Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Education

Billionaire Launches Free Code College in California (arstechnica.com) 187

Xavier Niel is the billionaire founder of France's second-largest ISP. In February he bought a former campus from DeVry University, and tried building something better. Slashdot reader bheerssen writes: 42 US is a free coding school near Facebook's headquarters in Fremont, California. The courses are boot camp like experiences that do not offer traditional degrees, but hope to provide programming skills and experience to students for free.
Ars Technica calls it "a radical education experiment" -- even the dorms are free -- and the school's COO describes their ambition to become a place "where individuals from all different kinds of backgrounds, all different kinds of financial backgrounds, can come and have access to this kind of education so that then we can have new kinds of ideas." Students between the ages of 18 and 30 are screened through an online logic test, according to the article, then tossed into a month-long "sink or swim" program that begins with C. "Students spend 12 or more hours per day, six to seven days per week. If they do well, students are invited back to a three- to five-year program with increasing levels of specialty."
AI

Has The NSF Automated Coding with ExCAPE? (adtmag.com) 140

The National Science Foundation is developing a way to create working code using "automated program synthesis," a new technology called ExCAPE "that provides human operators with automated assistance.... By removing the need for would-be programmers to learn esoteric programming languages, the method has the potential to significantly expand the number of people engaged in programming in a variety of disciplines, from personalized education to robotics." Rajeev Alur, who leads a team of researchers from America's nine top computer science programs, says that currently software development "remains a tedious and error-prone activity." Slashdot reader the_insult_dog writes: While its lofty goals of broadly remaking the art of programming might not be realized, the research has already made some advances and resulted in several tools already in use in areas such as commercial software production and education...
For example, the NSF created a new tool (which they've recently patented) called NetEgg, which generates code for controlling software-defined networks, as well as Automata Tutor and AutoProf, which provide automated feedback to computer science students.
Transportation

One In Five Vehicle Software Vulnerabilities Are 'Hair On Fire' Critical (securityledger.com) 85

Long-time Slashdot reader chicksdaddy quotes a report from Security Ledger: One of every five software vulnerabilities discovered in vehicles in the last three years are rated "critical" and are unlikely to be resolved through after the fact security fixes, according to an analysis by the firm IOActive. "These are the high priority 'hair on fire' vulnerabilities that are easily discovered and exploited and can cause major impacts to the system or component," the firm said in its report...

The bulk of vulnerabilities that were identified stemmed from a failure by automakers and suppliers to follow security best practices including designing in security or applying secure development lifecycle (SDL) practices to software creation... The result is that vehicle cybersecurity vulnerabilities are not solvable using "bolt-on" solutions, IOActive concluded...

The article argues we're years away from standards or regulations, while describing auto-makers as "wedded to the notion that keeping the details of their systems secret will ensure security."
Microsoft

Microsoft's Bill Gates Is Richest Tech Billionaire With $78 Billion Fortune (gulfnews.com) 102

An anonymous reader quotes a report from GulfNews: The "100 Richest Tech Billionaires In The World 2016" list has been topped by Microsoft founder Bill Gates with an estimated fortune of $78 billion. The titans on Forbes' second annual list of the world's richest in technology are worth a combined $892 billion, six percent more than a year ago. Just over half of the 100 richest in tech are from the U.S., including eight of the top 10 richest on the list. Forbes said the second richest person in tech Amazon founder and CEO Jeff Bezos is also the biggest gainer on the list this year and has an estimated $66.2 billion fortune, an increase of $18.4 billion since this list was released last year. That puts him ahead of Oracle chairman Larry Ellison, who comes in on the fourth spot. Ellison was also beaten by Facebook founder and CEO Mark Zuckerberg, who climbed from fourth to third place thanks to a 30 percent jump in the value of Facebook's stock; he is now also California's richest person, another title that previously belonged to Ellison.
Databases

Linux Trojan Mines For Cryptocurrency Using Misconfigured Redis Servers (softpedia.com) 62

An anonymous reader writes: In another installment of "Linux has malware too," security researchers have discovered a new trojan that targets Linux servers running Redis, where the trojan installs a cryptocurrency miner. The odd fact about this trojan is that it includes a wormable feature that allows it to spread on its own. The trojan, named Linux.Lady, will look for Redis servers that don't have an admin account password, access the database, and then download itself on the new target. The trojan mines for the Monero crypto-currency, the same one used by another worm called PhotoMiner, which targets vulnerable FTP servers. According to a recent Risk Based Security report from last month, there are over 30,000 Redis servers available online without a password, of which 6,000 have already been compromised by various threat actors.
IT

IFTTT Enables 3rd-Party Devs To Integrate the Service Into their Products (techhive.com) 18

IFTTT (short for If this then that) has made a name for itself as a platform for people to easily automate tasks between various apps. The company announced on Wednesday that it is now allowing developing partners to embed those IFTTT recipes directly in their own third-party apps. TechHive adds: This should enable IFTTT to expand its user base beyond the 1.4 million enthusiasts who are already using the service. Smart-home device users who own products such as the Ring video doorbell, LIFX smart bulbs, the Foobot indoor air monitor, and the Garagio smart garage-door operator will gain the capability to use IFTTT recipes directly from their product's apps starting Wednesday. You'll still need to sign up for an IFTTT account if you don't have one, but you'll be able to do that without leaving the third-party device's app. "It lets them tell the story now," said CEO Linden Tibbett. "A good analogy is to think of how PayPal handles payment... We want to be that standard for asking and granting access from one service to another."
Earth

6 Million Americans Exposed To High Levels of Chemicals In Drinking Water, Says Study (businessinsider.com) 166

An anonymous reader quotes a report from Business Insider: A new study out Tuesday in the journal Environmental Science and Technology Letters looked at a national database that monitors chemical levels in drinking water and found that 6 million people were being exposed to levels of a certain chemical that exceed what the Environmental Protection Agency considers healthy. The chemicals, known as poly- and perfluoroalkyl substances, or PFASs, are synthetic and resistant to water and oil, which is why they're used in things like pizza boxes and firefighting foam. They're built to withstand the environment. But PFASs also accumulate in people and animals and have been observationally linked to an increased risk of health problems including cancer. And they can't be easily avoided, like with a water filter, for example. You can view the chart to see the tested areas of the U.S. where PFASs exceed 70 ng/L, which is what's considered a healthy lifetime exposure.
Government

White House Releases Federal Source Code Policy To Help Government Agencies Go Open Source (whitehouse.gov) 61

dwheeler writes: The U.S. federal government just released a new Federal Source Code policy (PDF). For each of the next 3 years, at least 20 percent of custom-developed Federal source code is to be released as open-source software. Earlier this year, Tony Scott, Federal CIO of the U.S. government, wrote on the White House blog that the U.S. government "can save taxpayer dollars by avoiding duplicative custom software purchases and promote innovation and collaboration across Federal agencies." Today, they released the Federal Source Code policy. TechCrunch reports: "The main requirement is that any new custom source code developed 'by or for the Federal Government' has to be made available for sharing and re-use by all Federal agencies. For example, this means that the TSA can have access to custom made software that was commissioned by the FBI. Considering there is probably a great deal of overlap in applications needed by certain branches of the Federal Government, this rule alone should save the government (and taxpayers) a great deal of money. In fact, the policy states that 'ensuring Government-wide reuse rights for custom code that is developed using Federal funds has numerous benefits for American taxpayers.'"
Software

'Faceless Recognition System' Can Identify You Even When You Hide Your Face (vice.com) 55

schwit1 quotes a report from Motherboard: By itself, the ability to instantly identify anyone just by seeing their face already creates massive power imbalances, with serious implications for free speech and political protest. But more recently, researchers have demonstrated that even when faces are blurred or otherwise obscured, algorithms can be trained to identify people by matching previously-observed patterns around their head and body. In a new paper uploaded to the ArXiv pre-print server, researchers at the Max Planck Institute in Saarbrucken, Germany demonstrate a method of identifying individuals even when most of their photos are un-tagged or obscured. The researchers' system, which they call the "Faceless Recognition System," trains a neural network on a set of photos containing both obscured and visible faces, then uses that knowledge to predict the identity of obscured faces by looking for similarities in the area around a person's head and body. As for the accuracy of the system, "even when there are only 1.25 instances of the individual's fully-visible face, the system can identify an obscured face with 69.6 percent accuracy; if there are 10 instances of an individual's face, it increases to as high as 91.5 percent."
Security

Data Breach At Oracle's MICROS Point-of-Sale Division (krebsonsecurity.com) 33

Brian Krebs reports: A Russian organized cybercrime group known for hacking into banks and retailers appears to have breached hundreds of computer systems at software giant Oracle Corp., KrebsOnSecurity has learned. More alarmingly, the attackers have compromised a customer support portal for companies using Oracle's MICROS point-of-sale credit card payment systems. Asked this weekend for comment on rumors of a large data breach potentially affecting customers of its retail division, Oracle acknowledged that it had "detected and addressed malicious code in certain legacy MICROS systems." It also said that it is asking all MICROS customers to reset their passwords for the MICROS online support portal. MICROS is among the top three point-of-sale vendors globally. Oracle's MICROS division sells point-of-sale systems used at more than 330,000 cash registers worldwide. When Oracle bought MICROS in 2014, the company said MICROS's systems were deployed at some 200,000+ food and beverage outlets, 100,000+ retail sites, and more than 30,000 hotels.
Government

Is The US Social Security Site Still Vulnerable To Identity Theft? (krebsonsecurity.com) 46

Slashdot reader DERoss writes: Effective 1 August, the U.S. Social Security Administration (SSA) requires users who want to access their SSA accounts to use two-factor authentication. This involves receiving a "security" code via a cell phone text message. This creates two problems. First of all, many seniors who depend on the Social Security benefits to pay their living costs do not have cell phones [or] are not knowledgeable about texting.

More important, cell phone texting is NOT secure. Text messages can be hacked, intercepted, and spoofed. Seniors' accounts might easily be less secure now than they were before 1 August... This is not because of any law passed by Congress. This is a regulatory decision made by top administrators at SSA.

In addition, Krebs on Security reports that the new system "does not appear to provide any additional proof that the person creating an account at ssa.gov is who they say they are" and "does little to prevent identity thieves from fraudulently creating online accounts to siphon benefits from Americans who haven't yet created accounts for themselves." Users are only more secure after they create an account on the social security site -- and Krebs also notes that ironically, the National Institute for Standards and Technology already appears to be deprecating the use of SMS-based two-factor authentication.
Crime

Car Thieves Arrested After Using Laptop and Malware To Steal More Than 30 Jeeps (abc13.com) 215

New submitter altnuc writes: Two thieves in Houston stole more than 30 Jeeps by using a laptop and a stolen database. The thieves simply looked up the vehicles' VIN numbers in a stolen database, reprogramed a generic key fob, started the cars, and drove away. Chrysler has confirmed that more than 100 of their vehicles have been stolen in the Houston area since November. Chrysler/Jeep owners should always make sure their vehicles are locked! The Wall Street Journal issued a report in July with more details about how hackers are able to steal cars with a laptop. The whole process takes roughly 6 minutes. CrimeStopHouston has posted a video on YouTube of one of the thieves in action.
AI

Apple Acquires Machine Learning and AI Startup Turi (geekwire.com) 14

An anonymous reader quotes a report from GeekWire: Machine learning and artificial intelligence startup Turi has been acquired by Apple in a deal characterized as a blockbuster exit for the Seattle-based company, formerly known as Dato and GraphLab, GeekWire has learned. The acquisition reflects a larger push by Apple into artificial intelligence and machine learning. It also promises to further increase the Cupertino, Calif.-based company's presence in the Seattle region, where Apple has been building an engineering outpost for the past two years. Multiple sources with knowledge of the deal confirmed that Turi has been acquired. Sources close to the deal pegged the purchase price at around $200 million, marking a huge outcome for the original investors and early shareholders. Apple's plans for Turi's technology are not clear, but the company has been making a broad push into artificial intelligence through an expansion of its Siri personal assistant and related technologies. Turi lets developers build apps with machine learning and artificial intelligence capabilities that automatically scale and tune. Its products -- which include the Turi Machine Learning Platform, GraphLab Create, Turi Distributed, and Turi Predictive Services -- are largely designed to help large and small organizations make better sense of data. Use cases include recommendation engines, fraud detection, predicting customer churn, sentiment analysis, and customer segmentation.
Japan

Kids Can Now Learn To Code With Pocky, the Delicious Japanese Snack (theverge.com) 51

Dami Lee, writing for The Verge: Even if you didn't grow up in Asia, chances are you've had this ubiquitous Japanese snack before. Walk into most grocery stores in America and you'll find a box of Pocky, and in multiple flavors like strawberry and green tea if your supermarket is fancy. With over dozens of flavors and variations, there's a Pocky for all occasions! There's a Pocky for Men. Now, there's Pocky for kids, with an educational aspect. Pocky's maker, Glico, has made a game called Glicode (Like if Wilco made a coding game called Wilcode) that gets kids coding by having them arrange actual cookies and snacks, then snapping a photo to translate them into digital commands. Glico's other products like Almond Peak chocolates and Biscuit Cream Sands are also featured in the game, representing "if" and "sequence" commands, respectively. It's a lot like Apple's Swift Playgrounds, with simple programming tasks commanding a funny-looking blob to walk around on platform blocks. The app is only available on Android for now.
Databases

Pokemon Go DDoS Attacks Postponed As PoodleCorp Botnet Suffers Security Breach (softpedia.com) 97

An anonymous reader writes from a report via Softpedia: "The hacking crew [PoodleCorp] that promised to launch DDoS attacks on the Pokemon GO servers on August 1 suffered a major setback, after someone hacked their site, dumped the database, and shared it with data breach index service LeakedSource," reports Softpedia. "PoodleCorp responded to LeakedSource's announcement with what they knew best, a DDoS attack." When that happened, LeakedSource started looking at the leaked data and discovered full names for three of PoodleCorp's members, saying they intend to share it with authorities. Soon after, PoodleCorp stopped the DDoS against LeakedSource and went to annoy Blizzard gamers. "It's a terrible idea to attack a business that knows something about virtually everybody," a LeakedSource spokesperson said.
Open Source

Interviews: Ask Ruby on Rails Creator David Heinemeier Hansson a Question 109

David Heinemeier Hansson created the Ruby on Rails open-source web framework in 2003. David is also the founder and CTO of Basecamp, a project management tool that's been used by more than 15 million people. In addition, David is the best-selling author of REWORK, a book about starting and running businesses a better way. David has agreed to take some time to answer some of your questions.

Ask as many questions as you'd like, but please, one per comment. (And feel free to also leave your suggestions for who Slashdot should interview next.) We'll pick the very best questions -- and forward them on to David Heinemeier Hansson himself.
Education

Seymour Papert, Creator of the Logo Language, Dies At 88 (mit.edu) 68

New submitter gwolf writes: The great educator, creator of the Logo programming language, and the enabler for computer education in the 1980s has passed away. Listing his contributions is impossible in an article summary, but the ACM has published a short in-memoriam note for him. Papert is, without exaggeration, one of the people I owe my career and life choices to.
Microsoft

Microsoft's HoloLens Is Now On Sale To Anyone In The US Or Canada (computerworld.com) 53

Microsoft is now selling its augmented reality headset dubbed HoloLens to anyone in the United States or Canada for $3,000 a pop. Computerworld reports: Until now, HoloLens was available only to developers and companies through Microsoft sales reps, but starting Tuesday, anyone in the U.S. or Canada can buy up to five headsets online through the Microsoft Store. There was no word about availability in other countries. The HoloLens now on sale is the same developer edition that has been offered to Microsoft partners, and buyers are asked to acknowledge before completing purchase that they understand it's not a finished product intended for consumers. Microsoft also asks buyers to agree not to resell the product and acknowledge that no refunds are available. The move should expand the community of developers working to build apps and other content for the headset before a consumer version is officially available.
Programming

C Isn't The Most Popular Programming Language, JavaScript Is (networkworld.com) 241

An anonymous reader quotes Network World: U.K.-based technology analyst firm RedMonk just released the latest version of its biannual rankings of programming languages, and once again JavaScript tops the list, followed by Java and PHP. Those are same three languages that topped RedMonk's list in January. In fact, the entire top 10 remains the same as it was it was six months ago...
Python ranked #4 on RedMonk's list, while the survey found a three-way tie for fifth place between Ruby, C#, and C++, with C coming in at #9 (ranking just below CSS). Network World argues that while change comes slowly, "if you go back deeper into RedMonk's rankings, you can see slow, ongoing ascents from languages such as Go, Swift and even TypeScript."

Interestingly, an earlier ranking by the IEEE declared C to be the top programming language of 2016, followed by Java, Python, C++, and R. But RedMonk's methodology involves studying the prevalence of each language on both Stack Overflow and GitHub, a correlation which "we believe to be predictive of future use, hence their value."
Security

Famed Security Researcher 'Mudge' Creates New Algorithm For Measuring Code Security (theintercept.com) 77

Peiter "Mudge" Zatko and his wife, Sarah, a former NSA mathematician, have started a nonprofit in the basement of their home "for testing and scoring the security of software... He says vendors are going to hate it." Slashdot reader mspohr shares an article from The Intercept: "Things like address space layout randomization [ASLR] and having a nonexecutable stack and heap and stuff like that, those are all determined by how you compiled [the source code]," says Sarah. "Those are the technologies that are really the equivalent of airbags or anti-lock brakes [in cars]..." The lab's initial research has found that Microsoft's Office suite for OS X, for example, is missing fundamental security settings because the company is using a decade-old development environment to build it, despite using a modern and secure one to build its own operating system, Mudge says. Industrial control system software, used in critical infrastructure environments like power plants and water treatment facilities, is also primarily compiled on "ancient compilers" that either don't have modern protective measures or don't have them turned on by default...

The process they use to evaluate software allows them to easily compare and contrast similar programs. Looking at three browsers, for example -- Chrome, Safari, and Firefox -- Chrome came out on top, with Firefox on the bottom. Google's Chrome developers not only used a modern build environment and enabled all the default security settings they could, Mudge says, they went "above and beyond in making things even more robust." Firefox, by contrast, "had turned off [ASLR], one of the fundamental safety features in their compilation."

The nonprofit was funded with $600,000 in funding from DARPA, the Ford Foundation, and Consumers Union, and also looks at the number of external libraries called, the number of branches in a program and the presence of high-complexity algorithms.

Slashdot Top Deals