Education

Interviews: Ask Author and Programmer Andy Nicholls About R 103

Andy Nicholls has been an R programmer and consultant for Mango Solutions since 2011 (where he currently manages the R consultancy team), after a long stint as a statistician in the pharmaceutical industry. He has a serious background in mathematics, too, with a Masters in math and another in Statistics with Applications in Medicine. Andy has taught more than 50 on-site R training courses and has been involved in the development of more than 30 R packages; he's also a regular contributor to events at LondonR, the largest R user group in the UK. But since not everyone can get to London for a user group meeting, you can get some of the insights he's gained as an R expert in Sams Teach Yourself R In 24 Hours (available in print or at Safari), of which he is the lead author. Today, though, you can ask Andy about the much-lauded statistics-oriented free software (GPL) language directly -- Why to use it, how to get started, how to get things done, and where those intriguing release names come from. (The about page is helpful, too.) As usual, please ask as many questions as you'd like, but one question at a time, please.
Security

Cisco ASA Firewall Has a Wormable Problem — And a Million Installs (csoonline.com) 72

itwbennett writes: Cisco has published an advisory for a vulnerability with a CVSS (Common Vulnerability Scoring System) score of 10 that was discovered by researchers from Exodus Intelligence. According to the advisory, 'a vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.' As CSO's Dave Lewis points out, 'the part of this that is most pressing is that Cisco claims that there are over a million of these deployed.'
And attackers have not been sitting on their thumbs.
Open Source

LibreOffice 5.1 Officially Released 177

prisoninmate writes: After being in development for the last three months or so, LibreOffice 5.1 comes today to a desktop environment near you with some of the most attractive features you've ever seen in an open-source office suite software product, no matter the operating system used. The release highlights of LibreOffice 5.1 include a redesigned user interface for improved ease of use, better interoperability with OOXML files, support for reading and writing files on cloud servers, enhanced support for the ODF 1.2 file format, as well as additional Spreadsheet functions and features. Yesterday, even with the previous version, I was able to successfully use a moderately complex docx template without a hitch — the kind of thing that would have been a pipe-dream not too long ago.
Advertising

Why Stack Overflow Doesn't Care About Ad Blockers 276

Press2ToContinue writes: Forging a bold step in the right direction, Stack Overflow announced today that they don't care if you use an ad blocker when you visit their site. "The truth is: we don't care if our users use ad blockers on Stack Overflow. More accurately: we hope that they won't, but we understand that some people just don't like ads. Our belief is that if someone doesn't like them, and they won't click on them, any impressions served to them will only annoy them-- plus, serving ads to people who won't click on them harms campaign performance. ... Publishers can't win by forcing ads — especially low-quality ads — in people's faces. Think scantily-clad women selling flight deals, weight-loss supplement promos or wacky waving inflatable arm-flailing tube-men promoting car dealerships." It's possible that this declaration by SO might help to clarify to advertisers that it is the overabundance of low quality ads that practically force the public to seek out ad blockers. But seriously, what is the likelihood of that?
Open Source

SourceForge Eliminates DevShare Program (sourceforge.net) 422

SourceForge has officially eliminated its DevShare program. The DevShare program delivered installer bundles as part of the download for participating projects. We want to restore our reputation as a trusted home for open source software, and this was a clear first step towards that. We are more interested in doing the right thing than making extra short-term profit. This is just the first step in a number of improvements we will outline in the coming weeks. SourceForge and Slashdot were acquired in late January by BIZX.
Books

Uborne Children's Books Release For Free Computer Books From the '80s (usborne.com) 117

martiniturbide writes: To promote some new computer coding books for kids, Uborne Children's Books has put online 15 of its children books from the '80s to learn how to code games. The books are available for free in PDF format and has samples to create your game for Commodore 64, VIC 20, Apple, TRS 80, Spectrum and other. Maybe you read some of them like "Machine Code for Beginners" or "Write your own Adventure Program for MicroComputers." Should other publishers also start to make their '80s and '90s computer books available for free?
Graphics

Amazon Launches Free Game Engine Lumberyard 56

Dave Knott writes: Amazon has both announced and released a new, free game engine, Lumberyard, which offers deep integration with its Amazon Web Services server infrastructure to empower online play, and also with Twitch, its video game-focused streaming service. Lumberyard is powerful and full-featured enough to develop triple-A current-gen console games, with mobile support is coming down the road. Its core engine technology is based on Crytek's CryEngine. However, Lumberyard represents a branch of that tech, and the company is replacing or upgrading many of CryEngine's systems. Monetization for Lumberyard will come strictly through the use of Amazon Web Services' cloud computing. If you use the engine for your game, you're permitted to roll your own server tech, but if you're using a third-party provider, it has to be Amazon. Integration of Amazon's Twitch video streaming tools at a low level also helps to cement that platform's dominance in the game streaming space. Alongside Lumberyard, the company has also announced and released GameLift, a new managed service for deploying, operating, and scaling server-based online games using AWS. GameLift will be available only to developers who use Lumberyard, though it's an optional add-on. The game engine is in beta, but is freely usable and downloadable today.
Oracle

Java Installer Flaw Shows Why You Should Clear Your Downloads Folder (csoonline.com) 64

itwbennett writes: On Friday, Oracle published a security advisory recommending that users delete all the Java installers they might have laying around on their computers and use new ones for versions 6u113, 7u97, 8u73 or later. The reason: Older versions of the Java installer were vulnerable to binary planting in the Downloads folder. 'Though considered relatively complex to exploit, this vulnerability may result, if successfully exploited, in a complete compromise of the unsuspecting user's system,' said Eric Maurice, Oracle's software security assurance director, in a blog post.
Businesses

How the Cloud Has Changed (Since Last You Looked) 86

snydeq writes: InfoWorld's Peter Wayner takes a look at the new services and pricing models that are making cloud computing more powerful, complex, and cheaper than it was a few short years ago. 'We get more, but using it isn't always as simple as it could be. Sure, you still end up on root on some box that's probably running Linux, but getting the right performance out of that machine is more complex,' Wayner writes. "But the real fun comes when you try to figure out how to pay for your planned cloud deployment because there are more options than ever. ... In some cases, the cost engineering can be more complex than the software engineering."
Open Source

GitHub Open Sources Their Internal Testing Tool (thenewstack.io) 62

destinyland writes: Last week GitHub released a new open source tool called Scientist, a Ruby-based library they've been using in-house for several years. "It's the most terrifying moment when you flip the switch," GitHub engineer Jesse Toth told one technology reporter, who notes that the tool is targeted at developers transitioning from a legacy system. "Scientist was born when GitHub engineers needed to rewrite the permissions code — one of the most critical systems in the GitHub application." The tool measures execution duration and other metrics for both test and production code during runtime, and Toth reports that they're now also developing new versions in Node.js, C#, and .Net..
Security

Researcher Finds Tens of Software Products Vulnerable To Simple Bug (softpedia.com) 151

An anonymous reader writes: There's a German security researcher that is arduously testing the installers of tens of software products to see which of them are vulnerable to basic DLL hijacking. Surprisingly, many companies are ignoring his reports. Until now, only Oracle seems to have addressed this problem in Java and VirtualBox. Here's a short (probably incomplete) list of applications that he found vulnerable to this attack: Firefox, Google Chrome, Adobe Reader, 7Zip, WinRAR, OpenOffice, VLC Media Player, Nmap, Python, TrueCrypt, and Apple iTunes. Mr. Kanthak also seems to have paid special attention to antivirus software installers. Here are some of the security products he discovered vulnerable to DLL hijacking: ZoneAlarm, Emsisoft Anti-Malware, Trend Micro, ESET NOD32, Avira, Panda Security, McAfee Security, Microsoft Security Essentials, Bitdefender, Rapid7's ScanNowUPnP, Kaspersky, and F-Secure.
GNU is Not Unix

Talos Secure Workstation Is Free-Software Centric — and $3100 [Updated] 117

jones_supa writes: These days, the motivation to use open source software for many people is to avoid backdoors placed by intelligence organizations and to avoid software that has hidden privacy-intruding characteristics. For the operating system and userspace software, open choices are already available. The last remaining island has been the firmware included in various ROM chips in a computer. Libreboot has introduced an open BIOS, but it is not available for newer systems featuring the Intel ME or AMD PSP management features. Talos' Secure Workstation fills this need, providing a modern system with 8-core POWER8 CPU, 132 GB RAM, and open firmware. The product is currently in a pre-release phase where Raptor Engineering is trying to understand if it's possible to do a production run of the machine. If you are interested, it's worth visiting the official website. Adds an anonymous reader about the new system, which rings in at a steep $3100: "While the engineers found solace in the POWER8 architecture with being more open than AMD/Intel CPUs, they still are searching for a graphics card that is open enough to receive the FSF Respect Your Freedom certification." Update: 02/08 18:44 GMT by T : See also Linux hacker and IBM employee Stewart Smith's talk from the just-completed linux.conf.au on, in which he walks through "all of the firmware components and what they do, including the boot sequence from power being applied up to booting an operating system." Update: 02/08 23:30 GMT by T :FSF Licensing & Compliance Manager Joshua Gay wrote to correct the headline originally appeared with this story, which said that the Talos workstation described was "FSF Certified"; that claim was an error I introduced. "The FSF has not certified this hardware," says Gay, "nor is it currently reviewing the hardware for FSF certification." Sorry for the confusion.
Advertising

Adblock Plus Maker Seeks Deal With Ad Industry Players (yahoo.com) 355

An anonymous reader writes with Yahoo's report that the makers of Adblock Plus are "looking to reach out to advertisers and identify an 'acceptable' level and form of advertising on the net." That involves convincing advertisers to conform to the company's own guidelines for advertising, or an alternative path much disliked by some of the software's users — to pay the company to ignore ads that don't meet those guidelines. From the article: Big websites can pay a fee not to be blocked. And it is these proceeds that finance the Cologne-based company and its 49-strong workforce. While Google and Amazon have paid up, others refuse. Axel Springer, which publishers Germany's best-selling daily Bild, accuses [Adblock Plus maker] Eyeo of racketeering. "We believe Eyeo's business model is against the law," a spokesman for Springer told AFP. "Clearly, Eyeo's primary aim is to get its hands on a share of the advertising revenues." Ultimately, such practices posed a threat to the professional journalism on the web, he suggested, an argument Eyeo rejects.
China

Malware Targets Skype Users, Records Conversations (softpedia.com) 49

An anonymous reader writes: A new backdoor trojan is making the rounds, coming equipped with features that allow it to steal files, take screengrabs, and record Skype conversations. Currently detected targeting US organizations, researchers linked it to previous malware developed by a Chinese cyber-espionage group called Admin@338. Besides recording Skype conversations, the malware can also steal Office documents, and includes a complicated installation procedure that allows it to avoid antivirus software installed on the machine.
Android

Report: Google Will Go In Big For VR Hardware This Year 51

The Financial Times reports that Google isn't going to let the VR hardware wars fall to the likes of Samsung and Oculus; instead, it's working on a (cardboard-free) VR headset of its own, to be released in conjunction with Android VR software intended not only to make Android more VR friendly in general but specifically to help developers reduce nausea-inducing lag. The report doesn't quite come out of the blue, considering that Google has shipped more than 5 million of its own Cardboard viewer already, and has several projects dealing with VR infrastructure, either directly (like Jump) or indrectly (like Project Tango). Google (or Alphabet) has proven itself a hardware behemoth, not just the "search giant" it's so often called in news stories, and of late seems to be more interested in making its footprint in hardware a bit firmer.
Firefox

Firefox Adopts a 6-8 Week Variable Release Schedule (mozilla.org) 248

AmiMoJo writes: Four years ago Mozilla moved to a fixed-schedule release model, otherwise known as the Train Model, in which we released Firefox every six weeks to get features and updates to users faster. Now Mozilla is moving to a variable 6-8 week cycle, with the same number of releases per year but some flexibility to 'respond to emerging user and market needs' and allow time for holidays. The new release schedule looks like this:
  • 2016-01-26 – Firefox 44
  • 2016-03-08 – Firefox 45, ESR 45 (6 weeks cycle)
  • 2016-04-19 – Firefox 46 (6 weeks cycle)
  • 2016-06-07 – Firefox 47 (7 weeks cycle)
  • 2016-08-02 – Firefox 48 (8 weeks cycle)
  • 2016-09-13 – Firefox 49 (6 weeks cycle)
  • 2016-11-08 – Firefox 50 (8 weeks cycle)
  • 2016-12-13 – Firefox 50.0.1 (5 week cycle, release for critical fixes as needed)
  • 2017-01-24 – Firefox 51 (6 weeks from prior release)

Businesses

Startup Uses Sensor Networks To Debug Science Experiments (xconomy.com) 25

gthuang88 writes: Environmental factors like temperature, humidity, or lighting often derail life science experiments. Now Elemental Machines, a startup from the founders of Misfit Wearables, is trying to help scientists debug experiments using distributed sensors and machine-learning software to detect anomalies. The product is in beta testing with academic labs and biotech companies. The goal is to help speed up things like biology research and drug development. Wiring up experiments is part of a broader effort to create "smart labs" that automate some of the scientific process.
Windows

Windows 10 Gets Core Console Host Enhancements (nivot.org) 246

x0n writes: As of Windows 10 TH2 (10.0.1058), the core console subsystem has support for a large number of ANSI and VT100 escape sequences. This is likely to prepare for full Open SSH server/client integration, which is already underway over on github. It looks like xterm is finally coming to Windows. OpenSSH was previously announced (last year) by the very forward-looking PowerShell team. The linked article provides some context, and explains that the console host isn't the same as either cmd.exe or powershell.exe, but there is a lot of overlap in functionality.
Classic Games (Games)

Bethesda To Unleash the Hounds of Hell On May 13th: Doom Release Date Confirmed (hothardware.com) 86

MojoKid writes: Bethesda and id Software are in the process rebooting the Doom franchise and it seems like it's been in development for ages. When we last visited the upcoming Doom remake, Bethesda had posted a giblet-filled trailer which showed some pretty impressive gameplay visuals, killer hand-to-hand combat and plenty of head stomping. However, Bethesda just clued gamers in on something that Doom fans have been anticipating for years, an actual release date. Mark your calendars for May 13th, because that's when Doom will be available for Xbox One, PlayStation 4 and of course, the PC platform. Bethesda also dropped a new campaign trailer for you to ogle.
Open Source

CFQ In Linux Gets BFQ Characteristics 65

jones_supa writes: Paolo Valente from University of Modena has submitted a Linux kernel patchset which replaces CFQ (Completely Fair Queueing) I/O scheduler with the last version of BFQ (Budget Fair Queuing, a proportional-share scheduler). This patchset first brings CFQ back to its state at the time when BFQ was forked from CFQ. Paolo explains: "Basically, this reduces CFQ to its engine, by removing every heuristic and improvement that has nothing to do with any heuristic or improvement in BFQ, and every heuristic and improvement whose goal is achieved in a different way in BFQ. Then, the second part of the patchset starts by replacing CFQ's engine with BFQ's engine, and goes on by adding current BFQ improvements and extra heuristics." He provides a link to the thread in which it is agreed on this idea, and a direct link to the e-mail describing the steps.

Slashdot Top Deals