First time accepted submitter bobthesungeek76036 writes "On March 26th, Larry Ellison and always with fashionable haircut John Fowler announced the new line of SPARC servers from Oracle. Touted as the fastest microprocessor in the world, they put up some impressive SPEC numbers against much more expensive (and older) IBM hardware. Is the industry still interested in SPARC or is it too late for Larry to regain the server market that Sun Microsystems had many moons ago?" El Reg has a pretty good overview of the new hardware; the T5 certainly looks interesting for highly threaded work loads (there's some massive SMT going on with 16 threads per core), but with Intel dominating for single-threaded performance and ARM-based servers becoming available squeezing them for massive multi-threading, is there really any hope in Oracle's efforts to stay in the hardware game?

An anonymous reader writes "Seven weeks ago, Dell announced a definitive agreement to be taken private by a group led by founder and CEO Michael Dell and the private equity firm Silver Lake Partners, assisted by a $2 billion loan from Microsoft and debt financing from a group of big banks. The deal was valued at $24.4 billion ($13.65 per share of Dell common stock), but allowed for a 45-day "go shop" period for alternative bids to be submitted to a special committee of Dell's board. Not all large shareholders were happy with the price, and early this month billionaire investor Carl Icahn threatened to tie up the buyout in court unless a large special dividend was paid to shareholders — without showing interest in buying the company himself. More recently, the private equity firm Blackstone Group jumped into the fray, and by Friday night's deadline both Blackstone and Icahn had submitted bids for Dell exceeding the original $13.65 per share agreement. Blackstone is said to be interested in installing Oracle's Mark Hurd as CEO, replacing Michael Dell. As Hurd was fired as Hewlett Packard's CEO in 2010 for alleged sexual misconduct involving an outside consultant named Jodie Fisher, he might have difficulty landing another CEO job at a publicly traded company; the Dell position could be an intriguing fit for both sides."

An anonymous reader writes "After running uninterrupted for 3737 days, this humble Sun 280R server running Solaris 9 was shut down. At the time of making the video it was idle, the last service it had was removed sometime last year. A tribute video was made with some feelings about Sun, Solaris, the walk to the data center and freeing a machine from internet-slavery."

mask.of.sanity writes "Annual Canadian hack fest Pwn2Own is famous for leaving a trail of bloodied software bits and today it did not disappoint. Security researchers tore holes through all major web browsers, breaking Windows 8 and Java, too (though the latter feat is not remarkable). Thankfully for the rest of us, the cashed-up winners will disclose the holes quietly to Microsoft, Mozilla, Google and Oracle, and the proof of concept attack code will remain in the hands of organisers only."

msm1267 writes "Oracle has once again released an emergency Java update to patch zero-day vulnerabilities in the browser plug-in, the fifth time it has updated the platform this year. Today's update patches CVE-2013-1493 and CVE-2013-0809, the former was discovered last week being exploited in the wild for Java 6 update 41 through Java 7 update 15. The vulnerability allows for arbitrary memory execution in the Java virtual machine process; attackers exploiting the flaw were able to download the McRAT remote access Trojan."

An anonymous reader writes "Here we go again. A new Java 0-day vulnerability is being exploited in the wild. If you use Java, you can either uninstall/disable the plugin to protect your computer or set your security settings to 'High' and attempt to avoid executing malicious applets. This latest flaw was first discovered by security firm FireEye, which says it has already been used 'to attack multiple customers.' The company has found that the flaw can be exploited successfully in browsers that have Java v1.6 Update 41 or Java v1.7 Update 15 installed, the latest versions of Oracle's plugin."

sl4shd0rk writes "In 2012, Oracle took Google to court over the use of Java in Android. Judge William Alsup brought the ruling that the structure of APIs could not be copyrighted at all. Emerging from the proceedings, it was learned that Alsup himself had some programming background and wasn't bedazzled by Oracle's thin arguments on the range-checking function. The ruling came, programmers rejoiced and Oracle vowed Appeal. It seems that time is coming now, nearly a year later, as Microsoft, BSA, EMC, Netapp, et al. get behind Oracle to overturn Alsup's ruling citing 'destabilization' of the 'entire software industry.'"

snydeq writes "Apple was recently attacked by hackers who infected the Macintosh computers of some employees, the company said on Tuesday in an unprecedented disclosure that described the widest known cyber attacks against Apple-made computers to date, Reuters reports. 'The same software, which infected Macs by exploiting a flaw in a version of Oracle Corp's Java software used as a plug-in on Web browsers, was used to launch attacks against Facebook, which the social network disclosed on Friday. ... A person briefed on the investigation into the attacks said that hundreds of companies, including defense contractors, had been infected with the same malicious software, or malware. The attacks mark the highest-profile cyber attacks to date on businesses running Mac computers.'"

Trailrunner7 writes "Laptops belonging to several Facebook employees were compromised recently and infected with malware that the company said was installed through the use of a Java zero-day exploit that bypassed the software's sandbox. Facebook claims that no user data was affected by the attack and says that it has been working with law enforcement to investigate the attack, which also affected other unnamed companies. Facebook officials did not identify the specific kind of malware that the attackers installed on the compromised laptops, but said that the employee's machines were infected when they visited a mobile developer Web site that was hosting the Java exploit. When the employees visited the site, the exploit attacked a zero-day vulnerability in Java that was able to bypass the software's sandbox and enable the attackers to install malware. The company said it reported the vulnerability to Oracle, which then patched the Java bug on Feb. 1."

hypnosec writes "Oracle is going to open source JavaFX ports for Android and iOS soon as a part of its efforts to open source the framework. JavaFX, destined to replace Swing GUI library as the default method to develop graphical user interfaces, is a framework used to develop cross-platform rich Internet applications. The ports for iOS and Android are based on an 'unreleased version of JavaSE Embedded for iOS/Android.' Oracle's Richard Bair revealed that the 'first bits and pieces' for JavaFX for iOS should probably be out sometime next week. The rest of the release will be scheduled along with the release of Prism (the next-generation toolkit). Oracle is going to keep javafx-font proprietary, but Bair has said developers are already working toward an open source native replacement of the component through the OpenJFX list."

First time accepted submitter jsmyth writes "MySQL 5.6.10 has been released, marking the General Availability of version 5.6 for production." Here's more on the features of 5.6. Of possible interest to MySQL users, too, is this look at how MySQL spinoff MariaDB (from Monty, one of the three creators of MySQL) is making inroads into the MySQL market, including (as we've mentioned before) as default database system in some Linux distributions.

An anonymous reader writes in with news of the continuing saga of Java patches and exploits. "If you're a Mac user who suddenly can't access websites or run applications that rely on Java, you're not alone. For the second time in a month, Apple has silently blocked the latest version of Java 7 from running on OS X 10.6 Snow Leopard or higher via its XProtect anti-malware tool. Apple hasn't issued any official statements advising users of the change or its reasons, but it's a safe bet that the company has deemed Oracle's most recent update to Java insecure. That's why the company stealthily disabled Java on Macs back on Jan. 10, the same day a Java vulnerability was being exploited in the wild."

theodp writes "Earlier this week, hackers gained access to Twitter's internal systems and stole information, compromising 250,000 Twitter accounts before the breach was stopped. Reporting the incident on the company's official blog, Twitter's manager of network security did not specify the method by which hackers penetrated its system, but mentioned vulnerabilities related to Java in Safari and Firefox, and echoed Homeland Security's advisory that users disable Java in their browsers. Sure, blame everything on Larry Ellison. Looks like bad things do happen in threes — Twitter's report comes on the heels of disclosures of hacking attacks on the WSJ and NY Times."

darthcamaro writes "Oracle has been slammed a lot in recent months about its lackluster handling of Java security. Now Oracle is responding as strongly as it can with one of the largest Java security updates in history. 50 flaws in total with the vast majority carrying the highest-possible CVSS score of 10."

An anonymous reader writes in with news that IBM's Jeopardy winning supercomputer is going back to school"A modified version of the powerful IBM Watson computer system, able to understand natural spoken language and answer complex questions, will be provided to Rensselaer Polytechnic Institute in New York, making it the first university to receive such a system. IBM announced Wednesday that the Watson system is intended to enable upstate New York-based RPI to find new uses for Watson and deepen the systems' cognitive computing capabilities - for example by broadening the volume, types, and sources of data Watson can draw upon to answer questions."

crankyspice writes "Having recently picked up the Erector set I've wanted since I was a kid, I quickly found myself wanting to plunge deeper into makerspace by adding more sophisticated electronics to moving devices (rovers, maybe eventually flying bots). My first instinct was Arduino (maybe because of brand recognition?), but that got me thinking — what's the 'best' platform out there (most flexible)? Arduino with its myriad options (Nano, Mega, Uno, Mini)? PICAXE? BASIC Stamp? Raspberry Pi? (The latter seems like it would easily be the most flexible, but at greater cost in terms of weight and complexity.) I'm a hobbyist programmer, having learned C and C++ in college and recently re-learning Java (took and passed the Oracle Certified Professional exam, FWIW)..."

Jeremiah Cornelius writes "Blogger Adam Howard at Port3000 has a post about Google's exposure of thousands of publicly accessible printers. 'A quick, well crafted Google search returns "About 86,800 results" for publicly accessible HP printers.' He continues, 'There's something interesting about being able to print to a random location around the world, with no idea of the consequence.' He also warns about these printers as a possible beachhead for deeper network intrusion and exploitation. With many of the HP printers in question containing a web listener and a highly vulnerable and unpatched JVM, I agree that this is not an exotic idea. In the meanwhile? I have an important memo for all Starbucks employees."

theodp writes "There's a funny thing about the estimated $1.7 trillion that American companies say they have indefinitely invested overseas,' reports the WSJ's Kate Linebaugh (reg. or the old Google trick). 'A lot of it is actually sitting right here at home.' And if tech companies like Google and Microsoft want to keep more than three-quarters of the cash owned by their foreign subsidiaries at U.S. banks, held in U.S. dollars or parked in U.S. government and corporate securities, Linebaugh explains, this money is still overseas in the eyes of the IRS and isn't taxed as long as it doesn't flow back to the U.S. parent company. Helping corporations avoid the need to tap their foreign-held cash are low interest rates at home, which have allowed U.S. companies to borrow cheaply. Oracle, for instance, raised $5 billion last year, paying an interest rate roughly two-thirds of a percentage point above the low post-crash Treasury yield, about 2.5% at the time (by contrast, grad students and parents pay 6.8%-7.9% for Federal student loans). Were the funds it manages to keep in the hands of its foreign subsidiaries brought home and subjected to U.S. income tax, Oracle estimated it could owe Uncle Sam about $6.3 billion."

An anonymous reader writes "Red Hat developers are planning to replace MySQL with MariaDB in Fedora 19. For the next Fedora update, the MariaDB fork would replace MySQL and the official MySQL package would be discontinued after some time. The reasoning for this move is the uncertainty about Oracle's support of MySQL as an open-source project and moves to make the database more closed." Update: 01/22 13:47 GMT by T : Note: "Nixing" may be a bit strong; this move has been proposed, but is not yet officially decided.

msm1267 writes "Oracle's long security nightmare with Java just gets worse. A post to Full Disclosure this morning from a security researcher indicated that two new sandbox bypass vulnerabilities have been discovered and reported to Oracle, along with working exploit code. Oracle released Java 7u11 last Sunday and said it fixed a pair of vulnerabilities being exploited by all the major exploit kits. Turns out one of those two bugs wasn't completely patched. Today's bugs are apparently not related to the previous security issues."