Will Mark Hurd Call The Shots At Oracle?

Analysts have started to wonder which of the two heads that Larry Ellison left in charge of Oracle will be calling the shots — Safra Catz or Mark Hurd.

Wall Street thinks that dealmaker and finance guru Safra Catz will be in charge even though she, and not Hurd who would be the real boss. Of course Ellison will remain around for a while, so it is a little moot, neither Catz or Hurd got to the top by crossing Ellison. But Ellison could actually go, particularly if his mysterious exit was because he was sick and this has made some analysts wonder who will be in charge.

Of 12 analysts who replied to an anonymous poll, five said Catz would likely run Oracle, while only one voted for Hurd, 57. Four said both would continue to run the company, one said neither, and one plumped for dark-horse internal candidate Thomas Kurian.

Catz has more status because the 52-year old former Wall Street banker orchestrated Oracle’s multibillion dollar acquisitions and has been Ellison’s de facto deputy for the last few years. Hurd, who only joined Oracle in 2010 after leaving HP under the cloud of a business ethics breach, has a larger public presence but is still seen as a newcomer.

Only one analyst said Hurd was the more likely to lead the company, chiefly because he is the one with experience of being the CEO of a large technology company. In fact some of the Oracle board does not trust him because of the experience that HP had with him.

Source

OpenSSL Gets Updated

OPENSSL, the web security layer at the center of the Heartbleed vulnerability, has been issued with a further nine critical patches.

While none are as serious as Heartbleed, patching is recommended for all users according to an advisory released today. The vulnerabilities stem from various security research teams around the web including Google, Logmein and Codenomicom, based on their reports during June and July of this year.

Among the more interesting fixes involves a flaw in the ClientHello message process. If a ClientHello message is badly fragmented, it is vulnerable to a man-in-the-middle attack which could be used to force the server to downgrade itself to the TLS 1.0 protocol, a fifteen year old and therefore pre-Heartbleed patch variant.

Other reports include memory leaks caused by denial of service attacks (DoS) and conversely, crashes caused by an attempt to free up the same portions of memory twice.

OpenSSL now has two full time coders as a result of investment by a consortium of Internet industry companies to form the Core Infrastructure Initiative, a not-for-profit group administered by the Linux Foundation. The Initiative was set up in the wake of Heartbleed, as the industry vowed to ensure such a large hole would never be left unplugged again.

While OpenSSL is used by a large number of encrypted sites, there are a number of forks of the project including LibreSSL and the recently launched Google BoringSSL.

Google recently announced that it would be lowering the page rankings of unencrypted pages in its search results as an added security measure.

Source

HTTP2 Procotol Nears Completion

When it comes to amping up traffic over the Internet, sometimes too much of a good thing may not be such a good thing at all.

The Internet Engineering Task Force is putting the final touches on HTTP/2, the second version of the Hypertext Transport Protocol (HTTP). The working group has issued a last call draft, urging interested parties to voice concerns before it becomes a full Internet specification.

Not everyone is completely satisfied with the protocol however.

“There is a lot of good in this proposed standard, but I have some deep reservations about some bad and ugly aspects of the protocol,” wrote Greg Wilkins, lead developer of the open source Jetty server software, noting his concerns in a blog item posted Monday.

Others, however, praise HTTP/2 and say it is long overdue.

“A lot of our users are experimenting with the protocol,” said Owen Garrett, head of products for server software provider NGINX. “The feedback is that generally, they have seen big performance benefits.”

First created by Web originator Tim Berners-Lee and associates, HTTP quite literally powers today’s Web, providing the language for a browser to request a Web page from a server.

Version 2.0 of HTTP, based largely on the SPDY protocol developed by Google, promises to be a better fit for how people use the Web.

“The challenge with HTTP is that it is a fairly simple protocol, and it can be quite laborious to download all the resources required to render a Web page. SPDY addresses this issue,” Garrett said.

While the first generation of Web sites were largely simple and relatively small, static documents, the Web today is used as a platform for delivering applications and bandwidth intensive real-time multimedia content.

HTTP/2 speeds basic HTTP in a number of ways. HTTP/2 allows servers to send all the different elements of a requested Web page at once, eliminating the serial sets of messages that have to be sent back and forth under plain HTTP.

HTTP/2 also allows the server and the browser to compress HTTP, which cuts the amount of data that needs to be communicated between the two.

As a result, HTTP/2 “is really useful for organization with sophisticated Web sites, particularly when its users are distributed globally or using slower networks — mobile users for instance,” Garrett said.

Source

Apple-IBM Alliance Downplayed

IBM Corp’s recent move to team up with Apple Inc to sell iPhones and iPads loaded with corporate applications has excited investors in both companies, but two rivals say they are unfazed for now.

Top executives at Dell and BlackBerry Ltd scoffed at the threat posed by the alliance, arguing the tie-up is unlikely to derail the efforts of their own companies to re-invent themselves.

“I do not think that we take the Apple-IBM tie-up terribly seriously. I think it just made a good press release,” John Swainson, who heads Dell’s global software business, said in an interview with Reuters in Toronto last week.

PC maker Dell and smartphone maker BlackBerry are in the midst of reshaping their companies around software and services, as the needs of their big corporate clients morph.

Swainson, who spent over two decades in senior roles at IBM, said, “I have some trouble understanding how IBM reps are going to really help Apple very much in terms of introducing devices into their accounts. I mean candidly, they weren’t very good at doing it when it was IBM-logoed products, so I do not get how introducing Apple-logoed stuff is going to be much better.”

While conceding that Apple products hold more allure, Swainson said they lack the depth of security features that many large business clients like banks covet.

IBM and Apple could not immediately be reached for comment.

BlackBerry Chief Executive John Chen similarly downplayed the threat of the alliance in an interview with the Financial Times, likening the tie-up to when “two elephants start dancing.”

Source

Brits Investigate Facebook

The British data watchdog is looking into whether Facebook Inc violated data-protection laws when it gave permission to researchers to conduct a psychological experiment on its users.

A Facebook spokesman acknowledged that the experiment on nearly 700,000 unwitting users in 2012 had upset users and said the company would change the way it handled research in future.

The study, to find if Facebook could alter the emotional state of users and prompt them to post either more positive or negative content, has caused a furor on social media, including Facebook itself.

“We’re aware of this issue and will be speaking to Facebook, as well as liaising with the Irish data protection authority, to learn more about the circumstances,” the Information Commissioner’s Office (ICO) spokesman Greg Jones said in an email.

Jones said it was too early to tell exactly what part of the law Facebook may have infringed. The company’s European headquarters is in Ireland.

The Commissioner’s Office monitors how personal data is used and has the power to force organizations to change their policies and can levy fines of up to 500,000 pounds ($839,500).

Facebook said it would work with regulators and was changing the way it handled such cases.

“It’s clear that people were upset by this study and we take responsibility for it,” Facebook spokesman Matt Steinfeld said in an email.

“The study was done with appropriate protections for people’s information and we are happy to answer any questions regulators may have.”

Source

Oracle Takes A Fall

Oracle posted fiscal fourth-quarter results that were just horrible for investors looking for more progress in web-based services, sending its shares lower.

The company had been expected to report a pickup in its software business and progress in cloud computing, shares of Oracle had gained 10 percent over the past three months. However yesterday it was clear that Oracle is getting a kicking from the competition like Salesforce.com and Workday which have been offering competitive software and Internet-based products at prices that often undercut Oracle.

Tech spending is likely to fall as more companies move to the cloud. Oracle has been rolling out its own cloud-based products but they remain under five percent of its overall revenue. For the fiscal first quarter, Oracle expects software and cloud revenue to grow between 6 percent and 8 percent. That forecast includes expectations for software- and platform-related cloud services to grow between 25 percent and 35 percent.

Oracle said it expects its hardware system revenue to be in a range of down 1 percent to up 3 percent.

For its latest fourth quarter, Oracle said overall revenue rose 3 percent to $11.3 billion. That was less than the $11.48 billion analysts had expected on average. Net income fell 4 percent to $3.6 billion.

Revenue from Oracle’s hardware systems products grew 2 percent to $870 million.

Source

Is Google Diverse?

Google Inc  shared the gender and ethnic makeup of its 50,000-strong workforce on Wednesday, disclosing a significantly below-average proportion of minorities and women employees that it said was “miles from where we want to be.”

Google’s disclosure of its workforce demographics represented a rare move for a U.S. company, even if the figures came as no surprise to those familiar with Silicon Valley, an industry long scrutinized for its lack of diversity. Blacks and Hispanics made up just 2 and 3 percent of overall employees at Google, respectively, while women accounted for 30 percent, the company said in a detailed blogpost.

That compares with the U.S. workforce average of about 47 percent women in 2012, according to the Department of Labor. For blacks and people of Hispanic descent, it was 12 and 16 percent, respectively.

“Put simply, Google is not where we want to be when it comes to diversity, and it’s hard to address these kinds of challenges if you’re not prepared to discuss them openly, and with the facts,” Laszlo Bock, senior vice president of people operations,said in the blog posting.

The employment gaps for women and minorities in the tech sector may stem from education, Bock said. Women earn roughly 18 percent of all computer science degrees in the United States; blacks and Hispanics make up less than 10 percent of U.S. college grads and collect fewer than 5 percent of degrees in computer science majors, respectively, he argued.

But Bock, who added that Google has donated more than $40 million to organizations promoting computer science education among women, said Google recognized the extent of the internal problem and was open to discussion about possible solutions.

Source

Is IBM Going After HP?

IBM has announced a unified branding for its commerce cloud based enterprise products and services with a presentation at the Smarter Commerce Global Summit in Tampa, Florida.

Hot on the heels of HP, which unified its cloud offerings under the Helion brand last week, IBM Experienceone is designed to allow companies to improve engagement with their customers by leveraging big data through the cloud.

Deployment comes from a unified offer of consulting services, software and infrastructure from IBM subsidary Softlayer, which can be used to gather data, mine analytics and improve customer commerce via a mixture of traditional and cloud services.

IBM has already committed 1,000 new employees for its IBM Interactive Experience who will staff 10 “IBM Interactive Experience Labs” that are being set up to help customers understand the rules of engagement and hopefully increase their level of customer engagement.

IBM GM of Industry Cloud Solution Craig Hayman said, “IBM Experienceone provides a secure and simplified portfolio – including innovation from more than 1,200 partners – to help clients design and deliver more valuable customer engagements. With cloud, on premise and hybrid options, IBM Experienceone quickly scales to engage every customer in the moment while protecting their privacy.”

The IBM Experienceone brand is a coming together of many acquisitions that IBM has made in the field over recent years, including Sterling Commerce, Tealeaf, Coremetrics, Unica, Demandtec, Xtify and Silverpop. The only obvious omission from the top to tail offer is a specific CRM database, however IBM Experienceone is compatible with most of the leading solutions, including those of its arch rivals. This leads to the question, could a CRM be next on the company’s shopping list?

As well as on desktop and server equipment, Experienceone analytics will also be available through apps for iOS and Android.

Source

IBM Goes BlueMix

IBM has put together a vast array of hosted cloud services, and now it has a single location to offer them for sale.

At IBM Cloud online marketplace, that went live on Monday, enterprises can find the full range of IBM’s offerings behind a single gateway.

“So many of our customers want to build new cloud-based, front-end systems, but they want to tie them into their back-end infrastructure. We’re delivering a whole set of integration components and control services to do the connection, and monitor and control what is taking place,” said Steve Mills, IBM senior vice president and group executive for software and systems.

The marketplace has more than 100 hosted IBM applications, as well as middleware components from IBM’s Bluemix platform as a service (PaaS). It also serves as a portal to IBM’s SoftLayer infrastructure as a service (IaaS) and houses a collection of services from IBM partners.

“It’s an open platform. It supports all the popular application development tools and structures. So it’s not uniquely IBM. There’s a lot of open source and partners,” Mills said. In addition to IBM’s own offerings, other services will be offered on the site by SendGrid, Zend, Redis Labs and other IBM partners.

IBM is banking heavily on the cloud. The company’s revenue has been declining lately, due in part to sagging hardware sales. The cloud is likely to be a good place to look for more money: Gartner expects 80 percent of organizations to use cloud services in some form by the end of 2014.

Although IBM got a late start in the cloud, at least compared with rivals Amazon and Microsoft, it’s aggressively repositioning itself as a one-stop cloud services company. It generated $4.4 billion in cloud-related revenue in 2013 and has made a number of additional investments in the area as well.

In January, the company announced it would invest $1.2 billion into expanding its SoftLayer cloud service, which it acquired last year for $2 billion.

It is also investing $1 billion in the effort to adapt its middleware software as cloud services, part of the Bluemix offering.

The new online marketplace ties together a number of these initiatives from IBM within a single portal. It can be accessed from desktops, laptops, tablets and smartphones, and it can customize the service offerings based on the user’s needs.

Source

Many Websites Still Exposed

The world’s top 1,000 websites have been updated to protect their servers against the “Heartbleed” vulnerability, but up to 2% of the top million remained unprotected as of last week, according to a California security firm.

On Thursday, Menifee, Calif.-based Sucuri Security scanned the top 1 million websites as ranked by Alexa Internet, a subsidiary of Amazon that collects Web traffic data.

Of the top 1,000 Alexa sites, all were either immune or had been patched with the newest OpenSSL libraries, confirmed Daniel Cid, Sucuri’s chief technology officer, in a Sunday email.

Heartbleed, the nickname for the flaw in OpenSSL, an open-source cryptographic library that enables SSL (Secure Sockets Layer) or TLS (Transport Security Layer) encryption, was discovered independently by Neel Mehta, a Google security engineer, and researchers from security firm Codenomicon earlier this month.

The bug had been introduced in OpenSSL in late 2011.

Because of OpenSSL’s widespread use by websites — many relied on it to encrypt traffic between their servers and customers — and the very stealthy nature of its exploit, security experts worried that cyber criminals either had, or could, capture usernames, passwords,\ and even encryption keys used by site servers.

The OpenSSL project issued a patch for the bug on April 7, setting off a rush to patch the software on servers and in some client operating systems.

The vast majority of vulnerable servers had been patched as of April 17, Sucuri said in a blog postthat day.

While all of the top 1,000 sites ranked by Alexa were immune to the exploit by then, as Sucuri went down the list and scanned smaller sites, it found an increasing number still vulnerable. Of the top 10,000, 0.53% were vulnerable, as were 1.5% of the top 100,000 and 2% of the top 1 million.

Other scans found similar percentages of websites open to attack: On Friday, San Diego-based Websense said about 1.6% of the top 50,000 sites as ranked by Alexa remained vulnerable.

Since it’s conceivable that some sites’ encryption keys have been compromised, security experts urged website owners to obtain new SSL certificates and keys, and advised users to be wary of browsing to sites that had not done so.

Sucuri’s scan did not examine sites to see whether they had been reissued new certificates, but Cid said that another swing through the Web, perhaps this week, would. “I bet the results will be much much worse on that one,” Cid said.

Source

« Previous Page — Next Page »