You asked, he answered!

Mikko Hypponen, Chief Research Officer at security firm F-Secure, has answered a range of your questions. Read on to find his insight on the kind of security awareness training we need, whether anti-virus products are relevant anymore, and whether we have already lost the battle to bad guys. Bonus: his take on whether or not you should take backups of your data.

An anonymous reader writes: Swiss researchers are unveiling "a not at all sinister-sounding system capable of predicting the quality of code produced by developers based on their biometric data," according to Motherboard. "By looking at the programmer as they program, rather than the code after the programmer is done writing it, the system described by the Zurich researchers finds code quality issues as the code is being produced... By using heart rate information, for example, they were able to quantify the difficulty a given programmer had in producing a piece of software. This information could then be used to identify likely sections of bad code..."

In a paper to be presented at an Austin engineering conference this week, the researchers write that "Delaying software quality concerns, such as defects or poor understandability of the code, increases the cost of fixing them," calling their system an improvement over code reviews, even automated ones. "Biometrics helped to automatically detect 50 percent of the bugs found in code reviews and outperformed traditional metrics in predicting all quality concerns found in code reviews."
On the other hand, Motherboard likened the stress level for programmers to "a coding interview that never ends where you also happen to be naked. "

New submitter sh0wstOpper writes: The topic of the Internet of Things (IoT) is gaining a lot of attention because we are seeing increasing amounts of "things", such as cars, door locks, baby monitors, etc, that are connected and accessible from the Internet. This increases the chances of someone being able to "attack" these devices remotely. The premise of Abusing the Internet of Things is that the distinction between our "online spaces" and our "physical spaces" will become harder to define since the connected objects supporting the IoT ecosystems will have access to both. Keep reading for the rest of sh0wstOpper's review.

New submitter Andrewkov writes: BlackBerry released its new Passport phone today. It has a square 4.5" screen and a physical keyboard, and it's aimed at corporate users. The company hopes the larger size, Siri-like voice recognition, 30-hour battery life, and improved security will buoy its market share. Early reviews are not terribly favorable — the Wall Street Journal says BlackBerry is still behind on the software, and "The bulky, awkward design and the unfamiliar keyboard make it hard to justify finding space for it in a pocket or bag." The Verge said, "[T]he Passport got in the way of getting work done more than it helped." Re/code calls it a phone only a BlackBerry user will love.

As the science consultant for The Big Bang Theory for the past seven seasons, Dr. David Saltzberg makes sure the show gets its science right. A few weeks ago, you had the chance to ask him about his work on the show and his personal scientific endeavors. Below you'll find his answers to those questions.

I am interested in a telescope for the use of some elementary and middle school aged relatives. Older and younger siblings, and parents, would no doubt get some scope time, too. Telescopes certainly come in a range of prices, from cheap to out of this world, and I am purely a duffer myself. But I enjoy looking at the moon and stars with magnification, and think they would, too. What I'm trying to find might be phrased like this: "the lowest priced scope that's reasonably robust, reasonably accurate, and reasonably usable for kids" -- meaning absolute precision is less important than a focus that is easy to set and doesn't drift. Simplicity in design beats tiny, ill-labeled parts or an incomprehensible manual, even if the complicated one might be slightly better when perfectly tuned. I'd be pleased if some of these kids decide to take up astronomy as a hobby, but don't have any strong expectation that will happen -- besides, if they really get into it, the research for a better one would be another fun project. That said, while I'm price sensitive, I'm not looking *only* at the price tag so much as seeking insight about the cluster of perceived sweet spots when it come to price / performance / personality. By "personality" I mean whether it's friendly, well documented, whether it comes intelligently packaged, whether it's a crapshoot as to whether a scope with the same model name will arrive in good shape, etc -- looking at online reviews, it seems many low-end scopes have a huge variance in reviews. What scopes would you would consider giving to an intelligent 3rd or 4th grader? As a starting point, Google has helped me find some interesting guides that list some scopes that sound reasonable, including a few under or near $100. (Here's one such set of suggestions.) What would you advise buying, from that list or otherwise? (There are some ideas that sound pretty good in this similar question from 2000, but I figure the state of the art has moved on.) I'm more interested in avoiding awful junk than I am expecting treasure: getting reasonable views of the moon is a good start, and getting at least some blurry rings around Saturn would be nice, too. Simply because they are so cheap, I'd like to know if anyone has impressions (worth it? pure junk?) of the Celestron FirstScope models, which are awfully tempting for under $50.

Back in 1992, Wolfenstein 3D helped kick off the fledgling FPS genre. Today, the saga continues with Wolfenstein: the New Order. It's set in an alternate-history world where the Nazis won WW2, with hero B.J. Blazkowicz setting out to join resistance fighters. Unusually for a modern FPS, the game has no multiplayer element — it's single-player only. Early reviews for the game are generally positive. Polygon's says, "First, stealth is a valid option for extended portions of the game, with silent melee takedowns and a brutally effective suppressed pistol. There's also a form of progression in Wolfenstein: The New Order's perk system. Performing certain actions in combat unlocks new abilities and upgrades over time, which can make a significant difference in the way you can tackle firefights. You can also find weapon upgrades that further escalate the raw, over-the-top violence on display. This combination of old ideas and new hooks seems mismatched, but I was taken aback by how well it all worked together."

Eurogamer had some criticism: "Less impressive are the plot and the characters, which often feel like they exist only to amplify the opportunities for violence and sensationalism. ... I wouldn't say it's offensive, but Wolfenstein: The New Order isn't a very tactful game, even though it's often trying to be. ... This is a game that does everything it needs to to earn an 18 certificate but rarely manages to achieve a sense of either gravity or maturity." The game is out for the PS3/4, Xbox 360/One, and Windows. It's build on the id Tech 5 engine, and that's causing some graphics issues on the PC, much like RAGE did when it launched in 2011. The game's massive size (~50GB) is causing problems for PS4 owners as well.

jsuda (822856) writes "Most of us know that making money is difficult and saving it is even harder, but understanding money is easy–it's just coins and folding certificates, a mere medium of exchange. That's wrong! according to Felix Martin, author of Money: The Unauthorized Biography. Not only is that understanding wrong but it's responsible (in large part) for the 2007 Great Recession and the pitiful 'recovery' from it as well as a number of previous financial and credit disasters." Keep reading for the rest of Jsuda's review.

MojoKid writes "Apple's late 2013 edition iMacs are largely unchanged in external form, though they're upgraded in function with a revamped foundation that now pairs Intel's Haswell 4th Generation Core processors with NVIDIA's GeForce 700 Series graphics. The Cupertino company also outfitted these latest models with faster flash storage options, including support for PCI-E based storage, and 802.11ac Wi-Fi technology, all wrapped in a 21.5-inch (1920x1080) or 27-inch IPS displays with a 2560x1440 resolution. As configured, the 27-inch iMac reviewed here bolted through benchmarks with relative ease and posted especially solid figures in gaming tests, including a 3DMark 11 score of 3,068 in Windows 7 (via Boot Camp). Running Cinebench 11.5 in Mac OS X 10.9 Mavericks also helped showcase the CPU and GPU combination. Storage benchmarks weren't nearly as impressive though, for iMacs based on standard spinning media. For real IO throughput, it's advisable to go with Apple's Flash storage options."

Hugh Pickens DOT Com writes "TrueCrypt has been part of security-minded users' toolkits for nearly a decade — but there's one problem: no one has ever conducted a full security audit on it. Now Cyrus Farivar reports in Ars Technica that a fundraiser reached more than $16,000 in a public call to perform a full security audit on TrueCrypt. 'Lots of people use it to store very sensitive information,' writes Matthew Green, a well-known cryptography professor at Johns Hopkins University. 'That includes corporate secrets and private personal information. Bruce Schneier is even using it to store information on his personal air-gapped super-laptop, after he reviews leaked NSA documents. We should be sweating bullets about the security of a piece of software like this.' According to Green, Truecrypt 'does some damned funny things that should make any (correctly) paranoid person think twice.' The Ubuntu Privacy Group says the behavior of the Windows version [of Truecrypt 7.0] is problematic. 'As it can't be ruled out that the published Windows executable of Truecrypt 7.0a is compiled from a different source code than the code published in "TrueCrypt_7.0a_Source.zip" we however can't preclude that the binary Windows package uses the header bytes after the key for a back door.' Green is one of people leading the charge to setup the audit, and he helped create the website istruecryptauditedyet.com. 'We're now in a place where we have nearly, but not quite enough to get a serious audit done.'"

eldavojohn writes "Core HTML5 Canvas is a book that focuses on illuminating HTML5 game development for beginning and intermediate developers. While HTML and JavaScript have long been a decent platform for displaying text and images, Geary provides a great programming learning experience that facilitates the canvas element in HTML5. In addition, smatterings of physics engines, performance analysis and mobile platform development give the reader nods to deeper topics in game development." Read below for the rest of eldavojohn's review.

Bennett Haselton writes "Recently I wrote an article about what I considered to be the sorry state of cooking instructions on the web (and how-to instructions in general), using as a jumping-off point a passage from Evgeny Morozov's new book To Save Everything, Click Here. My point was that most "newbie" instructions never seemed to get judged by the basic criteria by which all instructions should be judged: If you give these instructions to a group of beginners, and have them attempt to follow the instructions without any additional help from the author, what kind of results do they get? The original title of my article was "Better Cooking Through Algorithms," but due to some confusion in the submission process the title got changed to "Book Review: To Save Everything, Click Here" even though, as multiple commenters pointed out, it didn't make much sense as a "book review" since it only mentioned a short passage from the actual book. This article, on the other hand, really is intended as a review of The 4-Hour Chef, even though the article only covers a similarly tiny fraction of the book's 671-page length. That's because even before buying the book, I was determined to review it according to a simple process: Try three recipes from the book. Follow the directions step by step. (If any direction is ambiguous, then follow what could be a plausible interpretation of the directions.) My estimation of the quality of the book, as an instructional cooking guide for beginners, is then determined by the quality of the food produced by my attempt to follow the directions. (I've done this so many times for so many "beginner cookbooks," that I've probably lost my true "beginner" cook status in the process — which means that the results obtained by a real beginner using The 4-Hour Chef, would probably be a little worse than what I achieved.)" Read on for the rest of Bennett's Thoughts

benrothke writes "In its first week, Going Clear: Scientology, Hollywood, and the Prison of Belief was #3 on the New York Times Best Sellers list and will likely be #1 soon. The fact that the book is in print is somewhat miraculous given the voracious appetite Scientology has for litigation. It is the first time that such an expose could have been written and found such wide-scale reading. An interesting analysis of this fact is found in Why the Media Is No Longer Afraid of Scientology by Kim Masters. But as mesmerizing an expose as the book is, I doubt that this will be more than a speed bump to Scientology's growth and fund raising." Keep reading to be clear about what Ben has to say.

OverTheGeicoE writes "Former TSA Administrator Kip Hawley has been in the news in recent months, talking about how the Transportation Security Administration is broken and how it can be fixed. Some of his TSA criticisms in the popular press seem to make sense. This seemed strange to me. Just last March he was defending TSA in a debate with Bruce Schneier in The Economist. Then, the very next month, he's criticizing his former agency as if he was on the other side of that debate to begin with. Why? I felt like I was missing something, so I decided to read his book to find out more about his position. The title of the book is Permanent Emergency: Inside the TSA and the Fight for the Future of American Security, and it is co-written by Nathan Means." Keep reading for the rest of OverTheGeicoE's review.

benrothke writes "Elementary Information Security, based on its title, weight and page length, I assumed was filled with mindless screen shots of elementary information security topics, written with a large font, in order to jack up the page count. Such an approach is typical of far too many security books. With that, if there ever was a misnomer of title, Elementary Information Security is it." Read below for the rest of Ben's review

stoolpigeon writes "It is a well known fact that the United States has an obesity problem. There are numerous causes that ultimately lead to an imbalance in the ratio between the number of calories taken in to the number of calories burned. The size of the American diet industry is another good indicator of how widespread the problem has become. Clay Johnson believes that the issues the U.S. has with food have become mirrored in how we consume information." Read below for the rest of stoolpigeon's review.

Kevin Kelly has for decades been involved in some of the most interesting projects I know about, and in his roles as founding editor (and now editor at large) of Wired Magazine and editor of The Whole Earth Catalog has helped spread the word about many others. Kelly is probably as close to a Rennaisance man as it's possible to be in the 21st century, having more-than-passing interest and knowledge in a range of topics from genetic sequencing and other ways that we can use measurement in pursuit of improved health to how technology is used and reused in real life. Among other projects, he's also the founder of CoolTools, which I consider to be (unsurprisingly) the closest current equivalent to the old Whole Earth Catalogs. (Disclaimer: I've had a few reviews published there, too.) (He's also one of the founders of The WELL, now part of Salon.) Kelly is also Secretary of the Board of Directors of the Long Now Foundation, the group which for years has been designing a clock to ring on 10,000 years in the future. Below, ask questions of Kelly, bearing in mind please the Slashdot interview guidelines: ask as many questions as you want, but please keep them to one per comment. He'll get back soon with his answers.

Hugh Pickens writes "For much of its 13-year history, Google has taken a pretty simple approach to management: Leave people alone but if employees become stuck, they should ask their bosses, whose deep technical expertise propelled them into management in the first place. Now the Economic Times reports that statisticians at Google looking for characteristics that define good managers have gathered more than 10,000 observations about managers — across more than 100 variables, from various performance reviews, feedback surveys and other reports and found that technical expertise ranks dead last among Google's eight most important characteristics of good managers. What Google employees value most are even-keeled bosses who made time for one-on-one meetings, who helped people puzzle through problems by asking questions, not dictating answers, and who took an interest in employees' lives and careers."

JR0cket writes"Inkscape is an open source 2D drawing tool that helps you create graphic designs, from simple buttons and logos to full blown posters and web page designs. Inkscape is similar to Adobe Illustrator or CorelDraw and gives you a vector based graphics tool that uses the W3C Scalable Vector Graphics (SVG) format. Inkscape is easy to use, although learning the tricks that make designing a web site look great are more involved. The Inkscape 0.48 Essentials for Web designers is specifically focused on helping you to create your first web site designs and does a great job of getting you started. Most if not all the techniques covered are relevant to creating other graphic works too, so its useful as a general Inkscape tutorial." Read on for the rest of John's review.

krou writes "The Guardian's tech blog is running an interesting piece on Google's next big challenge, which is dealing with the spammers it helped create. 'Google is the 900-pound gorilla of search, with around 90% of the market (excluding China and Russia), and there's an entire industry which has grown up specifically around tickling the gorilla to make it happy and enrich the ticklers.' They quote Paul Kedrosky who notes that 'Google has become a snake that too readily consumes its own keyword tail. Identify some words that show up in profitable searches — from appliances, to mesothelioma suits, to kayak lessons — churn out content cheaply and regularly, and you're done. On the web, no-one knows you're a content-grinder.' Whether searching for reviews, products, businesses, or even conducting academic research, scraper sites are ranking higher than original content. The article speculates that Google may try fix the problem but, from Google's perspective, most of these type of sites use AdSense ads, and generate revenue for Google (89% of clicks come from the first page of results), so Google may not have an incentive to change things too much. Alternatively, people could stop using Google, 'because its search is damn well broken... The question is whether it would be visible enough — that is, whether enough people would do it — that it would show up on Google's radar and be made a priority.'"