An anonymous reader writes to point out this interesting outgrowth of Google's Native Client: a Google engineer has ported MAME 0.143 to the browser-based platform, and written about the process in detail, outlining the overall strategy employed as well as specific problems that MAME presented. An impressive postscript from the conclusion: "The port of MAME was relatively challenging; combined with figuring out how to port SDL-based games and load resources in Native Client, the overall effort took us about 4 days to complete."
jones_supa writes "Ville 'viznut' Heikkilä presents us with an interesting project. 'As demonstrated by the video, IBNIZ (Ideally Bare Numeric Impression giZmo) is a virtual machine and a programming language that generates video and audio from very short strings of code. Technically, it is a two-stack machine somewhat similar to Forth, but with the major exception that the stack is cyclical and also used at an output buffer.' The main goal of IBNIZ is to provide a new platform for the demoscene. Something that would have the potential to displace MS-DOS as the primary platform for sub-256-byte productions."
Kevin Fishburne writes "After years of work, creator Benoît Minisini and friends are just in time for New Year's celebrations with the first stable release of GAMBAS 3. Per their web site, 'Gambas is a free development environment based on a Basic interpreter with object extensions, a bit like Visual Basic (but it is NOT a clone !).' GAMBAS is component-based, so check out the list for an idea of what you can do with it."
wiredmikey writes "In a rare move, Microsoft is breaking its normal procedures and will issue an emergency out-of-band security update on Thursday to address a hash collision attack vulnerability that came into the spotlight yesterday, and affects various Web platforms industry-wide. The vulnerability is not specific to Microsoft technologies and has been discovered to impact PHP 5, Java, .NET, and Google's v8, while PHP 4, Ruby, and Python are somewhat vulnerable. Microsoft plans to release the bulletin on December 29, 2011, at 10:00 AM Pacific Time, and said it would addresses security vulnerabilities in all supported releases of Microsoft Windows. 'The impact of this vulnerability is similar to other Denial of Service attacks that have been released in the past, such as the Slowloris DoS or the HTTP POST DoS,' said security expert Chris Eng. 'Unlike traditional DoS attacks, they could be conducted with very small amounts of bandwidth. This hash table multi-collision bug shares that property.'"
rsmith84 writes "I'm the Senior Systems administrator for a small trade college. When I was hired on, it was strictly for L3 related tasks such as advanced server administration, Exchange design and implementation, etc. They have no in-house programmers, no help desk software, and no budget to purchase one. I'm a moderate PHP and MySQL programmer on the side and am easily capable of writing something to meet their needs, but do not believe I should be A) asked to or B) required to, as my job description and employment terms are not based upon this skill set. I like a challenge, and since all of my goals outlined since my hire date have been met and exceeded, I have a lot of down time. So I wrote the application. It streamlines several critical processes, allows for a central repository of FAQ, and provides end users with access to multiple systems all in one place. I've kept a detailed time log of my work and feel I should be remunerated for the work before just handing over the code. The entire source was developed on personal equipment off company hours. My question is: what should I do? If they are willing to compensate me, I will gladly hand it over. However, it's been mentioned that, if I do the project, it is all but guaranteed that I will see no compensation. The application would streamline a lot of processes and take a lot of the burden off my team, freeing them up to handle what I deem to be more challenging items on their respective punch lists and a better utilization of their time and respective skills. I'm a firm believer in not getting 'something for nothing,' especially when the skills are above my pay grade."
First time accepted submitter nzyank writes "The other day I bravely (foolishly?) volunteered to conduct a video game development workshop at my boys' HS. This in Smallsville, Vermont with an average graduating class size of about 20. The idea is to meet once a week and actually create a game, start to finish. It will be open to would-be programmers, designers, artists, etc. I worked on a bunch of AAA titles back in the '90s, but I'm pretty much out of touch nowadays and I'm trying to figure out the best approach. The requirements are that it has to be one of either Windows/XBox or Android, since those are the platforms that I am current on. It has to be relatively simple for the kids to get up and running quickly, and it needs to be as close to free as possible. Teaching them to use stuff like Blender, C#, C++, Java, XNA, OpenGL and the Android SDK is probably a bit much. I was thinking of something like the Torque Engine, but they want $1000 for an academic license, which is never going to happen. I simply don't know what's out there nowadays and could really use some suggestions."
QwkHyenA writes "I've recently cancelled my Linux Magazine subscription because they went paperless. I know, I'm a heartless geek and should be 'shunned,' but I enjoy the unplugged sensation of reading paper periodicals. What sort of magazines are out there that still are delivered via USPS that will scratch my Engineering, Coder, System Administrator and 3D Printer itch?"
theodp writes "In the Sixties, we could put a man on the moon. Nowadays, laments jocastette, America's tech giants can't even put a BASIC on the phone. Woz managed to crank out a BASIC interpreter for the 6502 in the '70s. As did Bill Gates and Paul Allen. So, why — at a time when development has never been easier — can't Google, Apple, and Microsoft manage to support a free BASIC or other programming-for-the-masses development environment on desktops, laptops, tablets and phones?" My limited experience with Android development showed using Java to be obtuse and downright obnoxious to do anything (at least without Eclipse, and even with it doing anything non-standard required digging through horrendous ant buildfiles). And, of course, without a REPL things were even more obnoxious. There is the android-scripting project, but it doesn't provide particularly exhaustive access to the platform.
mikejuk writes "It was on this day 220 years ago (December 26 1791) that Charles Babbage was born. The calculating machines he invented in the 19th century, although never fully realized in his lifetime, are rightly seen as the forerunners of modern programmable computers. What if he had succeeded? Babbage already had plans for game arcades, chess playing machines, sound generators and desktop publishing. A Victorian computer revolution was entirely possible."
cultiv8 writes "I am a developer and released some code at one point under GPLv2. It's nothing huge — a small Drupal module that integrates a Drupal e-commerce system (i.e. Ubercart) with multiple Authorize.net accounts — but very useful for non-profits. Earlier today I discovered that a Drupal user was selling the module from their website for $49 and claiming it was their custom-made module. I'm no lawyer, but my perspective is this violates both the spirit and law of GPLv2, most specifically clause 2-b: 'You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.' Am I correct in my understanding of GPLv2? Do I have any recourse, and should I do anything about this? I don't care about money, I just don't want someone selling stuff that I released for free. How do most developers/organizations deal with licensing infringements of this type?"
McGruber writes "The Wall Street Journal is reporting that tech interns are in high demand in the Bay area. According to the author, 'Technology giants like Google Inc. have been expanding their summer-intern programs, while smaller tech companies are ramping up theirs in response — sometimes even luring candidates away from college.' Meanwhile in NYC, CIOs lament that they are unable to retain 20-something techies according to a report in Network World. Says one CIO, 'It puts us in a really uncomfortable position to have this kind of turnover because knowledge keeps walking out the door. We invest in training people and bringing them up to speed to where they need to be, and boom they're gone. That has been my biggest struggle and concern.' It's the pay, stupid!"
An anonymous reader writes "The International Organization for Standardization (ISO) has published the new specifications for the C programming language. The standard is known unofficially as C1X and was published officially as ISO/IEC 9899:2011. It provides greater compatibility with the C++ language and adds new features to C (as indicated in the draft)."
First time accepted submitter dmiller1984 writes "I am a high school computer teacher and I've been put in the unique situation of designing my ideal computer lab since our high school will be undergoing a major expansion over the summer. I thought the Slashdot community might have some great ideas to help me out. I've never liked the lecture hall labs that I've seen in some schools, but I would like some way to get natural light in the room without worrying about glare on the computer screens (skylights, perhaps?). What are some of your ideas for a great computer lab for education?"
gzipped_tar writes "The 'Chinese Software Developer Network' (CSDN), operated by Bailian Midami Digital Technology Co., Ltd., is one of the largest networks of software developers in China. A text file with 6 million CSDN user credentials including user names, password, emails, all in clear text, got leaked to the Internet. The CSDN has issued a letter of apology to its users. In the letter, it is explained that passwords created before April 2009 had been stored in plain text, while later passwords were encrypted. Users created between September 2010 and January 2011 may still suffer from email address leaks. A summary of the most frequent passwords without the corresponding usernames is available at GitHub. Somewhat surprisingly, the cryptic sounding password 'dearbook' ranks 4th with 46053 accounts using it."
ghostoftiber writes "From the article: 'Tim Bird, a Sony engineering veteran and the chair of the Architecture Group of the Linux Foundation's CE Workgroup, has announced a new concerted effort to get Android's changes to the Linux kernel back into the mainline Linux kernel tree.' Android has been using Linux 2.6.x for its devices since its release, with patches from Google. To date they haven't been merged back into the kernel mainline but existed on kernel.org. Some of the features such as wakelocks would help with Linux tablet projects, but other features aren't fully realized and support remains spotty. The radio interface layer ... still exists as an ATI/Nvidia-esque shim loader scheme with modem 'drivers' being nothing more than ihex files loaded by open code."
chicksdaddy writes "Data from application testing firm Veracode suggests that the quality of application code submitted for auditing is pretty much constant throughout the year — except for the months of October and November, when the average density of vulnerabilities in the code jumps considerably. But why? Is it the pressure of deadlines? The stress of developers' lives (kids back to school, etc.)?"
Sparrowvsrevolution writes "CryptDB, a piece of database software that MIT researchers presented at the Symposium on Operating System Principles in October, allows users to send queries to an encrypted SQL database and get results without decrypting the stored information. CryptDB works by nesting data in several layers of cryptography (PDF), each of which has a different key and allows a different kind of simple operation on encrypted data. It doesn't work with every kind of calculation, and it's not the first system to offer this sort of computation on encrypted data. But it may be the only practical one. A previous crypto scheme that allowed operations on encrypted data multiplied computing time by a factor of a trillion. This one adds only 15-26%."
New submitter happyscientist writes "This is a nice 'Hello World' for using Hadoop MapReduce on Common Crawl data. I was interested when Common Crawl announced themselves a few weeks ago, but I was hesitant to dive in. This is a good video/example that makes it clear how easy it is to start playing with the crawl data."