-
Jury rules that Eolas's "interactive web" patent is invalid (ars technica)
Well, that was quick. The jury in a patent lawsuit against eight companies that use "interactive web" technologies has found the Eolas Technologies patent to be invalid, according to a report at ars technica. "[Tim] Berners-Lee took to Twitter to cheer the decision. 'Texas jury agreed Eolas 906 patent invalid,' he wrote. 'Good thing too!'
[...]
Companies that depend on the open Web hailed the verdict. 'We are pleased that the court found the patents invalid, as it affirms our assertion that the claims are without merit,' a Google spokesperson told Ars."
-
Lima driver code for the Mali GPU released
The Lima driver project has released the code for its open source graphics driver supporting the Mali-200 and Mali-400 GPUs. "The aim of this driver is to finally bring all the advantages of open source software to ARM SoC graphics drivers. Currently, the sole availability of binary drivers is increasing development and maintenance overhead, while also reducing portability, compatibility and limiting choice. Anyone who has dealt with GPU support on ARM, be it for a linux with a GNU stack, or for an android, knows the pain of dealing with these binaries. Lima is going to solve this for you, but some time is needed still to get there." (Thanks to Paul Wise.)
-
Security advisories for Thursday
CentOS has updated squirrelmail (C4; C5:
multiple vulnerabilities) and mysql (C6:
multiple unspecified vulnerabilities).
Debian has updated icedove (multiple
vulnerabilities) and cvs (remote code execution).
Fedora has updated ettercap (F15; F16:
insecure settings file), mysql (F16:
multiple unspecified vulnerabilities), maniadrive (F16:
PHP remote code execution), php (F16:
remote code execution), php-eaccelerator
(F16: remote code execution), and samba
(F16: denial of service).
Mandriva has updated wireshark
(multiple vulnerabilities).
openSUSE has updated firefox
(multiple vulnerabilities), curl
(authentication bypass), powerdns (denial
of service), kernel (11.3; 11.4: multiple
vulnerabilities), kvm (two
vulnerabilities), tomcat6 (multiple
vulnerabilities), apache2 (11.3; 11.4: multiple
vulnerabilities), squid3 (denial of
service), gnutls (denial of service), dovecot20 (certificate spoofing), xorg-x11-server (two vulnerabilities), ruby (multiple vulnerabilities), curl (multiple vulnerabilities), firefox (multiple vulnerabilities), nginx (code execution), lighttpd (denial of service), sysconfig (code execution), and opera (multiple vulnerabilities).
Oracle has updated squirrelmail (OL4; OL5:
multiple vulnerabilities) and mysql (OL6:
multiple unspecified vulnerabilities).
Red Hat has updated squirrelmail
(RHEL 4&5: multiple vulnerabilities), libxml2 (RHEL 5.6: code execution), mysql (RHEL 6: multiple unspecified vulnerabilities), and kernel (RHEL 5: multiple vulnerabilities).
Scientific Linux has updated squirrelmail (SL4&5: multiple
vulnerabilities) and mysql (SL6: multiple
unspecified vulnerabilities).
SUSE has updated xulrunner (SLE 11
SP1: multiple vulnerabilities) and firefox
(SLE 10 SP4: multiple vulnerabilities).
-
Trustwave admits issuing man-in-the-middle digital certificate (ComputerWorld)
Here's a variant on the "untrustworthy SSL certificate authority" theme: this
ComputerWorld story describes how Trustwave issued a "subordinate root"
certificate to a private company. That allowed said company to stamp out
certificates for any domains it liked and conduct man-in-the-middle attacks
against SSL traffic from its internal network. "Trustwave defended
itself by saying that the issuing of subordinate roots to private
companies, so they can inspect the SSL-encrypted traffic that passes
through their networks, is a common practice in the industry."
-
Patent troll claims ownership of interactive Web—and might win (ars technica)
Ars technica is reporting on a patent trial taking place in ... you guessed it ... East Texas that could have quite an impact on the web as we know it. Eolas Technologies is suing eight companies including Google and Yahoo for $600 million in a series of four trials, the first of which (to determine the validity of the patents) could go to the jury today.
"Today, Doyle and his lawyers say he’s owed royalty payments for the use of a stunning array of modern Web technologies. Watching online video, having a "search suggestion" pop up in a search bar, or even rotating an image of a sweater you might want to buy on an online shopping site—all are said to infringe on the idea-space of Doyle and his company, Eolas Technologies."
-
Btrfs: The Swiss army knife of storage (;login:)
The February
2012 issue of ;login: has a
detailed overview of Btrfs [PDF] written by developer Josef Bacik.
"Btrfs’s snapshotting is simple to use and understand. The snapshots
will show up as normal directories under the snapshotted directory, and you
can cd into it and walk around like in a normal directory. By default, all
snapshots are writeable in Btrfs, but you can create read-only snapshots if
you so choose. Read-only snapshots are great if you are just going to
take a snapshot for a backup and then delete it once the backup
completes. Writeable snapshots are handy because you can do things such as
snapshot your file system before performing a system update; if the update
breaks your system, you can reboot into the snapshot and use it like your
normal file system."
-
Kernel prepatch 3.3-rc3
The 3.3-rc3 prepatch is out. "No big
surprises, which is just how I like it. About a third of the patches are in
ARM, but the bulk of that is due to the removal of the unused DMA map code
form the bcmring support. So no complaints."
-
[$] LWN.net Weekly Edition for February 9, 2012
The LWN.net Weekly Edition for February 9, 2012 is available.
-
Intel's upcoming transactional memory feature
Here is a
posting on the Intel software network describing the "transactional
synchronization extensions" feature to be found in the future "Haswell"
processor.
With transactional synchronization, the hardware can
determine dynamically whether threads need to serialize through
lock-protected critical sections, and perform serialization only when
required. This lets the processor expose and exploit concurrency that would
otherwise be hidden due to dynamically unnecessary synchronization. At the
lowest level with Intel TSX, programmer-specified code regions (also
referred to as transactional regions) are executed transactionally. If the
transactional execution completes successfully, then all memory operations
performed within the transactional region will appear to have occurred
instantaneously when viewed from other logical processors. A processor
makes architectural updates performed within the region visible to other
logical processors only on a successful commit, a process referred to as an
atomic commit.
Needless to say, there should be interesting ways to use such a feature in
the kernel if it works well, but other projects (PyPy, for example) have
also expressed interest in transactional memory.
-
Wednesday's security updates
Today's update pile is gratifyingly small: Ubuntu has updated thunderbird (multiple vulnerabilities) and xulrunner (multiple vulnerabilities).
|
Vesti sa drugih sajtova 
