An anonymous reader writes "When it comes to spotting malware, signature-based detection, heuristics and cloud-based recognition and information sharing used by many antivirus solutions today work well up a certain point, but the polymorphic malware still gives them a run for their money. At the annual AusCert conference held this week in Australia a doctorate candidate from Deakin University in Melbourne has presented the result of his research and work that just might be the solution to this problem. Security researcher Silvio Cesare had noticed that malware code consists of small "structures" that remain the same even after moderate changes to its code. He created Simseer, a free online service that performs automated analysis on submitted malware samples and tells and shows you just how similar they are to other submitted specimens. It scores the similarity between malware (any kind of software, really), and it charts the results and visualizes program relationships as an evolutionary tree."
gadzook33 writes "I had an interesting experience at work recently. A colleague suggested during a meeting that we were building something that would make it far too easy for the customer to perform a certain task; a task that my colleague felt was deleterious. Without going into specifics, I believe an apt analogy would be giving everyone in the country a flying car. While this would no doubt be enjoyable, without proper training and regulation it would also be tremendously dangerous (also assume training and regulating is not practical in this case). I retorted that ours is not to reason why, and that we had the responsibility to develop the best possible solution, end of story. However, in the following days I have begun to doubt my position and wonder if we don't have some responsibility to artificially 'cripple' the solution and in doing so protect the user from themselves (build a car that stays on the ground). I do not for a second imagine that I am playing the part of Oppenheimer; this is a much more practical issue and less of an ethical one. But is there something to this?"
OpenShift, says Wikipedia, "is a cloud computing platform as a service product from Red Hat. A version for private cloud is named OpenShift Enterprise. The software that runs the service is open-sourced under the name OpenShift Origin, and is available on GitHub." This is a video interview in which Diane Mueller Explains OpenShift in depth. You may want to watch this OpenStack demo video as well.
psykocrime writes "The crazy kids at Fogbeam Labs have a new blog post positing that there is a trend towards advanced projects in NLP, Information Retrieval, Big Data and the Semantic Web moving to the Apache Software Foundation. Considering that Apache UIMA is a key component of IBM Watson, is it wrong to believe that the organization behind Hadoop, OpenNLP, Jena, Stanbol, Mahout and Lucene will ultimately be the home of a real 'Star Trek Computer'? Quoting: 'When we talk about how the Star Trek computer had “access to all the data in the known Universe”, what we really mean is that it had access to something like the Semantic Web and the Linked Data cloud. Jena provides a programmatic environment for RDF, RDFS and OWL, SPARQL and includes a rule-based inference engine. ... In addition to supporting the natural language interface with the system, OpenNLP is a powerful library for extracting meaning (semantics) from unstructured data - specifically textual data in an unstructured (or semi structured) format. An example of unstructured data would be the blog post, an article in the New York Times, or a Wikipedia article. OpenNLP combined with Jena and other technologies, allows “The computer” to “read” the Web, extracting meaningful data and saving valid assertions for later use.'" Speaking of the Star Trek computer, I'm continually disappointed that neither Siri nor Google Now can talk to me in Majel Barrett's voice.
Aguazul2 writes "The German software giant SAP has announced it plans to recruit hundreds of people with autism within the next few years. The project has already started in India and Ireland where a total of 11 people with autism are employed by the company. The program to take on software testers, programmers and data management workers will spread across Germany, Canada and the U.S. this year. People with autism have a neural development disorder that often undermines their ability to communicate and interact socially [...] but in the world of computers the tendencies they often display such as an obsession for detail and an ability to analyze long sets of data very accurately can translate into highly useful and marketable skills."
Via the H comes a report that the Simon Phipps, current President of the Open Source Initiative, thinks that the VP8 patent Cross-license agreeement Google brokered with the MPEG-LA is incompatible with the Open Source definition. The primary problems are that the license is not sub-licensable and only covers certain uses, leading to conflict with OSD clauses five, six, and seven. Phipps concludes: "As a consequence, I suggest the license is flawed when considered in relation to open source projects and is likely to be negatively received by many communities that value software freedom. Doubtless a case can be made that the patent license is optional, but I suspect the community issues may remain. Once again we're left with our fingers crossed. Google's making the right noises, but this draft agreement seems like a particularly unworkable approach for free and open source software. Its failure to allow sublicensing seems like a major flaw. Even if this doesn't result in a requirement for all end-users to sign the agreement, the discrepancies between this document and the OSD leave it disruptive to open source adoption of VP8."
jrepin writes "The GNU Hurd is the GNU project's replacement for the Unix kernel. It is a collection of servers that run on the Mach microkernel to implement file systems, network protocols, file access control, and other features that are implemented by the Unix kernel or similar kernels (such as Linux). The Debian GNU/Hurd team announces the release of Debian GNU/Hurd 2013. This is a snapshot of Debian 'sid' at the time of the Debian 'wheezy' release (May 2013), so it is mostly based on the same sources. Debian GNU/Hurd is currently available for the i386 architecture with more than 10,000 software packages available (more than 75% of the Debian archive)."
An anonymous reader writes "I run a small software consulting company who outsources most of its work to contractors. I market myself as being able to handle any technical project, but only really take the fun ones, then shop it around to developers who are interested. I write excellent product specs, provide bug tracking & source control and in general am a programming project manager with empathy for developers. I don't ask them to work weekends and I provide detailed, reproducible bug reports and I pay on time. The only 'rule' (if you can call it that) is: I do not pay for bugs. Developers can make more work for themselves by causing bugs, and with the specifications I write there is no excuse for not testing their code. Developers are always fine with it until we get toward the end of a project and the customer is complaining about bugs. Then all of a sudden I am asking my contractors to work for 'free' and they can make more money elsewhere. Ugh. Every project ends up being a battle, so, I think the solution is to finally hire someone full-time and pay for everything (bugs or not) and just keep them busy. But how can I make that transition? The guy I'd need to hire would have to know a lot of languages and be proficient in all of them. Plus, I can't afford to pay someone $100k/year right now. Ideas?"
Today at a press conference leading up to E3, Microsoft unveiled its next-gen games/entertainment console, the Xbox One. Their stated goal for the Xbox One is to have a single device provide "all of your entertainment." One of the big changes is increased support for voice and and gesture input. You can turn the console on by voice, and it will recognize you and automatically login. Swiping to the side with your hand will browse through menu pages, and saying "Watch TV" will bring up the TV app very quickly. The same with music, internet, and movies. The new console also supports multitasking — for example, while watching a movie, you can bring up your web browser in a side panel and surf the web at the same time. There is also a built-in TV listings app that responds to channel names — saying "Watch CBS" will switch to CBS without giving it an actual channel number. By this point, you're probably asking: does it play games? Yes. Hardware specs: 8-core CPU/GPU, 8GB RAM, a Blu-ray drive, a 500GB HDD, USB 3.0, and Wi-fi Direct. (They didn't provide the CPU frequency, instead saying it had 5 billion transistors.) The Kinect sensor got an upgrade: 2Gbps of data capture has finer skeletal visibility, can detect minor orientation changes in hands and fingers, and can even calculate your balance and weight distribution. The new controller looks slightly bigger, and is designed to play well with Kinect. They've also updated Smartglass, the remote control software that runs on mobile devices, but they didn't explain much about it. The new Xbox Live will have 300,000 servers powering it, up from 15,000 this year — though, of course, no details were provided about server specs. The console will have native game capture and editing tools — essentially, a game DVR. Saved games will be stored in the cloud, and they have new matchmaking capabilities that operate in the background. Update: 05/21 17:50 GMT by S : Halo is getting its own live-action TV show, for some reason. They'll be collaborating with Steven Spielberg. Microsoft is also partnering with the NFL for live broadcasts and interactive experiences, such as split-screen Skype chats and fantasy league updates. Xbox One will be out "later this year." No price information. it will not be backward-compatible with Xbox 360 games.
dcblogs writes "The Senate's immigration bill may force the large offshore outsourcing firms to reduce their use of H-1B visa-holding staff, forcing them to hire more local workers and raising their costs. But one large Indian firm, Infosys, will try to offset cost increases with software robotics. Infosys recently announced a partnership with IPsoft, a New York-based provider of autonomic IT services. With IPsoft's tools, work that is now done by human beings, mostly Level 1 support, could be done by a software machine. Infosys says that IPsoft tools can 'reduce human intervention.' More colorfully, Chandrashekar Kakal, global head of Infosys's business IT services, told the Times of India, that 'what robotics did for the auto assembly line, we are now doing for the IT engineering line.' James Slaby, a research director of HFS Research who has been following the use of autonomics closely, wrote in a recent report that the IPsoft partnership may help Infosys 'reap fatter margins by augmenting and replacing expensive, human IT support engineers with cheaper, more accurate, efficient automated processes,' and by improving service delivery."
walterbyrd writes "In 2012, IBM started retiring the Lotus brand. Now 1-2-3, the core product that brought Lotus its fame, takes its turn on the chopping block. IBM stated, 'Effective on the dates listed below, [June 11, 2013] IBM will withdraw from marketing part numbers from the following product release(s) licensed under the IBM International Program License Agreement:' IBM Lotus 123 Millennium Edition V9.x, IBM Lotus SmartSuite 9.x V9.8.0, and Organizer V6.1.0. Further, IBM stated, 'Customers will no longer be able to receive support for these offerings after September 30, 2014. No service extensions will be offered. There will be no replacement programs.'"
First time accepted submitter ectoman writes "A third party steps into a financial transaction to make sure all parties exchange funds at the same time and as expected. Can you patent this process? What if the third party is a computer? Rob Tiller, vice president and general counsel for Red Hat, details a recent court ruling on this very matter—one that has critical implications for the future of software patents, and one that divided the judges involved. Tiller writes that: 'The judges mostly agreed that the idea of managing settlement risk with a third party was abstract such that by itself it could not be patented. They differed, though, on whether using a general purpose computer for managing settlement risk meant that the patents avoided invalidity based on abstraction.' Interestingly, some judges suggested that a computer becomes a 'new machine' every time it loads different software."
benrothke writes "Had Locked Down: Information Security for Lawyers not been published by the American Bar Association (ABA) and 2 of its 3 authors not been attorneys; one would have thought the book is a reproach against attorneys for their obliviousness towards information security and privacy. In numerous places, the book notes that lawyers are often clueless when it comes to digital security. With that, the book is a long-overdue and valuable information security reference for anyone, not just lawyers." Read below for the rest of Ben's review.
jyosim writes "Hundreds of people are spending 20 or 30 hours a week just taking free Massive Open Online Courses, or MOOCs. They're not looking for credit, just the challenge of learning. This Chronicle of Higher Ed story looks at whether these MOOC addicts think they're learning as much as they would in a traditional college course. From the article: 'Consider Anna Nachesa, a 42-year-old single mother in a village near Amsterdam who logs on to MOOCs for several hours each night after dinner with her teenage kids. She has always found TV boring, she says, and for her, MOOCs replace reading books. She is a physicist by training, with a degree from Moscow State University, and she works as a software developer. "This stuff is actually addictive," she says. In some ways the lure is like Everest: Some want to climb it to see if they can. "The Dutch have the proverb 'If you never shoot, you already missed,'" she says.'"
judgecorp writes "Government institutions are among the targets of an attack on Pakistani bodies, which originates in India, according to reports. The campaign is using vulnerabilities in Microsoft software to install the HangOver malware, according to Norwegian security firm Norman Shark (PDF). From the article: 'In the attacks on Pakistani organizations, spear phishing emails were sent out purporting to contain information on "ongoing conflicts in the region, regional culture and religious matters," according to Norman. Norman could not provide direct attribution to the attacks, but its report did note the following: "The continued targeting of Pakistani interests and origins suggested that the attacker was of Indian origin." Snorre Fagerland, principal security researcher in the Malware Detection Team at Norman, told TechWeekEurope it appeared Pakistani government bodies had been attacked.'"
Freshly Exhumed writes "Forked from Mandriva Linux back in 2010, Mageia Linux has hit a new release milestone. Trish at the Mageia blog announces: 'All grown up and ready to go dancing: Mageia 3's out! We still can't believe how much fun it is to make Mageia together, and we've been doing it for two and a half years. For people who can't wait, get it here; release notes are here. To upgrade from Mageia 2, see here.'" Adds reader hduff: "It offers cutting edge and stable versions of your favorite applications and desktop environments as well as a version of the STEAM gaming software."
mask.of.sanity writes "Lights, sounds and magnetic fields can be used to activate malware on phones, new research has found. The lab-style attacks defined in a paper (PDF) used pre-defined signals hidden in songs and TV programmes as a trigger to activate embedded malware. Malware once activated would carry out programmed attacks either by itself or as part of a wider botnet of mobile devices."
First time accepted submitter russotto points out the claim of industry group TechAmerican Foundation (reported by Computerworld) that "wages for the software industry are falling, not rising. Wages fell 2% to $99,000 in 2012." Averages are one thing; the article points out though that wages vary vastly within the industry, and that some jobs are harder to fill (thus, better paid) than others. An excerpt: "Victor Janulaitis, CEO of Janco Associates, a research firm that also analyzes IT wage and employment trends, cited a number of reason for the decline in wages for software professionals. First, technology is becoming easier to implement without having an IT professional, he said. Also, the option of turning to outsourcing creates less pressure to increase wages. As the recession continues, companies continue 'to look at productivity and will often look to hire individuals who are lower cost employees,' said Janulaitis. That could include displaced baby boomer workers who have been out of work for some time and 'will take a lower paying job just to get back into the workforce.'"
Velcroman1 writes "The former island home of anti-virus software pioneer John McAfee burned down Thursday afternoon under circumstance he told FoxNews.com were 'suspicious.' It's an odd choice of words from a man whom the Belize police found suspicious, following the November 2012 murder of American expatriate Gregory Faull, a well-liked builder from Florida who was shot at his home in San Pedro Town on the island of Ambergris Caye. 'I believe that there are a select few with great power in Belize that will go to great lengths to harm me,' McAfee said. 'This fire was not just a strange coincidence.'" Watch for more from McAfee soon.
Madwand writes "The NetBSD Project is pleased to announce NetBSD 6.1, the first feature update of the NetBSD 6 release branch. It represents a selected subset of fixes deemed important for security or stability reasons, as well as new features and enhancements. NetBSD is a free, fast, secure, and highly portable Unix-like Open Source operating system. It is available for a wide range of platforms, from large-scale servers and powerful desktop systems to handheld and embedded devices. Its clean design and advanced features make it excellent for use in both production and research environments, and the source code is freely available under a business-friendly license. NetBSD is developed and supported by a large and vibrant international community. Many applications are readily available through pkgsrc, the NetBSD Packages Collection."