HughPickens.com writes: We've all read about standing desks and treadmill desks but now Rachel Gillet reports at Business Insider about the Altwork Station, a workstation that allows users to sit, stand, and recline while they work on their computers. Designed to accomodate two computer screens, the manufacturer says their new product is the ultimate combination for workplace productivity. "Most experts agree that humans should change positions and move throughout the day. We believe movement throughout the day is important," says the company who targets "high intensity" computer users, which it defines as people who spend at least four hours a day in front of a computer and are required to focus on complex tasks for extended periods of time. If the $5,900 ($3,900, if you pre-order) reclining workstation is not for you, there are other options you may want to consider including the scooter desk, bicycle desk, and hamster wheel desk.

New submitter Andrey_Karpov writes: Cfront is a C++ compiler which came into existence in 1983 and was developed by Bjarne Stroustrup ("30 YEARS OF C++"). At that time it was known as "C with Classes". Cfront had a complete parser, symbol tables, and built a tree for each class, function, etc. Cfront was based on CPre. Cfront defined the language until circa 1990. Many of the obscure corner cases in C++ are related to the Cfront implementation limitations. The reason is that Cfront performed translation from C++ to C. In short, Cfront is a sacred artifact for a C++ programmer. So I just couldn't help checking such a project [for bugs].

theodp writes: As part of our Made with Code and media perception initiatives," wrote YouTube CEO Susan Wojcicki over at the Official Google Blog, "I'm excited that we're supporting award-winning documentary filmmaker Lesley Chilcott — of An Inconvenient Truth and Waiting for Superman [and Code.org] fame — on her next film, CodeGirl. Until November 5 Lesley's film will be available for free on YouTube, before its theatrical debut in the next few weeks." Microsoft is pretty jazzed about the movie too, as is Al Gore. Decidedly less excited about CodeGirl is film critic Inkoo Kang, who writes, "CodeGirl, a chronicle of this year's Technovation contest, is just as well-intentioned as its subject. It coasts for as long as it can on the feel-good fuel of watching smart, earnest girls talk about creating an app, but with virtually no tension, context, narrative or characterization driving the story, the documentary grows to feel like a parent describing their daughter's involvement in an international competition. The girls' achievements are impressive, but you definitely don't want to hear about them for nearly two hours.

itwbennett writes: In September, more than 4,000 applications were found to have been modified with a counterfeit version of Xcode, dubbed XcodeGhost. On Tuesday, FireEye said in a blog post that it has detected 210 enterprises that are still using infected apps, showing that the XcodeGhost malware 'is a persistent security risk.' In addition, whomever created XcodeGhost has also developed a new version that can target iOS 9, called XcodeGhost S, FireEye wrote.

An anonymous reader writes: Software engineer Adrian Courrèges posted on his blog a breakdown of the rendering of a frame in Grand Theft Auto: V. Each rendering pass is explained in detail, with all the techniques and the tricks Rockstar used to make the game run on 8-year-old consoles. It's a fascinating trip through the making of a frame and reminds us of how far GPU computing power has come. Here's a brief snippet from the beginning: "As a first step, the game renders a cubemap of the environment. This cubemap is generated in realtime at each frame, its purpose is to help render realistic reflections later. This part is forward-rendered. How is such cubemap rendered? For those not familiar with the technique, this is just like you would do in the real world when taking a panoramic picture: put the camera on a tripod, imagine you’re standing right in the middle of a big cube and shoot at the 6 faces of the cube, one by one, rotating by 90 degrees each time. This is exactly how the game does: each face is rendered into a 128x128 HDR texture."

An anonymous reader writes: Apple's new set top box is on sale now, and has launched with several high profile games in the new tvOS App Store, including Guitar Hero Live and PS4 hit Transistor. However, as one writer points out, the Apple TV is still not an adequate console replacement, and it's not because of the graphics. Instead, several software issues and restrictions issued by Apple itself prevent developers from creating blockbuster exclusives for the platform, including the requirement that all games be playable using the bundled remote, lack of support for four players, and the 200MB initial app download limit. If these remain in place, can the Apple TV become a viable games platform, where the Ouya and PlayStation TV have failed before?

LichtSpektren writes: Andrew Tanenbaum, author of MINIX, writes: 'MINIX has been around now for about 30 years so it is (finally) time for the MINIXers to have a conference to get together, just as Linuxers and BSDers have been doing for a long time. The idea is to exchange ideas and experiences among MINIX 3 developers and users as well as discussing possible paths forward now that the ERC funding is over. Future developments will now be done like in any other volunteer-based open-source project. Increasing community involvement is a key issue here. Attend or give a presentation.' The con will be held on 1 February 2016 at the Vrije Universiteit in Amsterdam, the Netherlands.

An anonymous reader writes: The story will probably be familiar. My non-profit organization had a particular need (we want to communicate with government officials by offering anecdotes and stories of how we help their constituents), and while I created a solution, the time constraints and lack of experience, training and natural ability show. I'd like to do more with the code, both in terms of letting others have it for their needs and also because I'm sure talented coders could more quickly and efficiently solve some of the existing problems with my code. But how do I make that happen? What do I do with it?

I have every intention of continuing to work on it. I enjoyed the learning opportunity, and I've already identified a number of things I want to improve upon, but I recognize that even as crude as my code is, if it solved my issue it might help others too.

Do I just put it on Github or SourceForge and hope that someone else will have that magic formula of my use case and skill level (because someone more talented would probably make their own code easily enough, while someone less talented may not realize how doable the solution can be)? Do I try to find an existing project and see if I can shoe-horn my efforts in somewhere? Do I keep it to myself until some unspecified point in time that I realize it's right for sharing? Read on for further background information on this question.

jones_supa writes: "Christ people. This is just sh*t," begins Linus Torvalds in his message on the Linux Kernel Mailing List. Torvalds is grumpy because some new code added to the IPv6 subsystem has created conflicts. "The conflict I get is due to stupid new gcc header file crap," he writes. "But what makes me upset is that the crap is for completely bogus reasons." The new improved code uses fancy stuff that wants magical built-in compiler support and has silly wrapper functions for when it doesn't exist. Linus provides an alternative that contains a single and understandable conditional, which looks cleaner and generates better code.

theodp writes: At first glance, the proposal for A Code of Conduct for the Go Community (attributed to Google's Andrew Gerrand) seems reasonable enough. How can you argue with the goal of treating everyone with respect and kindness? But the Devil is in the detail, and the proposed Code notes there soon could be consequences for calling someone an "idiot" or saying something is "so simple even my grandma could understand it" (the latter "marginalises women and the elderly by implying that something need be simple for an old woman to understand it"). And the punishment meted out by the Go Code of Conduct Working Group to those who find themselves on the receiving end of an anonymous complaint could be anything from nothing to "a request for a private or public apology, a private reprimand from the working group to the individual(s) involved, a public reprimand, an imposed vacation (for instance, asking someone to 'take a week off' from a mailing list or IRC), or a permanent or temporary ban from some or all Go spaces (mailing lists, IRC, etc.)." And no, this doesn't appear to be a goof. So, might individuals and companies think twice about embracing a programming language whose community's Code of Conduct threatens to ruin reputations and ban people from technical support resources for life? Too late to get this added to the list of questions for Alan Donovan and Brian Kernighan?

ewhac writes: On 22 October, in a very terse commit message, Busybox removed its support for the controversial 'systemd' system management framework. The commit was made by Denys Vlasenko, and passed unremarked on the Busybox mailing lists. Judging from the diffs, system log integration is the most obvious consequence of the change.

yathosho writes with some good news for GitHub developers: GitHub's new Atom editor sees a first big update in version 1.1. Character measurement has been improved, fonts with ligatures and variable width fonts are now supported. The biggest new feature is probably live Markdown preview, matching the current theme. There's also a 1.2.0 beta available, for those who want to have a look into Atom's future.

chicksdaddy writes: Bug bounty programs are all the rage these days, with companies from Asana to Zendesk (http://bugsheet.com/directory) offering cash rewards for finding holes in their web sites. But is spending your weekends fuzzing someone else's application code really worth it? And is anyone really getting rich off bug bounties? The short answer is 'yes.' As this article at The Christian Science Monitor notes, top bounty researchers on sites like HackerOne and BugCrowd are indeed seeing big paydays — often in return for just hours of work perusing buggy websites. Among the eye-popping figures: researcher Mark Litchfield's $63,000 take over Labor Day weekend, which included the discovery of multiple remotely exploitable holes in a major web property, paying $15,000 each through HackerOne. Also profiled is researcher Frans Rosen and Sean "Meals" Melia, the number four ranked researcher on BugCrowd. Both claim to have netted six figure incomes in the last year on bug bounties alone. "It's like finding a gold nugget," Litchfield is quoted as saying. "Sometimes it's like finding my own gold mine."

An anonymous reader writes: The year 2015 heralded a number of notable Internet milestones — the humble .com domain name reached 30 years of age, while both eBay and Amazon reached the grand old age of 20. That the Internet Movie Database, a gargantuan film and TV show encyclopedia better known as IMDb, began 25 years ago as a pre-Web hobby project and is now one of the top 50 most visited websites on the Internet is a notable achievement. "IMDb is the only pure Internet company that can celebrate its 25th anniversary," said Col Needham, founder and CEO of IMDb, in an interview with VentureBeat.

AmiMoJo writes: According to data from Secunia, Apple's software for Windows is now the biggest threat to PC security, surpassing previous long term champion Java. Among U.S. users, some 61 percent of computers detected running QuickTime did not have the latest version. With iTunes, 47 percent of the installations were outdated versions. There were 18 vulnerabilities in Apple QuickTime 7 at the time of the study. Oracle has now fallen/risen to 2nd place, followed by Adobe. All three vendors bundle automatic updater utilities with their software, but users seem to be declining new versions. Update fatigue, perhaps?

Nerval's Lobster writes: The technology industry's unemployment rate crept up to 3.0 percent in the third quarter of 2015, according to the U.S. Bureau of Labor Statistics (BLS). Although that represents an increase from the second quarter, when tech unemployment stood at 2.0 percent, it's nonetheless lower than the 5.2 percent unemployment rate for the U.S. labor market as a whole. Despite that relatively low rate, however, many technology segments saw an accompanying rise in joblessness. (Dice link) Web developers, for example, saw their collective unemployment rate hit 5.10 percent, up from 3.70 percent in the same quarter last year. Computer systems analysts, programmers, network and systems administrators, software developers, and computer & information systems managers likewise experienced a slight rise in unemployment on a year-over-year basis.

theodp writes: In What is Computer Science?, the kickoff video for Facebook's new TechPrep diversity initiative, FB product manager Adriel Frederick explains how he was hooked-on-coding after seeing the magic of a BASIC PRINT statement. His simple BASIC example is a nice contrast to the more complicated JavaScript and Ruby examples that were chosen to illustrate Mark Zuckerberg's what-is-coding video for schoolkids. In How to Teach Your Baby to Read, the authors explain, "It is safe to say that in particular very young children can read, provided that, in the beginning, you make the print very big." So, is introducing coding to schoolkids with modern programming languages instead of something like BASIC (2006) or even (gasp!) spreadsheets (2002) the coding equivalent of "making the print too small" for a child to see and understand?

An anonymous reader writes with news of a malware campaign using hijacked MySQL servers to launch DDoS attacks. Symantec reports: "Attackers are compromising MySQL servers with the Chikdos malware to force them to conduct DDoS attacks against other targets. According to Symantec telemetry, the majority of the compromised servers are in India, followed by China, Brazil and the Netherlands, and are being used to launch attacks against an US hosting provider and a Chinese IP address."

Alan Donovan is a member of Google’s Go team in New York and holds computer science degrees from Cambridge and MIT. Since 2005, he has worked at Google on infrastructure projects and was the co-designer of its proprietary build system, Blaze. Brian Kernighan is a professor in the Computer Science Department at Princeton University. He was a member of technical staff in the Computing Science Research Center at Bell Labs, where he worked on languages and tools for Unix. He is the co-author of several books, including The C Programming Language, and The Practice of Programming. Recently, the pair have co-authored a soon to be released book titled The Go Programming Language. Alan and Brian have agreed to give us some of their time to answer any questions you may have about the upcoming book, Go, and programming in general. Ask as many questions as you'd like, but please keep them to one per post.

An anonymous reader writes: Oracle's Larry Ellison gave a presentation yesterday at OpenWorld in which he detailed how the M7 chip's new Silicon Secured Memory system works. "On the M7, pointers and their memory blocks are stamped with a 4-bit 'color,' and accesses are verified to make sure the color in the highest bits of the pointer matches the color of the memory allocation. This works with virtual memory allocated from the heap rather from the stack, it appears. Solaris tries to avoid giving adjacent blocks the same color." El Reg notes that a 4-bit security stamp doesn't really offer that many distinct options. "Four bits of color means there are 24, or 16, possible colors a memory block can have. A hijacked pointer has a one-in-16 chance of having a matching color when it accesses any block of memory, allowing it to circumvent the SSM defense mechanism. ... It is even possible [a hacker] can alter the color bits in a pointer to match the color of a block she wishes to access, and thus avoid any crashes and detection. In short, SSM is a mitigation rather than bulletproof protection." Still, Ellison claims this would have shut down vulnerabilities like Heartbleed and Venom.