soblasted writes "With the recent 2.0 release of the Metasploit Framework, people are wondering if security tools like it do more good than harm. This article attempts to answer the question. The legitimate use of the framework is for security researchers to use in exploit testing and development.It will run on any OS with Perl, and includes a CLI and web GUI, along with many ready to run exploits and payload modules. With HP also developing systems to preemptively attack their own networks, has this become acceptable?" This issue reminds me of the first release of SATAN and the uproar it caused.

Anonymouse asks: "Has anyone out there just had the urge to build Gimp 2.0 on Windows instead of using an installer made by a third party, hosted on a free web hosting service? It's probably fine but it makes me nervous, so I figure I should try building it on Windows instead...besides, it could be educational! Does anyone have any instructions/suggestions for building the source on Windows XP using MinGW and MinSYS? Keep in mind I have no experience with *nix, and my meek programing skillz only apply to Perl. Thanks!"

Tin Foil Hat writes "Paul Murphy over at LinuxInsider examines the role IT text books play in business school curriculums and the misconceptions and misinformation that they present to students. If you've ever wondered why your PHB just doesn't get it when it comes to UNIX and Linux, this article is for you."

tachijuan asks: "I'm an old time hand in the PC world (started with trash-80 in late 70's). Along the way I've gone from the geek in school with the only computer to a CS degree to a position as a senior systems administrator at a major university to industry. And that's where I went to the dark side and became not a geek. About 10 years ago, the corporate rat race caught me and now I'm an exec at a midsize company. After 10 years of no code, it seems like I've never worked on anything serious (still do Perl, PHP, shell, etc scripting at home). Now, I feel the need to change this. How does an old UNIX coder/SysAdmin turned professional corporate cog get back into coding? I've looked at all sorts of languages (C#, C++, Delphi, VB(eh gads), Squeak, IO, etc.) but my problem is that I have unlearned most of the S in CS and the learning curve for the API's to both UNIX and Windows has become...daunting. Short of going back to school, what would you soon to be fellow geeks recommend as a good kick start?"

YellowYahoo writes "Ever wondered how to combine old and new technology for fun and profit? Doing their part to continue COBOL's dominance of installed software, Deskware has developed a COBOL based scripting language designed for serving web pages. Whether or not COBOL will succeed as the next great web language, is obvously up to some debate, but there is at least one active site deployed in Cobolscript. According to their FAQ, their main advantage is leveraging existing employees' programming knowledge. Does that make it a reasonable language to use? There's certainly some justification that COBOL makes a better langauge for implementing business rules than either Perl or Java. Time to dust off (or start learning?) all those older languages!"

Fluidic Binary writes "Now instant messenging can waste our time in exciting 'new' ways, according to Wired News, who reveal that an improved unofficial AIM bot has been created to play Infocom games via AOL's messenging client. According to the article: 'The bot, designed by 26-year-old Web programmer Andy Baio, is a Perl script that acts as an intermediary between the games, which are hosted on his server, and AOL's network.'"

prostoalex writes "Why are networked computing environments so insecure? You've heard the story before - early computers were not designed to work in the network environment, and even most software written later was designed to work on benevolent networks. As Bruce Schneier says in the preface to Building Secure Software: How to Break Code, 'We wouldn't have to spend so much time, money and effort on network security if we didn't have such bad software security.'" Read on for prostoalex's review of Exploiting Software, which aims to balance that situation somewhat.

Hagmonk asks: "I've been writing website backends in Perl, PHP, and MySQL for years now. It's always been about the functionality though, not the presentation. What I'd now like to do is offer clients a complete service - a professional backend, -and- a professionally designed front end (both from an aesthetic and usability standpoint). The thought of heading to a 'typical' website design course frightens me. I don't want to waste my time being spoonfed the very basics. I want a course that teaches me graphics manipulation, layout and usability. I want it in a strong espresso shot of a month tuition max, not spread over a lazy year. Do such courses exist? In Australia or on-line?"

tail.man sent in a Linux Insider piece about the difference between Linux and Windows. Quoting the synopsis "So, what's really the difference between a Unix variant like Linux and any Windows OS? It's that Microsoft reacts to marketing pressure to make design decisions favoring running a few processes faster but then finds itself forced first to layer in backward compatibility and then to engage in a patch-and-kludge upgrade process until the code becomes so bloated, slow and unreliable that wholesale replacement is again called for."

chromatic writes "Perl.com has just published Exegesis 7, Damian Conway's explanation of how text formatting will work Perl 6 (and now, Perl 5, thanks to his Perl6::Form module) will work. Think of it as Perl 1 for the 21st century. Also, Parrot 0.1.0, the virtual machine for Perl 6 and several other dynamic languages, released on Leap Day -- ever wanted to program in an object oriented assembly language?"

andrew cooke writes "A while ago I read the comments following a Slashdot book review. Someone had posted a request for books that covered a wider range of languages than Java, C, Python, etc. Well, I thought, why not review Okasaki's Purely Functional Data Structures? It's a classic from the underworld of functional programming - recognised as the standard reference, yet clear enough to work as an introduction to the subject for anyone with a basic functional programming background. Of course, some readers won't know what functional programming is, or what is special about pure data structures. So I hope that this review can also serve as something of an introduction to the languages that I (a software engineer paid to work with Java, C, Python, etc) choose to use in my spare time, just for the joy of coding." Read on for the rest; even if you're not planning to give up C or Perl, there are links here worth exploring.

An anonymous reader writes "A nimble-fingered gamer has shaved three seconds off the long-standing world record for completing Super Mario Bros. for the original Nintendo Entertainment System. Classic arcade site Twin Galaxies reports that Scott Kessler of North Carolina executed a "near-perfect finish" when he took the record down to five minutes and 17 seconds. Twin Galaxies referee Robert Mruczek watched the entire game on videotape before declaring the feat a new world record."

Ted writes "I continues to look at manipulating and guessing MP3 tags with Perl, FreeDB, and various CPAN models via my autotag.pl application. Writing autotag.pl was grueling but fun. I used fuzzy string matching, FreeDB searches, ID3 versions 1 and 2, and lots of text-mode user interactions. It all came together in an application that I tested thoroughly over the course of a month. Info and Slashdot comments about Part One can be seen here, which was posted in December."

PurdueGraphicsMan writes "There's an article over at Yahoo! about the upcoming version of Perl (version 6) and some of the new features (RFC list). From the article: "Although Perl 5's expressions are the most sophisticated available and aspired to by other programming languages, "no one pretends for a moment that they're anything but hideously ugly," said Damian Conway, a core Perl developer and associate professor at Monash University in Australia.""

jsight writes with his review of Rob McGregor's Practical C++, published by QUE. He writes "Some books attempt to do one thing really well, and others attempt a little of everything. This book is clearly an example of the latter, in full force. Weighing in at a hefty 900 pages, you would expect this book to be crammed with chapters and details on every aspect of the STL and basic C++. In the following review, I am going to cover where it succeeds in doing this, and where it fails." (This book has been out for a few years; what books would make more sense today for a C++ learner's library?)

This is an unusual Slashdot Interview, since instead of using email I asked all the questions in person last week either at LinuxAsia2004 or in casual meetings with local LUG members and other techies I met during the conference. Some of your questions were answered quite well by other Slashdot readers in the original post. (Slashdot has many readers both in and from India.) I also inserted a number of personal observations, which I usually don't do in these interviews, because it seemed to be the best way to answer some of the questions. And some questions were nearly unanswerable, as you'll see when you read the rest of this article.

prostoalex writes "The ActiveState Perl Haiku Poetry Contest has ended. The results are in and here's the page with all the entries." Here's the original announcement.

Jeff writes "The process of Port Knocking is a way to allow only people who know the "secret knock" access to a certain port on a system. For example, if I wanted to connect via SSH to a server, I could build a backdoor on the server that does not directly listen on port 22 (or any port for that matter) until it detects connection attempts to closed ports 1026,1027,1029,1034,1026,1044 and 1035 in that sequence within 5 seconds, then listens on port 22 for a connection within 10 seconds. The web site explains it in some detail, and there is even an experimental perl implementation of it that is available for download. I can't think of any easy ways you could get around a system using this security method - let alone even know that a system is implementing it. Another article on port knocking is here."

Slashback tonight brings you updates and corrections from recent and ongoing stories, including (this time around) non-silver silver paste, the return of the Orkut, Mike Rowe and his not-so-epic battle with Microsoft (one last time, I hope), the future of Zip for Microsoft Windows, and more. Read on below for the details.

Alex Moskalyuk writes "Before Sun monopolized the notion of 'write once, run everywhere,' those who enjoy programming in C++ had the choice of using Qt libraries that provide cross-platform GUI support. C++ GUI Programming with Qt3 is written by the employees of TrollTech, the company that created and currently distributes the Qt environment." Read on for the rest of Alex's review.