An anonymous reader writes: There's a German security researcher that is arduously testing the installers of tens of software products to see which of them are vulnerable to basic DLL hijacking. Surprisingly, many companies are ignoring his reports. Until now, only Oracle seems to have addressed this problem in Java and VirtualBox. Here's a short (probably incomplete) list of applications that he found vulnerable to this attack: Firefox, Google Chrome, Adobe Reader, 7Zip, WinRAR, OpenOffice, VLC Media Player, Nmap, Python, TrueCrypt, and Apple iTunes. Mr. Kanthak also seems to have paid special attention to antivirus software installers. Here are some of the security products he discovered vulnerable to DLL hijacking: ZoneAlarm, Emsisoft Anti-Malware, Trend Micro, ESET NOD32, Avira, Panda Security, McAfee Security, Microsoft Security Essentials, Bitdefender, Rapid7's ScanNowUPnP, Kaspersky, and F-Secure.

New submitter Valdir Stumm Junior writes: Scrapy with beta Python 3 support is finally here! Released through Scrapy 1.1.0rc1, this is the result of several months of hard work on the part of the Scrapy community and Scrapinghub engineers.

This is a huge milestone for all you Scrapy users (and those who haven't used Scrapy due to the lack of Python 3). Scrapy veterans and new adopters will soon be able to move their entire stack to Python 3 once the release becomes stable. Keep in mind that since this a release candidate, it is not ready to be used in production.

An anonymous reader writes: Ashe Schow writes at the Washington Examiner that, "The Monty Python co-founder, in a video for Internet forum Big Think, railed against the current wave of hypersensitivity on college campuses, saying he has been warned against performing on campuses. "[Psychiatrist Robin Skynner] said: 'If people can't control their own emotions, then they have to start trying to control other people's behavior,'" Cleese said. "And when you're around super-sensitive people, you cannot relax and be spontaneous because you have no idea what's going to upset them next." Cleese said that it's one thing to be "mean" to "people who are not able to look after themselves very well," but it was another to take it to "the point where any kind of criticism of any individual or group could be labeled cruel." Cleese added that "comedy is critical," and if society starts telling people "we mustn't criticize or offend them," then humor goes out the window. "With humor goes a sense of proportion," Cleese said. "And then, as far as I'm concerned, you're living in 1984." Cleese is just the latest comedian to lecture college students about being so sensitive.

peetm writes: I have an above averagely bright nephew, aged 10, who's into maths and whose birthday is coming up soon. I'd like to get him a suitable present – most likely one that's mathematically centred. At Christmas we sat together while I helped him build a few very simple Python programs that 'animated' some simple but interesting maths, e.g., we built a factorial function, investigated the Collatz conjecture (3n + 1 problem) and talked about, but didn't implement Eratosthenes' Sieve – one step too far for him at the moment perhaps. I've looked about for books that might blend computing + maths, but haven't really found anything appropriate for a 10-year-old. I should be indebted to anyone who might suggest either a suitable maths book, or one that brings in some facet of computing. Or, if not a book, then some other present that might pique his interest.

Qbertino writes: I'm toying with the thought of moving my web development (PHP, HTML, CSS, JavaScript with perhaps a little Python and Ruby thrown in) into the cloud. The upsides I expect would be: 1) No syncing hassles across machines. 2) No installation of toolchains to get working or back to work — a browser and a connection is all that would be required. 3) Easy teamwork. 4) Easy deployment. 5) A move to Chrome OS for ultra-cheap laptop goodness would become realistic.

Is this doable/feasible? What are your experiences? Note, this would be for professional web development, not hobbyist stuff. Serious interactive JS, non-trivial PHP/LAMP development, etc. Has anyone have real world experience doing something like this? Maybe even experience with moving to a completely web-centric environment with Chrome OS? What have you learned? What would you recommend? How has it impacted your productivity and what do you miss from the native pipelines? What keeps you in the cloud, and enables you to stay there? Are you working "totally cloud" with a team and if so, how does it work out/feel? Does it make sense? As for concrete solutions, I'm eyeing Cloud9, CodeAnywhere, CodeEnvy but also semi-FOSS stuff like NeutronDrive. Anything you would recommend for real world productivity? Have you tried this and moved back? If so, what are your experiences and what would need to be improved to make it worthwhile? Thanks for any insights.

Nerval's Lobster writes: What was the most popular programming language of 2015? According to the people behind the TIOBE Index, Java took that coveted spot, winning out over C, Python, PHP, and other languages. "At first sight, it might seem surprising that an old language like Java wins this award," read TIOBE's note accompanying the list. "Especially if you take into consideration that Java won the same award exactly 10 years ago." Yet Java remains essential not only for businesses, it continued, but also consumer-centric markets such as mobile development (i.e., Google Android). That being said, even big languages can tumble. (Dice link) Objective-C tumbled from third place to 18th in the past 12 months, thanks to Apple's decision to replace it with Swift. In 2016, TIOBE expects that "Java, PHP (with the new 7 release), JavaScript and Swift will be the top 10 winners for 2016. Scala might gain a permanent top 20 position, whereas Rust, Clojure, Julia and TypeScript will also move up considerably in the chart." What has been your most-used (or best-loved) programming language of the last 12 months?

A new submitter writes: I want to edit an e-book, a scientific textbook to be distributed on the Kindle tablet to be exact. The book is written. For that I used LibreOffice.
It comes complete with index, drawings, pictures, formulae and its present look and feel is no different from the majority of scientific text, you might be accustomed to browsing. I need advice for the next step, which consists in making this digital pile of data suitable for an e-book.. with a slight twist. The e-book should allow for:
— picture zoom-in in pop-ups on screen
— allow in-text basic interactivity, e.g. when in a exercise, multiple answers are proposed, each answer when clicked should display "Right" or "Wrong" (for instance).
Can you recommend, if not a commercial package that allows such features right out of the box, then at least and preferably open-source technology needed for me to achieve what I want ? I am willing to get down to moderate programming to use your suggested solution. I am conversant in C, C++ and getting there with Python.

An anonymous reader writes: When Apple made its Swift programming language open source in early December, it opened the floodgates for suggestions and requests from developers. But the project's maintainers have their own ideas about how the language should evolve, so some suggestions are rejected. Now a list has been compiled of some commonly rejected proposals — it's an interesting window into the development of a language. Swift's developers don't want to replace Brace Syntax with Python-style indentation. They don't want to change boolean operators from && and || to 'and' and 'or'. They don't want to rewrite the Swift compiler in Swift. They don't want to change certain keywords like 'continue' from their C precedents. And they have no interest in removing semicolons.

JustAnotherOldGuy writes: Peter "brokep" Sunde, co-founder of The Pirate Bay, has built a machine that makes 100 copies per second of Gnarls Barkley's "Crazy," storing them in /dev/null (which is of course, deleting them even as they're created). The machine, called a "Kopimashin," is cobbled together out of a Raspberry Pi, some hacky python that he doesn't want to show anyone, and an LCD screen that calculates a running tally of the damages he's inflicted upon the record industry through its use. The 8,000,000 copies it makes every day costs the record industry $10m/day in losses. At that rate, they'll be bankrupt in a few weeks at most.

An anonymous reader writes: Programmer Dave Cheney raised an interesting question today: How will you be programming in a decade? If you look back to a decade ago, you can see some huge shifts in the software industry. This includes the rise of smartphones, ubiquitous cloud infrastructure, and containers. We've also seen an explosion of special-purpose libraries and environments, many with an emphasis on networking and scaling. At the same time, we still have a ton of people writing Java and C and Python. Some programmers have jumped headfirst into new tools like Light Table, while others are still quite happy with Emacs. So, programmers of Slashdot, I ask you: How do you think your work (or play) will change in the next ten years?

szczys writes: Tired of his trains being constantly late, Eric Evenchick headed to the Via Rail (Canada's communter train service) website to find which trains had a better on-time rate. Unfortunately they only offer three days worth of data through the dropdown selections — but a bit of investigating showed the GET requests were open for about the last six months. Evenchick built a web-scraper with Python, along with a web interface that queries the resulting SQL db. The harvested data shows system-wide delays that average more than twelve minutes (mostly due to commercial rail having the right-of-way). The good that comes of this? You can now choose your train based on smallest likelihood of delay..

An anonymous reader sends the story of another prison where inmates are learning the basics of programming, despite having no access to the vast educational resources on the internet. Instructors from Columbia University have held a lengthy class at New York's Rikers Island prison to teach the basics of Python. Similar projects have been attempted in California and Oklahoma. The goal wasn’t to turn the students into professional-grade programmers in just a few classes, [Instructor Dennis] Tenen emphasizes, but to introduce them to the basics of programming and reasoning about algorithms and code. "It’s really to give people a taste, to get people excited about coding, in hopes that when they come out, they continue," says Tenen. ...Having an explicit goal—building the Twitter bot—helped the class focus its limited time quickly on learning to do concrete tasks, instead of getting bogged down in abstract discussions of syntax and algorithms.

A few weeks ago you had the chance to ask Alan Donovan and Brian Kernighan about programming and their upcoming book, The Go Programming Language (available as an eBook Friday the 20th). Below you'll find their answers to your questions.

Nerval's Lobster writes: While this month's lists of the top programming languages uniformly put Java in the top spot, that's not the only detail of interest to developers. Which language has gained the most users over the past five years? And which are tottering on the edge of obsolescence? According to PYPL, which pulls its raw data for analysis from Google Trends, Python has grown the most over the past five years—up 5 percent since roughly 2010. Over the same period, PHP also declined by 5 percent. Since PYPL looks at how often language tutorials are searched on Google, its data is a good indicator of how many developers are (or aren't) learning a language, presumably because they see it as valuable to their careers. Just because PYPL shows PHP losing market-share over the long term doesn't mean that language is in danger of imminent collapse; over the past year or so, the PHP community has concentrated on making the language more pleasant to use, whether by improving features such as package management, or boosting overall performance. Plus, PHP is still used on hundreds of millions of websites, according to data from Netcraft. Indeed, if there's any language on these analysts' lists that risks doom, it's Objective-C, the primary language used for programming iOS and Mac OS X apps, and its growing obsolescence is by design.

smaxp writes: Google has announced the open source release of TensorFlow, its machine learning software library. "TensorFlow has extensive built-in support for deep learning, but is far more general than that -- any computation that you can express as a computational flow graph, you can compute with TensorFlow (see some examples). Any gradient-based machine learning algorithm will benefit from TensorFlow’s auto-differentiation and suite of first-rate optimizers. And it’s easy to express your new ideas in TensorFlow via the flexible Python interface." This comes alongside some dramatic speed increases (PDF). The code is available at GitHub under an Apache 2.0 license. "Deep learning, machine learning, and artificial intelligence are all some of Google's core competencies, where the company leads Apple and Microsoft. If successful, Google's strategy is to maintain this lead by putting its technology out in the open to improve it based on large-scale adoption and code contributions from the community at large.

An anonymous reader writes: Today marks the release of Fedora 23 for all three main editions: Workstation, Cloud, and Server. This release brings GNOME 3.18, Libre Office 5.0, and Fedora Spins — alternate desktops that provide a different experience. Fedora 23 also includes a version optimized for running on ARM-based systems. You can read the full release notes on their website. "Fedora 23 also has important under-the-hood security improvements, with increased hardening for all compiled software and with insecure SSL3 and RC4 protocols disabled. We've also updated all of the software installed by default in Fedora Cloud Base Image and Fedora Workstation to use Python version 3, and the Mono .NET compatible framework is now at version 4. Perhaps most importantly, Unicode 8.0 support now enables the crucial U1F32D character."

An anonymous reader writes: The story will probably be familiar. My non-profit organization had a particular need (we want to communicate with government officials by offering anecdotes and stories of how we help their constituents), and while I created a solution, the time constraints and lack of experience, training and natural ability show. I'd like to do more with the code, both in terms of letting others have it for their needs and also because I'm sure talented coders could more quickly and efficiently solve some of the existing problems with my code. But how do I make that happen? What do I do with it?

I have every intention of continuing to work on it. I enjoyed the learning opportunity, and I've already identified a number of things I want to improve upon, but I recognize that even as crude as my code is, if it solved my issue it might help others too.

Do I just put it on Github or SourceForge and hope that someone else will have that magic formula of my use case and skill level (because someone more talented would probably make their own code easily enough, while someone less talented may not realize how doable the solution can be)? Do I try to find an existing project and see if I can shoe-horn my efforts in somewhere? Do I keep it to myself until some unspecified point in time that I realize it's right for sharing? Read on for further background information on this question.

LichtSpektren writes: Ubuntu 15.10 "Wily Werewolf" is now released and available, along with its alternative desktop flavors (MATE, Xfce, LXDE, GNOME, KDE, Kylin). This release features Linux 4.2, GCC 5, Python 3.5, and LibreOffice 5. The default version is still using X.org display server and Unity7; Mark Shuttleworth has said that Mir and Unity8 won't arrive until Ubuntu 16.04 "Xenial Xerus." Not much has changed beyond package updates, other than replacing the invisible overlay scrollbars in Nautilus with the GNOME 3 scrollbars.

Phoronix brings us the only bit of drama regarding this release: Jonathan Riddell, long time overseer of Kubuntu, has resigned with claims that Canonical has "defrauded donors and broke the copyright licenses." Another reader adds a link to a Q & A session with Riddell.

An anonymous reader writes: According to VentureBeat Red Hat Inc is about to buy the company behind the automation and orchestration software Ansible. The move is seen as a good acquisition, since Ansible, other than being almost universally expanding, is also used by Red Hat's own cloud and system platforms. It could probably use some strong backing for the extra services it wishes to offer. The question remains whether this will have consequences in the future direction of the Python-based, open source platform itself (on GitHub). It's one of the most trivial to implement (compared to cfengine, ever-changing puppet or Chef) yet very powerful, and Red Hat may want to optimize it for their own purposes. Update: 10/16 15:39 GMT by S : Red Hat has confirmed the acquisition and explained their reasons for doing so.

An anonymous reader writes: International researchers have analyzed 40 years of political speeches from the UK Parliament in an effort to move the study of political theory from social science towards the quantitative analysis offered by Big Data analytics techniques. The group used Python to crunch publicly available data from theyworkforyou.com, comprising 3.7 million individual speeches. A few strange trends emerged in this initial experiment, such as the decline of 'health care' as a trending Parliamentary topic, with 'welfare' consistently on the rise, and the decrease of fervent interest in any particular topic during the more pacific years under Margaret Thatcher and Tony Blair.