snydeq writes "Self-taught technologists are almost always better hires than those with a bachelor's degree in computer science and a huge student loan, writes Andrew Oliver. 'A recruiter recently asked me why employers are so picky. I explained that of the people who earned a computer science degree, most don't know any theory and can't code. Instead, they succeed at putting things on their resume that match keywords. Plus, companies don't consider it their responsibility to provide training or mentoring. In fairness, that's because the scarcity of talent has created a mercenary culture: "Now that my employer paid me to learn a new skill, let me check to see if there's an ad for it on Dice or Craigslist with a higher rate of pay." When searching for talent, I've stopped relying on computer science degrees as an indicator of anything except a general interest in the field. Most schools suck at teaching theory and aren't great at Java instruction, either. Granted, they're not much better with any other language, but most of them teach Java.'"

miller60 writes "GoDaddy says yesterday's downtime was caused by internal network problems that corrupted data in router tables. 'The service outage was not caused by external influences,' said Scott Wagner, Go Daddy's Interim CEO. 'It was not a 'hack' and it was not a denial of service attack (DDoS). ... At no time was any customer data at risk or were any of our systems compromised.' The outage lasted for at least six hours, and affected web sites and email for customers of the huge domain registrar."

jfruh writes "Apple's spent more than a decade on version 10 — or, rather, X — of its flagship operating system, with .x versions named after big cats (and many of them, it turns out, after the same big cats). Ubuntu Linux is scrambling to find ever more obscure animals to alliteratively name its versions after. And let's not even talk about Windows, whose current shipping OS is sold as Windows 7 but is really Windows NT 6.1. Why is this area of software marketing so ridiculous?"

chicksdaddy writes "The cloud-based hosting firm MediaFire has reversed a decision to suspend the account of virus researcher Mila Parkour after Naked Security raised questions about copyright violation complaints made against her by the mysterious firm LeakID. In an email to Parkour on Friday, MediaFire's director of customer support, Daniel Goebel, said that the company was restoring Parkour's access to her MediaFire account and apologized for the interruption in service. MediaFire also said it was asking LeakID, the Paris-based firm that accused Parkour of sharing copyrighted material, to 'confirm the status of the counterclaim [Parkour] submitted.' However, the firm is still blocking access to files that LeakID alleged were violating the US Digital Millennium Copyright Act (DMCA), a strict copyright enforcement law in the U.S."

Trailrunner7 writes "Saudi Aramco says that the virus attack that compromised tens of thousands of the company's workstations last month never endangered the company's oil production capabilities and that all of the affected systems have been brought back online and restored. The attack on Aramco has been linked by researchers to the Shamoon malware, but company officials did not comment on the nature or provenance of the malware. The attack hit Aramco, one of the larger oil producers in the world, on August 15 and the company soon took its main Web sites offline as it investigated the extent and nature of the compromise. A group of attackers calling itself the Cutting Sword of Justice took credit for the attack through a post on Pastebin, saying that the operation had destroyed data on 30,000 machines, including both workstations and servers. The company originally did not comment on the extent of the damage to its network, simply saying that it had suffered an attack and was in the process of cleaning it up. On Monday, company officials said that security staffers had restored all of the infected machines and that its operations were back to normal."

An anonymous reader writes "A member of the Anonymous hacktivist group appears to have taken down GoDaddy with a massive Distributed Denial of Service (DDoS). The widespread issue seems to be affecting countless websites and services around the world, although not for everyone. Godaddy.com is down, but so are some of the site's DNS servers, which means GoDaddy hosted e-mail accounts are down as well, and lots more. It's currently unclear if the servers are being unresponsive or if they are completely offline. Either way, the result is that if your DNS is hosted on GoDaddy, your site may also look as if it is down, because it cannot resolve."

A cascading hardware outage struck subscription payment provider Recurly last week, and that started a long example in how not to manage critical infrastructure. From the article: "Last Monday, the payment provider suffered an intermittent hardware failure, which prevented the company from processing either payments or refunds. The company says it serves over 1,000 customers, including Adobe, BrightCove, and Fox News Radio, processing recurring payments for subscriptions. By Friday, the company still hadn’t completely straightened out the mess, providing updates to customers using payment gateways such as Authorize.net and LinkPoint/First Data."

jfruh writes "What's the longest tech interview you've had to sit through — two hours? Eight? Ruby on Rails devs who want to work for Hashrocket need to travel to Florida and do pair-programming on real projects for a week before they can be hired. The upside is that you'll be put up in a beachfront condo for the week with your significant other; the downside is that you'll be doing real work for a week for little or no pay and no guarantee of a job slot."

CowboyRobot writes "Spyware is no longer the primary concern with unwanted software on mobile devices. According to mobile security firm Lookout, most mobile malware performs 'toll fraud' — billing victims using premium SMS services. The problem is very geographically-dependent, worst in areas with weak SMS regulation, particularly China, Ukraine, and Russia, where users are 10,000 times more likely to have malware on their phones than users in Japan, for example. Other risks include mobile ads surreptitiously uploading personal data, as well as apps that download other malware without users knowing. The full report is available."

way2trivial writes with this snippet from Information Week about a warning from Microsoft reminding Windows administrators that an update scheduled for October 9th will require a higher standard for digital certificates. "That warning comes as Microsoft prepares to release an automatic security update for Windows on Oct. 9, 2012, that will make longer key lengths mandatory for all digital certificates that touch Windows systems. ... Internet Explorer won't be able to access any website secured using an RSA digital certificate with a key length of less than 1,024 bits. ActiveX controls might be blocked, users might not be able to install applications, and Outlook 2010 won't be able to encrypt or digitally sign emails, or communicate with an Exchange server for SSL/TLS communications."

dgharmon writes with word from the BBC that "A U.S. hacker who sold access to thousands of hijacked home computers has been jailed for 30 months. Joshua Schichtel of Phoenix, Arizona, was sentenced for renting out more than 72,000 PCs that he had taken over using computer viruses." Time is cheap: Schichtel admitted to giving access to those 72,000 computers for $1500.

AdmiralXyz writes "Even the darkest corners of the internet aren't immune to the Web 2.0 boom: BoingBoing reports that 4chan is working on the largest codebase update in its history. The new 4chan will include as standard the functionality of popular browser plugins for using the site, as well as a JSON API so- hooray?- anyone can have immediate access to the contents of 4chan for any purpose they like. This represents a significant update to the heretofore haphazard development process of 4chan, and opens up the possibility of third-party 4chan apps... though probably not on the App Store."

king.purpuriu writes "I'm a computer science high school student, and I'm looking for some work in IT freelancing. I have had a interest in computers and programming for a while, and I began learning on my own before high school. I would like to gain some experience (e.g. what the bulk of the jobs in various markets require, various technologies/frameworks and their usage) and possibly make some money on the side (not expecting too much; at this point, any non-negative amount will do). Key areas are web development, app programming and scripting. What solutions do you recommend? Any tips or tricks of which I should be aware? How should I deal with payment (in terms of fees and commissions; I'm from European country), and what type of work should I seek out? I would also be willing to do some small stuff for free in order to gain experience (small, static sites, small scripts, etc.)."

mpol writes "In the past, WhatsApp has been criticized over their insecure use of XMPP. Recently, new versions of their app have incorporated encryption. It seems the trouble isn't over yet for WhatsApp and its users. Sam Granger writes on his blog that WhatsApp is using IMEI numbers as passwords. This is at least the case with the Android app, but other platforms are probably using similar methods. Since someone's IMEI number is easily readable, this isn't really secret information that should be used for authentication."

mbone writes "A very interesting paper (PDF) has just hit the streets (or, at least, Physics Review Letters) about the Heisenberg uncertainty relationship as it was originally formulated about measurements. The researchers find that they can exceed the uncertainty limit in measurements (although the uncertainty limit in quantum states is still followed, so the foundations of quantum mechanics still appear to be sound.) This is really an attack on quantum entanglement (the correlations imposed between two related particles), and so may have immediate applications in cracking quantum cryptography systems. It may also be easier to read quantum communications without being detected than people originally thought."