The seventh-wealthiest man in the world, Warren Buffett, turns 90 today. Famously the tycoon/philanthropist pledged to give away 90% of his wealth, founding with Bill and Melinda Gates "The Giving Pledge," a campaign urging the world's wealthiest individuals to dedicate the majority of their wealth to giving back. Over $1.2 trillion has now been pledged, with participants including Elon Musk, Ted Turner, Mark Zuckerberg and his wife Priscilla Chan, Oracle co-founder Larry Ellison, and Microsoft's other co-founder, Paul Allen.

CNN reports that Gates "offered a sweet and funny video tribute to his billionaire pal," who besides drinking six cans of Coke each day is also "a notorious dessert-a-holic." Doing his best Martha Stewart impression, and with Randy Newman's "You Got a Friend" playing in the background, Gates made a delicious-looking Oreo cake, complete with Buffett's face on the top, drawn in chocolate icing. In the end of the 60-second video, Gates cuts a slice, puts it on a plate with a fork, and leaves the message "Happy 90th birthday Warren" in Oreo dust...

The cake was a special tribute to Gates' friendship with Buffett. In 2016, Gates recounted a story on his blog about how he caught Buffett eating his favorite dessert for breakfast: Oreos. "One thing that was surprising to learn about Warren is that he has basically stuck to eating what he liked when he was six years old," Gates wrote. "I remember one of the first times he stayed at our house and he opened up a package of Oreos to eat for breakfast. Our kids immediately demanded they have some too. He may set a poor example for young people, but it's a diet that somehow works for him."
The editor of Forbes also joined the celebration: Next year will mark a decade for the Forbes 400 Summit on Philanthropy, our annual meeting of 150 or so of the world's biggest givers and greatest problem-solvers. The impact is enormous, and it wouldn't happen without today's birthday boy, 90-year-old Warren Buffett. In 2011, I pitched the most generous philanthropist ever the idea of turning our definitive wealth ranking from a static list into a club for good. Warren being Warren, he embraced it immediately, strategically and wholeheartedly, and the Summit was born...

The highlight each year is a talk that Warren and I have, usually during lunch... For Warren's big birthday, we dug through nine years of Forbes 400 Summit on Philanthropy video archives to find some of his most inspiring and obscure gems, [each] edited down to 90 seconds or so. Happy Birthday, Warren!

Walmart said it's teaming up with Microsoft in a bid for TikTok. From a report: The retail giant confirmed to CNBC that it's interested in buying the tech company. TikTok is nearing an agreement to sell its U.S., Canadian, Australian and New Zealand operations in a deal that's likely to be in the $20 billion to $30 billion range, sources say. It has not yet chosen a buyer, but could announce the deal in coming days, sources say. With Walmart's confirmation, it joins several others bidding on the tech company, including Oracle. Walmart is pursuing the acquisition at a time when it's trying to better compete with Amazon. It plans to launch a membership program, called Walmart+, soon. The subscription-based service is the retailer's answer to Amazon Prime, which includes original TV shows and movies. In a statement, the big-box retailer said TikTok's integration of e-commerce and advertising "is a clear benefit to creators and users in those markets." It did not say how it would use TikTok or whether it would be part of Walmart+.

An anonymous reader quotes a report from CNBC: Microsoft's acquisition talks with TikTok and its Chinese parent company ByteDance "ballooned" this summer after President Donald Trump intervened, according to a report from The New York Times, citing people familiar with the situation. ByteDance is being forced to sell TikTok's U.S. business by the Trump administration, which says the app's current ties to China make it a national security threat. An executive order signed by Trump on Aug. 6 means a sale must go through before Sept. 15. However, TikTok sued the U.S. government on Monday, alleging it was deprived of due process. The lawsuit could delay the ban, giving TikTok more time to get a better deal for the sale.

When the deal talks began, Microsoft is said to have been reluctant to do any kind of large TikTok acquisition, due in part to the rising tensions between the U.S. and China, according to the Times report. However, a minority stake in the wildly popular video sharing app was viewed positively as it may lead to TikTok ditching Google Cloud, which it currently uses, and signing up to Microsoft Azure, instantly making it one of Microsoft's largest cloud customers. TikTok could also be integrated with Microsoft's $7 billion advertising business. Microsoft issued a statement on Aug. 2 about its pursuit to buy TikTok's U.S. business. However, on Aug, 3, Trump said he'd rather Microsoft, valued at $1.6 trillion, purchase the app that is used by 100 million Americans in its entirety. "I think buying 30% is complicated," Trump told reporters in the Cabinet Room at the White House. There are now several other bidders competing with Microsoft, with the main one being enterprise software firm Oracle. Netflix and Twitter have also been contacted by bankers and investors, but it's not clear if they're interested, according to the Times. In any case, deal talks between the parties have "morphed into a big, messy, political soap opera," according to the report.

Bridgefy, a popular messaging app for conversing with one another when internet connections are heavily congested or completely shut down, is a privacy disaster that can allow moderately-skilled hackers to take a host of nefarious actions against users, according to a paper published on Monday. The findings come after the company has for months touted the app as a safe and reliable way for activists to communicate in large gatherings. Ars Technica reports: By using Bluetooth and mesh network routing, Bridgefy lets users within a few hundred meters -- and much further as long as there are intermediary nodes -- to send and receive both direct and group texts with no reliance on the Internet at all. Bridgefy cofounder and CEO Jorge Rios has said he originally envisioned the app as a way for people to communicate in rural areas or other places where Internet connections were scarce. And with the past year's upswell of large protests around the world -- often in places with hostile or authoritarian governments -- company representatives began telling journalists that the app's use of end-to-end encryption (reiterated here, here, and here) protected activists against governments and counter protesters trying to intercept texts or shut down communications.

[R]esearchers said that the app's design for use at concerts, sports events, or during natural disasters makes it woefully unsuitable for more threatening settings such as mass protests. They wrote: "Though it is advertised as 'safe' and 'private' and its creators claimed it was secured by end-to-end encryption, none of aforementioned use cases can be considered as taking place in adversarial environments such as situations of civil unrest where attempts to subvert the application's security are not merely possible, but to be expected, and where such attacks can have harsh consequences for its users. Despite this, the Bridgefy developers advertise the app for such scenarios and media reports suggest the application is indeed relied upon."

The researchers are: Martin R. Albrecht, Jorge Blasco, Rikke Bjerg Jensen, and Lenka Marekova from Royal Holloway, University of London. After reverse engineering the app, they devised a series of devastating attacks that allow hackers -- in many cases with only modest resources and moderate skill levels -- to take a host of nefarious actions against users. The attacks allow for: deanonymizing users; building social graphs of users' interactions, both in real time and after the fact; decrypting and reading direct messages; impersonating users to anyone else on the network; completely shutting down the network; and performing active man-in-the-middle attacks, which allow an adversary not only to read messages, but to tamper with them as well. "The key shortcoming that makes many of these attacks possible is that Bridgefy offers no means of cryptographic authentication, which one person uses to prove she's who she claims to be," the report adds. "Instead, the app relies on a user ID that's transmitted in plaintext to identify each person. Attackers can exploit this by sniffing the ID over the air and using it to spoof another user."

The app also uses PKCS #1, an outdated way of encoding and formatting messages so that they can be encrypted with the RSA cryptographic algorithm. "This encoding method, which was deprecated in 1998, allows attackers to perform what's known as a padding oracle attack to derive contents of an encrypted message," reports Ars.

President Trump voiced support on Tuesday for Oracle to buy the U.S. operations of TikTok, adding a fresh wrinkle to the bidding for the Chinese-owned video-sharing app. From a report: Oracle is a new entrant in the negotiations for TikTok, whose owner ByteDance is facing a fall deadline from the Trump administration to divest itself of its U.S. operations. Oracle, a giant in business software, has had preliminary discussions about teaming with some of ByteDance's existing minority investors to buy TikTok's U.S. operations but it isn't clear how advanced the talks are, said people familiar with the matter. Microsoft said earlier this month it was in negotiations with ByteDance, and that it was coordinating with the White House. Twitter is also exploring a bid, The Wall Street Journal previously reported.

Oracle has closer ties to the White House than most other parties involved in the bidding. Larry Ellison, the company's co-founder, chairman and largest shareholder, earlier this year threw a fundraiser at his house for the president. Chief Executive Safra Catz also worked on the executive committee for the Trump transition team in 2016. Asked Tuesday if Oracle would be a good buyer for TikTok, President Trump said, "Well I think Oracle is a great company and I think its owner is a tremendous guy, a tremendous person. I think that Oracle would be certainly somebody that could handle it."

When people build a database to manage reading lists or feed their neighbors, that's coding -- and culture. From an essay: We are past the New York City Covid-19 peak. Things have started to reopen, but our neighborhood is in trouble, and people are hungry. There's a church that's opened space for a food pantry, a restaurant owner who has given herself to feeding the neighborhood, and lots of volunteers. [...] It's a complex data model. It involves date fields, text fields, integers, notes. You need lots of people to log in, but you need to protect private data too. You'd think their planning conversations would be about making lots of rice. But that is just a data point. The tool the mutual aid group has settled on to track everything is Airtable, a database-as-a-service program. You log in and there's your database. There are a host of tools like this now, "low-code" or "no-code" software with names like Zapier or Coda or Appy Pie. At first glance these tools look like flowcharts married to spreadsheets, but they're powerful ways to build little data-management apps. Airtable in particular keeps showing up everywhere for managing office supplies or scheduling appointments or tracking who at WIRED has their fingers on this column. The more features you use, the more they charge for it, and it can add up quickly. I know because I see the invoices at my company; we use it to track projects.

"Real" coders in my experience have often sneered at this kind of software, even back when it was just FileMaker and Microsoft Access managing the flower shop or tracking the cats at the animal shelter. It's not hard to see why. These tools are just databases with a form-making interface on top, and with no code in between. It reduces software development, in all its complexity and immense profitability, to a set of simple data types and form elements. You wouldn't build a banking system in it or a game. It lacks the features of big, grown-up databases like Oracle or IBM's Db2 or PostgreSQL. And since it is for amateurs, the end result ends up looking amateur. But it sure does work. I've noticed that when software lets nonprogrammers do programmer things, it makes the programmers nervous. Suddenly they stop smiling indulgently and start talking about what "real programming" is. This has been the history of the World Wide Web, for example. Go ahead and tweet "HTML is real programming," and watch programmers show up in your mentions to go, "As if." Except when you write a web page in HTML, you are creating a data model that will be interpreted by the browser. This is what programming is. Code culture can be solipsistic and exhausting. Programmers fight over semicolon placement and the right way to be object-oriented or functional or whatever else will let them feel in control and smarter and more economically safe, and always I want to shout back: Code isn't enough on its own. We throw code away when it runs out its clock; we migrate data to new databases, so as not to lose one precious bit. Code is a story we tell about data.

phalse phace writes: Oracle has entered the race to acquire TikTok [Editor's note: the link may be paywalled; alternative source], the popular Chinese-owned short video app that President Donald Trump has vowed to shut down unless it is taken over by a US company by mid-November, people briefed about the matter have said. The tech company co-founded by Larry Ellison had held preliminary talks with TikTok's Chinese owner, ByteDance, and was seriously considering purchasing the app's operations in the US, Canada, Australia and New Zealand, the people said. Oracle was working with a group of US investors that already own a stake in ByteDance, including General Atlantic and Sequoia Capital, the people added.

Microsoft has been the lead contender to buy TikTok since it publicly said in early August that it had held discussions to explore a purchase of the app's US, Canada, Australia and New Zealand businesses. Microsoft has also seriously considered a bid to take over TikTok's global operations beyond the countries it outlined this month, people briefed on the company's thinking have said. The Redmond, Washington-based company is particularly interested in buying TikTok in Europe and India, where the video app has been banned by Narendra Modi, Indian prime minister. ByteDance is opposed to selling any assets beyond those in the US, Canada, Australia and New Zealand, said a person close to the company.

Few people outside their home country have heard of Tata Consultancy Services (TCS), Infosys, Wipro, HCL Technologies or Tech Mahindra, India's five biggest information technology (IT) consultancies. Yet even when enterprise software to manage marketing, production, inventory and the like comes from Oracle of America or Germany's SAP, it is often the Indian companies that install and maintain software for clients. But for all their tech nous, the Indian giants have also been unable to keep pace with technological change. The Economist (may be paywalled): Corporate software is becoming easier to use, reducing demand for their services. The lucrative legacy business of running mainframes is evaporating. Helping clients shift to the cloud makes money but not nearly as much. Despite some interesting pilot projects -- such as Tech Mahindra's use of artificial intelligence to tell apart 1,645 Indian languages or Infosys's covid-19 contact-tracing in Rhode Island -- the consultancies have not come up with a killer app, let alone powerful platforms like those of America's big tech firms.

Worse still, multinationals are increasingly reluctant to outsource their IT. Rather than hire the consultants, many are creating subsidiaries in India to do the job in-house -- sucking away both custom and workers from the consultancies. Before the pandemic India hosted more than 1,400 of these so-called "captive centres", employing a total of more than 1m people, according to an analysis by the Ken, an Indian news website; around 70% of them were owned by big American firms. Walmart Labs India, owned by the American supermarket chain, is reportedly on course to double its staff numbers to 7,000 in the next year or two. The popularity of such in-house operations has to do with the changing economics of technology. This once required armies of people, so spreading costs among many clients made sense. With falling prices of hardware and software, and more skilled workers around, a captive centre can pay for itself with just 50 employees, says Peter Bendor Samuel of the Everest Group, a research firm.

Oracle's Java magazine is celebrating the 25th anniversary of the programming language with a list of the 25 greatest Java apps ever written: From space exploration to genomics, from reverse compilers to robotic controllers, Java is at the heart of today's world. Here are a few of the countless Java apps that stand out from the crowd.

The story of Java began in 1991, at a time when Sun Microsystems sought to extend their lead in the computer workstation market into the burgeoning personal electronics market. Little did anyone know that the programming language Sun was about to create would democratize computing, inspire a worldwide community, and become the platform for an enduring software development ecosystem of languages, runtime platforms, SDKs, open source projects, and lots and lots of tools. After a few years of secret development led by James Gosling, Sun released the landmark "write once, run anywhere" Java platform in 1995, refocusing it beyond its original design for interactive television to applications for the burgeoning World Wide Web. By the turn of the century, Java was animating everything from smartcards to space vehicles.

Today, millions of developers program in Java. Although Java continues to evolve at an ever-faster pace, on the occasion of the platform's 25th anniversary, Java Magazine decided to take a look back at how Java molded our planet. What follows is a list of the 25 most ingenious and influential Java apps ever written, from Wikipedia Search to the US National Security Agency's Ghidra. The scope of these applications runs the gamut: space exploration, video games, machine learning, genomics, automotive, cybersecurity, and more.
The list includes Eclipse, Minecraft, the Maestro Mars Rover controller, and "VisibleTesla," the open source app created by an automobile enthusiast to monitor and control his Tesla Model S.

An anonymous reader quotes ADTmag: The Eclipse Foundation this week announced Jakarta EE 9 Milestone 1, the final version of the enterprise Java specification before the first Release Candidate (RC). The Jakarta EE 9 release marks the final transition away from the javax.* namespace (which Oracle refused to give up) to Eclipse's jakarta.*. This release updates all the APIs to use jakarta.* in package names. In fact, Mike Milinkovich, executive director of the Eclipse Foundation, says that transition is really what this release is all about.

"The main purpose...is to provide a release that is very similar to Java EE 8," Milinkovich told ADTmag, "with everything converted to the jakarta.* namespace. We're providing a stable technical conversion platform, so all the tools and frameworks in the ecosystem that are using, say, javax.servlet, can make the change with confidence." Giving the ecosystem solid footing for the transition from the Java EE coffee cup to the Jakarta EE sailboat is the Foundation's way of setting the stage for rapid innovation, Milinkovich said, once the transition is largely complete.

"These technologies have been around for an awfully long time," he added, "and we had to provide folks with a stable platform for the conversion. At the same time, thanks to a contribution from IBM, we have the Eclipse Transformer Project, which is going to provide runtime enablement. If someone has an application they don't want to recompile, and that application is using the javax.* namespace, they will be able to run it on top of a Jakarta-compatible app server. That's going to provide binary compatibility for apps, going forward..."

From a report: Have you ever wondered why online ads appear for things that you were just thinking about? There's no big conspiracy. Ad tech can be creepily accurate. Tech giant Oracle is one of a few companies in Silicon Valley that has near-perfected the art of tracking people across the internet. The company has spent a decade and billions of dollars buying startups to build its very own panopticon of users' web browsing data. One of those startups, BlueKai, which Oracle bought for a little over $400 million in 2014, is barely known outside marketing circles, but it amassed one of the largest banks of web tracking data outside of the federal government. BlueKai uses website cookies and other tracking tech to follow you around the web. By knowing which websites you visit and which emails you open, marketers can use this vast amount of tracking data to infer as much about you as possible -- your income, education, political views, and interests to name a few -- in order to target you with ads that should match your apparent tastes. If you click, the advertisers make money.

But for a time, that web tracking data was spilling out onto the open internet because a server was left unsecured and without a password, exposing billions of records for anyone to find. Security researcher Anurag Sen found the database and reported his finding to Oracle through an intermediary -- Roi Carthy, chief executive at cybersecurity firm Hudson Rock and former TechCrunch reporter.

Newly-elected politicians in Munich "have decided its administration needs to use open-source software, instead of proprietary products like Microsoft Office," reports ZDNet: "Where it is technologically and financially possible, the city will put emphasis on open standards and free open-source licensed software," a new coalition agreement negotiated between the recently elected Green party and the Social Democrats says. The agreement was finalized May 10 and the parties will be in power until 2026. "We will adhere to the principle of 'public money, public code'. That means that as long as there is no confidential or personal data involved, the source code of the city's software will also be made public," the agreement states...

Munich began the move away from proprietary software at the end of 2006... By 2013, 80% of desktops in the city's administration were meant to be running LiMux software. In reality, the council continued to run the two systems — Microsoft and LiMux — side by side for several years to deal with compatibility issues. As the result of a change in the city's government, a controversial decision was made in 2017 to leave LiMux and move back to Microsoft by 2020. At the time, critics of the decision blamed the mayor and deputy mayor and cast a suspicious eye on the US software giant's decision to move its headquarters to Munich. In interviews, a former Munich mayor, under whose administration the LiMux program began, has been candid about the efforts Microsoft went to to retain their contract with the city.

The migration back to Microsoft and to other proprietary software makers like Oracle and SAP, costing an estimated €86.1m ($93.1m), is still in progress today.

"We're very happy that they're taking on the points in the 'Public Money, Public Code' campaign we started two and a half years ago," Alex Sander, EU public policy manager at the Berlin-based Free Software Foundation Europe, tells ZDNet. But it's also important to note that this is just a statement in a coalition agreement outlining future plans, he says. "Nothing will change from one day to the next, and we wouldn't expect it to," Sander continued, noting that the city would also be waiting for ongoing software contracts to expire. "But the next time there is a new contract, we believe it should involve free software."

May 23rd marks the 25th anniversary of the day Sun Microsystems introduced Java to the world, notes InfoWorld.

Looking at both the present and the future, they write that currently Java remains popular "with enterprises even as a slew of rival languages, such as Python and Go, now compete for the hearts and minds of software developers." Java continues to rank among the top three programming languages in the most prominent language popularity indexes — Tiobe, RedMonk, and PyPL. Java had enjoyed a five-year stint as the top language in the Tiobe index until this month, when it was overtaken by the C language, thanks perhaps to the combination of C's wide use in medical equipment and the urgency of the COVID-19 pandemic.

Nevertheless, Java represents a huge ecosystem and source of jobs. There were an estimated nine million Java developers worldwide in 2017, according to Oracle. A recent search of jobs site Dice.com found nearly 12,000 Java-related jobs in the USA, compared to roughly 9,000 jobs in JavaScript and 7,600 in Python. Plus, Java has spawned an enormous ecosystem of tools ranging from the Spring Framework to application servers from companies such as IBM, Red Hat, and Oracle to the JavaFX rich media platform.

The developers behind Java — including Oracle and the broader OpenJDK community — have kept the platform moving forward. Released two months ago, Java 14, or Java Development Kit (JDK) 14, added capabilities including switch expressions, to simplify coding, and JDK Flight Recorder (JFR) Event Streaming, for continuous consumption of JFR data. Up next for Java is JDK 15, set to arrive as a production release in September 2020, with capabilities still being lined up for it. So far, the features expected include a preview of sealed classes, which provide more-granular control over code, and records, which provide classes that act as transparent carriers for immutable data. Also under consideration for Java is a plan dubbed Project Leyden, which would address "longterm pain points" in Java including resource footprint, startup time, and performance issues by introducing static images to the platform.

Three female employees at Oracle scored a major victory in court, gaining the right to represent thousands of others in a gender-discrimination lawsuit over pay, a legal milestone that has eluded women at other tech titans. From a report: A California state judge certified the class action Thursday, allowing the lawsuit to advance on behalf of more than 4,000 women who claim the database giant pays men more for doing the same job. "Whether the jobs at issue in this case are substantially equal or similar is a question of fact for a jury," California Superior Court Judge V. Raymond Swope in Redwood City said in the 25-page ruling, rejecting Oracle's claim that each is an individual case because people in the same job code don't perform substantially similar work. The ruling gives the women critical leverage in pursuing the case under the state's Equal Pay Act.

Zoom selected Oracle to expand its cloud on Tuesday, bypassing major cloud leaders Amazon Web Services, Alphabet's Google Cloud Platform and Microsoft's Azure Cloud. The terms of the deal were not disclosed. CNBC reports: "We recently experienced the most significant growth our business has ever seen, requiring massive increases in our service capacity. We explored multiple platforms, and Oracle Cloud Infrastructure was instrumental in helping us quickly scale our capacity and meet the needs of our new users," Zoom CEO Eric Yuan said in a press release. "We chose Oracle Cloud Infrastructure because of its industry-leading security, outstanding performance and unmatched level of support."

Zoom already uses Amazon and Microsoft's cloud services, but went with Oracle for its latest expansion. Oracle founder and chairman Larry Ellison praised Zoom earlier this month, calling it an "essential service" during the coronavirus pandemic. Oracle said in a release that Zoom chose its service for Oracle's "advantages in performance, scalability, reliability and superior cloud security." It's a surprising move from Zoom, as it chose Oracle over its larger competitors. According to research firm Canalys, Amazon had the largest cloud market share at the end of 2019 with 32.4%, followed by Microsoft, with 17.6%, and Google, with 6%.

Java "remains the world's most popular programming language," notes ZDNet, reporting on Oracle's release this week of Java Development Kit (JDK) 14, Oracle's "reference implementation of the Java 14 programming language spec." Rolling out in line with Oracle's six-monthly release schedule that began with Java 9 in 2017, JDK 14 includes enhancements that Oracle says will improve developer productivity... According to Georges Saab, Oracle vice president of development for the Java Platform, the faster six-monthly releases are helping developers adopt new features more rapidly due to regular expected changes. Java 9, for example, was released more than three years after Java 8...

Saab notes that major improvements in JDK 14 include a Foreign-Memory Access API enhancement (JEP 370), and improvements from Project Amber, another OpenJDK project, including Pattern Matching (JEP 305) and a preview of Records (JEP 359). Oracle JDK 14 will receive at least two quarterly updates in line with Oracle's critical-patch update schedule before Java 15 is released in September 2020.

Oracle is providing Java 14 as the Oracle OpenJDK release under an open-source GNU General Public License v2. It's also released under a commercial license using Oracle JDK. Most of the nearly 2,000 fixes in JDK 14 have been made by Oracle employees while 528 came from individual developers and other organizations. Some of the main contributors included Red Hat, SAP, Google, Arm, Intel, and NTT Data.

An anonymous reader quotes the Dev newsletter from Inside.com: The U.S. Supreme Court has postponed hearing oral arguments in the Google vs. Oracle copyright case and all other cases because of the coronavirus. It is the first time the Supreme Court has done so since the Spanish flu epidemic in 1918. ["The Court also shortened its argument calendars in August 1793 and August 1798 in response to yellow fever outbreaks," the announcement points out.]

"The court will examine the options for rescheduling those cases in due course in light of the developing circumstances," the announcement added.

Justices on the U.S. Supreme Court were scheduled to hear oral arguments in the Google vs. Oracle case on Tuesday, March 24, 2020, before making a decision a few months later.

The 2020 spring edition of the Pwn2Own hacking contest has come to a close today. This year's winner is Team Fluoroacetate -- made up of security researchers Amat Cama and Richard Zhu -- who won the contest after accumulating nine points across the two-day competition, which was just enough to extend their dominance and win their fourth tournament in a row. From a report: But this year's edition was a notable event for another reason. While the spring edition of the Pwn2Own hacking contest takes place at the CanSecWest cyber-security conference, held each spring in Vancouver, Canada, this year was different. Due to the ongoing coronavirus (COVID-19) outbreak and travel restrictions imposed in many countries around the globe, many security researchers couldn't attend or weren't willing to travel to Vancouver and potentially put their health at risk. Instead, this year's Pwn2Own edition has become the first-ever hacking contest that has been hosted in a virtual setting. Participants sent exploits to Pwn2Own organizers in advance, who ran the code during a live stream with all participants present. During the competition's two-day schedule, six teams managed to hack apps and operating systems like Windows, macOS, Ubuntu, Safari, Adobe Reader, and Oracle VirtualBox. All bugs exploited during the contest were immediately reported to their respective companies.

Ars Technica's senior tech reporter took a long long at Google's reimplementation of Java in Android -- and the lawsuit filed against it by Oracle in 2010. And he discovers "a possible downside" to Oracle's stance on API copyrights. If anyone should understand the importance of such copying, it's Oracle. After all, Oracle got its start in the 1970s selling a database product based on the then-new structured query language (SQL). SQL was invented by IBM. And Oracle doesn't seem to have gotten a license to use it...

Oracle's copying of SQL seems pretty similar to Google's copying of Java. But an Oracle spokeswoman disagrees. "It's an incorrect premise, comparing apples with broccoli, and being completely divorced from the facts of the case," she wrote in a Tuesday email.

America's Supreme Court will soon decide whether Google infringed on a copyright that Oracle says it holds on the APIs of Java. But this week Oracle's executive vice president also wrote a blog post arguing that Google "sought the support of outside groups to bolster its position" by using friend-of-the-court briefs to "create the impression that this case is of great import and controversy, and a ruling in Oracle's favor will impede innovation."

"Upon closer inspection, what these briefs reveal is a significantly different picture, one where Google is the outlier, with very little meaningful support outside the purview of its financial fingerprints." As we discussed in a previous post, this case is not about innovation, it is about theft. Google copied verbatim more than 11,000 lines of software code, and now attempts post hoc to change the rules in order to excuse its conduct... As those of us that have watched Google over the past few decades know, Google's view boils down to the self-absorbed position that the work it is doing is of such consequence that the rules shouldn't apply to them. The problem for Google is that very few outside of its self-generated atmosphere agree.

Let's be clear, it is not commonplace or foundational in the software industry to steal other developer's software code. Rather, what is commonplace is a confluence of interests where code is licensed to facilitate its widespread deployment, with the owner choosing the terms... Java embraced choice, with three different licensing alternatives, including a freely deployed open source license, and a commercial license designed to maintain interoperability. And it turns out that nobody except Google found it necessary to steal despite Java's enormous popularity. It is not in dispute in this matter that Google destroyed Java interoperability so it is unbelievable that many of its amici take the position that Google needs to prevail in order to protect interoperability...

Out of 26 briefs, we found:

- 7 briefs representing 13 entities that received "substantial contributions" from Google;

- 8 briefs filed by entities or individuals that have financial ties to Google through grants, dues, cy pres settlement proceeds or employment of individual amici;

- 2 briefs filed by companies with a clear commercial interest in Google prevailing;

- 1 brief filed by several former U.S. government employees all of whom worked for a small government agency run by a former Google executive, despite the U.S. government itself filing a brief in favor of Oracle;

- 4 separate briefs representing a total of 7 individuals;

- A few other briefs where Google financial ties are likely;

- 1 brief submitted by a serial copyright infringer repeatedly sanctioned by the Courts;

What masqueraded as a mass show of support for Google, may not be much more than an exercise in transactional interests.
The groups Oracle is criticizing include the American Library Association, EFF, and the Python Software Foundation, as well as a brief by 83 computer scientists which included Doug Lea, a former memeber of the executive committee of the Java Community Process. Oracle's blog post also makes the argument that besides Microsoft and IBM, "not a single brief from the other 98 of the Top 100 tech companies was filed."

There was a response on Twitter from Joshua Bloch, who worked on the Java platform at Sun before leaving in 2004 to become Google's chief Java architect for the next 8 years. He called Oracle's blog post "nonsense." For example, Doug Lea -- who is in no small measure responsible for Java's success -- accepted one small grant from Google fourteen years ago, and promptly doled it out to deserving undergrads who were testing java.util.concurrent. Have you no shame, Oracle?

We are not Google shills. We are scientists and engineers. Some of us laid the theoretical groundwork for the profession, some designed the computers you grew up on, and some wrote the software you use every day.

We depend on the right to reimplement each others' APIs, and we are truly afraid that your irresponsible lawsuit may deprive us of that right, which we've enjoyed throughout our long careers.