What You Need To Know #1

Do you know the song “Video Killed The Radio Star“? It seems like today it is “Twitter & G+ killed the blog post.” I thought I would summarize some of the recent news I’ve posted elsewhere.

  • bit Time Lab has a video showing off their multi-touch bluetooth app that controls a very small mini-cooper. They developed the libraries for multi-touch support and bluetooth they used with Appmethod (Object Pascal). Very cool!
  • Project Indy has an OpenSSL update for the Heartbleed vulnerability.
  • InterBase uses OpenSSL, but was never vulnerable to Heartbleed.
  • I’ll be at Delphi Developer Days in Chicago and D.C. and we will have free evening events there too. These are great events full of fabulous content (I’ve attended in the past). I highly recommend you check them out. I’ll be showing Delphi working with Google Glass, Brain-Computer Interface, FireDAC, REST, and anything else I can squeeze in.
  • I’m also traveling to India and South Korea this month.
  • I worked with Sarina on this Tutorial for accessing from Appmethod Object Pascal with the REST components. Great technology.
  • Eric compiled a partial list of over 100 Delphi apps in the Play Store.
  • Eric Bonilha was featured in the Brazilian News for his work on a DigiFort app for Google Glass that stream live video to and from Google Glass. It is in Portuguese, but you can see some live demos of the app starting at just after 7 minutes in. All the software used to stream video and control cameras in that segment is written in Delphi by Eric and his team.
  • Curious about what is coming in XE6? There is a RAD Studio XE6 Sneak Peak event taking place April 16th. It looks really exciting!
  • I still get people asking about the new upgrade pricing. Check out the new License Recharge Program – if you own the latest version of Delphi, RAD Studio, or C++Builder then you qualify to save a lot of money when a new product is released.
  • David Intersimone and myself are running regular Google Hangout On-Air events. These are informal technical events we share some of the things we’ve been working on recently. Make sure you join the Embarcadero Technologies G+ community so you can be involved in the next one. The first two were experiments, we plan to promote the future ones better (although they will probably remain experimental and informal).

RAD Studio XE6 Preview Event

4 replies on “What You Need To Know #1”

JIm, you don’t find it troubling that Interbase isn’t vulnerable to Heartbleed *because it uses much older versions of OpenSSL that have several known vulnerabilities*? You can check each of the versions Stephen mentioned at and see the vulnerabilities there. Several of us posted comments to his blog entry explaining “our library is really old” doesn’t make it safe, but as usual he never approves comments that point out problems with his posts. šŸ™ The real message is that every Interbase user should be looking up the applicable version of OpenSSL at the link I included and take efforts to mitigate any vulnerabilities they may be exposed to. That and Embarcadero should be issuing updates to Interbase with the latest version of OpenSSL when security vulnerabilities are found.

Joseph: the issue is every version of OpenSSL has vulnerabilities and issues. InterBase XE3 uses a release version of OpenSSL. Had they moved to the point 0.1 version then it most likely would have been vulnerable.

You raise a good point though, all responsible software developers should be aware of their stack and how that impacts their products. I imagine that is why the team chooses to stick with a version of OpenSSL that is known instead of installing every incremental release that comes out.

An important part of IT Management is managing the risk of updating key systems. In this case that management paid off. At some point a significant enough issue may appear that requires / justices updating OpenSSL. If for instance they were on a version vulnerable to heartbleed then it would have forced an upgrade.

Hope that helps!

Jim, I much prefer a written blog to a video one, especially for technical issues.

While video is nice in some respects. It’s hard to go back and reread something to fully grasp what is being said. And it’s not that easy top cut and paste code samples to test and modify.

Comments are closed.