Friday, May 30, 2008

Live Android Demo Video

Live Android Demo - Featured Video on BuzzFeedLive Android Demo: The first full video demo of Google's mobile platform, Android...More Images of the First Fullscreen Live Android Demo.
The first full video demo of Google’s mobile platform, Android. It’s much like the iPhone interface, but more useful and much easier to customize — plus it has Pacman and an awesome compass feature!
Live Android Demo Video On
http://buzzfeed.com/scott/live-android-demo

VTech 5.8Ghz 4 Handset Phone with Digital Answering Machine

VTech 5.8Ghz 4 Handset Phone with Digital Answering Machine
You’re alone. It’s late. You’re up on the roof looking at the stars. Suddenly you want a pizza. But you don’t want to tip the driver, so it has to be a pizza delivered by your well-meaning but gullible best friend. What’s the way to make this happen?

If you’ve got a VTech mi6895/mi6896 5.8Ghz 4 Handset with Caller ID and Answering Machine, it’s easy as a large pie with pepperoni and onions. The 5.8 GHz Digital Spread Spectrum technology will let you use VTech mi6895/mi6896 5.8Ghz 4 Handset with Caller ID and Answering Machine handset #3, which you usually keep in the rain gutter, just in case. Use handset #3 to call the pizza place. Each handset from the VTech mi6895/mi6896 5.8Ghz 4 Handset with Caller ID and Answering Machine has a superior range with excellent security and clarity. As soon as the order is placed (for pickup) it’s time to climb back in the window. Bring that telescope, because you know your neighborhood isn’t safe at night. And maybe bring that handset as well.

Now you’re inside, so you’ll want to stop at the little table you keep at the top of the stairs. Here you can grab VTech mi6895/mi6896 5.8Ghz 4 Handset with Caller ID and Answering Machine handset #2. Remember, each handset can go anywhere in home or office and does not require a phone line. Use the 50 Name And Number Phonebook Directory to get ahold of your buddy. Tell him to swing by and grab the pizza and maybe a movie or two. He’ll say no, but you can talk him into it. He’s well-meaining but gullible, remember.

Then it’s down the stairs to the main floor. Here’s where the VTech mi6895/mi6896 5.8Ghz 4 Handset with Caller ID and Answering Machine handset #1 is. Because you’re a slow walker, it’s been about twenty minutes since the roof and the phone is ringing. Caller ID says that it’s the pizza place, calling to let you know your pizza is ready. That’s service! No wonder you eat there all the time! Let it go to the Digital Answering System. You’ve got up to fifteen minutes of recording time, you can afford to let them talk. You’re on your way to the basement anyway.

Set up the big screen tv and fluff up the couch, because in about ten minutes handset #4 is gonna ring. Sure enough, it’s your buddy, right on time! He’s upstairs with the pizza, a two liter, and a copy of The Magnificent Seven. And as you let him in, you find your order from shirt.woot waiting on the doorstep. What a perfect end to the night!

So don’t be the idiot waving a dishrag in front of his smoke detector because he fell off the roof and burned his frozen pizza. Use the VTech mi6895/mi6896 5.8Ghz 4 Handset with Caller ID and Answering Machine and the good nature of a hungry pal to make sure that you’re the one eating like Mayor Pizza of Pizzaopolis City!



Warranty: 1 Year VTech

Features:

Digital Answering System—Digital answering system will answer the call when you can’t. With a total recording time of up to 15 minutes and instant playback.
5.8 GHz Digital Spread Spectrum technology, providing you with superior security, clarity and range
Caller ID/Call Waiting—Know who’s calling when the phone rings or the call waiting tone alerts with caller ID/call waiting capability delivering name, number, time and day information at a glance.
Handset Speakerphone—With just the touch of a button, hands-free conversations are made easy with the handset speakerphone.
Four handset system – includes 4 handsests and only requires one phone jack
The additional handsets can be placed anywhere in your home or office and does not require a phone line
50 Name and number phonebook directory
Remote message retrieval capability
15 minutes of recording time
Trilingual prompts – choose between English, Spanish or French
Backlit keypad and display
Intercom, transfer and conference calls between handsets
Headset compatible (2.5 mm)
In the box:

Home Base with Answering Machine
4 Handsets
3 Handset Chargers
4 Power Adapters
4 Clips
1 Wall Mount
1 Phone Cable
source-woot.com

UK developers favour open source

UK developers favour open source
The majority of UK developers working with proprietary platforms would prefer to work in an open source environment if given the choice, according to a report from Kingpin Intelligence.

A survey of 400 developers from Kingpin's database revealed that 62 per cent of those who do not use open source for professional purposes prefer to use it when outside work.

More than two fifths of respondents also believe that the 'Lamp' software stack (Linux, Apache, MySQL and PHP) threatens established proprietary platforms.

"This research confirms increasing interest in open source technologies in the UK developer community," said Claire Roy, head of research at Kingpin Intelligence.

"The cost and flexibility benefits of using open source technologies are appealing for developers and organisations in the current financial climate."

However, the report also concluded that existing licences and client requirements are hampering migration.

Quality control is also an issue. Fewer than a third of respondents believe that the open source development process produces higher quality software than Windows-type environments.
source-http://www.vnunet.com/vnunet/news/2217905/uk-developers-favour-open

Thursday, May 29, 2008

Comcast webmail down because Comcast.net was hacked

Comcast webmail down because Comcast.net was hacked
This was the hacker’s message on the Comcast website before its administrators removed it.

There were rumors about Comcast.net being hacked. Comcast was the largest cable operator in the US. There seemed to be conflicting information since there was confusion about Comcast websites. There were at least 2 websites with similar names. Only the secondary domain names were different.


The Comcast.net webpage had a notice that said its website was under construction and it was coming soon. The Comcast.com webpage looked fine but when you click on the link to check email, you would see that it was linked to Comcast.net and email was inaccessible.

The email site was hacked and its hacker posted a cryptic message to announce its supremacy over Comcast. That would be one of the biggest security breaches in a long time. Besides email user passwords, other confidential information like user account details were at risk. It was not known if data theft had occurred.
source-http://stupidcelebrities.net/

Comcast Email Hacked: Webmail security issues, comcast.net site is back up

Comcast Email Hacked: Webmail security issues, comcast.net site is back up
It seems the importance of using a very strong password for emails is a must because the hacking of Comcast email service shows security issues. Many users do not understand obviously how important it can be, even though internet service providers (ISPs) like Comcast using some of the most advanced email security solutions, wonders never cease to amaze because hackers can and will get through.

I have visited www.comcast.net this morning and it seems the site is down with a message on the homepage saying This Site Is Under Construction and Coming Soon but thankfully it is back up and running again, oops so no chance for you to go to Comcast net sign in to login. We all when going to a service like Comcast and other email providers that they use cutting edge email security appliances, but the whole truth of the matter is that much of the Web’s infrastructure is hacked together legacy equipment. In simple terms it is fair to say users should protect themselves from having their online identity compromised, the bottom line is that users should change their passwords frequently and then maybe this hacking problem may ease a little.

Let me say now that anyone using this service that has had the same password for some time now should really consider changing it, the current problems with Comcast web email security solutions proves that it’s vital for us to protect ourselves with effective online caution. Word of warning for those wanting to change passwords, DO NOT use birthdates, pet names or even family names, USE mixed up letters and numbers even down to using uppercase and lowercase characters. I would recommend you changing passwords once a month to be on the safe side,

You should be changing passwords weekly, but even security freaks don’t do it that often. Once or twice each month is really not sufficient, but it’s a lot better than nothing. It’s a simple email security solution that will help you avoid the problems that Comcast email users are having right now.

www.comcast.net is all up and running again.
source-http://www.product-reviews.net/

Google releases Google Earth API, browser plugin

Google releases Google Earth API, browser plugin
Google has released a browser plugin that lets you access most of the key features of Google Earth in your web browser. No need to download and install the standalone Google Earth application. Google Earth provides more detailed imagery and navigational controls than Google Maps. You can also see 3D models of buildings and view KML files in Google Earth.

You do still need to download and install a small utility though. While the plugin works with Internet Explorer and Firefox (2.0 only, Firefox 3 is not yet supported), it's not available through the Mozilla Add-ons page. The plugin is also Windows-only.

The Google Earth browser plugin is powered by a JavaScript API, which Google has also released, allowing web publishers to embed a Google Earth widget in their web pages and build customizable applications around it. You can see some examples at the Google Earth plugin samples page.

Microsoft has been offering a web-based version of its Virtual Earth application for a while now. And Poly9's FreeEarth offers web publishers a similarly custimizable spinning globe that can be embedded in web sites
source-http://www.downloadsquad.com/2008/05/28/google-releases-google-earth-api-browser-plugin/

Embed Google Earth In Your Site

Embed Google Earth In Your Site

The Google Earth Plugin was just released this morning (Radar post) and there is already a handy third-party tool available. This is unsurprising considering the general buzz at Google I/O. If you want to embed a 3D Google Earth Map in your site simply follow the directions below.

Browse to the TakItWithMe.com Google Earth Embedded Map Tool

Paste in a Google Earth KML link or Google Maps MyMap link if you'd like to include an overlay
Click on the 'Load Preview' button. If you did not provide a KML link, you will get a warning before you continue
Use the Map Navigation Controls or your mouse to set the Google Earth viewpoint you’d like to be the default for your map
Click on the 'Set Center and Zoom' Button
Click on the 'Generate Embed Code'
Copy the resulting code and paste it into your webpage or blog where you'd like the map to appear
To create another map, simply refresh the page and start again

I am sure that embedding will be available as soon as Google integrates GE into their main site. While this is something Google hasn't committed to, I think we can assume it will happen. This release of the plugin is Windows only. Michael Jones, CTO of Google Earth, stated that Mac and Linux plugins will be available by August. I assume that Google will wait for those releases before the integration happens.

I met the developer via Frank Taylor at Google I/O. Frank actually has an embed in his post -- I don't have windows on this machine so I can't test before embedding a sample on Radar.
get more details-http://radar.oreilly.com/archives/2008/05/embed-google-earth-in-your-sit.html

Google Earth plug-in for Firefox and Internet Explorer

Google Earth plug-in for Firefox and Internet Explorer
License: Free Editor's Rating: Not rated Average User Rating: (out of 1 votes) Rate it! Downloads: Currently unavailable Requirements: Windows (all), Firefox 2.x or Internet Explorer 6+ Limitations: No limitations Date Added: May 28, 2008 Publisher's description of Google Earth plug-in for Firefox and Internet Explorer
From Google:
The Google Earth plug-in for Firefox and Internet Explorer allows users to view Google Earth content that is embedded directly on Web sites. Developers who want to include Google Earth content on their own sites must apply for a Google Maps API key.
http://www.download.com/Google-Earth-plug-in-for-Firefox-and-Internet-Explorer/3000-11745_4-10847504.html

Wednesday, May 28, 2008

Will Facebook Go Open Source to Spite Google's Open Social Platform?

Will Facebook Go Open Source to Spite Google's Open Social Platform?
In what critics see as a response to Google's push to promote itsOpen Social platform, rumors have surfaced that Facebook will be making its application platform open source.

Google originally launched Open Social a couple months ago as a common platform for the creation of custom applications for social-networking Web sites. The platform uses common APIs or application programming interfaces to make applications adaptable to a variety of different services. Yahoo and MySpace have already expressed interest in Open Social.

Facebook's application platform is nearing its one-year anniversary. Over the past year the ability to create and use custom applications has proven as a big selling point of the social-networking service.

Turning the application platform open-source would allow developers to easily adapt applications for a wide variety of other social networks and other services without needing Facebook to intervene as a middle-man. Open source could also eliminate many of the complaints regarding Facebook's application platform.

Google's been in the business of proving and demonstrating that an open-source platform is always a good path, so now it's just time to wait and see how decision will affect the growing world of customized social-networking applications.
source-http://blogs.pcworld.com/

Google sets pricing for app hosting service

Google sets pricing for app hosting service
Google is announcing pricing for its App Engine service for Web application hosting Wednesday, maintaining a free tier, then charging for storage of more than 500MB of data.

The company at its Google I/O conference in San Francisco also will expand access to the service and add APIs for caching and image manipulation. The service has been in a limited preview period since early April.

The pricing plan has developers still getting around 500MB of data and 5 million page views per month for free. After that, developers will pay 15 cents to 18 cents per GB of data stored monthly, according to Google.

Also, developers will be charged 10 cents to 12 cents per CPU core-hour consumed. On the bandwidth side, developers will pay 11 cents to 13 cents per month per GB of data transferred out of App Engine and 9 cents to 11 cents per month per GB transferred into App Engine, Google said. The pricing schedule is to be effective later this year.

Through its App Engine program, Google is looking to address the issue of it being too difficult to develop Web applications. "With App Engine, we hope to reduce that difficulty," by making the development experience easier and removing the startup costs, said Pete Koomen, product manager for App Engine at Google.

App Engine also will allow anyone to use the service, expanding beyond a list of 10,000 developers that gradually had grown to 60,000 developers. "We've decided to open the floodgates," Koomen said.

More than 150,000 developers have been on the product's waiting list.

With App Engine, developers do not need to concern themselves with such functions as provisioning of machines. "There's a lot there, and it's often very time-consuming," as well as costing money, Koomen said.

Google's caching API for App Engine will make it faster for developers to render applications. An image manipulation API allows developers to transform images like JEPG images in their applications, Koomen said. These images can be resized or rotated.

With App Engine, Google seeks to make the network the center of power in computing, shifting it away from the desktop, said analyst Al Hilwa, program director for application development programs at IDC. "That's their strategy, that they're moving the center of power," he said.

Google's price tags for its App Engine services sound reasonable, Hilwa said. Smaller companies and departments in established companies could be the primary benefactors of App Engine, but risks need to be assessed in farming out Web operations to another party.

"There's always risk, and I think the biggest risk is you've got infrastructure that is being run -- something strategic for you as a company -- that's being run by someone else," said Hilwa. Google's interest in the service might change over time, Hilwa said.
source-http://www.infoworld.com/article/

Google's open-source balancing act

Google's open-source balancing act
Chris DiBona's job--manager of Google's open-source programs--is a balancing act.

Google consumes a lot of open-source software for its own highly profitable business. But as he oversees the search powerhouse's open-source work, DiBona has to ensure that the company reciprocates. It can't be all take and no give.



Chris DiBona, Google's manager of open-source programs

(Credit: Stephen Shankland/CNET News.com)
Free and open-source software advocates can be powerful allies--but also vocal critics. For example, some have critized Google for its lack of support for the Affero GPL license, which can require those using software for a publicly available network service to share modifications they've made to an AGPL software project.

DiBona thinks Google strikes the right balance, though, by offering its own modifications back to many open-source projects, advocating the philosophy in general, and trying to nurture the next generation of open-source programmers.

DiBona has been steeped in open-source software for more than a decade. Before his job at Google, he worked for Slashdot, still an influential virtual water cooler for open-source discussion. Slashdot was part of Linux server maker VA Linux Systems, which had a spectacular initial public offering in 1999 followed not long after by a drastic cutback.

DiBona will be preaching the open-source gospel at the Google I/O conference Wednesday--"open source is too good to be true and thus must be magic," according to the agenda--but I sat down with him beforehand to hear his view of open-source software at Google.

What's the view of open source within Google?
I asked myself, "Who am I trying to address?" The world of open-source business? No. The world of the open-source enthusiast? No. I'm really looking to work with open-source developers. We came up with these goals for our group: to support open-source development in general, which means to support open-source infrastructure; support the release of open-source code, from Google and in general; and to create more open-source developers, because especially when I started, there was a perception that Google took a lot of people from the open-source world and then went away. It was partly true, because people would come here and say, "Wow, I've been working on my open-source project forever, and I want a new problem," and we have a very good class of new problem. So they kind of went away.

That was too bad. The last thing we wanted as a company was to hurt the release of open-source software, because we consider it pretty important. We use a ton of it. Every engineer we bring on--how much open-source do they want to use? We have new packages and new libraries being brought into the company all the time. It's our group's job to track that. As we brought people in, we wanted to be sure more open-source developers were being created. So that's where we came up with the Google Summer of Code, and now we have a high-school flavor of that as well. I think we've made a very real impact in creating new people in the open-source world.

I'm curious about maintaining a balance between contributing back to upstream projects vs. maintaining your own internal forks. How do you go through that evaluation?
Google considers some projects more important than others. Obviously the Linux kernel is incredibly important. Every time you use Google, you're using a machine running the Linux kernel. We have a fairly large kernel team, and we employ people whose job is just to work on the external kernel. Andrew Morton is a good example of that. We try to make sure those guys patch out (submit their modifications to the main open-source project) whenever they can. It's usually more dictated by the engineer's time than it is any lack of desire on our part. I always wish we were able to release more, but it takes time for an engineer to do that. For the larger efforts, it's a little easier because there are more personnel on it.

The same thing goes for our compilers (software that translates programmers' code into instructions a computer understands). The great thing about our compiler team is they patch as a matter of their jobs. They're always patching out things from the compiler work we do internally to the outside world. We recently released the new linker, Gold--Ian Lance Taylor works for us on our compiler team. He's been on the GCC team forever. He used to be at Cygnus (a company that developed GCC). We have a lot of ex-Cygnus people.

Then there are Googlers who just want to patch into an existing projects. They found a bug, they want to add a feature. That takes no time at all. Our team looks at the first couple patches an engineer wants to send out, makes sure the engineer knows what they're doing with the outside world, then they're basically given free rein to do that. They keep us posted on what they're patching. We want to make sure our code gets out to the projects as fast as possible because projects keep on iterating. If you don't get your patches in, they won't get accepted, because they'll be too old or won't matter. If you've got a patch, getting it out there fast is better for us, because then as that project iterates and comes back into the company, we don't have to reapply a patch.

What are the most important open-source projects you ingest?
The kernel, compilers--GCC, the Python interpreter. Python is very important to us. Google App Engine--it's a Python hosting system, basically. Java is very important to us, and that's become open-source now. We have some very good Java people working for us--Josh Block, Neil Gafter--they've got a great handle on that technology.

Once you get past those three projects--the compilers, the languages, the kernel--then you go to the libraries. For us that's OpenSSL, zlib, PCRE. MySQL is hugely important to us. Past that, it starts tapering off pretty quick.

Has the open-sourcing of Java changed anything for you?
Not really. I think it had more impact on the outside world than for us. Java is a fairly mature language now. We've been using it for a long time. Before, it was the JCP (the Java Community Process to govern Java's future)--it had the rubric of openness around it. It was never really not so open. There are questions around what open source means now around Java, specifically J2ME (Java's mobile edition for gadgets such as cell phones) and the TCK (the technology compatibility kit).

Are you using a super-uber-customized Linux kernel, or are you guys pretty much vanilla?
I don't think there's such thing as a customized Linux kernel anymore. The kernel is incredibly flexible. It's got all these different architectures. I think the Linux kernel itself is this ubercustomized thing.

But do you have a lot of in-house customizations?
Not a lot. Google is exposed to some interesting hardware before the rest of the world. So internally we'll be sampling code for that hardware. So that's pretty custom stuff. But eventually that goes to the outside world. We funded some work with a group in Berkeley called Xorp to bring high-speed Broadcom networking chip functionality to Linux. It's not in our interest to keep control of it ourselves. So is it customized? Absolutely. But is it heavily customized? I don't think it is as heavily customized as you might think.

Is it true you still use 2.4 kernels?
In some places, sure.

How about for the core search product?
I don't know how it's partitioned out. When you think of Google, you think of search being on top of a kernel that's static. It's not always like that. It differs on data centers. I think 2.6 predominates, though.

There's been discussion about reciprocity. When General Public License (GPL) version 3 came out, the Free Software Foundation dumped the Affero clause out of GPLv3 and split it out into a separate license. Eben Moglen (co-founder of the Software Freedom Law Center and then counsel to the Free Software Foundation) said, to paraphrase, "If Google starts getting too parasitic, then we'll re-evaluate it." How worried are you of getting a negative perception of using more than you contribute?
I do worry about this. I think it is a largely incorrect perception. You can always give out more, and there are always people who will never be satisfied. Could we be giving back more? Sure. One of the ways I ameliorate that problem is (through) projects like the Summer of Code. Google is releasing every year, not counting Android or the really large open-source projects like GWT, a new project every two or three weeks. Or patching hundreds of projects a month. I conservatively estimate we're releasing about a million lines of code a year from the company.

If you talk to open-source developers--people who are working on projects--I think they understand that. It came back to who do we want to interact with. I always felt the enthusiast community would understand that eventually, and I think that's true. There are some people who are upset with us because we didn't embrace the Affero-style GPL, but it's not practical for us to do so. When they had an Affero-style clause in GPLv3, the thing I told Eben was, "Listen, you can adopt whatever you want. We'll still keep on backing up the FSF and the SFLC as much as we can, but it means we won't be able to use that license inside, because it won't be practical for us to do so." I think that's a very realistic response. The Affero GPL is out there. That's great for the people who use it. It's just not for us.

That's the thing about free software. You're not obligated to use it. We have enough fine-grained control within the company that we don't use things we don't want to use.

What are your preferred licenses?
We generally release under the Apache License--Apache 2. We think it has the fairest language of the licenses. And the GPL requires a lot of management--more than we have time for to run a project well under that license--patch flow and all that. Apache 2 encourages people to take the thing and run with it. That's what we're going for when we release code, whether it's to have people adopt technologies we really like, or for API examples. That said, we've released things under the GPL, LGPL, GPL version 3, BSD. We default to the Apache License.

To what extent to you subsidize gurus to sit around and work on important projects?
We've got people like Jeremy Allison and Andrew Morton and some of Guido (van Rossom)'s time. He's been working pretty heavily on Google App Engine and Mondrian. It's more common that we...try to make open source a part of their job, so they're patching out to the libraries they use. We think that's more healthy than having people whose job is just working on an open-source project.

You use open source a lot internally. Do you have some kind of intellectual property vetting or review before you use it?
We do. There are two ways we do this. When somebody wants to bring a piece of code in from the outside world--open-source or commercial--you need to put it inside a special directory we call "third party." They're required to put in a file called readme.google (that describes) where they got that software, how it's licensed, what category that license falls under. We look for things that are obvious. There are some projects that have dubious intellectual property provenance, and we know those, and we know the people who run them, and we tend not to use those ever.

Since Google doesn't distribute a lot of software, we have it easier than companies that ship hardware and software. We have a couple situations where that does happen--the Google Search Appliance, some of the downloadable applications. Those get a little extra attention. Similarly, when we have larger projects like Google Android, we have a higher ceremony--every two weeks we get together and see if the license picture has changed.

The tracking model works really well for us. We have tools written where a program manager or a release manager can turn on a certain level of warning within the build tool and it will tell them what open-source software they have and how they have to comply with it. At that point we set up a mirror for them as they get closer to release.

So that's the first way we track things. The second way is whenever a Googler puts in a changelist now--this is something we're just starting to do--we compare it against all known open-source code on the Internet using our Code Search product. We compare the changelist that comes from your average Google engineer against that database of code and we look for intersections. When we find an intersection, we take a look and see if it's truly a copy. And if it is, we make sure it's in the right directory and that it's properly labeled. And we call up the engineer if it isn't and make sure it gets tagged properly so we can do the right thing by these licenses.

That tool is kind of in its infancy. We're trying to figure out ways to automate what it does. But it's great because it scales programmatically. Our group's goal is not to break builds or stop development. It's to enable developers to use as much open-source as possible. We think it's healthy, because then they're not writing that code, they're writing other code.

Do you vet code for patent or copyright?
No. We have legal people on our lists. We have two main lists that track these things. Open-source licensing for incoming code and open-source releasing for outgoing code. Legal has a presence there. Patents are incredibly tricky.

Is it easier to get hired at Google if you have experience maintaining your own open-source product or patch?
If you have made a name for yourself in open source, clearly it helps. If you have a healthy project in open-source, I believe it helps. One thing I see on hiring committees is when somebody has an open-source history, it's really great. You can just look at that history. Interviews are great, but they're not very deep. They're only 45 minutes long. So how can you really get a feel for if a person is good at programming, at computer science?

Or at social relations, for that matter.
Open source really reveals that incredibly quickly. You can look at their code, at their activity on mailing lists, how they deal with bugs from real people, and real user problems. That's an incredible resource.

The Summer of Code isn't really a recruiting program. If it is, it's a really expensive one. Last year we created about 2 million lines of open-source code across the 900 students who took part. Of those probably a third are going to stick around with their projects, because the rest have to go back to college.

We have a couple students who have been in the program two or three years. The whole point is to support kids over the summer so they can go and program and not get some other job that has nothing to do with computer science. It's our fourth year doing it. This year we've go 1,109 students doing it across 95 countries.
source-http://news.cnet.com/

Tuesday, May 27, 2008

Security, Open Source Style

Security, Open Source Style
Today we’re excited to announce another community initiative — the Open Source Software Security community (oss-security). This project is an ongoing effort to manage security information in open source software by building on the collaborative foundation of the open source model.

The purpose of oss-security is to encourage public discussion of security flaws, concepts and practices in the open source community. We don’t want to simply be an information clearinghouse, or to replace any of the current security lists and groups. The goal is to fill an existing vacuum by encouraging active participation of those interested in the ideas and unique challenges in securing open source software. This includes activities such as flaw discovery, understanding, reporting and overall best practices.

The oss-security community was initially founded by individuals from Foresight Linux, Mandriva, Openwall and Red Hat, and has since grown to include contributions from many other projects and individuals. The computing resources are currently graciously donated by the Openwall Project.

If you have an interest in the open source security space, we encourage you to participate in the oss-security community by adding content to the wiki, contributing to mailing-list discussions or joining us on IRC.
source-http://www.press.redhat.com/

Open Source Integrator, CIGNEX, Authors Book on Liferay - Leading Enterprise Portal Solution

Open Source Integrator, CIGNEX, Authors Book on Liferay - Leading Enterprise Portal Solution
CIGNEX Technologies Inc., the leading systems integrator for open source content management solutions is proud to announce Dr. Jonas Yuan’s recent contribution to the community with the release of “Liferay – Portal Enterprise Intranets.” The first of its kind, this book covers a complete corporate intranet implementation based on the Liferay Portal Solution.

“This book is a great resource and tool for people interested in learning about Liferay and deploying Enterprise Open Source Portals. With the time and effort on this book, Jonas and CIGNEX have demonstrated their commitment to the Liferay community,” comments Brian Kim, COO of Liferay.

Jonas walks you through the process of installing and streamlining your organization’s intranet. This book is a complete guide to building an intranet with Liferay. It covers installation, use, and customization of Liferay in great detail. There are many step-by-step examples to provide the readers with a hands-on learning experience. A definitive guide to Liferay it (Liferay-Portal Enterprise Intranets) reflects the experience of over 80 Open Source CMS and Portal solutions that CIGNEX has successfully delivered.

“This book is the third in a series of books on Open Source ECM and Portals that CIGNEX has authored – in an effort to promote the adoption of these Open Source products,” says Navin Nagiah, CEO of CIGNEX. “With more than 50,000 downloads a month and the recent success with their 5.0 release, Liferay has clearly emerged as the leading Open Source Portal.”

A downloadable chapter of the book – An Introducion to Liferay – is available at CIGNEX (http://www.cignex.com/site/resources/offers/ dl_form.html?p_file=DL_liferay_sample_chapter.pdf).

The book is now available online at:

http://www.packtpub.com/building-liferay-portal-enterprise- intranets/book

source-http://www.businesswire.com/

Open source on the wire

Open source on the wire

While it would be difficult to find any infrastructure component that does not leverage open source code, one spot where it has yet to leave its mark is the network.

But companies and projects are challenging that with full-fledged, open source routing platforms built on Linux or FreeBSD and running on standard x86 hardware, Paul Venezia explains in Open source on the wire.

"When all is said and done, there’s little argument against using open-source routing and firewalling tools in most any network, as long as your admins are comfortable with the technology."
source-http://weblog.infoworld.com/

Cisco proposes open-source alternative to Soap

Cisco proposes open-source alternative to Soap
Cisco has announced an alternative to the web-services protocol Soap — and made it open source. Cisco says its Etch messaging protocol will be more efficient than the Soap standard and the company will release the source code.

A beta version of Etch will be launched this summer, as part of version 2.5 of the Cisco Unified Application Environment (CUAE). Within that environment, it will replace the W3C (World Wide Web Consortium) standard, Soap, says Cisco, providing a more lightweight and faster interface, suitable for real-time interaction.

The Soap standard is not well supported across different platforms, with different vendors supporting different subsets, said Louis Marascio, director of engineering for the CUAE platform at Cisco, according to a report in CIO.com. Etch will be 100 percent compatible on all supported platforms, he said.

Soap interfaces are defined in a complex file in the W3C standard WSDL (web services description language), but Etch will use Cisco's own interface definition language. This makes it more efficient, claims Cisco, which quoted its own test bed for 900 Soap calls a second that could manage 50,000 Etch messages a second, or 15,000 full two-way transactions based on Etch.

Etch will initially support C# and Java, with Ruby, Python and C planned, and the software will be open source so developers can incorporate it into products. The licence will probably not be GPL, but a less restrictive licence such as the ones used by Apache or Mozilla, reports CIO. Cisco is also considering handing over Etch to the Internet Engineering Task Force (IETF) standards body.

"Cisco's open sourcing of Etch probably has less to do with any corporate love for open source than with a realisation that the most viable way to take on an incumbent in an established software market is with open source," commented CNET News.com blogger Matt Asay. "Proprietary software is a way to guard one's position. Open source is a way to create a new position."

Others are sceptical. "Etch is really just adding more stuff to be developed, tested, deployed, managed, maintained and integrated, yet it doesn't actually solve any new problems or solve any old problems better than what already exists," said middleware expert and IEEE senior member, Steve Vinosk, in a blog post.

Vinoski said faster performance is not enough to recommend a new protocol, when the bottleneck in a distributed system probably lies elsewhere, and other issues beyond speed will affect the working of a system.

source-http://news.zdnet.co.uk/

Chip Company Unveils Open Source PC Design

Chip Company Unveils Open Source PC Design
VIA Technologies, the self-proclaimed No. 3 maker of Intel-compatible processors, has unveiled a new "reference design" for ultra-portable computers based on the company's own low-power chips.

Making a reference design is common fare in the high-tech industry. Chipmakers like Intel have been doing it for years as a way of proving the technical viability of a product concept. What sets VIA's approach apart is that the company is posting the computer-aided design (CAD) files for its OpenBook PC under a Creative Commons license. Anyone with design skills and a burning desire to get into the PC business can download the files, modify the design and go into business selling ultra portables.

Taiwan-based VIA will even help aspiring Michael Dells find Asian manufacturers to do the hard work of turning those CAD files into real, plastic-and-silicon products.

VIA's design is on the commercial end of a growing spectrum of "open source" hardware. On the other, more noncommercial end are hackable hardware kits like the Arduino platform, which was used by many exhibitors at the recent Maker Faire in San Mateo, California. Open source aficionados were also buzzing last week about the release of the OGD1, a development kit that could be used to create open-source graphics cards.

If VIA's idea takes off, it could help add more juice to the already-humming market for ultra portables. That market, which had long foundered on the impractical aspirations of a tiny minority of mobility-obsessed hardware geeks, took off in earnest last year with the success of the Eee PC, Asus' $400, Linux-based ultra portable.

For industrial designer Scott Summit, VIA's move is part of a gradual shift toward more highly-customized manufacturing, in which small companies and even individuals are able to design and build their own products, thanks to the decreasing costs of fabrication.

"The idea of open source manufacture is taking shape, and we're going to see more of it because the barriers (to highly customized production) are really starting to evaporate," says Summit.

VIA's design calls for a 2.2-pound PC with an 8.9-inch screen, a webcam, up to 2GB of RAM, an 80GB or larger hard drive, and built-in Wi-Fi and Bluetooth (or, optionally, WiMax or 3G cellular data). It's not wanting for ports, either, with an Ethernet jack, three USB ports and an SD card slot.

The design is aimed at smaller design-manufacturers and upstart PC companies rather than big PC manufacturers like HP or Dell, who create their own designs (like HP's new MiniNote) from scratch.

"When we look at reference designs, they're helpful, they're insightful, they give us an optimal layout from an engineering perspective -- but they don't target what we're aiming for," says Stacy Wolff, a notebook design director for HP.

VIA's hope is that its design will encourage new designers to make ultra portables that are a little less ugly than the usual fare. It's a bet that the PC market will soon follow in the footsteps of the cellphone market, where what's under the hood is less important than how it looks.

"It's not really about the components inside at all," says VIA vice president Richard Brown. "It's personal jewelry."

Almost makes the idea of starting your own computer brand sound a little sexy, doesn't it? And for the chipmaker, it's not far from the notion that if you want to get a fence painted, start painting it yourself and try to make it look fun.
source-http://www.wired.com/

Open-source graphics card available for pre-order

Open-source graphics card available for pre-order
After four years of development, the Open Graphics Project last week made available for pre-order its first open-source graphics card.

The Open Graphics Project (OGP) and its commercial sponsor, Traversal Technology, aim to bring to market a graphics card with complete and fully open documentation and open-source drivers.

The project was inspired by the chronic difficulties experienced by open-source software suppliers in finding compatible hardware — in particular, compatible graphics hardware — according to the project's leaders.

"One of the major challenges for free software is finding compatible hardware," Traversal said on its website. "The OGP was started in response to poor support from graphics vendors." Graphics hardware generally uses proprietary designs, making it difficult for open-source developers to create compatible drivers.

The problem is greater for open-source operating systems with smaller user bases, and thus smaller development communities, such as some variants of the Unix-like operating system BSD, or with hardware architectures that are not normally supported by graphics companies.

"Open-hardware projects like the OGP ensure that no-one is left without the ability to make the hardware they purchased work — whenever, wherever, however they want it to," said Traversal on its website.

The initial product, OGD1, is intended as a prototyping tool, according to the project's co-ordinators. The board could be used to develop an initial version based on an application-specific integrated circuit (ASIC) board, the next step towards making a commercial product, according to Traversal.

The product is also to be used as a fund-raising venture, intended to help with the estimated $2m (£1m) cost of beginning ASIC production, Traversal said. "To bootstrap our other open-hardware efforts, we need a source of revenue. That revenue will be directly invested into more open-hardware products," Traversal stated.

The product is selling for $1,500, with a $100 discount for the first 100 orders. Traversal said the target of 100 orders must be met before production can begin. Traversal and the OGP said they are planning to release full documentation for the product under open-source licences, as well as open-source versions of all related software, such as drivers.

The OGD1 has two DVI connectors, S-Video, 256MB RAM and a 64-bit PCI-X connector. It is based on a Xilinx Spartan-3 XC3S4000 field-programmable gate array (FPGA). A FPGA is a reprogrammable architecture, meaning the developer can customise the hardware for a given type of workload. This means the card could be used for other purposes besides simply processing graphics, Traversal said, suggesting that computational workloads could be offloaded to the card.

Hardware designers could use OGD1 as the basis for an end product, while developers could repackage and resell OGD1 with custom software and other modifications, the project suggested. Traversal noted that graphics card maker ATI has begun releasing programming documentation for its graphics processing units (GPUs), but said that the documentation is still insufficient for certain types of uses or for writing drivers for hardware platforms that are not already supported.

Traversal said it has developed the logic and drivers needed for the card to function as a normal graphics card, but is not authorised to release all the software due to licensing restrictions. The company said it is finishing work on open-source versions of the needed drivers and logic.

The card was designed by Traversal engineers Timothy Miller, Andy Fong and Howard Parkin, who have experience developing graphics hardware used in air-traffic control systems and military installations, the company said.

source-http://news.zdnet.co.uk/

Will open-source Facebook accomplish anything?

Will open-source Facebook accomplish anything?
The rumor mill is swirling that Facebook is set to announce the open sourcing of its application platform. While presumably a response to Google-led OpenSocial, the larger question is whether it will matter.

Open source is very good at some things, and not so good at others. For example, if Facebook wants to open source its application platform to make it easier to create and integrate applications into the Facebook platform, open source is good at that. Just look at Mozilla's Firefox or Drupal.

But is this Facebook's biggest problem? Ben Lorica hints at a bigger underlying problem that no code license can solve:

Actually, the more probable scenario is that (closed) social networks become less important over the long term. With more web applications incorporating social features, users will gradually "leave" closed social networks altogether. Already, I know less and less people who use Facebook regularly. Most people I know log in only when they receive a "friend" request - sadly hugs, gifts, zombies and pokes are losing their allure.
The primary problem with Facebook is not applications. The primary problem with Facebook is utility. When was the last time that Facebook enabled much of anything useful in your life?

It does happen, but not as often as it should. Dave Rosenberg and I spent some time the other day looking up old friends. I found someone from my fourth grade class in Virginia on Facebook on Friday. I had no idea what to do with that information, but there it was.

I use LinkedIn for recruiting. It provides tangible business value that I can expense. I've tried to use Facebook but it's such a bundle of obnoxious noise that I have no idea what to do with it. I've said before that Facebook's biggest opportunity is to enable real communication between real friends, and then monetize it, but it's going to have to abandon its "friendly" promiscuity first.

Open source is not going to save Facebook from itself. It may well turn the social networking space into a "race to openness," as Glyn suggests. This will be good.

It might make Facebook a more relevant development platform, but it's not going to resolve Facebook's core business problem, which is that today it offers precious little business value, by which I mean that its consumer data/interactions are too dirty and too random to yield substantive value that advertisers and others will pay to access.
source-http://news.cnet.com/

Monday, May 26, 2008

Bakbone extends NetVault support to VMware ESX

Bakbone extends NetVault support to VMware ESX
Bakbone Software is the latest backup vendor which now supports VMware environment.
It's product, NetVault 8.1, supports both virtual machines deployment and Consolidated Backup (VCB) feature offered by VirtualCenter.
source-http://www.virtualization.info

China Announces Telecom Restructuring

China announced a restructuring plan for the country's fixed-line and mobile operators on Saturday, a final step towards the long-awaited release of 3G (third-generation) mobile licenses.


The plan, long a focus of discussion among Chinese government organizations, will merge or split the operations of Chinese carriers, creating three new operators that will have both mobile and fixed-line services. At present, Chinese fixed-line operators-- which are split along geographical lines-- are not permitted to offer mobile services, while mobile operators may not offer fixed-line services.


When the restructuring is completed, China will issue 3G licenses, the government said in a statement (in Chinese) that was signed by the newly formed Ministry of Industry and Information, the National Development and Reform Commission, and the Ministry of Finance.


By restructuring the operators into companies that offer both types of services, the Chinese government hopes to enhance the competitiveness of local operators and clear the way for 3G licenses to be released. China has one of the world's biggest mobile markets, but will be one of the last to roll out commercial 3G services.


Under the restructuring plan, fixed-line carrier China Telecommunications (China Telecom) will acquire the CDMA (Code Division Multiple Access) mobile network from China United Telecommunications (China Unicom). China Telecom will also acquire China Satcom, which offers satellite-based communications services.


China Unicom will retain its GSM (Global System for Mobile Communication) network and merge with fixed-line operator China Network Communications (China Netcom).


China Mobile Communications, China's largest mobile operator, will merge with China Tietong Telecommunication, which operates a national fixed-line network.


The statement that announced the plan did not offer a deadline for when the restructuring will be completed, but a report by the official Xinhua News Agency estimated the process could take 12 months to 18 months.

source-http://news.yahoo.com/

Thursday, May 15, 2008

PS3 Update 2.35

PS3 Firmware Update 2.35 Now Available

Sony Computer Entertainment America (SCEA) today announced that the next system software update for PS3 will be released shortly. This is a relatively minor update to improve stability of some PS3 titles. Update - the firmware is now available for download.
PlayStation 3 Getting 2.35 Firmware "Shortly" (As In Right Now) Eric Lempell, Director of PlayStation Network Operations, writes on the official PlayStation blog that PS3 owners will be downloading new firmware revision any minute starting right now, a "relatively minor" update that will "improve stability of some PS3 titles." Officially, "this upcoming firmware update isn't related to GTA IV" so don't get your hopes up too high, folks!