Project XobotOS Ports Android 4.0 Dalvik Core from Java to C#

When on one hand, Google and Oracle are tied in a fierce battle over the use of Java in Android’s Dalvik code; a group of hobbyists has ported the Dalvik core to C#. The project is called XobotOS and it comes from the same guys who made Mono for Android.

XobotOS is a Xamarin research project that explored porting Android 4.0 from Java/Dalvik to C# to explore the performance and memory footprint benefits of C#.

The C# port is semi-automated. A major part of the codebase was created using a tool called Sharpen, that can port Java code to C# effectively. The rest of the port was created manually. You can visit the project’s GitHub page for more details. The C# port of Dalvik is released under the Apache 2 license, and the Sharpen tool is released under GPL.

Android being ported to C# is good news. It is good to see that people are hacking Android and creating their own versions of awesomeness. But wait, it gets better! On comparing the port to the actual Dalvik core, it was seen that the ported C# version had drastic performance improvements over the existing Java based Dalvik core.


XobotOS started out as a fun project and has achieved a marvelous feat. Sadly, the Xamarin team has a different focus going further. It has announced that XobotOS was an experiment, and it will not be developed any further. Nonetheless, this project has demonstrated clearly that when it comes to performance on mobile devices, C# beats Java hands down.

Skype Sees a Major Network Overhaul, Moves to Linux Supernodes

Microsoft has replaced a major part of Skype’s network by replacing its 48,000 P2P supernodes with a set of centralized Linux boxes. This change was done over two months ago as a security measure. The Linux boxes are being hosted by Microsoft itself and this is the first such network change inside Skype, since it started operating in 2003.

The change has been analyzed by Kostya Kortchinsky over at Immunity Security. Microsoft is yet to confirm the research’s findings, but it has released a statement to Ars Technica saying,


As part of our ongoing commitment to continually improve the Skype user experience, we developed supernodes, which can be located on dedicated servers within secure datacenters. This has not changed the underlying nature of Skype’s peer-to-peer (P2P) architecture, in which supernodes simply allow users to find one another (calls do not pass through supernodes). We believe this approach has immediate performance, scalability and availability benefits for the hundreds of millions of users that make up the Skype community.

Microsoft has probably made this move to prevent outages like these. Currently, there are little over 10,000 supernodes, all hosted centrally by Microsoft. Unlike earlier, when users with sufficient bandwidth were upgraded to supernode status, the new strategy does not make supernodes out of users.

Seven months into ownership of Skype, and Microsoft is already making changes to it. Although it is not trying to port any existing infrastructure to its own technology stack immediately, there is a fair chance of that happening and when that happens, undoubtedly, Azure will be the way to go for Skype.

Read Kortchinsky’s report here.

SPDY on Mobile- Yay or Nay?

Over the last three years, we have heard a lot about SPDY and how it will change the Internet by replacing the current HTTP protocol. SPDY is fast indeed, and it ships enabled on both Google Chrome and Firefox beta, now. That makes over 50% of the world using SPDY, if they are on the latest versions of Chrome and Firefox.

Google has given a new meaning to the mobile space with its aggressive strategy with Android. Within a few years, Android has emerged as a potential competitor in the mobile space, and has bumped the mobile hardware world too. With mobile playing a crucial role in our everyday life, can the new HTTP 2.0 protocol specification be formulated without caring for mobile?

SPDY is bound to influence the new HTTP protocol in many ways, and its performance on mobile devices has to match the significant improvements it boasts of, on the desktop. So does SPDY do justice to mobile browsing? Google Developers Blog investigated into SPDY mobile performance and found that it really does make a difference.

The net result is that using SPDY produced a mean page-load time improvement of 23% across these sites, compared to HTTP. This is equivalent to a speedup of 1.3x for SPDY over HTTP. Much more work can be done to improve SPDY performance on 3G and 4G cellular networks, but this is a promising start.


According to the tests, SPDY gives an average speed improvement of 23% with a maximum of 50% over HTTP. This is an excellent start, and while Chrome on Android is already capable of using SPDY, Twist has managed to develop an open-source SPDY implementation for the iOS. Clearly, the mobile space is already showing signs of acceptance for the next-generation of HTTP protocol.

Apache Software Foundation Announces TomEE, a Lightweight Apache Tomcat Server

The Apache Software Foundation (ASF) has some of the world’s most popular open source projects residing under its roof. The Apache Tomcat server for J2EE applications is one of them. It is the world’s most popular application server for J2EE applications and dominates small-scale Java EE application deployments.

The Apache Software Foundation has recently announced the release of the first version of a new application server based on Apache Tomcat 7.0.27. The new server is called TomEE (pronounced “Tommy”) and it is a sub-project of Apache OpenEJB. TomEE is much more robust than Apache Tomcat and boasts of a 300% performance improvement over it. This makes it suitable for cloud applications.

Apache TomEE is the Java Enterprise Edition 6 Web Profile-Certified edition of Apache Tomcat, the world’s most popular Java application server software, with more than 70% market penetration within the enterprise.

David Blevins, the Vice President of the OpenEJB project said,

TomEE is the closest and shortest jump for anyone with a Tomcat stack using any number of Java EE technologies to finally move to a Java EE 6 Web Profile certified platform that offers great freedom in the Cloud.

TomEE has support for Apache OpenEJB, Apache OpenWebBeans, Apache OpenJPA, Apache MyFaces and many other frameworks. The Apache TomEE project has been brewing for a long time and it obtained its Java EE 6 Web Profile certification on the Amazon EC2 in October last year. This is going to be the first choice for startups that want to overcome the initial deployment costs.

Google’s Expensive Street View Misadventure is One Guy’s Mistake!

Between May 2007 and 2010, Google gobbled up enormous amounts of Wi-Fi data, when it actually set out to capture street-view images. This has been the hottest case of privacy breach in the last decade. For a company that believes in “don’t be evil”, Google made a terrible mistake in doing this. The mishap was discovered by European data-protection authorities. Initially, Google claimed that capturing Wi-Fi data would let it improve location-based services. When under some more pressure, Google jumped in with a clarification, saying it collected only fragments of data. Though finally, in 2010, Google acknowledged that it collected entire payloads from Wi-Fi networks with all kinds of personal data (emails, passwords, internet usage data and alike).

The case has been under investigation, and recently, Google has released an FCC report, where it holds a rogue engineer liable for capturing payload off Wi-Fi networks. The engineer in question wrote a code to capture Wi-Fi data and put it into the Street View code. However, the engineer was not available for talks as he invoked his Fifth Amendment right and refused to comment.

The FCC report also talks of other people at Google who were aware of the intentions of this engineer. The engineer drafted a proposal of his work and presented it to the Street View team in October 2006. Now, managers of the Street View team claim that they never read the document presented to them by the engineer! To add to the confusion, a second engineer who did a peer code review for our rogue engineer’s Street View code found no mechanism to capture Wi Fi data.

Nonetheless, Google has come out of this investigation clean. The FCC declared that Google did not capture Wi Fi data illegally, but fined Google for $25,000 for stalling the investigation.

After thoroughly reviewing the existing record in this investigation and applicable law, the Bureau has decided not to take enforcement action against Google for violation of Section 705(a). There is no Commission precedent addressing the application of Section 705(a) in connection with Wi-Fi communications.

Read the full report on the FCC investigation.

(Via: LA Times)

Microsoft Finally Sees the Evil in CISPA, Backs Out

Earlier this year, a draconian bill called SOPA troubled the Internet for months. After months of protests and pleas, it was finally withdrawn at the last stage. However, that was not the end of it. Now, CISPA has arrived to haunt us. CISPA is a less aggressive version of the SOPA bill that threatens online privacy. It grants unquestionable powers to Internet and telecom companies, allowing them to spy on their users with zero accountability.
CISPA has passed at the House of Representatives, and awaits an approval by the President’s office now. However, President Obama has declared that he will veto the bill.

The U.S. House of Representatives approved CISPA by a 248 to 168 margin yesterday in spite of a presidential veto threat and warnings from some House members that the measure represented “Big Brother writ large”.

Like SOPA, CISPA also saw an array of supporters from big names in the world of technology and just like with SOPA, Microsoft offered the CISPA bill its support earlier. However, in a recent development, Microsoft has decided to back out of support for CISPA. In conversation with CNET, Microsoft said it wants to honor the “privacy and security promises” it makes to its customers.

Dan Auerbach at the EFF appreciates Microsoft’s move, saying-

We’re excited to hear that Microsoft has acknowledged the serious privacy faults in CISPA. We hope that other companies will realize this is bad for users and bad for companies who may be coerced into sharing information with the government.

CISPA is an evil bill. It grants law enforcement agencies powers to spy on people without requiring any provision by the law. This bill puts law enforcement agencies above the law by waiving all privacy laws related to cyber security. This is beyond disastrous. CISPA must be stopped.

Also read: Microsoft’s initial statement of support for CISPA

(Image via)

Firefox 13 Beta Ships with SPDY Enabled by Default

SPDY has seen a major push yesterday, with Firefox finally making the move to SPDY. The latest beta of Firefox 13 arrived with SPDY enabled by default and this makes SPDY a primary candidate in the world of application layer protocols. Besides Internet Explorer, Firefox and Google Chrome are the two major browsers by market share. While Google Chrome has shipped with SPDY for a long time now, although Firefox had SPDY present from version 11 onwards, it was turned off by default. Finally, after a series of bug fixes, SPDY has made it to the latest beta of Firefox 13.

Apart from SPDY, Firefox 13 will have major behind-the-scene changes and some long-awaited UI changes too. The latest release of Firefox version 13 brings the much awaited speed dial, which is a necessity for any modern browser. Firefox 13 will also turn on smooth scrolling and on-demand tab loading, when opening tabs from a saved session.


When Google announced SPDY for the first time, it was unclear whether it would catch up with the well-established HTTP protocol. SPDY was invited to be a part of the new HTTP standard and things were off to a promising slow start. However, Google has also taken the alternate path, by marking a presence on major browsers first, and then creating a lock-in situation so that it ends up as a web-standard anyway. Nevertheless, to survive the competition with a rapidly developing browser like Google Chrome, Firefox has to improve on speed, and SPDY will be a good start.

The release notes for the latest beta can be found at this page.

German Court Rules Against a Bank Client in a Phishing Case

A German court has ruled against a disgruntled client, who sued his bank over a phishing case. The client claimed to have lost €5,000 ($6,608) in a fraudulent transfer, where the amount was sent to an account in Greece. The Sparda Bank customer in question had entered his Transaction Authentication Number (TAN) code into a phishing website that was designed to look like his bank’s website.

phishingA TAN code a one-time password that is used for two-factor authentication. Sparda Bank, or any other bank for that sake, warns its customers of phishing attacks repeatedly. In this case, the negligent user entered his TAN code into the phishing website over ten times. The bank’s argument in the case was- having to enter the code ten times should have raised an eyebrow.

One time password is a standard (though not quite secure) way of authentication used by many banks across the world. In Germany, Sparda Bank is one of the few bans to stick to the iTAN procedure. For most banks, these codes stay valid for a maximum of 24 hours after generation. However, in this case, the transaction occurred three months after the codes were entered into the phishing website. Surprisingly, the TAN codes were valid for over three months!

This case might create a new storyline in the world of phishing and let banks wash their hands off cases where they are actually guilty for lax security measures. Clearly, the bank too has a responsibility here, because once generated, its TAN codes are valid three months later, which should not be the case.

Negligent customers can and will blame banks for their losses in phishing cases. With reports of phishing attacks in Germany going up by 82% over the last year, perhaps it is time banks and all financial institutions up their security measures, to protect their users from the phishing industry.

The Long Awaited Ubuntu 12.04 is Here Finally

We have been hearing about Ubuntu 12.04 Precise Pangolin and how awesome it is going to be, for quite some time now. The wait is finally over, and Ubuntu 12.04 has been released. It sports some bold features, and the fact that this is a long-term release (LTS) makes Ubuntu 12.04 even more special.

This release will be supported with updates and fixes for the next five years, and this will call for an upgrade across many Ubuntu installations that are still on the previous LTS release. Moreover, Ubuntu also supports Hyper-V for virtualization on a Widows server.
The Fridge writes on this release, saying,

The Ubuntu team is very pleased to announce the release of Ubuntu 12.04 LTS (Long-Term Support) for Desktop, Server, Cloud, and Core products. Codenamed “Precise Pangolin”, 12.04 continues Ubuntu’s proud tradition of integrating the latest and greatest open source technologies into a high quality, easy-to-use Linux distribution. The team has been hard at work through this cycle, introducing a few new features and improving quality control.

Ubuntu is known for bringing new UX features to the table. With a significant growth in the server business, it has managed to register another win. Recently, HUD and Ubuntu for Android turned quite a few heads and this release of Ubuntu 12.04 lives up to the hype that was built over the last few months.

You can find different versions of Ubuntu at the release page. A tour of Ubuntu is also available online, at this page. However, if you are looking for direct download links for the English desktop version, you can download the 32 bit desktop CD or the 64-bit desktop CD ISO image.

Linus Torvalds Nominated for the 2012 Millennium Technology Prize

Linus Torvalds has been nominated for the Millennium Technology prize for 2012, besides Dr. Shinya Yamanaka. Dr. Yamanaka is an eminent stem-cell researcher and Torvalds is the creator of the Linux kernel. The award is given out every two years. Put in a single line, this is the most befitting description of the award.

The prize seeks to highlight innovations that assist and enrich our everyday lives today as well as in the future.

Linus Torvalds has been nominated for the award for his efforts with the legendary Linux kernel.

In recognition of his creation of a new open source operating system for computers leading to the widely used Linux kernel. The free availability of Linux on the Web swiftly caused a chain-reaction leading to further development and fine-tuning worth the equivalent of 73,000 man-years. Today millions use computers, smartphones and digital video recorders like Tivo run on Linux. Linus Torvald’s achievements have had a great impact on shared software development, networking and the openness of the web, making it accessible for millions, if not billions.

Torvalds is one of the most respected men in the world of software. He has made considerable efforts to build and maintain an OS kernel that changed the way software is done. He has created a new storyline in the world of software development, and we all are parts of that story. Over two decades have passed since the first release of the Linux kernel and it has improved vastly, with timely support for new hardware.

Although some may argue that the Linux kernel is a one-man show, it really is a community effort. Linus truly deserves this award for bringing together an awesome group of selfless people and creating a better world for us all.

(Via: The Verge)