Articles about Java

Miguel de Icaza on stage with Steve Wozniak at the Evolve 2016 conference

Miguel de Icaza on his journey from open source to Microsoft: 'It's a different company'

Interview At Xamarin's Evolve conference in San Francisco, I sat down with Miguel de Icaza, the initiator of both the GNOME desktop for Linux and the Mono open source version of Microsoft's .NET Framework. Miguel de Icaza co-founded Xamarin with Nat Friedman, who became CEO. Xamarin, which provides tools for developing mobile …
Tim Anderson, 29 Apr 2016
Xamarin's Test Cloud lets developers test applications on cloud-hosted devices

Newest Microsoftie Xamarin releases cross-platform mobile SDK as open source

EVOLVE 2016 Xamarin's Evolve conference is under way in Orlando, Florida, where around 1,600 attendees are coming to terms with Microsoft's acquisition of the company, completed less than one month ago. Xamarin's main product is a set of tools and compilers that enable cross-platform mobile development using Microsoft's C# language. It's …
Tim Anderson, 27 Apr 2016

Boffins believe buggy Binder embiggens Android attack surface

Bugs in Android's Binder inter-process communication (IPC) mechanism open up a mass of security bugs, according to University of Michigan boffins Huan Feng and Kang Shin. In a paper posted to Arxiv, the duo say developers aren't doing enough sanity checking between Binder server and clients. Specifically, they often forget to …

Neo4j bolts on binary protocol to up its graph database game

Neo Technology has released Neo4j 3.0, which it declared comes with a "completely redesigned architecture." 3.0 comes with a new binary protocol dubbed Bolt, intended for speedier graph access, though the architectural redesign is centred on a new data store, where dynamic pointer compression is intended to expand Neo4j’s …
Plaster by Flickr user Aine under CC 2 license

Juniper patches Logjam, Bar Mitzvah, and various Java vulns

Juniper Networks sysadmins can add Junos Space network management patches to their to-do list. The gin palace says “any product or platform running Junos Space before 15.2R1” has the privilege escalation vulnerabilities, adding that “Attack vectors include: cross site request forgeries (CSRF), default authentication …

Win XP, Flash, Java... healthcare makes easy pickings for hackers

The healthcare industry is a long way behind the financial sector in basic security practices, according to a study by two factor authentication firm Duo Security. Duo found that healthcare devices were significantly more out of date and less secure than ones from finance, after comparing its healthcare customers' devices to …
John Leyden, 22 Apr 2016
Penguin, photo via Shutterstock

Microsoft headhunters seek Linux folk for secret open source unit

Exclusive Microsoft is recruiting from open-sourcers to build a unit apparently selling open-source wares on its Azure cloud. Recruiters working on behalf of Microsoft have been contacting employees of Linux firms, interviewing them for what’s being called an open source practice. Microsoft is specifically looking for those with …
Gavin Clarke, 21 Apr 2016
monty_python_french_knights_648

Red Hat bets on RHEL to sell its OpenStack elastic enterprise

Cloud killing on-premises kit for enterprise IT providers? Yes if you’re IBM, no if your name’s Red Hat. At least, according to Red Hat. Wall Street’s money men are shocked – shocked, I tell you – to discover Amazon with AWS is now number two on a list of enterprises’ mega-critical IT suppliers. IBM? Not so much. A firm with …
Gavin Clarke, 20 Apr 2016

Grab a cuppa: Time to sort out that Oracle patch batch

Oracle has released its latest quarterly Critical Patch Update on Tuesday, releasing updates to Fusion Middleware, Peoplesoft, E-Business Suite, MySQL, and several other products. Java SE also got patched. This set of patches addresses 136 vulnerabilities in several product families, according to business application security …
John Leyden, 20 Apr 2016
Flash Gordon

Exploit kit writers turn away from Java, go all-in on Adobe Flash

Exploit kit writers are no longer fussed about Java vulnerabilities, focusing their attention almost entirely on Adobe Flash. All of the top 10 vulnerabilities targeted by exploit kits during 2015 are related to Adobe Flash, according to a new study [PDF] from NTT Group. In 2013, by contrast, the top 10 vulnerabilities …
John Leyden, 19 Apr 2016
Boxers image via Shutterstock

CEO meeting fails to resolve Oracle-versus-Google java case

An epic six-hour meeting between Google Chief Executive Sundar Pichai and Oracle CEO Safra Catz has failed to make a Big Red Java Chocolate Factory, so the two companies will head to court for their retrial. A docket from US magistrate, Judge Paul Grewal, revealed the failed talks, which took place on Friday. The two have …
RoboVM is to be discontinued

Embrace, extend – and kill. Microsoft discontinues RoboVM

Microsoft is discontinuing RoboVM, the Java-to-Mobile compiler technology which it acquired with Xamarin a couple of months ago. Just six months ago, RoboVM was a small but growing business catering to developers wishing to use their Java skills – or port existing Java applications – to iOS and Android. Using an AOT (ahead of …
Tim Anderson, 15 Apr 2016

Russia sends exploit kit author to the GULAG for seven years

The author of the infamous "Blackhole" exploit kit has been sentenced to seven years in a Russian penal colony, local media report. Dmitry Fedotov, 29, also known as Paunch, was sentenced 12 April along with six other hackers who received between five-and-a-half and eight years for fraud offences, TASS news reported. Fedotov …
Team Register, 15 Apr 2016
Emergency phone? by https://www.flickr.com/photos/lemsipmatt/ cc 2.0  attribution sharealike https://creativecommons.org/licenses/by-sa/2.0/

Critical VMware bug needs patching ASAP

Patch now, vAdmins: that's the message from VMware after it revealed a "critical security issue in the VMware Client Integration Plugin." Said plugin, VMware says, "does not handle session content in a safe way." "This may allow for a Man-in-the-Middle attack or Web session hijacking in case the user of the vSphere Web Client …
Simon Sharwood, 14 Apr 2016

Uninstall QuickTime for Windows: Apple will not patch its security bugs

RIP QuickTime for Windows. Apple is "deprecating support" for the application, and will no longer patch security flaws in the software. The iGiant is also quietly advising users to uninstall the media player from their Windows machines to avoid being hacked. Word of the end of support comes from infosec biz Trend Micro. It …
Iain Thomson, 14 Apr 2016
retro cartoon featuring two men fighting against cloud backdrop

SAP denial-of-service flaw combo poses remote hijack risk

Two denial of service vulnerabilities in SAP’s latest monthly patch batch can allow full system compromise, ERP security specialists warn. SAP released 19 security notes on Tuesday that collectively fixed 26 vulnerabilities. The updates included patches designed to close two critical DoS issues. Hackers might have been able …
John Leyden, 14 Apr 2016
Cloudy sky

Redmond turns to Linux AGAIN for Azure data science primer

Microsoft has taken a data science bundle it crafted last November and put it onto an Azure-hosted Linux VM. The combo, announced at Microsoft's Cortana blog, takes CentOS 7.2, runs it up as an Azure virtual machine image, and packages it with a slew of data science tools. Microsoft had already run up a Windows Server 2012- …
Monty Python foot UHDTV

Security researcher to IBM: 'Fix that 2013 Java bug'

A security researcher that pointed out serious Java Runtime Engine vulnerabilities to IBM in 2013 has accused Big Blue of not fixing the bugs properly. The gist of this Full Disclosure post is that back in 2013, IBM closed off the proof-of-concept attack without considering all possible code paths to the vulnerability. The …

How Remix's Android will eat the world

Interview Which platform will the next billion people on the internet use? Is it more likely to be Microsoft’s Windows squeezed onto low-cost mobile hardware, or a mobile OS given some steroids? Three former Google executives are betting it's the latter. And based on Jide’s early showing, a revved-up Android called Remix OS is a serious …
Andrew Orlowski, 08 Apr 2016
Microsoft's Scott Guthrie announces new Azure features at Build 2016

Microsoft announces Azure Functions, encrypted cloud storage

BUILD 2016 Day two of Microsoft's Build conference was focused on Azure, the company's cloud platform, with new features announced and preview features moving to general availability. Top of the list is Azure Functions, a new service which lets you write code that runs in response to various triggers, such as an HTTP request, a file …
Tim Anderson, 01 Apr 2016
steve_jobs_index_648

Holding out for a Jobs: Tim Cook still auditioning for position of Apple god

Apple at 40 Apple is 40 years old. The leader was Steve Jobs, but he's gone and many still don't understand his core idea. The idea was Apple's control over "the user experience". That control is at risk today, and the company's future hangs in the balance as a result under the new leader. How people use things was Jobs' lifelong …

Dell joins Java jumpers with updated server admin tool

It's a small change but it speaks volumes about what sysadmins want: Dell has added HTML 5 support to its integrated Dell Remote Access Controller (iDRAC) server management tool. iDRAC ships with every PowerEdge server and lets server admins manage their boxen without having to install agents for tasks like firmware updates …
Simon Sharwood, 01 Apr 2016

Oracle's website, social media to wear sandwich board of shame over Java SE insecurity

The US Federal Trade Commission (FTC) has signed off a settlement with Oracle over its handling of Java SE updates. The regulator said all four commissioners voted to approve the deal, which requires Oracle to alert everyone visiting its website and social media profiles to the fact that it left old and vulnerable editions of …
Shaun Nichols, 30 Mar 2016
google_chocolate_factory_cropped_648

Google fills BigQuery with public data, invites world+dog to play

In its latest move confirming the company's ascension to deity-level entrepreneurship, Google is now selling public data back to the public through its BigQuery analytics engine. The Chocolate Factory has inserted some delicious public data nougat into its BigQuery confectionery service, pointing out that it "pays for the …
Studio shot of LEGO minifigure Batman and Superman standing by a water cooler with drinks. Copyright: cjmacer Editorial Credit: cjmacer / Shutterstock.com Editorial Use Only.

Speaking in Tech: Batman vs Superman... absolutely sucked

Podcast speaking_in_tech Greg Knieriemen podcast enterprise Hosted by Greg Knieriemen, Ed Saipetch and Sarah Vela. This week, it's Ed, Greg and Sarah and no guests... just the gang discussing bad superhero movies, listener complaints, Oracle suing Google (again) and Australian bike bells –and taking people out to the woodshed... …
Team Register, 30 Mar 2016
Hadoop

Hadoop rebels unleash spec to battle the Cloudera/MapR empire

ODPi, the group formerly known as the Open Data Platform initiative and set up last year as an attempt to standardise Hadoop applications, has published its first runtime specification. Backed by Hortonworks but kicked into the corner by heavyweights MapR and Cloudera, ODPi was set up last year to try and make sure …

Gumtree serves world's worst exploit kit to scores of Aussies

Malware expert Jerome Segura says Australia's most popular classifieds site, Gumtree.com.au, was serving the world's most capable exploit kit to some of its millions of monthly visitors. The site is Australia's twelfth-most-popular website and last month attracted some 47.8 million views. Parent site eBay Australia scored 74.6 …
Darren Pauli, 29 Mar 2016
Oracle OpenWorld cloud

Oracle v Google: Big Red wants $9.3bn in Java copyright damages

The Oracle v. Google fight over Java took a couple of twists just before the Easter weekend. The database giant now reckons it is owed up to $9.3bn in copyright-infringement damages for Android's use of Java. Meanwhile, the judge in the trial wants to ban Oracle and Google lawyers from scouring jurors' social network profiles …
Chris Williams, 28 Mar 2016
Cat in a box, image via Shutterstock

Oracle traps its cloud inside own tin boxes

Oracle is throwing one stone at two birds troubling its business: cloud and falling server sales. That stone: cloud in a box. The database giant has announced Oracle Cloud at Customer, a package of its publicly available, but relatively unwanted cloud software - in its reciprocally related servers. The stone has a name: …
Gavin Clarke, 24 Mar 2016

Patch Java now, says Oracle. Leave the Easter chocolate until later

Oracle is urging Java users to upgrade, ASAP, to crimp a very nasty bug in the desktop and browser plug-in versions of the software. Labelled CVE-2016-0636, the flaw scored a 9.3 on the Common Vulnerability Scoring System bug severity rating. That high score comes about because the flaw means attackers “can impact the …
Simon Sharwood, 24 Mar 2016

Error checks? Eh? What could go wrong, really? (DoSing a US govt site)

Line Break It's time for your dose of Line Break, our Wednesday column of coding nightmares that have haunted Register readers at one time or another. This also means we're already halfway to Friday. Judging by some of these following tales, we can only assume one too many developers out there are already half cut by this point in the …
Chris Williams, 23 Mar 2016
Rock climbing, image via Shutterstock

Microsoft to add a touch of Chrome to Edge

Microsoft is developing tools for its Edge browser to import extensions from Chrome. Microsoft Edge engineer Jacob Rossi tweeted... Lots of questions on this: yes we're working on a porting tool to run Chrome extensions in Edge. Not yet finished and not all APIs supported — Jacob Rossi (@jacobrossi) 18 March 2016 …
Gavin Clarke, 21 Mar 2016
Attack film poster

Attack! Run. WTF? A decade of enterprise class fear and uncertainty with AWS

Ten years ago, Oracle was mid-snack, taking a break between swallowing PeopleSoft for $10bn and Sun Microsystems for $8.5bn. Microsoft had settled a long-running feud with Sun over something petty involving Java for $20m and had begun designing its vision of how the internet should be programmed with its new BFF, IBM. …
Gavin Clarke, 17 Mar 2016
SAP logo

SAP software download app exposed passwords thanks to serious vuln

A Java application from SAP that allows downloading of software packages and support notes needs patching following the discovery of a serious security flaw. Core Security found that an attacker who manages to get access to a user's configuration file in SAP’s Download Manager might be able to obtain the stored proxy password …
John Leyden, 11 Mar 2016

Google emits Android N developer preview early to smoke out bugs

Developers usually have to wait for the Google I/O conference in May before getting their paws on the latest Android builds, but this year the Chocolate Factory has let its version 7.0, or N, build out of the bag well before the show. "We're doing something a little different this year by releasing the preview early ... really …
Iain Thomson, 09 Mar 2016
Red's Java house by https://www.flickr.com/photos/enerva/ CC 2.0 attribution https://creativecommons.org/licenses/by/2.0/

Java evangelist leaves Oracle to save Java

Java evangelist Reza Rahman has left Oracle, to help save Java. Rahman writes, on an Oracle blog, that he is “... certain that this is the way I personally can best help continue to advance the Java and Java EE communities.” On his personal blog he's more candid, saying he joined Oracle in part because he'd have the chance to …
Simon Sharwood, 09 Mar 2016
Microsoft is joining the Eclipse Foundation as a Solutions member

Microsoft joins Eclipse Foundation. Odd thing for a competitor to do

Microsoft is joining the Eclipse Foundation as a Solutions Member, according to an announcement today at the EclipseCon event in Reston, Virginia. The Eclipse Foundation is the non-profit organisation responsible for the Java-based Eclipse IDE and tools platform. Solutions membership is the second level behind the top-tier …
Tim Anderson, 08 Mar 2016

Oracle gives apps a ticket to ride on Sparc M7's SQL warp drives

Oracle will today release, in its words, "a free and open API and developer kit" for the hardware-accelerated SQL-crunching engines in its Sparc M7 processors. You can register to grab the goodies, here. "We're opening up the interfaces to enable programmers using C/C++, Java and Python to effectively use these accelerators," …
Chris Williams, 08 Mar 2016
William Hill's R&D Engineering Lead Gavin Stevenson

Software dev 101: 'The best time to understand how your system works is when it is dying'

QCon London At the QCon Developer conference underway in London, William Hill's R&D Engineering Lead Gavin Stevenson told attendees that they should celebrate IT failures. "The best time to understand how your system works is when it is dying," he said. QCon is a vendor-neutral event focused on large-scale software development and …
Tim Anderson, 08 Mar 2016

Outsourced Virgin Media techies botched this infosec bod's Poodle fix

Virgin Media has promised to ensure all its agents are fully equipped to offer advice on the Poodle vulnerability, after a security expert exposed the failure of outsourced Indian call centre staff to explain and fix the problem. Independent security consultant Paul Moore, who is also a Virgin customer, was contacted by the …
Kat Hall, 04 Mar 2016

You're a cybercrime kingpin. You need a new evil lackey. How much do you tell them?

RSA 2016 Cybercrooks, much like ethical security defenders, are facing a skills crisis and difficulties in recruiting qualified staff. Their attempts to bring workers into criminal organisations leave it possible for experts to learn more about their strategies and tactics, according to new research from threat intelligence firm Digital …
John Leyden, 01 Mar 2016

IBM proves love for Swift, releases Kitura web server framework for Linux

MWC16 IBM has released Kitura, an open-source web server framework written in Swift, Apple's young but popular programming language which was designed for iOS and OS X. IBM IBM's Kitura, a web server framework written in Swift IBM held a press conference at Mobile World Congress in Barcelona to update the world on its …
Tim Anderson, 23 Feb 2016

IBM open sources its blockchain code – the non-crazy part of Bitcoin

IBM has open sourced a significant chunk of the blockchain code it has been working on, putting its weight behind the Linux Foundation and its Hyperledger project. Big Blue has dumped the Apache 2.0-licensed source on GitHub, providing a limited but functional dev environment to build on. The IT giant has pledged to maintain …
Kieren McCarthy, 18 Feb 2016
Apple New iPad 3 tablet

Hello, Kotlin: Another programming language for JVM and JavaScript

JetBrains has released version 1.0 of Kotlin, an open source programming language for the JVM and Android. Why Kotlin? JetBrains is a developer tools company whose IntelliJ IDEA IDE has been adapted by Google for Android Studio, and the short answer seems to be that the company wanted something better than Java with which to …
Tim Anderson, 17 Feb 2016

Apache Foundation rushes out Arrow as 'Top-Level Project'

The Apache Software Foundation has today announced Apache Arrow, its new project which aims to provide a cross-system data layer for columnar in-memory analytics. While Apache projects normally go through incubation periods, Arrow has been immediately announced as a Top-Level Project, and its code – seeded from the Apache …
linux_tux_cloud_648

Linux Foundation whistles up 'Fido' for SDN, NFV

The Linux Foundation has kicked off a new collaboration designed to push open I/O closer to the metal, to squeeze higher performance out of the white-box world. Fd.io – which the outfit assures the world is pronounced “Fido” – builds on efforts like Intel's Data Plane Development Kit (DPDK). The other foundation technology …

Thanks for the extra memories, folks: Say hi to GridGain

GridGain Systems software provides an in-memory facility for running transactions, streaming and analytics applications using clustered x86 server nodes in a grid defined by a distributed, massively parallel architecture. It says its software enables such applications to run thousands of times faster than on disk-based systems …
Chris Mellor, 15 Feb 2016
ElasticSearch_ELK_stack

Elasticsearch cluster in a jiffy: Step by step

The set up of an Elasticsearch cluster can differ strongly depending on its scenario. In order to quickly deliver visible, individually customized results to our customers we have automated the installation process for Elasticsearch clusters and are now able to run a local demo cluster at the flick of a switch. A local …
Tobias Schaber, 15 Feb 2016
Sunset by https://www.flickr.com/photos/pslee999/ cc 2.0 https://creativecommons.org/licenses/by/2.0/ attribution generic

Want AWS Lambda without the Amazon lock-in? Meet Project Kratos

Iron.io, a San Francisco company which has recently secured $11.5 million venture capital funding, has announced Project Kratos, which "will enable enterprises to run AWS Lambda functionality in any cloud provider, as well as on-premise," according to the project description. Project Kratos, like other Iron.io products, runs …
Tim Anderson, 12 Feb 2016
Google nutella

Ready to cook Amazon's Lambda? Google releases preview of Cloud Functions

Google has released an alpha of Cloud Functions, a managed Node.js environment that is reminiscent of Amazon Web Services (AWS)'s Lambda. A Google Cloud Function is written in JavaScript and uploaded to Google's service. You can then call the function in one of four ways: Pub/Sub triggers using Google's message bus, called …
Tim Anderson, 10 Feb 2016