An anonymous reader quotes a report from The Next Web: Google today introduced a new feature that will tag and help find "fact checking in large news stories." Tagged articles will show up in the new story box on news.google.com, as well as in the Google News and Weather app for iOS and Android in the US and UK. There's a two-pronged approach to detecting fact checking. First Google looks for actual markup in the site's source code. Then Google looks for pages "that follow the commonly accepted criteria for fact checks." You can learn more about the process here. To be clear, the tags show up in small grey text above the article links -- Google itself isn't passing judgement, nor does it tell you the source article's conclusion in search results. It's merely a sign that says "hey, read me to find out the truth." Still, it's a nice way to make sure readers are at least forming opinions based on fact rather than fiction.

An anonymous reader writes from a report via Gizmodo: For the past several days, WikiLeaks has been publishing thousands of emails belonging to Clinton campaign chairman John Podesta -- and the leaks are starting to cause some serious damage. Gizmodo reports: "Many of the leaked emails contained contact info, cell phone numbers, and account data, none of which was redacted by Wikileaks before being posted. With this information accessible to anyone with the time and energy to read through it all, users on 4chan's /pol/ (politically incorrect) board were able to gain access to Podesta's Twitter account, tweeting a message in support of Trump. Imageboard posters also stumbled on an email containing Podesta's Apple ID -- and appear to have exploited it. 'iPad/iPhone info and data wiped out,' a post on Endchan claimed, show screenshots of what seems to be the hacker gaining access to Find My iPhone using Podesta's credentials. If Podesta's Apple ID was compromised, it stands to reason that his iCloud account was similarly vulnerable. And sure enough, Redditor's on r/The_Donald claim Podesta's iCloud data was downloaded. A hacker known as CyberZeist also appears to have uncovered the passwords to dozens of senators' email addresses, as well as social security numbers and credit card info for many Democrats including Vice President Joe Biden, Senate Minority Leader Harry Reid, House Minority Leader Nancy Pelosi, and acting Chair of the DNC Donna Brazile. The information was posted to pastebin.

An anonymous reader writes: Dennis Ritchie invented the "C" programming language, so a second round of honors comes as no surprise. Although five years ago he passed away, some confusion over a tweet started the social media avalanche known as "second death syndrome". The problem, especially if you look at it from Ritchie's perspective, is that he's been dead for five years -- exactly five years. That time gap seems to have escaped some of the biggest names in tech, including Google CEO Sundar Pichai, who late Wednesday tweeted out Wired's five-year-old obituary on Ritchie, thanking him for his "immense contributions." Om Malik, a partner at True Ventures and the founder of tech site GigaOm, retweeted Pichai's tribute before soon recognizing his mistake and tweeting an apology for "adding to the confusion and noise." Craig Newmark, founder of the popular online bulletin board Craigslist, also paid his respects, saying, "this guy made a huge contribution to the world."

An anonymous Slashdot reader writes: There's now a section on OReilly.com offering free ebooks about computer programming. There's four free Java ebooks and seven about Python, as well as an "Other" section which contains ebooks like C++ Today, Swift Pocket Reference, and Why Rust? But there's also some broader categories for Open Source and Software Architecture ebooks, as well as separate sections for their free ebooks about Data, Security, Web Development, and the Internet of Things.

Linus Torvalds answered a question about his favorite chip architecture at the Linaro Connect conference. An anonymous Slashdot reader quotes PCWorld: People are too fixated with the instruction set and the CPU core, Torvalds said. But ultimately "what matters is all the infrastructure around the instruction set, and x86 has all that infrastructure... at a lot of different levels. It's open in a way that no other architecture is... Being compatible just wasn't as big of a deal for the ARM ecosystem as it has been traditionally for the x86 ecosystem... I've been personally pretty disappointed with ARM as a hardware platform, not as an instruction set, though I've had my issues there, too. As a hardware platform, it is still not very pleasant to deal with."
You can watch the whole half-hour conversation on YouTube. My favorite part is where Linus candidly acknowledges that "sometimes my grumpiness makes more news than my being nice... 99% of the time I'm a very happy manager, and I mentally pat people on the head all the time. That maybe then highlights the times when things don't work so well a bit more."

Long-time Slashdot reader theodp writes: In August, Melinda Gates penned Computers Are For Girls, Too, in which she lamented that her daughters "are half as likely to major in computer science as I was 30 years ago." So, what's changed in the last 30 years? Well, at last week's DreamForce Conference, Gates credited access to Apple computers at school and home for sparking her own interest in computer science [YouTube], leading to a career at Microsoft.

So, as she seeks ways to encourage more women to get into tech, Melinda may want to consider the effects of denying her own children access to Apple products [2010 interview] and of Microsoft [in 1984] stopping computers from shipping with a beginner's programming language (a 14-year-old Melinda reportedly cut her coding teeth on BASIC).
Melinda can raise her kids however she wants -- maybe her kids will just start programming with the Ubuntu that's shipping with Windows 10. But is it a problem that there's no beginner's programming language currently shipping with Macs? Over the years Macs have shipped with Perl, Python, Ruby, tcl, and a Unix shell. Do you think Apple could encourage young programmers more by also shipping their Macs with BASIC?

Long-time Slashdot reader Esther Schindler points us to a new article at OReilly.com: Those of us who telecommute cannot quite fathom the reasons companies give for refusing to let people work from home. But even if you don't agree with their decision, they do have reasons -- and not all of them are, "Because we like to be idiots." In "5 reasons why the company you want to work for won't hire telecommuters", hiring managers share their sincere reasons to insist you work in the office -- and a few tips for how you might convince them otherwise.
The arguments against telecommuting range from "creativity happens in the hallway" to "the extra logistics aren't worth it," and the article suggests the best counterarguments include pointing out a past history of successfully telecommuting and allowing your employer to gradually transition you into a remote position. And if all else fails, just become a "rock star," because according to one tech placement company, "For the right talent and when a role has been open for a very long time, they tend to give in."

An anonymous reader quotes a report from Den of Geek UK: Two students at Carnegie Mellon University have designed an artificial intelligence program that is capable of beating human players in a deathmatch game of 1993's Doom. Guillaume Lample and Devendra Singh Chaplot spent four months developing a program capable of playing first-person shooter games. The program made its debut at VizDoom (an AI competition that centered around the classic shooter) where it took second place despite the fact that their creation managed to beat human participants. That's not the impressive part about this program, however. No, what's really impressive is how the AI learns to play. The creator's full write-up on the program (which is available here) notes that their AI "allows developing bots that play the game using the screen buffer." What that means is that the program learns by interpreting what is happening on the screen as opposed to following a pre-set series of command instructions alone. In other words, this AI learns to play in exactly the same way a human player learns to play. This theory has been explored practically before, but Doom is arguably the most complicated game a program fueled by that concept has been able to succeed at. The AI's creators have already confirmed that they will be moving on to Quake, which will be a much more interesting test of this technologies capabilities given that Quake presents a much more complex 3D environment.

BuzzFeed has become the latest website to be compromised by hackers. A number of stories on the website have been vandalized by hackers in what appears a retaliation for a story that claimed to expose a member of their group. The hacker group, which calls itself OurMine, changed titles of several BuzzFeed posts to note that the website has been hacked. There's another note left by hackers which says "share fake news about us again." From a report: Several stories on BuzzFeed.com have been affected, with The Drum receiving the below message on a link that was meant to contain a news feature. The hackers warned BuzzFeed that it has the media owner's "database," adding: "Next Time it will be public. Don't fuck with OurMine again." The group has claimed responsibility for several high-profile hacks over the past 12 months including security breaches which saw them access the accounts of Facebook chief Mark Zuckerberg, Google boss Sundar Pichai and former Twitter head Dick Costolo. Some Twitter users were reporting that hacking outfit's message had appeared on "dozens" of articles on BuzzFeed, but the site appears to have dealt with the cyber attack quite quickly.

At its hardware launch event earlier today, Google launched Google Home, a voice-activated speaker that aims to give Amazon's Echo a run for its money. The speaker is always-listening and uses Google's Assistant to deliver sports scores, weather information, commute times, and much more. Tech Crunch reports: So like the Echo, Google Home combines a wireless speaker with a set of microphones that listen for your voice commands. There is a mute button on the Home and four LEDs on top of the device so you can know when it's listening to you; otherwise, you won't find any other physical buttons on it. As for music, Google Home will feature built-in support for Google Play Music, Spotify, Pandora and others. You can set up a default music service, too, so you don't always have to tell Google that you want to play a song "on Spotify." Google also noted that Home's music search is powered by Google, so it can understand relatively complex queries. Music on Google Home will also support podcast listening and because it's a Cast device, you can stream music to it from any other Cast-enabled device. Home integrates with Google's Chromecasts and Cast-enabled TVs. For now, that mostly means watching YouTube videos, but Google says it will also support Netflix, too. Google Home will cost $129 (with a free six-month trial of YouTube Red) and go on sale on Google's online store today. It will ship on November 4. What's more is that developers will be able to integrate their third-party apps with Google Assistant via "Actions on Google." With Actions on Google, developers will be able to create two kinds of actions: Direct and Conversation. Direct is made for relatively simple requests like home automation, while Conversation is made for a back and forth interaction utilizing API.ai. Actions on Google will also allow third-party hardware to take advantage of Google Assistant. Those interested can sign-up for the service today. But Google didn't stop there. The company went on to reveal all-new, multi-point Wifi routers called Google Wifi. The Verge reports: The Wifi router can be purchased two ways: as a single unit or in a multipack, just like Eero. A single unit is $129, while the three-pack will cost $299. Google says Wifi will be available for preorder in the U.S. in November and will ship to customers in December. There was no mention of international availability. Google says it has developed a number of technologies to make the Wifi system work, including intelligent routing of traffic from your phone or device to the nearest Wifi unit in your home. It supports AC 1200 wireless speeds, as well as simultaneous dual-band 2.4GHz and 5GHz networks. It also has beamforming technology and support for Bluetooth Smart. Google says the system will handle channel management and other traffic routing automatically.

"The cost of cyber attacks is 1/10th to 1/100th the cost of cyber defense," says the CTO of Splunk -- because the labor is cheap, the tools are free, and the resources are stolen. "He says what's needed to bring down the cost of defense is collaboration between the public sector, academia and private industry...the space race for this generation," reports Slashdot reader davidmwilliams.

Splunk CTO Snehal Antani suggests earlier "shift left" code testing and continuous delivery, plus a wider use of security analytics. But he also suggests a moving target defense "in which a shapeshifting network can prevent reconnaissance attacks" with software defined networks using virtual IP addresses that would change every 10 seconds. "This disrupts reconnaissance attacks because a specific IP address may be a Windows box one moment, a Linux box another, a mainframe another."

"Most software, even critical system software, is insecure Swiss cheese held together with duct tape, bubble wrap, and bobby pins..." writes TechCrunch. An anonymous reader quotes their article: Everything is terrible because the fundamental tools we use are, still, so flawed that when used they inevitably craft terrible things... Almost all software has been bug-ridden and insecure for so long that we have grown to think that this is the natural state of code. This learned helplessness is not correct. Everything does not have to be terrible...

Vast experience has shown us that it is unrealistic to expect programmers to write secure code in memory-unsafe languages...as an industry, let's at least set a trajectory. Let's move towards writing system code in better languages, first of all -- this should improve security and speed. Let's move towards formal specifications and verification of mission-critical code.
Their article calls for LangSec testing, and applauds the use of languages like Go and Rust over memory-unsafe languages like C. "Itâ(TM)s not just systemd, not just Linux, not just software; the whole industry is at fault."

Slashdot reader McGruber reports that federal prosecutors "have filed conspiracy charges against a part-owner of two information technology firms and an employee for fraudulently using the H-1B program". Both were reportedly recruiting foreign IT workers, according to the AP: Prosecutors said the conspirators falsely represented that the foreign workers had full-time positions and were paid an annual salary [when] the workers were only paid when placed at a third-party client, and the defendants sometimes generated false payroll records... The defendants are charged with conspiracy to commit visa fraud and obstruct justice and conspiracy to harbor aliens.
They're now facing up to 15 years in prison for an "alien-harboring conspiracy" charge -- with a maximum penalty of up to 10 years in prison and a $250,000 fine -- and a separate visa fraud and obstruction of justice charge with a maximum 5-year penalty and a $250,000 fine.

An anonymous Slashdot reader quotes InfoWorld: Java applications will get faster startup times thanks to a formal proposal to include ahead-of-time compilation in the platform. The draft Java Development Kit proposal, authored by Vladimir Kozlov, principal technical staff member at Oracle, is targeted for inclusion in Java 9, which is expected to be available next summer. "We would love to see this make it into JDK 9, but that will of course depend on the outcome of the OpenJDK process for this JDK Enhancement Proposal," said Georges Saab, vice president of software development in the Java platform group at Oracle, on Thursday. Ahead-of-time compilation has been a stated goal for Java 9 to address the issue of slow startup...

The proposal summary notes that Java classes would be compiled to native code prior to launching the virtual machine. The ultimate goal is to improve the startup time of small or large Java applications while having "at most" a limited impact on peak performance and minimizing changes to the user workflow.
Tests indicates some applications perform better while some actually perform worse, so it's being proposed as an opt-in feature where dissatisfied users "can just rebuild a new JDK without ahead-of-time libraries."

An anonymous reader quotes a report from Business Insider: The actual tally of stolen user accounts from the hack Yahoo experienced could be much larger than 500 million, according to a former Yahoo executive familiar with its security practices. The former Yahoo insider says the architecture of Yahoo's back-end systems is organized in such a way that the type of breach that was reported would have exposed a much larger group of user account information. To be sure, Yahoo has said that the breach affected at least 500 million users. But the former Yahoo exec estimated the number of accounts that could have potentially been stolen could be anywhere between 1 billion and 3 billion. According to this executive, all of Yahoo's products use one main user database, or UDB, to authenticate users. So people who log into products such as Yahoo Mail, Finance, or Sports all enter their usernames and passwords, which then goes to this one central place to ensure they are legitimate, allowing them access. That database is huge, the executive said. At the time of the hack in 2014, inside were credentials for roughly 700 million to 1 billion active users accessing Yahoo products every month, along with many other inactive accounts that hadn't been deleted. In late 2013, Yahoo CEO Marissa Mayer said the company had 800 million monthly active users globally. It currently has more than 1 billion.

Orome1 quotes a report from Help Net Security: Despite high-profile, large-scale data breaches dominating the news cycle -- and repeated recommendations from experts to use strong passwords -- consumers have yet to adjust their own behavior when it comes to password reuse. A global Lab42 survey, which polled consumers across the United States, Germany, France, New Zealand, Australia and the United Kingdom, highlights the psychology around why consumers develop poor password habits despite understanding the obvious risk, and suggests that there is a level of cognitive dissonance around our online habits. When it comes to online security, personality type does not inform behavior, but it does reveal how consumers rationalize poor password habits. My personal favorite: password paradox. "The survey revealed that the majority of respondents understand that their digital behavior puts them at risk, but do not make efforts to change it," reports Help Net Security. "Only five percent of respondents didn't know the characteristics of a secure password, with the majority of respondents understanding that passwords should contain uppercase and lowercase letters, numbers and symbols. Furthermore, 91 percent of respondents said that there is inherent risk associated with reusing passwords, yet 61 percent continue to use the same or similar passwords anyway, with more than half (55 percent) doing so while fully understanding the risk." The report also found that when attempting to create secure passwords, "47 percent of respondents included family names or initials," while "42 percent contain significant dates or numbers and 26 percent use the family pet."

MojoKid writes: One common gripe in the twenty-first century is that nothing is built to last anymore. Even complex, expensive computers seem to have a relatively short shelf-life nowadays. However, one computer in a small auto repair shop in Gdansk, Poland has survived for the last twenty-five years against all odds. The computer in question here is a Commodore C64 that has been balancing driveshafts non-stop for a quarter of a century. The C64C looks like it would fit right in with a scene from Fallout 4 and has even survived a nasty flood. This Commodore 64 contains a few homemade aspects, however. The old computer uses a sinusoidal waveform generator and piezo vibration sensor in order to measure changes in pressure, acceleration, temperature, strain or force by converting them to an electrical charge. The C64C interprets these signals to help balance the driveshafts in vehicles. The Commodore 64 (also known as the C64, C-64, C= 64) was released in January 1982 and still holds the title for being the best-selling computer of all time.

MojoKid writes: If you thought that the massive DDoS attack earlier this month on Brian Krebs' security blog was record-breaking, take a look at what just happened to France-based hosting provider OVH. OVH was the victim of a wide-scale DDoS attack that was carried via a network of over 152,000 IoT devices. According to OVH founder and CTO Octave Klaba, the DDoS attack reached nearly 1 Tbps at its peak. Of those IoT devices participating in the DDoS attack, they were primarily comprised of CCTV cameras and DVRs. Many of these devices have improperly configured network settings, which leaves them ripe for the picking for hackers that would love to use them to carry out destructive attacks.The DDoS peaked at 990 Gbps on September 20th thanks to two concurrent attacks, and according to Klaba, the original botnet was capable of a 1.5 Tbps DDoS attack if each IP topped out at 30 Mbps. This massive DDoS campaign was directed at Minecraft servers that OHV was hosting. Octave Klaba / Oles tweeted: "Last days, we got lot of huge DDoS. Here, the list of 'bigger that 100Gbps' only. You can the simultaneous DDoS are close to 1Tbps!"

An anonymous Slashdot reader writes: Following a common technique among political pollsters, a technology columnist combined the results from various measures of programming language popularity for a more definitive answer about the most important languages to study. He used IEEE Spectrum's interactive list of the top programming languages, which lets you adjust the weight given to the number of job listings and number or open source projects, then combined it with the TIOBE Index (which is based on search engine results), and the PYPL Index, which checks the number of tutorials for each programming language on Google.

The results? "The top cluster contains Java, C, Python, and C++. Without a doubt, you should attain familiarity with these four languages." He points out they're not tied to a specific programming platform, unlike languages in the second cluster -- JavaScript, C#, PHP, and Swift -- while the last two languages in the top 10 were Objective-C and R. "The C-family of languages still dominates. Java, C++, C, C#, and even Objective-C are all C-based languages. If you're only going to learn one language, you should pick one of those." But his ultimate advice is to "learn multiple languages and multiple frameworks... Programming is not just an intellectual exercise. You have to actually make stuff."

An anonymous Slashdot reader quotes the AP: All 800 police departments in California must begin using a new online tool launched Thursday to report and help track every time officers use force that causes serious injuries... The tool, named URSUS for the bear on California's flag, includes fields for the race of those injured and the officers involved, how their interaction began and why force was deemed necessary.

"It's sort of like TurboTax for use-of-force incidents," said Justin Erlich, a special assistant attorney general overseeing the data collection and analysis. Departments must report the data under a new state law passed last November. Though some departments already tracked such data on their own, many did not... "As a country, we must engage in an honest, transparent, and data-driven conversation about police use of force," California Attorney General Kamala Harris said in a news release.
It's an open source tool developed by Bayes Impact, and California plans to share the code with other interested law enforcement agencies across the country. Only three other states currently require their police departments to track data about use-of-force incidents, "but their systems aren't digital, and in Colorado's case, only capture shootings."