VMware acquires desktop application delivery startup CloudVolumes
Cloud and virtualization software provider VMware has acquired CloudVolumes, a startup focused on desktop application delivery.

CloudVolumes’ platform will enable VMware to build real-time application delivery tools across its end-user, datacenter and hybrid cloud platforms. CloudVolumes virtualizes application-management process above the OS, eliminating the need for virtual machine management on a per-VM basis.

More information on the acquisition and on the CloudVolumes platform can be found on VMware’s blog.

New FireEye report details Android SSL vulnerabilities
Six-hundred seventy-four of the top 1,000 apps in the Google Play Store have at least one of three main SSL encryption vulnerabilities, according to a new report from security software provider FireEye.

The report, “SSL Vulnerabilities: Who listens when Android applications talk?” analyzed Google Play’s most downloaded Android applications and found that a significant portion of them are susceptible to man-in-the-middle attacks. The Android platform’s use of the HTTPS communication protocol, secured with SSL/TLS encryption, can leave it exposed to attacks if the SSL libraries are used incorrectly.

0821.sdt-news-chart

According to the report, which analyzed approximately 10,000 Google Play Store applications for the three main SSL vulnerabilities (not checking server certificates, not verifying server hostnames, and ignoring SSL errors), more than half of the applications were found using one or more of the vulnerable practices.

The full FireEye report is available here.

Linux Foundation introduces new certification program
The Linux Foundation has launched a new certification program to arm software engineers and systems administrators with official designations of their Linux technical skills.

The new Certification Program offers online performance exams, broken up into specific Linux distributions for CentOS, openSUSE and Ubuntu, for engineers and sys admins. Exams are informedby Linux community feedback and will be updated regularly to reflect the changing IT landscape.

0821.sdt-news-linux

The Linux Foundation Certified System Administrator and Linux Foundation Certified Engineer exams cost US$300 each, and those awarded the certification will receive an official certificate for professional display.

Computer security researchers develop new Android framework
Computer security researchers from North Carolina State University and Technische Universität Darmstadt’s Center for Advances Security Research have come up with a modification to Android’s core operating system that would enable developers to plug in new security enhancements. The new Android Security Modules (ASM) framework allows developers to create their own security control modules to better protect phones.

“In the ongoing arms race between white hats and black hats, researchers and developers are constantly coming up with new security extensions,” says William Enck, an assistant professor of computer science at NC State. “The ASM framework allows users to implement these new extensions without overhauling their firmware.”

More information is available here.

Facebook adds Oculus to bug bounty program
Facebook will now financially reward security researchers who find flaws in the Oculus Rift virtual reality headset, SDK and website code, according to The Verge.

To qualify for a bounty, researchers must be the first to disclose the bug, adhere to Facebook’s responsible disclosure policy, report a bug that would compromise the integrity of user data, make an effort to use a test account instead of a real account when investigating bugs, and not reside in a country under any current U.S. sanctions.

0821.sdt-news-oculus

Currently, the minimum reward for finding flaws is $500, and if the researcher decides to donate the money to a recognized charity, Facebook will double the payout.

More information about Facebook’s bug bounty program is available here.

Xamarin closes series C funding round
Xamarin has raised $54 million in a Series C financing round, bringing its total amount raised to $82 million. The new funding will go toward further expanding its mobile app development platform and cloud services to solve developer programs throughout the application life cycle, sales and marketing, according to the company.

“Thousands of companies trust Xamarin with their mission-critical employee, business, and consumer apps as they seek to transform customer relationships and business processes through mobile,” said Nat Friedman, Xamarin CEO and cofounder. “This funding enables us to aggressively expand our product portfolio and Xamarin’s market presence around the world.”

MIT spinoff develops software that solves FEA models in seconds
A
n MIT spinoff, Akselos, wants to make 3D simulations more accessible. The company has developed software that uses pre-calculated supercomputer data for structural components such as simulated “Legos” to solve finite element analysis (FEA) in seconds.

FEA is a method engineers use to generate 3D digital models of large structures to simulate how they will react under stress, heat, vibrations and other real-world conditions, according to MIT.

0821.sdt-news-mit

“We’re trying to unlock the value of simulation software, since for many engineers current simulation software is far too slow and labor-intensive, especially for large models,” said David Knezevic, CTO of Akselos. “High-fidelity simulation enables more cost-effective designs, better use of energy and materials, and generally an increase in overall efficiency.”

More information is available here.

The NSF looks to enable a new future for cloud computing
The National Science Foundation (NSF) recently awarded $20 million to two cloud computing test beds, Chameleon and CloudLab, to support cloud computing applications and experiments. The funding will allow the academic research community to develop and experiment with cloud architectures, and pursue new applications of cloud computing, according to the NSF.

“We are proud to announce support for these two new projects, which build upon existing NSF investments in the Global Environment for Network Innovations test bed, and promise to provide unique and compelling research opportunities that would otherwise not be available to the academic community,” said Suzi Iacono, acting head of NSF’s Directorate for Computer and Information Science and Engineering.

More information is available here.