Open Source

Alpine Linux 3.6.0 Released (alpinelinux.org) 54

An anonymous reader quotes DistroWatch: Natanael Copa has announced the release of Alpine Linux 3.6.0. Alpine Linux is an independent, minimal operating system that is well suited to running servers, routers and firewalls. Version 3.6.0 introduces support for 64-bit POWER machines, 64-bit IBM z Systems computers and features many up to date packages, including PHP 7.1, LLVM 4.0 and version 6.3 of the GNU Compiler.
"Noteworthy new packages" include Rust 1.17.0 and Cargo 0.18.0, as well as Julia 0.5.2, as we ll as "significant updates" like Go 1.8, Python 3.6, and Ruby 2.4. And in addition, "MD5 and SHA-1 hashes have been removed from APKBUILDs, being obsoleted by SHA-512."
Earth

Reid Hoffman, Bill Gates, Others Ante Up Another $30 Million To Change.org the World (fortune.com) 56

theodp writes: Fortune reports that LinkedIn co-founder Reid Hoffman is "leading a $30 million funding round in Change.org, a for-profit petition and fundraising website focused on social and political change." Joining Hoffman in this round, as well as an earlier $25 million round in 2014, is Bill Gates. Change.org, Hoffman explained in a Friday LinkedIn post, "helps enable a world where you don't need to hire a lobbyist to have real impact on the issues and policies that matter to you." He added, "In its decade of existence, Change.org petitions have resulted in more than 21,000 victories, i.e., instances in which a government agency, corporation, or other entity has changed a regulation or a policy in the face of a Change.org petition urging it to do so." Last year, Hoffman joined Gates and some of the biggest names in tech and corporate America who threw their weight behind a Change.org petition that tried to get Congress to fund K-12 Computer Science education. The Change.org petition fell short of its 150,000-signature goal despite claims of support from 90% of the parents of the nation's 58 million K-12 schoolchildren (based on a Google-funded survey of 1,685 parents), widespread press coverage (including a full-page ad in petition signer Jeff Bezos's Washington Post), lobbying efforts by the tech coalition that organized the petition (which counts LinkedIn and Microsoft among its members), and even some free PR from Change.org.
Encryption

10 Years Later: FileZilla Adds Support For Master Password That Encrypts Your Logins (bleepingcomputer.com) 78

An anonymous reader writes: "Following years of criticism and user requests, the FileZilla FTP client is finally adding support for a master password that will act as a key for storing FTP login credentials in an encrypted format," reports BleepingComputer. "This feature is scheduled to arrive in FileZilla 3.26.0, but you can use it now if you download the 3.26.0 (unstable) release candidate from here." By encrypting its saved FTP logins, FileZilla will finally thwart malware that scrapes the sitemanager.xml file and steals FTP credentials, which were previously stolen in plain text. The move is extremely surprising, at least for the FileZilla user base. Users have been requesting this feature for a decade, since 2007, and they have asked it many and many times since then. All their requests have fallen on deaf ears and met with refusal from FileZilla maintainer, Tim Kosse. In November 2016, a user frustrated with Koose's stance forked the FileZilla FTP client and added support for a master password via a spin-off app called FileZilla Secure.
Facebook

Facebook's Instant Articles Platform To Support Google AMP, Apple News (techcrunch.com) 23

An anonymous reader quotes a report from TechCrunch: One of the problems publishers face today in making their content more readable on mobile devices is that there are multiple, competing formats available for this purpose. Facebook has Instant Articles, Google is spearheading the AMP (Accelerated Mobile Pages) project, and the Apple News Format optimizes content for iOS devices. Facebook is today taking a crack at a solution to this problem by rolling out support for both AMP and soon Apple News as a part of its open source Instant Articles software development kit. The updated SDK will now include an extension that lets publishers build content that's publishable in all three formats, beginning with support for Google's AMP in addition to Facebook's own Instant Articles. In the weeks ahead it will also include support for publishing to Apple News, though the company didn't provide an exact launch date for when that feature would be added.
AI

The Working Dead: Which IT Jobs Are Bound For Extinction? (infoworld.com) 580

Slashdot reader snydeq shares an InfoWorld article identifying "The Working Dead: IT Jobs Bound For Extinction." Here's some of its predictions.
  • The president of one job leadership consultancy argues C and C++ coders will soon be as obsolete as Cobol programmers. "The entire world has gone to Java or .Net. You still find C++ coders in financial companies because their systems are built on that, but they're disappearing."
  • A data scientist at Stack Overflow "says demand for PHP, WordPress, and LAMP skills are seeing a steady decline, while newer frameworks and languages like React, Angular, and Scala are on the rise."
  • The CEO and co-founder of an anonymous virtual private network service says "The rise of Azure and the Linux takeover has put most Windows admins out of work. Many of my old colleagues have had to retrain for Linux or go into something else entirely."
  • In addition, "Thanks to the massive migration to the cloud, listings for jobs that involve maintaining IT infrastructure, like network engineer or system administrator, are trending downward, notes Terence Chiu, vice president of careers site Indeed Prime."
  • The CTO of the job site Ladders adds that Smalltalk, Flex, and Pascal "quickly went from being popular to being only useful for maintaining older systems. Engineers and programmers need to continually learn new languages, or they'll find themselves maintaining systems instead of creating new products."
  • The president of Dice.com says "Right now, Java and Python are really hot. In five years they may not be... jobs are changing all the time, and that's a real pain point for tech professionals."

But the regional dean of Northeastern University-Silicon Valley has the glummest prediction of all. "If I were to look at a crystal ball, I don't think the world's going to need as many coders after 2020. Ninety percent of coding is taking some business specs and translating them into computer logic. That's really ripe for machine learning and low-end AI."


IBM

New OS/2 Warp Operating System 'ArcaOS' 5.0 Released (arcanoae.com) 145

The long-awaited modern OS/2 distribution from Arca Noae was released Monday. martiniturbide writes: ArcaOS 5.0 is an OEM distribution of IBM's discontinued OS/2 Warp operating system. ArcaOS offers a new set of drivers for ACPI, network, USB, video and mouse to run OS/2 in newer hardware. It also includes a new OS installer and open source software like Samba, Libc libraries, SDL, Qt, Firefox and OpenOffice... It's available in two editions, Personal ($129 with an introductory price of $99 for the first 90 days [and six months of support and maintenance updates]) and Commercial ($239 with one year of support and maintenance).

The OS/2 community has been called upon to report supported hardware, open source any OS/2 software, make public as much OS/2 documentation as possible and post the important platform links. OS2World insists that open source has helped OS/2 in the past years and it is time to look under the hood to try to clone internal components like Control Program, Presentation Manager, SOM and Workplace Shell.

By Tuesday Arca Noae was reporting "excessive traffic on the server which is impacting our ordering and delivery process," though the actual downloads of the OS were unaffected, the server load issues were soon mitigated, and they thanked OS/2 enthusiasts for a "truly overwhelming response."
Security

HandBrake Urges Mac Users To Verify Recent Download, Says Mirror Server Was Compromised (handbrake.fr) 22

HandBrake team, writing on their forum: Anyone who has downloaded HandBrake on Mac between [02/May/2017 14:30 UTC] and [06/May/2017 11:00 UTC] needs to verify the SHA1 / 256 sum of the file before running it. Anyone who has installed HandBrake for Mac needs to verify their system is not infected with a Trojan. You have 50/50 chance if you've downloaded HandBrake during this period. If you see a process called "Activity_agent" in the OSX Activity Monitor application. You are infected. HandBrake is a popular, open-source video conversion tool. The team hasn't issued any advisory for Windows users.
Government

California Seeks To Tax Rocket Launches, Which Are Already Taxed (arstechnica.com) 417

The state of California is looking into taxing its thriving rocket industry. The Franchise Tax Board has issued a proposed regulation for public comment that would require companies that launch spacecraft to pay a tax based upon "mileage" traveled by that spacecraft from California. Ars Technica reports: The proposal says that California-based companies that launch spacecraft will have to pay a tax based upon "mileage" traveled by that spacecraft from California. (No, we're not exactly sure what this means, either). The proposed regulations were first reported by the San Francisco Chronicle, and Thomas Lo Grossman, a tax attorney at the Franchise Tax Board, told the newspaper that the rules are designed to mirror the ways taxes are levied on terrestrial transportation and logistics firms operating in California, like trucking or train companies. The tax board is seeking public input from now until June 16, when it is expected to vote on the proposed tax. The federal government already has its own taxes for commercial space companies, and until now no other state has proposed taxing commercial spaceflight. In fact most other states, including places like Florida, Texas, and Georgia, offer launch providers tax incentives to move business into their areas.
Businesses

Report Shows Another Diversity Challenge: Retaining Employees (sfchronicle.com) 296

An anonymous reader shares a report: Women, blacks and Latinos are far more likely to quit jobs in tech than white or Asian men, according to a new report by the Kapor Center for Social Impact. The Oakland nonprofit commissioned an online survey by the Harris Poll, which asked 2,006 people who voluntarily left tech jobs in the past three years about why they quit. It found women were twice as likely to leave as men (alternative link), while black and Latino tech workers were 3.5 times likelier to quit than white or Asian colleagues. The most common reason they gave for their departures was workplace mistreatment.
The Almighty Buck

Suicide of an Uber Engineer: Widow Blames Job Stress (sfchronicle.com) 288

An anonymous reader shares a report: Joseph Thomas thought he had it made when he landed a $170,000 job as a software engineer at Uber's San Francisco headquarters last year. [...] But his time at Uber turned into a personal tragedy, one that will compel the ride-hailing company to answer questions before a judge about its aggressive work culture. Always adept with computers, Joseph Thomas worked his way up the ladder at tech jobs in his native Atlanta, then at LinkedIn in Mountain View, where he was a senior site reliability engineer. He turned down an offer from Apple to go to Uber, because he felt he could grow more with the younger company and was excited about the chance to profit from stock options when it went public. But at Uber, Thomas struggled in a way he'd never experienced in over a decade in technology. He worked long hours. He told his father and his wife that he felt immense pressure and stress at work, and was scared he'd lose his job. [...] One day in late August, Zecole (the wife) came home from dropping their boys off at school. Joseph was sitting in his car in the garage. She got into the passenger seat to talk to him. Then she saw the blood. Joseph had shot himself. [...] Uber declined to comment on the legal dispute and said Thomas never complained to the company of extreme stress or racial discrimination.
Earth

Scientists Consider 'Cloud Brightening' To Preserve Australia's Great Barrier Reef (technologyreview.com) 108

An anonymous reader quotes MIT Technology Review: A group of Australian marine scientists believe that altering clouds might offer one of the best hopes for saving the Great Barrier Reef. For the last six months, researchers at the Sydney Institute of Marine Science and the University of Sydney School of Geosciences have been meeting regularly to explore the possibility of making low-lying clouds off the northeastern coast of Australia more reflective in order to cool the waters surrounding the world's biggest coral reef system...

Last year, as El Nino events cranked up ocean temperatures, at least 20% of the reef died and more than 90% of it was damaged. The Australian researchers took a hard look at a number of potential ways to preserve the reefs. But at this point, making clouds more reflective looks like the most feasible way to protect an ecosystem that stretches across more than 130,000 square miles, says Daniel Harrison, a postdoctoral research associate with the Ocean Technology Group at the University of Sydney. Cloud brightening is the only thing we've identified that's scalable, sensible, and relatively environmentally benign," he says... Next month, he plans to start computer climate modeling to explore whether cloud brightening could make a big enough temperature difference to help.

They're collaborating with Silicon Valley's Marine Cloud Brightening Project, which has spent the last seven years "developing a nozzle that they believe can spray salt particles of just the right size and quantity to alter the clouds. They're attempting to raise several million dollars to build full-scale sprayers." The article describes them as "one of several research groups that have started to explore whether cloud brightening, generally discussed as a potential tool to alter the climate as a whole, could be applied in more targeted ways."
Programming

Flawed Online Tutorials Led To Vulnerabilities In Software (helpnetsecurity.com) 96

An anonymous reader quotes Help Net Security: Researchers from several German universities have checked the PHP codebases of over 64,000 projects on GitHub, and found 117 vulnerabilities that they believe have been introduced through the use of code from popular but insufficiently reviewed tutorials. The researchers identified popular tutorials by inputting search terms such as "mysql tutorial", "php search form", "javascript echo user input", etc. into Google Search. The first five results for each query were then manually reviewed and evaluated for SQLi and XSS vulnerabilities by following the Open Web Application Security Project's Guidelines. This resulted in the discovery of 9 tutorials containing vulnerable code (6 with SQLi, 3 with XSS).
The researchers then checked for the code in GitHub repositories, and concluded that "there is a substantial, if not causal, link between insecure tutorials and web application vulnerabilities." Their paper is titled "Leveraging Flawed Tutorials for Seeding Large-Scale Web Vulnerability Discovery."
Input Devices

RIP, Robert Taylor, The Innovator Who Shaped Modern Computing (sfgate.com) 37

"Any way you look at it, from kick-starting the Internet to launching the personal computer revolution, Bob Taylor was a key architect of our modern world," says a historian at Stanford's Silicon Valley Archives. An anonymous reader quotes the New York Times: The Internet, like many inventions, was the work of many inventors. But perhaps no one deserves more credit for that world-changing technological leap than Mr. Taylor. The seminal moment of his work came in 1966. He had just taken a new position at the Pentagon -- director of the Information Processing Techniques Office, part of the Advanced Research Projects Agency, known as Arpa -- and on his first day on the job it became immediately obvious to him what the office lacked and what it needed. At the time, Arpa was funding three separate computer research projects and using three separate computer terminals to communicate with them. Mr. Taylor said, No, we need a single computer research network, to connect each project with the others, to enable each to communicate with the others... His idea led to the Arpanet, the forerunner of the Internet.

A half-decade later, at Xerox's storied Palo Alto Research Center, Mr. Taylor was instrumental in another technological breakthrough: funding the design of the Alto computer, which is widely viewed as the forerunner of the modern personal computer. Mr. Taylor even had a vital role in the invention of the computer mouse. In 1961, at the dawn of the Space Age, he was about a year into his job as a project manager at NASA in Washington when he learned about the work of a young computer scientist at Stanford Research Institute, later called SRI International... Mr. Taylor decided to pump more money into the work, and the financial infusion led directly to Engelbart's invention of the mouse, a computer control technology that would be instrumental in the design of both Macintosh and Microsoft Windows-based computers.

Taylor had become fascinated with human-computer interactions in the 1950s during his graduate work at the University of Texas at Austin, and was "appalled" that performing data calculations required submitting his punch cards to a technician running the school's mainframe computers. Years later, it was Taylor's group at PARC that Steve Jobs visited in 1979, which inspired the "desktop" metaphor for the Macintosh's graphical user interface. And Charles Simonyi eventually left PARC to join Microsoft, where he developed the Office suite of applications.

Taylor died Thursday at his home in Woodside, California, from complications of Parkinson's disease, at the age of 85.
Security

Remote-Access Router Exploit Finally Revealed (helpnetsecurity.com) 38

"Back in the days, Cisco fixed the vulnerability, but we are not sure about all other router vendors and models because there are too many of them," writes the DefenseCode team. Orome1 quotes a new report from Help Net Security: Back in January 2013, researchers from application security services firm DefenseCode unearthed a remote root access vulnerability in the default installation of some Cisco Linksys (now Belkin) routers. The flaw was actually found in Broadcom's UPnP implementation used in popular routers, and ultimately the researchers extended the list of vulnerable routers to encompass devices manufactured by the likes of ASUS, D-Link, Zyxel, US Robotics, TP-Link, Netgear, and others. Since there were millions of vulnerable devices out there, the researchers refrained from publishing the exploit they created for the flaw, but now, four years later, they've released their full research again, and this time they've also revealed the exploit. The researchers pointed out that most users don't update their router's firmware -- meaning many routers may still be vulnerable.
Hardware

FriendELEC Releases $40 NanoPi K2 Board That Competes With ODROID-C2, Raspberry Pi 3 (cnx-software.com) 80

DeathByLlama writes: The single board computer market, broken wide-open just a few years ago by the Raspberry Pi Foundation, continues to flourish today as FriendELEC releases their $40 NanoPi K2 board. This SBC packs a 1.5 GHz 64-bit quad core Amlogic S905 processor, and paired with 2GB of DDR3 RAM and the Mali-450MP GPU, it is able to stream 4K at 60 FPS. Add in gigabit ethernet, onboard Wi-Fi, Bluetooth, IR (and a remote!), eMMC compatibility, a familiar GPIO header, and a $40 price tag, and you end up with some stiff competition for other market leaders like Hardkernel's ODROID-C2 and Raspberry Pi's flagship Pi 3. The release is clearly in early phases with Ubuntu images and house-sold eMMC modules still on their way. It's amazing to see such strong competition in this market -- and with so many sub-$100, incredibly capable SBC options, which will choose?
Businesses

Drupal Developers Threaten To Quit Drupal Unless Larry Garfield Is Reinstated (drupalconfessions.org) 478

An anonymous reader writes: Slashdot previously covered the story of Larry Garfield, a Drupal developer who was allegedly banned from the community for his BDSM/Gorean lifestyle, after he was outed by a colleague with a grudge. Now, dozens of core Drupal developers, committers, and funders have banded together in an open letter to Dries Buytaert, the CTO of Acquia, Drupal trademark owner, and Benevolent Dictator for Life (BDFL) of the Drupal project. Among other things, they demand that Larry Garfield be reinstated, threatening to abandon the project if their demands are not met. Here's an excerpt from the letter: "If you will not fight for us and restore our faith in the professionalism of the Drupal community, then a number of us will be permanently leaving the Drupal community, ceasing all contributions to the official, Drupal-branded branch of the codebase, and ceasing participation in all Drupal communities. This is not our first choice, but we cannot and will not participate in a community that encourages abusers to totally destroy people's careers for personal or ideological reasons."
Cellphones

Scientists Prove Your Phone's PIN Can Be Stolen Using Its Gyroscope Data (digitaltrends.com) 61

A team of scientists at Newcastle University in the UK managed to reveal a user's phone PIN code using its gyroscope data. "In one test, the team cracked a passcode with 70 percent accuracy," reports Digital Trends. "By the fifth attempt, the accuracy had gone up to 100 percent." From the report: It takes a lot of data, to be sure. The Guardian notes users had to type 50 known PINs five times before the researchers' algorithm learned how they held a phone when typing each particular number. But it highlights the danger of malicious apps that gain access to a device's sensors without requesting permission. The risk extends beyond PIN codes. In total, the team identified 25 different smartphone sensors which could expose compromising user information. Worse still, only a small number -- such as the camera and GPS -- ask the user's permission before granting access to that data. It's precise enough to track behavior. Using an "orientation" and "emotion trace" data, the researchers were able to determine what part of a web page a user was clicking on and what they were typing. The paper has been published in International Journal of Information Security.
Businesses

Airlines Make More Money Selling Miles Than Seats (expressnews.com) 135

An anonymous reader shares a report: Does your wallet contain an airline-branded credit card? If so, your daily Starbucks visits, iTunes selections and dining habits serve a critical role in keeping the U.S. airline industry fat and happy. For carriers such as American Airlines, riding Citigroup Inc. plastic, or Delta, on American Express Co., these programs are a cash cow, a golden goose -- or any other fiscal livestock you care to conjure. Each mile fetches an airline anywhere from 1.5 cents to 2.5 cents, and the big banks amass those miles by the billions (alternative source), doling them out to cardholders each month. For the banks, people who pay annual fees for those cards in order to accumulate miles are the closest thing to a sure bet. These consumers typically have higher-than-average incomes and spend more on their cards, generating merchant fees for the banks. They also tend to maintain high credit scores, which means they pay their bills on time and banks experience fewer defaults. The airline-miles business, formally known as loyalty programs, has become a high-margin enterprise that's grown in size and value amid airline consolidation, with carriers keen to expand credit card rolls and see loyalty members spend more.
Google

Google Announces Android Cross-Licensing Program 'PAX' -- But Why? (consortiuminfo.org) 33

"Linux and open-source software have had to contend with intellectual property legal challenges for years," writes ZDNet. "Now, Google has started a new effort to bring peace to potential Android IP sore points: PAX... a royalty-free, community-patent cross-license." PAX is starting with nine members: Google, Samsung Electronics, LG Electronics, HTC, Foxconn Technology Group, Coolpad, BQ, HMD Global, and Allview. These companies own more than 230,000 global patents. PAX's purpose is to create a "community-driven [patent] clearinghouse, developed together with our Android partners, [that] ensures that innovation and consumer choice -- not patent threats -- will continue to be key drivers of our Android ecosystem. PAX is free to join and open to anyone."
Slashdot reader Andy Updegroved writes: The question is why? The announcement and the related website are extremely brief, and although everyone is invited to get a copy of the cross license, Google reserves the right to decide first whether your motives are pure and you can keep a secret. And so far, the only members of the "PAX Community" listed are existing Google business partners. Is Google aware of some new patent tempest brewing just over the horizon, about to burst into public view? And will any other company names and logos be added to the PAX Community Web page? We'll just have to stay tuned to find out.
Andy Updegrove tells ZDNet it does involve "formal cross-licenses between participants, and therefore enforceable rights, but not an infrastructure to do more (at least insofar as one can tell from the initial announcement)."
Privacy

Minnesota Senate Votes To Bar Selling ISP Data (twincities.com) 112

Kagato quotes a report from St. Paul Pioneer Press: In a surprise move, the Minnesota Senate on Wednesday voted to bar internet service providers from selling their users' personal data without express written consent. The move was a reaction to a Tuesday vote in Congress to lift a ban on that practice imposed in 2016 by the Federal Communication Commission. Sen. Ron Latz, DFL-St. Louis Park, offered the amendment onto the Senate's economic development budget bill, saying it was urgently needed to protect Minnesotans' privacy after the congressional vote. Latz's amendment was challenged under Senate rules on the grounds that it would impose a cost on a state agency and thus needed to go through committee rather than be added on the floor. Republican Sen. Warren Limmer, of Maple Grove, broke with his party to overturn the Senate president's ruling and allow the internet privacy amendment to continue by a single vote. Once the amendment cleared this procedural hurdle, it was overwhelmingly added to the bill on a 66-1 vote. The lone critic, Sen. David Osmek, R-Mound, said Latz's amendment needed more study and review before being adopted. The Register reports that Illinois has also fought back against Tuesday's vote by approving two new privacy measures. "On Thursday, the state's Cybersecurity, Data Analytics and IT Committee approved two new privacy measures," reports The Register. "One would allow state residents to demand what data companies such as Comcast, Verizon, Google and Facebook is sharing about them. The other would require consent before an app can track users' locations."

Slashdot Top Deals