Google announces Android Lollipop
We finally know what the “L” stands for. Google announced its next mobile operating system, Android 5.0, will be codenamed Lollipop, and ship on the Nexus 6 and Nexus 9 in November.

Google first announced Android “L” back in June at Google I/O, releasing a developer preview with more than 5,000 APIs and features including Material Design. Lollipop will ship on the new Nexus 6 smartphone, Nexus 9 tablet and the new Nexus Player, a streaming media player developed with Asus and the first device to run Android TV. Android 5.0 Lollipop will also be available on the Nexus 4, 5, 7, 10 and Google Play edition devices in the coming weeks.

As has been its custom with its sugary treat-themed mobile OS releases, Google had a bit of fun teasing the name. Hinting at what L might stand for after Jellybean and KitKat, Google released a playful promo called “Sweeeet” depicting an actual casting session with different L-named sweets.

“There can only be one L,” the promo says, and that turned out to be one conveniently not mentioned in the video—Lollipop.

The Nexus 9 and Nexus Player will be available for pre-order on October 17 and in stores starting November 3. The Nexus 6 will be available for pre-order in late October and in stores in November, with options for an unlocked version though the Google Play Store. More information on Android 5.0 Lollipop can be found in the Google blog post.

Microsoft and Xamarin announce forums, advisory council for .NET Foundation
The .NET Foundation, launched back at the Build conference in April to oversee Microsoft’s open-source projects, is getting an advisory council and forum to broaden community involvement.

Mobile developer tools provider Xamarin, is a major contributor to the .NET Foundation.
Xamarin CTO and cofounder Miguel de Icaza, also a .NET Foundation board member, announced the news in a blog post  explaining that the forums and advisory council are an effort to make the .NET Foundation more open and transparent with more open discussion and input from the developer community.

“We are launching the official .NET Foundation forums to engage with the larger .NET community and to start the flow of ideas on the future of .NET, the community of users of .NET, and the community of contributors to the .NET ecosystem,” de Icaza wrote.

A baseline proposal for the advisory council is currently open for public comment.

The IBM Internet of Things Foundation
IBM wants to speed up Internet of Things development with a newly announced set of digital tools allowing companies to build an IoT app in just minutes, according to the company. The IBM Internet of Things Foundation is designed to allow developers to quickly extend an IoT device into the cloud, build an app alongside the device to collect the data and send real-time insight back to the developer.

“Think of the IoT Foundation as an extremely fast on ramp to the cloud for the millions of intelligent IoT devices that are now being shipped, and the billions already Internet connected,” said John R. Thompson, vice president of Internet of Things at IBM.

The IoT Foundation is part of IBM Bluemix, the company’s cloud application platform.

The Coverity Scan Project Spotlight
Coverity has released the latest Coverity Scan Project Spotlight, the company’s report on critical security defects in open-source projects. The report revealed 688 Open Web Application Security Project (OWASP) top 10 issues in 37 open-source projects, including Big Data, network management and blog server projects.

OWASP issues include injection, broken authentication and session management, cross-site scripting, insecure direct object references, security misconfiguration, sensitive data exposure, missing function level access control, cross-site request forgery, using components with known vulnerabilities and invalidated redirects and forwards.

“The road to application quality and security starts in development,” said Zack Samocha, senior director of products at Coverity. “With three major security issues related to open source code defects this year, it’s imperative that open source developers design code security into their projects starting as early as possible and utilize security experts to help them understand vulnerable areas in the code and potential attack vectors.”