The H Week - Eclipse and Mozilla releases galore, backdoors, frontdoors and more

This week saw the annual release of Eclipse and a number of releases from Mozilla. Nokia produced the N9 MeeGo smartphone and Karen Sandler became the Executive Director of the GNOME Foundation. Bitcoin suffered many problems, Dropbox was left open for hours and backdoors were found in WordPress plug-ins. An alleged hacker was arrested in the UK and the FBI helped smash a major scareware ring.

Featured

Daniel Bachfeld explains how to store passwords so they won't be easily cracked, Thorsten Leemhuis details what's happening to filesystems in the forthcoming Linux 3.0, The H looks at the court case between AVM and Cybits which may, or may not, have an impact on how the GPL can be enforced in Europe and how the N9 is the swansong of Nokia's Linux efforts.

• Storing passwords in uncrackable form
• Kernel Log: Coming in 3.0 (Part 2) - Filesystems
• Battle lines drawn in dispute between AVM, Cybits and FSFE
• Nokia: no luck with Linux
  

Open Source

The annual release of Eclipse, this year named Indigo, brought many updates including BIRT 3.7 and new features such as eGIT. A new web framework called SocketStream made its first appearance, Nokia announced the N9 MeeGo powered smartphone, LexisNexis joined the Linux Foundation and the FSFE, AVM and Cybits clashed in court over alleged GPL violations.

• Eclipse Indigo expands its reach
• Eclipse Indigo: EGit and JGit reach version 1.0
• Eclipse BIRT 3.7 released, now talks Hadoop
• SocketStream launches new way for web apps
• Nokia announces MeeGo powered N9 smartphone
• LexisNexis joins Linux Foundation, open sources HPCC platform
• FSFE accuses AVM of GPL violations
• AVM and Cybits in court over GPL

It was a busy week for Mozilla as it released Firefox 5 fresh from its accelerated release process, patched older versions of Firefox and Thunderbird, and released version 1.0 of the Add-on SDK and betas for SeaMonkey 2.2 and Thunderbird 5. JavaScript creator Brendan Eich handed over responsibility for Mozilla's JavaScript engine while two separate projects showed how JavaScript (and HTML5) can now render PDF documents and play MP3 audio.

• Mozilla releases Firefox 5
• Firefox and Thunderbird updates patch security holes
• Mozilla releases SeaMonkey 2.2 Beta 1
• Final Thunderbird 5 beta arrives for testing
• Firefox Add-on SDK released
• Brendan Eich hands over responsibility for Mozilla's JavaScript engine
• MP3 and PDF plug-in dependencies engineered away

Karen Sandler joined the GNOME Foundation as its new Executive Director, the FLOSS ad network Ad Bard will close as of 1 July, the EFF stopped taking Bitcoin donations, Apple served a C&D on an open source startup and Node.js is on its way to Windows with Microsoft's assistance.

• Karen Sandler to join GNOME Foundation
• FLOSS ad network Ad Bard closing
• EFF stops taking Bitcoin donations
• Apple serves cease and desist on open source startup
• Node.js to go native on Windows with Microsoft's help

Open Source Releases

New releases this week for RabbitMQ messaging, Piwik analytics, Webconverger kiosk mode browser, BeOS clone Haiku, Google's Chrome Frame, Perl, Scientific Linux, the Tornado web server, Pentaho's business intelligence, NativeDriver android testing and Blender.

• RabbitMQ 2.5.0 adds new tracing facility
• Piwik 1.5 brings e-commerce analytics, fixes critical hole
• Webconverger 8 browser-only OS with Firefox 4
• Third official release for Haiku
• Google Chrome Frame no longer requires admin rights
• Perl 5.14.1 and 5.12.4 arrive
• Scientific Linux 5.6 released
• Tornado Web Server 2.0 released
• Pentaho BI 4 gets new visual interface
• Google introduces Android native application tester
• Blender 2.5 series update improves stability

Development releases

• Second openSUSE 12.1 milestone released

Security

Anonymous and LulzSec announced they were working together, a UK hacker was arrested, StartSSL found itself under attack but uncompromised, and a Bitcoin exchange closed down after being attacked. Other sites needed no attacks: Dropbox turned off authentication for four hours over the weekend.

• Hacker organisations join forces
• Met Police arrest alleged hacker in Essex
• Attack on Israeli Certificate Authority
• Bitcoin exchange closed after attack
• Dropbox left login door open for 4 hours

WordPress plug-ins were found with backdoors installed, the FBI announced the shutdown of a scareware ring which had netted $72M, Amazon cloud users were found to be leaving confidential data in their shared cloud images and Mozilla rejected Microsoft's criticisms of WebGL.

• Backdoor in popular WordPress plug-ins
• FBI shuts down $72M scareware ring
• Many Amazon cloud users reveal confidential data
• Mozilla rejects Microsoft's WebGL criticism

Security Alerts

• Firefox and Thunderbird updates patch security holes

For all last week's news see The H's last seven days of news and, to keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.

(crve)