James Gosling Joins Google Amidst Java Wars

At times when Google is fighting a tough battle over Java that has the potential of shattering its Android dreams, James Gosling, the father of Java has joined Google and has already started working there.


(Image source)
Java was acquired by Oracle, as part of its acquisition of Sun Microsystems. The deal went well and Sun managed to sell out. However, what Oracle acquired through this deal was much more than Sun products. It also got hold of a set of extremely well formulated Intellectual Property from Sun Microsystems, that was specifically written as leverage against being bullied by other tech-giants. Oracle is making the most out of this.

James Gosling has written on his blog announcing this as Next on the Road. At Google, James Gosling will find other familiar faces like Tim Bray, the co-inventor of XML who has worked at Google for over a year now. Sun Microsystems and Google have seen some employee love earlier (think Eric Schmidt). Gosling’s announcement of his new job goes as,

I don’t know what I’ll be working on. I expect it’ll be a bit of everything, seasoned with a large dose of grumpy curmudgeon.

Many people have speculated that Gosling joining Google is less of a coincidence, that it is a well-calculated move to strengthen Google’s voice when it comes to Java. With the Father of Java on their side, Google might have a better chance of saving Android now.

MySQL.com Database Compromised By Blind SQL Injection

An email was sent out earlier today on the Full-Disclosure mailing list, detailing the compromise of numerous MySQL websites along with portions of their database containing usernames and passwords.


MySQL offers database software and services for businesses at an enterprise level as well as services for online retailers, web forums and even governments. The vulnerability for the attack, completed using blind SQL injection and targeted servers including MySQL.com, MySQL.fr, MySQL.de and MySQL.it, was initially found by "TinKode" and "Ne0h" of Slacker.Ro (according to their pastebin.com/BayvYdcP dump of the stolen credentials) but published by "Jackh4x0r".

The stolen database contain both member and employee email addresses and credentials, as well as tables with customer and partner information and internal network details. Hashes from the database have been posted, with some having been already cracked.

A submission to XSSed.com also details an XSS (Cross Site Scripting) vulnerability affecting MySQL.com that may have provided a secondary entry point for compromising visitors or employees with the organization since early January of 2011.

This is definitely a shame for the folks behind MySQL since they were bought by Sun and later on by Oracle (through the Sun acquisition). MySQL is used by millions of users for small and medium sized databases, including by the popular blogging software WordPress.

The email sent to Full Disclosure lists out all the databases, tables and even some password hashes for the users at MySQL.com. There has been no response from MySQL on this issue yet. We have contacted them for a comment and will update this post once more information becomes available.

More updates coming soon….

Update: This hack also compromised the database at Sun.com, more info on this at http://tinkode27.baywords.com/

Sun.com Domain could be Worth as high as $2 Million

The Sun.com domain name is the property of Oracle now that it owns everything Sun. The deal was closed at  $7.4 billion, a loss making one for both Oracle and Sun. Now, Oracle has nearly completed the process of acquiring all Sun services and products under its own brand, and the last remnants of Sun Microsystems, the Sun.com website, will go down soon.
However, one question that arises here is what happens to the Sun.com domain name? The domain is an extremely business specific domain, with a dictionary word and is short and authoritative. At the present scenario, the Sun domain is valued at nearly $2 million and quite a few organizations are speculated to have their eyes on it. This can end up as one of the largest domain biddings ever.

One thing is for sure though, that the domain can go on sale anytime now and it will probably earn Oracle a huge sum. In exclusive talks with PCWorld, Paul Nicks, the Director of domain aftermarket services for GoDaddy remarks,

Sun.com is appealing because it could be used in a number of ways. Solar power companies, companies with ‘sun’ currently in their name, domain name investors or anyone looking to leverage the history behind the name could have a bidding interest.

The Sun.com domain is the 11th oldest .com domain name still in use and it is surely a golden goose by now in terms of traffic. The domain ends its registration period on 20 March 2012 after which, it will be free of Oracle, for anyone to pick up for a mere $10. However, I am sure, Oracle is definitely going to re-register it and even more so, sell it in a few months’ time.



The Last Remnants of Sun.com Will Go Down on June 1

Sun Microsystems is a perfect example of the fact that no matter how big your army of technical expertise is, if you do not know how to do business, your venture is going nowhere.
Even after owning some state-of-the-art software, Sun made a huge mistake of putting them on their own hardware exclusively. This did not work out well and the company came plummeting down. The company has been a favorite amongst OSS enthusiasts as it was in huge support of Open Source, many of its projects being open source themselves. MySQL, Java, Apache Tomcat and OpenSolaris were the four largest projects that Sun gave to the open source community and most of the Internet is riding these waves even today. While most blogs use MySQL because of its low memory footprint, Tomcat is preferred by many corporate services dealing in banking and finance to run their operations. Java is used for its true object-orientation and security in secure web applications.

Even after such expertise and so many achievements, Sun Microsystems made one wrong business move after another. After the dot com bubble burst a decade ago, Sun was badly affected; it had to make desperate survival attempts by shutting down their facilities one after another. Finally, Oracle saved Sun the embarrassment and bought it when it was undergoing prolonged losses. The end of an era was marked, and here is a tribute to the legend.

Those who have been an absolute favorite of the company have regularly visited Sun.com and will wonder what happens to the website. Well, the domain will be decommissioned on June 1st and the SDN will be moved to the SysAdmin and developer community of the OTN (Oracle Technology Network).

The blogs at the blogs.sun.com subdomain will be moved to a new location at Oracle. However, two comments on the announcement page tell us more than that.

Oracle willingly saying, “we don’t care” about this history of work that exists in the sun.com domain is yet another indication of the sad end of a real legacy of our computing history.

On whether all the blog content will be moved or not, one comment said that many blogs might not make it to their new home at Oracle.

I dont think this is a big deal. Most of the stuff on sun.com is obsolete now. I think that you will find that if you legimately pay for support you get more than what you need in oracle metalink and better quality and accuracy than the content on the sun forums anyway.

Red Hat Responds to Kernel Source Accusations

The entire open source community frowned upon Red Hat releasing kernel sources with all its patches and fixes upstream. This troubles any business that is around the release and can be termed as simple obfuscation that renders the open source code release useless. Red Hat is using a known method to protect its business.

If you must release the source, release it obfuscated and by the time people will have figured it out and started working on it, you will be out with a new version defeating all their work.

The response at Red Hat says,

The competitive landscape has changed. Our competitors in the Enterprise Linux market have changed their commercial approach from building and competing on their own customized Linux distributions, to one where they directly approach our customers offering to support RHEL.

Frankly, our response is to compete. Essential knowledge that our customers have relied on to support their RHEL environments will increasingly only be available under subscription. The itemization of kernel patches that correlate with articles in our knowledge base is no longer available to our competitors, but rather only to our customers who have recognized the value of RHEL…

Red Hat is  right in its own place. This will prevent Oracle and Novell from providing RHEL support. However, in making this change, Red Hat is ignoring the fact that it just killed a number of developers and small businesses based around the Red Hat kernel releases. Though, CentOS co-founder has claimed that they are not worried by this change. Red Hat has also made a statement specific to CentOS saying,

We haven’t at all restricted CentOS’s ability to grab source code and recompile it and clean-out trademarks and package it. It’s just some of the knowledge of the insides that we’re hiding,

Red Hat has also made some effort in cleaning its name off the case by saying it makes changes in the upstream even before releasing them in RHEL. However, even if we agree that Red Hat aimed this at business competitor Oracle, we cannot overlook the fact that others open source projects took a hit. Even if CentOS developers can make do with this, many others cannot.

The explanation does not do any good and this change is still not welcome. Red Hat should not consider other projects based around itself as casualties of the war with Oracle.

Enough With the Android Java Code Hoopla, There Is No Java Copied Code Used to Run Android

Android has used Java code, Android has infringed upon Java and Androids Dalvik virtual machine uses Java codeare claims from Oracle we have heard over the last few months. This had even led to a lawsuit against Google and put the future of Android in jeopardy for a moment.


However, as blatant these claims are, Ed Burnette has proved them wrong. Engadget announced this first by writing,

Oracle is currently suing Google for patent and copyright infringement in Android — which isn’t a hard case to prove when you’ve got 37 Android source files marked “PROPRIETARY / CONFIDENTIAL” and “DO NOT DISTRIBUTE” by Oracle / Sun and at least six more files in Froyo and Gingerbread that appear to have been decompiled from Java 2 Standard Edition and redistributed under the Apache open source license without permission. In simple terms? Google copied Oracle’s Java code, pasted in a new license, and shipped it.

Engadget also says that Google has decompiled files from the Java 2 SE. In simpler terms, it has copied files from the J2SE bundle, but has copied files that are just not used in running the Android system!

The files found common in Android and Java are files used for unit testing. Therefore, even if those files were used at all, it was for unit testing, which is a feature, provided by the Java platform itself. Even Oracle cannot deny its usage to anyone. However, when the Android package was formed, the license of those files was modified to Apache and this today, has become an issue.

Though, technically, Google should have removed those files as it did on 14 January this year. This was the first blow to Android and thankfully, it more than survived. The year 2011 will be critical for Android with Gingerbread and Honeycomb and the effect of this setback will be minimal.

LibreOffice Finally Lands As Default In Ubuntu 11.04 Natty Narhwal

After what Oracle has been doing recently, it is no surprise that most of the open-source projects want to distance  themselves  from Oracle. So, when LibreOffice was announced as an alternative to the Oracle controlled Open Office, many Linux distributions offered their support for it. In fact, Mark Shuttleworth even  announced that LibreOffice will be shipped in the place of Open Office in a future Ubuntu release.

Today, Canonical has finally done it by replacing OpenOffice with LibreOffice in the daily build of Ubuntu 11.04 “Natty Narhwal”. This follows the earlier announcement that Canonical is planning to give LibreOffice a run in Ubuntu 11.04 Alpha 2 to see if it can replace OpenOffice in the final release.

The second alpha of Ubuntu 11.04 is to be released 3rd February. LibreOffice will remain as the default office suite throughout the second alpha phase. There is no confirmation that LibreOffice will remain the default office suite in the final release – that decision will be taken later. However, in all likelihood it will remain as the default – unless something very bad happen in between.

The replacement of Open Office with LibreOffice will create a lot of noise, no doubt. But for an Ubuntu user, there will not be that much of a difference. Both LibreOffice and Open Office has almost the same UI right now. And regarding features, at this point most of what LibreOffice has done is import the patches from Go-oo. Ubuntu has always shipped Open Office with the Go-oo patches. So, there also users will not see much difference. However a big difference will be in the speed because LibreOffice uses a larger memory cache than Open Office.

If you cannot wait for Natty and want to try LibreOffice now, here is an easy way to install it easily.

Oracle Reaches For The Cloud With Cloud Office

In an effort to catchup with Microsoft, Google, Zoho and other online document suite providers, Oracle announced the availability of their online office suite, dubbed as Oracle Cloud Office.
Oracle Cloud Office features a web-based Word Processor, Spreadsheet & Presentations software which are capable of viewing, edition, and exporting to Open Document Format(ODF) as well as Microsoft Office formats. Oracle Cloud Office also integrates well with Oracle Open Office, allowing you to publish documents from your local desktop to the cloud with where you can edit with Oracle Cloud Office.

Oracle Cloud Office is available in Software as a Solution (SaaS) architecture, and also allows for custom branding & deployments.

ASF Resigns From JCP Executive Board

Apache Software Foundation has dealt a use blow to the Java Executive Committee by tendering their resignation. Apache has been on the JCP Executive Committee for past 10 years, and had won the JCP "Member of the Year" award 4 times.

In the phrase "fail to uphold their responsibilities under the JSPA", we are referring to Oracle’s refusal to provide the ASF’s Harmony project with a TCK license for Java SE that complies with Oracle’s obligations under the JSPA as well as public promises made to the Java community by officers of Sun Microsystems (recently acquired by Oracle.)  This breach of the JSPA was begun by Sun Microsystems in August of 2006 and is a policy that Oracle explicitly continues today.  For more information on this dispute, see our open letter to Sun Microsystems

Apache has decided to leave the JCP EC, due to problems with Oracle over the Harmony project. Oracle has reportedly rejected a TCK license for ASF’s Harmony for Java SE. Apache has been mulling on Oracle’s Abuse of Java for a long time now and this decision does not come as a huge surprise.

Oracle became the owner of Java after they acquired Sun Microsystems this year and have continued to get into trouble with the open source community over several of its projects. ASF resigning from JCP deals a telling blow to Oracle on their policies, only time will tell as to where this is headed.

You can read the entire explanation of the ASF decision at the official Apache blog here.

Oracle Rolls Out The First Beta Version of VirtualBox 4

VirtualBox, one of the best ( and my personal  favorite) virtualization applications has just gotten a new lease in life. The developers of VirtualBox have uploaded the first beta version of their next major release, VirtualBox 4.

One of the notable changes seems to be the way features are going to be available.

As of version 4.0, certain features of VirtualBox are shipped as part of external packages (extpacks).

As of now there is one such extension pack, the PUEL extension pack which features support for USB 2.0, RDP server and the PXE bootloader with E1000 support. It would seem like Oracle intends to ship only one version of VirtualBox, with extra (closed-source ?) features added on as extra packs. And given the way Oracle has acted previously it wouldn’t be surprised if some paid extrasget tacked on.

Some of the new features included this major release include:

  • Support for resizing existing virtual hard disk images ( Finally!)
  • Support for copying files into guest filesystem
  • Support for auto-update of Guest additions ( Windows only, as of now)
  • Intel HD Audio is available as one of the audio hardware on the guest.

For a detailed list of changes do check out VirtualBox forums. You can grab the downloads from here.   And as with any beta software don’t use it in your production environment!