darthcamaro writes "Oracle has been slammed a lot in recent months about its lackluster handling of Java security. Now Oracle is responding as strongly as it can with one of the largest Java security updates in history. 50 flaws in total with the vast majority carrying the highest-possible CVSS score of 10."
Migrate from GitHub to SourceForge quickly and easily with this tool. Check out all of SourceForge’s recent improvements.×
chicksdaddy writes "Veracode's blog has an interesting piece that looks at whether 'brogramming' — the testosterone- and booze-fueled coding culture depicted in movies like The Social Network — spells death for the 'engineering' part of 'software engineering.' From the post: 'The Social Network is a great movie. But, let's face it, the kind of "coding" you're doing when you're "wired in"... or drunk... isn't likely to be very careful or – need we say – secure. Whatever else it may have done, [brogramming's] focus on flashy, testosterone-fueled "competitive" coding divorces "writing software" – free form, creative, inspirational – from "software engineering," its older, more thoughtful and reliable cousin.' The article picks up on Leslie Lamport's recent piece in Wired: 'Why we should build software like we build houses' — also worth reading!"
Qedward writes "As the UK prepares to shake up the way computer science is taught in schools, Redmond is warning that the UK risks falling behind other countries in the race to develop and nurture computing talent, if 'we don't ensure that all children learn about computer science in primary schools.' With 100,000 unfilled IT jobs but only 30,500 computer science graduates in the UK last year, MS believes: 'By formally introducing children to computer science basics at primary school, we stand a far greater chance of increasing the numbers taking the subject through to degree level and ultimately the world of work.'"
An anonymous reader writes "In what seems to be a recurring theme with Facebook as the social networking giant adds features, competing apps that use Facebook integration risk being cut off due to the terms of service surrounding the API. For example, 'Voxer CEO Tom Katis told AllThingsD that the company got an email on Thursday saying that Facebook wanted to hold a phone call to discuss possible violations of a section of the company’s terms of service. The section in question centers around the use of Facebook’s social graph by competing social networks.' Similarly, 'Within hours of Twitter launching its Vine video-sharing application on Thursday, Facebook has cut off access to Vine’s "find people" feature, which used to let Vine users find their Facebook friends using the Vine application.' You have to ask yourself: is it really worth developing an app that integrates with, or worse runs completely on Facebook's platform?"
An anonymous reader writes "Mozilla on Tuesday announced a massive change to the way it loads third-party plugins in Firefox. The company plans to enable Click to Play for all versions of all plugins, except the latest release of Flash. This essentially means Firefox will soon only load third-party plugins when users click to interact with the plugin. Currently, Firefox automatically loads any plugin requested by a website, unless Mozilla has blocked it for security reasons (such as for old versions of Java, Silverlight, and Flash)."
First time accepted submitter taikedz writes "Citrix Xenapp with Receiver/Metaframe allows publishing individual applications installed on a Windows server to users on remote machines. These applications open in their own windows, along side others as if they were installed locally. I am looking to do the same at home, with free software, publishing applications from Mac, Linux, and Windows machines (and yes, I've verified the license agreements for the apps I am going to do this with!). Up until now, the only alternatives I have found are full-on remote desktop login, not seamlessly-integrated. Can you recommend any tools that can achieve the goal of remote individual application access across platforms for free or at low-cost?"
snydeq writes "Deep End's Paul Venezia waxes philosophical about Perl stagnancy in IT. 'A massive number of tools and projects still make the most out of the language. But it's hard to see Perl regaining its former glory without a dramatic turnaround in the near term. As more time goes by, Perl will likely continue to decline in popularity and cement its growing status as a somewhat arcane and archaic language, especially as compared to newer, more lithe options. Perhaps that's OK. Perl has been an instrumental part of the innovation and technological advancements of the last two decades, and it's served as a catalyst for a significant number of other languages that have contributed heavily to the programming world in general.'"
theodp writes "That his 28-year-old whip-smart, well-educated CS grad friend could be unaware of MacWrite and MacPaint took Dave Winer by surprise. 'They don't, for some reason,' notes Winer, 'study these [types of seminal] products in computer science. They fall between the cracks of "serious" study of algorithms and data structures, and user interface and user experience (which still is not much-studied, but at least is starting). This is more the history of software. Much like the history of film, or the history of rock and roll.' So, Dave asks, what early software was influential and worthy of a Software Hall of Fame?"
giminy writes "Clay Shirky has a thought-provoking piece on depression in the hacker community. While hackers tend to be great at internet collaboration on software projects, we often fall short when it comes to helping each other with personal problems. The evidence is only anecdotal, but there seems to be a higher than average incidence of mental health issues among hackers and internet freedom fighters. It would be great to see this addressed by our community through some outreach and awareness programs."
judgecorp writes "Linux kernel developer Alan Cox has left Intel and Linux development after slamming the Fedora 18 distribution. He made the announcement on Google+ and promised that he had not fallen out with Linus Torvalds, and would finish up all outstanding work." Also at Live Mint, which calls Cox's resignation notice a "welcome change from the sterility, plain dishonesty of CEO departure statements." Cox says in that statement that he's leaving "for a bit," and "I may be back at some point in the future - who knows."
CowboyRobot writes "The metaphors and conventions of mobile apps on phones and tablets are now driving the design of desktop software. For example, dialog boxes in typical desktop software used to be complex, requiring lots of interaction. But these are now typically much simpler with far fewer options in a single pane. Drop-down menus are evolving, too. The former style of multiple cascading menus is being replaced. Drop-downs today have a smaller range of options (due to mobile screens being so small and the need to have the entries big enough that a finger touch can select it), and they never use the cascading menu. In Web-based apps, the mobile metaphors are finding greater traction as well. One need only look at the new Google Mail (GMail) interface and see how it's changed over the last year to view the effects of this new direction: All icons are monochrome, the number of buttons is very limited, and there's a More button that keeps the additional options off the main screen."
theodp writes "There's a funny thing about the estimated $1.7 trillion that American companies say they have indefinitely invested overseas,' reports the WSJ's Kate Linebaugh (reg. or the old Google trick). 'A lot of it is actually sitting right here at home.' And if tech companies like Google and Microsoft want to keep more than three-quarters of the cash owned by their foreign subsidiaries at U.S. banks, held in U.S. dollars or parked in U.S. government and corporate securities, Linebaugh explains, this money is still overseas in the eyes of the IRS and isn't taxed as long as it doesn't flow back to the U.S. parent company. Helping corporations avoid the need to tap their foreign-held cash are low interest rates at home, which have allowed U.S. companies to borrow cheaply. Oracle, for instance, raised $5 billion last year, paying an interest rate roughly two-thirds of a percentage point above the low post-crash Treasury yield, about 2.5% at the time (by contrast, grad students and parents pay 6.8%-7.9% for Federal student loans). Were the funds it manages to keep in the hands of its foreign subsidiaries brought home and subjected to U.S. income tax, Oracle estimated it could owe Uncle Sam about $6.3 billion."
An anonymous reader writes "I am part of engineering team that maintains a very important component in our company. Our code quality and general engineering quality focus has been very weak: we have frequent buggy releases, our latencies are shooting up, our test coverage is nearly non-existent, and it is impossible for a newcomer in our team to get up to speed and be productive in less than a month due to unnecessary complexity. A group of 2-3 of us want to change that, and we know what needs to change technically — the better code review and release processes, better build tools, etc. But despite that, the quality of our code and design continues to suffer, and poor code continues to get released in the name of keeping the scheduled release date (product guys don't like to wait). We feel that if the right thing is done every time, we would can eliminate our issues and still release at the same pace. How do we effect the social change necessary to convince them of what is better and encourage them to take the effort to do it?"
CowboyRobot writes "In 25 years, an odd thing will happen to some of the no doubt very large number of computing devices in our world: an old, well-known and well-understood bug will cause their calculation of time to fail. The problem springs from the use of a 32-bit signed integer to store a time value, as a number of seconds since 00:00:00 UTC on Thursday, 1 January 1970, a practice begun in early UNIX systems with the standard C library data structure time_t. On January 19, 2038, at 03:14:08 UTC that integer will overflow. It's not difficult to come up with cases where the problem could be real today. Imagine a mortgage amortization program projecting payments out into the future for a 30-year mortgage. Or imagine those phony programs politicians use to project government expenditures, or demographic software, and so on. It's too early for panic, but those of us in the early parts of their careers will be the ones who have to deal with the problem."