First time accepted submitter waslap writes "I have a leading role at a small software development company. I am responsible for giving guidance and making decisions on tool usage within the shop. I find the task of choosing frameworks to use within our team, and specifically UI frameworks, exceedingly difficult. A couple of years back my investigation of RIA frameworks lead me to eventually push for Adobe Flex [adobe.com] as the UI framework of choice for our future web development. This was long before anyone would have guessed that Adobe would abandon the Linux version of Flash. I chose Flex mainly for its maturity, wealth of documentation, commercial backing, and the superior abilities of Flash, at a time when HTML 5 was still in the early stages of planning. Conversely, about 15 years ago I made a switch to Qt for desktop applications and it is still around and thriving. I am trying to understand why it was the right choice and the others not. Perhaps Qt's design was done so well that it could not be improved. I'm not sure whether that assessment is accurate. I cannot find a sound decision-tree based on my experiences to assist me in making choices that have staying power. I hope the esteemed Slashdot readers can provide helpful input on the matter. We need a set of fail-safe axioms" Read on for more context.

An anonymous reader writes "In the space of a few short months, Surgeon Simulator 2013 has attained cult status. A sort of spiritual successor to the maddening QWOP, the PC game requires you to operate the individual fingers of a hapless surgeon in an increasingly absurd set of gore-filled scenarios. What's so remarkable is the turnaround time: the initial prototype came out of a 48-hour game jam, and was released as a commercial game just a month and a half later. A new profile of the studio's founder looks at how Bossa Studios, the London-based development team behind SS 2013, iterates so quickly, as well as what's next from the team, including an iPad version of Surgeon Simulator, and a cross platform MOBA that's half League of Legends, half Mario Kart battle mode."

JG0LD writes "The Firefox web browser will, henceforth, require users to manually activate Java objects on sites that they visit, Mozilla has confirmed. This even affects up-to-date versions of Java, which you can see on the block list. The change is aimed at improving security and moving away from a dependence on proprietary plug-ins, but critics say it will cause untold headaches for developers, admins and less-technical end-users. "

theodp writes "In the early days of Facebook, the company would go into what CEO Mark Zuckerberg called lockdown, where no one is supposed to leave until the task at hand is done. Speaking on Saturday at Startup School 2013, CNET reports, Mark Zuckerberg remarked that the practice persists to this day. Facebook doesn't lock people in the office, but it comes "as close to that as we can legally get," Zuckerberg said to an eruption from the crowd. The lockdown isn't the first at-home-in-a-Bangladesh-garment-factory management technique Zuck's touted at Startup School. Back in 2007, Zuckerberg drew fire for advising company founders "you should only hire young people with technical expertise" if they want to be successful. And while there are no reports of Facebook hiring 9-year-old bosses yet, the LA Times reports that only young undocumented immigrants are welcome at the hackathon hosted by Zuckerberg's FWD.us next month where "tech CEO's like Mark Zuckerberg, Reid Hoffman, Drew Houston and Andrew Mason will be sitting side-by-side with undocumented youth [with technical expertise] creating tech products to help the immigration reform movement" (invitation to 'day (and night) of working')."

BartlebyScrivener writes "I am a author, screenwriter, law prof, and a hobbyist programmer. I love MacVim and write almost everything in it: Exams, novels, even screenplays now that Fountain is available. I use LaTeX and WordPress and so on, but several years ago I discovered Markdown and the wonderful Pandoc. I searched Slashdot expecting to find lively discussions of both Markdown and Pandoc, but found nothing. Do Slashdotters look down their noses at these tools and do their work in HTML and LaTeX? I can't imagine computer geeks using Word instead of their favorite text editors. If not Markdown and Pandoc, what tools do Slashdotters use when they create documents that probably need to be distributed in more than one format: HTML, PDF, EPUB or perhaps even docx?" And then there's DocBook, LyX, and a host of other markup languages. What do you use, in what context?

theodp writes "In a move straight out of Healthcare.gov's playbook, teachers won't get to preview the final lessons they're being asked to roll out to 10 million U.S. students until a week before the Dec. 9th launch of the Hour of Code nation-wide learn-to-code initiative, according to a video explaining the project, which is backed by the nation's tech giants, including Facebook, Microsoft, Apple, Google, and Amazon. The Hour of Code tutorial page showcased to the press sports Lorem Ipsum pseudo-Latin text instead of real content, promised tutorial software is still being developed by Microsoft and Google, and celebrity tutorials by Bill Gates and Mark Zuckerberg are still a work-in-progress. With their vast resources and deep pockets, the companies involved can still probably pull something off, but why risk disaster for such a high-stakes effort with a last-minute rush? One possible explanation is that CS Education Week, a heretofore little-recognized event, is coming up soon. Then again, tech immigration reform is back on the front burner, an initiative that's also near-and-dear to many of same players behind Hour of Code, including Microsoft Chief Counsel Brad Smith who, during the Hour of Code kickoff press conference, boasted that Microsoft's more-high-tech-visas-for-U.S.-kids-computer-science-education deal found its way into the Senate Immigration Bill, but minutes later joined his fellow FWD.us panelists to dismiss a questioner's suggestion that Hour of Code might somehow be part of a larger self-serving tech industry interest."

Phoghat writes "The guys at Glassdoor have compiled a list of the 25 tech companies with the best salaries for software engineers. Google and Facebook made the list, of course. So did Apple and Twitter. But the company at the very top is a bit of a surprise: networking gear maker Juniper Networks."

itwbennett writes "Software development isn't a cakewalk of a job, but to hear programmers tell it (or at least those willing to grouse about their jobs on Quora and Ubuntu Forums), what makes programming hard has little to do with writing code. In fact, if the list compiled by ITworld's Phil Johnson has it right, the single hardest thing developers do is name things. Are you a software developer? What's the hardest part of your job?"

An anonymous reader writes "Flow-based programming keeps resurfacing lately. FBP claims to make it easier for non-programmers to build applications by stringing together transformations built by expert programmers. Many projects have already been using similar approaches for a long time, with less (or different?) hype. Is it time to take a closer look at flow-based programming? 'Clean functions – functions without side effects – are effectively pure transformations. Something comes in, something goes out, and the results should be predictable. Functions that create side effects or rely on additional inputs (say, from a database) are more complicated to model, but it’s easier to train programmers to notice that complexity when it’s considered unusual. The difficulty, of course, is that decomposing programs into genuinely independent components in a fine-grained way is difficult. Many programmers have to re-orient themselves from orthodox object-oriented development, and shift to a world in which data structures are transparent but the behavior – the transformation – is not.'"

jones_supa writes "Final releases of Visual Studio 2013, .NET 4.5.1, and Team Foundation Server 2013 are now available. As part of the new release, the C++ engine implements variadic templates, delegating constructors, non-static data member initializers, uniform initialization, and 'using' aliases. The editor has seen new features, C++ improvements and performance optimizations. Support for Windows 8.1 has been enhanced and the new XAML UI Responsiveness tool and Profile Guided Optimization help to analyze responsiveness in Windows Store apps. Graphics debugging has been furthered to have better C++ AMP tools and a new remote debugger (x86, x64, ARM). As before, MSDN and DreamSpark subscribers can obtain the releases from the respective channels, and the Express edition is available zero cost for all."

New submitter longhunt writes "I just started my second year of grad school and I am working on a project that involves a computationally intensive data mining problem. I initially coded all of my routines in VBA because it 'was there'. They work, but run way too slow. I need to port to a faster language. I have acquired an older Xeon-based server and would like to be able to make use of all four CPU cores. I can load it with either Windows (XP) or Linux and am relatively comfortable with both. I did a fair amount of C and Octave programming as an undergrad. I also messed around with Fortran77 and several flavors of BASIC. Unfortunately, I haven't done ANY programming in about 12 years, so it would almost be like starting from scratch. I need a language I can pick up in a few weeks so I can get back to my research. I am not a CS major, so I care more about the answer than the code itself. What language suggestions or tips can you give me?"

CowboyRobot writes "Penetration tester and long-time security professional Sumit 'Sid' Siddharth has developed a real-world SQL injection sandbox simulator, and invites the public for a capture the flag event later this month. 'The only way you can understand the true impact of vulnerabilities is by practicing exploitation. Even vulnerability identification goes hand-in-hand with exploitation,' says Siddharth. 'Sometimes identifying the vulnerability is really difficult, and it's only when you know advanced exploitation techniques that you can do so. We've also put together some really nice examples where identifying the vulnerability is really difficult, and we've asked people to find the needle in the haystack because that's how websites get compromised at the end of the day,'"

donadony writes "Oracle announced the release of VirtualBox 4.3; this is a major release that comes with important new features, devices support and improvements. According to the announcement, 'Oracle VM VirtualBox 4.3 adds a unique virtual multi-touch interface to support touch-based operating systems, and other new virtual devices and utilities, including webcam devices and a session recording facility. This release also builds on previous releases with support for the latest Microsoft, Apple, Linux and Oracle Solaris operating systems, new virtual devices, and improved networking functionality.'"

An anonymous reader writes "During my career I've always been focused on learning new technologies and trending programming languages. I've made good money at it, but I'm not sure what the next step is. I don't want to do this for the rest of my life. I'm not sure how to find a good way to transition from programmer to somebody with more responsibility. Should I learn business? It it more important to focus on personal networking? Do I step into the quagmire of marketing? I'm not sure what goals I should set, because I don't know what goals are realistic. Running my own business seems like something I'd like to do, but I'm unsure how to get from here to there. I'd appreciate advice from any fellow geeks who are making (or have made) that change."

An anonymous reader writes "Going beyond the usual soundbites about Ada Lovelace, Amy Jollymore explores the life of the worlds first programmer: 'When I heard that Ada Lovelace Day was coming, I questioned myself, "What do I actually know about Ada Lovelace?" The sum total of my knowledge: Ada was the first woman programmer and the Department of Defense honored her contributions to computation in 1979 by naming its common programming language Ada.
A few Ada biographies later, I know Augusta Ada Lovelace to be an incredibly complex woman with a painful life story, one in which math, shame, and illness were continuously resurfacing themes. Despite all, Ada tirelessly pursued her passion for mathematics, making her contributions to computing undeniable and her genius all the more clear. Her accomplishments continue to serve as an inspiration to women throughout the world.'"

jones_supa writes "Greg Jorgensen specializes in debugging, fixing, maintaining, and extending legacy software systems. His typical client has a web site or internal application that works, more or less, but the original developer isn't available. Greg lists some things you can do in your own software projects to keep him in business. In summary, the list goes as follows: Customize your development environment a lot, don't make it easy for the next programmer to start working on the code. Create an elaborate build and deployment environment and remember to leave out the documentation. Don't bother with a testing/staging server but instead have secret logins and backdoor URLs to test new features, and mix test data with real data in your database. Don't bother with a well-understood framework, write everything from scratch instead. Add dependencies to specific versions of libraries and resources, but don't protect or document those dependencies. For the icing of the cake, use the coolest mix of cutting-edge programming languages."

sfcrazy writes "Oracle has a love-hate relationship with open source technologies. In a whitepaper (PDF) for the Deparment of Defense, Oracle claims that TCO (total cost of ownership) goes up with the use of open source. They're essentially trying to build a case for the use of their own products within the government. 'The skill required to successfully and economically blend source code into a commercially viable product is relatively scarce. It should not be done directly at government expense.' Oracle also attacks the community-based development model, calling it more insecure than company developed products. 'Government-sponsored community development approaches to software creation lack the financial incentives of commercial companies to produce low-defect, well-documented code.'"

sfcrazy writes "It has been discovered that Google downgraded the SSL encryption of Android after version 2.3.4 and defaulted to RC4 and MD5 ciphers. It may appear that NSA is at play here as both are broken and can be easily compromised. But after digging the code Georg Lukas concluded that the blame goes to Oracle. 'The cipher order on the vast majority of Android devices was defined by Sun in 2002 and taken over into the Android project in 2010 as an attempt to improve compatibility.'" The Java spec from 2002 specified RC4 and MD5 as the first two ciphers for TLS; Android, however, used DHE-RSA-AES256-SHA by default. The default cipher list for Java 7 was updated, but Android is stuck using JDK 6 and a default cipher list over a decade old.

jrepin writes "Google is offering rewards as high as $3,133.70 for software updates that improve the security of OpenSSL, OpenSSH, BIND, and several other open-source packages that are critical to the stability of the Internet. The program announced Wednesday expands on Google's current bug-bounty program, which pays from $500 to $3,133.70 to people who privately report bugs found in the company's software and Web properties." Google isn't the only company that sees the value in rewarding those who find security problems: Microsoft just paid British hacker James Forshaw $100,000 for finding a serious security flaw in Windows 8.1.

Hugh Pickens DOT Com writes "Andrew Binstock writes at Dr. Dobb's that a recurring prejudice in the forums where the cool kids hang out is against Java, often described as verbose and fading in popularity but Binstock sees little supporting evidence of Java being in some kind of long-term decline. While it is true that Java certainly can be verbose, several scripting languages have sprung up which are purpose-designed to spare developers from long syntactical passages to communicate a simple action, including NetRexx, Groovy, and Scala. As far as Java's popularity goes, normally, when technologies start their ultimate decline, tradeshows are the first to reflect the disintegrating community. But the recent JavaOne show was clearly larger and better attended than it has been in either of the last two years and vendors on the exhibiting floor were unanimous in saying that traffic, leads, and inquiries were up significantly over last year. Technically, the language continues to advance says Binstock. Java 8, expected in March, will add closures (that is, lambda expressions) that will reduce code, diminish the need for anonymous inner classes, and facilitate functional-like coding. Greater modularity which will be complete in Java 9 (due in 2016) will help efficient management of artifacts, as will several enhancements that simplify syntax in that release. 'When you add in the Android ecosystem, whose native development language is Java, it becomes very difficult to see how a language so widely used in so many areas — server, Web, desktop, mobile devices — is in some kind of decline,' concludes Binstock. 'What I'm seeing is a language that is under constant refinement and development, with a large and very active community, which enjoys a platform that is widely used for new languages. None of this looks to me like a language in decline.'"