Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×
Open Source

Who Controls Vert.x: Red Hat, VMware, Neither? 118

snydeq writes "Simon Phipps sheds light on a fight for control over Vert.x, an open source project for scalable Web development that 'seems immunized to corporate control.' 'Vert.x is an asynchronous, event-driven open source framework running on the JVM. It supports the most popular Web programming languages, including Java, JavaScript, Groovy, Ruby, and Python. It's getting lots of attention, though not necessarily for the right reasons. A developer by the name of Tim Fox, who worked at VMware until recently, led the Vert.x project — before VMware's lawyers forced him to hand over the Vert.x domain, blog, and Google Group. Ironically, the publicity around this action has helped introduce a great technology with an important future to the world. The dustup also illustrates how corporate politics works in the age of open source: As corporate giants grasp for control, community foresight ensures the open development of innovative technology carries on.'"

Oracle Knew of Latest Java 0-Day Security Hole In August 265

An anonymous reader writes "After news broke on Thursday that a new Java 0-day vulnerability had been discovered, and was already being included in multiple popular exploit kits, two new important tidbits have come in on Friday. Firstly, this whole fiasco could have been avoided if Oracle had properly patched a previous vulnerability. Furthermore, not only is the vulnerability being exploited in the wild, but it is being used to push ransomware." Meanwhile, writes reader Beeftopia, the U.S. Department of Homeland Security is getting in on the action, and "has warned users to disable or uninstall Java software on their computers, amid continuing fears and an escalation in warnings from security experts that hundreds of millions of business and consumer users are vulnerable to a serious flaw."

Apple and Mozilla Block Vulnerable Java Plug-ins 88

hypnosec writes "Following news that a Java 0-day has been rolled into exploit kits, without any patch to fix the vulnerability, Mozilla and Apple have blocked the latest versions of Java on Firefox and Mac OS X respectively. Mozilla has taken steps to protect its user base from the yet-unpatched vulnerability. Mozilla has added to its Firefox add-on block-list: Java 7 Update 10, Java 7 Update 9, Java 6 Update 38 and Java 6 Update 37. Similar steps have also been taken by Apple; it has updated its anti-malware system to only allow version or higher, thereby automatically blocking the vulnerable version," Here are some ways to disable Java, if you're not sure how.

Ask Slashdot: What Practices Impede Developers' Productivity? 457

nossim writes "When it comes to developers' productivity, numerous controversial studies stress the differences between individuals. As a freelance web developer, I've worked for a lot of companies, and I noticed how some companies foster good practices which improve individual productivity and some others are a nightmare in that regard. In your experience, what are the worst practices or problems that impede developers' productivity at an individual or organizational level?"

Ask Slashdot: How To React To Coworker Who Says My Code Is Bad? 507

A week ago, you read the other side of the same question. Now, an anonymous reader writes "I have been with my company for 10+ years and have seen many development cycles on our projects. We have a developer intern who has not been on the team for very long. On day one he started ripping into my code on how terrible it is. We have a code base of roughly 50,000 lines of code. When he comes to me with a complaint about the code it is simply because he does not have the experience with it to actually understand what the code is doing. He is a smart guy with lots of promise, he is asking good questions, but how do I get him to look past his own self perceived greatness enough to slow down and learn what we are doing and how we have pulled it off?"

Java Zero-Day Vulnerability Rolled Into Exploit Packs 193

tsu doh nimh writes "The miscreants who maintain Blackhole and Nuclear Pack — competing crimeware products that are made to be stitched into hacked sites and use browser flaws to foist malware — say they've added a brand new exploit that attacks a previously unknown and currently unpatched security hole in Java. The curator of Blackhole, a miscreant who uses the nickname 'Paunch,' announced yesterday on several Underweb forums that the Java zero-day was a 'New Year's Gift,' to customers who use his exploit kit. The exploit has since been verified to work on all Java 7 versions by AlienVault Labs. The news comes days after it was revealed that Paunch was reserving his best exploits for a more closely-held exploit pack called Cool Exploit Kit, a license for which costs $10,000 per month."

Ask Slashdot: Are Timed Coding Tests Valuable? 776

First time accepted submitter xkrebstarx writes "A buddy of mine recently applied to a large tech company. Before setting up a phone interview with him, the unnamed company issued a timed coding test to gauge his coding prowess. He was allotted 45 minutes to complete an undergraduate level coding assignment. I would like to ask the Slashdotters of the world if they find value in these speed-programming tests. Does coding quickly really indicate a better programmer? A better employee?"

Ford and GM Open Car Software To Outside Developers 82

Dr Herbert West writes with news that General Motors and Ford have both used CES to announce a Software Development Kit for developers to create in-car apps. "Ford is focusing on three primary categories for apps: news and information, music and entertainment, and navigation and location. Marchwicki said the automaker will “instantly deny” apps that incorporate video, excessive text and gaming in a bid to reduce the risk of distracted driving. After developers have incorporated the Sync AppLink code into a proposed app, they submit it to Ford engineers for review. Ford will certify the app is bug-free and appropriate for automobiles. Once approved, Ford will work with the developer to provide a distribution license and get the app on the market." Similarly GM seeks infotainment apps that can be downloaded directly to the dashboard. "GM will provide developers with an SDK through an online portal that allows them to work with the automaker to design, test and deliver relevant automotive apps. GM also is including an HTML5 Java Script framework in its SDK."

Book Review: The Nature of Code 37

eldavojohn writes "I kickstarted a project undertaken by Daniel Shiffman to write a book on what (at the time) seemed to be a very large knowledge space. What resulted is a good book (amazing by CC-BY-NC standards) available in both PDF and HTML versions. In addition to the book he maintains the source code for creating the book and of course the book examples. The Nature of Code starts off swimmingly but remains front heavy with a mere thirty five pages devoted to the final chapter on neural networks. This is an excellent book for Java and Processing developers that want to break into simulation and modeling of well, anything. It probably isn't a must-have title for very seasoned developers (unless you've never done simulation and modeling) but at zero cost why not?" Read below for the rest of eldavojohn's review.

The Billion Dollar Startup: Inside Obama's Campaign Tech 90

Nerval's Lobster writes "A presidential campaign is many things to many people: a reason to hope in the future, a wellspring of jokes and debate fodder, an annoyance to tune out, a chance to participate in the civic process. But for a couple dozen software engineers and developers involved over the past two years in President Obama's re-election effort, a campaign was something entirely different: a billion-dollar tech startup with an eighteen-month lifespan and a mandate to ship code under extreme pressure. Speaking to a New York City audience, some of Obama for America's leading tech people—those involved in the all-important Dashboard and Narwhal projects, as well as fundraising and DevOps—characterized the experience as 'insane,' filled with unending problems and the knowledge that, at the end of the whole process, nearly everything they worked on would likely end up tossed away. This is the story of what happened, and how technologies on a massive scale can make or break campaigns."

Better Tools For Programming Literacy 317

waderoush writes "Adam Wiggins, co-founder of Heroku, agrees with anthropologist Bonnie Nardi that programming isn't just for geeks. The problem, he says, is that today's tools for teaching programming are woefully inadequate. In a commentary, Wiggins argues that there are two major gaps preventing programming tools from being accessible to beginners: 1) they're too fussy, requiring extensive setup, and 2) they're focused on the technology rather than everyday tasks. A good tool for learning programming, Wiggins argues, would emulate an Excel or Google Docs spreadsheet – beginners would be able to fire it up instantly, and would be able to get useful things done right away. (He's dismissive, though, of visual programming tools that 'attempt to hide logic behind a point-and-click interface.') 'Broad programming literacy is crucial in a world increasingly made of computers,' Wiggins says. 'Despite common stereotypes, programming is not out of reach for the average person,' as long as the tools are easy to set up and specialized on the programmer's task."

Video How to Become an IT Expert Companies Seek Out and Pay Well (Video) 207

This video is an interview with Matt Heusser, who makes a good living as an independent IT consultant. He says many other people who are currently pounding out code or performing other routine computer-oriented tasks can become independent, too. He's not selling a course or anything here, just passing on some advice to fellow Slashdot readers. He's written up some of this advice in a series of four articles: Getting People to Throw Money At You; How to become IT Talent; That Last Step to Become ‘Talent’ In IT; and The Schwan’s Solution. He also gave a speech last November titled Building your reputation through creative disobedience. (The link is to a 50 minute video of that speech.) Anyway, we figure quite a few Slashdot readers are at least as smart as Matt and may want to take some career steps similar to the ones he has taken. In today's video, he gives you some ideas about how to stop being an IT worker and how to become IT talent instead.

C Beats Java As Number One Language According To TIOBE Index 535

mikejuk writes "Every January it is traditional to compare the state of the languages as indicated by the TIOBE index. So what's up and what's down this year? There have been headlines that C# is the language of the year, but this is based on a new language index. What the TIOBE index shows is that Java is no longer number one as it has been beaten by C — yes C not C++ or even Objective C."

What Are the Unwritten Rules of Deleting Code? 384

Press2ToContinue writes "I came across this page that asks the question, 'what are the unwritten rules of deleting code?' It made me realize that I have seen no references to generally-accepted best-practice documents regarding code modification, deletion, or rewrites. I would imagine Slashdot's have come across them if they exist. The answers may be somewhat language-dependent, but what best practices do Slashdot's use when they modify production code?"

Why JavaScript Is the New Perl 453

theodp writes "'People are thoroughly excited [about JavaScript],' writes Lincoln Baxter. 'However, I'd akin this to people discovering Perl during the advent of C and C++ (mirror). Does it work? Yes. Is it pretty? Not by a long shot.' Baxter adds, 'While I do like both languages, JavaScript [is] just waiting for the next technology to come around and make it look like Perl does today: pervasive, but lacking enterprise adoption on large applications.'"