An anonymous reader quotes InfoWorld:With a new round of voting completed this week, the Java Community Process Executive Committee passed by a 24-0 vote the Java Platform Module System public review ballot, the subject of Java Specification Request 376. In May, the same group, citing concerns over the plan being disruptive and lacking consensus, voted the measure down, 13 to 10... Red Hat, which voted no on the previous ballot but abstained from the latest one, said there were still several items in the current proposal that it wanted further work on. "However, we do not want to delay the Java 9 release," Red Hat said. Getting "real world" feedback on the modularity system will be key to determine where further changes need to occur, Red Hat said. The Eclipse Foundation, Hazelcast, and Twitter, all of which voted no previously and yes this time around, cited sufficient progress with modularity.
Java 9 is still slated for release on September 21st.

msm1267 writes: Linux, BSD, Solaris and other open source systems are vulnerable to a local privilege escalation vulnerability known as Stack Clash that allows an attacker to execute code at root. Major Linux and open source distributors made patches available Monday, and systems running Linux, OpenBSD, NetBSD, FreeBSD or Solaris on i386 or amd64 hardware should be updated soon.

The risk presented by this flaw, CVE-2017-1000364, becomes elevated especially if attackers are already present on a vulnerable system. They would now be able to chain this vulnerability with other critical issues, including the recently addressed Sudo vulnerability, and then run arbitrary code with the highest privileges, said researchers at Qualys who discovered the vulnerability.

An anonymous reader quotes InfoWorld: Java 9 won't be released on July 27 after all. Oracle has proposed that Java 9 Standard Edition be delayed until September 21 so the open source community that is finalizing Java 9 can address the ongoing controversy over a planned but later rejected approach to modularity, said Georges Saab, vice president of software development in the Java platform group at Oracle and chairman of the OpenJDK governing board...

The [Java Platform Module System] measure was sent back to the proposal's expert group for further discussion. Since then, the group has reached consensus on addressing the modularity concerns, Saab said. But they cannot rework Java 9 in time for the original July 27 release date... If the revised JSR 376 approved, as expected, work can proceed on implementing it in the official version of Java 9 SE. This setback for Java 9s upcoming upgrade, however, should just be temporary, with Oracle expecting a more rapid cadence of Java SE releases going forward, Saab said.

The legendary computer scientist and founder of Java, James Gosling, is joining forces with Amazon Web Services. Gosling made the announcement today on Facebook saying that he's "starting a new Adventure" with the cloud computing juggernaut as a Distinguished Engineer. GeekWire reports: Gosling wrote Java, one of the most widely used programming languages in the history of computing, while at Sun Microsystems in the early 1990s. After leaving Sun following its acquisition by Oracle, Gosling did a short stint at Google before settling in for almost six years at Liquid Robotics, which is working on an autonomous boat called the Wave Glider. He likely ruffled a few feathers in Seattle last year after speaking out about fears of cloud vendor lock-in. "You get cloud providers like Amazon saying: 'Take your applications and move them to the cloud.' But as soon as you start using them you're stuck in that particular cloud," he said at IP Expo according to The Inquirer, echoing the sentiment of some skeptical IT organizations burned by enterprise vendors in the past.

An anonymous reader quotes a report from Ars Technica: In its continued efforts to make Azure a platform that appeals to the widest range of developers possible, Microsoft announced a range of new features at Build, its annual developer conference. Many of the features shown today had a data theme to them. The most novel feature was the release of Cosmos DB, a replacement for, or upgrade to, Microsoft's Document DB NoSQL database. Cosmos DB is designed for "planet-scale" applications, giving developers fine control over the replication policies and reliability. Replicated, distributed systems offer trade-offs between latency and consistency; systems with strong consistency wait until data is fully replicated before a write is deemed to be complete, which offers consistency at the expense of latency. Systems with eventual consistency mark operations as complete before data is fully replicated, promising only that the full replication will occur eventually. This improves latency but risks delivering stale data to applications. Document DB offered four different options for the replication behavior; Cosmos DB ups that to five. The database scales to span multiple regions, with Microsoft offering service level agreements (SLAs) for uptime, performance, latency, and consistency. There are financial penalties if Microsoft misses the SLA requirements. Many applications still call for traditional relational databases. For those, Microsoft is adding both a MySQL and a PostgreSQL service; these provide the familiar open source databases in a platform-as-a-service style, removing the administrative overhead that comes of using them and making it easier to move workloads using them into Azure. The company is also offering a preview of a database-migration service that takes data from on-premises SQL Server and Oracle databases and migrates it to Azure SQL Database. Azure SQL Database has a new feature in preview called "Managed Instances" that offers greater compatibility between on-premises SQL Server and the cloud variant, again to make workload migration easier.

An anonymous reader quotes The Hill: Oracle voiced support on Friday for FCC Chairman Ajit Pai's controversial plan to roll back the agency's net neutrality rules. In a letter addressed to the FCC, the company played up its "perspective as a Silicon Valley technology company," hammering the debate over the rules as a "highly political hyperbolic battle," that is "removed from technical, economic, and consumer reality"... Oracle wrote in their letter [PDF] that they believe Pai's plan to remove broadband providers from the FCC's regulatory jurisdiction "will eliminate unnecessary burdens on, and competitive imbalances for, ISPs [internet service providers] while enhancing the consumer experience and driving investment"... Other companies in support of Pai's plan, like AT&T and Verizon, have made the argument that the rules stifled investment in the telecommunications sector, specifically in broadband infrastructure.
Cisco has also argued that strict net neutrality laws on ISPs "restrict their ability to use innovative network management technology, provide appropriate levels of quality of service, and deliver new features and services to meet evolving consumer needs. Cisco believes that allowing the development of differentiated broadband products, with different service and content offerings, will enhance the broadband market for consumers."

An anonymous reader quotes InfoWorld: The next edition of standard Java had been proceeding toward its planned July 27 release after earlier bumps in the road over modularity. But now Red Hat and IBM have opposed the module plan. "JDK 9 might be held up by this," Oracle's Georges Saab, vice president of development for the Java platform, said late Wednesday afternoon. "As is the case for all major Java SE releases, feedback from the Java Community Process may affect the timeline..."

Red Hat's Scott Stark, vice president of architecture for the company's JBoss group, expressed a number of concerns about how applications would work with the module system and its potential impact on the planned Java Enterprise Edition 9. Stark also said the module system, which is featured in Java Specification Request 376 and Project Jigsaw, could result in two worlds of Java: one for Jigsaw and one for everything else, including Java SE classloaders and OSGI. Stark's analysis received input from others in the Java community, including Sonatype.
"The result will be a weakened Java ecosystem at a time when rapid change is occurring in the server space with increasing use of languages like Go," Stark wrote, also predicting major challenges for applications dealing with services and reflection. His critique adds that "In some cases the implementation...contradicts years of modular application deployment best practices that are already commonly employed by the ecosystem as a whole." And he ultimately concludes that this effort to modularize Java has limitations which "almost certainly prevent the possibility of Java EE 9 from being based on Jigsaw, as to do so would require existing Java EE vendors to completely throw out compatibility, interoperability, and feature parity with past versions of the Java EE specification."

An anonymous reader writes: Oracle sought to position itself once again this week as the best place for everything companies need to move to cloud computing. On Thursday, executives at the database and business software giant distanced Oracle from public cloud leaders such as Amazon Web Services, Google Cloud Platform and Microsoft Azure that provide computing, storage and other services to corporations looking to reduce or eliminate their data centers. "Our cloud is more comprehensive than any other cloud in the market today, a full end-to-end cloud," said David Donatelli, Oracle's executive vice president of converged infrastructure. "We design from the chip all the way up to the application, fully vertically integrated." What's interesting about that messaging, which Oracle has been refining since at least its OpenWorld conference last September, is not simply the competitive positioning. Oracle is essentially saying that the nature of cloud computing suggests customers need to move away from the notion that has dominated information technology since personal computers and PC-based servers began to displace mainframes and minicomputers: cherry-picking the best applications and hardware and cobbling together their own IT setups. In short, Oracle contends, it's time for another broad swing back to the integrated, uber-suppliers of a bygone era of technology. Of course, the new tech titans such as Google, Facebook and Amazon arguably wield as much power in their particular domains of advertising and e-commerce as the Big Blue of old. But it has been a long time since a soup-to-nuts approach has worked for enterprise tech companies, and for those few still attempting it, such as Dell and Oracle, it's far from obvious it will work. The cloud, Oracle contends, may well change that.

Stack Overflow data scientist David Robinson recently calculated when people visit the popular programming question-and-answer site, but then also calculated whether those results differed by programming language. Quoting his results:

• "C# programmers start and stop their day earlier, and tend to use the language less in the evenings. This might be because C# is often used at finance and enterprise software companies, which often start earlier and have rigid schedules."
• "C programmers start the day a bit later, keep using the language in the evening, and stay up the longest. This suggests C may be particularly popular among hobbyist programmers who code during their free time (or perhaps among summer school students doing homework)."
• "Python and Javascript are somewhere in between: Python and Javascript developers start and end the day a little later than C# users, and are a little less likely than C programmers to work in the evening."

The site also released an interactive app which lets users see how the results for other languages compared to C#, JavaScript, Python, and C, though of those four, "C# would count as the 'most nine-to-five,' and C as the least."

And they've also calculated the technologies used most between 9 to 5 (which "include many Microsoft technologies, such as SQL Server, Excel, VBA, and Internet Explorer, as well as technologies like SVN and Oracle that are frequently used at enterprise software companies.") Meanwhile, the technologies most often used outside the 9-5 workday "include web frameworks like Firebase, Meteor, and Express, as well as graphics libraries like OpenGL and Unity. The functional language Haskell is the tag most visited outside of the workday; only half of its visits happen between 9 and 5."

It's no secret that Amazon and Oracle don't see eye to eye. But things are far from improving, it appears. From a report: On Wednesday, two months after Oracle co-CEO Mark Hurd called Amazon's cloud infrastructure "old" and claimed his company was gaining share, Amazon Web Services chief Andy Jassy slammed Oracle for locking customers into painfully long and expensive contracts. "People are very sensitive about being locked in given the experience they've had the last 10 to 15 years," Jassy said on Wednesday on stage at Amazon's AWS Summit in San Francisco. "When you look at cloud, it's nothing like being locked into Oracle." Jassy was addressing a cultural shift in the way technology is bought and sold. No longer does the process involve the purchase of heavy proprietary software with multi-year contracts that include annual maintenance fees. Now, Jassy says, it's about choice and ease of use, including letting clients turn things off if they're not working.

The Outline tells the story of CelebrityNetWorth.com, a website launched in 2008 that tells you how much a celebrity is worth. The site was an instant success, but things have turned sore in the last two years. The creator of the website Brian Warner blames Google for it. From the article: For most of its history, Google was like a librarian. You asked a question, and it guided you to the section of the web where you might find the answer. But over the past five years, Google has been experimenting with being an oracle. Type in a question, and you might see a box at the top of the search results page with the answer in large bold type. [...] In 2014, Warner received an email from Google asking if he would be interested in giving the company access to his data in order to scrape it for Knowledge Graph, for free. He said no, as he feared the traffic would plummet. [...] In February 2016, Google started displaying a Featured Snippet for each of the 25,000 celebrities in the CelebrityNetWorth database, Warner said. He knew this because he added a few fake listings for friends who were not celebrities to see if they would pop up as featured answers, and they did. "Our traffic immediately crumbled," Warner said. He acknowledged the risks in building a site that depends so heavily on Google for search traffic, and whose research can easily be reduced to a single number. But he still thinks what Google did is unfair.

An anonymous reader quotes The Stack: Multinational tech giant Oracle has been charged $293 million USD for corporate tax evasion in South Korea. The $293 million charge is made up of back taxes, as well as a punitive charge from the government tax agency. The company was originally notified of the tax debt in January of last year, when the National Tax Service charged Oracle with evasion of corporate tax payments on 2 trillion won in earnings from 2008-2014.

Oracle was accused of funneling revenues to Ireland to avoid paying taxes in South Korea. In an audit of the company's books, the tax authority found that Oracle had channeled profits generated in South Korea to an Irish subsidiary; however, it was found that those funds ultimately profited the company's headquarters in the United States. Because of this, the NTS determined that Oracle should have paid taxes on profits generated in South Korea to the South Korean government.

An anonymous reader writes: Allegro MicroSystems LLC is suing a former IT employee for sabotaging its database using a "time bomb" that deleted crucial financial data in the first week of the new fiscal year. According to court documents, after resigning from his job, a former sysadmin kept one of two laptops. On January 31, Patel entered the grounds of the Allegro headquarters in Worcester, Massachusetts, just enough to be in range of the factory's Wi-Fi network. Allegro says that Patel used the second business-use laptop to connect to the company's network using the credentials of another employee. While connected to the factory's network on January 31, Allegro claims Patel, who was one of the two people in charge of Oracle programming, uploaded a "time bomb" to the company's Oracle finance module. The code was designed to execute a few months later, on April 1, 2016, the first week of the new fiscal year, and was meant to "copy certain headers or pointers to data into a separate database table and then to purge those headers from the finance module, thereby rendering the data in the module worthless." The company says that "defendant Patel knew that his sabotage of the finance module on the first week of the new fiscal year had the maximum potential to cause Allegro to suffer damages because it would prevent Allegro from completing the prior year's fiscal year-end accounting reconciliation and financial reports."

Two readers share a report: While workers have traditionally looked to unions to address their grievances, a new generation is trusting in the power of petitions to force changes. At the Wall Street Journal, 160 reporters and editors, delivered a letter to their managers protesting the lack of women and minorities running the organization, Business Insider reported yesterday. "Nearly all the people at high levels at the paper deciding what we cover and how are white men," the letter read. IBM employees are circulating an online petition objecting to the tone of CEO Ginni Rometty's letter to US president Donald Trump, and calling on her affirm what they call the company's progressive values. [...] Other employee petitions call for Oracle to oppose US president Donald Trump's second travel ban, and to let men who work at US regional supermarket Publix grow beards. Employee petitions are now so popular there's a website, coworker.org, devoted to hosting them. In some cases, the campaigns work: Starbuck's relaxed its rules about visible tattoos and unnatural hair color for baristas after thousands signed petitions asking for a change. Sometimes, they fail disastrously. Interns at one (unnamed) company described in a blog about being fired en masse after signing a petition asking for a more relaxed dress code.

Paul Kunert writes in an exclusive report via The Register: Oracle has hired global specialists to explore the feasibility of buying multi-billion dollar consultancy Accenture, sources have told us. The database giant has engaged a team of consultants to conduct due diligence to "explore the synergies that could be created if they [Oracle] bought Accenture lock stock and barrel," one source claimed. On top of the financial considerations, the consultants are evaluating the pros and cons including the potential impact on Oracle's wider channel. "While these things have a habit of fizzling out there are some fairly serious players around the table," a contact added. Another claimed the process was at an early stage. "If buying Accenture was a 100 meter race, Oracle is at the 10 to 15 meter stage now." [T]his buy would be an immensely bold, complicated and pricey move: NYSE-listed Accenture has a market cap of $77.5 billion, and shareholders will expect a premium offer. A deal would dwarf Oracle's $10 billion buy of PeopleSoft, its $7.4 billion deal for Sun Microsystems, and more recently, the $9.3 billion splashed on Netsuite. In buying Accenture, Oracle would be taking a leaf out of the mid-noughties handbook - when HP fatefully bought EDS and IBM acquired PWC to carve out a brighter future.

After nearly 20 years and 31,000 commits, OpenSSL wants to change to Apache License v2.0. They're now tracking down all 400 contributors to sign new license agreements, a process expected to take several months. Slashdot reader rich_salz shares links to OpenSSL's official announcement (and their agreement-collecting web site). "This re-licensing activity will make OpenSSL, already the world's most widely-used FOSS encryption software, more convenient to incorporate in the widest possible range of free and open source software," said Mishi Choudhary, Legal Director of Software Freedom Law Center and counsel to OpenSSL. "OpenSSL's team has carefully prepared for this re-licensing, and their process will be an outstanding example of 'how to do it right.'"
Click through for some comments on the significance of this move from the Linux Foundation, Intel, and Oracle.

JavaScript developer (and JSON proponent) Douglas Crockford recently described "a theoretical post-JavaScript World," according to InfoWorld. Crockford "believes the web development staple needs a successor that can fix multiple programming nuances." An anonymous reader summarizes their report: Despite its status as the world's most popular language, Crockford told an audience at the Oracle Code conference, "It would be sad if JavaScript turns out to be the last language." He complained that JavaScript has two different ways of declaring variables -- let and var -- as well as two different "bottom variables" with no value -- both null and undefined. "There's an argument among language designers, should we have bottom values at all? But there's nobody who thinks you should have two of them."

According to InfoWorld, Crockford "also presented a scenario with JavaScript being turned into a purely functional programming language by getting rid of 'impurities' like date, the delete operation, math.random and object.assign. Afterward, he stressed replacing JavaScript rather than adding functional capabilities to it... The next language also should be better able to deal with multiple cores. Most languages have followed the sequential model of Fortran, executing one operation after another, he said. 'That's not how the world works anymore. We now have lots of cores available to us, which all want to be running at the same time.'"
In other news, Crockford also proposed ending the "spaces vs. tabs" debate by simply eliminating tabs altogether.

An anonymous reader quotes the Wall Street Journal: The seven-year legal battle between tech giants Google and Oracle just got new life. Oracle on Friday filed an appeal with the U.S. Court of Appeals for the Federal Circuit that seeks to overturn a federal jury's decision last year... The case has now gone through two federal trials and bounced around at appeals courts, including a brief stop at the U.S. Supreme Court. Oracle has sought as much as $9 billion in the case.

In the trial last year in San Francisco, the jury ruled Google's use of 11,000 lines of Java code was allowed under "fair use" provisions in federal copyright law. In Oracle's 155-page appeal on Friday, it called Google's "copying...classic unfair use" and said "Google reaped billions of dollars while leaving Oracle's Java business in tatters."
Oracle's brief also argues that "When a plagiarist takes the most recognizable portions of a novel and adapts them into a film, the plagiarist commits the 'classic' unfair use."

An anonymous reader shares a WashingtonPost report: Silicon Valley is stepping up its confrontation with the Trump administration. On Sunday night, technology giants Apple, Facebook, Google, Microsoft, Netflix, Twitter, Uber and many others filed a legal brief opposing the administration's contentious entry ban. The move represents a rare coordinated action across a broad swath of the industry (Editor's note: the link could be paywalled; alternate source) -- 97 companies in total -- and demonstrates the depth of animosity toward the Trump ban. The amicus brief was filed with the U.S. Court of Appeals for the 9th Circuit, which is expected to rule within a few days on an appeal by the administration after a federal judge in Seattle issued late Friday a temporary restraining order putting the entry ban on hold. The brief comes at the end of a week of nationwide protests against the plan -- as well as a flurry of activity in Silicon Valley, a region that sees immigration as central to its identity as an innovation hub.From a TechCrunch report: Notably absent from the list of 97 companies are several who met with Trump prior to his inauguration: Amazon, Oracle, IBM, SpaceX and Tesla. Although Amazon CEO Jeff Bezos was highly critical of Trump prior to his election, he has not spoken out against the immigration policy. Oracle CEO Safra Catz is serving as an advisor to the Trump transition team, while SpaceX and Tesla CEO Elon Musk has defended his decision to remain on an advisory council for Trump.

chicksdaddy New data suggests that some 14,500 web domains stopped using Dyn's Managed DNS service in the immediate aftermath of an October DDoS attack by the Mirai botnet. That's around 8% of the web domains using Dyn Managed DNS... "The data show that Dyn lost a pretty big chunk of their customer base because they were affected by (Mirai)," said Dan Dahlberg, a research scientist at BitSight Technologies in Cambridge, Massachusetts... BitSight, which provides security rating services for companies, analyzed a set of 178,000 domains that were hosted on Dyn's managed DNS infrastructure before and immediately after the October 21st attacks.
It's possible some of those domains later returned to Dyn -- and the number of actual customers may be smaller than the number of hosted domains. But in the end it may not have mattered much, since Dyn was acquired by Oracle the next month, and TechCrunch speculates that the deal had already been set in motion before the attack.

They also add that "Oracle, of course, is no stranger to breaches itself: in August it was found that hundreds of its own computer systems were breached."