News and New Product Briefs (9/1/98)

Innoview Java Multilizer gets Java certification

Innoview Data Technologies announced that its Multilizer Java Edition 1.1 localization tool has received 100% Pure Java certification. Multilizer is based on the platform-independent Multilizer Dictionary-Translator Architecture (MDTA). According to product manager Erik Lindberg, "This unique architecture keeps the language-related tasks apart from the programming issues. The development is done efficiently with modern software components -- while the language-related issues can be conducted even by a non-programming person."

Multilizer Java Edition comes with or without source code in two versions: Standard (w/o 90; w/ 80) and Professional (w/o 90; w/ ,580). Developers can try a free 30-day evaluation copy.

http://usa.multilizer.com/java/index.html

Hostile Java app demo called into question

Israel-based company WithinReason Software has posted a demonstration of a hostile Java hack -- a reverse-engineered Java-applet version of BackOrifice -- and the posting itself is causing a stir in the Java industry.

The Java version of BackOrifice was posted on the WithinReach site as a demonstration applet to show how dangerous hostile Java apps can be. According to site co-creator Assaf Arkin, it only took five minutes to re-engineer the app.

BackOrifice, originally crafted by the Cult of the Dead Cow hacker group and showcased at a recent Def Con hacker conference, can remotely monitor and control Windows 95/98 systems and can add and delete files, directories, and registry entries.

Did we mention that Arkin's connection to the WithinReach site is, in his own words, "my pastime." His full-time career is as a customer support manager at Java/ActiveX security software company Security7 Software. And, according to Arkin, the applet is "not supposed to attack you, not to do anything that isn't irreversible. It's a demonstration." He went on to add, "The only stuff I'm involved in is feedback."

Working on both sides of the security issue can be commonplace, but it usually occurs in linear fashion. But his employer, Security7 executive VP Jack Hembrough, stands by his employee: "We think it's important that we, as security people, alert people to what it can do. I wouldn't say he's working both sides of the fence."

Creating hostile apps to test defenses is one thing. Posting them online is another.

Additional information: http://www.infoworld.com/cgi-bin/displayStory.pl?980824.ehbreach.htm http://www.techweb.com/se/directlink.cgi?INW19980817S0020

Open source town meeting faces challenges

O'Reilly and Associates recently sponsored an Open Source Town Meeting, a meeting of open source luminaries and adherents designed to toss around ideas on how to maintain open software, while at the same time discussing how to make a profit from open-source software. Open source software includes such technologies as Linux and Perl.

Included on the panel were:

  • Perl creator Larry Wall
  • Yahoo! co-founder David Filo
  • GNU project founder Richard Stallman
  • Tcl creator John Ousterhout
  • FreeBSD founder Jordan Hubbard

According to moderator O'Reilly president Tim O'Reilly, he hopes meetings such as this one will help change the position of open-source supporters from the fringe to the center of innovation.

The panel covered such topics as patents/copyright issues and Web software reuse.

New Informix extension bridges Java and COM components

Informix plans to introduce an extension to its DataBlade technology that lets users build components that will run anywhere in a three-tier architecture, whether the model is based on Enterprise JavaBeans/CORBA or COM. Currently, DataBlades technology is a way to support scalable management of new types of data objects in a database.

The new extension will give IT developers the ability to export DataBlades anywhere in a three-tier architecture, and to move the logic with changes to the application. It will add a client-side component model to the existing DataBlades server-side component model, making it possible to deploy Blades on databases as well as middleware.

DataBlade overview: http://www.informix.com/informix/products/options/udo/datablade/ Original article: http://www.infoworld.com/cgi-bin/displayStory.pl?980822.ehinformix.htm

Software AG builds Linux port for DCOM

Software AG announced a new version of EntireX, porting middleware that supplies a Linux 2.0 port for Microsoft's Distributed Component Object Model (DCOM).

EntireX already ports DCOM to AIX, Digital Unix, OpenVMS, OS/390, and Solaris. The 10 MB software consists of a runtime environment for running DCOM applications and a software development kit. The software lets DCOM-enabled apps on non-Windows platforms communicate with DCOM components on a heterogeneous network by adding a DCOM layer to server-based applications.

The download is free.

http://www.software-ag.de/corporat/solutions/entirex/linux/downldlx.htm

Microsoft, DataChannel team up to offer Java-based XML parser

Microsoft and DataChannel announced that they have co-developed a Java-based XML parser that runs on the server (to escape the usually slower performance of client-side VMs).

The 100% Pure Java parser can be combined with DataChannel's RIO software, which should relieve programmers of the need to focus on display and navigation logic when they craft their apps.

Look for the parser on both the Microsoft and DataChannel Web sites this month.

DataChannel: http://www.datachannel.com/ Microsoft: http://www.microsoft.com/

Short take: W3C "recommends" two XML-based standards

The World Wide Web Consortium (W3C) has recently upgraded the Extensible Style Language (XSL) to specification-level status and the Document Object Model (DOM) to recommendation status.

XSL acts like a bridge between XML data and the format to which content will be published (the Web, print, or multimedia). DOM is a common object model, designed to offer an interface for programs and scripts to update document content, structure, and formats. Both are XML-based standards.

XSL 1.0: http://www.w3.org/Press/1998/XSL-WD DOM: http://www.w3.org/TR/PR-DOM-Level-1/

Lucent makes it simpler to do telephony with Beans

Lucent Technologies announced a new suite of @Work Studio and Voice@Work Bean development tools, designed to make it easier to integrate Sun and IBM Java development environments when building telephony applications.

Right now, the @Work Studio suite supports interactive voice applications, but Lucent officials plan to change it over the next two years so that it supports other, varied speech and voice technologies. Voice@Work is then used to connect the applications to the Lucent Intuity Conversant server.

@Work Studio goes into beta later in 1998 (planned release is for early 1999). Pricing is not yet determined. Voice@Work is available now, starting at ,000.

http://www.lucent.com:80/enterprise/press/0898/980818.bca.html

Bristol sues Microsoft for illegal competitive practices

After more than a year of licensing-contract negotiations, Bristol Technology has filed an antitrust lawsuit against Microsoft in U.S. District Court in Connecticut, claiming that the company allegedly is illegally using its operating system monopoly power to undermine competition in the Unix market.

Bristol officials contend that Microsoft approached Bristol in 1991 and started a relationship that culminated in Bristol's main product, Wind/U, which lets companies port applications from Windows to Unix. They further contend that because of Microsoft's recent efforts to strengthen relationships with Bristol competitors, the company has stopped providing Bristol with the complete source code for the Windows operating systems. (Bristol joined Microsoft's Windows Interface Source Environment program in 1994.)

Bristol officials also claim that Microsoft:

  • Changed its Unix strategy (pushing NT-acceptance over Windows-apps emulation for Unix boxes)
  • Hid its true intent (in strategy change) from Bristol officials
  • Engaged Bristol in "endless and inconclusive" negotiations (which include a 400 percent royalty increase per shipped application)
  • Decided to restrict Bristol's access to source code

The lawsuit asks for unspecified monetary damages, a new good-faith licensing agreement, and immediate access to Windows source code. Sybase CEO Mitchell Kertzman has submitted and affidavit claiming that Sybase relies on Bristol's ability to supply the entire Windows API.

Microsoft officials contend that Bristol is trying to negotiate better contract terms through the court system, and call the lawsuit without merit.

Bristol's legal-eagle page: http://www.bristol.com/legal Original article: http://www.infoworld.com/cgi-bin/displayStory.pl?980819.wcbristol.htm

DOJ/Microsoft antitrust case delayed

U.S. District Judge Thomas Penfield Jackson agreed to a two-week delay in the Justice Department's antitrust case against Microsoft, moving the trial to September 23, 1998. Also, a DC-based U.S. District Court of Appeals granted Microsoft a temporary stay on Jackson's earlier deposition order that Microsoft officials could be deposed publicly. A group of media outlets had requested access to the depositions.

Judge Jackson had opened the depositions to the public based on an esoteric clause in the Sherman Antitrust Act. Pending a final ruling by the Appeals Court (expected in September), the depositions can continue, but they will be closed to the public. If the court finds for Jackson's earlier ruling, deposition videotapes, and transcripts will be made public. The Appeals Court reasons for closing the depositions now before a decision was reached dealt with reversibility: Should officials testify openly then the court decide that testimony should be closed, the decision would have been irreversible.

Also, all parties were concerned about exposing confidential trade information.

Microsoft officials claimed that edited versions of the tapes would be made available to the press after the trial.

More inforamtion: http://www.infoworld.com/cgi-bin/displayStory.pl?980819.wcdoj.htm http://www.infoworld.com/cgi-bin/displayStory.pl?980817.wcmscircus.htm

SARC engineers sip "Strange Brew" Java virus

The Symantec Anti-Virus Research Center (SARC) announced finding what they consider to be the first Java virus on the Internet -- Strange Brew.

Strange Brew is a fairly weak self-replicating virus that can infect Java applications and applets, and spread from Java app to Java app. The virus' main function is to infect other Java apps, but its own buggy design could cause it to corrupt the apps it infects. But most Java-capable browsers would terminate the infected app immediately.

According to SARC's chief researcher Carey Nachenberg, Strange Brew is "not a threat to end-users, but it is important that it is a proof of concept and whole new class of viruses that we have never seen before."

http://www.symantec.com/avcenter/data/javaapp.strangebrew.html

IBM/MS submit XML data structure proposal to W3C

Microsoft and IBM submitted a proposal, Document Content Descriptions (DCD), to the World Wide Web Consortium (W3C) to describe the structure and content of Extensible Markup Language (XML) data.

DCDs offer functions that are similar to Document Type Definitions (DTD), but DCD extends DTD by supporting other XML-oriented standards such as the Resource Description Framework (RDF), XML Data, and XML Namespaces. DCDs are also written in an XML syntax while DTDs are not. DCDs come with database and programming prototype support. (XML received DTDs from SGML.)

The next step would involve the W3C forming a working group build up the protocol.

http://www.w3.org/Submission/1998/11/

JDK 1.2, HotSpot delayed

Sun announced that JDK 1.2 will be delayed for two months (until November 1998). The JDK development team claims that it needs more time to stabilize the release. This delay will push back delivery of the Java HotSpot virtual machine to the end of the first quarter next year.

Sun Java platforms group manager Gina Centoni noted that adding features to JDK 1.1.6 is not the holdup; it's just taking longer than expected to enhance the performance and security features of JDK 1.2. She said the team decided that customers would prefer to see a "more stable platform than [just] more features."

HotSpot is no stranger to delays. Originally planned for 1997, it has bumped and rescheduled its way into almost the second quarter of 1999. Working atop the JDK 1.2, its design is to boost the speed of JVM JIT compilers through adaptive optimization and a new garbage-collection mechanism called Train.

The JDK 1.2b4 version has all of the features the team plans, including Symantec JIT Compiler 3.0, some of the HotSpot VM features, JFCs, the Java 2D API, and CORBA support.

Meanwhile, Centoni urges users to get a copy of beta 4, use it, and tell Sun what needs to be changed.

JDK 1.2b4: http://java.sun.com/products/index.html Original article: http://www.infoworld.com/cgi-bin/displayStory.pl?980817.wcjdkdelay.htm

Berkeley extension delivers Java programming in the fall

The University of California at Berkeley (UCB) will offer a three-course Professional Sequence in Java programming in the fall 1998 semester. The sequence is designed to give programmers real-world experience in Java programming.

1 2 3 Page 1
Page 1 of 3