Slashdot Mirror

CowboyRobot writes "Despite the headlines, the big denial of service attack may not have slowed the Internet after all. The argument against the original claim include the fact that reports of Internet users seeing slowdowns came not from service providers, but the DDoS mitigation service CloudFlare, which signed up Spamhaus as a customer last week. Also, multiple service providers and Internet watchers have now publicly stated that while the DDoS attacks against Spamhaus could theoretically have led to slowdowns, they've seen no evidence that this occurred for general Internet users. And while some users may have noticed a slowdown, the undersea cable cuts discovered by Egyptian sailors had more of an impact than the DDoS."

CowboyRobot writes "A proposed tax in Massachusetts may affect software services and Web design and hosting. If approved, the state estimates the tax may bring in a quarter billion dollars in 2014 by expanding its tax on 'canned software' to include some elements of cloud computing. The tax would cover custom-designed software and services based in the cloud. "Custom" software includes the design of Web sites, so the cost to local businesses of a new Web site would increase by 4.5% on contracts to design the site, write Java, PHP or other custom code. The cost of site hosting and bandwidth would also be taxed."

CowboyRobot writes with this excerpt from Wall Street & Technology: "[Wednesday of this week], Mayor Michael Bloomberg announced the opening [of] a 1 million square foot high-rise data center [in the] old Verizon switching building at 375 Pearl Street. Sabey Data Center Properties, the owner of the property, has named the data center Intergate.Manhattan and says the building's location, power supply and connectivity to underground fiber make it an ideal location for a data center in New York City. ... Intergate.Manhattan has only one tenant so far, the New York Genome Center, a compute and storage platform for 12 leading medical institutions to tackle the big data challenges that will bring the benefits of genomics to patient care." Let's hope they keep plenty of fuel around for next storm season.

CowboyRobot writes "American companies are demanding more H-1B visas to ensure access to the best and brightest workforce, and outside the U.S. are similar claims of an IT worker shortage. Last month, European Commission VP Neelie Kroes bemoaned the growing digital skills gap that threatens European competitiveness. But a new study finds that imported IT talent is often less talented than U.S. workers. Critics of the H-1B program see it as a way for companies to keep IT wages low, to discriminate against experienced U.S. workers, and to avoid labor law obligations. In his examination of the presumed correlation between talent and salary, researcher Norman Matloff observes that Microsoft has been exaggerating how much it pays foreign workers. Citing past claims by the company that it pays foreign workers '$100,000 a year to start,' Matloff says the data shows that only 18% of workers with software engineering titles sponsored for green cards by Microsoft between 2006 and 2011 had salaries at or above $100,000."

CowboyRobot writes "The January edition of Science, Technology & Human Values published an article titled Technological Change and Professional Control in the Professoriate, which details interviews with 42 faculty members at three research-intensive universities. The research concludes that faculty have little interest in the latest IT solutions. 'I went to [a course management software workshop] and came away with the idea that the greatest thing you could do with that is put your syllabus on the Web and that's an awful lot of technology to hand the students a piece of paper at the start of the semester and say keep track of it,' said one. 'What are the gains for students by bringing IT into the class? There isn't any. You could teach all of chemistry with a whiteboard. I really don't think you need IT or anything beyond a pencil and a paper,' said another."

CowboyRobot writes "FCC Chairman Julius Genachowski recently proposed making RF spectrum publicly available, and many in the media (including the Washington Post) have been mistakenly conflating open access to WiFi signal with free Internet access; anyone can put up a wireless access point but that doesn't give them access to the Internet. The proposal will probably mean more attempts at providing free Internet access to specific neighborhoods or municipalities, but as Larry Seltzer at NetworkComputing points out, these programs also usually forget that access to signal is not the same as access to the Internet. After getting the funding to wire a city, these isn't money left to pay for the actual bandwidth usage."

CowboyRobot writes "Once the 'Second City' of the British Empire, scrappy Glasgow — whose now-demolished Gorbals was once known for urban grimness on a par with Chicago's South Side or New York's Hell's Kitchen — has the chance for a whole new lease on life as the UK's first 'smart city.' The UK's government has just announced a $38 million (£24 million) grant to fund pilot projects in the city that show how mass deployment of sensors and real-time information can help local government run more efficiently while also boosting the quality of life for its 600,000 citizens. Glasgow won the prize in a competition among 30 British towns and cities for state help in looking at the possible contribution of smart technology."

CowboyRobot writes "The metaphors and conventions of mobile apps on phones and tablets are now driving the design of desktop software. For example, dialog boxes in typical desktop software used to be complex, requiring lots of interaction. But these are now typically much simpler with far fewer options in a single pane. Drop-down menus are evolving, too. The former style of multiple cascading menus is being replaced. Drop-downs today have a smaller range of options (due to mobile screens being so small and the need to have the entries big enough that a finger touch can select it), and they never use the cascading menu. In Web-based apps, the mobile metaphors are finding greater traction as well. One need only look at the new Google Mail (GMail) interface and see how it's changed over the last year to view the effects of this new direction: All icons are monochrome, the number of buttons is very limited, and there's a More button that keeps the additional options off the main screen."

CowboyRobot writes "In 25 years, an odd thing will happen to some of the no doubt very large number of computing devices in our world: an old, well-known and well-understood bug will cause their calculation of time to fail. The problem springs from the use of a 32-bit signed integer to store a time value, as a number of seconds since 00:00:00 UTC on Thursday, 1 January 1970, a practice begun in early UNIX systems with the standard C library data structure time_t. On January 19, 2038, at 03:14:08 UTC that integer will overflow. It's not difficult to come up with cases where the problem could be real today. Imagine a mortgage amortization program projecting payments out into the future for a 30-year mortgage. Or imagine those phony programs politicians use to project government expenditures, or demographic software, and so on. It's too early for panic, but those of us in the early parts of their careers will be the ones who have to deal with the problem."

CowboyRobot writes "In San Antonio, a judge and a precinct commissioner are proposing (PDF) a plan to create a library called BiblioTech that offers electronic media exclusively, offering patrons only e-readers and digital materials. 'BiblioTech intends to start with 100 e-readers that can be loaned out, 50 pre-loaded e-readers for children, 50 computer stations, 25 laptops and 25 tablets, with additional accommodations planned for the visually impaired.' But the economics have yet to be ironed out. 'A typical library branch might circulate 10,000 titles a month... To do that electronically would be cost-prohibitive — most libraries can't afford to supply that many patrons with e-reading devices at one time. And expecting library visitors to bring their own devices may be expecting too much.'"

CowboyRobot writes "InformationWeek has collected what it considers to be the five dumbest ideas presented at this year's CES. The list includes: 'The HapiFork is an electronic fork that tracks how many mouthfuls of food you consume during a given meal, how many seconds pass between bites, and how long the meal took to complete.' Also on the list is the iPotty, which is about what you would guess from the name. And for balance, the list of the seven standout technologies includes 3M's 84-inch touchscreen display and Parrot's $300 'AR Drone 2.0, a gravity-defying spectacle that puts yesteryear's remote-control helicopters to shame with its ability to dive, spin and whirl through the air.'"

CowboyRobot writes "Keith Fowlkes (vice chancellor for information technology and CIO at the University of Virginia's College at Wise) has a commentary at Information Week in which he makes the point that moving forward, colleges will be able to dump all the 'smart' classroom tools and devices (e.g. electronic whiteboards, clickers, projection systems, etc.) and will only need to support students' tablets. The reasoning comes down to the return on investment, which is easy to argue for tablets but not for other classroom technologies. Standardization of video across devices remains a problem, as does the issue of where files are stored and how they are shared. But these are solvable problems and we will soon see the day when electronic whiteboards are a distant memory." I think the issue of file storage was solved by openafs a long time ago, certainly at the scale of a small university.

CowboyRobot writes with news about a federal initiative to support federated authentication for government services. From the article: "The U.S. Postal Service will be the guinea pig for a White House-led effort to accelerate government adoption of technologies that allow federal agencies to accept third-party identity credentials for online services. The program involves using services ... through standards like OpenID rather than requiring users to create government usernames and passwords. ... The federated identity effort, known as the Federal Cloud Credential Exchange, is just one piece of a broader Obama administration online identity initiative: the National Strategy for Trusted Identities in Cyberspace (NSTIC), which aims to catalyze private sector-led development of a secure, digital 'identity ecosystem' to better protect identities online. ... The Postal Service pilot is but one of several different pilots that are part of NSTIC. There are also three cryptography pilots and two non-cryptographic privacy pilots in the works. Each of those pilots is being carried out by multiple private sector organizations ranging from the Virginia Department of Motor Vehicles to AOL to AARP to Aetna."

CowboyRobot writes "In the past five years there has been an 8x increase in the amount of content being generated per every two-hour cinematic piece. Although 3D is not new, modern 3D technologies add from 100% to 200% more data per frame. In 2009, Avatar was one of the first movies to generate about a petabyte of information. The Hobbit: An Unexpected Journey was shot in a new digital format called High Frame Rate 3-D, which displays the movie at 48 frames per second, twice the standard 24-fps rate that's been in place for more than 80 years." But with digital storage transcending some other limitations of conventional projection techniques, it's not just framerate that directors are now able to play with more easily; it's the length of movies themselves, which stats suggest just keep getting longer.

CowboyRobot writes "The 802.11ac standard is expected to be ratified in 2013 and NetworkComputing has an interview with representatives of Cisco Systems and Aerohive Networks about what that will mean for everyone else. 'Out of the gate, the increases in performance over 11n will not be tremendously impressive. The second wave--which will require a hardware refresh--gets far more interesting... First-generation 802.11ac products will achieve up to 1.3 Gbps through the use of three spatial streams, 80-MHz-wide channels (double the largest 40 MHz channel width with 802.11n), and use of better hardware components that allow higher levels of modulation and encoding (up to 256-QAM). Whether we will actually see 802.11ac products capable of 6.9 Gbps is dependent on hardware enhancements on both the access point and client that are not certain.'"

CowboyRobot writes "Columbia University grad student Ang Cui demonstrated how networked printers and phones can be abused by attackers. 'The attack I demonstrated is caused by the multiple vulnerabilities within the syscall interface of the CNU [Cisco Native Unix] kernel,' Cui tells Dark Reading. 'It is caused by the lack of input validation at the syscall interface, which allows arbitrary modification of kernel memory from userland, as well as arbitrary code execution within the kernel. This, in turn, allows the attacker to become root, gain control over the DSP [Digital Signal Processor], buttons, and LEDs on the phone. The attack I demonstrated patches the existing kernel and DSP in order to carry out stealthy mic exfiltration.'"

CowboyRobot writes "Earlier this year, the state's Department of Revenue was storing 3.3 million bank account numbers, as well as 3.8 million tax returns containing Social Security numbers for 1.9 million children and other dependents, in an unencrypted format. After a state employee clicked on a malicious email link, an attacker was able to obtain copies of those records. It's easy to blame the breach on 'Russian hackers' but who is really to blame? 'The state's leadership, from the governor on down, failed to take information security seriously or to correctly gauge the financial risk involved. As a result, taxpayers will pay extra to clean up the mess. Beyond the $800,000 that the state will spend — and should have already spent — to improve its information security systems, $500,000 will go to the data breach investigation, $740,000 to notify consumers and businesses, $250,000 for legal and PR help, and $12 million for identity theft monitoring services.'"

CowboyRobot writes "Byte magazine gives a run-down of the current state of Internet access on airplanes. 'All of the services function in basically the same way. They provide connectivity to the public Internet via a Wi-Fi hotspot accessible from the cabin of the aircraft. This in-cabin network may also be used to provide in-flight entertainment services ranging from television network feeds to movies and canned TV shows available from an on-board media server connected to the network. In the U.S., the Internet connectivity is available when the aircraft is above 10,000 feet and is turned off during take-offs and landings. Gogo, the current market leader, provides connectivity to aircraft via a network of 250 dedicated cell towers that it has built nationwide. Fundamentally, it offers the same type of connectivity you would expect to see on a standard 3G-capable phone. The connection is limited in speed to just over 3 Mbps — and all users on the plane share this one connection.'"

CowboyRobot writes "A new targeted attack campaign with apparent Korean ties has been stealing email and Facebook credentials and other user-profile information from Russian telecommunications, IT, and space research organizations. The attackers are grabbing email user accounts and passwords from Outlook, as well as information about the victims' email server."

CowboyRobot writes "Dr. Dobb's has an editorial on the problem of using return values and exceptions to handle errors. Quoting: 'But return values, even in the refined form found in Go, have a drawback that we've become so used to we tend to see past it: Code is cluttered with error-checking routines. Exceptions here provide greater readability: Within a single try block, I can see the various steps clearly, and skip over the various exception remedies in the catch statements. The error-handling clutter is in part moved to the end of the code thread. But even in exception-based languages there is still a lot of code that tests returned values to determine whether to carry on or go down some error-handling path. In this regard, I have long felt that language designers have been remarkably unimaginative. How can it be that after 60+ years of language development, errors are handled by only two comparatively verbose and crude options, return values or exceptions? I've long felt we needed a third option.'"

CowboyRobot writes "The ACM has an article describing the history and present of the Great Firewall of China (GFW). 'Essentially, GFW is a government-controlled attacking system, launching attacks that interfere with legitimate communications and affecting many more victims than malicious actors. Using special techniques, it successfully blocks the majority of Chinese Internet users from accessing most of the Web sites or information that the government doesn't like. GFW is not perfect, however. Some Chinese technical professionals can bypass it with a variety of methods and/or tools. An arms race between censorship and circumvention has been going on for years, and GFW has caused collateral damage along the way.'"

CowboyRobot writes with the (not unexpected) official U.S. denial of using the Flame malware to spy on France. From the article: "That allegation was leveled at the U.S. government by unnamed French officials, according to a Tuesday report in the weekly French newspaper L'Express. It reported that computers belonging to top advisers to then French president Nicolas Sarkozy had been hacked using the Flame cyberespionage malware, which was designed to be used in highly targeted attacks... Napolitano was also asked if it wasn't ironic that while the United States has been sounding alarms over the growing amount of malware that's targeting U.S. government system, it also commissioning the Stuxnet and Flame cyber-espionage malware used against Iran. Napolitano, however, pled official ignorance. 'These programs were never attributed in any way to the U.S. government.'"

CowboyRobot writes "While many mobile payments startups are using both traditional and nontraditional authentication methods, regulatory uncertainty still exists around liability for fraud attacks on customers using mobile payments. Although there haven't been any public attacks from fraudsters on alternative mobile payments providers such as Square, LevelUp or Dwolla, anecdotal stories are already circulating among security experts and regulators of such attacks. One thing that still has to be worked out in this area is regulatory oversight. 'The regulators are not yet clear who owns the regulatory oversight for these environments. These technologies tend to fall through the cracks even in terms of card-present or card-not-present.'"

CowboyRobot writes "Adobe today confirmed that one of its databases has been breached by a hacker and that it had temporarily taken offline the affected Connectusers.com website. The hacker, who also goes by Adam Hima, told Dark Reading that the server he attacked was the Connectusers.com Web server, and that he exploited a SQL injection flaw to execute the attack. 'It was an SQL Injection vulnerability, somehow I was able to dump the database in less requests than normal people do,' he says. Users passwords for the Adobe Connectusers site were stored and hashed with MD5, he says, which made them 'easy to crack' with freely available tools. And Adobe wasn't using WAFs on the servers, he notes. Tal Beery, a security researcher at Imperva, analyzed the data dump in the Connectusers Pastebin post and found that the list appears to be valid and that the hacked database was relatively old."

CowboyRobot writes "A pair of reports by Juniper and Bit9 confirm the suspicion that many apps are spying on users. '26 percent of Android apps in Google Play can access personal data, such as contacts and email, and 42 percent, GPS location data... 31 percent of the apps access phone calls or phone numbers, and 9 percent employ permissions that could cost the user money, such as incurring premium SMS text message charges... nearly 7 percent of free apps can access address books, 2.6 percent, can send text messages without the user knowing, 6.4 percent can make calls, and 5.5 percent have access to the device's camera.' The main issue seems to be with poor development practices. Only in a minority of cases is there malicious intent. The Juniper report and the Bit9 report are both available online."

CowboyRobot writes "As budgets are pinched by reduced tax collection, many U.S. states are facing a possibility of not being able to handle the ever-increasing number of data breaches. 70% of state chief information security officers (CISOs) reported a data breach this year, each of which can cost up to $5M in some states. 'Cybersecurity accounts for about 1 to 2 percent of the overall IT budget in state agencies. ... 82 percent of the state CISOs point to phishing and pharming as the top threats to their agencies, a threat they say will continue in 2013, followed by social engineering, increasingly sophisticated malware threats, and mobile devices.' The full 2012 Deloitte-National Association of State Chief Information Officers (NASCIO) Cybersecurity Study is available online (PDF)."

CowboyRobot writes "The story begins when GunnAllen, a financial company, outsourced all of its IT to The Revere Group. Before long, it was discovered that 'A senior network engineer had disabled the company's WatchGuard firewalls and routed all of the broker-dealer's IP traffic--including trades and VoIP calls--through his home cable modem.' In addition to the obvious security concerns of sending information such as bank routing information and driver's license numbers, the act violated SEC rules because the routed information was not being logged. Regardless of whether the cause was negligence, incompetence, or sabotage, the matter was swept under the rug for a time until unpaid SQL Server licenses meant threatening calls from Microsoft as well. The rest of the story is one of greed, mismanagement, and neglect, and ends with the SEC's first-ever fine for failure to protect customer data."

CowboyRobot writes "'UML too complex? Flowcharts too old school? Mind maps offer a simple way to capture designs and weave them together elegantly.' The quickest way to begin designing a program is to simply write down the steps in normal text, but this method breaks down with more complex projects. UML can be a useful format for larger projects but can be difficult to get right, especially when trying to use it with a less conventional project. The middle ground are 'Mind Maps,' 'a diagrammatic representation of loosely connected ideas. They are a central tool in brainstorming sessions. Mind map tools help capture ideas and then mush them around until you have the structure you want.'"

CowboyRobot writes "Security expert Mikko Hypponen talks about his experience at F-Secure, including adventures such as flying to Lahore to interview the creators of 'Brain,' one of the early computer viruses that was spread manually on floppy disks. But while the early virus creators were just trying to have fun and learn, modern malware makers are motivated only by money. 'But there's a misconception that they all necessarily make a lot of money. There's a hierarchy of workers, with some just making a few hundred dollars to $1,000 doing the dirty work of the more experienced online criminals who make the real money.'"

CowboyRobot writes "Dr. Dobb's reviews an alternative to Google Glass and goes through the steps of coding your own Android-based Heads-Up Display. 'By tucking their 428x240 pixel WQVGA heads-up display in the lower right corner of ski goggles, Recon has effectively created an unobtrusive HUD with a decent 600 MHz ARM Cortex A8 processor running Android 2.3.3 (Eclair). Network connections can be made via a Bluetooth-paired Android smartphone.'"

CowboyRobot writes "Spyware is no longer the primary concern with unwanted software on mobile devices. According to mobile security firm Lookout, most mobile malware performs 'toll fraud' — billing victims using premium SMS services. The problem is very geographically-dependent, worst in areas with weak SMS regulation, particularly China, Ukraine, and Russia, where users are 10,000 times more likely to have malware on their phones than users in Japan, for example. Other risks include mobile ads surreptitiously uploading personal data, as well as apps that download other malware without users knowing. The full report is available."

CowboyRobot writes "Is full disk encryption (FDE) worth it? A recent study conducted by the Ponemon Institute shows that the expected benefits of FDE exceed cost by a factor ranging from 4 to 20, based on a reduction in the probability that data will be compromised as the result of the loss or theft of a digital device. 'After doing all of the math, Ponemon found that the cost of FDE on laptop and desktop computers in the U.S. per year was $235, while the cost savings from reduced data breach exposure was $4,650.'"

CowboyRobot writes "Although not as lucrative as video games or movies, Gartner projects the software application development industry will pass the US$9 Billion mark this year. They credit 'evolving software delivery models, new development methodologies, emerging mobile application development, and open source software.' Also in the report is a projection that 'mobile application development projects targeting smartphones and tablets will outnumber native PC projects by a ratio of 4:1 by 2015.'"

CowboyRobot writes "Last week, a bug in high-frequency trading software from Knight Capital Group resulted in erroneous trades costing almost a half-billion dollars. So, what went wrong and how can they, or any other software developer, prevent something similar from happening again? In hindsight, it's clear that the developers did not verify the code under enough conditions. But the real issue is how these high-frequency trades work in the first place. Robert Dewar at Dr. Dobb's suggests the financial industry needs to take a page from the avionics rulebook, which has very strict guidelines about what code can be implemented due to the high cost of failure in that field. 'High-frequency automated trading is not avionics flight control, but the aviation industry has demonstrated that safe, reliable real-time software is possible, practical, and necessary. It requires appropriate development technology and processes as well as a culture that thinks in terms of safety (or reliability) first. That is the real lesson to be learned from last week's incident. It doesn't come for free, but it certainly costs less than $440M.'"

CowboyRobot writes "Intuit launched QuickBooks in 1992, and it has grown into the best-selling retail software for small-business accounting worldwide. QuickBooks is available on multiple platforms with different feature sets (Pro, Premier, Enterprise), in specialized editions (accounting, contracting, etc.), is available on CD or via subscription, and is offered in localized versions for the U.S., Canada, and the U.K. How they manage so many builds is a case-study for large scale programming. 'The Windows version is about 80,000 source files, 10+ million lines of C++ code plus a little C# for the .NET parts. Plus help files, tax tables, files defining local accounting rules, tax and other government reporting forms, upgrade offers — a lot of files. Every customer gets the full version. Specific feature sets are turned on and off with the license key.' And the lessons are not just technical. 'One surprising lesson is that small teams work, even for very large codebases — especially, Burt says, in sustaining an entrepreneurial, creative culture.'"

CowboyRobot writes "Informatica64, a security research group, demonstrated the use of cached JavaScript to control computers connecting to a malicious proxy. 'The researchers found a variety of low-level criminals using their proxy server: fraudsters posing as British immigration officials offering work permits in hopes of stealing money and sensitive documents from their victims; a man pretending to be a pretty woman on a number of dating sites to con victims into sending money for a plane ticket; and another fraudster selling nonexistent Yorkshire Terriers.'"

CowboyRobot writes "It's that time of year again, and Dr. Dobb's has posted the results of their survey of salaries of 3,500 developers and managers. 'While many salaries are flat, they are increasing overall, except for some heavily disfavored niches.'"

CowboyRobot writes with news on the FY2013 allocation of H-1B visas. From the article: "As of June 1, the government had issued 55,600 standard H-1B visas out of the annual allotment of 65,000, according to United States Immigration and Citizenship Services (USCIS). The feds also issued 18,700 H-1B visas reserved for graduates of advanced degree programs in the U.S., out of 20,000. " CowboyRobot continues, "Last year work visas did not run out until late November, but this year the pool of visas is almost entirely claimed and it's still only June. One interpretation of this is that the tech industry is hiring much more actively than it was a year ago. Some companies, such as Microsoft, have been lobbying to increase the number of available visas (currently limited to 65,000) while others argue that offering visas to foreign workers reduces job prospects for Americans." A bit more from the article: "Industry lobby group Partnership for A New American Economy last month released a study that claims the U.S. will face a shortage of 224,000 tech workers by 2018 unless immigration rules are loosened."

CowboyRobot writes "Following yesterday's post about Poul-Henning Kamp no longer supporting md5crypt, the author has a new column at the ACM where he details all the ways that LinkedIn failed, specifically related to how they failed to 'salt' their passwords, making them that much easier to crack. 'On a system with many users, the chances that some of them have chosen the same password are pretty good. Humans are notoriously lousy at selecting good passwords. For the evil attacker, that means all users who have the same hashed password in the database have chosen the same password, so it is probably not a very good one, and the attacker can target that with a brute force attempt.'"

CowboyRobot writes "Opening with the line, 'To me, a personal computer should be small, reliable, convenient to use and inexpensive,' Steve Wozniak gave his system description of the Apple-II in the May, 1977 issue of BYTE. It's instructive to read what was worth bragging about back then (PDF), such as integral graphics: 'A key part of the Apple-II design is an integral video display generator which directly accesses the system's programmable memory. Screen formatting and cursor controls are realized in my design in the form of about 200 bytes of read only memory.' And it shows what the limitations were in those days, 'While writing Apple BASIC, I ran into the problem of manipulating the 16 bit pointer data and its arithmetic in an 8 bit machine. My solution to this problem of handling 16 bit data, notably pointers, with an 8 bit microprocessor was to implement a nonexistent 16 bit processor in software, interpreter fashion.'"

CowboyRobot writes "Ward Cunningham developed the first wiki, wrote the Fit test framework, is the co-inventor of CRC cards, and is now promoting the concept of technical debt. He recently won the Dr. Dobb's Excellence in Programming Award and was interviewed by that publication. 'The creator of the Wiki dishes on the Wiki, Wikipedia's policies, OO design, technical debt, CoffeeScript and Perl, how to survive as a veteran programmer, and doing the simplest thing that could possibly work.' Cunningham is given the chance to explain his philosophy of coding: 'I like the picture and I like the look of the code. It's only 40 lines, but every line carried some careful thought. There was a learning curve there that surprised me because the programs looked short. The most rewarding work I've done this year is digging through that code and understanding what it does and understanding what it didn't do, and how to approach the problem.'"

CowboyRobot writes "Two researchers have created a system that aggregates thousands of photos from around the Web and integrates them into single images. One application is creating maps by taking the GPS coordinates of photos taken from a collection. Another is creating 3D models of historical buildings by automatically pasting together tourists' photos taken from different angles. 'The challenge is that online data sets are largely unstructured and thus require sophisticated algorithms that can organize and extract meaning from noisy data. In our case, this involves developing automated techniques that can find patterns across millions of images.'"

CowboyRobot writes "A new top-level domain (TLD) in the works for the Internet will bake security in from the outset: The .secure domain will require fully encrypted HTTPS sessions and a comprehensive vetting process for websites and their operators. If the new domain takes off, it could shift the way Web domains are secured. ICANN is expected to sign off on .secure, and for the new TLD to be up and running June or July 2013."

CowboyRobot writes "Growing up, many of our teachers used gamification techniques such as a gold star sticker on a test (essentially a badge) or a public display of which students had completed a set of readings (leaderboard). These were intended to motivate students to strive to do better. Now, these techniques are increasingly common in the workplace where the parallel with computer games is more intentional. A report by Gartner predicts that 'by 2015, 50% of organizations that manage innovation processes will gamify those processes.' One example would be assigning badges for submitting work on time, another would be having a leaderboard in an office to show who completed a training module first. The idea of using game mechanics in work or study environments is not new, but its ubiquity is. Educators can discuss how effective gamification is in classrooms, but how useful is it as a motivator in the workplace?"

CowboyRobot writes "We all can see that the Internet is getting slower. According to researchers, the cause is persistently full buffers, and the problem is only made worse by the increasing availability of cheap memory, which is then immediately filled with buffered data. The metaphor is grocery store checkout lines: a cramped system where one individual task can block many other tasks waiting in line. But you can avoid the worst problems by having someone actively managing the checkout queues, and this is the solution for bufferbloat as well: AQM (Active Queue Management). However, AQM (and the metaphor) break down in the modern age when Queues are long and implementation is not quite so straightforward. Kathleen Nichols at Pollere and Van Jacobson at Parc have a new solution that they call CoDel (Controlled Delay), which has several features that distinguish it from other AQM systems. 'A modern AQM is just one piece of the solution to bufferbloat. Concatenated queues are common in packet communications with the bottleneck queue often invisible to users and many network engineers. A full solution has to include raising awareness so that the relevant vendors are both empowered and given incentive to market devices with buffer management.'"

CowboyRobot writes "Space junk has increased to the point where pieces of it are colliding and breaking into smaller pieces. The problem is now so bad that NASA has had to modify the design of satellites to protect them from flying debris. The Defense Advanced Research Projects Agency (DARPA) wants to turn disabled satellites and their components, including antennas and solar arrays, into functioning systems. They are hosting a conference on June 26 to explore how to build 'refurbished' satellites from already-orbiting material for less than what it would cost to build them from scratch and launch them from the surface of the Earth."

CowboyRobot writes "Last year, a Nigerian man boarded a plane from N.Y. to L.A. using an invalid ID and a boarding pass issued to another person. A week later he was caught again with 10 expired boarding passes. In response to this and similar events, the Transportation Security Administration has begun testing a new system at Washington's Dulles International Airport that verifies an air traveler's identity by matching photo IDs to boarding passes and ensures that boarding passes are authentic. The test will soon be expanded to Houston and Puerto Rico."

CowboyRobot writes "For decades, rapid increases in storage, processor speed, and bandwidth have kept up with the enormous increases in computer usage. That could change however, as consumption finally outpaces the supply of these resources. It is instructive to review the 19th-century Economics theory known as Jevons Paradox. Common sense suggests that as efficiencies rise in the use of a resource, the consumption goes down. Jevons Paradox posits that efficiencies actually drive up usage, and we're already seeing examples of this: our computers are faster than ever and we have more bandwidth than ever, yet our machines are often slow and have trouble connecting. The more we have, the even more we use."

CowboyRobot writes "Thomas Claburn at Information Week opines that Google's Chrome OS is actually morphing into the Windows-style os that it intended to make obsolete. There's still room to grow, and here are his suggestions for how to make it better: Get better hardware, Include a Web-based IDE, Support local storage, Allow offline apps. 'When Chrome OS was launched in 2010, Google SVP of Chrome and apps Sundar Pichai declared, "Chrome OS is nothing but the Web." Now, if you peer behind the browser pane, it's clear that Chrome OS is looking beyond the Web. It's not a complete repudiation of Google's bet on the appeal of a thin-client system that keeps user data in the cloud. But it is a concession to the realities of a market that's more comfortable with the familiar desktop metaphor.'"

CowboyRobot writes "Stanford's CPU DB project (cpudb.stanford.edu) is like an open IMDB for microprocessors. Processors have come a long way from the Intel 4004 in 1971, with a clock speed of 740KHz, and CPU DB shows the details of where and when the gains have occured. More importantly, by looking at hundreds of processors over decades, researchers are able to separate the effect of technology scaling from improvements in say, software. The public is encouraged to contribute to the project."