John Gruber, writing for DaringFireball: The single biggest misconception about iOS is that it's good digital hygiene to force quit apps that you aren't using. The idea is that apps in the background are locking up unnecessary RAM and consuming unnecessary CPU cycles, thus hurting performance and wasting battery life. That's not how iOS works. The iOS system is designed so that none of the above justifications for force quitting are true. Apps in the background are effectively "frozen", severely limiting what they can do in the background and freeing up the RAM they were using. iOS is really, really good at this. It is so good at this that unfreezing a frozen app takes up way less CPU (and energy) than relaunching an app that had been force quit. Not only does force quitting your apps not help, it actually hurts. Your battery life will be worse and it will take much longer to switch apps if you force quit apps in the background. [...] In fact, apps frozen in the background on iOS unfreeze so quickly that I think it actually helps perpetuate the myth that you should force quit them: if you're worried that background apps are draining your battery and you see how quickly they load from the background, it's a reasonable assumption to believe that they never stopped running. But they do. They really do get frozen, the RAM they were using really does get reclaimed by the system, and they really do unfreeze and come back to life that quickly.

snydeq writes: In today's tech world, the developer is king -- and we know it. But if you're letting us reign over your app dev strategy, you might be in for some surprises, thanks to what we aren't saying, writes an anonymous developer in a roundup of developer secrets that could sink the business. "The truth is, we developers aren't always straight with you. We have a few secrets we like to keep for ourselves. The fact that we don't tell you everything is understandable. You're the boss, after all. Do you tell your boss everything? If you're the CEO, do you loop in the board on every decision? So don't be so surprised when we do it." What possible damaging programming dirt are you keeping the lid on? Some of the points the developer mentions in his/her report include: "Your technical debt is a lot bigger than you think," "We're infatuated with our own code," and "We'd rather build than maintain." If you can think of any others not mentioned in the report, we're all ears! This may be a good time to check the "Post Anonymously" box before you submit your comment.

Software engineer and TechCrunch columnist Jon Evans writes that the C programming language "gives its users far too much artillery with which to shoot their feet off" and is "no longer suitable for the world which C has built." An anonymous reader shared Evans' post: Copious experience has taught us all, the hard way, that it is very difficult, verging on "basically impossible," to write extensive amounts of C code that is not riddled with security holes. As I wrote two years ago, in my first Death To C piece... "Buffer overflows and dangling pointers lead to catastrophic security holes, again and again and again, just like yesteryear, just like all the years of yore. We cannot afford its gargantuan, gaping security blind spots any more. It's long past time to retire and replace it with another language.

"The trouble is, most modern languages don't even try to replace C... They're not good at the thing C does best: getting down to the bare metal and working at mach speed." Today I am seriously suggesting that when engineers refactor existing C code, especially parsers and other input handlers, they replace it -- slowly, bit by bit -- with Rust... we are only going to dig ourselves out of our giant collective security hole iteratively, one shovelful of better code and better tooling at a time."
He also suggests other fixes -- like using a language-theoretic approach which conceptualizes valid inputs as their own formal language, and formal verification of the correctness of algorithms. But he still insists that "C has become a monster" -- and that we must start replacing it with Rust.

Jason Baker, a Red Hat data analyst, doesn't believe developers who use spaces make more money than those who use tabs. An anonymous reader quotes Baker's blog post: After reading the study one data scientist, Evelina Gabasova, performed some additional analysis and came to a slightly different conclusion, which feels a little more precise: "Environments where people use Git and contribute to open source are more associated both with higher salaries and spaces, rather than with tabs." In other words, if you're at a company where you're using version control and committing open source code upstream, you're statistically a little more likely to be a space-user and a higher wage-earner.
Even across all experience levels, contributing to open source still correlates to higher salaries, Gabasova concludes. "My theory is that when diverse people are working on open source projects together without enforced coding style, the possible formatting mess is nudging people towards using spaces simply because the code is consistent for everyone.

"This is just one of the possible theories, I didn't look to see if possibly language communities that use predominantly spaces (like Python or Ruby) are more active in open source."

An anonymous reader shares an article: With just under half-a-million registered Apple developers in the country, India is among the most active markets when it comes to making apps for Apple's platforms, but the iPhone-maker took its time before getting involved with the local ecosystem in a meaningful way. Things started to change earlier this year, when Apple setup App Accelerator - a first-of-its-kind initiative, in namma Bengaluru, India earlier this year. More than three months later, the company's efforts are starting to shape up. Gadgets 360 spoke to many developers who have signed up for the App Accelerator, and they are pleased with how things are going so far. Registration to the App Accelerator - which is capable of hosting 500 developers per week - as well as attending the sessions, is free and open to everyone. At the App Accelerator sessions, which range between two to four hours, "evangelists" from the company are getting developers up to speed with the newest technologies, and guiding them to improve their apps and make the best out of the available resources. Developers told Gadgets 360 they get to understand what new technologies Apple specifically recommends they target, with SiriKit being one such example. That's a big and helpful change, developers say, because Indian companies often take long time in leveraging new features Apple introduces. The most crucial advice that developers have walked out of the campus with, they tell Gadgets 360, has been to reconsider their target audience. The evangelists have told them to make apps that serve to the needs of the local market, instead of focusing their energies in chasing the Western audience.

According to The Information, Amazon may give developers access to your private Alexa audio recordings. Until now, Amazon has not given third-party developers access to what you say to the voice assistant, while Google has with its Google Home speaker. Engadget reports: So far, Alexa developers can only see non-identifying information, like the number of times you use a specific skill, how many times you talk to your Echo device and your location data. The Information reports that some developers have heard from Amazon representatives about more access to actual transcripts, though how and how much wasn't discovered. If developers knew what exactly is being said to their skills, they could make adjustments based on specific information.

New submitter Gornkleschnitzer writes: The majority of humans read silently by rendering a simulation of the printed words as if they were being spoken. By reading that sentence, chances are you're now stuck being conscious of this, too. You're welcome.

As a programmer (and a reader of fanfiction), plenty of things I read are not valid English syntax. When I find myself reviewing class definitions, for loops, and #define macros, I rely on some interesting if inconsistent mental pronunciation rules. For instance, int i = 0; comes out as "int i equals zero," but if(i == 0) sometimes comes out as either "if i is zero" or "if i equals equals zero." The loop for(size_t i = 0; i < itemList.size(); ++i) generally translates to "for size T i equals zero, i less than item list dot size, plus-plus i." I seem to drop C++ insertion/extraction operators entirely in favor of a brief comma-like pause, with cout << str << endl; sounding like "kowt, stur, endel."

What are your code-reading quirks?

theodp writes: Back in ye olde days of the information superhighway," begins Clive Thompson in It's Time to Make Code More Tinker-Friendly, "curious newbies had an easy way to see how websites worked: View Source." But no more. "Websites have evolved into complex, full-featured apps," laments Thompson. "Click View Source on Google.com and behold the slurry of incomprehensible Javascript. This increasingly worries old-guard coders. If the web no longer has a simple on-ramp, it could easily discourage curious amateurs." What the world needs now, Thompson argues, are "new tools that let everyone see, understand, and remix today's web. We need, in other words, to reboot the culture of View Source." Thompson cites Fog Creek Software's Glitch, Chris Coyier's CodePen, and Google's TensorFlow Playground as examples of efforts that embrace the spirit of View Source and help people recombine code in useful ways. Any other suggestions?

As more and more companies get into the smart speaker game, a new report shows just how much ground they have to make up to catch Amazon's digital assistant, Alexa. From a report: Amazon's Alexa voice platform has now passed 15,000 skills -- the voice-powered apps that run on devices like the Echo speaker, Echo Dot, newer Echo Show and others. The figure is up from the 10,000 skills Amazon officially announced back in February, which had then represented a 3x increase from September. The new 15,000 figure was first reported via third-party analysis from Voicebot, and Amazon has since confirmed the figure. According to Voicebot, which only analyzed skills in the U.S., the milestone was reached for the first time on June 30, 2017. During the month of June, new skill introductions increased by 23 percent, up from the less than 10 percent growth that was seen in each of the prior three months.

Two mathematics historians investigated the Lovelace-Byron family archives (which are available online) to confirm the early mathematical prowess of Ada Lovelace for two scholarly journals. Slashdot reader bugs2squash shares a post from the Oxford Mathematical Institute: The work challenges widespread claims that Lovelace's mathematical abilities were more "poetical" than practical, or indeed that her knowledge was so limited that Babbage himself was likely to have been the author of the paper that bears her name. The authors pinpoint Lovelace's keen eye for detail, fascination with big questions, and flair for deep insights, which enabled her to challenge some deep assumptions in her teacher's work. They suggest that her ambition, in time, to do significant mathematical research was entirely credible, though sadly curtailed by her ill-health and early death.
Ada Lovelace died in London at age 36.

An anonymous reader quotes InfoWorld:With a new round of voting completed this week, the Java Community Process Executive Committee passed by a 24-0 vote the Java Platform Module System public review ballot, the subject of Java Specification Request 376. In May, the same group, citing concerns over the plan being disruptive and lacking consensus, voted the measure down, 13 to 10... Red Hat, which voted no on the previous ballot but abstained from the latest one, said there were still several items in the current proposal that it wanted further work on. "However, we do not want to delay the Java 9 release," Red Hat said. Getting "real world" feedback on the modularity system will be key to determine where further changes need to occur, Red Hat said. The Eclipse Foundation, Hazelcast, and Twitter, all of which voted no previously and yes this time around, cited sufficient progress with modularity.
Java 9 is still slated for release on September 21st.

An anonymous reader quotes Computerworld: Ruby has had a reputation as a user-friendly language for building web applications. But its slippage in this month's RedMonk Programming Language Rankings has raised questions about where exactly the language stands among developers these days. The twice-yearly RedMonk index ranked Ruby at eighth, the lowest position ever for the language. "Swift and now Kotlin are the obvious choices for native mobile development. Go, Rust, and others are clearer modern choices for infrastructure," said RedMonk analyst Stephen O'Grady. "The web, meanwhile, where Ruby really made its mark with Rails, is now an aggressively competitive and crowded field." Although O'Grady noted that Ruby remains "tremendously popular," participants on sites such as Hacker News and Quora have increasingly questioned whether Ruby is dying. In the Redmonk rankings, Ruby peaked at fourth place in 2013, reinforcing the perception it is in decline, if a slow one.

An anonymous reader quotes VentureBeat: GitHub wants to help more people become open source contributors with a new initiative called Open Source Friday. As the name implies, the program encourages companies to set aside time at the end of the week for their employees to work on open source projects. It's designed to bolster the ranks of open source contributors at a time when many businesses rely on freely available projects for mission-critical applications. Open Source Friday isn't just about getting businesses to offer their employees' time as a form of charity, it's also a way to improve key business infrastructure, according to Mike McQuaid, a senior software engineer at GitHub...

McQuaid hopes that carving out employees' time on Fridays could help provide additional structure and incentive to participate in the ecosystem... Users don't need to be engineers in order to take part, either. While code contribution is important to the success of a project, creating and maintaining documentation is also key.
OpenSourceFriday.com includes tips for interested contributors, as well as a page suggesting to employers that they could see benefits like developers learning to code faster, better, and more transparently.

An anonymous reader shares a BBC report: The team behind the device was awarded the Royal Academy of Engineering's MacRobert Prize at a ceremony in London last night. The tiny computer launched in 2012. Its designers hoped to introduce children to coding and had modest ambitions. They beat two other finalists, cyber-security company Darktrace and radiotherapy pioneers Vision RT, to win the prize. Previous winners of the innovation award, which has been run since 1969, include the creators of the CT (computerised tomography) scanner; the designers of the Severn Bridge; and the team at Microsoft in Cambridge that developed the Kinect motion sensor.

theodp writes: Noting that Apple CEO Tim Cook's advice for President Trump at last week's White House gathering of the Tech Titans was that "coding should be a requirement in every public school," the New York Times examines How Silicon Valley Pushed Coding Into American Classrooms (Warning: source may be paywalled). "The Apple chief's education mandate was just the latest tech company push for coding courses in schools," writes Natasha Singer. "But even without Mr. Trump's support, Silicon Valley is already advancing that agenda -- thanks largely to the marketing prowess of Code.org, an industry-backed nonprofit group." Singer continues: "In a few short years, Code.org has raised more than $60 million from Microsoft, Facebook, Google and Salesforce, along with individual tech executives and foundations. It has helped to persuade two dozen states to change their education policies and laws, Mr. Hadi Partovi, co-founder of Code.org, said, while creating free introductory coding lessons, called Hour of Code, which more than 100 million students worldwide have tried. Along the way, Code.org has emerged as a new prototype for Silicon Valley education reform: a social-media-savvy entity that pushes for education policy changes, develops curriculums, offers online coding lessons and trains teachers -- touching nearly every facet of the education supply chain. The rise of Code.org coincides with a larger tech-industry push to remake American primary and secondary schools with computers and learning apps, a market estimated to reach $21 billion by 2020." Singer also mentions Apple's work to spread computer science in schools. The company launched a free app last year called Swift Playgrounds to teach basic coding in Swift, as well as a yearlong curriculum for high schools and community colleges to teach app design in Swift.

An anonymous reader shares a report: Information technology services account for 9.5 percent of the India's gross domestic product, according to the India Brand Equity Foundation (IBEF), but now, after decades of boom, the future of the industry seems precarious. Since May, workers' groups have reported unusually numerous layoffs. The Forum for IT Employees (FITE) estimates that 60,000 workers have lost their jobs in the past few months (syndicated source). "Employees are being rated as poor performers so companies can get rid of them," said FITE's Chennai coordinator, Vinod A.J. IT companies and some government officials say the numbers have been exaggerated, but industry experts say the country's digital wunderkinds have much to fear. "For the first time, companies are touching middle management," said Kris Lakshmikanth, chief of a recruitment firm called Head Hunters India. Bias against Indians abroad is also compounding workers' fears of layoffs and downsizing at home. President Trump has stoked anxiety among Indian techies, who make up the majority of applicants for the H-1B visa program for highly skilled foreign workers. Trump has talked about sharply restricting H-1Bs, and this year the number of applications dropped a staggering 16 percent as companies prepared for Trump's immigration cutbacks. Instead, Indian outsourcing companies such as Infosys started recruiting Americans, bowing to Trump's calls for "America First." On Monday, India's Prime Minister Modi will meet Trump to talk about trade, visas and climate issues.

Long-time Slashdot reader tsu doh nimh writes: Brian Krebs has an interesting piece this week on one reason that so many talented hackers (malicious and benign) seem to come from Russia and the former Soviet States: It's the education, stupid. Krebs's report doesn't look at the socioeconomic reasons, but instead compares how the U.S. and Russia educate students from K-12 in subjects which lend themselves to a mastery in coding and computers -- most notably computer science. The story shows that the Russians have for the past 30 years been teaching kids about computer science and then testing them on it starting in elementary school and through high school. The piece also looks at how kids in the U.S. vs. Russia are tested on what they are supposed to have learned.
Fossbytes also reports that Russia claimed the top spot in this year's Computer Programming Olympics -- their fourth win in six years -- adding that "the top 9 positions out of 14 were occupied by Russian or Chinese schools." The only two U.S. schools in the top 20 were the University of Central Florida (#13) and MIT (#20).

Walmart Canada claims that it was microservices that allowed them to replace hardware with virtual servers, reducing costs by somewhere between 20 and 50 percent. Now Slashdot reader snydeq shares an article by a senior systems automation engineer arguing that a microservices approach "offers increased modularity, making applications easier to develop, test, deploy, and, more importantly, change and maintain."

The article touts things like cost savings and flexibility for multiple device types, suggesting microservices offer increased resilience and improved scalabiity (not to mention easier debugging and a faster time to market with an incremental development model). But it also warns that organizations need the resources to deploy the new microservices quicky (and the necessary server) -- along with the ability to test and monitor them for database errors, network latency, caching issues and ongoing availability. "You must embrace devops culture," argues the article, adding that "designing for failure is essential... In a traditional setting, developers are focused on features and functionalities, and the operations team is on the hook for production challenges. In devops, everyone is responsible for service provisioning -- and failure."

The original submission ends with a question for Slashdot reader. "What cautions do you have to offer for folks considering tapping microservices for their next application?"

msm1267 writes: Linux, BSD, Solaris and other open source systems are vulnerable to a local privilege escalation vulnerability known as Stack Clash that allows an attacker to execute code at root. Major Linux and open source distributors made patches available Monday, and systems running Linux, OpenBSD, NetBSD, FreeBSD or Solaris on i386 or amd64 hardware should be updated soon.

The risk presented by this flaw, CVE-2017-1000364, becomes elevated especially if attackers are already present on a vulnerable system. They would now be able to chain this vulnerability with other critical issues, including the recently addressed Sudo vulnerability, and then run arbitrary code with the highest privileges, said researchers at Qualys who discovered the vulnerability.

According to an exclusive report via The Register, "a massive trove of Microsoft's internal Windows operating system builds and chunks of its core source code have leaked online." From the report: The data -- some 32TB of installation images and software blueprints that compress down to 8TB -- were uploaded to betaarchive.com, the latest load of files provided just earlier this week. It is believed the data has been exfiltrated from Microsoft's in-house systems since around March. The leaked code is Microsoft's Shared Source Kit: according to people who have seen its contents, it includes the source to the base Windows 10 hardware drivers plus Redmond's PnP code, its USB and Wi-Fi stacks, its storage drivers, and ARM-specific OneCore kernel code. Anyone who has this information can scour it for security vulnerabilities, which could be exploited to hack Windows systems worldwide. The code runs at the heart of the operating system, at some of its most trusted levels. In addition to this, hundreds of top-secret builds of Windows 10 and Windows Server 2016, none of which have been released to the public, have been leaked along with copies of officially released versions.