Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
IT

The End of Gmane? (ingebrigtsen.no) 39

If any of you use mailing list archive Gmane, you would want to start looking at its alternative. Gmane developer Lars Ingebrigtsen announced Thursday that he is thinking about ending the decade-old email-to-news gateway. But first, for those unaware about Gmane, here's is what it does: It allows users to access electronic mailing lists as if they were Usenet newsgroups, and also through a variety of web interfaces. Gmane is an archive; it never expires messages (unless explicitly requested by users). Gmane also supports importing list postings made prior to a list's inclusion on the service.Ingebrigtsen said Gmane machines are under numerous DDoS attacks -- coupled with some other issues -- that have made him wonder whether it is worth the time and effort to keep Gmane ticking. He writes: I'm thinking about ending Gmane, at least as a web site. Perhaps continue running the SMTP-to-NNTP bridge? Perhaps not? I don't want to make 20-30K mailing lists start having bouncing addresses, but I could just funnel all incoming mail to /dev/null, I guess... The nice thing about a mailing list archive (with NNTP and HTTP interfaces) is that it enables software maintainers to say (whenever somebody suggests using Spiffy Collaboration Tool of the Month instead of yucky mailing lists) is "well, just read the stuff on Gmane, then". I feel like I'm letting down a generation here.As Gmane's future remains uncertain, Ingebrigtsen recommends people to have a look at Mail Archive.
Cloud

Oracle To Buy Cloud-Software Provider NetSuite For $9.3 Billion (bloomberg.com) 32

Oracle announced Thursday that it has agreed to buy NetSuite for $9.3 billion, in a move to bolster its cloud-computing offerings as it races to catch up to rivals. Both companies provide applications for running a business called enterprise-resource-planning software. Bloomberg reports: Oracle, which sells software to big corporations, has been trying to shift more sales to cloud-based products increasingly demanded by its customers. New cloud services made up about 8 percent of the company's total sales during its fiscal fourth-quarter. Buying NetSuite -- whose products include customer relationship management software -- will help Oracle compete against the likes of Salesforce.com Inc. and Microsoft Corp. "Oracle and NetSuite cloud applications are complementary, and will coexist in the marketplace forever," said Oracle co-Chief Executive Officer Mark Hurd in a statement Thursday. "We intend to invest heavily in both products -- engineering and distribution."
Java

C Top Programming Language For 2016, Finds IEEE's Study (ieee.org) 307

IEEE Spectrum, a highly regarded magazine edited by the Institute of Electrical and Electronics Engineers, has released its annual programming languages list, sharing with the world how several languages fared against each other. To assess the languages the publication says it worked with a data journalist and looked into 10 online sources -- including social chatter, open-source code production, and job postings. The publication has rated C as the top programming language this year, followed by Java, Python, C++, and R. From their article:After two years in second place, C has finally edged out Java for the top spot. Staying in the top five, Python has swapped places with C++ to take the No. 3 position, and C# has fallen out of the top five to be replaced with R. R is following its momentum from previous years, as part of a positive trend in general for modern big-data languages that Diakopoulos analyses in more detail here. Google and Apple are also making their presence felt, with Google's Go just beating out Apple's Swift for inclusion in the Top Ten. Still, Swift's rise is impressive, as it's jumped five positions to 11th place since last year, when it first entered the rankings. Several other languages also debuted last year, a marked difference from this year, with no new languages entering the rankings.The publication has explained in detail the different metrics it uses to evaluate a language.
Bitcoin

EU Plans To Create Database of Bitcoin Users With Identities and Wallet Addresses (softpedia.com) 130

An anonymous reader writes from a report via Softpedia: "The European Commission is proposing the creation of a database that will hold information on users of virtual currencies," reports Softpedia. "The database will record data on the user's real world identity, along with all associated wallet addresses." The database will be made available to financial investigation agencies in order to track down users behind suspicious operations. The creation of this database is part of a regulatory push that the EU got rolling after the Paris November 2015 terror attacks, and which it officially put forward in February 2016, and later approved at the start of July 2016. Legally, this is an attempt to reform the Anti-Money Laundering Directive (AMLD). The current draft is available here. The current AMLD draft reads: "The report shall be accompanied, if necessary, by appropriate proposals, including, where appropriate, with respect to virtual currencies, empowerments to set-up and maintain a central database registering users' identities and wallet addresses accessible to FIUs, as well as self-declaration forms for the use of virtual currency users."
Facebook

Facebook Open Sources 360 Surround Camera With Ikea-Style Instructions (techcrunch.com) 31

Reader joshtops writes: Facebook needs you to fill its News Feed, Oculus Rift, and Gear VR with 360 content. So today it put all the hardware and software designs of its Surround 360 camera on Github after announcing the plan in April. Thanks to cheeky instruction manual inspired by Ikea's manuals, you can learn how to buy the parts, assemble the camera, load the image-stitching software, and start shooting 360 content. Essentially 17 cameras on a UFO-looking stick, the 360 Surround camera can be built for about $30,000 in parts. The 4-megapixel lenses can shoot 4K, 6K, or 8K 360 video, and fisheye lenses on the top and bottom remove the blindspots. Facebook forced a random engineer to try to build the 360 Surround from the open source instructions, and found it took about four hours.FastCompany has more details.
Security

Vine's Source Code Was Accidentally Made Public For Five Minutes (theregister.co.uk) 42

An anonymous reader writes from The Register: Vine, the six-second-video-loop app acquired by Twitter in 2012, had its source code made publicly available by a bounty-hunter for everyone to see. The Register reports: "According to this post by @avicoder (Vjex at GitHub), Vine's source code was for a while available on what was supposed to be a private Docker registry. While docker.vineapp.com, hosted at Amazon, wasn't meant to be available, @avicoder found he was able to download images with a simple pull request. After that it's all too easy: the docker pull https://docker.vineapp.com:443/library/vinewww request loaded the code, and he could then open the Docker image and run it. 'I was able to see the entire source code of Vine, its API keys and third party keys and secrets. Even running the image without any parameter, [it] was letting me host a replica of Vine locally.' The code included 'API keys, third party keys and secrets,' he writes. Twitter's bounty program paid out -- $10,080 -- and the problem was fixed in March (within five minutes of him demonstrating the issue)."
Programming

Programming Language Gurus Converge on 'Curry On' Conference (curry-on.org) 87

Videos are now online from this week's Curry On conference, which incuded talks by programming pioneers Larry Wall and Matthias Felleisen, as well as speakers from Google, Twitter, Facebook, Microsoft, and Oracle. Dave Herman from Mozilla Research also talked about building an open source research lab, while Larry Wall's keynote was titled "It's the End of the World as We Know It, and I Feel Fine."

Billing itself as a non-profit conference about programming languages and emerging computer-industry challenges, this year's installment included talks about Java, Rust, Scala, Perl, Racket, Clojure, Rascal, Go and Oden. Held in a different European city each year, the annual conference hopes to provoke an open conversation between academia and the larger technology industry.
Security

'High-Risk Vulnerabilities' In Oracle File-Processing SDKs Affect Major Third-Party Products (csoonline.com) 11

itwbennett writes: "Seventeen high-risk vulnerabilities out of the 276 flaws fixed by Oracle Tuesday affect products from third-party software vendors," writes Lucian Constantin on CSOonline. The vulnerabilities, which were found by researchers from Cisco's Talos team, are in the Oracle Outside In Technology (OIT), a collection of SDKs that are used in third-party products, including Microsoft Exchange, Novell Groupwise, IBM WebSphere Portal, Google Search Appliance, Avira AntiVir for Exchange, Raytheon SureView, Guidance Encase and Veritas Enterprise Vault.

"It's not clear how many of those products are also affected by the newly patched seventeen flaws, because some of them might not use all of the vulnerable SDKs or might include other limiting factors," writes Constantin. But the Cisco researchers confirmed that Microsoft Exchange servers (version 2013 and earlier) are affected if they have WebReady Document Viewing enabled. In a blog post the researchers describe how an attacker could exploit these vulnerabilities.

TL;DR version: "Attackers can exploit the flaws to execute rogue code on systems by sending specifically crafted content to applications using the vulnerable OIT SDKs."
Programming

Ask Slashdot: When Do You Include 'Unnecessary' Code? (sas.com) 239

"For more than 20 years I've been putting semicolons at the end of programming statements in SAS, C/C++, and Java/Javascript," writes Rick Wicklin, a researcher in computational statistics at SAS. "But lately I've been working in a computer language that does not require semicolons. Nevertheless... I catch myself typing unnecessary semicolons out of habit," he writes, while at other times "I include optional statements in my programs for clarity, readability, or to practice defensive programming." While Wicklin's post is geared towards SAS programming, Slashdot reader theodp writes that the question is a language-agnostic one: ...when to include technically-unnecessary code -- e.g., variable declarations, superfluous punctuation, block constructs for single statements, values for optional parameters that are the defaults, debugging/validation statements, non-critical error handling, explicitly destroying objects that would otherwise be deleted on exit, labeled NEXT statements, full qualification of objects/methods, unneeded code from templates...
He's wondering if other Slashdot readers have trouble tolerating their co-workers' unnecessary codes choices (which he demonstrates with a video clip from Silicon Valley). So leave your answers in the comments. When do you do include 'unnecessary' code in your programs -- and why?
Businesses

Cyanogen Inc. Reportedly Fires OS Development Arm, Switches To Apps (arstechnica.com) 124

An anonymous reader writes: Android Police is reporting that the Android software company Cyanogen Inc. will be laying off 20 percent of its workforce, and will transition from OS development to applications. The Android Police report says "roughly 30 out of the 136 people Cyanogen Inc. employs" are being cut, and that the layoffs "most heavily impact the open source arm" of the company. Android Police goes on to say that CyanogenMod development by Cyanogen Inc "may be eliminated entirely." Ars Technica notes the differences between each "Cyanogen" branding. Specifically, CyanogenMod is a "free, open source, OS heavily based on Android and compatible with hundreds of devices," while Cyanogen Inc. is "a for-profit company that aims to sell Cyanogen OS to OEMs." It appears that many of the core CyanogenMod developers will no longer be paid to work on CyanogenMod, though the community is still free to develop the software." Android Police details the firing process in their report: "Layoffs reportedly came after a long executive retreat for the company's leaders and were conducted with no advanced notice. Employees who were not let go were told not to show up to work today. Those who did show up were the unlucky ones: they had generic human resources meetings rather ominously added to their calendars last night. So, everyone who arrived at Cyanogen Inc. in Seattle this morning did so to lose their job (aside from those conducting the layoffs)." Early last year, Microsoft invested in a roughly $70 million round of equity financing for the then-startup Cyanogen Inc. Not too long before that, Google tried to acquire Cyanogen Inc., but the company turned down Google's offer to seek funding from investors and major tech companies at a valuation of around $1 billion. Cyanogen Inc. CEO Kirt McMaster once said the company was "attempting to take Android away from Google" and that it was "putting a bullet through Google's head."

UPDATE 7/25/16: Cyanogen CEO and cofounder Kirt McMaster took to Twitter to dispel some of the rumors, tweeting: "Cyanogen NOT pivoting to apps. We are an OS company and our mission of creating an OPEN ANDROID stands. FALSE reporting was outstanding."
Chrome

Safari Browser May Soon Be Just As Fast As Chrome With WebP Integration (thenextweb.com) 105

An anonymous reader writes from a report via The Next Web: The Safari browser included in Apple's iOS 10 and macOS Sierra software is testing WebP, technology from Google that allows developers to create smaller, richer images that make the web faster. Basically, it's a way for webpages to load more quickly. The Next Web reports: "WebP was built into Chrome back at build 32 (2013!), so it's not unproven. It's also used by Facebook due to its image compression underpinnings, and is in use across many Google properties, including YouTube." Microsoft is one of the only major players to not use WebP, according to CNET. It's not included in Internet Explorer and the company has "no plans" to integrate it into Edge. Even though iOS 10 and macOS Sierra are in beta, it's promising that we will see WebP make its debut in Safari latest this year. "It's hard to imagine Apple turning away tried and true technology that's found in a more popular browser -- one that's favored by many over Safari due to its speed, where WebP plays a huge part," reports The Next Web. "Safari is currently the second most popular browser to Chrome." What's also interesting is how WebP isn't mentioned at all in the logs for Apple's Safari Technology Preview.
Databases

Ex Cardinal's Scouting Director Chris Correa Sentenced To 46 Months For Hacking Astros' Computer System (go.com) 42

New submitter yzf750 quotes a report from ESPN: A federal judge sentenced the former scouting director of the St. Louis Cardinals [Christopher Correa] to nearly four years in prison Monday for hacking the Houston Astros' player personnel database and email system in an unusual case of high-tech cheating involving two Major League Baseball clubs. "The data breach was reported in June 2014 when Astros general manager Jeff Luhnow told reporters the team had been the victim of hackers who accessed servers and proceeded to publish online months of internal trade talks," reports ESPN. "Luhnow had previously worked for the Cardinals. The FBI said Correa was able to gain access using a password similar to that used by a Cardinals employee who 'had to turn over his Cardinals-owned laptop to Correa along with the laptop's password' when he was leaving for a job with the Astros in 2011. Prosecutors have said Correa in 2013 improperly downloaded a file of the Astros' scouting list of every eligible player for that year's draft. They say he also improperly viewed notes of trade discussions as well as a page that listed information such as potential bonus details, statistics and notes on recent performances and injuries by team prospects. Authorities say that after the Astros took security precautions involving [a database called Ground Control] following a Houston Chronicle story about the database, Correa was able to still get into it. Authorities say he hacked the email system and was able to view 118 pages of confidential information, including notes of trade discussions, player evaluations and a 2014 team draft board that had not yet been completed. Federal prosecutors say the hacking cost the Astros about $1.7 million, taking into account how Correa used the Astros' data to draft players. Christopher Correa had pleaded guilty in January to five counts of unauthorized access of a protected computer from 2013 to at least 2014, the same year he was promoted to director of baseball development in St. Louis. He was fired last summer and now faces 46 months behind bars and a court order to pay $279,038 in restitution. He had faced up to five years in prison on each count."
Security

Hacking Group 'OurMine' Claims Credit For Attack On Pokemon Go Servers (independent.co.uk) 48

An anonymous reader writes: A group of hackers known as OurMine have attacked Pokemon Go's login servers, making it all but impossible for players to get online. The group says they hacked the game in an effort for the game to be more stable. They want to show the developers behind Pokemon Go that the app can and should be made more secure. Prior to the hack, the servers have been shaky as interest in the game has spiked. But over the weekend, users faced the most extreme connectivity issues yet. "No one will be able to play this game till Pokemon Go contact us on our website to teach them how to protect it!" the group wrote on its website. A different hacking group, which claimed to be part of OurMine, said that the latest attack had been launched after the huge outage caused by a group called Poodlecorp, on Saturday. "The group makes money from charging for vulnerability assessment, where hackers attempt to break into corporate networks to check how safe they are," reports The Independent. A representative said via Twitter that the group wasn't requesting money from those behind Pokemon Go, and that OurMine "just don't want other hackers [to] attack their servers." It should come as no surprise to see that the servers have been having trouble keeping up with demand as Pokemon Go has become the biggest mobile game in U.S. history after launching just about two weeks ago.
Chrome

Slashdot Asks: What's Your Computer Set-Up Look Like? 326

I thought it'd be fun to ask Slashdot readers one of the same questions we asked Larry Wall: What's your computer set-up look like? Slashdot reader LichtSpektren had asked: Can you give us a glimpse into what your main work computer looks like? What's the hardware and OS, your preferred editor and browser, and any crucial software you want to give a shout-out to?
Larry Wall is running Linux Mint (Cinnamon edition), and he surfs the web with Firefox (and Chrome on his phone) -- "but I'm not a browser wonk. Maybe I'll have more opinions on that after our JS backend is done for Perl 6..." And for a text editor, he's currently ensconced in the vi/vim camp, though "I've used lots of them, so I have no strong religious feelings."

So leave your answers in the comments. What's your OS, hardware, preferred editor, browser, "and any crucial software you want to give a shout-out to?" What does your computer set-up look like?
Databases

First Open Source-Based Database Completes U.S. Security Review 49

RaDag writes: The U.S. government has published a DoD-validated implementation guide, known as a STIG, for EDB Postgres Advanced Server from EnterpriseDB (EDB). This is a first. No other open source database, or open source-based database, has been through the US government's security review process and gotten a STIG published. Having this guide will help agencies seeking an open source-based alternative to costly traditional vendors like Oracle [and] will speed and ease deployment of EDB Postgres, which has database compatibility for Oracle.
They're now working with the U.S. Army, Navy, Marine Corps, and Air Force, according to a company statement. It also says that the Department of Defense and other U.S. government agencies "seek open source alternatives to traditional proprietary software," and see their database solution as "an opportunity to quickly reduce costs and shift away from expensive proprietary vendors, particularly as public policy initiatives around the world mandate adoption of more open source."
Operating Systems

How (And Why) FreeDOS Keeps DOS Alive (computerworld.com.au) 211

FreeDOS was originally created in response to Microsoft's announcement that after Windows 95, DOS would no longer be developed as a standalone operating system, according to a new interview about how (and why) Jim Hall keeps FreeDOS alive. For its newest version, Hall originally imagined "what 'DOS' would be like in 2015 or 2016 if Microsoft hadn't stopped working on MS-DOS in favor of Windows" -- before he decided there's just no such thing as "modern DOS". An anonymous Slashdot reader writes: No major changes are planned in the next version. "The next version of FreeDOS won't be multitasking, it won't be 32-bit, it won't run on ARM," Hall said. "FreeDOS is still intended for Intel and Intel-compatible computers. You should still be able to run FreeDOS on your old 486 or old Pentium PC to play classic DOS games, run legacy business programs, and support embedded development."
By day, Hall is the CIO for a county in Minnesota, and he's also a member of the board of directors for GNOME (and contributes to other open source projects) -- but he still remembers using DOS's built-in BASIC system to write simple computer programs. "Many of us older computer nerds probably used DOS very early, on our first home computer..." he tells ComputerWorld. Even without John Romero's new Doom level, "The popularity of DOS games and DOS shareware applications probably contributes in a big way to FreeDOS's continued success." I'd be curious how many Slashdot readers have some fond memories about downloading DOS shareware applications.
Android

Google Decided To Nix Its Oculus Rift Competitor (recode.net) 50

An anonymous reader writes from a report via Recode: Google recently nixed an internal project to create a high-end standalone virtual-reality headset that would compete directly against the Oculus Rift and HTC Vive, according to sources familiar with the plans. Google instead decided to shift more of its resources behind mobile VR and provide tools for other companies to build apps, games and services on Android-powered smartphones, rather than expensive hardware. In May, the company announced "Google Daydream," a platform that will help hardware and software developers create VR hardware, games, and experiences for its new Android Nougat operating system. Google did say they would be releasing their own VR headset, but it's mostly geared towards developers. A different VR project was started inside the Google X research lab, which is now a separate Alphabet company, with around 50 employees working on it, according to one source. That project was creating a separate operating system for the device, unique from Android. Now, it appears that the OS and project were scratched in favor of Android. The report suggests that Google is not as interested in competing directly with hardware from Facebook, Samsung, HTC and others. Apple has been recently granted another AR/VR patent, suggesting the company might be building a VR headset of its own.
Earth

Null Island: The Land of Lousy Directional Data (vice.com) 91

An anonymous reader writes: Null Island is one of the world's most visited places for directional data that doesn't exist in real life. The Wall Street Journal reports (Warning: source may be paywalled): "In the world of geographic information systems, the island is an apparition that serves a practical purpose. It lies at 'zero-zero,' a mapper's shorthand for zero degrees latitude and zero degrees longitude. By a programming quirk introduced by developers, those are the default coordinates where Google maps and other digital Global Positioning System applications are directed to send the millions of users who make mistakes in their searches. [About seven years ago, Mr. Kelso, who had heard the phrase used by other cartographers, encoded Null Island as the default destination for mistakes into a widely used public-domain digital-mapping data set called Natural Earth, which has been downloaded several million times. On a whim, he made the location at zero-zero appear as a tiny outcrop one-meter square. In no time at all, other mappers gave the 'island' its own natural geography, created a website, and designed T-shirts and a national flag.]" If you're feeling cognitively lazy, you can watch the short animated YouTube video explaining Null Island.
Open Source

A Smaller Version of Raspberry Pi 3 Is Coming Soon (pcworld.com) 89

An anonymous reader quotes a report from PCWorld: A smaller version of the popular Raspberry Pi 3 will go on sale in a few months. Raspberry Pi is developing a new version of its Compute Module, a single-board computer that plugs into specific on-board memory slots. The new Pi will be more like a mini-computer inside a computer, and it won't come with a power supply. The Compute Module will have similar circuitry to that of Raspberry Pi 3, a wildly successful computer that can be a PC replacement. But it will be smaller, with the memory, CPU, and storage embedded tightly on a board. While the Compute Module will have a 64-bit ARM processor like the Pi 3, it won't have Wi-Fi, Eben Upton, founder of Raspberry Pi, said in an interview with IDG News Service. The Compute Module could ship as soon as this quarter, Upton said. It will be priced similar to its predecessor, the 2-year-old Compute Module, available from reseller RS Components for about $24. The older Compute Module is based on the original Raspberry Pi. Like Raspberry Pi 3, the new Compute Module will work with Linux and Microsoft's Windows 10 IoT Core, Upton said. A Compute Module Development Kit, in which the Compute Module can be slotted for testing, may also be sold. The Development Kit could have multiple connectivity and port options, much like the Raspberry Pi 3. Last month, the biggest manufacturer of the Raspberry Pi, Premier Farnell, was acquired by Swiss industrial component supplier Daetwyler Holding AG for roughly $871 million.

Slashdot Top Deals