01 Nov 08 Android phone users get update for flaw
Users of the G1 Android phone on Friday have begun receiving a software update that fixes a flaw that security researchers found earlier in the week.
The update included the fix to the browser vulnerability and a couple of other minor changes as well, said Michael Kirkland, a Google spokesman. Every user of the G1 may not have gotten the update yet but should within a short time frame, he said.
[ Special report: All about Google Android | Take a tour of the T-Mobile G1 via InfoWorld's slideshow ]
Google worked with T-Mobile USA, the only operator selling the device, to push the update out to users. The G1 went on sale last week, and T-Mobile has not disclosed how many have sold so far.
Researchers at Independent Security Evaluators revealed earlier this week that they discovered that Android, Google's open-source software that is currently only running on HTC's G1 handset, is based on outdated open-source components that do not include a fix to a previously known vulnerability.
On a Web page for ISE, Charlie Miller, Mark Daniel and Jake Honoroff wrote that they wouldn't say much about the vulnerability until Google fixes it. However, they said that Android users who visit malicious Web sites may find their sensitive information stolen. That's because an attacker could access any information the site uses, including saved passwords, information entered into a Web application form, and cookies.
The researchers also said, however, that the impact of the attack is limited because of Android's security architecture. An attacker can't, for example, control functions of the phone like the dialer.
On Friday, Miller was not available to talk about whether he had received and tested the update.
Tagi: independent security evaluators, open source software, security architecture, charlie miller, coue, security researchers, google, phe, mobile usa, g1, malicious web, phone users, minor changes, software update, t mobile, attacker, kirkland, vulnerability,
19 Dec 09 Mozilla Firefox Not In Violation of US Export Rules
darthcamaro writes "While the internet may know no borders, the US government does. There are a number of rules that affect software vendors, including encryption export regulations from the US Department of Commerce and export sanctions by the Department of Treasury. But what do you do when your application is open source and freely available to anyone in the world? Do the same the rules apply? It's a question that Mozilla asked the US government about. The answer they received could have profound implications not just for Firefox but for all open source software vendors. 'We really couldn't accept the notion that these government rules could jeopardize the participatory nature of an open source project, so we sought to challenge it,' Harvey Anderson, VP and General Counsel of Mozilla, told InternetNews.com. 'We argued that First Amendment free speech rights would prevail in this scenario. The government took our filing and then we got back a no-violation letter, which is fantastic.'"Read more of this story at Slashdot.
Tagi: free speech rights, open source project, open source software, department of treasury, participatory nature, mozilla firefox, government rules, us department of commerce, software vendors, general counsel, department of commerce, first amendment, us gover
22 Jun 10 Saving a Fortune in Data Warehousing
UPDATE at bottom.
I just wanted to extend my congratulations to the team at Greenplum, and our joint customers at Fox Interactive Media - the folks behind MySpace, Photobucket, IGN, FOXSports.com, and a whole series of web properties that together represent one of the single largest audiences on the web. All three of us announced today that Fox is running a massive production data warehouse built atop Greenplum's data warehousing software on Sun's Solaris/ZFS based OpenStorage platforms (a sea of Thumpers, to be specific). That is to say, open source software is at the core of one of the world's largest - and most affordable - data warehouses.
Fox joins a series of joint Sun/Greenplum customers, from LinkedIn to the New York Stock Exchange, in looking to open source databases and innovation as a vehicle to drive better insight, faster decisions and more efficiency.
Congratulations to all involved!
______________________________
UPDATE: I've gotten a fair number of inquiries from folks wanting to know how the Greenplum/Thumper data warehouse discussed above prices out against its competitors - given that one recently announced proprietary entrant has suggested $15,000 per terabyte is acceptable to customers. My view is that's a pre-bubble price, and roughly an order of magnitude too expensive in today's market - and unlikely to garner more than headlines. But that's obviously a biased view, I'd check with a few customers to find out what they want to pay.
Tagi: data warehousing software, york stock exchange, new york stock exchange, greenum, photobucket, new york stock, open source software, data warehouses, linkedin, source databases, order of magnitude, proprietary vendors, fox interactive, biased view, afford
05 Jul 10 Appeal lodged against EU approval of Oracle-Sun merger
Monty Widenius, a leading open-source software proponent, lodged an appeal on Friday against the European Union's antitrust authorities over their decision to green-light Oracle's acquisition of Sun Microsystems at the beginning of this year.
The appeal was filed to the European Court of Justice in Luxembourg. Widenius was one of the co-developers of MySQL, the open source database software owned by Sun, and now by Oracle.
Tagi: open source database, open source software, antitrust authorities, sun microsystems, deci, database software, court of justice, merger, oracle, developers, luxembourg
10 Aug 10 Give it Back.
As you know, Sun's open source software and microprocessor strategy has been, at times controversial. We've filled trade journals and chat rooms with all kinds of dialog and the occasional crackpot conspiracy theory.
As many have rightly assumed from the outset, that controversy was, in fact, not a byproduct of the strategy - it was the strategy: if you're talking about Sun, you're not talking about the other guy. And then you'll buy a datacenter.
But now that we've firmly established our reputation for open source leadership, I'm very worried there's no more controversy to be had. There's too much trust in the system, and too much clarity around our strategic intent. So it's getting tougher and tougher to kick up a storm - and we can't very well spend a billion dollars or change our ticker symbol every time we want to generate a headline. Now can we?
So today I'd like to unfurl the second chapter of our strategy.
We want you to give it all back. You couldn't possibly believe we'd let you keep it, did you?
We specifically request that all free software originally distributed by Sun Microsystems, related to software or microprocessors, including but not limited to source files, binaries, derivatives, extensions, applications, patents, patent applications, copyrights, ideas, thoughts, and derivative thoughts, along with any and all mirrors thereof, be returned immediately.
In addition, (we know this is the risky part, but we need to get the privacy advocates twittering, too), we demand all data processed, stored or created by such intellectual property, up to and including all data held within file systems, databases or open source productivity applications be returned, as well. Up to and including the book report your kid just typed on OpenOffice.
We'd like to request this all be returned within thirty days.
Thank you for your understanding.
______________________________
And although it pains me to say this, we do live in a litigious society, so: YES, this is an April Fool's joke, as defined by relevant sections of the United States Securities Act of 1933.
Tagi: microprocessor strategy, open source software, sun microsystems, trade journals, april fool, strategic intent, litigious society, byproduct, crackpot, source files, thirty days, microprocessors, ticker symbol, datacenter, outset, chat rooms, derivatives,
