Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
Amazon Gets Approval To Test New Delivery Drones
An anonymous reader writes: Amazon has been vocal in its complaints about how slow the FAA is in approving drones for test flights. In March they were finally given permission to test a drone they had developed six months prior, and they said the drone was already obsolete. Their complaints appear to have worked — yesterday, the FAA gave permission to test a new, updated delivery drone. According to the FAA's letter (PDF), the drone must stay at an altitude of less than 400 feet and at speeds of less than 100 mph. -
Another 'Draw Your Own Circuits' System at SXSW (Video)
While Timothy Lord was at SXSW, he chatted with Yuki Nishida of AgIC and learned about the company's conductive ink products. But AgIC wasn't the only company at SXSW showing off conductive ink. You could also meet the Electroninks people and see their Circuit Scribe product, which had a Kickstarter campaign a while back that raised $574,425.
This kind of product seems to be attractive to the kind of people who fund Kickstarter projects, and this bunch seems to have good resumes and some interesting, well thought-out products. There is apparently room in the 'draw circuits and learn electrical basics' market for both AgIC and Electroninks -- and probably for another dozen competitors, too. -
Microsoft: Feds Are 'Rewriting' the Law To Obtain Emails Overseas
An anonymous reader writes: The Electronic Communications Privacy Act was written in 1986. It's incredibly outdated, yet it still governs many internet-related rights for U.S. citizens. Microsoft has now challenged Congress to update the legislation for how online communications work in 2015. The company is currently embroiled in a legal battle with the government over a court order to release emails stored in a foreign country to U.S. authorities. In a new legal brief (PDF), Microsoft says, "For an argument that purports to rest on the 'explicit text of the statute,' the Government rewrites an awful lot of it. Congress never intended to reach, nor even anticipated, private communications stored in a foreign country when it enacted [the ECPA]." In an accompanying blog post, Microsoft general counsel Brad Smith wrote, "Until U.S. law is rewritten, we believe that the court in our case should honor well-established precedents that limit the government's reach from extending beyond U.S. borders. ... To the contrary, it is clear Congress's intent was to ensure that your digital information is afforded the same legal protections as your physical documents and correspondence, a principle we at Microsoft believe should be preserved." -
China's 'Great Cannon' -- a Cyber-weapon to Accompany the Great Firewall
An anonymous reader writes: A new report from The Citizen Lab identifies a distinct new technology entity sitting next to the Great Firewall of China. Dubbed the 'Great Cannon', the multi-process cluster revealed itself quite openly in the recent attacks on Greatfire.org and its two Github pages. The DDoS attack was so sustained that CL was able to study the new technology in depth, determining architectural similarities and unearthing many strong indications that it is a product of the Chinese authorities. -
Senate Draft of No Child Left Behind Act Draft Makes CS a 'Core' Subject
theodp (442580) writes "If at first you don't succeed, lobby, lobby again. That's a lesson to be learned from Microsoft and Google, who in 2010 launched advocacy coalition Computing in the Core, which aimed "to strengthen K-12 computer science education and ensure that computer science is one of the core academic subjects that prepares students for jobs in our digital society." In 2013, Computing in the Core "merged" with Code.org, a new nonprofit led by the next door neighbor of Microsoft's General Counsel and funded by wealthy tech execs and their companies. When Code.org 'taught President Obama to code' in a widely-publicized White House event last December, visitor records indicate that Google, Microsoft, and Code.org execs had a sitdown immediately afterwards with the head of the NSF, and a Microsoft lobbyist in attendance returned to the White House the next day with Microsoft CEO Satya Nadella and General Counsel Brad Smith (who also sits on Code.org's Board) in tow. Looks like all of that hard work may finally pay off. Education Week reports that computer science has been quietly added to the list of disciplines defined as 'core academic subjects' in the Senate draft of the rewritten No Child Left Behind Act, a status that opens the doors to a number of funding opportunities. After expressing concern that his teenage daughters hadn't taken to coding the way he'd like, President Obama added, "I think they got started a little bit late. Part of what you want to do is introduce this with the ABCs and the colors." So, don't be too surprised if your little ones are soon focusing on the four R's — reading, 'riting, 'rithmetic, and Rapunzel — in school!" -
Senate Draft of No Child Left Behind Act Draft Makes CS a 'Core' Subject
theodp (442580) writes "If at first you don't succeed, lobby, lobby again. That's a lesson to be learned from Microsoft and Google, who in 2010 launched advocacy coalition Computing in the Core, which aimed "to strengthen K-12 computer science education and ensure that computer science is one of the core academic subjects that prepares students for jobs in our digital society." In 2013, Computing in the Core "merged" with Code.org, a new nonprofit led by the next door neighbor of Microsoft's General Counsel and funded by wealthy tech execs and their companies. When Code.org 'taught President Obama to code' in a widely-publicized White House event last December, visitor records indicate that Google, Microsoft, and Code.org execs had a sitdown immediately afterwards with the head of the NSF, and a Microsoft lobbyist in attendance returned to the White House the next day with Microsoft CEO Satya Nadella and General Counsel Brad Smith (who also sits on Code.org's Board) in tow. Looks like all of that hard work may finally pay off. Education Week reports that computer science has been quietly added to the list of disciplines defined as 'core academic subjects' in the Senate draft of the rewritten No Child Left Behind Act, a status that opens the doors to a number of funding opportunities. After expressing concern that his teenage daughters hadn't taken to coding the way he'd like, President Obama added, "I think they got started a little bit late. Part of what you want to do is introduce this with the ABCs and the colors." So, don't be too surprised if your little ones are soon focusing on the four R's — reading, 'riting, 'rithmetic, and Rapunzel — in school!" -
Dell Expands Intel RealSense Tablet Lineup With 10.5-Inch Venue 10 7000 2-in-1
MojoKid writes "Dell unveiled a new Android 2-in-1 today, the Venue 10 7000, which brings with it many of the same hardware features that we saw with their popular Venue 8 7000 8-inch tablet. It's powered by a quad-core Intel Atom Z3580 processor with 2GB of RAM, 16GB of internal storage, and a 2560x1600 10-inch display. You'll also find a microSD slot that supports up to 512GB of additional storage, 802.11ac, Bluetooth 4.0, Miracast, front-facing stereo speakers, a 2MP front-facing camera, and an 8MP Intel RealSense 3D camera on the rear. Where things get more interesting, perhaps, is with the design of the tablet. Whereas the Venue 8 7000 features a more traditional tablet form-factor, the Venue 10 7000 features a cylindrical "barrel edge" which Dell says makes the tablet easier to hold and carry. It's reminiscent of Lenovo's Android-powered Yoga Tablet family. In addition to providing a handy place for your hand to grip the tablet, the cylindrical spine also serves as an attachment point for an optional keyboard that transforms the Venue 10 7000 into a laptop. The keyboard accessory allows the tablet to be used in five different configurations: Tablet Mode (w/o keyboard), Tablet Mode (w/ keyboard), Laptop Mode, Tablet Stand Mode, and Tent Mode. -
Google To Offer Ad-Free YouTube - At a Price
First time accepted submitter totalcaos writes YouTube announced today its plans for an ad-free, subscription-based service by way of an email sent out to YouTube Partners. The email details the forthcoming option, which will offer consumers the choice to pay for an "ads-free" version of YouTube for a monthly fee. The additional monetization option requires partners to agree to updated terms on YouTube's Creator Studio Dashboard, which notes that the changes will go into effect on June 15, 2015. We talked about the possibility of an ad-free model back in October. -
Windows 10 Successor Codenamed 'Redstone,' Targeting 2016 Launch
MojoKid writes: Windows 10 isn't even out the door yet, so what better time than now to talk about its successor? Believe it or not, there's a fair bit of information on it floating around already, including its codename: "Redstone." Following in the footsteps of 'Blue' and 'Threshold', Redstone is an obvious tie-in to Microsoft's purchase of Minecraft, which it snagged from Mojang last year. Redstone is an integral material in the game, used to create simple items like a map or compass as well as logic gates for building electronic devices, like a calculator or automatic doors. The really important news is that we could see Windows Redstone sometime in 2016. -
TrueCrypt Alternatives Step Up Post-Cryptanalysis
msm1267 writes: What's next for TrueCrypt now that a two-phase audit of the code and its cryptography uncovered a few critical vulnerabilities, but no backdoors? Two alternative open source encryption projects forked TrueCrypt once its developers decided to abandon the project in early 2014, giving rise to VeraCrypt and CipherShed — and both are ready to accelerate growth, compatibility and functionality now that the TrueCrypt code has been given a relatively clean bill of health. -
Mozilla Rolls Back Firefox 37's Opportunistic Encryption Over Security Issue
darthcamaro writes: Barely a week ago, Mozilla released Firefox 37, which had a key new feature called opportunistic encryption. The basic idea is that it will do some baseline encryption for data that would have otherwise been sent by a user via clear text. Unfortunately, Mozilla has already issued Firefox 37.0.1, which removes opportunistic encryption. A security vulnerability was reported in the underlying Alternative Services capability that helps to enable opportunistic encryption. "If an Alt-Svc header is specified in the HTTP/2 response, SSL certificate verification can be bypassed for the specified alternate server. As a result of this, warnings of invalid SSL certificates will not be displayed and an attacker could potentially impersonate another site through a man-in-the-middle, replacing the original certificate with their own." They plan to re-enable opportunistic encryption when this issue is investigated and fixed. -
Snapchat Joins the Gang, Releases Transparency Report
Snapchat has released its first transparency report, detailing the number of requests for data it's fielded from law enforcement agencies both in the U.S. and elsewhere. For a service sometimes vilified as a conduit for shady dealings, Snapchat received surprisingly few police requests from U.S. agencies (just 375, involving 666 accounts). Perhaps agencies are put off by the small number of Snapchat messages that may be vulnerable to such requests. -
Stanford Turns To Pair Programming: 1 CS Education For the Price of 2?
theodp writes: Stanford students may pay $44,184 in tuition, but that may not even entitle them to individually graded homework. The Stanford Daily reports that this quarter, Stanford's Computer Science Department will implement 'pair programming' in the introductory computer science courses CS 106A: Programming Methodology and CS 106B: Programming Abstractions. "The purpose of this change," reports the paper, "is to reduce the increasingly demanding workload for section leaders due to high enrollment and also help students to develop important collaboration skills." The CS 106A Pair Programming Q&A page further explains, "Our enrollments have grown rapidly, and we are trying to explore creative new ways to manage student work that will also reduce the heavy workload on our section leaders," adding that students who don't get with the Pair Programming program and elect to go solo will not be awarded "late days" that can be used to avoid penalties on overdue assignments, unlike their paired classmates. Google in November put out an RFP to universities for its invite-only 3X in 3 Years: CS Capacity Award program, which aimed "to support faculty in finding innovative ways to address the capacity problem in their CS courses," which included a suggestion that "students that have some CS background" should not be allowed to attend in-person intro CS courses. Coincidentally, Google Director of Education and University Relations Maggie Johnson, whose name appeared on the CS Capacity RFP, was Director of Undergraduate Studies in Stanford's CS Department before joining Google. -
Microsoft To Stop Enabling 'Do Not Track' By Default
An anonymous reader writes: The history of the do-not-track setting for web browsers has been rife with debate. It took a long time for web experts to come to anything resembling a consensus on how it should be implemented, and the process isn't over yet. Microsoft took criticism for enabling the do-not-track setting by default in Internet Explorer. While it sounds good in theory, many worried it would just spur websites to completely disregard the setting (and some, like Yahoo, did just that). Now, Microsoft has reversed their stance. The do-not-track setting will not be enabled by default in the company's future browsers. They say, "Put simply, we are updating our approach to DNT to eliminate any misunderstanding about whether our chosen implementation will comply with the W3C standard. ... As a result, DNT will not be the default state in Windows Express Settings moving forward, but we will provide customers with clear information on how to turn this feature on in the browser settings should they wish to do so." -
Microsoft To Stop Enabling 'Do Not Track' By Default
An anonymous reader writes: The history of the do-not-track setting for web browsers has been rife with debate. It took a long time for web experts to come to anything resembling a consensus on how it should be implemented, and the process isn't over yet. Microsoft took criticism for enabling the do-not-track setting by default in Internet Explorer. While it sounds good in theory, many worried it would just spur websites to completely disregard the setting (and some, like Yahoo, did just that). Now, Microsoft has reversed their stance. The do-not-track setting will not be enabled by default in the company's future browsers. They say, "Put simply, we are updating our approach to DNT to eliminate any misunderstanding about whether our chosen implementation will comply with the W3C standard. ... As a result, DNT will not be the default state in Windows Express Settings moving forward, but we will provide customers with clear information on how to turn this feature on in the browser settings should they wish to do so." -
Ask Slashdot: Living Without Social Media In 2015?
An anonymous reader writes On Slashdot, we frequently write derogatory comments regarding social networking sites. We bash Facebook and the privacy implications associated with having a great deal of your life put out there for corporations to monetize. Others advocate for deleting your Facebook profile. Six months ago, I did exactly that. However, as time went on, I have fully realized social media's tacit importance to function in today's world, especially if you are busy advancing your career and making the proper connections to do so. Employers expect a LinkedIn profile that they can check and people you are meeting expect a Facebook account. I have heard that not having an account on the almighty Facebook could label you as a suspicious person. I have had employers express hesitation in hiring me (they used the term "uncomfortable") and graduate school interviewers have asked prying questions regarding some things that would normally be on a person's social media page. Others have literally recoiled in horror at the idea of someone not being on Facebook. I have found it quite difficult to even maintain a proper social life without a social media account to keep up to date with any sort of social activities (even though most of them are admittedly quite mundane). Is living without social media possible in 2015? Does social media have so much momentum that the only course of action is simply to sign up for such services to maintain normality despite the vast privacy issues associated with such sites? Have we forgotten how to function without Facebook? -
Chinese Certificate Authority CNNIC Is Dropped From Google Products
eldavojohn writes A couple weeks ago, Google contacted the CNNIC (China's CA) to alert them of a problem regarding the delegated power of issuing fraudulent certificates for domains (in fact this came to light after fraudulent certificates were issued for Google's domains). Following this, Google decided to remove the CNNIC Root and EV CA as trusted CAs in its Chrome browser and all Google products. Today, the CNNIC responded to Google: "1. The decision that Google has made is unacceptable and unintelligible to CNNIC, and meanwhile CNNIC sincerely urge that Google would take users' rights and interests into full consideration. 2. For the users that CNNIC has already issued the certificates to, we guarantee that your lawful rights and interests will not be affected." Mozilla is waiting to formulate a plan. -
Ask Slashdot: Identifying a Stolen Car Using Police Camera Databases?
Dear Slashdot: First, some background. I have been "between schools" for some time, but have recently entered a training program that could at least potentially turn into a lucrative career. The work involves investigating, torture testing, and sometimes bypassing various automotive sub-systems, primarily car ignition, security and other embedded systems, for clients who are often surprised just how fragile these systems can be. The pay is minimal while I'm something more like an intern than a full-time employee, but that's OK -- I figure these skills will stand me in good stead. Now, my problem, and a question: One of the vehicles which I would very much like to play with is unavailable to me and my coworkers for the simple reason that it was stolen before we'd even taken possession of it. Normally, my employer might just write off the loss, but for various reasons would really like to locate this car in particular -- perhaps mostly a point of pride, but partly because future contracts from the same client might hinge on locating it rather than looking incompetent. I know that Ars Technica recently showed that it was possible to obtain a great deal of information about scanned registration-plate data using FOIA and other legal means; what I want to know is whether anyone can recommend particular tools or methods for locating stolen cars with such data that doesn't rely on going through the police or insurance companies, saving embarrassment and hassle. I know enough that I could probably file a FOIA *request* (most likely, my supervisor already has, actually) but not sure what we will be able to do with the raw data returned, or if there are sources for data other than "$Plate + GeoCoords." Plates obviously can be changed, too; are there publicly available sources for whole-car images that could be efficiently scanned? Best, of course, would be images with at least some rough sorting applied, so things could be sorted both by geography (we'd focus on our own area, Southern Caifornia, so start with, because we have reason to believe it was stolen in this area) and at least by vehicle type or color. And of course, this is probably asking too much, since I imagine it will be a near-impossible task to get this kind of data; we'd also welcome the magic of crowd-sourcing, so if you spot a tan Chevy Maibu with New Mexico plates (K88-283), there's probably some nice incentives in it for you. -
Mario 64 Remake Receives a DMCA Complaint From Nintendo
jones_supa writes: Well, we saw this one coming. Just a couple of days after computer science student Erik Roystan Ross released a free recreation of the first level of Nintendo's 1996 Super Mario 64, Nintendo filed a Digital Millennium Copyright Act complaint. It was sent to the content distribution network CloudFlare and the complaint asked to immediately disable public access to the page hosting the remade game. CloudFlare forwarded the complaint to the person hosting Ross' game, after which the hosting provider (a friend of Ross) had to take the game down. Nintendo also sent Ross takedown notices for his downloadable desktop versions of the Bob-Omb Battlefield. Nintendo is famously protective of its copyright, taking issue even with "Let's Play" videos posted on YouTube and threatening to shut down live-streamed Super Smash Bros tournaments." -
Book Review: Drush For Developers, 2nd Edition
Michael Ross writes As with any content management system, building a website using Drupal typically requires extensive use of its administrative interface, as one navigates through its menus, fills out its forms, and reads the admin pages and notifications — or barely skims them, as they have likely been seen by the site builder countless times before. With the aim of avoiding this tedium, speeding up the process, and making it more programmatic, members of the Drupal community created a "shell" program, Drush, which allows one to perform most of these tasks on the command line. At this time, there is only one current print book that covers this tool, Drush for Developers, Second Edition, which is ostensibly an update of its predecessor, Drush User's Guide. Read below for the rest of Michael's review. Drush For Developers, 2nd Edition author Juampy Novillo Requena pages 180 publisher Packt Publishing rating 7/10 reviewer Michael Ross ISBN 978-1784393786 summary Recommendations for improving Drupal development with Drush. Both editions were written by Juampy Novillo Requena, although in the transition from the first edition to the second, both the author's name and the book title were changed. The most recent edition's title seems redundant, because of course such a book is going to be "for developers"; after all, who but Drupal developers would have an interest in Drush? The edition under review was published on 29 January 2015 by Packt Publishing, under the ISBN 978-1784393786. (My thanks to the publisher for a review copy.) At 180 pages, this edition is longer than its predecessor, but still a manageable size. Its content is divided among half a dozen chapters. Anyone interested in learning more about the book may wish to visit the publisher's website, which provides a brief description of the book, the table of contents, free sample content (Chapter 3), and the source code files.
The first chapter begins by presenting a brief comparison of the steps needed to run database updates on a Drupal website, using the GUI versus using Drush. As expected, the latter requires fewer steps. The author then discusses the prerequisites for installing Drush in a Linux or OS X environment. For Windows, the given download URL, http://www.drush.org/drush_win..., is incorrect and should instead be http://drush.readthedocs.org/e.... The author states that "the installer installs an older version of Drush," but actually the installer has disappeared from its former locations. Fortunately, the current Windows archive file has the latest version as of this writing, 7.0.0-alpha7. This version is more recent than the alpha5 used in the book, but the commands and their options seem identical. On the other hand, it is a large archive file containing the Drush application files, Msys, PHP, and parts of PEAR and Symfony's YAML — but no helpful installer. The chapter continues with explication of Drush command invocation, arguments, options, aliases, and context. The only apparent blemish is that the variable name "site-name" (page 14) should instead read "site_name."
After this introductory material, one would expect the next chapter or so to explain and illustrate the details of Drush commands frequently used by site developers, such as those for installing, enabling, and updating modules and themes. Instead, the author jumps far ahead to much more advanced topics (more on this below). In the case of the second chapter, the goal is to learn how to synchronize code, database configuration, and content among different server environments, including capturing database configuration settings in files so they can be version controlled in Git. This is arguably worthwhile knowledge, but certainly not what the average reader would expect so early in the book.
Readers attempting to follow and replicate the demonstrations in the book, may become frustrated with the pitfalls in the second chapter — such as the instances where it does not provide all the needed instructions, or they don't match the example code. When readers starting from scratch encounter the Drush script (page 23), they may be tempted to try it right away on their own test sites, but this would be ill-advised because the first command will fail until the Registry Rebuild command is installed (later in the chapter), and the fourth command will fail if the chosen website does not have the Features module already installed and enabled. When learning about database updates, the reader is instructed to create a new Boolean field, but only later learns that the test website should have contained nodes of the "Basic Page" content type. When readers learn these things the hard way, they must circle back and redo steps or, even worse, try to revert the state of files or the database.
The mymodule custom module found in the downloadable archive does not match what the reader will need on page 30, so she will need to modify mymodule.install to match that listed in the book, and also presumably comment out the last two lines in mymodule.info related to the Features module — but not the first two, because that would result in worse problems later. This initial code should have been included in the downloadable archive. Before running the command drush --verbose updatedb, should she have enabled the mymodule custom module? Apparently so, since the expected output includes "Executing mymodule_update_7100," but when I tried it, the provided module's update hook was not recognized as a database update, using Drush or the admin interface (update.php). On page 32, the reader is told to download and enable the Features module, but that must have been done already because the mymodule module required it earlier. Lastly, the book's preface states that PHP version 5.2 (or higher) would be sufficient, but 5.5 is needed, otherwise a fatal PHP error is generated by the empty() call on line 29 of the "7101" example code.
The third chapter covers the use of Drush for running and monitoring a variety of tasks in a Drupal website, such as updating the database or reindexing the searchable content in Apache Solr. The author begins by briefly describing the uses for the cron utility, and some advantages of executing it from Drush. A technique shown for preventing Drupal from running cron automatically, is to set the cron_safe_threshold variable to 0, export it to code (as a Features module), and then deploy it to the target environments. The author also demonstrates how to use Jenkins in conjunction with Drush to periodically run and monitor cron jobs. As an example of running a task without using cron, a Feeds importer is set up to work with Drush, using a custom module and a Drush command to trigger the Feeds importer. It's not mentioned in the book, but for the importer, in the settings for the node processor, be sure to assign the bundle, otherwise there will be EntityMalformedException errors; also, map the essential feed and node elements, otherwise the nodes created will be empty.
The book then explores a number of topics that are somewhat related to one another: how to use Drush and the Drupal Batch API to run time-consuming tasks so as to avoid PHP and database limits of memory and time; how to run PHP code after Drupal has been bootstrapped; how to best log messages using the drush_log() function; how to capture Drush output in a file; how to implement your own logging mechanism by overriding the Drush default logging function; and how to run Drush commands in the background. Despite the complexity of the processing implemented in this chapter, readers should encounter few problems trying it out. For the drush php-eval commands, Windows command line users will need to replace the single quotes with double quotes. In the section titled "The php-script command," two of the three "php-eval" terms should instead read "php-script" (page 65).
Debugging and error handling are addressed in detail in the fourth chapter: how to validate user input values and Drush command line options prior to passing them to a command's callback; how to define custom validation within a command; how to discover all of the available hooks for any given Drush command; utilizing the Devel module, how to discover all of the Drupal modules that use a given hook, and how to find the location of a given function or class method. In the midst of all this, readers get a detailed tour of the steps that Drush executes when bootstrapping Drupal. Readers should note that, as with the second chapter, some of the code in the downloadable archive does not match the initial code presented in the text, but rather its final state. As readers may have been seen in earlier chapters, the "-- verbose" versions of the Drush commands can produce a lot more informational output than what is presented in the text, including the MySQL commands (that may be a consequence of, in this case, the Windows command line). In the case of drush --debug testhooks, the output is remarkably different, but at least all of the commands are executed.
The penultimate chapter explores techniques for leveraging Drush to better manage Drupal websites on local and remote servers, utilizing site aliases. Developers will undoubtedly be intrigued if not thrilled with the possibilities of being able to execute Drush, Linux, and MySQL commands within remote environments from the local command line. The only questionable aspect is that in the first chapter it is claimed that one "does not even have to open an SSH connection" to perform these feats of digital derring-do, and yet all of them presented in this chapter seem to depend upon an SSH connection — if not explicitly on the command line, then at least established and used in the background by Drush. Nonetheless, the potential power of using Drush in this manner is clearly significant for Drupal site builders and maintainers, and thus the author wisely shows how to avoid inadvertently corrupting the files or database of a target installation.
The final chapter blends and builds upon most if not all of the topics addressed in the earlier chapters, to show how Drush can be used to set up an effective development workflow for teams building Drupal websites. To this end, the author demonstrates how to move Drush commands out of a project's web document root, and how to use Drupal Boilerplate to achieve this and more. The instructions employ wget to download Boilerplate, but other readers as well may encounter an error of wget not being able to verify github.com's certificate. Readers learn how to use Jenkins to synchronize the Drupal files and databases in disparate environments, how to use Drush commands to improve database synchronization and sanitization, and how to prevent inadvertently emailing production addresses.
Like seemingly any Packt Publishing book, this one has plenty of errata relative to its length: "OSX" (page 9; should read "OS X"), "an input data" (page 14; should read "an input datum"), "inform [Drush] where" (page 19), "Dated" (page 21; should read "It is dated"), "sites/all/drush/command[s]" (page 28), "type Page" (page 29; should read "type Basic Page"), "PHP.ini" (page 34; should read "php.ini"), "cover [the] Queue API" (page 58), "context" (page 66; probably should read "content"), "run[ning]" (page 66), "straight brackets" (page 68; just "brackets"), "thanks to [']allow-additional-options'" (page 83), "require [the] minimum" (page 94), "a valid Drupal's root directory" (page 94; no "'s"), "point [to] our local Drupal project" (page 117), "logged as message" (page 120), "our the $HOME path" (page 139), "password;." (page 149), and "offers [a] hook" (ditto). Some of the phrasing is odd, e.g., "output can be logged in to" (page 34), "tasks running at cron" (page 52), and "equals to 1" (page 61). Some of the sentences are incomplete, e.g., "Importing configuration into the database." (page 34). Fortunately, none of the narrative is incomprehensible, and it is generally smoother in this edition than in the first.
The structure of this book is more logical than that of its predecessor. As Drupal expert Mike Anello correctly pointed out in his review of the first edition, "the book could have easily been improved by splitting out various sections of chapters into their own stand-alone chapters." The same criticism still holds true for this second edition, particularly the third chapter, though to a much lesser extent overall.
As with most if not all titles offered by Packt Publishing, this book's chapters are lengthened with summaries, none of which serve any useful purpose, since they repeat what was presented just pages earlier, but do not include enough detail to be of any value.
One major problem with the book is that it is billed as a second edition to the earlier user guide, which covered introductory and intermediate topics; yet this second edition does not, and instead is almost entirely devoted to advanced topics. In fact, much of the material is preparatory for the final chapter, on utilizing Drush to improve a team's project workflow. This is not made clear to the prospective buyer. This is truly a new book, and not an update of the first edition. Furthermore, it is more focused on specific uses of Drush.
Whether this book could be recommended to any potential reader, depends upon what that individual is hoping to learn. For anyone who wishes full coverage of the beginner and intermediate topics of Drush, this book would be completely inappropriate, and the individual would be best pointed to the Drush documentation. On the other hand, the book would be much better suited for a Drupal developer looking to improve his or her understanding of using Drush for managing database configuration settings and other topics related to project workflow, particularly in team settings — in which case it could be extremely valuable.
Michael Ross is a freelance web developer and writer.
You can purchase Drush For Developers, 2nd Edition from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know. -
Book Review: Drush For Developers, 2nd Edition
Michael Ross writes As with any content management system, building a website using Drupal typically requires extensive use of its administrative interface, as one navigates through its menus, fills out its forms, and reads the admin pages and notifications — or barely skims them, as they have likely been seen by the site builder countless times before. With the aim of avoiding this tedium, speeding up the process, and making it more programmatic, members of the Drupal community created a "shell" program, Drush, which allows one to perform most of these tasks on the command line. At this time, there is only one current print book that covers this tool, Drush for Developers, Second Edition, which is ostensibly an update of its predecessor, Drush User's Guide. Read below for the rest of Michael's review. Drush For Developers, 2nd Edition author Juampy Novillo Requena pages 180 publisher Packt Publishing rating 7/10 reviewer Michael Ross ISBN 978-1784393786 summary Recommendations for improving Drupal development with Drush. Both editions were written by Juampy Novillo Requena, although in the transition from the first edition to the second, both the author's name and the book title were changed. The most recent edition's title seems redundant, because of course such a book is going to be "for developers"; after all, who but Drupal developers would have an interest in Drush? The edition under review was published on 29 January 2015 by Packt Publishing, under the ISBN 978-1784393786. (My thanks to the publisher for a review copy.) At 180 pages, this edition is longer than its predecessor, but still a manageable size. Its content is divided among half a dozen chapters. Anyone interested in learning more about the book may wish to visit the publisher's website, which provides a brief description of the book, the table of contents, free sample content (Chapter 3), and the source code files.
The first chapter begins by presenting a brief comparison of the steps needed to run database updates on a Drupal website, using the GUI versus using Drush. As expected, the latter requires fewer steps. The author then discusses the prerequisites for installing Drush in a Linux or OS X environment. For Windows, the given download URL, http://www.drush.org/drush_win..., is incorrect and should instead be http://drush.readthedocs.org/e.... The author states that "the installer installs an older version of Drush," but actually the installer has disappeared from its former locations. Fortunately, the current Windows archive file has the latest version as of this writing, 7.0.0-alpha7. This version is more recent than the alpha5 used in the book, but the commands and their options seem identical. On the other hand, it is a large archive file containing the Drush application files, Msys, PHP, and parts of PEAR and Symfony's YAML — but no helpful installer. The chapter continues with explication of Drush command invocation, arguments, options, aliases, and context. The only apparent blemish is that the variable name "site-name" (page 14) should instead read "site_name."
After this introductory material, one would expect the next chapter or so to explain and illustrate the details of Drush commands frequently used by site developers, such as those for installing, enabling, and updating modules and themes. Instead, the author jumps far ahead to much more advanced topics (more on this below). In the case of the second chapter, the goal is to learn how to synchronize code, database configuration, and content among different server environments, including capturing database configuration settings in files so they can be version controlled in Git. This is arguably worthwhile knowledge, but certainly not what the average reader would expect so early in the book.
Readers attempting to follow and replicate the demonstrations in the book, may become frustrated with the pitfalls in the second chapter — such as the instances where it does not provide all the needed instructions, or they don't match the example code. When readers starting from scratch encounter the Drush script (page 23), they may be tempted to try it right away on their own test sites, but this would be ill-advised because the first command will fail until the Registry Rebuild command is installed (later in the chapter), and the fourth command will fail if the chosen website does not have the Features module already installed and enabled. When learning about database updates, the reader is instructed to create a new Boolean field, but only later learns that the test website should have contained nodes of the "Basic Page" content type. When readers learn these things the hard way, they must circle back and redo steps or, even worse, try to revert the state of files or the database.
The mymodule custom module found in the downloadable archive does not match what the reader will need on page 30, so she will need to modify mymodule.install to match that listed in the book, and also presumably comment out the last two lines in mymodule.info related to the Features module — but not the first two, because that would result in worse problems later. This initial code should have been included in the downloadable archive. Before running the command drush --verbose updatedb, should she have enabled the mymodule custom module? Apparently so, since the expected output includes "Executing mymodule_update_7100," but when I tried it, the provided module's update hook was not recognized as a database update, using Drush or the admin interface (update.php). On page 32, the reader is told to download and enable the Features module, but that must have been done already because the mymodule module required it earlier. Lastly, the book's preface states that PHP version 5.2 (or higher) would be sufficient, but 5.5 is needed, otherwise a fatal PHP error is generated by the empty() call on line 29 of the "7101" example code.
The third chapter covers the use of Drush for running and monitoring a variety of tasks in a Drupal website, such as updating the database or reindexing the searchable content in Apache Solr. The author begins by briefly describing the uses for the cron utility, and some advantages of executing it from Drush. A technique shown for preventing Drupal from running cron automatically, is to set the cron_safe_threshold variable to 0, export it to code (as a Features module), and then deploy it to the target environments. The author also demonstrates how to use Jenkins in conjunction with Drush to periodically run and monitor cron jobs. As an example of running a task without using cron, a Feeds importer is set up to work with Drush, using a custom module and a Drush command to trigger the Feeds importer. It's not mentioned in the book, but for the importer, in the settings for the node processor, be sure to assign the bundle, otherwise there will be EntityMalformedException errors; also, map the essential feed and node elements, otherwise the nodes created will be empty.
The book then explores a number of topics that are somewhat related to one another: how to use Drush and the Drupal Batch API to run time-consuming tasks so as to avoid PHP and database limits of memory and time; how to run PHP code after Drupal has been bootstrapped; how to best log messages using the drush_log() function; how to capture Drush output in a file; how to implement your own logging mechanism by overriding the Drush default logging function; and how to run Drush commands in the background. Despite the complexity of the processing implemented in this chapter, readers should encounter few problems trying it out. For the drush php-eval commands, Windows command line users will need to replace the single quotes with double quotes. In the section titled "The php-script command," two of the three "php-eval" terms should instead read "php-script" (page 65).
Debugging and error handling are addressed in detail in the fourth chapter: how to validate user input values and Drush command line options prior to passing them to a command's callback; how to define custom validation within a command; how to discover all of the available hooks for any given Drush command; utilizing the Devel module, how to discover all of the Drupal modules that use a given hook, and how to find the location of a given function or class method. In the midst of all this, readers get a detailed tour of the steps that Drush executes when bootstrapping Drupal. Readers should note that, as with the second chapter, some of the code in the downloadable archive does not match the initial code presented in the text, but rather its final state. As readers may have been seen in earlier chapters, the "-- verbose" versions of the Drush commands can produce a lot more informational output than what is presented in the text, including the MySQL commands (that may be a consequence of, in this case, the Windows command line). In the case of drush --debug testhooks, the output is remarkably different, but at least all of the commands are executed.
The penultimate chapter explores techniques for leveraging Drush to better manage Drupal websites on local and remote servers, utilizing site aliases. Developers will undoubtedly be intrigued if not thrilled with the possibilities of being able to execute Drush, Linux, and MySQL commands within remote environments from the local command line. The only questionable aspect is that in the first chapter it is claimed that one "does not even have to open an SSH connection" to perform these feats of digital derring-do, and yet all of them presented in this chapter seem to depend upon an SSH connection — if not explicitly on the command line, then at least established and used in the background by Drush. Nonetheless, the potential power of using Drush in this manner is clearly significant for Drupal site builders and maintainers, and thus the author wisely shows how to avoid inadvertently corrupting the files or database of a target installation.
The final chapter blends and builds upon most if not all of the topics addressed in the earlier chapters, to show how Drush can be used to set up an effective development workflow for teams building Drupal websites. To this end, the author demonstrates how to move Drush commands out of a project's web document root, and how to use Drupal Boilerplate to achieve this and more. The instructions employ wget to download Boilerplate, but other readers as well may encounter an error of wget not being able to verify github.com's certificate. Readers learn how to use Jenkins to synchronize the Drupal files and databases in disparate environments, how to use Drush commands to improve database synchronization and sanitization, and how to prevent inadvertently emailing production addresses.
Like seemingly any Packt Publishing book, this one has plenty of errata relative to its length: "OSX" (page 9; should read "OS X"), "an input data" (page 14; should read "an input datum"), "inform [Drush] where" (page 19), "Dated" (page 21; should read "It is dated"), "sites/all/drush/command[s]" (page 28), "type Page" (page 29; should read "type Basic Page"), "PHP.ini" (page 34; should read "php.ini"), "cover [the] Queue API" (page 58), "context" (page 66; probably should read "content"), "run[ning]" (page 66), "straight brackets" (page 68; just "brackets"), "thanks to [']allow-additional-options'" (page 83), "require [the] minimum" (page 94), "a valid Drupal's root directory" (page 94; no "'s"), "point [to] our local Drupal project" (page 117), "logged as message" (page 120), "our the $HOME path" (page 139), "password;." (page 149), and "offers [a] hook" (ditto). Some of the phrasing is odd, e.g., "output can be logged in to" (page 34), "tasks running at cron" (page 52), and "equals to 1" (page 61). Some of the sentences are incomplete, e.g., "Importing configuration into the database." (page 34). Fortunately, none of the narrative is incomprehensible, and it is generally smoother in this edition than in the first.
The structure of this book is more logical than that of its predecessor. As Drupal expert Mike Anello correctly pointed out in his review of the first edition, "the book could have easily been improved by splitting out various sections of chapters into their own stand-alone chapters." The same criticism still holds true for this second edition, particularly the third chapter, though to a much lesser extent overall.
As with most if not all titles offered by Packt Publishing, this book's chapters are lengthened with summaries, none of which serve any useful purpose, since they repeat what was presented just pages earlier, but do not include enough detail to be of any value.
One major problem with the book is that it is billed as a second edition to the earlier user guide, which covered introductory and intermediate topics; yet this second edition does not, and instead is almost entirely devoted to advanced topics. In fact, much of the material is preparatory for the final chapter, on utilizing Drush to improve a team's project workflow. This is not made clear to the prospective buyer. This is truly a new book, and not an update of the first edition. Furthermore, it is more focused on specific uses of Drush.
Whether this book could be recommended to any potential reader, depends upon what that individual is hoping to learn. For anyone who wishes full coverage of the beginner and intermediate topics of Drush, this book would be completely inappropriate, and the individual would be best pointed to the Drush documentation. On the other hand, the book would be much better suited for a Drupal developer looking to improve his or her understanding of using Drush for managing database configuration settings and other topics related to project workflow, particularly in team settings — in which case it could be extremely valuable.
Michael Ross is a freelance web developer and writer.
You can purchase Drush For Developers, 2nd Edition from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know. -
License Details Hint MS Undecided On Suing Users of Its Open Source Net Runtime
ciaran2014 writes With Microsoft proudly declaring its .NET runtime open source, a colleague and I decided to look at the licensing aspects. One part, the MIT licence, is straightforward, but there's also a patent promise. The first two-thirds of the first sentence seems to announce good news about Microsoft not suing people. Then the conditions begin. It seems Microsoft can't yet bring itself to release something as free software without retaining a patent threat to limit how those freedoms can be exercised. Overall, we found 4 Shifty Details About Microsoft's "Open Source" .NET. -
Bitcoin In China Still Chugging Along, a Year After Clampdown
angry tapir writes A year after China began tightening regulations around Bitcoin, the virtual currency is still thriving in the country, albeit on the fringes, according to its largest exchange. Bitcoin prices may have declined, but Chinese buyers are still trading the currency in high volumes with the help of BTC China, an exchange that witnessed the boom days back in 2013, only to see the bust following the Chinese government's announcement, in December of that year, that banks would be banned from trading in bitcoin. -
Robots4Us: DARPA's Response To Mounting Robophobia
malachiorion writes DARPA knows that people are afraid of robots. Even Steve Wozniak has joined the growing chorus of household names (Musk, Hawking, Gates) who are terrified of bots and AI. And the agency's response--a video contest for kids--is equal parts silly and insightful. It's called Robots4Us, and it asks high schoolers to describe their hopes for a robot-assisted future. Five winners will be flown to the DARPA Robotics Competition Finals this June, where they'll participate in a day-after discussion with experts in the field. But this isn't quite as useless as it sounds. As DRC program manager Gill Pratt points out, it's kids who will be impacted by the major changes to come, moreso than people his age. -
Book Review: Future Crimes
benrothke writes Technology is neutral and amoral. It's the implementers and users who define its use. In Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It, author Marc Goodman spends nearly 400 pages describing the dark side of technology, and those who use it for nefarious purposes. He provides a fascinating overview of how every major technology can be used to benefit society, and how it can also be exploited by those on the other side. Keep reading for the rest of Ben's review. Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It author Marc Goodman pages 400 publisher Doubleday rating 9/10 reviewer Ben Rothke ISBN 978-0385539005 summary In the rush to get everyone wired, they forget to secure it Technology breeds crime and in the book, Goodman users Crime, Inc. as a metaphor for the many entities and organizations that exist in the dark web and fringes of the Internet. Towards the end of the book, after describing all of the evils that the Internet creates, he suggests creation of a modern day Manhattan Project for cyber security. He writes that a major initiative such as that is what is required to secure the Internet and emerging technologies.
As to Crime, Inc., Goodman shows how they use technologies such as distributed computing, satellite communications, crowdsourcing, encrypted channels and other sophisticated mechanisms to carry out their actions. The premise of the book, and it's a compelling one, is that in the rush to wire every classroom, person and organization, we have failed to secure it appropriately.
The books 18 chapters are an easy and fascinating read. Goodman writes in detail about many major technologies trends and how its benefits can be subverted. The book is written for the non-technical reader and Goodman does an admirable job of minimize tech-talk and gibberish.
While the book obsesses on the dark side, it's important to note that Goodman is not an anti-technologist. The goal of the book is to make people aware of what they are clicking on, and how they often give away their personal life when using free mobile applications.
Chapter 6 on the surveillance economy is particularly interesting. While Snowden brought attention to the NSA's wholesale spying, what has gone under the radar is the lucrative surveillance economy that has developed. Goodman writes how firms like Acxion, Epsilon and others are part of the over $150 billion data brokerage industry. Their power is that they correlate information from myriad disparate sources, to create a powerful dossier that marketers are willing to pay for.
The chapter articulately details the unprecedented amounts of data people have shared with third-parties; that once shared, is almost impossible to control. The privacy implications are huge and the problem is only getting worse. Data brokers have no privacy incentives as they make money when they sell data, not when they protect it.
The book is a fascinating read, albeit a bit wordy at times. The book contains so many horror stories and examples of software and hardware gone badly, that the reader can be overwhelmed. Goodman on occasion makes some errors, such as when he writes that a six-terabyte hard drive could hold all of the music ever recorded anywhere in the world throughout history. At times, he overemphasizes things, such as when he writes that one billion users have posted their most intimate details on Facebook. While Facebook recently passed the 1 billion user mark, not every user posts intimate details of their live.
The book provides a superb overview of the security implications of the Internet of Things (IoT). Goodman details how the IoT can be used to create intelligent systems and networks that can detect and shutdown adversaries. But to secure the IoT will require an effort akin to the Manhattan Project. With that, Goodman advocates that the government fund a digital Manhattan Project, getting the best and brightest minds in the information security space together, to create a framework to better secure the Internet.
The problem is as he notes, that Washington simply does not see the need nor can they comprehend the urgency of the situation. It's only the government that can ostensibly get the private and public sectors together to work in concert, but that is unlikely to happen anytime soon. Which only serves to exacerbate an already tenuous information security problem.
An additional issue the book grapples with, it that the while government wants its citizens to be secure and touts the importance of personal privacy, it simultaneously spies on them. Also, providers such as Google and Facebook provide free services, at the cost of turning the user into a data customer. It's not just the criminals and terrorists the book warns about, rather government and free data collection services.
While the book paints an overly depressing picture of what the future holds for personal privacy, Goodman closes the book with his UPDATE protocol. He writes that while the worst is yet to come and that it's getting more and more difficult to gain control you're your personal data and metadata; there are six steps you can do. Goodman claims that these 6 steps can prevent 85% of digital attacks. The UPDATE steps are: Update frequently, Passwords, Download from safe sites only, Administrator accounts used with care, Turn off computers and Encrypt data.
Much of the problem is that people are clueless to what is going on. They use free services not knowing their data and personal privacy is what they are giving away. Finally, users don't know what good security looks like. The book is a valiant attempt to show users that while they think they are using the Internet in a pristine environment, it is simply a cesspool of malware, scammers and miscreants. Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It is a great wake-up call. Let just hope everyone wakes up and read it.
Reviewed by Ben Rothke.
You can purchase Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know. -
Book Review: Future Crimes
benrothke writes Technology is neutral and amoral. It's the implementers and users who define its use. In Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It, author Marc Goodman spends nearly 400 pages describing the dark side of technology, and those who use it for nefarious purposes. He provides a fascinating overview of how every major technology can be used to benefit society, and how it can also be exploited by those on the other side. Keep reading for the rest of Ben's review. Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It author Marc Goodman pages 400 publisher Doubleday rating 9/10 reviewer Ben Rothke ISBN 978-0385539005 summary In the rush to get everyone wired, they forget to secure it Technology breeds crime and in the book, Goodman users Crime, Inc. as a metaphor for the many entities and organizations that exist in the dark web and fringes of the Internet. Towards the end of the book, after describing all of the evils that the Internet creates, he suggests creation of a modern day Manhattan Project for cyber security. He writes that a major initiative such as that is what is required to secure the Internet and emerging technologies.
As to Crime, Inc., Goodman shows how they use technologies such as distributed computing, satellite communications, crowdsourcing, encrypted channels and other sophisticated mechanisms to carry out their actions. The premise of the book, and it's a compelling one, is that in the rush to wire every classroom, person and organization, we have failed to secure it appropriately.
The books 18 chapters are an easy and fascinating read. Goodman writes in detail about many major technologies trends and how its benefits can be subverted. The book is written for the non-technical reader and Goodman does an admirable job of minimize tech-talk and gibberish.
While the book obsesses on the dark side, it's important to note that Goodman is not an anti-technologist. The goal of the book is to make people aware of what they are clicking on, and how they often give away their personal life when using free mobile applications.
Chapter 6 on the surveillance economy is particularly interesting. While Snowden brought attention to the NSA's wholesale spying, what has gone under the radar is the lucrative surveillance economy that has developed. Goodman writes how firms like Acxion, Epsilon and others are part of the over $150 billion data brokerage industry. Their power is that they correlate information from myriad disparate sources, to create a powerful dossier that marketers are willing to pay for.
The chapter articulately details the unprecedented amounts of data people have shared with third-parties; that once shared, is almost impossible to control. The privacy implications are huge and the problem is only getting worse. Data brokers have no privacy incentives as they make money when they sell data, not when they protect it.
The book is a fascinating read, albeit a bit wordy at times. The book contains so many horror stories and examples of software and hardware gone badly, that the reader can be overwhelmed. Goodman on occasion makes some errors, such as when he writes that a six-terabyte hard drive could hold all of the music ever recorded anywhere in the world throughout history. At times, he overemphasizes things, such as when he writes that one billion users have posted their most intimate details on Facebook. While Facebook recently passed the 1 billion user mark, not every user posts intimate details of their live.
The book provides a superb overview of the security implications of the Internet of Things (IoT). Goodman details how the IoT can be used to create intelligent systems and networks that can detect and shutdown adversaries. But to secure the IoT will require an effort akin to the Manhattan Project. With that, Goodman advocates that the government fund a digital Manhattan Project, getting the best and brightest minds in the information security space together, to create a framework to better secure the Internet.
The problem is as he notes, that Washington simply does not see the need nor can they comprehend the urgency of the situation. It's only the government that can ostensibly get the private and public sectors together to work in concert, but that is unlikely to happen anytime soon. Which only serves to exacerbate an already tenuous information security problem.
An additional issue the book grapples with, it that the while government wants its citizens to be secure and touts the importance of personal privacy, it simultaneously spies on them. Also, providers such as Google and Facebook provide free services, at the cost of turning the user into a data customer. It's not just the criminals and terrorists the book warns about, rather government and free data collection services.
While the book paints an overly depressing picture of what the future holds for personal privacy, Goodman closes the book with his UPDATE protocol. He writes that while the worst is yet to come and that it's getting more and more difficult to gain control you're your personal data and metadata; there are six steps you can do. Goodman claims that these 6 steps can prevent 85% of digital attacks. The UPDATE steps are: Update frequently, Passwords, Download from safe sites only, Administrator accounts used with care, Turn off computers and Encrypt data.
Much of the problem is that people are clueless to what is going on. They use free services not knowing their data and personal privacy is what they are giving away. Finally, users don't know what good security looks like. The book is a valiant attempt to show users that while they think they are using the Internet in a pristine environment, it is simply a cesspool of malware, scammers and miscreants. Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It is a great wake-up call. Let just hope everyone wakes up and read it.
Reviewed by Ben Rothke.
You can purchase Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know. -
Apple Extends Its Trade-In Program
Mark Wilson writes "Earlier in the month it was reveal that Apple was about to start offering gift cards as part of a trade-in program for people buying new a new iPhone. The updated program has now gone live so you can take your old Apple device, or non-Apple smartphone to an Apple store, or mail it in to receive credit. The credit can be used in store or online against the purchase of a new Apple device, and this program expansion is the latest move from Apple to try to tempt users away from other platforms. You can check online to see how much you can expect to receive for your existing phone and decide whether it's worth your while. Hint: it might not be. -
NASA Denies New Space Station Partnership With Russia
schwit1 writes NASA officials today denied they were negotiating a partnership with Russia to build a space station replacement for ISS, as suggested yesterday by the head of Russia's space program. Maybe the misunderstanding comes from NASA head Charles Bolden, who is currently in Russia. Bolden probably said some nice feel-good things to the Russians, things like "We want to keep working together," and "We will support your plans for your future space station." None of this was meant as a commitment, but the Russians might have taken them more seriously than Bolden realized. -
Startups Increasingly Targeted With Hacks
ubrgeek writes: Slack, makers of the popular communications software, announced yesterday that they'd suffered a server breach. This follows shortly after a similar compromise of Twitch.tv, and is indicative of a growing problem facing start-up tech companies. As the NY Times reports, "Breaches are becoming a kind of rite of passage for fledgling tech companies. If they gain enough momentum with users, chances are they will also become a target for hackers looking to steal, and monetize, the vast personal information they store on users, like email addresses and passwords." -
Toshiba Announces 3D Flash With 48 Layers
Lucas123 writes: Admitting it has bumped up against a 15 nanometer process wall, Toshiba announced it's focusing its efforts on three dimensional NAND using its Bit Cost Scalable technology (PDF) in order to increase capacity. It has dedicated a Japanese fab plant to it and developed 48-level 3D NAND, which bumps density up 33% over previous 3D NAND flash. The new 3D NAND will be able to store 128Gb of data per chip (16GB). Samsung has been mass producing 32-layer, triple-level cell (TLC) 3D NAND since last October and has incorporated it into some of its least expensive SSDs. Yesterday, Micron and Intel announced their own 32-layer 3D TLC NAND, which they claimed will lead to 10TB SSDs. While Toshiba's 3D NAND is multi-level cell (meaning it stores two bits per transistor versus three), the company does plan on developing a TLC version. Toshiba said it's not abandoning 15nm floating gate flash, but it will focus those efforts on lower capacity applications. -
Hoax-Detecting Software Spots Fake Papers
sciencehabit writes: In 2005, three computer science Ph.D. students at the Massachusetts Institute of Technology created a program to generate nonsensical computer science research papers. The goal was "to expose the lack of peer review at low-quality conferences that essentially scam researchers with publication and conference fees." The program — dubbed SCIgen — soon found users across the globe, and before long its automatically generated creations were being accepted by scientific conferences and published in purportedly peer-reviewed journals. But SCIgen may have finally met its match. Academic publisher Springer this week is releasing SciDetect, an open-source program to automatically detect automatically generated papers. SCIgen uses a "context-free grammar" to create word salad that looks like reasonable text from a distance but is easily spotted as nonsense by a human reader. -
Google Loses Ruling In Safari Tracking Case
mpicpp sends this report from CNET: The floodgates are now open for UK users to sue Google over privacy violations tied to tracking cookies. In a landmark ruling, the UK's Court of Appeal has dismissed Google's request to prevent British Web users from suing the company over tracking cookies and privacy violations. The decision was announced Friday, according to the BBC. In spite of default privacy settings and user preferences — including an opt-out of consent to be tracked by cookies — Google's tracking cookies gathered information on Safari browser users for nine months in 2011 and 2012. -
Modern Cockpits: Harder To Invade But Easier To Lock Up
HughPickens.com writes: Jad Mouawad And Christopher Drew write in the NY Times that although airplane cockpits are supposed to be the last line of defense from outside aggressors, airlines have fewer options if the threat comes from within. One of the major safety protocols that actually made planes safer in the past 15 years was that the cockpits were turned into fortresses. Unfortunately, that exact advantage was exploited by the co-pilot of the Germanwings plane on Tuesday to crash it intentionally. "It is shocking to me that there was not a second person present in the cockpit," says Mark Rosenker, a former chairman of the National Transportation Safety Board. Access to the cockpit is strictly regulated in the United States. Passengers are not allowed to congregate near the cockpit door, and whenever the door is open, no one is allowed in the forward bathroom and flight attendants usually block aisle access, sometimes using a food cart. The Federal Aviation Administration mandates that a flight attendant must sit in the cockpit when either pilot steps into the passenger area; European regulations do not have a similar two-person rule, but they're now talking about creating one.
The Germanwings accident also points to potential shortcomings in how pilots are screened for mental problems, a recurring concern for an industry that demands focus and discipline in an increasingly technical job, often in stressful situations. In 2012, a well-regarded pilot with JetBlue, one of the airline's earliest employees, was physically restrained by passengers on a flight from New York to Las Vegas after displaying erratic behavior. In that case, the co-pilot locked the pilot out of the cabin and made an emergency landing in Amarillo, Tex. "Aircraft-assisted pilot suicides," as the Federal Aviation Administration calls them, are rare. They include the November 2013 crash of a Mozambique Airlines plane bound for Luanda, Angola, which bears an eerie resemblance to the Germanwings plane's demise. When the flight's co-pilot left to use the lavatory, the captain locked him out of the cockpit and manually steered the aircraft earthward. The crash of Egypt Airlines Flight 990 off Nantucket, Mass., in 1999, which killed all 217 people on board, was also caused by deliberate action, a National Transportation Safety Board investigation concluded. Experts on suicide say that the psychology of those who combine suicide with mass murder may differ in significant ways from those who limit themselves to taking their own lives. -
Big Vulnerability In Hotel Wi-Fi Router Puts Guests At Risk
An anonymous reader writes Guests at hundreds of hotels around the world are susceptible to serious hacks because of routers that many hotel chains depend on for their Wi-Fi networks. Researchers have discovered a vulnerability in the systems, which would allow an attacker to distribute malware to guests, monitor and record data sent over the network, and even possibly gain access to the hotel's reservation and keycard systems. The vulnerability, which was discovered by Justin W. Clarke of the security firm Cylance, gives attackers read-write access to the root file system of the ANTlabs devices. The discovery of the vulnerable systems was particularly interesting to them in light of an active hotel hacking campaign uncovered last year by researchers at Kaspersky Lab. In that campaign, which Kaspersky dubbed DarkHotel. -
Amazon Blasts FAA On Drone Approvals, Regulations
itwbennett writes Late last week, Amazon was issued permission by the FAA to fly an experimental drone as part of its tests for a planned automatic delivery service but it came too late, Paul Misener, vice president of global public policy at Amazon, told lawmakers on Tuesday. 'The UAS [unmanned aircraft system] approved last week by the FAA has already become obsolete,' he said. As a result, Amazon has filed for permission to fly a more advanced drone—one that is already being flown in several countries including the U.K., said Misener, who was speaking at a hearing of the Senate Committee on commerce, science and transportation. -
Australian Company Creates Even Faster 3D Printer
ErnieKey writes: One of the major reasons 3D printing hasn't really caught on is because it's an incredibly slow process. Just last week a company called Carbon3D unveiled a super fast new 3D printing process that utilizes oxygen and light. Now, another company — Gizmo 3D — has unveiled an even faster 3D printing process which is claimed to be more reliable than the process presented by Carbon3D. It can print 30mm in height at a 50 micron resolution in just 6 minutes. -
IBM Will Share Tech With China To Help Build IT Industry There
An anonymous reader sends this report from Reuters: IBM Corp will share technology with Chinese firms and will actively help build China's industry, CEO Virginia Rometty said in Beijing as she set out a strategy for one of the foreign firms hardest hit by China's shifting technology policies. IBM must help China build its IT industry rather than viewing the country solely as a sales destination or manufacturing base, Rometty said. ... [Her] remarks were among the clearest acknowledgements to date by a high-ranking foreign technology executive that companies must adopt a different tack if they are to continue in China amid growing political pressure. A number of U.S. technology companies operating in China are forming alliances with domestic operators, hoping a local partner will make it easier to operate in the increasingly tough environment for foreign businesses. -
Nobody Is Sure What Should Count As a Cyber Incident
chicksdaddy writes: Despite a lot of attention to the problem of cyber attacks against the nation's critical infrastructure, The Christian Science Monitor notes that there is still a lot of confusion about what, exactly, constitutes a "cyber incident" in critical infrastructure circles. The result: many incidents in which software failures affect critical infrastructure may go unreported.
Passcode speaks to security experts like Joe Weiss, who claims to have a list of around 400 incidents in which failures in software and electronic communications lead to a failure of confidentiality, integrity or availability (CIA) — the official definition of a cyber incident. Few of them are considered cyber incidents within critical infrastructure circles, however. His list includes some of the most deadly and destructive public sector accidents of the last two decades. Among them: a 2006 emergency shutdown of Unit 3 at the Browns Ferry nuclear plant in Alabama, the 1999 Olympic Gas pipeline rupture and explosion in Bellingham Washington that killed three people and the 2010 Pacific Gas & Electric gas pipe explosion in San Bruno, Calif., that killed eight people and destroyed a suburban neighborhood.
While official reports like this one about the San Bruno pipeline explosion (PDF) duly note the role software failure played in each incident, they fail to characterize them as 'cyber incidents' or note the cyber-physical aspects of the adverse event. Weiss says he has found many other, similar omissions that continue even today. He argues that applying an IT mindset to critical infrastructure results in operators overlooking weaknesses in their systems. "San Bruno wasn't malicious, but it easily could have been," Weiss notes. "It's a nonmalicious event that killed 8 people and destroyed a neighborhood." -
Modern PHP: New Features and Good Practices
Michael Ross writes In recent years, JavaScript has enjoyed a dramatic renaissance as it has been transformed from a browser scripting tool primarily used for special effects and form validation on web pages, to a substantial client-side programming language. Similarly, on the server side, after years as the target of criticism, the PHP computer programming language is seeing a revival, partly due to the addition of new capabilities, such as namespaces, traits, generators, closures, and components, among other improvements. PHP enthusiasts and detractors alike can learn more about these changes from the book Modern PHP: New Features and Good Practices, authored by Josh Lockhart. Keep reading for the rest of Michael's review. Modern PHP: New Features and Good Practices author Josh Lockhart pages 268 publisher O'Reilly Media rating 8/10 reviewer Michael Ross ISBN 978-1491905012 summary Solid advice on some state-of-the-art PHP tools and techniques. Programmers familiar with the language and its community may recognize the author's name, because he is the creator of PHP The Right Way, a website which he describes as "an easy-to-read, quick reference for PHP popular coding standards, links to authoritative tutorials around the Web and what the contributors consider to be best practices at the present time," in 21 different languages.
Yet rest assured that the book under review is not merely a dead-tree version of the website. Instead, the book covers the more recent advancements within the language, while the website covers best practices and standards. This should be borne in mind, otherwise the reader may be baffled by the absence from the book of certain topics on the website essential to the language, such as SPL, PEAR, and PHPDoc. Moreover, of the topics shared between the book and the website, the information is generally organized quite differently, with more example code in the book.
This title was published on 1 March 2015, under the ISBN 978-1491905012, by O'Reilly Media, who kindly provided me with a review copy. Its material is presented in 268 pages, organized into 13 chapters (The New PHP; Features; Standards; Components; Good Practices; Posting; Provisioning; Tuning; Deployment; Testing; Profiling; HHVM and Hack; Community), which are grouped into three parts (Language Features; Good Practices; Deployment, Testing, and Tuning) — as well as two appendices (Installing PHP; Local Development Environments) and an index. The publisher's page does not offer much of interest. However, all of the example code is available from the book's GitHub repository. There are differences between the GitHub code and what is printed in the book, e.g., a baffling require 'vendor/autoload.php'; in the first example code file. The author claims that the reader does not need to know PHP, but at least "a basic understanding of [] fundamental programming concepts" (page xiv). However, anyone without at least intermediate skills and experience with PHP could conceivably struggle with these more advanced subjects.
The first chapter is only a brief overview of the history of PHP, its current state, and some possible future changes to the language's engine. The real content starts in the second chapter, in which the author gives the reader a fast-paced introduction to his seven favorite major new features in PHP: namespaces, class interfaces, traits, generators, closures, Zend OPcache, and the built-in HTTP server. In some regards, the coverage is a bit too fast-paced, as some topics and questions likely in the reader's mind are not addressed — for instance, namespace case-sensitivity and techniques for ensuring that a chosen namespace is globally unique (page 9). For each topic, its purpose and advantages are explained, and sometimes illustrated with code examples, although none are extensive.
The second part of the book opens with a chapter on some of the new standards in the PHP ecosystem that are intended to move the common development process from a reliance upon one isolated framework, with an idiosyncratic coding style, to distributed components that can interoperate through the use of interfaces, industry-wide coding standards, and the use of autoloaders for finding and loading classes, interfaces, and traits at runtime. Components are covered in more detail in the subsequent chapter, as is Composer, for installing components and managing dependencies. The fifth chapter is a lengthy but information-packed exposition of numerous best practices regarding input data sanitization, password handling, dates and times, and safe database queries, among other topics. Some of the advice can be found in other PHP books and online, but all of this is neatly explained, updated with the newer PHP versions, and worthwhile as a refresher.
Deployment, testing, and tuning are the broad subject areas of the third and final part of the book. The author discusses the options for hosting your PHP applications, as well as provisioning any self-managed web server and tuning a server for optimal performance. All of the instructions assume you are using Linux and nginx, and thus would be of less value to those using Windows or Apache, for instance. The material on application deployment is relatively brief, and focuses on use of the Capistrano tool. Testing is often neglected in real-world projects, but certainly not in this book, as the author explains unit and functional testing, illustrated through the use of PHPUnit. This is followed by information on how to use a development or production profiler to analyze the performance of your application, with detailed coverage of Xdebug and XHProf, among other tools. The next two chapters dive into topics related to the (possible) future of PHP — specifically, Facebook's HHVM PHP interpreter and their Hack derivative language. The final chapter briefly discusses the PHP community. The two appendices explain how to install PHP on Linux or OS X for commandline use, and how to set up a local development environment. The author mentions a free edition of Zend Server, but the vendor page mentions no such pricing.
Despite its technical subject matter, this book is not a difficult read. The author's writing style is usually light and friendly, especially in the preface. In a few places, the phrasing is a bit too terse, which might prove momentarily confusing to some readers, e.g., "Function and constant aliases work the same as [those of] classes" (page 11). The text has some errata (aside from the two, as of this writing, already reported): "curl" (pages 15, 220, and 222; should read "cURL"), "a an argument" (page 33), "Prepared statement [to] fetch" (pages 99 and 100), "with [the] php://filter strategy" (page 110), "2 Gb" (page 129; should read "2 GB"), "the the" (page 154), "path to a the code" (page 176), and "Wordpress" (page 190; should read "WordPress").
One weakness with the book is that for several of the topics — including some critical ones — there is not enough detailed information provided that would allow one to begin immediately applying that technique or resource to one's own coding, but instead just enough information to whet one's appetite to learn more (presumably from another book or a website). Secondly, some of the narrative — particularly near the end of the book, when discussing various tools — would be of less value to anyone not developing analytics environment. Beware that some of the tools require numerous dependencies. For instance, do you have Composer, Git, MongoDB, and its PHP extension installed? If not, then you won't be using XHGUI. Also, some of the installation and configuration steps are quite lengthy, with no details provided for troubleshooting issues that might arise. Lastly, despite the promise that any reader with only basic programming knowledge will be able to fully understand the book, such a reader would likely find much of its contents mystifying without further preparation from other sources.
Nonetheless, the book has much to offer, despite its slender size. Numerous resources are recommended — most if not all apparently vetted by the author, who clearly has considerable experience in this arena. Some valuable techniques are presented, such as those instances in the text where the author shows how to use iteration on large data sets to minimize memory usage. In addition, the example code demonstrates that the author has made the effort to produce quality code that can serve as a model to others. Modern PHP does a fine job overall of explaining and advocating the newer capabilities of PHP that would attract developers to choose the language for building state-of-the-art websites and web applications.
Michael Ross is a freelance web developer and writer.
You can purchase Modern PHP: New Features and Good Practices from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know. -
Modern PHP: New Features and Good Practices
Michael Ross writes In recent years, JavaScript has enjoyed a dramatic renaissance as it has been transformed from a browser scripting tool primarily used for special effects and form validation on web pages, to a substantial client-side programming language. Similarly, on the server side, after years as the target of criticism, the PHP computer programming language is seeing a revival, partly due to the addition of new capabilities, such as namespaces, traits, generators, closures, and components, among other improvements. PHP enthusiasts and detractors alike can learn more about these changes from the book Modern PHP: New Features and Good Practices, authored by Josh Lockhart. Keep reading for the rest of Michael's review. Modern PHP: New Features and Good Practices author Josh Lockhart pages 268 publisher O'Reilly Media rating 8/10 reviewer Michael Ross ISBN 978-1491905012 summary Solid advice on some state-of-the-art PHP tools and techniques. Programmers familiar with the language and its community may recognize the author's name, because he is the creator of PHP The Right Way, a website which he describes as "an easy-to-read, quick reference for PHP popular coding standards, links to authoritative tutorials around the Web and what the contributors consider to be best practices at the present time," in 21 different languages.
Yet rest assured that the book under review is not merely a dead-tree version of the website. Instead, the book covers the more recent advancements within the language, while the website covers best practices and standards. This should be borne in mind, otherwise the reader may be baffled by the absence from the book of certain topics on the website essential to the language, such as SPL, PEAR, and PHPDoc. Moreover, of the topics shared between the book and the website, the information is generally organized quite differently, with more example code in the book.
This title was published on 1 March 2015, under the ISBN 978-1491905012, by O'Reilly Media, who kindly provided me with a review copy. Its material is presented in 268 pages, organized into 13 chapters (The New PHP; Features; Standards; Components; Good Practices; Posting; Provisioning; Tuning; Deployment; Testing; Profiling; HHVM and Hack; Community), which are grouped into three parts (Language Features; Good Practices; Deployment, Testing, and Tuning) — as well as two appendices (Installing PHP; Local Development Environments) and an index. The publisher's page does not offer much of interest. However, all of the example code is available from the book's GitHub repository. There are differences between the GitHub code and what is printed in the book, e.g., a baffling require 'vendor/autoload.php'; in the first example code file. The author claims that the reader does not need to know PHP, but at least "a basic understanding of [] fundamental programming concepts" (page xiv). However, anyone without at least intermediate skills and experience with PHP could conceivably struggle with these more advanced subjects.
The first chapter is only a brief overview of the history of PHP, its current state, and some possible future changes to the language's engine. The real content starts in the second chapter, in which the author gives the reader a fast-paced introduction to his seven favorite major new features in PHP: namespaces, class interfaces, traits, generators, closures, Zend OPcache, and the built-in HTTP server. In some regards, the coverage is a bit too fast-paced, as some topics and questions likely in the reader's mind are not addressed — for instance, namespace case-sensitivity and techniques for ensuring that a chosen namespace is globally unique (page 9). For each topic, its purpose and advantages are explained, and sometimes illustrated with code examples, although none are extensive.
The second part of the book opens with a chapter on some of the new standards in the PHP ecosystem that are intended to move the common development process from a reliance upon one isolated framework, with an idiosyncratic coding style, to distributed components that can interoperate through the use of interfaces, industry-wide coding standards, and the use of autoloaders for finding and loading classes, interfaces, and traits at runtime. Components are covered in more detail in the subsequent chapter, as is Composer, for installing components and managing dependencies. The fifth chapter is a lengthy but information-packed exposition of numerous best practices regarding input data sanitization, password handling, dates and times, and safe database queries, among other topics. Some of the advice can be found in other PHP books and online, but all of this is neatly explained, updated with the newer PHP versions, and worthwhile as a refresher.
Deployment, testing, and tuning are the broad subject areas of the third and final part of the book. The author discusses the options for hosting your PHP applications, as well as provisioning any self-managed web server and tuning a server for optimal performance. All of the instructions assume you are using Linux and nginx, and thus would be of less value to those using Windows or Apache, for instance. The material on application deployment is relatively brief, and focuses on use of the Capistrano tool. Testing is often neglected in real-world projects, but certainly not in this book, as the author explains unit and functional testing, illustrated through the use of PHPUnit. This is followed by information on how to use a development or production profiler to analyze the performance of your application, with detailed coverage of Xdebug and XHProf, among other tools. The next two chapters dive into topics related to the (possible) future of PHP — specifically, Facebook's HHVM PHP interpreter and their Hack derivative language. The final chapter briefly discusses the PHP community. The two appendices explain how to install PHP on Linux or OS X for commandline use, and how to set up a local development environment. The author mentions a free edition of Zend Server, but the vendor page mentions no such pricing.
Despite its technical subject matter, this book is not a difficult read. The author's writing style is usually light and friendly, especially in the preface. In a few places, the phrasing is a bit too terse, which might prove momentarily confusing to some readers, e.g., "Function and constant aliases work the same as [those of] classes" (page 11). The text has some errata (aside from the two, as of this writing, already reported): "curl" (pages 15, 220, and 222; should read "cURL"), "a an argument" (page 33), "Prepared statement [to] fetch" (pages 99 and 100), "with [the] php://filter strategy" (page 110), "2 Gb" (page 129; should read "2 GB"), "the the" (page 154), "path to a the code" (page 176), and "Wordpress" (page 190; should read "WordPress").
One weakness with the book is that for several of the topics — including some critical ones — there is not enough detailed information provided that would allow one to begin immediately applying that technique or resource to one's own coding, but instead just enough information to whet one's appetite to learn more (presumably from another book or a website). Secondly, some of the narrative — particularly near the end of the book, when discussing various tools — would be of less value to anyone not developing analytics environment. Beware that some of the tools require numerous dependencies. For instance, do you have Composer, Git, MongoDB, and its PHP extension installed? If not, then you won't be using XHGUI. Also, some of the installation and configuration steps are quite lengthy, with no details provided for troubleshooting issues that might arise. Lastly, despite the promise that any reader with only basic programming knowledge will be able to fully understand the book, such a reader would likely find much of its contents mystifying without further preparation from other sources.
Nonetheless, the book has much to offer, despite its slender size. Numerous resources are recommended — most if not all apparently vetted by the author, who clearly has considerable experience in this arena. Some valuable techniques are presented, such as those instances in the text where the author shows how to use iteration on large data sets to minimize memory usage. In addition, the example code demonstrates that the author has made the effort to produce quality code that can serve as a model to others. Modern PHP does a fine job overall of explaining and advocating the newer capabilities of PHP that would attract developers to choose the language for building state-of-the-art websites and web applications.
Michael Ross is a freelance web developer and writer.
You can purchase Modern PHP: New Features and Good Practices from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know. -
Interviews: SMBC's Zach Weiner Answers Your Questions
Last week you had a chance to ask Saturday Morning Breakfast Cereal (SMBC) creator and monocle enthusiast Zach Weiner about his comics, reading classy, and his other projects. Below you'll find his answers to your questions. How did it start?
by Flavianoep
Expanding my question, what inspired you to write your webcomic?
Weiner: SMBC really started in like 1998? I had a geocities site called Saturday Morning Breakfast Cereal, where I posted essays and comics and such. It was purely for amusement, with no plan to make money.
Later it morphed into just comics, and people seemed to like it. Later still, I was working a shit job in Hollywood and desperately wanted to escape. So, I focused on comics, and a few years later I was able to quit my job!
Sacred cows?
by eldavojohn
Have there been any times you feared you went too far with your humor? If not, when have you received the most mail asserting that you did?
Weiner: Definitely, yeah. I actually once finished a comic (I forget the joke, but the image was very old people having sex) and then shelved it for being too crude. Then later I was out of ideas and needed an update.
I don’t actually get a lot of hatemail. Then one time I was blindsided was a comic where I had some fratboys finding out a frat brother was dead, and then drawing dicks on his face. Apparently that was a bit upsetting for some people.
Jokes you didn't tell
by gman003
You often tell jokes that rely on fairly advanced math, science or economics. Have there been any jokes you scrapped because you thought they were *too* advanced for your audience?
Weiner: Well, as a general rule, jokes of that sort aren’t reallllly funny? Like, they’re association-funny, but not actually clever. There are exceptions, but not many. I don’t think I’ve ever held back a good joke just because it was niche.
In fact, I could argue the Internet favors jokes like that, at least in the short term. Like, I once did a joke about using TI-83s as a stable reserve currency. Probably was not liked by most of my audience, but the people who DID like it shared it a lot. Or, similarly, I did one about the Chairman of the Fed dressing up as a ghost and haunting banks to boost consumption. Niche joke, but it got lots of shares.
Gender and skin color
by gsliepen
Dear Zach, I noticed that your comics feature a remarkable balance in gender and skin color of the people you draw. There are also many same-gender couples. How do you do this? Do you decide yourself for each comic, or do you roll some dice? Do you randomize other things this way as well, like glasses and clothes? By the way, I noticed that you maintain a list of things you cannot draw. But don't worry, you're way better than that Randall guy who can only draw black&white stick figures.
Weiner: What’s really weird is (possibly because my audience is a bunch of dorks) is that tons of people assume I have an algorithm or some random mechanism. The truth is I just don’t write gender/color/etc. into the script unless it’s relevant to the joke. Then, when I’m drawing I pick semi-randomly.
You don’t want to be completely random, because you could get in trouble. Like, if I’m drawing someone committing financial crime, I don’t want my random throw to be Jewish. In general, I try to avoid stereotypes. So, for instance, if there’s only one irrational character in the strip, I try to make it a dude. Also, when someone has to be the jerk in the strip, I generally draw a redhead, so I’m really drawing myself as the asshole?
Randall who? Rand Paul?
The Rise of Joke Theft on the Internet
by eldavojohn
I'm not talking about your humorous Sarah Silverman satire video but the actual people who misappropriate a joke for their own. I've seen it on Facebook where someone reads a joke on Reddit or XKCD or SMBC and just rehashes it as their own idea in a post knowing that no one else out there could possibly be wasting their time on something like SMBC. Do you see this as frequently as I do? In all honesty does this bother you or merely flatter you? Is it just a natural unavoidable quality of memes or do you think it's more sinister?
Weiner: Here’s the thing. In 1990, when I was 8, I used to redraw other people’s comics and show them off. But who gives a shit, because it’s an 8 year old. Now, it’s all public. I think the real danger is NOT that people like me get ripped off - it’s that young artists aren’t even allowed to imitate. Imitation is how you figure out what you like!
That said, it’s easy for me to not care, since I’m making a comfortable living. But, in general, I think with “joke theft” we should err on the side of tolerance. That said, when sites like 9gag take my stuff and watermark it, yeah, that pisses me off. But, there’s nothing you can really do.
Ren & Stimpy
by SupahVee
I see a fair bit of other influences in your comics, with Ren & Stimpy references seeming to show up here and there. What other comic have played a role in your work, and is there some bad experience in early childhood that clearly left you so scarred from Ren & Stimpy?
Weiner: Really? I definitely watched as a kid, but I’m curious what you see as Ren & Stimpy references! I’m at least not doing it on purpose. My early big comic influences were Scott Adams, Glen Baxter, and the comic The Parking Lot is Full. Since then, I’ve diverged a lot. These days I try to take more influence from books and concepts than other cartoonists. But, many comics continue to impress - xkcd, Hark a Vagrant, Buttersafe, Oglaf. Recently I’ve really enjoyed Whomp!
Intellectual Sources
by Gestahl
With respect to your "philosophical thought experiment" comics, how many of your comics are based in topics/ideas you learned before the end of your formal education, how many are based on things you have encountered in your "continuing education" (whether based on life experience, or just what you are currently reading about), and how many are "novel" intuition pumps?
Weiner: Most I’ve learned after. But, I was a pretty lousy college student. I try to read 3-5 books a week, and make time for deep reading as well. It’s harder now that I have a kid, but the kid provides some insight too, I suppose.
I don’t know how much is new. That said, I was very pleased to find out about Nozick’s Utility Monster AFTER I’d done a comic describing that exact idea! I was 40 years too late, but it’s neat to know that I came up with something a smarter guy came up with.
The Mrs. and the extended comic
by Anonymous Coward
How does your wife feel being portrayed in the comic?
Weiner: My wife likes the spotlight more than me! She’s actually doing some public science lecturing in the near future, if anyone’s interested.
So, I think she even enjoy the insulting ones (i.e. all of them).
Zach Weiner is awesome
by Jax Omen
I love Zach, met him at a comic-con in Seattle a couple years ago, he signed his SMBC-Theater DVD for us and posed for "photo bomb" pictures. Awesome dude. My question for Zach is, have you ever considered/pondered/done any longer-form comics, with a cohesive narrative? You have tons of goofy ideas, some quite entertaining, I'd love to see what you could do with a story-driven comic powered by your goofy ideas. Also: your wife is wrong, single-use monocles are an awesome idea, even if just for gag-gift purposes :P
Weiner: I’m working on one serious dramatic graphic novel and a few prose novels now. I’ve wanted to do longform stuff for a while, but it’s hard to find the time!
Glad you liked the monocles :) I think they’re hilarious, but I’ve never gotten so many angry messages (vapid consumerism! hipster bullshit! neckbearded nerds!) over a product before. It’s weird because people are ascribing all sorts of philosophical/social context to it that I just don’t see.
Any Public Response to the Common Criticism?
by eldavojohn
How do you respond to the criticism that by widely distributing your single use monocles to teenagers and adults, you'll be making highbrow socializing safer and therefore increase it to immoral levels?
Weiner: If one wishes to be a prig or a Puritan, one can flaunt one’s moral views about them, but they are not one’s concern. Besides, Individualism has really the higher aim. Modern morality consists in accepting the standard of one’s age. I consider that for any man of culture to accept the standard of his age is a form of the grossest immorality.
Do you have...
by serviscope_minor
Do you have any extra wisdom to share with us that's you know, like... woah? (For those less familiar with SMBC, this is one of my all time favorites.)
Weiner: Most people spend their lives in dread of the stuff that would make them happiest.
Also, no matter how good a giant Reese’s looks, it’ll never match your expectation. -
"Google Glass Isn't Dead!" Says Google's CEO Eric Schmidt
lord_rob the only on writes "After Google stopped selling its wearable Glass device in January this year, many people speculated that the controversial gadget was on its way out for good. However, Google executive chairman Eric Schmidt has said that the technology behind Glass is too important to throw away, and that the program has been put under the control of Nest's Tony Fadell to "make it ready for users" in the future. -
The Bulletin of the Atomic Scientists Introduces the Doomsday Dashboard
Lasrick writes You probably know the hand on the Doomsday Clock now rests at 3 minutes to midnight. The Bulletin of the Atomic Scientists has launched a pretty cool little interactive Dashboard that lets you see data that the Bulletin's Science and Security Board considers when making the decision on the Clock's time each year. There are interactive graphs that show global nuclear arsenals, nuclear material security breaches, and how much weapons-grade plutonium and uranium is stored (and where). The climate change section features graphs of global sea level rise over time, Arctic sea ice minimums. atmospheric carbon dioxide levels, and differences in global temperature. There's also a section for research on biosecurity and emerging technologies. -
Magic Leap's AR Demo Video
First time accepted submitter iMadeGhostzilla writes TechCrunch reports: "Magic Leap is showing what it might look like to use its hardware for augmented reality gaming in the future, with a new demo of what the team is apparently 'playing in the office' right now. The brief video shows examples of interacting with YouTube and Gmail apps, along with browsing a menu system for OS-level interaction. The person in the video from whose perspective it's apparently shot then selects a shooter game, tests out a weapon after choosing from a variety of options, does some tower-defense style stuff by placing a current and fights some visually impressive but fairly generic baddies. [...] The video was posted with an apology for Magic Leap's absence at TED." Commenters on reddit and elsewhere believe the video is fake. Magic Leap recently came into the spotlight with its recent $540M backing by Google and others. -
FTC's Internal Memo On Google Teaches Companies a Terrible Lesson
schwit1 writes FTC staffers spent enormous time pouring through Google's business practices and documents as well as interviewing executives and rivals. They came to the conclusion that Google was acting in anti-competitive ways, such as restricting advertisers from working with rival search engines. But commissioners balked at the prospect of a lengthy and protracted legal fight. For a big company, that process may have been enlightening. Agency staffers might find evidence of anti-competitive behavior. But that doesn't mean the firm will face the music in the end. Previous attempts to go after big companies — such as the Justice Department's long-running antitrust case against Microsoft in the 1990s — loomed large in regulators' minds at the time of the Google probe, according to a former official who worked at the agency then. "Even if we were in the right and could win," said the former official, "it could take a lot of resources away from other enforcement." -
Mars One Delayed 2 Years, CEO Releases Video In Response To Criticism
CryoKeen writes It's interesting how different news sites spin #marsgate. From Yahoo News: "The private colonization project Mars One has pushed its planned launch of the first humans toward the Red Planet back by two years, to 2026. The delay was necessitated by a lack of investment funding, which has slowed work on a robotic precursor mission that Mars One had wanted to send toward the Red Planet in 2018, Mars One CEO Bas Lansdorp said in a new video posted today... 'We had a very successful investment round in 2013 that has financed all the things that we have done up to now. And we have actually come to an agreement with a consortium of investors late last year for a much bigger round of investments. Unfortunately, the paperwork of that deal is taking much longer than we expected,' Lansdorp said in the video." This Astrowatch article is a lot more scathing and to the point: "Mars One, the Dutch company planning to send people on a one-way trip to Mars, that recently selected a group of 100 hopefuls, struggles with criticism. In a Medium story this week, Mars One finalist Joseph Roche presented multiple reasons as to why he believed the entire operation is a complete scam. In response, the company published a video Thursday in which Bas Lansdorp, CEO and Co-founder of Mars One, replies to recent criticism concerning the feasibility of Mars One's human trip to Mars. He also revealed that the mission will be delayed for two years. Roche said that the 'only way' to get selected for the next round of the Mars One candidacy process was to donate money. 'My nightmare about it is that people continue to support it and give it money and attention, and it then gets to the point where it inevitably falls on its face,' Roche told Elmo Keep for Medium." -
Scientists: It's Time To Resolve the Ethics of Editing Human Genome
An anonymous reader writes: We've previously discussed a system called CRISPR-cas9, which is dramatically reducing the cost and effort required to do gene editing. In fact, the barrier to entry is now so low that a group of biologists is calling for a moratorium on using the method to modify the human genome. Writing in the journal Science (abstract), the scientists warn that we've reached the point where the ethical questions surrounding DNA alteration can be put off no longer. David Baltimore, one of the group's members, said, "You could exert control over human heredity with this technique, and that is why we are raising the issue. ... I personally think we are just not smart enough — and won't be for a very long time — to feel comfortable about the consequences of changing heredity, even in a single individual." Another group of scientists called for a similar halt to human germline modification, and the International Society for Stem Cell Research says it agrees. -
Target To Pay $10 Million In Proposed Settlement For 2013 Data Breach
itwbennett writes Target has agreed to pay $10 million in a proposed settlement to a class-action lawsuit stemming from its massive 2013 data breach, which affected as many as 110 million people. Individual victims could receive up to $10,000. The proposed settlement also includes measures to better protect the customer data that Target collects, according to documents filed with the U.S. District Court, District of Minnesota. -
Fake Suicide Attempt Tests Facebook Prevention Tool, Lands Man In Asylum
First time accepted submitter abhishekmdb writes Shane Tusch faked his suicide in an attempt to test the authenticity of Facebook suicide prevention tool and got detained for 72 hours. Facebook has rolled out a set of tools to keep a check on its users who are having suicidal tendencies and prevent these users from suicidal attempts. In case some user is having suicidal thoughts and mentions that in the Facebook posts and if a friend of that user reports it to Facebook then a third party will immediately review the post and Facebook would lock the suicidal user's account and the user will be made to read Facebook's suicide prevention materials. -
Microsoft Says Free Windows 10 Upgrades For Pirates Will Be Unsupported
An anonymous reader writes with this story about some of the fine print to Microsoft's offer of Windows 10 upgrades to pirates. "When Microsoft confirmed it will offer free Windows 10 upgrades to pirates worldwide, many were shocked. VentureBeat has been trying to get more details from the company, which disclosed today that after PCs with pirated copies of Windows 7 and Windows 8.1 are upgraded to Windows 10, they will remain in a 'non-genuine' status and Microsoft will not support them. 'With Windows 10, although non-genuine PCs may be able to upgrade to Windows 10, the upgrade will not change the genuine state of the license,' a Microsoft spokesperson told VentureBeat. 'Non-genuine Windows is not published by Microsoft. It is not properly licensed or supported by Microsoft or a trusted partner. If a device was considered non-genuine or mislicensed prior to the upgrade, that device will continue to be considered non-genuine or mislicensed after the upgrade. According to industry experts, use of pirated software, including Non-genuine Windows, results in a higher risk of malware, fraud — identity theft, credit card theft, etc. — public exposure of your personal information, and a higher risk for poor performance or feature malfunctions.' Yet this doesn't provide enough answers. After a pirate upgrades to Windows 10 for free, does this 'non-genuine' version expire and become unusable after a certain period of time? Does no support mean no security updates for pirates?"