jmcbain writes: Are you a software programmer who voted in a recent Slashdot poll that a robot/AI would never take your job? Unfortunately, you're wrong. Microsoft, in collaboration with the University of Cambridge, is developing such an AI. This software "can turn your descriptions into working code in seconds," reports MSPoweruser. "Called DeepCoder, the software can take requirements by the developer, search through a massive database of code snippets and deliver working code in seconds, a significant advance in the state of the art in program synthesis." New Scientist describes program synthesis as "creating new programs by piecing together lines of code taken from existing software -- just like a programmer might. Given a list of inputs and outputs for each code fragment, DeepCoder learned which pieces of code were needed to achieve the desired result overall." The original research paper can be read here.

An anonymous reader writes from a report via BleepingComputer: The PHP team has unanimously voted to integrate the Libsodium library in the PHP core, and by doing so, becoming the first programming language to support a modern cryptography library by default. Developers approved a proposal with a vote of 37 to 0 and decided that Libsodium will be added to the upcoming PHP 7.2 release that will be launched towards the end of 2017. Scott Arciszewski, the cryptography expert who made the proposal, says that by supporting modern crypto in the PHP core, the PHP team will force the WordPress team to implement better security in its CMS, something they avoided until now. Additionally, it will allow PHP and CMS developers to add advanced cryptography features to their apps that run on shared hosting providers, where until now they weren't able to install custom PHP extensions to support modern cryptography. Other reasons on why he made the proposal are detailed here. Arciszewski also says that PHP is actually "the first" programming language to support a "modern" cryptography library in its core, despite Erlang and Go including similar libraries, which he claims are not as powerful and up-to-date as PHP's upcoming Libsodium implementation.

A recruiter with 20 years of experience recently reported on the research into whether remote software teams perform better. One study of 10,000 coding sessions concluded it takes 10-15 minutes for a programmer to resume work after an interruption. Another study actually suggests unsupervised workers are more productive, and the founders of the collaboration tool Basecamp argue the bigger danger is burnout when motivated employees overwork themselves. mikeatTB shares his favorite part of the article: One interesting take on the issues is raised by ThoughtWorks' Martin Fowler: Individuals are more productive in a co-located environment, but remote teams are often more productive than co-located teams. This is because a remote team has the advantage of hiring without geographic boundaries, and that enables employers to assemble world-class groups.
The article shares some interesting anecdotes from remote workers, but I'd be interested to hear from Slashdot's readers. Leave your own experiences in the comments, and tell us what you think. Are remote software teams more productive?

Artem Tashkinov writes: Mozilla has published a plan of add-ons deprecation in future Firefox releases. Firefox 53 will run in multi process mode by default for all users with some exceptions. Most add ons will continue to function, however certain add ons have already ceased to function because they don't expect multi user mode under the hood. Firefox 54-56 will introduce even more changes which will ultimately break even more addons. Firefox 57, which will be preliminarily released on the 28th of Novermber, 2017, will only run WebExtensions: which means no XUL (overlay) add ons, no bootstrapped extensions, no SDK extensions and no Embedded WebExtensions. In other words by this date the chromification of Firefox will have been completed. If you depend on XUL add ons your only choice past this date will be Pale Moon.

An anonymous reader shares a VentureBeat report: At Google's inaugural TensorFlow Dev Summit in Mountain View, California, today, Google announced the release of version 1.0 of its TensorFlow open source framework for deep learning, a trendy type of artificial intelligence. Google says the release is now production-ready by way of its application programing interface (API). But there are also new tools that will be part of the framework, which includes artificial neural networks that can be trained on data and can then make inferences about new data. Now there are more traditional machine learning tools, including K-means and support vector machines (SVMs), TensorFlow's engineering director, Rajat Monga, said at the conference. And there's an integration with the Python-based Keras library, which was originally meant to ease the use of the Theano deep learning framework. And there are now "canned estimators," or models, Monga said, including simple neural networks to start using quickly.

Apple said today it will kick off this year's Worldwide Developers Conference on June 5. Much like every year, the developer conference is the place where we can expect to see what's coming to iOS, macOS, watchOS, and tvOS later this year. This year, the event is being held in a different venue: the McEnery Convention Center in San Jose, the original home of WWDC. John Gruber, writing for DaringFireball: First, announcing early really helps people who have to travel long distances to attend, particularly those from outside the U.S. The San Jose Convention Center is the original home of WWDC -- that's where it was held from 1988 through 2002. (WWDC 2002 was the year Steve Jobs held a funeral for Mac OS 9 during the keynote.) San Jose is way closer to Apple headquarters. San Francisco is about an hour drive from 1 Infinite Loop. The San Jose Convention Center is only five minutes away from Apple's new campus. Schiller emphasized to me that this is a big deal: more Apple employees from more teams will be present, simply because they won't have to devote an entire day to being there. (This could be a particular boon to WWDC's developer labs, where attendees can get precious face time with Apple's engineers.)

An anonymous reader quotes a report from BleepingComputer: Five researchers from the Vrije University in the Netherlands have put together an attack that can be carried out via JavaScript code and break ASLR protection on at least 22 microprocessor architectures from vendors such as Intel, AMD, ARM, Allwinner, Nvidia, and others. The attack, christened ASLRCache, or AnC, focuses on the memory management unit (MMU), a lesser known component of many CPU architectures, which is tasked with improving performance for cache management operations. What researchers discovered was that this component shares some of its cache with untrusted applications, including browsers. This meant that researchers could send malicious JavaScript that specifically targeted this shared memory space and attempted to read its content. In layman's terms, this means an AnC attack can break ASLR and allow the attacker to read portions of the computer's memory, which he could then use to launch more complex exploits and escalate access to the entire OS. Researchers have published two papers [1, 2] detailing the AnC attack, along with two videos[1, 2] showing the attack in action.

According to reports late last year, Google is working on a new operating system called Andromeda. Much about it is still unknown, but according to the documentations Google has provided on its website, it's clear that the Fuchsia is the actual name of the operating system, and the kernel is called Magenta. A tech enthusiast dug around the documentations to share the followings: To my naive eyes, rather than saying Chrome OS is being merged into Android, it looks more like Android and Chrome OS are both being merged into Fuchsia. It's worth noting that these operating systems had previously already begun to merge together to an extent, such as when the Android team worked with the Chrome OS team in order to bring Update Engine to Nougat, which introduced A/B updates to the platform. Google is unsurprisingly bringing up Andromeda on a number of platforms, including the humble Intel NUC. ARM, x86, and MIPS bring-up is exactly what you would expect for an Android successor, and it also seems clear that this platform will run on Intel laptops. My best guess is that Android as an API and runtime will live on as a legacy environment within Andromeda. That's not to say that all development of Android would immediately stop, which seems extremely unlikely. But Google can't push two UI APIs as equal app frameworks over the long term: Mojo is clearly the future. Ah, but what is Mojo? Well it's the new API for writing Andromeda apps, and it comes from Chromium. Mojo was originally created to "extract a common platform out of Chrome's renderer and plugin processes that can support multiple types of sandboxed content."

New submitter Muckluck shares an excerpt from a report via Phys.Org that provides "an interesting look at how algorithms may be shaping your life": When you browse online for a new pair of shoes, pick a movie to stream on Netflix or apply for a car loan, an algorithm likely has its word to say on the outcome. The complex mathematical formulas are playing a growing role in all walks of life: from detecting skin cancers to suggesting new Facebook friends, deciding who gets a job, how police resources are deployed, who gets insurance at what cost, or who is on a "no fly" list. Algorithms are being used -- experimentally -- to write news articles from raw data, while Donald Trump's presidential campaign was helped by behavioral marketers who used an algorithm to locate the highest concentrations of "persuadable voters." But while such automated tools can inject a measure of objectivity into erstwhile subjective decisions, fears are rising over the lack of transparency algorithms can entail, with pressure growing to apply standards of ethics or "accountability." Data scientist Cathy O'Neil cautions about "blindly trusting" formulas to determine a fair outcome. "Algorithms are not inherently fair, because the person who builds the model defines success," she said. Phys.Org cites O'Neil's 2016 book, "Weapons of Math Destruction," which provides some "troubling examples in the United States" of "nefarious" algorithms. "Her findings were echoed in a White House report last year warning that algorithmic systems 'are not infallible -- they rely on the imperfect inputs, logic, probability, and people who design them,'" reports Phys.Org. "The report noted that data systems can ideally help weed out human bias but warned against algorithms 'systematically disadvantaging certain groups.'"

itwbennett writes: Whether or not beginning programmers should learn C is a question that has been roundly debated on Slashdot and elsewhere. The general consensus seems to be that learning it will make you a better programmer -- and it looks good on your resume. But now there might be another reason to learn C: the rapid growth of the internet of things (IoT) could cause a spike in demand for C skills, according to Gartner analyst Mark Driver. "For traditional workloads there is no need to be counting the bytes like there used to be. But when it comes to IoT applications there is that need once again..."

moon_unit2 quotes a report from MIT Technology Review: You can, for instance, train a deep-learning algorithm to recognize a cat with a cat-fancier's level of expertise, but you'll need to feed it tens or even hundreds of thousands of images of felines, capturing a huge amount of variation in size, shape, texture, lighting, and orientation. It would be lot more efficient if, a bit like a person, an algorithm could develop an idea about what makes a cat a cat from fewer examples. A Boston-based startup called Gamalon has developed technology that lets computers do this in some situations, and it is releasing two products Tuesday based on the approach. Gamalon uses a technique that it calls Bayesian program synthesis to build algorithms capable of learning from fewer examples. Bayesian probability, named after the 18th century mathematician Thomas Bayes, provides a mathematical framework for refining predictions about the world based on experience. Gamalon's system uses probabilistic programming -- or code that deals in probabilities rather than specific variables -- to build a predictive model that explains a particular data set. From just a few examples, a probabilistic program can determine, for instance, that it's highly probable that cats have ears, whiskers, and tails. As further examples are provided, the code behind the model is rewritten, and the probabilities tweaked. This provides an efficient way to learn the salient knowledge from the data.

In a bid to get more Indians to have a birth certificate or any sort of ID card, India announced Aadhaar project in 2009. At the time, there were more Indians without these ID cards than those with. As a result of this, much of the government funding for the citizens were disappearing before they could see them. But according to several security experts, lawyers, politicians and journalists, the government is using poor security practices, and this is exposing the biometrics data -- photo, name, address, fingerprint, iris info -- of people at risk. More than 1.1 billion people -- and 99 percent of all adults -- in India have enrolled themselves to the system. From a report: "There are two fundamental flaws in Aadhaar: it is poorly designed, and it is being poorly verified," Member of Parliament and privacy advocate, Rajeev Chandrasekhar told Mashable India. Another issue with Aadhaar is, Chandrasekhar explains, there is no firm legislation to safeguard the privacy and rights of the billion people who have enrolled into the system. There's little a person whose Aadhaar data has been compromised could do. [...] "Aadhaar is remote, covert, and non-consensual," he told Mashable India, adding the existence of a central database of any kind, but especially in the context of the Aadhaar, and at the scale it is working is appalling. Abraham said fingerprint and iris data of a person can be stolen with little effort -- a "gummy bear" which sells for a few cents, can store one's fingerprint, while a high-resolution camera can capture one's iris data. The report goes on to say that the Indian government is also not telling how the data is being shared with private companies. Experts cited in the story have expressed concerns that those companies (some of which are run by people who were previously members of the team which designed the framework of Aadhaar) can store and create a parallel database of their own. On top of that, the government is making Aadhaar mandatory for availing several things including registration for nation-wide examinations, but in the beginning it promised Aadhaar will be used only to help poor get grocery at subsidized prices.

An anonymous reader quotes a report from MarketWatch: There would have been up to 11% more computer science jobs at wages up to 5% higher were it not for the immigration program that brings in foreign high-skilled employees, a new study finds. The paper -- by John Bound and Nicolas Morales of the University of Michigan and Gaurav Khanna of the University of California, San Diego -- was conducted by studying the economy between 1994 and 2001, during the internet boom. It was also a period where the recruitment of so-called H-1B labor was at or close to the cap and largely before the onset of the vibrant IT sector in India. In 2001, the number of U.S. computer scientists was between 6.1%-10.8% lower and wages were between 2.6% and 5.1% lower. Of course, there also were beneficiaries -- namely consumers and employers. Immigration lowered prices by between 1.9% and 2.4%, and profits increased as did the total number of IT firms.

An anonymous reader quotes a report from InfoWorld: Sometimes the relationships between the data you've gathered are more important than the data itself. That's when a graph processing system comes in handy. It's an important but often poorly understood method for exploring how items in a data set are interrelated. Microsoft's been exploring this area since at least 2013, when it published a paper describing the Trinity project, a cloud-based, in-memory graph engine. The fruits of the effort, known as the Microsoft Graph Engine, are now available as an MIT-licensed open source project as an alternative to the likes of Neo4j or the Linux Foundation's recently announced JanusGraph. Microsoft calls Graph Engine (GE) as "both a RAM store and a computation engine." Data can be inserted into GE and retrieved at high speed since it's kept in-memory and only written back to disk as needed. It can work as a simple key-value store like Memcached, but Redis may be the better comparison, since GE stores data in strongly typed schemas (string, integer, and so on). How does all this shape up against the leading open source graph database, Neo4j? For one, Neo4j has been in the market longer and has an existing user base. It's also available in both an open source community edition and a commercial product, whereas GE is only an open source project right now.

An anonymous reader writes: After five years of litigation at various levels of the U.S. legal system, today, following the conclusion of a jury trial, Google was ordered to pay $20 million to two developers after a jury ruled that Google had infringed on three patents when it designed Chrome's sandboxing feature. Litigation had been going on since 2012, with Google winning the original verdict, but then losing the appeal. After the Supreme Court refused to listen to Google's petition, they sent the case back for a retrial in the U.S. District Court in Eastern Texas, the home of all patent trolls. As expected, Google lost the case and must now pay $20 million in damages, in the form of rolling royalties, which means the company stands to pay more money as Chrome becomes more popular in the future.

John Biggs, writing for TechCrunch: In what amounts to one of the purest and most interesting experiments in assessing the value of Mac OS's App Store, the founder of Rogue Amoeba posted a description of what happened when he pulled his app Piezo. The result? More revenue as a whole without much damage to sales. The impetus for the move came after Apple pulled the Dash app off of the App Store. In the 100-day period since the move, Dash maintained and even increased revenue and found that its users didn't care which platform they were using -- 84% of the customers simply moved over to the independent app license from the App Store license. The bottom line? "It feels great to have full control over my business and to avoid App Store installation/updating/purchasing issues," wrote Dash creator Bogdan Popescu. When Paul Kafasis tried to move away from the App Store he was worried he'd lose half of his sales. After all, many months saw about 50% of sales coming from the App Store directly. When he pulled the app a year ago, however, all of those App Store sales turned into direct sales through his website, a fact that surprised and amused Kafasis.

An anonymous reader writes: Google "developer advocate" Felipe Hoffa has determined the top "weekend programming languages," those which see the biggest spike in commit activity on the weekends. "Clearly 2016 was a year dedicated to play with functional languages, up and coming paradigms, and scripting 3d worlds," he writes, revealing that the top weekend programming languages are:

Rust, Glsl, D, Haskell, Common Lisp, Kicad, Emacs Lisp, Lua, Scheme, Julia, Elm, Eagle, Racket, Dart, Nsis, Clojure, Kotlin, Elixir, F#, Ocaml

Earlier this week another data scientist calculated ended up with an entirely different list by counting the frequency of each language's tag in StackOverflow questions. But Hoffa's analysis was performed using Google's BigQuery web service, and he's also compiled a list of 2016's least popular weekend languages -- the ones people seem to prefer using at the office rather than in their own free time.

Nginx, Matlab, Processing, Vue, Fortran, Visual Basic, Objective-C++, Plsql, Plpgsql, Web Ontology Language, Smarty, Groovy, Batchfile, Objective-C, Powershell, Xslt, Cucumber, Hcl, Puppet, Gcc Machine Description

What's most interesting is the changes over time. In the last year Perl has become more popular than Java, PHP, and ASP as a weekend programming language. And Rust "used to be a weekday language," Hoffa writes, but it soon also grew more popular for Saturdays and Sunday. Meanwhile, "The more popular Go grows, the more it settles as a weekday language," while Puppet "is the champion of weekday coders." Ruby on the other hand, is "slowly leaving the week and embracing the weekend."
Hoffa is also a long-time Slashdot reader who analyzed one billion files on GitHub last summer to determine whether they'd been indented with spaces or tabs. But does this new list resonate with anybody? What languages are you using for your weekend coding projects?

An anonymous reader quotes the Wall Street Journal: The seven-year legal battle between tech giants Google and Oracle just got new life. Oracle on Friday filed an appeal with the U.S. Court of Appeals for the Federal Circuit that seeks to overturn a federal jury's decision last year... The case has now gone through two federal trials and bounced around at appeals courts, including a brief stop at the U.S. Supreme Court. Oracle has sought as much as $9 billion in the case.

In the trial last year in San Francisco, the jury ruled Google's use of 11,000 lines of Java code was allowed under "fair use" provisions in federal copyright law. In Oracle's 155-page appeal on Friday, it called Google's "copying...classic unfair use" and said "Google reaped billions of dollars while leaving Oracle's Java business in tatters."
Oracle's brief also argues that "When a plagiarist takes the most recognizable portions of a novel and adapts them into a film, the plagiarist commits the 'classic' unfair use."

Valve's crowdsourced Greenlight submission program, which let the gaming community select which games get chosen for distribution via Steam, is shutting down after nearly five years. It will be replaced with a new system called Steam Direct that will charge developers a fee for each title they plan to distribute. The Verge reports: Steam Greenlight was launched in 2012 as a way for indie developers to get their games on Steam, even if they weren't working with a big publisher that had a relationship with Valve. Steam users would vote on Greenlight games, and Valve would accept titles with enough support to suggest that they'd sell well. Kroll says that "over 100" Greenlight titles have made $1 million or more. But Greenlight has also had significant problems. Developers could game the system by offering rewards for votes, and worthy projects could get lost amidst a slew of bad proposals. Since Valve ultimately made the call on including games, the process could also seem arbitrary and opaque. The big question is whether what's replacing it is better. To get a game on Steam Direct, developers will need to "complete a set of digital paperwork, personal or company verification, and tax documents similar to the process of applying for a bank account." Then, they'll pay an application fee for each game, "which is intended to decrease the noise in the submission pipeline" -- a polite way of saying that it will make people think twice before spending money submitting a low-quality game. Steam Direct is supposed to launch in spring of 2017, but the application fee hasn't been decided yet. Developer feedback has apparently suggested anything from $100 -- the current Greenlight submission fee -- and $5,000.

An anonymous reader writes: One of the easiest ways to evaluate a developer is keeping a tab on the amount of value they provide to a business. But the problem with this approach is that the nature of software development does not make it easy to measure the value a single developer brings. Some managers are aware of this, and they look at the number of lines of code a developer has written. The fewer, the better, many believe. I recently came across this in a blog post, "If you paid your developers per line of code, you would reward the inefficient developers. An analogy to this is writing essays, novels, blog posts, etc. Would you judge a writer solely on the number of words written? Probably not. There are a minimum number of words needed to get a complex point across, but those points get lost when a writer clutters their work with useless sentences. So the lines of code metric doesn't work. The notion of a quantifiable metric for evaluating developers is still attractive though. Some may argue that creating many code branches is the mark of a great developer. Yet I once worked with a developer who would create code branches to hide the fact that he wasn't very productive." Good point. But then, what other options do we have?