An anonymous reader writes: In an interview today, the author of BrickerBot, a malware that bricks IoT and networking devices, claimed he destroyed over 2 million devices, but he never intended to do so in the first place. His intentions were to fight the rising number of IoT botnets that were used to launch DDoS attacks last year, such as Gafgyt and Mirai. He says he created BrickerBot with 84 routines that try to secure devices so they can't be taken over by Mirai and other malware. Nevertheless, he realized that some devices are so badly designed that he could never protect them. He says that for these, he created a "Plan B," which meant deleting the device's storage, effectively bricking the device. His identity was revealed after a reporter received an anonymous tip about a HackForum users claiming he was destroying IoT devices since last November, just after BrickerBot appeared. When contacted, BrickerBot's author revealed that the malware is a personal project which he calls "Internet Chemotherapy" and he's "the doctor" who will kill all the cancerous unsecured IoT devices.

It's no secret that Amazon and Oracle don't see eye to eye. But things are far from improving, it appears. From a report: On Wednesday, two months after Oracle co-CEO Mark Hurd called Amazon's cloud infrastructure "old" and claimed his company was gaining share, Amazon Web Services chief Andy Jassy slammed Oracle for locking customers into painfully long and expensive contracts. "People are very sensitive about being locked in given the experience they've had the last 10 to 15 years," Jassy said on Wednesday on stage at Amazon's AWS Summit in San Francisco. "When you look at cloud, it's nothing like being locked into Oracle." Jassy was addressing a cultural shift in the way technology is bought and sold. No longer does the process involve the purchase of heavy proprietary software with multi-year contracts that include annual maintenance fees. Now, Jassy says, it's about choice and ease of use, including letting clients turn things off if they're not working.

From a report: Facebook will rely on an army of outside developers to contribute augmented reality image filters and interactive experiences to its new Camera Effects platform. Later today the first effects will become availabe inside Facebook's Camera feature on smartphones, but the Camera Effects platform is designed to eventually be compatible with future augmented reality hardware such as eyeglasses.

From a report on AnandTech: In a bit of breaking news this morning, it appears that Intel has decided to cancel their Intel Developer Forum tradeshow going forward, including this summer's expected IDF17. The company says, "Intel has evolved its event portfolio and decided to retire the IDF program moving forward. Thank you for nearly 20 great years with the Intel Developer Forum! Intel has a number of resources available on intel.com, including a Resource and Design Center with documentation, software, and tools for designers, engineers, and developers. As always, our customers, partners, and developers should reach out to their Intel representative with questions." Previously, Intel had stated that there would not be an IDF in China this year. However an IDF was still expected in the US, albeit with a "new format."

Over a million lines of code -- in existence for over 10 years -- gets updates in six-week "sprints" using source control and bug-tracking systems. But now an anonymous reader writes: In theory users report bugs, the developers "fix" the bugs, the users test and accept the fix, and finally the "fix" gets released to production as part of a larger change-set. In practice, the bug is reported, the developers implement "a fix", no one else tests it (except for the developer(s) ), and the "fix" gets released with the larger code change set, to production.

We (the developers) don't want to release "fixes" that users haven't accepted, but the code changes often include changes at all levels of the stack (database, DOAs, Business Rules, Webservices and multiple front-ends). Multiple code changes could be occurring in the same areas of code by different developers at the same time, making merges of branches very complex and error prone. Many fingers are in the same pie. Our team size, structure and locations prevent having a single gatekeeper for code check-ins... What tools and procedures do you use to prevent un-approved fixes from being deployed to production as part of the larger code change sets?
Fixes are included in a test build for users to test and accept -- but what if they never do? Leave your best answers in the comments. How woud you stop un-approved code changes from being deployed?

An anonymous reader quotes The Stack: Multinational tech giant Oracle has been charged $293 million USD for corporate tax evasion in South Korea. The $293 million charge is made up of back taxes, as well as a punitive charge from the government tax agency. The company was originally notified of the tax debt in January of last year, when the National Tax Service charged Oracle with evasion of corporate tax payments on 2 trillion won in earnings from 2008-2014.

Oracle was accused of funneling revenues to Ireland to avoid paying taxes in South Korea. In an audit of the company's books, the tax authority found that Oracle had channeled profits generated in South Korea to an Irish subsidiary; however, it was found that those funds ultimately profited the company's headquarters in the United States. Because of this, the NTS determined that Oracle should have paid taxes on profits generated in South Korea to the South Korean government.

Researchers recently surveyed 2,200 software developers to calculate the distribution of unhappiness throughout the profession, and to identify its top causes, "incorporating a psychometrically validated instrument for measuring (un)happiness." An anonymous reader quotes Motherboard: Daniel Graziotin and his team found their survey subjects via GitHub. Contact information was found by mining archived data for past public GitHub events, where email addresses are apparently more plentiful. They wound up with 33,200 records containing developer locations, contact information, and employers. They took a random sampling from this dataset and wound up with about 1,300 valid survey responses... According to survey results released earlier this month, software developers are on average a "slightly happy" group of workers...

Survey responses were scored according to the SPANE-B metric, a standard tool used in psychology to assess "affect," defined as total negative feelings subtracted from total positive feelings. It ranges from -24 to 24. The mean score found in the developer happiness survey was 9.05. Slightly happy. The minimum was -16, while the maximum was 24. So, even in the worst cases, employees weren't totally miserable, whereas in the best cases employees weren't miserable at all.
The paper -- titled "On the Unhappiness of Software Developers" -- found that the top cause of unhappiness was being stuck while solving a problem, followed by "time pressure," bad code quality/coding practices, and "under-performing colleague."

And since happiness has been linked to productivity, the researchers write that "Our results, which are available as open data, can act as guidelines for practitioners in management positions and developers in general for fostering happiness on the job...unhappiness is present, caused by various factors and some of them could easily be prevented."

Andy Hunt is one of the 17 software developers who wrote the Agile Manifesto, and he co-authored The Pragmatic Programmer. Now Slashdot reader cerberusss writes: In an interview with Best Programming Books, Andy Hunt mentions he "hates languages that introduce accidental complexity, such as JavaScript -- what a nightmare of pitfalls for newbies and even seasoned developers... My go-to languages are still Ruby for most things, or straight C for systems programming, Pi or Arduino projects." Furthermore, he mentions that "I tend to do more experimenting and engineering than pure code writing, so there's occasionally some soldering involved ;). Code is just one tool of many."
Andy writes that he also likes Elixir, talks about Agile, reveals how he survived his most challenging project, and says the biggest advancement in programming has been the open source movement. ("Imagine trying to study chemistry, but the first half of the elements were patent-protected by a major pharma company and you couldn't use them...") And he also answered an interesting follow-up question on Twitter: "Do you feel validated in an age of Node and GitHub? Some of your best chapters (scripting and source control) are SOP now!"

Andy's reply? "We've made some great progress, for sure. But there's much to be done still. E.g., You can't ship process."

Google has announced that its widely used Octane JavaScript benchmark is being retired, with Google saying that it's no longer a useful way for browser developers to determine how best to optimize their JavaScript engines. From a report: Google goes as far as saying that developers were essentially cheating the system. It says that compiler optimizations needed to achieve high benchmark scores have become common and, in the real world, these optimizations translate into only very small improvements in webpage performance. In fact, in some instances it was found that tactics used to boost benchmark performance actually had a detrimental effect on real-world performance. Developers exploited known bugs in Octane to achieve higher scores than were warranted, and Google believes the time has now come to retire the system completely.

An anonymous reader writes: Slashdot previously covered the story of Larry Garfield, a Drupal developer who was allegedly banned from the community for his BDSM/Gorean lifestyle, after he was outed by a colleague with a grudge. Now, dozens of core Drupal developers, committers, and funders have banded together in an open letter to Dries Buytaert, the CTO of Acquia, Drupal trademark owner, and Benevolent Dictator for Life (BDFL) of the Drupal project. Among other things, they demand that Larry Garfield be reinstated, threatening to abandon the project if their demands are not met. Here's an excerpt from the letter: "If you will not fight for us and restore our faith in the professionalism of the Drupal community, then a number of us will be permanently leaving the Drupal community, ceasing all contributions to the official, Drupal-branded branch of the codebase, and ceasing participation in all Drupal communities. This is not our first choice, but we cannot and will not participate in a community that encourages abusers to totally destroy people's careers for personal or ideological reasons."

An anonymous reader quotes a report from The Guardian: An artificial intelligence tool that has revolutionized the ability of computers to interpret everyday language has been shown to exhibit striking gender and racial biases. The findings raise the specter of existing social inequalities and prejudices being reinforced in new and unpredictable ways as an increasing number of decisions affecting our everyday lives are ceded to automatons. In the past few years, the ability of programs such as Google Translate to interpret language has improved dramatically. These gains have been thanks to new machine learning techniques and the availability of vast amounts of online text data, on which the algorithms can be trained. However, as machines are getting closer to acquiring human-like language abilities, they are also absorbing the deeply ingrained biases concealed within the patterns of language use, the latest research reveals. Joanna Bryson, a computer scientist at the University of Bath and a co-author, warned that AI has the potential to reinforce existing biases because, unlike humans, algorithms may be unequipped to consciously counteract learned biases. The research, published in the journal Science, focuses on a machine learning tool known as "word embedding," which is already transforming the way computers interpret speech and text.

An anonymous reader quotes a report from Quartz: In the United States, the past decade has been marked by booming cities, soaring rents, and a crush of young workers flocking to job-rich downtowns. Although these are heady days for pavement-pounding urbanists, a record 2.6% of American employees now go to their jobs without ever leaving their houses. That's more than walk and bike to work combined. These numbers come from a Quartz analysis of data from the U.S. census and the American Community Survey. The data show that telecommuting has grown faster than any other way of getting to work -- up 159% since 2000. By comparison, the number of Americans who bike to work has grown by 86% over the same period, while the number who drive or carpool has grown by only 12%. We've excluded both part-time and self-employed workers from these and all results. Though managers are the largest group of remote workers, as a percentage of a specific occupation computer programmers are the most over-represented. Nearly 8% of programmers now work from home, following a staggering increase of nearly 400% since 2000.

Microsoft has officially retired the security bulletins this week, which were issued to detail "each month's slate of vulnerabilities and accompanying patches for customers -- especially administrators responsible for companies' IT operations," writes Gregg Keizer via Computerworld. "The move to a bulletin-less Patch Tuesday brought an end to months of Microsoft talk about killing the bulletins that included an aborted attempt to toss them." From the report: Microsoft announced the demise of bulletins in November, saying then that the last would be posted with January's Patch Tuesday, and that the new process would debut Feb. 14. A searchable database of support documents would replace the bulletins. Accessed through the "Security Updates Guide" (SUG) portal, the database's content can be sorted and filtered by the affected software, the patch's release date, its CVE (Common Vulnerabilities and Exposures) identifier, and the numerical label of the KB, or "knowledge base" support document. SUG's forerunners were the web-based bulletins that have been part of Microsoft's patch disclosure policies since at least 1998. Microsoft did such a good job turning out those bulletins that they were considered the aspirational benchmark for all software vendors.In February Microsoft canceled that month's Patch Tuesday just hours before the security updates were to reach customers, making the bulletins' planned demise moot. Microsoft kept the bulletins the following month as well, saying it wanted to give users more time to prepare for the change to SUG. Finally, when Microsoft yesterday shipped cumulative security updates for Windows, Internet Explorer, Office and other products, it omitted the usual bulletins.

From a report on Quartz: Over the past decade, designers and engineers have invented dozens of new tools to keep us connected to the office without actually going there. Unsurprisingly, those same engineers have been among the first to start using them in large numbers. More programmers are working from home than ever and, among the most experienced, some are even beginning to demand it. In 2015, an estimated 300,000 full-time employees in computer science jobs worked from home in the US. Although not the largest group of remote employees in absolute numbers, that's about 8% of all programmers, which is a significantly larger share than in any other job category, and well above the average for all jobs of just under 3%. [...] Programmers not only work from home more often than other employees, when they do they are more likely to work all day at home. From 2012 to 2015, the average full-time programmer who worked from home said they spent an average of five and a half hours doing so. That's an 92% increase in the average time spent at home from 2003 to 2005, and nearly double the average for all jobs.

The Bank of Canada has hid a "Konami Code" Easter egg on its website celebrating their new $10 bank note. The Konami Code is a cheat code that appears in many Konami video games, allowing players to press a sequence of buttons on their game controller to enable the cheat. "The Bank of Canada's web team thought the Konami code [Easter egg] was a fun way to celebrate Canada's 150th anniversary of Confederation," Bank of Canada spokeswoman Josianne Menard told CTV news. Engadget reports: On top of being laden with anti-counterfeiting tech that makes it extremely difficult to copy (holograms, raised ink, color-changing images and polymer materials), the new ten is a who's who and what's what of Canadian history. It features Canada's founding Prime Minister John A. MacDonald, Agnes Macphail, first woman parliamentarian, and Indigenous peoples pioneer James Gladstone, known in his Blackfoot language as Akay-na-muka. It also shows Canada's prairies, the coastal mountains of British Columbia, the Canadian Shield, Atlantic coast, northern lights, Metis Assomption Sash, maple leaf and much more (no poutine, though). All of that is squeezed on the 152.4 x 69.85 mm note -- that's exactly 6 x 2.75 inches, because Canada uses the metric system but probably still buys its printing presses from the U.S. The Konami code is in keeping with Canada's tradition of doing cute, pop-culture things with its history.

From a report on Reuters: Bill Hinshaw is not a typical 75-year-old. He divides his time between his family -- he has 32 grandchildren and great-grandchildren -- and helping U.S. companies avert crippling computer meltdowns. Hinshaw, who got into programming in the 1960s when computers took up entire rooms and programmers used punch cards, is a member of a dwindling community of IT veterans who specialize in a vintage programming language called COBOL. The Common Business-Oriented Language was developed nearly 60 years ago and has been gradually replaced by newer, more versatile languages such as Java, C and Python. Although few universities still offer COBOL courses, the language remains crucial to businesses and institutions around the world. In the United States, the financial sector, major corporations and parts of the federal government still largely rely on it because it underpins powerful systems that were built in the 70s or 80s and never fully replaced. And here lies the problem: if something goes wrong, few people know how to fix it. The stakes are especially high for the financial industry, where an estimated $3 trillion in daily commerce flows through COBOL systems. The language underpins deposit accounts, check-clearing services, card networks, ATMs, mortgage servicing, loan ledgers and other services. The industry's aggressive push into digital banking makes it even more important to solve the COBOL dilemma. Mobile apps and other new tools are written in modern languages that need to work seamlessly with old underlying systems. That is where Hinshaw and fellow COBOL specialists come in. A few years ago, the north Texas resident planned to shutter his IT firm and retire after decades of working with financial and public institutions, but calls from former clients just kept coming.

"We are very excited about contributions from the community," announced Alphabet's DeepMind, open sourcing a new library to make it easier to build complex TensorFlow neural networks. An anonymous reader writes: "DeepMind foresees Sonnet to be used by the community as a research propellant," reports FossBytes. "Also, it would allow easy sharing of other models created by DeepMind with the community." Sonnet uses an object-oriented approach, a recent blog post explained, pointing to more details on GitHub. "The main principle of 'Sonnet' is to first construct Python objects which represent some part of a neural network, and then separately connect these objects into the TensorFlow computation graph."

DeepMind sees this as part of their broader commitment to open source AI research. "In recent months we've also open-sourced our flagship platform DeepMind Lab, and are currently working with Blizzard to develop an open source API that supports AI research in StarCraft II."

An anonymous reader writes: Open source guru Eric S. Raymond has announced public brainstorming on a "gallery of hacker archetypes to help motivate newbies" by defining several different psychologies commonly found among programmers. He's unveiled an initial list developed with a friend, along with some interesting commentary. (Algorithmicists often have poor social skills and "a tendency to fail by excessive cleverness. Never let them manage anyone!")

Raymond cautions that "No hacker is only one of these" -- though apparently most of the hackers he knows appear to be two of them, "an indication that we are, even if imperfectly, zeroing in on real traits." But the blog post ends by asking "What archetypes, if any, are we missing?"
It'll be interesting to see if Slashdot readers if they recognize themselves in any of the archetypes. But the blog post also answers the inevitable question. What archetype is Eric S. Raymond?

"Mostly Architect with a side of Algorithmicist and a touch of Jack-of-All-Trades."

"Scala is one of the JVM languages that manages to maintain a hip and professional vibe at the same time," writes long-time Slashdot reader Qbertino -- building up to a big question: One reason for this probably being that Scala was built by people who knew what they were doing. It has been around for a few years now in a mature form and I got curious about it a few years back. My question to the Slashdot community: Is getting into Scala worthwhile from a practical/industry standpoint or is it better to just stick with Java? Have you done larger, continuous multi-year, multi-man and mission-critical applications in Scala and what are your experiences?
The original submission asks two related questions. First, "Do you have to be a CS/math genius to make sense of Scala and use it correctly?" But more importantly, "Is Scala there to stay wherever it is deployed and used in real-world scenarios, or are there pitfalls and cracks showing up that would deter you from using Scala once again?" So share your experiences and answers in the comments. Would you recommend moving from Java to Scala?

Last week The Daily Beast ran an article about the FBI's arrest of "the hacker who hacked no one." In December they'd arrested 26-year-old Taylor Huddleston, "the author of a remote administration tool, or RAT, called NanoCore that happens to be popular with hackers." It's been "linked to intrusions in at least 10 countries," reported Kevin Poulsen, but "as Huddleston sees it, he's a victim himself -- hackers have been pirating his program for years and using it to commit crimes."

The article quotes Huddleston's lawyer, as well as a Cornell law professor who warns of the "chilling effect" of its implications on programmers. But it also says security experts who examined the software are "inherently skeptical" of Huddleston's claim that the software was intended for legal use, since that's "a common claim amongst RAT authors." Security researcher Brian Krebs also sees "a more complex and nuanced picture" after "a closer look at the government's side of the story -- as well as public postings left behind by the accused and his alleged accomplices."

Click through for the rest of the story.