EMC customers not too happy about the proposed Dell takeover

According to the 451 Market Research firm, EMC customers are not too happy about the proposed Dell takeover, and certainly don't share the amount of enthusiasm that CEO Michael Dell seems to have.

451's research report found that about 43.2 percent of EMC-only customers typically see Dell as a PC supplier, and 42.1 percent thought it was 'out of tune' with their enterprise IT concerns.

Amongst the EMC-only customers, some 13 percent report they will spend less than previously planned with EMC (more than twice the rate of Dell customers), said the report.

Among those who are also Dell customers, 42 percent view Dell, not surprisingly, as an enterprise IT supplier.

This is a fairly instant reaction to the takeover news and, with the deal not closing until the middle of next year, there are many months for EMC and Dell account teams and channel partners to talk to their customers and attempt to nullify any negative Dell perceptions. That's the hope, anyway.

"Overall, Dell will need to pay some attention to account management practices as the two companies merge," the 451 report authors write, and "be sure to take time to educate today's EMC-only customers about the breadth of its enterprise capabilities".

"This will also involve coordination across marketing, direct sales and channel partners, which is not an insignificant task," the report states.

They expect EMC and Dell competitors to mount an assault on the joint EMC/Dell customer base and capitalise on any latent dissatisfaction, fear and doubt about the effects of the Dell takeover.

It will be interesting to see how all of this pans out in the next 12 months, and what the imminent outcome will be in the IT industry.

Source: Microsoft.

OpenBSD's source tree just turned twenty years old today

In case you didn't know, OpenBSD's source tree just turned twenty years old today.

The project now has about 322,000 commits and contributions from more than 350 developers since October 19, 1995.

Its founder, Theo de Raadt, may be known for his sudden outbursts, but he's currently in a reflective mood.

He gave us a flavor of what it was like to work on the OpenBSD project in the early days.

I recall the import taking about three hours on an EISA-bus 486 with two ESDI drives. There was an import attempt a few days earlier, but it failed due to insufficient disk space.

It took some time to repartition the server. It wasn't terribly long before David Miller, Chuck Cranor and Niklas Hallqvist were committing. Then even more people showed up a few days later.

The OpenBSD is a team of hard workers, we must say. De Raadt added that one of the first developments involved improving 32-bit SPARC.

The OpenBSD project, the Foundation for which is backed by the likes of Microsoft, Facebook and Google, now stands on average at 44 commits daily, de Raadt said.

He continued his walk down memory lane by saying "Chuck and I also worked on setting up the first anoncvs to make sure no one was ever cut out from 'the language of diffs' again. I guess that was the precursor for the github concept."

"People forget, but even FSF was a walled garden at the time, throwing tar files with vague logs over the wall every couple months," he added.

"I was lucky to have one of the few 64 Kbit ISDN links in town, otherwise this would not have happened. My desktop was a Sparcstation 10. The third machine I had was a very slow 386," he was quick tp point out.

Later today, version 5.8 of OpenBSD is due to be released. We'll keep you posted on these and other news as they happen.

Source: The OpenBSD Project.

No less than 25 security bug fixes for Java, again

System admins everywhere, forced either by circumstance or folly to support Java can get busy again, with no less than twenty-five security bug fixes for the software among the Scarlet Letter's regular patch notice.

If that sounds like obscure, it's because it is. But the good news is that Oracle says that none of the security vulnerabilities have been exploited as of Monday. Does that mean they will be soon?

The bug fixes to Java SE and Java SE Embedded cover security problems in the CORBA (Common Object Request Broker Architecture), Remote Method Invocation (Java RMI), Java FX, serialisation, 2D, Java API for XML Processing (JAXP), Java Generic Security Services (JGSS), security and deployment sub-components, as well as various library flaws.

So there you have it-- the complete picture. Over at Oracle's security blog, regular bearer-of-bad-news Eric Maurice lists “Oracle database, Oracle Fusion Middleware, Oracle Hyperion, Oracle Enterprise Manager, Oracle E-Business Suite, Oracle Supply Chain Products Suite, Oracle PeopleSoft Enterprise, Oracle Siebel CRM, Oracle Industry Applications, including Oracle Communications Applications and Oracle Retail Applications, Oracle Java SE, Oracle Sun Systems Products Suite, Oracle Pillar Axiom, Oracle Linux & Virtualization, and Oracle MySQL” as getting fixes.

We agree: that's a lot of 'O's. The Java SE fixes, he writes, apply only to 20 Java fixes in the browser, the remaining five apply to both client and server Java SE, and 24 are remotely exploitable without authentication.

There are eight fixes for the Oracle database, one of which (CVE-2015-4863, not yet described on Mitre) has a base score of 10, because it's remotely exploitable without authentication.

There's also a perfect 10 in Oracle Sun Systems' Integrated Lights Out Manager (ILOM), and Maurice says as well as patching ILOM, system admins should block outside access to the software.

If this sounds like a lot of security patches, well it is. So the question is: why so many all of a sudden? Let's all hope that Oracle has a good handle on the situation.

Source: Oracle.