Samsung's security twist: Protect yourself from IT

If you're worried about your personal information being accessible to your company's IT staff, you may have an unlikely defense in the form of mobile workspaces, aka containers, which separate work and personal data (and apps) on your smartphone or tablet. IT organizations like the idea because it lets them wall off their stuff from yours.

Although most containers are imposed on you by IT to secure work data, Samsung has an interesting twist on the concept: user-installed containers to protect your personal information from IT's reach.

I'm not a fan of mobile containers -- most are awkward to use. They typically make users jump between two contexts, access unfamiliar apps for basic functions like email and document editing, and separate activities that should be integrated, like your day's calendar or what new messages have been received.

Sure, you can point to good aspects in, say, BlackBerry Balance, Android for Work(the former Divide product), or any of the mobile device management (MDM) vendors' secured workspace apps. But on balance, they're a pain to use.

The ins and outs of using My Knox

Samsung's My Knox container app is not as painful as some others, thanks to its option to present the safeguarded apps within a folder (if you prefer) or in the more traditional separate environment, where you switch between your personal home screens to your work ones as needed. (You're still required to enter your password to use business apps, though.)

If you prefer not to switch between completely separate home screens, you can have My Knox use the Folders layout to make business apps visible from your personal workspace. (You still need to sign into the business workspace to use its apps.)

Most interesting, you can download My Knox from the Google Play app store and separate your personal and business workspaces yourself, relegating IT-managed content like your work email to a business workspace. If you set My Knox to switch between fully separate workspaces, rather than use the Folders layout, you navigate to the My Knox workspace by opening the My Knox app; when in the My Knox workspace, you get back to your personal workspace by tapping the Personal Home app.

You can also tell My Knox to share contacts and/or calendar information between the two workspaces. My Knox lets you set up sharing in either or both directions. For example, you could choose to share personal contacts with your business workspace, for use by, say, the Email app there. But you could choose not to share contacts in your business workspace with your personal workspace, so you couldn't look up, for instance, a business contact's email address from the Email in your personal workspace.

If you're concerned about snooping by IT staffers or other corporate folks on your devices, using a container like My Knox effectively locks them out of your personal data. That's not necessarily the case if you have an Android device you've connected to your company's Exchange server or non-container-oriented MDM tool. (iOS has a very different application security model, oriented to managing apps directly rather than in separate workspaces, and its app sandboxes block everything but that app from seeing an app's content.)

Like all containers, My Knox lists what you can do inside it and what apps you can run. That's because apps need to support the policy restrictions used by the container's management server.

Android lets you run multiple copies of the same app, so you can have, say, Email in both your personal and business workspaces, each accessing different email accounts. Of course, that means you won't get the badge for new work emails on the Email app in your personal workspace.

The My Knox container displays new emails and so on from both your personal and business workspaces in the Notifications tray, if you enable that feature.

But you will see all your email in the Notifications tray, with a lock icon representing those in the My Knox container -- if you enable the Quick Mode Change option in the Knox Settings app. If you tap a notification for an item in the workspace you're not currently using, you're switched to that workspace, and a password is requested if you haven't used that container in a while (you define that period in preferences). 

The newest version of My Knox (released on Feb. 20) is open to running at Play Store apps, and when you install it you can choose to move already installed apps into the container. You can also install apps from Samsung's own app store. The previous version of My Knox supported a much smaller selection of apps.

The gotchas of using My Knox

The My Knox app runs in only a handful of Android devices, all from Samsung: the Galaxy S6, S6 Edge, S5, Note 4, A5, A3, and E5, as well as the forthcoming Galaxy A7 and E7. (The A and E series are aimed mainly at Asian markets, but can be had in some Western countries as well.) Even if you like the idea of My Knox, you probably can't use it.

Because My Knox is a container, it restricts what you can do in that container, not only contain IT's reach within it. For example, you can't copy or cut text to paste into your personal workspace's apps. You can't even take a screenshot of anything in the work container.

Also, there are no tools for setting the policies imposed by My Knox -- not even from the My Knox management website. (That website, by the way, isn't designed for use on smartphones, a bizarre omission for a smartphone maker.) Samsung says it has no plans to let users configure My Knox policies.

If your company uses Samsung's Knox EMM mobile management server or has an MDM server that supports Knox (very few do, though most major MDM providers have been saying since last year that they intend to do so in the future), don't plan on connecting My Knox to that IT-managed server. It very likely won't work.

I tried to use Knox EMM to manage the My Knox workspace on a Galaxy Note 4, but the enrollment only partially completed. The reason, according to Samsung: "My Knox was already installed and Knox EMM is a separate product, so there are issues with coexistence." I can attest to that.

Unfortunately, this means that if you use My Knox to keep IT out of your personal workspace, you may have to uninstall it if your company gets around to making you use its container, even a Knox one.

Still, when the notion of workspaces comes up, it's almost entirely from the perspective of IT. My Knox shows another side to the "keep my data protected" coin.

This story, "Samsung's security twist: Protect yourself from IT" was originally published by InfoWorld.

More new features coming to Java 9

Oracle has released its updated list of proposed or targeted Java 9 enhancements. In addition to previously confirmed Java modularity updates, the most recent list includes a common logging system for all JVM components (JEP 158), more HotSpot JIT compiler controls (JEP 158), and refinements to improve the efficiency of garbage collection (JEP 214), and repair issues introduced by Project Coin language updates in JDK 7 (JEP 213).

Even with delays, Oracle has been steadily moving forward with its plans to modularize the JDK. But the scope of Java modularity took a step up in September, when Oracle announced four new JEPs, including JEP 220: Modular Run-Time Images. Ben Evans, writing for InfoQ, noted that swapping JARs for modules is the "point of no return for modularity," with serious implications for IDEs, toolmakers, and many Java application frameworks:

After this point, The Java runtime system will no longer be contained in jar files, and instead will be composed of modules. Files such as rt.jar and tools.jar will be a thing of the past. The new system will consist solely of modules, although the platform will continue to accept and run applications and libraries packaged as jar files. The intention is that over time, application developers wil migrate to the new modular formats as well.

See "Oracle Commit to Java Modularity" for more from Ben Evans on modularity updates in Java 9. Also see Takipi Blog: "Java 9 – The Ultimate Feature List" for a comprehensive (as of November 20, 2014) description of new features accepted or proposed for the next major release of Java.

This story, "More new features coming to Java 9" was originally published by Java Everywhere.

Node.js gets a new master

Node.js, the popular server-side JavaScript platform that has seen dissension in the ranks over its recent direction, is about to get a new governance model.

Cloud software vendor Joyent had been in charge, but a new plan announced today will turn Node.js over to an independent third party known as the Node.js Foundation, said Joyent CEO Scott Hammond in an interview. The Foundation, which the Linux Foundation has helped set up, will have a board of directors and a technical committee, and Joyent will maintain a seat on the board along with Microsoft, IBM, and as-yet-undetermined other parties.

The idea of turning over Node.js, often referred to simply as Node, to a foundation arose out of the recent formation of the Node.js advisory board, Hammond said. "It's pretty clear to me the best way to go execute on some of the recommendations that have come out of the advisory board is to move the project to a neutral foundation."

But spinning out Node.js to a separate foundation is not about placating the divided Node.js community, Hammond insisted. Dissatisfaction with the direction of Node.js led to the recent io.js fork, which has been shepherded by some of the same people involved with development of Node.js. "This is about doing the right thing for Node.js" and evolving the governance and organizational structure, Hammond said. 

A technologist involved in the development of both Node.js and io.js was optimistic about the governance model but is taking a wait-and-see approach. "I'm excited that Joyent has decided that the future of Node is with an independent foundation," said Bert Belder, an official at Strongloop who has been a core contributor to Node.js and a member of of the io.js technical committee. "However, details of the governance plan are TBD, so I can't really comment on whether it'll satisfy all concerns, and I don't want to speculate about all the things that could in theory go wrong." It seems Joyent is serious about finding the right governance structure for the foundation, and the move increases the chances of a reconciliation between the io.js and Node.js camps, said Belder.

The foundation's board of directors will tackle tasks like legal and organizational issues, marketing, financial development, and mentoring. Technical decisions on the platform will be made by the technical committee, whose members earn participation based on technical skills and involvement with the project. The exact number of seats on each panel is to be determined.

The foundation will have multiple levels of membership, including Platinum, which includes a seat on the board of directors and costs $250,000 per year; Gold, which costs $50,000 to $100,000 per year, with one of every three Gold-level members getting a seat on the board; and Silver, costing $5,000 to $25,000 annually. One out of every 10 members at the Silver level get a board seat, and a technical committee member will serve on the board. There is also an associate level of membership for individuals and other organizations. Hammond said he expects board member elections, with terms staggered to end at different times. Joyent, with the involvement of people including Belder, last week oversaw the long-awaited 0.12 release of Node.js.

This story, "Node.js gets a new master" was originally published by InfoWorld.

JavaScript, Java lead the way in RedMonk language rankings

JavaScript is king when it comes to measuring language usage via GitHub and Stack Overflow.

The RedMonk Programming Language Rankings for this month have JavaScript, Java, and PHP topping the list. Published Wednesday, the rankings are based on an analysis that factors in the number of lines of code pertinent to a particular language in GitHub, as well as tags applicable to a language in Stack Overflow.

"By the narrowest of margins, JavaScript edged Java for the top spot in the rankings, but as always, the difference between the two is so marginal as to be insignificant," said Stephen O'Grady, RedMonk principal analyst and author of the report. "The most important takeaway is that the language frequently written off for dead and the language sometimes touted as the future have shown sustained growth and traction and remain, according to this measure, the most popular offerings."

Rounding out RedMonk's top 10 were Python, C#, C++, Ruby, CSS, C, and Objective-C. In spots 11 to 20 were Perl and Shell (tied for 11th), R, Scala, Haskell, Matlab, Go and Visual Basic (tied for 17th), Clojure and Groovy (tied for 19th).

O'Grady sees trends worth nothing involving several languages, including Go, R, and Swift. "In our last rankings, it was predicted based on its trajectory that Go would become a top 20 language within six to 12 months," he said. "Six months following that, Go can consider that mission accomplished. In this iteration of the rankings, Go leapfrogs Visual Basic, Clojure and Groovy -- and displaces CoffeeScript entirely -- to take number 17 on the list."

R held steady in the 13th spot after four consecutive gains. "Even if R's [growth] does stall at 13, however, it will remain the most popular statistical language by this measure," said O'Grady, "and this in spite of substantial competition from general purpose alternatives like Python."

O'Grady sees Swift, Apple's new language introduced last year, as a "curious" case, jumping from 68th in the last rankings to 22nd now. "From its position far down on the board, Swift now finds itself one spot behind CoffeeScript and just ahead of Lua," he said. "Given this dramatic ascension, it seems reasonable to expect that the Q3 rankings this year will see Swift as a Top 20 language."

CoffeeScript, meanwhile, dropped out of the top 20 languages for the first time in two years. "The 'little language that compiles into JavaScript' positioned itself as a compromise between JavaScript's ubiquity and syntactical eccentricities, but support for it appears to be slowly eroding," noted O'Grady. "How it performs in the third-quarter rankings should provide more insight into whether this is a temporary dip or more permanent decline."

The RedMonk rankings are yet another barometer of programming language popularity. Published twice a year, the rankings differ slightly from the Pypl Popularity Programming Language index, which has Java in its top spot, PHP second, and JavaScript seventh. PyPL looks at searches on language tutorials in Google to compile its report. Another index, Tiobe, looks at language searches on a variety of sites; it has C in its top spot, followed by Java. PHP is sixth and JavaScript seventh. But JavaScript was named Tiobe's language of the year for 2014 showing the biggest gain.

This story, "JavaScript, Java lead the way in RedMonk language rankings" was originally published by InfoWorld.

Comparing JVM libraries for MongoDB

In addition to MongoDB's built in Java driver, Jongo, Morphia and Spring Data are all popular third-party solutions that make it easier to view and manipulate data in MongoDB. InsaneProgramming blogger Lieven Doclo offers a to-the-point MongoDB Java comparison using a REST-based service as a use case. From his notes:

MongoDB Java driver
The most low-level approach for accessing a MongoDB database from the JVM. The least user friendly but possibly the most versatile of the solutions; "there’s nothing you can’t do with the Java driver."

Jongo
Handy for getting started with MongoDB if you are familiar with the shell commands and want to avoid manual mapping. Downsides: you need to know the exact syntax of the MongoDB shell API and there is no code completion queries or commands.

Morphia
Fared worst due to its lack of support for the geoNear query and minimal built-in support for geo objects.

Visit Doclo's InsaneProgramming blog to find out why Spring Data was the top choice MongoDB driver reviewed. Also see today's news, "MongoDB gets its first native analytics tool."

This story, "Comparing JVM libraries for MongoDB" was originally published by Java Everywhere.

Android Lollipop for Visual Studio

The preview of Visual Studio 2015 has been updated to include an emulator for Android Lollipop, also known as Android 5.0. Along with the new SDK, Visual Studio also gained “OpenGL ES support, multi-touch input, and advanced camera simulation”.

The Android Emulator is based on Microsoft’s Hyper-V virtual machine platform for the x86 architecture. Hyper-V is also used for emulating Windows Phone devices. When launching the emulator you’ll need to choose between KitKat (Android 4.4) and Lollipop (Android 5.0). Both phone and tablet modes are supported.

In terms of development platforms, VS 2015 will support developing and debugging Android applications written in C++, JavaScript/TypeScript with Cordova, and C# with Xamarin.

OpenGL ES is supported through version 2.0. In order to ensure high performance, the Android emulator forwards OpenGL ES calls to the host machines GPU via DirectX. It should be noted that while the emulator stops at ES 2.0, Android 5 itself goes all the way up to ES3.1.

In terms of touch input, John Kemnetz writes,

When running the emulator, you can now select between “Single Point Input” and “Multi-touch Input.” Selecting “Multi-touch Input” will overlay three dots. The large outer two dots act as two touch points for pinching and zooming and the inner dot controls the origin for the touch points. If you’re using the emulator on a touchscreen you can also use your fingers to directly interact with the emulator screen.

The Android emulator is available in Visual Studio 2015 CTP 6.

Courtesy: INFOQ