Security

Exploit Available for Cisco IOS Vulnerability 277

GNUman writes "Cisco's IOS vulnerability, posted by Slashdot and CERT, has now a published exploit available, as reported recently by CERT. While there are some some articles claiming that the Internet survived a major flaw, maybe with a publicly available exploit could script kiddies start creating havock?. jerw134 wanted to start a pool to find out when the exploit would be publicly available, here's the answer."
GNU is Not Unix

LGPL is Viral for Java 717

carlfish writes "According to this post to POI-dev, Dave Turner (Mr License) of the FSF has decreed that the steps required to use an LGPL'd Java library will actually infect client code with substantial GNU-ness via Section 6 of the LGPL. (The "Lesser" GPL is supposed to protect only the Library, without infecting code using the library) This, as you might imagine, puts a few LGPL Java projects that previously thought they were embeddable without being viral in a bit of a bind. Various weblogs have further coverage." Update: 07/18 02:44 GMT by CN : The FSF's Executive Director, Brad Kuhn adds "LGPL's S. 6 allows you to make new works that link with the LGPL'ed code, and license them any way you see fit. Only the LGPL'ed code itself must remain Free. Such 'client code' can even be proprietary; it need not be LGPL'ed."
Graphics

Graphics Tricks from the Command Line 68

An anonymous reader writes "There's nothing quite like command-line tools for handling large batches of tasks, and image manipulations are no exception. Web developers and administrators will appreciate the ability to handle large numbers of files easily, either at the command line or in scripts. This article presents the ImageMagick suite, a Linux toolkit for sizing, rotating, converting, and otherwise manipulating images, in a huge number of formats, whether one or a hundred at a time."
Perl

State of the Onion 7 230

chromatic writes "One of the highlights of every OSCON is Larry Wall's annual State of the Onion address, covering Perl, philosophy, linguistics, music, theology, science, and usually a few other things thrown in for good measure. His talk from OSCON 2003, State of the Onion 7, is now online."
Java

Head First Java 327

honestpuck writes "Earlier this year I decided to learn Java. I'd spent some time using JavaScript without really getting my hands too dirty but I'd pushed it way to far and realized I needed a bigger hammer. Grabbing a copy of Learning Java, 2nd Edition from O'Reilly I started learning. First problem, I have to admit I've stayed away from object-oriented programming; after all, I've been writing software for nigh on twenty years without it - why make life hard? Sure, I understood the concepts and I'd done a little but never in a language so strongly committed to OO as Java." Read on for honestpuck's review of Head First Java, which he compares in style and content to Learning Java.
Programming

Introduction to Parallel Computing 17

taped2thedesk writes "The University of Michigan Center for Advanced Computing recently conducted a introductory workshop on parallel (cluster and grid) computing systems. They posted all of the presentations and notes from their workshop online. I attended the workshop and found it very informative - code examples are in C and Fortran, but programmers of any language can understand the concepts they present." (Note: requires a program that can display powerpoint slides.)
Java

Using XML in Performance Sensitive Apps? 97

A Parser's Baggage queries: "For the last couple of years I've been working with XML based protocols and one thing that keeps coming up is the amount of CPU power needed to handle 10, 20, 30 or 40 concurrent requests. I've ran benchmarks on both Java and C#, and my results show that on a 2ghz CPU, the upper boundary for concurrent clients is around 20, regardless of the platform. How have other developers dealt with these issues and what kinds of argument do you use to make the performance concerns know to the execs. I'm in favor of using XML for it's flexibility, but for performance sensitive applications, the weight is simply too big. This is especially true when some executive expects and demands that it handle 1000 requests/second on a 1 or 2 cpu server. Things like stream/pull parsers help for SOAP, but when you're reading and using the entire message, pull parsing doesn't buy you any advantages."
Technology

Philosophical Split Hurts Web Services Adoption 25

Avidwriter writes "'There is a serious split in Web services implementation philosophy that is threatening to stall the benefits of the technology to businesses and consumers,' says this Devchannel story. 'The WSDL 1.1 specification allows programmers to choose between remote procedure call (RPC) style and document-style Web services. The decision is not an arbitrary one, as it has ramifications for both message structure and more importantly the interoperability of Web services...'"
Software

The Evolution of Software 15

An anonymous reader writes "Russian physicists Gorshenev and Pis'mak have posted a preprint claiming evidence that software projects naturally attain a state of self-organized criticality, in a process analogous to the contested theory of punctuated equilibrium in biological evolution (see also this paper by Bak and Boettcher). The software projects studied are FreeBSD, Mozilla, and GNU Emacs, by analyzing data from their CVS checkins."
Unix

State Of The Filesystem 424

Skeme writes "Have you heard of Plan 9 or Reiser4 but don't know much about them? Are you curious about the improvements free software is making to its filesystems in general? Read my summary of the current developments in the filesystem: namely, what improvements we can expect (a lot), and what Linux and the BSDs can do to improve on the filesystem."
The Almighty Buck

Funding Open Source? 264

One of the beautiful things about Open Source is that the barriers to entry are next to non-existent, and the adage "have compiler, will travel" embodies this fact well enough. However, as projects grow in size, they will soon face financial stumbling blocks, not to mention a need for increased visibility. How does one best market an Open Source project? What can Joe (or Joni) Coder do to increase their project's financial stability? Have the financially minded people of the Free Software community thought out the possibility of an Open Investment firm? Read on for Slashdot readers who are asking these exact questions!
Graphics

Developing for Color Blindness? 57

Satan's Librarian asks: "I develop software in the music industry. Most of the software is very graphical, with lots of knobs, buttons, and various other custom controls. Recently I realized one of my interfaces would be difficult for someone who was colorblind - fortunately before it shipped. How do other developers avoid this? Is there software available on XFree86, Mac OS X, or Windows that can let you run in a modified-color mode to emulate the various kinds of colorblindness? I've found one site with some cool demos of how colors are perceived with the various types of color blindness, and a lot of self-help sites and software to help people who are colorblind, but no software to help developers and graphics artists avoid causing people difficulties in the first place yet - although from the demos and articles, I expect the algorithms would be trivial. Seems to me that if the statistics I keep seeing for colorblindness are correct (~8% of males, ~2% of females), this could be an often ignored problem that excludes a lot of people from some software. If you're colorblind, how do you deal with websites and software that was poorly designed for you? Is it a problem often?"
Operating Systems

Interview With Chris McKillop of QNX 22

Sheepish writes "OSNews features an interview with Chris McKillop, software engineer of QNX Software Systems. Chris, the most outspoken and 'visible' QNX employee in the QNX community, is discussing about performance differences between RT and monolithic kernels, the difficulties of pitching a new OS to the world, the Linux and Microsoft threat to QNX in the embedded space, QNX's Momentics desktop operating system and more."
Programming

New Site Makes OSS Development Easier 42

An anonymous reader submits "OpenSnippets is a fledgling online community for OSS developers. New members are welcome to submit articles and code of interest, and everyone can view/download the code! It's blog-styled with topics for most popular languages. How useful- I only wish it'd make my coffee..."
Programming

Gridwars Parallel Programming Challenge 176

Peter_Pork writes "New Scientist has an article about GridWars, a challenging new game that runs on large clusters of computers. Programs fight each other for supremacy in terms of the number of processors they control, and the main point of the contest is to develop better parallel algorithms. It seems a nice idea: have fun while you improve the state-of-the-art in cluster computing. The result of the last contest was somewhat of an upset, since a craftsmanly Russian program defeated a sophisticated genetic algorithm from NASA."
Microsoft

MS Message Security Flaw Explained 48

Geoff Shively writes "Canadian security researcher Oliver Lavery published a fantastic paper on Win32 Message Vulnerabilities. The paper touches on a the Shatter problem that received much attention almost 1 year ago regarding the fundamental flaws in the Win32 API. Oliver's research demonstrates that the Shatter vulnerability is still very much in existence and quite a threat. Vendors need to wake up and work towards fixing this problem in their applications."
Perl

$4500 Raised for Perl Foundation at OSCON Auction 16

Krellis writes "Over $4,500 was raised Thursday night at the DynDNS.org/OnyxNeon party here at O'Reilly's Open Source Convention 2003. A large part of this was $1025 in a heated contest about the primary color for search.cpan.org. London.pm fought hard to make the change to orange, but Graham Barr's group managed to win out, and the color will remain as "web-safe teal." Graham is no sore winner though, and London.pm will be given their color for one month. See the DynDNS Press Release for more information, and thanks to everyone who contributed!"
Programming

OSI Announces Open Source Awards 162

JohnGrahamCumming writes "There's a story running on ZDNet about how OSI is going to be giving Open Source Awards with cash prizes of up to $10,000. The idea is to create the "Nobel Prizes" of Open Source. Announcement was made yesterday as OSCON with some big names backing the awards (e.g. Sun, OSAF and (interestingly) a major venture capital firm USVP)."

Slashdot Top Deals