Showing headlines posted by brideoflinux

True, VARs have traditionally chosen to go the proprietary route, which they’ve considered better paved and better marked, but they’ve not been unwilling to take a chance and go down the unmarked gravel road of open source. Mainly, VARs just want to make money, which makes them a pretty agnostic lot. They’ll worship at the cathedral or the bazaar–or anywhere else where the cash register is liable to go ka-ching.

Back in March and April, when the Java browser plugin was getting hammered with security holes that were being exploited in the wild, we conducted a couple of unscientific polls here on FOSS Force to determine how our visitors were handling this security crisis.

On Tuesday, Reuters reported on shareholder unrest in Finland. It appears that the shareholders of Nokia have been reading the riot act to Chief Executive Stephen Elop, demanding he turn the ship around. They’re also suggesting that Nokia’s exclusive deal with Microsoft perhaps isn’t such a good idea:

There is nothing new about this sort of action. In the days before the Internet, radio and TV stations, more often than not government owned, often went silent or dark during times of military insurrections. If not dark, they dropped regular programming to broadcast wall-to-wall marches, interspersed with announcements ordering all citizens to remain indoors while reassuring them that government forces had everything under control.

In our poll we asked, “What operating system would you be most likely to consider for a tablet if available?” The options were Android, iOS, BlackBerry 10, Windows Phone 8, Windows RT, Ubuntu, webOS, None of the above and Other. Those who chose the “Other” option were given the opportunity to name another OS.

We already knew, of course, that Fuduntu was history, that the beloved distro was to be no more, evidently due to the fact that it was becoming nearly impossible to support GNOME 2 in any sort of meaningful way. We also knew there’d been talk among the developers at Fuduntu of continuing with a new distro. Well, now it’s a done deal and most of the developers of Fuduntu will be working on a new distro based on openSUSE.

...we learned on Monday that everybody’s favorite open encyclopedia, Wikipedia, has dropped the Facebook fork of MySQL they had been using to deploy MariaDB.

I thought it was going to be easy. Just click, listen, and get back to work. Wrong. My Chrome browser told me I needed to install the QuickTime plugin if I wanted to hear Mr. Bell.

U.S. News & World Report was the first to announce this afternoon that the Senate will evidently not vote on the cybersecurity bill known as the Cyber Information Sharing and Protection Act or CISPA. According to a report published on their website, the news organization has received assurances of the bill’s death from an unnamed member of the U.S. Senate Committee on Commerce, Science and Transportation that has been considering the bill as passed last week by the House of Representatives:

With Google’s Chromebook finally taking off and every laptop maker on the planet jumping in with a “me too” device, it was only going to be a matter of time before Google came-up with a cloud based phone–a ChromePhone, if you will–to augment their success with Android. Well, the Firefox phone now makes Google a little late to that fair. Not that there’s much wrong with Google, mind you. But sometimes we need a David to cut Goliath down a notch or two to make sure his britches continue to fit.

A brute force attack is based on the premise that a computer, or a botnet (which is a group of hijacked computers acting as one), can continue to attempt to guess at usernames and passwords in rapid succession, using such speed that eventually they’ll get in. This is especially true if the password is merely a word from the dictionary, no matter how obscure the word is. Security experts have demonstrated over and over again how quickly such a password can be cracked by using a brute force attack, which is why a “gibberish” password utilizing upper and lower case letters, numbers and symbols is recommended. Not so long ago, a password of eight characters was deemed sufficient length. Nowadays it’s recommended that your password be ten or more characters long.

We’re not ready to tell you we think it’s safe to reactivate your Java browser plugin–in fact, just the opposite–but we will say that Oracle is at least giving the appearance they’re now serious about addressing browser-side Java’s safety. Early last week they issued a security patch that fixed either 41 or 42 Java security issues, depending on what website you’re reading.

Online privacy advocates finally got what they’ve been asking for when President Obama yesterday threatened to veto the Cyber Intelligence Sharing and Protection Act (CISPA) if congress doesn’t amend it to include more protections of privacy and civil liberties. The administration began signalling displeasure with the bill last Thursday when Caitlin Hayden, of the National Security Council, indicated the President might not support the measure as worded, after it was approved by the U.S. House Intelligence Committee.

The photograph in question was originally used as a sort of anti-advertisement for Rochdale College, a chartered Canadian free school that closed in 1975. In it’s day, Rochdale occupied a brand spanking new eighteen story building near downtown Toronto, bought and paid-for with government funds. Outside of Toronto, this building and the school it housed was one of hippiedom’s best kept secrets. If the 60s counter culture had a Vatican, it was Rochdale.

This isn’t a major upgrade. I’m sure there are some bug fixes and minor enhancements, but it mainly upgrades some essential software, such as the Linux Kernel, Enlightenment window manager, Midori browser, Terminology terminal emulator and Ubiquity, the Ubuntu default installer used by Bodhi. In addition, this update adds eCcess, a new system tool, and includes a slew of new themes for dressing-up the desktop.

As much fun as I’m having picking on poor Mr. Limi, these are all valid concerns, especially for someone who works in project design. Indeed, designers with any software project, especially when the product is as complex as a modern browser, need to constantly question how much control is useful and try to discover where the ability to customize gets in the way of the user experience. According to his blog, Limi believes in a 2% rule; if an option is used by less than 2% of the user base, then that option should be removed. To his thinking, the 2% who use the function wouldn’t be left in the cold, since they could simply use a plugin to reintroduce the missing option.

Oracle’s management of Java since obtaining it from Sun has been nothing short of a joke. It’s about time for them to decide if they want to keep Java or not. If they don’t want it, they need to spin it off or let it die. If they think it’s a valuable part of their software portfolio, they should treat it as such and work overtime to make it safe.

Sun Microsystems is a good example of what happens to a company sitting on a huge pile of money when they can’t figure-out a way to turn red ink into black. After the dot-com bubble burst, Sun was able to live off their savings for about a decade before being forced to agree to become Oracle’s bride. It’s doubtful that Shuttleworth would be able to find such a suitor for Canonical as his company’s major assets are programs written under a copyleft license.

In a way this sounds a little bit like Google’s Chrome OS, where most work is actually performed in cyberspace, doesn’t it? In a way, it’s very Zen. We have all these robots running around doing our bidding, each with its own separate identity, but all ultimately relying on a single brain.

It would seem that Oracle is getting serious about addressing security issues in Java. Late Monday the company pushed Java 7 Update 17 that fixes two security holes that were already being exploited in the wild. The vulnerabilities addressed in Monday’s patch had been known since at least February 1 and were originally scheduled to be fixed in a scheduled security update in April, according to a security blog on the Oracle website:

Those who thought it was safe to re-up Java on their browsers will need to go back and turn it off again. If you listen to us, after you do you’ll never turn it back on. Browser side Java has been made pretty much obsolete by newer technologies, which means you don’t need it, especially since its proving to be about as easy to keep secure as ActiveX, sandbox or no. Here at FOSS Force, we haven’t had it enabled on our browsers for years, with no noticeable problems when we surf the web.