×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Not Just a Cleanup Any More: LibreSSL Project Announced

timothy posted yesterday | from the they'd-like-some-beer-money dept.

334

An anonymous reader writes "As some of you may know, the OpenBSD team has started cleaning up the OpenSSL code base. LibreSSL is primarily developed by the OpenBSD Project, and its first inclusion into an operating system will be in OpenBSD 5.6. In the wake of Heartbleed, the OpenBSD group is creating a simpler, cleaner version of the dominant OpenSSL. Theo de Raadt, founder and leader of OpenBSD and OpenSSH, tells ZDNet that the project has already removed 90,000 lines of C code and 150,000 lines of content. The project further promises multi-OS support once they have proper funding and the right portability team in place. Please consider donating to support LibreSSL via the OpenBSD foundation."

OpenSSL Cleanup: Hundreds of Commits In a Week

timothy posted 3 days ago | from the the-good-kind-of-competition dept.

372

New submitter CrAlt (3208) writes with this news snipped from BSD news stalwart undeadly.org: "After the news of heartbleed broke early last week, the OpenBSD team dove in and started axing it up into shape. Leading this effort are Ted Unangst (tedu@) and Miod Vallat (miod@), who are head-to-head on a pure commit count basis with both having around 50 commits in this part of the tree in the week since Ted's first commit in this area. They are followed closely by Joel Sing (jsing@) who is systematically going through every nook and cranny and applying some basic KNF. Next in line are Theo de Raadt (deraadt@) and Bob Beck (beck@) who've been both doing a lot of cleanup, ripping out weird layers of abstraction for standard system or library calls. ... All combined, there've been over 250 commits cleaning up OpenSSL. In one week.'" You can check out the stats, in progress.

Survey: 56 Percent of US Developers Expect To Become Millionaires

Soulskill posted about a week ago | from the you-totally-could-have-invented-flappy-birds dept.

466

msmoriarty writes: "According to a recent survey of 1,000 U.S.-based software developers, 56 percent expect to become millionaires in their lifetime. 66 percent also said they expect to get raises in the next year, despite the current state of the economy. Note that some of the other findings of the study (scroll to bulleted list) seem overly positive: 84 percent said they believe they are paid what they're worth, 95 percent report they feel they are 'one of the most valued employees at their organization,' and 80 percent said that 'outsourcing has been a positive factor in the quality of work at their organization.'"

How 'DevOps' Is Killing the Developer

Soulskill posted about a week ago | from the in-the-server-room-with-the-lamp-stack dept.

226

An anonymous reader writes "Python guru Jeff Knupp writes about his frustration with the so-called 'DevOps' movement, an effort to blend development jobs with operations positions. It's an artifact of startup culture, and while it might make sense when you only have a few employees and a focus on simply getting it running rather than getting it running right, Knupp feels it has no place in bigger, more established companies. He says, 'Somewhere along the way, however, we tricked ourselves into thinking that because, at any one time, a start-up developer had to take on different roles he or she should actually be all those things at once. If such people even existed, "full-stack" developers still wouldn't be used as they should. Rather than temporarily taking on a single role for a short period of time, then transitioning into the next role, they are meant to be performing all the roles, all the time. And here's what really sucks: most good developers can almost pull this off.' Knupp adds, 'The effect of all of this is to destroy the role of "developer" and replace it with a sort of "technology utility-player". Every developer I know got into programming because they actually enjoyed doing it (at one point). You do a disservice to everyone involved when you force your brightest people to take on additional roles.'"

OpenBSD Team Cleaning Up OpenSSL

timothy posted about a week ago | from the devil-you-say dept.

304

First time accepted submitter Iarwain Ben-adar (2393286) writes "The OpenBSD has started a cleanup of their in-tree OpenSSL library. Improvements include removing "exploit mitigation countermeasures", fixing bugs, removal of questionable entropy additions, and many more. If you support the effort of these guys who are responsible for the venerable OpenSSH library, consider a donation to the OpenBSD Foundation. Maybe someday we'll see a 'portable' version of this new OpenSSL fork. Or not."

Michael Bloomberg: You Can't Teach a Coal Miner To Code

Soulskill posted about two weeks ago | from the you-can't-teach-an-old-dog-how-to-use-a-for-loop dept.

581

theodp (442580) writes "Gigaom reports that while speaking at the Bloomberg Energy Summit on Wednesday, former NYC Mayor Michael Bloomberg said he gives 'a lot of money to the Sierra Club' to help close dirty coal plants, but added that as a society we have to 'have some compassion to do it gently.' Subsidies to help displaced workers are one option, said Bloomberg, while retraining is another option. But, in a slight to the tech industry's sometimes out-of-touch nature with workers outside of Silicon Valley, he said retraining needs to be realistic, 'You're not going to teach a coal miner to code,' argued Bloomberg. 'Mark Zuckerberg says you teach them to code and everything will be great. I don't know how to break it to you... but no.'"

Heartbleed Coder: Bug In OpenSSL Was an Honest Mistake

samzenpus posted about two weeks ago | from the only-human dept.

446

nk497 (1345219) writes "The Heartbleed bug in OpenSSL wasn't placed there deliberately, according to the coder responsible for the mistake — despite suspicions from many that security services may have been behind it. OpenSSL logs show that German developer Robin Seggelmann introduced the bug into OpenSSL when working on the open-source project two and a half years ago, according to an Australian newspaper. The change was logged on New Year's Eve 2011. 'I was working on improving OpenSSL and submitted numerous bug fixes and added new features,' Seggelmann told the Sydney Morning Herald. 'In one of the new features, unfortunately, I missed validating a variable containing a length.' His work was reviewed, but the reviewer also missed the error, and it was included in the released version of OpenSSL."

Google: Teach Girls Coding, Get $2,500; Teach Boys, Get $0

timothy posted about two weeks ago | from the got-enough-of-the-other-kind-already dept.

673

theodp (442580) writes "'Public school teachers,' reads the headline at Khan Academy (KA), 'introduce your students to coding and earn $1000 or more for your classroom!' Read the fine print, however, and you'll see that the Google-bankrolled offer is likely to ensure that girls, not boys, are going to be their Computer Science teachers' pets. 'Google wants public high school students, especially girls, to discover the magic of coding,' KA explains to teachers. 'You'll receive a $100 DonorsChoose.org gift code for every female student who completes the [JS 101: Drawing & Animation] course. When 4 or more female students complete it, we'll email you an additional $500 gift code as a thank-you for helping your students learn to code.' While 'one teacher cannot have more than 20 of the $100 gift codes activated on their DonorsChoose.org projects,' adds KA, 'if the teacher has more than 20 female students complete the curriculum, s/he will still be sent gift codes, and the teacher can use the additional gift codes on another teacher's DonorsChoose.org project.' So, is girls-are-golden-boys-are-worthless funding for teachers' projects incongruent with Khan Academy's other initiatives, such as its exclusive partnership with CollegeBoard to eliminate inequality among students studying for the SAT?"

Ask Slashdot: Which NoSQL Database For New Project?

Soulskill posted about two weeks ago | from the mo-sql-mo-problems dept.

272

DorianGre writes: "I'm working on a new independent project. It involves iPhones and Android phones talking to PHP (Symfony) or Ruby/Rails. Each incoming call will be a data element POST, and I would like to simply write that into the database for later use. I'll need to be able to pull by date or by a number of key fields, as well as do trend reporting over time on the totals of a few fields. I would like to start with a NoSQL solution for scaling, and ideally it would be dead simple if possible. I've been looking at MongoDB, Couchbase, Cassandra/Hadoop and others. What do you recommend? What problems have you run into with the ones you've tried?"

Should Microsoft Give Kids Programmable Versions of Office?

samzenpus posted about two weeks ago | from the won't-somebody-please-think-of-the-children? dept.

226

theodp (442580) writes "Over at Microsoft on the Issues, Microsoft continues to lament the computer programming skills gap of American kids, while simultaneously lobbying for more H-1B visas to fill that gap. Saying that states must do more to 'help students gain critical 21st century skills,' Microsoft credits itself and partner Code.org for getting 30,606,732 students to experience coding through the Hour of Code, claiming that K-12 kids have 'written 1,332,784,839 lines of code' (i.e., dragged-and-dropped puzzle pieces), So, if it's concerned about helping students gain programming skills, shouldn't Microsoft be donating fully-functional desktop versions of MS-Office to schools, which would allow kids to use Visual Basic for Applications (VBA)? While Microsoft's pledge to give 12 million copies of its Office software to schools was heralded by the White House and the press, a review of the 'fine print' at Microsoft suggests it's actually the online VBA-free version of Office 365 Education that the kids will be getting, unless their schools qualify for the Student Advantage program by purchasing Office for the faculty and staff. Since Microsoft supported President Obama's call for kids to 'Don't Just Play on Your Phone, Program It', shouldn't it give kids the chance to program MS-Office, too?"

Linus Torvalds Suspends Key Linux Developer

Soulskill posted about three weeks ago | from the arguing-about-penguins dept.

641

alphadogg writes: "An argument between developers of some of the most basic parts of Linux turned heated this week, resulting in a prominent Red Hat employee and code contributor being banned from working on the Linux kernel. Kay Sievers, a well-known open-source software engineer, is a key developer of systemd, a system management framework for Linux-based operating systems. Systemd is currently used by several prominent Linux distributions, including two of the most prominent enterprise distros, Red Hat and SUSE. It was recently announced that Ubuntu would adopt systemd in future versions as well. Sievers was banned by kernel maintainer Linus Torvalds on Wednesday for failing to address an issue that caused systemd to interact with the Linux kernel in negative ways."

Start-Up Founders On Dealing With Depression

timothy posted about three weeks ago | from the blue-mondays dept.

257

v3rgEz (125380) writes "Founders at a number of Boston startups shared their stories of building and growing a company while battling depression. One founder didn't even realize he was depressed until glucose and blood tests came back normal, while another said it was worse than her life struggles growing up in the projects. All shared different coping mechanisms. Any advice for dealing with the same?"

.NET Native Compilation Preview Released

timothy posted about three weeks ago | from the faster-faster-faster dept.

217

atrader42 (687933) writes "Microsoft announced a new .NET compiler that compiles .NET code to native code using the C++ compiler backend. It produces performance like C++ while still enabling .NET features like garbage collection, generics, and reflection. Popular apps have been measured to start up to 60% faster and use 15% less memory. The preview currently only supports Windows Store applications, but is expected to apply to more .NET applications in the long term. A preview of the compiler is available for download now. (Caveat: I both work for MS and read Slashdot.)"

Indie Game Jam Show Collapses Due To Interference From "Pepsi Consultant"

Unknown Lamer posted about three weeks ago | from the do-the-what-are-you-twelve dept.

465

Sockatume (732728) writes "Would you like to see a half-million-dollar TV show in which four teams of indie developers and Youtube personalities compete to create amazing videogames? Tough luck, because GAME_JAM from Maker Studios has spectacularly imploded. Although a lot could go wrong with this kind of show, the blame isn't being levelled at game developer egos or project mismanagement but the heroic efforts of one Matti Leshem, a branding consultant brought in for Pepsi. After imposing Mountain Dew branding rules that even banned coffee from the set, his efforts to build a gender divide amongst the teams culminated in the competitors downing their tools and the production collapsing. Accounts from Adriel Wallick, Zoe Quinn, and Robin Arnott are also available."

Toward Better Programming

Soulskill posted about a month ago | from the forest-for-the-binary-trees dept.

391

An anonymous reader writes "Chris Granger, creator of the flexible, open source LightTable IDE, has written a thoughtful article about the nature of programming. For years, he's been trying to answer the question: What's wrong with programming? After working on his own IDE and discussing it with hundreds of other developers, here are his thoughts: 'If you look at much of the advances that have made it to the mainstream over the past 50 years, it turns out they largely increased our efficiency without really changing the act of programming. I think the reason why is something I hinted at in the very beginning of this post: it's all been reactionary and as a result we tend to only apply tactical fixes. As a matter of fact, almost every step we've taken fits cleanly into one of these buckets. We've made things better but we keep reaching local maxima because we assume that these things can somehow be addressed independently. ... The other day, I came to the conclusion that the act of writing software is actually antagonistic all on its own. Arcane languages, cryptic errors, mostly missing (or at best, scattered) documentation — it's like someone is deliberately trying to screw with you, sitting in some Truman Show-like control room pointing and laughing behind the scenes. At some level, it's masochistic, but we do it because it gives us an incredible opportunity to shape our world.'"

TSA Missed Boston Bomber Because His Name Was Misspelled In a Database

Soulskill posted about a month ago | from the let's-blame-technology dept.

275

schwit1 sends this news from The Verge: "Tamerlan Tsarnaev, the primary conspirator in the Boston Marathon bombing that killed three people, slipped through airport security because his name was misspelled in a database, according to a new Congressional report. The Russian intelligence agency warned U.S. authorities twice that Tsarnaev was a radical Islamist and potentially dangerous. As a result, Tsarnaev was entered into two U.S. government databases: the Terrorist Identities Datamart Environment and the Treasury Enforcement Communications System (TECS), an interagency border inspection database.

A special note was added to TECS in October of 2011 requiring a mandatory search and detention of Tsarnaev if he left the country. 'Detain isolated and immediately call the lookout duty officer,' the note reportedly said. 'Call is mandatory whether or not the officer believes there is an exact match.' 'Detain isolated and immediately call the lookout duty officer.' Unfortunately, Tsarnaev's name was not an exact match: it was misspelled by one letter. Whoever entered it in the database spelled it as 'Tsarnayev.' When Tsarnaev flew to Russia in January of 2012 on his way to terrorist training, the system was alerted but the mandatory detention was not triggered. Because officers did not realize Tsarnaev was a high-priority target, he was allowed to travel without questioning."

Ask Slashdot: What Do You Consider Elegant Code?

Soulskill posted about a month ago | from the link-it-if-you've-got-it dept.

373

lxrslh writes: "Since the dawn of computing, we have read about massive failed projects, bugs that are never fixed, security leaks, spaghetti code, and other flaws in the programs we use every day to operate the devices and systems upon which we depend. It would be interesting to read the code of a well-engineered, perfectly coded, intellectually challenging program. I would love to see the code running in handheld GPS units that first find a variable number of satellites and then calculate the latitude, longitude, and elevation of the unit. Do you have an example of a compact and elegant program for which the code is publicly available?"

KDE and Canonical Developers Disagree Over Display Server

samzenpus posted about a month ago | from the no-meeting-of-the-minds dept.

202

sfcrazy (1542989) writes "Robert Ancell, a Canonical software engineer, wrote a blog titled 'Why the display server doesn't matter', arguing that: 'Display servers are the component in the display stack that seems to hog a lot of the limelight. I think this is a bit of a mistake, as it’s actually probably the least important component, at least to a user.' KDE developers, who do have long experience with Qt (something Canonical is moving towards for its mobile ambitions), have refuted Bob's claims and said that display server does matter."

Ask Slashdot: Re-Learning How To Interview As a Developer?

timothy posted about a month ago | from the I'm-a-people-person! dept.

218

An anonymous reader writes "Earlier in my career, when I switched jobs every year or so, I was pretty good at interviewing. I got offers about 75% of the time if I got to a in person. But times have changed... my last 2 jobs have been, longer term gigs.. 5 and 3 years respectively, and I am way out of practice. My resume often gets me the phone interview and I am actually really good at the phone screen.. I am 12 for 12 in the last 6 months phone screen to in person interview. It is the in person interview where I am really having issues. I think I come off wrong or something.. I usually get most of the technical questions, but I am not doing something right because I don't come off very likeable or something. It is hard to get very much feedback to know exactly what I am doing wrong. I have always gotten very good performance reviews and I am well liked at work, but if there is one area for improvement on my reviews it has always been communication. So I ask, can anyone give out some advice, I have tried toastmasters a few times, but does anyone have other tips or ideas? Has anyone else had a similar experiences?"

Facebook Introduces Hack: Statically Typed PHP

Unknown Lamer posted about a month ago | from the sml-and-php-fall-in-love dept.

230

alokmenghrajani (2602135) writes with news of Facebook's new Open Source language, Hack. Quoting: "Today we're releasing Hack, a programming language we developed for HHVM that interoperates seamlessly with PHP. Hack reconciles the fast development cycle of PHP with the discipline provided by static typing, while adding many features commonly found in other modern programming languages. ... Traditionally, dynamically typed languages allow for rapid development but sacrifice the ability to catch errors early and introspect code quickly, particularly on larger codebases. Conversely, statically typed languages provide more of a safety net, but often at the cost of quick iteration. We believed there had to be a sweet spot. ... Hack has deep roots in PHP. In fact, most PHP files are already valid Hack files. ... Our principal addition is static typing. We have developed a system to annotate function signatures and class members with type information; our type checking algorithm infers the rest. Type checking is incremental, such that even within a single file some code can be converted to Hack while the rest remains dynamically typed. ... If a function parameter or class member does not have an explicit type annotation, the type checker considers its type to be dynamic, and it does not check the type of that value." In addition to static typing, they've introduced proper closures that capture the lexical environment, generics, collections, and array shapes. The Hack website has more details. There's a fairly complete language manual, tools to infer types in PHP source and annotate the code, and source available under the PHP license.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...