Communications

Inside 'Emojigeddon': The Fight Over The Future Of The Unicode Consortium (buzzfeed.com) 226

An anonymous reader quotes a report on Buzzfeed: There's trouble afoot inside the Emoji Council of Elders, or, at the very least, signs of a low-simmering schism that's being referred to by some of its participants -- perhaps with less humor than one might expect -- as "Emojigeddon." A series of frustrated emails show a deepening rift between those who adhere to the organization's original mission to code old and obscure and minority languages and those who are investing time and resources toward Unicode's newer and most popular character sets: emojis. From the article: "The correspondence offers a peek behind the scenes of the peculiar and little-known organization that's unexpectedly been tasked with building what some see as the first digital universal language." What are your thoughts of emojis? Have you embraced and intertwined them into your digital language or are you unconvinced of their ability to transcribe any kind of deep understanding?
Bug

Node.js Version 6 Released With LTS (sdtimes.com) 58

dmleonard618 writes: The JavaScript runtime Node.js has reached version 6.0, and unlike version 5.0 this version will receive Long Term Support (LTS). LTS is meant to provide the release with long-term stability, reliability, performance and security. The LTS will begin in October. The current LTS release will go into maintenance mode and will only receive bug, security and documentation updates. Version 5.0 of Node.js will continue to be maintained for a few more months. The latest version features improved module loading, 96% of ECMAScript 2015 features, as well as reliability and security enhancements. "The Node.js Project has done an incredible job of bringing this version to life in the timeline that we initially proposed in September 2015," said Mikeal Rogers, community manager for the Node.js Foundation. "It's important for us to continue to deliver new versions of Node.js equipped with all the cutting-edge JavaScript features to serve the needs of developers and to continue to improve the performance and stability enterprises rely on."
Businesses

Software Audits: How High-Tech Software Vendors Play Hardball (infoworld.com) 162

snydeq writes: InfoWorld's Dan Tynan offers an inside look at how high-tech software vendors such as Adobe, Oracle, and IBM play hardball over software licensing, pushing customers to "true up" to the tune of billions of dollars per year -- and using the threat of audits as a sales tool to close lucrative deals. "When it comes to software audits, the code of omerta prevails," Tynan writes. "It's not a question of whether your organizations' software licenses will get audited. It's only a question of when, how often, and how painful the audits will be. The shakedown is such a sure thing that nearly every customer we contacted asked us to keep their names out of this story, lest it make their employers a target for future audits."
Python

Interview With Python Creator Guido Van Rossum (techrocket.com) 222

The online programming school Tech Rocket just published a new interview with Guido van Rossum, the creator of Python. "Looking back I don't think I ever really doubted Python, and I always had fun," he tells the site. "I had a lot of doubts about myself, but Python's ever-increasing success, and encouragement from people to whom I looked up (even Larry Wall!), made me forget that."

He describes what it's like being Python's Benevolent Dictator for Life, and says that the most astonishing thing he's seen built with Python is "probaby the Dropbox server. Two million lines of code and counting, and it serves hundreds of millions of users." And he leaves aspiring programmers with this advice. "Don't do something you don't enjoy just because it looks lucrative -- that's where the competition will be fiercest, and because you don't enjoy it, you'll lose out to others who are more motivated."
Programming

Slashdot Asks: Have You Experienced Ageism? (observer.com) 561

Friday the Huffington Post wrote that "Ageism runs rampant through Silicon Valley, where older workers are frequently overlooked for jobs." They ran tips from the man who recruited Tim Cook for Apple, who pointed out that it's difficult and expensive to recruit new talent, urging businesses to "stop seeing workforce diversity as a good deed; it's good business." And earlier this month The Observer ran an article by Dan Lyons, a writer for HBO's "Silicon Valley," who shared his perspective on ageism from his time at HubSpot. Their CEO actively cultivated an age imbalance, bragging that he was "trying to build a culture specifically to attract and retain Gen Y'ers," because, "in the tech world, gray hair and experience are really overrated."

Meanwhile, Slashdot reader OffTheLip writes: Information technology is a young business in comparison to many other industries but one of the few where older workers are not valued for their institutional knowledge... As a recently retired techie I experienced this firsthand, both as an older worker, and earlier in my career [as] one who didn't see the value in older workers. As Lyons states, older workers are good business.
What are your thoughts? And have you experienced ageism?
Security

Turns Out That Snaps Are Not Secure In Ubuntu With X11 (softpedia.com) 133

prisoninmate quotes a report from Softpedia: According to Matthew Garrett, a renowned CoreOS security developer, and Linux kernel contributor, Canonical's new snap package format is not secure at all when it is used under X.Org Server (X Window System), which, for now, it is still the default display server of the Ubuntu 16.04 LTS (Xenial Xerus) operating system. The fact of the matter is that X11's old design is well-known for being insecure, and Matthew Garrett took the time to demonstrate this by writing a simple snap package that can steal data from any other X11 software, in this case anything you type on the Mozilla Firefox web browser. As more developers will provide snaps for their apps, Canonical needs to do something about the security of snaps in Ubuntu when using X11 or switch to the Mir display server. In the meantime, the security of snaps remains unaffected for the Ubuntu Server operating system, which is usually used without a display server. Canonical has officially released Ubuntu 16.04 LTS, which is now available to download for those interested.
Television

Comcast To Allow TV Customers To Ditch Set-Top Box (usatoday.com) 113

An anonymous reader writes: In response to the FCC's efforts to open up the pay-TV set-top box market, Comcast said today it will allow some of its subscribers to watch TV without leasing a set-top box. Customers with a Roku TV, Roku streaming media player, or 2016 Samsung Smart TV will be able to watch Comcast's TV programming through the Xfinity TV app embedded in the TV set or Roku devices later this year. However, customers will still have to subscribe to a standard cable TV package from Comcast's Xfinity brand. "We remain committed to giving our customers more choice in how, when and where they access their subscription," said Mark Hess, a Comcast senior vice president, in a prepared statement. The FCC has responded to Comcast's recent announcement saying in a statement, "While we do not know all of the details of this announcement, it appears to offer only a proprietary, Comcast-controlled user interface and seems to allow only Comcast content on different devices, rather than allowing those devices to integrate or search across Comcast content as well as other content consumers subscribe to."
Open Source

Scientist Shrinks Arduino To Size Of An AA Battery (techcrunch.com) 47

An anonymous reader writes: Johan Kanflo has managed to make the already small Tiny328 Arduino clone into an even smaller computing platform about the size of a single AA battery. Not only will it fit in a typical AA battery holder, but it will actually draw power from the batteries beside it as it's wired in "backwards" (with the + and - poles reversed). The Arduino platform consists of open-source hardware, open-source software, and microcontroller-based kits, making it easy to (re)program the processors, and develop software for hardware applications using a java-clone and an easy-to-learn IDE. For those interested in the AAduino, Johan has made his creation available online on Github with instructions and schematics to build your own.
Security

Oracle Patches 136 Flaws In 49 Products 23

An anonymous reader writes: Oracle has released the April 2016 Critical Patch Update, which provides fixes for 136 vulnerabilities in 49 products, including Java SE and MySQL, the company's Database Server and E-Business Suite, its Fusion Middleware, and its Sun Systems Products Suite. "Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay," the company advised.
XBox (Games)

GameStop Forms Publishing Program GameTrust To 'Revolutionize' the Process (gamespot.com) 40

An anonymous reader writes: GameStop has announced today a publishing label called "GameTrust," which includes developers like Insomniac Games, Ready at Dawn, Tequila Works, and Frozenbyte. Mark Stanley, GameStop VP of Internal Development and Diversification, told GameSpot in a recent interview, "We do not involve ourselves in the creative process because at the end of the day, that is what our developer partners are passionate about," he explained. "By allowing developers to fully focus on their craft, GameTrust can focus on all other aspects of bringing a new IP to market, leveraging our deep expertise and retail channel leadership to support each developer and connect their games with a broader global audience." According to GameStop's program release, GameTrust will "revolutionize the game development and distribution process" by way of giving developers another option to bring their games to market, leveraging GameStop's leadership in the retail channel (including marketing and more) to help bring games to a larger audience. Everything "from casual to serious, console to PC, triple AAA titles to independent games" will be supported. They'll be available through all of GameStop's retail channels as well as Steam, Xbox Live, Playstation Network, the eShop, and others. The full interview with Mark Stanley can be found here. GameStop first revealed its foray into game publishing when Insomniac Games, developer of Ratchet and Clank Overdrive, unveiled its upcoming adventure game Song of the Deep.
Android

Six-Hour Meeting Friday Fails to End Oracle/Google Lawsuit (businessinsider.com) 88

An anonymous reader writes: Google and Oracle executives met for six hours Friday in an unsuccessful attempt to resolve an ongoing copyright lawsuit. "Because an agreement couldn't be made, the next phase of the case will head to court in May, where a jury will decide if Google had the right to use certain parts of Oracle's programming language, Java, for free or if it owes Oracle damages..." reports Business Insider. "Last month, Google said that its damages expert strongly disagreed that it should owe Oracle upward of $8 billion for using certain parts of Oracle's software in its smartphone operating system, Android."
Friday's court-ordered talk included both Google CEO Sundar Pichai and Oracle CEO Safra Catz, and it marks the second time the two companies have failed to reach an out-of-court settlement, a fact alluded to by the case's judge in newly-released documents. "After an earlier run at settling this case failed, the court observed that some cases just need to be tried," reports the court docket. "This case apparently needs to be tried twice."
Security

Out-of-Date Apps Put 3 Million Servers At Risk of Crypto Ransomware Infections (arstechnica.com) 34

An anonymous reader cites an article on Ars Technica: More than 3 million Internet-accessible servers are at risk of being infected with crypto ransomware because they're running vulnerable software, including out-of-date versions of Red Hat's JBoss enterprise application, researchers from Cisco Systems said Friday. About 2,100 of those servers have already been compromised by webshells that give attackers persistent control over the machines, making it possible for them to be infected at any time, the Cisco researchers reported in a blog post. The compromised servers are connected to about 1,600 different IP addresses belonging to schools, governments, aviation companies, and other types of organizations. Some of the compromised servers belonged to school districts that were running the Destiny management system that many school libraries use to keep track of books and other assets. Cisco representatives notified officials at Destiny developer Follett Learning of the compromise, and the Follett officials said they fixed a security vulnerability in the program. Follett also told Cisco the updated Destiny software also scans computers for signs of infection and removes any identified backdoors.
Programming

That Man Who 'Deleted His Entire Company' With a Line of Code? It Was a Hoax (pcworld.com) 93

An anonymous reader writes: As many Slashdot readers speculated, the story about a man deleting his entire company with a line of code was a hoax. Marco Marsala, the owner of a Web hosting company claimed on a forum earlier this week that he deleted all the data on his company's server. Stack Overflow, which runs the forum, says that the post was a hoax, and pointed to an article on an Italian news outlet, which describes this whole fiasco as a "marketing effort" (in Italian) to promote Marsala's company. "It was just a joke," Marsala told the paper.
Bug

MIT Bug Finder Uncovers Flaws In Web Apps In 64 Seconds (csoonline.com) 24

itwbennett quotes a report from CSO: A new tool from MIT exploits some of the idiosyncrasies in the Ruby on Rails programming framework to quickly uncover new ones, writes Katherine Noyes. In tests on 50 popular web applications written using Ruby on Rails, the system found 23 previously undiagnosed security flaws, and it took no more than 64 seconds to analyze any given program. Ruby on Rails is distinguished from other frameworks because it defines even its most basic operations in libraries. MIT's researchers took advantage of that fact by rewriting those libraries so that the operations defined in them describe their own behavior in a logical language.
IOS

Apple Considering Google-Like 'Paid Search' On App Store (bloomberg.com) 49

Apple is considering big changes to the App Store, according to a Bloomberg report. The publication claims that the iPhone maker has a team working on "paid searches" -- something similar to Google's model. Under this, the company will charge its developers for showing their apps among top search results. Apple critic John Gruber writes: This sounds like a terrible idea. The one and only thing Apple should do with App Store search is make it more accurate. They don't need to squeeze any more money from it. More accurate, reliable App Store search would help users and help good developers. It's downright embarrassing that App Store search is still so bad. Google web search is better for searching Apple's App Store than the App Store's built-in search. That's the problem Apple needs to address.
Education

Microsoft Sending Minecraft To Summer School 40

Reader theodp writes: Four months after its one hour Minecraft "infomercial" ran in schools around the world as part of the Hour of Code, Microsoft announced the release of Minecraft: Education Edition. From the announcement: "Minecraft: Education Edition early access will be available in 11 languages and 41 countries. During the summer months, we are also going to be focused on working with educators on building out lesson plans, sharing learning activity ideas, and creating re-usable projects." Microsoft bought Minecraft for $2.5 billion back in 2014. "What many may not realize," said Microsoft last November as it announced a Minecraft-themed tutorial that it would inspire students to learn computer science skills, and "that Minecraft has the power to transform learning on a global scale. By creating a virtual world and then advancing in it, students can learn digital citizenship, empathy, social skills and even improve their literacy "while getting real-time feedback on their problem-solving skills from the teacher." At the time, Microsoft CEO Satya Nadella told teachers that Minecraft is key to getting girls involved in computer science. So is Minecraft really all that?
Media

GoPro Announces Third-Party Developer Program With Over 100 Partners (zdnet.com) 15

An anonymous reader quotes a report from ZDNet: GoPro quietly announced its Developer Program on Thursday as it looks to incorporate its action sports cameras into third-party products. The GoPro Developer Program provides toolkits, technical information and support to enable companies to add GoPro camera connectivity into their products. There is a camera toolkit for iOS and Android apps to control a GoPro camera and manage media, along with a mechanical toolkit to attach GoPro cameras to third-party products. It announced there are more than 100 companies partnering with GoPro, including brands from BMW, Fisher-Price, and Polar. GoPro showed off potential third-party integration ideas in a video showing a gesture-based camera control system.
Programming

Man Deletes His Entire Company With One Line of Bad Code (independent.co.uk) 460

Reader JustAnotherOldGuy writes: Marco Marsala appears to have deleted his entire company with one mistaken piece of code. By accidentally telling his computer to delete everything in his servers, the hosting provider has seemingly removed all trace of his company and the websites that he looks after for his customers. Marsala wrote on a Centos help forum, "I run a small hosting provider with more or less 1535 customers and I use Ansible to automate some operations to be run on all servers. Last night I accidentally ran, on all servers, a Bash script with a rm -rf {foo}/{bar} with those variables undefined due to a bug in the code above this line. All servers got deleted and the offsite backups too because the remote storage was mounted just before by the same script (that is a backup maintenance script)." The terse "rm -rf" is so famously destructive that it has become a joke within some computing circles, but not to this guy. Can this example finally serve as a textbook example of why you need to make offsite backups that are physically removed from the systems you're archiving?"Rm -rf" would mark the block as empty, and if the programmer hasn't written anything new, he should be able to recover nearly all of the data. Something about the story feels weird.
Chrome

Chrome 50 Updates Push Notifications, Drops Support For Old Windows and OS X Versions (venturebeat.com) 168

An anonymous reader quotes a report from VentureBeat: Google today launched Chrome 50 for Windows, Mac, and Linux, adding the usual slew of developer features. You can update to the latest version now using the browser's built-in silent updater, or download it directly from google.com/chrome. As announced in November 2015, Chrome now no longer supports Windows XP, Windows Vista, OS X 10.6 Snow Leopard, OS X 10.7 Lion, nor OS X 10.8 Mountain Lion. Chrome 50 allows sites to include notification data payloads with their push messages. This eliminates the final server check -- the initial version relied on service workers to proactively fetch the information for a notification from the server, leading to problems when there were multiple messages in flight or when the device was on a poor network connection. Push notification payloads must be encrypted. Sites can now detect when a notification is closed by the user, resulting in better analytics and allowing for cross-device notification dismissal. The look of notifications can now be customized with timestamps and icons. Chrome 50 also brings support for declarative preload.
Facebook

Facebook's Account Kit Login System Works Via Phone Numbers, No Passwords Needed (softpedia.com) 116

An anonymous reader writes: At this year's F8 developer conference, Facebook announced a new tool called Account Kit, which can be used by app developers to support phone number-based login systems. Every time the user wants to login, they have to enter their phone number. Facebook will then send them a verification code via SMS, which they have to enter on the site. The system was already tested live, and Facebook expects it to be widely adopted, allowing sites to offer users accounts that don't require them to memorize a new password. Each developer has a 100,000 free confirmation SMS messages per month quota. Facebook claims to support SMS login operations for over 230 countries and regions, and in 40 different languages.

Slashdot Top Deals