Forgot your password?
typodupeerror
Programming

Ask Slashdot: How To Convince a Team To Write Good Code? 366

Posted by Soulskill
from the cattleprods-are-your-best-bet dept.
An anonymous reader writes "I am part of engineering team that maintains a very important component in our company. Our code quality and general engineering quality focus has been very weak: we have frequent buggy releases, our latencies are shooting up, our test coverage is nearly non-existent, and it is impossible for a newcomer in our team to get up to speed and be productive in less than a month due to unnecessary complexity. A group of 2-3 of us want to change that, and we know what needs to change technically — the better code review and release processes, better build tools, etc. But despite that, the quality of our code and design continues to suffer, and poor code continues to get released in the name of keeping the scheduled release date (product guys don't like to wait). We feel that if the right thing is done every time, we would can eliminate our issues and still release at the same pace. How do we effect the social change necessary to convince them of what is better and encourage them to take the effort to do it?"
Bug

You've Got 25 Years Until UNIX Time Overflows 492

Posted by timothy
from the start-packing dept.
CowboyRobot writes "In 25 years, an odd thing will happen to some of the no doubt very large number of computing devices in our world: an old, well-known and well-understood bug will cause their calculation of time to fail. The problem springs from the use of a 32-bit signed integer to store a time value, as a number of seconds since 00:00:00 UTC on Thursday, 1 January 1970, a practice begun in early UNIX systems with the standard C library data structure time_t. On January 19, 2038, at 03:14:08 UTC that integer will overflow. It's not difficult to come up with cases where the problem could be real today. Imagine a mortgage amortization program projecting payments out into the future for a 30-year mortgage. Or imagine those phony programs politicians use to project government expenditures, or demographic software, and so on. It's too early for panic, but those of us in the early parts of their careers will be the ones who have to deal with the problem."
Databases

Fedora 19 Nixing MySQL in Favor of MariaDB 116

Posted by Unknown Lamer
from the take-that-mr-ellison dept.
An anonymous reader writes "Red Hat developers are planning to replace MySQL with MariaDB in Fedora 19. For the next Fedora update, the MariaDB fork would replace MySQL and the official MySQL package would be discontinued after some time. The reasoning for this move is the uncertainty about Oracle's support of MySQL as an open-source project and moves to make the database more closed." Update: 01/22 13:47 GMT by T : Note: "Nixing" may be a bit strong; this move has been proposed, but is not yet officially decided.
Programming

JavaScript Comes To Minecraft 149

Posted by samzenpus
from the try-it-out dept.
mikejuk writes "JavaScript is the language of the client and it is becoming the language of the server. Now it seems set to be the language of Minecraft. ScriptCraft is a Minecraft mod that can be added to the game to allow the player to use JavaScript commands. Walter Higgins ported the Rhino JVM implementation of JavaScript in a few spare weeks over Xmas. Some additional JavaScript classes allow the construction of blocks making it possible to automate construction. It also provides a 'turtle like' drone class that makes it easier to move in 3D. It makes use of a fluent API to create a domain specific language for movement. As its creator says: 'Ultimately I think the ScriptCraft mod could be used to take building in Minecraft to a whole new level. With a full-blown language at the Player's disposal, it should be possible to create not just castles and forts but entire road networks and cities.' Most importantly of all, it not only pushes the boundary of Minecraft, it also provides a way to get kids who are already hooked on Minecraft to start learning JavaScript."
Programming

Corporate Hackathons: the Fine Line Between Engaging and Exploiting 64

Posted by Soulskill
from the now-announcing-a-hackathon-to-make-me-a-sammich dept.
New submitter dasacc22 writes "Campbell is inviting developers to hack the kitchen with their recipe API. But wait — the API is private, so first you need to submit an idea. If they like the idea, you'll be given access to develop the app. If they like the app, they may give you some money. Otherwise, you can expect to have an app that connects to an API you no longer have access to. The author of this article covers his recent experiences after engaging with Campbell's Adam Kmiec to try and answer the following: '... my question to software developers out there who are thinking of devoting any real effort to a corporate hackathon like this is: "Why?"'"
Java

Latest Java Update Broken; Two New Sandbox Bypass Flaws Found 223

Posted by Soulskill
from the it-just-goes-on-and-on-my-friends dept.
msm1267 writes "Oracle's long security nightmare with Java just gets worse. A post to Full Disclosure this morning from a security researcher indicated that two new sandbox bypass vulnerabilities have been discovered and reported to Oracle, along with working exploit code. Oracle released Java 7u11 last Sunday and said it fixed a pair of vulnerabilities being exploited by all the major exploit kits. Turns out one of those two bugs wasn't completely patched. Today's bugs are apparently not related to the previous security issues."
Government

German Parliamentary Committee Pushes for Open Source Friendly Policy 44

Posted by timothy
from the wouldn't-it-be-nice? dept.
Qedward writes with this except from Computerworld UK: "Germany should change a law to enable public administrations to make their software available as free and open source, a German parliamentary committee has advised. German public administrations currently are not allowed to give away goods, including software, said Jimmy Schulz, a member of Parliament and chairman of the Interoperability, Standards and Free Software Project Group. The current law prohibits governments from being part of the development process in the free software community, he said. 'This is a clear disadvantage because it cuts off all benefits obtained from free software, such as being cost-efficient and state-of-the-art,' he said. Besides a recommendation that the government should explore whether the law can be changed for software, the group also called for the use of open standards in order to make sure that everybody can have access to important information, Schulz said. 'We also called for public administrations in general to make sure that new software is created as platform independent as possible,' he added. While the project group is not in favour of giving priority to one type of software over another, it said in its recommendation to the Parliament earlier this week that free and open source software could be a viable alternative to proprietary software." I think a fair rule is that, barring extraordinary and demonstrated need, all tax dollars for software should go only for the development of software for which source is available gratis to all taxpayers, and that secret-source software makers are free to change to fit this requirement any time they'd like to have their software considered for a bid.
Programming

GitHub Registers Its 3 Millionth User 64

Posted by timothy
from the free-hamburger dept.
hypnosec writes "Online version control system GitHub, which is based on Git — the distributed version control system developed by Linus Torvalds — now has over three million registered users, it has been revealed. Announcing the achievement, the code sharing site used by the likes of jQuery, Perl, PHP, Ruby as well as Joomla said in a blog post that the 'three millionth person signed up for a GitHub account' on Monday night."
Java

Java Vs. C#: Which Performs Better In the 'Real World'? 437

Posted by timothy
from the oh-you-tease dept.
Nerval's Lobster writes "Software developer Jeff Cogswell writes: 'Let's compare Java and C#, two programming languages with large numbers of ardent fans and equally virulent detractors. I'm not interested in yet another test that grindingly calculates a million digits' worth of Pi. I want to know about real-world performance: How does each language measure up when asked to dish out millions of Web pages a day? How do they compare when having to grab data from a database to construct those pages dynamically? The results were quite interesting.' Having worked as a professional C# programmer for many years, Cogswell found some long-held assumptions challenged."
Java

Another Java Exploit For Sale 150

Posted by samzenpus
from the a-new-flavor dept.
tsamsoniw writes "Mere days after Oracle rolled out a fix for the latest Java zero-day vulnerabilities, an admin for an Underweb hacker forum put code for a purportedly new Java exploit up for sale for $5,000. Though unconfirmed, it's certainly plausible that the latest Java patch didn't do the job, based on an analysis by the OpenJDK community. Maybe it's high time for Oracle to fix Java to better protect both its enterprise customers and the millions of home users it picked up when it acquired Sun."
Security

Employee Outsourced Programming Job To China, Spent Days Websurfing 457

Posted by Soulskill
from the working-hard-or-hardly-working dept.
New submitter kju writes "The security blog of Verizon has the story of an investigation into unauthorized VPN access from China which led to unexpected findings. Investigators found invoices from a Chinese contractor who had actually done the work of the employee, who spent the day watching cat videos and visiting eBay and Facebook. The man had Fedexed his RSA token to the contractor and paid only about 1/5th of his income for the contracting service. Because he provided clean code on time, he was noted in his performance reviews to be the best programmer in the building. According to the article, the man had similar scams running with other companies."
Medicine

Course Asks University Students To Tackle Medical Device Insecurity 38

Posted by Soulskill
from the putting-your-pacemaker-through-its-paces dept.
chicksdaddy writes "The University of Michigan will be among the first to offer graduate students the opportunity to study the security of advanced medical devices. The course, EECS 598-008 'Medical Device Security' will teach graduate students in UMich's Electrical Engineering and Computer Science program 'the engineering concepts and skills for creating more trustworthy software-based medical devices ranging from pacemakers to radiation planning software to mobile medical apps.' The new course comes amid rapid change in the market for sophisticated medical devices like insulin pumps, respirators and monitoring stations, which increasingly run on versions of the same operating systems that power desktops and servers. In 2011, the U.S. Food and Drug Administration reported that software failures were the root cause of a quarter of all medical device recalls (PDF)."
Blackberry

RIM Attracts 15,000 Apps For BlackBerry 10 In 2 Days 193

Posted by timothy
from the pay-enough-you'll-get-all-you-want dept.
CWmike writes "It's starting to look like the BlackBerry store will be well stocked with apps when Research In Motion launches BlackBerry 10 (see YouTube preview) at the end of this month. The company held an event over the weekend where it offered app developers incentives to port their programs to the BlackBerry 10 platform and managed to attract 15,000 app submissions. 'Well there you have it. 37.5 hours in, we hit 15,000 apps for this portathon. Feel like I've run a marathon. Thanks to all the devs!' wrote Alec Saunders, vice president of developer relations at RIM, in a Twitter message. The 'port-a-thon' event was held in two parts: One aimed at Android developers and the other at apps written in other platforms, including Appcelerator, Maramalade, Sencha, jQuery, PhoneGap and Qt. RIM was offering $100 for each app ported and subsequently approved for sale in the BlackBerry 10 app store, up to certain limits. Developers could also win BlackBerry 10 development handsets and a trip to RIM's BlackBerry Jam Europe developer event." It's hard to believe that many current iOS or Android users are leaping toward Blackberry, though. If you're in one of those camps, is that so crazy?
Programming

Doom 3 Source Code: Beautiful 399

Posted by timothy
from the but-deadly dept.
jones_supa writes "Shawn McGrath, the creator of the PS3 psychedelic puzzle-racing game Dyad, takes another look at Doom 3 source code. Instead of the technical reviews of Fabien Sanglard, Shawn zooms in with emphasis purely on coding style. He gives his insights in lexical analysis, const and rigid parameters, amount of comments, spacing, templates and method names. There is also some thoughts about coming to C++ with C background and without it. Even John Carmack himself popped in to give a comment."
Bug

Security Expert Says Java Vulnerability Could Take Years To Fix, Despite Patch 320

Posted by samzenpus
from the long-road-coming dept.
An anonymous reader writes "After the Department of Homeland Security's US-CERT warned users to disable Java to stop hackers from taking control of users' machines, Oracle issued an emergency patch on Sunday. However, HD Moore, chief security officer of Rapid7, said it could take two years for Oracle to fix all the security flaws in the version of Java used to surf the web; that timeframe doesn't count any additional Java exploits discovered in the future. 'The safest thing to do at this point is just assume that Java is always going to be vulnerable,' Moore said."
Java

Oracle Ships Java 7 Update 11 With Vulnerability Fixes 243

Posted by samzenpus
from the try-it-now dept.
An anonymous reader writes "After announcing a fix was coming just yesterday, Oracle on Sunday released Java 7 Update 11 to address the recently disclosed security vulnerability. If you use Java, you can download the latest update now from the Java Control Panel or directly from Oracle's website here: Java SE 7u11. In the release notes for this update, Oracle notes this version "contains fixes for security vulnerabilities." A closer look at Oracle Security Alert for CVE-2013-0422 details that Update 11 fixes two vulnerabilities."
Games

Why You Shouldn't Design Games Through Analytics 134

Posted by Soulskill
from the because-you-are-bad-at-math dept.
An anonymous reader writes "Game designer Tadhg Kelly writes at TechCrunch about a trend many gamers have noticed over the past decade: designers increasingly relying on statistics — and only statistics — to inform their design decisions. You know the type; the ones who'll change the background color if they think it'll eke out a few more players, or the ones who'll scrap interesting game mechanics in favor of making the game more easily understandable to a broader market. Naturally, this leads to homogenization and boring games. Kelly says, 'Obsessed with measuring everything and therefore defining all of their problems in numerical terms, social game makers have come to believe that those numbers are all there is, and this is why they cannot permit themselves to invent. Like TV people, they are effectively in search of that one number that will explain fun to them. There must, they reason, be some combination of LTV and ARPU and DAU and so on that captures fun, like hunting for the Higgs boson. It must be out there somewhere. ... Unlike every other major game revolution (arcade, console, PC, casual, MMO, etc.), social game developers have proved consistently unable to understand that fun is dynamic in this way. ... They are hunting for the fun boson, but it does not exist.'"
Programming

Learn Basic Programming So You Aren't At the Mercy of Programmers 313

Posted by Soulskill
from the they-are-occasionally-benevolent-dictators dept.
An anonymous reader writes "Derek Sivers, creator of online indie music store CD Baby, has a post about why he thinks basic programming is a useful skill for everybody. He quotes a line from a musician he took guitar lessons from as a kid: "You need to learn to sing. Because if you don't, you're always going to be at the mercy of some a****** singer." Sivers recommends translating that to other areas of life. He says, 'The most common thing I hear from aspiring entrepreneurs is, "I have this idea for an app or site. But I'm not technical, so I need to find someone who can make it for me." I point them to my advice about how to hire a programmer, but as most of the good ones are already booked solid, it's a pretty helpless position to be in. If you heard someone say, "I have this idea for a song. But I'm not musical, so I need to find someone who will write, perform, and record it for me." — you'd probably advise them to just take some time to sit down with a guitar or piano and learn enough to turn their ideas into reality. And so comes my advice: Yes, learn some programming basics. Just some HTML, CSS, and JavaScript should be enough to start. ... You don't need to become an expert, just know the basics, so you're not helpless.'"
Open Source

Who Controls Vert.x: Red Hat, VMware, Neither? 118

Posted by Soulskill
from the reply-hazy-try-again dept.
snydeq writes "Simon Phipps sheds light on a fight for control over Vert.x, an open source project for scalable Web development that 'seems immunized to corporate control.' 'Vert.x is an asynchronous, event-driven open source framework running on the JVM. It supports the most popular Web programming languages, including Java, JavaScript, Groovy, Ruby, and Python. It's getting lots of attention, though not necessarily for the right reasons. A developer by the name of Tim Fox, who worked at VMware until recently, led the Vert.x project — before VMware's lawyers forced him to hand over the Vert.x domain, blog, and Google Group. Ironically, the publicity around this action has helped introduce a great technology with an important future to the world. The dustup also illustrates how corporate politics works in the age of open source: As corporate giants grasp for control, community foresight ensures the open development of innovative technology carries on.'"
Java

Oracle Knew of Latest Java 0-Day Security Hole In August 265

Posted by timothy
from the when-the-living-is-easy dept.
An anonymous reader writes "After news broke on Thursday that a new Java 0-day vulnerability had been discovered, and was already being included in multiple popular exploit kits, two new important tidbits have come in on Friday. Firstly, this whole fiasco could have been avoided if Oracle had properly patched a previous vulnerability. Furthermore, not only is the vulnerability being exploited in the wild, but it is being used to push ransomware." Meanwhile, writes reader Beeftopia, the U.S. Department of Homeland Security is getting in on the action, and "has warned users to disable or uninstall Java software on their computers, amid continuing fears and an escalation in warnings from security experts that hundreds of millions of business and consumer users are vulnerable to a serious flaw."
Firefox

Apple and Mozilla Block Vulnerable Java Plug-ins 88

Posted by Soulskill
from the no-dogs-allowed dept.
hypnosec writes "Following news that a Java 0-day has been rolled into exploit kits, without any patch to fix the vulnerability, Mozilla and Apple have blocked the latest versions of Java on Firefox and Mac OS X respectively. Mozilla has taken steps to protect its user base from the yet-unpatched vulnerability. Mozilla has added to its Firefox add-on block-list: Java 7 Update 10, Java 7 Update 9, Java 6 Update 38 and Java 6 Update 37. Similar steps have also been taken by Apple; it has updated its anti-malware system to only allow version 1.7.10.19 or higher, thereby automatically blocking the vulnerable version, 1.7.10.18." Here are some ways to disable Java, if you're not sure how.
Programming

Ask Slashdot: What Practices Impede Developers' Productivity? 457

Posted by Soulskill
from the mitten-mondays dept.
nossim writes "When it comes to developers' productivity, numerous controversial studies stress the differences between individuals. As a freelance web developer, I've worked for a lot of companies, and I noticed how some companies foster good practices which improve individual productivity and some others are a nightmare in that regard. In your experience, what are the worst practices or problems that impede developers' productivity at an individual or organizational level?"
Programming

Ask Slashdot: How To React To Coworker Who Says My Code Is Bad? 507

Posted by timothy
from the very-strong-lye-solution-coffee dept.
A week ago, you read the other side of the same question. Now, an anonymous reader writes "I have been with my company for 10+ years and have seen many development cycles on our projects. We have a developer intern who has not been on the team for very long. On day one he started ripping into my code on how terrible it is. We have a code base of roughly 50,000 lines of code. When he comes to me with a complaint about the code it is simply because he does not have the experience with it to actually understand what the code is doing. He is a smart guy with lots of promise, he is asking good questions, but how do I get him to look past his own self perceived greatness enough to slow down and learn what we are doing and how we have pulled it off?"
Crime

Java Zero-Day Vulnerability Rolled Into Exploit Packs 193

Posted by Unknown Lamer
from the just-can't-win dept.
tsu doh nimh writes "The miscreants who maintain Blackhole and Nuclear Pack — competing crimeware products that are made to be stitched into hacked sites and use browser flaws to foist malware — say they've added a brand new exploit that attacks a previously unknown and currently unpatched security hole in Java. The curator of Blackhole, a miscreant who uses the nickname 'Paunch,' announced yesterday on several Underweb forums that the Java zero-day was a 'New Year's Gift,' to customers who use his exploit kit. The exploit has since been verified to work on all Java 7 versions by AlienVault Labs. The news comes days after it was revealed that Paunch was reserving his best exploits for a more closely-held exploit pack called Cool Exploit Kit, a license for which costs $10,000 per month."
Businesses

Ask Slashdot: Are Timed Coding Tests Valuable? 776

Posted by samzenpus
from the beat-the-clock dept.
First time accepted submitter xkrebstarx writes "A buddy of mine recently applied to a large tech company. Before setting up a phone interview with him, the unnamed company issued a timed coding test to gauge his coding prowess. He was allotted 45 minutes to complete an undergraduate level coding assignment. I would like to ask the Slashdotters of the world if they find value in these speed-programming tests. Does coding quickly really indicate a better programmer? A better employee?"
Transportation

Ford and GM Open Car Software To Outside Developers 82

Posted by Soulskill
from the what-could-possibly-go-wrong dept.
Dr Herbert West writes with news that General Motors and Ford have both used CES to announce a Software Development Kit for developers to create in-car apps. "Ford is focusing on three primary categories for apps: news and information, music and entertainment, and navigation and location. Marchwicki said the automaker will “instantly deny” apps that incorporate video, excessive text and gaming in a bid to reduce the risk of distracted driving. After developers have incorporated the Sync AppLink code into a proposed app, they submit it to Ford engineers for review. Ford will certify the app is bug-free and appropriate for automobiles. Once approved, Ford will work with the developer to provide a distribution license and get the app on the market." Similarly GM seeks infotainment apps that can be downloaded directly to the dashboard. "GM will provide developers with an SDK through an online portal that allows them to work with the automaker to design, test and deliver relevant automotive apps. GM also is including an HTML5 Java Script framework in its SDK."
Image

Book Review: The Nature of Code 37

Posted by samzenpus
from the read-all-about-it dept.
eldavojohn writes "I kickstarted a project undertaken by Daniel Shiffman to write a book on what (at the time) seemed to be a very large knowledge space. What resulted is a good book (amazing by CC-BY-NC standards) available in both PDF and HTML versions. In addition to the book he maintains the source code for creating the book and of course the book examples. The Nature of Code starts off swimmingly but remains front heavy with a mere thirty five pages devoted to the final chapter on neural networks. This is an excellent book for Java and Processing developers that want to break into simulation and modeling of well, anything. It probably isn't a must-have title for very seasoned developers (unless you've never done simulation and modeling) but at zero cost why not?" Read below for the rest of eldavojohn's review.
Cloud

The Billion Dollar Startup: Inside Obama's Campaign Tech 90

Posted by Soulskill
from the devs-we-can-believe-in dept.
Nerval's Lobster writes "A presidential campaign is many things to many people: a reason to hope in the future, a wellspring of jokes and debate fodder, an annoyance to tune out, a chance to participate in the civic process. But for a couple dozen software engineers and developers involved over the past two years in President Obama's re-election effort, a campaign was something entirely different: a billion-dollar tech startup with an eighteen-month lifespan and a mandate to ship code under extreme pressure. Speaking to a New York City audience, some of Obama for America's leading tech people—those involved in the all-important Dashboard and Narwhal projects, as well as fundraising and DevOps—characterized the experience as 'insane,' filled with unending problems and the knowledge that, at the end of the whole process, nearly everything they worked on would likely end up tossed away. This is the story of what happened, and how technologies on a massive scale can make or break campaigns."
Programming

Better Tools For Programming Literacy 317

Posted by Soulskill
from the baby's-first-for-loop dept.
waderoush writes "Adam Wiggins, co-founder of Heroku, agrees with anthropologist Bonnie Nardi that programming isn't just for geeks. The problem, he says, is that today's tools for teaching programming are woefully inadequate. In a commentary, Wiggins argues that there are two major gaps preventing programming tools from being accessible to beginners: 1) they're too fussy, requiring extensive setup, and 2) they're focused on the technology rather than everyday tasks. A good tool for learning programming, Wiggins argues, would emulate an Excel or Google Docs spreadsheet – beginners would be able to fire it up instantly, and would be able to get useful things done right away. (He's dismissive, though, of visual programming tools that 'attempt to hide logic behind a point-and-click interface.') 'Broad programming literacy is crucial in a world increasingly made of computers,' Wiggins says. 'Despite common stereotypes, programming is not out of reach for the average person,' as long as the tools are easy to set up and specialized on the programmer's task."
Businesses

How to Become an IT Expert Companies Seek Out and Pay Well (Video) 207

Posted by Roblimo
from the every-day-in-every-way-you-are-getting-better-and-better dept.
This video is an interview with Matt Heusser, who makes a good living as an independent IT consultant. He says many other people who are currently pounding out code or performing other routine computer-oriented tasks can become independent, too. He's not selling a course or anything here, just passing on some advice to fellow Slashdot readers. He's written up some of this advice in a series of four articles: Getting People to Throw Money At You; How to become IT Talent; That Last Step to Become ‘Talent’ In IT; and The Schwan’s Solution. He also gave a speech last November titled Building your reputation through creative disobedience. (The link is to a 50 minute video of that speech.) Anyway, we figure quite a few Slashdot readers are at least as smart as Matt and may want to take some career steps similar to the ones he has taken. In today's video, he gives you some ideas about how to stop being an IT worker and how to become IT talent instead.
Programming

C Beats Java As Number One Language According To TIOBE Index 535

Posted by samzenpus
from the mom's-favorite dept.
mikejuk writes "Every January it is traditional to compare the state of the languages as indicated by the TIOBE index. So what's up and what's down this year? There have been headlines that C# is the language of the year, but this is based on a new language index. What the TIOBE index shows is that Java is no longer number one as it has been beaten by C — yes C not C++ or even Objective C."
Programming

What Are the Unwritten Rules of Deleting Code? 384

Posted by samzenpus
from the best-practices dept.
Press2ToContinue writes "I came across this page that asks the question, 'what are the unwritten rules of deleting code?' It made me realize that I have seen no references to generally-accepted best-practice documents regarding code modification, deletion, or rewrites. I would imagine Slashdot's have come across them if they exist. The answers may be somewhat language-dependent, but what best practices do Slashdot's use when they modify production code?"
Perl

Why JavaScript Is the New Perl 453

Posted by samzenpus
from the presto-chango dept.
theodp writes "'People are thoroughly excited [about JavaScript],' writes Lincoln Baxter. 'However, I'd akin this to people discovering Perl during the advent of C and C++ (mirror). Does it work? Yes. Is it pretty? Not by a long shot.' Baxter adds, 'While I do like both languages, JavaScript [is] just waiting for the next technology to come around and make it look like Perl does today: pervasive, but lacking enterprise adoption on large applications.'"
Android

The Android SDK Is No Longer Free Software 535

Posted by Soulskill
from the fighting-fragmentation-at-all-costs dept.
New submitter tian2992 writes "The new terms for the Android SDK now include phrases such as 'you may not: (a) copy (except for backup purposes), modify, adapt, redistribute, decompile, reverse engineer, disassemble, or create derivative works of the SDK or any part of the SDK' among other non-Free-software-friendly terms, as noted by FSF Europe's Torsten Grote. Replicant, a free fork of Android, announced the release of Replicant SDK 4.0 based on the latest sources of the Android SDK without the new terms."
Crime

Are Programmers Responsible For the Actions of Their Clients? 222

Posted by timothy
from the ok-now-let's-talk-tortkey dept.
Bobfrankly1 writes "Robert Stuart and his company Extensions Software are being charged by New York authorities, claiming he is promoting gambling in New York because of the actions of his clients. They are charging him after he rejected a plea agreement that would have him plead guilty to lesser charges, adding backdoors to his software, and using said backdoors to gather details on his clients and their customers." Another article on the case at Salon.
Bug

Adobe and Apple Didn't Unit Test For "Forward Date" Bugs. Do You? 169

Posted by timothy
from the everyone-misses-a-few dept.
llamafirst writes "As the year flipped to 2013, we learned that Adobe and Apple don't test for "forward date" bugs. Adobe prevented any copy of FrameMaker 10 from launching and Apple broke Do Not Disturb for the first week of 2013. Surely some more critical and safety systems also have lurking issues. Got tips for catching time/date bugs 'from the mysterious future?' (Also, obligatory link to Falsehoods programmers believe about time.)"
Education

Best Tech Colleges Are Harder Than Ever To Get In 108

Posted by timothy
from the use-a-catapult dept.
alphadogg writes "Results from the early application rounds at the nation's best technical colleges indicate that it will be another excruciatingly difficult year for high school seniors to get accepted into top-notch undergraduate computer science and engineering programs. Leading tech colleges reported a sharp rise in early applications, prompting them to be more selective in choosing prospective freshmen for the Class of 2017. Many colleges are reporting lower acceptance rates for their binding early decision and non-binding early action admissions programs than in previous years. Here's a roundup of stats from MIT, Stanford and others."
Programming

Ask Slashdot: How Can I Explain To a Coworker That He Writes Bad Code? 683

Posted by timothy
from the roofies-in-his-mountain-dew dept.
An anonymous reader writes "I have a coworker who, despite being very smart, and even very knowledgeable about software, writes the most horrible code imaginable. Entire programs are stuffed into single functions, artificially stretched thanks to relentless repetition; variable and class names so uninformative as to make grown men weep; basic language features ignored, when they could make everything shorter and more readable; and OOP abuse so sick and twisted that it may be considered a war crime. Of course, being a very smart person who has been programming since before I was born makes him fairly impervious to criticism, so even a simple 'Do you see how much better this function is when written this way?' is hopeless. How can I make him see the light, realize the truth, and be able to tell good code from bad?"
Programming

All Ruby On Rails Versions Suffer SQL Injection Flaw 81

Posted by timothy
from the this-tunnel-under-construction dept.
Trailrunner7 writes with the news as posted at Threatpost (based on this advisory) that "All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an attacker to inject code into Web applications. The vulnerability is a serious one given the widespread use of the popular framework for developing Web apps, and the maintainers of Ruby on Rails have released new versions that fix the flaw, versions 3.2.10, 3.1.9 and 3.0.18. The advisory recommends that users running affected versions, which is essentially anyone using Ruby on Rails, upgrade immediately to one of the fixed versions, 3.2.10, 3.1.9 or 3.0.18. The vulnerability lies specifically in the Ruby on Rails framework, and its presence doesn't mean that all of the apps developed on vulnerable versions are susceptible to the bug."
Databases

Cassandra NoSQL Database 1.2 Released 55

Posted by Soulskill
from the onward-and-upward dept.
Billly Gates writes "The Apache Foundation released version 1.2 of Cassandra today which is becoming quite popular for those wanting more performance than a traditional RDBMS. You can grab a copy from this list of mirrors. This release includes virtual nodes for backup and recovery. Another added feature is 'atomic batches,' where patches can be reapplied if one of them fails. They've also added support for integrating into Hadoop. Although Cassandra does not directly support MapReduce, it can more easily integrate with other NoSQL databases that use it with this release."
Education

Ask Slashdot: CS Degree While Working Full Time? 433

Posted by timothy
from the we're-working-in-shifts dept.
An anonymous reader writes "First, some quick background: I am 26 years old and I have been working for a large software development company with more than 50,000 employees for about 5 years now. My actual title is Senior Software Engineer, and I am paid well considering I have no degrees and all of the programming languages I have learned (C, C++, C#, Java) are completely self taught. The only real reason I was able to get this job is because I spent a year or so in a support position and I was able to impress the R&D Lead Developer with a handful of my projects. My job is secure for the time being, but what really concerns me is the ability to find another job in the field without 95% of companies discarding me for lack of formal education. I started looking into local community colleges and universities, and much to my dismay, they offer neither nighttime or online courses for computer science. Quitting the job to pursue a degree is not an option, especially considering they will compensate me up to $10,000/yr for going back to school. Has anyone else been in a similar situation? Does anyone know of any accredited colleges and universities that offer a CS degree through online courses? Obviously excluding the scam 'colleges' such as Univ. of Phoenix and DeVry."
The Almighty Buck

Strong Foundations: FreeBSD, Wikimedia Raise Buckets of Development Money 113

Posted by timothy
from the more-is-still-welcome dept.
mbadolato writes "On December 9, 2012, Slashdot reported that the FreeBSD Foundation was falling short of their 2012 goal of $500,000 by nearly 50%. For all of those that continued to echo about how FreeBSD is dying, it's less than three weeks later and the total is presently nearing $200,000 OVER the goal. Netcraft continues to be wrong." And reader hypnosec adds another crowdfunding success story: "The Wikimedia Foundation has announced at the conclusion of its ninth annual fund-raiser that it has managed to raise a whopping $25 million from 1.2 million donors in just over a week's time. ... As compared to last year's fund-raiser, which got completed in 46 days, this year's was completed in just nine days."
Bug

Linus Chews Up Kernel Maintainer For Introducing Userspace Bug 1051

Posted by timothy
from the otherwise-of-course-I'd-be-a-kernel-rockstar dept.
An anonymous reader points out just how thick a skin it takes to be a kernel developer sometimes, linking to a chain of emails on the Linux Kernel Mailing List in which Linus lets loose on a kernel developer for introducing a change that breaks userspace apps (in this case, PulseAudio). "Shut up, Mauro. And I don't _ever_ want to hear that kind of obvious garbage and idiocy from a kernel maintainer again. Seriously. I'd wait for Rafael's patch to go through you, but I have another error report in my mailbox of all KDE media applications being broken by v3.8-rc1, and I bet it's the same kernel bug. And you've shown yourself to not be competent in this issue, so I'll apply it directly and immediately myself. WE DO NOT BREAK USERSPACE! Seriously. How hard is this rule to understand? We particularly don't break user space with TOTAL CRAP. I'm angry, because your whole email was so _horribly_ wrong, and the patch that broke things was so obviously crap. ... The fact that you then try to make *excuses* for breaking user space, and blaming some external program that *used* to work, is just shameful. It's not how we work," writes Linus, and that's just the part we can print. Maybe it's a good thing, but there's certainly no handholding when it comes to changes to the heart of Linux.
Android

Ouya Dev Consoles Ship, SDK Released 169

Posted by Soulskill
from the progress-as-promised dept.
An anonymous reader writes "Earlier this year, the Android-based Ouya game console project raised over nine times as much funding as they initially asked for in their Kickstarter campaign. Now, Ouya developer consoles are starting to ship, and folks on the Ouya team released a video showing what the developers should expect. As explained in the video, the console currently being shipped is by no means the final hardware, but promises to give developers everything they need to start developing apps and games for Ouya. The only surprise is that they decided to add a micro-USB port to the hardware, making it easy to hook up to a PC. The Ouya team has also released an SDK for the device (which they call the ODK — Ouya Development Kit), and have provided most of the source under the Apache 2.0 license. They wrote, 'We think we’ve got a great team of developers here at OUYA, but there’s strength in numbers and a wealth of passionate, talented people out there. We want you, the developers of the world, to work alongside us to continually improve our platform. It’s our hope that releasing a more open ODK will help foster such innovation.'"
GNU is Not Unix

GNU C Library 2.17 Announced, Includes Support For 64-bit ARM 68

Posted by timothy
from the well-armed-society dept.
hypnosec writes "A new version of GNU C Library (glibc) has been released and with this new version comes support for the upcoming 64-bit ARM architecture a.k.a. AArch64. Version 2.17 of glibc not only includes support for ARM, it also comes with better support for cross-compilation and testing; optimized versions of memcpy, memset, and memcmp for System z10 and zEnterprise z196; and optimized version of string functions, on top of some quite a few other performance improvements, states the mailing list release announcement. Glibc v 2.17 can be used with a minimum Linux kernel version 2.6.16."
Google

Google Docs Vs. Microsoft Word: an Even Matchup? 346

Posted by samzenpus
from the duke-it-out dept.
Nerval's Lobster writes "Software developer Jeff Cogswell writes: 'About a year ago, I decided to migrate my documents to Google Docs and start using it for all my professional writing. I quickly hit some problems; frankly, Google Docs wasn't as good an option as I'd initially hoped. Now I use LibreOffice on my desktop, and it works well, but I had to go through long odysseys with Google Docs and Zoho Docs to reach this point. Is Microsoft Word actually better than Google Docs and Zoho Docs? For my work, the answer is "yes," but this doesn't make me particularly happy. In the following essay, I present my problems with Google Docs and Zoho Docs (as well as some possible solutions) from my perspective as both a professional writer and a software developer.'"
Perl

Linux, Apache, Perl, X10, Webcams... and Christmas Lights 30

Posted by Unknown Lamer
from the blinkenlights dept.
An anonymous reader writes "Clement Moore writes

'Twas the night before Christmas,
and while not a creature was stirring (not even an optical mouse),
/.'ers were posting & moderating with squeals of delight.
When out on the Internet there arose such a clatter,
I sprang from my keyboard to see what was the matter.
I knew in a moment it must be Alek's Controllable Christmas Lights Webcam.
But remembered in previous years it was a hoax - /. said damn.
And then, in a twinkling, I realize Alek has done it for real — W'OH!
With 20,000 lights plus giant inflatable Elmo, Frosty, Santa, SpongeBob, and Homer Simpson — D'OH!
The X10 controls and 3 live webcams provide such clarity,
that it has raised over $70,000 for Celiac charity.
'Merry Christmas to all, and to all a good night!'"
Businesses

The Trials and Tribulations of a Would-Be Facebook Employee 241

Posted by timothy
from the throw-him-into-the-pond dept.
An anonymous reader writes "It may be hard for Facebook HR infrastructure to keep up with the rapid growth of the company, so scheduling and performing Skype screening interviews with the prospective new developers appears deteriorating into disorderly jumble. In a blog post, a recent candidate for a development job at Facebook has shared his excruciation at coordinating and then having this preliminary interview, pointing out the unhelpfulness of HR staff at Facebook during all stages of the process."
Businesses

Ask Slashdot: How To Gently Keep Management From Wrecking a Project? 276

Posted by timothy
from the flying-car-is-easier-goal dept.
New submitter miserly_content writes "I work in a large, hierarchical technology company. I have been developing technical specs for a new strategic and challenging software project, and the project is slowly gathering steam and support. This is already a career building success for me, and everyone acknowledges my technical capabilities. But the program manager is an MBA-type, and wants to bring in new multiple team leaders and consultants. This is not really a surprise, but I feel we are sliding towards a too-many-chiefs-too-few-indians scenario, especially at this early stage. How can I pitch upper management about this issue, without appearing selfish or disruptive? What positive approach can I try with the PM, with whom I have a good working relationship?"
Software

Microsoft Kills Expression Suite — And Makes It Free, For Now 89

Posted by timothy
from the free-for-now-ware dept.
mikejuk writes "Microsoft has announced that the Expression suite of design tools is no more. It has been removed from sale immediately and it has been placed on a maintenance only status until it reaches its end of life. Expression was Microsoft's offering for designers and competed directly with Adobe products. You can now download the components of Expression — Design 4, Web 4 and Encoder 4 — for free but you can't buy them. Of course, knowing that you are using 'doomed' products, even for free, takes some of the icing off the cake. The central component of the suite the UI designer Blend is to be integrated with Visual Studio 2012 probably along with Update 2. It looks as if Microsoft is giving up on trying to get designers to use its tools."

Programmers do it bit by bit.

Working...