First time accepted submitter jovius writes "The Matriculation Examination Board of Finland has just opened an international hacking contest to find flaws and exploits in Digabi Live — the Live Debian based operating system to be used in the all-digital final exams by the year 2016. The contest ends on 1st of September, and the winners are about to scoop hefty hardware prizes, also available as cash."
Slashdot is powered by your submissions, so send in your scoop
theodp writes "Bret Victor's The Future of Programming (YouTube video; Vimeo version) should probably be required viewing this fall for all CS majors — and their professors. For his recent DBX Conference talk, Victor took attendees back to the year 1973, donning the uniform of an IBM systems engineer of the times, delivering his presentation on an overhead projector. The '60s and early '70s were a fertile time for CS ideas, reminds Victor, but even more importantly, it was a time of unfettered thinking, unconstrained by programming dogma, authority, and tradition. 'The most dangerous thought that you can have as a creative person is to think that you know what you're doing,' explains Victor. 'Because once you think you know what you're doing you stop looking around for other ways of doing things and you stop being able to see other ways of doing things. You become blind.' He concludes, 'I think you have to say: "We don't know what programming is. We don't know what computing is. We don't even know what a computer is." And once you truly understand that, and once you truly believe that, then you're free, and you can think anything.'"
reifman writes "Nothing sucks more than finding an 'Error establishing database connection' on your blog hours after the fact, but it's not easy to find inexpensive, simple monitoring solutions which support smartphone notifications. I wrote MonitorApp, a free, open source software applet which sends notifications to your iPhone (or Android) if anything goes wrong with your web site or services. This tutorial describes how to install and configure MonitorApp for your own purposes. The only cost is a $4.99 mobile application called Pushover — which links MonitorApp to your phone. Pushover also links with Nagios, a more complex open source option — but ironically, Nagios' website was down when I looked for it last month."
hypnosec writes "NVidia has now open-sourced the operating system that powers the gaming console to encourage its modification and further development. Powered by NVidia's homegrown Tegra 4 processor, the console runs Android, which shouldn't surprise many as the company moves ahead with its open-sourcing intentions. The GPU company has said that the SHIELD is an 'open gaming platform' that allows for 'an open ecosystem,' enabling developers to develop content as well as applications that takes advantage of the underlying hardware and which can be enjoyed on bigger displays as well as mobile screen." Playing with it isn't without risks (like potentially voiding the warranty), but NVIDIA's blog post says they're also providing a recovery image to fall back to.
gspec writes "I am an engineer with about 14 years experience in the industry. Lately I have been interviewing with a few companies hoping to land a better position. In almost all those interviews, I was asked these types of question: 'Have you been a leader in a project?' or 'Why after these many years, you are not in a management? Do you lack leadership skills?' Sometimes these questions discourage me and make me feel like an underachiever. I found an article in which the author talked about exactly this, and I agree with him. I think in this modern society, especially in the U.S., we overvalue the leaders and undervalue the followers to the point that we forget that leaders cannot do any good if they do not have good followers."
reifman writes "Zillow quietly released boundary data for more than 7,000 neighborhoods in the U.S. via the Creative Commons attribute-sharealike license but few people know how to integrate this data into their applications. This tutorial describes how to import the data and integrate it with Google Maps and HTML5 Geolocation."
chicksdaddy writes "Two researchers at the Black Hat Briefings security conference Thursday said Smart TVs from electronics giant Samsung are rife with vulnerabilities in the underlying operating system and Java-based applications. Those vulnerabilities could be used to steal sensitive information on the device owner, or even spy on the television's surroundings using an integrated webcam. Speaking in Las Vegas, Aaron Grattafiori and Josh Yavor, both security engineers at the firm ISEC Partners, described Smart TVs as Linux boxes outfitted with a Webkit-based browser. They demonstrated how vulnerabilities in SmartHub, the Java-based application that is responsible for many of the Smart TV's interactive features, could be exploited by a local or remote attacker to surreptitiously activate and control an embedded webcam on the SmartTV, launch drive-by download attacks and steal local user credentials and those of connected devices, browser history, cache and cookies as well as credentials for the local wireless network. Samsung has issued patches for many of the affected devices and promises more changes in its next version of the Smart TV. This isn't the first time Smart TVs have been shown to be vulnerable. In December, researchers at the firm ReVuln also disclosed a vulnerability in the Smart TV's firmware that could be used to launch remote attacks."
msmoriarty writes "Google's Don Dodge, GitHub's Tom Preston-Werner, New Relic's Lew Cirne and others recently got together in San Francisco on a panel called 'The Developer is King: The Power Behind the Throne.' According to coverage of the event, the panelists all agreed that programmers — both independent ones and those employed by companies — have more power, and thus opportunities, than ever. Even the marketing power of developers was acknowledged: 'The only way to convince a developer is by giving them a demo and showing them how it's better,' said Preston-Werner. 'The beauty is, you plant these seeds around the world, and those people will evangelize it for you. Because another thing that developers are great at is telling other developers what works for them.'"
twofishy writes "Something I've noticed amongst financial service companies in London is a growing use of Java in preference to C/C++ for exchange systems, High Frequency Trading and over low-latency work. InfoQ has a good written panel discussion with Peter Lawrey, Martin Thompson, Todd L. Montgomery and Andy Piper. From the article: 'Often the faster an algorithm can be put into the market, the more advantage it has. Many algorithms have a shelf life and quicker time to market is key in taking advantage of that. With the community around Java and the options available, it can definitely be a competitive advantage, as opposed to C or C++ where the options may not be as broad for the use case. Sometimes, though, pure low latency can rule out other concerns. I think currently, the difference in performance between Java and C++ is so close that it's not a black and white decision based solely on speed. Improvements in GC techniques, JIT optimizations, and managed runtimes have made traditional Java weaknesses with respect to performance into some very compelling strengths that are not easy to ignore.'"
Nerval's Lobster writes "Developer and editor Jeff Cogswell asks: When it comes to implementing a CouchDB installation, do you roll your own, or go with a service that provides a hosted version of the database? He takes a look at some of the technologies present in CouchDB that can greatly influence that decision. His conclusion? Like all things, it's a little complicated. 'If you're going to be self-hosting—unless you're working on a really small system—don't use the basic CouchDB for anything,' he writes. 'If you want scalability, either go with Couchbase or BigCouch, or wait until Cloudant's BigCouch merger into CouchDB is officially available.' But going with a host also creates its own things to watch for, including potential issues with replication and eventual consistency."
snydeq writes "Taming technology is sometimes more art than science, but the difference can sometimes be hard to discern, writes Deep End's Paul Venezia. 'You've probably come across colleagues who were extremely skilled at their jobs — system administrators who can bend a zsh shell to their every whim, or developers who can write lengthy functions that compile without a whimper the first time. You've probably also come across colleagues who were extremely talented — who could instantly visualize a new infrastructure addition and sketch it out to extreme detail on a whiteboard while they assembled it in their head, for example, or who could devise a new, elegant UI without breaking a sweat. The truly gifted among us exhibit both of those traits, but most fall into one category or another. There is a difference between skill and talent. Such is true in many vocations, of course, but IT can present a stark contrast between the two.'"Assuming Venezia is correct, which do you think is more important?
theodp writes "In the movie Groundhog Day, a weatherman finds himself living the same day over and over again. It's a tale to which software-designers-of-a-certain-age can relate. Like Philip Greenspun, who wrote in 1999, 'One of the most painful things in our culture is to watch other people repeat earlier mistakes. We're not fond of Bill Gates, but it still hurts to see Microsoft struggle with problems that IBM solved in the 1960s.' Or Dave Winer, who recently observed, 'We marvel that the runtime environment of the web browser can do things that we had working 25 years ago on the Mac.' And then there's Scott Locklin, who argues in a new essay that one of the problems with modern computer technology is that programmers don't learn from the great masters. 'There is such a thing as a Beethoven or Mozart of software design,' Locklin writes. 'Modern programmers seem more familiar with Lady Gaga. It's not just a matter of taste and an appreciation for genius. It's a matter of forgetting important things.' Hey, maybe it's hard to learn from computer history when people don't acknowledge the existence of someone old enough to have lived it, as panelists reportedly did at an event held by Mark Zuckerberg's FWD.us last Friday!"
Nerval's Lobster writes "If struggling online-games developer Zynga thought things were bad before, they could be turning a whole lot worse: Facebook is rolling out a pilot program for small- and medium-sized game developers. 'Through the program, we will work with select game developers and provide promotional support for their games in placements across our mobile apps,' reads a note on the Facebook Developers Website. Facebook is promising those developers access to the social network's '800 million monthly mobile users,' a variety of analytics tools for measuring their games' impact, and a 'unique targeting ability' for finding the right audiences — all for a cut of the games' revenue. 'We will be collaborating deeply with developers in our program by helping them cultivate high-quality, long-term players for their games,' the note added. Zynga benefited mightily from its relationship with Facebook, but other developers have subsequently realized they can utilize many of Zynga's tricks — and the social network's enormous audience — for their own ends. King is now Facebook's top app developer, largely on the strength of its Candy Crush Saga game. If Facebook encourages more small- and medium-sized developers to jump into the social gaming, it could fill the arena with even more competitors, which could prove bad news for the already-reeling Zynga. But for Facebook, the benefits are obvious: if any of those tiny-for-the-moment developers create a hit game, the revenues will come flooding in. That would supplement the social network's ad revenue, all while ensuring it doesn't need to overly depend on a single large developer with a set portfolio of games. Zynga has already been suffering from gaming-studio closings, games being shut down, and a declining user-base."
siliconbits writes "The debate about tagging has been going for nearly a decade. Slashdot has covered it a number of times. But it seems that nobody has yet to come up with a foolproof solution to tagging. Even luminaries like Engadget, The Verge, Gizmodo and Slashdot all have different tagging schemes. Commontag, a venture launched in 2009 to tackle tagging, has proved to be all but a failure despite the backing of heavyweights like Freebase, Yahoo and Zemanta. Even Google gave up and purchased Freebase in July 2010. Somehow I remain convinced that a unified, semantically-based solution, using a mix of folksonomy and taxonomy, is the Graal of tagging. I'd like to hear from fellow Slashdotters as to how they tackle the issue of creating and maintaining a tagging solution, regardless of the platform and the technologies being used in the backend." A good time to note: there may be no pretty way to get at them, but finding stories with a particular tag on Slashdot is simple, at least one at a time: Just fill in a tag you'd like to explore after "slashdot.org/tag/", as in "slashdot.org/tag/bizarro."
ectoman writes "Are firms responsible for GPL violations on code they receive from third parties? A German court thinks so. The Regional Court of Hamburg recently ruled that Fantec, a European media player maker, failed to distribute 'complete corresponding source code' for firmware found in some of its products. Fantec claims its third-party firmware supplier provided the company with appropriate source code, which Fantext made available online. But a hackathon organized by the Free Software Foundation Europe discovered that this source code was incomplete, and programmer Harald Welte filed suit. He won. Mark Radcliffe, an IP expert and senior partner at DLA Piper who specializes in open source licensing issues, has analyzed the case—and argued that it underscores the need for companies to implement internal GPL compliance processes. 'Fantec is a reminder that companies should adopt a formal FOSS use policy which should be integrated into the software development process,' he writes. 'These standards should include an understanding of the FOSS management processes of such third-party suppliers. The development of a network of trusted third-party suppliers is critical part of any FOSS compliance strategy.'"
achowe writes "The 22nd International Obfuscated C Code Contest opens 2013-Aug-01 03:14:15 UTC through to 2013-Oct-03 09:26:53 UTC. The rules have been updated, in particular Rule 2 (size rule) has changed. The draft rules and guidelines are available online. In addition there is now an IOCCC Size Rule Tool to aid with counting the secondary size rule. Questions and comments for the Judges can be emailed to firstname.lastname@example.org and must include 'IOCCC 2013' in the subject. Or contact them via Twitter @IOCCC." Anyone planning on entering?
First time accepted submitter chris.kohlhepp writes "The Emacs editor just got consolidated package management with "Feline Herd", offering 2000+ packages under one roof. No struggle with convoluted keyboard shortcuts — only easy GUI navigation via toolbar buttons! Every conceivable programming language is handled. Cuts the Emacs learning curve to a minimum for learners."
alphadogg writes "Oracle is continuing to crack down on companies it claims are providing support services for its products in an illegal fashion. Last week, Oracle sued IT services providers Terix and Maintech, alleging they have 'engaged in a deliberate scheme to misappropriate and distribute copyrighted, proprietary Oracle software code' in the course of providing support for customers using Oracle's Solaris OS. Oracle's allegations are similar to ones it has made in lawsuits against other Solaris service providers, such as ServiceKey, as well as Rimini Street, which provides third-party support for Oracle and SAP applications."
Nerval's Lobster writes "Forget about hacking an app or database: for a small cadre of hackers in San Francisco, it's all about writing code that can score them a great table at a hot restaurant. According to the BBC, these developers and programmers have designed bots that scan restaurant Websites for open tables and reserve them. Diogo Mónica, a security engineer with e-commerce firm Square, is one of those programmers. A self-described foodie, he decided to get around his inability to score a table at the ultra-popular State Bird Provisions by writing a script that sent out an email every time the restaurant's reservation page changed. 'Once a reservation got canceled I would get an email and could quickly get it for myself,' he wrote in a blog posting. But soon he noticed something peculiar: 'As soon as reservations became available on the website (at 4am), all the good times were immediately taken and were gone by 4:01am.' He suspected it was automated 'reservation bots at work,' built by other programmers with a hankering for fine cuisine. 'After a while even cancellations started being taken immediately from under me,' he wrote. 'It started being common receiving an email alerting of a change, seeing an available time, and it being gone by the time the website loaded.' His solution was to build his own reservation bot, using Ruby, and post the code in the wild."