Bytepowered
Computer Repair, articles, guides and tutorials.
Site Search
Home |  Guides | About | Privacy Policy |

Developer News Slashdot.com Developer News

Slashdot: Developers

Should Your Company Switch To Microservices?


Walmart Canada claims that it was microservices that allowed them to replace hardware with virtual servers, reducing costs by somewhere between 20 and 50 percent. Now Slashdot reader snydeq shares an article by a senior systems automation engineer arguing that a microservices approach "offers increased modularity, making applications easier to develop, test, deploy, and, more importantly, change and maintain." The article touts things like cost savings and flexibility for multiple device types, suggesting microservices offer increased resilience and improved scalabiity (not to mention easier debugging and a faster time to market with an incremental development model). But it also warns that organizations need the resources to deploy the new microservices quicky (and the necessary server) -- along with the ability to test and monitor them for database errors, network latency, caching issues and ongoing availability. "You must embrace devops culture," argues the article, adding that "designing for failure is essential... In a traditional setting, developers are focused on features and functionalities, and the operations team is on the hook for production challenges. In devops, everyone is responsible for service provisioning -- and failure." The original submission ends with a question for Slashdot reader. "What cautions do you have to offer for folks considering tapping microservices for their next application?"

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/Ab2n6TgF11k/should-your-company-switch-to-microservices


Next Post


'Stack Clash' Linux Flaw Enables Root Access. Patch Now


msm1267 writes: Linux, BSD, Solaris and other open source systems are vulnerable to a local privilege escalation vulnerability known as Stack Clash that allows an attacker to execute code at root. Major Linux and open source distributors made patches available Monday, and systems running Linux, OpenBSD, NetBSD, FreeBSD or Solaris on i386 or amd64 hardware should be updated soon. The risk presented by this flaw, CVE-2017-1000364, becomes elevated especially if attackers are already present on a vulnerable system. They would now be able to chain this vulnerability with other critical issues, including the recently addressed Sudo vulnerability, and then run arbitrary code with the highest privileges, said researchers at Qualys who discovered the vulnerability.

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/QEHL7HLdwqU/stack-clash-linux-flaw-enables-root-access-patch-now


Next Post


32TB of Windows 10 Internal Builds, Core Source Code Leak Online


According to an exclusive report via The Register, "a massive trove of Microsoft's internal Windows operating system builds and chunks of its core source code have leaked online." From the report: The data -- some 32TB of installation images and software blueprints that compress down to 8TB -- were uploaded to betaarchive.com, the latest load of files provided just earlier this week. It is believed the data has been exfiltrated from Microsoft's in-house systems since around March. The leaked code is Microsoft's Shared Source Kit: according to people who have seen its contents, it includes the source to the base Windows 10 hardware drivers plus Redmond's PnP code, its USB and Wi-Fi stacks, its storage drivers, and ARM-specific OneCore kernel code. Anyone who has this information can scour it for security vulnerabilities, which could be exploited to hack Windows systems worldwide. The code runs at the heart of the operating system, at some of its most trusted levels. In addition to this, hundreds of top-secret builds of Windows 10 and Windows Server 2016, none of which have been released to the public, have been leaked along with copies of officially released versions.

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/7f8eNLXVDPQ/32tb-of-windows-10-internal-builds-core-source-code-leak-online


Next Post


NSA Opens GitHub Account, Lists 32 Projects Developed By the Agency


An anonymous reader quotes a report from The Hacker News: The National Security Agency (NSA) -- the United States intelligence agency which is known for its secrecy and working in the dark -- has finally joined GitHub and launched an official GitHub page. GitHub is an online service designed for sharing code amongst programmers and open source community, and so far, the NSA is sharing 32 different projects as part of the NSA Technology Transfer Program (TTP), while some of these are "coming soon." "The NSA Technology Transfer Program (TTP) works with agency innovators who wish to use this collaborative model for transferring their technology to the commercial marketplace," the agency wrote on the program's page. "OSS invites the cooperative development of technology, encouraging broad use and adoption. The public benefits by adopting, enhancing, adapting, or commercializing the software. The government benefits from the open source community's enhancements to the technology." Many of the projects the agency listed are years old that have been available on the Internet for some time. For example, SELinux (Security-Enhanced Linux) has been part of the Linux kernel for years.

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/9V4ZNt6Shf4/nsa-opens-github-account-lists-32-projects-developed-by-the-agency


Next Post


Intel Quietly Discontinues Galileo, Joule, and Edison Development Boards


Intel is discontinuing its Galileo, Joule, and Edison lineups of development boards. The chip-maker quietly made the announcement last week. From company's announcement: Intel Corporation will discontinue manufacturing and selling all skus of the Intel Galileo development board. Shipment of all Intel Galileo product skus ordered before the last order date will continue to be available from Intel until December 16, 2017. [...] Intel will discontinue manufacturing and selling all skus of the Intel Joule Compute Modules and Developer Kits (known as Intel 500 Series compute modules in People's Republic of China). Shipment of all Intel Joule products skus ordered before the last order date will continue to be available from Intel until December 16, 2017. Last time orders (LTO) for any Intel Joule products must be placed with Intel by September 16, 2017. [...] Intel will discontinue manufacturing and selling all skus of the Intel Edison compute modules and developer kits. Shipment of all Intel Edison product skus ordered before the last order date will continue to be available from Intel until December 16, 2017. Last time orders (LTO) for any Intel Edison products must be placed with Intel by September 16, 2017. All orders placed with Intel for Intel Edison products are non-cancelable and non-returnable after September 16, 2017. The company hasn't shared any explanation for why it is discontinuing the aforementioned development boards. Intel launched the Galileo, an Arduino-compatible mini computer in 2013, the Edison in 2014, and the Joule last year. The company touted the Joule as its "most powerful dev kit." You can find the announcement posts here.

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/sdiq897Hr0M/intel-quietly-discontinues-galileo-joule-and-edison-development-boards


Next Post


Community Ports 'Visual Studio Code' To Chromebooks, Raspberry Pi


An anonymous reader quotes InfoWorld: A community build project led by developer Jay Rodgers is making Visual Studio Code, Microsoft's lightweight source code editor, available for Chromebooks, Raspberry Pi boards, and other devices based on 32-bit or 64-bit ARM processors. Supporting Linux and Chrome OS as well as the DEB (Debian) and RPM package formats, the automated builds of Visual Studio Code are intended for less-common platforms that might not otherwise receive them. Obvious beneficiaries will be IoT developers focused on ARM devices -- and the Raspberry Pi in particular -- who will find it helpful to have the editor directly on the device they're programming against... Rodgers said the lure of Visual Studio Code for him was its user-friendly interface, making it approachable for new users.

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/_r1E5HTgPVg/community-ports-visual-studio-code-to-chromebooks-raspberry-pi


Next Post


What Happens When Software Companies Are Liable For Security Vulnerabilities?


mikeatTB shares an article from TechRepublic: Software engineers have largely failed at security. Even with the move toward more agile development and DevOps, vulnerabilities continue to take off... Things have been this way for decades, but the status quo might soon be rocked as software takes an increasingly starring role in an expanding range of products whose failure could result in bodily harm and even death. Anything less than such a threat might not be able to budge software engineers into taking greater security precautions. While agile and DevOps are belatedly taking on the problems of creating secure software, the original Agile Manifesto did not acknowledge the threat of vulnerabilities as a problem, but focused on "working software [as] the primary measure of progress..." "People are doing exactly what they are being incentivized to do," says Joshua Corman, director of the Cyber Statecraft Initiative for the Atlantic Council and a founder of the Rugged Manifesto, a riff on the original Agile Manifesto with a skew toward security. "There is no software liability and there is no standard of care or 'building code' for software, so as a result, there are security holes in your [products] that are allowing attackers to compromise you over and over." Instead, almost every software program comes with a disclaimer to dodge liability for issues caused by the software. End-User License Agreements (EULAs) have been the primary way that software makers have escaped liability for vulnerabilities for the past three decades. Experts see that changing, however. The article suggests incentives for security should be built into the development process -- with one security professional warning that in the future, "legal precedent will likely result in companies absorbing the risk of open source code."

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/74A9Rl_jgUE/what-happens-when-software-companies-are-liable-for-security-vulnerabilities


Next Post


Announcing 'build', Auto-Configuration In 1000 Lines Of Makefile


Christophe de Dinechin created the XL programming language -- and as descubes he's also Slashdot reader #35,093. Today he shares his latest project, a simple makefile-based build system that he's split from ELFE/XL: Most open-source projects use tools such as autoconf and automake. For C and C++ projects, build is a make-based alternative that offers auto-configuration, build logs, colorization, testing and install targets, in about 1000 lines of makefile. A sample makefile looks like this: BUILD=./SOURCES=hello.cppPRODUCTS=hello.exeCONFIG= <stdio.h> <iostream> clearenv libmTESTS=productinclude $(BUILD)rules.mk

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/76xBwrfwAsI/announcing-build-auto-configuration-in-1000-lines-of-makefile


Next Post


The Size of iPhone's Top Apps Has Increased by 1,000% in Four Years


Research firm Sensor Tower shares an analysis: As the minimum storage capacity of iPhone continues to increase -- it sits at 32 GB today on the iPhone 7, double the the iPhone 5S's 16 GB circa 2013 -- it's not surprising that the size of apps themselves is getting larger. In fact, Apple raised the app size cap from 2 GB to 4 GB in early 2015. What's surprising is how much faster they're increasing in size compared to device storage itself. According to Sensor Tower's analysis of App Intelligence, the total space required by the top 10 most installed U.S. iPhone apps has grown from 164 MB in May 2013 to about 1.8 GB last month, an 11x or approximately 1,000 percent increase in just four years. [...] Of the top 10 most popular U.S. iPhone apps, the minimum growth we saw in app size since May 2013 was 6x for both Spotify and Facebook's Messenger. As the chart above shows, other apps, especially Snapchat, have grown considerably more. In fact, Snapchat is more than 50 times larger than it was four years ago, clocking in at 203 MB versus just 4 MB at the start of the period we looked at. It's not the largest app among the top 10, however. That distinction goes to Facebook, which, at 388 MB, is 12 times larger than it was in May 2013 when it occupied 32 MB. It grew by about 100 MB in one update during September of last year.

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/ni_tixo6iM4/the-size-of-iphones-top-apps-has-increased-by-1000-in-four-years


Next Post


Developers Who Use Spaces Make More Money Than Those Who Use Tabs


An anonymous reader writes: Do you use tabs or spaces for code indentation? This is a bit of a "holy war" among software developers; one that's been the subject of many debates and in-jokes. I use spaces, but I never thought it was particularly important. But today we're releasing the raw data behind the Stack Overflow 2017 Developer Survey, and some analysis suggests this choice matters more than I expected. There were 28,657 survey respondents who provided an answer to tabs versus spaces and who considered themselves a professional developer (as opposed to a student or former programmer). Within this group, 40.7% use tabs and 41.8% use spaces (with 17.5% using both). Of them, 12,426 also provided their salary. Analyzing the data leads us to an interesting conclusion. Coders who use spaces for indentation make more money than ones who use tabs, even if they have the same amount of experience. Indeed, the median developer who uses spaces had a salary of $59,140, while the median tabs developer had a salary of $43,750.

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/Unn8AE38H8Q/developers-who-use-spaces-make-more-money-than-those-who-use-tabs


Next Post


Report Reveals In-App Purchase Scams In the App Store


In a Medium article titled How to Make $80,000 Per Month On the Apple App Store, Johnny Lin uncovers a scamming trend in which apps advertising fake services are making thousands of dollars a month from in-app purchases. The practice works by manipulating search ads to promote dubious apps in the App Store and then preys on unsuspecting users via the in-app purchase mechanism. MacRumors reports: "I scrolled down the list in the Productivity category and saw apps from well-known companies like Dropbox, Evernote, and Microsoft," said Lin. "That was to be expected. But what's this? The #10 Top Grossing Productivity app (as of June 7th, 2017) was an app called 'Mobile protection :Clean & Security VPN.' Given the terrible title of this app (inconsistent capitalization, misplaced colon, and grammatically nonsensical 'Clean & Security VPN?'), I was sure this was a bug in the rankings algorithm. So I check Sensor Tower for an estimate of the app's revenue, which showed ... $80,000 per month?? That couldn't possibly be right. Now I was really curious." To learn how this could be, Lin installed and ran the app, and was soon prompted to start a "free trial" for an "anti-virus scanner" (iOS does not need anti-virus software thanks to Apple's sandboxing rules for individual apps). Tapping on the trial offer then threw up a Touch ID authentication prompt containing the text "You will pay $99.99 for a 7-day subscription starting Jun 9, 2017." Lin was one touch away from paying $400 a month for a non-existent service offered by a scammer. Lin dug deeper and found several other similar apps making money off the same scam, suggesting a wider disturbing trend, with scam apps regularly showing up in the App Store's top grossing lists.

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/-APX-3hU-yU/report-reveals-in-app-purchase-scams-in-the-app-store


Next Post


Apple's App Store Guidelines Now Allow Executable Code in Educational Apps and Developer Tools


An anonymous reader writes: Apple made several changes to the App Store Review Guidelines during WWDC last week, including an easing of the prohibition against downloading and executing code on an iOS device. The ban on executable code remains intact, but rule 2.5.2 now also provides that: "Apps designed to teach, develop, or test executable code may, in limited circumstances, download code provided that such code is not used for other purposes. Such apps must make the source code provided by the Application completely viewable and editable by the user.

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/GsuJCXiA2Dw/apples-app-store-guidelines-now-allow-executable-code-in-educational-apps-and-developer-tools


Next Post


Ask Slashdot: Will Python Become The Dominant Programming Language?


An anonymous reader shares their thoughts on language popuarity: In the PYPL index, which is based on Google searches and is supposed to be forward looking, the trend is unmistakable. Python is rising fast and Java and others are declining. Combine this with the fact that Python is now the most widely taught language in the universities. In fields such as data science and machine learning, Python is already dominating. "Python where you can, C++ where you must" enterprises are following suit too, especially in data science but for everything else from web development to general purpose computing... People who complain that you can't build large scale systems without a compiler likely over-rely on the latter and are slaves to IDEs. If you write good unit tests and enforce Test Driven Development, the compiler becomes un-necessary and gets in the way. You are forced to provide too much information to it (also known as boilerplate) and can't quickly refactor code, which is necessary for quick iterations. The original submission ends with a question: "Is Python going to dominate in the future?" Slashdot readers should have some interesting opinions on this. So leave your own thoughts in the comments. Will Python become the dominant programming language?

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/l46Lx0bIqpU/ask-slashdot-will-python-become-the-dominant-programming-language


Next Post


Ask Slashdot: How Can Programmers Move Into AI Jobs?


"I have the seriously growing suspicion that AI is coming for us programmers and IT experts faster than we might want to admit," writes long-time Slashdot reader Qbertino. So he's contemplating a career change -- and wondering what AI work is out there now, and how can he move into it? Is anything popping up in the industry and AI hype? (And what are these positions called, what do they precisely do, and what are the skills needed to do them?) I suspect something like an "AI Architect", planning AI setups and clearly defining the boundaries of what the AI is supposed to do and explore. Then I presume the requirements for something like an "AI Maintainer" and/or "AI Trainer" which would probably resemble something like an admin of a big data storage, looking at statistics and making educated decisions on which "AI Training Paths" the AI should continue to explore to gain the skill required and deciding when the "AI" is ready to be let go on to the task... And what about Tensor Flow? Should I toy around with it or are we past that stage already and will others do AI setup and installation better than me before I know how this thing really works...? Is there a degree program, or other paths to skill and knowledge, for a programmer who's convinced that "AI is today what the web was in 1993"? And if AI of the future ends up tied to specific providers -- AI as a service -- then are there specific vendors he should be focusing on (besides Google?) Leave your best suggestions in the comments. How can programmers move into AI jobs?

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/qy9lVOf5yuA/ask-slashdot-how-can-programmers-move-into-ai-jobs


Next Post


Does Silicon Valley Need More Labor Unions?


Salon recently talked to Jeffrey Buchanan, who two years ago co-founded a labor rights group "that highlights the plight of security officers, food-service workers, janitors and shuttle-bus drivers in the region." An anonymous reader quotes their report: The situation among Silicon Valley's low-wage contract workers has become so perilous that in January, thousands of security guards working at immensely profitable companies like Facebook and Cisco followed the shuttle-bus drivers and voted to unionize in an effort to collectively bargain for higher wages and better benefits. The upcoming labor contract negotiations between the roughly 3,000 security guards (represented by SEIU United Service Workers West) and their employers is one of the biggest developments in Silicon Valley labor organizing to happen this year. Buchanan says there's also a broader push this year to get tech companies to be proactive in ensuring these workers can make ends meet, even if these companies have to pay more for the services they procure... A paper published last year by University of California at Santa Cruz researchers Chris Brenner and Kyle Neering estimates between 19,000 and 39,000 contracted service workers are employed in the Valley at any given time... An additional 78,000 workers are at risk of becoming contract employees, according to the study, a number which includes administrative assistants, sales representatives and medium-wage computer programmers. This is part of a larger societal shift in which salaried workers are converted to contractors -- a transition that benefits business owners, in that they don't have to pay benefits and can hire and fire contractors at will. Buchanan's group represents contractors typically earning "as little as $20,000 a year." But Salon's headline argues that "programmers may be next" in the drive to organize contractors.

Read more of this story at Slashdot.


http://rss.slashdot.org/~r/Slashdot/slashdotDevelopers/~3/EPMQZdIJE8Q/does-silicon-valley-need-more-labor-unions


Next Post


Content divider image.
Bookmark This Page  AddThis Social Bookmark Button  |  Add RSS  Add Feed Add Feed
Bytepowered ltd Who links to this website?
Content divider image.

Home | Guides Index |
Privacy Policy | About | Site Map | Contact US |

Shopping For Hardware | Shopping Securely | Computer Hardware Online - Compare Retailers | Get The Plan | Choosing Hardware | Motherboards Guide | Computer Cases | CPU Guide | Memory Guide | Video Card Guide | Hard Drives Guide | Hardware Organizer | Download LibreOffice |

Copyright Bytepowered
NOW, ONLY 3.95 PER MONTH!!!