For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×
Safari

Is Safari the New Internet Explorer? 159 159

An anonymous reader writes: Software developer Nolan Lawson says Apple's Safari has taken the place of Microsoft's Internet Explorer as the major browser that lags behind all the others. This comes shortly after the Edge Conference, where major players in web technologies got together to discuss the state of the industry and what's ahead. Lawson says Mozilla, Google, Opera, and Microsoft were all in attendance and willing to talk — but not Apple.

"It's hard to get insight into why Apple is behaving this way. They never send anyone to web conferences, their Surfin' Safari blog is a shadow of its former self, and nobody knows what the next version of Safari will contain until that year's WWDC. In a sense, Apple is like Santa Claus, descending yearly to give us some much-anticipated presents, with no forewarning about which of our wishes he'll grant this year. And frankly, the presents have been getting smaller and smaller lately."

He argues, "At this point, we in the web community need to come to terms with the fact that Safari has become the new IE. Microsoft is repentant these days, Google is pushing the web as far as it can go, and Mozilla is still being Mozilla. Apple is really the one singer in that barbershop quartet hitting all the sour notes, and it's time we start talking about it openly instead of tiptoeing around it like we're going to hurt somebody's feelings."
Hardware Hacking

Celebrating Workarounds, Kludges, and Hacks 69 69

itwbennett writes: We all have some favorite workarounds that right a perceived wrong (like getting around the Wall Street Journal paywall) or make something work the way we think it ought to. From turning off annoying features in your Prius to getting around sanctions in Crimea and convincing your Android phone you're somewhere you're not, workarounds are a point of pride, showing off our ingenuity and resourcefulness. And sometimes artful workarounds can even keep businesses operating in times of crisis. Take, for example, the Sony employees, who, in the wake of the Great Hack of 2014 when the company's servers went down, dug out old company BlackBerrys that, while they had been abandoned, had never had their plans deactivated. Because BlackBerrys used RIM's email servers instead of Sony's, they could still communicate with one another, and employees with BlackBerrys became the company's lifeline as it slowly put itself back together. What hacks and workarounds keep your life sane?
Government

White House Lures Mudge From Google To Launch Cyber UL 17 17

chicksdaddy writes: The Obama Whitehouse has tapped famed hacker Peiter Zatko (aka "Mudge") to head up a new project aimed at developing an "underwriters' lab" for cyber security. The new organization would function as an independent, non-profit entity designed to assess the security strengths and weaknesses of products and publishing the results of its tests.

Zatko is a famed hacker and security luminary, who cut his teeth with the Boston-based hacker collective The L0pht in the 1990s before moving on to work in private industry and, then, to become a program manager at the DARPA in 2010. Though known for keeping a low profile, his scruffy visage (circa 1998) graced the pages of the Washington Post in a recent piece that remembered testimony that Mudge and other L0pht members gave to Congress about the dangers posed by insecure software.
Security

Malwarebytes Offers Pirates Its Premium Antimalware Product For Free 108 108

An anonymous reader writes: If you have a cracked or pirated version of Malwarebytes Anti-Malware (MBAM) product the company has debuted an Amnesty program for you. Venturebeat reports: "If you pirated Malwarebytes Anti-Malware, purchased a counterfeit version of the software, or are having problems with your key in general, the company is offering a free replacement key." CEO Marcin Kleczynski explained the program and his statement reads in part: "When I started Malwarebytes, I absolutely had no idea how successful we would be today. I am extremely grateful for all of the support from everyone and how fast we’ve grown. That being said, I picked a very insecure license key algorithm and as such, generating a pirated key was, and is, very simple.

The problem with pirated keys is that they may collide with a legitimate key just by the sheer numbers. For example, Larry may generate a pirated key that matches the exact key that I already bought. Yes, this is silly, and yes, this is literally the first thing a professional software company thinks of when building license key generation, but when you think you’re building a product for just a few people you don’t hash out these details.

Now we’ve grown up, and we’ve got a new licensing system that we’ve rolled out in stages. The only problem is that we have millions of users that we’ve sold keys to, or a reseller has sold keys to, or we’ve given out keys to without keeping track. It is a mess, and you as a consumer have every right to be upset.
Advertising

Avira Wins Case Upholding Its Right To Block Adware 62 62

Mark Wilson writes: Security firm Avira has won a court case that can not only be chalked up as a win for consumer rights, but could also set something of a precedent. Germany company Freemium.com took Avira to court for warning users about "potentially unwanted applications" that could be bundled along with a number of popular games and applications. Freemium.com downloads included a number of unwanted extras in the form of browser toolbars, free trial applications, adware, and other crapware. Avira's antivirus software warned users installing such applications; Freemium took objection to this and filed a cease and desist letter, claiming anti-competitive practices. But the court ruled in Avira's favor, saying it could continue to flag up and block questionable software.
Bug

MIT System Fixes Software Bugs Without Access To Source Code 74 74

jan_jes writes: MIT researchers have presented a new system at the Association for Computing Machinery's Programming Language Design and Implementation conference that repairs software bugs by automatically importing functionality from other, more secure applications. According to MIT, "The system, dubbed CodePhage, doesn't require access to the source code of the applications. Instead, it analyzes the applications' execution and characterizes the types of security checks they perform. As a consequence, it can import checks from applications written in programming languages other than the one in which the program it's repairing was written."
Medicine

Pass the Doritos, Scientists Develop Computer Game Targeted At Healthy Choices 80 80

MojoKid writes: Psychologists at the University of Exeter and Cardiff University have published a study that demonstrates how a simple computer game can help people lose weight. Participants in the study who played the specialized game lost and average of 1.5 pounds in the first seven days, and 4.5 pounds after six months. They also reduced their daily caloric consumption by 220 calories. Dr. Natalia Lawrence led the team of researchers that developed the computer game for the study. It was designed to train people to resist unhealthy food snack foods through a "stop versus go" process. Participants sat in front of a Pentium 3 PC running Matlab software on a 17-inch monitor. They were then instructed to press certain keys when images of things like fruits and clothes would appear, indicating a "go." But for images of calorie-dense foods (chips and cake, for example) they were instructed not to do anything, indicating a "stop" action.
Build

Ask Slashdot: For What Are You Using 3-D Printing? 262 262

An anonymous reader writes: I've been thinking about getting a 3-D printer for a while: the quality is rising, the software is better, STL files really do seem a sufficiently good standard ("sufficiently standard," that is — I'm not worried that printers are going to stop supporting it anytime soon), and prices have dropped quite a bit. Importantly to me, it also seems like less of a jumping-off-a-cliff decision, since I can get a completely assembled one from places as wild and crazy as ... the Home Depot (not that I plan to). However, even the stretchiest practical things I can think of to print can't truly actually justify the price, and that's OK — I hope not to require enough replacement knobs and chess pieces to necessarily *need* one, and playing around with it is the main likely upshot, which I'm OK with. But still, I'd like to hear what uses you have been putting your 3-D printer to, including printers that aren't yours but belong to a hackerspace, public library, eccentric neighbor, etc. What actually practical / useful tasks have you been using 3-D printing for, and with what printer technology? What playful purposes? It's OK if you just keep printing out those chess pieces and teapots, but I'm curious about less obvious reasons to have one around. (And I might just use the local Tech Shop's anyhow, but the question still applies.) If you've purchased a 3D printer, are you happy with the experience? If so, or if not, what kind did you get?
Microsoft

Samsung To Stop Blocking Automatic Windows Updates 23 23

A few days ago, we mentioned that a piece of (nominally) utility software from Samsung was blocking critical security updates. Understandably, this isn't what users typically want. The Register reports that Samsung has now back-pedaled, though, and will be issuing a patch in the next few days to fix the glitch. (Users were able to manually install the updates anyhow, but the expected, automatic updates were blocked.) However, as the Register notes: The thought of a computer manufacturer disabling Windows Update will have had the Microsoft security team on edge. But there's also Windows 10 to consider. When the new operating system comes out, Windows Update will feed in fixes continuously, and if you're not a business customer those updates are going to be coming over the wires constantly. Enterprise users get Windows Update for Business, which allows them to choose when to patch, presumably after the plebs have beta-tested them.
The Almighty Buck

Philanthropy For Hackers 27 27

An anonymous reader writes: Sean Parker, co-founder of Napster and the first president of Facebook, was part of a generation of geeks who rode the dot-com boom to financial success. Over the past two decades, that population has dramatically increased, and former hackers are carving out spots as leaders of industry. In the Wall Street Journal, Parker has posted advice for how the hacker elite can approach philanthropy. He points out that they're already bringing a level of strategy and efficacy to charity work that hasn't been seen before. "These budding philanthropists want metrics and analytic tools comparable to the dashboards, like Mixpanel, that power their software products. They want to interact directly with the scientists, field workers and academics whose ideas power the philanthropic world but who have traditionally been hidden away in a backroom somewhere, shielded from their beneficiaries by so-called development officers." One thing he advises is keeping away from large charity organizations, which largely exist to keep themselves going. He also suggests getting actively involved with the political process, even if such organizations are often distasteful.
Programming

Mob Programming: When Is 5 Heads Really Better Than 1 (or 2)? 124 124

itwbennett writes: Proponents of Mob programming, an offshoot of Pair programming in which the whole team works together on the same computer, say that it increases both quality and productivity, but also acknowledge that the productivity gains might not be readily apparent. "If you measure by features or other classic development productivity metrics, Mobbing looks like it's achieving only 75 to 85 percent of individual or Pair output for, say, a team of six or seven working for a week," says Paul Massey, whose company Bluefruit Software is a heavy user of the Mob approach. So, where does the productivity come from? Matthew Dodkins, a software architect at Bluefruit says the biggest gains are in code merges. "In a day spent using traditional collaboration, you would have to first spend time agreeing on tasks, common goals, deciding who's doing what... and then going away to do that, write code, and come back and merge it, resolve problems," says Dodkins. By bringing everyone into the same room, "we try to merge frequently, and try to do almost continuous integration." Matt Schartman, whose company Appfolio also uses Mobbing and wrote about his experience, gave Mobbing high marks for producing a quality product, but didn't find that it improved productivity in any measurable way.
Encryption

Cisco Security Appliances Found To Have Default SSH Keys 112 112

Trailrunner7 writes: Many Cisco security appliances contain default, authorized SSH keys that can allow an attacker to connect to an appliance and take almost any action he chooses. The company said all of its Web Security Virtual Appliances, Email Security Virtual Appliances, and Content Security Management Virtual Appliances are affected by the vulnerability.

This bug is about as serious as they come for enterprises. An attacker who is able to discover the default SSH key would have virtually free reign on vulnerable boxes, which, given Cisco's market share and presence in the enterprise worldwide, is likely a high number. The default key apparently was inserted into the software for support reasons.

"The vulnerability is due to the presence of a default authorized SSH key that is shared across all the installations of WSAv, ESAv, and SMAv. An attacker could exploit this vulnerability by obtaining the SSH private key and using it to connect to any WSAv, ESAv, or SMAv. An exploit could allow the attacker to access the system with the privileges of the root user," Cisco said.
Software

Ask Slashdot: User-Friendly, Version-Preserving File Sharing For Linux? 209 209

petherfile writes: I've been a professional with Microsoft stuff for more than 10 years and I'm a bit sick of it to be honest. The one that's got me stuck is really not where I expected it to be. You can use a combination of DFS and VSS to create a file share where users can put whatever files they are working on that is both redundant and has "previous versions" of files they can recover. That is, users have a highly available network location where they can "go back" to how their file was an hour ago. How do you do that with Linux?

This is a highly desirable situation for users. I know there are nice document management things out there that make sharepoint look silly, but I just want a simple file share, not a document management utility. I've found versioning file systems for Linux that do what Microsoft does with VSS so much better (for having previous version of files available.) I've found distributed file systems for Linux that make DFS look like a bad joke. Unfortunately, they seem to be mutually exclusive. Is there something simple I have missed?
Businesses

Put Your Enterprise Financial Data In the Cloud? Sure, Why Not 89 89

jfruh writes: For many, the idea of storing sensitive financial and other data in the cloud seems insane, especially considering the regulatory aspects that mandate how that data is protected. But more and more organizations are doing so as cloud providers start presenting offerings that fulfill regulatory needs — and people realize that information is more likely to be accidentally emailed out to the wrong address than hacked.
Businesses

Average Duration of Hiring Process For Software Engineers: 35 Days 178 178

itwbennett writes: Despite the high demand for tech workers of pretty much all stripes, the hiring process is still rather drawn out, with the average time-to-hire for Software Engineers taking 35 days. That's one of the findings of a new study from career site Glassdoor. The study, led by Glassdoor's Chief Economist Dr. Andrew Chamberlain, analyzed over 340,000 interview reviews, covering 74,000 unique job titles, submitted to the site from February 2009 through February 2015. Glassdoor found that the average time-to-hire for all jobs has increased 80% (from 12.6 days to 22.9 days) since 2010. The biggest reason for this jump: The increased reliance on screening tests of various sorts, from background checks and skills tests to drug tests and personality tests, among others.
Google

Google Tests Code Repository Service 44 44

An anonymous reader writes: VentureBeat notes that Google has begun testing an unannounced service to host and edit source code repositories as part of its cloud platform. It's called Cloud Source Repositories, and it's currently being beta-tested. "Google is taking a gradual approach with the new service: It can serve as a 'remote' for Git repositories sitting elsewhere on the Internet or locally. Still, over time the new tool could help Google become more of an all-in-one destination for building and deploying applications."
Robotics

Making a Birdhouse is Like 'Hello World' for a Versatile Factory Robot (2 Videos) 24 24

Many millions of American students have been called on to construct a wooden birdhouse as part of a middle- or high-school shop class. To make a birdhouse from wood and nails may not requite advanced carpentry, but it does take eye-hand coordination, object recognition, the ability to lift constituent pieces, and to grasp and wield tools -- and each of those can be broken down further into smaller tasks and skills of the kind that we as humans don't generally have to think about. ("Rotate wrist slightly to account for board angle.") For robots, it's another story: like the computers that run them, robots generally only do what they're told. Industrial robots can do some complex tasks, but they're expensive and complex to program.

Benjamin Cohen is a Ph.D candidate at the University of Pennsylvania working under adviser Maxim Likhachev with a real-world, cheap way to make robots to accomplish a multi-step project with minimal human intervention, which he calls "autonomous robotic assembly." Project Birdhouse -- part of his Ph.D. work, along with teammates Mike Phillips and Ellis Ranter -- is Cohen's effort to create a sort of "Hello, World" for robots. With a combination of a research-platform robot base, off-the-shelf parts, like a nail gun (read: "One not built for robot use"), and software to squeeze greater accuracy out of the system as a whole, he and his colleagues have come up with a robot that can grab a selection of parts, align them properly, and assemble them with nails into a functional birdhouse. QR codes let the robot give the robot a sort of recipe to follow, and the system is smart enough to squawk if it doesn't have the right parts to complete the task. (Check out more video with the robot in action, and a great many photos, sketches, and diagrams illustrating the project's evolution.)

NOTE: We split today's video in half, with both halves running right here, today. This way, if you watch the first video and and want to learn more, you can move on to the second one. And the transcript not only covers both videos, but has "bonus" material that isn't in either one.
United States

Google, Apple, and Others Remove Content Related To the Confederate Flag 814 814

davek writes with news that Google is removing results related to the Confederate Flag from Google Shopping, the company's online marketplace. They're also blocking advertisements involving the flag. They say, "We have determined that the Confederate flag violates our Ads policies, which don't allow content that's generally perceived as expressing hate toward a particular group." At the same time, Apple is removing from the App Store any games or other software featuring the Confederate Flag. This, of course, follows the recent shooting in South Carolina, which triggered a nationwide debate over whether the flag should be flown at government buildings (or anywhere). Major online merchant websites like eBay and Amazon have already taken the step of banning merchandise relating to the flag.
Open Source

The Open Container Project and What It Means 54 54

An anonymous reader writes: Monday saw the announcement of the Open Container Project in San Francisco. It is a Linux Foundation project that will hold the specification and basic run-time software for using software containers. The list of folks signing up to support the effort contains the usual suspects, and this too is a good thing: Amazon Web Services, Apcera, Cisco, CoreOS, Docker, EMC, Fujitsu Limited, Goldman Sachs, Google, HP, Huawei, IBM, Intel, Joyent, the Linux Foundation, Mesosphere, Microsoft, Pivotal, Rancher Labs, Red Hat, and VMware. In this article Stephen R. Walli takes a look at what the project means for open source.