Visual Studio Magazine reports: Microsoft, which calls its Excel spreadsheet a programming language, reports that an effort called LAMBDA to make it even more of a programming language is paying off, recently being deemed Turing complete. Being Turing complete is the litmus test of a full-fledged programming language, marking the ability to imitate a Turing machine. According to one definition, that means, "A programming language is Turing complete if you can implement any possible algorithm with it."

And that's exactly what LAMBDA can now do. "You can now, in principle, write any computation in the Excel formula language," said Microsoft researchers in a Jan. 25 blog post.

To get there, researchers at the Calc Intelligence project addressed two shortcomings to the LAMBDA project, which is conducted in coordination with the Excel team and which was first announced early last month. They are:

- The Excel formula language supported only scalar values like numbers, strings and Booleans

- It didn't let users define new functions....

"Moreover, even if it takes greater skill and knowledge to author a lambda, it takes no extra skill to call it," researchers said. "LAMBDA allows skilled authors to extend Excel with application-domain-specific functions that appear seamlessly part of Excel to their colleagues, who simply call them.

"It will be interesting to see how users continue to experiment with and apply not only LAMBDA but also data types and dynamic arrays. We believe these new functional programming features will transform how people make decisions with Excel."

And there is certainly a large audience of both programmers and coders, as Microsoft claims "Excel formulas are written by an order of magnitude more users than all the C, C++, C#, Java, and Python programmers in the world combined."
Towards the end the article points out that right now to actually use the new feature, "you have to be a member of the Insiders: Beta program."

A long-simmering public dispute between Facebook and Apple has neared a boiling point. The Information: With the aid of outside legal counsel, Facebook for months has been preparing an antitrust lawsuit against Apple that would allege the iPhone-maker abused its power in the smartphone market by forcing app developers to abide by App Store rules that Apple's own apps don't have to follow, according to two people with direct knowledge of Facebook's efforts. The legal preparations by Facebook signal that the feud between the companies could further escalate, though ultimately Facebook may decide not to file a suit. Its executives are facing internal resistance from some employees over its public campaign against Apple, a fight that recently has centered on a change to iPhone software that will make it harder for Facebook and its advertisers to track people across apps.

Now Facebook CEO Mark Zuckerberg is attempting to build a broad legal case arguing that Apple's rules for app developers -- which force them to use Apple's in-app payment service, for instance -- make it harder to compete against Apple in areas such as gaming, messaging and shopping. While Facebook could seek monetary damages in a lawsuit, the more meaningful outcome for the company and every other app developer would be material changes to Apple's iPhone restrictions. A similar antitrust case against Apple filed last fall by game maker Epic also seeks changes to Apple's business model rather than monetary damages. Facebook has considered inviting other companies to participate in its prospective lawsuit against Apple, said three people with knowledge of the talks.

Camel Pilot writes: Pyston 2.1, a closed-source but faster and highly-compatible implementation of the Python programming language, significantly outperforms Python 3 in a variety of benchmarks. All the system details and benchmarks in full can be found over on OpenBenchmarking.org.

"A two-episode series which debuted on Chinese streaming platforms last week has been described as the first reality competition to focus on programmers," reports the I Programmer web site: The show, sponsored by the Ant Group, an affiliate company of the Chinese Alibaba Group, is called Ranshaoba tiancaichengxuyuan, which roughly translates to "Burn Bright! Genius Programmer," and followed four teams engaged on a challenge akin to the hackathons that take place on Kaggle and similar platforms.

News of the show comes in a report China's first variety show about computer programmers seeks to mold Chinese IT idols in Global Times, the English-language newspaper published by People's Daily, which is the official newspaper of Central Committee of the Chinese Communist Party. Ji Yuqiao reported that twenty programmers took part in the show and were divided into four teams that competed to win a prize of 1 million yuan ($154,152). Some of the competitors were graduates of top universities such as Tsinghua University in China and Carnegie Mellon University in the US, while others were high school dropouts. Four professors at Peking University and Tsinghua University acted as mentors to these young talents on the show.

Contestants were tasked with protecting wild animals from poachers in a virtual world. With a time limit of 48 hours they had to design algorithms to detect and identify wild animals based on the limited data resources in the game.

Slashdot reader DevNull127 writes: A new web quiz challenge visitors, "Can you tell a coder from a cannibal? A mathematician from a murderer? Try to spot who liked hacking away at corpses rather than computers."
One commenter on BoingBoing says the quiz brought back memories of doing IT recruitment in the 1990s. "After a few months at that job, I started to wonder if spending so much time staring at soulless equipment wasn't affecting people. Too many candidates were completely humorless, culturally clueless, or sporting a thousand-yard stare..."

ZDNet takes a look at a new nonprofit group called the Organization for Ethical Source (OES): The OES is devoted to the idea that the free software and open-source concept of "Freedom Zero" are outdated. Freedom Zero is "the freedom to run the program as you wish, for any purpose." It's fundamental to how open-source software is made and used... They hate the notion that open-source software can be used for any purpose including "evil" purposes. The group states:

The world has changed since the Open Source Definition was created — open source has become ubiquitous, and is now being leveraged by bad actors for mass surveillance, racist policing, and other human rights abuses all over the world. The OES believes that the open-source community must evolve to address the magnitude and complexity of today's social, political, and technological challenges...

How does this actually work in a license...?

The Software shall not be used by any person or entity for any systems, activities, or other uses that violate any Human Rights Laws. "Human Rights Laws" means any applicable laws, regulations, or rules (collectively, "Laws") that protect human, civil, labor, privacy, political, environmental, security, economic, due process, or similar rights....

This latest version of the license was developed in collaboration with a pro-bono legal team from Corporate Accountability Lab (CAL). It has been adopted by many open-source projects including the Ruby library VCR; mobile app development tool Gryphon; Javascript mapping library react-leaflet; and WeTransfer's entire open-source portfolio...

The organization adds, though, the license's most significant impact may be the debate it sparked between ethical-minded developers and open-source traditionalists around the primacy of Freedom Zero.
The article includes this quote from someone described as an open source-savvy lawyer.

"To me, ethical licensing is a case of someone with a very small hammer seeing every problem as a nail, and not even acknowledging that the nail is far too big for the hammer."

Inside.com's developer newsletter spotted this code repository story: GitHub posted a DMCA notice it received from the Motion Picture Association (MPA) last week asking the platform to take down a repository associated with NYAA.si, a popular torrent site specializing in anime content. The DMCA captured attention as the code doesn't belong to the MPA. Rather, the MPA argues the code is used for the development of the site, which allows for copyright infringement, while the repo also makes it possible to create NYAA clones.

The news comes a few months after GitHub restored the youtube-dl repository and created a $1m legal defense fund to help open source developers fight unwarranted DMCA Section 1201 takedown claims. At the same time, the platform also announced it will be improving its Section 1201 claim review process to make it harder to take down repos.
But the next day, the newsletter reported GitHub had reversed the takedown: The company explains the notice didn't meet its DMCA Takedown Policy requirements as it failed to "establish that the code is preconfigured to infringe." GitHub adds that it also restored any content that was disabled because of the notice.
Some context from TorrentFreak: This isn't the first time the MPA has gone after the anime torrent site. Last November we reported that the anti-piracy group sent cease and desist letters to several people who are allegedly connected to the site, describing it as an "Anime Cartel".
TorrentFreak's latest update: A few weeks ago, the Motion Picture Association tried to shut the project down by going after several people who are allegedly linked to the site. Framing NYAA as an "Anime Cartel", the movie group demanded a total shutdown and tens of thousands of dollars in settlements...

This takedown request initially succeeded as GitHub disabled the repository earlier this week. Before doing so, the platform reached out to the developers and gave them the option to respond or make changes, but that request went unanswered. Without a response from the developers, this is usually where things end. In this case, however, GitHub decided to carry out another review after the project was taken down, perhaps in part motivated by the news coverage. "While we didn't hear back from the maintainers, we chose to do another review ourselves to proactively see how we could resolve the issue," a GitHub spokesperson informs TorrentFreak...

[A]t the time of writing the NYAA repository is up and running again. The MPA still has the option to provide additional information about the allegedly-infringing nature of the code, which would then trigger another review.

GitHub stresses that it's their purpose to make sure that developers can host code within the boundaries of the law. Unless the entire repository is infringing, it's standard policy to allow developers to respond to DMCA claims before any content is removed.

We have learned that Brad Cox, computer scientist known mostly for creating the Objective-C programming language with his business partner Tom Love, died on January 2, 2021 at his residence. He was 76. From a Legacy.com post: Brad was born on May 2, 1944 in Fort Benning, Georgia, to the late Nancy Hinson Cox and Dewey McBride Cox of Lake City, South Carolina. Brad grew up on the family's dairy farm in South Carolina but found himself most interested in science. After graduating from Lake City High School, he received his Bachelor of Science Degree in Organic Chemistry and Mathematics from Furman University, and his Ph.D. from the Department of Mathematical Biology at the University of Chicago, and worked on an early form of neural networks. He soon found himself more interested in computers and got a job at International Telephone and Telegraph (ITT) and later joined Schlumbeger -- Doll Research Labs, and ultimately formed his own Connecticut startup, Productivity Products International (PPI) later named Stepstone.

Among his first known software projects, he wrote a PDP-8 program for simulating clusters of neurons. He worked at the National Institutes of Health and Woods Hole Oceanographic Institute before moving into the software profession. Dr. Cox was an entrepreneur, having founded the Stepstone Company together with Tom Love for releasing the first Objective-C implementation. Stepstone hoped to sell "ICPaks" and Dr. Cox focused on building his ICPak libraries and hired a team to continue work on Objective-C, including Steve Naroff. The late Steve Jobs', NeXT, licensed the Objective-C language for it's new operating system, NEXTSTEP. NeXT eventually acquired Objective- C from Stepstone. Objective-C continued to be the primary programming language for writing software for Apple's OS X and iOS.

The recently updated website for President Joe Biden's White House carried an invitation for tech specialists savvy enough to find it. From a report: Hidden in the HTML code on www.whitehouse.gov was an invitation to join the U.S. Digital Service, a technology unit within the White House. "If you're reading this, we need your help building back better," the message said. Former President Barack Obama launched the service in 2014 to recruit technologists to help revamp government services -- for example by modernizing Medicare's payment system or reforming hiring practices across government agencies. Tech specialists join the Digital Service for typically one or two years.

TechRepublic shares a remarkable calculation by the not-for-profit IT leadership group the Consortium for Information and Software Security: CISQ's 2020 report, The Cost of Poor Software Quality in the U.S., looked at the financial impact of software projects that went awry or otherwise ended up leaving companies with a larger bill by creating additional headaches for them. According to the consortium, unsuccessful IT projects alone cost U.S. companies $260 billion in 2020, while software problems in legacy systems cost businesses $520 billion and software failures in operational systems left a dent of $1.56 trillion in corporate coffers.

As a result, the total cost of poor software quality in the U.S. amounted to approximately $2.08 trillion in 2020, CISQ said. Comparing this to the total U.S. IT and software wage base of $1.4 trillion, the company said the figures "underscored the magnitude of the negative economic impact of poor software quality."

Programming columnist Mike Melanson describes the announcement of this year's programming language of the year: The TIOBE Index, the somewhat dubious ranking of programming language popularity according to search engine results, has announced its yearly proclamation of "language of the year," with the award going to Python for the fourth time in its history [more than any other programming language].

The title, the project leads write, "is awarded to the programming language that has gained most popularity in one year," with Python moving up 2.01% in 2020, which they attribute to "the ease of learning the language and its high productivity," alongside its numerous use cases.
C++ "is a very close runner up" for programming language of the year, TIOBE tells us, "with an increase of 1.99%. Other winners are C (+1.66%), Groovy (+1.23%) and R (+1.10%)...

"What else happened in the TIOBE index in 2020? C has become number 1 again, beating Java. Java lost almost 5% in only 1 year."

The WebAssembly portable binary format will now have wider support from Wasmer, the server-side runtime which "allows universal binaries compiled from C++, Rust, Go, Python, and other languages to run on different operating systems and in web browsers without modification," reports InfoWorld: Wasmer can run lightweight containers based on WebAssembly on a variety of platforms — Linux, MacOS, Windows, Android, iOS — from the desktop to the cloud to IoT and mobile devices, while also allowing these containers to be embedded in any programming language. The Wasmer runtime also is able to run the Nginx web server and other WebAssembly modules...

Wasmer was introduced in December 2018, with the stated goal of doing for WebAssembly what JavaScript did for Node.js: establish it server-side. By leveraging Wasmer for containerization, developers can create universal binaries that work anywhere without modification, including on Linux, MacOS, and Windows as well as web browsers. WebAssembly automatically sandboxes applications by default for secure execution, shielding the host environment from malicious code, bugs, and vulnerabilities in the software being run.
Wasmer 1.0 reached "general availability status" with its release on January 5, and its developers are now claiming "out of this world" runtime and compiler performance.

"We believe that WebAssembly will be a crucial component for the future of software execution and containerization (not only inside the browser but also outside)."

Apple's App Store grossed more than $64 billion in 2020, according to an analysis by CNBC. From a report: That's up from an estimated $50 billion in 2019 and $48.5 billion in 2018, according to the same analysis, suggesting that App Store sales growth accelerated strongly during the Covid-19 pandemic, as people sheltered at home and spent more time and money on apps and games. App Store revenue grew 28% in 2020, up from 3.1% growth in 2019, according to CNBCâ(TM)s analysis. Apple's App Store is a core growth area for the company. It's reported as part of Apple's Services division, which reported $53.7 billion in sales in Apple's fiscal 2020, which ended in September. The money that Apple makes from its App Store has become a flash point for critics of Apple which argue it has too much power. Apple charges 30% for digital sales through its platform, with a few exceptions. Apple recently altered its fee structure, and now it only takes a 15% cut from companies that generate less than $1 million in the App Store.

Last July, GitHub prevented users in Iran and several other nations from accessing portions of the service due to U.S. sanction laws. Today, the world's largest host of source code announced that it has secured a license from the U.S. government to operate in Iran. It's also working to secure similar licenses for developers in Crimea and Syria as well. MSPoweruser reports: "Over the course of two years, we were able to demonstrate how developer use of GitHub advances human progress, international communication, and the enduring U.S. foreign policy of promoting free speech and the free flow of information. We are grateful to OFAC for the engagement which has led to this great result for developers. We are in the process of rolling back all restrictions on developers in Iran, and reinstating full access to affected accounts," wrote Nat Friedman, CEO of GitHub. GitHub is also working with the U.S. government to secure similar licenses for developers in Crimea and Syria as well.

"When you do computer programming, what sort of mental work are you doing?" asks science/tech journalist Clive Thompson: For a long time, folks have speculated on this. Since coding involves pondering hierarchies of symbols, maybe the mental work is kinda like writing or reading? Others have speculated it's more similar to the way our brains process math and puzzles. A group of MIT neuroscientists recently did fMRI brain-scans of young adults while they were solving a small coding challenge using a textual programming language (Python) and a visual one (Scratch Jr.). The results?

The brain activity wasn't similar to when we process language. Instead, coding seems to activate the "multiple demand network," which — as the scientists note in a public-relations writeup of their work — "is also recruited for complex cognitive tasks such as solving math problems or crossword puzzles."

So, coding is more like doing math than processing language?

Sorrrrrrt of ... but not exactly so. The scientists saw activity patterns that differ from those you'd see during math, too.

The upshot: Coding — in this (very preliminary!) work, anyway — looks to be a little different from either language or math. As the note, in a media release...

"Understanding computer code seems to be its own thing...."

Just anecdotally — having interviewed hundreds of coders and computer scientists for my book CODERS — I've met amazing programmers and computer scientists with all manner of intellectual makeups. There were math-heads, and there were people who practically counted on their fingers. There were programmers obsessed with — and eloquent in — language, and ones gently baffled by written and spoken communication. Lots of musicians, lots of folks who slid in via a love of art and visual design, then whose brains just seized excitedly on the mouthfeel of algorithms.

Long-time programmer/researcher/former MIT research fellow Jonathan Edwards writes a blog called "Alarming Development: Dispatches from the User Liberation Front."

He began the new year by arguing that software "is eating the world. But progress in software technology itself largely stalled around 1996." Slashdot reader tonique summarizes Edwards' argument: In 1996 there were "LISP, Algol, Basic, APL, Unix, C, Oracle, Smalltalk, Windows, C++, LabView, HyperCard, Mathematica, Haskell, WWW, Python, Mosaic, Java, JavaScript, Ruby, Flash, Postgress [sic]". After that we're supposed to have achieved "IntelliJ, Eclipse, ASP, Spring, Rails, Scala, AWS, Clojure, Heroku, V8, Go, React, Docker, Kubernetes, Wasm".

Edwards's main thesis is that the Internet boom around 1996 caused this slowdown because programmers could get rich quick. Then smart and ambitious people moved into Silicon Valley, and founded startups. But you can't do research at a startup due to time and money constraints. Today only "megacorps" like Google, Facebook, Apple and Microsoft are supposedly able to do relevant research because of their vast resources.

Computer science wouldn't help, either, because "most of our software technology was built in companies" and because computer science "strongly disincentivizes risky long-range research". Further, according to Edwards, the aversion to risk and "hyper-professionalization of Computer Science" is part of a larger and worrisome trend throughout the whole field and all of western civilisation.
Edwards' blog post argues that since 1996 "almost everything has been cleverly repackaging and re-engineering prior inventions. Or adding leaky layers to partially paper over problems below. Nothing is obsoleted, and the teetering stack grows ever higher..."

"[M]aybe I'm imagining things. Maybe the reason progress stopped in 1996 is that we invented everything. Maybe there are no more radical breakthroughs possible, and all that's left is to tinker around the edges. This is as good as it gets: a 50 year old OS, 30 year old text editors, and 25 year old languages.

"Bullshit. No technology has ever been permanent. We've just lost the will to improve."

A new report by Sensor Tower reveals that 2020 has been a record-setting year for worldwide spending on the Apple App Store and Google Play Store, which collectively passed $100 billion in a single year for the first time ever in November. From a report: The trend of increased spending continued over Christmas, when consumers around the world spent an estimated $407.6 million across Apple's App Store and Google Play. This represents a 34.5 percent year-on-year growth from approximately $303 million in 2019. At the same time in 2019, spending only increased by 17.1 percent year-on-year. Spending on Christmas day constituted 4.5 percent of December's total spending so far, which reached nine billion dollars globally on December 27. The majority of holiday spending was on mobile games, which climbed by 27 percent from $232.4 million at the same time last year to $295.6 million. Tencent's "Honor of Kings" was the leading game with approximately $10.7 million in consumer spending, which is a 205.7 percent increase from Christmas 2019. TikTok was the top app for spending outside of games, generating $4.7 million globally. Following previous years, Apple's App Store captured the majority of spending between the App Store and the Google Play Store, with 68.4 percent of spending, up 35.2 percent year-on-year. The Google Play Store saw $129 million in revenue compared to the App Store's $278.6 million.

Basecamp's David Heinemeier Hansson (the creator of Ruby on Rails) announced on Twitter this week that "all the tricks and tooling we used to build the front-end for Hey.com" have now been released as Hotwire (also known as New Magic), "an alternative approach to building modern web applications without using much JavaScript by sending HTML instead of JSON over the wire." This includes our brand-new Turbo framework...a set of complimentary techniques for speeding up page changes and form submissions, dividing complex pages into components, and stream partial page updates over WebSocket. All without writing any JavaScript at all...
Hotwire's web page argues HTML over the wire "makes for fast first-load pages, keeps template rendering on the server, and allows for a simpler, more productive development experience in any programming language, without sacrificing any of the speed or responsiveness associated with a traditional single-page application." On Twitter, Hansson called it "a refinement of years of research, experimentation, and SHIPPING HTML AT THE CENTER. It's been a revelation for us. Both for the web, and for our native apps." He shared a 13-minute video demonstration — then added a thoughtful comment about the state of web development today.

"Really curious to continue pushing the ECMAScript 6 + ES Modules approach in the browser. This isn't strictly related to Hotwire, but it's part of deconstructing the overly complicated mess we've all made of frontend development. One brick at the time!"

An anonymous reader quotes a report from Bloomberg: With great fanfare last week, 44 attorneys general hit Google with two antitrust complaints, following a landmark lawsuit the Justice Department and 11 states lodged against the Alphabet Inc. unit in October. What's less known is that Oracle Corp. spent years working behind the scenes to convince regulators and law enforcement agencies in Washington, more than 30 states, the European Union, Australia and at least three other countries to rein in Google's huge search-and-advertising business. Those efforts are paying off.

Officials in more than a dozen of the states that sued Google received what has been called Oracle's "black box" presentation showing how Google tracks users' personal information, said Ken Glueck, Oracle's top Washington lobbyist and the architect of the company's antitrust campaign against Google. Glueck outlined for Bloomberg the presentation, which often entails putting an Android phone inside a black briefcase to show how Google collects users' location details -- even when the phones aren't in use -- and confirmed the contours of the pressure campaign. "I couldn't be happier," said Glueck about the barrage of lawsuits. "As far as I can tell, there are more states suing Google than there are states." Oracle has fallen behind the tech giants in the marketplace, yet is notching one legal and regulatory win after another against them, Google especially. In response, Google spokesman Jose Castaneda denounced Oracle's "cloak-and-dagger lobbying campaign," saying "while Oracle describes itself as the biggest data broker on the planet, we're focused on keeping consumers' information safe and secure."

Application-security company Veracode "has released the 11th volume of its annual State of Software Security report, and its findings reveal that flawed applications are the norm, open-source libraries are increasingly untrustworthy, and it's taking a long time to patch problems," reports TechRepublic.

The top three security flaws — like last year — are still information leakage, cryptographic issues, and CRLF injection: The report found a full 76% of apps contained flaws, and 24% of apps have flaws considered highly severe. Some 70% of apps are inheriting security flaws from their open-source libraries, but it's important to note that only 30% of apps have more security bugs in their open-source libraries than in code written in-house, suggesting that it isn't solely open-source projects that are to blame... In terms of how bugs are being resolved, Veracode found that 73% of the bugs it found as part of the report were patched, which is a big improvement over previous years, when that number was in the mid-50% range. Despite that good sign, it's still taking an average of six months to close half of discovered flaws...

Veracode also released a heatmap of the worst bugs in the most popular languages. Interestingly enough, the language with the least use of open-source libraries is also the one with the most bugs: PHP.

Looking at the heatmap, it's easy to spot which of the five popular languages included has the worst security. Following PHP is C++, then Java, .Net, JavaScript, and Python. The latter two are, doing considerably better than the competition, with the worst flaws in each only being found in roughly 30% of apps. Compared to PHP with 74.6% of its apps vulnerable to cross-site scripting, JavaScript and Python are security powerhouses.