An anonymous reader writes "The Security Ninja has written a blog post which discusses web programming languages and the fact that they are all insecure. It's based on a report from WhiteHat Security and aims to dispel the myth that some languages will guarantee that an application will be more or less secure than other languages. '... secure code is the product of a secure development process and real business commitment to deliver secure applications which includes developer education. The absence of these processes and business commitments will lead to web applications being developed insecurely regardless of the language being used.'"

The Flash platform has been taking body blows lately. First Apple, then Scribd, publicly abandon it; now ARM's marketing VP is blaming a delay in ARM smartbooks on the continuing unsuitability of Flash for the subnotebook market. But how ready is HTML5 to take over from Flash? Tim Bray offers a cautionary appraisal of the not-yet-a-standard's state of grace. While Flash may be on the way out (or so legions of its detractors hope), it is still important in many corners of the Web. Here a branding expert demonstrates that the sites of 10 out of 10 leading worldwide brands don't display on the iPad — because they're coded in Flash, of course.

cnymike writes "CMS Made Simple 1.6: Beginner's Guide by Sofia Hauschildt, recently published by Packt Publishing, is intended for new users of the open source content management application, CMS Made Simple (CMSMS). True to its title, the book delivers in all respects and provides a solid foundation from which to grow as you explore the rich possibilities of building sites with CMS Made Simple. The author, Sofia Hauschildt, is a consultant, programmer, and tutor and has a gift for communicating in a straightforward, readable manner. The technical level of writing never exceeds that which could be easily understood by a neophyte. The book does assume that the reader has some knowledge of HTML and CSS." Read on for the rest of cnymike's review.

boer lee writes with the news that you can expect trouble in downloading firmware updates for your Sun server if you purchased it before March 16, 2010. "In a somewhat surprising move (and without any notification to customers), Oracle shut down public access to firmware downloads. I learned this the hard way when I contacted Oracle customer service almost two weeks ago. Yes, it took 13 days for me to get access to the firmware download for systems under the standard warranty (i.e. less than a year old)."

figleaf writes "Three years ago, with much fanfare, Microsoft announced it would make some of the .Net libraries open source using the Microsoft Reference License. Since then Microsoft has reneged on its promise. The reference code site is dead, the blog hasn't been updated in a year and a half, and no one from Microsoft responds to questions on the forum."

An anonymous reader writes "Speech recognition accuracy flatlined years ago. It works great for small vocabularies on your cell phone, but basically, computers still can't understand language. Prospects for AI are dimmed, and we seem to need AI for computers to make progress in this area. Time to rewrite the story of the future. From the article: 'The language universe is large, Google's trillion words a mere scrawl on its surface. One estimate puts the number of possible sentences at 10^570. Through constant talking and writing, more of the possibilities of language enter into our possession. But plenty of unanticipated combinations remain, which force speech recognizers into risky guesses. Even where data are lush, picking what's most likely can be a mistake because meaning often pools in a key word or two. Recognition systems, by going with the "best" bet, are prone to interpret the meaning-rich terms as more common but similar-sounding words, draining sense from the sentence.'"

suraj.sun writes with this excerpt from the NY Post: "According to a person familiar with the matter, the Department of Justice and Federal Trade Commission are locked in negotiations over which of the watchdogs will begin an antitrust inquiry into Apple's new policy of requiring software developers who devise applications for devices such as the iPhone and iPad to use only Apple's programming tools. Regulators, this person said, are days away from making a decision about which agency will launch the inquiry. It will focus on whether the policy, which took effect last month, kills competition by forcing programmers to choose between developing apps that can run only on Apple gizmos or come up with apps that are platform-neutral, and can be used on a variety of operating systems, such as those from rivals Google, Microsoft, and Research In Motion. An inquiry doesn't necessarily mean action will be taken against Apple, which argues the rule is in place to ensure the quality of the apps it sells to customers. Typically, regulators initiate inquiries to determine whether a full-fledged investigation ought to be launched. If the inquiry escalates to an investigation, the agency handling the matter would issue Apple a subpoena seeking information about the policy."

Download Squad has a quick review, with video, of Zen Coding (Google Code project page here), an extremely well-thought-out accelerator for anyone who codes HTML. Its syntax is CSS-like. Zen Coding has been around for a while — here's its author Sergey Chikuyonok's introduction in Smashing Magazine from last November — and it has now picked up support for more than a dozen editing environments, including Notepad++ and TextMate.

-brazil- writes "Every programmer forum gets a steady stream of novice questions about numbers not 'adding up.' Apart from repetitive explanations, SOP is to link to a paper by David Goldberg which, while very thorough, is not very accessible for novices. To alleviate this, I wrote The Floating-Point Guide, as a floating-point equivalent to Joel Spolsky's excellent introduction to Unicode. In doing so, I learned quite a few things about the intricacies of the IEEE 754 standard, and just how difficult it is to compare floating-point numbers using an epsilon. If you find any errors or omissions, you can suggest corrections."

Dr_Evil6_6_6 writes "Slashdot had a story about the 1st International Longest Tweet Contest last month, and the winners have just been announced." The winner is impressive.

An anonymous reader writes "Nokia has released its unified Qt-based SDK for cross-platform development for Symbian and MeeGo (plus Maemo) devices. The blurb reads: 'Today sees the release of the Nokia Qt SDK, a single easy-to-use software development kit (SDK) for Symbian and Meego application development. Developers can now develop, test, and deploy native applications for Nokia smartphones and mobile computers. The beta version of the SDK is available for download from today, ready for developers to kick off development for new devices, including the just-announced Nokia N8.'"

Michael J. Ross writes "Like all major programming languages, JavaScript can be extended in functionality through the use of libraries, such as jQuery, which is currently seeing tremendous popularity and enhancement in the Web development community. Designers and developers who want to learn how to use jQuery for creating rich user interfaces through client-side JavaScript are advised to begin their journey to jQuery proficiency by reading one of the many books dedicated to this powerful JavaScript resource — such as jQuery Cookbook: Solutions & Examples for jQuery Developers." Read below for the rest of Michael's review.

An anonymous reader writes "The x264 project has announced the first free software encoder to be able to generate Blu-ray compliant video. In addition, the announcement comes with a torrent of an x264-encoded Blu-ray disc containing entirely free content, such as the Open Movie Project videos. While there are still no free software Blu-ray authoring tools, hopefully this will change now that video and audio are taken care of so that everyone will be able to make their own Blu-rays without expensive proprietary software. Additionally, it seems the Criterion Collection is a friend of free software, having sponsored the effort to confirm x264's compliance with the Blu-ray spec."

emeraldd writes with this snippet from SQL Magazine summarizing what he calls a "rather scary" new data protection law from Massachusetts: "Here are the basics of the new law. If you have personally identifiable information (PII) about a Massachusetts resident, such as a first and last name, then you have to encrypt that data on the wire and as it's persisted. Sending PII over HTTP instead of HTTPS? That's a big no-no. Storing the name of a customer in SQL Server without the data being encrypted? No way, Jose. You'll get a fine of $5,000 per breach or lost record. If you have a database that contains 1,000 names of Massachusetts residents and lose it without the data being encrypted, that's $5,000,000. Yikes.'"

bgweber writes "Last year, the IEEE conference on Computational Intelligence and Games hosted a competition to determine who could write the best AI for playing Mario levels (YouTube video). This year, the conference has expanded the competition to include a track on level generation as well, where the goal is to generate new levels online procedurally. Submitting an entry is as easy as implementing a Java interface that performs procedural content generation. The implications of this competition are techniques for greatly increasing the replayability of games, since each gameplay session could present new levels to the player."

JonathansCorner.com writes "Even if Ajax was backronymed to 'Asynchronous JavaScript and XML,' it works with JSON substituted for XML. Here's a proof of concept that JavaScript/VBScript are not strictly necessary either. The technique, besides being used standalone, may be useful to provide a better 'graceful degradation' for Ajax applications used by clients with scripting turned off."

snydeq writes "Fatal Exception's Neil McAllister sees Twitter's latest move — to develop 'analytical products' based on Twitter data and to encourage third-party developers to do the same — as part of a growing trend toward a new kind of software platform. 'In the past, tool vendors have offered developers languages and code libraries that gave them access to computing functions in simple, standardized ways. In this new paradigm, however, a platform consists of more than just frameworks and APIs. It also comes prepackaged with a complete, rich data set, and often that data is the platform's most valuable aspect. These new "data platforms" are creating exciting new opportunities for developers, though they are not without their challenges.' Chief among these issues are privacy and security, as evidenced by a recent letter to Google from government regulators and activist tools such as PleaseRobMe. But for developers, the challenges also include livelihood. 'Even more than mobile platforms such as Apple's iPhone, a data platform like Twitter's is a walled garden. If Twitter cuts off a developer's access to its data sources for any reason, that developer's business is sunk.' Even those who develop 'cloud middleware' around such data platforms stand to gain little from their efforts, as doing so pits them in competition with their data platform vendors, which are in a far better position to reach potential customers."

TekNullOG writes "I was given the job to prepare the logistics involved with moving our office. At the same time my bosses asked me to look into buying new desks for a small team of four developers and to consider if it could benefit the team to sit at a round table. In many offices and departments it increases productivity and makes collaboration easy. However, I am concerned that putting developers around a table could potentially be distracting consequently diminishing productivity by increasing coding errors. What are your thoughts?"

Jamie found a nifty blog entry where indie game designer Jeff Vogel writes about game engine and art re-use. He is criticized for not rewriting his core engine for a decade. It's an amusing little rant with thoughts that actually might apply to anyone working in engineering.

adeelarshad82 writes "Adobe's principal product manager Mike Chambers announced that Adobe is no longer investing in iPhone-based Flash development. The move comes after Apple put out a new draft of its iPhone developer program license, which banned private APIs and required apps to be written in Objective-C, C, C++, or JavaScript as executed by the iPhone OS WebKit engine. According to Chambers, Adobe will still provide the ability to target the iPhone and iPad in Flash CS5, but the company is not currently planning any additional investments in that feature." Daring Fireball points out approvingly Apple's rebuttal to the claim that Flash is an open format, however convenient it might be for iPad owners. Related: The new app policy seems to be inconsistently enforced. Reader wilsonthecat writes "Novell have released a new press release in response to Apple's announcement that none-C/C++/Objective-C based iPhone application development breaks their SDK terms. The press release names several apps that have made it past app review process since the new Apple SDK agreement."