The Apache Geronimo Java application server has gained official certification of the Java server software standard.

In June, the developers of the open-source application server said that they had passed most of the tests to meet the Java 2 Enterprise Edition 1.4 certification. With its latest release of the software, Apache said that Geronimo has met the rest of the compatibility tests. The latest version, called Apache Geronimo 1.0-M5, also is integrated with the Tomcat Web server and includes a developer preview of a management console submitted to Apache by IBM.

Source: News.com

Unifying its developer offerings for Windows, Borland Software on Monday will announce Borland Developer Studio, an environment that includes the latest versions of the company’s Delphi, C++ Builder and C# Builder tools.

Featured are the 2006 versions of these three tools, with links to Borland’s CalibreRM requirements management software, StarTeam change management, and Together modeling capabilities. Shipping late this year and formerly code-named Project DeXter, Borland Developer Studio is to be available in multiple versions based on the level of needs.

“With Borland Developer Studio, we are offering in a single, integrated environment support for the Delphi language, C++, and C#,” said Rob Cheng, director of product marketing for developer solutions at Borland.

The company also will continue to sell the three products under their traditional brands, but the IDE will be the same. Users can choose to install just the languages they need, Cheng said.

Borland is positioning Developer Studio as an enabler for developing both traditional Windows 32-bit applications as well as newer .Net applications. This provides an advantage over Microsoft with its Visual Studio package, said Cheng.

Source: InfoWorld

Symantec is looking to exploit technologies acquired from Veritas Software to provide an Internet-based service through which consumers can automatically back up and remotely access important files, such as their digital photographs.

At a conference here Monday, Symantec’s chief technology officer, Mark Bregman, said the security giant is looking at how it would be able to combine the technologies gained from its merger with Veritas to provide new services for consumers, small businesses and large enterprises.

According to Bregman, much of the information stored on consumer PCs is unimportant or can be retrieved from other sources, but the driver behind online backup systems is ensuring that in case of disaster, consumers do not lose valued items such as digital photographs.

Source: News.com

Google Has Fixed Website Vulnerability Which Exposed Google Users to Identity Theft

Security company, Finjan, informed Google last week of a dangerous cross site scripting vulnerability on its website.

“The cross site scripting vulnerability could have allowed a remote attacker to take over victims’ Google Accounts, or fake the website’s content in order to deceive end users into downloading malicious content or providing personal and confidential information (known as ‘phishing’)”, said Limor Elbaz, VP Business Development and Strategy of Finjan.

Two Google sub-sites contained forms which did not validate and filter input. Due to the lack of data validation and filtering, this vulnerability could have allowed an attacker to inject content and scripts which could allow him to steal the victim’s cookie. If the victim were to be logged-on to their Google Account at the time, the attacker, by virtue of having the victim’s cookie, could have gained access to some of the Google services like the victim’s personal account information, his/her saved searches, Froogle’s wish list, Google alerts, or even identify the user in the Google Groups. The attacker might also have been able to change the content of the whole page, which would allow him to perform phishing attacks, or convince the user to download malicious files.

In late September, Finjan’s Malicious Code Research Center (MCRC) provided Google with full technical details, including proof-of-concept, concerning the vulnerability in order to assist Google with the fix. Google worked quickly to complete the fix on its website, which is no longer exposed to this vulnerability.

Foreign companies spent more than $500 million in acquiring 15 Israeli software firms over the past 12 months, Israel’s Manufacturers Association said on Sunday.

One of the largest deals took place in April, when manufacturing software maker UGS bought Israel’s Tecnomatix Technologies for $228 million.

The Manufacturers Association said that, over the past decade, foreign companies have bought more than 30 Israeli software firms for about $6 billion.

Israel has more than 2,000 start-up companies, over half of which are in the software sector, it said.

Source: eWeek

Hoping to tune into the latest craze in digital media, Yahoo Inc. is introducing tools for finding, organizing and rating “podcasts” - the audio programs designed to be played on Apple Inc.’s iPod and many other portable music players.

Although it can do several things, the free service focuses on making it easier for people to sift through the tens of thousands of podcasts currently available on the Web to find the programming best suited to their personal interests.

“We intend to be the most comprehensive source for podcast content,” said Geoff Ralston, Yahoo’s chief product officer.

Yahoo! plans to begin testing the new service Monday at http://podcasts.yahoo.com .