Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!
The programmer says that Mojang must release the Minecraft server code to the public domain since decompiled, deobfuscated versions of the Java code are included in the Bukkit project before he will withdraw the DMCA. Mojang has never released the real source code and has stated they will not open source the server code to meet the GPL and LGPL licensing requirements. This approach might be a risk for other GPL and LGPL projects out there which are derivative of or enhance non GPL programs or products. Mojang COO Vu Bui writes in a post at the Bukkit forums The official Minecraft Server software that we have made available is not included in CraftBukkit. Therefore there is no obligation for us to provide the original code or any source code to the Minecraft Server, nor any obligation to authorize its use. Our refusal to make available or authorize the use of the original / source code of the Minecraft Server software cannot therefore be considered to give rise to an infringement of any copyright of Wesley, nor any other person. Wesley’s allegations are therefore wholly unfounded.
- open source, with a community following ; the kind of stuff Slashdotters would prefer
- tidy software architecture; simple things should remain simple
- allow open API allowing usage across many languages (say: Python & Java)
- clear licensing status, not estranging future commercial use
- serious multilingual & font support
- PDF-handling rich features, not limiting usage for invoicing, e-commerce, reports & data mining
- digital signing should not go against other features
I'd like to poll the collective Slashdot crowd wisdom about if/which PDF related libraries, they have written software with, keeps them happy for *all* the above reasons. And if not happy with that all, what do they thing is the best bet for learning one piece of software in the area, with great reusability across different circumstances and little need for extra hacks? I'd really like to hear the smoked out war stories. It is easy to obtain a list of such libraries, yet tricky to understand whethe people have obtained success with them!
The security implications of this are vast. Malicious actors could create a malicious mobile application with a digital identity certificate that claims to be issued by Adobe Systems. Once installed, vulnerable versions of Android will treat the application as if it was actually signed by Adobe and give it access to local resources, like the special webview plugin privilege, that can be used to sidestep security controls and virtual 'sandbox' environments that keep malicious programs from accessing sensitive data and other applications running on the Android device. The flaw appears to have been introduced to Android through an open source component, Apache Harmony. Google turned to Harmony as an alternative means of supporting Java in the absence of a deal with Oracle to license Java directly.
Work on Harmony was discontinued in November, 2011. However, Google has continued using native Android libraries that are based on Harmony code. The vulnerability concerning certificate validation in the package installer module persisted even as the two codebases diverged.
Famo.us chases another holy grail, namely the 'write once, run anywhere' dream. Instead of having to write different code for different platforms, like iOS and Android, developers can write one application that works and looks as good on all platforms, in theory anyway. This of course saves a huge amount of time and resources. Unfortunately, this idea is not without its problems and has never really worked very well with earlier attempts like Java-applets, Flash and Silverlight. In the end native applications have so far always been faster and slicker and I'm pretty skeptical Famo.us will be able to change this."