- Apple ranks first in security bug count
- Does Microsoft’s shared source program pose a risk when it includes China, Russia?
- Facebook for hackers shut down in Pakistan
- New version of Zeus malware kit targets banking credentials
- Oracle patches almost 5 dozen security holes
- Confusion clouds real malware threat
- Zero day reported to Microsoft by Googler fixed in 33 days
- Why you should always set a PIN for phone service voice mail
- 25,000 PCs attacked with latest Windows zero day flaw
- Experts warn of new Windows shortcut flaw
- Mozilla refreshes its security bug bounty program
- Windows token kidnapping flaw
- DNS root zone cryptographically signed but just another step along the way to securing DNS
- Intentionally woefully non-secure Linux distro
Slashdot links to a post from former MySQL contributor, Brian Akers, that is part conference report from SCALE and part retrospective on MySQL’s effect on how business people viewed the GPL. For one, Akers lays the prevalence of the questionable dual licensing practice in open source at the feet of MySQL. He charts it as part of a trend where investors and potential investors viewed MySQL as a sort of abbreviated map, an executive summary, of the rest of the FLOSS world.
The silver lining is that Akers seems to think this chapter of MySQL’s not always constructive influence on the GPL is over, with the Oracle acquisition of Sun. It stands to reason that the swallowing of the project by a company not known for its open source enlightenment would break this sometimes vicious cycle with investors looking elsewhere for a quick read on what to expect with open source focused businesses.
I have withheld remarking on the current debate over the fate of MySQL at the hands of Oracle. While I tend to agree with critics of the database giant for its less than stellar track record with open source and free software, I am generally inclined to afford the benefit of the doubt.
First, I don’t see the commitment to open source and/or free software as a binary decision. And second, other companies with just as bad, if not worse, reputations have worked hard to make good. Not all of them, mind you; Microsoft has drawn my irritation for paying marginal lip service to open source with some really not very credible follow through (or lack thereof).
Jolie O’Dell at ReadWriteWeb shares the thoughts of the man most appropriate to comment on the future of MySQL, one of its co-creators, Monty Widenius. I think he stated the core issue quite succinctly, with evidence to back it up. It is hard to argue that Oracle has not left itself room to suffocate the open source database slowly. Whether it makes sense for them to do so or not is immaterial as I think Monty’s point is fair that they could do so. Further, all he asks is that they either address the key omissions he lists or otherwise relinquish stewardship of the project.
Oracle already has a response, according to Slashdot. Just glancing over it quickly, it looks good to me but if critics are concerned as much about what Oracle doesn’t say as what it does, I doubt it will satisfy everyone. I really think at this point Oracle should cut its losses and help spin up a charity, not-for-profit foundation with the explicit mandate to ensure MySQL continues to be released and developed under the GPL.
- MySQL developer responds to Stallman’s plea to free MySQL from Oracle
The basis of Brian Akers’ response seems to be taking issue with RMS’ apparent support for dual licensing. His argument makes a certain amount of sense but I don’t think this risk of dual licensing is unique to the GPL, I think concerns around copyright assignment and ownership persist regardless and require more discussion and thought.
- Mozilla’s answer to aggregating social conversation?
My biggest disappointment with Wave is that I don’t see it ever addressing the need to aggregate distributed conversations across multiple social networks. Raindrop, a new project from Mozilla, however, appears to be aiming squarely at this need. I am cautiously excited at the potential in this project.
- AT&T urges employees to speak against FCC’s net neutrality plan
Via the Net Neutrality Squad, a correct link to the original email text. The link some sites used is in many cases apparently broken. Looking this over, it seems to be carefully worded enough to remain legal but I think it is still pretty sleazy if not outright immoral.
- EFF steps in to defend culture jammers, Yes Men
At Ars Matthew Lasar explains what has the Us Chamber of Commerce peeved to the point where they issued a DMCA takedown against the pranksters. The EFF is working to defend them on a fair use basis, as the site in question is clearly intended as satire and social commentary. I am guessing the USCoC is stinging more over a Yes Men member infiltrating a meeting.
- Data entry errors result in improper sentences
This story is horrifying, really, and I would think a very strong case for usability expertise for any sort of system where such a human error could have dire consequences.
- Foundation opens the source to Symbian’s kernel
As Ryan Paul explains at Ars, this is the latest step in responding to competitive pressure from other, newer mobile platforms that started their lives as open source. Paul also spoke with the executive director of the Symbian Foundation about the relative advantages the more mature and widely adopted OS brings with both the opening of its sources and the delivery of a supporting SDK.
- First release from open source voting system project
According to Wired, this project has already been in the works for several years, not sure how I missed prior mention of it. This release is essentially very early prototype code but hopefully will get the academic community analyzing and providing necessary feedback, as they have been doing to the less receptive commercial vendors.
- Preview build of Mozilla’s CSP available
This is excellent news, direct from Mozilla’s Security Blog. The work isn’t complete but it is far enough along for testing by security folks. I hope this makes it into Firefox 3.7, its good stuff.
- Cyber bullying bill not well received
I am very glad to read at Wired that Rep. Sanchez’s bill was not enthusiastically embraced in sub-committee review. Even if this goes forward despite this early stumble, I hope it founders on serious free speech consideration. Bullying is lamentable, yes, but do we really need to impose a limit on speech comparable to defamation for it?
- Fourth Public Knowledge video in “We Are Creators Too” series
This time, looks like a slightly different but just as valuable perspective. PK describes Francesca Coppa as an English professor, author and feminist. She is also a videographer, which would be the common thread of the series.
- Oracle’s ownership of MySQL is about Microsoft
A plausible theory by Matt Asay. Oracle certainly doesn’t have the same sort of relationship with open source as say Sun or even IBM. Unfortunately, Asay doesn’t consider what the recent developer exodus and dilution of MySQL’s mark might mean for this idea.
- Bill proposes to require publicly funded books to be open source
I am strongly biased towards this sort of idea, it seems like a logical extension of our civic contract. If the public ultimately funds the work, they should get unfettered access to the result. I am less concerned with the impact on the market as I doubt this will eliminate the need for privately developed titles and Flat World is already demonstrating how open source can even be compatible with for profit business models.
- P2P bill goes into markup
As Nate Anderson explains at Ars, the bill seeks to require some simple rules around files that software may be sharing to help reduce inadvertent. This seems like a reasonable experiment in regulating P2P. The article mentions other regulation in development, though, that is far more aggressive.
- Experimental mesh for cell phones
For the stated purpose, to help provide emergency service, this seems like an excellent idea. I wonder how well it would scale and operate in a sustained mode in as an alternate to traditional cells? I suspect not entirely well and attempting it would undoubtedly draw the ire of the mobile operators.