An anonymous reader quotes a report from Ars Technica: The Raspberry Pi Compute Module is getting a big upgrade, with the same processor used in the recently released Raspberry Pi 3. The Compute Module, which is intended for industrial applications, was first released in April 2014 with the same CPU as the first-generation Raspberry Pi. The upgrade announced today has 1GB of RAM and a Broadcom BCM2837 processor that can run at up to 1.2GHz. "This means it provides twice the RAM and roughly ten times the CPU performance of the original Compute Module," the Raspberry Pi Foundation announcement said. This is the second major version of the Compute Module, but it's being called the "Compute Module 3" to match the last flagship Pi's version number. The new Compute Module has more flexible storage options than the original. "One issue with the [Compute Module 1] was the fixed 4GB of eMMC flash storage," the announcement said. But some users wanted to add their own flash storage. "To solve this, two versions of the [Compute Module 3] are being released: one with 4GB eMMC on-board and a 'Lite' model which requires the user to add their own SD card socket or eMMC flash." The core module is tiny so that it can fit into other hardware, but for development purposes there is a separate I/O board with GPIO, USB and MicroUSB, CSI and DSI ports for camera and display boards, HDMI, and MicroSD. The Compute Module 3 and the lite version cost $30 and $25, respectively.

Drawing on Haskell, Clojure, and ML, the new Lux language first targeted the Java Virtual Machine, but will be a universal, cross-platform language. An anonymous reader quotes JavaWorld: Currently in an 0.5 beta release, Lux claims that while it implements features common to Lisp-like languages, such as macros, they're more flexible and powerful in Lux... [W]hereas Clojure is dynamically typed, as many Lisp-like languages have been, Lux is statically typed to reduce bugs and enhance performance. Lux also lets programmers create new types programmatically, which provides some of the flexibility found in dynamically typed languages. The functional language Haskell has type classes, but Lux is intended to be less constraining. Getting around any constraints can be done natively to the language, not via hacks in the type system.
There's a a 16-chapter book about the language on GitHub.

Long-time Slashdot reader t0qer writes: I'm the IT director at a medical marijuana dispensary. Last week the point of sales system we were using was hacked... What scares me about this breach is, I have about 30,000 patients in my database alone. If this company has 1,000 more customers like me, even half of that is still 15 million people on a list of people that "Smoke pot"...
" No patient, consumer, or client data was ever extracted or viewed," the company's data directory has said. "The forensic analysis proves that. The data was encrypted -- so it couldn't have been viewed -- and it was never extracted, so nobody has it and could attempt decryption." They're saying it was a "targeted" attack meant to corrupt the data rather than retrieve it, and they're "reconstructing historical data" from backups, though their web site adds that their backup sites were also targeted.

"In response to this attack, all client sites have been migrated to a new, more secure environment," the company's CEO announced on YouTube Saturday, adding that "Keeping our client's data secure has always been our top priority." Last week one industry publication had reported that the outage "has sent 1,000 marijuana retailers in 23 states scrambling to handle everything from sales and inventory management to regulatory compliance issues."

Slashdot reader snydeq shared "11 Predictions For the Future of Programming" by InfoWorld's contributing editor -- and one prediction was particularly dire: The passing of the PC isn't only the slow death of a particular form factor. It;s the dying of a particularly open and welcoming marketplace... Consoles are tightly locked down. No one gets into that marketplace without an investment of capital. The app stores are a bit more open, but they're still walled gardens that limit what we can do. Sure, they are still open to programmers who jump through the right hoops but anyone who makes a false move can be tossed...

For now, most of the people reading this probably have a decent desktop that can compile and run code, but that's slowly changing. Fewer people have the opportunity to write code and share it. For all of the talk about the need to teach the next generation to program, there are fewer practical vectors for open code to be distributed.

dryriver writes: Somebody I know has been searching up and down the internet for an open source software that can apply GPU pixel shaders (HLSL/GLSL/Cg/SweetFX) to a video and save the result out to a video file. He came up with nothing, so I said "Why not petition the open source community to create such a tool?" His reply was "Where exactly does one go to ask for a new open source software?"

So that is my question: Where on the internet can one best go to request that a new open source software tool that does not exist yet be developed? Or do open source tools only come into existence when someone -- a coder -- starts to build a software, opens the source, and invites other coders to join the fray?
This is a good place to discuss the general logistics of new open source projects -- so leave your best answers in the comments. What's the best place to suggest new open source software?

Linux.com highlights some interesting statistics about npm, the package manager for Node.js.

• "At over 350,000 packages, the npm registry contains more than double the next most populated package registry (which is the Apache Maven repository). In fact, it is currently the largest package registry in the world."
• In the preceding four weeks, users installed 18 billion packages.
• This translates into 6 billion downloads, "because approximately 66 percent of the installs are now being served from the cache."
• ping.npmjs.com "shows that the registry's services offer a 99.999 uptime."
• Every week roughly 160 people publish their first package in the registry

But what about the incident last year where a developer suddenly pulled all their modules and broke thousands of dependent projects? npm's Ashley Williams "admitted that the left-pad debacle happened because of naive policies at npm. Since, the npm team have devised new policies, the main one being that you are only allowed to unpublish a package within 24 hours of publishing it." And their new dissociate and deprecate policy allows developers to mark packages as "unmaintained" without erasing them from the registry.

Social network App.net is shutting down once and for all in March. The company said on March 14 it will be deleting all user data. The announcement comes two years after the company ceased active development on the platform. From the official blog post: Ultimately, we failed to overcome the chicken-and-egg issue between application developers and user adoption of those applications. We envisioned a pool of differentiated, fast-growing third-party applications would sustain the numbers needed to make the business work. Our initial developer adoption exceeded expectations, but that initial excitement didn't ultimately translate into a big enough pool of customers for those developers. This was a foreseeable risk, but one we felt was worth taking.

Software developer Chris Lattner, who is the main author of LLVM as well as Apple's Swift programming language, is leaving Apple, he said today. From a post: When we made Swift open source and launched Swift.org we put a lot of effort into defining a strong community structure. This structure has enabled Apple and the amazingly vibrant Swift community to work together to evolve Swift into a powerful, mature language powering software used by hundreds of millions of people. I'm happy to announce that Ted Kremenek will be taking over for me as "Project Lead" for the Swift project, managing the administrative and leadership responsibility for Swift.org. This recognizes the incredible effort he has already been putting into the project, and reflects a decision I've made to leave Apple later this month to pursue an opportunity in another space. We're delighted to share that we are interviewing Lattner, who says he's a "long-time reader/fan of Slashdot." Please leave your question in the comments section. Lattner says he'll talk about "open source (llvm/clang/swift/etc) or personal topics," but has requested that we do not ask him about Apple, which is understandable.

Update: Lattner is joining Tesla.

One year away from graduating with a CS degree, an anonymous reader wants some insights from the Slashdot community: [My] curriculum is rather broad, ranging from systems programming on a Raspberry Pi to HTML, CSS, JavaScript, C, Java, JPA, Python, Go, Node.js, software design patterns, basic network stuff (mostly Cisco) and various database technologies... I'm working already part-time as a system administrator for two small companies, but don't want to stay there forever because it's basically a dead-end position. Enjoying the job, though... With these skills under my belt, what career path should I pursue?
There's different positions as well as different fields, and the submission explains simply that "I'm looking for satisfying and rewarding work," adding that "pay is not that important." So leave your suggestions in the comments. What's the best job for this recent CS grad?

An anonymous reader writes: Java overtook C as the most popular language in mid-2015 on the TIOBE Programming Community index. But now over the last 13 months, they show C's popularity consistently dropping more and more. C's score had hovered between 15% and 20% for over 15 years but as 2016 ended, the language's popularity is now down to 8.7%. "There is no clear way back to the top," reports the site, asking what happened to C? "It is not a language that you think of while writing programs for popular fields such as mobile apps or websites, it is not evolving that much and there is no big company promoting the language."

But the Insights blog at Dice.com counters that TIOBE "has hammered on C for quite some time. Earlier this year, it again emphasized how C is 'hardly suitable for the booming fields of web and mobile app development.' That being said, job postings on Dice (as well as rankings compiled by other organizations) suggest there's still widespread demand for C, which can be used in everything from operating systems to data-intensive applications, and serves many programmers well as an intermediate language."
i-programmer suggests this could just be an artifact of the way TIOBE calculates language popularity (by totaling search engine queries). Noting that Assembly language rose into TIOBE's top 10 this year, their editor wrote, "Perhaps it is something to do with the poor state of assembly language documentation that spurs on increasingly desperate searches for more information." Maybe C programmers are just referring to their K&R book instead of searching for solutions online?

An anonymous reader quotes InfoWorld: Grumpy, an experimental project from Google, transpiles Python code into Go, allowing Python programs to be compiled and run as static binaries using the Go toolchain... In a blog post announcing the open source release, Google stated the project stemmed from its efforts to speed up the Python-powered front end for YouTube. But Google hit an obstacle that's familiar to folks who've deployed Python in production: It's hard to get CPython -- the default Python interpreter written in C -- to scale efficiently. "We think Grumpy has the potential to scale more gracefully than CPython for many real world workloads," writes Google...

Because it doesn't support C extensions, Grumpy doesn't have CPython's Global Interpreter Lock, which is commonly cited as a roadblock to running Python concurrent workloads smoothly. Grumpy also uses Go's garbage collection mechanisms to manage memory under the hood, instead of CPython's. Grumpy creates close interoperation between Python and Go by allowing Go packages to be imported and used with the same syntax as Go modules.

An anonymous reader writes: What's the best unofficial way to deal with a gaslighting colleague? For those not familiar, I mean "bullies unscheduling things you've scheduled, misplacing files and other items that you are working on and co-workers micro-managing you and being particularly critical of what you do and keeping it under their surveillance. They are watching you too much, implying or blatantly saying that you are doing things wrong when, in fact, you are not...a competitive maneuver, a way of making you look bad so that they look good." I'd add poring over every source-code commit, and then criticizing it even if the criticism is contradictory to what he previously said.
The submission adds that "Raising things through the official channels is out of the question, as is confronting the colleague in question directly as he is considered something of a superstar engineer who has been in the company for decades and has much more influence than any ordinary engineer." So leave your best suggestions in the comments. How would you deal with a gaslighting colleague?

WikiLeaks said on Twitter earlier today that it wants to publish the private information of hundreds of thousands of verified Twitter users. The group said an online database would include such sensitive details as family relationships and finances. USA Today reports: "We are thinking of making an online database with all 'verified' twitter accounts [and] their family/job/financial/housing relationships," the WikiLeaks Task Force account tweeted Friday. The account then tweeted: "We are looking for clear discrete (father/shareholding/party membership) variables that can be put into our AI software. Other suggestions?" Wikileaks told journalist Kevin Collier on Twitter that the organization wants to "develop a metric to understand influence networks based on proximity graphs." Twitter bans the use of Twitter data for "surveillance purposes." In a statement, Twitter said: "Posting another person's private and confidential information is a violation of the Twitter rules." Twitter declined to say how many of its users have verified accounts but the Verified Twitter account which follows verified accounts currently follows 237,000. Verified accounts confirm the identity of the person tweeting by displaying a blue check mark. Twitter says it verifies an account when "it is determined to be an account of public interest." Twitter launched the feature in 2009 after celebrities complained about people impersonating them on the social media service.

From a report on Neowin: A few months ago, Microsoft announced that it was shuttering its TechRewards program in 2017. The project, that was originally started by Nokia under the name DVLUP rewards program, aimed to reward developers with badges, XP, gift cards and other prizes for developing or incorporating new features in their apps. When Microsoft acquired Nokia's devices and services division back in 2014, the program was rebranded to Microsoft TechRewards. Today, Microsoft has formally shut down the TechRewards program.

Senior Program Manager at Microsoft has responded to speculations that Command Prompt is going away. He writes: The Cmd shell remains an essential part of Windows, and is used daily by millions of businesses, developers, and IT Pro's around the world. In fact:
1. Much of the automated system that builds and tests Windows itself is a collection of many Cmd scripts that have been created over many years, without which we couldn't build Windows itself!
2. Cmd is one of the most frequently run executables on Windows with a similar number of daily launches as File Explorer, Edge and Internet Explorer!
3. Many of our customers and partners are totally dependent on Cmd, and all its quirks, for their companies" existence!
In short: Cmd is an absolutely vital feature of Windows and, until there's almost nobody running Cmd scripts or tools, Cmd will remain within Windows.

Apple said Thursday its App Store generated $20 billion for developers in 2016, a 40 percent increase from 2015, helped by the popularity of games such as Pokemon Go and Super Mario Run and increased revenue from subscriptions. From a report on CNBC: "2016 was an amazingly great year for the App Store," Philip Schiller, Apple's senior vice president of worldwide marketing, told CNBC. "We continue to advance what is available for developers to create. And our catalog of apps grew 20 percent to 2.2 million." Schiller said the biggest drivers for the App Store included games such as "Pokemon Go," which was the most downloaded app in 2016; "Super Mario," which was the most downloaded app on Christmas and New Year's days; and subscription-based apps, such as Netflix, Hulu and Time Warner's HBO Go. The tech giant said its biggest day of sales on the App Store was on Jan. 1, 2017, when customers spent a record $240 million. The top grossing markets included the U.S, U.K., Japan and China, which saw 90 percent year-over-year growth.

An employee at Forza Horizon 3 developer Playground Games accidentally green-lighted the wrong update file for PC players, who found themselves downloading a whopping 53GB download that turned out to be an unencrypted future build (.37.2) of the entire game intended for developers. Motherboard reports: Naturally, players who'd managed to download it yesterday had a field day leaking the information within, right down to massive posts on Imgur showing all the new cars and forum threads detailing the Porsches thought to come in an future unannounced pack. Since Forza Horizon 3 requires a constant online connection and works off of a constantly refreshing save file, anyone who played the new patch on PC found themselves slapped with an error saying their Forza profiles were no longer available. Playing it with the new build would thus effectively mean starting a new game from scratch, even if they'd dumped dozens of hours into Forza Horizon 3 since its release last September. But starting over is exactly what players shouldn't have done. The best thing they could do was shut down the game, walk away, and wait for a fix. "PC players who completed the download of .37.2 and then started a new game save will have a corrupted saved game," wrote Brian Ekberg, Forza's community manager, in a forum post. "Avoid creating a new saved game on .37.2, and only play on .35.2 to avoid this issue. As long as you have an existing save and have not created a new one on .37.2, your saved game will work correctly once the update is available."

An anonymous reader writes: "An attacker going by the name of Harak1r1 is hijacking unprotected MongoDB databases, stealing and replacing their content, and asking for a 0.2 Bitcoin ($200) ransom to return the data," reports Bleeping Computer. According to John Matherly, Shodan founder, over 1,800 MongoDB databases have had their content replaced with a table called WARNING that contains the ransom note. Spotted by security researcher Victor Gevers, these databases are MongoDB instances that feature no administrator password and are exposed to external connections from the internet. Database owners in China have been hit, while Bleeping Computer and MacKeeper have confirmed other infections, one which hit a prominent U.S. healthcare organization and blocked access to over 200,000 user records. These attacks are somewhat similar to attacks on Redis servers in 2016, when an unknown attacker had hijacked and installed the Fairware ransomware on hundreds of Linux servers running Redis DB. The two series of attacks don't appear to be related.

An anonymous reader writes: Chuck Finley checked out 2,361 books from a Florida library in just nine months, increasing their total circulation by 3.9%. But he doesn't exist. "The fictional character was concocted by two employees at the library, complete with a false address and driver's license number," according to the Orlando Sentinel. The department overseeing the library acknowledges their general rule is "if something isn't circulated in one to two years, it's typically weeded out of circulation." So the fake patron scheme was concocted by a library assistant working with the library's branch supervisor, who "said he wanted to avoid having to later repurchase books purged from the shelf." But according to the newspaper the branch supervisor "said the same thing is being done at other libraries, too."

Slashdot reader horrido shares an article that "has done more for Smalltalk advocacy than any other article in memory." It was the second-most popular article of the year on the Hewlett Packard Enterprise site TechBeacon (recently passing 20,000 views), with Richard Eng, the founder of the nonprofit Smalltalk Renaissance, arguing that the 44-year-old language is much more than a tool for teachers -- and not just because Amber Smalltalk transpiles to JavaScript for front-end web programming. It's a superlative prototyping language for startups. It's an industrial-strength enterprise language used by businesses both big and small all around the globe... Smalltalk's implementation of the object-oriented paradigm is so excellent that it has influenced an entire generation of OO languages, such as Objective-C, Python, Ruby, CLOS, PHP 5, Perl 6, Erlang, Groovy, Scala, Dart, Swift, and so on. By learning Smalltalk, you'll understand how all of those useful features in today's OO languages came to be.
The article also argues that Smalltalk pioneered just-in-time compilation and virtual machines, the model-view-controller design paradigm, and to a large extent, even test-driven development. But most importantly, Smalltalk's reliance on domain-specific languages makes it "the 'purest' OO, and one of the earliest... It is often said that programming in Smalltalk or Python is rather like Zen; your mind just flows effortlessly with the task. This is the beauty and value of language simplicity, and Smalltalk has this in spades... Smalltalk, by virtue of its object purity and consistency, will give you a profoundly better understanding of object-oriented programming and how to use it to its best effect."