Linux and LISH release census for open source security
Wednesday, February 19, 2020 by Brittany Hainzinger
The Linux Foundation’s Core Infrastructure Initiative (CII) and the Laboratory for Innovation Science at Harvard (LISH), announced the release of ‘Vulnerabilities in the Core,’ a Preliminary Report and Census II of Open Source Software.
This Census II analysis and report represent important steps towards understanding and addressing structural and s...
Testing software updates with production traffic
Thursday, July 18, 2019 by Robert Ross
Test and development cycles have significantly changed under the DevOps model. To remain competitive, software developers must continually release new application features. They’re sometimes pushing out code updates as fast as they are writing them. This is a significant change from how software and dev teams traditionally operated. It used to be that teams could ...
Michele Casey of Oracle Chats About Oracle Linux
Wednesday, June 22, 2016 by Richard Harris
Michele Casey, Oracle Linux Senior director of Product Management, reached out to provide insight into Oracle Linux and the platform’s place in the evolution of containers for next-generation application development.ADM: To set the stage, what are some notable container use cases where people are pursuing Oracle Linux as a solution?Casey: Oracle Linux supports abroad po...
JFrog Xray Offers Visibility for Container Images, Software Packages and Binary Artifacts
Wednesday, May 25, 2016 by Stuart Parkerson
JFrog has announced the launch of JFrog Xray, which provides visibility into the contents of software components. JFrog Xray is a universal impact analysis product, to provide companies with understanding about their container images, software packages and binary artifacts, providing insight into the huge volume and variety of components that development teams share in ...
Twitter Releases New fastlane iOS Code Signing Automation Tool
Monday, December 14, 2015 by Richard Harris
Twitter has been busy releasing functional open source tools made possible through its acquisition of fastlane in October. The latest tool in the fastlane arsenal is match, a new tool that helps automate the code signing process.The tool helps alleviate challenges for development teams which have separate code signing identities for every member which can result in a la...
Sierra Wireless and L&T Technology Services to Offer Linux Based Internet of Things (IoT) Platform
Wednesday, May 6, 2015 by Stuart Parkerson
Sierra Wireless and L&T Technology are teaming up to establish a Legato Lab, designed to support the development of IoT applications with the Sierra Wireless’ Legato embedded application platform. The two companies will jointly market their respective products and services to customers in the automotive, transportation, and industrial markets.The Legato platform is ...
JavaScript Based Node.js v0.12 is Released
Tuesday, February 17, 2015 by Richard Harris
Node.js is a platform built on the JavaScript runtime for building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, to facilitate data-intensive real-time applications that run across distributed devices.This latest version includes API updates that may require dependency updates. Here are...
Google Play Services 5.0 Release: What’s Inside
Thursday, July 10, 2014 by Richard Harris
Now that Google Play services 5.0 has rolled out to devices we’ll take a peek at what it means for app developers. This release introduces Android wearable services APIs, Dynamic Security Provider and App Indexing and provides updates to the Google Play game services, Cast, Drive, Wallet, Analytics, and Mobile Ads.Android Wearable ServicesGoogle Play services 5.0 introd...
Android App Developers Need to Check Their Apps for Heartbleed Vulnerability
Thursday, April 24, 2014 by Stuart Parkerson
A report from FireEye, a company that provides a virtual machine-based software security platform protecting companies against cyber attacks, has found that 150 million downloads of Android apps contain OpenSSL libraries vulnerable to Heartbleed.Heartbleed allows attackers to steal sensitive information from vulnerable websites by sending crafted SSL heartbeat mess...
Google Confirms Security Compromise in Android Apps Using Java Cryptography Architecture (JCA)
Wednesday, August 14, 2013 by Richard Harris
Today on Google's Developer blog, Alex Klyubin, Android Security Engineer confirms they have found a serious security compromise in Android apps that use JCA for certain functions such as key generation and signing, or random number generation.Alex says, "We have now determined that applications which use the Java Cryptography Architecture (JCA) for key generation, sign...
