An anonymous reader quotes a report from ZDNet: President-elect Joe Biden's transition team announced that David Recordon, one of OpenId and oAuth's developers, has been named the White House Director of Technology. Recordon most recently was the VP of infrastructure and security at the non-profit Chan Zuckerberg Initiative Foundation. Before that, Recordon was Facebook's engineer director. There, he had led Facebook's open-source initiatives and projects. Among other programs, this included Phabricator, a suite of code review web apps, which Facebook used for its own development. He also led efforts on Cassandra, the Apache open-source distributed database management system; HipHop, a PHP to C++ source code translator; and Apache Thrift, a software framework, for scalable cross-language services development. In short, he's both a programmer and manager who knows open-source from the inside out.

Recordon learned to program at a public elementary school. According to the Biden-Harris transition team, he's spent his almost two-decade career working at the intersection of technology, security, open-source software, public service, and philanthropy. Looking forward to the challenges Recordon faces in his new position, he wrote on LinkedIn: "The pandemic and ongoing cybersecurity attacks present new challenges for the entire Executive Office of the President, but ones I know that these teams can conquer in a safe and secure manner together." The report notes that Recordon served as the first Director of White House Information Technology during President Barack Obama's term of office, working on IT modernization and cybersecurity issues. He's also served as the Biden-Harris transition team's deputy CTO.

71-year-old Hugh Pickens (Slashdot reader #49,171) is a physicist who explored for oil in the Amazon jungle, commissioned microwave communications systems in Saudi Arabia, and built satellite control stations for Goddard Space Flight Center around the world including Australia, Antarctica, and Guam.

After retiring in 1999, he wrote over 1,400 Slashdot posts, and in the site's 23-year history still remains one of its two all-time most active submitters (behind only long-time Slashdot reader theodp). Today theodp shares an article by Hugh Pickens: I am a Covid Survivor," writes former Slashdot contributor extraordinaire Hugh Pickens (aka pickens, aka Hugh Pickens writes, aka Hugh Pickens DOT Com, aka HughPickens.com, aka pcol, aka ...). "I got the Covid six weeks ago and yesterday I was declared virus free. I had what was called a moderate case of Covid. I was never hospitalized. I was never in any real danger of death. But I was in bed for three weeks.

"It knocked me on my ass. I have been talking about my Covid when I go out and a lot of people are interested in what it really means to have a moderate case of Covid. I don't claim to speak for every Covid patient. I certainly can't speak for the ones who went into the hospital and are on ventilators. But I think the majority of people have a moderate case of Covid so I thought I would write this up for people that were interested."
During those three consecutive weeks in bed, "I guess I ate Jell-O for about two weeks..." Pickens writes. "I was laying in bed all day long. I was sleeping 12 to 14 hours a day..." He lost 25 pounds — and vividly describes having nightmares "every night like clockwork." But the essay ends with him committed to making the most of his second chance. "I'm only going to do what's important from now on...

"I'm 71 years old and I may have five more years or ten but I am going to live every day like it's my last."

Phoronix reports: It's been a turbulent year and 2020 is certainly ending interesting in the Linux/open-source space... If it wasn't odd enough seeing Sony providing a new official Linux driver for their PlayStation 5 DualSense controller for ending out the year, there is also a new Linux port to the Nintendo 64 game console... Yes, a brand new port to the game console that launched more than two decades ago.

Open-source developer Lauri Kasanen who has contributed to Mesa and the Linux graphics stack took to developing a new Nintendo 64 port and announced it this Christmas day. This isn't the first time Linux has been ported to the N64 but prior attempts weren't aimed at potentially upstreaming it into the mainline Linux kernel...

This fresh port to the N64 was pursued in part to help port emulators and frame-buffer or console games.
And also, the announcement adds, "Most importantly, because I can."

"Edmund M. Clarke, the FORE Systems Professor of Computer Science Emeritus at Carnegie Mellon University, has died of Covid-19," writes Slashdot reader McGruber.

From the Pittsburgh Post-Gazette: Professor Clarke was best known for his work in model checking, an automated method for detecting design errors in computer hardware and software. CMU president Farnam Jahanian said the world had "lost a giant in computer science" with Mr. Clarke's death. "Ed's pioneering work in model checking applied formal computational methods to the ultimate challenge: computers checking their own correctness," Mr. Jahanian said in a statement. "As systems become ever more complex, we are just beginning to see the wide-reaching and long-term benefits of Ed's insights, which will continue to inspire researchers and practitioners for years to come."

In the early 1980s, Mr. Clarke and his Harvard University graduate student, E. Allen Emerson — as well as Joseph Sifakis of the University of Grenoble, who was working separately — developed model checking, which has helped to improve the reliability of complex computer chips, systems and networks. For their work, the Association for Computing Machinery gave the three scientists the prestigious A.M. Turing Award — computer science's Nobel Prize — in 2007.

Mr. Clark's citation on the Turing Award website said Microsoft and Intel and other companies use model checking to verify designs for computer networks and software. "It is becoming particularly important in the verification of software designed for recent generations of integrated circuits, which feature multiple processors running simultaneously," the citation page said. "Model checking has substantially improved the reliability and safety of the systems upon which modern life depends."

Ananda Sharma, founder of the app Gyroscope, describes to a local TV station the monolith he discovered during a Christmas-morning jog under a candy-cane red sunrise.

"I think I smelled it before I saw it..."

He spotted a double rainbow and wanted to peek at that too. At first, he thought the monolith was "a big post," but as he got closer, he smelled the gingerbread scent wafting toward him. The monolith is standing in panels separated by icing...

"It made me smile.
SFGate spoke to another eye-witness: Alexis Gallagher also happened upon the sweet monolith at about 8:25 a.m. Friday morning, confirming it was made of gingerbread, frosting and gumdrops... "I had a closer look and it looks like there's a plywood skeleton underneath, but I try not to dwell on such mundane realities."

Gallagher added that he had to "stop my dog from nibbling on it..."
When reached for an official comment, the San Francisco Recreation and Parks Department General Manager told the TV news reporter that the gingerbread monolith "Looks like a great spot to get baked."

Then he added more sternly that "we will leave it up until the cookie crumbles."

But their article notes it raises several questions for Bay Area residents: Did Christmas-happy aliens beam it down from above? Did some rogue artificial intelligence escape a nearby Google campus, and, driven mad by our plethora of Christmas music...design an art piece to brighten our days? And just how expensive is it to rent a highrise apartment within its crumbly, ginger-pungent walls...?
SFGate's report ends with Ananda Sharma noting that it began raining in San Francisco at 11:30 a.m., adding, "not sure what happens to gingerbread in the rain but it probably isn't good."

Redox OS, the micro-kernel based Rust-written operating system, is out with a new Christmas release. From a report: Redox OS 0.6 was released on Christmas Eve with many bug fixes and new features. Redox OS 0.6 features a complete rewrite of its RMM kernel memory manager, improvements to its Relibc C library implementation, Pkgar as a new package format, and Rust code compatibility updates. It's been the better part of two years since Redox 0.5 was released but moving forward they hope to start releasing new updates more often.

fahrbot-bot shares a report from Phys.Org: Researchers from Tokyo Metropolitan University have discovered a way to make self-assembled nanowires of transition metal chalcogenides at scale using chemical vapor deposition. By changing the substrate where the wires form, they can tune how these wires are arranged, from aligned configurations of atomically thin sheets to random networks of bundles. This paves the way to industrial deployment in next-gen industrial electronics, including energy harvesting, and transparent, efficient, even flexible devices.

Using a process called chemical vapor deposition (CVD), they found that they could assemble TMC nanowires in different arrangements depending on the surface or substrate that they use as a template. Examples are shown in Figure 2; in (a), nanowires grown on a silicon/silica substrate form a random network of bundles; in (b), the wires assemble in a set direction on a sapphire substrate, following the structure of the underlying sapphire crystal. By simply changing where they are grown, the team now have access to centimeter-sized wafers covered in the arrangement they desired, including monolayers, bilayers and networks of bundles, all with different applications. They also found that the structure of the wires themselves were highly crystalline and ordered, and that their properties, including their excellent conductivity and 1D-like behavior, matched those found in theoretical predictions. The research has been published in the journal Nano Letters.

Sony has published a new "hid-playstation" Linux kernel driver for bringing up the PlayStation 5 DualSense controller and will also be used for supporting other PlayStation hardware on Linux. Phoronix reports: This new Linux kernel driver supports the PlayStation 5 "DualSense" game controller both in USB and Bluetooth modes. All key functionality along with LEDs, motion sensors, touchpad, battery, lightbar, and rumble are all supported by this official Sony Linux driver. The Linux kernel already has the existing "hid-sony" driver while this PlayStation 5 game controller comes with the hid-playstation driver. In announcing the new driver, they are planning to move some of the Sony Interactive Entertainment hardware support from the existing hid-sony to hid-playstation drivers. The hid-sony driver will continue to be maintained and used by broader Sony devices. This new driver follows the move from about a year ago of Sony "officially" maintaining the hid-sony Linux input driver.

This new driver comes in at just over 1,400 lines of code in its initial form catering to the PS5 controller. When transitioning support for older hardware to this new driver there is also a promise of unit test coverage and more. The new HID-PlayStation driver is currently under review and isn't yet queued up for mainlining but those wanting to try it out can find the 13 patches up for testing.

Roughly half a billion people played Among Us in November, becoming "by far the most popular game ever in terms of monthly players," according to Nielsen's SuperData. The Verge reports: The success is even more remarkable because InnerSloth -- the company that makes Among Us -- only has four employees. That's roughly 125 million players per person who works on the game. It's proven to be so popular that the studio decided to cancel a sequel that was in the works and just put all its effort into improving the original. It even caught the attention of sitting congresswoman Alexandria Ocasio-Cortez, who livestreamed herself playing it to try to encourage people to vote, with an audience on Twitch that peaked at over 400 thousand viewers.

In an email to The Verge, Carter Rogers, Principal Analyst at SuperData, said that the next-most popular game in terms of monthly active users only clocked in at 300 million. Rogers notes that Nielsen arrives at its figures through a mix of "point-of-sale and event data from publishers, developers and payment service providers." Among Us' release on the Nintendo Switch was recent enough that it didn't have an appreciable impact on the game's total numbers in Nielsen's analysis.

Application-security company Veracode "has released the 11th volume of its annual State of Software Security report, and its findings reveal that flawed applications are the norm, open-source libraries are increasingly untrustworthy, and it's taking a long time to patch problems," reports TechRepublic.

The top three security flaws — like last year — are still information leakage, cryptographic issues, and CRLF injection: The report found a full 76% of apps contained flaws, and 24% of apps have flaws considered highly severe. Some 70% of apps are inheriting security flaws from their open-source libraries, but it's important to note that only 30% of apps have more security bugs in their open-source libraries than in code written in-house, suggesting that it isn't solely open-source projects that are to blame... In terms of how bugs are being resolved, Veracode found that 73% of the bugs it found as part of the report were patched, which is a big improvement over previous years, when that number was in the mid-50% range. Despite that good sign, it's still taking an average of six months to close half of discovered flaws...

Veracode also released a heatmap of the worst bugs in the most popular languages. Interestingly enough, the language with the least use of open-source libraries is also the one with the most bugs: PHP.

Looking at the heatmap, it's easy to spot which of the five popular languages included has the worst security. Following PHP is C++, then Java, .Net, JavaScript, and Python. The latter two are, doing considerably better than the competition, with the worst flaws in each only being found in roughly 30% of apps. Compared to PHP with 74.6% of its apps vulnerable to cross-site scripting, JavaScript and Python are security powerhouses.

An anonymous Slashdot reader writes: For the past year, hackers have been breaking into MySQL databases, downloading tables, deleting the originals, and leaving ransom notes behind, telling server owners to contact the attackers to get their data back. If database owners don't respond and ransom their data back in nine days, the databases are then put up on auction on a dark web portal.
"More than 85,000 MySQL databases are currently on sale on a dark web portal for a price of only $550/database," reports ZDNet: This suggests that both the DB intrusions and the ransom/auction web pages are automated and that attackers don't analyze the hacked databases for data that could contain a higher concentration of personal or financial information. Signs of these ransom attacks have been piling up over the course of 2020, with the number of complaints from server owners finding the ransom note inside their databases popping up on Reddit, the MySQL forums, tech support forums, Medium posts, and private blogs.

"NASA's twin Voyager probes keep making discoveries in interstellar space," reports Space.com The Voyager mission has detected a new type of "electron burst," which will provide insights into the mechanisms of flaring stars, a new study reports. The bursts occur when cosmic ray electrons — fast-moving particles from far beyond the solar system — are pushed by shock waves generated by solar eruptions. The electrons then accelerate further along cosmic magnetic field lines to incredible speed, study team members said.

"The idea that shock waves accelerate particles is not new," corresponding author Don Gurnett, professor emeritus in physics and astronomy at the University of Iowa, said in a statement. "[But] we detected it in a new realm: the interstellar medium, which is much different than in the solar wind, where similar processes have been observed...."

Eventually, the magnetic field lines propel the cosmic rays to almost the speed of light — nearly 670 times faster than the solar shock waves that first pushed them. (The shock waves move at roughly 1 million mph, or 1.6 million kph, study team members said.)
The article marvels at the fact that the spacecraft are still sending back data regularly from 14 billion miles away, beyond the edge of our solar system, more than 43 years after they left earth. They even detected the original solar shock wave which caused the electron burst "up to a year after the event occurred.

"The wait time happened because the spacecraft are so far from the sun."

"A Mysterious Object Is Hurtling Towards Earth, and Scientists Don't Know What It Is," read Newsweek's headline on Monday, describing an object projected to pass 31,605 miles from earth. (One astronomer told them that was roughly 13% of the average distance between the earth and the moon).

But then a computer model calculated its past trajectories through space, according to the director for NASA's Center for Near Earth Object Studies (CNEOS). "One of the possible paths for 2020 SO brought the object very close to Earth and the Moon in late September 1966," he said in a statement. "It was like a eureka moment when a quick check of launch dates for lunar missions showed a match with the Surveyor 2 mission."

On Wednesday NASA described how a team led by Vishnu Reddy, an associate professor/planetary scientist at the Lunar and Planetary Laboratory at the University of Arizona, tried to prove what they'd seen was a 54-year-old booster rocket: Through a series of follow up observations, Reddy and his team analyzed 2020 SO's composition using NASA's IRTF and compared the spectrum data from 2020 SO with that of 301 stainless steel, the material Centaur rocket boosters were made of in the 1960's. While not immediately a perfect match, Reddy and his team persisted, realizing the discrepancy in spectrum data could be a result of analyzing fresh steel in a lab against steel that would have been exposed to the harsh conditions of space weather for 54 years. This led Reddy and his team to do some additional investigation.

"We knew that if we wanted to compare apples to apples, we'd need to try to get spectral data from another Centaur rocket booster that had been in Earth orbit for many years to then see if it better matched 2020 SO's spectrum," said Reddy. "Because of the extreme speed at which Earth-orbiting Centaur boosters travel across the sky, we knew it would be extremely difficult to lock on with the IRTF long enough to get a solid and reliable data set."

However, on the morning of Dec. 1, Reddy and his team pulled off what they thought would be impossible. They observed another Centaur D rocket booster from 1971 launch of a communication satellite that was in Geostationary Transfer Orbit, long enough to get a good spectrum. With this new data, Reddy and his team were able to compare it against 2020 SO and found the spectra to be consistent with each another, thus definitively concluding 2020 SO to also be a Centaur rocket booster...
So what happens next? 2020 SO made its closest approach to Earth on Dec. 1, 2020 and will remain within Earth's sphere of gravitational dominance — a region in space called the "Hill Sphere" that extends roughly 930,000 miles (1.5 million kilometers) from our planet — until it escapes back into a new orbit around the Sun in March 2021.

As NASA-funded telescopes survey the skies for asteroids that could pose an impact threat to Earth, the ability to distinguish between natural and artificial objects is valuable as nations continue to explore and more artificial objects find themselves in orbit about the Sun.

Astronomers will continue to observe this particular relic from the early Space Age until it's gone.

This week the Microsoft-owned code repository site GitHub released its annual report with statistics about its community, writes programming columnist Mike Melanson: The report offers a deep dive into three specific areas, with a look at developer productivity in the time of COVID, community and collaboration, and open source security. Highlights include increased productivity with 35% more repositories created in 2020 than 2019, a large open source community with more than 56M developers in 2020 with 100M expected by 2025, and security vulnerabilities that often go undetected for more than 4 years before being disclosed and 94% of projects relying on open source components.
"2020 has been a year of extraordinary change," notes GitHub's report. "Yet with 60M+ new repositories created this past year, one thing has remained true — developers came together from all corners of the world to innovate, find connection, and solve problems."

GitHub reports that over 1.9 billion contributions were added in the last year, with users distributed around the globe:

North America:	34%
Asia:	30.7%
Europe:	26.8%
South America:	4.9%
Africa:	2%
Oceania:	1.7%

And while JavaScript is still the most popular language used on the site, Python remains more popular (at #2) than Java (at #3) for the second year in a row.

1. JavaScript
2. Python
3. Java
4. TypeScript
5. C#
6. PHP
7. C++
8. C
9. Shell
10. Ruby

A Reddit user found Google Earth photos showing the Utah monolith may have appeared in its canyon up to five years ago, according to The Daily Beast. But it's gone now: Last week, a team of four people removed the Utah obelisk. One of them, a Utah adventure guide, explained their actions in an Instagram post. "We removed the Utah Monolith because there are clear precedents for how we share and standardize the use of our public lands, natural wildlife, native plants, fresh water sources, and human impacts upon them. The mystery was the infatuation and we want to use this time to unite people behind the real issues here — we are losing our public lands — things like this don't help," Sylvan Christensen wrote.

Although the statue had damaged some of the surrounding rock formations, its real cost came when hordes of tourists drove cars and rode helicopters to the remote canyon to see it, Christensen said. "This land wasn't physically prepared for the population shift (especially during a pandemic)," he wrote. "People arrived by car, by bus, by van, helicopter, planes, trains, motorcycles and E-bikes and there isn't even a parking lot. There aren't bathrooms — and yes, pooping in the desert is a misdemeanor. There was a lot of that."
"The group of four took the big pieces of the monolith and placed them in a wheelbarrow and said 'leave no trace' as they rolled it away," reports CNN, citing a photographer who witnessed the event.

The second mysterious monolith that appeared in Romania has also been "removed by parties unknown," reports the Bay Area Newsgroup. But a third monolith also mysteriously appeared 200 miles south of San Francisco in the small town of Atascadero on Tuesday, according to SFGate. Though their reporter has a theory as to why: Atascadero is a handy place. There's plenty of rugged cowboy types, and plenty of people with the room and machinery to weld and rivet some sheets of metal together. The local band when I was in high school was in fact known for riveting metal parts and tubing onto stages and cars and painting the whole thing silver...

[W]hen Atascadero saw this monolith trend hitting, someone took note of the importance of getting in fast, went out into their garage and built a monolith.
"And then, overnight, it was gone," notes the Bay Area News Group. Forbes describes the young men responsible as "Dressed in camo gear, armed with night-vision goggles and energy drinks," and at least once referencing the QAnon conspiracy theory. "One of the men even states: 'We don't want illegal aliens from Mexico, or outer space.'"

The Bay Area News Group writes: The revelation that the culprits drove five hours from Southern California to tear it down, live-streaming the trek, has angered Central Coast residents. Video shows the four young men chanting "Christ is king" as they tear down the monolith and replace it with a plywood cross. They also made racist and anti-immigrant statements...

In a statement Thursday, Atascadero Mayor Heather Moreno said: "We are upset that these young men felt the need to drive 5 hours to come into our community and vandalize the Monolith.

"The Monolith was something unique and fun in an otherwise stressful time."

GitHub has released its annual Octoverse report, revealing trends in one of the largest developer communities on the planet, including a spike in open source project activity following the start of the COVID-19 pandemic. VentureBeat: JavaScript continues to be the most popular programming language on GitHub, while Python is now the second most popular, followed by Java and the fast-growing TypeScript community. Maintained by GitHub owner Microsoft, TypeScript has climbed from seventh place in 2018 and 2019 to fourth overall this year. PHP and Ruby, languages that ranked among the most popular five years ago, continued to decline in popularity.

Apple has picked "Code Switch" as the best audio show of the year, marking the first time the company has recognized a single podcast in this way. Engadget reports: Code Switch is NPR's weekly discussion on race. While the series has been on the air for the better part of seven years, it became significantly more popular over the summer as people across the US took to protest the death of George Floyd and other instances of racial injustice.

As in past years, the company also shared a selection of the most popular audio shows people listened to through Apple Podcasts. Few surprises here as old favorites like Stuff You Should Know, This American Life and The Daily came out as the most popular shows in the US. When it comes to shows new to 2020, Unlocking Us, Nice White Parents and CounterClock made the top three for the year. Apple's editorial team had their say as well. They picked California Love, Canary by the Washington Post and Dying for Sex as their favorites of 2020. If you're looking for something new to listen to, all three lists are a good place to start.

hackingbear writes: Australian Prime Minister Scott Morrison demanded an apology after a senior Chinese official posted a "fake image" of an Australian soldier holding a knife with blood on it to the throat of an Afghan child, calling it "truly repugnant" and demanding it be taken down. The Australian government has asked Twitter to remove the image, posted on Monday by China's foreign ministry spokesman Zhao Lijian on his official Twitter account, Morrison said. "It is utterly outrageous and cannot be justified on any basis," Morrison said. "The Chinese government should be utterly ashamed of this post. It diminishes them in the world's eyes."

The image is actually an art work, originally posted on Weibo by online artist Wuhe Qilin, based on the recently uncovered war crimes committed by Australian special forces in the Afghan War. On Friday, Australia has told 13 special forces soldiers they face dismissal in relation to an independent report on alleged unlawful killings in Afghanistan, the head of the country's army said on Friday. "It is the Australian government who should feel ashamed for their soldiers killing innocent Afghan civilians," said Hua Chunying, China's foreign ministry spokeswoman, when asked about Morrison's comments. Wuhe Qilin praised Zhao's re-posting [translation: "Deputy Zhao's strong. Go for it!"] of his work.

NBC News reports: Many urban centers have seen residents move out in large numbers since the start of stay-at-home orders in March, but the shift has been especially dramatic for San Francisco, a city that was already experiencing rapid change because of the tech industry. Software engineers, CEOs and venture capitalists have chosen to jump from the Bay Area to places such as Denver, Miami and Austin, Texas, citing housing costs, California's relatively high income tax and the Bay Area's general resistance to rapid growth and change.

The scale of the departures is visible in vacant high-end apartments, moth-balled offices and quieter streets in neighborhoods popular with tech workers. And while no one is exactly celebrating, especially as Covid-19 has devastated the incomes of many people, some residents were ready to take a break from the rich.... Rents may have fallen 20 percent or more from a year ago, but they're still high by national standards, and many artists left the city a long time ago.

Although some companies such as Pinterest have canceled leases, Google is expanding its offices in San Francisco, a sign of the tech industry's attachment to the city despite the local hostility and the predictions of a permanent work-from-home culture...

Tracy Rosenberg, executive director of Media Alliance, a San Francisco nonprofit that is often critical of the power of tech companies, said she wonders whether tech workers will want to return to a place where they've received a mixed welcome. "The level of tech blowback in San Francisco and the Bay Area was going up in intensity," she said. "I think there'll be sort of a reluctance to come back and face that, because that was reaching a level that was hard to live with — when you are the cause of all social problems, in the eyes of a significant part of the population, at least."

"PHP version 8.0 has arrived, bringing with it a major update to the 25-year-old programming language..." writes Tech Republic.

New language features include the nullsafe operator and attributes (commonly known as annotations in other languages) to add metadata to classes — and more: The JIT compiler is designed to bring performance improvements to web applications by turning code into instructions for the CPU at runtime. Meanwhile, union types is a feature that allows data of more than one type to be held by a variable. Named arguments allow developers to assign values to a function by specifying the value name, allowing optional parameters to be ignored. Alongside these, version 8.0 of PHP brings optimizations and enhancements to the language's type system, syntax, error handling and consistency....

Commenting on PHP 8.0, PHP programmer and stitcher.io developer, Brent Roose, noted that the latest version of the language may require developers to review code for any breaking changes.