Cisco Systems says Java vulnerabilities are now exploited more often than holes in Adobe's Acrobat and Reader applications.
The networking giant's 2010 Annual Security Report states that in January 2010, Java exploits accounted for only 1.5 percent of Web malware blocked by the company's ScanSafe software. By November, that number had jumped to 7 percent, Cisco says. Meanwhile, PDF exploits were declining. In January, they totaled just over 6 percent of Web malware blocked by ScanSafe, and by November that number had dropped to just 2 percent.
More
Posted by John K. Waters on February 1, 20111 comments
I wrapped up the working side of 2010 by catching up with one of my favorite software development gurus, David Intersimone, best known as "David I." He calls himself a "code junkie'; I'd call him a programmer's programmer. He worked for more than two decades at Borland, the company that invented the IDE; then CodeGear, the company that emerged from Borland's decision to shed its tools business; and he's now Vice President of developer relations and Chief Evangelist at Embarcadero Technologies.
We talked about a lot of stuff, including how he manages to get a seal on his scuba mask over that Dumbledore beard of his. But we eventually hunkered down on a topic that has been occupying him lately: developing for the cloud.
"I think we've made it through all these overloaded terms like software-as-a-service and mashups," Intersimone told me. "Now we're at the point where we can say, we've got clients and we've got servers, and in between them there are protocols and APIs. That's the real world."
The cloud is more a less a manifestation of that real world, he said, and it's improving the lives of developers by allowing them to employ the standards and the architectures they use when building desktop client-server multitier applications with the added ability to deploy very rich clients "all over the place."
"It's so easy now to configure and provision an instance of a server, inside or outside the firewall," he said, "and then build all sorts of clients, including a simple HTML/JavaScript browser client, or a simple client built with Xcode and REST connectivity for the iPad or the iPhone, or with simple Java for Blackberry and Android, or Silverlight for Windows Phone 7."
More
Posted by John K. Waters on January 21, 20110 comments
Here's a MySQL announcement that surprisingly didn't make the news last week: The Independent Oracle Users Group (IOUG) has just formed a new advisory group made up of MySQL community leaders and subject matter experts.
The membership roster of the new MySQL Council includes some prominent names in MySQL Land. Here's the list:
- Sarah Novotny, Blue Gecko
- Sheeri Cabral, PalominoDB
- Bradley Kuszmaul, Tokutek
- Giuseppe Maxia, Continuent
- Rob Wultsch, GoDaddy.com
- Matt Yonkovit, Percona
More
Posted by John K. Waters on January 18, 20111 comments
It's been a dramatic couple of weeks in Java Land. The headline grabber was the departure from the JCP of the Apache Software Foundation. Losing the ASF was a blow, to be sure, but I'm not so sure it's fair to paint Oracle as the bad guy in what is a long-standing dispute that goes back to Sun Microsystems' stewardship of Java.
The ASF has been objecting to the decision -- first Sun's, then Oracle's -- not to provide the ASF with a test compatibility kit (TCK) license for its own Java SE implementation, Project Harmony, since 2006. Without the TCK, Harmony can't be tested and certified against the Java standard. This decision, in the ASF's words, "imposes additional terms and conditions that are not compatible with open source or Free software licenses." The agreement under which Oracle and the ASF participate in the JCP entitles the ASF to a license for the TCK that will allow the organization to test and distribute a release of the Apache Harmony project under the Apache License, the ASF has argued.
More
Posted by John K. Waters on December 20, 20100 comments
The book as we know it is probably going the way of photo film and vinyl LPs: it won't disappear altogether, but evolve into an increasingly rarer curiosity treasured by aficionados. But whether it's an eText or dead-tree-tech, books still make great holiday gifts for the geeks in your life. Here, in no particular order, are a few that came across my desk this year that might be worthy of a place under your tree:
- Agile Testing: A Practical Guide for Testers and Agile Teams, by Lisa Crispin and Janet Gregory, Addison-Wesley Professional, January 9, 2009.
More
Posted by John K. Waters on December 20, 20100 comments
Most of the time, reporting on doing ons in the Valley of Silicon is an inspiring gig filled with world-changing technological innovations and amazing success stories -- 26-year-old-billionaires, for example, making it to the cover of Time magazine. And sometimes it's like covering a bunch of fifth graders playing King if the Hill.
It's getting hard to keep up with who's suing whom around her. This week, it's Swiss mobile software maker Myriad Group suing Oracle for allegedly charging excessive licensing fees for Java.
More
Posted by John K. Waters on December 17, 20101 comments
Vendor announcements were flying fast and furious at the recent second edition of the Northern California Enterprise 2.0 Conference.
The conference, which "explores the integration of Web 2.0 technologies in the enterprise, from both strategic and tactical perspectives," drew an estimated 1,400 attendees to the Santa Clara Convention Center. The Boston edition has been running for 6 years.
More
Posted by John K. Waters on November 18, 20101 comments
When software developers Ian Gallagher and Eric Butler unleashed "Firesheep," an add-on they developed for the Firefox Web browser that allows users on unsecured Wi-Fi networks to identify and capture the social networking sessions of others on that network, Butler declared on his blog that their intention was to throw a spotlight on the lack of effective security among popular social media Web sites, such as Facebook and Twitter.
More
Posted by John K. Waters on November 17, 20100 comments