"Altran has released a new tool that uses artificial intelligence to help software engineers spot bugs during the coding process instead of at the end," reports TechRepublic. "Available on GitHub, Code Defect AI uses machine learning to analyze existing code, spot potential problems in new code, and suggest tests to diagnose and fix the errors." Walid Negm, group chief innovation officer at Altran, said that this new tool will help developers release quality code quickly. "The software release cycle needs algorithms that can help make strategic judgments, especially as code gets more complex," he said in a press release....

"Microsoft and Altran have been working together to improve the software development cycle, and Code Defect AI, powered by Microsoft Azure, is an innovative tool that can help software developers through the use of machine learning," said David Carmona, general manager of AI marketing at Microsoft, in a press release...

In a new report about artificial intelligence and software development, Deloitte predicts that more and more companies will use AI-assisted coding tools. From January 2018 to September 2019, software vendors launched dozens of AI-powered software development tools, and startups working in this space raised $704 million over a similar timeframe.... "The benefits of AI-assisted coding are numerous," according to Deloitte analysts David Schatsky and Sourabh Bumb, the authors of AI is Helping to Make Better Software. " However, the principal benefit for companies is efficiency. Many of the new AI-powered tools work in a similar way to spell- and grammar-checkers, enabling coders to reduce the number of keystrokes they need to type by around 50%. They can also spot bugs while code is being written, while they can also automate as many as half of the tests needed to confirm the quality of software." This capability is even more important as companies continue to rely on open-source code.
The Register got more details about Altran's Code Defect AI: The company told us that the AI does not look much at the source code itself, but rather at the commit metadata, "the number of files in the check-in, code complexity, density of the check-in, bug history of the file, history of the developer, experience of the developer in the particular module/file etc." Training of the model is done only on the project being examined...

An anonymous reader quotes IEEE Spectrum: If you're a newly hired software engineer, setting up your development environment can be tedious. If you're lucky, your company will have a documented, step-by-step process to follow. But this still doesn't guarantee you'll be up and running in no time. When you're tasked with updating your environment, you'll go through the same time-consuming process. With different platforms, tools, versions, and dependencies to grapple with, you'll likely encounter bumps along the way.

Austin-based startup Coder aims to ease this process by bringing development environments to the cloud. "We grew up in a time where [Microsoft] Word documents changed to Google Docs. We were curious why this wasn't happening for software engineers," says John A. Entwistle, who founded Coder along with Ammar Bandukwala and Kyle Carberry in 2017. "We thought that if you could move the development environment to the cloud, there would be all sorts of cool workflow benefits."

With Coder, software engineers access a preconfigured development environment on a browser using any device, instead of launching an integrated development environment installed on their computers... To ensure security, all source code and related development activities are hosted on a company's infrastructure — Coder doesn't host any data. Organizations can deploy Coder on their private servers or on cloud computing platforms such as Amazon Web Services or Google Cloud Platform. This option could be advantageous for banks, defense organizations, and other companies handling sensitive data.
One of Coder's customers is the U.S. Air Force, the article points out -- and thats not the only government agency that's interested in their success.

When Coder closed $30 million in Series B funding last month (bringing total funding to $43 million), one of their backers was a venture capital firm with ties to America's Central Intelligence Agency.

An anonymous reader quotes CNBC: The rise of artificial intelligence will make even software engineers less sought after. That's because artificial intelligence will soon write its own software, according to Jack Dorsey, the tech billionaire boss of Twitter and Square. And that's going to put some beginning-level software engineers in a tough spot.

"We talk a lot about the self-driving trucks in and whatnot" when discussing how automation will replace jobs held by humans, Dorsey told former Democratic presidential hopeful Andrew Yang on an episode of the "Yang Speaks" podcast published Thursday. But A.I. "is even coming for programming" jobs, Dorsey said.

"A lot of the goals of machine learning and deep learning is to write the software itself over time so a lot of entry-level programming jobs will just not be as relevant anymore," Dorsey told Yang.
Dorsey also told Yang that he belives a Universal Basic Income could give workers "peace of mind" that they'll be able to "eat and feed their children while they are learning how to transition into this new world."

"Around 70% of our serious security bugs are memory safety problems," the Chromium project announced this week. "Our next major project is to prevent such bugs at source."

ZDNet reports: The percentage was compiled after Google engineers analyzed 912 security bugs fixed in the Chrome stable branch since 2015, bugs that had a "high" or "critical" severity rating. The number is identical to stats shared by Microsoft. Speaking at a security conference in February 2019, Microsoft engineers said that for the past 12 years, around 70% of all security updates for Microsoft products addressed memory safety vulnerabilities. Both companies are basically dealing with the same problem, namely that C and C++, the two predominant programming languages in their codebases, are "unsafe" languages....

Google says that since March 2019, 125 of the 130 Chrome vulnerabilities with a "critical" severity rating were memory corruption-related issues, showing that despite advances in fixing other bug classes, memory management is still a problem... Half of the 70% are use-after-free vulnerabilities, a type of security issue that arises from incorrect management of memory pointers (addresses), leaving doors open for attackers to attack Chrome's inner components...

While software companies have tried before to fix C and C++'s memory management problems, Mozilla has been the one who made a breakthrough by sponsoring, promoting and heavily adopting the Rust programming language in Firefox... Microsoft is also heavily investing in exploring C and C++ alternatives⦠But this week, Google also announced similar plans as well... Going forward, Google says it plans to look into developing custom C++ libraries to use with Chrome's codebase, libraries that have better protections against memory-related bugs. The browser maker is also exploring the MiraclePtr project, which aims to turn "exploitable use-after-free bugs into non-security crashes with acceptable performance, memory, binary size and minimal stability impact."

And last, but not least, Google also said it plans to explore using "safe" languages, where possible. Candidates include Rust, Swift, JavaScript, Kotlin, and Java.

The State of Software Security (SOSS): Open Source Edition "analyzed the component open source libraries across the Veracode platform database of 85,000 applications which includes 351,000 unique external libraries," reports TechRepublic. "Chris Eng, chief research officer at Veracode, said open source software has a surprising variety of flaws." "An application's attack surface is not limited to its own code and the code of explicitly included libraries, because those libraries have their own dependencies," he said. The study found that 70% of applications have a security flaw in an open source library on an initial scan.
Other findings from the report:

• The most commonly included libraries are present in over 75% of applications for each language.

• 47% of those flawed libraries in applications are transitive.

• More than 61% of flawed libraries in JavaScript contain vulnerabilities without corresponding common vulnerabilities and exposures (CVEs).

• Fixing most library-introduced flaws can be done with a minor version upgrade.

• Using any given PHP library has a greater than 50% chance of bringing a security flaw along with it.

May 23rd marks the 25th anniversary of the day Sun Microsystems introduced Java to the world, notes InfoWorld.

Looking at both the present and the future, they write that currently Java remains popular "with enterprises even as a slew of rival languages, such as Python and Go, now compete for the hearts and minds of software developers." Java continues to rank among the top three programming languages in the most prominent language popularity indexes — Tiobe, RedMonk, and PyPL. Java had enjoyed a five-year stint as the top language in the Tiobe index until this month, when it was overtaken by the C language, thanks perhaps to the combination of C's wide use in medical equipment and the urgency of the COVID-19 pandemic.

Nevertheless, Java represents a huge ecosystem and source of jobs. There were an estimated nine million Java developers worldwide in 2017, according to Oracle. A recent search of jobs site Dice.com found nearly 12,000 Java-related jobs in the USA, compared to roughly 9,000 jobs in JavaScript and 7,600 in Python. Plus, Java has spawned an enormous ecosystem of tools ranging from the Spring Framework to application servers from companies such as IBM, Red Hat, and Oracle to the JavaFX rich media platform.

The developers behind Java — including Oracle and the broader OpenJDK community — have kept the platform moving forward. Released two months ago, Java 14, or Java Development Kit (JDK) 14, added capabilities including switch expressions, to simplify coding, and JDK Flight Recorder (JFR) Event Streaming, for continuous consumption of JFR data. Up next for Java is JDK 15, set to arrive as a production release in September 2020, with capabilities still being lined up for it. So far, the features expected include a preview of sealed classes, which provide more-granular control over code, and records, which provide classes that act as transparent carriers for immutable data. Also under consideration for Java is a plan dubbed Project Leyden, which would address "longterm pain points" in Java including resource footprint, startup time, and performance issues by introducing static images to the platform.

Microsoft has explained why it's pursuing 'safe systems programming' through efforts like its experimental Rust-inspired Project Verona language and its exploration of the Rust programming language for Windows code written in C++. From a report: The short answer is that Microsoft is trying to eliminate memory-related bugs in software written in languages like C++, according to Microsoft Rust expert Ryan Levick. These bugs cost a lot to fix and make up a large share of Patch Tuesday hassles. Levick has now offered more insights into Microsoft's efforts behind safe systems programming. Systems programming includes coding for platforms like Windows, Xbox, and Azure, as opposed to programming applications that run on them.

Key systems programming languages include C++, Google-backed Go, and Mozilla-created Rust, but Rust and Go are 'memory-safe' languages while C++ is not. Other languages are memory safe, such as Swift and Kotlin, but they aren't for systems programming. The thing for Microsoft is that it writes a lot of its platform software in C++ and sometimes still in C. While it works hard to address memory issues, the company says it has "reached a wall". "We can't really do much more than we already have. It's becoming harder and harder and more and more costly to address these issues over time," says Levick, who joined Microsoft via its acquisition of Wanderlist, which has become Microsoft To Do. He gave a rundown of Microsoft's safe systems programming efforts in a session at Build 2020 this week.

One of the world's most prolific hacking groups recently infected several Massively Multiplayer Online game makers, a feat that made it possible for the attackers to push malware-tainted apps to one target's users and to steal in-game currencies of a second victim's players. Ars Technica reports: Researchers from Slovakian security company ESET have tied the attacks to Winnti, a group that has been active since at least 2009 and is believed to have carried out hundreds of mostly advanced attacks. Targets have included Chinese journalists, Uyghur and Tibetan activists, the government of Thailand, and prominent technology organizations. Winnti has been tied to the 2010 hack that stole sensitive data from Google and 34 other companies. More recently, the group has been behind the compromise of the CCleaner distribution platform that pushed malicious updates to millions of people. Winnti carried out a separate supply-chain attack that installed a backdoor on 500,000 ASUS PCs.

The recent attack used a never-before-seen backdoor that ESET has dubbed PipeMon. To evade security defenses, PipeMon installers bore the imprimatur of a legitimate Windows signing certificate that was stolen from Nfinity Games during a 2018 hack of that gaming developer. The backdoor -- which gets its name for the multiple pipes used for one module to communicate with another and the project name of the Microsoft Visual Studio used by the developers -- used the location of Windows print processors so it could survive reboots. In a post published early Thursday morning, ESET revealed little about the infected companies except to say they included several South Korea- and Taiwan-based developers of MMO games that are available on popular gaming platforms and have thousands of simultaneous players.

theodp writes: Arkansas Governor Asa Hutchinson had an odd way of showing his appreciation for the unemployed computer programmer who pointed out a vulnerability in Arkansas's Pandemic Unemployment Assistance website, framing the programmer's actions as illegal.

The Arkansas Times' Lindsey Millar explains: "Beginning on Saturday at a news conference and continuing Monday, Hutchinson has framed the applicant who sounded the alarm as acting illegally. He announced Monday that the FBI was investigating the matter. He said he understood personal information had been 'exploited.' 'We don't believe that the data was manipulated,' Hutchinson said. 'In other words, where someone would go in and change a bank account number, which is what criminals would do. When you say 'exploited,' I believe that is a technical term of art that includes visual seeing of someone else's data. That is a concern to us and that is what constitutes a breach.' Asked about his rationale for framing the programmer's actions as illegal, the governor said, 'When you go in and manipulate a system in order to gain an access that you're not allowed to have permission to access, that is a violation of the security that we want to have in place in these systems, and it would be a violation of the law as well, I would think (video).'"

Hutchinson is a member of Governors for CS (and a founding co-chair), who "share best practices for computer science and advocate for federal policies to expand computer science instruction" in partnership with tech-backed Code.org. Andrew Morris, a cybersecurity expert with more than a decade of experience and the founder of GreyNoise Intelligence in Washington, D.C., said the governor's framing of the programmer as acting illegally was "the wrongest way" to handle the situation.

"They're shooting the messenger," he said. "There are so many reasons why that is bad. It creates a culture where they're punishing people for doing the right thing and trying to report the vulnerabilities and get them fixed. This person didn't have to say anything."

According to CEO Kyle Wiens, teardown and repair website iFixit has just posted "the most comprehensive online resource for medical repair professionals." The Verge reports: The new database contains dedicated sections for clinical, laboratory, and medical support equipment, in addition to numerous other categories of devices. It also provides more than 13,000 manuals from hundreds of medical device manufacturers. Wiens says the effort began with a crowdsourcing campaign to collect repair information for hospital equipment, with a focus on "ventilator documentation, anesthesia systems, and respiratory analyzers -- devices widely used to support COVID-19 patients." But the effort grew from there, spanning more than two months as iFixit added dozens more staff members to the project; began talking to more biomedical technicians, doctors, and nurses about their day-to-day needs; and started collecting and cataloging information from libraries and other sources.

The medical repair database is split up into nine categories, with each containing countless subcategories for basically any type of device you'd find in a medical setting. For instance, the clinical equipment category contains 53 subcategories for everything from anesthesia systems and Bilevel Positive Airway Pressure (BiPAP) machines to respiratory analyzers and ventilators. The database also has medical training manuals, information on medical furniture like decontamination systems and hospital beds, and an exhaustive section on surgical equipment repair and maintenance. Wiens explains in iFixit's announcement post that some medical device manufacturers make this information more easily available online than others. "But for their day-to-day work, biomeds have long relied on a rag-tag set of web resources to get the job done. Among the most popular is Frank's Hospital Workshop, a Tanzania-based site that hosts hundreds of medical device manuals -- it's the unofficial biomed bible," Wiens writes. The goal was not to outdo that website or try to overtake it in popularity, but to add new documents and manuals that weren't available before to a database including existing resources. Another bonus: the website will not make money on this project. "We are providing hosting and curation free of charge, and free of advertising, to the medical community," Wiens says.

An anonymous reader quotes a report from VentureBeat: It's finally happening. Microsoft is giving developers a command line interface to install their favorite tools. That's right -- at Build 2020 today, Microsoft announced Windows Package Manager in preview. This is not simply about helping developers build for Windows. It's about helping developers and businesses embrace Windows. Microsoft is on a mission to get developers to love using Windows over macOS and Linux. Part of that mission involves releasing tools like Windows Terminal for enterprises and improving WSL for anyone who needs Linux while they code. Another part is helping developers (and IT admins) set up their Windows environments as effortlessly as possible. In a similar vein, Microsoft today also threw in highly requested features for PowerToys: Run and Keyboard Remapper. But the former is definitely the bigger news.

Windows Package Manager is a command line interface for searching, viewing, and installing commonly used developer tools. Developers list their applications in a GitHub repository; the package manager grabs and installs them. Even better, Windows Package Manager is open source -- Microsoft is asking for developers to help improve it.

"The makers of the widely used JavaScript server-side runtime, Node.js, have released Deno 1.0, a new runtime for JavaScript and TypeScript that addresses 'design mistakes' in Node.js," reports ZDNet: Just like Node.js or Node, the Deno runtime is for executing JavaScript outside a web browser. However, unlike Node.js, Deno offers first-class support for Microsoft's increasingly popular Typescript, a superset of JavaScript designed for large projects... "With the changing JavaScript language, and new additions like TypeScript, building Node projects can become an arduous endeavor, involving managing build systems and other heavy-handed tooling that takes away from the fun of dynamic language scripting," writes Node.js creator Ryan Dahl in a blogpost co-authored by fellow Deno developers Bert Belder and Bartek Iwanczuk...

Deno is based on Google's Chromium V8 JavaScript engine.
While its standard modules are all written in TypeScript, Infoworld points out that Deno "can be a replacement for utility scripts that may have been written in Python or Bash... Deno was designed as a series of Rust crates to allow integration at different layers." (A blog post by its developers notes Deno "makes it easy to bind Rust future-based APIs into JavaScript promises.")

But "Like a web browser, it knows how to fetch external code," the developers wrote, calling Deno "a web browser for command-line scripts" while arguing that with Node, "the mechanism for linking to external libraries is fundamentally centralized through the NPM repository, which is not inline with the ideals of the web... Also like browsers, [Deno] code is executed in a secure sandbox by default. Scripts cannot access the hard drive, open network connections, or make any other potentially malicious actions without permission." In an interview Dahl tells JAXenter they're already keeping an index of third party modules that work on Deno at https://deno.land/x/.

"It's important to understand that Deno is not a fork of Node," the developers' blog post explains. "It's a completely new implementation..."

"One last thing," the blog post concludes. "Consider supporting this open source software work by pre-ordering a Deno v1.0 hoodie."

Long-time Slashdot reader bbsguru shares a story from the alternative newsweekly the Arkansas Times. "A computer programmer applying for unemployment on Arkansas's Pandemic Unemployment Assistance program discovered a vulnerability in the system that exposed the Social Security numbers, bank account and routing numbers and other sensitive information of some 30,000 applicants.

"Anyone with basic computer knowledge could have accessed personal information for malicious purposes." Alarmed, the computer programmer called the Arkansas Division of Workforce Services Friday morning and was told by an operator that there was no one available who could talk to him. He then tried someone at the Arkansas State Police Criminal Investigation Division, who told the programmer he would find the person he needed to talk with to fix the situation. The programmer later called the Arkansas Times for advice on whom to call. The Times alerted the Division of Workforce Services to the issue at 4:30 p.m. Soon after a message appeared on the website that said, "The site is currently under maintenance...."

In exploring the website, the computer programmer determined that by simply removing part of the site's URL, he could access the administrative portal of the site, where he had the option of editing the personal information of applicants, including bank account numbers. From the admin portal, he viewed the page's source code and saw that the site was using an API (application programming interface) to connect with a database. That API was also left unencrypted, and he could access all of the applicants' raw data, included Social Security numbers and banking information...

The computer programmer said he thought he could have programmed a script that would gather all of the information from the API in under an hour.

An anonymous reader quotes a report from 9to5Mac: A massive data breach dubbed db8151dd has exposed the records of 22M people -- including addresses, phone numbers, and social media links. But the source of the data is a mystery. I got an email alert this morning from the haveibeenpwned.com site telling me that my details were included. The exposed data appears extensive: "Email addresses, Job titles, Names, Phone numbers, Physical addresses, Social media profiles." However, Troy Hunt, who runs the site, said that nobody has been able to identify where the information came from.

That 'interesting' data appears to come from customer relationship management (CRM) systems, including things like: "Recommended by Andie [redacted last name]. Arranged for carpenter apprentice Devon [redacted last name] to replace bathroom vanity top at [redacted street address], Vancouver, on 02 October 2007." Best guess is it's some kind of aggregated data from a number of sources, but as neither Hunt nor other information security professionals have been able to identify any of them despite attempts lasting almost three months, it appears the details of the privacy breach may remain a mystery. Hunt says there's almost 90GB of personal information in the open database.

"Back in Feb, Dehashed reached out to me with a massive trove of data that had been left exposed on a major cloud provider via a publicly accessible Elasticsearch instance. It contained 103,150,616 rows in total," writes Hunt. "The global unique identifier beginning with 'db8151dd' features heavily on these first lines hence the name I've given the breach. I've had to give it this name because frankly, I've absolutely no idea where it came from, nor does anyone else I've worked on with this."

Ivan Mehta, writing for The Next Web: For years, IDEs (Integrated Development Environment) have tried to make development quicker by predicting the next part of a developer's code. Now, startups like Codota are using AI to help developers with code completion on any code editor. The Israel-based startup was found in 2015 by Dror Weiss and Eran Yahav. Codota's free-to-use autocomplete plug-in supports major languages such as Java, Python, Javascript, PHP, and Rust across major IDEs such as Eclipse and Android Studio. Yahav told me that Codota differs from other code completion AIs as it's able to predict the next token completion by leaning on an AI-based code 'dictionary.'

White supremacists have reportedly built a website that names, shames, and effectively promotes violence against interracial couples and families -- "and it's been circulated in some of the darkest corners of the internet, including in neo-Nazi Discord servers and accelerationist Telegram channels," reports VICE News. An anonymous reader shares the report: The website was created in April but was taken offline after their initial hosting provider cut ties with them. They then found a home with one of Russia's largest domain registrars, R01. VICE News contacted R01 on Tuesday to ask whether the site violated their policies. An hour later, the site was taken offline, but as of Wednesday morning it was back up. Tatiana Agafonova, a spokesperson for R01, wrote in an email that the company would "diligently render its services to customers" unless a court rules otherwise or they're contacted by law enforcement. The owner of the website shields their identity and location through Cloudflare, a U.S.-based security company that protects customers from DDoS attacks (attempts to crash a website by overwhelming it with data). VICE News contacted Cloudflare to ask how this particular website squared with their policies. They declined to comment on individual websites but directed us to their blog from February 2019, where they "address complaints about content." Their bottom line was that Cloudflare is a security company, and content moderation isn't really their responsibility.

[O]ther online extremists have gotten very good at evading tech crackdowns by employing an ever-evolving shared language of memes and euphemisms used to signpost for the same racist views. The website in question uses the same strategy, which seems to be carefully crafted in an effort to shield the owner from liability. The owner even explicitly states on the site that they do not encourage violence -- all they're doing is listing names and social media accounts as part of a database of "white women who have an interest in black men." One section is titled "toll paid," and it lists women who have been in interracial relationships, and had something horrible happen to them, like death or injury. [...]

The owner of the website claims that the "toll paid" section is intended to catalog incidents where white women are victims of black violence, and isn't an incitement. But "all the disclaimers in the world" may not be enough to protect them from a lawsuit some day, especially if someone is harassed or harmed as a result, says Subodh Chandra, a former federal prosecutor who has handled high-profile civil rights cases, including a recent case against the Daily Stormer.

The Python Software Foundation and JetBrains collected over 24,000 responses for the third annual Python Developer's Survey. Among its findings: 59% said they used Python for data analysis, "followed by web development at 51%, and machine learning at 40%," reports ZDNet: Other major applications of Python include DevOps and system administration (39%), programming web tools like crawlers (37%), software testing (31%), education (26%), software prototyping (25%), network programming (21%), desktop development (18%), computer graphics (14%), embedded system development (8%), game development (7%) and mobile development (6%).

However, at 28%, web development remains the top purpose when respondents were asked what they used Python for the most. It is followed by data analysis (18%), machine learning (13%), and DevOps, and system administration (9%).

Good news given that the final version of Python 2 was just released, the survey found that 90% are using Python 3, up from 84% in 2018. Of those still on Python 2, 45% are using it for web development, and 41% are using it for DevOps and system administration. PSF speculates that web development's dominance in Python 2 is because of legacy code...

Some 68% of Python developers are building on Linux, followed by Windows at 48%, while macOS has a 29% share...

The PyCharm integrated development environment (IDE) from JetBrains is once again the top IDE with a 33% share, followed by Microsoft's open-source cross-platform editor VS Code with a 24% share.

Python adoption is often attributed to its moderate learning curve. The survey found that 44% of users have just two years' experience and 30% had three to five years' experience.

Charlotte Web writes: Since 2001 the TIOBE Index has been ranking top results for the search query +"<language> programming" on the top 25 search engines. "This month, C moved up past Java and entered the number one position," reports JAXenter.

"There's a new number one. (Or, should we say an old number one?)"

"Java and C were already very close in April, but this month C surpasses Java again," explains Paul Jansen CEO TIOBE Software. He also points out that the last time C was number one was back in 2015, suggesting that today embedded software languages like C and C++ "are gaining popularity because these are used in software for medical devices."

"On another note, it is also worth mentioning that Rust is really getting close to the top 20 now (from #27 to #21 within one month)."

"Perl, on the other hand, might be on its way off of the charts," argues JAXenter, "if it continues its downward trend. This month it saw a rate of change of -0.51%. It is currently number 18 on the list, but in May 2019 it was number 13."
Python also passed C++ to take the #3 spot, while C# overtook Visual Basic for the #5 spot. ("Classic Visual Basic" also lost the #16 spot to PL/SQL).

Even PHP rose a notch, pushing past SQL to take the #8 spot, and Scratch also moved up one, overtaking Objective C for the #19 position.

Lots of developers really want to learn Go, a programming language for large systems created by Google, meanwhile most developers are sick of attending meetings, and most of those working at multinational corporations aren't happy there. From a report: That's according to the results of a survey of over 16,655 developers from 76 countries carried out by HackerEarth, a company with offices in India and San Francisco that provides tools for recruiters to remotely assess developer coding skills. Go comes out top of the languages most developers want to know. The survey finds that 32% of experienced developers pick Go as the programming language they want to learn, well ahead of Python, which 24% say they want to learn. The desire for learning Go lines up with the results of a similar survey by remote developer hiring firm HackerRank. Go is used at Google, Netflix, American Express, Salesforce, IBM, Target, Twitch, Twitter, Uber, and Dropbox.

The MPA, MPA-Canada, and Amazon have filed a request with Github requesting that a Kodi add-on developer's account be deleted from the platform. Citing a copyright case and a permanent injunction handed down by Canada's Federal Court, the content companies claim that the account is still being used to infringe their rights. Github has left the account intact, however. TorrentFreak reports: In February 2018, a developer known online as 'Blamo' (aka 'Mr. Blamo') revealed that he, in common with several of his counterparts, had been threatened by content companies. From there the trail went cold but according to a complaint filed against Github this week, legal action in Canada followed. On September 7, 2018, a dozen companies including the studios of the MPA/MPA-Canada plus Amazon and Netflix launched a copyright infringement lawsuit at Canada's Federal Court against an individual "doing business" as Mr. Blamo.

"In the context of that action, our clients alleged that [Blamo] notably developed, hosted, promoted and distributed infringing add-ons for the Kodi media center, which provided unauthorized access to motion pictures and television content for which the copyright is owned by our clients," the MPA writes. According to Federal Court records, Blamo did not mount any kind of defense so as a result, the matter was decided in his absence. On January 15, 2019, the Federal Court handed down a final judgment, including a declaration of infringement and a permanent injunction. "The permanent injunction enjoins and restrains [Blamo] from, inter alia, hosting, distributing or promoting infringing Kodi add-ons and their repositories, including notably the 'Blamo' repository and the "Chocolate Salty Balls' infringing add-ons," the MPA adds.

The problem here is that, according to the MPA and associated companies, Blamo has a Github account where it is claimed he continues to "host and distribute infringing Kodi add-ons and their repository, including notably the Chocolate Salty Balls infringing add-on and the Blamo repository." This, the MPA says, amounts to contempt of court. What's particularly interesting here, however, is that the MPA isn't asking for the specified URLs to be deleted. Instead, it asks for Blamo's entire Github account to be deactivated instead.