The H Week - Oracle & open source, Fedora & SourceForge hacked, browser protection
This week saw further changes for open source communities as Oracle continued to realign and monetise many of the projects it inherited through its purchase of Sun. Fedora and SourceForge had their servers hacked and malware continued its rapid growth. Arrests were made in the wake of "Operation Payback" and Sony was granted a restraining order against PS3 hacker George Hotz. Mozilla and Google announced their different solutions to browser protection from advertiser tracking,
Featured
This week, The H published the first in the series of Kernel Logs on the 2.6.38 kernel and a feature by Glyn Moody on why Apple will not retain its lead in the tablet market.
Open Source
LibreOffice, the open office suite fork of OpenOffice, made good on earlier promises and issued its first stable release, shortly followed by an OpenOffice release. The KDE project released version 4.6 of its desktop environment for Linux and Unix, and Google issued a preview of Android 3.0 and its SDK.
- LibreOffice 3.3 final released
- OpenOffice.org 3.3.0 final released
- KDE SC 4.6 final released
- Android 3.0 Platform Preview and SDK released
Oracle was again in the news as it realigns the various open source projects it inherited through its purchase of Sun Microsystems. An independent patent expert claimed that Google's Android did contain Oracle IP. Oracle nominated Brazilian Java user group SouJava as a prospective member of the Java Community Process Executive Committee. The Hudson developers seem likely to sever any connection with Oracle and move development of their open source continuous integration software to an independent host; this will require a change of name. Pleading low take-up and the need to focus limited resources, Oracle dropped Ruby on Rails support from the development of version 7.0 of the NetBeans IDE.
- Patent expert: Android code infringes Oracle's copyright
- Oracle nominates user group to JCP EC
- Oracle fails to keep Hudson creator's trust
- Oracle pulls Ruby on Rails support from NetBeans 7.0
Open Source Releases
- Mozilla releases first alpha for Camino 2.1 Mac web browser
- WordPress 3.1 RC3 tuned for testing
- Oracle releases update 6 for Oracle Linux 5
- VLC Media Player 1.1.6 fixes critical vulnerabilities
- FreeBSD 7.4 RC2 arrives
- Wine 1.3.12 integrates DOSBox
- jQuery 1.5 nears with release candidate
- Opsview Community 3.11 adds native SUSE Linux support
- OpenSSH 5.7 released
- WordPress for Android adds QuickPress shortcuts
- Wireshark 1.5.0 development preview arrives
- Mozilla issues Firefox 4 beta 10
- Perl 5.12.3 released
- Sabayon Linux 5.5 improves boot time
- Alfresco Enterprise 3.4 brings enhanced user interface
- CodeWeavers releases CrossOver 10 "Impersonator"
Security
Two high profile code distributors, Fedora and SourceForge, had their servers hacked. While Fedora was relatively unscathed, the effect on SourceForge was more serious. A report from the Rendon Group on the lessons learned from the worldwide spread of the Conficker botnet worm was published and statistics published by AV-Test show the continuing and rapid rise of malware in the wild. Arrests were made in the UK of alleged participants in the "Operation Payback" protest against the treatment of WikiLeaks figurehead Julian Assange. The Russian ambassador to NATO warned that the Stuxnet worm could have been used to trigger another Chernobyl.
- Fedora infrastructure hacked – no damage done
- SourceForge disables servers after break-in
- Conficker: Lessons Learned report published
- 50 million viruses and rising
- More "Operation Payback" arrests
- Russia claims Stuxnet could have triggered second Chernobyl
George Hotz, the PS3 hacker, received positive overtures from Microsoft while his 'victim', Sony, obtained a restraining order against him. Microsoft also offered helpful advice to those using location aware services and devices. Mozilla advocated the adoption of a new data protection standard involving advertisers honouring a browser setting which indicates the browser user does not want to be tracked. A day after Mozilla's announcement, Google released its own answer to the problem: a cookie management extension that allows retention of opt-out cookies while others are deleted.
- Microsoft woos hacker George Hotz
- Restraining order against PS3 hacker George Hotz
- Microsoft offers advice on location privacy
- "Do not track" - Mozilla advocates new data protection standard
- Google releases data protection extension
Facebook added the option of encryption to all its data transmissions and the Internet Systems Consortium issued an update to fix a DoS vulnerability in the DHCPv6 server.
Security Alerts
- Critical vulnerability in VLC player
- Critical vulnerability in Opera web browser
- VLC Media Player 1.1.6 fixes critical vulnerabilities
- Opera 11.01 closes critical hole
- Security update for RealPlayer
For all last week's news see The H's last seven days of news and to keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.
(crve)