×
Java

Why You Can't Dump Java (Even Though You Want To) 402

Posted by Soulskill from the i-think-the-EPA-frowns-on-that dept.
snydeq writes "Since so many recent exploits have used Java as their attack vector, you might conclude Java should be shown the exit, but the reality is that Java is not the problem, writes Security Advisor's Roger Grimes. 'Sure, I could opt not to use those Java-enabled services or install Java and uninstall when I'm finished. But the core problem isn't necessarily Java's exploitability; nearly all software is exploitable. It's unpatched Java. Few successful Java-related attacks are related to zero-day exploits. Almost all are related to Java security bugs that have been patched for months (or longer),' Grimes writes. 'The bottom line is that we aren't addressing the real problems. It isn't a security bug here and there in a particular piece of software; that's a problem we'll never get rid of. Instead, we allow almost all cyber criminals to get away with their Internet crime without any penalty. They almost never get caught and punished. Until we solve the problem of accountability, we will never get rid of the underlying problem.'"
Google

Jury Rules Google Violated Java Copyright, Google Moves For Mistrial 475

Posted by Soulskill from the opening-a-big-can-of-worms dept.
eldavojohn writes "Details are thin, but the long-covered Oracle v. Google trial has at least partially been decided in favor of Oracle. The jury says Google violated copyrights with Android when it used Java APIs to design the system. Google moved for a mistrial after hearing the incomplete decision. The patent infringement accusations have yet to be ruled upon."
Android

Oracle Vs. Google and the Right To Use APIs 155

Posted by samzenpus from the my-precious-code dept.
jfruh writes "Even as an EU court rules that APIs can't be copyrighted, tech observers are waiting for the Oracle v. Google trial jury to rule on the same question under U.S. law. Blogger Brian Proffitt spoke with Groklaw's Pamela Jones on the issue, and her take is that a victory for Oracle would be bad news for developers. Essentially, Oracle is claiming that, while an individual API might not be copyrightable, the collection of APIs needed to use a language is. Such a decision would, among other things, make Java's open source nature essentially meaningless, and would have lots of implications for any programming language you can name."
Java

JavaFX Runs On Raspberry Pi 147

Posted by timothy from the crushing-fruit dept.
mikejuk writes "Oracle seem to be concerned that the Raspberry Pi manages to run Java properly and they are actively working on the problem. To prove that it more than just works, what better than to get a JavaFX app up and running — what could be more cutting edge? Unfortunately the trick was performed using a commercial version of the JDK with JIT support and some private code, but it is still early days yet. Java and JavaFX on Raspberry Pi takes us into a whole new ball game." Watch the video at the linked report to see it in action.
Android

Android Ported To C# 351

Posted by Soulskill from the did-not-see-that-one-coming dept.
New submitter Eirenarch writes "Xamarin has just announced that they got the Java part of Android ported to C# via machine translation. The resulting OS, called XobotOS, is available on Github. They claim some serious performance gains over Dalvik. For them, this is an experiment that they are not planning to focus on, but they will be using some of the technologies in Mono for Android."
Oracle

Oracle and the End of Programming As We Know It 577

Posted by Soulskill from the unbounded-can-of-worms dept.
An anonymous reader writes "An article at Dr. Dobb's looks into the consequences of a dangerous idea from Oracle during their legal battle with Google: 'that Google had violated Oracle's Java copyrights by reimplementing Java APIs in Android.' The issue is very much unsettled in the courts, but the judge in this case instructed the jury to assume the APIs were copyrightable. 'In a nutshell, if the jury sides with Oracle that the copyrights in the headers of every file of the Java source base apply specifically to the syntax of the APIs, then Oracle can extract payment and penalties from Google for having implemented those APIs without Oracle's blessing (or, in more specific terms, without a license). Should this come to pass, numerous products will suddenly find themselves on an uncertain legal standing in which the previously benign but now newly empowered copyright holders might assert punitive copyright claims. Chief among these would be any re-implementation of an existing language. So, Jython, IronPython, and PyPy for Python; JRuby, IronRuby, and Rubinius for Ruby; Mono for C# and VB; possibly C++ for C, GCC for C and C++ and Objective-C; and so forth. And of course, all the various browsers that use JavaScript might owe royalties to the acquirers of Netscape's intellectual property.'"
Android

Schmidt Testifies Android Did Not Use Sun's IP 239

Posted by Soulskill from the everything's-ship-shape-your-honor dept.
CWmike writes "Google built a 'clean room' version of Java and did not use Sun's intellectual property, Google's executive chairman, Eric Schmidt, testified in court Tuesday. Schmidt said its use of Java in Android was 'legally correct.' On this day seven of the trial, Schmidt gave the jury a brief history of Java, describing its release as 'an almost religious moment.' He told the jury that Google had once hoped to partner with Sun to develop Android using Java, but that negotiations broke off because Google wanted Android to be open source, and Sun was unwilling to give up that much control over Java. Instead, Schmidt said, Google created the 'clean room' version of Java that didn't use Sun's protected code. Its engineers invented 'a completely different approach' to the way Java worked internally, Schmidt testified."
Programming

C/C++ Back On Top of the Programming Heap? 611

Posted by timothy from the where's-the-future's-market? dept.
Drethon writes "On this day in 2008, a submission was posted that C/C++ was losing ground so I decided to check out its current state. It seems that C has returned to the top while Java has dropped by the same amount, VB and PHP have dropped drastically, C++ is holding fast but now in third place and Objective-C and C# have climbed quite a bit. 2008 data thanks to SatanicPuppy: 1. Java (20.5%); 2. C (.14.7%); 3. VB (11.6%); 4. PHP (10.3%); 5. C++ (9.9%); 6. Perl (5.9%); 7. Python (4.5%); 8. C# (.3.8%); 9. Ruby(2.9%); 10. Delphi (2.7%). The other 10 in the top 20 are: JavaScript, D, PL/SQL, SAS, Pascal, Lisp/Scheme, FoxPro/xBase, COBOL, Ada, and ColdFusion."
Android

Google Developer Testifies That Java Memo Was Misinterpreted 201

Posted by timothy from the not-what-I-meant dept.
benfrog writes with a piece that appeared in yesterday's Wall Street Journal about the in-progress legal battle between Oracle and Google over Java: "Ex-Sun and current Google employee Tim Lindholm testified that it was "not what he meant" when asked about the smoking gun email (included here (PDF)) that essentially said that Google needed to get a license for Java because all the alternatives 'suck[ed].' He went on in 'brief but tense testimony' to claim that his day-to-day involvement with Android was limited."
Businesses

Florian Mueller Outs Himself As Oracle Employee 285

Posted by timothy from the hey-it-beats-not-saying-it dept.
eldavojohn writes "So you're commenting on your highly visible blog about patent case after patent case that deal with corporations battling over open source stuff, what does it matter if you're taking money from one and not the other? If you don't see any ethical problems with that, you might be Florian Mueller. Groklaw's PJ (who has been suspicious of Florian's ties to other giants like Microsoft for quite sometime) has noticed that Florian Mueller has decided to go full disclosure and admit that all his commentary on the Oracle v Google case might be tainted by his employment by Oracle. It seems he's got a bunch of consulting money coming his way from Oracle but I'm sure that won't undermine any of his assessments like Android licenses violate the GPL or that Oracle will win $6 billion from Google and Google was "at risk" of not settling despite the outcome that the charges later dropped to a small fraction of the $6 billion. Like so many other times, PJ's hunch was right."
Java

Ellison Doesn't Know If Java Is Free 393

Posted by Soulskill from the it-is-except-where-it-isn't dept.
New submitter Emacs.Cmode sends this excerpt from CNet: "Among the highlights emanating from U.S. District Court in San Francisco courtroom 8 today was Oracle CEO Larry Ellison's response to a question regarding the status of the Java programming language, which his company acquired when it bought Sun Microsystems in 2010. Asked by Google's lead attorney, Robert Van Nest, if the Java language is free, Ellison was slow to respond. Judge William Alsup pushed Ellison to answer with a yes or no. As ZDNet reporter Rachel King observed in the courtroom, Ellison resisted and huffed, 'I don't know.'" Groklaw has a good write-up about what happened during day one of the trial and a briefer summary of what happened on day two.
Google

Oracle and Google To Finally Enter Courtroom 175

Posted by samzenpus from the high-noon dept.
Fluffeh writes "After around 900 motions and filings, not to mention a timeline of two years, Google and Oracle are finally putting their case before a jury which will be selected on Monday. While Oracle originally sued for billions, the possible damages have come down to a more reasonable $30-something million (the details vary depending on if you ask Google or Oracle). However, the sides are still far apart. Oracle's proposal was a minimum, not a maximum, and Oracle has asked for a tripling of damages because of the 'willful and deliberate nature of Google's infringement.' For ongoing royalties from future sales, Google has proposed payment of just over one-half of one percent of revenue if patent infringement is proven, but Oracle wants more. Beyond financial damages, Oracle has asked for a permanent order preventing Google from continuing to infringe the patents and copyrights. The case is planned to start on Monday afternoon, after jury selection or Tuesday at the latest."
Desktops (Apple)

New Targeted Mac OS X Trojan Requires No User Interaction 322

Posted by Soulskill from the cursed-by-popularity dept.
An anonymous reader writes "Another Mac OS X Trojan has been spotted in the wild; this one exploits Java vulnerabilities just like the Flashback Trojan. Also just like Flashback, this new Trojan requires no user interaction to infect your Apple Mac. Kaspersky refers to it as 'Backdoor.OSX.SabPub.a' while Sophos calls it at 'SX/Sabpab-A.'"
Google

Oracle and Google Spar Over Whether Programming Languages Can Be Copyrighted 316

Posted by Soulskill from the makes-perfect-sense-minus-the-sense dept.
pcritter writes "With the Oracle v. Google trial date set for next Monday, the Judge has asked Google and Oracle to take a position on whether a programming language is copyrightable. This presumably relates to whether Google violated copyright by using a variant of the Java language and its APIs in the Android framework. Oracle, who thinks it can be, has used J.R.R. Tolkein's Elvish language as an examples (PDF) of a language that can be copyrighted. Google disagrees (PDF)."
Firefox

Mozilla Testing Click-to-Play Option For Plugin Content 124

Posted by Soulskill from the but-who-doesn't-like-autoplaying-videos dept.
Trailrunner7 writes "Mozilla is developing a feature in Firefox that would require some user interaction in order for Flash ads, Java scripts and other content that uses plugins to play. In addition to easing system slowdowns, the opt-in for Web plugins is expected to reduce threats posed by exploiting security vulnerabilities in plugins, including zero-day attacks. 'Whether you hate them or love them, content accessed through plugins is still a sizable chunk of the web. So much so, that over 99% of internet users have Flash installed on their browser,' writes Mozilla's Jared Wein, the lead software engineer on the project, in a blog post."
Botnet

Apple Updates Java To Include Flashback Removal 121

Posted by samzenpus from the protect-ya-neck dept.
Fluffeh writes "In the third update to Java that Apple has released this week, the update now identifies and removes the most common variants of the Flashback malware that has infected over half a million Apple machines. 'This Java security update removes the most common variants of the Flashback malware,' Apple wrote in the support document for the update. 'This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.'"
Encryption

Scientists Release Working Prototype Of CAPTCHA-Based Password Assistant 86

Posted by timothy from the holding-out-for-retinal-scans dept.
An anonymous reader writes "Last year Slashdot ran a story on scientists from the Max-Planck-Institute for Physics of Complex Systems in Dresden, Germany developing a novel method to improve password security. A strong long password is split in two parts; the first part is memorized by a human, and the second part is stored as a CAPTCHA-like image of a chaotic lattice system. Today, after a year of work, the same group at Max Planck Institute released a working prototype online, where everybody can try this technology to encrypt files (Java plugin required)."
Desktops (Apple)

Flashback Trojan Hits 600,000 Macs and Counting 429

Posted by timothy from the first-they-came-for-the-windows-machines dept.
twoheadedboy writes "A Flashback variant dubbed Backdoor.Flashback.39 has infected over 600,000 Macs, according to Russian security firm Dr Web. The virulent Flashback trojan infecting Apple machines sparked interest earlier this week after it was seen exploiting a Java vulnerability, although it was actually first discovered back in September last year. The Trojan has a global reach after Dr Web found infected Macs in most countries. More than half of the Macs infected are in the US (56.6 percent), while another 19.8 percent are in Canada. The UK has 12.8 percent of infected Macs."
Firefox

Mozilla Blocks Vulnerable Java Versions In Firefox 205

Posted by timothy from the some-people-like-their-coffee-filtered dept.
Trailrunner7 writes with this excerpt from Threatpost: "Mozilla has made a change in Firefox that will block all of the older versions of Java that contain a critical vulnerability that's being actively exploited. The decision to add these vulnerable versions of Java to the browser's blocklist is designed to protect users who may not be aware of the flaw and attacks. 'This vulnerability — present in the older versions of the JDK and JRE — is actively being exploited, and is a potential risk to users. To mitigate this risk, we have added affected versions of the Java plugin for Windows (Version 6 Update 30 and below as well as Version 7 Update 2 and below) to Firefox's blocklist. A blocklist entry for the Java plugin on OS X may be added at a future date. Mozilla strongly encourages anyone who requires the JDK and JRE to update to the current version as soon as possible on all platforms,' Mozilla's Kev Needham said."
Google

Oracle and Google Settlement Talks Falter; Trial Set for April 16 118

Posted by Unknown Lamer from the let-the-games-begin dept.
Fluffeh writes "Recently, a Judge ordered Oracle and Google to have yet another sit down and chat, but these talks have come to an impasse: 'Despite their diligent efforts and those of their able counsel, the parties have reached an irreconcilable impasse in their settlement discussions,' Judge Paul Grewal of US District Court for the Northern California wrote Monday. 'No further conferences shall be convened. The parties should instead direct their entire attention to the preparation of their trial presentations. Good luck.'"

Slashdot Top Deals