RealTime IT News

Blog Archives

Mozilla's New Firefox Logo is a lot like the old Firefox Logo

By Sean Michael Kerner   |    June 28, 2013

Firefox Logo newFrom the 'subtle differences' files:

The Mozilla Foundation is rolling out a new logo for Firefox -- but it's likely something that few people will actually notice.

The difference between the 'old' logo and the new one is very, very subtle changes that are about optimizing the logo for mobile.

The revised logo is simpler in terms of detail and color so it works well at both small and large sizes.

"Although we think it looks great at any size, it’s been optimized to be crisper and cleaner on small screens and lower resolution devices," Mozilla developer John Slater wrote. " However, it also scales quite nicely for use in retina displays, and (unlike previous versions) can be accurately recreated in SVG so it’s more ‘of the Web’"

Mozilla designer Sean Martell provides a 6-step key to all the differences between the oldfirefox logo and the new one. Personally, I didn't notice all 6 - without Martell's blog assistance.

"A final touch that you may notice in the new logo (and one that makes me very happy) is the arm of the fox now extends from a shoulder instead of layering behind his chest 6. It’s a small detail, but it really seems to unify the form of the fox and make him feel more cohesive a brand element. So there it is. Not a logo redesign, but a simplification in form and function. "

I use Firefox every day, and while I know the logo, the default view I have of the browser is not one that includes the logo at all.

I use Firefox as my view into the web and it's not one that has Firefox's logo splattered all over my interface -- which is just the way i like it. Firefox gets out of the way and let's me experience the web.

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

Open Source FreeBSD Co-Founder Leaving Apple

By Sean Michael Kerner   |    June 27, 2013

beastieFrom the 'Think Different Be a Beastie' files:

Jordan Hubbard, the open source developer that helped to co-found the FreeBSD Project back in 1993 is leaving Apple.

Hubbard had been at Apple since 2001 and his most recent title was the Director of UNIX Technology. Mac OS X after all has strong roots in FreeBSD and Hubbard's employment at Apple was a key part of that.

Hubbard is now set to join iXsystems as CTO effective July 15th. iXsystems is a long time supporter and advocate of FreeBSD.

I’m very excited to have this opportunity to help guide iXsystems through its next phase of professional and technological development," Hubbard said in a statement. "This is not just a great opportunity for me to be part of a company known for its strong support of FreeBSD and other open source software, but I’m also looking forward to helping it achieve new levels of success with the TrueNAS storage appliance and having the opportunity to create future innovative products."

So what does this mean for Apple?

Likely not a whole lot. Apple is not likely to stray too far from Mac OS X's BSD core. Then again Apple's core focus lately is all about mobile, which seems to influence the desktop now more than the other way around.

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

Eclipse Kepler Orbits 71 Open Source Projects and 58 million lines of code

By Sean Michael Kerner   |    June 26, 2013

Eclipse KeplerFrom the 'On-Time Release Train' files:

In the open source development world, the influence of the Eclipse Foundation cannot be underestimated.

While Eclipse started off as 'just' an IDE over the years it has evolved with its coordinated release train effort that sees piles of project all released on the same day.

Today is that day.

The Eclipse Kepler release is now out, bundling in a staggering 71 open source projects and over 58 millions lines of code. (I know the Eclipse people have been very busy preparing for this release too, as this is the first release in the last 7 years where I have not been contacted by them before the release to chat about it).

At 71 projects, Kepler actually represents a slowing down for the Eclipse release train though overall the growth in the last few years has been staggering. In 2012 the Juno release delivered 70 projects. In 2010, the Helios release delivered 39 projects. In 2009, Eclipse Galileo provided 33 projects and the 2008 Gannymede release had 23 projects. Europa had 21 projects in 2007 and the very first release train in 2006 called Callisto had only 10.

So what's new?

One of the most interesting projects included in the Kepler from my perspective is the Orion 3.0 release. Orion got its start in 2011 as a web based IDE. It has grown a lot since then and is now supposed to be more scalable and usable overall.

There is also the Eclipse Stardust 1.0 release which delivers business process management engine and tools.

The two project that I personally have always benefited the most from are the PDT and core Eclipse (e4) projects. PHP Developer Tools (PDT) is the open source base for Zend Studio, and is being updated to version 3.2, thought the list of new features in the release sure does look sparse. The Eclipse Foundation similarly hasn't done a great job highlighting what's new in e4 -- though i know full well that stability and bug fixes are always very important.

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

Open Source WordPress 3.5.2 Updated for Server-Side Request Forgery Attacks

By Sean Michael Kerner   |    June 21, 2013

wordpressFrom the 'Why are you reading this? Update NOW' files:

In recent years, the open source WordPress content management (nee Blog) platform has emerged to become the dominant player in web CMS space. That's why when there is a security update you should RUN DON'T WALK to patch.

WordPress 3.5.2 is out today fixing 12 flaws of varying severity.

Top of the list (and top of mind for me) is: "Blocking server-side request forgery attacks, which could potentially enable an attacker to gain access to a site."


Multiple fixes for cross-site scripting.

Cross-Site Scripting (XSS) attacks have long been among the top attack vectors so it's great to see swift action from WordPress in fixing these flaws.

If you're already running a WordPress 3.5.x site, you can update your site easily from the dashboard - which is something you should do - NOW.

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

Open Source PHP 5.5 Released with Opcode Caching

By Sean Michael Kerner   |    June 21, 2013

phpFrom the 'Who Needs Windows XP Anyways?' files:

One of the biggest open source PHP releases in years is now out and you can count me among those that are excited and eager to deploy and use it.

Among the big ticket items in this release is the inclusion of the Zend Optimizer+ Opcode cache, which I first wrote about in February.

"OPcache improves PHP performance by storing precompiled script bytecode in shared memory, thereby removing the need for PHP to load and parse scripts on each request," the manual explains.

Yeaah I know, there are other options - notably APC - but to have this included as part of the core of PHP will likely result in a more optimized PHP experience.

PHP 5.5 also includes a new password hashing API that I first wrote about in November of 2012. The TL;dr version of what this does is it will improve security in a good way by making it easier for developers to use secure password hashing.

"The password hashing API provides an easy to use wrapper around crypt() to make it easy to create and manage passwords in a secure manner."

And oh yeah, PHP 5.5 will not support Windows XP and Server 2003. Considering that those systems are 10+ years old, is anyone surprised?

You can check out the full list of changes in the changelog.

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

Zombies, Linux, IBM and SCO

By Sean Michael Kerner   |    June 18, 2013

From the 'Indemnify Me' files:

In March of 2003, SCO Group filed a lawsuit against IBM over Unix trade secrets.

Ten years later, it's a legal dispute that is still alive.

Groklaw - a site that got its start because of the SCO case - and a site that is still very much alive was the first to report on the re-opening of the case.

Many people had thought this case was over at multiple points in the past. For me personally, the biggest milestone of the last 10 yrs of this legal battle came in March of 2010. That's when SCO was defeated (for the nth time) but in that case it was over the ownership of the Unix copyrights.

The final ruling in that episode of the saga was that Novell still owns the copyrights. So the logical thinking there is that if Novell owns the copyrights, how can SCO sue anyone over infringement over said copyrights?

The new ruling re-opening this case states:

On or before July 15, 2013, IBM may file a new motion for summary judgment limited solely to the effect of the Novell judgment on the remaining claims and counterclaims.

So the zombie that is SCO still lives, without a leg to stand on mind you - but it's still there.

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

Judging Linux Innovation

By Sean Michael Kerner   |    June 13, 2013

From the 'Net New or Just Better than Before?' files:

BOSTON. Innovation is a tough word to define concretely.

It really does means different things to different people. Sometimes it is a net new 'thing' that moves the ball forward in some way (like electricity). Then there is disruptive innovation - like the first wave of Linux - which re-thinks and improves the way things are done.

I hear from a lot of vendors everyday that their product is innovative in some way - and why not - who wants to hear about a technology that isn't innovative?

Every so often though I get to hear about a different type of innovation. That is innovation in the way things are done - in the real world.

At the Red Hat Summit in Boston, I have the distinct honor and privilege of being part of the Red Hat Innovation Awards proceedings.

For the second time in the last 8 years, I am a judge (first time I was a judge was in 2005). Red Hat and indeed the technical world is a somewhat different place now but innovation - real innovation -  that comes from real people using technology remains rooted in the same core fundamentals to me.

It's either about some ridiculously cool use-case or service that just makes me go - WOW. Or perhaps more importantly it's about a real company that uses technology in a measurable way to do something better than before.

I like both types of innovation and both are worthy of awards.

The panel of judges collectively (via a scoring system) have selected just over a handful of vendors as category award winners this year. Reality from my perspective is that there were a lot of really interesting use-cases that I personally had never considered before about how technology change and usage can make things better and more efficient.

In the bubble of tech journalism it is easy to get caught up in speed and feeds and any given vendor's next Big Thing. It's critical to remember that in the end if that Big Thing (or even existing Things that might not be Big) are used by companies to do stuff. That's where innovation is manifest - in the usage model.

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

What Do You Want to Ask a Linux Journalist? #RHsummit

By Sean Michael Kerner   |    June 13, 2013

From the 'Purveyors of the TRUTH' files:

BOSTON. This morning I was on a panel at the Red Hat Summit with Scott Merrill from TechCrunch and Jon Brodkin from Ars Technica with moderation from 451 Groups John Abbot.

Officially the session was titled, "Hot Off the Press: Top Journalists on Today's Tech Trends" but it really could have just been called - What Do You Want to Ask a Linux Journalist?

We had about 60 people or so in the room and the primary topic of discussion - not surprisingly - was cloud . Also not surprising is the fact that no one in the audience had actually deployed an OpenStack cloud. Considering that this is a Red Hat conference, that's not terribly surprising either - since Red Hat's full product is not yet available.

We got a lot of questions about VMware and competition and questions about why people move to the cloud.

There were questions about vendor lock-in and choice - which was interesting. Open Source of course means that code is open but hey if you can't support that code yourself - or find someone that can - isn't that a form of lock-in too?

A Financial Analyst that was in the session peppered us with a bunch of really great questions about the market and dynamics for IaaS, PaaS and if the model for sales/support need to change (it does). Cloud isn't just server, and server isn't just server anymore either. In the Software Defined era, where storage, networking and compute co-exist and are ephemeral at times skill and support models must evolve.

Desktop Linux was not a concern for anyone in the audience - no one was using it apparently - which is a shame because I think that Red Hat's move to embrace GNOME Classic is a very good thing.

The bottom line for me though - is there is a tremendous amount of confusion and mis-understanding about what the cloud is and what OpenStack is. And there is still some herniation from users about it until the model plays out..

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

Cisco and Red Hat Enterprise Linux

By Sean Michael Kerner   |    June 12, 2013

From the 'That's a lot of machines' files:

Cisco Red HatBOSTON. I've known for some time that Cisco runs and uses Linux. Until today though I had no idea how large that footprint was.

Speaking at the Red Hat Summit today, Ram Appalaraju, Vice President of Technology, Products and Solutions Engineering at Cisco told us all what the Cisco Linux footprint is.

Are you ready for it?

Drum roll please...

Cisco has over 10,000 RHEL instances.

That's not Cisco customers, that's Cisco's own IT. That's a non-trivial footprint. So not only is Cisco a big Red Hat partner, but they're a big customer too.

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

JBoss: We're Not Just About Java Anymore

By Sean Michael Kerner   |    June 12, 2013

BOSTON. For better or for worse, when I think JBoss I think - Java.

In the open JBoss keynote at the Red Hat Summit this week, Mark Little the CTO for Red Hat's JBoss explained why JBoss is more than just Java today.

But don't get me wrong - Java is still at the center - but according to Little, it's not my 'father's' Java anymore. This is a lightweight Java that is faster and can be embedded on resource constrained devices. Apparently JBoss Application Server 7 can be deployed on an Android phone.

"We don't do small just for the PR, though the PR is nice," Little said. "We think if we can make our app platform run well on a Raspberry Pi imagine how well it will run on a typical server."

On the 'more than Java front - Little detailed something called Vert.Xwhich is JBoss' answer to node.js - that is an async app platform that will run with any number of languages including JavaScript, Ruby, Python and yes Java too.

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

Say What? Top Five IT Quotes of the Week

By Sean Michael Kerner   |    June 07, 2013

"The level of secrecy around the current legal procedures undermines the freedoms we all cherish"

Larry Page, Google CEO commenting on NSA PRISM (Google)

"I call on all Web users to demand better legal protection and due process safeguards for the privacy of their online communications, including their right to be informed when someone requests or stores their data"

Sir Tim Berners Lee, commenting on NSA PRISM - (WebFoundation)

"As individuals get more notifications, they get used to them. So after awhile, you are just immune to the notification, because you haven't really suffered."

Larry Ponenomon of the Ponemon Institute commenting on why the cost of a data breach in the U.S is declining (eSecurity Planet)

"The good news is that almost everywhere we look, IPv6 is increasing. It seems to be me that it's now at the groundswell stage, and it all looks like everything is up and to the right."

Phil Roberts, technology program manager at the Internet Society commenting on the one year anniversary of World IPv6 Launch (EnterpriseNetworkingPlanet

"It's more accurate to say this is open source vs. the goals of a single, for-profit startup"

OpenDaylight Project commenting on the exit of Big Switch from the open source SDN project (InternetNews)

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

Is NSA Prism the New FBI Carnivore?

By Sean Michael Kerner   |    June 06, 2013

NSAFrom the 'Uncle Sam is Watching' files:

Lots of concern and talk in the last couple of days over the Washington Post's leaked government story on PRISM.

The TL;dr version is that PRISM was/is an NSA operation that routes American's private information to the NSA where it can be analyzed in the interest of national security.

While the revelation about NSA PRISM is new - the fact that the U.S. Government has active programs to surveil the Internet for email and otherwise is not.

Remember Carnivore?

Back in 2005 it was revealed that the FBI had to abandon it's own Internet surveillance effort known as Carnivore. With Carnivore, the FBI was quite literally injesting email and Internet content en masse from the U.S .

Officially known as the Digital Collection System 1000 (DCS-1000), Carnivore captures data traffic that flows through an Internet service provider (ISP). The system prompted a flurry of criticism from privacy advocates when it was announced in 2000 during the Clinton administration.

At the time that Carnivore was shut down, the Electronic Privacy Information Center (EPIC) speculated that, "FBI's need for Carnivore-like Internet surveillance tools is decreasing, likely because ISPs are providing Internet traffic information directly to the government."

Eight years later, it looks like EPIC was right - since it would appear based on the WaPo report that the NSA has been getting info directly from providers.

I saw the head of the NSA,  General Alexander speak at Defcon last year and he's slotted to speak as a keynote at Black Hat this year. I wonder if he'll actually show up now given the revelation of PRISM.

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

Apple IOS Charger MACTANS Black Hat Hack Powered by Open Source?

By Sean Michael Kerner   |    June 05, 2013

BeagleBoardFrom the 'Open Source BeagleBoard for Hackers' files:

The annual Black Hat USA security conference is coming up at the end of July and the hype around big attacks has already started. One of the early hyped talks is about hacking Apple power chargers to infect IOS (iPad,iPhone) devices.

"In this presentation, we demonstrate how an iOS device can be compromised within one minute of being plugged into a malicious charger," the talk abstract states.

This wouldn't be the first time that a 'power' related attack vector is used to infiltrate Apple. In 2011, Charlie Miller attempted to demonstrate (with very limited success) how he could attack Apple via the Mac battery.

The charger attack is somewhat different, in that the Black Hat speaker have built their own malicious charger called a Mactans. The interesting part (though not terribly surprising) is that they have used the open source Linux-powered BeagleBoardas the base of the Mactans.

The newest BeagleBoard is an ARM Cortex-A8 based system. It can run various flavors of Linux (including Ubuntu, Gentoo and Android) as its embedded OS.

While full details on this talk are not yet available - and with Black Hat there is always the possibility that a talk will be pulled - the reality is that since we already know the hardware base (and it's easily accessible) if the researchers ever decide to 'leak' their Mactans app, (*and assuming it works) there could be....trouble.

To be fair, hacking via a connected USB power supply source doesn't require open source hardware. Open source hardware just makes it easier to prototype and test. Still it's an interesting use-case and could serve to enable a new generation of hackers to hack on BeagleBoards (probably Raspberry Pi and Arduinos too!)

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

OpenStack Open Source Cloud Crosses 1000 Author Threshold

By Sean Michael Kerner   |    June 04, 2013

OpenStack FolsomFrom the 'Open to Code' files:

There are a lot of different metrics to validate the health of an open source project. In my opinion, one of the most critical is the number of different code authors.

The open source OpenStack cloud platform this week has crossed a key threshold in that regard, now boasting 1,006 different source code authors (from the period of may 2010 to June 3, 2013).

Huzzah! That's a non-trivial accomplishment.

Just for some comparison though, the Linux kernel (a larger and older project) passed 7,800 developers in 2012.

Drilling down into the data that OpenStack (true to its nature) keeps very open - in the last month alone there were 313 unique authors and 2,512 code commits. In total aggregate lines of code that translates into 914,334 lines of code that were added and 429,700 lines of code that were removed.

Earlier this year, at the time of the Grizzly release, stats were available that detailed where the contributions were coming from. For the Grizzly release, Red Hat topped the list, with 836 commits across core OpenStack projects and 1,854 commits across all OpenStack projects. Red Hat developers added 121,632 lines code and remove 87,145 lines of code.

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

DreamHost Gives Debian Wheezy Linux the Boot in Favor of Ubuntu

By Sean Michael Kerner   |    June 03, 2013

DebianFrom the 'Hosting Linux' files:

Dreamhost is one of the most popular web hosting companies and it has long been a strong support of Debian Linux.

Dreamhost isn't making the move to Wheezy which was recently released. Instead Dreamhost is moving to Ubuntu - apparently because they see it as being more stable.

"About ten months ago, we realized that the next installation of Debian was upcoming, and after upgrading about 20,000 machines since Debian 6 (aka Squeeze) was released, we got pretty tired," Dreamhost developer Brett Gailey wrote in a blog post. "The release cycle for Debian is stable, but it’s not long enough for us to focus on stability."

Umm really? Debian isn't stable enough? True it doesn't have a five year support plan but still, I'm a bit skeptical.

Putting on my conspiracy hat, I can tell you that I also know full well that Mark Shuttleworth has been a strong back of Ceph and Inktank, which not so coincidentally are backed by guess it Dreamhost.

So maybe there was some....discussion...between Canonical Ubuntu and Dreamhost? (then again maybe not, I'm just speculating and have evidence either way).

Bottom line though, this is win for Ubuntu, make no mistake about that. While much of the hosting world for Linux has long relied on Red Hat/Fedora/CentOS, Dreamhost's support for Debian has set it apart. Not that Ubuntu needed the boost, but Dreamhost's endorsement as a platform for hosting is a good thing for Shuttleworth and crew.

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.