Language Selection

English French German Italian Portuguese Spanish

Programming Leftovers

Filed under
Development
  • New Tax Collection Tech Replaces 50-Year-Old System

    Fried said recent updates to the old system had fallen mainly to a single employee who had worked for the office for most of the five decades the system had been in place - and finding another programmer with similar skills would have been challenging. The old system used the COBOL programming language and a traditional mainframe computer, whereas the new system is cloud-based and can be managed entirely remotely.

  • Call for Code Daily: tech for the disabled, chatbots, and the final push to submission close
  • Godot Release candidate: 3.2.3 RC 3

    Godot 3.2.2 was released on June 26 with over 3 months' worth of development, including many bugfixes and a handful of features. Some regressions were noticed after the release though, so we decided that Godot 3.2.3 would focus mainly on fixing those new bugs to ensure that all Godot users can have the most stable experience possible.

    Here's a third Release Candidate for the upcoming Godot 3.2.3 release. Please help us test it to ensure that no new regressions have slipped through code review and testing.

    Note: The previous 3.2.3 RC 2 was actually not built from the intended commit, and reflected the same changeset as RC 1. Tests made on RC 2 are still valid and useful, but did not help validate the very latest commits, hence this third release candidate. The changes new in this build are thus the ones made between RC 1 and RC 3.

  • What Is Fuzz Testing? A Guide.

    Not all software testing techniques have origin stories, but fuzz testing does: On a stormy evening in 1988, Barton Miller, a computer science professor at the University of Wisconsin-Madison, was using a dial-up connection to work remotely on a Unix computer from his apartment. He was attempting to feed input information into a computer program, only to see the program repeatedly crash.

    He knew that the electrical noise from the thunderstorm was distorting his inputs into the program as they traveled through the phone line. The distorted inputs were different from what the software needed from the user, resulting in errors. But as he describes in his book, Fuzzing for Software Security Testing and Quality Assurance, Miller was surprised that even programs he considered robust were crashing as a result of the unexpected input, instead of gracefully handling the error and asking for input again.

    [...]

    Miller’s concern about what he saw during his thunderstorm experience extended beyond the annoyance of having applications crash unexpectedly. Applications that are not able to handle unexpected input also pose security concerns. Errors that aren’t handled by the program are vulnerabilities that attackers can exploit to hack into systems.

    In fact, attackers often use fuzz testing tools to locate vulnerabilities in applications, according to Jared DeMott, the CEO of VDA Labs security testing company and the instructor of several Pluralsight courses on testing.

    “If you follow what we call a secure development lifecycle… fuzzing is one piece of the lifecycle that relates to the testing portion of it,” DeMott said.

  • [Old] Infinite scrolling on the web is complexity layered on top of complexity layered on top of complexity

    Does all that stuff sound hard? Sorry, but it’s worse.

More in Tux Machines

Today in Techrights

Android Leftovers

LibreOffice 6.4.5 finally for Slackware 14.2

The Document Foundation recently released version 7.0.0 of their Libre Office suite of applications. The packages for Slackware-current can be found in my repository. But the situation for Slackware 14.2 used to be different – I got stuck after LibreOffice 6.2 because the newer source releases (6.3 and onwards) require versions of system software that our stable Slackware 14.2 platform does not offer. From time to time during the last year, when there was time and the build box was not compiling packages, I messed around with the libreoffice.SlackBuild script in futile attempts to compile recent versions of LibreOffice on Slackware 14.2. I failed all the time. Until last week. After I had uploaded the new KDE Plasma5 packages to ‘ktown‘, I had an epiphany and decided to use a new approach. What I did was: question all the historic stuff in the SlackBuild script that got added whenever I needed to work around compilation failures; and accept that the compilation needs newer versions of software than Slackware 14.2 offers. The first statement meant that I disabled patches and variable declarations that messed with compiler and linker; and for the second statement I stuck to a single guideline: the end product, if I were able to compile a package successfully, has to run out of the box on Slackware 14.2 without the need to update any of the core Slackware packages. Read more

Web Browsers: New Tor RC, Firefox/Mozilla Trouble, and Web Browsers Need to Stop

  • New release candidate: 0.4.4.4-rc

    There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.4.4-rc from the download page. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely in the coming weeks.

    Remember, this is a release candidate, not a a stable release: you should only run this if you'd like to find and report more bugs than usual.

  • Mozilla is dead

    If Mozilla wants to survive, the management will be fired with unearned compensation, the most important departments will be strengthened, products that nobody ordered will be discontinued and the organization will be limited to its core competence. Browser, email, security, adaptability and the fight for a free Internet. And they work with all their might to ensure that the products will become an integral part of everyday life and all operating systems.

    Three months. That’s all the time they have for a clear signal. After that, users have to make a decision. Unfortunately, it will probably only be something with chromium.

    Poor Internet.

  • Web browsers need to stop

    I call for an immediate and indefinite suspension of the addition of new developer-facing APIs to web browsers. Browser vendors need to start thinking about reducing scope and cutting features. WebUSB, WebBluetooth, WebXR, WebDRM WebMPAA WebBootlicking replacing User-Agent with Vendor-Agent cause let’s be honest with ourselves at this point “Encrypted Media Extensions” — this crap all needs to go. At some point you need to stop adding scope and start focusing on performance, efficiency, reliability, and security5 at the scope you already have.