×
China

Chinese Developer Forum Leaks 6 Million User Credentials 102

Posted by timothy from the it's-curtains-for-you-elizabeth-my-dearbook dept.
gzipped_tar writes "The 'Chinese Software Developer Network' (CSDN), operated by Bailian Midami Digital Technology Co., Ltd., is one of the largest networks of software developers in China. A text file with 6 million CSDN user credentials including user names, password, emails, all in clear text, got leaked to the Internet. The CSDN has issued a letter of apology to its users. In the letter, it is explained that passwords created before April 2009 had been stored in plain text, while later passwords were encrypted. Users created between September 2010 and January 2011 may still suffer from email address leaks. A summary of the most frequent passwords without the corresponding usernames is available at GitHub. Somewhat surprisingly, the cryptic sounding password 'dearbook' ranks 4th with 46053 accounts using it."
Android

Project To Mainline Android Kernel Changes Formed 73

Posted by Unknown Lamer from the keep-on-merging dept.
ghostoftiber writes "From the article: 'Tim Bird, a Sony engineering veteran and the chair of the Architecture Group of the Linux Foundation's CE Workgroup, has announced a new concerted effort to get Android's changes to the Linux kernel back into the mainline Linux kernel tree.' Android has been using Linux 2.6.x for its devices since its release, with patches from Google. To date they haven't been merged back into the kernel mainline but existed on kernel.org. Some of the features such as wakelocks would help with Linux tablet projects, but other features aren't fully realized and support remains spotty. The radio interface layer ... still exists as an ATI/Nvidia-esque shim loader scheme with modem 'drivers' being nothing more than ihex files loaded by open code."
Bug

October, November the Worst Months For Writing Buggy Code 136

Posted by Soulskill from the blame-the-halloween-candy-coma dept.
chicksdaddy writes "Data from application testing firm Veracode suggests that the quality of application code submitted for auditing is pretty much constant throughout the year — except for the months of October and November, when the average density of vulnerabilities in the code jumps considerably. But why? Is it the pressure of deadlines? The stress of developers' lives (kids back to school, etc.)?"
Firefox

Firefox 9 Released, JavaScript Performance Greatly Improved 330

Posted by Unknown Lamer from the and-they-say-functional-programming-is-useless dept.
MrSeb writes "Firefox 9 is now available — but unlike its previous rapid release forebears where not a lot changed, a huge feature has landed with the new version: the JavaScript engine now has type inference enabled. This simple switch has resulted in a 20-30% JS execution speed increase (PDF), putting JaegerMonkey back in line with Chrome's V8 engine, and even pulling ahead in some cases. If you switched away from Firefox to IE or Chrome for improved JS performance, now is probably the time to give Firefox another shot."
Encryption

MIT Software Allows Queries On Encrypted Databases 68

Posted by Soulskill from the cutting-out-the-middleman dept.
Sparrowvsrevolution writes "CryptDB, a piece of database software that MIT researchers presented at the Symposium on Operating System Principles in October, allows users to send queries to an encrypted SQL database and get results without decrypting the stored information. CryptDB works by nesting data in several layers of cryptography (PDF), each of which has a different key and allows a different kind of simple operation on encrypted data. It doesn't work with every kind of calculation, and it's not the first system to offer this sort of computation on encrypted data. But it may be the only practical one. A previous crypto scheme that allowed operations on encrypted data multiplied computing time by a factor of a trillion. This one adds only 15-26%."
Education

Ask Slashdot: Entry-Level Robotics Kits For Young Teenagers? 153

Posted by timothy from the old-teenagers-much-grumpier dept.
An anonymous reader writes "So, it's that wonderful time of year again. Instead of buying the latest, greatest whiz-bang, overpriced fad toy of the year, I thought I might try my hand at corrupting my nieces (ages 12 and 14) in a nerdier direction with some sort of introductory robotics kit. They have no programming experience, and part of my idea is that it would be encouraging for them to see interactions of their code that they write with the real-world by being able to control some actuators and read sensors. The first thing that comes to mind is Lego Mindstorms, but I find them a bit on the pricey side of things. My budget falls between $40 and $100, and the ideal kit would focus more on the software side than on soldering together circuits. I'd be looking for a kit that provides an easy to learn API and development tools that will work with a standard Windows PC. I don't mind spending a few afternoons helping them out with the basics, but I'd like for them to be able to be able to explore on their own after grasping the initial concepts. Has anybody gotten their younger relations into programming through robotics, and what kits might you recommend?"
GNU is Not Unix

GPL, Copyleft Use Declining Fast 808

Posted by timothy from the taking-great-liberties dept.
itwbennett writes "Use of the GPL, LGPL, and AGPL set of licenses is declining at an accelerating rate, according to new analysis by the 451 Group's Matthew Aslett. In fact, the 451 Group projects that GPL usage will hit 50% by September 2012. Instead, developers are licensing projects under permissive licenses such as the MIT, Apache (ASL), BSD, and Ms-PL. The shift started in 2007 and has been gathering momentum ever since. Blogger Brian Proffitt posits that 'the creation of the GPLv3 and the sometimes contentious discussion that led up to it' may be partly responsible for the move away from the GPL."
Android

Why Developers Still Prefer iOS To Android 614

Posted by timothy from the addictive-chemicals-are-my-theory dept.
An anonymous reader writes "Google Chariman Eric Schmidt recently addressed an Android user lamenting the fact that that mobile apps are often released on Apple's iOS platform well before they finally reach Android. Schmidt cooly and curiously explained that this dynamic will change in just 6 months. Here's why he's wrong. Though Google brags about the total number of Android users, developers care about certain kinds of users (those that pay for apps). A similar dynamic can be found in television advertising, where advertisers will more money for ad spots on less popular shows in order to reach desirable demographics, even though other programs may have many millions of more viewers."
GUI

Qt 4.8.0 Released 90

Posted by timothy from the how-qt-it-looks dept.
jrepin duly notes the release of Qt 4.8.0, and extracts from the announcement some of the key changes for developers: "Qt Platform Abstraction (QPA) restructures the GUI stack to enable easier porting of Qt to different windowing systems and devices. Threaded OpenGL enables us to render OpenGL from more than one thread concurrently. HTTP requests are now handled in a separate thread by default. The file system stack received some heavy lifting under the hood. The result is better I/O performance."
Oracle

Oracle Sued For 'Extortion, Lies' By Montclair State University 359

Posted by timothy from the their-reputation-precedes-them dept.
angry tapir writes "Montclair State University is suing Oracle in connection with a troubled ERP (enterprise resource planning) project. Montclair's complaint, filed Tuesday in U.S. District Court for the District of New Jersey, states that Oracle made an array of 'intentionally false statements' regarding the functionality of its base ERP system, the amount of customization that would be required, and the amount of 'time, resources, and personnel that the University would have to devote.' 'Ultimately, after missing a critical go-live deadline for the University's finance system, Oracle sought to extort millions of dollars from the University by advising the University that it would not complete the implementation of the ... project unless the University agreed to pay millions of dollars more than the fixed fee the University and Oracle had previously agreed to,' it adds."
Firefox

Firefox Too Big To Link On 32-bit Windows 753

Posted by Unknown Lamer from the ate-too-many-pizzas dept.
An anonymous reader writes "Firefox has gotten so large that it cannot be compiled with PGO on a 32-bit linker anymore, due to the virtual memory limitation of 3 GB. This problem had happened last year with 2 GB, which was worked around by adding a/3GB switch to the Windows build servers. Now the problem is back, and things aren't quite that simple anymore." This only affects the inbound branch, but from the looks of it new code is no longer being accepted until they can trim things from the build to make it work again. The long term solution is to build the 32-bit binaries on a 64-bit system.
Programming

NVIDIA Releases Source To CUDA Compiler 89

Posted by Unknown Lamer from the not-quite-there-yet dept.
An anonymous reader writes "NVIDIA has announced they have 'open-sourced' their new CUDA compiler so that their GPGPU platform can be brought to new architectures. NVIDIA's CUDA compiler is based upon LLVM. At the moment though they seem to be restricting the source code's access to 'qualified' individuals.' The official press release implies wider access to the source will happen later. It so happens that a few days ago AMD opened their OpenCL backend and added initial support to the Free Software r600 driver.
Bug

Ask Slashdot: How To Get Non-Developers To Send Meaningful Bug Reports? 360

Posted by Soulskill from the it's-broken-just-fix-it dept.
DemonGenius writes "I'm in the midst of a major rollout of one of our primary internal applications at work and we have a beta version available for all the staff to use. The problem here is most of the staff don't know how to send reports meaningful enough to get us devs started on solving their problems without constant back and forth correspondence that wastes both developer time and theirs. Some common examples are: screenshots of the YSOD that don't include the page URL, scaled screenshots that are unreadable, the complaint that wants to be a bug report but is still just a complaint, etc. From the user's perspective, they just send an email, but that email registers in our tracking system. Any thoughts on how to get the non-devs sending us descriptive and/or meaningful reports? Does anyone here have an efficient and user-friendly bug tracking system/policy/standard at their workplace? How does it work?"
Facebook

Facebook Releases JIT PHP Compiler 244

Posted by Unknown Lamer from the history-repeats-itself dept.
angry tapir writes, quoting a Techworld article: "In its continuing endeavor to serve its 800 million users as quickly as possible, Facebook is once again revamping the way it handles its PHP-based Web pages. Facebook has posted ... its HipHop Virtual Machine (HHVM), which the company's engineers call a just-in-time PHP compiler. According to Facebook, this PHP execution engine is 60 percent faster than its current PHP interpreter and uses 90 percent less memory." Facebook has a weblog post with a more technical description.
Software

Aerospace Corp Pays $2.5m To Settle Rogue Software Dev Case 129

Posted by Soulskill from the should've-outsourced dept.
chrb writes "U.S. company Aerospace Corp. has paid $2.5 million to settle a case that they defrauded the U.S. Air Force by knowingly billing for the services of a rogue software developer. The rogue developer, William Grayson Hunter, was being paid for two full time jobs at two different aerospace companies, but spent most of his time in bars, amusement parks and movie theaters. On some days, he billed his employers for over 24 hours' work."
Chrome

Google Demonstrates Chrome Native Client With Bastion 154

Posted by Soulskill from the smashing-crates-in-the-browser dept.
Multiple readers sent word that Bastion, an action RPG from indie developer Supergiant Games originally made for Xbox Live Arcade, has shown up in the Chrome Web Store. The purpose of the move is to showcase the browser's Native Client technology. From the article: "Ian Ellison-Taylor, Google's director of product management for the open Web platform, said that Native Client, also called NaCl, can currently improve browser performance by 1 to 10 times. 'What would it be like if we could run native code inside the browser,' he asked the crowd, and he enumerated two goals for the Native Client project. He said Google wants to bring native applications to the Web for performance and security reasons, and it wants to enrich the Web ecosystem by bringing popular, long-in-use programming languages to the Web."
Microsoft

Silverlight 5 Released 107

Posted by Soulskill from the hp-totally-stole-their-thunder dept.
New submitter CaptSlaq sends word that Silverlight 5 has been released. Microsoft has not revealed whether it will be the last version. "New features in Silverlight 5 include Hardware Decode of H.264 media, which provides a significant performance improvement with decoding of unprotected content using the GPU; Postscript Vector Printing to improve output quality and file size; and an improved graphics stack with 3D support that uses the XNA API on the Windows platform to gain low-level access to the GPU for drawing vertex shaders and low-level 3D primitives. In addition, Silverlight 5 extends the ‘Trusted Application’ model to the browser for the first time. These features, when enabled via a group policy registry key and an application certificate, mean users won’t need to leave the browser to perform complex tasks such as multiple window support, full trust support in browser including COM and file system access, in browser HTML hosting within Silverlight, and P/Invoke support for existing native code to be run directly from Silverlight."
Programming

Why We Need More Programming Languages 421

Posted by Soulskill from the use-once-then-discard dept.
snydeq writes "Fatal Exception's Neil McAllister writes in favor of new programming languages, given the difficulty of upgrading existing, popular languages. 'Whenever a new programming language is announced, a certain segment of the developer population always rolls its eyes and groans that we have quite enough to choose from already,' McAllister writes. 'But once a language reaches a certain tipping point of popularity, overhauling it to include support for new features, paradigms, and patterns is easier said than done.' PHP 6, Perl 6, Python 3, ECMAScript 4 — 'the lesson from all of these examples is clear: Programming languages move slowly, and the more popular a language is, the slower it moves. It is far, far easier to create a new language from whole cloth than it is to convince the existing user base of a popular language to accept radical changes.'"

Slashdot Top Deals