Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
Tech Giant SAP Seeks To Hire More Autistic Adults (cio.com)
itwbennett writes: In May 2013, SAP launched its Autism at Work program, with the goal of recruiting and hiring 'hundreds of people' with autism worldwide. Now the company is expanding the program, and is looking to have people on the autism spectrum make up 1 percent of its total workforce (~650 people) by 2020, says José Velasco, head of the Autism at Work program at SAP. So far, autistic workers fulfill all kinds of roles in IT — from software testing, data analysis, quality assurance to IT project management, graphic design, finance administration and human resources, Velasco says, and the potential for new roles is expanding rapidly. -
Alleged Bitcoin Creator Raided By Australian Authorities (arstechnica.com)
wbr1 writes: As reported yesterday, Wired and Gizmodo think Bitcoin inventor Satoshi Nakamoto is actually Australian businessman Craig Wright
Now, Craig Wright has been raided by Australian police. Curiously, a statement from the Australian federal police said that the raids were not related to the recent Bitcoin revelation. "The AFP can confirm it has conducted search warrants to assist the Australian Taxation Office at a residence in Gordon and a business premises in Ryde, Sydney. This matter is unrelated to recent media reporting regarding the digital currency bitcoin." Supposedly not related, but interesting nonetheless.
Reuters adds,"At Wright's rented home, a modest brick house in the leafy middle class suburb of Gordon, three police workers wearing white gloves could be seen searching the garage, which contained gym equipment. A man who identified himself as the owner of the house, Garry Hayres, told Reuters that Wright and his family had lived there for a year, and were due to move out on Dec. 22 to move to Britain. Hayres said that Wright had a 'substantial computer system set-up' and had attached a 'three-phase' power system to the back of the house for extra power." -
Yahoo To Spin Off Everything That Makes It Yahoo (nytimes.com)
An anonymous reader writes: Yahoo has confirmed reports from last week by saying it plans to spin off all of its assets aside from its $31 billion stake in Chinese e-commerce company Alibaba. "In the reverse spin off, Yahoo's assets and liabilities other than the Alibaba stake would be transferred to a newly formed company, the stock of which would be distributed pro rata to Yahoo shareholders resulting in two separate publicly-traded companies." Their decision was spurred by how stock market traders were weighing the tax risk of spinning off the most valuable part of the company.
The article notes that this probably means trouble for CEO Marissa Mayer: "Ms. Mayer, who was hired in 2012 to turn around Yahoo, had planned to spin off the company's 15 percent stake in Alibaba, bundled with a small-business services unit, into a new company called Aabaco. She then planned to focus on improving the company's core business, the sale of advertising that is shown to the roughly one billion users of Yahoo's apps and websites. Ms. Mayer is now effectively back to square one. Yahoo's core Internet operations are struggling, even though the chief executive has made dozens of acquisitions, added original video and magazine-style content, and released new apps." -
In Kazakhstan, the Internet Backdoors You (csoonline.com)
itwbennett writes: Kazakhstan passed a law that would require citizens to install a certificate on their personal computers and mobile devices that would allow the government to snoop and capture web traffic, passwords, financial details. Telecom.kz posted the news to their website on November 30, but by December 4 the press release had been removed from the website. This is just the latest example of government overreaching. Recently we've seen the Turkish government attempt to block access to social media sites. And let's not forget Thailand's attempt to roll out their own man-in-the-middle implementation. -
Microsoft Will Resume Pushing Windows 10 To Machines With Win7, 8.1 (computerworld.com)
LichtSpektren writes: After previously apologizing on October 16th for forcing Windows 10 on some users of Windows 7 and 8.1 via the Windows Update mechanism, Microsoft disabled the default update option for Windows 10, so that users eligible for the new OS would have to opt in manually. Gregg Keizer at ComputerWorld reports today that Microsoft will soon switch the default option back to "on" again, possibly as early as tomorrow's "Patch Tuesday" update. Users who do not want Windows 10 are strongly advised to turn off automatic updating to avoid accidentally installing the OS. -
TAG Heuer Increasing Weekly Production To Meet Demand For Its Smartwatch (slashgear.com)
An anonymous reader writes: According to reports TAG Heuer is struggling to keep up with the high demand for its $1,500 TAG Heuer Connected Android Wear-powered smartwatch. Since its launch in November the company has sold about 100,000 units and plans to crank up production to 2,000 units per week. According to Slashgear: "Jean-Claude Biver, the CEO of Tag Heuer shares that more smartwatch models from the company will be unveiled at the end 2016 or early 2017 – with options of new materials and diamonds. Being the genius that revived brands such as Blancpain and Hublot, Biver has positioned Tag Heuer as the first luxury watchmaker that enters smartwatch business with a 'big bang' and ready to use large eco-system courtesy of Android Wear." -
Cygnus Launches In First Mission Since Antares Rocket Explosion (arstechnica.com)
An anonymous reader writes: An Atlas V rocket carrying a Cygnus cargo spacecraft to resupply the International Space Station has lifted off from Cape Canaveral. This is the first flight of the Cygnus since the previous spacecraft was destroyed during an Antares rocket explosion in 2014. Ars reports: "Sunday's successful launch was the fourth attempt this week to get CRS Orb-4 into space. Three previous launch attempts—one per day since Thursday—were scrubbed due to foul weather at Cape Canaveral. The CRS-4 Cygnus capsule is currently en route to the ISS, carrying about 7300 pounds (about 3300kg) of food, hardware, and scientific equipment for the Expedition 44 crew on board the ISS (which includes US astronaut Scott Kelly, who is more than halfway through a year-long stay aboard the station)." -
Zuckerberg Answers Critics of His Move To Give Away His Facebook Stock (facebook.com)
An anonymous reader writes: Mark Zuckerberg's announcement that he and his wife are giving away $45 billion worth of Facebook stock garnered a lot of praise and a fair bit of criticism. The Facebook CEO answered some of the apprehension in a post that reads in part: "By using an LLC instead of a traditional foundation, we receive no tax benefit from transferring our shares to the Chan Zuckerberg Initiative, but we gain flexibility to execute our mission more effectively. Just like everyone else, we will pay capital gains taxes when our shares are sold by the LLC." -
California Attack Has US Rethinking Strategy On Homegrown Terror (nytimes.com)
JoeyRox writes: The recent terror attack in California reflects "an evolution of the terrorist threat that Mr. Obama and federal officials have long dreaded: homegrown, self-radicalized individuals operating undetected before striking one of many soft targets that can never be fully protected in a country as sprawling as the United States." With this new type of terror risk, authorities may begin relying more heavily on citizens reporting suspicious behavior of others. The attack is also expected to renew the debate over privacy versus security for software encryption. President Obama will be addressing the nation tonight to discuss the attack. -
Porsche Is Building a Tesla Competitor (bloomberg.com)
An anonymous reader writes: Back in September, Porsche unveiled a prototype for an electric vehicle. They were trying to gauge interest and figure out if they have the technical know-how to build one. Now, they've made the decision: Porsche's "Mission E" project will put an all-electric vehicle on showrooms by the end of the decade. Wolfgang Porsche said, "With Mission E, we are making a clear statement about the future of the brand." This is a reference, of course, to Porsche's parent company, Volkswagen, which has been in trouble for tampering with emissions standards recently. -
New Software Puts License Plate Scanners Into Citizens' Hands (arstechnica.com)
An anonymous reader writes: Automated license plate readers have become a serious point of contention between law enforcement and privacy-minded citizens. But the advance of technology might make it a moot point — with some open source software and a cheap webcam, anyone can now start cataloging the cars visiting their street. A two-man team developed OpenALPR and started distributing it for free, along with the source code. Law enforcement and the agencies that build their plate scanners have argued in favor of the legality of such data collection, so it's not like they can suddenly start cracking down on private citizens doing the same. "An enterprising person could even use a car-mounted camera and create a mobile plate hunting device along the lines of what many police agencies already use." Is this particular privacy fight one that's still winnable? -
Nokia Completes Sale of HERE Mapping Services (yle.fi)
jones_supa writes: Nokia announced on Friday that it has completed the sale of its HERE digital mapping and location services business to a group of German car manufacturers made up of Audi, BMW and Daimler. The deal, which was announced in August, valued HERE at €2.8B. Based on the current estimates, Nokia banked net proceeds of €2.55B at closing, which was consistent with its earlier estimated net proceeds. The company expects to earn a profit of about €1B. The cash could come in handy during the first quarter of next year as Nokia shells out €15.6B to finalize its purchase of the French telecom giant Alcatel-Lucent. The Finnish company's shareholders rubber-stamped that deal during an extraordinary general meeting at Helsinki Ice Hall on Wednesday. -
Copyright Troll's Property Seized To Pay Bankruptcy Debts (ktetch.co.uk)
ktetch-pirate writes: Copyright troll firm Prenda may be gone, but one of its principals — Paul Hansmeier — is starting to feel Karma's burn. In a bankruptcy hearing on the 3rd, Judge Sanberg ordered it converted to Chapter 7, requiring assets be seized and liquidated to pay the 2.5M+ in debts including judgments from courts around the country, as well as proceeds from the sale of Hansmeier's 1.2M condo in Minnesota. She justified it by saying he had a practice of deceiving the courts with his extortionate schemes. -
Copyright Troll's Property Seized To Pay Bankruptcy Debts (ktetch.co.uk)
ktetch-pirate writes: Copyright troll firm Prenda may be gone, but one of its principals — Paul Hansmeier — is starting to feel Karma's burn. In a bankruptcy hearing on the 3rd, Judge Sanberg ordered it converted to Chapter 7, requiring assets be seized and liquidated to pay the 2.5M+ in debts including judgments from courts around the country, as well as proceeds from the sale of Hansmeier's 1.2M condo in Minnesota. She justified it by saying he had a practice of deceiving the courts with his extortionate schemes. -
Copyright Troll's Property Seized To Pay Bankruptcy Debts (ktetch.co.uk)
ktetch-pirate writes: Copyright troll firm Prenda may be gone, but one of its principals — Paul Hansmeier — is starting to feel Karma's burn. In a bankruptcy hearing on the 3rd, Judge Sanberg ordered it converted to Chapter 7, requiring assets be seized and liquidated to pay the 2.5M+ in debts including judgments from courts around the country, as well as proceeds from the sale of Hansmeier's 1.2M condo in Minnesota. She justified it by saying he had a practice of deceiving the courts with his extortionate schemes. -
No More Security Fixes For Older OpenSSL Branches (csoonline.com)
itwbennett writes: The OpenSSL Software Foundation has released new patches for the popular open-source cryptographic library, but for two of its older branches, OpenSSL 1.0.0t and 0.9.8zh, they will likely be the last security updates because support for these these two branches will end on Dec. 31. Previous research has shown that many companies using in-house built software keep poor records of which library versions their developers used in which of their applications. 'This makes it very likely that some systems and applications with OpenSSL 0.9.8 and 1.0.0 will never be updated, leaving them exposed to any critical vulnerabilities found in the library in the future,' writes Lucian Constantin. -
Mozilla Ends the Advertisements In Firefox's New Tab Tiles (mozilla.org)
An anonymous reader writes: For some time, Mozilla has been experimenting with advertisements in the "suggested tiles" on new Firefox tabs. They received a lot of criticism from the community for it, and now (using linguistic gymnastics), Mozilla has decided to end that experiment. They say, "We experimented with all content – including advertising. We proved that advertising can be done well while respecting users. We have learned a ton along the way. Our learnings show that users want content that is relevant, exciting and engaging. We want to deliver that type of content experience to our users, and we know that it will take focus and effort to do that right. We have therefore made the decision to stop advertising in Firefox through the Tiles experiment in order to focus on content discovery. We want to thank all the partners who have worked with us on Tiles. Naturally, we will fulfill our current commitments as we wind down this experiment over the next few months." -
The Top Programming Languages That Spawn the Most Security Bugs (softpedia.com)
An anonymous reader writes: Veracode has put together a report after static analysis of over 200,000 apps, and its results show that Classic ASP, ColdFusion, and PHP generated the most security bugs in scanned applications. Ignoring the first two, which are almost extinct languages, PHP, used for Drupal, Joomla, and WordPress (which recently announced it runs a quarter of the Internet) is the programming language with the most security woes. -
Controversial Experiment Sees No Evidence That the Universe Is a Hologram (sciencemag.org)
sciencehabit writes in with bad news for Holographic Universe fans. From Sciencemag: "It's a classic underdog story: Working in a disused tunnel with a couple of lasers and a few mirrors, a plucky band of physicists dreamed up a way to test one of the wildest ideas in theoretical physics--a notion from the nearly inscrutable realm of "string theory" that our universe may be like an enormous hologram. However, science doesn't indulge sentimental favorites. After years of probing the fabric of spacetime for a signal of the "holographic principle," researchers at Fermi National Accelerator Laboratory (Fermilab) in Batavia, Illinois have come up empty, as they will report tomorrow at the lab. -
Ballmer: Microsoft Mobile Should Focus On Android Apps Not Universal Apps (theverge.com)
UnknowingFool writes: Former CEO Steve Ballmer had some strong opinions about the direction of Microsoft's mobile strategy. As reported last month, Microsoft's Project Astoria has not been received well and is not going well. The strategy is to help build Windows 10 apps by making universal apps via easy porting from Android. Ballmer questions its effectiveness. "That won't work," he said. Instead he suggested that Windows phones should "run Android apps." This is a dramatic departure from the Microsoft-only focus that Ballmer championed during his tenure as CEO. -
IT Worker Fired After Massive Georgia Data Breach Speaks Out (ajc.com)
McGruber writes: On November 17, two Georgia women filed a class action lawsuit alleging that Georgia Secretary of State Brian Kemp had released the Social Security numbers, birthdates, Drivers License numbers and other private information of all registered voters in Georgia. After the lawsuit was filed, Secretary Kemp posted an official notice of the breach on his website as required by Georgia state law.
Secretary Kemp also sent a private letter to Georgia lawmakers describing how the breach happened. In the letter, obtained by The Atlanta Journal-Constitution, Kemp said his office learned of the foul-up on Nov. 13 — four days before any public acknowledgment of the problem. In that private letter to Georgia lawmakers, Kemp also stated that he fired the IT worker who had inadvertently added the personal data including Social Security numbers and birth dates to the public statewide voter file.
Now that fired IT worker, longtime state programmer Gary Cooley, has told the Atlanta Journal Constitution newspaper that he did not actually have the security access necessary to add millions of Social Security numbers and birth dates to the data file that was released to the public. While Cooley does acknowledge a role in the gaffe, he also outlined a more complicated series of missteps and miscommunications both within Kemp's office and with PCC Technology Group, an outside vendor tasked with managing voter data for the state. -
Greener Colo: Service Providers Get Serious About Renewable Energy (datacenterfrontier.com)
1sockchuck writes: This week's Slashdot poll shows a strong preference for renewable energy to power data centers, with solar energy leading the pack. But until recently, only a few colocation providers have actually sourced renewable energy to support their facilities. A sign of progress is the commitment by Equinix, the world's largest colo provider, to shift to 100 percent renewable energy for the more than 100 data centers it operates across the world. The company is seeking to accomplish this through power purchase agreements and buying green power from utilities that offer it. Equinix is also testing both on-site solar arrays and fuel cells from Bloom Energy, which is slowly gaining traction in data centers. Although hyperscale cloud companies are sourcing more green energy, the Natural Resources Defense Council has targeted the multi-tenant data center sector as a source for huge potential gains in renewables. -
The FSF's Donald Robertson Talks About Secretive Trade Negotiations (Video)
Donald Robertson, is the Free Software Foundation (FSF) copyright administrator (and wearer of several other hats as well), so he's the FSF person to turn to when you want to discuss trade agreements, how they are negotiated, and how info on these (typically) secret) goings-on get leaked so that we can see what our negotiators are up to. And don't think, even for a second, that the TPP is the only trade agreement our government is working on, or necessarily the worst. After that, we learn how Don Robertson hooked up with the FSF and got what may be the best job in the world for an attorney who likes (and uses) GNU/Linux. (And for more, check out yesterday's interview with Mr. Robertson.) -
Google Calls Out EFF Over Claims That It Snoops On Students With Chromebooks (hothardware.com)
MojoKid writes: The Electronic Frontier Foundation (EFF) caused quite a stir this week when it alleged that Google is using its Chromebook platform, which has made a significant impact in education markets, to snoop on students. The charges were damning, with the EFF claiming that Google was violating its own corporate policies and using students' personally identifiable browsing data/habits to refine its services, in addition to sharing that data with partners. Obviously, Google would take such allegations seriously, and has thus responded to every claim brought forth by the EFF. "While we appreciate the EFF's focus on student data privacy, we are confident that our tools comply with both the law and our promises, including the Student Privacy Pledge..." said Jonathan Rochelle, the Director of Google Apps for Education. With respect to Google Apps for Education Core Services (GAFE), Rochelle asserts that all student data stored is "only used to provide the services themselves" and that student data isn't used for advertising purposes, nor are ads served to students. Rochelle also explains that personally identifiable data of students is removed, and only aggregated data of its millions of users is utilized to help improve its services. -
Wih Messenger Revamp, Yahoo Joins the 'Unsend' Trend (thestack.com)
An anonymous reader writes: Yahoo has announced a new version of its almost-mothballed Messenger app, which, in addition to new integration with Flickr and Tumblr images, now permits users to 'unsend' messages at any time, a facility which Viber added last week. The ability to erase sent communication has been a dream of business and personal users for many years, and if messaging eclipses email, it seems likely to become a reality. -
Wih Messenger Revamp, Yahoo Joins the 'Unsend' Trend (thestack.com)
An anonymous reader writes: Yahoo has announced a new version of its almost-mothballed Messenger app, which, in addition to new integration with Flickr and Tumblr images, now permits users to 'unsend' messages at any time, a facility which Viber added last week. The ability to erase sent communication has been a dream of business and personal users for many years, and if messaging eclipses email, it seems likely to become a reality. -
The Story of the CEO Paying Everyone $70k Gets Complicated
ranton writes: Dan Price, CEO of Gravity Payments, made news last April when he raised all employee salaries to at least $70,000. He claimed his motive was based on research that shows increased wages increase happiness up to about $75k per year. But according to a recent Bloomberg article this may have been a smoke screen. Karen Weise found Dan Price has been fighting with his co-founder Lucas Price over Dan's salary for years, and that his co-founder served him with a lawsuit weeks before the pay raises were announced. Apparently Dan had been paying himself nearly three times the salary of CEO's of similar sized companies in his industry, over the strong objection of his co-founder. The lawsuit was not officially filed until after the announcement, making it originally look like the pay rise caused the lawsuit. Now it appears to be the opposite. Since the lawsuit is trying to force the CEO to buy out his co-founder based on the CEO's prior greed, lowering the short term profitability of the company while boosting his positive PR seems to be a likely motive for the pay hike. -
Why the Raspberry Pi Zero Isn't a Practical Tool For Teaching Students (hackaday.com)
An anonymous reader writes: This article criticizes the Raspberry PI Foundation's new computer the Zero. It points out that the Foundation says the purpose of the new Pi is to reach students but with all the needed equipment and experience it is ill suited for students. From the Hackaday story: "For development you need to set up the Zero with a power supply, mini-HDMI to HDMI adapter, HDMI cable, the USB OTG cable, USB hub, a keyboard, and possibly a mouse. After some hours of work you’re ready to try the software in your device. The cables are all disconnected and the board connected to the device. Tests are run. You pull the Zero out and plug everything back together for further software work. That’s going to get old really fast so you get a second Zero so one can stay in the device. Now all you need to do is swap the SD card. If you’re going to do that, you don’t need a second Zero since you can use a Pi 2 and get the advantages of its higher speed in development. Alternatively, you can use the USB OTG with a WiFi dongle, copy files to the Zero’s SD, and restart or reboot the device. Over WiFi you can also use SSH or a remote console to monitor the device’s activities. How long did it take you to figure out all the cable connections in the second paragraph above? Do you think a student without a hacker friend will understand that? Remember, the goal is to reach students who don’t know computers." -
IRS: We Used Stingray Devices To Track 37 Phones (arstechnica.com)
An anonymous reader writes: In October, we discussed the troubling revelation that the U.S. Internal Revenue Service had its own stingray devices, which are commonly used by law enforcement to intercept phone signals and track criminal suspects. The IRS has now addressed these allegations (PDF), confirming that they do indeed have one of the devices, and are trying to get a second. The agency said it tracked 37 phones across 11 different grand jury investigations, and the devices were also used in four non-IRS investigations. They say, "IRS use of cell-site simulation technology is limited to the federal law enforcement arm of the IRS, our Criminal Investigation division. Only trained law enforcement agents have used cell-site simulation technology, carrying out criminal investigations in accordance with all appropriate federal and state judicial procedures." -
Air Asia Pilot Response Leads To Plane Crashing (wsj.com)
hcs_$reboot writes: The investigation took a year, but we finally know why Air Asia Flight QZ8501, en route to Singapore from the Indonesian city of Surabaya on December 28 last year, crashed into the Java Sea, killing all 162 people on board. The crash was caused by a combination of system malfunctions and improper pilot responses to cascading electrical and rudder-system problems. A cracked solder joint on the Airbus A320 resulted in an electrical interruption that caused computer-generated warnings of a rudder malfunction. The problem occurred four times during the flight. The first three times, the flight crew responded according to standard procedure, investigators said. The fourth time, however, the flight-data recorder indicated actions similar to those of circuit breakers being reset. That led the autopilot to disengage. Investigators said the crew was unable to react appropriately to "a prolonged stall condition," ending in the crash. The investigation points to weaknesses in pilot training in dealing with upsets, or when an aircraft is angled greater than 45 degrees. -
NSF Antes Up $200K For Spin-off of Microsoft-Funded 'Code Trip' TV Show
theodp writes: The Microsoft-sponsored PBS 'reality' show Code Trip, in which Roadtrip Nation and Microsoft YouthSpark partnered to send three students across the U.S. on a "transformative journey into computer science" is getting a spin-off. According to the National Science Foundation Award Abstract for a Computer Science Roadtrip (CS Roadtrip), $199,866.00 in funding has been awarded for a pilot project that began in October "to design and develop pilot materials for a Computer Science Roadtrip (CS Roadtrip)."
From the abstract: "Through this pilot project, Roadtrip Nation will lay the groundwork and provide proof-of-concept for a CS Roadtrip, leveraging a combination of multimedia deliverables, an evidence-based educational curriculum, and dynamic engagement strategies that will provide critical connections between students' natural interests, positive role models who align with those interests, and corresponding CS educational and career pathways. To that end, the CS Roadtrip Pilot will develop up to four student-facing videos that feature the stories of diverse computing professionals, appropriate for on-air, online, and classroom purposes, along with the appropriate Learning Guides."
The NSF study's Principal Investigator is Roadtrip Nation co-founder Mike Marriner, who explained his company's relationship with Microsoft in a July 30th press release, "Roadtrip Nation is proud to partner with Microsoft's YouthSpark initiative not only to inform others of the many career routes one can take with a computer science background, but also to engage in the much-needed conversation of diversifying the tech field with more pluralistic perspectives." -
NSF Antes Up $200K For Spin-off of Microsoft-Funded 'Code Trip' TV Show
theodp writes: The Microsoft-sponsored PBS 'reality' show Code Trip, in which Roadtrip Nation and Microsoft YouthSpark partnered to send three students across the U.S. on a "transformative journey into computer science" is getting a spin-off. According to the National Science Foundation Award Abstract for a Computer Science Roadtrip (CS Roadtrip), $199,866.00 in funding has been awarded for a pilot project that began in October "to design and develop pilot materials for a Computer Science Roadtrip (CS Roadtrip)."
From the abstract: "Through this pilot project, Roadtrip Nation will lay the groundwork and provide proof-of-concept for a CS Roadtrip, leveraging a combination of multimedia deliverables, an evidence-based educational curriculum, and dynamic engagement strategies that will provide critical connections between students' natural interests, positive role models who align with those interests, and corresponding CS educational and career pathways. To that end, the CS Roadtrip Pilot will develop up to four student-facing videos that feature the stories of diverse computing professionals, appropriate for on-air, online, and classroom purposes, along with the appropriate Learning Guides."
The NSF study's Principal Investigator is Roadtrip Nation co-founder Mike Marriner, who explained his company's relationship with Microsoft in a July 30th press release, "Roadtrip Nation is proud to partner with Microsoft's YouthSpark initiative not only to inform others of the many career routes one can take with a computer science background, but also to engage in the much-needed conversation of diversifying the tech field with more pluralistic perspectives." -
After Twenty Years of Flash, Adobe Kills the Name (thestack.com)
An anonymous reader writes: From January 2016, Adobe Flash will be renamed to 'Adobe Animate CC', killing one of the most unfortunate names in web security as the company pushes the product further and further to HTML5 output. Adobe's release about the update, which will form part of the annual Creative Cloud upgrade, states that a third of all material output from the program is now HTML5. The transitional HTML5 Adobe animation program Edge Animate will be replaced by the renamed Flash product. -
Revealed: What Info the FBI Can Collect With a National Security Letter
An anonymous reader writes with this lead from Help Net Security's story on a topic we've touched on here many times: the broad powers arrogated by the Federal government in the form of National Security Letters: On Monday, after winning an eleven-year legal battle, Nicholas Merrill can finally tell the public how the FBI has secretly construed its authority to issue National Security Letters (NSLs) to permit collection of vast amounts of private information on US citizens without a search warrant or any showing of probable cause. The PATRIOT Act vastly expanded the domestic reach of the NSL program, which allows the FBI to compel disclosure of information from online companies and forbid recipients from disclosing they have received an NSL. The FBI has refused to detail publicly the kinds of private data it believes it can obtain with an NSL. A key sentence from the same story: "Merrill is now able to reveal that the FBI believes it can force online companies to turn over the following information simply by sending an NSL demanding it: an individual’s complete web browsing history; the IP addresses of everyone a person has corresponded with; and records of all online purchases." Reader Advocatus Diaboli adds this, from The Intercept: One of the most striking revelations, Merrill said during a press teleconference, was that the FBI was requesting detailed cell site location information — cellphone tracking records — under the heading of "radius log" information. Traditionally, radius log refers to a user's attempts to connect to a server or a DSL line — a sort of anachronism given the progress of technology. "The notion that the government can collect cellphone location information — to turn your cellphone into a tracking device, just by signing a letter — is extremely troubling," Merrill said. -
Revealed: What Info the FBI Can Collect With a National Security Letter
An anonymous reader writes with this lead from Help Net Security's story on a topic we've touched on here many times: the broad powers arrogated by the Federal government in the form of National Security Letters: On Monday, after winning an eleven-year legal battle, Nicholas Merrill can finally tell the public how the FBI has secretly construed its authority to issue National Security Letters (NSLs) to permit collection of vast amounts of private information on US citizens without a search warrant or any showing of probable cause. The PATRIOT Act vastly expanded the domestic reach of the NSL program, which allows the FBI to compel disclosure of information from online companies and forbid recipients from disclosing they have received an NSL. The FBI has refused to detail publicly the kinds of private data it believes it can obtain with an NSL. A key sentence from the same story: "Merrill is now able to reveal that the FBI believes it can force online companies to turn over the following information simply by sending an NSL demanding it: an individual’s complete web browsing history; the IP addresses of everyone a person has corresponded with; and records of all online purchases." Reader Advocatus Diaboli adds this, from The Intercept: One of the most striking revelations, Merrill said during a press teleconference, was that the FBI was requesting detailed cell site location information — cellphone tracking records — under the heading of "radius log" information. Traditionally, radius log refers to a user's attempts to connect to a server or a DSL line — a sort of anachronism given the progress of technology. "The notion that the government can collect cellphone location information — to turn your cellphone into a tracking device, just by signing a letter — is extremely troubling," Merrill said. -
Revealed: What Info the FBI Can Collect With a National Security Letter
An anonymous reader writes with this lead from Help Net Security's story on a topic we've touched on here many times: the broad powers arrogated by the Federal government in the form of National Security Letters: On Monday, after winning an eleven-year legal battle, Nicholas Merrill can finally tell the public how the FBI has secretly construed its authority to issue National Security Letters (NSLs) to permit collection of vast amounts of private information on US citizens without a search warrant or any showing of probable cause. The PATRIOT Act vastly expanded the domestic reach of the NSL program, which allows the FBI to compel disclosure of information from online companies and forbid recipients from disclosing they have received an NSL. The FBI has refused to detail publicly the kinds of private data it believes it can obtain with an NSL. A key sentence from the same story: "Merrill is now able to reveal that the FBI believes it can force online companies to turn over the following information simply by sending an NSL demanding it: an individual’s complete web browsing history; the IP addresses of everyone a person has corresponded with; and records of all online purchases." Reader Advocatus Diaboli adds this, from The Intercept: One of the most striking revelations, Merrill said during a press teleconference, was that the FBI was requesting detailed cell site location information — cellphone tracking records — under the heading of "radius log" information. Traditionally, radius log refers to a user's attempts to connect to a server or a DSL line — a sort of anachronism given the progress of technology. "The notion that the government can collect cellphone location information — to turn your cellphone into a tracking device, just by signing a letter — is extremely troubling," Merrill said. -
Patton Oswalt Recruited For New MST3K Cast (cnet.com)
An anonymous reader writes: Joel Hodgson has announced that actor and comedian Patton Oswalt will join the MST3K cast as "TV's Son of TV's Frank". "I first became aware of Patton around fourteen years ago, when he was doing commentary for the MTV Awards — live in the room during the event!" Hodgson wrote on the Kickstarter page. "I realized right away he was a kindred spirit, and damn funny too," Hodgson added. "Since then, obviously, he's bloomed into this amazing comedy/Internet dynamo. I've seen a lot of stand-ups over the years, but Patton really is one of the best ever. And just as important, he's a very fun, articulate and witty soul — just the kind of person who we've always tried to bring onboard for MST3K." Comedian Jonah Ray and actor Felicia Day are also on board for the potentially record breaking relaunch. -
Italy Invests 150 Million Euros In Surveillance, With Emphasis On PS4 Chats (thestack.com)
An anonymous reader sends word that Italy will spend 150 million Euros on reforming information and security services. Part of this reform will be monitoring communication among users of the "chat" feature on PlayStation 4. The Stack reports: "Italian Minister of Justice Andrea Orlando has revealed that Italy is spending 150 million euros ($157mn) on new technology and staff to improve surveillance capabilities, and emphasized that the 'new instruments' (it's not clear whether this means new technology or new requisitions) will also target the Sony PlayStation network which fell under suspicion as a possible forum of organization for the Paris attacks (though no evidence was found to support this)." -
HTTP/2.0 Opens Every New Connection It Makes With the Word 'PRISM' (jgc.org)
An anonymous reader writes: British programmer and writer John Graham-Cumming has spotted what appears to be a 'code-protest' in the next generation of the hypertext protocol. Each new connection forged by the HTTP/2.0 protocol spells out the word 'PRISM' obliquely, though the word itself is obscured to the casual observer by coded returns and line-breaks. Work on the hidden message in HTTP/2.0 seems to date back to nine days after the Snowden revelations broke, with the final commit completed by July of 2013. In July 2013 one of the protocol's architects appealed to the development group to reconsider design principles in the light of the revelations about the NSA's worldwide surveillance program. -
VTech Hack Gets Worse: Chat Logs, Kids' Photos Taken In Breach (vice.com)
An anonymous reader writes: The VTech hack just got a little worse. Reports say that in addition to the 4.8 million records with parents' names, home addresses, passwords and the identities of 227k kids, the hackers also have hundreds of gigabytes worth of pictures and chat logs belonging to children. ZDNet reports: "Tens of thousands of pictures — many blank or duplicates — were thought to have been taken from from Kid Connect, an app that allows parents to use a smartphone app to talk to their children through a VTech tablet. Motherboard was able to verify a portion of the images, and the chat logs, which date as far back as late-2014. Details about the intrusion are not fully known yet. The hacker, who for now remains nameless, told Motherboard that the Hong Kong-based company 'left other sensitive data exposed on its servers.'" -
Book Review: Security Operations Center
benrothke writes: Large enterprises have numerous information security challenges. Aside from the external threats; there's the onslaught of security data from disparate systems, platforms and applications. Getting a handle on the security output from numerous point solutions (anti-virus, routers/switches, firewalls, IDS/IPS, ERP, access control, identity management, single sign on and others), often generating tens of millions of messages and alerts daily is not a trivial endeavor. As attacks becoming more frequent and sophisticated and with regulatory compliance issues placing an increasing burden, there needs to be a better way to manage all of this. Getting the raw hardware, software and people to create a SOC is not that difficult. The challenge, and it's a big challenge, is integrating those 3 components to ensure that a formal SOC can operate effectively. In Security Operations Center: Building, Operating, and Maintaining your SOC, authors Joseph Muniz, Gary McIntyre and Nadhem AlFardan have written an indispensable reference on the topic. The authors have significant SOC development experience, and provide the reader with a detailed plan on all the steps involved in creating a SOC. Keep reading for the rest of Ben's review. Security Operations Center: Building, Operating, and Maintaining your SOC author Joseph Muniz, Gary McIntyre, Nadhem AlFardan pages 448 publisher Cisco Press rating 10/10 reviewer Ben Rothke ISBN 978-0134052014 summary Indispensable guide for those designing and deploying a SOC As Mike Rothman notedabout managed services providers, and something that is relevant to a SOC, you should have no illusions about the amount of effort required to get a SOC up and running, or what it takes to keep one current and useful. Many organizations have neither the time nor the resources to implement a SOC, but do, and are then trapped on the hamster wheel of pain, reacting without sufficient visibility, but without time to invest in gaining that much-needed visibility into threats that the SOC had the potential to provide them with, had they done it right. Those considering deploying a SOC and not wanting to be in the hamster wheel of pain will need this book.
The authors have done a great job in covering every phase and many details required to build out a SOC. After going through the book, some readers will likely reconsider deploying an internal SOC given the difficulties and challenges involved. This is especially true since SOC design and deployment is something not many people have experience with.
The book is written for an organization that is serious about building an enterprise SOC. The authors spend much of the book focusing on the myriad requirements for creation of a SOC. They constantly reiterate about details that need to be determined before moving forward.
Chapter 4 on SOC strategy is important as the way in which a firm determines their strategy will affect every aspect of the outcome. The authors wisely note that an inadequate or inaccurate SOC strategy, and the ensuing capabilities assessment exercises would produce a SOC strategy that does not properly address the actual requirements of the organization.
Ultimately, failing to adequately plan and design is a guarantee for SOC failure. That in turn will affect and impact deployment timelines, budgets and cause frustration, dissatisfaction and friction between the different teams involved in the SOC program.
The author's expertise is evident in every chapter, and their real-world expertise quite obvious in chapter 5 on facilities, which is an area often neglected in SOC design. The significant issue is that if the facility in which the SOC team operates out of does meet certain baseline requirements, the SOC effectiveness will be significantly and often detrimentally impacted. The chapter details many overlooked topics such as: acoustics, lighting, ergonomics, and more.
Staffing a SOC is another challenge, and the book dedicates chapter 8 to that. The SOC is only as good as the people inside it, and the SOC staff requires a blend of skills. If the organization wants their SOC to operate 24x7, it will obviously require a lot more manpower of these hard to find SOC analysts.
Another helpful aspect is found in chapter 10 which has a number of checklists you can use to verify that all the required pieces are in place prior to a go live data, or be able to identify area that many not be completed as expected.
With Muniz and AlFardan being Cisco employees and this being a Cisco Press title, the book has a strong emphasis towards Cisco hardware and software. Nonetheless, the book is still quite useful even for those who won't be using Cisco products.
Building a SOC is an arduous process which takes a huge amount of planning and of work. This work must be executed by people from different teams and departments, all working together. Based on these challenges, far too many SOC deployments fail. But for anyone who is serious about building out a SOC, this book should be a part of that effort.
The reason far too many, perhaps most SOC deployments fail is that firms makes the mistake of obsessing on the hardware and software, without adequately considering the security operations functions. The authors make it eminently clear that such an approach won't work, and provide you with the expert guidance to obviate that.
For anyone considering building a SOC, or wants to understand all of the details involved in building one, Security Operations Center: Building, Operating, and Maintaining your SOC, is an absolute must read.
Reviewed by Ben Rothke.
You can purchase Security Operations Center: Building, Operating, and Maintaining your SOC from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know. -
Book Review: Security Operations Center
benrothke writes: Large enterprises have numerous information security challenges. Aside from the external threats; there's the onslaught of security data from disparate systems, platforms and applications. Getting a handle on the security output from numerous point solutions (anti-virus, routers/switches, firewalls, IDS/IPS, ERP, access control, identity management, single sign on and others), often generating tens of millions of messages and alerts daily is not a trivial endeavor. As attacks becoming more frequent and sophisticated and with regulatory compliance issues placing an increasing burden, there needs to be a better way to manage all of this. Getting the raw hardware, software and people to create a SOC is not that difficult. The challenge, and it's a big challenge, is integrating those 3 components to ensure that a formal SOC can operate effectively. In Security Operations Center: Building, Operating, and Maintaining your SOC, authors Joseph Muniz, Gary McIntyre and Nadhem AlFardan have written an indispensable reference on the topic. The authors have significant SOC development experience, and provide the reader with a detailed plan on all the steps involved in creating a SOC. Keep reading for the rest of Ben's review. Security Operations Center: Building, Operating, and Maintaining your SOC author Joseph Muniz, Gary McIntyre, Nadhem AlFardan pages 448 publisher Cisco Press rating 10/10 reviewer Ben Rothke ISBN 978-0134052014 summary Indispensable guide for those designing and deploying a SOC As Mike Rothman notedabout managed services providers, and something that is relevant to a SOC, you should have no illusions about the amount of effort required to get a SOC up and running, or what it takes to keep one current and useful. Many organizations have neither the time nor the resources to implement a SOC, but do, and are then trapped on the hamster wheel of pain, reacting without sufficient visibility, but without time to invest in gaining that much-needed visibility into threats that the SOC had the potential to provide them with, had they done it right. Those considering deploying a SOC and not wanting to be in the hamster wheel of pain will need this book.
The authors have done a great job in covering every phase and many details required to build out a SOC. After going through the book, some readers will likely reconsider deploying an internal SOC given the difficulties and challenges involved. This is especially true since SOC design and deployment is something not many people have experience with.
The book is written for an organization that is serious about building an enterprise SOC. The authors spend much of the book focusing on the myriad requirements for creation of a SOC. They constantly reiterate about details that need to be determined before moving forward.
Chapter 4 on SOC strategy is important as the way in which a firm determines their strategy will affect every aspect of the outcome. The authors wisely note that an inadequate or inaccurate SOC strategy, and the ensuing capabilities assessment exercises would produce a SOC strategy that does not properly address the actual requirements of the organization.
Ultimately, failing to adequately plan and design is a guarantee for SOC failure. That in turn will affect and impact deployment timelines, budgets and cause frustration, dissatisfaction and friction between the different teams involved in the SOC program.
The author's expertise is evident in every chapter, and their real-world expertise quite obvious in chapter 5 on facilities, which is an area often neglected in SOC design. The significant issue is that if the facility in which the SOC team operates out of does meet certain baseline requirements, the SOC effectiveness will be significantly and often detrimentally impacted. The chapter details many overlooked topics such as: acoustics, lighting, ergonomics, and more.
Staffing a SOC is another challenge, and the book dedicates chapter 8 to that. The SOC is only as good as the people inside it, and the SOC staff requires a blend of skills. If the organization wants their SOC to operate 24x7, it will obviously require a lot more manpower of these hard to find SOC analysts.
Another helpful aspect is found in chapter 10 which has a number of checklists you can use to verify that all the required pieces are in place prior to a go live data, or be able to identify area that many not be completed as expected.
With Muniz and AlFardan being Cisco employees and this being a Cisco Press title, the book has a strong emphasis towards Cisco hardware and software. Nonetheless, the book is still quite useful even for those who won't be using Cisco products.
Building a SOC is an arduous process which takes a huge amount of planning and of work. This work must be executed by people from different teams and departments, all working together. Based on these challenges, far too many SOC deployments fail. But for anyone who is serious about building out a SOC, this book should be a part of that effort.
The reason far too many, perhaps most SOC deployments fail is that firms makes the mistake of obsessing on the hardware and software, without adequately considering the security operations functions. The authors make it eminently clear that such an approach won't work, and provide you with the expert guidance to obviate that.
For anyone considering building a SOC, or wants to understand all of the details involved in building one, Security Operations Center: Building, Operating, and Maintaining your SOC, is an absolute must read.
Reviewed by Ben Rothke.
You can purchase Security Operations Center: Building, Operating, and Maintaining your SOC from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know. -
Interviews: Stack Overflow Co-Founder Jeff Atwood Answers Your Questions
A few weeks ago you had a chance to ask author, entrepreneur, and software developer Jeff Atwood about founding Stack Overflow and the Stack Exchange Network, as well as his new endeavor, the Discourse open-source discussion platform. Below you will find his answers to your questions. Magic wand
by Anonymous Coward
If you had a magic wand to make one change in technology right now, what would it be?
Atwood: Users would not have to generate, remember, enter, or ever think about passwords again. Computers would automatically know who the user is through a combination of ambient biometrics plus physical possession of some kind of device. Like, say, a smartphone.
Passwords are the enemy. And the users, because we are the idiots put in charge of making up the passwords. But mostly, it's the *goddamn passwords*.
Why did you choose Microsoft Platform for SE?
by Sadsfae
I don't see many large, high profile sites running an entire Microsoft Windows stack nowadays (IIS/SQL Server, etc) but Stack Exchange is one of them.
What were the reasons behind choosing a full Microsoft stack versus any of the Open Source alternatives which seem much more prevalent, especially in start-ups and smaller businesses for web presence?
Atwood: Mostly, C# is what I knew and what I was skilled in -- and I'm a great fan of its primary architect Anders Hejsberg who also created Turbo Pascal and Delphi. Performance was a goal, too, and since C# is a compiled language it's *extremely* fast. I think you can see for yourself that Stack Overflow is absurdly fast. Having switched to Ruby with the Discourse project, I can also testify that Ruby .. is, uh ... not ... absurdly fast.
The only downside of the .NET environment is, honestly, the SQL Server licensing costs which can be quite extreme at scale. There is movement to make .NET more open source. Plus the long running mono effort.
The main weakness of .NET is that it's not great for open source projects, though that has changed a bit over the last few years. It never really made sense to open source Stack Overflow -- ask yourself, how many Stack Overflow clones have flourished? Why is that? As a closed source project, the performance, great language design, and scaling of C# worked for us.
I made different choices for Discourse which *was* designed to be an open source project, a tool that is widely applicable to many communities, from day zero.
History of StackExchange
by unencode200x
A question on the history of Stack Exchange. What was the original idea that drove you to make StackExchange and how has it evolved or added since?
Atwood: Do you remember a site called Experts-Exchange? No? That means we succeeded at our original goal.
The basic concept was to do a 100% community driven Q&A that had elements of:
- Wikipedia (all the articles are always up to date and not dead tombstones from six years ago).
- Reddit (voting up the good information and voting down the bad information).
- Blogs (ownership, curation, and responsibility for content that has your name on it).
- Videogames (the Xbox 360 Achievements system, points, and ways of encouraging and incentivizing positive community behavior that are fun).
Where everything we build together is creative commons, and belongs to all of us, since you guys and gals are the ones doing all the work in the system!
Reputation mechanisms & scientific quality
by Anonymous Coward
Jeff, have you thought about how to use reputation mechanisms to improve the quality of published scientific results? I'm asking in the context of John P. A. Ioannidis' famous paper.
It seems to me one fix for this (horrible) problem might be an online reputation mechanism where scientists could rate the reproducibility of published results. Thoughts? (thanks for inventing Stack Exchange - you've done the world a big favor).
Atwood: It certainly seems applicable. The Stack engine works best for systems of data, fact, and science -- or at least a "tome of knowledge" -- where you can actually verify an answer (or five answers) as plausibly correct. You can see which topics do best on the Stack engine in the Stack Exchange directory, with a massive, Jupiter sized Stack Overflow right at the top.
There's always more than one way to do it, of course, but when you start getting dozens or hundreds of "answers" you don't have Q&A, you have a discussion with no clear answers, just opinions.
User Reputation, Moderating, and Discourse
by T.E.D.
I think its probably inarguable that the biggest innovation StackOverflow brought to the web was the centrality of reputation and user moderation to its design. Sure, our own /. had done something similar years before, and it was hardly the first either, but no website I know of had before taken it to its logical conclusion in quite the way SO does. This effectively "crowdsourced" a lot of traditional website administrative activities, which turned out to be an incredibly powerful idea. Practically all the functionality of SO is built around the concept.
So when I saw you were tackling online message boards, I expected the same kind of thing. But browsing around a typical Discourse thread, I'm not seeing that at all. Sure, users can "heart" posts, but all that does is bump a small counter next to the heart. There is no way to tell at a glance which posts users found the best and/or worst. Higher rated posts don't sort to the top, or get bigger or anything. As a result, I don't even see that feature used much. Certainly its nothing like SO, where post voting is the central activity. It also seems like moderation on Discourse is designed to be done by administrators, not users. I don't see any facility for users getting moderation privs as they gain reputation. Compared to SO, Discourse seems kind of, well, like a big step backwards in interactivity.
I'm sure I'm missing something here. What is it? Or did you really decide SO's centering of its design around users and their opinion on posts was a mistake, or perhaps just not a good fit for a more generalized discussion board?
Atwood: Sorting a conversation by votes is a pretty effective way to destroy conversation. How can you follow the logical flow of back and forth, chronological dialog when the ground is constantly shifting underneath you as posts get voted up or down? You can't.
Stack is a system of technical Q&A, where opinions are fascinating, and all, but they are completely trumped by facts, data, and science. Stack only tolerates the minimum amount of discussion necessary to get the best questions and the best answers. The goal isn't for people to talk to each other, the goal is for people to *answer the damn question*. Ideally with the aforementioned facts, data, and science, so our peers can objectively decide if the answer is correct and works.
Discourse, on the other hand, is explicitly a system of discussion and opinion. There is no right and wrong. You can't tell me my opinion that Wolverine is the coolest X-Man is wrong. Long after people have forgotten what exactly was said, they will remember how you made them feel. That's what the like (heart) action is about, and why it is featured so prominently: empathy. Discourse is a system of empathy.
We do have user trust levels in Discourse, it's just less obvious, because we're playing a different kind of game. Compare that with Stack, where your reputation number and badge counts appear prominently next to your name every time you post. Trust me, people *do* notice when you like their post. And if they see your post got 20 likes whereas their post only got two, or none, they absolutely notice that too. Discourse is more of a collaborative game, where Stack is an explicitly competitive game, and that's why the score is so prominent. The best way to motivate a programmer is to tell them someone else did it better. Don't try to race sheep, don't try to herd race horses.
There may not be re-ordering by votes in Discourse, as there is in Stack Overflow, but there is a summary mode for topics when they reach 50 or more replies. If you'd like to see this in action, visit a longer topic and press the "Summarize Topic" button at the top near the estimated read time, or as I like to call it, the TL;DR button. Then you'll see only the "best" 10 percent of that long topic. That factors in a lot of data from each post such as likes, incoming and outgoing links to the post, the number of times it has been read, total read time (we track actual on-screen read time for all posts in Discourse), number of times it has been bookmarked, number of replies, and so on. You can also expand context above (in reply to) and below (replies) for each post as needed. Or you can expand the collapsed gaps as needed. Try it, you just need a long topic with over 50 replies to see it in action.
Cargo cult programming and Stack Overflow
by Anonymous Coward
I don't mean to minimize StackOverflow's contribution to the online knowledge base, because it's a great tool when used properly. I'm a systems guy and Server Fault is often more useful than vendor support for looking up strange error messages and possible troubleshooting routes. But, there are a lot of low skill programmers and sysadmins out there who lean on these tools way too much. How do you feel about these properties contributing to the crappy cargo cult programming and sysadmin work we see in our field?
Atwood: Stack is a system of peer education at its core. The key insight is realizing that crappy programmers hurt all of us, and it's our job to learn from each other so that we have less terrible code and terrible coders to deal with in the future. Even if that terrible coder is us!
The best way to learn a topic is to teach it to someone else. That is the skill at the heart of the Stack engine. It works at three levels:
1. Selfish. I need the answer to this question or I may get fired. Give me the answer. This is ideally handled through a good search result. They get what they need.
2. Self Improvement. I want to get reputation and prove to my peers that I know what I am doing. The more I learn, the better I am at my job, the more skilled I am, and the more job satisfaction / money / prestige I can gain.
3. Advancement of our craft. Programming, physics, and math will be here long after we are all dead. It's an honor to help move science forward together as much as we can together in our lifetime, so that future programmers, physicists, and mathematicians can stand on our shoulders and do amazing, incredible things for the future of humanity.
It's fine for people to play the game at level one, because they are also helping others learn and work their way up the skill ladder. If someone is learning, and someone is teaching, we all win.
Rampant closure of questions
by WaffleMonster
From time to time I search stackoverflow for easy answers and I would say about 20% of the time the question has been closed even though it is the reason I went to stackoverflow in the first place. In most of these instances a useful answer was also provided before closure. So my question to you is simply what gives.
The most common reason for closure I run into is that the people closing it don't have any domain clue what is being asked and appear to assume if they don't understand nobody else does either.
Another common reason for closure is the "duplicate" question meme in which nuance is overlooked and questions are marked as duplicates because the people doing the marking failed to understand or appreciate the difference. This is very annoying.
Less common but equally annoying issues are closure due to chatter about domain specific algorithms not being "programming questions" or even more amusing someone posting a question that is more specifically addressed by one of a hundred different stack exchanges even though it is still on topic.
Atwood: Remember that Stack is for questions that can be explicitly answered, *not* discussion. It's not a place for "what's the best way to.." opinion sinkholes. Humans love this kind of stuff because they are social animals, and there's nothing wrong with wanting to have a discussion -- you just need to have that discussion elsewhere, because you can't have it on Stack Overflow.
We're strict about this because we've seen what happens when systems are not explicit about their goals. This way lies madness. This way lies Yahoo Answers. In Stack's case the goal is *learning*. And I do not mean accidental, random, meandering, oh-hey-check-out-this-crazy-thing-I-saw-on-Reddit learning, but highly efficient, directed learning where you are a classroom, not a social club.
Duplicates are a hard problem, for sure. That's the one place I felt we didn't make a ton of progress in my four years there, unfortunately. Human beings have the incredibly annoying habit of asking the same questions using completely and utterly different words. They're really good at it. And it is true that over time there are more and more questions and answers on Stack Overflow, so the minefield of "is this a duplicate of...?" is only getting bigger over time. It is a super hard problem. If you have specific ideas of how to handle duplicates better, don't hesitate to ask or search some of the existing topics there.
Remember, Stack Overflow is governed by programmers just like you, you are a citizen of its community just like me, and you get a say in what happens there. You could even be elected a moderator by participating in the yearly elections. So if you don't like the way things work, it's like any other democracy -- make your voice heard, vote, campaign, or run for office.
Relevance of old answers
by Scottingham
As SO ages, some of the offered solutions are no longer valid. Are there currently plans to automate some way of validating old answers automatically? This problem seems to be a larger problem with forums in general. Do you have any musings regarding aging forums?
Atwood: Anyone, even anonymous users, can suggest an edit to any question or answer on any Stack Exchange site. It is like Wikipedia in that regard. Once two other users with sufficient reputation approve the edit it goes through. Alternately, if you earn enough reputation, you can make direct edits yourself.
If you see information that's out of date, edit it to make it more up to date! Be the change you want to see, and all that.
Signal To Noise: Trolls
by Anonymous Coward
In reading your work for years and seeing your various contributions, it seems like you are fascinated with filtering out the most useful information. In many of your blog posts the insight is not yours but rather a conglomeration of chosen useful quotes and sources. I very much appreciate this. My question for you is how do you handle critical feedback vs trolls when dealing with communities. For example, the down button is often a disagree button rather than a negative point. How do you deal with mixed opinions?
To use a real life personal example, TEF noted how he felt you were suggesting that people shouldn't play around to learn. Yet, the way he said it was clearly inflammatory. How do you separate the legitimate concern and critical feedback from the troll who doesn't want to listen to your response?
Atwood: There is a reason we don't have a "dislike" or "downvote" in Discourse. How can an opinion be wrong? It can be rude, offensive, misinformed, misguided, or just plumb crazy -- but it can't be objectively *wrong*. Often the way you judge posts in Discourse is by their *lack* of likes. If nobody feels strongly enough about your reply to push the heart button on it, and 'co-sign' it with their name in public, that says something.
As for separating legitimate criticism from trolling, I don't know that actual trolls, by the strict definition of the word troll, are that common. I think bad faith makes itself quite clear in the tone and delivery of the criticism. Are you saying this in the hope that we can both learn something from the interaction, or are you saying it because you want to hurt or shame or denigrate or discredit me? Truth alone, as it turns out, isn't the whole truth. How you say something matters.
Bad faith is especially visible to the audience, who has no stake in the argument, and can be surprisingly objective in judging authenticity. One of the most striking things about the early days of Stack Overflow was seeing how people would not upvote cruelty. They wouldn't necessarily downvote it, mind you, but overt cruelty and meanness in an answer was never an effective way to get upvotes and reputation even if the technical information was sound. The best way to win an argument isn't to convince the other person, necessarily -- good luck with that -- but to convince everyone who is watching. And you will never convince an audience watching you be cruel to another person.
In life, being cruel to others may achieve some short term goals, but it is *never* a winning long term strategy. And I think that is exactly how it should be.
How do you have a good debate online?
by AmiMoJo
It seems like the internet is mostly a terrible place to have debates. Many forums quickly become echo chambers for people who want to be as offensive as possible just to prove that they can exercise their free speech rights. Other times debates are derailed by cheap tactics like being deliberately offensive to derail the arguments and bog everyone down in accusations that they are "SJWs". Ad-hominems and obvious logical fallacies seem to be the norm.
How do you plan to avoid this happening? So far no-one seems to have found a way.
Atwood: We have a few tricks up our sleeve at Discourse. We try to teach communities not just how the software works, but how human beings should work, with stuff like our Universal Rules of Civilized Discourse which is prominently featured in every install of Discourse and of course Creative Commons licensed.
I believe in the “Just in Time" theory of human behavior where we try to reach you at the exact moment you start typing your first post with the TL;DR version of those rules. And the most important rule of all for empathy is a simple one: hey, there's another person on the other side of that screen. Not just an abstract name, an avatar, a collection of pixels, but a real live human being, just like you.
I don't know if we can weaponize empathy but I'd sure like to try. Not every space has to be open to everyone, unless you work for Facebook or Twitter. Sometimes the point of having your own community is being able to close the door on people who demonstrate that they can't behave themselves in your house. Live with wolves, and you learn to howl.
Stackoverflow in hindsight
by jez9999
In hindsight, would you have reduced the scope of on-topic questions for Stackoverflow to where it's at today when you started the site knowing what you do now, and do you think it would've made the site less popular?
Atwood: Much of the strictness of Stack Overflow evolved as a side effect of the reputation system. Once you have a reputation score, you want to protect that score, and nothing devalues your own reputation more than seeing some other programmer get 300 reputation points from a humorous answer containing nothing but an XKCD comic. Anyone can post an XKCD comic; that takes no particular competence or knowledge. So the evolution in strictness -- peer reputation should come from expression of *skill*, not funny anecdotes -- was largely driven by the community, not by anyone employed at Stack Overflow.
Even knowing what I already knew, which is that putting a number next to someone's name will cause them to do whatever it takes to make that number go up -- I didn't anticipate how strong this effect would be. But ultimately I agree with it, and I think systems should trend to slightly increasing strictness over time as they grow bigger. Big cities have different problems than small cities, and they need more structure. -
Rikers Inmates Learn How To Code Without Internet Access (fastcompany.com)
An anonymous reader sends the story of another prison where inmates are learning the basics of programming, despite having no access to the vast educational resources on the internet. Instructors from Columbia University have held a lengthy class at New York's Rikers Island prison to teach the basics of Python. Similar projects have been attempted in California and Oklahoma. The goal wasn’t to turn the students into professional-grade programmers in just a few classes, [Instructor Dennis] Tenen emphasizes, but to introduce them to the basics of programming and reasoning about algorithms and code. "It’s really to give people a taste, to get people excited about coding, in hopes that when they come out, they continue," says Tenen. ...Having an explicit goal—building the Twitter bot—helped the class focus its limited time quickly on learning to do concrete tasks, instead of getting bogged down in abstract discussions of syntax and algorithms. -
Rikers Inmates Learn How To Code Without Internet Access (fastcompany.com)
An anonymous reader sends the story of another prison where inmates are learning the basics of programming, despite having no access to the vast educational resources on the internet. Instructors from Columbia University have held a lengthy class at New York's Rikers Island prison to teach the basics of Python. Similar projects have been attempted in California and Oklahoma. The goal wasn’t to turn the students into professional-grade programmers in just a few classes, [Instructor Dennis] Tenen emphasizes, but to introduce them to the basics of programming and reasoning about algorithms and code. "It’s really to give people a taste, to get people excited about coding, in hopes that when they come out, they continue," says Tenen. ...Having an explicit goal—building the Twitter bot—helped the class focus its limited time quickly on learning to do concrete tasks, instead of getting bogged down in abstract discussions of syntax and algorithms. -
MST3K Kickstarter Poised To Break Kickstarter Record (kickstarter.com)
New submitter the_Bionic_lemming writes: Recently Joel Hodgson, the creator of Mystery Science 3000 -- which had a successful run of over 197 shows -- has after 15 years launched a kickstarter to relaunch the series. In just over two weeks Joel has been wildly successful in not only having over 25000 fans contribute, but actually scoring the second-highest show kickstarter on record — he has just under two weeks to shoot past the Number 1 kickstarter, Veronica Mars. -
MST3K Kickstarter Poised To Break Kickstarter Record (kickstarter.com)
New submitter the_Bionic_lemming writes: Recently Joel Hodgson, the creator of Mystery Science 3000 -- which had a successful run of over 197 shows -- has after 15 years launched a kickstarter to relaunch the series. In just over two weeks Joel has been wildly successful in not only having over 25000 fans contribute, but actually scoring the second-highest show kickstarter on record — he has just under two weeks to shoot past the Number 1 kickstarter, Veronica Mars. -
Facebook Expands Parental Leave Policy For All Employees Globally (mashable.com)
Reuters reports that Mark Zuckerberg's not the only Facebook employee who will enjoy a nice chunk of time off to spend with a new baby; the company is expanding its parental leave policy (and posting on Facebook about it). The benefit includes up to four months of paid leave, to all full-time employees, including those outside the U.S., regardless of sex, within a new child's first year. That means that new parents of either sex will be allowed to take a longer absence; previously, non-U.S. employees who were not primary caregivers were granted four weeks of leave. From the Reuters story: [Facebook HR head Lori Matloff] Goler said the new policy will primarily help new fathers and employees in same-sex relationships outside the United States, noting that it will not change maternity leave already available to employees worldwide. ... Technology companies in Silicon Valley have been rushing to extend parental leave allowances and other benefits to help recruit and retain employees. Many high-tech workers, however, do not take advantage of such benefits for fear of falling behind at work or missing out on promotions. -
Swedish Court Says ISPs Can't Be Forced To Block Pirate Bay
The Next Web reports that a district court in Sweden has ruled that it cannot simply force ISPs to block The Pirate Bay, despite its role in large-scale copyright violation. A coalition of copyright holders including Sony and a group representing the Swedish film industry wanted the court to force Swedish ISP Bredbandsbolaget to curtail access, as courts have done in various cases around the world. The court found that Bredbandsbolaget couldn’t be held responsible for the copyright infringement of its customers’ actions while using the service as it doesn’t constitute a crime under Swedish law, according to the report. As such, it’s also not liable for any of the fines. While it could still be overturned by a higher authority appeals court, the group representing the copyright holders will have to pay the ISPs legal costs thus far, which is more than $150,000 according to TorrentFreak. (And here's TorrentFreak's report.) Update: 11/29 15:55 GMT by T : Oops -- sorry, we've mentioned this once already. -
Bill Gates To Headline Paris Climate Talks
theodp writes: The NY Times and others report that Bill Gates will announce the creation of a multibillion-dollar clean energy fund on Monday at the opening of the two-week long Paris Climate Change Conference. The climate summit, which will be attended by President Obama and 100+ world leaders, is intended to forge a global accord to cut planet-warming emissions. The pending announcement was first reported by ClimateWire. A spokesman for the Bill and Melinda Gates Foundation did not respond to a request for comment. Let's hope it goes better than BillG school reform!