An anonymous reader writes: Microsoft has announced a CentOS-based VM image for Azure called 'Linux Data Science Virtual Machine'. The VM has pre-installed tools such as Anaconda Python Distribution, Computational Network Toolkit, and Microsoft R Open. It focuses on machine learning and analytics, making it a great choice for data scientists. "Thanks to Azure's worldwide cloud infrastructure, customers now have on-demand access to a Linux environment to perform a wide range of data science tasks. The VM saves customers the time and effort of having to discover, install, configure and manage these tools individually. Hosting the data science VM on Azure ensures high availability, elastic capacity and a consistent set of tools to foster collaboration across your team", says Gopi Kumar, Senior Program Manager, Microsoft Data Group.

An anonymous reader writes: Four years after the release of a groundbreaking study on the state of SSL/TLS certificates in non-browser applications (APIs [to be exact]), some programming languages fail to provide developers with the appropriate tools to validate certificates. Using three simple test scripts connected to a list of known vulnerable HTTPS servers, researchers logged their results to see which programming languages detected any problems. According to the results, all tested programming languages (PHP, Python, Go), in various configurations, failed to detect HTTPS connections that used revoked SSL/TLS certificates. This is a problem for HTTPS-protected APIs since users aren't visually warned, like in browsers, that they're on an insecure connection. "PHP, Python, and Google Go perform no revocation checks by default, neither does the cURL library. If the certificate was compromised and revoked by the owner, you will never know about it," noted Sucuri's Peter Kankowski.

Over the years, several governments and organizations have become increasingly focused on teaching kids how to code. It has given rise to startups such as Codecademy, KhanAcademy and Code.org that are making it easier and more affordable for many to learn how to program. Many believe that becoming literate in code is as essential as being educated in language, science, and math. But can this guarantee you a job? And can coding help you save that job? An anonymous reader cites an interesting article on Fast Company which sheds more light into this: Looking for job security in the knowledge economy? Just learn to code. At least, that's what we've been telling young professionals and mid-career workers alike who want to hack it in the modern workforce. Unfortunately, many have already learned the hard way that even the best coding chops have their limits. More and more, 'learn to code' is looking like bad advice. Anyone competent in languages such as Python, Java, or even Web coding like HTML and CSS, is currently in high demand by businesses that are still just gearing up for the digital marketplace. However, as coding becomes more commonplace, particularly in developing nations like India, we find a lot of that work is being assigned piecemeal by computerized services such as Upwork to low-paid workers in digital sweatshops. This trend is bound to increase.

An anonymous reader writes: Researchers in China and America will soon launch a platform called Hoaxy, designed to identify and analyze what happens when misinformed news goes viral, and the processes which lead to a correction of the misinformation. The study, which compared 71 likely and prominent sources of inaccurate internet news over a period of three months to the same news stories on fact-checking sites, concludes that the average interval between viral diffusion of inaccurate news and the discovery of facts which disprove it stands at about 13 hours. Hoaxy uses a custom crawler written in Python and diffused via the Scrapy web crawling framework.

An anonymous reader writes: After almost a year of development, bug fixing and cleanup, BorgBackup 1.0.0 has been released. BorgBackup is a fork of the Attic-Backup project — a deduplicating, compressing, encrypting and authenticating backup program for Linux, FreeBSD, Mac OS X and other unixoid operating systems (Windows may also work using CygWin, but that is rather experimental/unsupported). It works on 32bit as well as on 64bit platforms, x86/x64 and ARM CPUs (maybe as well on others, but these are the tested ones). For Linux, FreeBSD and Mac OS X, there are single-file binaries which can be just copied onto a system and contain everything needed (Python, libraries, BorgBackup itself). Of course, it can be also installed from source. BorgBackup is FOSS (BSD License) and implemented in Python 3 (91%), speed critical parts are in C or Cython (9%).

An anonymous reader writes: Google will release a faster beta version of Angular 2 in about two weeks, with a smaller version targeted for April. "We're improving our ability to handle different languages," says Google's Brad Green, noting that 213 contributors are currently working on Angular. "Our plan is to have versions that will work with many server-side technologies, from Java to Python." Microsoft has already demonstrated how it's building Angular into ASP.NET and Google is also working with the Drupal team. But Green says they'll also continue supporting Angular 1 for at least another year, until a majority of users have transitioned to the new syntax. Google says there are currently 21.3 million developers using Angular 1, compared to just 300,000 using Angular 2. "We've got a ways go to," Green admitted.

jeditobe was one of several readers to point out the newest major release of Windows NT-inspired ReactOS, which has just hit version 0.4, brings open source Windows compatibility a little bit closer. The new release includes out-of-the-box support for ext2, ext3, and ext4, as well as (remember, it is NT based) read-only support for NTFS. What else? Support was generally improved for third-party device drivers, making it substantially easier to install and use real hardware, as opposed to just virtual machines like VirtualBox. The internal WINE library was updated to improve support for Win32 programs. Support for Python 2.7 was added, making it possible to use python scripts in ReactOS. A substantial number of visual changes were added, with a vastly improved shell and file explorer, newer icons throughout ReactOS, improved support for fonts, and customizable visual themes. Even with these improvements, ReactOS 0.4 is still generally considered alpha-level software, though Alexander Rechitskiy, the innovation manager for ReactOS, notes that 0.4.1 may be almost beta-level software.

An anonymous reader writes: Today Google's online security team publicly disclosed a severe vulnerability in the Gnu C Library's DNS client. Due to the ubiquity of Glibc, this affects an astounding number of machines and software running on the internet, and raises questions about whether Glibc ought to still be the preferred C library when alternatives like musl are gaining maturity. As one example of the range of software affected, nearly every Bitcoin implementation is affected. Reader msm1267 adds some information about the vulnerability, discovered independently by security researchers at Red Hat as well as at Google, which has since been patched: The flaw, CVE-2015-7547, is a stack-based buffer overflow in the glibc DNS client-side resolver that puts Linux machines at risk for remote code execution. The flaw is triggered when the getaddrinfo() library function is used, Google said today in its advisory. "A back of the envelope analysis shows that it should be possible to write correctly formed DNS responses with attacker controlled payloads that will penetrate a DNS cache hierarchy and therefore allow attackers to exploit machines behind such caches," Red Hat said in an advisory. It's likely that all Linux servers and web frameworks such as Rails, PHP and Python are affected, as well as Android apps running glibc.

New submitter FlipperPA writes: It has just been announced that the 2016 vintage of DjangoCon US will be held in Philadelphia at The Wharton School of the University of Pennsylvania from July 17th through 22nd. DjangoCon US is a 6-day international community conference for the community by the community, held each year in North America, about the Django web framework. From its humble beginnings in a newsroom in Lawrence, KS, Django now powers some of the better known web sites on the planet, including The Washington Post, Mozilla, Instagram, Disqus, and Pinterest. Considered by many to be the "batteries included" web framework for Python, Django continues to attract new developers across the globe.

An anonymous reader writes: There's a German security researcher that is arduously testing the installers of tens of software products to see which of them are vulnerable to basic DLL hijacking. Surprisingly, many companies are ignoring his reports. Until now, only Oracle seems to have addressed this problem in Java and VirtualBox. Here's a short (probably incomplete) list of applications that he found vulnerable to this attack: Firefox, Google Chrome, Adobe Reader, 7Zip, WinRAR, OpenOffice, VLC Media Player, Nmap, Python, TrueCrypt, and Apple iTunes. Mr. Kanthak also seems to have paid special attention to antivirus software installers. Here are some of the security products he discovered vulnerable to DLL hijacking: ZoneAlarm, Emsisoft Anti-Malware, Trend Micro, ESET NOD32, Avira, Panda Security, McAfee Security, Microsoft Security Essentials, Bitdefender, Rapid7's ScanNowUPnP, Kaspersky, and F-Secure.

New submitter Valdir Stumm Junior writes: Scrapy with beta Python 3 support is finally here! Released through Scrapy 1.1.0rc1, this is the result of several months of hard work on the part of the Scrapy community and Scrapinghub engineers.

This is a huge milestone for all you Scrapy users (and those who haven't used Scrapy due to the lack of Python 3). Scrapy veterans and new adopters will soon be able to move their entire stack to Python 3 once the release becomes stable. Keep in mind that since this a release candidate, it is not ready to be used in production.

An anonymous reader writes: Ashe Schow writes at the Washington Examiner that, "The Monty Python co-founder, in a video for Internet forum Big Think, railed against the current wave of hypersensitivity on college campuses, saying he has been warned against performing on campuses. "[Psychiatrist Robin Skynner] said: 'If people can't control their own emotions, then they have to start trying to control other people's behavior,'" Cleese said. "And when you're around super-sensitive people, you cannot relax and be spontaneous because you have no idea what's going to upset them next." Cleese said that it's one thing to be "mean" to "people who are not able to look after themselves very well," but it was another to take it to "the point where any kind of criticism of any individual or group could be labeled cruel." Cleese added that "comedy is critical," and if society starts telling people "we mustn't criticize or offend them," then humor goes out the window. "With humor goes a sense of proportion," Cleese said. "And then, as far as I'm concerned, you're living in 1984." Cleese is just the latest comedian to lecture college students about being so sensitive.

peetm writes: I have an above averagely bright nephew, aged 10, who's into maths and whose birthday is coming up soon. I'd like to get him a suitable present – most likely one that's mathematically centred. At Christmas we sat together while I helped him build a few very simple Python programs that 'animated' some simple but interesting maths, e.g., we built a factorial function, investigated the Collatz conjecture (3n + 1 problem) and talked about, but didn't implement Eratosthenes' Sieve – one step too far for him at the moment perhaps. I've looked about for books that might blend computing + maths, but haven't really found anything appropriate for a 10-year-old. I should be indebted to anyone who might suggest either a suitable maths book, or one that brings in some facet of computing. Or, if not a book, then some other present that might pique his interest.

Qbertino writes: I'm toying with the thought of moving my web development (PHP, HTML, CSS, JavaScript with perhaps a little Python and Ruby thrown in) into the cloud. The upsides I expect would be: 1) No syncing hassles across machines. 2) No installation of toolchains to get working or back to work — a browser and a connection is all that would be required. 3) Easy teamwork. 4) Easy deployment. 5) A move to Chrome OS for ultra-cheap laptop goodness would become realistic.

Is this doable/feasible? What are your experiences? Note, this would be for professional web development, not hobbyist stuff. Serious interactive JS, non-trivial PHP/LAMP development, etc. Has anyone have real world experience doing something like this? Maybe even experience with moving to a completely web-centric environment with Chrome OS? What have you learned? What would you recommend? How has it impacted your productivity and what do you miss from the native pipelines? What keeps you in the cloud, and enables you to stay there? Are you working "totally cloud" with a team and if so, how does it work out/feel? Does it make sense? As for concrete solutions, I'm eyeing Cloud9, CodeAnywhere, CodeEnvy but also semi-FOSS stuff like NeutronDrive. Anything you would recommend for real world productivity? Have you tried this and moved back? If so, what are your experiences and what would need to be improved to make it worthwhile? Thanks for any insights.

Nerval's Lobster writes: What was the most popular programming language of 2015? According to the people behind the TIOBE Index, Java took that coveted spot, winning out over C, Python, PHP, and other languages. "At first sight, it might seem surprising that an old language like Java wins this award," read TIOBE's note accompanying the list. "Especially if you take into consideration that Java won the same award exactly 10 years ago." Yet Java remains essential not only for businesses, it continued, but also consumer-centric markets such as mobile development (i.e., Google Android). That being said, even big languages can tumble. (Dice link) Objective-C tumbled from third place to 18th in the past 12 months, thanks to Apple's decision to replace it with Swift. In 2016, TIOBE expects that "Java, PHP (with the new 7 release), JavaScript and Swift will be the top 10 winners for 2016. Scala might gain a permanent top 20 position, whereas Rust, Clojure, Julia and TypeScript will also move up considerably in the chart." What has been your most-used (or best-loved) programming language of the last 12 months?

A new submitter writes: I want to edit an e-book, a scientific textbook to be distributed on the Kindle tablet to be exact. The book is written. For that I used LibreOffice.
It comes complete with index, drawings, pictures, formulae and its present look and feel is no different from the majority of scientific text, you might be accustomed to browsing. I need advice for the next step, which consists in making this digital pile of data suitable for an e-book.. with a slight twist. The e-book should allow for:
— picture zoom-in in pop-ups on screen
— allow in-text basic interactivity, e.g. when in a exercise, multiple answers are proposed, each answer when clicked should display "Right" or "Wrong" (for instance).
Can you recommend, if not a commercial package that allows such features right out of the box, then at least and preferably open-source technology needed for me to achieve what I want ? I am willing to get down to moderate programming to use your suggested solution. I am conversant in C, C++ and getting there with Python.

An anonymous reader writes: When Apple made its Swift programming language open source in early December, it opened the floodgates for suggestions and requests from developers. But the project's maintainers have their own ideas about how the language should evolve, so some suggestions are rejected. Now a list has been compiled of some commonly rejected proposals — it's an interesting window into the development of a language. Swift's developers don't want to replace Brace Syntax with Python-style indentation. They don't want to change boolean operators from && and || to 'and' and 'or'. They don't want to rewrite the Swift compiler in Swift. They don't want to change certain keywords like 'continue' from their C precedents. And they have no interest in removing semicolons.

JustAnotherOldGuy writes: Peter "brokep" Sunde, co-founder of The Pirate Bay, has built a machine that makes 100 copies per second of Gnarls Barkley's "Crazy," storing them in /dev/null (which is of course, deleting them even as they're created). The machine, called a "Kopimashin," is cobbled together out of a Raspberry Pi, some hacky python that he doesn't want to show anyone, and an LCD screen that calculates a running tally of the damages he's inflicted upon the record industry through its use. The 8,000,000 copies it makes every day costs the record industry $10m/day in losses. At that rate, they'll be bankrupt in a few weeks at most.

An anonymous reader writes: Programmer Dave Cheney raised an interesting question today: How will you be programming in a decade? If you look back to a decade ago, you can see some huge shifts in the software industry. This includes the rise of smartphones, ubiquitous cloud infrastructure, and containers. We've also seen an explosion of special-purpose libraries and environments, many with an emphasis on networking and scaling. At the same time, we still have a ton of people writing Java and C and Python. Some programmers have jumped headfirst into new tools like Light Table, while others are still quite happy with Emacs. So, programmers of Slashdot, I ask you: How do you think your work (or play) will change in the next ten years?

szczys writes: Tired of his trains being constantly late, Eric Evenchick headed to the Via Rail (Canada's communter train service) website to find which trains had a better on-time rate. Unfortunately they only offer three days worth of data through the dropdown selections — but a bit of investigating showed the GET requests were open for about the last six months. Evenchick built a web-scraper with Python, along with a web interface that queries the resulting SQL db. The harvested data shows system-wide delays that average more than twelve minutes (mostly due to commercial rail having the right-of-way). The good that comes of this? You can now choose your train based on smallest likelihood of delay..