Articles about Java

Oracle and Sun logo

What's big and red and needs 270 security patches?

Oracle has revealed its quarterly Critical Patch Update Advisory for January 2017, which offers users a buffet of 270 fixes to apply. Big Red says that “due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible.” Where to start? Perhaps with the sole problem …
Simon Sharwood, 18 Jan 2017

Father of Android II: A Hardware Comeback

The "Father of Android" Andy Rubin is plotting a return to hardware – and he could beat Google's own Android successor Andromeda to market. According to Bloomberg, Rubin, who left Google in 2013, has hired former Android engineers for his new venture Essential, with the idea that a "high-end" smartphone will act as a kind of …
Andrew Orlowski, 16 Jan 2017
James Madison University

Promising compsci student sold key-logger, infects 16,000 machines, pleads guilty, faces jail

A 21-year-old computer science student, who won a Programmer of the Year Award in high school, has admitted selling key-logging malware out of his college dorm room. On Friday, Zachary Shames, an undergraduate at James Madison University in Virginia, US, pleaded guilty in a federal district court to one count of aiding and …
Shaun Nichols, 14 Jan 2017
LEGO BOOST robot photo LEGO

BOOST! LEGO's computing future and its ground-breaking past

CES 2017 Smart Wi-Fi-enabled hairbrush? Virtual reality shoes? Some visions of the future at this week's CES trade show simply won’t materialise. But what about building a 'bot made of LEGO? Toymaker LEGO unveiled its Boost line this week at CES – a set of 840 programmable bricks for your kids to control self-made robots with. Boost …
Gareth Corfield, 06 Jan 2017
Trump with flag photo via Shutterstock

A vintage year for snoopers and big state-ists

Year in Review If 2016 proved anything, it proved the existence of the law of unintended consequences making this a miserable year for lovers of liberty and privacy. A vote by the British electorate to secede from the European Union in June led to former Home Secretary Theresa May becoming Prime Minister — to the fright of many who had …
Robot hand human skull photo via Shutterstock

2016: The Rise of the Intelligent (cloud) Machines

Review of 2016 Blame Mark Zuckerberg. Not for the election of Donald Trump as US president, but for Artificial Intelligence becoming the trend du jour in enterprise tech circles in 2016. Back in those now forgotten days of January, before The Great Inversion of 2016, Zuckerberg was surely kicking his heels when he set himself that “personal …
Gavin Clarke, 25 Dec 2016
Java image by Gil C via Shutterstock

MicroServices-friendly Java lands on Eclipse

A project for a microservices-friendly Java is to be overseen by the Eclipse Foundation. The MicroProfile project has been accepted by the Eclipse Foundation Board following a vote. MicroProfile is a lightweight profile of enterprise Java using existing elements of the Java EE stack. Backers of MicroProfile initiated the …
Gavin Clarke, 23 Dec 2016

Testing times: Can your crypto-code survive the Google gauntlet?

Google has unleashed Project Wycheproof, a set of security tests to check cryptographic libraries for susceptibility to known weaknesses. The toolkit, maintained by Google’s security engineers, is named after Mount Wycheproof, the smallest mountain in the world, and has set out with commendably modest goals. The aim is to look …
John Leyden, 20 Dec 2016
Hunter photo via Shutterstock

Oracle finally targets Java non-payers – six years after plucking Sun

Oracle is massively ramping up audits of Java customers it claims are in breach of its licences – six years after it bought Sun Microsystems. A growing number of Oracle customers and partners have been approached by Larry Ellison’s firm, which claims they are out of compliance on Java. Oracle bought Java with Sun Microsystems …
Gavin Clarke, 16 Dec 2016

Crate.io unboxes clustered SQL CrateDB, decamps to California

After more than a million downloads since its introduction two years ago, CrateDB, an open-source distributed SQL database suited for real-time analysis of machine data, has reached to its 1.0 release. And while the door remains open to technical talent from abroad, Crate.io, which began with offices in Berlin, Germany, and …
Thomas Claburn, 14 Dec 2016

Sights of the Realm: Mobile app DB hooks up with IBM Watson for image, text, face recog

Realm, which makes an object-based database for mobile applications, on Monday plans to introduce a version of its software for businesses with mobile apps that want to integrate application data with other services. Realm Mobile Platform Professional Edition, said chief marketing officer Paul Kopacki in a phone briefing with …
Thomas Claburn, 12 Dec 2016

Hollow, world! Netflix premieres Java in-memory database toolkit

Just as the National Security Agency in 2005 came to the conclusion that it would be easier to store everything, Netflix has decided to store all of its content metadata with its customers rather than serving data from a central repository and caching frequently accessed data at the network edge. The streaming media service on …
Thomas Claburn, 05 Dec 2016

BlackBerry's final QWERTY floats past the rumour mill

Hindsight is a wonderful thing, but what if BlackBerry had produced a smart, secure Android QWERTY in 2011, rather than waiting until 2017? A photo purporting to be BlackBerry’s final phone – which happens to be a smart, secure Android QWERTY expected in Q1 next year, popped up at the weekend, inviting counterfactual histories …
Andrew Orlowski, 05 Dec 2016

Ommm... devs, align your Chakra, whispers Microsoft, you don't need Google's V8...

Microsoft has released an early version of Node-ChakraCore for macOS, following a similar release for Linux at Node Summit in July. Why is this important? Well, Node-ChakraCore is Microsoft's open-source glue that plugs Node.js into ChakraCore, the MIT-licensed JavaScript engine within its Edge web browser. It's all part of …
Thomas Claburn, 29 Nov 2016

Even big data devs make big data security gaffes

Apache Big Data Europe Big data application programmers routinely download and execute unverified code, opening the door to information-stealing hackers, a security researcher has claimed. Olaf Flebbe, chief software architect at European software integrator Science+Computing, is upset that software engineers have got into the habit of insecurely …
John Leyden, 21 Nov 2016
China

Open sesame: Alibaba to open its first data centre in Europe

The cloudy arm of China's Amazon-equivalent Alibaba is opening its first data centre in Europe – part of the outfit's bid for global cloud domination. Alibaba Group is partnering with Vodafone Germany to co-locate Alibaba Cloud's first European data centre at Vodafone's data centre facilities in Frankfurt. The biz has also …
Kat Hall, 21 Nov 2016
Coffee, photo via shutterstock

Alibaba misses Java seat as MicroProfile champ lands a first

Web commerce giant Alibaba has failed in its bid to steward Java in an election that largely returned a familiar blend of members. Jack Ma's firm failed to win enough votes to secure a place on the Executive Committee of the Java Community Process (JCP), receiving just 5 per cent of the 983 votes cast. The firm's JVM team …
Gavin Clarke, 17 Nov 2016
Baby

'Podling' Apache projects are spending longer in the incubator

ApacheCon Stewards of the Apache Software Foundation are mildly concerned that many nascent projects are spending longer in the incubator, putting pressure on limited mentoring resources. In the 12 months up to November 2016, ASF oversaw 30 new "podling" incubator projects, of which four were retired and just seven graduated. Jim …
John Leyden, 17 Nov 2016
Microsoft Visual Studio for Mac image

Microsoft leaks Visual Studio for Mac, then scrubs the news

Microsoft Visual Studio, or something like it, will soon be available for macOS, a shift that reflects the company's effort to be more open toward non-Windows technology. Microsoft published the announcement prematurely and then withdrew it. The news, captured by archive.org, is scheduled to coincide with Microsoft Connect …
Thomas Claburn, 14 Nov 2016
Fear photo via Shutterstock

Fear of Staxit: What next for ASF's Cassandra as biggest donor cuts back

I've been a user of Cassandra for quite a number of years. I've suggested fixes for Apache Cassandra and – I believe – was the first to build a small cluster on Raspberry Pi computers. This year I was lucky enough to be voted an Apache Cassandra MVP. It's for these reasons that I've been saddened by this year's falling out …
Andrew Cobley, 14 Nov 2016
Radbot teaser image by Damon Hart-Davis

Testing times: Between some IoT code and a hard place

Radbot Every company has its ups and downs. Those downs could be exploding phones or a sudden unmovable overstock of Clinton merchandise (or conversely an uptick in Trump-the-statesman t-shirt demand). Bigger organisations can better absorb the illness of a member of staff or a surge in demand beyond all expectations, although no one …

Tailored Swift – coming soon to a cloud near you

Interview Jonathan "Jono" Guthrie, senior software engineer for PerfectlySoft, dropped by The Register's office in San Francisco to discuss the merits of the Swift programming language. The Apple-created Swift has attracted significant attention from developers since the iPhone maker released it as an open source project last year, but …
Thomas Claburn, 09 Nov 2016
Skeptical manager image via Shutterstock

Amazon pitches 'safe and responsible' AWS at suits

Sandwiched between its third-quarter results and re:Invent conference, Amazon's been pitching AWS as production-ready. Amazon wheeled out a host of corporate big names and government super-users to testify to AWS's suitability beyond pure dev and test at a London event on Tuesday. AWS chiefs sought to reassure the suits of …
Gavin Clarke, 08 Nov 2016
Java image by Gil C via Shutterstock

Open-source Sesame! Alibaba promises super-size magic for Java

Online commerce giant Alibaba is among a crop of “new world” Java users seeking to shape the direction of both language and platform. Alibaba, one the world’s largest users of Java, has entered the race for election to the ruling executive committee (EC) of the Java Community Process (JCP). Jack Ma’s ecommerce giant joined the …
Gavin Clarke, 08 Nov 2016
DevOps Enterprise Conference 2016

Handling tech baggage: How American Airlines, US Airways merged IT

At the end of 2013, US Airways and American Airlines merged. But actually combining the IT systems of the two companies is expected to take from five to seven years, said Susanna Brown, managing director of operations technologies at American Airlines. The two airlines move slowly because of baggage: They have different …
Thomas Claburn, 08 Nov 2016

England expects... you to patch your apps and not just Windows

Brits are getting better at patching Windows on their personal computers but worse at updating their applications, according to a new study. Stats from vulnerability management outfit Secunia Research reveal that 6.4 per cent of UK users had unpatched Windows operating systems in Q3 of 2016, up from 5.4 per cent in Q2 but down …
John Leyden, 02 Nov 2016
Mambo Unlimited's gold bug. Pic: Steve Caplin

Run a JSON file through multiple parsers and you'll get different results every time

The ubiquitous message-passing JSON format is something of an untended garden with plenty of security and stability traps for the unwary. That warning comes from software engineer Nicholas Seriot, who last week presented his work on JSON parsers to an audience at Geneva's Soft-Shake Conference. The problems arise because …
Autum leaves photo via Shutterstock

Huzzah! Java EE 8 by October ... 2017, says Oracle

Oracle aims to land the delayed Java Enterprise Edition 8 on or before October 2017. The software giant has told a Java Community Process (JCP) executive committee meeting it hoped to complete Java EE 8 "by JavaOne 2017". Linda DeMichiel, Oracle’s Java EE 8 specification lead, dropped the date in response to executive …
Gavin Clarke, 24 Oct 2016
Heartbeat graph

Pacemaker maker St Jude faces new security flaw claims from biz short-selling its stock

Security startup MedSec and the financial house backing the biz have published new allegations of security flaws in pacemakers and defibrillators built by St Jude Medical – and again look set to profit from the disclosures in an unorthodox way. In four swish videos, the MedSec team claims it exploited a debugging backdoor in …
Iain Thomson, 22 Oct 2016
Trading exchange, photo via Shutterstock

UK fintech firm reaches for Ireland Brexit escape hatch

A UK fin-tech firm will seek regulation in Ireland if the government doesn’t preserve financial services passporting rights in its EU exit talks. Regulation in Ireland would allow LMAX Exchange, which describes itself as “one of the UK’s fastest growing technology firms”, to keep doing business with other EU member states. …
Gavin Clarke, 21 Oct 2016

US DNC hackers blew through SIX zero-days vulns last year alone

Security researchers have shone fresh light on the allegedly Russian state-sponsored hacking crew blamed for ransacking the US Democratic National Committee's computers. Sednit – also known as APT28, Fancy Bear and Sofacy – has been operating since 2004. The cyber-mob has reportedly infiltrated machines operated by targets as …
John Leyden, 20 Oct 2016

Who killed Cyanogen?

Analysis Does European Commissioner for Competition Margrethe Vestager's team pay close attention to the tech news? If not, perhaps they should. Last week there was barely a murmur after Cyanogen Inc scaled back its ambitions. “Throwing in the towel” may be harsh – but the Android software company said it would henceforth be trying to …
Andrew Orlowski, 19 Oct 2016
How you doing Joey Friends

Red Hat eye from the Ubuntu guy: Fedora – how you doin'?

Comment Red Hat is the biggest – and one of the oldest – companies in the Linux world, but despite the difficulty of accurately measuring Linux usage figures, Ubuntu and its relatives seem to be the most popular Linux distributions. Red Hat isn’t sitting idle, though. Despite its focus on enterprise software, including virtualisation, …
Liam Proven, 19 Oct 2016
Oracle and Sun logo

Oracle's quarterly security release offers 253 patches

Oracle has released its quarterly patch dump, this time offering 253 fixes for 76 products. Of those, 15 have a Common Vulnerability Scoring System (CVSS) score of 9.0 or over, making them critical. Interestingly, Oracle's short-form announcement of the patch dump includes this warning regarding critical bugs. Italics are …
Simon Sharwood, 19 Oct 2016
Spock

You work so hard on coding improvements... and it's all undone by a buggy component

Nearly all (97 per cent) of Java applications contain at least one component with a known vulnerability, according to a new study by app security firm Veracode. Veracode reports year-over-year improvements in the code organisations write, a positive finding somewhat undone by the increasing proliferation of risk from open …
John Leyden, 18 Oct 2016

Mysterious algorithms, black-box AI recruiters are binning our résumés

Analysis When you submit a résumé for a position at a large company, you may or may not be contacted for further information or an interview. Either way, you probably won't know why. Applicant tracking systems (ATS), the software used by employers to manage employment applications, are not generally open to public scrutiny. "Unless …
Thomas Claburn, 17 Oct 2016
band_aid_patching_648

SAP fixes gaping authentication bypass flaw after 3 YEARS

A critical SAP vulnerability stayed unpatched for three years prior to its resolution this week, according to application security specialists. SAP monthly security updates issued on Tuesday addressed a total of 48 vulnerabilities, among them an authentication bypass vulnerability in a service called P4. The service provides …
John Leyden, 12 Oct 2016
Hadoop

Cloudera tells bright Sparks: Go teach yourselves Hadoop

Cloudera, presumably sick of paying its staff to train spies and their ilk, has decided to launch online courses for those wanting to familiarise themselves with Hadoop and Spark. The Palo Alto-based business has long offered training courses, including to Blighty's surveillance agency GCHQ, whose recently open sourced graph …
Penguins in mist, photo via Shutterstock

Hyperledger chain gang man explains Penguins' blockchain play

LinuxCon, Berlin Jim Zemlin raises an eyebrow when I say Hyperledger is rather outside Linux Foundation's usual domain, being a bit, er, consumery. “It’s totally enterprise,” the Foundation's executive director tells me. “It’s infrastructure.” Just like Linux, he reckons. Hyperledger is the layer above the operating system, above Linux. Linux …
Gavin Clarke, 06 Oct 2016
Andromeda: "Google Android" bot taking off with Chrome power backpack. Image mashup of two SHutterstock stock images.

‘Andromeda’ will be Google’s Windows NT

If you were to design a client operating system with the goal of being used by two billion people, what would it look like? We might soon find out what Alphabet’s looks like. Today’s announcement’s from Alphabet’s Google is expected to reveal "Andromeda", the merged Android/Chrome OS. Executives have been hyping today’s event …
Andrew Orlowski, 04 Oct 2016

@WalmartLabs applies Electrode to get current with web dev

@WalmartLabs – which practices deviant punctuation and develops software for the retail giant that bears its name – on Monday released Electrode, an open-source platform for building universal React/Node.js applications. Walmart.com now runs on Electrode, at least in part. Since January, @WalmartLabs has been helping Walmart. …
Thomas Claburn, 04 Oct 2016
band_aid_patching_648

Researchers gut EMC's VMAX, vApp with five god mode hack holes

Researchers with Digital Defence have reported six dangerous vulnerabilities in EMC's VMAX product line that can grant remote attackers arbitrary command execution with root privileges. The since-patched flaws affect Unisphere for VMAX and vApp Manager versions 8.0 to 8.2 – and also open up avenues for denial of service. Two …
Darren Pauli, 04 Oct 2016
The word futile

Oracle loses (again) in battle to get Google Java case retried (again)

Oracle has been turned away in its latest effort to get a new trial for its Java API copyright claim against Google. San Francisco District Court Judge William Alsup denied [PDF] Oracle's latest motion to have the case reheard, this time on grounds of misconduct on the part of Google's lawyers. The legal war, which has been …
Shaun Nichols, 29 Sep 2016
Locker room jocks photo via Shutterstock

Oracle's Coach Larry needs Microsoft plays to beat Amazon

Analysis SAP. Crack! IBM. Snap! Salesforce. Bang! Workday, I can see you - come over here... In the locker room that is Oracle’s quarterly conference calls with Wall Street, somebody’s ass is always on the receiving end of a sharp thwack from the towel of head coach Larry Ellison. Ellison has zinged his verbal towel off many a noble …
Gavin Clarke, 29 Sep 2016

Realm – a database you may not have heard of but app devs have – touts cloudy platform

At last, you can stop thinking about networking. Mobile database maker Realm promises this bliss as a consequence of using its new Realm Mobile Platform – which weds the Realm Mobile Database with the Realm Object Server to support applications that exchange real-time data. Using the now open-source Realm Mobile Database, a …
Thomas Claburn, 29 Sep 2016
McData screen cleaner

Before Bitcoin, digital cash was called Beenz – all that's left is a T-shirt

Conference Couture A couple of weeks back we wrote about the plan to have Oracle's NetBeans Java IDE become an Apache project and in an attempt to get some perspective on the move asked friend of the Regand former OpenStack board member Tristan Goode what he thought. Tristan's response? “The last NetBeans I remember was these in my old industry …
Simon Sharwood, 28 Sep 2016
Microsoft's Mark Russinovich with customer Daryll Fogal and Docker COO Scott Johnston

Microsoft releases Server 2016, complete with commercial Docker engine

Ignite Microsoft announced the release of Windows Server 2016 and System Center 2016 at its Ignite event in Atlanta. The commercially supported edition of the Docker engine is included at no extra cost. Server 2016 and System Center 2016 are available for download this week and will be on sale from October 1 2016. A key feature of …
Tim Anderson, 26 Sep 2016

Brexit at the next junction: Verity's guide to key post-vote skills

STOB Pay attention, campers. I have conducted an impartial analysis of the post-Brexit landscape and identified a list of concrete, must-have programming skills for your edification. Impartial? That's pretty rich, coming from you, Verity, considering what I have heard about your activities since Referendum Night. I don't know what …
Verity Stob, 26 Sep 2016
Container image via Shutterstock

Red Hat relabels OpenShift Enterprise to Container Platform

Red Hat’s on-premises application serving software has been given a rename from OpenShift Enterprise to OpenShift Container Platform, at the same time adding a slew of enhancements to improve scalability and security. OpenShift started out as Red Hat’s platform as a service (PaaS) offering for application development centred …
Dan Robinson, 23 Sep 2016
Oracle corporate HQ

Oracle lawyers prevail in copyright case (No, not that, the other one)

Oracle has been awarded $46.2m in its copyright battle with Rimini Street. The Nevada Federal Court awarded the cash [PDF] to cover the legal bills Oracle has racked up in its years-long battle with Rimini – which repackaged and sold support services for Oracle products without a license. The federal court also put in place a …
Shaun Nichols, 22 Sep 2016