November 27, 2006 07:04 PM
November 27, 2006 | Comments: (0)
Au revoir, Windows; bonjour, Linux
The French parliament plans to shut down Windows and open the door to Linux.
Come next June, some 1,150 parliamentary PCs will be running on a to-be-determined flavor of Linux (Mandriva, perhaps?), along with OpenOffice.org, Firefox, and an open source e-mail client, according to reports.
Convincing the French National Assembly to make the move was conclusions from an IT company called Atos Origin, according to Cnet.
"'The study showed that open-source software will from now on offer functionality adapted to the needs of MPs (members of parliament) and will allow us to make substantial savings despite the associated migration and training costs,' the parliament said."
Cost savings, huh? I'm not sure I'm convinced that's the real reason. Allow me to present my top five reasons why the French are dumping Windows for Linux.
5. They're upset that Microsoft's Xbox 360 won't play DVDs that star Jerry Lewis.
4. Tired of being the butt of military jokes, the French are working toward developing a Linux-powered army of robots. (Note to White House: This is not true. Please do not invade France.)
3. They're angry that Microsoft continually refuses to release a French version of its OS called Fenêtres.
2. The Blue Screen of Death clashes with the curtains in the offices of the French parliament.
1. The French can't figure out a culinary use for a penguin, so they're settling for a technological one.*
*("If it's possible to imagine a piece of beef, odiferous cod fish and a canvas-backed duck roasted together in a pot, with blood and cod-liver oil for sauce, the illustration would be complete." - Dr. Frederick A. Cook of the Belgia, on penguin meat)
What do you think? Have the French made a wise move here?
Posted by Ted Samson on November 27, 2006 04:10 PM
November 27, 2006 | Comments: (0)
To Microsoft: Hurry up, please, it's time
I had an epiphany the other day when I set my computer back up after taking it down to make room for a dozen or so Thanksgiving guests in our small apartment.
I started up two computers and could not get online with either one.
The problem confounded me and it was, as I suspected, user error, but for the hour or so that it took to figure that out, I had pushed the Internet on/off button to "off" on my cable modem. I realized I did not feel like I had a computer if I couldn't connect to the outside world.
When computing started, it was all about word processing and spreadsheets, saving your work, and cutting and pasting. Printing out was an achievement in itself. Your C: drive was your world, and a slow, just slightly better than useless modem merely icing on the computing cake.
I realize this memory goes back to the 1980s and so many readers might not be able to relate. So what was an epiphany for me--if you can't connect your computer, it is no better than a boat anchor--may be an everyday accepted response to younger users.
I bring this up to point out why I awakened to the truth that Microsoft is toast.
It happened while I was watching Bill Gates on the Charlie Rose interview show. I suddenly got the distinct feeling Microsoft is on its way out. Oh, not right away, at least not immediately; they have a great deal of cash reserves and a great many very talented people, after all, but in five or ten years certainly.
Rose asked him about Google and the iPod and other competitors that are doing quite well. In Gates' half-hearted response and admission that Microsoft had been outsmarted, I saw almost a psychological or perhaps spiritual admission that Microsoft will never be what it once was. This despite the usual, but very
mechanical, bravado of Gates assuring Rose that Microsoft will catch up.
But the bulk of Microsoft's revenue still comes from Windows and Office. Now, with virtualization, and Linux and the Web as our virtual operating systems, the importance of Windows is fast diminishing and the premier desktop application suite, Office, will soon follow suit.
In just a few short years Google has become a trusted brand. Trusted, I would vouchsafe as much if not more than Microsoft if only because it has been around for far fewer years and has had fewer opportunities to screw up.
Google will soon leverage that trust to offer the world Google Office, perhaps not by that name but by whatever name it will be taken up by millions of users who trust Google to put out a good product and improve on it along the way.
Sure Microsoft is trying to make itself more indispensable by embedding itself in major enterprise applications like its Duo partnership with SAP but it just may be too late when a mash up with a Google Office product and a Web-based, hosted application will do just as well.
The truth is Microsoft carries within itself its own seeds of destruction. Built into to the very DNA of the company and its products is the need to feed off the computer to survive.
But if Scott McNealy's original statement, "the network is the computer" is true as it appears to be then computer is not the computer and Microsoft with all of its money will not be able to feed off its current revenue stream and it will starve to death.
Posted by Ephraim Schwartz on November 27, 2006 08:02 AM
November 22, 2006 | Comments: (0)
Spam migrating to P2P networks
One of the corollaries of our Modern Age, is that hucksters and cheats will glom on to whatever mode of communication is the least expensive and most widely used. We've all resigned ourselves to stacks of junk mail. But we forget that back in the days before e-mail was ubiquitous, fax machines were used to send out bogus pitches and other kinds of unwanted solicitations. But fax spam required a fax machine (or machines), and lots of phone calls. So once e-mail came along, scammers quickly migrated to that medium, where there was a high degree of trust among users, and where the cost to send your solicitations (spam) was essentially $0.
With the e-mail channel now pretty well saturated with spam, however, (67.7 percent of all e-mail, on average, according to MessageLabs) there's a vast hunger out there in the huckster community for a new way to reach users. Increasingly, it's looking like P2P networks may be that channel.
A recent blog post over at SecuriTeam notes the increasing prevalence of spammy-sounding PDF downloads on P2P networks: "How To Create An Automated Ebay Money Machine.pdf," "Easy Chair Millionaire Review.pdf," or "Top Home based Jobs" (a directory).
Just as e-mail spam started as a trickle and grew into a flood, so P2P spam has the potential to overwhelm peer to peer networks that have flourished as a convenient and for the most part reliable medium for sharing and exchanging information, music, and more. The ultimate test, of course, is whether P2P users - a far smaller audience than e-mail users -- will take the bait and, thus, justify the investment.
Posted by Paul Roberts on November 22, 2006 12:34 PM
November 22, 2006 | Comments: (0)
As much as 84 per cent of professional IT workers will have to work for some or all of Thanksgiving this year, a poll of 500 business workers by IT hosting provider Intermedia.NET has found.
The study, sent to me with a plug for the group's hosted apps as way to give IT a break, "found that 28% of IT professionals will get no time off at all, or will have to work overtime to catch up after the break".
As well as being more hard-working, IT workers were found to be more honest than their non-IT office worker counterparts:--Only 6% of IT professionals will "pretend to work to avoid relatives”; 14% of office workers are planning to do the same.
--Only 7% of IT pros will use work as an excuse in some way, such as to avoid helping out in the kitchen.
--Only 9% of IT professionals will deliberately ignore all work calls and emails, compared to 19% of office workers.
OK, I am skeptical now. IT: Are you going to miss all or some of the holidays just to keep Exchange chugging? And for who? They'll all be chowing down.
Posted by Mike Barton on November 22, 2006 09:41 AM
November 21, 2006 | Comments: (0)
Update: PS3 able to run Office?
Sony's new game console may not just be for gaming, and you might even be able to claim your new "toy" as a business expense, writes InfoWorld Test Center's Ted Samson.
This is thanks to Sony being good enough to make available Open Platform for PlayStation 3, which has allowed Linux enthusiasts to load their new PS3s with Fedora Core 5 OS.
Samson writes:
Intrigued? Well, QJ.net has some instructions on how to go about doing the installation, and videos are popping up on sites like YouTube showing how it's done.According to QJ.net, once you've put Fedora on your PS3, "you will be able to install any app as long as it has a PPC build of it. That includes most major applications like Mozilla Firefox, VLC player, and more."
Update: Well, So, Codeweavers CrossOver Linux software does run Windows apps on Fedora 5, but not a PS3 with because it runs on a Cell processor..
According to one blog entry found in this Google search, Codeweavers works pretty well.
But could not virtualization software do the trick? Just not sure if any is done for Cell. According to IBM Research, Cell does virtualization.
Is it possible?
Challenge, or Game in this context, is on...
Posted by Mike Barton on November 21, 2006 04:40 PM
November 21, 2006 | Comments: (0)
Zone Labs plays free beta card
Hey, Google's not the only one who can play the "try our beta wares for free" game. Lately, everyone's seen the wisdom in giving users an early look at their software and (hopefully) creating a little bit of buzz.
Check Point's Zone Labs is the latest company jumping on the bandwagon, releasing a beta version of their Security Suite Version 7 today that's free to all comers.
Check Point/Zone is already one of the most established security vendors out there, and the new wares have some tantalizing features.
Zone's ditched the Computer Associates AV engine in favor of Kaspersky Labs engine. Kaspersky is quickly developing a rep as the "antivirus expert's antivirus engine," with some really excellent malware and crimeware detection. It also gets updated once an hour, as opposed to once a day with CA -- not foolproof, but a heck of an improvement for fast-moving threats, Zone told InfoWorld.
AV engine changes aside, Zone is pushing an "autolearn" feature that tweaks your security settings based on your environment and behavior. What does that mean, exactly? Good question -- which I asked. According to the Zoners, the behavioral analysis and system scans will vet the legitimate programs installed on your system against Zone's database of 200,000 application signatures. Legitimate programs will get attached to use policies, that way, random application behaviors don't generate annoying warnings for the user. In Auto-Learn mode, the new system apparently can analyze typical user interactions with the OS kernel and registry and block actions that it considers "unusual."
Sounds like a nightmare, I know. Fortunately, you can leave this feature disabled if you so desire.
According to Laura Yeices, GM for Checkpoint's consumer division, the company knew it wanted to open its doors for a beta, but also wants the "right kinds of people." Dear TechWatch readers, we've determined that you are, in fact, the right kind of people to participate. Go for it, this beta's only going to last four to seven weeks.
Posted by Paul Roberts on November 21, 2006 02:08 PM
November 21, 2006 | Comments: (0)
Google News gets on the (site)map
On the heels of last week's pact between Google, Microsoft and Yahoo on search with Sitemaps.org, Google has added Sitemaps for Google News, to give organizations more "transparency and control" over which of their content appears on the engine-aggregated news site.
"We're turning it on and announcing it today," Google News Product Manager Nathan Stoll told InfoWorld on Tuesday. He has also blogged on the news here (extracted below).
Now, English-language publishers who are currently included in Google News will be able to use their existing feeds -- or define a more advanced Sitemap of their current news articles -- to tell us exactly which articles they'd like us to crawl. While they've always been able to use technical solutions such as robots.txt to govern which portions of their sites Google crawls and indexes, this will give publishers more granular tools to tell our crawlers exactly what should be included.We also want to provide content owners more visibility into which articles are ultimately included in Google News, so we're now offering error reports specific to Google News. These error reports will explain any problems we experienced crawling or extracting news articles from a publisher's site. Although we try to make our crawl and analysis as comprehensive as possible, there are always a small number of sites and articles that we're not able to correctly analyze and include. We hope these new tools will help publishers resolve such issues.
Webmaster tools also offer publishers detailed information on the types of queries that lead visitors to various pages on a website, which can be helpful for understanding user information needs and access patterns.
We plan to extend webmaster tools for Google News to additional languages soon.
He told InfoWorld the rollout follows alpha testing with a few news organizations.
Google Search would still index a whole site, but news sites registered with Google News sitemaps would benefit, Stoll said. "We're going to crawl that very quickly."
Google News would remain the domain of news organizations, not individual bloggers. But that was the only hard-fast rule in what was news because "we're kind of format agnostic", Stoll said referring to the growing number of blogs within news organizations.
Stoll said with Sitemaps for News, Google was making it easier for Webmasters and the process more transparent for publishers, saying: "We're relying on the organizations"
A Google spokeswoman said: "This is only available to Google News publishers, so it does not pertain to any efforts around the new Sitemaps.org protocol."
The Official Google Webmaster Central Blog has this post for more info.
Posted by Mike Barton on November 21, 2006 10:52 AM
November 20, 2006 | Comments: (0)
Updated: Novell CEO talks patents
Novell CEO Ron Hovsepian has issued an open letter addressing concerns about the recent agreement between Novell and Microsoft and how it might impact Linux customers. The full text is reprinted here:
Open Letter to the Community from Novell
November 20, 2006On November 2, Novell and Microsoft announced a significant, multi-part agreement to work together to improve the interoperability between Linux and Windows and for Microsoft to redistribute more than 350,000 subscriptions for SUSE Linux Enterprise to the Windows customer base over a five-year period. This agreement is at the heart of what IT users demand -- to deploy both Linux and Windows, and to have them work well together -- and many companies have spoken out in support of this new cooperation.
Customers told us that they wanted Linux and Windows to work together in their data centers, and so we agreed to develop new technologies and standards in server management, virtualization and document file format compatibility. CIOs want to focus on their business, and they want their suppliers to focus on improving operating system interoperability. The Linux community will benefit from the creation and release of the open source code to improve Linux's interoperability with Windows that will result from this agreement.
Our interest in signing this agreement was to secure interoperability and joint sales agreements, but Microsoft asked that we cooperate on patents as well, and so a patent cooperation agreement was included as a part of the deal. In this agreement, Novell and Microsoft each promise not to sue the other's customers for patent infringement. The intended effect of this agreement was to give our joint customers peace of mind that they have the full support of the other company for their IT activities. Novell has a significant patent portfolio, and in reflection of this fact, the agreement we signed shows the overwhelming balance of payments being from Microsoft to Novell.
Since our announcement, some parties have spoken about this patent agreement in a damaging way, and with a perspective that we do not share. We strongly challenge those statements here.
We disagree with the recent statements made by Microsoft on the topic of Linux and patents. Importantly, our agreement with Microsoft is in no way an acknowledgment that Linux infringes upon any Microsoft intellectual property. When we entered the patent cooperation agreement with Microsoft, Novell did not agree or admit that Linux or any other Novell offering violates Microsoft patents.
Our stance on software patents is unchanged by the agreement with Microsoft. We want to remind the community of Novell's commitment to, and prior actions in support of, furthering the interests of Linux and open source, and creating an environment of free and open innovation. We have a strong patent portfolio and we have leveraged that portfolio for the benefit of the open source community. Specifically, we have taken the following actions:
- We have stated our commitment to use our own software patents to protect open source technologies. (www.novell.com/company/policies/patent/).
- We have spoken out against EU legislation that would liberalize the standards for granting software patents (www.novell.com/company/policies/patent/european.html).
- We offer indemnification to our Linux customers accused of intellectual property infringement (http://www.novell.com/licensing/indemnity/).
- We have teamed with the United States Patent and Trademark Office and other industry leaders to reduce the issuance of "bad patents" in the software area (See www.eweek.com/article2/0,1895,1911979,00.asp).
- In 2005, we co-founded Open Invention Network ("OIN"), "an intellectual property company that was formed to promote Linux by using patents to create a collaborative environment." (See www.openinventionnetwork.com). Novell's substantial contributions to OIN were made to benefit not only ourselves, but also other Linux vendors, distributors and developers, and anyone else willing to commit not to assert their patents against Linux.
In closing, we wish to be extremely clear that Novell is committed to protecting, preserving and promoting freedom for free and open source software. We recognize that the community of open source developers is essential to all our activities in Linux, and we welcome dialog with the community as to how we can continue to work together toward these common goals.
Ron Hovsepian
Chief Executive Officer
Novell, Inc.
What do you think? Do Mr. Hovsepian's statements influence your decision to use Novell products and services, including Suse Linux? Do you think Microsoft drafted the deal with Novell with bad intentions in mind? Send us your feedback, below.
Update (11/21/06): In response to Mr. Hovsepian's letter, Microsoft has issued a statement. "We at Microsoft respect Novell's point of view on the patent issue, even while we respectfully take a different view," it reads. "Novell is absolutely right in stating that it did not admit or acknowledge any patent problems as part of entering into the patent collaboration agreement." Click the link for the full text of Microsoft's response.
Posted by Neil McAllister on November 20, 2006 03:25 PM
November 20, 2006 | Comments: (0)
Week of Oracle zero-days planned
Database security researcher Cesar Cerrudo is taking a page out of the MetaSploit Project playbook, annoucing that his company, Argeniss Information Security, will publish a previously unknown (zero-day) vulnerability for Oracle databases each day for the first week in December, according to a message posted on the Argeniss Web site.
The exact date hasn't been set yet, but Cerrudo says December 4 is the likely kick-off date. As to "Why"? "We want to show the current state of Oracle software ("in") security also we want to demonstrate Oracle isn't getting any better at securing its products (you already know the history: two years or more to fix a bug, not fixing bugs, failing to fix bugs, lying about security efforts, etc, etc, etc.)."
Argeniss is following in the footsteps of H.D. Moore, who said in July that he would release a new, zero-day Web browser bug each day that month. Another project, the "Month of Kernel Bugs" was launched in November by a researcher who uses the handle "LMH."
Cerrudo told Tech Watch that his company knows of around 75 unpatched Oracle vulnerabilities and could easily muster a month of them, but that the week should be enough to send the message to the company and force them to "start fixing vulnerabilities and improving security because Oracle customer swill realize of (sp) the threats they are currently facing."
As for aiding and abetting cybercriminals, Cerrudo said that his company won't release anything that doesn't require users to authenticate, and that criminals may already know about many of the 0days his company will post. "It's not a big deal to find zero-days in Oracle software," he said.
Posted by Paul Roberts on November 20, 2006 01:33 PM
November 20, 2006 | Comments: (0)
Everyone knows it's impossible to be all things to all people, but you have to give Yahoo credit for trying. But save some credit for Senior Vice President Brad Garlinghouse who made it clear in an internal memo that, as a result, the company had lost a "single cohesive strategy."
In the document published Saturday in The Wall Street Journal, Garlinghouse writes, "We want to do everything and be everything -- to everyone." That could certainly be good news because, as everyone also knows, the first step to recovery is admitting you have a problem.
However, it appears the situation is not going to be good news for everybody, at least not in the near-term. In the memo Garlinghouse calls for "decisive action," including reducing headcount by 15 to 20 percent across the board. He also urged for an end to duplicative efforts across departments, where "there are so many people in charge (or believe that they are in charge) that it's not clear if anyone is in charge."
The memo has been dubbed the "Peanut Butter Manifesto" because of Garlinghouse's metaphor stressing that the company's allocation of resources had been spread too thin. To remedy the situation, company officials said in its quarterly financial conference call last month that they planned to invest smarter in three key areas: search, generating ad revenue, and multimedia ventures, which may include video, mobile technology, and social networks.
Posted by Richard Gincel on November 20, 2006 12:46 PM
November 20, 2006 | Comments: (0)
Talkback: Open source Java. So what?
Now that Java has been made available via an open source format, what, exactly, do you developers plan to do with it?
There has been conjecture that not too many developers want to fiddle much with source code, anyway. But what exactly are the possibilities here? Code enhancements that no one ever dreamed of? Faster bug fixes?
Now that you developers have been giving the keys to the Java kingdom, what doors can you unlock? Please tell us.
Posted by Paul Krill on November 20, 2006 09:24 AM
November 17, 2006 | Comments: (0)
IT services group picks the winners and losers in IT job growth
The National Association of Computer Consultant Businesses [NACCB] whose members are those in the IT services business, released a report on IT employment prospects this week.
Too lengthy, 53 pages, to summarize here, the upshot is that despite a retreat in IT employment in October, the NACCB says the future trend points toward growth in the IT employment sector but not for all job titles.
Kim Berry, president of the Programmers Guild, is skeptical.
Quoting from the NACCB press release Berry had this to say in an email to me:
"The press release says, 'Economist Alan Beaulieu predicted continued strength in the market for IT services through the middle of 2008.' "
"We don't believe it is possible to accurately project job growth nearly two years into the future: The dot-com bust caught most analysts by surprise."
However, Berry also found areas of agreement with the NACCB.
"We see in their data at least the signs of a cooling trend: According to their data, only 10k IT jobs have been added since June 2006 (3,659k to 3,669k in the Index Release doc). Combine that with the 85,000 H-1bs that entered the job market in October, and we are concerned that qualified U.S. IT workers will be squeezed out of the job market," said Berry.
Whether or not you agree with NACCB or Berry, the NACCB's evaluation of long term employment trends, by job title, is worth looking at.
Long-term Employment Trends
Growth areas include occupations that keep systems and structures running and that can handle system integration.
NACCB categorizes those occupations as "computer scientists and system analysts as well as network systems and data communications analysts."
Also NACCB says there will be a call for computer and IS systems managers and network and computer systems administrators.
Finally, computer support specialists as "the business community continues to infuse computer technology deeper into more elements of the business process."
On the downside
NACCB sees computer software engineers, a title that makes up almost one-quarter of all IT professionals, facing a declining job market.
The same decline in opportunities will be faced by programmers and hardware engineers.
Posted by Ephraim Schwartz on November 17, 2006 02:29 PM
November 17, 2006 | Comments: (0)
Weblogs entrepreneur quits AOL
Jason Calacanis, whose startup Weblogs was acquired last year by AOL, has resigned in the wake of CEO Jonathan Miller's replacement by NBC exec Randy Falco. Calacanis remained as chief executive officer of Weblogs after it became an AOL subsidiary, and was this year put in charge of running AOL's Netscape.com division and transforming the Web portal.
The news of Calacanis' departure was first broken by the blog TechCrunch and later confirmed by the New York Times, which quotes Calacanis as saying "I'm not inclined to start over with a new guy," referring to Falco.
Calcanis has also posted a note about his departure on his own blog site.
The Times reports that morale at AOL has been shaken by Miller's surprise departure, and many "saw the shakeup as an affront, given the amount of work they had put into creating a new strategy for AOL."
Posted by Caroline Craig on November 17, 2006 07:01 AM
November 16, 2006 | Comments: (0)
I get my e-mail, my IM, and my voice on my cell phone just like a lot of other people.
And if I write the great American novel, I don't intend to do it while sitting in a sidewalk café, either. I know too many people who have had their notebook stolen as they sipped their latte.
In the meantime two major carriers, Sprint nationally and Clearwire on a regional basis are pushing WiMAX as an alternative especially for voice.
Manufacturers like Intel and Motorola are also touting the benefits of Metro WiMAX over W-Fi in terms of range, cost of laying out and supporting the infrastructure.
San Francisco, Philadelphia, and now Portland, OR are just a few of the many major cities planning to lay out a Wi-Fi for their citizens.
Cities with Metro Wi-FI in place include Rio Rancho (New Mexico), and Ferrysburg and Spring Lake (Michigan).
Besides giving advertisers another way to reach into my wallet, I am wondering what the real benefit of Metro Wi-Fi is to the citizens of a city?
My guess is when it comes down to it, not much.
The City Fathers of whatever city is deploying it will tell you it gives you access to city services. Well, the only city service I need is to pay my latest parking fine and I can do that just as well at my desk at home.
Then there's the baloney about it crossing the digital divide between the haves and have nots. But how is someone who can't afford a computer going to benefit?
Its real benefit might be for traveling business people who need to stay in touch with the home office while on the road, not for locals.
I would like to hear from the citizens of Rio Rancho, Ferrysburg, Spring Lake, or any other city that has deployed Metro Wi-Fi to learn how it's working out.
Posted by Ephraim Schwartz on November 16, 2006 03:09 PM
November 16, 2006 | Comments: (0)
Is Microsoft's Zune turning into Bob? According to early press reports following the launch of Microsoft's iPod Killer, it may well be.
We all remember Microsoft BOB -- right? That disastrous effort to change the whole desktop GUI metaphor to something more cute and family friendly? Well, Bob didn't go over so well and the project, plus its "shoot me in the forehead, please" smiley face logo have become synonymous for ambitious Redmond projects that flopped. Barring a major re-think from Microsoft (something they didn't give to Bob) Zune may be a Bob for the gadget world.
Zune's problems started even before the device hit store shelves. Most reviewers -- many of them iPod owners -- couldn't help but compare the device to Apple's megapopular MP3 player and find it wanting. While the device did get high marks for it's UI and look and design,the close feature similarities and prices between the 30GB Zune and similar iPod models, as well as iPod's greater number of model and size options, and iTunes franchise have made the Zune seem a tough sell.
Hint to Microsoft: If you're making a gadget that's supposed to replace a gadget that most of your likely customers already own -- don't play it conservative!("Buy my new Potato peeler. It's almost exactly like the one you already have, but it comes in brown!")
The tepid reviews seemed to have dampened the public's appetite for the player, and early reports were that the devices were hardly moving in many retail outlets.
A couple days out, there are stories about problems with music discovery and other features.
Already facing a steep hill to climb against the iPod, however, Microsoft may have really "BOBed" the Zune with decisions that were largely avoidable. Most importantly, the company decided to stick a knife in the back of the media and retail partners it had (AOL, MusicMatch, Napster, WalMart) by not supporting PlayForSure, a music download initiative based on Microsoft's own Windows Media Player DRM format. Nor did the company decide to leverage the PlayForSure.com store to purchase tunes for the Zune. Instead, Redmond ditched the whole Playforsure operation to set up it's own Zune Marketplace music store and Web portal, a la iTunes, but with a smaller library of music. Adding insult to injury, the company struck a sweetheart deal with Universal that gives that media giant a cut of all Zune sales, and there's already speculation that other labels will line up for a similar cut of the Zune take -- making profitability even tougher.
More recently, it's come out that -- hold on to your hat -- Zune players do not work with the Vista Operating System, Microsoft's next version of Windows, which is due out to consumers in January. So far, Microsoft is just saying "check back for updates" on Vista-Zune compatibility. The lack of a clear upgrade path for an OS that's already out the door is just NUTS.
Microsoft has a long history of making slow, incremental improvements to its products. The company can still salvage Zune (as it could have BOB), but it will take modest improvements in features, price and options. (Hint: double down on the Wi-Fi stuff.)
More fundamentally, though, Microsoft's whacky DRM and music sharing restrictions show that it still hasn't proven that it "gets" the revolution that's happening in the media business and among young, gadget savvy consumers. Three plays for three days? Please.
But lets face it, unlike operating systems and desktop software, there are already a slew of well funded competitors in the Zune space who aren't about to sit by and be the next WordPerfect. For now, I'm passing on the Zune.
Posted by Paul Roberts on November 16, 2006 09:18 AM
November 15, 2006 | Comments: (0)
The SKIL Bill and Your Local Elementary School
The Republican lame duck Congress is toying with passing the SKIL (Securing Knowledge Innovation and Leadership) Bill, a top priority for the tech industry and its lobbyists that would raise caps on H-1B Visas by 20 % and exempt highly skilled workers (Master's Degree or higher from a U.S. institution) from the cap altogether. While tech executives may be keen on the law, many, many U.S. born IT workers are none too keen about this law, which they see as a backdoor way to keep wages low in the U.S. by importing cheap labor from India, China, Eastern Europe, or any other low wage country with a surfeit of engineers.
Nobody knows this better than my colleague Ephraim Schwartz, who had the temerity to raise the issue of the SKIL Bill's future in a TechWatch blog post last week.
Ephraim, who has covered the H-1B and outsourcing issues as closely as anyone over the years wasn't taking a stand on SKIL, but he got an earful from you folks, especially after a heartfelt post by Toni Chester, who described herself as "a 42 year old female American technical worker with one son who I have raised alone" and "over 17 years of technical industry experience... a Bachelor of Science degree in Applied Mathematics (and) Statistics."
Toni talked about her experiences with the H-1B program: training what she considered under skilled workers from India who could barely speak English, required lots of oversight and hand holding, but made 30 percent less than she did.
"Many times, I was put in a position to mentor or train my H-1B peers. At the time, I had no idea that they were in my country to be my replacements. Nor did I realize that the program afforded corporations a means to rapidly escalate the off-shore outsourcing process."
Other comments were more visceral:
"I want you to know that the H-1B program has devastated my life and my career. The government should NOT meddle in the Engineering business and just let natural 'supply and demand' take effect," wrote a contributor using the handle "Displaced American Engineer."
"Let's just change our name to: The United Corporations of America," wrote "Ex-Engineer."
Some were tough on Toni. James wrote: "I'm in the software industry and I hardly believe the story that you portray. Get a grip and move somewhere that has jobs. In Orlando my company can't get enough people to submit resumes and spends mucho bucks running ads in the paper to attract candidates."
Still others pointed to GAO reports about corruption in the H-1B program.
Of course, the debate over H-1B is a multi-factor problem. Sure, technology companies are interested in keeping wages low. But that doesn't mean that claims of an insufficient supply of domestic IT workers aren't also true. Let's face it: given an ample supply of U.S. born tech workers coming out of the country's many colleges and universities, companies could still keep wages low enough to be competitive and not have to pay for the cost of immigration lawyers and other middlemen who help them bring H-1B workers to the country and keep them legal while they're here. And there's certainly evidence that at least part of the blame lies with the moribund U.S. education system, not (just) rapacious corporations.
The National Science Foundation's Science and Engineering Indicators report for 2006 raises a number of red flags on issues that indirectly contribute to the problems addressed by SKIL. The NSF reported that most 4th, 8th, and 12th graders did not demonstrate proficiency in math and science knowledge and skills taught at their grade level. And... "Despite showing some improvement in mathematics and science performance in recent years, U.S. students continued to lag behind their peers in many other developed countries."
That problem filters up to higher grade levels. As NSF points out, while students on temporary visas in the United States earned a small share (4%) of Science and Engineering degrees at the bachelor's level they earned double that number (8%) of bachelor's degrees in computer sciences in 2002 and 7% of those engineering.
Go higher up and the trend is even more pronounced:
Science and Engineering master's degrees awarded to students on temporary visas more than doubled in between 1983 and 2002, to 27,600 and are now 28% of all such degrees awarded. "Foreign students make up a much higher proportion of S&E master's degree recipients than they do of bachelor's or associate's degree recipients," with degrees are "heavily concentrated in computer sciences and engineering, where they earned 46% and 41%, respectively, of master's degrees in 2002."
Ph.Ds? Fuhgedaboudit. NSF reports that in 2003 foreign students on temporary visas earned 43% to 44% of doctoral degrees awarded in mathematics, computer sciences, and agricultural sciences, along with 55% of those awarded in engineering. To quote the Estimate "Noncitizens, primarily those with temporary visas, account for the bulk of the growth in S&E doctorates awarded by U.S. universities from 1983 through 2003..."
More data points: in the 20 years between 1983 and 2003, the number of S&E doctorates earned by U.S. citizens fluctuated from approximately 14,000 to about 17,000, and the number earned by temporary residents rose from 3,500 to a peak of 8,700 in 2003. The share of S&E doctorates going to temporary visa holders rose from 18% in 1983 to 32% in 2003, as S&E doctorates earned by U.S. permanent residents decreased from a peak of 3,614 in 1995 to about 1,200 in 2003 (appendix table 2-32 Excel table.) Yes, dear readers, only 1/3 as many U.S. citizens earned doctorates in Science and Engineering in 2003 compared with 1995. And nobody had a gun to their head forcing them to take a business or marketing/communications major instead of something demanding like CS.
Sadly, the real figures may be even darker. NSF notes that "in the mid-1990s, the number of doctorates awarded to U.S. permanent residents showed a steep increase when a large number of Chinese doctoral degree students on temporary visas shifted to permanent resident status under the 1992 Chinese Student Protection Act."
In other words, we can thank the Tiananamen Square Massacre in 1989 for that spike in U.S. S&E doctorates in the mid 90s. GO USA!!!
Hey, these are just the facts, folks.
Let's fess up to it: the U.S. has to change the way it educates its kids: improving science and math education, erasing the gross inequalities between schools in rich and poor communities and eliminating the poverty and violence that curtails the dreams of many future U.S. Nobel winners who happen to be born into the wrong neighborhoods. Most of all, our society has to start honoring educators and celebrating the accomplishments of scientists, mathematicians and computer scientists at least as much as it celebrates the accomplishments of athletes and obsesses over the misadventures of crass celebrities. There is, sadly, no ESPN or Entertainment Tonight for science and engineering.
These were thoughts that came home to me the other day when I was dropping my daughter off in kindergarten. Room 207, the third grade class next door has been working on graphing and, as an exercise, the teacher took a poll of the kids career aspirations, then made a bar graph of the results. I'll attach it below for your consideration. That big bar on the left, that's "Athlete." Roughly 35 percent of the class picked that as their career of choice. Next is the grab-bag "Other" with around 25 percent of the class. Third? "Actor/Actress" with around 20 percent. Teacher/Doctor is next with around 10 percent. Fireman, Policeman and Veterinarian (my first choice at that age) didn't register. Something to think about as the debate over SKIL, H-1B and immigration heat up.
Posted by Paul Roberts on November 15, 2006 08:06 AM
November 14, 2006 | Comments: (0)
CNET News.com, Reuters and now Dell have jumped aboard the buzz machine into the virtual world of Second Life, with the news groups setting up virtual newsrooms. Reuters was so enamored it even assigned a reporter to cover the buzzy world full-time.
But the darling of late may already be losing its gloss with some journalists, who are tired of living a professional second life with companies holding press conferences and other events, such as IBM's Virtual Bloc Party, in it, TechDirt reports.
Is it really a surprise? And to think, I asked my boss if InfoWorld should set up something. So glad he told me we needed a First Life first.
Posted by Mike Barton on November 14, 2006 03:31 PM
November 14, 2006 | Comments: (0)
Vista, Office 2007 already cracked
Final versions of Microsoft's Windows Vista and Office 2007 have just left Redmond, but already pirate sites have cracked the software and are offering it to willing downloaders, SMH.com.au's Asher Moses reports.
The download, called "Vista BillGates", comes supplied with a product key. A separate download called an "activation crack", bypasses the activation process, the report says.
The sites also have Office 2007 Enterprise available for download. A supplied product key is all one needs to install it, because the new Office does not require product activation.
This time around, Microsoft is capable of deactivating pirated copies by sending a patch through Windows Update, and it can also invalidate certain product keys, the report says.
Full news report to come.
Posted by Mike Barton on November 14, 2006 03:08 PM
November 14, 2006 | Comments: (0)
Borland spins off tools as CodeGear
Rather than selling off its tools group as planned, Borland Software will separate out its Developer Tools Group into a wholly owned subsidiary, called CodeGear, the company said Tuesday.
CodeGear will be responsible for advancing the four product lines formerly associated with the company's IDE business: Developer Studio, including Delphi, C++ Builder and C#Builder; JBuilder, including the upcoming Eclipse-based "Peloton" offering; Turbo and Interbase.
"After much consideration, we made the decision to establish CodeGear as a separate subsidiary," said Tod Nielsen, Borland president and chief executive officer, in a statement released by the company. "We have always stated our intention to find the right buyer for this business - one who was committed to our developer community, who would continue innovation in our products and who would offer a sum that matched the value of the business. After a lengthy due diligence process with several serious bidders, we feel the CodeGear decision is in the best interests of our customers, shareholders and employees."
"We believe by creating two separate operations, Borland and CodeGear can both obtain the necessary focus and dedicated resources to serve two important, but distinct markets," Nielsen said. "We will continue to partner and share a mutual view of customer success. However, going forward Borland will be completely focused on leading the Application Lifecycle Management (ALM) market, while CodeGear will be focused on the software developer."
CodeGear will be led by Ben Smith, who was appointed today as its chief executive officer. Smith has been working with the tools group for the past 12 months.
Borland had announced plans to divest itself of the tools group in February.
Posted by Paul Krill on November 14, 2006 01:40 PM
November 14, 2006 | Comments: (0)
Firefox beats IE in 'phishfight'
Anti-phishing technology in the new generation of Mozilla Firefox and Microsof Internet Explorer browsers punched it out and Firefox was victorious, The Washington Post's Security Fix reports.
One third-party test that pitted the browsers against two week's worth of phishing sites concluded that Firefox's phish net may have fewer holes than IE's.
The evidence was released today (PDF file) by software testing firm SmartWare, the report said. The company is said to have tested each browser against the same phishing sites flagged by contributors to Phishtank, an anti-phishing network run by OpenDNS.
Firefox blocked 243 phishing sites that IE7 overlooked, while IE7 blocked 117 sites that Firefox did not.
The report notes the differences between the two anti-phishing technologies, but highlights that they are not good enough yet:
While I applaud Microsoft and Mozilla for their first efforts, the reality is that -- depending on which browser (and setting) you use -- anywhere from 20 to 40 percent of the phishing scams are going to sneak past undetected. I'm not saying this is an easy problem to solve: It certainly isn't. But I'm left wondering whether a stronger "whitelist" approach that involves identifying legitimate banking sites might prove to be a more effective strategy, or at least a highly complementary one.
OK security experts and those who just play them on TV, what is the best way to filter out or flag phishing sites? Talk back to us below.
Posted by Mike Barton on November 14, 2006 10:32 AM
November 13, 2006 | Comments: (0)
Cisco to hit high-tech home run
Cisco has been working out a deal to build a high-tech stadium for the A's in Fremont, California, in the SF Bay Area between San Jose and Oakland, reports say.
In an announcement Monday, Cisco said a press conference on Tuesday would provide information on "Cisco Field and ballpark village."
The region is rife with high-tech-branded sports parks: The A's currently play at McAfee Coliseum in Oakland. The San Jose Sharks' home is the HP Pavilion, and in baseball, the Giants are based at AT&T Park in San Francisco, IDG News Service reports.
But this one will likely go beyond mere title sponsorship. Last month, Cisco President and Chief Executive Officer John Chambers described a ballpark of the future at which fans could use their smart phones to buy electronic tickets and later to keep score and hit an instant-replay icon to re-watch a controversial play.
The company's new TelePresence high-definition videoconferencing system could be used to show the game in restaurants at the ballpark and let diners contact remote friends to watch along with them.
Cisco is looking to breakout of its stodgy enterprise LAN foundation with technology for home entertainment and for IP (Internet Protocol) TV, the IDG News Service report says.
Posted by Mike Barton on November 13, 2006 05:40 PM
November 13, 2006 | Comments: (0)
If Sun Microsystems wanted to contribute Java code to the open source Apache Software Foundation, Apache would be glad to have it, according to an Apache official on Monday.
"We've never asked for the code from Sun - our work in the Java ecosystem has been about ensuring that free and open source implementations of Java specifications are possible," said Geir Magnusson Jr., vice president of the Apache Harmony Java project and Apache's executive committee representative on the Java Community Process (JCP). The JCP is the formal upgrading process for Java.
"That said, clearly we'd welcome the contribution from Sun," Magnusson said in an email. The prospect of Apache taking jurisdiction over Java was raised by IBM on Monday, as Sun made Java available under the GNU General Public License 2.
"Going forward, we hope to find ways to build bridges between the two communities," Java and Apache, Magnusson said. "For example, I've already proposed to Sun that they re-license the javac java compiler under terms in which Apache could re-distribute the software as part of our JDK (Java Developer Kit). Sun's own CDDL (Common Development and Distribution License) would be perfectly acceptable, and wouldn't really change the control aspects that the GPL gives Sun with the JVM and class library."
It doesn't appear that Apache will get Java, though, with Sun President/CEO Jonathan Schwartz distancing himself from IBM's remarks on Monday.
"I find it a little curious that IBM would oppose the GPL," Schwartz said. "I sure wouldn't want to see them turning their back on the open source community."
Another Apache official said the organization has welcomed code from Sun, but the community would have to decide the issue at hand.
"The ASF has always welcomed code donations from Sun and other vendors. Many of our projects started off from such roots. But as the Harmony FAQ indicates, even though we welcome all contributions, it is up to the development community to see what makes sense," said Jim Jagielski, Apache spokesman and board member, also in an email.
Posted by Paul Krill on November 13, 2006 04:02 PM
November 13, 2006 | Comments: (0)
High-tech T-shirt does air guitar
Australia's nation science body, the CSIRO, has developed a high-tech textile-based T-shirt that gives real life to air guitar.
Check out the video: How the shirt works
Scientists at the CSIRO's Textile and Fibre Technology division in Geelong have woven electronic sensors into a T-shirt so that it can be played liked a real guitar.Movements by the wearer's arms are mapped and beamed by radio to a computer which interprets them and turns them into musical notes.
The wearer only has to act out playing the instrument to make sounds.
"The left arm chooses a note and the right arm plays it," said Richard Helmer, a CSIRO chemical engineer who led the project. The arrangement can be reversed for left-handed musicians.
"You can play with yours hands above your head," said Dr Helmer. "You can turn around and jump. Whatever you like."
The market for budding air guitarists is huge, no doubt, but Dr. helmer told the SMH it was more about letting the cat out of the bag on the CSIRO's work on high-tech textiles.
People wearing shirts with sensors could operate computers and play computer games without ever having to touck a mouse or a touch pad.Intelligent clothes could create 3D replicas of physiotherapy patients to help teach them to walk and bend again after injuries.
Patients could even be examined by specialists in another city or country. And electronic clothes could even be used to teach people to play golf or tennis.
Posted by Mike Barton on November 13, 2006 03:42 PM
November 13, 2006 | Comments: (0)
After a seemingly endless series of pre-announcements and forward-looking briefings, Sun Microsystems has finally begun the process of making Java open source. Better still, it's doing it for real: The code will be released under the GNU GPL (General Public License).
Sun has promised to eventually release the code to all its own software for some time, and it has already made available the code to a number of products. But these releases were generally made under Sun's own open source license, called CDDL (Common Development and Distribution License). The decision to release Java under the GPL is something of a departure, but it's sure to be a welcome one among the free software faithful. Although CDDL is recognized by the Free Software Foundation as a free software license, it is widely perceived as being more aligned with the interests of commercial software businesses than is the GPL, and less in tune with the spirit of free software.
The most obvious benefit of choosing the GPL is that this move, once and for all, aligns Java with the GNU/Linux community -- including distributions like Debian, which only include software based on very strict guidelines with regard to licensing and intellectual property.
Says Sun CEO Jonathan Schwartz in his blog, "The GPL is the same license used to manage the evolution of GNU/Linux -- in choosing the GPL, we've opened the door to comingling the communities, and the code itself."
Even more interesting, Schwartz made reference to another story that has been bouncing around the headlines of late: the recent partnership between Microsoft and Novell. That deal was "one of the strongest motivations to select the GPL," according to Schwartz -- which would make Sun execs very prescient, indeed, considering that the partnership was only announced a couple of weeks ago. Or perhaps waiting for the Microsoft/Novell deal to close explains Sun's delay in formally open sourcing Java?
At any rate, Schwartz adds, "Those that say open source software can't be safe for customers - or that commercially indemnified software can't foster community -- are merely advancing their own agenda. Without any basis in fact."
What do you think? Is the decision to release Java under the GPL a victory for the free software movement? And are we seeing the battle lines being drawn between those companies who believe open source can coexist with business models like Microsoft's, and those who choose cleave more closely to open source ideals? Talk back to us, below.
Posted by Neil McAllister on November 13, 2006 01:45 PM
November 12, 2006 | Comments: (0)
Eclipse moves on device software
The Eclipse Foundation on Monday is announcing three milestone releases as part of its Eclipse Device Software Development Platform (DSDP), which is intended to provide a standards-based development platform for building software for devices.
DSDP project milestones being revealed include:
* Embedded Rich Client Platform, release version 1.0, for extending the Eclipse Rich Client Platform to embedded devices. The release enables the same Eclipse development model used to create applications on desktop machines to be used on devices.
* Target Management release version 1.0, for building data models and frameworks to configure and manage embedded systems and their connections and services.
* Mobile Tools for the Java Platform release version 0.7, for extending the Eclipse platform to support mobile device applications based on Java.
DSDP releases are available for download here.
Posted by Paul Krill on November 12, 2006 10:08 PM
November 10, 2006 | Comments: (0)
Programmers Guild fears lame duck Congress will pass the Skil Bill
Programmers Guild president Kim Berry sent out an alert to his minions today asking them to contact their elected representatives not to vote for the Skil [Securing Knowledge, Innovation and Leadership], Senate Bill 2691 and its counterpart in the House H.R. 5744, sponsored by Republican John Cornyn in the Senate and Rep. John Shadegg [R-AZ] in the House.
"The Cornyn-Shadegg SKIL Bill is a Trojan horse with a risk of being attached to an unopposable omnibus appropriations bill in the
lame duck session" of Congress, Berry said in his alert.
The bill would raise the cap on H-1B visas from 65,000 to 115,000 annually and would create a more flexible system that adjusts to so-called market demand. It also exempts foreign nationals who have earned a Master's or higher degree in an accredited U.S. university from the H-1B visa cap.
Opponents of the bill say that both Democrats and Republicans will more than likely pass the bill as they seek the support of companies who seek to increase the overall labor pool of skilled workers.
While both the House and Senate bills are sponsored by Republicans, Berry said that most Democrats have supported H-1B in the past, and one can only assume they will again.
"I'm not aware of any Democrat who ran for the House that opposes Bill 5744," said Berry.
Norman Matloff, a professor of computer science at the University of California at Davis called the bill an "unwarranted expansion of both the H-1B and employment-based green card programs."
Matloff refutes the claims of a high tech labor shortage.
"The impact of this bill on U.S. citizens and permanent residents in the tech field will be quite harmful," Matloff said, claiming salaries adjusted for inflation have been flat in high tech since 1999.
Berry proposes increasing the H-1B visa fee to $5,000 per year to subsidize the education of U.S. engineering students.
Posted by Ephraim Schwartz on November 10, 2006 10:03 AM
November 09, 2006 | Comments: (0)
Microsoft/Novell deal violates GPL?
Microsoft and Novell have described their recent partnership as a historic effort to "bridge the divide" between open source and proprietary software. But is it legal?
According to Eben Moglen of the Software Freedom Law Center, the deal between the two companies would not be compatible with the terms of the forthcoming GPL (GNU General Pubic License) version 3, and it might not be compatible with the current version.
All versions of the GPL require that anyone who distributes GPL-licensed software must grant the recipient all the rights offered under the GPL. Included in those rights is the right to redistribute the software. But if the patent license Microsoft has granted to Novell customers only extends to Novell customers, then Novell customers cannot redistribute the software freely. According to Moglen, this may violate the terms of the license.
As it turns out, this possibility was not lost on Novell, either. In a press release issued Tuesday, Novell made its case for compatibility with the open source license.
"Many people want to know whether this agreement is compatible with Novell's obligations under the GPL, especially section 7," Novell's general counsel is quoted as saying. "This was an important consideration for us as well. Under the patent cooperation agreement, Novell's customers receive directly from Microsoft a covenant not to sue. Novell does not receive a patent license or covenant not to sue from Microsoft, and we have not agreed with Microsoft to any condition that would contradict the conditions of the GPL. Our agreement does not affect the freedom that Novell or anyone else in the open source community, including developers, has under the GPL and does not impose any condition that would contradict the conditions of the GPL. Therefore, the agreement is fully compliant with the GPL."
Got that? Well, if it's not all that clear to you, you're not alone. Moglen isn't convinced either.
Thankfully, however, he'll get his chance to study the matter. Vnunet.com reports that Moglen has been granted permission to conduct a confidential audit to determine whether the Novell/Microsoft partnership is compatible with the GPL, version 2. He says he's open to the possibility that Novell has pulled it off, but adds, "They will not clear GPL3 by a millimeter."
Linus Torvalds has said in the past that the Linux kernel itself will not be moving to GPL3 when it is finalized, but a Linux distribution includes lots of other software besides the kernel. If GPL3 licensed code is inherently incompatible with an arrangement like Novell's, the Suse Linux distribution could be on shaky legal ground as open source projects begin to take up the new license.
Do you think Novell's partnership with Microsoft is in keeping with the spirit of open source? Are you more likely to choose Suse Linux now that it has the nod of support from Microsoft, or less? Talk back to us, below.
Posted by Neil McAllister on November 9, 2006 06:17 PM
November 09, 2006 | Comments: (0)
Greenspan calls SarBox a nightmare
As reported in InfoWorld today by China Martens, Alan Greenspan, former chairman of the U.S. Federal Reserve, had some unkind words for portions of the Sarbanes-Oxley requirements.
In particular "he described SOX Section 404 as a "nightmare" and extremely costly. That section requires a company's auditor to attest to the effectiveness of internal controls implemented to protect financial reporting systems and processes," wrote Martens.
Unfortunately, Greenspan is articulating an all too prevalent attitude that believes computer systems, hardware, and software, should somehow be treated differently than any other tool used by accountants or other financial officers in a company.
What else is the recent furor over electronic voting all about but that intelligent critics are saying how can you have a system that does not allow for a recount. It is illogical not to make the same demands on an electronic system that you expect from your paper system. Aren't they supposed to be better, not worse?
Does Greenspan want to exempt electronic accounting systems from thorough audits, which in this case requires auditors to understand the systems that created the numbers?
Certainly when there were actual books used in bookkeeping, outside auditors needed to see the books in order to validate the numbers and check for discrepancies.
It is and should be no different when the books are digital. Testing for the effectiveness of internal controls is no different than looking at the receipts and invoices and any other relevant paperwork to prove that the numbers are correct.
Unless we maintain this mindset, instead of computers being a tool which we rule, it will rule us.
Posted by Ephraim Schwartz on November 9, 2006 04:39 PM
November 09, 2006 | Comments: (0)
"[T]he GPL and open-source have nothing to fear from the antitrust laws," writes The U.S. Court of Appeals for the Seventh Circuit's Judge Easterbrook, reports InternetCases.com.
Plaintiff Wallace filed an antitrust suit against IBM, Red Hat and Novell, arguing that those companies had conspired to eliminate competition in the operating system market by making Linux available at an "unbeatable" price (free) under the General Public License ("GPL"). The U.S. District Court for the Southern District of Indiana dismissed the case, finding the plaintiff had suffered no antitrust injury. The Seventh Circuit affirmed."Although antitrust law serves the interests of consumers rather than producers, the Supreme Court has permitted producers to initiate predatory-pricing litigation," Judge Easterbrook wrote in the November 9 decision. "This does not assist Wallace, however, because his legal theory is faulty substantively."
Attorney Evan Brown, writing for InternetCases.com, notes, "Perhaps most significantly, Wallace had not contended that software available under the GPL would lead to mononpoly prices in the future. The court observed the anomalous thinking behind any conclusion that it would, 'when the GPL keeps price low forever and precludes the reduction of output that is essential to monopoly.'"
InfoWorld's Matt Asay writes in the Open Sources blog:
Besides a weak understanding of the law, Wallace is unfortunately mired in the proprietary past. His economic reasoning actually resembles that of the proprietary software vendors today. They may actually be dumbfounded by Easterbrook's reasoning. :-)But let me state it clearly for the record: open source does not mean you have a divine right to profit margins or revenues. It's about freedom. The ability to make money from it is something you have to earn.
Download a copy of the opinion of Wallace v. IBM., No. 06-2454, here (PDF).
For more info on the case, see Internet Cases' previous coverage.
Posted by Mike Barton on November 9, 2006 03:58 PM
November 09, 2006 | Comments: (0)
Online shoppers crave speed, value
Online retailers, take note: If your e-commerce site doesn't load within four seconds, you risk losing one-third of your would-be customers.
That nugget of information comes just in time for the busy holiday shopping season from a study titled "Retail Web Site Performance," conducted by JupiterResearch and sponsored by Akamai. The research company assessed the online-shopping habits of 1,058 shoppers.
Akamai, by the way, provides solutions for accelerating content and business processes online. Since it sponsored the research, it's not surprising that the report conclusions fixate on Web site performance. Still, the numbers cover various aspects of retail Web site performance and customer retention, so the report is well worth studying if you're an online merchant gearing up for holiday sales.
While site response time is clearly important to Web shoppers, the study also reiterates the import of easy navigation, usability, and security. When asked what influenced their decision to return to a retail Web site, the No. 1 response, listed by 65% of participants, was "Site is easy to navigate." The No. 2 response, for 62% of all respondents, was "Assurances of information security" (no surprise, given the rise in data leaks we've seen of late).
Easy registration, check-in, and check-out (with arguably tie into overall transaction time) were highly important to 54% of the respondents; pictures and videos of product details proved necessary for 53%.
Moreover, 46% of online shoppers said they want a rapid checkout process, and 40% seek quick page loading.
The survey also asked users what factors made them feel dissatisfied with an online shopping experience -- or worse yet, abandon a transaction altogether.
Unappealing shipping and pricing issues were the No. 1 culprit for both groups. A full 36% of respondents said they backed out of buying something midway due to high product or shipping costs. Another 44% were dissatisfied by those factors, even though they made the purchase. (I envision a user looking at the final purchase screen, seeing the total price with shipping and tax thrown in, and either grudgingly clicking to complete the purchase -- or closing the browser window in disgust. I've done both.)
A significant percentage of users, 24%, canceled transactions because they didn't want to register with a site; another 20% of them said the site was asking for too much information.
Slow site performance wasn't as big a cause for users aborting purchases (18%) as it was for leaving them with a bad taste in their mouths afterward (33%).
So what happens if an online shopper has an unpleasant online shopping experience? According to the study, "64% percent of dissatisfied online shoppers indicated they were less likely to visit the online retailer in the future, while 62% would be less likely to buy from the site again. Forty-eight percent went so far as to say they would simply make their intended purchases from an online competitor," the report says.
The report is available for free download at akamai.com/4seconds.
My take-away from the report is pretty clear: Retail Web sites don't need superfluous bells and whistles that just make them perform slowly or that impede navigation. Users want to log in, find what they need via a decent search tool and reasonable product images, toss that stuff in the cart, see what the total price will be -- with taxes and shipping -- before entering their credit card and shipping information, then quickly and securely pay and go.
If you want me to spend extra time registering and logging in before you let me make a purchase, you'd best give me some incentive; I have enough login names and passwords as it is. How about you prove to me that your site truly is worth using and that you'll complete my order to my satisfaction before making me decide that I want to be a repeat customer and set up an account?
We've looked at this question before, but what has frustrated you most when shopping online? Or, what do you like best about your online-shopping destinations of choice?
Posted by Ted Samson on November 9, 2006 02:51 PM
November 08, 2006 | Comments: (0)
Google Checkout free for the holidays
In a move that could be viewed as an early holiday gift for online merchants and a heaping lump of coal for eBay, Google Wednesday announced that it will process payments for free through Google Checkout, its rival service to PayPal, until the end of the year.
Google announced the news in its