Slashdot Mirror

An anonymous reader writes "JP Morgan is expanding its use of dataflow supercomputers to speed up more of its fixed income trading operations. Earlier this year, the bank revealed how it reduced the time it took to run an end-of-day risk calculation from eight hours down to just 238 seconds. The new dataflow supercomputer, where the computer chips are tailored to perform specific, bespoke tasks (as explained in this Wall Street Journal article) — will be equivalent to more than 12,000 conventional x86 cores, providing 128 Teraflops of performance."

jfruhlinger writes "John Spencer, a British blogger and tech educator, is convinced that free and open source software, which he's promoted for years, is costing IT jobs, as UK schools cut support staff no longer needed. But does the argument really hold up? It turns out that the services he's focused on are actually cloud services that are reducing the need for schools to provide their own tech infrastructure. Of couse, it's also true that many of those cloud services are themselves based on open source tech."

DMandPenfold writes "NASDAQ's aging software and out of date security patches played a key part in the stock exchange being hacked last year, according to the reported preliminary results of an FBI investigation. Forensic investigators found some PCs and servers with out-of-date software and uninstalled security patches, Reuters reported, including Microsoft Windows Server 2003. The stock exchange had also incorrectly configured some of its firewalls. NASDAQ, which prides itself on running some of the fastest client-facing systems in the financial world, does have a generally sound PC and network architecture, the FBI reportedly found. But sources close to the investigation told Reuters that NASDAQ had been an 'easy target' because of the specific security problems found. Investigators had apparently expressed surprise that the stock exchange had not been more vigilant."

Glyn Moody writes "In an interview, Brendan Eich, the creator of JavaScript and currently CIO at Mozilla, reveals that Microsoft tried to buy Netscape at the end of 1994. They were turned down because the offer was too low, but imagine if Netscape had accepted: no browser wars, no open Web standards, no Mozilla, no Firefox. How might the Web — and the world — have looked today if that had happened?"

DMandPenfold writes with this excerpt from ComputerWorld UK "Jaguar has recalled nearly 18,000 X-type cars after it discovered a major software fault, which meant drivers might not be able to turn off cruise control. The problem lies with engine management control software developed in-house by Jaguar. The problematic software is only installed on diesel engine X-Types, which were all produced between 2006 and 2010. Some 17,678 vehicles have been recalled, as a result of the potentially dangerous problem. If the fault occurs, cruise control can only be disabled by turning of the ignition while driving — which would mean a loss of some control and in many cars also disables power steering. Braking or pressing the cancel button will not work. 'Jaguar has identified that should an error with certain interfacing systems be detected the cruise control system will be disabled and an error message displayed to the driver on the instrument cluster,' the company said in a statement."

A few weeks ago, UBS employee Kweku Adoboli (universally described as a "rogue trader") ran up a $2 billion loss for his employer; many readers wondered how it is the systems which allow trades to happen at all aren't better tuned to catch such massive cash flows without triggering alerts. Now, reader DMandPenfold submits a report from Computerworld UK in which the bank claims that such triggers were in place — they were simply not acted on. From the article: "UBS has insisted its IT systems did detect unusual and unauthorised trading activity, Interim chief executive Sergio Ermotti, who is running the company following Oswald Grubel's resignation last month, sent a memo to employees saying the bank is aware that its systems did detect the rogue activity. In the memo, Ermotti wrote: 'Our internal investigation indicates that risk and operational systems did detect unauthorised or unexplained activity but this was not sufficiently investigated nor was appropriate action taken to ensure existing controls were enforced.'"

superapecommando writes "Simon Phipps, former head of open source at Sun and a backer of LibreOffice, looks at a tempestuous year for the OpenOffice fork. 'Once framed as an impetuous fork, LibreOffice has become the standard-bearer for the former OpenOffice community,' he says. 'It's far from perfect, of course. New open source projects never are and volunteer projects lack the corporate resources to make it look otherwise. But I have no doubt that it's working.'"

superapecommando writes "With the benefit of hindsight, IT experts are claiming that technical countermeasures at Swiss bank UBS could have stopped rogue trader Kweku Adoboli running up a $2 billion loss." If American Express and Visa can mine transaction data and put a stop order on credit cards when you unexpectedly buy gas out of state, it seems like there could be patterns to watch for when the amounts are in the billions, too.

Glyn Moody writes "There has been a big battle in the UK over whether open standards should be Restriction/Royalty-Free (RF) or Fair, Reasonable and Non-Discriminatory (FRAND). That matters, because open source can't in general implement FRAND standards (there are legal hacks that can be applied in a few special circumstances.) First it seemed that RF had the upper hand [.pdf], but later comments from officials cast doubt on that. Now we have the definitive answer from the UK Minister for the Cabinet Office, Francis Maude: 'The Government require that their ICT should be built on open standards, wherever possible, to improve competition and avoid lock-in to a particular technology or supplier. Fair, reasonable and non-discriminatory (FRAND) specifications may present some difficulties for the open source software development model in terms of patents and royalties. To deliver a level playing field for both open source and proprietary software, open standards are needed.' Will UK government use of open source finally take off, or is this a hollow victory?"

DMandPenfold writes "Algorithmic trading, also known as high frequency trading (HFT), is rapidly replacing human decision making, according to a UK government panel which warned that the right regulations need to be introduced to protect stock markets. Around one third of share trading in the UK is conducted by computers fulfilling commands based on complex algorithms, said the Foresight panel in a working paper published yesterday. Nevertheless, this proportion is significantly lower than in the U.S., where three-quarters of equity dealing is computer generated. The Foresight panel, led by Dame Clara Furse, the former chief executive of the London Stock Exchange, argued that there are both benefits and severe risks to algorithmic trading. There was 'no direct evidence' that the computer trading in itself increased volatility, it said, but in specific circumstances it was possible for a series of events with 'undesired interactions and outcomes' to occur and cause massive damage."

DMandPenfold writes "The Securities and Exchange Commission (SEC), the US financial regulator, has been accused of destroying thousands of data files on high profile inquiries including an early-stage investigation into convicted Ponzi scheme fraudster Bernard Madoff. The allegations, raised by former SEC employee Darcy Flynn, have prompted the US Senate Judiciary Committee to write to SEC chairwoman Mary Schapiro to demand an immediate explanation. The SEC exists to set a tough example on corporate governance, and it fines banks heavily for both lax practice and deliberate malpractice. Questions over any involvement it may have in sensitive document destruction are not likely to sit comfortably with some in the industry. The SEC insists it has kept records in accordance with the law on its computer system."

DMandPenfold writes "The Department of Health is concerned that Fujitsu, CSC and BT would team up against it in a multibillion pound legal fight, should it decide to scrap the disastrous NHS National Program for IT. Fujitsu walked away from a £709 million contract in 2008, and remains locked in legal wrangling with the government over claims for the majority of the value. Today, MPs urged the government to seriously consider abandoning the program and therefore to consider terminating the remaining CSC and BT contracts, worth £3 billion and £1 billion respectively."

An anonymous reader writes "As heterogeneous computing starts to take off, JP Morgan have revealed they are using an FPGA based supercomputer to process risk on their credit portfolio. 'Prior to the implementation, JP Morgan would take eight hours to do a complete risk run, and an hour to run a present value, on its entire book. If anything went wrong with the analysis, there was no time to re-run it. It has now reduced that to about 238 seconds, with an FPGA time of 12 seconds.' Also mentioned is a Stanford talk given in May."

DMandPenfold writes "Police are questioning whether a change in News International's email retention policy was part of an effort to conceal widespread phone hacking by the News of the World, a scandal which is threatening Rupert Murdoch's planned takeover of BSkyB. The trawl for emails and the questioning of changes in News International's email retention policy has important implications for IT security and corporate governance professionals, and is likely to see organizations examining their own policies and reminding their staff on acceptable usage and best practice for email."

Glyn Moody writes "Linus is widely recognised for initiating two major developments: Linux and Git (it's an interesting discussion which of the two in the long term will be regarded as more important). But there's a third, which people tend to overlook: he also pioneered the key ideas behind what later came to be called open innovation. As more and more companies open up to embrace customer-generated ideas, and the idea spreads to other areas like open government, perhaps it's time to add open innovation to the list of Linus' achievements."

Glyn Moody writes "The annual BSA report on software piracy is out, with even bigger numbers: 'The commercial value of software piracy grew 14 percent globally last year to a record total of $58.8 billion.' Yes, they're using the old 'commercial value' trick: 'The commercial value of pirated software is the value of unlicensed software installed in a given year, as if it had been sold in the market.' Except, of course, that the main reason users in developing countries — the main focus of the report — resort to piracy is because they can't afford Western-style pricing. It's also fun to see the BSA trotting out the old 'reducing piracy would generate lots of new jobs and taxes for local governments' — except that it doesn't, because the money not paid for software licences does not disappear, but is just spent elsewhere in the local economy."

Glyn Moody writes "The annual BSA report on software piracy is out, with even bigger numbers: 'The commercial value of software piracy grew 14 percent globally last year to a record total of $58.8 billion.' Yes, they're using the old 'commercial value' trick: 'The commercial value of pirated software is the value of unlicensed software installed in a given year, as if it had been sold in the market.' Except, of course, that the main reason users in developing countries — the main focus of the report — resort to piracy is because they can't afford Western-style pricing. It's also fun to see the BSA trotting out the old 'reducing piracy would generate lots of new jobs and taxes for local governments' — except that it doesn't, because the money not paid for software licences does not disappear, but is just spent elsewhere in the local economy."

KuanH writes "Amazon SimpleDB Developer Guide is billed as a complete guide to using Amazon's SimpleDB database API. It's most detailed for PHP. It's helpful for Python. But the Java code and explanations aren't up to the standard of the others. It includes a primer on using Amazon S3 with SimpleDB: files stored on S3, file metadata stored in SimpleDB — again, less good for Java. It also covers tuning to reduce usage costs, caching using memcached, and ways to batch-update and make serial or parallel requests to SimpleDB. However, it's missing some information that beginners might need, and it's perhaps not quite advanced enough for the more experienced. Downloadable example code is available only for PHP." Keep reading for the rest of Kuan's review. Amazon SimpleDB Developer Guide author Prabhakar Chaganti, Rich Helms pages 252 publisher Packt Publishing rating 6 reviewer Kuan Hon ISBN 1847197345 summary "Getting started" guide to using Amazon's SimpleDB cloud database Say "cloud" to get the attention of CIOs seeking to cut costs in these recessionary times. One well known "database in the cloud" option is Amazon Web Services' SimpleDB, which Amazon describes as "a highly available, flexible, and scalable non-relational data store that offloads the work of database administration."

Those who prefer traditional relational databases could try eg Amazon RDS. This book only covers SimpleDB, a NoSQL or non-relational database. As is well known, NoSQL databases grew in popularity with the growth of large distributed systems and cloud computing, and their proponents tout their scalability and speed.

For anyone wanting a quick primer on NoSQL databases, this book includes a chapter on NoSQL which isn't limited to SimpleDB. It outlines some key conceptual differences between NoSQL and relational database management systems, with pros and cons, using the analogy of "a spreadsheet with some XML characteristics", and illustrating with some concrete examples. That chapter's been made available as a free sample chapter (SimpleDB versus RDBMS), so you can get a flavour of the book.

The contents list for this book is online, I won't recite it here. As well as an overview of SimpleDB, its terminology and advantages, the book goes through signing up with AWS and SimpleDB, and the account access keys. That chapter is also online, as a tutorial.

You may ask, how does this book differ from Amazon's free SimpleDB documentation, which includes a developer guide and a "getting started" guide? Amazon's own "getting started" is certainly helpful, and it's worth downloading and trying their web app scratchpad. But Amazon's detailed developer guide concentrates on REST and SOAP requests, which most people wouldn't want to deal with direct at that low level.

This book's focus is on using the SimpleDB web services API through certain specific languages and libraries — namely Java (JDK6 — using the typical 1.6 library plus several dependencies), Python (2.5 — you need boto), and PHP (with curl). It recommends the SDBtool Firefox extension (SDBizo), which is excellent for checking the results of running the code.

I've tried the book's Java and Python examples, on Windows. Not PHP, as I've not got round to learning PHP yet, though I skimmed the PHP explanations. Similarly, I've not had time to try it all over again on Linux. Generally, the book's coverage seems fuller and better for PHP than for Java or Python. Perhaps it was originally written for PHP, and the rest was bolted on — the stuff for Java more hurriedly than for Python?

The downloadable code samples, as mentioned, are PHP only. They really should have provided downloadable code for all 3 languages, plus some fake MP3 files (see later). If you get the e-book (available in PDF and epub), you can copy and paste the Java or Python code. But that's a tad tedious, especially when the code runs onto a new page, and there are stray end of lines etc that you have to delete manually. Furthermore, the Python code provided is for the interpreter in interactive mode (not for .py files, except a couple towards the end). So, for the Python, you also have to copy/paste each line one at a time. But that still beats having to re-type pages of code in full.

In other words, if you want this book and you're only interested in PHP, you can get away with just buying the hard copy and downloading the code from the Packt site. But if you prefer Python or Java, to save your fingers and blood pressure you should buy just the e-version, or get both paper and e books together. I really hope Packt will in future provide downloadable code samples for all the languages covered.

I have more issues with the sample code given in this book. The typical imports should have been spelled out in the example Java code. Eclipse offers more than one possible import in some cases. It was "try everything till it works", at least until I found this tutorial. I've included the initial required typical imports (though not the standard java.util etc ones) in my own list of points, which I'll say more about at the end of this review. Surely it wouldn't have been difficult to include just those few lines of imports, which could have saved readers a lot of time trying to work out the correct imports. There are also errors in the Python code, and on one page the code that should have been included is missing altogether.

Now, more on the book proper. After the overview described above, this book walks you through the basic SimpleDB operations: how to create a SimpleDB "domain" (equivalent to a worksheet in a spreadsheet), list domains, create/retrieve items (like spreadsheet rows), and delete domains.

Items have attributes (spreadsheet column headings), as key:value pairs — the key is the attribute name, the value is its value, eg address:1 Acacia Avenue. An attribute can have more than one value, eg the same item can have both address:1 Acacia Avenue and address:2 Broadway. The book also lists the SimpleDB constraints on domains, items and attributes — maximum number or size, etc — but it's best to check the AWS site for the latest info.

Code examples are given for each of the 3 languages mentioned. The examples are similar, but don't always cover the same ground. If they'd done that, where possible, it would have been more helpful to those of us trying examples in more than one language. One advantage of a book with associated website is that electronic updates can be published, and it would have been great if that had been done for this book. For instance, the book gave conditional put/delete code examples only for PHP. At the date of this review, boto now supports those features, but sample supplemental Python code for that still hadn't been made available.

SimpleDB stores attribute values as UTF-8 strings. This means that comparisons for sorting or searching are done lexicographically (character by character, left to right, numbers take precedence over uppercase over lowercase), and to handle numbers or dates you have to encode and decode them yourself. So, the book has a chapter explaining lexicographical comparison, data types, and how to encode and decode data to enable proper sorting and comparison of numbers, dates, Boolean values and XML-restricted characters. In the case of numbers this means zero padding and offsets, and there's example code for decoding and encoding numbers. Unlike with PHP and Python, oddly the Java code given was for the body of the typical method that carries out the encoding etc. This could have been omitted, and they should have given example code illustrating the method's usage instead. Similarly for the date formats code.

The SimpleDB query syntax is generally covered well, in a chapter which takes readers through first creating a sample database of song metadata to run queries against. It's not too painful copy/pasting the Java code (3+ pages), but with Python in interactive mode I drew the line at creating every song item and attributes using individual statements, even with pasting, so I just tried adding a couple of random ones to test that the code worked. I say again, full downloadable code please...!

That chapter then gives helpful examples of queries against the sample database and their results, including for more complex combined queries ("and", "or" type queries, "not" etc), and querying for multiple-value attributes. It also provides code examples for sorting and counting query results. But the Java code for retrieving an item's attributes wouldn't run, and I couldn't find the method used (getItemsAttributes()) detailed in the typical documentation; perhaps the book is out of date here?

The book starts going beyond the basics from Chapter 7 onwards, with a chapter on Amazon's S3 storage service — another well known component of Amazon Web Services, where "objects" (files) may be stored in "buckets" (directories), with "keys" used to retrieve objects.

For S3, the book uses JetS3t for Java. However, the Java code given for uploading files to S3 didn't demonstrate any integration with SimpleDB at all — the files were just uploaded with their filenames as the S3 keys, and the code didn't seem to deal with the creation of your own custom S3 keys for uploaded objects. In contrast, the Python code generated the S3 keys for the files from hashes previously produced and stored in the SimpleDB database, as well as dealing with their uploading. In addition, for me the Java code for downloading files from S3 just wouldn't run, and also it wasn't clear where the files were supposed to be downloaded to locally, unlike with the Python example. Inexplicably, there was no info on how to delete objects from S3 buckets, or indeed how to delete buckets. So, while the S3 chapter is of help, it could definitely do with being expanded, especially the Java sections.

Next, money money money. AWS charges are based on usage, so the chapter on tuning and usage costs has some practical value in explaining how SimpleDB is charged for, the "BoxUsage" value returned by requests to SimpleDB, using BoxUsage to optimize queries and compute costs, and how to get BoxUsage values back with your queries using Java, Python etc. There are code examples that, when run, illustrate the different BoxUsage values you get when you use different operators or expressions in queries (eg, using LIKE costs more).

However, partitioning your data into multiple domains is covered in only a few paragraphs, with no code given. I'd have liked to see more info on that, and some sample code for the partitioning process.

To further save money, you can use a cache to store data locally, trying your local cache first; and, only if the data is not there, would your app go out to SimpleDB and incur costs for querying it. This book accordingly has a chapter on how to install and use the popular open source caching system memcached to cache your query results locally. (CacheLite for PHP is also covered.) Again, the Java sections caused me some frustration. The Java test code showed that the memcached server was running properly on my machine, but the Java code for using the cache just didn't work; it ran, but continued to query SimpleDB direct. The Python code, however, worked perfectly — except that, if you're using memcached in Windows, you'll need to use port 11211 instead of what's shown in the book. (I didn't try it in Linux.)

Finally, the book deals with running parallel operations against SimpleDB, using its BatchPutAttributes. The section on updating SimpleDB in Python by making serial consecutive calls to SimpleDB is completely missing the code for the script, but the book does then cover inserting multiple items concurrently into SimpleDB using a threadpool in Java. It also gives sample Python code for alternative ways of parallelising requests: using Python's built-in threading module, threading and queues combined, then threading using the open source workerpool module.

To conclude, in substance the book has a fair amount of useful information on the basics of getting started with SimpleDB, particularly for Python (and probably PHP). But not providing downloadable code samples in Java and Python, or "fake" MP3 files to try S3 uploading/downloading, is a minus.

Some errors, inconsistencies and missing information from the department of "I-wish-they'd-included-this-even-if-they-thought-it-was-basic-as-it's-too-easily-missed-if-it's-not-spelled-out", mean that the book is not really "complete", and not as suitable as it should be for relative beginners — especially for Java and (in whatever language) Windows. It wouldn't take much extra work to get it up to scratch on that front. Perhaps the next edition, or better still an online update/supplement?

For the more experienced, the book doesn't take readers to as advanced a stage as it could have, in my view. In particular, it would have been good to have more info and example code on partitioning data between different domains, and also how to migrate data from an existing database to SimpleDB — their code for "importing" the sample database literally just adds each item and attribute individually.

Fix the errors, add the missing info for beginners, provide downloads of code in all relevant languages and "fake files", and I'd have given it a 7. Provide working sample Java code with more explanation, plus proper integration with S3, an 8. Add fuller info on partitioning, migration, and perhaps even integration with yet more AWS services, a 9.

All opinions are personal to me: half geek, half lawyer, mostly harmless. I'm researching legal issues in cloud computing.

You can purchase Amazon SimpleDB Developer Guide from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

DMandPenfold writes "Within the first 20 seconds of the London Stock Exchange's new matching engine going live on Monday, price data vendors began displaying incorrect prices, blank prices and wrong trading volumes, according to Computerworld UK sources. Thomson Reuters, Interactive Data and Netbuilder are among the largest data vendors, providing share prices to traders, that have been displaying pricing problems on some stocks throughout the week. Even the LSE's own data vendor, ProQuote, experienced problems. Concerns are being raised that there could be mistakenly setup connections or incorrect software interfaces at some of the large data vendors. Alternatively, there may be a data caching issue at the LSE that means data going out is not properly synchronised between different systems."

nk497 writes "Intel CEO Paul Otellini has said Nokia made a mistake choosing Windows Phone 7, and should have gone with Android — but admitted the money on offer may have been too much to ignore. 'I wouldn't have made the decision he made, I would probably have gone to Android if I were him,' he said. 'MeeGo would have been the best strategy but he concluded he couldn't afford it.' Otellini said some closed mobile platforms will 'certainly survive,' but said open systems will 'win' in the end." Reader c0lo notes a followup to yesterday's news that open source software was banned from Windows Marketplace. It seems even Microsoft's own MS-RL open source license runs afoul of the Application Provider Agreement (PDF). The article suggests that these rules should give Nokia pause about their new partnership.

DMandPenfold writes "The London Stock Exchange has taken steps to resolve a system problem that occurred at 4.30pm Tuesday, which saw a delay to the start of the closing auction and knocked out automatic trades during a 42 second period. The problem occurred a day after the high profile launch of its new matching engine on the main equities market, based on the SUSE Linux system from Novell."

DMandPenfold writes "The London Stock Exchange has successfully set into live trading a new matching engine based on Novell SUSE Linux technology, following successful last-step setup procedures on Saturday. The move has been billed as one of the LSE's most significant technological developments since the increasing prevalence of electronic trading led to the closure of the traditional exchange floor in 1986. LSE chief executive Xavier Rolet has insisted that the exchange, once a monopoly, will deliver record speed and stable trading in order to fight back against the fast erosion of its dominant marketshare by specialist electronic rivals."

An anonymous reader writes with this excerpt from Computerworld UK: "The London Stock Exchange's new open source trading system may have been hacked last year, according to a report. The alleged attack came as the LSE began the switch over to the Linux-based systems, according to the dates referred to in the Times newspaper. The continued threat of cyber attack has resulted in the LSE keeping a close dialogue with British security services, which this year branded cyber attacks as one of the biggest threats to the country. There were major problems on the exchange on 24 August, when stock prices of five large companies collapsed."

DMandPenfold writes "BP's monitoring IT systems on the failed Deepwater Horizon oil rig relied too heavily on engineers following complex data for long periods of time, instead of providing automatic warning alerts. That is a key verdict of the Oil Spill Commission, the authority tasked by President Barack Obama to investigate the Gulf of Mexico disaster."

WebMink writes "Worried that the unholy alliance of Microsoft, Apple, Oracle and EMC — hardly known for their collaboration — is establishing a patent troll called CPTN to attack open source software, the Open Source Initiative has announced that they have referred the Novell deal over to the German competition authorities."

ChiefMonkeyGrinder writes "Amazon has denied reports that its European sites were brought down by a DoS attack by a hacker group sympathetic to Wikileaks cause. The retailer was a planned target for the attackers, called Anonymous. But Amazon said it was a hardware failure in its European data centre network that caused the half hour outage in Europe."

DMandPenfold writes "The UK government gave Chevron the go-ahead in September to drill in the North Sea off the coast of Scotland, in spite of the US oil giant's admission that its contractor's spill prediction software constantly crashed and was not a reliable predictor of how far oil could travel if an accident took place. The news comes in a week that US investigations into BP's disastrous Deepwater Horizon oil spill hit the buffers, after an IT contractor firm refused to hand over access to its software."

ItsIllak writes "The BBC are reporting that PayPal is the latest company to abandon WikiLeaks. The list now includes their DNS providers (EveryDNS) and their hosts (Amazon). PayPal's move is unlikely to result in many more people boycotting the company, as most knowledgeable on-line users will have been refusing to use them for years for a wide variety of abusive practices." Adds reader jg21: "As open source freedom fighter Simon Phipps writes in his ComputerWorldUK blog, behavior like this by Amazon and Tableau [and now PayPal] 'informs us as customers of web services and cloud computing services that we are never safe from intentional outages when the business interests of our host are challenged.'"

strawberryshakes writes "Cyberwar is the new nuclear war. Bruce Schneier says governments should establish hotlines and treaties outlining the protocol surrounding cyberwar, just as they would for any other war. He wrote in the Financial Times (paywalled, but available through Google), 'A first step would be a hotline between the world’s cyber commands, modelled after similar hotlines among nuclear commands. This would at least allow governments to talk to each other, rather than guess where an attack came from. More difficult, but more important, are new cyberwar treaties. These could stipulate a no first use policy, outlaw unaimed weapons, or mandate weapons that self-destruct at the end of hostilities. The Geneva Conventions need to be updated too. Cyber weapons beg to be used, so limits on stockpiles, and restrictions on tactics, are a logical end point. International banking, for instance, could be declared off-limits. Whatever the specifics, such agreements are badly needed.'"

DMandPenfold writes "Sarah Palin, who is widely tipped as a possible Republican candidate for president in 2012, has said WikiLeaks founder Julian Assange should be hunted down in the way armed forces are targeting the Taliban and Al-Qaeda." So that means we should spend billions of dollars and not catch him? Good plan.

DMandPenfold writes "BP ignored the advice of safety modeling software in an attempt to save time before the disastrous Gulf of Mexico oil spill, according to a presentation slide (PDF) prepared by US investigators. The slide in question briefly appeared on the Oil Spill Commission's website in error, but was quickly retracted. Advanced cement modeling software, provided by BP's cement contractor Halliburton, had highlighted serious stability concerns with the well."

DMandPenfold writes "Advanced modeling software analyzed the cementing conditions for BP's Deepwater Horizon oil well as unstable, days before the blast that killed 11 oil rig workers and let millions of barrels of oil spill into the Gulf of Mexico. Halliburton, the company that carried out the cement job, used its own modeling software called OptiCem, to support arguments that more stability was needed for the piping and cement. ... An OptiCem test on 15 April, five days before the blast, stipulated that from Halliburton’s point of view, 21 ‘centralizers’ needed to be added to the well bore. The centralizers are used to provide space around the oil pipe casing within the well, as cement is poured around it, and are a vital part of safe drilling. BP initially adhered to the OptiCem software test and ordered 15 extra centralizers. But when technicians on the rig received the extra centralizers they mistakenly decided the new centralizers were the incorrect type. At this point BP proceeded with the drilling anyway, with the six centralizers, deciding another known technique of injecting cement in other places would work."

The Contrarian writes "It looks like Oracle is not suiting former Sun staff well, nor community members in the Java and OpenOffice.org communities. This weekend saw an unusually large number of rather public departures, with (among many others listed in the article) the VP running Solaris development quitting, the token academic on the JCP walking out and top community leaders at OpenOffice.org nailing their resignations to the door after having the ex-Sun people slam it in their face. The best analysis comes from an unexpected place, with the marketing director of Eclipse — usually loyal defenders of their top-dollar-paying members — turning on Oracle and telling them to get a clue."

LingNoi writes with this excerpt from ComputerWorld UK: "The London Stock Exchange has said its new Linux-based system is delivering world record networking speed, with 126 microsecond trading times. The news comes ahead a major Linux-based switchover in twelve days, during which the open source system will replace Microsoft .Net technology on the group's main stock exchange. The LSE had long been criticised on speed and reliability, grappling with trading speeds of several hundred microseconds. The 126 microsecond speed is 'twice as fast' as its main international competitors, the London Stock Exchange said. BATS Europe and Chi-X, two dedicated electronic rivals to the LSE, are reported to have an average latency of 250 and 175 microseconds respectively. Neither company immediately provided details. But many of the LSE's older and more traditional rivals offer speeds of around 300 to 400 microseconds. Nevertheless, Linux is now standard in many exchanges, including the New York Stock Exchange."

An anonymous reader submits news of the conviction of two Norwegian day traders, Svend Egil Larsen and Peder Veiby, who were on Wednesday fined and given suspended sentences (Norwegian court, Norwegian document) for cleverly working out — and cashing in on — the way the computerized trading system of Interactive Brokers subsidiary Timber Hill would respond to certain trades. They used the system's predictable responses to manipulate the value of low-priced stocks. The pair have gotten some sympathetic reactions from around the world, and promise to appeal.

ChiefMonkeyGrinder writes "Microsoft has unwittingly admitted that OpenOffice.org is a rival, by launching a three-minute video of customers explaining why they switched to Microsoft Office from OpenOffice.org. Glyn Moody writes: 'You don't compare a rival's product with your own if it is not comparable. And you don't make this kind of attack video unless you are really, really worried about the growing success of a competitor. [Microsoft] has now clearly announced that OpenOffice.org is a serious rival to Microsoft Office, and should be seriously considered by anyone using the latter.'"

An anonymous reader writes "This week the Business Software Alliance published a new study which purports to estimate the economic gain from a ten percent reduction in piracy of business software. For Canada, the BSA claims that the reduction would create over 6,000 new jobs and generate billions in GDP and tax revenue. But Michael Geist says the BSA claims are based on nothing more than the economic gains from a ten percent increase in proprietary software spending. The BSA now admits its estimate is based on the presumption that every dollar 'saved' by using unlicensed software would now be spent on proprietary software." Glyn Moody pointed out more flaws in the BSA's report.

webmink writes "The MPEG LA seem unwilling to explain why they have extended their 'free' H.264 streaming video policy now. This article unpacks the history of MPEG LA and then suggests the obvious — it's all because of WebM — and the worrying — maybe it's preparing the ground for opening a third front in the patent war against Google."

WebMink writes "Despite the fervour of some, the dark secret of every GNU/Linux distribution is that, until August 18 this year, it depended on software that was under a non-Free license — incompatible with the Open Source Definition and non-Free according to Debian and the FSF. A long tale of tenacity and software archeology has finally led to that software appearing under the 3-clause BSD license — ironically, at the behest of an Oracle VP. The result is that glibc, portmap and NFS are no longer tainted."

superapecommando noted an essay by Glyn Moody where he writes "In the early days of free software, the struggle was just to get companies to try this new and rather unconventional approach, without worrying too much about how that happened. That typically meant programs entering by the back door, surreptitiously installed by in-house engineers who understood the virtues of the stuff — and that it was easier to ask for forgiveness after the event than for permission before. [The Linux Foundation tries] to take all the fun out of free software. They are about removing the quirkiness and the riskiness that has characterized free software in business for the last decade and a half, and seek to replace it with nice, safe systems that senior management will instantly fall in love with. In a word, they seek to make open source boring for the enterprise. That's not only good news for companies, it's a really important step for the Linux Foundation."

An anonymous reader points out Glyn Moody's thought experiment: what if Oracle bought up the entire open source ecosystem? Who would win, who would lose? And how might an open ecosystem grow in the wake of such an event? "Recently, there was an interesting rumour circulating that Oracle had a war chest of some $70 billion, and was going on an acquisition spree. Despite the huge figure, it had a certain plausibility, because Oracle is a highly successful company with deep pockets and an aggressive management. The rumour was soon denied, but suppose Oracle decided to spend, if not $70 billion, say $10 billion in an efficient way: how might it do that? One rather dramatic use of that money would be to buy up the leading open source companies — all of them."

ChiefMonkeyGrinder writes "Software on medical implants is not open to scrutiny by regulatory bodies. Glyn Moody writes: 'Software with the ability to harm as well as help us in the physical world needs to be open to scrutiny to minimise safety issues. Medical devices may be the most extreme manifestation of this, but with the move of embedded software into planes, cars and other large and not-so-large devices with potentially lethal side-effects, the need to inspect software there too becomes increasingly urgent.' A new report 'Killed by Code: Software Transparency in Implantable Medical Devices' from the Software Freedom Law Center points out that, as patients grow more reliant on computerized devices, the dependability of software is a life-or-death issue. 'The need to address software vulnerability is especially pressing for Implantable Medical Devices, which are commonly used by millions of patients to treat chronic heart conditions, epilepsy, diabetes, obesity, and even depression.' Will making the source code free to scrutiny address the issue of faulty devices?"

DMandPenfold writes "A multi-billion dollar European Union IT research fund will help study the behavior of three-legged dogs, it has been revealed. The fund will support extensive studies into how three-legged dogs move. There is a particular focus on how the dogs balance and function, given their missing limb."

DMandPenfold writes "The British government has said that it will not be able to complete the rollout of broadband across the UK until 2015, blaming a lack of funds. 'Under the previous Labour government's original plans, everyone in the UK would have had access to 2 megabits per second broadband by 2012.' On Thursday, UK Culture Secretary Jeremy Hunt organized a meeting for major broadband providers 'to identify the current barriers to providing basic level broadband in rural areas as well as suggesting ways to make more use of publicly-owned networks, such as those connecting schools and hospitals.' BT, the country's biggest telco, estimates that the necessary government funding for the project will be as much as £2 billion."

ChiefMonkeyGrinder writes "A high-tech effort by BP to slow the oil gushing from its ruptured well head led to a large accident yesterday that forced the company to remove a vital containment cap for 10 hours. Robots, known as remote operated vehicles, were performing multiple operations at the disaster site when one bumped into the 'top hat' cap and damaged one of the vents that removes excess fluid, according to the US Coast Guard. The robots weigh around four tons, and are controlled from vessels on the surface using advanced IT systems with both manual and automated functions. BP removed the cap for nearly 10 hours ... in order to assess it after a discharge of liquids was noted from a key valve. The cap's removal left the oil gushing out of the wellhead, largely uninterrupted. Admiral Thad Allen, US National Incident Commander for the response, told the media that part of the problem was the number of robots conducting simultaneous operations at an immense depth. A dozen robots are circulating the wellhead." Another factor that may hinder containment even more is the increasing potential for tropical storms in that area of the Gulf.

Glyn Moody writes "Microsoft created its CodePlex, 'an online collaborative software development portal,' four years ago, as the latest in a string of attempts to play nicely with open source. Well, maybe not: Microsoft saw the open source software projects it hosted there as reflecting 'the open community-building spirit of Microsoft's Shared Source Initiative.' In September last year, it tried again, launching the CodePlex Foundation, 'a forum in which open source communities and the software development community can come together with the shared goal of increasing participation in open source community projects,' and not to be confused with CodePlex.com, 'a Microsoft owned and staffed forge that encourages the development of open source software based on Microsoft technology.' The only problem is that all the funding for the CodePlex Foundation still comes from Microsoft. But the new Technical Director of the CodePlex Foundation, Stephen Walli, thinks it can become truly independent of Microsoft, open to all companies to create open source software for any platform using only OSI-approved licenses. Will the CodePlex Foundation take its place alongside existing foundations addressing this sector, like Apache and Eclipse, but complementary to them? Or is it forever doomed to be ignored by the open source world because of its origins?"

Glyn Moody writes "If open source is such a success, why aren't there any billion-dollar turnover open source companies? A recent briefing by Red Hat's CEO, Jim Whitehurst, to a group of journalists may provide an answer. Asked why Red Hat wasn't yet a $5 billion company, as he suggested it would be one day, he said getting Red Hat to $5 billion meant 'replacing $50 billion of revenue' currently enjoyed by traditional computer companies. If, as is likely, that's generally true for open source companies, it means they will need to displace around $10 billion of proprietary business in order to achieve a billion-dollar turnover. Few are likely to do that. Perhaps it's time for managers of open source startups to stop chasing the billion-dollar dream. If they don't, they will set unrealistic ambitions for themselves, disappoint their investors, and allow opponents of free software to paint one of its defining successes — saving money — as a failure."

An anonymous reader writes "A vote of no confidence against the current board of directors has erupted in what is possibly the first nerd war, raging throughout the British Computer Society. More financial- and spreadsheet-related fixations and less computer science have made a few members cross; plus they don't like the new name 'The Chartered Institute of IT.' Here are more specific details on the extraordinary emergency general meeting on July 1, where members will vote to decide the fate of the board of directors."

snydeq writes "As open source becomes mainstream, vendors are under pressure to market their offerings using the 'open source' brand to the highest degree possible — a trend that may eventually degrade the meaning of 'open source' as we know it, Savio Rodrigues writes. Witness WebM, which Google has positioned as an open alternative to H.264. After examining the software license, some in the open source community have questioned whether WebM should be classified as open source software. Google did not use an OSI-approved license for WebM, meaning that, at least in theory, WebM cannot be considered open source under the OSD — the 'gold standard' by which many government and business open source policies are defined. Moreover, when prodded for OSI review, Google required that the OSI agree to 'changes to how OSI does licenses' as a precursor to submitting a license for OSI review and approval. 'When Google, one of the largest supporters of open source, goes out and purposefully circumvents the OSI, what signal does this send to other vendors? How important is using an OSI-approved license likely to be in the future if other vendors follow Google's lead?'" An anonymous reader adds: "It turns out that libvpx, Google's VP8 library, isn't compatible with the GPLv2. Google is apparently aware of the problem and working on a solution.

ChiefMonkeyGrinder writes "In response to a comment on yesterday's blog, Simon Phipps writes about the old rivalry between the Free Software Foundation and the Open Source Initiative (OSI). 'I have been (and in plenty of ways still am) a critic of OSI, as well as a firm supporter and advocate of the FSF. I believe OSI should be a member organisation with a representative leadership. ... But the OSI still plays a very important and relevant role in the world of software freedom.' For instance: Licence approvals have become a much more onerous process, with the emphasis on avoiding creation of new licences, updating old or flawed ones, and encouraging the retirement of redundant ones. It would be great to see the stewards of some of the (in retrospect) incorrectly approved licences ask for their retirement."