Alex Gaynor is a software engineer at Mozilla working on Firefox, after previously serving as a director of both the Python Software Foundation and the Django Software Foundation.

In a new blog post today, he argues that memory unsafe languages, "principally C and C++," induce an exceptional number of security vulnerabilities, and that the industry needs to migrate to memory-safe languages like Rust and Swift by default. One of the responses I frequently receive is that the problem isn't C and C++ themselves, developers are simply holding them wrong. In particular, I often receive defenses of C++ of the form, "C++ is safe if you don't use any of the functionality inherited from C" or similarly that if you use modern C++ types and idioms you will be immune from the memory corruption vulnerabilities that plague other projects. I would like to credit C++'s smart pointer types, because they do significantly help. Unfortunately, my experience working on large C++ projects which use modern idioms is that these are not nearly sufficient to stop the flood of vulnerabilities...

Modern C++ idioms introduce many changes which have the potential to improve security: smart pointers better express expected lifetimes, std::span ensures you always have a correct length handy, std::variant provides a safer abstraction for unions. However modern C++ also introduces some incredible new sources of vulnerabilities: lambda capture use-after-free, uninitialized-value optionals, and un-bounds-checked span.

My professional experience writing relatively modern C++, and auditing Rust code (including Rust code that makes significant use of unsafe) is that the safety of modern C++ is simply no match for memory safe by default languages like Rust and Swift (or Python and JavaScript, though I find it rare in life to have a program that makes sense to write in either Python or C++). There are significant challenges to migrating existing, large, C and C++ codebases to a different language -- no one can deny this. Nonetheless, the question simply must be how we can accomplish it, rather than if we should try.
The post highlights what he describes as "completely modern C++ idioms which produce vulnerabilities" -- including an example of dangling pointers "despite our meticulous use of smart pointers throughout..."

"Even with the most modern C++ idioms available, the evidence is clear that, at scale, it's simply not possible to hold C++ right."

"Red Hat is taking over maintenance responsibilities for OpenJDK 8 and OpenJDK 11 from Oracle," reports InfoWorld: Red Hat will now oversee bug fixes and security patches for the two older releases, which serve as the basis for two long-term support releases of Java. Red Hat's updates will feed into releases of Java from Oracle, Red Hat, and other providers... Previously, Red Hat led the OpenJDK 6 and OpenJDK 7 projects. Red Hat is not taking over OpenJDK 9 or OpenJDK 10, which were short-term releases with a six-month support window.

"At the first annual charity event conducted by Puget Sound Programming Python on April 2, four legendary language creators came together to discuss the past and future of language design," reports PacktPub.

- Guido van Rossum, the creator of Python
- James Gosling, the founder, and lead designer behind the Java programming language
- Anders Hejlsberg, the original author of Turbo Pascal who has also worked on the development of C# and TypeScript
- Larry Wall, the creator of Perl

You can watch the video here -- the speaker introductions start about 50 minutes into the video-- or read PacktPub's summary of the event: Guido van Rossum said designing a programming language is very similar to the way JK Rowling writes her books, the Harry Potter series... He says JK Rowling is a genius in the way that some details that she mentioned in her first Harry Potter book ended up playing an important plot point in part six and seven... When designing a language we start with committing to certain details like the keywords we want to use, the style of coding we want to follow, etc. But, whatever we decide on we are stuck with them and in the future, we need to find new ways to use those details, just like Rowling...

When James Gosling was asked how Java came into existence and what were the design principles he abided by, he simply said, "it didn't come out of like a personal passion project or something. It was actually from trying to build a prototype.... It started out as kind of doing better C and then it got out of control that the rest of the project really ended up just providing the context." In the end, the only thing out of that project survived was Java...

Larry Wall wanted to create a language that was more like a natural language. Explaining through an example, he said, "Instead of putting people in a university campus and deciding where they go we're just gonna see where people want to walk and then put shortcuts in all those places." A basic principle behind creating Perl was to provide APIs to everything. It was aimed to be both a good text processing language linguistically but also a glue language....

Similar to the views of Guido van Rossum, Anders Hejlsberg adds that any decision that you make when designing a language you have to live with it. When designing a language you need to be very careful about reasoning over what "not" to introduce in the language.
There was also some discussion of types -- Gosling believes they help improve performance, while Hejlsberg said types are also useful when building coding tools. "It turns out that you can actually be more productive by adding types if you do it in a non-intrusive manner and if you work hard on doing good type inference and so forth." In fact, Hejlsberg told the audience that the TypeScript project was inspired by massive "write-only" JavaScript code bases, while a semantic understanding (including a type system) makes refactoring easier.

Guido van Rossum acknowledged that TypeScript "is actually incredibly useful and so we're adding a very similar idea to Python. We are adding it in a slightly different way because we have a different context.... I've learned a painful lesson, that for small programs dynamic typing is great. For large programs, you have to have a more disciplined approach. And it helps if the language actually gives you that discipline, rather than telling you, 'Well, you can do whatever you want.'"

In the video Larry Wall says the Perl 6 team had also noticed the limitations of loose typing, and added a robust type system to Perl 6 to "help with programming in the large."

This was the first annual benefit for CSforALL, a group promoting high-quality computer science classes at every grade level.

Slashdot reader omfglearntoplay shared this article from IEEE's Spectrum. In "How the Boeing 737 Max Disaster Looks to a Software Developer," pilot (and software executive) Gregory Travis argues Boeing tried to avoid costly hardware changes to their 737s with a flawed software fix -- specifically, the Maneuvering Characteristics Augmentation System (or MCAS): It is astounding that no one who wrote the MCAS software for the 737 Max seems even to have raised the possibility of using multiple inputs, including the opposite angle-of-attack sensor, in the computer's determination of an impending stall. As a lifetime member of the software development fraternity, I don't know what toxic combination of inexperience, hubris, or lack of cultural understanding led to this mistake. But I do know that it's indicative of a much deeper problem. The people who wrote the code for the original MCAS system were obviously terribly far out of their league and did not know it.

So Boeing produced a dynamically unstable airframe, the 737 Max. That is big strike No. 1. Boeing then tried to mask the 737's dynamic instability with a software system. Big strike No. 2. Finally, the software relied on systems known for their propensity to fail (angle-of-attack indicators) and did not appear to include even rudimentary provisions to cross-check the outputs of the angle-of-attack sensor against other sensors, or even the other angle-of-attack sensor. Big strike No. 3... None of the above should have passed muster. None of the above should have passed the "OK" pencil of the most junior engineering staff... That's not a big strike. That's a political, social, economic, and technical sin...

The 737 Max saga teaches us not only about the limits of technology and the risks of complexity, it teaches us about our real priorities. Today, safety doesn't come first -- money comes first, and safety's only utility in that regard is in helping to keep the money coming. The problem is getting worse because our devices are increasingly dominated by something that's all too easy to manipulate: software.... I believe the relative ease -- not to mention the lack of tangible cost -- of software updates has created a cultural laziness within the software engineering community. Moreover, because more and more of the hardware that we create is monitored and controlled by software, that cultural laziness is now creeping into hardware engineering -- like building airliners. Less thought is now given to getting a design correct and simple up front because it's so easy to fix what you didn't get right later.
The article also points out that "not letting the pilot regain control by pulling back on the column was an explicit design decision. Because if the pilots could pull up the nose when MCAS said it should go down, why have MCAS at all?

"MCAS is implemented in the flight management computer, even at times when the autopilot is turned off, when the pilots think they are flying the plane."

Rogers Cadenhead (Slashdot reader #4,482) writes: Joe Armstrong, the computer scientist best known as one of the creators of the Erlang programming language, died Saturday. Erlang Solutions founder Francesco Cesarini shared the news on Twitter and said, "His work has laid the foundation which will be used by generations to come. RIP @joeerl, thank you for inspiring us all."

Erlang was created by Armstrong, Robert Virding and Mike Williams at the Ericsson telecom company in 1986 and became open source 12 years later. It is known for functional programming, immutable data, code hot-swapping and systems that require insanely high levels of availability.
In another Tweet, Cesarini asks people to share their own memories of Armstrong -- " funny, enlightening or plain silly." And Ulf Wiger, who describes himself as an Erlang old-timer, remembered giving a talk about how to avoid projects dominated by mediocrity. "I used Joe as an example of a 'brilliant developer, but hard to fit into a regular project.'"

Joe had replied, "I am very EASY to fit into regular projects! It's just that so few projects are regular..."

Microsoft has introduced a new open source programming language called Bosque that aspires to be simple and easy to understand by embracing algebraic operations and shunning techniques that create complexity. From a report: Bosque was inspired by the syntax and types of TypeScript and the semantics of ML and Node/JavaScript. It's the brainchild of Microsoft computer scientist Mark Marron, who describes the language as an effort to move beyond the structured programming model that became popular in the 1970s. The structured programming paradigm, in which flow control is managed with loops, conditionals, and subroutines, became popular after a 1968 paper titled "Go To Statement Considered Harmful" by computer scientist Edsger Dijkstra. Marron believes we can do better by getting rid of sources of complexity like loops, mutable state, and reference equality. The result is Bosque, which represents a programming paradigm that Marron, in a paper he wrote, calls "regularized programming."

You can now download the source code of every Infocom text adventure game, thanks to archivist Jason Scott who uploaded the code to GitHub. "There are numerous repositories under the name historicalsource, each for a different game," reports Ars Technica. "Titles include, but are not limited to, The Hitchhiker's Guide to the Galaxy, Planetfall, Shogun, and several Zork games -- plus some more unusual inclusions like an incomplete version of Hitchhiker's sequel The Restaurant at the End of the Universe, Infocom samplers, and an unreleased adaptation of James Cameron's The Abyss." From the report: The code was uploaded by Jason Scott, an archivist who is the proprietor of textfiles.com. His website describes itself as "a glimpse into the history of writers and artists bound by the 128 characters that the American Standard Code for Information Interchange (ASCII) allowed them" -- in particular those of the 1980s. He announced the GitHub uploads on Twitter earlier this week. The games were written in the LISP-esque "Zork Implementation Language," or ZIL, which you could be forgiven for not being intimately familiar with already. Fortunately, Scott also tweeted a link to a helpful manual for the language on archive.org. Gamasutra, which first reported the news, notes that Activision still owns the rights to Infocom games and could request a takedown if it wanted.

AmiMoJo writes: It's time to buy a new chair so I'm turning to Slashdot for recommendations. The Herman Miller Aeron seems to be the go-to, much like the Model M for keyboards, but I've heard that there are some other good options on the market.

I need something that is comfortable and durable -- too many chairs get squeaky and loose because I can't sit still and keep shifting my weight around. Many are difficult to maintain as well, e.g. the screws attacking the back are often under plastic attached with very stiff clips so you can't easily give them a quick tighten. What does Slashdot recommend for my posterior? It's been more than a decade since readers sought recommendations for a quality chair for desktop coding, or back-friendly chairs. In fact, it's been almost two decades since a user inquired about the perfect computer chair. Hopefully office chairs have improved in quality/design since then...

An anonymous reader quotes a report from VentureBeat: In a step toward its goal of building out a data science development stack for web browsers, Mozilla today detailed Pyodide, an experimental Python project that's designed to perform computation without the need for a remote kernel (i.e., a program that runs and inspects code). As staff data engineer Mike Droettboom explained in a blog post, it's a standard Python interpreter that runs entirely in the browser. And while Pyodide isn't exactly novel -- projects like Transcrypt, Brython, Skulpt, and PyPyJs are among several efforts to bring Python to browsers -- it doesn't require a rewrite of popular scientific computing tools (like NumPy, Pandas, Scipy, and Matplotlib) to achieve adequate performance, and its ability to convert built-in data types enables interactions among browser APIs and other JavaScript libraries.

Pyodide is built on WebAssembly, a low-level programming language that runs with near-native performance, and emscripten (specifically a build of Python for emscripten dubbed "cpython-emscripten"), which comprises a compiler from C and C++ to WebAssembly and a compatibility layer. Emscripten additionally provides a virtual file system (written in JavaScript) that the Python interpreter can use, in which files disappear when the browser tab is closed. To use Pyodide, you'll need the compiled Python interpreter as WebAssembly, JavaScript from emscripten (which provides the system emulation), and a packaged file system containing the files required by the Python interpreter. Once all three components are downloaded, they'll be stored in your browser's cache, obviating the need to download them again. The report notes that "the Python interpreter inside the JavaScript virtual machine runs between one to 12 times slower in Firefox and up to 16 times slower on Chrome."

Volkswagen will use Chinese software developers to help design a global autonomous vehicle architecture thanks to the prevalence of qualified programmers which carmakers are struggling to hire elsewhere, senior executives said on Monday. Reuters reports: As carmakers scramble to develop advanced driver assistance systems and autonomous driving functions, carmakers are struggling to find qualified engineers to build the software algorithms needed to teach cars the right reflexes. Volkswagen has 4,000 engineers in China, with an average age of 29, spread over five research and development sites and a rapidly growing number of software engineers. "In a short period from now they will be able to do 15 to 20 million lines of programming code on an annual basis," Volkswagen China's passenger cars chief Stephan Woellenstein said in Shanghai on Monday.

The prevalence of software engineers, combined with the country's willingness to roll out the infrastructure for connected and self-driving cars, will make China one of the first markets in which autonomous cars gain widespread acceptance, VW managers said. As a result, Chinese suppliers will help Volkswagen Group to design a global autonomous vehicle architecture, he said.

An anonymous reader quotes Reuters: Richard Liu, the founder of Chinese e-commerce giant JD.com Inc, has weighed in on an ongoing debate about the Chinese tech industry's grueling overtime work culture, lamenting that years of growth had increased the number of "slackers" in his firm who are not his "brothers...." Liu, who started the company that would become JD.com in 1998, in the note spoke about how in the firm's earliest days he would set his alarm clock to wake him up every two hours to ensure he could offer his customers 24-hour service -- a step he said was crucial to JD's success...

The '996' work schedule, which refers to a 9 a.m. to 9 p.m. workday, six days a week, has in particular become the target of online debate and protests on some coding platforms, where workers have swapped examples of excessive overtime demands at some firms. Liu said JD did not force its staff to work the "996" or even a "995" overtime schedule. "But every person must have the desire to push oneself to the limit!" he said.
JD disputed reports that the company would be cutting up to 8% of its workforce, but did say "We're getting back to those roots as we seek, develop and reward staff who share the same hunger and values... JD.com is a competitive workplace that rewards initiative and hard work, which is consistent with our entrepreneurial roots."

JD's investors include Walmart and Google.

angel'o'sphere shares a report: The annual Stack Overflow survey is one of the most comprehensive snapshots of how programmers work, with this year's poll being taken by almost 90,000 developers across the globe. This year's survey details which languages developers enjoy using, which are associated with the best paid jobs, which are most commonly used, as well as developers' preferred frameworks, databases, and integrated development environments.

Python's versatility continues to fuel its rise through Stack Overflow's rankings for the "most popular" languages, which lists the languages most widely used by developers. This year's survey finds Python to be the fastest-growing major programming language, with Python edging out Android and enterprise workhorse Java to become the fourth most commonly used language. [...] More importantly for developers, this popularity overlaps with demand for the language, with Julia Silge, data scientist at Stack Overflow, saying that jobs data gathered by Stack Overflow also shows Python to be one of the most in-demand languages sought by employers.

[...] Rust may not have as many users as Python or JavaScript but it has earned a lot of affection from those who use it. For the fourth year running, the language tops Stack Overflow's list of "most-loved" languages, which means the proportion of Rust developers who want to continue working with it is larger than that of any other language.[...] Go stands out as a language that is well paid, while also being sought after and where developers report high levels of job satisfaction. Full report here.

JavaScript library manager NPM on Wednesday apologized for its handling of a contentious round of recent layoffs. The Register reports: The company statement, which comes a week after product manager Rebecca Turner resigned in protest, is co-signed by chief executive officer Bryan Bogensberger, chief product officer Isaac Schlueter and chief data officer Laurie Voss. "Recently, we let go of five people in a company restructuring," the statement says. "The way that we undertook the process, unfortunately, made the terminations more painful than they needed to be, which we deeply regret, and we are sorry." By way of explanation, the statement attributes the changes at the company to shifting the firm's source of financial sustenance from venture funding to product revenue. That requires "new levels of commitment, delivery, and accountability," the implementation of which "has been uncomfortable at times."

In response to a question posed by The Register via Twitter, the company's former CTO CJ Silverio said, "The main thing I want to note is how NPM's statement is not an apology by [Isaac's] own standards. His blog post about apologies is very clear about the three things an apology must contain, and it seems to me that all three items were missing from that statement. It said nothing substantive. It went so far as to blame NPM's users for forcing them into the move."

An anonymous reader writes: If you were paying close attention during Google Cloud Next 2019 yesterday, you may have heard talk of Cloud Code. The new developer tool was only mentioned briefly, but today Google offered more details. Cloud Code extends two Integrated Development Environments (IDEs), IntelliJ and Visual Studio Code, to cloud-native Kubernetes applications. Google's message here is that moving to the cloud isn't just about data. It can also be about code, and the developers who write it. IDEs are designed for editing, compiling, and debugging code for local applications. Google wants to adapt them to developing applications for the cloud.

Developer and blogger Guilherme Rambo, writing for 9to5Mac: Fellow developer Steve Troughton-Smith recently expressed confidence about some evidence found indicating that Apple is working on new Music, Podcasts, and perhaps Books apps for macOS, to join the new TV app. I've been able to independently confirm that this is true. On top of that, I've been able to confirm with sources familiar with the development of the next major version of macOS -- likely 10.15 -- that the system will include standalone Music, Podcasts, and TV apps, but it will also include a major redesign of the Books app.

The new Books app will have a sidebar similar to the News app on the Mac, it will also feature a narrower title bar with different tabs for the Library, Book Store, and Audiobook Store. On the library tab, the sidebar will list the user's Books, Audiobooks, PDFs and other collections, including custom ones. The new Music, Podcasts, and TV apps will be made using Marzipan, Apple's new technology designed to facilitate the porting of iPad apps to the Mac without too many code changes. Further reading: Steven Troughton-Smith Thinks iTunes Breakup is Nigh (DaringFireball).

C++ has knocked machine-learning favorite Python out of the top 3 in the TIOBE Index of popular programming languages. From a report: It marks a reversal of fortune for C++, which, after years of occupying third place in the index, was pushed down to fourth place by Python in September last year. First and second place in the list remain unchanged, with Java in pole position and C at number two. The TIOBE Index attempts to estimate the popularity of languages worldwide based on results from major search engines. The index is sometimes criticized for being a rather blunt measure, likely to be influenced by a range of factors beyond a language's popularity, but its rankings are broadly in line with others, with a similar mix of languages albeit arranged in a different order.

In an analysis alongside the latest figures, TIOBE attributes the comeback of C++ to a surge in its popularity, rather than a fall in the use of Python. "This is certainly not because Python is in decline: Python is scoring all time highs almost every month. It is just that C++ is also getting more and more popular," it writes. The report credits this growing interest in C++ to C++11, the version of the language released in 2011 that TIOBE said made C++ "much simpler, safer and more expressive."

Long-time Slashdot reader theodp writes: While Apple CEO Tim Cook may not be able to force schoolchildren to code, there's no law against Cook and Apple using Sesame Street to make preschoolers want to code. Among the original Apple TV+ shows Cook announced at Apple's March Event was Helpsters, an "incredible new preschool show" about coding from "the peeps at Sesame Workshop and Apple."

In a skit on stage at the Steve Jobs Theater [available on YouTube], a Helpster monster from the new show named "Cody" (get it!) explains to Big Bird, "See, coding fosters collaboration, critical-thinking skills, and is an essential language that every child can learn. By teaching preschoolers about coding, we are giving them the opportunity to change the world."
One site described Cody as "a sociopathic tech recruiter muppet," complaining that "Teaching kids about technology is fine. But this is just creepy." They also objected to the show's targeting of pre-schoolers.

"From a developmental point of view, most experts agree very young children should be working on figuring out how to share their toys, not thinking about how to program them."

Following the release of Visual Studio 2019 for Windows and Mac platforms, Microsoft today is releasing a snap version of Visual Studio Code. A report adds: No, the source-code editor is not the Windows-maker's first snap -- it also released one for Skype, for instance. "As of today, Visual Studio Code is available for Linux as a snap, providing seamless auto-updates for its users. Visual Studio Code, a free, lightweight code editor, has redefined editors for building modern web and cloud applications, with built-in support for debugging, task running, and version control for a variety of languages and frameworks," says Canonical. Joao Moreno, Software Development Engineer, Microsoft Visual Studio Code offers the following statement: "The automatic update functionality of snaps is a major benefit. It is clear there is a thriving community around snaps and that it is moving forward at great pace. The backing of Canonical ensures our confidence in its ongoing development and long-term future."

According to the Wall Street Journal, Goldman Sachs is planning to release on GitHub some of the code that its traders and engineers use to price securities and analyze and manage risk. "The bank also is offering $100,000 in annual funding for engineers to build new applications using the bank's code," the report adds. "Goldman will own the resulting intellectual property, plus get an early look to invest in promising technology." From the report: It is Goldman's latest move to shed some of its trademark secrecy and share its once closely guarded technology. It is part of a broader shift at Wall Street firms to emulate Silicon Valley giants like Google and Facebook, which have opened up their technology to a community of enthusiastic developers. By letting outsiders tinker with its code, Goldman hopes to crowdsource new uses for it and earn the loyalty of computer-driven "quant" traders who have taken the investing world by storm.

Goldman's proprietary trading engine, known as SecDB, once made its traders the smartest on Wall Street. It is credited with helping the firm weather the 2008 financial meltdown better than rivals. But a postcrisis ban on proprietary trading has made it more valuable as a service offered to clients than an in-house moneymaker. Over the past five years, Goldman has been building SecDB's capabilities into a web application called Marquee, which now has about 13,000 users roughly split between Goldman employees and clients. The code coming to GitHub will allow users to interact directly with Marquee's data feeds, pricing engines and other tools.

An anonymous reader quotes a report from Ars Technica: Google is releasing the second Android Q Beta today. As we learned with the first release, Android Q is bringing support for foldable smartphones, better privacy and permissions controls, and a grab bag of other features. We've yet to install the second beta on one of our own devices, but Google's release blog post promises "bug fixes, optimizations, and API updates," as well as a crazy new multitasking feature and an emulator for foldables. Android loves multitasking. So far we've had split screens and floating windows, and Android Q Beta 1 even had a hidden desktop mode. Beta 2 brings us a new multitasking feature called "Bubbles." Bubbles let you minimize an app into a little circle, which floats around on the screen above all your other apps. Tapping on a bubble will open a small UI. The only demo Google shows is one for a messaging app. Each bubble is a contact, and tapping on the bubble shows a small chat UI. If you remember Facebook's "Chat Head" UI for Messenger, Bubbles is that, but built into the OS. "Bubbles are great for messaging because they let users keep important conversations within easy reach," Google said in their blog post. "They also provide a convenient view over ongoing tasks and updates, like phone calls or arrival times. They can provide quick access to portable UI, like notes or translations, and can be visual reminders of tasks too."