An anonymous reader shares a report: Elastic isn't the only open source cloud tool company currently looking over its shoulder at AWS. In 2018 alone, at least eight firms have made similar "rule changes" designed to ward off what they see as unfair competition from a company intent on cannibalizing their services. In his blog post, Adrian Cockcroft, VP of cloud architecture strategy at Amazon Web Services (AWS), argued that by making part of its product suite proprietary, Elastic was betraying the core principles of the open source community. "Customers must be able to trust that open source projects stay open," Cockcroft wrote. "When important open source projects that AWS and our customers depend on begin restricting access, changing licensing terms, or intermingling open source and proprietary software, we will invest to sustain the open source project and community."

AWS's announcement did not attract the immediate attention of the Democratic presidential candidates or the growing cadre of antitrust activists who have recently set their sights on Amazon. But in the world of open source and free software, where picayune changes in arcane language can spark the internet equivalent of the Hundred Years War, the release of AWS's Open Distro for Elasticsearch launched a heated debate. [...] Sharone Zitzman, a respected commentator on open source software and the head of developer relations at AppsFlyer, an app development company, called Amazon's move a "hostile takeover" of Elastic's business. Steven O'Grady, co-founder of the software industry analyst firm RedMonk, cited it as an example of the "existential threat" that open source companies like Elastic believe a handful of cloud computing giants could pose.

Databricks, the company founded by the original developers of the Apache Spark big data analytics engine, today announced that it has open-sourced Delta Lake, a storage layer that makes it easier to ensure data integrity as new data flows into an enterprise's data lake by bringing ACID transactions to these vast data repositories. TechCrunch reports: Delta Lake, which has long been a proprietary part of Databrick's offering, is already in production use by companies like Viacom, Edmunds, Riot Games and McGraw Hill. The tool provides the ability to enforce specific schemas (which can be changed as necessary), to create snapshots and to ingest streaming data or backfill the lake as a batch job. Delta Lake also uses the Spark engine to handle the metadata of the data lake (which by itself is often a big data problem). Over time, Databricks also plans to add an audit trail, among other things.

What's important to note here is that Delta lake runs on top of existing data lakes and is compatible with the Apache spark APIs. The company is still looking at how the project will be governed in the future. "We are still exploring different models of open source project governance, but the GitHub model is well understood and presents a good trade-off between the ability to accept contributions and governance overhead," said Ali Ghodsi, co-founder and CEO at Databricks. "One thing we know for sure is we want to foster a vibrant community, as we see this as a critical piece of technology for increasing data reliability on data lakes. This is why we chose to go with a permissive open source license model: Apache License v2, same license that Apache Spark uses." To invite this community, Databricks plans to take outside contributions, just like the Spark project.

An anonymous reader quotes a report from VentureBeat: Google today launched Chrome 74 for Windows, Mac, Linux, Android, and iOS. The release includes support for a reduced motion media query, private class fields, feature policy improvements, and more developer features. You can update to the latest version now using Chrome's built-in updater or download it directly from google.com/chrome.

Motion sickness in the browser is a real thing. Android provides an accessibility option to reduce motion whenever possible, as shown above in the âoeremove animationsâ setting. Chrome is now taking that a step further so websites can limit motion sickness when viewing parallax scrolling, zooming, and other motion effects. Chrome 74 introduces prefers-reduced-motion (part of Media Queries Level 5) that allows websites to honor when an operating system is set to limit motion effects. This might not seem like a big deal today, but it could be very useful if websites start abusing motion effects. Check out the full changelog for more information on this release.

Alex Gaynor is a software engineer at Mozilla working on Firefox, after previously serving as a director of both the Python Software Foundation and the Django Software Foundation.

In a new blog post today, he argues that memory unsafe languages, "principally C and C++," induce an exceptional number of security vulnerabilities, and that the industry needs to migrate to memory-safe languages like Rust and Swift by default. One of the responses I frequently receive is that the problem isn't C and C++ themselves, developers are simply holding them wrong. In particular, I often receive defenses of C++ of the form, "C++ is safe if you don't use any of the functionality inherited from C" or similarly that if you use modern C++ types and idioms you will be immune from the memory corruption vulnerabilities that plague other projects. I would like to credit C++'s smart pointer types, because they do significantly help. Unfortunately, my experience working on large C++ projects which use modern idioms is that these are not nearly sufficient to stop the flood of vulnerabilities...

Modern C++ idioms introduce many changes which have the potential to improve security: smart pointers better express expected lifetimes, std::span ensures you always have a correct length handy, std::variant provides a safer abstraction for unions. However modern C++ also introduces some incredible new sources of vulnerabilities: lambda capture use-after-free, uninitialized-value optionals, and un-bounds-checked span.

My professional experience writing relatively modern C++, and auditing Rust code (including Rust code that makes significant use of unsafe) is that the safety of modern C++ is simply no match for memory safe by default languages like Rust and Swift (or Python and JavaScript, though I find it rare in life to have a program that makes sense to write in either Python or C++). There are significant challenges to migrating existing, large, C and C++ codebases to a different language -- no one can deny this. Nonetheless, the question simply must be how we can accomplish it, rather than if we should try.
The post highlights what he describes as "completely modern C++ idioms which produce vulnerabilities" -- including an example of dangling pointers "despite our meticulous use of smart pointers throughout..."

"Even with the most modern C++ idioms available, the evidence is clear that, at scale, it's simply not possible to hold C++ right."

"Red Hat is taking over maintenance responsibilities for OpenJDK 8 and OpenJDK 11 from Oracle," reports InfoWorld: Red Hat will now oversee bug fixes and security patches for the two older releases, which serve as the basis for two long-term support releases of Java. Red Hat's updates will feed into releases of Java from Oracle, Red Hat, and other providers... Previously, Red Hat led the OpenJDK 6 and OpenJDK 7 projects. Red Hat is not taking over OpenJDK 9 or OpenJDK 10, which were short-term releases with a six-month support window.

"At the first annual charity event conducted by Puget Sound Programming Python on April 2, four legendary language creators came together to discuss the past and future of language design," reports PacktPub.

- Guido van Rossum, the creator of Python
- James Gosling, the founder, and lead designer behind the Java programming language
- Anders Hejlsberg, the original author of Turbo Pascal who has also worked on the development of C# and TypeScript
- Larry Wall, the creator of Perl

You can watch the video here -- the speaker introductions start about 50 minutes into the video-- or read PacktPub's summary of the event: Guido van Rossum said designing a programming language is very similar to the way JK Rowling writes her books, the Harry Potter series... He says JK Rowling is a genius in the way that some details that she mentioned in her first Harry Potter book ended up playing an important plot point in part six and seven... When designing a language we start with committing to certain details like the keywords we want to use, the style of coding we want to follow, etc. But, whatever we decide on we are stuck with them and in the future, we need to find new ways to use those details, just like Rowling...

When James Gosling was asked how Java came into existence and what were the design principles he abided by, he simply said, "it didn't come out of like a personal passion project or something. It was actually from trying to build a prototype.... It started out as kind of doing better C and then it got out of control that the rest of the project really ended up just providing the context." In the end, the only thing out of that project survived was Java...

Larry Wall wanted to create a language that was more like a natural language. Explaining through an example, he said, "Instead of putting people in a university campus and deciding where they go we're just gonna see where people want to walk and then put shortcuts in all those places." A basic principle behind creating Perl was to provide APIs to everything. It was aimed to be both a good text processing language linguistically but also a glue language....

Similar to the views of Guido van Rossum, Anders Hejlsberg adds that any decision that you make when designing a language you have to live with it. When designing a language you need to be very careful about reasoning over what "not" to introduce in the language.
There was also some discussion of types -- Gosling believes they help improve performance, while Hejlsberg said types are also useful when building coding tools. "It turns out that you can actually be more productive by adding types if you do it in a non-intrusive manner and if you work hard on doing good type inference and so forth." In fact, Hejlsberg told the audience that the TypeScript project was inspired by massive "write-only" JavaScript code bases, while a semantic understanding (including a type system) makes refactoring easier.

Guido van Rossum acknowledged that TypeScript "is actually incredibly useful and so we're adding a very similar idea to Python. We are adding it in a slightly different way because we have a different context.... I've learned a painful lesson, that for small programs dynamic typing is great. For large programs, you have to have a more disciplined approach. And it helps if the language actually gives you that discipline, rather than telling you, 'Well, you can do whatever you want.'"

In the video Larry Wall says the Perl 6 team had also noticed the limitations of loose typing, and added a robust type system to Perl 6 to "help with programming in the large."

This was the first annual benefit for CSforALL, a group promoting high-quality computer science classes at every grade level.

Slashdot reader omfglearntoplay shared this article from IEEE's Spectrum. In "How the Boeing 737 Max Disaster Looks to a Software Developer," pilot (and software executive) Gregory Travis argues Boeing tried to avoid costly hardware changes to their 737s with a flawed software fix -- specifically, the Maneuvering Characteristics Augmentation System (or MCAS): It is astounding that no one who wrote the MCAS software for the 737 Max seems even to have raised the possibility of using multiple inputs, including the opposite angle-of-attack sensor, in the computer's determination of an impending stall. As a lifetime member of the software development fraternity, I don't know what toxic combination of inexperience, hubris, or lack of cultural understanding led to this mistake. But I do know that it's indicative of a much deeper problem. The people who wrote the code for the original MCAS system were obviously terribly far out of their league and did not know it.

So Boeing produced a dynamically unstable airframe, the 737 Max. That is big strike No. 1. Boeing then tried to mask the 737's dynamic instability with a software system. Big strike No. 2. Finally, the software relied on systems known for their propensity to fail (angle-of-attack indicators) and did not appear to include even rudimentary provisions to cross-check the outputs of the angle-of-attack sensor against other sensors, or even the other angle-of-attack sensor. Big strike No. 3... None of the above should have passed muster. None of the above should have passed the "OK" pencil of the most junior engineering staff... That's not a big strike. That's a political, social, economic, and technical sin...

The 737 Max saga teaches us not only about the limits of technology and the risks of complexity, it teaches us about our real priorities. Today, safety doesn't come first -- money comes first, and safety's only utility in that regard is in helping to keep the money coming. The problem is getting worse because our devices are increasingly dominated by something that's all too easy to manipulate: software.... I believe the relative ease -- not to mention the lack of tangible cost -- of software updates has created a cultural laziness within the software engineering community. Moreover, because more and more of the hardware that we create is monitored and controlled by software, that cultural laziness is now creeping into hardware engineering -- like building airliners. Less thought is now given to getting a design correct and simple up front because it's so easy to fix what you didn't get right later.
The article also points out that "not letting the pilot regain control by pulling back on the column was an explicit design decision. Because if the pilots could pull up the nose when MCAS said it should go down, why have MCAS at all?

"MCAS is implemented in the flight management computer, even at times when the autopilot is turned off, when the pilots think they are flying the plane."

Rogers Cadenhead (Slashdot reader #4,482) writes: Joe Armstrong, the computer scientist best known as one of the creators of the Erlang programming language, died Saturday. Erlang Solutions founder Francesco Cesarini shared the news on Twitter and said, "His work has laid the foundation which will be used by generations to come. RIP @joeerl, thank you for inspiring us all."

Erlang was created by Armstrong, Robert Virding and Mike Williams at the Ericsson telecom company in 1986 and became open source 12 years later. It is known for functional programming, immutable data, code hot-swapping and systems that require insanely high levels of availability.
In another Tweet, Cesarini asks people to share their own memories of Armstrong -- " funny, enlightening or plain silly." And Ulf Wiger, who describes himself as an Erlang old-timer, remembered giving a talk about how to avoid projects dominated by mediocrity. "I used Joe as an example of a 'brilliant developer, but hard to fit into a regular project.'"

Joe had replied, "I am very EASY to fit into regular projects! It's just that so few projects are regular..."

Microsoft has introduced a new open source programming language called Bosque that aspires to be simple and easy to understand by embracing algebraic operations and shunning techniques that create complexity. From a report: Bosque was inspired by the syntax and types of TypeScript and the semantics of ML and Node/JavaScript. It's the brainchild of Microsoft computer scientist Mark Marron, who describes the language as an effort to move beyond the structured programming model that became popular in the 1970s. The structured programming paradigm, in which flow control is managed with loops, conditionals, and subroutines, became popular after a 1968 paper titled "Go To Statement Considered Harmful" by computer scientist Edsger Dijkstra. Marron believes we can do better by getting rid of sources of complexity like loops, mutable state, and reference equality. The result is Bosque, which represents a programming paradigm that Marron, in a paper he wrote, calls "regularized programming."

You can now download the source code of every Infocom text adventure game, thanks to archivist Jason Scott who uploaded the code to GitHub. "There are numerous repositories under the name historicalsource, each for a different game," reports Ars Technica. "Titles include, but are not limited to, The Hitchhiker's Guide to the Galaxy, Planetfall, Shogun, and several Zork games -- plus some more unusual inclusions like an incomplete version of Hitchhiker's sequel The Restaurant at the End of the Universe, Infocom samplers, and an unreleased adaptation of James Cameron's The Abyss." From the report: The code was uploaded by Jason Scott, an archivist who is the proprietor of textfiles.com. His website describes itself as "a glimpse into the history of writers and artists bound by the 128 characters that the American Standard Code for Information Interchange (ASCII) allowed them" -- in particular those of the 1980s. He announced the GitHub uploads on Twitter earlier this week. The games were written in the LISP-esque "Zork Implementation Language," or ZIL, which you could be forgiven for not being intimately familiar with already. Fortunately, Scott also tweeted a link to a helpful manual for the language on archive.org. Gamasutra, which first reported the news, notes that Activision still owns the rights to Infocom games and could request a takedown if it wanted.

AmiMoJo writes: It's time to buy a new chair so I'm turning to Slashdot for recommendations. The Herman Miller Aeron seems to be the go-to, much like the Model M for keyboards, but I've heard that there are some other good options on the market.

I need something that is comfortable and durable -- too many chairs get squeaky and loose because I can't sit still and keep shifting my weight around. Many are difficult to maintain as well, e.g. the screws attacking the back are often under plastic attached with very stiff clips so you can't easily give them a quick tighten. What does Slashdot recommend for my posterior? It's been more than a decade since readers sought recommendations for a quality chair for desktop coding, or back-friendly chairs. In fact, it's been almost two decades since a user inquired about the perfect computer chair. Hopefully office chairs have improved in quality/design since then...

An anonymous reader quotes a report from VentureBeat: In a step toward its goal of building out a data science development stack for web browsers, Mozilla today detailed Pyodide, an experimental Python project that's designed to perform computation without the need for a remote kernel (i.e., a program that runs and inspects code). As staff data engineer Mike Droettboom explained in a blog post, it's a standard Python interpreter that runs entirely in the browser. And while Pyodide isn't exactly novel -- projects like Transcrypt, Brython, Skulpt, and PyPyJs are among several efforts to bring Python to browsers -- it doesn't require a rewrite of popular scientific computing tools (like NumPy, Pandas, Scipy, and Matplotlib) to achieve adequate performance, and its ability to convert built-in data types enables interactions among browser APIs and other JavaScript libraries.

Pyodide is built on WebAssembly, a low-level programming language that runs with near-native performance, and emscripten (specifically a build of Python for emscripten dubbed "cpython-emscripten"), which comprises a compiler from C and C++ to WebAssembly and a compatibility layer. Emscripten additionally provides a virtual file system (written in JavaScript) that the Python interpreter can use, in which files disappear when the browser tab is closed. To use Pyodide, you'll need the compiled Python interpreter as WebAssembly, JavaScript from emscripten (which provides the system emulation), and a packaged file system containing the files required by the Python interpreter. Once all three components are downloaded, they'll be stored in your browser's cache, obviating the need to download them again. The report notes that "the Python interpreter inside the JavaScript virtual machine runs between one to 12 times slower in Firefox and up to 16 times slower on Chrome."

Volkswagen will use Chinese software developers to help design a global autonomous vehicle architecture thanks to the prevalence of qualified programmers which carmakers are struggling to hire elsewhere, senior executives said on Monday. Reuters reports: As carmakers scramble to develop advanced driver assistance systems and autonomous driving functions, carmakers are struggling to find qualified engineers to build the software algorithms needed to teach cars the right reflexes. Volkswagen has 4,000 engineers in China, with an average age of 29, spread over five research and development sites and a rapidly growing number of software engineers. "In a short period from now they will be able to do 15 to 20 million lines of programming code on an annual basis," Volkswagen China's passenger cars chief Stephan Woellenstein said in Shanghai on Monday.

The prevalence of software engineers, combined with the country's willingness to roll out the infrastructure for connected and self-driving cars, will make China one of the first markets in which autonomous cars gain widespread acceptance, VW managers said. As a result, Chinese suppliers will help Volkswagen Group to design a global autonomous vehicle architecture, he said.

An anonymous reader quotes Reuters: Richard Liu, the founder of Chinese e-commerce giant JD.com Inc, has weighed in on an ongoing debate about the Chinese tech industry's grueling overtime work culture, lamenting that years of growth had increased the number of "slackers" in his firm who are not his "brothers...." Liu, who started the company that would become JD.com in 1998, in the note spoke about how in the firm's earliest days he would set his alarm clock to wake him up every two hours to ensure he could offer his customers 24-hour service -- a step he said was crucial to JD's success...

The '996' work schedule, which refers to a 9 a.m. to 9 p.m. workday, six days a week, has in particular become the target of online debate and protests on some coding platforms, where workers have swapped examples of excessive overtime demands at some firms. Liu said JD did not force its staff to work the "996" or even a "995" overtime schedule. "But every person must have the desire to push oneself to the limit!" he said.
JD disputed reports that the company would be cutting up to 8% of its workforce, but did say "We're getting back to those roots as we seek, develop and reward staff who share the same hunger and values... JD.com is a competitive workplace that rewards initiative and hard work, which is consistent with our entrepreneurial roots."

JD's investors include Walmart and Google.

angel'o'sphere shares a report: The annual Stack Overflow survey is one of the most comprehensive snapshots of how programmers work, with this year's poll being taken by almost 90,000 developers across the globe. This year's survey details which languages developers enjoy using, which are associated with the best paid jobs, which are most commonly used, as well as developers' preferred frameworks, databases, and integrated development environments.

Python's versatility continues to fuel its rise through Stack Overflow's rankings for the "most popular" languages, which lists the languages most widely used by developers. This year's survey finds Python to be the fastest-growing major programming language, with Python edging out Android and enterprise workhorse Java to become the fourth most commonly used language. [...] More importantly for developers, this popularity overlaps with demand for the language, with Julia Silge, data scientist at Stack Overflow, saying that jobs data gathered by Stack Overflow also shows Python to be one of the most in-demand languages sought by employers.

[...] Rust may not have as many users as Python or JavaScript but it has earned a lot of affection from those who use it. For the fourth year running, the language tops Stack Overflow's list of "most-loved" languages, which means the proportion of Rust developers who want to continue working with it is larger than that of any other language.[...] Go stands out as a language that is well paid, while also being sought after and where developers report high levels of job satisfaction. Full report here.

JavaScript library manager NPM on Wednesday apologized for its handling of a contentious round of recent layoffs. The Register reports: The company statement, which comes a week after product manager Rebecca Turner resigned in protest, is co-signed by chief executive officer Bryan Bogensberger, chief product officer Isaac Schlueter and chief data officer Laurie Voss. "Recently, we let go of five people in a company restructuring," the statement says. "The way that we undertook the process, unfortunately, made the terminations more painful than they needed to be, which we deeply regret, and we are sorry." By way of explanation, the statement attributes the changes at the company to shifting the firm's source of financial sustenance from venture funding to product revenue. That requires "new levels of commitment, delivery, and accountability," the implementation of which "has been uncomfortable at times."

In response to a question posed by The Register via Twitter, the company's former CTO CJ Silverio said, "The main thing I want to note is how NPM's statement is not an apology by [Isaac's] own standards. His blog post about apologies is very clear about the three things an apology must contain, and it seems to me that all three items were missing from that statement. It said nothing substantive. It went so far as to blame NPM's users for forcing them into the move."

An anonymous reader writes: If you were paying close attention during Google Cloud Next 2019 yesterday, you may have heard talk of Cloud Code. The new developer tool was only mentioned briefly, but today Google offered more details. Cloud Code extends two Integrated Development Environments (IDEs), IntelliJ and Visual Studio Code, to cloud-native Kubernetes applications. Google's message here is that moving to the cloud isn't just about data. It can also be about code, and the developers who write it. IDEs are designed for editing, compiling, and debugging code for local applications. Google wants to adapt them to developing applications for the cloud.

Developer and blogger Guilherme Rambo, writing for 9to5Mac: Fellow developer Steve Troughton-Smith recently expressed confidence about some evidence found indicating that Apple is working on new Music, Podcasts, and perhaps Books apps for macOS, to join the new TV app. I've been able to independently confirm that this is true. On top of that, I've been able to confirm with sources familiar with the development of the next major version of macOS -- likely 10.15 -- that the system will include standalone Music, Podcasts, and TV apps, but it will also include a major redesign of the Books app.

The new Books app will have a sidebar similar to the News app on the Mac, it will also feature a narrower title bar with different tabs for the Library, Book Store, and Audiobook Store. On the library tab, the sidebar will list the user's Books, Audiobooks, PDFs and other collections, including custom ones. The new Music, Podcasts, and TV apps will be made using Marzipan, Apple's new technology designed to facilitate the porting of iPad apps to the Mac without too many code changes. Further reading: Steven Troughton-Smith Thinks iTunes Breakup is Nigh (DaringFireball).

C++ has knocked machine-learning favorite Python out of the top 3 in the TIOBE Index of popular programming languages. From a report: It marks a reversal of fortune for C++, which, after years of occupying third place in the index, was pushed down to fourth place by Python in September last year. First and second place in the list remain unchanged, with Java in pole position and C at number two. The TIOBE Index attempts to estimate the popularity of languages worldwide based on results from major search engines. The index is sometimes criticized for being a rather blunt measure, likely to be influenced by a range of factors beyond a language's popularity, but its rankings are broadly in line with others, with a similar mix of languages albeit arranged in a different order.

In an analysis alongside the latest figures, TIOBE attributes the comeback of C++ to a surge in its popularity, rather than a fall in the use of Python. "This is certainly not because Python is in decline: Python is scoring all time highs almost every month. It is just that C++ is also getting more and more popular," it writes. The report credits this growing interest in C++ to C++11, the version of the language released in 2011 that TIOBE said made C++ "much simpler, safer and more expressive."

Long-time Slashdot reader theodp writes: While Apple CEO Tim Cook may not be able to force schoolchildren to code, there's no law against Cook and Apple using Sesame Street to make preschoolers want to code. Among the original Apple TV+ shows Cook announced at Apple's March Event was Helpsters, an "incredible new preschool show" about coding from "the peeps at Sesame Workshop and Apple."

In a skit on stage at the Steve Jobs Theater [available on YouTube], a Helpster monster from the new show named "Cody" (get it!) explains to Big Bird, "See, coding fosters collaboration, critical-thinking skills, and is an essential language that every child can learn. By teaching preschoolers about coding, we are giving them the opportunity to change the world."
One site described Cody as "a sociopathic tech recruiter muppet," complaining that "Teaching kids about technology is fine. But this is just creepy." They also objected to the show's targeting of pre-schoolers.

"From a developmental point of view, most experts agree very young children should be working on figuring out how to share their toys, not thinking about how to program them."