An anonymous reader writes "vBulletin is a popular proprietary CMS that was recently reported to be vulnerable to an unspecified attack vector. Although vBulletin has not disclosed the root cause of the vulnerability or its impact, we determined the attacker's methods. The identified vulnerability allows an attacker to abuse the vBulletin configuration mechanism in order to create a secondary administrative account. Once the attacker creates the account, they will have full control over the exploited vBulletin application, and subsequently the supported site."

mattydread23 writes "Most gamification efforts fail. But when DirecTV wanted to encourage its IT staff to be more open about sharing failures, it created a massive internal game called F12. Less than a year later, it's got 97% participation and nearly everybody in the IT group actually likes competing. So what did DirecTV do right? The most important thing was to devote a full-time staffer to the game, and to keep updating it constantly."

McGruber writes "AllThingsD has the news that Hewlett-Packard has enacted a policy requiring most employees to work from the office and not from home. According to an undated question-and-answer document distributed to HP employees, the new policy is aimed at instigating a cultural shift that 'will help create a more connected workforce and drive greater collaboration and innovation.' The memo also said, 'During this critical turnaround period, HP needs all hands on deck. We recognize that in the past, we may have asked certain employees to work from home for various reasons. We now need to build a stronger culture of engagement and collaboration and the more employees we get into the office the better company we will be.' One major complication is that numerous HP offices don't have sufficient space to accommodate all of their employees. According to sources familiar with the company's operations, as many as 80,000 employees, and possibly more, were working from home in part because the company didn't have desks for them all within its own buildings."

Hugh Pickens DOT Com writes "Computer Scientist Daniel Lemire has had an interesting discussion going on at his site about the ideas in software that are universally recognized as useful. 'Let me put it this way: if you were to meet a master of software programming, what are you absolutely sure he will recommend to a kid who wants to become a programmer?' Lemire's list currently includes structured programming; Unix and its corresponding philosophy; database transactions; the 'relational database;' the graphical user interface; software testing; the most basic data structures (the heap, the hash table, and trees) and a handful of basic algorithms such as quicksort; public-key encryption and cryptographic hashing; high-level programming and typing; and version control. 'Maybe you feel that functional and object-oriented programming are essential. Maybe you think that I should include complexity analysis, JavaScript, XML, or garbage collection. One can have endless debates but I am trying to narrow it down to an uncontroversial list.' Inspired by Lemire, Philip Reames has come up with his own list of 'Things every practicing software engineer should aim to know.'"

An anonymous reader writes "Soured by his attempt to acquire a quote from healthcare.gov, James Turner compiled a short list of things developers can learn from the experience: 'The first highly visible component of the Affordable Health Care Act launched this week, in the form of the healthcare.gov site. Theoretically, it allows citizens, who live in any of the states that have chosen not to implement their own portal, to get quotes and sign up for coverage. I say theoretically because I've been trying to get a quote out of it since it launched on Tuesday, and I'm still trying. Every time I think I've gotten past the last glitch, a new one shows up further down the line. While it's easy to write it off as yet another example of how the government (under any administration) seems to be incapable of delivering large software projects, there are some specific lessons that developers can take away. 1) Load testing is your friend.'"

MojoKid writes "Although Intel is Chipzilla, the company can't help but extend its reach just a bit into the exciting and growing world of DIY makers and hobbyists. Intel announced its Galileo development board, a microcontroller that's compatible with Arduino software and uses the new Quark X1000 processor (400MHz, 32-bit, Pentium-class, single- core and thread) that Intel announced at the IDF 2013 keynote. The board makes use of Intel's architecture to make it easy to develop for Windows, Mac, and Linux, but it's also completely open hardware (PDF). Galileo is 10cm x 7cm (although ports protrude a bit beyond that), and there are four screw holes for secure mounting. Ports include 10/100 Ethernet, USB client/host ports, RS-232 UART and 3.5mm jack, mini PCIe slot (with USB 2.0 host support); other features include 8MB Legacy SPI Flash for firmware storage, 512KB embedded SRAM, 256MB DRAM, 11KB EEPROM programmed via the EEPROM library, and support for an additional 32GB of storage using a microSD card."

CowboyRobot sends this excerpt from Dr. Dobb's: "Ten years of surveys show an influx of younger developers, more women, and personality profiles at odds with traditional stereotypes. Software development is an art and a science that is not attainable for just anyone. It takes a special type of person to write code. Developers are detail-oriented, very literal, and intelligent. Logic is paramount, and they share a passion for their craft that rises above the desire to make more money. They are also typically married, middle-aged, have children, and most likely a mortgage. In one of a series of surveys that we've performed every six months since 2001 (interviewing each time more than 1400 developers worldwide), we find the typical developer is a married, middle-aged male, who has two to three children. Males have dominated the profession for as long we've been tracking this; and during that time, they have accounted for anywhere from 84% to 94% of the workforce. The number of male developers is currently close to the low, at 86%, which might indicate more females are taking up programming."

the agent man writes "Wired Magazine is exploring how early kids should learn to code. One of the challenges is to find the proper time in schools to teach programming. Are teachers at elementary and middle school levels really able to teach this subject? The article suggests that even very young kids can learn to program and lists a couple of early experiments as well as more established ideas including the Scalable Game Design curriculum. However, the article also suggests that programming may have to come at the cost of Foreign language learning and music."

New submitter ddyer writes "Java 1.7.0_40 [Note: released earlier this month] introduces a new 'red text' warning when running unsigned Java applets. 'Running unsigned applications like this will be blocked in a future release...' Or, for self-signed applets,'Running applications by UNKNOWN publishers will be blocked in a future release...' I think I see the point — this will give the powers that be the capability to shut off any malware java applet that is discovered by revoking its certificate. The unfortunate cost of this is that any casual use of Java is going to be killed. It currently costs a minimum of $100/year and a lot of hoop-jumping to maintain a trusted certificate.'"

coondoggie writes "In his keynote address at a security conference today, Apple co-founder Steve Wozniak admitted he has enjoyed many adventures in hacking often for the sake of pranks on friends and family, especially back in his college days and the early years of working on computers and the Internet. 'I like to play jokes,' said the Wozniak jovially as he addressed his audience of thousands of security professionals attending the ASIS Conference in Chicago. The famed inventor at Apple admitted he also had some fun with light-hearted forays into hacking computer and telecommunications networks several decades ago back in his college years and while learning about electronics and computers."

itwbennett writes "A couple of years ago, developer Sammy Larbi undertook a project to identify which languages had the most instances of the string 'WTF' in their GitHub code repositories. At the time, Objective C topped the list. ITworld's Phil Johnson has updated Larbi's research using GitHub data from the last 21 months, but instead of screen-scraping GitHub search results as Larbi had done, he queried the GitHub Archive for stand-alone instances of 'WTF' in the comments attached to GitHub commits to weed out cases where the string 'WTF' was legitimately used in the code. The three most baffling languages for 2012/13: C++, Lua, and Scala. Objective C comes in at #16."

An anonymous reader writes "LLVM's libc++ standard library (an alternative to GNU libstdc++) now has full support for C++1y, which is expected to become C++14 next year. Code merged this week implements the full C++1y standard library, with support for new language features in the Clang compiler frontend nearly complete." GCC has some support for the soon-to-be standard too. The C++ standards committee is expected to produce a more or less final draft in just a few weeks. The LLVM and GCC C++14 status pages both have links to the proposals for the new features.

jrepin writes "The KDE libraries are being methodically reworked into a set of cross platform modules that will be readily available to all Qt developers. The KDE Frameworks, designed as drop-in Qt Addons, will enrich Qt as a development environment with functions that simplify, accelerate and reduce the cost of Qt development. For example, KArchive (one of the first Frameworks available) offers support for many popular compression codecs in a self-contained and easy-to-use file archiving library. Just feed it files; there's no need to reinvent an archiving function." This is a pretty major thing: "The introduction of Qt's Open Governance model in late 2011 offered the opportunity for KDE developers to get more closely involved with Qt, KDE's most important upstream resource. ... These contributions to Qt form the basis for further modularization of the KDE libraries. The libraries are moving from being a singular 'platform' to a set of 'Frameworks'. ... Instead it is a comprehensive set of technologies that becomes available to the whole Qt ecosystem." The new KDE Frameworks will be layered as three tiers of components, with each tier consisting of three semi-independent groups of libraries (the article explains the category/tier dependencies; it's a bit hairy for a quick summary). A dashboard shows the status of each component.

ananyo writes "An offshoot of Mozilla is aiming to discover whether a review process could improve the quality of researcher-built software that is used in myriad fields today, ranging from ecology and biology to social science. In an experiment being run by the Mozilla Science Lab, software engineers have reviewed selected pieces of code from published papers in computational biology. The reviewers looked at snippets of code up to 200 lines long that were included in the papers and written in widely used programming languages, such as R, Python and Perl. The Mozilla engineers have discussed their findings with the papers’ authors, who can now choose what, if anything, to do with the markups — including whether to permit disclosure of the results. But some researchers say that having software reviewers looking over their shoulder might backfire. 'One worry I have is that, with reviews like this, scientists will be even more discouraged from publishing their code,' says biostatistician Roger Peng at the Johns Hopkins Bloomberg School of Public Health in Baltimore, Maryland. 'We need to get more code out there, not improve how it looks.'"

theodp writes "Nate West has a nice essay on the importance of whimsy in learning to program. "It wasn't until I was writing Ruby that I found learning to program to be fun," recalls West. "What's funny is it really doesn't take much effort to be more enjoyable than the C++ examples from earlier...just getting to write gets.chomp and puts over cout > made all the difference. Ruby examples kept me engaged just long enough that I could find Why's Poignant Guide to Ruby." So, does the future of introductory computer programming books and MOOCs lie in professional, business-like presentations, or does a less-polished production with some genuine goofy enthusiasm help the programming medicine go down?"

Hugh Pickens DOT Com writes "ZDNet reports that Oracle's Larry Elison kicked off Oracle OpenWorld 2013 promising a 100x speed-up querying OTLP database or data warehouse batches by means of a 'dual format' for both row and column in-memory formats for the same data and table. Using Oracle's 'dual-format in-memory database' option, every transaction is recorded in row format simultaneously with writing the same data into a columnar database. 'This is pure in-memory columnar technology,' said Ellison, explaining that means no logging and very little overhead on data changes while the CPU core scans local in-memory columns. Ellison followed up with the introduction of Oracle's new M6-32 'Big Memory Machine,' touted to be the fastest in-memory machine in the world, hosting 32 terabytes of DRAM memory and up to 384 processor cores with 8-threads per core."

angry tapir writes "A team of developers has launched a new crowdfunding platform — Drupalfund.us — that's designed to help accelerate development work on the open-source Drupal CMS, as well as potentially fund new training material and other projects of interest to community members. I had a long-ish chat to one of the co-founders about the goals of the platform and how crowdfunding can be used to push forward open source development."

g01d4 writes "I volunteer at a used bookstore that supports the local library. One of my tasks is to sort book donations. For > 5-year-old computer books the choices typically are to save it for sale (fifty cents soft cover, one dollar hardback), pack it, e.g. for another library's bookstore, put it on the free cart, or toss it in the recycle bin. I occasionally dumpster dive the recycle bin to 'rescue' books that I don't think should be pulped. Recently I found a copy of PostgresSQL Essential Reference (2002) and Programming Perl (1996). Would you have left them to RIP? Obviously we have very limited space, 20 shelf feet (storage + sale) for STEM. What criteria would you use when sorting these types of books?"

littlekorea writes "The world's largest web-scale users of MySQL have committed to one further upgrade to the Oracle-controlled database — but Facebook and Twitter are also eyeing off more open options from MariaDB and cheaper options from the NoSQL community. Who will pay for MySQL enterprise licenses into the future?"

gentryx writes "In scientific computing a huge pile of code is still written in Fortran. One reason for this is that codes often evolve over the course of decades and rewriting them from scratch is both risky and costly. While OpenMP and OpenACC are readily available for Fortran, only few tools support authors in porting their codes to MPI clusters, let alone supercomputers. A recent blog post details how LibGeoDecomp (Library for Geometric Decompostition codes), albeit written in C++, can be used to port such codes to state-of-the-art HPC systems. Source code modification is required, but mostly limited to restructuring into a new pattern of subroutines."