Tag Archive for ORCL

| March 10, 2018
Comments Off on Follow the Open Source Money

Follow the Open Source Money

 Matt Asay at Infoworld recently pointed out some interesting data on who really contributes to open source. Wikipedia, the most well-known open-source project, defines open-source software as software whose source code is published and made available to the public, enabling anyone to copy, modify and redistribute the source code without paying royalties or fees. Open-source code can evolve through community cooperation. These communities include individual programmers as well as large companies.

Open sourceAdobe developer Fil Maj used the GitHub REST API to pull public profile information from GitHub users. The REST API is a low-bandwidth protocol used on the internet that allows two software programs to communicate with each other. Using the API, Mr. Maj collected the company field from all 2,060,011 GitHub user profiles who were active in 2017 (“active” meaning ten or more commits to public projects). Using that data, Mr. Maj was able to pull the total number of corporate contributors to GitHub, with results that might surprise you.

Here are the ranking of GitHub contributors, with their total number of employees actively contributing to open source projects on GitHub:

RankCompanyEmployees Contributing
1Microsoft4,550
2Google2,267
3Red Hat2,027
4IBM1,813
5Intel1,314
6Amazon.com881
7SAP747
8ThoughtWorks739
9Alibaba694
10GitHub676
11Facebook619
12Tencent605
13Pivotal591
14EPAM Systems585
15Baidu584
16Mozilla469
17Oracle455
18Unity Technologies414
19Uber388
20Yandex351
21Shopify345
22LinkedIn343
23Suse325
24ESRI324
25Apple292
26Salesforce.com291
27VMware271
28Adobe Systems270
29Andela259
30Cisco Systems233

The author points out, this is not a perfect measure, but it is a much richer, more accurate data set for figuring out total contributors for any company. Even with that caveat in mind, we end up with many more corporate open source contributors than previous data suggested.

Microsoft’s contributions to open source

Microsoft's contributions to open sourceThe new data shows Microsoft (MSFT) is the number 1 open source contributor. Redmond has twice the number of contributors compared to its next nearest competitor. Remember Steve Ballmer‘s developers! developers! developers! meltdown?  For those of us that were around when Mr. Ballmer, the Microsoft CEO called open source as a “cancer” and “anti-American,” this is a remarkable change of heart for MSFT.

Red Hat

Red Hat (RHT) Mr. Maj’s data puts the open source leader among the top contributors. Red Hat has dramatically fewer engineers on its payroll than Google (GOOG) or Microsoft. As such, it’s doubly impressive that Red Hat would place so highly. Pretty much every engineer in the company works on open-source projects.

Amazon

 

Amazon logoAmazon (AMZN) Often considered an open source ne’er-do-well, Amazon comes in at No. 6 in the rankings. AMZN has nearly 900 open source contributors on staff. The article points out that Amazon has perhaps not publicly led the open source effort in the same way as Google and Microsoft have, but it remains a strong contributor to the projects that feed its developer community.

China is a net consumer of open source

Chinese companies like Baidu, Tencent, and Alibaba, which have long been perceived to be net consumers of open source, actually contribute quite a bit according to the new data.

Legacy firms

Legacy firms like Intel (INTC), Oracle (ORCL), Adobe (ADBE), and Cisco (CSCO) rank among the top 30 open source contributors reports InfoWorld.

rb-

Color me suspicious, but have these firms really embraced open source. Have they just adapted their business model to usurp elements of open source to lay their proprietary code on top of it? This saves them the bother of writing new code and yet they can charge proprietary costs for software where they have reduced their development costs.

Tom Brady hanging high fiveAfter all, numbers don’t lie. Stats say that in 2014, half of the companies said they use open source in their product. Just one year later, the number grew to 78%. Consequently, as long as open source continues to enjoy its place in the sun, we should expect the Microsoft-open source bromance to continue.

Related article

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , , , , , , ,
| November 3, 2011
2 comments

How Does Malware Spread?

The ZDNet Zero Day blog reports that Microsoft’s (MSFT) recently released Security Intelligence Report identified socially engineered malware (scareware pop-ups; blackhat search engine optimization attacks) enticing users into downloading and executing a malicious file as the most used malware propagation tactic.

ScarewareBased on a sample of 600 million systems worldwide, MSFT research ranks AutoRun USB infection as the second most used malware propagation tactic, according to Zero Day. Microsoft disabled AutoRun by default on Windows XP and Vista in February to prevent malware infections. The results, at least according to Microsoft, have indicated a significant decline in malware using AutoRun as a spreading mechanism.

The report also points out that zero-day flaws do not necessarily represent a driving force in the growth of malicious attacks or cybercrime in general according to the ZDNet blog. More propagation tactics:

  • User Interaction required – 44.8%
  • AuAuto-run malwaretoRun USB – 26%
  • AutoRun: Network – 17.2%
  • File Infector – 4.4%
  • Exploit: Update Long Available – 3.2%
  • Exploit: Update Available – 2.4%
  • Password Brute Force – 1.4%
  • Office Macros – 0.3%
  • Exploit: Zero Day – 0%

Zero Day points out that Microsoft is missing malware that spreads without user interaction, namely through the exploitation of client-side vulnerabilities in third-party software and browser plugins.  The MSFT report says attackers regularly exploit client-side Java. Java exploits were responsible for between one-third and one-half of all exploits observed in the four most recent quarters including:

rb-

I wrote about the problems with old versions of Java and JavaRa which can delete all the old unnecessary files java leaves on your hard drive everything Sun Oracle plugs some more holes in their app.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , ,
| May 31, 2010
Comments Off on Java Help

Java Help

-Updated 11-12-13- JavaRa 2.3 is now available to remove Java. The new version fixed several bugs and further improved localizations.

-Updated 08-28-10- Earlier this month Lunarsoft, the publishers of JavaRa, released version 1.16beta of JavaRa. According to the FAQ’s some of the added features include:

  • A new system of reading registry keys into the program,
  • A new system of reading languages,
  • x64 support,  and
  • Bug fixes.

More info and download here. The beta tag should not scare you off, because according to the FAQ’s the program itself isn’t in beta anymore because it is quite stable. Beta is still used because some fixes and x64 support haven’t been tested extensively yet.

Java HelpA recently unearthed feature that has been built into Java since Java 6 Update 10 allows developers to easily distribute their applications to end-users. Sun introduced a feature called Java Web Start designed for developers to install software and execute a program from a website. KrebsOnSecurity reports the feature allows criminals to remotely execute malicious code on the user’s computer.

AVG has discovered this exploit in-the-wild attack that takes advantage of this feature to redirect the unsuspecting web users to a Russian website that serves a crime-ware kit that bombards visiting browsers with exploits. After a delay,  Sun issued the patch. According to ZDNet, Sun does not mention the disclosure or the attacks in the release notes accompanying the patch, but they have been able to confirm it does cover the flaw in question. Even after applying the update, users may still be vulnerable. After installing updates to the Java Runtime Environment (JRE),  the update installs a whole new version of itself without removing the old installations.

Lifehacker points out JavaRa, a utility that removes the old and obsolete versions of JRE while leaving files that are necessary for the current version to run. The utility also removes other bloat and registry entries to ensure that Java still works on your computer without all the extra files cluttering up your hard drive. JavaRa is free but does require administrative rights to run because it makes changes to the registry. JavaRa works on just about every version of MSFT’s Windows. Once you have the app downloaded, just run the app and tell it to remove old versions of the Java Runtime Environment. The app will spin for a while and then let you know the old versions are gone. The app will also:

  • Remove the startup entry that makes Java run when Windows starts,
  • Remove the Sun Download Manager.
  • Check to see if there are updates available for the installed version of Java.

rb-

So far JavaRa is a free, simple, portable download for Windows that just works and will make a great addition to your flash drive toolkit.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , ,