Nerval's Lobster writes: The technology industry's unemployment rate crept up to 3.0 percent in the third quarter of 2015, according to the U.S. Bureau of Labor Statistics (BLS). Although that represents an increase from the second quarter, when tech unemployment stood at 2.0 percent, it's nonetheless lower than the 5.2 percent unemployment rate for the U.S. labor market as a whole. Despite that relatively low rate, however, many technology segments saw an accompanying rise in joblessness. (Dice link) Web developers, for example, saw their collective unemployment rate hit 5.10 percent, up from 3.70 percent in the same quarter last year. Computer systems analysts, programmers, network and systems administrators, software developers, and computer & information systems managers likewise experienced a slight rise in unemployment on a year-over-year basis.

theodp writes: In What is Computer Science?, the kickoff video for Facebook's new TechPrep diversity initiative, FB product manager Adriel Frederick explains how he was hooked-on-coding after seeing the magic of a BASIC PRINT statement. His simple BASIC example is a nice contrast to the more complicated JavaScript and Ruby examples that were chosen to illustrate Mark Zuckerberg's what-is-coding video for schoolkids. In How to Teach Your Baby to Read, the authors explain, "It is safe to say that in particular very young children can read, provided that, in the beginning, you make the print very big." So, is introducing coding to schoolkids with modern programming languages instead of something like BASIC (2006) or even (gasp!) spreadsheets (2002) the coding equivalent of "making the print too small" for a child to see and understand?

An anonymous reader writes with news of a malware campaign using hijacked MySQL servers to launch DDoS attacks. Symantec reports: "Attackers are compromising MySQL servers with the Chikdos malware to force them to conduct DDoS attacks against other targets. According to Symantec telemetry, the majority of the compromised servers are in India, followed by China, Brazil and the Netherlands, and are being used to launch attacks against an US hosting provider and a Chinese IP address."

Alan Donovan is a member of Google’s Go team in New York and holds computer science degrees from Cambridge and MIT. Since 2005, he has worked at Google on infrastructure projects and was the co-designer of its proprietary build system, Blaze. Brian Kernighan is a professor in the Computer Science Department at Princeton University. He was a member of technical staff in the Computing Science Research Center at Bell Labs, where he worked on languages and tools for Unix. He is the co-author of several books, including The C Programming Language, and The Practice of Programming. Recently, the pair have co-authored a soon to be released book titled The Go Programming Language. Alan and Brian have agreed to give us some of their time to answer any questions you may have about the upcoming book, Go, and programming in general. Ask as many questions as you'd like, but please keep them to one per post.

An anonymous reader writes: Oracle's Larry Ellison gave a presentation yesterday at OpenWorld in which he detailed how the M7 chip's new Silicon Secured Memory system works. "On the M7, pointers and their memory blocks are stamped with a 4-bit 'color,' and accesses are verified to make sure the color in the highest bits of the pointer matches the color of the memory allocation. This works with virtual memory allocated from the heap rather from the stack, it appears. Solaris tries to avoid giving adjacent blocks the same color." El Reg notes that a 4-bit security stamp doesn't really offer that many distinct options. "Four bits of color means there are 24, or 16, possible colors a memory block can have. A hijacked pointer has a one-in-16 chance of having a matching color when it accesses any block of memory, allowing it to circumvent the SSM defense mechanism. ... It is even possible [a hacker] can alter the color bits in a pointer to match the color of a block she wishes to access, and thus avoid any crashes and detection. In short, SSM is a mitigation rather than bulletproof protection." Still, Ellison claims this would have shut down vulnerabilities like Heartbleed and Venom.

New submitter AmericaCounterweight writes: Polygon is reporting that the MAME development team has unearthed and emulated one of the most obscure pieces of Sonic heritage: a popcorn machine. MAME developer David Haywood reports that contributors "purchased the PCB for another novelty Sonic item, this time a SegaSonic Popcorn Shop, a popcorn dispenser machine with a video display. It runs on the Sega C2 board (Genesis type hardware)." This follows news from earlier this year that the MAME team would be switching to a true Open Source license for the project and concentrating on more than just arcade games. MAME project coordinator Miodrag Milanovic also recently appeared at the BalCCon2k15 event to speak about MAME, the current direction of the project, and software preservation.

An anonymous reader writes: Automotive software issues such as the Jeep hack and Volkswagen cheating on emissions tests have made headlines this year, which means the public is thinking about software in cars like never before. Some experts have argued that mandating that such software be open source is a solution to the problem. In an article on Opensource.com, Ben Cotton writes that although there are definite benefits to public scrutiny of the software, code visibility alone is no guarantee. It's an important thing to bear in mind, because "Open, therefore secure" is an easy straw man to knock down.

New submitter DebugN writes: When ARM introduced 64-bit support to its architecture, it aimed for Linux application compatibility with prior 32-bit software on its architecture. But for Linux programmers, there remain some significant differences that can affect code behavior. If you are a Linux programmer working with — or will soon be working with — 64-bit, you might want to know what those differences are, and this useful EDN article says it all.

lpress writes: The Treasury Department recently issued new regulations authorizing "the importation of Cuban-origin mobile applications and the employment of Cuban nationals by persons subject to U.S. jurisdiction to develop such mobile applications." Great, but that is ambiguous, so I asked Treasury some follow-up questions: why is the rule restricted to mobile apps, what is the definition of a mobile app and can the Cuban developer work for a Cuban cooperative or government enterprise or must it be an individual? The answers were mostly "no comment" so the best way to clarify the situation is to try it and see what happens.

theodp writes: As President Obama was 'taught to code' last December, Politico reported that the $30 million tech-financed campaign to promote computer science education was a smash success. And indeed it has been, at least from a PR standpoint. But Code.org and its backers have long spun AP Computer Science test metrics as a true barometer of CS education success, and from that standpoint, things don't look quite so rosy. The College Board raved about "massive gains in AP Computer Science participation (25% growth) AND scores" in a June tweetstorm and at its July conference, where AP CS was declared the '2015 AP Subject of the Year.' But a look at the recently-released detail on 2015 AP CS scores shows wide differences in adoption and success along gender and ethnicity lines (Asian boys and girls, in particular, set themselves apart from other groups with 70%+ pass rates). And, for all the praise the NSF lavished on Code.org for 'its amazing marketing prowess', half of the states still had fewer than 300 AP CS test takers in 2015, and ten states actually saw year-over-year declines in the number of test takers (if my math is correct — scraped data, VBA code here).

An anonymous reader writes: Stephen Nichols, CEO of a platform that helps non-coders create simple video games, thinks that so-called coding academies are essentially snake oil. "In 20+ years of professional coding, I've never seen someone go from novice to full-fledged programmer in a matter of weeks, yet that seems to be what coding academies are promising, alongside instant employment, a salary big enough to afford a Tesla and the ability to change lives." His point is reminiscent of Peter Norvig's in "Teach Yourself Programming in Ten Years."

Nichols also thinks coding tools will become powerful enough in the next decade that the demand for actual, dedicated coders will diminish (perhaps not surprising, given his business). But he's probably right that the people likely to go to a coding academy are likely to be the ones using those tools, when they arrive. "Put succinctly, coding is writing text files in foreign languages containing instructions suitable for an absolute idiot to follow. ... For a little while, spending tens of thousands of dollars on a coding academy might feel like a good way to surmount the intimidation. ... More likely, it is just a new pathway into debt."

JustAnotherOldGuy writes: Mimic implements a devilishly sick idea floated on Twitter by Peter Ritchie: "Replace a semicolon (;) with a Greek question mark (;) in your friend's C# code and watch them pull their hair out over the syntax error." There are quite a few characters in the Unicode character set that look, to some extent or another, like others – homoglyphs. Mimic substitutes common ASCII characters for obscure homoglyphs. Caution: using this script may get you fired and/or beaten to a pulp.

theodp writes: Politico reports that just one day after Facebook launched TechPrep, a highly-publicized initiative to attract more minorities and women to coding, Google, Facebook, Microsoft, and Code.org quietly sent a letter to top education lawmakers in the House and Senate insisting that computer science "must" be added to the list of "core academic subjects" and states be given resources to improve STEM education programs. "Computer science is marginalized throughout K-12 education," reads the letter. "We need to improve access for all students, particularly groups who have traditionally been underrepresented." Echoing the last point at this month's Grace Hopper Women in Computer Celebration, YouTube CEO Susan Wojcicki called for mandatory computer science in schools, suggesting that boys — like her own son — are monopolizing the family computer across America, leaving girls — like her own daughter — out of the conversation when it comes to technology (video @38:33). The new round of hand-wringing comes as tech companies face the deadline for filing their 2015 EEO-1 surveys and seek more tech-friendly U.S. visa and OPT STEM policies, so it's probably worth remembering that Microsoft proposed tech could turn workforce diversity lemons into H-1B visa lemonade by connecting tech immigration to K-12 CS education.

An anonymous reader writes: The U.S. General Services Administration has a team within it called 18F. They describe themselves as an open source, digital services delivery team. In other words, they create software for use by citizens and other government agencies, and the software they produce is open source. Starting next Monday, October 26, they're trying out an interesting new experiment for procuring open source code. Like any other agency, they have a budget, and they're allowed to contract out work when it makes sense to do so. But there's a difference between big projects and small ones.

If their purchase doesn't exceed $3,500, they have the authority to just do it. Higher than $3,500, and they (not to mention the contractors) have to deal with a bunch of extra red tape. This brings us to their experiment. They're developing a system that will let developers bid on small software projects the GSA needs. It starts at the cap for "micro-purchases," $3,499, and developers can bid it down if they feel it's easier. Once a bid is selected, the developer(s) have 10 working days to send back functioning code with a specific set of acceptance criteria. 18F isn't sure how well it'll work, but it's a cool way to try and make it easier for the open source community to build things for the government.

itwbennett writes: Yesterday, Microsoft started a three-month bug bounty program for two open source tools that are part of Visual Studio 2015. The program applies to the beta versions of Core CLR, which is the execution engine for .NET Core, and ASP.NET, Microsoft's framework for building websites and web applications. Bounties range from $500 to $15,000, although Microsoft will reward more 'depending on the entry quality and complexity.' The highest reward will go to researchers who've found a remote code execution bug with a functioning exploit and an accompanying, high-quality white paper. On the low end, cross-site scripting or cross-site request forgery bugs with a low-quality report will get $500.

itwbennett writes: Oracle said that it has fixed 154 security flaws in Java and a wide range of its other products, including one that Russian cyberespionage group Pawn Storm used to launch stealthy attacks earlier this year. The vulnerability, tracked as CVE-2015-4902, was being used by the Pawn Storm attackers to enable the execution of a malicious Java application without user interaction.

An anonymous reader writes: Facebook has launched TechPrep, a new initiative to attract more minorities and women into coding. The project draws a very strong analogy between the learning of computer coding skills and the learning of spoken languages, a field which is important to people whose first language is not English, and which engages with the popular understanding that women are better at learning languages. TechPrep is seeking to engage with parents and guardians to get its target audience into coding earlier in life.

snydeq writes: Breaking the rules can bring a little thrill — and sometimes produce better, more efficient code. From the article: 'The rules are more often guidelines or stylistic suggestions, not hard-and-fast rules that must be obeyed or code death will follow. Sure, your code might be ridiculed, possibly even publicly, but the fact that you're bucking conventions adds a little bit of the thrill to subverting, even inadvertently, what amounts more often than not to the social mores of pleasant code. To make matters more complex, sometimes it's better to break the rules. (Shhhh!) The code comes out cleaner. It may even be faster and simpler.' What bad programming habits can't you (or won't you) break?

Nerval's Lobster writes: A little over a year ago, Google employees on a Quora thread announced they'd discovered an interesting way to live in the ultra-expensive Bay Area: Rather than pay for conventional housing, they resided in trucks and RVs parked near (or on) the company's campus, and took advantage of corporate perks—including free food, gym facilities, and dry cleaning—to get by on a day-by-day basis. Now one Googler, Brandon S., has taken to his blog to describe how he engaged in a little off-grid living within sight of Google's high-tech headquarters. First he spent $10,000 of his Google signing bonus on a 2006 Ford truck with 128 square feet of room in the back, which he filled with a bed, dresser, and coat rack. Google pays for his phone, and he uses the company's gym and cafeterias to eat and shower. For those Bay Area tech pros who think Brandon's lifestyle sounds appealing, his list of drawbacks includes "social suicide," the inconvenience of not having a bathroom or fridge in close proximity, stress, insect infestations, and the upfront costs of purchasing a large-enough vehicle. On the other hand, he's also using the cash savings to rapidly pay down his student loans.

An anonymous reader writes: Fullstack is tackling technology's diversity problem in its latest venture. The coding schooling has announced a new coding school dedicated to women. Named after computer science pioneer Grace Hopper, the Grace Hopper academy aims to provide women with high-quality coding education, and won't ask for tuition until the student finds a job post-graduation. "Technology has become intrinsic in our daily routines, regardless of gender, but the tech industry remains exceedingly male-dominated," said David Yang, cofounder of Fullstack Academy. "We have always been inspired by innovation and it seems peculiar that an industry revolutionized by a pioneer like Grace Hopper would remain so divided along gender lines."