Judge Rejects Silicon Valley Settlement
August 18, 2014 by admin
Filed under Around The Net
Comments Off on Judge Rejects Silicon Valley Settlement
A California judge has rejected the proposed settlement in a lawsuit over no-hire agreements used by top Silicon Valley tech firms, saying the amount being offered to compensate workers is too low.
The remaining defendants in the case — Apple, Google, Intel and Adobe Systems — had reached a deal with the worker’s lawyers to settle the case for US$324.5 million, but Judge Lucy Koh of the federal district court in San Jose, California, said that amount is too low.
After subtracting the fees for the workers’ lawyers — they’re allowed to keep up to a quarter of the award, or $81 million, as well as other money — each worker would be left with an average of only $3,750.
“The Court finds the total settlement amount falls below the range of reasonableness,” Koh wrote in her order, issued Friday.
She said she was troubled that the workers would get less money than under a previous settlement with companies that settled earlier in the case, even though the case has been progressing in the workers’ favor since then.
Last year, Intuit, Lucasfilm and Pixar settled with the workers before the case came to trial.
All of the companies were accused of striking secret deals to not poach each others’ workers, a violation of the Sherman Antitrust Act that reduced the workers’ potential to earn higher wages.
An expert hired for the case has estimated that the workers’ should receive damages of $3 billion, for wages they could have earned if the no-hire agreements hadn’t been in place.
Adobe Patches Security Holes in Flash
Comments Off on Adobe Patches Security Holes in Flash
Adobe has released a security update for Flash Player in order to address several critical vulnerabilities, including one that is being exploited in the wild.
The Flash Player 10.3.183.10 for Windows, Mac and Linux, and Flash Player 10.3.186.7 for Android, contain patches for six security flaws.
One of them is a cross-site scripting (XSS) weakness that can be exploited to execute rogue actions on behalf of web sites or webmail providers if victims click on maliciously-crafted links.
“There are reports that this issue is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message,” Adobe warns in its security advisory.
XSS vulnerabilities are the result of improper user input validation and allow attackers to execute rogue code in the context of the current web site. For example, they can be leveraged to extract session cookies or load rogue forms into legitimate pages, which makes for very credible phishing attacks.
Adobe credits Google for reporting this cross-site scripting vulnerability, which is identified as CVE-2011-2444. This means it might have been detected in attacks against Gmail users.
Two other patched vulnerabilities allow for arbitrary code execution and are located in the AVM stack. One of them can also lead to a denial of service condition. Two remote code execution logic errors and a Flash Player security control bypass have also been addressed.
Users should deploy the new update as soon as possible because browser plug-ins like Java, Adobe Reader or Flash Player are amongst the most attacked pieces of software one can have on a computer. However, unlike Adobe Reader X (10.0) which features sandboxing technology, Flash Player doesn’t have any anti-exploitation mechanism built-in.
Flash Player 11 Launched With 3D Gaming
Comments Off on Flash Player 11 Launched With 3D Gaming
Adobe Systems announced Flash Player 11 and Adobe Air 3 software Wednesday to assist developers in building more sophisticated applications with dozens of new features across smartphones and tablets as well as desktop computers.
The releases are Adobe’s biggest in two years, and will be available free of charge in early October, said Anup Murarka, Adobe’s director of product marketing. The related tools, Flash Builder and Flex, will support new features in Flash Player 11 and Adobe Air 3 by the end of the year.
The releases will enable delivery of 2D and 3D games over the Internet to various devices, Murarka said. Developers of enterprise applications will also find the 3D capabilities popular for data-centric apps. Enterprises, for example, will be able to build application dashboards to “visualize complex data sets” with 3D images, he said.
Developers will also be able to use the tools to more deeply integrate business software like Excel and Outlook in devices and to access hardware programming interfaces for functions such as Near-Field Communication being used more widely in smartphones, Murarka said.
The new versions will also help developers build more secure applications with the ability to leverage cryptographically secure random number generation, he said.