Submission + - Microsoft Security Update Causing InstallSheild, Dell System Crashes (redmondmag.com)
msmoriarty writes: Microsoft's July security update is causing problems for users of InstallShield and Dell security products.
Submission + - Survey: 56 Percent of U.S. Developers Expect To Become Millionaires (adtmag.com) 1
msmoriarty writes: According to a recent survey of 1,000 U.S.-based software developers, 56 percent expect to become millionaires in their lifetime. 66 percent also said they expect to get raises in the next year, despite the current state of the economy. Note that some of the other findings of the study (scroll to bulleted list) seem overly positive: 84 percent said they believe they are paid what they're worth, 95 percent report they feel they are "one of the most valued employees at their organization," and 80 percent said that "outsourcing has been a positive factor in the quality of work at their organization."
Submission + - Eclipse Foundation Celebrates 10 Years of Open Source IDE (adtmag.com)
msmoriarty writes: Ten years ago this week IBM pledged to keep its hands off the recently open-sourced Eclipse IDE. And according to Eclipse Foundation Director Mike Milinkovich, that's a major reason Eclipse was able to thrive: " IBM....did an exemplary job of setting Eclipse free," he said in an interview posted today. "We became the first open source organization to show that real competitors could collaborate successfully within the community." He also talks about misconceptions about Eclipse, its current open-source success and what he sees for the future.
Submission + - Hacking Group Linked to Chinese Army Caught Attacking Dummy Water Plant (technologyreview.com) 4
holy_calamity writes: MIT Technology Review reports that APT1, the China-based hacking group said to steal data from U.S. companies, has been caught taking over a decoy water plant control system. The honeypot mimicked the remote access control panels and physical control system of a U.S. municipal water plant. The decoy was one of 12 set up in 8 countries around the world, which together attracted more than 70 attacks, 10 of which completely compromised the control system. China and Russia were the leading sources of the attacks. The researcher behind the study says his results provide the first clear evidence that people actively seek to exploit the many security problems of industrial systems.
Submission + - Why Developers Are Kings: The Rising Power of Devs (adtmag.com)
msmoriarty writes: Google's Don Dodge, GitHub's Tom Preston-Werner, New Relic'sLew Cirne and others recently got together in San Francisco on a panel called "The Developer is King: The Power Behind the Throne." According to coverage of the event, the panelists all agreed that programmers — both independent ones and those employed by companies — have more power, and thus opportunities, than ever. Even the marketing power of developers was acknowledged:
"The only way to convince a developer is by giving them a demo and showing them how its better," said Preston-Werner. "The beauty is, you plant these seeds around the world, and those people will evangelize it for you. Because another thing that developers are great at is telling other developers what works for them."
"The only way to convince a developer is by giving them a demo and showing them how its better," said Preston-Werner. "The beauty is, you plant these seeds around the world, and those people will evangelize it for you. Because another thing that developers are great at is telling other developers what works for them."
Submission + - White Hat luxury car hacker to speak at USENIX security event despite injunction (networkworld.com)
alphadogg writes: The lead author of a controversial research paper about flaws in luxury car lock systems will deliver a presentation at this month’s USENIX Security Symposium even though a UK court ruling (inspired by a Volkswagen complaint) has forced the paper to be pulled from the event’s proceedings. USENIX has announced that in “in keeping with its commitment to academic freedom and open access to research,” researcher Roel Verdult will speak at the Aug. 14-16 conference, to be held in Washington, D.C. Verdult and 2 co-authors were recently prohibited by the High Court of Justice in the U.K. from publishing certain portions of their paper, “Dismantling Megamos Crypto: Wireless Lockpicking a Vehicle Immobilizer.” Among the most sensitive information: Codes for cracking the car security system in Porsches, Audis, etc.
Submission + - Microsoft: BUILD 2013 Dev Conference Is NOT Sold Out, Despite What Web Site Said (visualstudiomagazine.com)
msmoriarty writes: Last year, Microsoft's BUILD developer conference sold out in less than an hour. On Tuesday morning, registration for the 2013 conference — being held at the Moscone center in SF — opened and appeared to sell out in three hours, but late Tuesday Microsoft told Visual Studio Magazine that the note saying the conference had sold out was in error, and that there are still spaces available (at least as of when this is being submitted).
Submission + - Free Windows 8 Offer for Mac Developers Lasts About 30 Minutes (adtmag.com)
An anonymous reader writes: Microsoft today offered (nearly) free Windows 8 USB sticks to Mac developers, but "sold out" just over 30 minutes after the offer was posted. No word on just how many sticks were available total, or if the offer will be restarted at some point.
Submission + - BlackBerry 10 Can BBM Anything You're Watching, Even Porn (ibtimes.com)
redletterdave writes: The new BBM in BlackBerry 10 has the option to automatically share what music you’re listening to as one’s status update. As it turns out, this BBM feature in BlackBerry 10 can actually share anything you’re listening to with your BBM network, including videos. Therefore, any videos viewed in the BlackBerry Z10 browser or media player will be displayed for all of one’s BlackBerry contacts to see, even if you don’t want your network to know you’re watching certain videos.
Submission + - New Analyst Report Calls Agile a Scam, Says Easy Out for Lazy Devs (adtmag.com)
msmoriarty writes: We recently got a copy of a new Voke analyst report (for sale here) on Agile and the firm basically blasts the movement from top to bottom. Some highlights: "The Agile movement is designed to sell services," "Out of over 200 survey participants, we received only four detailed comments describing success with Agile," "Survey participants report that developers use the guise of Agile to avoid planning and to avoid creating documentation required for future maintenance," and " Be aware that the Agile movement might very well just be either a developer rebellion against unwanted tasks and schedules or just an opportunity to sell Agile services including certification and training." So did the analysts just talk to to the wrong 200 people?
Submission + - Justice Dept., FBI to review use of forensic evidence in thousands of cases (washingtonpost.com)
NotSanguine writes: From The Washington Post Article:
The Justice Department and the FBI have launched a review of thousands of criminal cases to determine whether any defendants were wrongly convicted or deserve a new trial because of flawed forensic evidence, officials said Tuesday. The undertaking is the largest post-conviction review ever done by the FBI. It will include cases conducted by all FBI Laboratory hair and fiber examiners since at least 1985 and may reach earlier if records are available, people familiar with the process said. Such FBI examinations have taken place in federal and local cases across the country, often in violent crimes, such as rape, murder and robbery.
Submission + - City Brought To Its Knees By Datacenter Outage
An anonymous reader writes: On July 11th in Calgary, Canada, a fire and explosion was reported at the Shaw Communications headquarters. This took down a large swath of IT infrastructure, including Shaw's telephone and Internet customers, local radio stations, emergency 911 services, provincial services such Alberta Health Services computers, and Alberta Registries. One news site reports that "The building was designed with network backups, but the explosion damaged those systems as well.". No doubt this has been a hard lesson on how NOT to host critical public services.
Submission + - Building a "Crowdsourced" IT Support System for a Large Organization
BerkeleyNerd writes: I work for a large federal agency that is exploring different ways to lower IT support costs and reduce wait times for users who need help with application features, network problems, agency IT policies, etc. One solution could be: help users share popular IT support "fixes" and identify emerging problems by providing some kind of agency-wide user support forum.
For example, Xerox created the Eureka peer support system in 1996, which was used by field techs to quickly share information. There have been some academic studies on peer support, such as The Usefulness of Electronic Weak Ties for Technical Advice and Peer Collaboration: Building an Infrastructure for Enhancing Technical Support. Also, the Economist recently featured an article on "Unsourcing" — a consumer-oriented spin on the same idea, and the concept of Social IT Support has been discussed.
Does the Slashdot community know of any peer IT support "success stories" in other large institutions, or any software tools that we should evaluate for this purpose, such as UserResponse or StackExchange?
For example, Xerox created the Eureka peer support system in 1996, which was used by field techs to quickly share information. There have been some academic studies on peer support, such as The Usefulness of Electronic Weak Ties for Technical Advice and Peer Collaboration: Building an Infrastructure for Enhancing Technical Support. Also, the Economist recently featured an article on "Unsourcing" — a consumer-oriented spin on the same idea, and the concept of Social IT Support has been discussed.
Does the Slashdot community know of any peer IT support "success stories" in other large institutions, or any software tools that we should evaluate for this purpose, such as UserResponse or StackExchange?
Submission + - Researchers Hack Popular Point-of-Sale System, Alter Transactions (threatpost.com)
Trailrunner7 writes: A security researcher has found several serious vulnerabilities in a widely deployed point-of-sale system that enables an attacker to change transactions, steal card data and take other malicious actions. The attacks could be executed remotely under certain circumstances or done through a local interface.
The research, done by Karsten Nohl of Security Research Labs in Germany, shows that some PoS terminals made by VeriFone Systems have a series of weaknesses that give attackers some pathways into the system. The vulnerable system is called Artema Hybrid, and it is the most popular PoS system in Germany.
VeriFone officials said they're aware of the issues but haven't been able to reproduce the bugs or the attacks.
The research, done by Karsten Nohl of Security Research Labs in Germany, shows that some PoS terminals made by VeriFone Systems have a series of weaknesses that give attackers some pathways into the system. The vulnerable system is called Artema Hybrid, and it is the most popular PoS system in Germany.
VeriFone officials said they're aware of the issues but haven't been able to reproduce the bugs or the attacks.
Submission + - Rolls-Royce Unveils World's First LEGO Jet Engine Made from 152,455 Bricks (inhabitat.com)
Elliot Chang writes: "Rolls-Royce debuted the world’s first ever LEGO Jet Engine at the Farnborough International Airshow this week in England. The model is a half-size replica of the enormous Rolls-Royce Trent 1000 that powers the Boeing 787 Dreamliner. It took 152,455 LEGO bricks, eight weeks, and a team of four fulltime employees to assemble the model. While the real engine weighs in at 1.25 tons, the LEGO replica still weighs a hefty 676 pounds and measures 4.9 feet long and 6.5 feet wide."
