comforteagle writes "Infamous cracker Kevin Mitnick (turned security consultant) has come out to say that he'd prefer to 'hack' open source code vs proprietary closed code. "Mitnick says that open source software is easier to analyse for security holes, since you can see the code. Proprietary software, on the other hand, requires either reverse engineering, getting your hands on illicit copies of the source code, or using a technique called 'fuzzing'." He further says that open source is more secure, but leaves you wondering questions if enough people are really interested in securing open source code."

Spritzer writes "The Inquirer has a short interview with Kendall Bennett, founder of Scitech Software, about the future of the OpenWatcom project. In short they are in need of some talented people with experience in shared libraries and AMD64 extensions. 'Right now the compiler works great on Linux, but all the code has to be static linked and it uses the Open Watcom runtime library. We need the ability to generate ELF PIC compatible code, as well as link against existing SO libraries which would then allow Open Watcom to use the system GLIBC libraries.'"

The Guardian Gamesblog has a longish piece talking with Volatile Games, developers of the title Possession for the PS3, about what it's like to make a game for Sony's next-gen console. From the article: "At the end of the day it's just a multi-processor architecture. If you can get something running on eight threads of a PC CPU, you can get it running on eight processors on a PS3 - it's not massively different. There is a small 'gotcha' in there though. The main processor can access all the machine's video memory, but each of the seven SPE chips has access only to its own 256k of onboard memory - so if you have, say, a big mesh to process, it'll be necessary to stream it through a small amount of memory - you'd have to DMA it up to your cell chip and then process a little chunk, then DMA the next chunk, so you won't be able to jump around the memory as easily, which I guess you will be able to do on the Xbox 360."

An anonymous reader writes "As with its past, the future of HTML will be varied, some might say messy, but I believe XHTML 2.0 will ultimately receive widespread acceptance and adoption. A big move in this direction will be in Embedded devices such as phones and digital TVs, which will have no need to support the Web's legacy of messy HTML, and are free to take unburdened advantage of XHTML 2.0. This Developer Works article examines the work of the World Wide Web Consortium (W3C) in creating the next-generation version of their XHTML specification, and also their response to the demand for 'rich client" behavior exemplified by Ajax applications.'

beastiecube wrote to mention a GameDaily article going into detail about some accomplished European game developers. American and Japanese companies seem to get most of the press, but there are several development houses in the EU that are producing solid work. From the article: "Criterion is certainly no stranger to never before seen products. Its critically acclaimed Burnout series introduced us to the most terrifyingly amazing crashes ever seen in videogames, and it's looking to spice up the shooting genre with Black, a highly intense FPS where the guns are the stars. Most of them are nothing new, because after all, you see one AK-47, you've seen them all, but unlike in most games, Black's weapons are extremely loud and in your face. But what's even cooler than the hot assortment of deadly toys is the environmental interaction."

Billosaur writes "A report by Robert Lemos of SecurityFocus in The Register states that Oracle is being criticized by David Litchfield of Next-Generation Security Software for failing to rapidly patch a known flaw in its database software. Litchfield had made Oracle aware of the flaw last October and is now taking them to task for their slow response to the exploit. Oracle, in turn, has attacked Litchfield: 'We are always disappointed when researchers feel the need to publish details of vulnerabilities before a fix is available... What David Litchfield has done is put our customers at risk.'"

Constable On Patrol writes to tell us that IBM DeveloperWorks has an interesting look at the 'fundamentals of how memory is constructed and managed' in the Linux memory module. The article serves as a great intro to the basics of memory management for Linux design and implementation. From the article: "This guide includes an examination of the segment control unit and the paging models as well as a detailed look at the physical memory zone."

chrisd writes "As part of a recent examination of the most popular html authoring techniques, my colleague Ian Hickson parsed through a billion web pages from the Google repository to find out what are the most popular class names, elements, attributes, and related metadata. We decided that to publish this would be of significant utility to developers. It's also a fascinating look into how people create web pages. For instance one thing that surprised me was that the <title> is more popular than <br>. The graphs in the report require a browser with SVG and CSS support (like Firefox 1.5!). Enjoy!"

Simon P. Chappell writes "Every now and then, as a book reviewer, you just have to take a chance. The way it works is that editors ply their wares to you, sending you lists of available books on a regular basis and tempting titles catch your eye. The problem is that until you've committed to review the book, received it and read it, you don't know whether you've found a good one or have just been a victim of drive-by marketing. This was such a book. The title sounded good and I just had to try it out. But would it live up to the name that it bore?" Read the rest of Simon's review.

rchapman writes "Generally, file systems are not considered "sexy." When a young programmer wants to do something really cool, his or her first thought is generally not "Dude, two words... File System." However, I am what is politely termed "different." I find file systems very interesting and they have seldom been more so than they are right now. Hans Reiser is working on getting Reiser4 integrated into the Linux kernel, the BSD's are working on getting a journaled file system together, and Sun Microsystems just recently released a beta of ZFS into OpenSolaris. "

msbmsb writes "Stepping away from previous tradition, "Microsoft Corp. said Wednesday it will license its Windows source code to comply with a European Union antitrust ruling." But in an effort to stop the cloning of the OS, developers will still have to pay an unspecified amount for the code. This is an addition to the "12,000 pages of technical documents and 500 hours of free technical support" to those who purchase a license."

An anonymous reader writes "Content management specialist Seth Gottlieb has written an easy to understand how-to on selecting an open source CMS. Gottlieb is also responsible for the whitepaper 'Content Management Problems and Open Source Solutions' which summarizes 15 open source projects and distinguishes between open source CMS and proprietary software selection."

Charmless1 writes to tell us eWeek is reporting that Microsoft has release new previews of their upcoming developer tools. Some have even dubbed these new tools as "Flash killers". From the article: "Microsoft's Expression Suite consists of the Expression Graphic Designer, Expression Interactive Designer and the Expression Web Designer. Microsoft has yet to release a CTP for the Web Designer, also known by its codename Quartz." Slashdot also covered some of the pre-release sentiments back in September.

Argon writes "Close on heals of NewsForge reporting about Government Agency dragging its heels on OpenSSL validation comes the news that OpenSSL receives FIPS Certification. More details are available at the Open Source Institute site which has been driving the effort to get OpenSSL certified. FIPS 140-2 certification allows software using the certified version of OpenSSL to get into various Government departments previously not possible, thus increasing penetration of Free Software in Government."

bfioca writes "Where are the all-in-one PHP frameworks that make building well-factored and maintainable applications as easy as building simple sites? O'Reilly ONLamp's recent article Simplify PHP Development with WASP shows how to make a simple database-backed site with WASP in just a few lines of code. Other PHP 5 frameworks such as symfony and PRADO have been getting a lot of recent attention as well."

An anonymous reader writes "I rarely read an entire article about a single object, especially one that is this simple. However, you will use this object over and over again in each page and application that you write that uses Ajax. This article shows you how to create XMLHttpRequest instances in a cross-browser way, construct and send requests, and respond to the server."

hahafaha asks: "I am currently working on a website for a small organization. We (I am not alone in this) have a beta version ready, and are currently testing the site on browsers. We have tried all of the big browsers (Firefox, IE, opera), as well as other browsers, such as lynx, links, w3m and even NetFront. So, when can one decide that they will stop supporting a system. Obviously, going (for example) down to IE 1 is crazy, but is IE 3 crazy? This is not only relevant to web design but to any programming at all. When, for example, can you say that I will *not* support a certain version of Windows. Can you say that now about Windows 98? How about 95?"

Andy King writes "Web designers have as little as 50 milliseconds to capture the interest of potential customers, according a new report by researchers at Carleton University. Through the halo effect, first impressions can influence subsequent judgments of website credibility and buying decisions."

Cop writes "The Sockets API lets you develop client and server applications that can communicate across a local network or across the world via the Internet. Like any API, you can use the Sockets API in ways that promote high performance -- or inhibit it. This article explores four ways to use the Sockets API to squeeze the greatest performance out your application and to tune the GNU/Linux® environment to achieve the best results."

Carl Bialik from the WSJ writes "'If U.S. companies can go online to outsource their programming, why can't U.S. computer students outsource their homework--which, after all, often involves writing sample programs?' Wall Street Journal colummnist Lee Gomes asks. 'Scruples aside, no reason at all. Search for "homework" in the data base of Rent A Coder projects, and you get 1,000 hits. (An impressive number, but still a tiny fraction of all computer students, the vast majority of whom are no doubt an honest and hardworking lot.)' Some of the Rent a Coder users appear to be outsourcing their way through school, at low costs--probably less than $100 per assignment. The posting are, of course, anonymous, but Gomes traces one to a student at the New Jersey Institute of Technology, where an instructor tells him that Rent a Coder contributed to a problem of plagiarism last semester."