OtaSoft

Red Hat, which says it has always supported Sun’s attempts to build an open source community around Java, has made its support a little more official by signing Sun’s contributor agreement that covers participation in all Sun-led open source projects by all Red Hat engineers.

This goes to show that the father of Java, James Gosling, was being a little pessimistic when I interviewed him back in March this year: he said that the open sourcing of Java would make little difference to the range and depth of people helping to support its ecosystem because it was already a community process before it was open sourced.

Red Hat has also signed Sun’s OpenJDK Community TCK License Agreement. “This agreement gives the company access to the test suite that determines whether an implementation of the Java Platform Standard Edition (Java SE) platform that is derived from the OpenJDK project complies with the Java SE 6 specification,” the firm noted.

Original post by Jason Stamper and software by Elliott Back

IT security specialists Global Secure Systems (GSS) have warned Apple Mac users to revisit their IT security software and manually update it, following the arrival of the first serious Trojan Horse for the Apple Mac.

GSS’ warning comes as Intego, an Austin, Texas-based Mac security firm, has reported the first serious Trojan to affect the Apple Mac platform.

Original post by Jason Stamper and software by Elliott Back

Microsoft’s admission of defeat in its nine-year long anti-trust battle with the European Commission has met with mixed responses from the open source community.

On Monday, Microsoft agreed with Commission’s 2004 ruling that it was abusing its dominance in the market in the workgroup server market and would not appeal against a further European Union court ruling in September, which upheld the Commission’s findings.

Microsoft had been accused of overcharging and making unavailable the documentation and code companies needed to create server products that could interoperate with Windows servers and desktops.

John Newton, CTO and chairman of Alfresco saw the Microsoft move as a small step in the right direction. “By open sourcing even a very small part of its product set, Microsoft has taken an important step towards creating an open environment in which end users can freely choose between software rather than being railroaded into the most costly one,” he said.

While Neelie Kroes, European commissioner for competition policy, called this “a victory for the consumer”, she also voiced concern at the time it had taken for Microsoft to capitulate.

“It is regrettable that Microsoft has only complied after a considerable delay, two court decisions and the imposition of daily penalty payments,” she said.
Open source developers will now pay a one-off $14,300 fee, rather than a revenue percentage creamed off sales of any software developed as a result. For those that do choose to license the patents, the fee has been dropped substantially from 5.95% to 0.4%.
But for some the cost is still too great. “The price to pay to obtain the specifications to the Windows protocol that Microsoft is supposed to share is ridiculously high for open source developers,” said Stefane Fermigier, CEO of open source enterprise content management Nuxeo.
While companies the size of Nuxeo can easily afford the fee, students or developers starting out in the open source world (like the young Linus Torvalds) would struggle to make such payments, he argued.
However contrite Microsoft may appear now, it could not make up for nine-years of lost competition.
“It’s good to see Microsoft finally admit that they have behaved in a non-competitive way. But in the meantime, they’ve used these unlawful practices to undermine many competitors, and short-change customers by stifling competition and innovation. Nobody is going to be compensated for this, as far as I know,” he said.

Linux powerhouse Red Hat was waiting to see how the dust settles on Microsoft’s moves, but was still worried about patents. “Our enthusiasm is somewhat tempered, however, by concerns that the patent arrangements may have not been made compatible with open source licensing, especially given the pro-competitive effects to consumers of the open source model,” said Michael Cunningham, executive vp and general counsel at Red Hat.

According to David Mitchell, senior vice president of IT research at analyst firm Ovum, yesterday’s announcement could have little real effect on the market and was the kind of victory that enabled both sides to save face.

“The market will carry on, largely unchanged, after yesterday’s announcement. Companies who were developing products will still continue to develop those products. Companies who had previously rejected the Microsoft-related development route will still reject it,” said Mitchell.

Original post by Janine and software by Elliott Back

Anyone heard of Nuxeo before? New to me, I must confess. Apparently an open source enterprise content management player. Anyway it’s just announced version 5.1 of its open source ECM platform with a focus on SOA, scalability, and support.

Original post by Jason Stamper and software by Elliott Back

Complementing its Rich Client Platform (RCP), the Eclipse Foundation is now releasing version 1.0 of the server counterpart, the Rich Application Platform (RAP). It’s a Java-based platform that enables Java developers to work in Java, rather than JavaScript, to develop server-based rich browser clients.

Original post by Jason Stamper and software by Elliott Back

Vietnam’s Communist Party has found an appropriate solution to its rampant software piracy problem: use open source.

More than 90% of all Vietnam’s software is counterfeit, leaving Microsoft, among others, with a massive dent in potential profits and making the software giant ramp up efforts to tackle piracy. But the Communist party has found its own neat solution, reported a local English news service, which will please everyone but Microsoft: ditch Microsoft Office and replace it with the free OpenOffice.

Original post by Janine and software by Elliott Back

Red Hat and Novell have been hit with the first patent-infringement lawsuit against Linux. Red Hat’s Linux system and Novell’s SuSe Linux Enterprise Desktop and Enterprise Server allegedly infringe on three patents relating to user interfaces within multiple windows, according to the suit filed by two US patent houses.

Enterprise users of these products are protected by indemnification clauses in their contracts that should shield them from intellectual-property litigation.

Novell spokesperson Bruce Lowry said the company was assessing the lawsuit. “Obviously, we’ll defend our interests,” he said. “But it’s too early at this stage to talk about specifics on this case, including whether there might be a role for a joint approach with Red Hat.”

The suit jointly filed by Texas-based IP Innovation and Nevada-based Technology Licensing Corp. They are seeking unspecified damages and royalty fees.

According to the Patent Troll Tracker blog, IP Innovation is a subsidiary of Acacia, which has been aggressively enforcing streaming media patents against small webmasters and others. Acacia has been accused of being a patent troll, which is a company that does not make or sell any products but files aggressive patent lawsuits against those that do.

Coincidentally, Novell in May joined the Electronic Frontier Foundation’s “Patent Busting” initiative that aims to invalidate bogus US patents by seeking out evidence of prior art — earlier inventions that preclude patentability. The program was launched in response to companies like Acacia Research, which has filed 213 different patent lawsuits via 36 separate subsidiaries, according to Patent Troll Tracker.

Ironically, in late August Acacia’s Disc Link subsidiary announced a license deal with Novell covering its patents related to portable storage devices with links.

The three US patents in the Linux suit are entitled “User Interface with Multiple Workspaces for Sharing Display System Objects.” They were issued in late-1991, early-1995 and mid-1996. The first was initially granted to Xerox and then sold to IP Innovation.

Original post by Jason Stamper and software by Elliott Back

Lots of interesting things are happening
with the various efforts to eliminate or counter software vulnerabilities.
The
Software Security Assurance (SwA) State-of-the-Art Report (SOAR)
tries to list what’s going on, especially in things related to the
U.S. government.
As with any such document, it’s incomplete, and it’s only a snapshot
(things keep changing!).
But if you haven’t been following this world, and want to know
“what’s going on”, it’s the best place I know of to start.
Of course, you can also look at sites such as the

U.S. DHS / CERT “build security in” site.

The U.S. National Vulnerability Database
tracks specific vulnerabilities in specific products; they identify each
vulnerability using the unique id defined by
Common Vulnerabilities and Exposures (CVE).
But if the world is going to prevent these kinds of
vulnerabilities from happening in the future, we need to categorize them
in a way that everyone agrees what the categories are.
Informally, there are lots of ways to categorize them, but their meanings
differ between people.
That’s a real problem when comparing tools; different tools find different
problems, but without agreed-on terminology, it’s hard to even describe
their differences.
MITRE is currently developing a way to categorize all vulnerabilities in
a way that everyone can agree on, called
Common Weakness Enumeration (CWE).
The U.S. National Vulnerability Database and MITRE have worked out a
set of CWEs that they will use to
categorize vulnerabilities.
The CWE is still being developed, but at least some common terminology
is getting worked out.

Original post by David A. Wheeler’s Blog and software by Elliott Back

Locating the right open source product just got a hell of lot easier thanks to OpenLogic, which has launched a free website, OLEX, where you can research and download oven-ready open source packages…

Original post by Jason Stamper and software by Elliott Back

Red Hat has pulled out of the bag some glowingly healthy financial results, as Linux sales continue to flourish.

Subscriptions to Linux software peaked at $109.2m for the second quarter, up 29% over the same period last year. Overall, the company reported revenues of $127.3m, up 28% on last year and 7% on the previous quarter. But it’s not all good news…

Original post by Jason Stamper and software by Elliott Back