For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×
Google

SCOTUS Denies Google's Request To Appeal Oracle API Case 174 174

New submitter Neil_Brown writes: The Supreme Court of the United States has today denied Google's request to appeal against the Court of Appeals for the Federal Circuit's ruling (PDF) that the structure, sequence and organization of 37 of Oracle's APIs (application program interfaces) was capable of copyright protection. The case is not over, as Google can now seek to argue that, despite the APIs being restricted by copyright, its handling amounts to "fair use". Professor Pamela Samuelson has previously commented (PDF) on the implications if SCOTUS declined to hear the appeal. The Verge reports: "A district court ruled in Google's favor back in 2012, calling the API "a utilitarian and functional set of symbols" that couldn't be tied up by copyrights. Last May, a federal appeals court overturned that ruling by calling the Java API copyrightable. However, the court said that Google could still have lawfully used the APIs under fair use, sending the case back to a lower court to argue the issue. That's where Google will have to go next, now that the Supreme Court has declined to hear the issue over copyright itself.
Yahoo!

The Next Java Update Could Make Yahoo Your Default Search Provider 328 328

itwbennett writes: At the company's shareholder meeting on Wednesday, Yahoo CEO Marissa Mayer announced a partnership with Oracle that could result in Yahoo becoming your default search provider in your browser. Starting this month, when users are prompted to update to the next version of Java, they'll be asked to make Yahoo their default search engine on Chrome (and Internet Explorer, for what it's worth). And, according to a Wall Street Journal report, the button will be checked by default, so if you aren't looking out for it, you might unwittingly find yourself a Yahoo user.
Businesses

US Navy Solicits Zero Days 59 59

msm1267 writes: The US Navy posted a RFP, which has since removed from FedBizOpps.gov, soliciting contractors to share vulnerability intelligence and develop zero day exploits for most of the leading commercial IT software vendors. The Navy said it was looking for vulnerabilities, exploit reports and operational exploit binaries for commercial software, including but not limited to Microsoft, Adobe, [Oracle] Java, EMC, Novell, IBM, Android, Apple, Cisco IOS, Linksys WRT and Linux, among others. The RFP seemed to indicate that the Navy was not only looking for offensive capabilities, but also wanted use the exploits to test internal defenses.The request, however, does require the contractor to develop exploits for future released CVEs. "Binaries must support configurable, custom, and/or government owned/provided payloads and suppress known network signatures from proof of concept code that may be found in the wild," the RFP said.
Privacy

Police Scanning Every Face At UK Download Festival 134 134

AmiMoJo writes: Leicestershire Police have announced that they will be scanning every face at the popular UK Download music festival. The announcement article on Police Oracle (paywalled) reads, "the strategically placed cameras will scan faces at the Download Festival site in Donington before comparing it with a database of custody images from across Europe." The stated goal is to catch mobile phone thieves. Last year only 91 of the 120,000 visitors to the festival were arrested, and it isn't clear if the data will be deleted once checked against the database. The linked article provides at least one image of a costume that would probably trip up any facial recognition technology yet devised.
Java

Supreme Court May Decide the Fate of APIs (But Also Klingonese and Dothraki) 210 210

New submitter nerdpocalypse writes: In a larger battle than even Godzilla v. Mothra, Google v. Oracle threatens not only Japan but the entire nerd world. What is at stake is how a language can be [copyrighted]. This affects not just programming languages, APIs, and everything that runs ... well ... everything, but also the copyright status of new languages such as Klingon and Dothraki.
Government

US Justice Department Urges Supreme Court Not To Take Up Google v. Oracle 223 223

New submitter Areyoukiddingme writes: The Solicitor General of the Justice Department has filed a response to the US Supreme Court's solicitation of advice regarding the Google vs. Oracle ruling and subsequent overturning by the Federal Circuit. The response recommends that the Federal Circuit ruling stand, allowing Oracle to retain copyright to the Java API.
Java

The Reason For Java's Staying Power: It's Easy To Read 414 414

jfruh writes: Java made its public debut twenty years ago today, and despite a sometimes bumpy history that features its parent company being absorbed by Oracle, it's still widely used. Mark Reinhold, chief architect for the Oracle's Java platform group, offers one explanation for its continuing popularity: it's easy for humans to understand it at a glance. "It is pretty easy to read Java code and figure out what it means. There aren't a lot of obscure gotchas in the language ... Most of the cost of maintaining any body of code over time is in maintenance, not in initial creation."
Microsoft

Windows Remains Vulnerable To Serious 18-Year-Old SMB Security Flaw 171 171

Mark Wilson writes A serious security hole leaves millions of Windows users open to attack, making it possible to extract encrypted credentials from a target machine. Researchers at Cylance say the problem affects "any Windows PC, tablet or server" (including Windows 10) and is a slight progression of the Redirect to SMB attack discovered by Aaron Spangler way back in 1997. Redirect to SMB is essentially a man-in-the-middle attack which involves taking control of a network connection. As the name suggests, victims are then redirected to a malicious SMB server which can extract usernames, domains and passwords. Cylance also reports that software from companies such as Adobe, Oracle and Symantec — including security and antivirus tools — are affected.
Oracle

Oracle Sues 5 Oregon Officials For 'Improper Influence' 83 83

SpzToid writes: Following up on an earlier Slashdot story, the Oracle Corporation has filed a rather timely suit against five of former governor John Kitzhaber's staff for their "improper influence" in the decision to shutter the Cover Oregon healthcare website, while blaming Oracle to defuse the political consequences. Oracle argues the website was ready to go before the state decided to switch to the federal exchange in April.

"The work on the exchange was complete by February 2014, but going live with the website and providing a means for all Oregonians to sign up for health insurance coverage didn't match the former-Governor's re-election strategy to 'go after' Oracle," Oracle spokeswoman Deborah Hellinger said in a statement.

Kitzhaber resigned last week amid criminal probes into an influence-peddling scandal involving allegations that his fiancée used her position in his office for personal gain.
Sun Microsystems

Five Years After the Sun Merger, Oracle Says It's Fully Committed To SPARC 190 190

jfruh (300774) writes "Sun Microsystems vanished into Oracle's maw five years ago this month, and you could be forgiven for thinking that some iconic Sun products, like SPARC chips, had been cast aside in the merger. But Oracle claims that the SPARC roadmap is moving forward more quickly than it did under Sun, and while the number of SPARC systems sold has dropped dramatically (from 66,000 in Q1 '03 to 7,000 in Q1 '14), the systems that are being sold are fully customized and much more profitable for the company."
Open Source

Live Patching Now Available For Linux 117 117

New submitter cyranix writes "You may never have to reboot your Linux machine ever again, even for kernel patching," and excerpts from the long (and nicely human-readable) description of newly merged kernel code that does what Ksplice has for quite a while (namely, offer live updating for Linux systems, no downtime required), but without Oracle's control. It provides a basic infrastructure for function "live patching" (i.e. code redirection), including API for kernel modules containing the actual patches, and API/ABI for userspace to be able to operate on the patches (look up what patches are applied, enable/disable them, etc). It's relatively simple and minimalistic, as it's making use of existing kernel infrastructure (namely ftrace) as much as possible. It's also self-contained, in a sense that it doesn't hook itself in any other kernel subsystem (it doesn't even touch any other code). It's now implemented for x86 only as a reference architecture, but support for powerpc, s390 and arm is already in the works (adding arch-specific support basically boils down to teaching ftrace about regs-saving).
Oracle

VirtualBox Development At a Standstill 288 288

jones_supa writes: Phoronix notes how it has been a long time since last hearing of any major innovations or improvements to VirtualBox, the virtual machine software managed by Oracle. This comes while VMware is improving its products on all platforms, and KVM, Xen, Virt-Manager, and related Linux virtualization technologies continue to advance as well. Is there any hope left for a revitalized VirtualBox? It has been said that there are only four paid developers left on the VirtualBox team at the company, which is not enough manpower to significantly advance such a complex piece of software. The v4.3 series has been receiving some maintenance updates during the last two years, but that's about it.
Oracle

Oracle Releases Massive Security Update 79 79

wiredmikey writes Oracle has pushed out a massive security update, including critical fixes for Java SE and the Oracle Sun Systems Products Suite. Overall, the update contains nearly 170 new security vulnerability fixes, including 36 for Oracle Fusion Middleware. Twenty-eight of these may be remotely exploitable without authentication and can possibly be exploited over a network without the need for a username and password.
Programming

Interviews: Alexander Stepanov and Daniel E. Rose Answer Your Questions 42 42

samzenpus (5) writes "Alexander Stepanov is an award winning programmer who designed the C++ Standard Template Library. Daniel E. Rose is a programmer, research scientist, and is the Chief Scientist for Search at A9.com. In addition to working together, the duo have recently written a new book titled, From Mathematics to Generic Programming. Earlier this month you had a chance to ask the pair about their book, their work, or programming in general. Below you'll find the answers to those questions."
Open Source

Big Names Dominate Open Source Funding 32 32

jones_supa writes: Network World's analysis of publicly listed sponsors of 36 prominent open-source non-profits and foundations reveals that the lion's share of financial support for open-source groups comes from a familiar set of names. Google was the biggest supporter, appearing on the sponsor lists of eight of the 36 groups analyzed. Four companies – Canonical, SUSE, HP and VMware – supported five groups each, and seven others (Nokia, Oracle, Cisco, IBM, Dell, Intel and NEC) supported four. For its part, Red Hat supports three groups (Linux Foundation, Creative Commons and the Open Virtualization Alliance).

It's tough to get more than a general sense of how much money gets contributed to which foundations by which companies – however, the numbers aren't large by the standards of the big contributors. The average annual revenue for the open-source organizations considered in the analysis was $4.36 million, and that number was skewed by the $27 million taken in by the Wikimedia Foundation (whose interests range far beyond OSS development) and the $17 million posted by Linux Foundation.
Technology

Ask Slashdot: What Tech Companies Won't Be Around In 10 Years? 332 332

An anonymous reader writes: It's interesting to look back a decade and see how the tech industry has changed. The mobile phone giants of 10 years ago have all struggled to compete with the smartphone newcomers. Meanwhile, the game console landscape is almost exactly the same. I'm sure few of us predicted Apple's rebirth over the past decade, and many of us thought Microsoft would have fallen a lot further by now. With that in mind, let's make some predictions. What companies aren't going to make it another 10 years? Are Facebook, Twitter, and the other social networking behemoths going to fade as quickly as they arose? What about the heralds of the so-called 'sharing economy,' like Uber? Are IBM and Oracle going to hang on? Along the same lines, what companies do you think will definitely stick around for another decade or more? Post your predictions for all to see. I'll buy you a beer in 10 years if you're right.
Security

POODLE Flaw Returns, This Time Hitting TLS Protocol 54 54

angry tapir writes: If you patched your sites against a serious SSL flaw discovered in October you will have to check them again. Researchers have discovered that the POODLE vulnerability also affects implementations of the newer TLS protocol. The POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability allows attackers who manage to intercept traffic between a user's browser and an HTTPS website to decrypt sensitive information, like the user's authentication cookies.
Operating Systems

The Schizophrenic Programmer Who Built an OS To Talk To God 452 452

rossgneumann writes: Terry Davis, a schizophrenic programmer, has spent 10 years building an operating system to talk to God. He's done this work because God told him to. According to the TempleOS charter, it is "God's official temple. Just like Solomon's temple, this is a community focal point where offerings are made and God's oracle is consulted." [The TempleOS V2.17 welcome screen] greets the user with a riot of 16-color, scrolling, blinking text; depending on your frame of reference, it might recall DESQview, the Commodore 64, or a host of early DOS-based graphical user interfaces. In style if not in specifics, it evokes a particular era, a time when the then-new concept of "personal computing" necessarily meant programming and tinkering and breaking things.
Cloud

Amazon Goes After Oracle (Again) With New Aurora Database 102 102

Sez Zero writes with news about the latest from Amazon Web Services. "Once again Amazon Web Services is taking on Oracle, the kingpin of relational databases, with Aurora, a relational database that is as capable as 'proprietary database engines at 1/10 the cost,' according to AWS SVP Andy Jassy. Amazon is right that customers, even big Oracle customers who hesitate to dump tried-and-true database technology are sick of Oracle’s cost structure and refusal to budge from older licensing models. Still there are very few applications that are more “sticky” than databases, which after typically contains the keys to the kingdom. Financial institutions see their use of Oracle databases as almost a pre-requisite for compliance, although that perception may be changing."
Electronic Frontier Foundation

Computer Scientists Ask Supreme Court To Rule APIs Can't Be Copyrighted 260 260

An anonymous reader writes: The EFF, representing a coalition of computer scientists, filed an amicus brief with the Supreme Court yesterday hoping for a ruling that APIs can't be copyrighted. The names backing the brief include Bjarne Stroustrup, Ken Thompson, Guido van Rossum, and many other luminaries. "The brief explains that the freedom to re-implement and extend existing APIs has been the key to competition and progress in both hardware and software development. It made possible the emergence and success of many robust industries we now take for granted—for example, mainframes, PCs, and workstations/servers—by ensuring that competitors could challenge established players and advance the state of the art. The litigation began several years ago when Oracle sued Google over its use of Java APIs in the Android OS. Google wrote its own implementation of the Java APIs, but, in order to allow developers to write their own programs for Android, Google's implementation used the same names, organization, and functionality as the Java APIs."