An anonymous reader quotes a report from TechCrunch: Google today announced the launch of AlloyDB, a new fully-managed PostgreSQL-compatible database service that the company claims to be twice as fast for transactional workloads as AWS's comparable Aurora PostgreSQL (and four times faster than standard PostgreSQL for the same workloads and up to 100 times faster for analytical queries). [...] AlloyDB is the standard PostgreSQL database at its core, though the team did modify the kernel to allow it to use Google's infrastructure to its fullest, all while allowing the team to stay up to date with new versions as they launch.

Andi Gutmans, who joined Google as its GM and VP of Engineering for its database products in 2020 after a long stint at AWS, told me that one of the reasons the company is launching this new product is that while Google has done well in helping enterprise customers move their MySQL and PostgreSQL servers to the cloud with the help of services like CloudSQL, the company didn't necessarily have the right offerings for those customers who wanted to move their legacy databases (Gutmans didn't explicitly say so, but I think you can safely insert 'Oracle' here) to an open-source service.

"There are different reasons for that," he told me. "First, they are actually using more than one cloud provider, so they want to have the flexibility to run everywhere. There are a lot of unfriendly licensing gimmicks, traditionally. Customers really, really hate that and, I would say, whereas probably two to three years ago, customers were just complaining about it, what I notice now is customers are really willing to invest resources to just get off these legacy databases. They are sick of being strapped and locked in." Add to that Postgres' rise to becoming somewhat of a de facto standard for relational open-source databases (and MySQL's decline) and it becomes clear why Google decided that it wanted to be able to offer a dedicated high-performance PostgreSQL service. The report also says Google spent a lot of effort on making Postgres perform better for customers that want to use their relational database for analytics use cases.

"The changes the team made to the Postgres kernel, for example, now allow it to scale the system linearly to over 64 virtual cores while on the analytical side, the team built a custom machine learning-based caching service to learn a customer's access patterns and then convert Postgres' row format into an in-memory columnar format that can be analyzed significantly faster."

Although it's supposed to be restricted by surveillance rules at local, state and federal levels, Immigration and Customs Enforcement (ICE) has built up a mass surveillance system that includes details on almost all US residents, according to a report from a major think tank. Engadget reports: Researchers from Georgetown Law's Center on Privacy and Technology said ICE "now operates as a domestic surveillance agency" and that it was able to bypass regulations in part by purchasing databases from private companies. "Since its founding in 2003, ICE has not only been building its own capacity to use surveillance to carry out deportations but has also played a key role in the federal government's larger push to amass as much information as possible about all of our lives," the report's authors state. "By reaching into the digital records of state and local governments and buying databases with billions of data points from private companies, ICE has created a surveillance infrastructure that enables it to pull detailed dossiers on nearly anyone, seemingly at any time."

The researchers spent two years looking into ICE to put together the extensive report, which is called "American Dragnet: Data-Driven Deportation in the 21st Century." They obtained information by filing hundreds of freedom of information requests and scouring more than 100,000 contracts and procurement records. The agency is said to be using data from the Department of Motor Vehicles and utility companies, along with the likes of call records, child welfare records, phone location data, healthcare records and social media posts. ICE is now said to hold driver's license data for 74 percent of adults and can track the movement of cars in cities that are home to 70 percent of the adult population in the US.

The study shows that ICE, which falls under the Department of Homeland Security, has already used facial recognition technology to search through driver's license photos of a third of adults in the US. In 2020, the agency signed a deal with Clearview AI to use that company's controversial technology. In addition, the report states that when 74 percent of adults hook up gas, electricity, phone or internet utilities in a new residence, ICE was able to automatically find out their updated address. The authors wrote that ICE is able to carry out these actions in secret and without warrants. Along with the data it acquired from other government departments, utilities, private companies and third-party data brokers, "the power of algorithmic tools for sorting, matching, searching and analysis has dramatically expanded the scope and regularity of ICE surveillance," the report states. The agency spent around $2.8 billion on "new surveillance, data collection and data-sharing initiatives," according to the report. Approximately $569 million was spent on data analsys, including $186.6 million in contracts with Plantir Technologies.

"ICE also spent more than $1.3 billion on geolocation tech during that timeframe and $389 million on telecom interception, which includes tech that helps the agency track someone's phone calls, emails, social media activity and real-time internet use," adds Engadget.

InfoWorld reports that "While still the industry's leading Java distribution, Oracle Java's popularity is half what it was just two years ago, according to a report from application monitoring company New Relic." (With the usual caveat that data from New Relic's report "was drawn entirely from applications reporting to New Relic in January 2022 and does not provide a global picture of Java usage,") The finding was included the company's 2022 State of the Java Ecosystem report, released April 26, which is based on data culled from millions of applications providing performance data to New Relic. Among Java Development Kit (JDK) distributions, Oracle had roughly 75% of the market in 2020, but just 34.48% in 2022, New Relic reported. Not far behind was Amazon, at 22.04%, up from 2.18% in 2020.

New Relic said its numbers show movement away from Oracle binaries after the company's "more restrictive licensing" of its JDK 11 distribution before returning to a more open stance with JDK 17, released in September 2021. Behind Oracle and Amazon were Eclipse Adoptium (11.48%), Azul Systems (8.17%), Red Hat (6.05%), IcedTea (5.38%), Ubuntu (2.91%), and BellSoft (2.5%).

A UCLA assistant professor of Information Studies just published a short history of software engineering in Logic magazine — titled "Agile and the Long Crisis of Software."

It begins by describing Agile's history as "a long-running wrestling match between what managers want software development to be and what it really is, as practiced by the workers who write the code." When software engineering failed to discipline the unwieldiness of development, businesses turned to Agile, which married the autonomy that developers demanded with a single-minded focus on an organization's goals. That autonomy is limited, however, as developers are increasingly pointing out. When applied in a corporate context, the methods and values that Agile esteems are invariably oriented to the imperatives of the corporation. No matter how flexible the workplace or how casual the meetings, the bottom line has to be the organization's profits.
But this has major implications, the essay's conclusion argues: Could Agile even have played a role in some of the more infamous failures of the tech industry...? If a company sets a goal of boosting user engagement, Agile is designed to get developers working single-mindedly toward that goal — not arguing with managers about whether, for example, it's a good idea to show people content that inflames their prejudices. Such ethical arguments are incompatible with Agile's avowed dedication to keeping developers working feverishly on the project, whatever it might be.

This issue becomes especially pressing when one considers that contemporary software is likely to involve things like machine learning, large datasets, or artificial intelligence — technologies that have shown themselves to be potentially destructive, particularly for minoritized people. The digital theorist Ian Bogost argues that this move-fast-and-break-things approach is precisely why software developers should stop calling themselves "engineers": engineering, he points out, is a set of disciplines with codes of ethics and recognized commitments to civil society. Agile promises no such loyalty, except to the product under construction.

Agile is good at compartmentalizing features, neatly packaging them into sprints and deliverables. Really, that's a tendency of software engineering at large — modularity, or "information hiding," is a critical way for humans to manage systems that are too complex for any one person to grasp. But by turning features into "user stories" on a whiteboard, Agile has the potential to create what [software engineer] Yvonne Lam calls a "chain of deniability": an assembly line in which no one, at any point, takes full responsibility for what the team has created.
Other observations from the article:

• "Daily standups, billed as lightweight, low key check-ins, have become, for some workers, exercises in surveillance. "

• "The warts-and-all breakdown of Agile 'retrospectives' seems healthy, but I've watched them descend into a structureless series of accusations; everything depends on who's leading the team."

• One freelance developer in the article even argues that "As developers, IT professionals, we like to think of ourselves as knowledge workers, whose work can't be rationalized or commodified. But I think Agile tries to accomplish the exact opposite approach."

• "Some people I talked to pointed out that Agile has the potential to foster solidarity among workers. If teams truly self-organize, share concerns, and speak openly, perhaps Agile could actually lend itself to worker organization.
  
  "Maybe management, through Agile, is producing its own gravediggers. Maybe the next crisis of software development will come from the workers themselves."

"Developers of the Deno JavaScript and TypeScript runtime are exploring the possibility of JavaScript containers — and the JavaScript sandbox itself — as a higher-level alternative to Linux containers," reports InfoWorld, citing a blog post by Node.js and Deno creator Ryan Dahl: Dahl also noted that Docker popularized the use of Linux containers, with operating system-level virtualization for distributing server software. Each container image is a dependency-free, ready-to-run software package. But browser JavaScript offers a similar hermetic environment at a higher level of abstraction, he said.

Dahl said he expects JavaScript container technology to unfold over the next couple of years.
In the blog post Dahl says scripting languages are "all pretty much the same" — but that JavaScript is "by far more widely used and future proof." [A JavaScript sandbox container] isn't meant to address the same breadth of problems that Linux containers target. Its emergence is a result of its simplicity. It minimizes the boilerplate for web service business logic. It shares concepts with the browser and reduces the concepts that the programmer needs to know. (Example: when writing a web service, very likely any systemd configuration is just unnecessary boilerplate.)

Every web engineer already knows JavaScript browser APIs. Because the JavaScript container abstraction is built on the same browser APIs, the total amount of experience the engineer needs is reduced. The universality of Javascript reduces complexity.... In this emerging server abstraction layer, JavaScript takes the place of Shell. It is quite a bit better suited to scripting than Bash or Zsh. Instead of invoking Linux executables, like shell does, the JavaScript sandbox can invoke Wasm.... Maybe the majority of "web services" can be simplified by thinking in terms of JavaScript containers, rather than Linux containers.

At Deno we are exploring these ideas; we're trying to radically simplify the server abstraction. We're hiring if this sounds interesting to you.

GitHub, the code hosting platform used by tens of millions of software developers around the world, announced today that all users who upload code to the site will need to enable one or more forms of two-factor authentication (2FA) by the end of 2023 in order to continue using the platform. The Verge reports: The new policy was announced Wednesday in a blog post by GitHub's chief security officer (CSO) Mike Hanley, which highlighted the Microsoft-owned platform's role in protecting the integrity of the software development process in the face of threats created by bad actors taking over developers' accounts. "The software supply chain starts with the developer," Hanley wrote. "Developer accounts are frequent targets for social engineering and account takeover, and protecting developers from these types of attacks is the first and most critical step toward securing the supply chain."

Even though multi-factor authentication provides significant additional protection to online accounts, GitHub's internal research shows that only around 16.5 percent of active users (roughly one in six) currently enable the enhanced security measures on their accounts -- a surprisingly low figure given that the platform's user base should be aware of the risks of password-only protection. By steering these users towards a higher minimum standard of account protection, GitHub hopes to boost the overall security of the software development community as a whole, Hanley told The Verge. "GitHub is in a unique position here, just by virtue of the vast majority of open source and creator communities living on GitHub.com, that we can have a significant positive impact on the security of the overall ecosystem by raising the bar from a security hygiene perspective," Hanley said. "We feel like it's really one of the best ecosystem-wide benefits that we can provide, and we're committed to making sure that we work through any of the challenges or obstacles to making sure that there's successful adoption."

An anonymous reader shares a report: If you'd told us that Bandcamp's acquisition by Epic Games would lead fairly swiftly to an argument with a tech giant, our money would have been on that giant being Apple. Nope. Epic Games is seeking a court injunction against Google, over changing rules on its Google Play Store for Android. Bandcamp CEO Ethan Diamond blogged about the dispute overnight, noting that since 2015, Bandcamp has used its own billing system to process payments made for music and merch within its Android app. "However, Google is now modifying its rules to require Bandcamp (and other apps like it) to exclusively use Google Play Billing for payments for digital goods and services, and pay a revenue share to Google," wrote Diamond. "If Google's policy changes stand, beginning on June 1st, we would have to either pass Google's fees on to consumers (making Android a less attractive platform for music fans), pass fees on to artists (which we would never do), permanently run our Android business at a loss, or turn off digital sales in the Android app." Diamond also said that the new policy could see a delay in payments for artists and labels, from the current 24-48 hours to "15 to 45 days after a sale," while Epic's filing notes that Google's system can't be used for purchases of physical items (merch and physical music), which would force it to use two separate payment systems anyway.

An anonymous reader quotes a report from Ars Technica: Following in the footsteps of iOS 14, Google is rolling out an app privacy section to the Play Store on Tuesday. When you look up an app on the Play Store, alongside sections like "About this app" and "ratings and reviews," there will be a new section called "Data privacy & security," where developers can explain what data they collect. Note that while the section will be appearing for users starting today, it might not be filled out by developers. Google's deadline for developers to provide privacy information is July 20. Even then, all of this privacy information is provided by the developer and is essentially working on the honor system.

Here's how Google describes the process to developers: "You alone are responsible for making complete and accurate declarations in your app's store listing on Google Play. Google Play reviews apps across all policy requirements; however, we cannot make determinations on behalf of the developers of how they handle user data. Only you possess all the information required to complete the Data safety form. When Google becomes aware of a discrepancy between your app behavior and your declaration, we may take appropriate action, including enforcement action."

Once the section is up and running, developers will be expected to list what data they're collecting, why they're collecting it, and who they're sharing it with. The support page features a big list of data types for elements like "location," "personal info," "financial info," "web history," "contacts," and various file types. Developers are expected to list their data security practices, including explaining if data is encrypted in transit and if users can ask for data to be deleted. There's also a spot for "Google Play's Families Policy" compliance, which is mostly just a bunch of US COPPA and EU GDPR requirements. Google says developers can also indicate if their app has "been independently validated against a global security standard."

"Russian software developers are reporting that their GitHub accounts are being suspended without warning if they work for or previously worked for companies under U.S. sanctions, writes Bleeping Computer: According to Russian media outlets, the ban wave began on April 13 and didn't discriminate between companies and individuals. For example, the GitHub accounts of Sberbank Technology, Sberbank AI Lab, and the Alfa Bank Laboratory had their code repositories initially disabled and are now removed from the platform.... Personal accounts suspended on GitHub have their content wiped while all repositories become immediately out of reach, and the same applies to issues and pull requests.

Habr.com [a Russian collaborative blog about IT] reports that some Russian developers contacted GitHub about the suspension and received an email titled 'GitHub and Trade Controls' that explained their account was disabled due to US sanctions. This email contains a link to a GitHub page explaining the company's policies regarding sanctions and trade controls, which explains how a user can appeal their suspension. This appeal form requires the individual to certify that they do not use their GitHub account on behalf of a sanctioned entity. A developer posted to Twitter saying that he could remove the suspension after filling out the form and that it was due to his previous employer being sanctioned.
A GitHub blog post in March had promised to ensure the availability of open source services "to all, including developers in Russia." So Bleeping Computer contacted a GitHub spokesperson, who explained this weekend that while GitHub may be required to restrict some users to comply with U.S. laws, "We examine government sanctions thoroughly to be certain that users and customers are not impacted beyond what is required by law." According to this, the suspended private accounts are either affiliated, collaborating, or working with/for sanctioned entities. However, even those who previously worked for a sanctioned company appear to be suspended by mistake.

This means that Russian users, in general, can suddenly find their projects wiped and accounts suspended, even if those projects have nothing to do with the sanctioned entities.

Last week 69-year-old Richard Stallman gave a 92-minute presentation on the state of the free software movement. Stallman covered numerous topics, but also added as an aside at one point: Ubuntu of course is a non-free distro, and I wouldn't recommend that anyone use it. Some important packages are now distributed only through their non-freedom-respecting package system, and not as Debian packages. So it's even harder than before to get any freedom out of an Ubuntu installation.
But Stallman also sees a larger issue: Another area where we have problems is there are several languages which come with a package library -- basically people post packages in them. And that might be fine if they had a good criterion for the licensing of the libraries people upload into those sites -- but they're not developed by free software activists, and they don't have such a criterion. There are non-free packages in those libraries too.

Now, some of them make it possible to find out whether a library is free. Some of them, it's difficult. Sometimes -- yeah, you could probably look at the source code and see what licenses are in it, and then you could look up those licenses in GNU.org/licenses/license-list.html and see if all those licenses are free... The problem is, they don't help you. At the very least they should make it easy to say, "Show me only the free packages." And then, "Show me only the GPL-compatible packages, because I'm writing a GPL-covered program, and I can't use the libraries that are not GPL compatible. And I certainly won't ever think of using a non-free library."

They're not interested in helping people move forward in freedom. And so we need people to write front-ends for those package archives, which will show only the freely-licensed packages, and which can be asked to show which ones are GPL-compatible, or show only those. This way they will be usable easily by the free software community. If you like one of the languages that has this problem, please show your appreciation for that language by reconciling its use with maintaining freedom.
And this leads Stallman to a related setback for the free software movement: the containers themselves that are packaging some programs with the libraries they need: The old way of doing this was you would make sure that your program said which versions of libraries it was compiled to work with, and in the source code you'd use something like Autoconf so that it could work with the various library versions. And this way you could build the program for a wide variety of free operating systems and versions of them.

Well, that's some work, so some developers, they release a free program -- not all of them release free programs, but some of them do release free programs -- using containers. And the container has one set of libraries in it. And how do you really know what's in there? It's not straightforward to verify that all the libraries in the container are free, and a lot of people won't realize that they should even think about it. So the use of containers, as they are implemented nowadays by people who are not free software activists and are not particularly concerned with this question, is an obstacle to verifying that you're installing free software.

Well, maybe some of these container systems could be improved, or maybe another one could be designed to solve these problems. If a container packaging system were designed by people who care about freedom, they might find good ways to satisfy this goal, as well as others. So it's something you could possibly work on.

Richard Stallman celebrated his 69th birthday last month. And Wednesday, he gave a 92-minute presentation called "The State of the Free Software Movement."

Stallman began by thanking everyone who's contributed to free software, and encouraged others who want to help to visit gnu.org/help. "The Free Software movement is universal, and morally should not exclude anyone. Because even though there are crimes that should be punished, cutting off someone from contributing to free software punishes the world. Not that person."

And then he began by noting some things that have gotten better in the free software movement, including big improvements in projects like GNU Emacs when displaying external packages. (And in addition, "GNU Health now has a hospital management facility, which should make it applicable to a lot more medical organizations so they can switch to free software. And [Skype alternative] GNU Jami got a big upgrade.")

What's getting worse? Well, the libre-booted machines that we have are getting older and scarcer. Finding a way to support something new is difficult, because Intel and AMD are both designing their hardware to subjugate people. If they were basically haters of the public, it would be hard for them to do it much worse than they're doing.

And Macintoshes are moving towards being jails, like the iMonsters. It's getting harder for users to install even their own programs to run them. And this of course should be illegal. It should be illegal to sell a computer that doesn't let users install software of their own from source code. And probably shouldn't allow the computer to stop you from installing binaries that you get from others either, even though it's true in cases like that, you're doing it at your own risk. But tying people down, strapping them into their chairs so that they can't do anything that hurts themselves -- makes things worse, not better. There are other systems where you can find ways to trust people, that don't depend on being under the power of a giant company.

We've seen problems sometimes where supported old hardware gets de-supported because somebody doesn't think it's important any more — it's so old, how could that matter? But there are reasons...why old hardware sometimes remains very important, and people who aren't thinking about this issue might not realize that...

Stallman also had some advice for students required by their schools to use non-free software like Zoom for their remote learning. "If you have to use a non-free program, there's one last thing... which is to say in each class session, 'I am bitterly ashamed of the fact that I'm using Zoom for this class.' Just that. It's a few seconds. But say it each time.... And over time, the fact that this is really important to you will sink in."

And then halfway through, Stallman began taking questions from the audience...

Read on for Slashdot's report on Stallman's remarks, or jump ahead to...

• How far should copyright law go?
• That NPM package that deleted files in Russia
• Does the free software world need more videogames?
• Stallman's upcoming manual for 'GNU C'
• Free Software's role in protecting our planet's environment

An anonymous reader quotes a report from Yahoo Finance: A single mom who signed up for a $30,000 income-share agreement at a for-profit coding bootcamp has filed a lawsuit in California, alleging she entered the agreement under "false pretenses." Redmond, Washington-based Emily Bruner is suing Bloom Institute of Technology, formerly known as Lambda School, and its head Austen Allred, alleging they misrepresented job placement rates, operated without a license during her course of study, and hid the "true nature" of the school's financial interest in students' success. "I feel like Lambda misled me at every turn -- about their job placement rates and about how they would prepare us for jobs in the field. I was even more shocked when I found out they were operating illegally," Bruner said in a press release. "I took time away from my young son and other career opportunities to participate in a program based on lies," added Bruner, who's seeking a refund from the school as well as monetary damages. "While I'm thankful I opted out of arbitration so I can have my day in court, I wish my classmates who were also misled could be here with me."

Income-share agreements, known as ISAs, are an alternative type of student loan financing where a borrower receives a loan, then pays a percentage of their income after graduation. The terms of an ISA depends on various factors, such as their major topic of study and projected future earnings. [...] Bruner, the plaintiff, signed her ISA on June 29, 2019 when she was living in New Mexico because she could not pay the full tuition amount to attend Lambda full-time, according to the lawsuit. She says she moved back home to North Carolina to live with her parents, who would help her take care of her baby. She took out $30,000 for its six- and 12-month computer science programs offered by San Francisco-based Lambda, according to the complaint. Bruner started school in September 2019 and finished the following August. Students at Lambda agree to pay 17% of their post-Lambda salary for 24 months once they make more than $50,000 a year, according to the lawsuit.

After graduating, she couldn't find a job as a web developer or a software engineer, and was, according to the lawsuit, told by employers that "she did not have the technical skills for the job, and that her education had not prepared her to be a web developer." Bruner ended up going back to program management, a field she was working in prior to attending Lambda. In the lawsuit, she alleged that Lambda misrepresented the fact that it did not have necessary approval from the state regulator, the California Bureau for Postsecondary Education. She also alleged that the school falsified and misrepresented the school's job placement rates. Finally she also alleged that the school hid the true nature of its financial interest in students' success -- specifically by "falsely representing" that Lambda only was compensated when students found jobs and earned income.

Oracle has begun making a new version of Solaris 11.4 available for free/open-source developers and for non-production personal use. Phoronix reports: Solaris 11.4 CBE is the "Common Build Environment" and intended for open-source developers and strictly non-production personal use... That is if you want Solaris for new installs in 2022. The new Solaris 11.4 "CBE" spin is effectively a rolling release and from Oracle's perspective hopes to ease the integration of the open-source software relied upon by Solaris rather than being bound to the dated 11.4.0 GA release.

Downloading the new Solaris 11.4 CBE does require an Oracle account. The CBE builds are also described as "similar to a beta, they are pre-release builds of a particular SRU." The non-production use license is put out under the Oracle Technology Network Early Adopter License Agreement for Oracle Solaris. Oracle will allow upgrading from these free CBE releases to paid SRU releases under Oracle support contracts. More details for those interested in Oracle Solaris 11.4 CBE via the Oracle Solaris blog.

Developer burnout is helping to drive an exodus of software developer talent from organizations, as part of a larger trend known as the Great Resignation, according to a report released on April 13 by MuleSoft, which is a division of Salesforce. From a report: The MuleSoft report was based on research conducted by Vanson Bourne in February 2022 across the U.S., U.K., France, Germany, and Australia. Eighty-six percent of respondents indicated that in the last two years it has become increasingly difficult to recruit software developers. One of the reasons why is the larger macroeconomic trend of the Great Resignation, where employees are leaving their employers en masse during the COVID-19 pandemic as they seek a better work-life balance.

Burnout is also a large challenge for developers, according to the report. The top causes of developer burnout are increasing workloads and the challenges of learning new skills to adapt to emerging technologies. "The pandemic was a massive accelerator for the need of digital tools," Matt McLarty, global field CTO and vice president of the Digital Transformation Office (DTO) at MuleSoft, told ITPro Today. "Non-technology companies were ultimately forced to become technology companies overnight, and we saw nearly every organization require developers to help them achieve these new goals on high-pressure deadlines, all at once."

An anonymous reader quotes a report from XDA Developers: Google will start highlighting reputable developers and publishers with a special badge. Google wrote in an email to Chrome Web Store developers on Friday, "we're happy to announce two new extension badges to help us deliver on that goal: the Featured badge and the Established publisher badge. Both of these badges will appear in the store in the next few weeks. Developers who earn these badges may receive higher rankings in search and filtering, and may also see their extensions appear in special promotions both on and off Chrome Web Store." "Developers who earn these badges may receive higher rankings in search and filtering"

The first is a Featured badge, which "will be granted to extensions that follow our technical best practices and meet a high standard of user experience and design." This badge is given to extensions manually by the Chrome Web Store team, so there isn't a full (public) list of guidelines, but the email mentioned a clear store listing page and following best practices as some of the criteria. The Established publisher badge will be granted automatically to developers and publisher accounts that have been verified and "established a consistent positive track record with Google services and compliance with the Developer Program Policy." In other words, most developers that haven't broke Chrome Web Store rules will probably get the badge at some point.

Google says publishers will not be able to pay money for either badge, but the company is working on ways for developers to request consideration. Starting on April 20, developers will be able to nominate their own extensions for a Featured badge.

Long-time Slashdot reader theodp writes: Tech-backed Code.org reports that as part of efforts to provide scaled human-centered education, the Stanford AI Lab analyzed 711,274 solutions to interactive block-based Code.org programming assignments submitted by 3rd and 4th grade students to develop AI-based solutions for automatically grading student homework. The research project received funding from LinkedIn founder and VC Reid Hoffman, who is coincidentally a $1+ million supporter of Code.org, which provided the student data.

Autograding systems are increasingly being deployed at all levels of education to meet the challenge of teaching programming at scale. So, will AI make Computer Science grader and undergraduate teaching assistant jobs obsolete?

"Enabling developer productivity has become a key vector in every organization's success," writes Matt Asay at InfoWorld — not a nice-to-have feature but a must-have.

"Which is why, perhaps ironically, the best way to set your developers free may actually be to fetter their freedom." The more developers mattered, the more everyone wanted to cater to their needs with new software tools, new open source projects, new cloud services, etc. This meant lots of new developer choice and associated freedom, but that wasn't necessarily an unalloyed good. As RedMonk analyst Steven O'Grady noted in 2017, "The good news is that this developer-driven fragmentation has yielded an incredible array of open source software. The bad news is that, even for developers, managing this fragmentation is challenging."

Can one have too much choice? Yep.

It's long been known in consumer retail, for example, that when there is too much choice, "consumers are less likely to buy anything at all, and if they do buy, they are less satisfied with their selection." Turns out this isn't just a matter of breakfast cereals or clothing. It also applies to developers building enterprise software. InfoWorld's Scott Carey writes that "complexity is killing software developers." He's right. But what can be done?

In a conversation with Weaveworks CEO Alexis Richardson, he related how self-service development platforms are reemerging to help developers make sense of all that open source and cloud choice. By giving developers "a standard, pre-approved environment in which the effort to create an app from an idea is minimal," he explained, it allows them to "focus on innovation not plumbing."
"Done right, a little bit of constraint goes a long way..." Asay argues, touting the benefits of PaaS (platform as a service) self-service development platforms. ("Enterprises that want to give their developers the freedom the cloud affords can couple it with just enough constraint to make that freedom useful....")

Asay argues that "However you approach it, the point is to stop thinking about freedom and control as impossibly opposed. Smart enterprises are figuring out ways to enable their developers using self-service platforms. Maybe you should, too."

Apple, looking to address criticism of its competitive practices by the European Union, developers and U.S. lawmakers, pointed to a report showing that third-party apps are thriving on the iPhone and other devices. From a report: In a study published by Analysis Group and touted by the iPhone maker, analysts said that Apple's own apps are infrequently the dominant option and only account for a small share of app usage. "We found that Apple's own apps, while used by many, are rarely the most popular of a given type and are eclipsed in popularity by third-party apps for nearly every country and app type we considered," the report said. In the U.S., the report found that Spotify is 1.6 times more popular than Apple Music, that Google Maps is used 1.5 times more than Apple Maps, and that Netflix is 17 times more popular than Apple's service. The Amazon Kindle service, meanwhile, was 4.5 times more popular than Apple's Books app.

The C programming language has many problems. But now the Registers notes that "Aria Beingessner, a member of the teams that implemented both Rust and Swift, has an interesting take... That C isn't a programming language anymore...."

"And it hasn't been for a long time," Beingessner writes in an online essay: This isn't about the fact that C is actually horribly ill-defined due to a billion implementations or its completely failed integer hierarchy. That stuff sucks, but on its own that wouldn't be my problem.

My problem is that C was elevated to a role of prestige and power, its reign so absolute and eternal that it has completely distorted the way we speak to each other. Rust and Swift cannot simply speak their native and comfortable tongues — they must instead wrap themselves in a grotesque simulacra of C's skin and make their flesh undulate in the same ways it does....

Everyone had to learn to speak C to talk to the major operating systems, and then when it came time to talk to eachother we suddenly all already spoke C so... why not talk to eachother in terms of C too?

Oops! Now C is the lingua franca of programming.

Oops! Now C isn't just a programming language, it's a protocol.
The Register picks up the argument: it's fair (if wildly controversial) to say, as this 2018 Association for Computing Machinery paper puts it, that C is not a low-level programming language. As its subtitle says: "Your computer is not a fast PDP-11."

This is not a relative assessment: that is, it's not saying that there are other programming languages that are lower-level than C. It's an absolute one: C is often praised for being "close to the metal," for being a "portable assembly language." It was, once, but it hasn't been since the 1970s; the underlying computational models of modern computers are nothing like the one that C represents, which was designed for a 1970s 16-bit minicomputer.
The Register summarizes what happens when a language has to interface with an operating system — and thus, that operating system's C code. [I]t has to call C APIs. This is done via Foreign Function Interfaces (FFIs).... In other words, even if you never write any code in C, you have to handle C variables, match C data structures and layouts, link to C functions by name with their symbols....

The real problem is that C was never designed or intended to be an Interface Definition Language, and it isn't very good at it.

An anonymous reader quotes a report from Ars Technica: With Russian gamers effectively cut off from purchases on most major gaming platforms due to corporate sanctions against the country, the Russian game developer behind indie darling Loop Hero is encouraging Russian customers to pirate the game. In a Sunday post on Russian social network VK (Google translated version), Loop Hero developer Four Quarters said, "In such difficult times, we can only help everyone to raise the pirate flag (together with vpn)" to get the game. The developer then included a link to a copy of Loop Hero on a popular Russian torrent tracker to aid in that process directly.

In a follow-up post the next day (Google translated version), Four Quarters insisted that "we didn't do anything special, there's nothing wrong with torrents." The company also notes that players wanting to offer the developer donations in lieu of buying the game should refrain. "The truth is that everything is fine with us, send this support to your family and friends at this difficult time," they wrote.

While players outside of Russia should still be able to purchase Loop Hero on Steam, Valve said earlier this month that banking issues prevented it from sending payments to developers in Russia, Belarus, and Ukraine (ironically enough). Valve recently told PC Gamer that developers in these countries will have to provide "intermediary banking information" in a foreign country to receive the payments they're due. "It's a very frustrating situation, and we hope to find the resolution soon," Valve wrote in a note to affected developers. Russia is reportedly considering legalizing software piracy to combat the sanctions imposed on the country for its invasion of Ukraine.