We're seeing a boom in journaling apps as safer, easier ways to ease us back into posting everything online. From a report: Last year, Apple released a journal app with iOS 17. Former Yahoo CEO Marissa Mayer just unveiled a photo app called Shine, which is made to share photos and memories with a select group of people. Today, Retro -- a startup that we called "the new Instagram" -- is launching a feature called Journals within the app, which lets you record both photos and notes for a select group of people.

As a lifelong journaler, it's hard to forget that I already have an intimate, safe space to record my life and share memories. It is a notebook. I don't have to worry about marketers selling my information, because it's not accessible. What if creating a safe space all of your own means just getting off the internet altogether? Most of these apps are based on the central premise that most of us would rather talk to family or close friends than with a pretty stranger shilling snack boxes. As we reported previously, Retro has a few standout features. Once you join the app, you're prompted to select a few pictures to post per week. In order to see your friends' and family's photos, you have to share photos of your own. That keeps people actively participating instead of lurking.

The foundations behind Rust, Python, Apache, Eclipse, PHP, OpenSSL, and Blender announced plans to create "common specifications for secure software development," based on "existing open source best practices."

From the Eclipse Foundation: This collaborative effort will be hosted at the Brussels-based Eclipse Foundation [an international non-profit association] under the auspices of the Eclipse Foundation Specification Process and a new working group... Other code-hosting open source foundations, SMEs, industry players, and researchers are invited to join in as well.

The starting point for this highly technical standardisation effort will be today's existing security policies and procedures of the respective open source foundations, and similar documents describing best practices.

The governance of the working group will follow the Eclipse Foundation's usual member-led model but will be augmented by explicit representation from the open source community to ensure diversity and balance in decision-making. The deliverables will consist of one or more process specifications made available under a liberal specification copyright licence and a royalty-free patent licence... While open source communities and foundations generally adhere to and have historically established industry best practices around security, their approaches often lack alignment and comprehensive documentation.

The open source community and the broader software industry now share a common challenge: legislation has introduced an urgent need for cybersecurity process standards.
The Apache Foundation notes the working group is forming partly "to demonstrate our commitment to cooperation with and implementation of" the EU's Cyber Resilience Act. But the Eclipse Foundation adds that even before it goes into effect in 2027, they're recognizing open source software's "increasingly vital role in modern society" and an increasing need for reliability, safety, and security, so new regulations like the CRA "underscore the urgency for secure by design and robust supply chain security standards."

Their announcement adds that "It is also important to note that it is similarly necessary that these standards be developed in a manner that also includes the requirements of proprietary software development, large enterprises, vertical industries, and small and medium enterprises." But at the same time, "Today's global software infrastructure is over 80% open source... [W]hen we discuss the 'software supply chain,' we are primarily, but not exclusively, referring to open source."

"We invite you to join our collaborative effort to create specifications for secure open source development," their announcement concludes," promising initiative updates on a new mailing list. "Contribute your ideas and participate in the magic that unfolds when open source foundations, SMEs, industry leaders, and researchers combine forces to tackle big challenges."

The Python Foundation's announcement calls it a "community-driven initiative" that will have "a lasting impact on the future of cybersecurity and our shared open source communities."

In Communication of the ACM, Google's VP of Education notes how calculators impacted math education — and wonders whether generative AI will have the same impact on CS education: Teachers had to find the right amount of long-hand arithmetic and mathematical problem solving for students to do, in order for them to have the "number sense" to be successful later in algebra and calculus. Too much focus on calculators diminished number sense. We have a similar situation in determining the 'code sense' required for students to be successful in this new realm of automated software engineering. It will take a few iterations to understand exactly what kind of praxis students need in this new era of LLMs to develop sufficient code sense, but now is the time to experiment."
Long-time Slashdot reader theodp notes it's not the first time the Google executive has had to consider "iterating" curriculum: The CACM article echoes earlier comments Google's Education VP made in a featured talk called The Future of Computational Thinking at last year's Blockly Summit. (Blockly is the Google technology that powers drag-and-drop coding IDE's used for K-12 CS education, including Scratch and Code.org). Envisioning a world where AI generates code and humans proofread it, Johnson explained: "One can imagine a future where these generative coding systems become so reliable, so capable, and so secure that the amount of time doing low-level coding really decreases for both students and for professionals. So, we see a shift with students to focus more on reading and understanding and assessing generated code and less about actually writing it. [...] I don't anticipate that the need for understanding code is going to go away entirely right away [...] I think there will still be at least in the near term a need to understand read and understand code so that you can assess the reliabilities, the correctness of generated code. So, I think in the near term there's still going to be a need for that." In the following Q&A, Johnson is caught by surprise when asked whether there will even be a need for Blockly at all in the AI-driven world as described — and the Google VP concedes there may not be.

In an interview with Roblox Studio head Stefano Corazza, Eurogamer asked about the reputation Roblox has gained and the notion that it was exploitative of young developers, since it takes a cut from work sometimes produced by children. Here's what he had to say: "I don't know, you can say this for a lot of things, right?" Corazza said. "Like, you can say, 'Okay, we are exploiting, you know, child labour,' right? Or, you can say: we are offering people anywhere in the world the capability to get a job, and even like an income. So, I can be like 15 years old, in Indonesia, living in a slum, and then now, with just a laptop, I can create something, make money and then sustain my life. "There's always the flip side of that, when you go broad and democratized - and in this case, also with a younger audience," he continued. "I mean, our average game developer is in their 20s. But of course, there's people that are teenagers -- and we have hired some teenagers that had millions of players on the platform.

"For them, you know, hearing from their experience, they didn't feel like they were exploited! They felt like, 'Oh my god, this was the biggest gift, all of a sudden I could create something, I had millions of users, I made so much money I could retire.' So I focus more on the amount of money that we distribute every year to creators, which is now getting close to like a billion dollars, which is phenomenal."

At this point the PR present during the interview added that "the vast majority of people that are earning money on Roblox are over the age of 18." "And imagine like, the millions of kids that learn how to code every month," Corazza said. "We have millions of creators in Roblox Studio. They learn Lua scripting," a programming language, "which is pretty close to Python - you can get a job in the tech industry in the future, and be like, 'Hey, I'm a programmer,' right? "I think that we are really focusing on the learning - the curriculum, if you want - and really bringing people on and empowering them to be professionals."

An anonymous reader shares a report: Echoing the past two years of Rust evangelism and C/C++ ennui, Google reports that Rust shines in production, to the point that its developers are twice as productive using the language compared to C++. Speaking at the Rust Nation UK Conference in London this week, Lars Bergstrom, director of engineering at Google, who works on Android Platform Tools & Libraries, described the web titan's experience migrating projects written in Go or C++ to the Rust programming language.

Bergstrom said that while Dropbox in 2016 and Figma in 2018 offered early accounts of rewriting code in memory-safe Rust - and doubts about productivity and the language have subsided - concerns have lingered about its reliability and security. "Even six months ago, this was a really tough conversation," he said. "I would go and I would talk to people and they would say, 'Wait, wait you have an `unsafe` keyword. That means we should all write C++ until the heat death of the Universe.'"

But there's been a shift in awareness across the software development ecosystem, Bergstrom argued, about the challenges of using non-memory safe languages. Such messaging is now coming from government authorities in the US and other nations who understand the role software plays in critical infrastructure. The reason is that the majority of security vulnerabilities in large codebases can be traced to memory security bugs. And since Rust code can largely if not totally avoid such problems when properly implemented, memory safety now looks a lot like a national security issue.

Longtime Slashdot reader kriston writes: Core PostgreSQL developer Simon Riggs dies in airplane crash in Duxford, England. Riggs was the sole occupant of a Cirrus SR22-T which crashed on March 26 after performing touch-and-go maneuvers. Riggs was responsible for much of the enterprise-level features in PostgreSQL, including point-in-time recovery, synchronous replication, and hot standby. He also was the head of the company 2ndQuadrant that provides PostgreSQL support. Riggs' last community contribution was the presentation of the keynote at PostgreSQL Conference Europe 2023 in Prague, which you can watch on YouTube.

"It's a bad day for bugs," joked TechCrunch on Wednesday. "Earlier today, Sentry announced its AI Autofix feature for debugging production code..."

And then the same day, BleepingComputer reported that GitHub "introduced a new AI-powered feature capable of speeding up vulnerability fixes while coding." This feature is in public beta and automatically enabled on all private repositories for GitHub Advanced Security customers. Known as Code Scanning Autofix and powered by GitHub Copilot and CodeQL, it helps deal with over 90% of alert types in JavaScript, Typescript, Java, and Python... After being toggled on, it provides potential fixes that GitHub claims will likely address more than two-thirds of found vulnerabilities while coding with little or no editing.

"When a vulnerability is discovered in a supported language, fix suggestions will include a natural language explanation of the suggested fix, together with a preview of the code suggestion that the developer can accept, edit, or dismiss," GitHub's Pierre Tempel and Eric Tooley said...

Last month, the company also enabled push protection by default for all public repositories to stop the accidental exposure of secrets like access tokens and API keys when pushing new code. This was a significant issue in 2023, as GitHub users accidentally exposed 12.8 million authentication and sensitive secrets via more than 3 million public repositories throughout the year.
GitHub will continue adding support for more languages, with C# and Go coming next, according to their announcement.

"Our vision for application security is an environment where found means fixed."

Long-time Slashdot reader theodp writes: Among the amazing features of the in-process analytical database DuckDB, writes software engineer Paul Gross in DuckDB as the New jq, is that it has many data importers included without requiring extra dependencies. This means it can natively read and parse JSON as a database table, among many other formats. "Once I learned DuckDB could read JSON files directly into memory," Gross explains, "I realized that I could use it for many of the things where I'm currently using jq. In contrast to the complicated and custom jq syntax, I'm very familiar with SQL and use it almost daily."

The stark difference of the two programming approaches to the same problem — terse-but-cryptic jq vs. more-straightforward-to-most SQL — also raises some interesting questions: Will the use of Generative AI coding assistants more firmly entrench the status quo of the existing programming paradigms on whose codebases it's been trained? Or could it help bootstrap the acceptance of new, more approachable programming paradigms?

Had something like ChatGPT been around back in the Programming Windows 95 days, might people have been content to use Copilot to generate reams of difficult-to-maintain-and-enhance Windows C code using models trained on the existing codebases instead of exploring easier approaches to Windows programming like Visual BASIC?

Lindsay Clark reports via The Register: The UK Information Commissioner's Office has received a complaint detailing the mismanagement of personal data at the Nursing and Midwifery Council (NMC), the regulator that oversees worker registration. Employment as a nurse or midwife depends on enrollment with the NMC in the UK. According to whistleblower evidence seen by The Register, the databases on which the personal information is held lack rudimentary technical standards and practices. The NMC said its data was secure with a high level of quality, allowing it to fulfill its regulatory role, although it was on "a journey of improvement." But without basic documentation, or the primary keys or foreign keys common in database management, the Microsoft SQL Server databases -- holding information about 800,000 registered professionals -- are difficult to query and manage, making assurances on governance nearly impossible, the whistleblower told us.

The databases have no version control systems. Important fields for identifying individuals were used inconsistently -- for example, containing junk data, test data, or null data. Although the tech team used workarounds to compensate for the lack of basic technical standards, they were ad hoc and known by only a handful of individuals, creating business continuity risks should they leave the organization, according to the whistleblower. Despite having been warned of the issues of basic technical practice internally, the NMC failed to acknowledge the problems. Only after exhausting other avenues did the whistleblower raise concern externally with the ICO and The Register. The NMC stores sensitive data on behalf of the professionals that it registers, including gender, sexual orientation, gender identity, ethnicity and nationality, disability details, marital status, as well as other personal information.

The whistleblower's complaint claims the NMC falls well short of [the standards required under current UK law for data protection and the EU's General Data Protection Regulation (GDPR)]. The statement alleges that the NMC's "data management and data retrieval practices were completely unacceptable." "There is not even much by way of internal structure of the databases for self-documentation, such as primary keys, foreign keys (with a few honorable exceptions), check constraints and table constraints. Even fields that should not be null are nullable. This is frankly astonishing and not the practice of a mature, professional organization," the statement says. For example, the databases contain a unique ten-digit number (or PRN) to identify individuals registered to the NMC. However, the fields for PRNs sometimes contain individuals' names, start with a letter or other invalid data, or are simply null. The whistleblower's complaint says that the PRN problem, and other database design deficiencies, meant that it was nearly impossible to produce "accurate, correct, business critical reports ... because frankly no one knows where the correct data is to be found." A spokesperson for the NMC said the register was "organized and documented" in the SQL Server database. "For clarity, the register of all our nurses, midwives and nursing practitioners is held within Dynamics 365 which is our system of record. This solution and the data held within it, is secure and well documented. It does not rely on any SQL database. The SQL database referenced by the whistleblower relates to our data warehouse which we are in the process of modernizing as previously shared."

Longtime Slashdot reader jgulla shares an announcement from Redis: Beginning today, all future versions of Redis will be released with source-available licenses. Starting with Redis 7.4, Redis will be dual-licensed under the Redis Source Available License (RSALv2) and Server Side Public License (SSPLv1). Consequently, Redis will no longer be distributed under the three-clause Berkeley Software Distribution (BSD). The new source-available licenses allow us to sustainably provide permissive use of our source code.

We're leading Redis into its next phase of development as a real-time data platform with a unified set of clients, tools, and core Redis product offerings. The Redis source code will continue to be freely available to developers, customers, and partners through Redis Community Edition. Future Redis source-available releases will unify core Redis with Redis Stack, including search, JSON, vector, probabilistic, and time-series data models in one free, easy-to-use package as downloadable software. This will allow anyone to easily use Redis across a variety of contexts, including as a high-performance key/value and document store, a powerful query engine, and a low-latency vector database powering generative AI applications. [...]

Under the new license, cloud service providers hosting Redis offerings will no longer be permitted to use the source code of Redis free of charge. For example, cloud service providers will be able to deliver Redis 7.4 only after agreeing to licensing terms with Redis, the maintainers of the Redis code. These agreements will underpin support for existing integrated solutions and provide full access to forthcoming Redis innovations. In practice, nothing changes for the Redis developer community who will continue to enjoy permissive licensing under the dual license. At the same time, all the Redis client libraries under the responsibility of Redis will remain open source licensed. Redis will continue to support its vast partner ecosystem -- including managed service providers and system integrators -- with exclusive access to all future releases, updates, and features developed and delivered by Redis through its Partner Program. There is no change for existing Redis Enterprise customers.

An anonymous reader quotes a report from InfoWorld: C++ creator Bjarne Stroustrup has defended the widely used programming language in response to a Biden administration report that calls on developers to use memory-safe languages and avoid using vulnerable ones such as C++ and C. In a March 15 response to an inquiry from InfoWorld, Stroustrup pointed out strengths of C++, which was designed in 1979. "I find it surprising that the writers of those government documents seem oblivious of the strengths of contemporary C++ and the efforts to provide strong safety guarantees," Stroustrup said. "On the other hand, they seem to have realized that a programming language is just one part of a tool chain, so that improved tools and development processes are essential."

Safety improvement always has been a goal of C++ development efforts, Stroustrup stressed. "Improving safety has been an aim of C++ from day one and throughout its evolution. Just compare the K&R C language with the earliest C++, and the early C++ with contemporary C++. My CppCon 2023 keynote outlines that evolution," he said. "Much quality C++ is written using techniques based on RAII (Resource Acquisition Is Initialization), containers, and resource management pointers rather than conventional C-style pointer messes." Stroustrup cited a number of efforts to improve C++ safety. "There are two problems related to safety. Of the billions of lines of C++, few completely follow modern guidelines, and peoples' notions of which aspects of safety are important differ. I and the C++ standard committee are trying to deal with that," he said. "Profiles is a framework for specifying what guarantees a piece of code requires and enable implementations to verify them. There are documents describing that on the committee's website -- look for WG21 -- and more are coming. However, some of us are not in a mood to wait for the committee's necessarily slow progress."

Profiles, Stroustrup said, "is a framework that allows us to incrementally improve guarantees -- e.g., to eliminate most range errors relatively soon -- and to gradually introduce guarantees into large code bases through local static analysis and minimal run-time checks. My long-term aim for C++ is and has been for C++ to offer type and resource safety when and where needed. Maybe the current push for memory safety -- a subset of the guarantees I want -- will prove helpful to my efforts, which are shared by many in the C++ standards committee." Stroustrup previously defended the safety of C++ against the NSA, which recommended using memory-safe languages instead of C++ and C in a November 2022 bulletin.

Databricks CTO Matei Zaharia "said that Databricks had to keep track of scheduling a million things," remembers adjunct MIT professor Michael Stonebraker. " He said that this can't be done with traditional operating system scheduling, and so this was done out of a Postgres database. And then he started to whine that Postgres was too slow, and I told him we can do better than that...."

This resulted in DBOS — short for "database operating system" — which they teamed up to build with teams Stanford and MIT, according to The Next Platform: They founded a company to commercialize the idea in April 2023 and secured $8.5 million initial seed funding to start building the real DBOS. Engine Ventures and Construct Capital led the funding, along with Sinewave and GutBrain Ventures...

"The state that the operating system has to keep track of — memory, files, messages, and so on — is approximately linear to the resources you have got," says Stonebraker. "So without me saying another word, keeping track of operating system state is a database problem not addressed by current operating system schedulers. Moreover, OLTP [Online Transaction Processing] database performance has gone up dramatically, and that is why we thought instead of running the database system in user space on top of the operating system, why don't we invert our thinking 180 degrees and run the operating system on top of the database, with all of the operating services are coded in SQL...?"

For now, DBOS can give the same kind of performance as that full blown Linux operating system, and thanks to the distributed database underpinnings of its kernel, it can do things that a Linux kernel just cannot do... One is provide reliable execution, which means that if a program running atop DBOS is ever interrupted, it starts where it left off and does not have to redo its work from some arbitrary earlier point and does not crash and have to start from the beginning. And because every little bit of the state of the operating system — and therefore the applications that run atop it — is preserved, you can go backwards in time in the system and restart the operating system if it experiences some sort of anomaly, such as a bad piece of application software running or a hack attack. You can use this "time travel" feature, as Stonebraker calls it, to reproduce what are called heisenbugs — ones that are very hard to reproduce precisely because there is no shared state in the distributed Linux and Kubernetes environment and that are increasingly prevalent in a world of microservices.

The other benefit of the DBOS is that it presents a smaller attack surface for hackers, which boosts security, and that you analyze the metrics of the operating system in place since they are already in a NoSQL database that can be queried rather than aggregating a bunch of log files from up and down the software stack to try to figure out what is going on...

There is also a custom tier for DBOS, which we presume costs money, that can use other databases and datastores for user application data, stores more than three days of log data, can have multiple users per account, that adds email and Slack support with DBOS techies, and that is available on other clouds as well as AWS.
The operating system kernel/scheduler "is itself largely a database," with services written in TypeScript, according to the article. The first iteration used the FoundationDB distributed key-value store for its scheduling core (open sourced by Apple in 2018), according to the article — "a blazingly fast NoSQL database... Stonebraker says there is no reason to believe that DBOS can't scale across 1 million cores or more and support Java, Python, and other application languages as they are needed by customers..."

And the article speculates they could take things even further. "There is no reason why DBOS cannot complete the circle and not only have a database as an operating system kernel, but also have a relational database as the file system for applications."

An anonymous reader shared this report: After 20 years of development, the open source GnuCOBOL "has reached an industrial maturity and can compete with proprietary offers in all environments," said OCamlPro founder and GnuCOBOL contributor Fabrice Le Fessant, in a FOSDEM talk about the technology. GnuCOBOL turns COBOL source code into executable applications. It is very cross-platform, running Linux, BSD, many proprietary Unixes, macOS, and Windows, even Android. And the latest version, v.32, is being used in many commercial settings...

Sobisch noted that the GnuCOBOL is seeing a lot of commercial deployments, such as for banking back-end apps, many of which are being migrated from Micro Focus, with users reporting performance improvements as a result. The French DGFIP federal agency moved from a GCOS mainframe to GnuCOBOL, with the help of Le Fessant's firm.

Originally called OpenCOBOL, the project was started in 2002 and renamed GnuCOBOL in 2013. In the past three years, it has received attention from 13 contributors with 460 commits. Most Linux package managers have a copy of GnuCOBOL for the program for downloading... It can compile to C code (C89+), making it extremely portable, from mainframes to Raspberry Pi's, Sobisch said...

Also new is SuperBOL, a development studio for GnuCOBOL developed by Le Fessant's OCamlPro. It runs as a VSCode Extension and features a full COBOL processor (written in OCaml).

theodp writes: Tech-backed nonprofit Code.org on Wednesday fired the latest salvo in its legal battle over $3 million in unpaid licensing fees for the use of Code.org's free [for non-commercial purposes] K-12 computer science curriculum by WhiteHat Jr., the learn-to-code edtech company with a controversial past that was bought for $300M in 2020 by Byju's, another edtech firm that received a $50M investment from Mark Zuckerberg's venture firm that still touts its ties to Zuckerberg on its Investors page.

In a filing in support of a motion for default judgement, Code.org founder and CEO Hadi Partovi wrote: "Whitehat's continued use of Code.org's platform and content without payment following Code.org's termination of the Agreement has caused, and is continuing to cause, irreparable injury to Code.org, because it undermines Code.org's charitable and nonprofit purpose of expanding access to computer science in schools and increasing participation by young women and students from other underrepresented groups and because it jeopardizes Code.org's status as an organization described in Section 501(c)(3) of the Internal Revenue Code of 1986. As a Section 501(c)(3) tax exempt organization, Code.org may not use its assets to benefit for-profit entities without receiving fair compensation."

According to the [proposed] default judgement, "Code.org is awarded the principal amount sued for of $3,000,000, along with attorneys' fees, costs, and expenses in an amount to be determined following Code.org's submission of an application, together with pre-judgment interest of $216,001.16, from May 26, 2023 to March 13, 2024, and any additional pre-judgment interest that may accrue until the date of judgment, calculated at the rate of 9% per annum pursuant to CPLR 5001 and 5004, plus any post-judgment interest at the statutory rate, for a total judgment in the amount of $[TBD]."

Tom Warren reports via The Verge: Discord will soon allow developers to build new games and apps that can be used directly in its chat app. A selection of minigames and apps have been available to Discord users for months now, but starting March 18th, all Discord developers will get access to a new Embedded App SDK that lets them build these special embedded apps. Discord has used its Activities feature to enable apps like YouTube, promote minigames like poker, and even encourage users to play with a shared whiteboard experience. These apps all appear as an embedded iframe inside Discord, but they've been limited to select developers so far.

The SDK will open up this Activities section of Discord to many more developers, so we're bound to see a lot more minigames that can be played directly inside Discord chats. [...] Discord is also experimenting with a way to allow users to add apps to their accounts so they roam across servers. Developers will be able to enable their apps for accounts, and the experiment will launch alongside the app SDK on March 18th. Discord is also bringing back its app pitches, where developers can pitch prototype app ideas and secure up to $30,000 in funding.

A new startup called Cognition AI can turn a user's prompt into a website or video game. From a report: A new installment of Silicon Valley's most exciting game, Are We in a Bubble?!, has begun. This time around the game's premise hinges on whether AI technology is poised to change the world as the consumer internet did -- or even more dramatically -- or peter out and leave us with some advances but not a new global economy. This game isn't easy to play, and the available data points often prove more confusing than enlightening. Take the case of Cognition AI Inc.

You almost certainly have not heard of this startup, in part because it's been trying to keep itself secret and in part because it didn't even officially exist as a corporation until two months ago. And yet this very, very young company, whose 10-person staff has been splitting time between Airbnbs in Silicon Valley and home offices in New York, has raised $21 million from Peter Thiel's venture capital firm Founders Fund and other brand-name investors, including former Twitter executive Elad Gil. They're betting on Cognition AI's team and its main invention, which is called Devin.

Devin is a software development assistant in the vein of Copilot, which was built by GitHub, Microsoft and OpenAI, but, like, a next-level software development assistant. Instead of just offering coding suggestions and autocompleting some tasks, Devin can take on and finish an entire software project on its own. To put it to work, you give it a job -- "Create a website that maps all the Italian restaurants in Sydney," say -- and the software performs a search to find the restaurants, gets their addresses and contact information, then builds and publishes a site displaying the information. As it works, Devin shows all the tasks it's performing and finds and fixes bugs on its own as it tests the code being written. The founders of Cognition AI are Scott Wu, its chief executive officer; Steven Hao, the chief technology officer; and Walden Yan, the chief product officer. Hao was most recently one of the top engineers at Scale AI, a richly valued startup that helps train AI systems. Yan, until recently at Harvard University, requested that his status at the school be left ambiguous because he hasn't yet had the talk with his parents.

Apple is planning to make further changes in EU countries to allow some developers to distribute their iOS apps directly from a website. From a report: The new web distribution feature will be available with a software update "later this spring," according to Apple, providing developers with a key new way to distribute iOS apps in EU markets without the need for a separate app store -- as long as they're willing to adhere to Apple's strict rules.

While Apple is opening up iOS to more third-party apps here, these are still some key security protections around how apps are distributed via websites -- namely, you'll still have to work within the strict Apple app development ecosystem.

Long-time Slashdot reader garote writes: It's the year 1991. You're a teenage computer geek.

You've just upgraded to an Apple IIgs, your first "16-bit" computer. To relieve the crushing boredom of your High School coursework, you and your friends embark on the computer geek equivalent of forming a heavy metal band: Making your own video game.

You meet at the benches during lunch hour, and pass around crude plans scribbled on graph paper. You assign each other impressive titles like "Master Programmer", "Sound Designer", and "Area Data Input". You swap 3.5" disks like furtive secret agents, and stay up coding untl 3am. Your parents look at your owlish eyes — and your slipping grades — and ask if you're "on drugs".

If that sounds familiar, this essay may prove interesting. It uses the game my friends and I started — but didn't finish — in High School over 30 years ago, to explore the absurd programming contortions we did to make it playable on the Apple IIgs: The red-headed stepchild of the Apple II line; a machine that languished for six years without a hardware upgrade to avoid competing with the Macintosh.

Thanks to the recent release of the first cycle-accurate emulator for this machine, you can actually play the game in all its screen-tearing glory. You can also explore the source code which has survived for 30 years, and been adapted to build on modern hardware thanks to Merlin32 and CiderPress II. "Nowadays, the content of the game itself is only good for an embarrassing laugh," according to the web page, "but I feel that the code we hammered out shows the unique challenges of a bygone era, which should be remembered..."

Michael McWhertor reports via Polygon: Warner Bros. Discovery is telling developers it plans to start "retiring" games published by its Adult Swim Games label, game makers who worked with the publisher tell Polygon. At least three games are under threat of being removed from Steam and other digital stores, with the fate of other games published by Adult Swim unclear. The media conglomerate's planned removal of those games echoes cuts from its film and television business; Warner Bros. Discovery infamously scrapped plans to release nearly complete movies Batgirl and Coyote vs. Acme, and removed multiple series from its streaming services. If Warner Bros. does go through with plans to delist Adult Swim's games from Steam and digital console stores, 18 or more games could be affected.

News of the Warner Bros. plan to potentially pull Adult Swim's games from Steam and the PlayStation Store was first reported by developer Owen Reedy, who released puzzle-adventure game Small Radios Big Televisions through the label in 2016. Reedy said on X Tuesday the game was being "retired" by Adult Swim Games' owner. He responded to the company's decision by making the Windows PC version of Small Radios Big Televisions available to download for free from his studio's website. Polygon reached out to other developers who had worked with Adult Swim Games as a publisher. Two studios responded to say that they'd received a similar warning from Warner Bros. Discovery, but they are still in the dark about what it means for their games. [...]

Polygon reached out to 10 studios and solo developers who had their games published by Adult Swim Games to see what they've heard. Some say they haven't been contacted by WB Discovery, but they expect to. "From what I've heard from others, I will probably be hearing from them soon," developer Andrew Morrish, who published Kingsway and Super Puzzle Platformer Deluxe through Adult Swim, told Polygon. "It's not looking good." Molinari said that if and when his game Soundodger+ is pulled from Steam, he'll republish it there "with as little downtime as possible between the two versions." The game is also available from Molinari's itch page.

Epic Games, in a blog post: Apple has told us and committed to the European Commission that they will reinstate our developer account. This sends a strong signal to developers that the European Commission will act swiftly to enforce the Digital Markets Act and hold gatekeepers accountable. We are moving forward as planned to launch the Epic Games Store and bring Fortnite back to iOS in Europe. Epic CEO Tim Sweeney adds: The DMA went through its first major challenge with Apple banning Epic Games Sweden from competing with the App Store, and the DMA just had its first major victory. Following a swift inquiry by the European Commission, Apple notified the Commission and Epic that it would relent and restore our access to bring back Fortnite and launch Epic Games Store in Europe under the DMA law.