New submitter cyranix writes "You may never have to reboot your Linux machine ever again, even for kernel patching," and excerpts from the long (and nicely human-readable) description of newly merged kernel code that does what Ksplice has for quite a while (namely, offer live updating for Linux systems, no downtime required), but without Oracle's control. It provides a basic infrastructure for function "live patching" (i.e. code redirection), including API for kernel modules containing the actual patches, and API/ABI for userspace to be able to operate on the patches (look up what patches are applied, enable/disable them, etc). It's relatively simple and minimalistic, as it's making use of existing kernel infrastructure (namely ftrace) as much as possible. It's also self-contained, in a sense that it doesn't hook itself in any other kernel subsystem (it doesn't even touch any other code). It's now implemented for x86 only as a reference architecture, but support for powerpc, s390 and arm is already in the works (adding arch-specific support basically boils down to teaching ftrace about regs-saving).

jones_supa writes: Phoronix notes how it has been a long time since last hearing of any major innovations or improvements to VirtualBox, the virtual machine software managed by Oracle. This comes while VMware is improving its products on all platforms, and KVM, Xen, Virt-Manager, and related Linux virtualization technologies continue to advance as well. Is there any hope left for a revitalized VirtualBox? It has been said that there are only four paid developers left on the VirtualBox team at the company, which is not enough manpower to significantly advance such a complex piece of software. The v4.3 series has been receiving some maintenance updates during the last two years, but that's about it.

wiredmikey writes Oracle has pushed out a massive security update, including critical fixes for Java SE and the Oracle Sun Systems Products Suite. Overall, the update contains nearly 170 new security vulnerability fixes, including 36 for Oracle Fusion Middleware. Twenty-eight of these may be remotely exploitable without authentication and can possibly be exploited over a network without the need for a username and password.

samzenpus (5) writes "Alexander Stepanov is an award winning programmer who designed the C++ Standard Template Library. Daniel E. Rose is a programmer, research scientist, and is the Chief Scientist for Search at A9.com. In addition to working together, the duo have recently written a new book titled, From Mathematics to Generic Programming. Earlier this month you had a chance to ask the pair about their book, their work, or programming in general. Below you'll find the answers to those questions."

jones_supa writes: Network World's analysis of publicly listed sponsors of 36 prominent open-source non-profits and foundations reveals that the lion's share of financial support for open-source groups comes from a familiar set of names. Google was the biggest supporter, appearing on the sponsor lists of eight of the 36 groups analyzed. Four companies – Canonical, SUSE, HP and VMware – supported five groups each, and seven others (Nokia, Oracle, Cisco, IBM, Dell, Intel and NEC) supported four. For its part, Red Hat supports three groups (Linux Foundation, Creative Commons and the Open Virtualization Alliance).

It's tough to get more than a general sense of how much money gets contributed to which foundations by which companies – however, the numbers aren't large by the standards of the big contributors. The average annual revenue for the open-source organizations considered in the analysis was $4.36 million, and that number was skewed by the $27 million taken in by the Wikimedia Foundation (whose interests range far beyond OSS development) and the $17 million posted by Linux Foundation.

An anonymous reader writes: It's interesting to look back a decade and see how the tech industry has changed. The mobile phone giants of 10 years ago have all struggled to compete with the smartphone newcomers. Meanwhile, the game console landscape is almost exactly the same. I'm sure few of us predicted Apple's rebirth over the past decade, and many of us thought Microsoft would have fallen a lot further by now. With that in mind, let's make some predictions. What companies aren't going to make it another 10 years? Are Facebook, Twitter, and the other social networking behemoths going to fade as quickly as they arose? What about the heralds of the so-called 'sharing economy,' like Uber? Are IBM and Oracle going to hang on? Along the same lines, what companies do you think will definitely stick around for another decade or more? Post your predictions for all to see. I'll buy you a beer in 10 years if you're right.

angry tapir writes: If you patched your sites against a serious SSL flaw discovered in October you will have to check them again. Researchers have discovered that the POODLE vulnerability also affects implementations of the newer TLS protocol. The POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability allows attackers who manage to intercept traffic between a user's browser and an HTTPS website to decrypt sensitive information, like the user's authentication cookies.

rossgneumann writes: Terry Davis, a schizophrenic programmer, has spent 10 years building an operating system to talk to God. He's done this work because God told him to. According to the TempleOS charter, it is "God's official temple. Just like Solomon's temple, this is a community focal point where offerings are made and God's oracle is consulted." [The TempleOS V2.17 welcome screen] greets the user with a riot of 16-color, scrolling, blinking text; depending on your frame of reference, it might recall DESQview, the Commodore 64, or a host of early DOS-based graphical user interfaces. In style if not in specifics, it evokes a particular era, a time when the then-new concept of "personal computing" necessarily meant programming and tinkering and breaking things.

Sez Zero writes with news about the latest from Amazon Web Services. "Once again Amazon Web Services is taking on Oracle, the kingpin of relational databases, with Aurora, a relational database that is as capable as 'proprietary database engines at 1/10 the cost,' according to AWS SVP Andy Jassy. Amazon is right that customers, even big Oracle customers who hesitate to dump tried-and-true database technology are sick of Oracle’s cost structure and refusal to budge from older licensing models. Still there are very few applications that are more “sticky” than databases, which after typically contains the keys to the kingdom. Financial institutions see their use of Oracle databases as almost a pre-requisite for compliance, although that perception may be changing."

An anonymous reader writes: The EFF, representing a coalition of computer scientists, filed an amicus brief with the Supreme Court yesterday hoping for a ruling that APIs can't be copyrighted. The names backing the brief include Bjarne Stroustrup, Ken Thompson, Guido van Rossum, and many other luminaries. "The brief explains that the freedom to re-implement and extend existing APIs has been the key to competition and progress in both hardware and software development. It made possible the emergence and success of many robust industries we now take for granted—for example, mainframes, PCs, and workstations/servers—by ensuring that competitors could challenge established players and advance the state of the art. The litigation began several years ago when Oracle sued Google over its use of Java APIs in the Android OS. Google wrote its own implementation of the Java APIs, but, in order to allow developers to write their own programs for Android, Google's implementation used the same names, organization, and functionality as the Java APIs."

New submitter puzzled_decoy writes The company I work has decided to get in on this "big data" thing. We are trying to find a good data warehouse system to host and run analytics on, you guessed it, a bunch of data. Right now we are looking into MSSQL, a company called Domo, and Oracle contacted us. Google BigQuery may be another option. At its core, we need to be able to query huge amounts of data in sometimes rather odd ways. We need a strong ETLlayer, and hopefully we can put some nice visual reporting service on top of wherever the data is stored. So, what is your experience with "big data" servers and services? What would you recommend, and what are the pitfalls you've encountered?

An anonymous reader writes Google today announced plans to disable fallback to version 3 of the SSL protocol in Chrome 39, and remove SSL 3.0 completely in Chrome 40. The decision follows the company's disclosure of a serious security vulnerability in SSL 3.0 on October 14, the attack for which it dubbed Padding Oracle On Downgraded Legacy Encryption (POODLE). Following Mozilla's decision on the same day to disable SSL 3.0 by default in Firefox 34, which will be released on November 25, Google has laid out its plans for Chrome. This was expected, given that Google Security Team's Bodo Möller stated at the time: "In the coming months, we hope to remove support for SSL 3.0 completely from our client products."

itwbennett (1594911) writes Oracle, Microsoft and Ask.com are facing suits alleging that they conspired to restrict hiring of staff. The suits appear to refer to a memo that names a large number of companies that allegedly had special arrangements with Google to prevent poaching of staff and was filed as an exhibit on May 17, 2013 in another class action suit over hiring practices. The former employees filing lawsuits against Microsoft, Ask.com and Oracle have asked that the cases be assigned to Judge Koh as there were similarities with the case against Google, Apple and others — and it maybe doesn't hurt that Judge Koh thought the $324.5 million settlement in that case was too low.

lkcl writes: In an open letter to the core developers behind OpenLDAP (Howard Chu) and Python-LMDB (David Wilson) is a story of a successful creation of a high-performance task scheduling engine written (perplexingly) in Python. With only partial optimization allowing tasks to be executed in parallel at a phenomenal rate of 240,000 per second, the choice to use Python-LMDB for the per-task database store based on its benchmarks, as well as its well-researched design criteria, turned out to be the right decision. Part of the success was also due to earlier architectural advice gratefully received here on Slashdot. What is puzzling, though, is that LMDB on Wikipedia is being constantly deleted, despite its "notability" by way of being used in a seriously-long list of prominent software libre projects, which has been, in part, motivated by the Oracle-driven BerkeleyDB license change. It would appear that the original complaint about notability came from an Oracle employee as well.

mask.of.sanity writes: Oracle could have saved mountains of cash and bad press if Click-to-Play was enabled before Java was hosed by an armada of zero day vulnerabilities, Adobe security boss Brad Arkin says. The simple fix introduced into browsers over the last year stopped the then zero day blitzkrieg in its tracks by forcing users to click a button to enable Java.

jfruh writes: It used to be that you could get an Oracle database certification and declare yourself Oracle-certified for the rest of your career. That time is now over, causing a certain amount of consternation among DBAs. On the one hand, it makes sense that someone who's only been certified on a decade-old version of the product should need to prove they've updated their skills. On the other, Oracle charges for certification and will definitely profit from this shift."

Florian Mueller is a blogger, software developer and former consultant who writes about software patents and copyright issues on his FOSSPatents blog. In 2004 he founded the NoSoftwarePatents campaign, and has written about Microsoft's multi-billion-dollar Android patent licensing business and Google's appeal of Oracle's Android-Java copyright case to the Supreme Court. Florian has agreed to give us some of his time in order to answer your questions. As usual, ask as many as you'd like, but please, one per post.

whoever57 writes Google has asked the Supreme Court to review the issue of whether APIs can be copyrighted. Google beat Oracle in the trial court, where a judge with a software background ruled that APIs could not be copyrighted. but the Appeals court sided with Oracle, ruling that APIs can be copyrighted. Now Google is asking the Supreme Court to overturn that decision. (Also of interest.)

judgecorp writes: Surprisingly, critical applications still rely on old platforms, although legacy hardware is on its last legs. Swiss emulation expert Stromasys is offering emulation in the cloud for old hardware using a tool cheekily named after Charon, the ferryman to the afterlife. Systems covered include the Vax and PDP/11 platforms from Digital Equipment (which was swallowed by Compaq and then HP) as well as Digital's Alpha RISC systems, and HP's HP3000. It also offers Sparc emulation, although Oracle might dispute the need for this.

mrspoonsi writes Oracle founder Larry Ellison is stepping down as CEO. He will be replaced by two executives. Former Oracle presidents Safra Catz and Mark Hurd will be co-CEOs. Ellison will be the Executive Chairman of Oracle's Board, and the company's CTO. Oracle's shares are off by 3% on the news. "Larry has made it very clear that he wants to keep working full time and focus his energy on product engineering, technology development and strategy," said the Oracle Board's Presiding Director, Dr. Michael Boskin.