bulled writes: In the middle of a press release discussing the move of employees from Seattle to California, Cyanogen Inc notes that it has parted ways with Steve Kondik. It is unclear what this means for the future of CyanogenMod. NDTV reports: "Kondik took to the official CyanogenMod developer Google+ community recently where he voiced what he thought were the reasons behind Cyanogen's plight and blamed Kirt McMaster, Cyanogen's Co-Founder. 'I've been pretty quiet about the stuff that's been going on but I'm at least ready to tell the short version and hopefully get some input on what to do next because CM is very much affected,' wrote Kondik in a private Google+ community first reported by Android Police. According to Kondik's version, Cyanogen's turmoil is way far from being over. He claimed that Cyanogen had seen success thanks to the efforts by the community and the company. Though, this also changed how the company worked. Explaining how it all started to come down, Kondik wrote, 'Unfortunately once we started to see success, my co-founder apparently became unhappy with running the business and not owning the vision. This is when the 'bullet to the head' and other misguided media nonsense started, and the bad business deals were signed. Being second in command, all I could do was try and stop it, do damage control, and hope every day that something new didn't happen. The worst of it happened internally and it became a generally shitty place to work because of all the conflict. I think the backlash from those initial missteps convinced him that what we had needed to be destroyed. By the time I was able to stop it, I was outgunned and outnumbered by a team on the same mission.' Kondik also seemingly confirmed a report from July which claimed Cyanogen may pivot to apps. He further wrote, 'Eventually I tried to salvage it with a pivot that would have brought us closer to something that would have worked, but the new guys had other plans. With plenty of cash in the bank, the new guys tore the place down and will go and do whatever they are going to do. It's probably for the best and I wish them luck, but what I was trying to do, is over.'"

Google says it has built support for the leap second into the time servers that regulate all Google services. An anonymous reader shares a blogpost by Google:No commonly used operating system is able to handle a minute with 61 seconds, and trying to special-case the leap second has caused many problems in the past. Instead of adding a single extra second to the end of the day, we'll run the clocks 0.0014% slower across the ten hours before and ten hours after the leap second, and "smear" the extra second across these twenty hours. For timekeeping purposes, December 31 will seem like any other day. All Google services, including all APIs, will be synchronized on smeared time, as described above. You'll also get smeared time for virtual machines on Compute Engine if you follow our recommended settings. You can use non-Google NTP servers if you don't want your instances to use the leap smear, but don't mix smearing and non-smearing time servers.

SourceForge announced on Wednesday that it is introducing HTTPS for all project websites on its platform. Once a project has been moved to HTTPS, old domain will automatically redirect to their new counterparts, resulting in no loss of traffic or inconvenience. From a blog post on the site: With a single click, projects can opt-in to switch their web hosting from http://name.sourceforge.net to https://name.sourceforge.io. Project admins can find this option in the Admin page, under "HTTPS", naturally.There's also a guide to assist developers with the transition. SourceForge launched HTTPS support for SourceForge.net back in February, but this rolls out HTTPS support to individual project websites hosted on SourceForge. There's also a Site News section on the website now where you can read about all SourceForge changes and improvements over the past year since SourceForge was acquired by BIZX, such as eliminating the DevShare program and scanning all projects for malware.

Photo-filter app Prisma, the popular program which makes pictures and video look like painterly art, had its access to Facebook's Live Video API revoked this month. From a report on NYMag:According to Prisma, Facebook justified choking off Prisma's access by stating, "Your app streams video from a mobile device camera, which can already be done through the Facebook app. The Live Video API is meant to let people publish live video content from other sources such as professional cameras, multi-camera setups, games or screencasts." This is the implied aim of Facebook's video API, the technical entry point for producers to pump video into Facebook's network: The API is meant for broadcasting setups that are not phone-based. The problem is that none of this is explained in Facebook's documentation for developers. In fact, it states the opposite. Here is the very first question from the company's Live API FAQ: "The Live API is a data feed and the "glue" needed to create higher-quality live videos on Facebook. It allows you to send live content directly to Facebook from any camera."

An anonymous reader quotes a report from Ars Technica: The attacker who infected servers and desktop computers at the San Francisco Metropolitan Transit Agency (SFMTA) with ransomware on November 25 apparently gained access to the agency's network by way of a known vulnerability in an Oracle WebLogic server. That vulnerability is similar to the one used to hack a Maryland hospital network's systems in April and infect multiple hospitals with crypto-ransomware. And evidence suggests that SFMTA wasn't specifically targeted by the attackers; the agency just came up as a target of opportunity through a vulnerability scan. In an e-mail to Ars, SFMTA spokesperson Paul Rose said that on November 25, "we became aware of a potential security issue with our computer systems, including e-mail." The ransomware "encrypted some systems mainly affecting computer workstations," he said, "as well as access to various systems. However, the SFMTA network was not breached from the outside, nor did hackers gain entry through our firewalls. Muni operations and safety were not affected. Our customer payment systems were not hacked. Also, despite media reports, no data was accessed from any of our servers." That description of the ransomware attack is not consistent with some of the evidence of previous ransomware attacks by those behind the SFMTA incident -- which Rose said primarily affected about 900 desktop computers throughout the agency. Based on communications uncovered from the ransomware operator behind the Muni attack published by security reporter Brian Krebs, an SFMTA Web-facing server was likely compromised by what is referred to as a "deserialization" attack after it was identified by a vulnerability scan. A security researcher told Krebs that he had been able to gain access to the mailbox used in the malware attack on the Russian e-mail and search provider Yandex by guessing its owner's security question, and he provided details from the mailbox and another linked mailbox on Yandex. Based on details found in e-mails for the accounts, the attacker ran a server loaded with open source vulnerability scanning tools to identify and compromise servers to use in spreading the ransomware, known as HDDCryptor and Mamba, within multiple organizations' networks.

ATT has officially unveiled its DirecTV Now internet TV streaming service, which launches Wednesday, November 30th, in the U.S. on iPhone, Android, Amazon Fire TV, Chromecast, and PC/Mac, starting at $35 per month. The Verge reports: Like its over-the-top rivals, DirecTV Now will let customers stream live programming on smartphones, tablets, and PCs -- no cable box necessary -- and requires no long-term contracts or commitments. For a limited time, ATT will offer the "Go Big" channel tier with 100 channels for $35 per month. If you sign up in time, the offer will remain valid each month until you cancel. But that $35 rate is not the long-term pricing for 100+ channels. DirecTV Now offers step-up subscriptions that include other channels and content for a higher monthly cost. ATT has signed programming agreements with nearly all major networks with the exception of CBS and Showtime; negotiations with those companies remain ongoing. DirecTV Now allows customers to watch up to two streams simultaneously. HBO and Cinemax can be added to any of these packages for just $5 extra (each) per month. DirecTV Now is "zero rated" for the company's wireless customers, so regardless of how much time they spend streaming, that activity will have no impact on data usage for their monthly bill. Importantly, while these are the subscription rates as of today, the company is being straightforward about the possibility of increases in the future. ATT also plans to air original shows including a Taylor Swift series.

An anonymous reader shares a Softpedia article: Microsoft has finally acknowledged the potential that the open-source world in general, and Linux in particular, boasts, so the company is exploring its options to expand in this area with every occasion. Most recently, an episode posted on Channel 9 and entitled "Improvements to Bash on Windows and the Windows Console" with senior program manager Rich Turner calls for Linux developers to give up on their platforms for Windows 10. "Fire up a Windows 10 Insiders' build instance and run your code, run your tools, host your website on Apache, access your MySQL database from your Java code," he explained. Turner went on to point out that the Windows subsystem for Linux is there to provide developers with all the necessary tools to code just like they'd do it on Linux, all without losing the advantages of Windows 10. "Whatever it is that you normally do on Linux to build an application: whether it's in Go, in Erlang, in C, whatever you use, please, give it a try on Bash WSL, and importantly file bugs on us. It really makes our life a lot easier and helps us build a product that we can all use and be far more productive with, he continued. Editor's note: The original title from Softpedia was edited because it was misleading. A Microsoft employee doesn't represent the entire company (at least in this instant he wasn't speaking for the company), and at no point has he asked "all Linux developers" to "give up" on Linux.

marekkirejczyk, the VP of Engineering at development shop Daftcode, shares a warning about hype-driven development: Someone reads a blog post, it's trending on Twitter, and we just came back from a conference where there was a great talk about it. Soon after, the team starts using this new shiny technology (or software architecture design paradigm), but instead of going faster (as promised) and building a better product, they get into trouble. They slow down, get demotivated, have problems delivering the next working version to production.
Describing behind-schedule teams that "just need a few more days to sort it all out," he blames all the hype surrounding React.js, microservices, NoSQL, and that "Test-Driven Development Is Dead" blog post by Ruby on Rails creator David Heinemeier Hansson. ("The list goes on and on... The root of all evil seems to be social media.") Does all this sound familiar to any Slashdot readers? Has your team ever succumbed to hype-driven development?

On Friday, O'Reilly Media announced "Our Cyber Monday sale starts now." An anonymous reader writes: They're offering a 50% discount on every ebook they publish -- over 14,000 titles from O'Reilly, No Starch Press, Pearson, A Book Apart, Make, Packt, and 25 other book publishers. (And they're offering a 60 percent discount on orders over $100.) Just use the code CYBER16 when checking out to claim the discount. The sale continues through Tuesday morning at 5 a.m. PST.

These are all DRM-free ebooks (in multiple formats), and there's even some "early release" editions -- advance copies distributed before their official publication. The discount also applies to new titles like "Head First Python" as well as old-school classics like "Learning Perl". Right now their best-sellers are "Wicked Cool Shell Scripts", "Modern Linux Administration", and "You Don't Know JS: Up and Going" -- but again, the discount applies to any ebook that they sell, and they also still have their selection of free programming texts.
Tim O'Reilly was one of the first people interviewed by Slashdot -- more than 17 years ago.

An anonymous reader quotes a report from FedScoop: President Barack Obama awarded Presidential Medals of Freedom to two storied women in tech -- one posthumously to Grace Hopper, known as the "first lady of software," and one to programmer Margaret Hamilton. Hopper worked on the Harvard Mark I computer, and invented the first compiler. "At age 37 and a full 15 pounds below military guidelines, the gutsy and colorful Grace joined the Navy and was sent to work on one of the first computers, Harvard's Mark 1," Obama said at the ceremony Tuesday. "She saw beyond the boundaries of the possible and invented the first compiler, which allowed programs to be written in regular language and then translated for computers to understand." Hopper followed her mother into mathematics, and earned a doctoral degree from Yale, Obama said. She retired from the Navy as a rear admiral. "From cell phones to Cyber Command, we can thank Grace Hopper for opening programming up to millions more people, helping to usher in the Information Age and profoundly shaping our digital world," Obama said. Hamilton led the team that created the onboard flight software for NASA's Apollo command modules and lunar modules, according to a White House release. "At this time software engineering wasn't even a field yet," Obama noted at the ceremony. "There were no textbooks to follow, so as Margaret says, 'there was no choice but to be pioneers.'" He added: "Luckily for us, Margaret never stopped pioneering. And she symbolizes that generation of unsung women who helped send humankind into space."

Programmer and teacher Bill Sourour wrote a post last week called "Code I'm Still Ashamed Of," where he recounts a story in which he was hired to write code for a pharmaceutical company. Little did he know at the time, he was being "duped into helping the company skirt drug advertising laws in order to persuade young women to take a particular drug," recaps Business Insider. "He later found out the drug was known to worsen depression and at least one young woman committed suicide while taking it." Sourour was inspired to write the post after viewing a talk by Robert Martin, called "The Future of Programming," who argues that software developers need to figure out how to self-regulate themselves quickly as software becomes increasingly prevalent in many people's lives. Business Insider reports: "Let's decide what it means to be a programmer," Martin says in the video. "Civilization depends on us. Civilization doesn't understand this yet." His point is that in today's world, everything we do like buying things, making a phone call, driving cars, flying in planes, involves software. And dozens of people have already been killed by faulty software in cars, while hundreds of people have been killed from faulty software during air travel. "We are killing people," Martin says. "We did not get into this business to kill people. And this is only getting worse." Martin finished with a fire-and-brimstone call to action in which he warned that one day, some software developer will do something that will cause a disaster that kills tens of thousands of people. But Sourour points out that it's not just about accidentally killing people or deliberately polluting the air. Software has already been used by Wall Street firms to manipulate stock quotes. "This could not happen without some shady code that creates fake orders," Sourour says. We'd like to ask what your thoughts are on Sourour's post and whether or not you've ever had a similar experience. Have you ever felt ashamed of your code?

Oracle announced today it is buying DNS provider Dyn, a company that was in the press lately after it was hit by a large-scale DDoS attack in October that resulted in many popular websites becoming inaccessible. From a TechCrunch report:Oracle plans to add Dyn's DNS solution to its bigger cloud computing platform, which already sells/provides a variety of Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) products. Oracle and Dyn didn't disclose the price of the deal but we are trying to find out. Dan Primack reports that it's around $600 million. We've also asked for a comment from Oracle about Dyn's recent breach, and whether the wheels were set in motion for this deal before or after the Mirai botnet attack in October.

"MongoDB is increasingly encroaching on Oracle's database lead -- with enterprises becoming more and more confident with the maturing NoSQL technology," according to Diginomica, citing this new interview with CEO Dev Ittycheria: 30% of our business is migration off existing workloads to us. Two years ago it was 5%. Ditching Oracle and others, but mainly Oracle... one of the nice benefits of being in this market is that Oracle has done a great job of alienating its customer base... if there are performance reasons, regulatory reasons, developer demand -- [people] will change... We have grown business by 2.5X over last two years. And our employee base has pretty much doubled.
One reason he cites is Oracle's higher prices on their top-line products, saying MongoDB's new customers include "a large bank, whose logo you would recognize instantly [with] a very sophisticated equities trading platform." Ittycheria says MongoDB is now a nine-figure business, and after they launched their new database-as-a-service product Atlas last June, "the growth in that business has been off the charts."

An anonymous reader quotes a report from Motherboard: A new tool makes it almost trivial for criminals to log onto websites as if they were you, and get access to your network router, allowing them to launch other types of attacks. Hackers and security researchers have long found ways to hack into computers left alone. But the new $5 tool called PoisonTap, created by the well-known hacker and developer Samy Kamkar, can even break into password-protected computers, as long as there's a browser open in the background. Kamkar explained how it works in a blog post published on Wednesday. And all a hacker has to do is plug it in and wait. PoisonTap is built on a Raspberry Pi Zero microcomputer. Once it's plugged into a USB port, it emulates a network device and attacks all outbound connections by pretending to be the whole internet, tricking the computer to send all traffic to it. Once the device is positioned in the middle like this, it can steal the victim's cookies, as long as they come from websites that don't use HTTPS web encryption, according to Kamkar. Security experts that reviewed Kamkar's research for Motherboard agreed that this is a novel attack, and a good way to expose the excessive trust that Mac and Windows computers have in network devices. That's the key of PoisonTap's attacks -- once what looks like a network device is plugged into a laptop, the computer automatically talks to it and exchanges data with it.

One day after republicans from the house and senate sent letters to FCC Chairman Tom Wheeler, urging him to avoid passing regulations before Donald Trump's inauguration as president, Wheeler appears to have complied with the request. The FCC today "announced the deletion of all items that were originally scheduled to be presented and voted on at tomorrow's meeting." Ars Technica reports: Before the change, the agenda included votes on price caps for "special access" business data services; Universal Service funding to expand mobile broadband networks; wireless roaming obligations; and requirements for audio description of TV programming for blind and visually impaired people. The only item not deleted from tomorrow's meeting is part of the "consent agenda," which means it is routine and wasn't going to be presented individually. Of the major items, the business data services proposal had received the most attention. These are dedicated wireline circuits provided by traditional phone companies like AT&T and Verizon; the services supply bandwidth for cellular data networks, indirectly affecting the price consumers pay for wireless service. The business data services are also used by banks and retailers to connect ATM machines and credit card readers, by government and corporate users to connect branch offices and data centers, and to support public safety operations and health care facilities. The now-deleted agenda item would have phased in price cap decreases of 11 percent over three years to account for "over a decade of efficiency gains" since the last price cap adjustment.

On the sidelines of major announcements such as Microsoft joining the Linux Foundation, and Google joining the .NET Foundation, at its Connect(); 2016 developer conference, Microsoft also announced that it bringing Visual Studio for rival platform Mac. The company also announced a preview of the next version of SQL Server, and a preview of Azure App Service support for containers. From a Venture Beat report:"We want to help developers achieve more and capitalize on the industry's shift toward cloud-first and mobile-first experiences using the tools and platforms of their choice," Microsoft Cloud and enterprise executive vice president Scott Guthrie said in a statement. "By collaborating with the community to provide open, flexible, and intelligent tools and cloud services, we're helping every developer deliver unprecedented levels of innovation." The fact that Microsoft is bringing its IDE to macOS would have arguably been the biggest news of the day, had the company not leaked the information itself earlier this week. Still, a preview of Visual Studio for Mac is now available, letting developers write cloud, mobile, and macOS apps on Apple's desktop operating system using .NET and C#. It's a big deal, given that Microsoft once made a point of locking in developers by only offering its tools on Windows. This has changed over time, with a big highlight in April 2015 when Microsoft launched Visual Studio Code, its cross-platform code editor, for Windows, Mac, and Linux.More info on Microsoft releasing SQL Server Preview for Ubuntu and Red Hat Enterprise Linux.

Emil Protalinski, writing for VentureBeat:As part of its slew of announcements at its Connect(); 2016 developer event in New York City today, Microsoft unveiled that Google is joining the .NET Foundation. Specifically, Google is becoming a member of the Technical Steering Group, which Microsoft says "reinforces the vibrancy of the .NET developer community" and also underlines "Google's commitment to fostering an open platform that supports businesses and developers who have standardized on .NET." [...] So what does Google joining actually mean? In short, Google will help steer the future of .NET in a way that is "similar to an open standard," Xamarin cofounder and Microsoft's current vice president of mobile developer tools, Nat Friedman, told VentureBeat. Google's decision is being driven by its enterprise business (Google Cloud) and the desire to keep up with businesses adopting public and hybrid clouds. The company sees the move as part of its commitment to open-source technology, which benefits all enterprises, and cross-platform development that gives developers and IT professionals access to the best tools.

An anonymous reader quotes a report from The Guardian: Scientists say they can deduce the lifestyle of an individual, down to the kind of grooming products they use, food they eat and medications they take, from chemicals found on the surface of their mobile phone. Experts say analysis of someone's phone could be a boon both to healthcare professionals, and the police. "You can narrow down male versus female; if you then figure out they use sunscreen then you pick out the [people] that tend to be outdoorsy -- so all these little clues can sort of narrow down the search space of candidate people for an investigator," said Pieter Dorrestein, co-author of the research from the University of California, San Diego. Writing in the Proceedings of the National Academy of Sciences, researchers from the U.S. and Germany describe how they swabbed the mobile phone and right hand of 39 individuals and analyzed the samples using the highly sensitive technique of mass spectrometry. The results revealed that each person had a distinct "signature" set of chemicals on their hands which distinguished them from each other. What's more, these chemicals partially overlapped with those on their phones, allowing the devices to be distinguished from each other, and matched to their owners. Analysis of the chemical traces using a reference database allowed the team to match the chemicals to known substances or their relatives to reveal tell-tale clues from each individual's life -- from whether they use hair-loss treatments to whether they are taking antidepressants.

An anonymous reader quotes a report from Ars Technica: A Charter customer has sued the cable company, alleging that it falsely advertises a lower price than it actually charges and falsely tells customers that extra fees tacked onto their bills are mandated by the government. The complaint, filed in California State Superior court in San Diego, takes aim at the "Broadcast TV" and "Sports Programming" surcharges that are added to customers' bills despite not being included in the advertised rate. "Charter is committing massive billing fraud by disguising price increases above the advertised and promised service package price in the form of the bogus 'Broadcast TV and Sports Programming Surcharges' line item on customer bills," said the lawsuit filed last week by Michael Song. The plaintiff is a subscriber in California, where Charter, the second largest cable company in the US after Comcast, operates via its newly acquired Time Warner Cable (TWC) subsidiary. Song is paying an extra $8.75 a month from those two fees combined. In addition to subtracting the fees from the advertised price, Charter falsely tells customers that it collects the fees to comply with government mandates, the lawsuit says. A Charter/TWC bill from last month is included in the complaint, and it says, "TWC imposes surcharges to recover costs of complying with its governmental obligations." Song's complaint also has a transcript of a chat with a Charter customer service agent, who claimed that Charter pays the broadcast fee back to the government. The customer service agent apparently has only a limited grasp of English, but the chat transcript helps illustrate one of the ways in which customers are being misinformed about their bills. Song's lawsuit repeatedly refers to the Broadcast TV and Sports Programming surcharges as "bogus" and "hidden," since they subtract a portion of the standard monthly charges from the "services" section of the bill.

Samsung wants developers to build apps for its homegrown Tizen mobile operating system, and it is offering cash prizes to do so. From a report on The Inquirer:The firm has launched the Tizen Mobile App Incentive Programme, which offers devs whose apps feature in the top 100 most downloaded rankings (can't be that hard, surely) a $10,000 reward. The firm will pay up to $1m a month from February to September 2017, Samsung said, making a total of $9m up for grabs. Developers will be able to sign up for the Tizen incentive programme from January 2017, and the firm explained that applications must be developed using the Tizen SDK and aimed at the Tizen-powered Samsung Z1, Z2 and Z3.