Security

Secure Programming Cookbook for C and C++ 159

Alex Moskalyuk writes with the review below of John Viega and Matt Messier's Secure Programming Cookbook for C and C++, a book which he says is useful -- but only if you have the background to use it. Read on for the details, including Alex's alternative reading suggestions.
Announcements

Third ObjectWeb Conference 4

An anonymous reader writes "Registration to ObjectWeb's annual conference is now open. The annual ObjectWeb conference will be held on November 20-21, 2003 in Rocquencourt, France (30 min from Paris). ObjectWeb is an international consortium fostering the development of open-source middleware for cutting-edge applications. This conference, now in its third year, focuses on middleware through the activities of the consortium and associate organizations. It features speakers from corporate members, computer reseach laboratories and the Open Source software community."
Programming

Roll Your Own Yahoo! News RSS Feeds 22

An anonymous reader submits "O'Reilly Developer News is reporting that one of Yahoo's employee's has hacked together a way roll your own Yahoo! News rss feed. Jeremy Zawodney, said hacker, is also an editor of Linux Magazine. News search over RSS is a feature Googlites have been pining for. It's interesting that Yahoo has, in a round about way, beat them to the punch on this one."
The Internet

What's Wacky with Google? 619

There are always going to be oddities with any big online service, but this one seems to be persisting. Join the discussion in trying to figure out a pattern. For maybe a week, Google has been returning zero results or "1-1 of about xxx,000" for common searches. One-word searches seem unaffected, but there are certain two-word combinations of common words like candle truck or speaker bracelet. Reversing the order can affect searches too: motorcycle candles vs. candles motorcycle. The strange thing is that usually the 1 or 2 results found are to commerce sites. Read the Search Basics, compare your notes to GoogleWhack's, have fun looking for patterns, but remember that Google always returns slightly different results for different IP numbers.
Programming

Packet Juggling - Floating Data Storage 148

Filthmaster writes "I just saw an interesting paper that has been posted to bugtraq, full-disclosure and vulnwatch. It deals with the principles of stealthily using network infrastructure as either short-term or long-term storage. Not sure if I'm ready to implement it, but it makes interesting food for thought." There's also a mirror up.
Microsoft

Mono 2.8 Released 78

mallumax writes "A new veriosn of Mono(2.8) has been released: Mono has now integrated SourceGear's webservice enhancements, and there has been a lot of improvement in XML, serialization and web services. Other features are new thread locking and ahead-of-time compiler optimisations. Check out the Mono website for more details." Congratulations are in order for the Mono team as well -- SourceGear was their first customer.
Handhelds

Psion Is Back :-), With Windows :-( 179

An anonymous reader writes "Forbes has an article about the come back of Psion in the high end PDA market. Psion's OS, Symbian, that used to power their PDA (as the Revo for example, or the Series 3, or the Series 5), has been mostly used in cell phones lately, like the Nokia 3650. According to Forbes's article, the new Psion laptop/PDA, the Netbook Pro, will not be powered by Symbian OS, but by Microsoft CE.Net." prostoalex points out a ZDNet review of the device, "which is smaller than your usual notebook PC, but larger than a regular PDA. The product Web site contains specifications in PDF format. It's an Intel Xscale PXA255 400MHz, 128MB SDRAM and 32MB Flash, SVGA (800x600) device supporting CompactFlash and Secure Digital (usual for PDAs) as well as PCMCIA (usual for laptops)," and notes that despite the OS, "the specs list the presence of JEM-CE Java Virtual Machine."
Programming

Diving Into GCC: OpenBSD and m88k 167

BSD Forums writes "This OnLamp article by Miod Vallat describes how the m88k-specific backend of the GNU C compiler, gcc, was fixed, from the discovery and analysis of the problems to the real fixing work. Since it started with almost zero gcc internals knowledge, it should be understandable by anyone able to read C code, and proves that diving into gcc is not as hard as one could imagine."
Java

SIP: Creating Next-Generation Telecom Applications 18

An anonymous reader writes "In this article, you'll discover how the Session Initiation Protocol (SIP) operates and, building on that knowledge, you will learn how to use the Java SIP Servlet API to build new applications that can run on telecommunications networks. The SIP tour concludes with code examples that demonstrate SIP application development in action."
Programming

Negotiating Pay for Open Source Work? 458

OpenSourceforMoney asks: "For about nine months now I've been working on an Open Source software project; the first release was five months ago. It's reasonably popular given its age -- several hundred users at least (users, not downloads) -- but despite my best attempts, I've been unable to get even a few dollars in donations to help support this (and being a student, I really need to get some money from somewhere). Now suddenly I've been approached by a company which wants to pay me to continue working on this project. How should I handle this? Should I ask for an hourly rate, or should I come up with specific targets and attach prices to each? How much money is it reasonable to ask for, for doing work which I'd end up doing (albeit more slowly) even if I wasn't getting paid? How have Slashdot readers handled the transition from working on a project for fun to being paid to work on it?"
Linux

Replacing the Aging Init Procedure on Linux 628

SmellsLikeTeenGarlic writes "Seth Nickell (of Storage and Gnome HIG fame) has started a new project which aims to replace the aging Init system on Linux. OSNews has more details on the project, directly from Seth. The new Python-based approach will make booting faster and it will talk to the D-BUS daemon, freedesktop.org's leading project. And speaking of freedesktop.org, it is important to mention the release of HAL 0.1, an implementation of a hardware abstraction layer for KDE, XFce and Gnome, based on a proposal by freedesktop.org's founder Havoc Pennington and being implemented by David Zeuthen. It is innovative projects like Storage, SystemServices and HAL that can bring the kind of integration to the underlying system that current X11 desktop environments lack."
Programming

Half Life 2 Source Code Leaked 1027

Pyroman[FO] writes "Gamers with Jobs is reporting that the Half Life 2 source code is floating around the net right now. It looks to be about a month old. There's no official word from Valve on the source code leak yet. Unfortunately those who want to use it to cheat already have it, we need to get the word to legitimate customers to educate them about the situation." Update: 10/02 21:51 GMT by S : Valve's Gabe Newell has an official statement, via ShackNews/HalfLife2.net, indicating "infiltration of our network" and appealing for information on the culprits.
GUI

User Interface Design for Programmers 331

ellenf contributes this review of User Interface Design for Programmers. "Aimed at programmers who don't know much about user interface design and think it is something to fear, Joel Spolsky provides a great primer, with some entertaining and informative examples of good and bad design implementations, including some of the thought process behind the decisions. Spolsky feels that programmers fear design because they consider it a creative process rather than a logical one; he shows that the basic principles of good user interface design are logical and not based on some mysterious, indefinable magic." Read on for the rest of ellenf's review.
Operating Systems

TRON Enters Alliance With Microsoft 303

David writes "As widely reported on OSNews.com, Forbes, IDG, CNet, AustralianIT, and Ashi Shimbun - Microsoft Corp. has entered into an alliance with the T-engine Forum, the consortium behind the free software TRON operating system. As TRON runs billions of devices worldwide, this will help Microsoft's goal of cementing WinCE / .NET in places as diverse as your toaster and cell phone, perhaps in a setup similar to how X-Windows is in relation to the Linux kernel." (Continued below.)
Security

OpenSSL Security Vulnerability 245

SiliconEntity writes "On the heels of multiple OpenSSH vulnerabilities, the OpenSSL project is now reporting a number of security vulnerabilities of its own. OpenSSL is a standard cryptographic library used in a wide variety of security applications. The new vulnerabilities range from denial-of-service attacks to stack corruption, which imply the possibility of running malicious code. New versions of the software are released today which address the vulnerabilities."
Announcements

W3C SVG Mobile Competition 16

openbear writes "Over at the W3C they just announced a new competition: "Design a SVG Tiny greeting card in 30k or less, and win a Nokia 3650 tri-band GSM handset. The best entries will be featured on the W3C Web site, linked to their designers' Web pages, with an interview with the winning designer. Enter as many times as you like through 3 November. The SVG Working Group will choose the winner who will be announced on 24 November. Read about Scalable Vector Graphics (SVG). Announced at SVG Open, the SVG Mobile Competition is the first in a series of SVG competitions.""
The Internet

Designing With Web Standards 384

carl67lp (Carl Anderson) writes "I was recently charged with redesigning my University division's Web site. I hadn't designed a Web site in quite some time, and I wanted to ensure that I did so with everything being 'proper'--the nature of our projects require as large an audience as possible. When I saw Designing With Web Standards available on O'Reilly's Safari bookshelf, I knew I had to snag it. And now, after finishing the book (the first IT book I've ever read beginning to end!), I'm here to preach the book's virtues as the author preaches those of Web standards." Read on for Anderson's review of the book.
The Internet

IETF Draft Sets up Public Namespaces 184

figlet writes "A new IETF draft is out (URI Scheme for Information Assets with Identifiers in Public Namespaces). It is a very cool idea and basically introduces namespaces through a new URI scheme. These would be used to refer to resources within their own context. NISO will be the registry for public namespaces. Example (from Herbert Van de Sompel): 'For example, assuming that the namespace of Dewey Decimal Classifications (ddc:) and the namespace of Library of Congress Control Numbers (lccn:) would be registered by their respective authorities, then: the Dewey Decimal Classification 22/eng//004.678 (for the term "Internet") could be expressed as the "info" URI:<info:ddc/22/eng//004.678> and the Library of Congress Control Number 2002022641 could be expressed as the "info" URI <info:lccn/2002022641>.' NISO is going to act as the 'info' registry. Very neat. This basically sets up a parallel web of info spaces, where http/DNS space is just one of many, and anyone can register their namespace 'domain'. Way cool!!"
Java

Should A High-Profile Media Website Abandon Java? 156

newbroom asks: "The company I work for runs a large, high-profile web site with users all across the world and delivers them large amounts of streaming media content plus textual stories. You might guess therefore that this is a news website, frequently updated throughout the day, and delivering content 24x365. No names, or course, for obvious reasons. We have a big, custom, Java content management system (based on a framework from a proprietary vendor as it happens, but could just as well be EJB/J2EE for all that it matters in the context of this argument) and for deployment we run our website using Java app servers on Solaris behind Apache." If you were going to take such a site from 1000 users, to 10,000 users, would you be able to do it using this kind of setup?
Operating Systems

Software Tweak Makes Linux Boot In Under 200 ms 385

An anonymous reader writes "A version of Linux has been created that radically speeds up system boot time -- to less than 200 milliseconds (ms) from power-up to application code startup. The techniques, created by Real-time Linux vendor FSMLabs, are processor independent, and boot times of under 100 mS are expected in the future." Update: 09/30 01:04 GMT by T : Yep -- both headline and post should have read "ms" (milliseconds) rather than "mS" (milli Siemens); thanks to all the alert readers.

Slashdot Top Deals