Linux News Today features the latest news from the global Linux community. This site is updated daily. Click here to return to our homepage. Get the lowest cost and the best tech support on any Linux web hosting plan. Click here for details.
                                          home   |   news archives   |   linux forum   |   advertise on our site   |   contact

Click here to order your new fully dedicated Plesk server with the Linux operating system.

Promote your company. Reach over 450,000 Linux software developers, Linux users, Web hosting companies, etc. Boost your sales and promote your brand. Read more, click here.

Do it right this time. Click here and we will take good care of you!

Get all the details by clicking here!

Plans begin at $24.95 a month. Get more details, click here.

Promote your company. Reach over 450,000 Linux software developers, Linux users, Web hosting companies, etc. Boost your sales and promote your brand. Read more, click here.

Click here to order your new fully dedicated Plesk server with the Linux operating system.

Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.

Red Hat to assume the leadership of the OpenJDK 6 community

Share on Twitter.

Get the most reliable SMTP service for your business. You wished you got it sooner!

March 8, 2013

Red Hat said earlier this morning that it is assuming the leadership role of the OpenJDK 6 community, just a few days after Oracle said it would issue the final patch for version 6 of its commercial Java SE 6 Development Kit.

To be sure, Oracle posted JDK 6's update 43 on Monday as an emergency patch for the latest in a series of severe security vulnerabilities that have plagued the Java browser plugin for several months already.

Although Oracle is investigating other similar security flaws, it also said that this would be the last set of public fixes for the Java SE 6 platform.

"Oracle recommends that users and developers migrate to JDK 7 in order to continue receiving public updates and security patches," the database giant added in the update's formal release notes.

As a matter of fact, users got more useful life out of JDK 6 than they had any reason to expect. Oracle originally set the end-of-life date for JDK 6 for July 2012, but it pushed back the kill date twice to give users extra time to upgrade to the new software.

But yesterday, Red Hat said it would continue to maintain JDK 6, even now that Oracle has ceased supporting it, in the form of OpenJDK 6, the open source reference implementation of the Java platform.

"Red Hat has transitioned into a leadership role for the OpenJDK 6 project, effectively extending support for the technology and its users," the company said this morning.

Although primarily known as the leading enterprise Linux vendor, Red Hat has also been a major presence in the Java community, ever since its $350 million acquisition of open source middleware maker JBoss in 2006.

Since then, Red Hat has been one of the most active participants in the OpenJDK community, along with the likes of Google, IBM, and well, Oracle itself.

Red Hat added that its decision to take on the leadership of the OpenJDK 6 project reinforces its commitment to the broader Java community and to driving the future of the platform.

"Red Hat's vision includes better overall performance and manageability while enabling greater functionality around dynamic scalability and cloud computing," the company said.

Red Hat didn't outline any specific plans for OpenJDK 6 under its current leadership, but given that the Java 6 specification is frozen for now, it's safe to assume that its main focus will be on fixing bugs and closing security flaws as they are discovered.

According to the OpenJDK 6 project website, "bug fixes in JDK 7 that do not involve specification changes have presumptive validity for OpenJDK 6. That is, by default, such fixes are assumed to be applicable to OpenJDK 6, especially if having 'soaked' in JDK 7 for a time without incident."

That simply means that any new fixes Oracle makes to JDK 7 should also be applicable to OpenJDK 6. What's needed is someone to do the work, and that's where Red Hat is stepping in.

Of course, there is one other option available to JDK 6 users who don't want to switch to OpenJDK, and that's Oracle's premium Java SE Support. Oracle will continue to provide updates to JDK 6 for another two years or more, but for a fee or course.

Maybe you can thank Red Hat for offering what's essentially the same thing but for free. We will keep you posted on this and on other stories as they develop.

In other Linux and open source news

Jonathan Corbet, a senior Linux kernel developer (pictured at the left) has underlined an instance of what he calls a lax approach to security in the Linux operating system.

Corbet is citing the case of a serious vulnerability that is now more than a month old and is yet to be addressed and solved in a timely manner.

Corbet described in an article how a security hole in the kernel, which was initially discussed on a private mailing list, had been made public with a posting by another kernel developer named Oleg Nesterov.

According to Corbet and Nesterov, the vulnerability in question would permit the running of arbitrary code in Linux's kernel mode.

"It seems to me that the Linux implementation of the ptrace() system call contains a race condition-- a traced process' registers can be changed in a manner that causes the kernel to restore that process' stack contents to an arbitrary location," wrote Corbet.

He raised the issue in the context of a discussion of other kernel vulnerabilities and criticism, by a security-oriented firm of the way these were handled. TrustWare, the security firm, claimed that it took nearly three years to patch two flaws, claims which Corbet contested.

But in the case of the vulnerability that he himself cited, Corbet added that the security flaw was known to be a serious one from the outset and that one of the developers who reported it had also created exploit code to demonstrate its severity at the time.

Corbet said that, although the public discussion of this flaw was nearly a month old at the time of writing, his article appeared on February 19 and had been discussed for a while before that privately, and that no Linux vendor had taken a step to issue a fix.

Nesterov works for Red Hat and Corbet quoted another kernel developer as asking why this company had not handled the issue as it should have been.

"Linux OS distributors knew about the issue and had enough time to respond to it but that response didn't happen in a timely manner," Corbet concluded.

"The ptrace() issue will certainly be straightened out in less than three years, but that still may not be a reason for pride. Linux users should not be left wondering what the situation is (at least) one month after distributors know about a serious security vulnerability," Corbet added.

In other Linux news

HP says that it just launched its new public Cloud partner program initiative and offered a few updates on its OpenStack performance and HP Cloud System sales.

The news surfaced at HP Global Partner Conference 2013 in Las Vegas yesterday. HP CloudSystem is now running in more than 120 cloud data centers worldwide, according to vice president Dave Donatelli.

He mentioned that CloudSystem now has more than 900 customers, and sales of the solution are growing more than 100 percent year over year.

The CloudSystem has two partner opportunities:

  • CloudBuilder opportunity is for resellers and systems integrators
  • CloudAgile program for service providers
  • Cloud Reseller Partner Program
  • Meanwhile, HP is also launching new partner program components for its public cloud. Dan Baigent, senior director of business development, HP Cloud Services, said the HP Cloud Builder Program gains public cloud capabilities. This allows partners to refer and resell HP Public Cloud services to enterprise customers.

    Global systems integrators can also get training while ramping up consulting services for customers. He didn't mention specific margin opportunities, however.

    Baigent said that the cloud reseller partner progam will come out in three stages. Referal program where HP manages end-customer billing. Later this year, reseller programs where partners can manage end-customer billing. And then some future add-ons that allow partners to manage end-customer provisioning.

    Additionally, there are new HP Cloud Load Balancing, Monitoring as a Service and DNS as a service offerings for partners and customers.

    HP Public Cloud is OpenStack, an open source cloud platform that some critics say it needs more time to develop and mature.

    But Baigent pointed out to OpenStack's progress and HP's leadership: "We are the ones who have moved the needle forward in terms of reliability and stabililty when it comes to the Cloud. But it's an ecosystem. We believe that's what makes the community robust-- multiple contributors to push this forward. We wouldn't have launched our service and offered an SLA if OpenStack wasn't ready."

    Al Chien, vice president, sales and marketing, said he has an installed base of customers that are asking about moving workloads between private, hybrid and public clouds. He plans to leverage the HP relationship as those opportunities come along.

    Cloud Agile partners basically build their cloud solutions on top of HP hardware. Axcient, for instance, runs its cloud storage and business continuity atop HP's hardware. Both Axcient and Latisys have their own partner programs. Simac does not have a partner program but is getting inquiries and listening to feedback about that potential path.

    In other Linux and open source news

    Kent Overstreet, a Google software engineer working on the Linux operating system for the past ten years, has reworked the kernel's DIO (Direct I/O) code so that it's vastly simpler while also being faster for some test runs done in the last week.

    On February 11 was the original work in progress patch to improve the DIO code in Linux. As Overstreet wrote then, "The end result is vastly simpler-- direct-io.c is now less than 700 lines of code, vs. the more than 1300 previously. dio_submit is almost gone. I'm now down to four things left in it. It relies heavily on my block layer patches for efficient bio splitting, and making generic make request() take arbitrary size bios."

    "It also gets rid of the various differences between async and sync requests. Previously, for async reads it marked pages dirty before submitting the io (in process context), then on completion punts to worqueue to redirty the pages if any need to be. This now happens for sync reads as well," he added.

    Not only does it yield a net reduction in the number of lines of code for the Linux DIO code, but it's also yielding performance improvements with the most recent patch.

    Overstreet published on Wednesday-- "Got it working again and ran some benchmarks. On a high end SSD, doing 4k random reads with fio I got around a 30 percent increase in throughput. The decrease in compiled binary size is even more dramatic than the reduction in lines of code."

    "It's only been lightly tested - I haven't run xfstests yet - but there shouldn't be anything broken excluding btrfs. There's a few more performance optimizations I may do, but aside from the btrfs issues, I think it's essentially done. Due to the sheer number of hairy corner cases in the dio code, I'd really like to get as much review as possible. The new code should be vastly easier to review and understand," he added.

    This Linux I/O improvement that's leaner yet higher-performing sounds exciting but hasn't been reviewed extensively yet by Linux kernel developers. If everything pans out, hopefully this work will be merged into a future Linux kernel release in the near-term.

    In other linux kernel news

    Aside from much slower speed at writing on paper, another significant drawback to traditional pens when compared to typing on a computer is the lack of correction utilities.

    A paper notebook that you write on with a pen or pencil doesnít feature software that let you know when you have spelled something wrong, or when your grammar doesn't sound right. It also won't tell you when your writing becomes almost impossible to read to most humans.

    Get your fully dedicated Plesk Linux server with a free Plesk control panel, a $40 per month value.

    But now, European startup firm Lernstift is looking to bring those correction utilities to pen-and-paper-- literally.

    The companyís new pen of the same name will actually vibrate to alert you when your handwriting has become illegible or when youíve made a grammatical error.

    To be sure, the new pen doesnít sport a fancy display, but instead uses different combinations of modes and vibrations in order to provide you with specific corrections.

    When the pen is switched to Calligraphy Mode, it will vibrate once whenever it detects an illegible letter. In Orthography Mode, the pen will vibrate once when you make a spelling error, and vibrate twice when it detects a grammatical error.

    The detection mechanisms work in the air as well, so you donít have to actually put pen to paper for the correction features to function.

    The Lernstift pen runs on the Linux operating system and employs the use of motion sensors in order to detect what youíre writing. It uses the data obtained from the motion sensors to look for possible errors.

    Currently, two models of the pen are in production. The first model can be considered the standard version, providing the correction capabilities, but not much else.

    A more complex model with more features works with your WiFi connection, as well as a pressure sensor to let you know when youíre pressing too hard on the paper.

    If you think youíll be emotionally stable after a pen tells you that it can write better than you, the standard model is slated for an August 2013 release, while the more complex model is planned for a release in 2014. Pricing isn't available yet.

    In other Linux news

    According to various rumors seen on the blogosphere earlier this morning, Microsoft looks like it could be taking a meaningful look at releasing a full Linux port of its Office Suite sometime next year.

    The sudden change of mind is apparently due to Linux showing commercial viability, and because Microsoft is reportedly already working on Office for Android.

    Android, as you probably already are aware of, is a Linux-based operating system, meaning a lot of the porting work will have already been done.

    It shouldnít take too much effort to take the next step and bring Office to Red Hat, CentOs, Ubuntu or any other Linux flavor for that matter.

    Until today, Microsoft has never released a part of desktop software for Linux, with the exception of Skype, but that was an acquisition, so it changes everything.

    But Microsoft does have a Linux department which has mainly been tasked with maintaining Hyper-V (virtualization) compatibility with Linux operating systems under Windows, and Windows Server 2008 and especially Windows Server 2012 are prime examples.

    Presumably, and with the development of Office for Android, Microsoft has beefed up its number of Linux developers, and those developers will then also work on Office for Linux.

    The big question is whether thereís actually significant demand for Office for Linux. On any typical day, Linux has perhaps 1 or 2 percent of the desktop market, and about 53 percent of it is with Ubuntu.

    However, itís still important to remember that almost every Linux distribution comes with Libre Office for free. Itís only an educated guess, but some open-source developers suspect that there are scant few Linux users who would proactively go out and pay for Microsoft Office

    After all, many desktop Linux users chose their operating system because itís free, both in the money sense, and free from Microsoft's deadly grip and mad control of Windows and its desktop software.

    The other possibility is that Microsoft could be reacting to increased uptake of Linux and cloud-based productivity suites by large institutions, such as universities, cities, municipalities and governments from all over the globe.

    Source: Red Hat.

    Get the most reliable SMTP service for your business. You wished you got it sooner!

    Share on Twitter.

    All logos, trade marks or service marks on this website are the property of their respective companies or owners.

    Article featured on Tech Blog and on Business 5.0

    Get a best price and the most dependable server colocation reliability from the experts at Sun Hosting. Learn more. This article was featured on Tech Blog and Business 5.0.

    Linux News is read by over 450,000 people involved in the field of Linux application development, professional Web hosting services, Linux security, Linux Web development, etc. Inquire about our reasonable advertising rates on our news website. One of our advertising representatives will be in touch with you. Simply email us to learn about our ad rates and how we can help drive relevant traffic to your website. Advertising space is limited.

      Site powered by Linux Hosting      Sponsored by DMZ eMail and by Sun Hosting.      Linux news while they are still fresh.    ©   Linux is a registered trademark of Linus Torvalds.