Apache's Ongoing Licensing Bout with Sun
The recently updated Java Specification Requests (JSRs) show that the licensing battle between the Apache Software Foundation and Sun Microsystems (the force behind Java) still hasn't ended after raging for seven years.
Sun's table of JSR reviews per company show nice little green check
marks next to Google, Fujitsu, HP and many others. Apache is the only one marked with a big red X. The vote log for Apache includes the statement,
"Apache must regretfully vote 'No' for JSR-316, as we contend that the spec lead - Sun Microsystems - is not complying with the JSPA [Java Specification
Participation Agreement] with respect to Java SE TCK [Technology Compatibility Kit] licensing. We believe that members of the JCP [Java Community Process] that do not comply with the letter and spirit of the governing rules should not be allowed to lead JSRs." The Java Community Process is a collaborative wherein participating developers and organizations decide about the further development of the Java programming language.
Apache Harmony, an Apache Software Foundation (ASF) project, is tasked to address any disharmony with Open Source Java SE. Developers have been
complaining that the test kit license for Java SE didn't meet the principles of free software and was too restrictive in its usage. According to the ASF,
Harmony has been using the Apache license instead of the General Public License (GPL) and the Java Compatibility Kit (JCK) license should be made
compatible. The first public complaints in this regard go as far back as 2002.
At least some parts of the Java community are pretty annoyed. The JavaLobby blog from Irish developer James Sugrue looks into the reason for the conflict and ends, "With the OpenJDK available
anyway, does Harmony still have a place in the community?" Other commentators have been looking for solutions. Red Hat, for example,
supplemented its "yes" vote with the comment, "in the future, for any submitted JSR (by Sun Microsystems or not), we will specifically expect the
spec lead to provide clear information on that aspect and take the answer in account when casting our vote."
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.