itwbennett writes "Whoever said 'everyone has to start somewhere' has clearly never tried contributing to an open source project — the Linux Kernel development team in particular is known for its savagery. But if you're determined to donate your time and talents, there are some things you can do to get off on the right foot. Of course you should pick something you're interested in and that you use. Check, and double check. You should also research the project, learn about the process for contributing, and do your utmost to avoid asking questions that you can find the answers to. But beyond that there are some hallmarks of beginner-friendly open source projects like Drupal, Python, and LibreOffice — namely, a friendly and active community, training and mentorship programs, and a low barrier to entry."
Slashdot is powered by your submissions, so send in your scoop
hypnosec writes "IBM is taking its COBOL server platform to the next level by updating the mainframe platform in a bid to extend and enable its mainframes to host cloud based applications and services. The latest update is looking to add XMLS Server as well as Java 7 capabilities to the System/z COBOL platform and this update would extend the overall lifespan of COBOL by taking it up a notch and gearing it towards the cloud computing arena."
First time accepted submitter russotto points out the claim of industry group TechAmerican Foundation (reported by Computerworld) that "wages for the software industry are falling, not rising. Wages fell 2% to $99,000 in 2012." Averages are one thing; the article points out though that wages vary vastly within the industry, and that some jobs are harder to fill (thus, better paid) than others. An excerpt: "Victor Janulaitis, CEO of Janco Associates, a research firm that also analyzes IT wage and employment trends, cited a number of reason for the decline in wages for software professionals. First, technology is becoming easier to implement without having an IT professional, he said. Also, the option of turning to outsourcing creates less pressure to increase wages. As the recession continues, companies continue 'to look at productivity and will often look to hire individuals who are lower cost employees,' said Janulaitis. That could include displaced baby boomer workers who have been out of work for some time and 'will take a lower paying job just to get back into the workforce.'"
MojoKid writes "In an effort to coax developers to begin taking Atom seriously as an Android platform, Intel has just released a complete suite of tools that should help ease them into things — especially since it can be used for ARM development as well. It's called Beacon Mountain, named after the highest peak outside of Beacon, New York. As you'd expect, Beacon Mountain supports Jelly Bean (4.2) development, and with this suite, you're provided with a collection of important Intel tools: Hardware Accelerated Execution Manager, Integrated Performance Primitives, Graphics and System Performance Analyzers, Threaded Building Blocks and Software Manager. In addition, Android SDK and NDK, Eclipse and Cygwin third-party tools are included to complete the package."
Nerval's Lobster writes "The United States with its H-1B controversy isn't the only country going through that sort of immigration upheaval. As the cult of entrepreneurship spirals upward in Europe, the intricate vagaries of immigration policy on the continent are being newly scrutinized by our company-building classes. Freshly venture-backed European Internet companies want talent, and they are going to remarkable lengths to get it — but not always legally. Milo Yiannopoulos talked to whole bunch of entrepreneurs and investors in Europe about the fudges, shortcuts, workarounds and, in some cases, 'strategic decision-making' are — just about — getting their companies the talent they need. For example, one well-known Parisian venture capitalist told Milo that he knows of 'at least nine' startups in France employing developers illegally, keeping them off the books not only to avoid France's notoriously onerous labor laws but also because it would have been impossible, or simply too expensive, to import them officially."
An anonymous reader writes "A report released this morning looks at the maintainability level of the Firefox codebase through five measures of architectural complexity. It finds that 11% of files in Firefox are highly interconnected, a value that went up significantly following version 3.0 and that making a change to a randomly selected file can, on average, directly impact eight files and indirectly impact over 1,400 files. All the data is made available and the report comes with an interactive Web-based exploratory tool." The complexity exploration tool is pretty neat.
Georgia Tech and Udacity — the online courseware project led by Sebastian Thrun — have announced a plan to offer an accredited M.S. Computer Science program online. The two organizations are also working with AT&T. This is the first time a major university has made an actual degree available solely through the MOOC format. Getting a degree in this manner is going to be much cheaper than a traditional degree: "... students also will pay a fraction of the cost of traditional on-campus master’s programs; total tuition for the program is initially expected to be below $7,000." U.S. Secretary of Education Arne Duncan said, "Massive open online courses (MOOCs) have quickly become one of the most significant catalysts of innovation in higher education. As parents know all too well, America urgently needs new ideas about how to make higher education accessible and affordable. This new collaboration between Georgia Tech, AT&T and Udacity, and the application of the MOOC concept to advanced-degree programs, will further the national debate — pushing from conversations about technology to new models of instruction and new linkages between higher education and employers." Georgia Tech is looking at the big picture: "At present, around 160,000 master’s degrees are bestowed in the United States every year in computer science and related subject disciplines; the worldwide market is almost certainly much larger, perhaps even an order of magnitude larger."
twofishy writes "'To avoid the confusion caused by renumbering releases,' Oracle has announced that it is adopting a new numbering scheme for JDK 5.0, JDK 6 and JDK 7. 'The next Limited Update for JDK 7 will be numbered 7u40, and the next 3 CPUs after that will be numbered 7u45, 7u51, and 7u55." The vendor notes that a more elegant solution would require the changing of the version numbering scheme to accommodate different kinds of changes (for example by using 7u44-2 ). However this cannot be implemented outside of a major release, since doing so might break existing code that parses version strings (possibly including the Java auto-update system)" Here's Oracle's announcement.
Trailrunner7 writes "It's no secret that Java has moved to the top of the target list for many attackers. It has all the ingredients they love: ubiquity, cross-platform support and, best of all, lots of vulnerabilities. Malware targeting Java flaws has become a major problem, and new statistics show that this epidemic is following much the same pattern as malware exploiting Microsoft vulnerabilities has for years. Research from Microsoft shows that there has been a huge spike in malware targeting Java vulnerabilities since the third quarter of 2011, and much of the activity has centered on patched vulnerabilities in Java. Part of the reason for this phenomenon may be that attackers like vulnerabilities that are in multiple versions of Java, rather than just one specific version."
theodp writes "In a widely-read WSJ Op-Ed, English major Kirk McDonald, president of online ad optimization service PubMatic, informed college grads that he considers them unemployable unless they can claim familiarity with at least two programming languages. 'Teach yourself just enough of the grammar and the logic of computer languages to be able to see the big picture,' McDonald advises. 'Get acquainted with APIs. Dabble in a bit of Python. For most employers, that would be more than enough.' Over at Typical Programmer, Greg Jorgensen is not impressed. 'I have some complaints about this "everyone must code" movement,' Jorgensen writes, 'and Mr. McDonald's article gives me a starting point because he touched on so many of them.'"
MojoKid writes "Is the world really ready to shift from native apps to HTML5 Web apps? Probably not, at least not in North America yet, but developing nations may see it differently. That's the hope with Firefox OS, a web-based operating system that's (in theory) a lot more open. Of course, one needs only look at Microsoft's battle to get Windows Phone into a place of competition to realize that gaining market share is no easy task, which is why Mozilla will soon be handing out Firefox OS developer phones in order to bolster that. The company's goal is to get app builders to build for Firefox OS, so Mozilla is sending out free Preview handsets for folks to tinker with."
skaffen42 writes "The recent Ask Slashdot about becoming a programmer later in life got me thinking about a related question. How do you deal with programmers who have not stayed current with new technologies? In the hiring process, this is easy; you simply don't hire them. However, at most companies where I've worked, there are usually a few programmers who have been employed long enough that the skill-set they were originally hired for has become irrelevant. At the same time, they have not bothered to stay current with newer technologies. They usually have enough business knowledge that they provide some value to the company, but from a technical perspective they are a slowly-increasing liability. As an example: I work with a developer who is 10 years my senior, but still doesn't understand how to write concurrent code and cannot be trusted to use a revision control system without causing a mess that somebody else will have to clean up. On top of that, he is really resistant to the idea of code reviews; I suspect he dislikes people he considers junior to him making suggestions about how to improve his code. So, how do my fellow Slashdotters handle situations like this? How do you help somebody like this to improve their skill-sets? And, most importantly, how do you do so without stepping on anybody's feelings?"
An anonymous reader writes "Jenny Lamere, a graduating high school senior from Nashua NH, was the youngest of 80 participants (and one of only four women) in the Hill Holiday TVnext hackathon held in Boston this past April, a programming contest sponsored by TV API providers. Her submission of 'Twivo,' an app that allows TV viewers to block spoiler tweets while watching a show and recover them later, won the contest's 'Sync to Broadcast' category (one of five), and was also named the event's 'Best in Show' (overall winner). At least one tech company has expressed interest in her app (a short demo and interview with the judges starts at 3:30 in the embedded YouTube clip). Lamere plans to enter the Rochester Institute of Technology in the fall, and will pursue a career in software development."
New submitter mha writes "In a response that truly seems to be from a core Microsoft developer, we are told about why Windows kernel development continues to fall further and further behind that of the Linux kernel. He says, 'The cause of the problem is social. There's almost none of the improvement for its own sake, for the sake of glory, that you see in the Linux world. ... There's no formal or informal program of systemic performance improvement. We started caring about security because pre-SP3 Windows XP was an existential threat to the business. Our low performance is not an existential threat to the business. See, component owners are generally openly hostile to outside patches: if you're a dev, accepting an outside patch makes your lead angry (due to the need to maintain this patch and to justify in in shiproom the unplanned design change), makes test angry (because test is on the hook for making sure the change doesn't break anything, and you just made work for them), and PM is angry (due to the schedule implications of code churn). There's just no incentive to accept changes from outside your own team. You can always find a reason to say "no," and you have very little incentive to say "yes."'"
An anonymous reader sends this news from the Associated Press: "A worldwide gang of criminals stole a total of $45 million in a matter of hours by hacking their way into a database of prepaid debit cards and then draining cash machines around the globe, federal prosecutors said Thursday. ... Here’s how it worked: Hackers got into bank databases, eliminated withdrawal limits on prepaid-debit cards and created access codes. Others loaded that data onto any plastic card with a magnetic stripe — an old hotel key card or an expired credit card worked fine as long as it carried the account data and correct access codes."
Noiser writes "The Israeli pop singer Aya Korem published her new song "Computer Engineer" as a website that shows translation to the Perl programming language along with the lyrics. Perl is quite a good match, given that the Perl community has a long tradition of publishing "Perl poetry", and this song proves that this tradition is very much alive. No Flash is required to view the website, so if you are an HTML5 geek, have no worries."
An anonymous reader writes "The folks at Conformal have announced btcd, an alternative full-node implementation to bitcoind, written in Go! They have released the first of their core packages, btcwire, available for download at GitHub. As a bitcoin user myself, I love the idea of a full alternative. It will only make bitcoin stronger and more independent. This will be great for the Go community, too!"
An anonymous reader writes "We're seeing a new revolution in artificial intelligence known as deep learning: algorithms modeled after the brain have made amazing strides and have been consistently winning both industrial and academic data competitions with minimal effort. 'Basically, it involves building neural networks — networks that mimic the behavior of the human brain. Much like the brain, these multi-layered computer networks can gather information and react to it. They can build up an understanding of what objects look or sound like. In an effort to recreate human vision, for example, you might build a basic layer of artificial neurons that can detect simple things like the edges of a particular shape. The next layer could then piece together these edges to identify the larger shape, and then the shapes could be strung together to understand an object. The key here is that the software does all this on its own — a big advantage over older AI models, which required engineers to massage the visual or auditory data so that it could be digested by the machine-learning algorithm.' Are we ready to blur the line between hardware and wetware?"
mlingojones writes "The CSS Zen Garden — an attempt to showcase the power of CSS, from ye olden days when most sites used tables for layout, when CSS2 was bleeding edge, when IE5 was the most popular web browser — turns 10 today. In celebration, the maintainer Dave Shea is reopening the project for submissions, with a focus on CSS3 and responsive design."
Nerval's Lobster writes "Tech firms are engaging in several non-traditional hiring methods, from programming contests to finding the right people via algorithm. One of the more popular methods: set up a coding challenge or programming contest to bring out interested parties, with the top prize being a trip to the sponsoring company's headquarters to interview for a job. Look at what Facebook is doing in this area, sponsoring several Kaggle.com programming contests to find the best programmers; it also makes use of the site InterviewStreet to screen potential applicants. In theory, any company can build and run a contest online. But is it really the best way to go about hiring a programmer (or any other tech-minded employee, for that matter)?"
An anonymous reader writes "A new report details the analysis of more than 450 million lines of software through the Coverity Scan service, which began as the largest public-private sector research project focused on open source software integrity, and was initiated between Coverity and the U.S. Department of Homeland Security in 2006. Code quality for open source software continues to mirror that of proprietary software — and both continue to surpass the industry standard for software quality. Defect density (defects per 1,000 lines of software code) is a commonly used measurement for software quality. The analysis found an average defect density of .69 for open source software projects, and an average defect density of .68 for proprietary code."
itwbennett writes "They'll still be all-night coding sessions, but starting with this week's 'Project Mayhem' event, there are a few notable changes. First, they're longer — starting at 11 a.m. Thursday and continuing until 2 p.m. Friday. And coding through the night is optional. 'It's like, "let's take this day off to do this, and then if I need to get more done, we can hang out and finish at night,"' said Facebook engineering manager Pedram Keyani, who organizes the hackathons."
sfcrazy writes "In this exclusive interview MySQL founder Michael Widenius talks about the reasons of decline of MySQL, what Oracle is doing wrong and how MariaDB is fast replacing it. There are quite some interesting information in this interview. The take out of this interview is — '...there is no reason at all to use MySQL 5.5 instead of MariaDB 5.5. The same will be true for the next generation.'" Of course, he has an economic interest in getting people to use MariaDB. Hard to argue that Oracle isn't evil though.
An anonymous reader writes "I just learned that the company I work for annually budgets ~$17,000 for non-labor engineering expenses, but budgets ~$250,000 for non-labor marketing and sales expenses. Am I just being cynical when I say that my company spends almost 15 times as much trying to convince the outside world that we make a good product, than it spends on actually making a good product? What's the marketing-to-engineering ratio at your company?"
An anonymous reader writes "I'm working on a new product with one of the more senior guys at our company. To be blunt: his work is sloppy. It works and gets the job done, but it's far from elegant and there are numerous little (some might say trivial) mistakes everywhere. Diagrams that should be spread over five or six pages are crammed onto one, naming is totally inconsistent, arrows point the wrong way (without affecting functionality) and so forth. Much of this is because he is so busy and just wants to get everything out the door. What is the best way to handle this? I spent a lot of time refactoring some of it, but as soon as he makes any changes it needs doing again, and I have my own work to be getting on with. I submit bug reports and feature requests, but they are ignored. I don't want to create bad feelings, as I have to work with him. Am I obsessing over small stuff, or is this kind of internal quality worth worrying about?"
An anonymous reader writes "Simon St. Laurent writes in praise of CSS selectors: 'After years of complaints about Cascading Style Sheets, many stemming from their deliberately declarative nature, it's time to recognize their power. For developers coming from imperative programming styles, it might seem hard to lose the ability to specify more complex logical flow. That loss, though, is discipline leading toward the ability to create vastly more flexible systems, a first step toward the pattern matching model common to functional programming.'"
Nerval's Lobster writes "BlackBerry 10 is completely different from previous BlackBerry operating systems — with good reason. Its core assets come from a company named QNX, which Research In Motion acquired in 2010. Blackberry 10 features include 'live tiles' that dynamically refresh with new information, as well as a revamped keyboard and security upgrades. But what really makes or breaks a phone is the quality (and quantity) of its third-party apps. Jeff Cogswell pokes through the BlackBerry 10 programming API in a quest to see what app developers can do with the platform, and how it compares on that front to Apple iOS and Google Android. His conclusion? Although some of the underlying components are showing their age, BlackBerry has 'spent a lot of time building up a foundation for a good development community.' He also goes over BlackBerry 10's viability for porting apps and building games. But will developers actually work with a platform with such low market-share?"
jfruh writes "One of the hooks Microsoft has used to get developers to build apps for Windows 8 and Windows Phone 8 has been pubCenter, an ad network that's easy to add to apps and provides revenue back to publishers. But many developers found that on April 1 that revenue abruptly dropped by an order of magnitude, with most potential ad impressions going unsold; one developer reported only 160,000 ads served to 60 million requests, a fill rate of less than 0.3%. Since many of the ads before April 1 had been for Bing, this may be a sign that Microsoft is no longer willing to subsidize its developers — and that advertisers aren't that interested in buying ads in Windows 8 apps."
An anonymous reader writes "There's a persistent bias against older programmers in the software development industry, but do the claims against older developers' hold up? A new paper looks at reputation on StackOverflow, and finds that reputation grows as developers get older. Older developers know about a wider variety of technologies. All ages seem to be equally knowledgeable about most recent programming technologies. Two exceptions: older developers have the edge when it comes to iOS and Windows Phone."
The idea of the Hackathon was to develop either Web or mobile applications that would dovetail with county services and be useful for county workers, county residents or both. The winners got cash prizes, but many people on the nine competing teams weren't aware of them until the closing awards ceremony when the three winners were announced. But then, this is a helpful part of the country where, if an old person falls down on the sidewalk, strangers will rush to her side, whip out cell phones in case a 911 call is needed, and help her to her feet. A hackathon to benefit your neighbors is nothing but an extension of that spirit. One note: Several county employees said this was the first-ever government-organized hackathon around here, but there was a Tampa Mayor's Hackathon last June, and Tampa is the biggest city in Hillsborough County. But this is all good, and Hillsborough hopes to hold a bigger (and hopefully better-publicized) hackathon next year. Meanwhile, there are more home-grown tech events around here every year. April 25 saw the 3rd annual Ignite Tampa event, which brought together people involved in "technology, arts, communications, education, non-profits, the government sector and more" to meet with "the community" -- and local venture capitalists. And the inaugural Sarasota-Bradenton BarCamp is scheduled for May 2 - 5. And so on. Lots of events, many of which combine technology and the arts, which is always a delightful mix -- and one we look forward to seeing even more of in coming years, not only in Florida but everywhere in the world.
AchilleTalon writes "As many of you may know, there are two main competitors on the Windows platform for embedded software development, namely IAR and Keil. By embedded development, I mean development for microprocessors like the well known 8051 and the likes, not mobile platforms which include a complete OS in first place. I am seeking for alternatives to IAR and Keil in the OSS world. Even if I can find pieces of code here and there, I haven't found yet a fully integrated development platform. Does it exist? What do you use?"
jrepin writes "KDE's integrated development environment KDevelop has just reached version 4.5. 'In this new version you will find brand new integration for Unit Tests, so that you can easily run and debug them while working on your projects. Furthermore, you'll find an iteration of our New Class wizard, many changes regarding polishing the UI in different places, better support for C++11 features and some other things you'll find along the way.'"
mikejuk writes "The founders of the original MySQL, the open-source database, are getting back together in a merger between Monty Program and SkySQL. SkySQL was created by around two dozen former MySQL executives and investors after Oracle bought MySQL from Sun. Widenius started Monty Program AB and created the MariaDB database from some of MySQL's open source code. The merger will provide a stronger rival to MySQL, so reassuring users who are worried about Oracle's future plans for the database."
Dan Milstein from Hut 8 Labs has written a lengthy post about why software developers often struggle to estimate the time required to implement their projects. Drawing on lessons from a book called Thinking Fast and Slow by Dan Kahneman, he explains how overconfidence frequently leads to underestimations of a project's complexity. Unfortunately, the nature of overconfidence makes it tough to compensate. Quoting: "Specifically, in many, many situations, the following three things hold true: 1- 'Expert' predictions about some future event are so completely unreliable as to be basically meaningless 2- Nonetheless, the experts in question are extremely confident about the accuracy of their predictions. 3- And, best of all: absolutely nothing seems to be able to diminish the confidence that experts feel. The last one is truly remarkable: even if experts try to honestly face evidence of their own past failures, even if they deeply understand this flaw in human cognition they will still feel a deep sense of confidence in the accuracy of their predictions. As Kahneman explains it, after telling an amazing story about his own failing on this front: 'The confidence you will experience in your future judgments will not be diminished by what you just read, even if you believe every word.'"
waderoush writes "Plenty of technology companies serve free breakfast, lunch, and dinner to their employees, but Dropcam CEO Greg Duffy says that's a form of mind control designed to get people to to work late. To keep employees happy, Duffy says, it's better to make them go home to their families for dinner. Some other suggestions from the San Francisco video monitoring startup: don't fill your engineering department with young, single, childless males (aka brogrammers). Keep your business model simple by making actual stuff that you can sell for a profit. And don't hire assholes. Why pay attention to Duffy's advice? Because Dropcam has a 100 percent employee retention rate — no one who has joined the 4-year-old company has ever left."
Peetke writes "As we all know Oracle is not the biggest friend to the Open Source Community. Long standing OSS supporter Wikipedia has now moved from an optimized fork of MySQL 5.1 to MariaDB 5.5, for both its English and German sites. Wikipedia expects all other languages to follow within a month. Performance-wise, this move has no big implications, but it will ensure our biggest community database will live long and prosper."
First time accepted submitter IamIanB writes "Harvard Middle Eastern Studies student Todd Mostak's first tangle with big data didn't go well; trying to process and map 40 million geolocated tweets from the Arab Spring uprising took days. So while taking a database course across town at MIT, he developed a massively parallel database that uses GeForce Titan GPUs to do the data processing. The system sees 70x performance increases over CPU-based systems, and can out crunch a 1000 node MapReduce cluster, in some cases. All for around $5,000 worth of hardware. Mostak plans to release the system under an open source license; you can play with a data set of 125 million tweets hosted at Harvard's WorldMap and see the millisecond response time." I seem to recall a dedicated database query processor that worked by having a few hundred really small processors that was integrated with INGRES in the '80s.
hessian writes with a story at Wired (excerpt below) about a project from Drew Endy of the International Open Facility Advancing Biotechnology, or BIOFAB, to standardize a programming language connecting genetic information from DNA to the cell components that DNA can create. "The BIOFAB project is still in the early stages. Endy and the team are creating the most basic of building blocks — the 'grammar' for the language. Their latest achievement, recently reported in the journal Science, has been to create a way of controlling and amplifying the signals sent from the genome to the cell. Endy compares this process to an old fashioned telegraph. 'If you want to send a telegraph from San Francisco to Los Angeles, the signals would get degraded along the wire,' he says. "At some point, you have to have a relay system that would detect the signals before they completely went to noise and then amplify them back up to keep sending them along their way.""
An anonymous reader writes "For many of us our hosting providers are a way to hone our skills as well as run a business. Which provider out there gives the best bang for the buck for a FOSS developer? Virtually everybody provides Perl, PHP, Ruby, MySQL / MariaDB etc. but where can one get easy and cheap access to a stuff like NodeJS and Big Data? Companies such as Pair Networks are great but not quite on the mark with any of their service offerings for somebody looking to test out real world scenarios with these technologies from a hosted stance. Obviously hosting from home is always an option but that has the penalty of administration, backup, DR planning, bigger security footprint etc. and for those of us whose time is balanced between making money and friends / family time that's not very appealing."
First time accepted submitter jimshatt writes "I want my kids to play around with programming languages. To teach them basic concepts like loops and subroutines and the likes. My 8-year-old daughter in particular. I've tried Scratch and some other visual languages, but I think she might be turned off by the English language. Having to learn English as well as a programming language at the same time might be just a little too much. I'd really like to have a programming language that is easy to learn, and localized or localizable. Preferably cross-platform, or browser-based, so she can show her work at school (Windows) as well as work on in at home (Debian Linux). By the way, she speaks Dutch and Danish, so preferably one of those languages (but if it's localizable I can translate it myself). Any suggestions?"
darthcamaro writes "The JBoss Application Server is no more. Just like Red Hat killed Red Hat Linux in 2003 to make way for Fedora, the same is now happening with JBoss and the new WildFly project. 'There was of course the application server, there are a number of JBoss commercial products, there was the community site, etc., so when you asked someone "What is JBoss?" the answer was varied,' Jason Andersen, director, product line management, at Red Hat, explained. 'What we wanted to do was cement the idea that JBoss is a portfolio of middleware products and not just the application server.'"
mikejuk writes "Java Development Kit 8, planned for September 2013, is being delayed until next year because of 'a renewed focus on security.' Java has been having security publicity problems recently, but Oracle now seems to be taking them more seriously. Mark Reinhold, chief architect of the Java platform group, said, 'Maintaining the security of the Java Platform always takes priority over developing new features, and so these efforts have inevitably taken engineers away from working on Java 8.' The major change still to be made to Java 8 is Project Lambda, which Reinhold says is 'the sole driving feature of the release.' He laid out alternatives, such as dropping Lambda from this release, but said Oracle has decided instead to wait until Lambda is ready. The revised schedule for JDK 8 has a developer preview scheduled for September, a release candidate scheduled for January 2014, and general availablity scheduled for March 2014. The delay means that Java SE 9 will probably be released in early 2016, rather than late 2015."
wiredmikey writes "Oracle released its quarterly Critical Patch Update (CPU) for April, which addressed a whopping 128 security issues across multiple product families. As part of its update, Oracle released a Java SE Critical Patch Update to plug 42 security holes in Java, 19 with base CVE score of 10 (the highest you can go) and 39 related to the Java Web Start plugin which can be remotely exploited without authentication. According to security analyst Wade Williamson, organizations need to realize that Java will continue to pose a significant risk. 'The first step is for an organization to understand precisely where and why Java is needed,' Williamson wrote. 'Based on the rate of newly discovered vulnerabilities, security teams should assume that Java is and will continue to be vulnerable.' Organizations should to take a long, hard look at Java and answer for themselves if it's worth it, Williamson added. Due to the threat posed by a successful attack, Oracle is strongly recommending that organizations apply the security fixes as soon as possible."
PCM2 writes "Kids these days just don't care about open source. That's the conclusion of the Software Freedom Law Center's Aaron Williamson, who analyzed some 1.7 million projects on GitHub and found that only about 15% of them had a clearly identifiable license in their top-level directories. And of the projects that did have licenses, the vast majority preferred permissive licenses such as the MIT, BSD, or Apache licenses, rather than the GPL. Has the younger generation given up on ideas like copyleft and Free Software? And if so, what can be done about it?" Not having an identifiable license is one thing, but it seems quite a stretch to say that choosing a permissive open source license is "not caring"; horses for courses.
An anonymous reader writes "Contrary to widespread thought, Google Glass will not be an advertising platform: 'Google Inc has lately told app developers that they are not allowed to present ads to Google Glass users and they are also not permitted to sell users' personal and private information for the fulfillment of advertising needs. The internet company has explicitly and openly said that the Glass platform should and must be clean and clear of any ads whatsoever, because the technology is designed to facilitate internet browsing and other related activities, therefore, the featured podium cannot be used to advertise products as it will cause the user experience to diminish.' Seems like Google is going for hardware-only revenue on this one." You're not supposed to resell the Glass hardware, either.
dcblogs writes "The U.S. Senate comprehensive immigration bill, due Tuesday, will allow the H-1B cap to rise from 65,000 to as high as 180,000. The bill, overall, contains some interesting provisions. It will require the U.S. Labor Dept. to create a website of H-1B job openings that employers must post to. The jobs must be posted least 30 calendar days before hiring an H-1B applicant to fill that position. The bill also raises wages for H-1B workers to make them more competitive, although the amount wasn't specified. One provision that will affect India, in particular, limits H-1B visa use to 50% of a firm's U.S. workforce. The provision may prompt India firms to buy U.S. companies to expand their U.S. presence."
Nerval's Lobster writes "Ready to 'Analyze terabytes of data with just a click of a button?' That's the claim Google makes with its BigQuery platform. But is BigQuery really an analytics superstar? It was unveiled in Beta back in 2010, but recently gained some improvements such as the ability to do large joins. In the following piece, Jeff Cogswell compares BigQuery to some other analytics and OLAP tools, and hopefully that'll give some additional context to anyone who's thinking of using BigQuery or a similar platform for data. His conclusion? In the end, BigQuery is just another database. It can handle massive amounts of data, but so can Hadoop. It's not free, but neither is Hadoop once you factor in the cost of the hardware, support, and the paychecks of the people running it. The public version of BigQuery probably isn't even used by Google, which likely has something bigger and better that we'll see in five years or so."