Forgot your password?
typodupeerror

Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

Microsoft

Microsoft, Ask.com, Oracle Latest To Be Sued Over No-Poach Deal 47

Posted by timothy
from the all-in-the-same-gang-but-mostly-west-coast dept.
itwbennett (1594911) writes Oracle, Microsoft and Ask.com are facing suits alleging that they conspired to restrict hiring of staff. The suits appear to refer to a memo that names a large number of companies that allegedly had special arrangements with Google to prevent poaching of staff and was filed as an exhibit on May 17, 2013 in another class action suit over hiring practices. The former employees filing lawsuits against Microsoft, Ask.com and Oracle have asked that the cases be assigned to Judge Koh as there were similarities with the case against Google, Apple and others — and it maybe doesn't hurt that Judge Koh thought the $324.5 million settlement in that case was too low.
Databases

Python-LMDB In a High-Performance Environment 98

Posted by Soulskill
from the fast-enough-to-cause-drama dept.
lkcl writes: In an open letter to the core developers behind OpenLDAP (Howard Chu) and Python-LMDB (David Wilson) is a story of a successful creation of a high-performance task scheduling engine written (perplexingly) in Python. With only partial optimization allowing tasks to be executed in parallel at a phenomenal rate of 240,000 per second, the choice to use Python-LMDB for the per-task database store based on its benchmarks, as well as its well-researched design criteria, turned out to be the right decision. Part of the success was also due to earlier architectural advice gratefully received here on Slashdot. What is puzzling, though, is that LMDB on Wikipedia is being constantly deleted, despite its "notability" by way of being used in a seriously-long list of prominent software libre projects, which has been, in part, motivated by the Oracle-driven BerkeleyDB license change. It would appear that the original complaint about notability came from an Oracle employee as well.
Java

Adobe: Click-to-Play Would Have Avoided Flood of Java Zero-days 111

Posted by Soulskill
from the of-pots-and-kettles dept.
mask.of.sanity writes: Oracle could have saved mountains of cash and bad press if Click-to-Play was enabled before Java was hosed by an armada of zero day vulnerabilities, Adobe security boss Brad Arkin says. The simple fix introduced into browsers over the last year stopped the then zero day blitzkrieg in its tracks by forcing users to click a button to enable Java.
Oracle

Oracle Database Certifications Are No Longer Permanent 108

Posted by Soulskill
from the you're-now-allowed-to-forget-things dept.
jfruh writes: It used to be that you could get an Oracle database certification and declare yourself Oracle-certified for the rest of your career. That time is now over, causing a certain amount of consternation among DBAs. On the one hand, it makes sense that someone who's only been certified on a decade-old version of the product should need to prove they've updated their skills. On the other, Oracle charges for certification and will definitely profit from this shift."
Patents

Interviews: Ask Florian Mueller About Software Patents and Copyrights 187

Posted by samzenpus
from the go-ahead-and-ask dept.
Florian Mueller is a blogger, software developer and former consultant who writes about software patents and copyright issues on his FOSSPatents blog. In 2004 he founded the NoSoftwarePatents campaign, and has written about Microsoft's multi-billion-dollar Android patent licensing business and Google's appeal of Oracle's Android-Java copyright case to the Supreme Court. Florian has agreed to give us some of his time in order to answer your questions. As usual, ask as many as you'd like, but please, one per post.
Google

Google Takes the Fight With Oracle To the Supreme Court 146

Posted by timothy
from the by-the-power-your-black-robe-we-beseech-thee dept.
whoever57 writes Google has asked the Supreme Court to review the issue of whether APIs can be copyrighted. Google beat Oracle in the trial court, where a judge with a software background ruled that APIs could not be copyrighted. but the Appeals court sided with Oracle, ruling that APIs can be copyrighted. Now Google is asking the Supreme Court to overturn that decision. (Also of interest.)
Cloud

Vax, PDP/11, HP3000 and Others Live On In the Cloud 62

Posted by Soulskill
from the cloud-of-the-living-dead dept.
judgecorp writes: Surprisingly, critical applications still rely on old platforms, although legacy hardware is on its last legs. Swiss emulation expert Stromasys is offering emulation in the cloud for old hardware using a tool cheekily named after Charon, the ferryman to the afterlife. Systems covered include the Vax and PDP/11 platforms from Digital Equipment (which was swallowed by Compaq and then HP) as well as Digital's Alpha RISC systems, and HP's HP3000. It also offers Sparc emulation, although Oracle might dispute the need for this.
Oracle

Oracle CEO Larry Ellison Steps Down 142

Posted by timothy
from the one-real-american-named-larry-ellison dept.
mrspoonsi writes Oracle founder Larry Ellison is stepping down as CEO. He will be replaced by two executives. Former Oracle presidents Safra Catz and Mark Hurd will be co-CEOs. Ellison will be the Executive Chairman of Oracle's Board, and the company's CTO. Oracle's shares are off by 3% on the news. "Larry has made it very clear that he wants to keep working full time and focus his energy on product engineering, technology development and strategy," said the Oracle Board's Presiding Director, Dr. Michael Boskin.
Databases

UK's National Health Service Moves To NoSQL Running On an Open-Source Stack 198

Posted by Soulskill
from the deciding-to-DROP-it dept.
An anonymous reader sends this news from El Reg: The U.K.'s National Health Service has ripped the Oracle backbone from a national patient database system and inserted NoSQL running on an open-source stack. Spine2 has gone live following successful redevelopment including redeployment on new, x86 hardware. The project to replace Spine1 had been running for three years with Spine2 now undergoing a 45-day monitoring period. Spine is the NHS’s main secure patient database and messaging platform, spanning a vast estate of blades and SANs. It logs the non-clinical information on 80 million people in Britain – holding data on everything from prescriptions and payments to allergies. Spine is also a messaging hub, serving electronic communications between 20,000 applications that include the Electronic Prescription Service and Summary Care Record. It processes more than 500 complex messages a second.
Government

Oregon Suing Oracle Over Obamacare Site, But Still Needs Oracle's Help 116

Posted by samzenpus
from the I-hate-you-now-help-me dept.
jfruh writes Oracle and the state of Oregon are in the midst of a particularly nasty set of lawsuits over the botched rollout of Oregon's health care exchange site, with Oregon claiming that Oracle promised an "out-of-the-box solution" and Oracle saying that Oregon foolishly attempted to act as its own systems integrator. But one aspect of the dispute helps illustrate an unpleasant reality of these kinds of disputes: even as Oregon tries to extract damages from Oracle, it still needs Oracle's help to salvage the site.
Java

If Java Wasn't Cool 10 Years Ago, What About Now? 511

Posted by timothy
from the pretty-good-drink-especially-with-honey-and-cream dept.
10 years ago today on this site, readers answered the question "Why is Java considered un-cool?" 10 years later, Java might not be hip, but it's certainly stuck around. (For slightly more than 10 years, it's been the basis of the Advanced Placement test for computer science, too, which means that lots of American students are exposed to Java as their first formally taught language.) And for most of that time, it's been (almost entirely) Free, open source software, despite some grumbling from Oracle. How do you see Java in 2014? Are the pessimists right?
Oracle

Oregon Sues Oracle For "Abysmal" Healthcare Website 212

Posted by timothy
from the finest-consultants-in-the-land dept.
SpzToid (869795) writes The state of Oregon sued Oracle America Inc. and six of its top executives Friday, accusing the software giant of fraud for failing to deliver a working website for the Affordable Care Act program. The 126-page lawsuit claims Oracle has committed fraud, lies, and "a pattern of activity that has cost the State and Cover Oregon hundreds of millions of dollars". "Not only were Oracle's claims lies, Oracle's work was abysmal", the lawsuit said. Oregon paid Oracle about $240.3 million for a system that never worked, the suit said. "Today's lawsuit clearly explains how egregiously Oracle has disserved Oregonians and our state agencies", said Oregon Atty. Gen. Ellen Rosenblum in a written statement. "Over the course of our investigation, it became abundantly clear that Oracle repeatedly lied and defrauded the state. Through this legal action, we intend to make our state whole and make sure taxpayers aren't left holding the bag."

Oregon's suit alleges that Oracle, the largest tech contractor working on the website, falsely convinced officials to buy "hundreds of millions of dollars of Oracle products and services that failed to perform as promised." It is seeking $200 million in damages. Oracle issued a statement saying the suit "is a desperate attempt to deflect blame from Cover Oregon and the governor for their failures to manage a complex IT project. The complaint is a fictional account of the Oregon Healthcare Project."
Censorship

Russia Cracks Down On Public Wi-Fi; Oracle Blocks Java Downloads In Russia 254

Posted by timothy
from the interesting-times dept.
Linking to a story at Reuters, reader WilliamGeorge writes "Russia is further constraining access to the internet and freedom of speech, with new laws regarding public use of WiFi. Nikolai Nikiforov, the Russian Communications Minister, tweeted that "Identification of users (via bank cards, cell phone numbers, etc.) with access to public Wifi is a worldwide practice." This comes on top of their actions recently to block websites of political opponents to Russian president Vladimir Putin, require registration of prominent bloggers, and more. The law was put into effect with little notice and without the input of Russian internet providers. Sergei Plugotarenko, head of the Russian Electronic Communications Association, said "It was unexpected, signed in such a short time and without consulting us." He added, "We will hope that this restrictive tendency stops at some point because soon won't there be anything left to ban." In addition to the ID requirement to use WiFi, the new law also requires companies to declare who is using their web networks and calls for Russian websites to store their data on servers located in Russia starting in 2016." That's not the only crackdown in progress, though: former Slashdot code-wrestler Vlad Kulchitski notes that Russian users are being blocked from downloading Java with an error message that reads, in essence, "You are in a country on which there is embargo; you cannot download JAVA." Readers at Hacker News note the same, though comments there indicate that the block may rely on a " specific and narrow IP-block," rather than being widespread. If you're reading this from Russia, what do you find?
Java

Oracle Hasn't Killed Java -- But There's Still Time 371

Posted by Unknown Lamer
from the common-lisp-rising dept.
snydeq (1272828) writes Java core has stagnated, Java EE is dead, and Spring is over, but the JVM marches on. C'mon Oracle, where are the big ideas? asks Andrew C. Oliver. 'I don't think Oracle knows how to create markets. It knows how to destroy them and create a product out of them, but it somehow failed to do that with Java. I think Java will have a long, long tail, but the days are numbered for it being anything more than a runtime and a language with a huge install base. I don't see Oracle stepping up to the plate to offer the kind of leadership that is needed. It just isn't who Oracle is. Instead, Oracle will sue some more people, do some more shortsighted and self-defeating things, then quietly fade into runtime maintainer before IBM, Red Hat, et al. pick up the slack independently. That's started to happen anyhow.'
Oracle

Oracle Database Redaction Trivial To Bypass, Says David Litchfield 62

Posted by timothy
from the let-me-ask-that-another-way dept.
msm1267 (2804139) writes "Researcher David Litchfield is back at it again, dissecting Oracle software looking for critical bugs. At the Black Hat 2014 conference, Litchfield delivered research on a new data redaction service the company added in Oracle 12c. The service is designed to allow administrators to mask sensitive data, such as credit card numbers or health information, during certain operations. But when Litchfield took a close look he found a slew of trivially exploitable vulnerabilities that bypass the data redaction service and trick the system into returning data that should be masked."
Politics

Aaron's Law Is Doomed and the CFAA Is Still Broken 134

Posted by Unknown Lamer
from the reading-slashdot-is-a-felony dept.
I Ate A Candle (3762149) writes Aaron's Law, named after the late internet activist Aaron Swartz, was supposed to fix U.S. hacking laws, which many deem dated and overly harsh. But the bill looks certain to wither in Congress, thanks to corporate lobbying, disagreements in Washington between key lawmakers and a simple lack of interest amongst the general population for changes to the Computer Fraud and Abuse Act. Representative Zoe Lofgren blamed inactivity from the House Judiciary Committee headed up by Representative Bob Goodlatte, which has chosen not to discuss or vote on Aaron's Law. There is still an appetite for CFAA reform, thanks to complaints from the security community that their research efforts have been deemed illegal acts, perversely making the internet a less secure place. But with the likes of Oracle trying to stop it and with Congress unwilling to act, change looks some way away.
Businesses

Ask Slashdot: When Is It Better To Modify the ERP vs. Interfacing It? 209

Posted by timothy
from the which-point-in-the-chain dept.
New submitter yeshuawatso writes I work for one of the largest HVAC manufacturers in the world. We've currently spent millions of dollars investing in an ERP system from Oracle (via a third-party implementor and distributor) that handles most of our global operations, but it's been a great ordeal getting the thing to work for us across SBUs and even departments without having to constantly go back to the third-party, whom have their hands out asking for more money. What we've also discovered is that the ERP system is being used for inputting and retrieving data but not for managing the data. Managing the data is being handled by systems of spreadsheets and access databases wrought with macros to turn them into functional applications. I'm asking you wise and experienced readers on your take if it's a better idea to continue to hire our third-party to convert these applications into the ERP system or hire internal developers to convert these applications to more scalable and practical applications that interface with the ERP (via API of choice)? We have a ton of spare capacity in data centers that formerly housed mainframes and local servers that now mostly run local Exchange and domain servers. We've consolidated these data centers into our co-location in Atlanta but the old data centers are still running, just empty. We definitely have the space to run commodity servers for an OpenStack, Eucalyptus, or some other private/hybrid cloud solution, but would this be counter productive to the goal of standardizing processes. Our CIO wants to dump everything into the ERP (creating a single point of failure to me) but our accountants are having a tough time chewing the additional costs of re-doing every departmental application. What are your experiences with such implementations?
Businesses

Jesse Jackson: Tech Diversity Is Next Civil Rights Step 514

Posted by Soulskill
from the opportunity-shortage dept.
theodp writes: U.S. civil rights leader Rev. Jesse Jackson called on the Obama administration Monday to scrutinize the tech industry's lack of diversity. "There's no talent shortage. There's an opportunity shortage," Jackson said, calling Silicon Valley "far worse" than many others, such as car makers that have been pressured by unions. He said tech behemoths have largely escaped scrutiny by a public dazzled with their cutting-edge gadgets. Jackson spoke to press after meeting with Labor Secretary Tom Perez for a review of H-1B visas, arguing that data show Americans have the skills and should have first access to high-paying tech work. Jackson's Rainbow Push Coalition plans to file a freedom-of-information request next month with the EEOC to acquire employment data for companies that have not yet disclosed it publicly, which includes Amazon, Broadcom, Oracle, Qualcomm and Yelp. Unlike the Dept. of Labor, Jackson isn't buying Silicon Valley's argument that minority hiring statistics are trade secrets. Five years after Google's HR Chief would only reassure Congress the company had "a very strong internal Black Googler Network" and its CEO brushed off similar questions about its diversity numbers by saying "we're pretty happy with the way our recruiting work," Google — under pressure from Jackson — fessed up to having a tech workforce that's only 1% Black, apparently par for the course in Silicon Valley.
Android

Old Apache Code At Root of Android FakeID Mess 127

Posted by Soulskill
from the write-once-run-anywhere dept.
chicksdaddy writes: A four-year-old vulnerability in an open source component that is a critical part of Android leaves hundreds of millions of mobile devices susceptible to silent malware infections. The vulnerability affects devices running Android versions 2.1 to 4.4 ("KitKat"), according to a statement released by Bluebox. The vulnerability was found in a package installer in affected versions of Android. The installer doesn't attempt to determine the authenticity of certificate chains that are used to vouch for new digital identity certificates. In short, Bluebox writes, "an identity can claim to be issued by another identity, and the Android cryptographic code will not verify the claim."

The security implications of this are vast. Malicious actors could create a malicious mobile application with a digital identity certificate that claims to be issued by Adobe Systems. Once installed, vulnerable versions of Android will treat the application as if it was actually signed by Adobe and give it access to local resources, like the special webview plugin privilege, that can be used to sidestep security controls and virtual 'sandbox' environments that keep malicious programs from accessing sensitive data and other applications running on the Android device. The flaw appears to have been introduced to Android through an open source component, Apache Harmony. Google turned to Harmony as an alternative means of supporting Java in the absence of a deal with Oracle to license Java directly.

Work on Harmony was discontinued in November, 2011. However, Google has continued using native Android libraries that are based on Harmony code. The vulnerability concerning certificate validation in the package installer module persisted even as the two codebases diverged.
Oracle

Oracle Offers Custom Intel Chips and Unanticipated Costs 97

Posted by timothy
from the your-fries-come-with-lobster dept.
jfruh (300774) writes "For some time, Intel has been offering custom-tweaked chips to big customers. While most of the companies that have taken them up on this offer, like Facebook and eBay, put the chips into servers meant for internal use, Oracle will now be selling systems running on custom Xeons directly to end users. Those customers need to be careful about how they configure those systems, though: in the new Oracle 12c, the in-memory database option, which costs $23,000 per processor, is turned on by default."

One man's constant is another man's variable. -- A.J. Perlis

Working...