Lucas123 writes "With gas prices 30% higher this summer over last, telecommuting is back on everyone's radar. According to a Computerworld story, however, IT and telecommuting don't have a great record of success. For example, citing negative impacts on productivity, HP ended its telecommuting policy for hundreds of workers two years ago, and this year, Intel began requiring more than half the teleworkers in its IT group to report to the office at least four days a week. So before leaping, some questions you should ask as a manager if you're considering telework include: How will you define and measure performance? Will creativity suffer? What about employees stuck in the office?"

Read more of this story at Slashdot.

least_weasel writes "An article on Ars Technica reveals Mozilla's intention to create and release a plugin for Internet Explorer that would allow the often-criticized IE to utilize some of the cooler rendering code developed for Firefox. The current WIP focuses on rendering using HTML5 standards, but the plans seem to be more ambitious than just fixing this one small piece of IE. The article covers some of the plans, hurdles, and potential benefits. It also spills the beans on the code name for the project: Screaming Monkey."

Read more of this story at Slashdot.

DragonTHC writes "I'm thinking about hosting a lan party open to the public. I'm aiming for approximately 60 people to attend. I can handle all the logistics of operation. The only thing I can't wrap my head around is: how do I prevent theft at the lan party? Do I hire security guards? Do I need security cameras? I don't know the people who will attend, and I don't know if they're trustworthy enough to not steal other people's equipment. What do I do?"

Read more of this story at Slashdot.

Josh Skillings writes "The author, Chad Fowler, draws upon his experiences as a software engineer, a team leader over a group of Indian developers, and as a jazz musician, to describe 52 ways or tips that will help you to become a more valuable employee. These tips are described in two or three pages each, and are usually illustrated by a practical example or story. The tips are well thought-out, well-explained and make sense. Chad draws upon the open source movement as well, highlighting ways that contributing to and learning from open source can improve your career. These tips gave me greater respect and appreciation for the open source movement in general." Read on for the rest of Josh's review.

Read more of this story at Slashdot.

Davide Marney passes along an AP story about the thousands of voting machines gathering dust in warehouses across the country after states such as California, Ohio, and Florida have banned their use. Many of these machines cost $3.5K to $5K each. Local election boards are struggling to find ways to recover any of the cost of the machines, or even to recycle them. The picture in Ohio is the most confusing, as multiple court cases limit the state's options and result in a situation in which the discredited machines will nevertheless be used in the presidential election coming up in November. The state's new (Democratic) attorney general has just issued a rule banning the practice of election workers taking the machines home with them the night before elections.

Read more of this story at Slashdot.

Anti-Globalism recommends a posting up at O'Reilly's ONLamp on reasons that some companies are turning away from Perl. "[In one company] [m]anagement have started to refer to Perl-based systems as 'legacy' and to generally disparage it. This attitude has seeped through to non-technical business users who have started to worry if developers mention a system that is written in Perl. Business users, of course, don't want nasty old, broken Perl code. They want the shiny new technologies. I don't deny at all that this company (like many others) has a large amount of badly written and hard-to-maintain Perl code. But I maintain that this isn't directly due to the code being written in Perl. Its because the Perl code has developed piecemeal over the last ten or so years in an environment where there was no design authority.. Many of these systems date back to this company's first steps onto the Internet and were made by separate departments who had no interaction with each other. Its not really a surprise that the systems don't interact well and a lot of the code is hard to maintain."

Read more of this story at Slashdot.

bullyBEEF writes "Malicious hackers are using booby-trapped Flash banner ads to hijack clipboards for use in rogue security software attacks. In the Web attacks, which affect Mac, Windows, and Linux users running Firefox, IE, and Safari, bad guys are seizing control of the machine's clipboard (probably using the Flash command setClipboard) and inserting a hard-to-delete URL that points to a fake anti-virus program. A number of legitimate sites have been seen to host ads carrying the attack — including Newsweek, Digg, and MSNBC.com. Researcher Aviv Raff offers a harmless demo of how it's done."

Read more of this story at Slashdot.

Vigile writes "Multi-GPU technology from both NVIDIA and ATI has long been dependent on many factors including specific motherboard chipsets and forcing gamers to buy similar GPUs within a single generation. A new company called Lucid Logix is showing off a product that could potentially allow vastly different GPUs to work in tandem while still promising near-linear scaling on up to four chips. The HYDRA Engine is dedicated silicon that dissects DirectX and OpenGL calls and modifies them directly to be distributed among the available graphics processors. That means the aging GeForce 6800 GT card in your closet might be useful once again and the future of one motherboard supporting both AMD and NVIDIA multi-GPU configurations could be very near."

Read more of this story at Slashdot.

I Don't Believe in Imaginary Property writes "In Vermont, US Magistrate Judge Jerome Niedermeier has ruled that forcing someone to divulge the password to decrypt their hard drive violates the 5th Amendment. Border guards testify that they saw child pornography on the defendant's laptop when the PC was on, but they made the mistake of turning it off and were unable to access it again because the drive was protected by PGP. Although prosecutors offered many ways to get around the 5th Amendment protections, the Judge would have none of that and quashed the grand jury subpoena requesting the defendant's PGP passphrase. A conviction is still likely because prosecutors have the testimony of the two border guards who saw the drive while it was open." The article stresses the potential importance of this ruling (which was issued last November but went unnoticed until now): "Especially if this ruling is appealed, US v. Boucher could become a landmark case. The question of whether a criminal defendant can be legally compelled to cough up his encryption passphrase remains an unsettled one, with law review articles for the last decade arguing the merits of either approach." Update: 08/19 23:49 GMT by KD : Several readers have pointed out that this story in fact did not go unnoticed.

Read more of this story at Slashdot.

mytrip and several other readers let us know that a judge in Boston has lifted the gag order — actually let it expire — against three MIT students who discovered flaws in the security of the local transit system, the MBTA. We've discussed the case over the last 10 days. "Judge O'Toole said he disagreed with the basic premise of the MBTA's argument: That the students' presentation was a likely violation of the Computer Fraud and Abuse Act, a 1986 federal law meant to protect computers from malicious attacks such as worms and viruses. Many had expected Tuesday's hearing to hinge on First Amendment issues and what amounts to responsible disclosure on the part of computer security researchers. Instead, O'Toole based his ruling on the narrow grounds of what constitutes a violation of the CFAA. On that basis, he said MBTA lawyers failed to convince him on two points: The students' presentation was meant to be delivered to people, and was not a computer-to-computer 'transmission.' Second, the MBTA couldn't prove the students had caused at least $5,000 damage to the transit system."

Read more of this story at Slashdot.

Ashik Ratnani writes with this snippet from Hungry Hackers: "A tool that automatically steals IDs of non-encrypted sessions and breaks into Google Mail accounts has been presented at the Defcon hackers' conference in Las Vegas. Last week, Google introduced a new feature in Gmail that allows users to permanently switch on SSL and use it for every action involving Gmail, not just authentication. Users who did not turn it on now have a serious reason to do so, as Mike Perry, the reverse engineer from San Francisco who developed the tool, is planning to release it in two weeks."

Read more of this story at Slashdot.

An anonymous reader writes "Have any Slashdot readers hacked together cheap test kits for fiber optic cable? More and more IT infrastructure is using multimode and single mode fiber optic cabling. Commercial test equipment is extremely expensive, running the gamut from a few hundred dollars for a basic light source, to tens of thousands for an OTDR. What equipment do you consider essential to your fiber kit? Is there a way to save costs when it comes to fiber test equipment? It is worth it to do so?"

Read more of this story at Slashdot.

Brian Jordan writes "For 48 hours during the weekend of August 29-31 at the OLPC Physics Game Jam Boston, game developers will compete in teams of 2-4 to design and implement a physics-based game for the One Laptop per Child XO laptop. There are prize categories for indie, professional, and remote developers (Ludum Dare style). In addition to OLPC/Jam-related swag for all participants, one team will win an XO laptop. Participants should have some game development experience, but we'll be going over the development process during the event — read below for details. If you'll be in the Boston area this weekend, or want to participate remotely, sign up before August 22. If you're a graphic artist, sound designer, musician in the Boston area, or want to be a volunteer, get in touch." Click the magic link for details of the crash course in game programming being offered.

Read more of this story at Slashdot.

whitehartstag writes "Black Hat 08 disclosed several SSL VPN and DNS vulnerabilities that caused several people to sit up and take notice. Some of these new exploits performed a brilliant Man-In-The-Middle attack on SSL VPN tunnels. This article walks you through how using certificates, instead of OTP tokens, for second-factor authentication can increase the security of your SSL VPN against these new types of attacks."

Read more of this story at Slashdot.

AndrewStephens writes "Good news for C++ programmers: Boost 1.36 has been released with 4 new libraries (including very useful exception templates) and a host of updates. In particular, boost.asio (the cross platform AsyncIO library) has seen major additions and now supports asynchronous disk operations on Windows. Almost every modern C++ codebase uses Boost somewhere, and many of its features find their way into the official language specifications."

Read more of this story at Slashdot.

ruphus13 writes "As the mobile space heats up, Sun has released the source code for Java Lightweight UI Toolkit under the GPL v2 license. ZDNet quotes Sun's senior director of embedded software saying, 'By creating LWUIT, Sun is reaffirming its commitment to the mobile development community and by open-sourcing the LWUIT code, we are enabling mobile developers to quickly and easily create rich, portable interfaces for their applications -- functionality that they have been requesting for some time.' Will Adobe follow suit?" Sun is also working on some fixes to holes in their mobile Java platform, which were discovered by a Polish researcher who demanded €20,000 to disclose the information.

Read more of this story at Slashdot.

snydeq writes "This week's Google outages left several Google Apps admins in the lurch — and many of them are second-guessing their advocacy for making the switch to hosted apps, InfoWorld reports. The outages, which affected both Gmail and Apps, 'could serve as a deterrent to some IT and business managers who might not be ready to ditch conventional software packages that are installed on their servers,' according to the article. 'If we began to experience a similar outage more than about two or three business hours per quarter, we'd probably make Google Apps and Gmail a backup solution to a locally hosted mail system, if we used it at all,' said one Apps admin. 'And it would likely be years before we'd try a cloud-based collaborative system again from any vendor.' Coupled with recent Apple and Amazon cloud issues, these Google outages are being viewed by some as big wins for Microsoft."

Read more of this story at Slashdot.

rsk writes "Keyczar is an encryption toolkit born out of the Google Security Team and released under the Apache 2 license. Keyczar's purpose is to make managing encryption of secured data much easier than it has been, with the following features: a simple API; key rotation and versioning; safe default algorithms, modes, and key lengths; automated generation of initialization vectors and ciphertext signatures; Java and Python implementations (C++ coming soon); and international support in Java (Python coming soon). The example on the website is only 2 lines long, and a more fully worked out example is also provided for folks wanting to get started 'for reals.'"

Read more of this story at Slashdot.

MySkippy writes "I've been a software engineer for just over 10 years, and I've seen a lot of different styles of logging in the applications I've worked on. Some were extremely verbose — about 1 logging line for every 2 lines of code. Others were very lacking, with maybe 1 line in 200 devoted to logging. I personally find that writing debug and informational messages about every 2 to 5 lines works well for debugging an issue, but can become cumbersome when reading through a log for analysis. I like to write warning messages when thresholds or limits are being approached — these tend to be infrequent. I log errors whenever I catch one (but I've never put a 'fatal' message in my code, because if it's truly a fatal error I probably didn't catch it). Recently I came across log4j and log4net and have begun using them both. That brings me to my question: how do the coders on Slashdot handle logging in their code?"

Read more of this story at Slashdot.

TopSpin writes "Brendan Eich, creator of the JavaScript programming language, has announced that ECMA Technical Committee 39 has abandoned the proposed ECMAScript 4.0 language specification in favor of a more limited specification dubbed 'Harmony,' or ECMAScript 3.1. A split has existed among the members of this committee, including Adobe and Microsoft, regarding the future of what most of us know as JavaScript. Adobe had been promulgating their ActionScript 3 language as the next ECMAScript 4.0 proposal. As some point out, the split that has prevented this may be the result of Microsoft's interests. What does the future hold for Mozilla's Tamarin Project, based on Adobe's open source ActionScript virtual machine?"

Read more of this story at Slashdot.