In a blog post, Facebook said that it's shutting off access to its application programming interface for hundreds of thousands of inactive apps. This interface is what lets app developers access user data. The Verge reports: The company had set an August 1st deadline back in May, during its F8 developer conference, for developers and businesses to re-submit apps to an internal review, a process that involves signing new contracts around user data collection and verifying one's authenticity. The goal is to ensure third-party software on Facebook was in line with the company's data privacy rules and new restrictions put in place in the wake of the Cambridge Analytica scandal, in which a third-party developer siphoned user data and sold it to another firm in violation of Facebook's terms of service. Now, after it identified numerous apps that were either inactive or from developers who had not submitted the software for review, Facebook is cutting off those apps' access to its Platform API.

Lubuntu, a popular Ubuntu flavor, has gained traction over the years for supporting older hardware. As Brian Fagioli writes at BetaNews, one of the focuses of the Lubuntu developers is to support aging computers. However, that is about to change. He adds: When Lubunu 18.10 is released in October 2018, it will ditch LXDE for the newer LXQt. Despite it also being a desktop environment that is easy on resources, the Lubuntu developers are planning to drop their focus on old hardware after the transition. "[...] Our main focus is shifting from providing a distribution for old hardware to a functional yet modular distribution focused on getting out of the way and letting users use their computer. In essence, this is leveraging something we have always done with Lubuntu; providing an operating system which users can use to revive their old computers, but bringing this to the age of modern computing," says Simon Quigley of Lubuntu team.

MightyMartian shares a report from The Guardian: On April 30, 2019, Emperor Akihito of Japan is expected to abdicate the chrysanthemum throne. The decision was announced in December 2017 so as to ensure an orderly transition to Akihito's son, Naruhito, but the coronation could cause concerns in an unlikely place: the technology sector. The Japanese calendar counts up from the coronation of a new emperor, using not the name of the emperor, but the name of the era they herald. Akihito's coronation in January 1989 marked the beginning of the Heisei era, and the end of the Shwa era that preceded him; and Naruhito's coronation will itself mark another new era. But that brings problems. For one, Akihito has been on the throne for almost the entirety of the information age, meaning that many systems have never had to deal with a switchover in era. For another, the official name of Naruhito's era has yet to be announced, causing concern for diary publishers, calendar printers and international standards bodies. It's why some are calling it "Japan's Y2K problem." "The magnitude of this event on computing systems using the Japanese Calendar may be similar to the Y2K event with the Gregorian Calendar," said Microsoft's Shawn Steele. "For the Y2K event, there was world-wide recognition of the upcoming change, resulting in governments and software vendors beginning to work on solutions for that problem several years before January 1, 2000. Even with that preparation many organizations encountered problems due to the millennial transition. Fortunately, this is a rare event, however it means that most software has not been tested to ensure that it will behave with an additional era."

Unicode's Ken Whistler wrote in a message earlier this month: "The [Unicode Technical Committee] cannot afford to make any mistakes here, nor can it just *guess* and release the code point early. All of this is pointing directly to the necessity of issuing a Unicode 12.1 release sharply on the heels of Unicode 12.0, incorporating the addition of the new Japanese era name character, which all vendors will be under great pressure to immediately support in 2019 software releases."

BrianFagioli shares a report from BetaNews: Microsoft seems eager to get programmers on the quantum bandwagon, as today, it launched the open-source Quantum Katas on GitHub. What exactly is it? It is essentially a project deigned to teach Q# programming for free. "For those who want to explore quantum computing and learn the Q# programming language at their own pace, we have created the Quantum Katas -- an open-source project containing a series of programming exercises that provide immediate feedback as you progress," says The Microsoft Quantum Team. "Coding katas are great tools for learning a programming language. They rely on several simple learning principles: active learning, incremental complexity growth, and feedback."

The team further says, "The Microsoft Quantum Katas are a series of self-paced tutorials aimed at teaching elements of quantum computing and Q# programming at the same time. Each kata offers a sequence of tasks on a certain quantum computing topic, progressing from simple to challenging. Each task requires you to fill in some code; the first task might require just one line, and the last one might require a sizable fragment of code. A testing framework validates your solutions, providing real-time feedback." You can view the project on GitHub here.

Since Venmo's transactions are "public" by default and broadcast on Venmo's API, a Python programmer decided to publicize a few of them, reports the Mercury News: The creator of the bot named "Who's buying drugs on Venmo" under the Twitter handle @venmodrugs says he wanted users to consider their privacy settings before using Venmo. The bot finds Venmo transactions that include words such as heroin, marijuana, cocaine, meth, speed or emojis that denote drugs and tweets the transaction with the names of the sender and receiver and the sender's photo, if there is one... "I wanted to demonstrate how much data Venmo was making publicly available with their open API and their public by default settings and encourage people to consider their privacy settings," Joel Guerra, the creator of the bot, told Motherboard, a technology news outlet run by Vice.
He shut the bot after 24 hours, according to a Medium essay titled "Why I blasted your 'drug' deals on Twitter": I chose drugs, sex and alcohol keywords as the trigger for the bot because because they were funny and shocking. I removed the last names of users because I didn't want to actually contribute to the problem of lack of privacy... I braced myself for backlash but the response was overwhelmingly positive. People understood my point and I had sparked a lot of discussion about online privacy and the need for users to do a better job of understanding the terms of software they were using -- and a lot of discussion about how companies need to do a better job of informing customers how their data was being used...

After about 24 hours of tweeting everyone's drug laden Venmo transactions I shut down the bot (Python script!!) and deleted all the tweets. I had successfully made my point and gotten more attention than I had imagined possible. Thousands of people were reading tweets and articles about the bot and discussing data privacy. I saw no further value in tweeting out anyone's personal transactions anymore. However, all I ever did was format the data and automate a Twitter account -- the data is still readily available.
His closure of the bot drew some interesting reactions on Twitter.

"booooooooo. I was so entertained by this."

"I remember I had a dealer take my phone and set venmo to private lol."

"we're looking to add a Python developer to our team and I think you'd be a good fit."

Long-time Slashdot reader Qbertino does PHP for a living, but says he's growing "increasingly frustrated with the ignorant and clueless in the vincinity of PHP." Crappy code and baaaaad application setups is one thing, but people refusing to fix them or simply not even understanding the broader implications of bad applications or attempting SEO with gadgets while refusing to fix 3.5 MB-per-pagecall are just minor tidbits in a history of increasingly unnerving run-ins with knuckledragers in the "web agency" camp...

Will I leave the larger part of this backwards stuff behind if I move to another server-side programming language such as Java or Kotlin for professional work in the broader web area? Do I have a chance to do quality work on quality projects using PHP, or are those slim compare to other programming languages? In short, should I ditch PHP?
"I think .NET is a much cleaner language to work in with Microsoft's excellent Visual Studio IDE and debugger," argues Slashdot reader Agret , adding "there are many large projects in my city hiring .NET developers and being a strongly typed language the code quality is generally better than PHP."

But what's been your experience? And would a frustrated developer find more quality projects by ditching PHP?

"Bing has launched a new intelligent search feature which provides the exact piece of code a developer is looking for," writes Search Engine Journal. An anonymous reader quotes their report: The code snippet will appear right on the search results page itself, which means users will not have to skim through long threads and articles to find the one thing they're looking for. Bing calls this new feature a "Code Sample Answer" and says it's designed to help save developers' time. "Many of us are developers too, and we thought: what if Bing were intelligent enough to do this for us? What if it could save users' time by automatically finding the exact piece of code containing the answer to the question? That is how Code Sample Answer was born..."

A Code Sample Answer will trigger only when Bing intelligently detects the coding intent with high confidence. "To achieve this level of precision for query intent detection, Bing's natural language processing pipelines for developers leverages patterns found in training data from developer queries collected over the years containing commonly used terms and text structure typical for coding queries. The system also leverages a multitude of click signals to improve the precision even further"... [I]t also covers other tools used by developers. For example, a Code Sample Answer can be triggered when searching for git commands and their syntax.
Bing extracts "the best matched code samples from popular, authoritative and well moderated sites like Stackoverflow, Github, W3Schools, MSDN, Tutorialpoints, etc. taking into account such aspects as fidelity of API and programming language match, counts of up/down-votes, completeness of the solution and more."

JAXenter.com notes they obtained similar results using the privacy-friendly search engine DuckDuckGo, and ultimately asks whether this functionality could affect the search habits of developers. "Is this new feature enough to make Bing a viable search engine tool for programmers or will Google be the go-to for hunting down source code?"

The Economist argues that Guido Van Rossum resembled the reluctant Messiah in Monty Python's Life of Brian. An anonymous reader quotes their report: "I certainly didn't set out to create a language that was intended for mass consumption," he explains. But in the past 12 months Google users in America have searched for Python more often than for Kim Kardashian, a reality-TV star. The rate of queries has trebled since 2010, while inquiries after other programming languages have been flat or declining. The language's popularity has grown not merely among professional developers -- nearly 40% of whom use it, with a further 25% wishing to do so, according to Stack Overflow, a programming forum -- but also with ordinary folk. Codecademy, a website that has taught 45 million novices how to use various languages, says that by far the biggest increase in demand is from those wishing to learn Python. It is thus bringing coding to the fingertips of those once baffled by the subject. Pythonistas, as aficionados are known, have helped by adding more than 145,000 packages to the Cheese Shop, covering everything from astronomy to game development....

Python was already the most popular introductory language at American universities in 2014, but the teaching of it is generally limited to those studying science, technology, engineering and mathematics. A more radical proposal is to catch 'em young by offering computer science to all, and in primary schools. Hadi Partovi, the boss of Code.org, a charity, notes that 40% of American schools now offer such lessons, up from 10% in 2013. Around two-thirds of 10- to 12-year-olds have an account on Code.org's website. Perhaps unnerved by a future filled with automated jobs, 90% of American parents want their children to study computer science.
"The CIA has employed Python for hacking, Pixar for producing films, Google for crawling web pages and Spotify for recommending songs," notes the Economist.

Though Van Rossum was Python's Benevolent Dictator For Life, "I'm uncomfortable with that fame," he tells the magazine. "Sometimes I feel like everything I say or do is seen as a very powerful force."

An anonymous reader shares an excerpt from Ars Technica: D-Wave's hardware has always occupied a unique space on the computing landscape. It's a general-purpose computer that relies on quantum mechanical effects to perform calculations. And, while other quantum-computer makers have struggled to put more than a few dozen qubits together, D-Wave's systems have already scaled to more than 2,000 addressable bits. But the D-Wave systems don't perform calculations in the same way and, despite all those bits, haven't clearly demonstrated performance that can outpace even traditional computing hardware. But D-Wave has come out with a research paper in Science that suggests that the system can do interesting things even in its current state. The company's researchers have set it loose modeling a quantum system that closely resembles the bits used in the hardware itself, allowing them to examine quantum phase transitions. While this still isn't cutting-edge performance, it does allow researchers full control over the physical parameters of a relevant quantum system as it undergoes phase changes.

Government Technology reports: On July 16, Google Maps is going to make it more difficult and expensive to use its API, which could make custom maps that rely on the service less sustainable or even unfeasible for the people who made them... First, Google Maps is requiring all projects to have an official API key in order to work. If a user doesn't have a key, the quality of the map will likely be reduced, or it could simply stop working. Second, API keys will only work if they are attached to somebody's credit card. Google will charge that card if users exceed a certain number of API requests, which is different for different services. Google will provide users a free $200 credit toward those costs each month...

There are a couple places where the changes might have more of an impact. One is in the civic hacking space, where people often work with government data to create niche projects that aim for low costs, or are free so that as many people as possible can use them... "I think that's what scares people a little bit, it certainly scares me, this thought of having this API out there and not knowing how many people are going to use it," said Derek Eder, founder of the civic tech company DataMade. "I don't want to suddenly get a bill for $1,000."
There's at least three Open Source alternatives, and Geoawesomeness.com lists nine more.

Slashdot reader Jiri_Komarek also points out that Google's move was good news for its competitor, MapTiler. "Since Google announced the pricing change the number of our users increased by 200%," said Petr Pridal, head of the MapTiler team. "We expect more people to come as they get their first bill from Google."

An anonymous reader quotes a report from The Daily Beast: The Trump Administration is planning to eliminate a vast trove of medical guidelines that for nearly 20 years has been a critical resource for doctors, researchers and others in the medical community. Maintained by the Agency for Healthcare Research and Quality [AHRQ], part of the Department of Health and Human Services, the database is known as the National Guideline Clearinghouse [NGC], and it's scheduled to "go dark," in the words of an official there, on July 16. "Guideline.gov was our go-to source, and there is nothing else like it in the world," King said, referring to the URL at which the database is hosted, which the agency says receives about 200,000 visitors per month. "It is a singular resource," Valerie King, a professor in the Department of Family Medicine and Director of Research at the Center for Evidence-based Policy at Oregon Health & Science University, added. [She] said the NGC is perhaps the most important repository of evidence-based research available.

Medical guidelines are best thought of as cheatsheets for the medical field, compiling the latest research in an easy-to use format. When doctors want to know when they should start insulin treatments, or how best to manage an HIV patient in unstable housing -- even something as mundane as when to start an older patient on a vitamin D supplement -- they look for the relevant guidelines. The documents are published by a myriad of professional and other organizations, and NGC has long been considered among the most comprehensive and reliable repositories in the world. AHRQ said it's looking for a partner that can carry on the work of NGC, but that effort hasn't panned out yet. Not even an archived version of the site will remain, according to an official at AHRQ.

An anonymous reader shares a report: A hacker gained access to a developer's npm account earlier this week and injected malicious code into a popular JavaScript library, code that was designed to steal the npm credentials of users who utilize the poisoned package inside their projects. The JavaScript (npm) package that got compromised is called eslint-scope, a sub-module of the more famous ESLint, a JavaScript code analysis toolkit. The hack took place on the night between July 11 and 12, according to the results of a preliminary investigation posted on GitHub a few hours ago. "One of our maintainers did observe that a new npm token was generated overnight (said maintainer was asleep)," said Kevin Partington, ESLint project member. Partington believes the hacker used the newly-generated npm token to authenticate and push a new version of the eslint-scope library on the npm repository of JavaScript packages.

After almost 30 years of overseeing the development of the world's most popular language, Python, its founder and "Benevolent Dictator For Life" (BDFL), Guido van Rossum, has decided to remove himself entirely from the decision process. From a report: Van Rossum isn't leaving Python entirely. He said, "I'll still be there for a while as an ordinary core dev, and I'll still be available to mentor people -- possibly more available." It's clear from van Rossum's note he's sick and tired of running the organization. He wrote, "I don't ever want to have to fight so hard for a PEP (Python Enhancement Proposals) [PEP 572 Assignment Expressions] and find that so many people despise my decisions." In addition, van Rossum hints he's not been well. "I'm not getting younger... (I'll spare you the list of medical issues.)" So, "I'm basically giving myself a permanent vacation from being BDFL, and you all will be on your own." From the email: I am not going to appoint a successor. So what are you all going to do? Create a democracy? Anarchy? A dictatorship? A federation? I'm not worried about the day to day decisions in the issue tracker or on GitHub. Very rarely I get asked for an opinion, and usually it's not actually important. So this can just be dealt with as it has always been. At Slashdot, we had the privilege of interviewing Guido van Rossum, a Computer History Museum honoree, in 2013.

Long-time Slashdot reader slack_justyb writes, "Jonathan Blow, an independent video game developer, indicated to gamesindustry.biz that while working on a recent project he stopped and considered how miserable programming can be. After some reflection Blow came to the realization as to why. [C++ is a] 'really terrible, terrible language.'"

The main flaw with C++, in Blow's opinion, is that it's a fiendishly complex and layered ecosystem that has becoming increasingly convoluted in its effort to solve different problems; the more layers, the higher the stack, the more wobbly it becomes, and the harder it is to understand.
"Blow is the developer of two games so far -- Braid and The Witness -- and developed a new programming language known as Jai in hopes to help C++ game developers become more productive."

With Jai, Blow hopes to achieve three things: improve the quality of life for the programmer because "we shouldn't be miserable like many of us are"; simplify the systems; and increase expressive power by allowing programmers to build a large amount of functionality with a small amount of code.

Long-time Slashdot reader xx_chris calls C++ "the triumph of syntax over clarity," while in the interview Blow calls C++ 'a weird mess.' But the original submission ends with these questions. "Is Blow correct? Has C++ become a horrific mess that we should ultimately relegate to the bins of COBOL and Pascal? Are there redeeming qualities of C++ that justify the tangle it has become?

"And is Jai a solution or just yet another programming language?"

dryriver writes: If you are a user of a popular professional desktop software program, it is not uncommon for that program to get anywhere from 5 to 20 major or minor new features and functions about once a year to stay desirable and competitive. But it seems that hugely popular internet-based sites and services like Instagram, Facebook, YouTube, Google Search, Gmail, Outlook, WhatsApp, Telegram and others get major new features/changes much, much slower than desktop software. Quite often you'll come across a barrage of breathless news articles that say "Popular Internet Service X will add Y feature starting from April 1st." It is often one single and very obvious feature or functionality being added that people have wanted for years, not a cluster of 5 or 10 funky new functions at the same time.

Why is this the case? How is it that desktop software with just a few hundred thousand users and no more than a few dozen coders working can add 5 to 20 major new functions in just one year, and do this year after year, but a major internet-based service with tens or hundreds of millions of users and presumably hundreds or thousands of techies working behind the curtain keeps everyone waiting three years or longer to build a much requested feature into the system, and then only rolls out that one desired feature to great fanfare as if it is a huge achievement? Is it really that much harder to code major new features into an internet/cloud service, versus coding major new features into desktop software; or is this a deliberate business model that has become popular?

BrianFagioli writes: People sometimes forget that when the first-ever iPhone launched in 2007, there was no App Store. Believe it or not, Apple's smartphone was limited to the apps with which it came. In fact, Steve Jobs famously didn't want third-party apps on the iPhone at all. Ultimately, the App Store was added in 2008 despite Jobs' initial push against it. This move changed the computer industry forever.

This month, the Apple App Store reaches an impressive milestone -- its 10th Birthday. This day is important for three groups -- Apple (of course), but more importantly, consumers and developers. Apple has made billions of dollars from the App Store, but third party developers have as well -- the company has literally transformed some devs into millionaires. Consumers have benefited from high-quality applications too.

Regardless of your feelings about Apple, the world owes it a collective thank you for its App Store. It inspired other companies, such as Google with Android and Microsoft with Windows 8/10, to adopt the same app concepts. It really did change everything.

An anonymous reader quotes a report from CNET: Drivers in England and Wales now have a direct line to police for ratting on their fellow motorists, thanks to a new national dash cam database. The National Dash Cam Safety Portal, run by UK dashcam manufacturer Nextbase, lets drivers upload footage from their dashcam to a single database and send it directly to police, the BBC reports. Drivers can choose their region of England or Wales and send footage of accidents or illegal behavior on the road directly to local police, as well as sending a witness statement that can then be used in court.

According to The Wall Street Journal, hundreds of app developers have access to millions of inboxes belonging to Gmail users (Warning: source paywalled; alternative source). The developers reportedly receive access to messages from Gmail users who signed up for things like price-comparison services or automated travel-itinerary planners. Some of these companies train software to scan the email, while others enable their workers to pore over private messages. INSIDER reports: It's not news that Google and many top email providers enable outside developers to access users' inboxes. In most cases, the people who signed up for the price-comparison deals or other programs agreed to provide access to their inboxes as part of the opt-in process. In Google's case, outside developers must pass a vetting process, and as part of that, Google ensures they have an acceptable privacy agreement, The Journal reported, citing a Google representative.

What is unclear is how closely these outside developers adhere to their agreements and whether Google does anything to ensure they do, as well as whether Gmail users are fully aware that individual employees may be reading their emails, as opposed to an automated system, the report says. It's interesting to note that, judging from The Journal's story, very little indicates that Google is doing anything different from Microsoft or other top email providers. According to the newspaper, nothing in Microsoft or Yahoo's policy agreements explicitly allows people to read others' emails.

An anonymous reader quotes a report from Ars Technica: A team led by Martin Fussenegger of ETH Zurich in Basel has shown that caffeine can be used as a trigger for synthetic genetic circuitry, which can then in turn do useful things for us -- even correct or treat medical conditions. For a buzz-worthy proof of concept, the team engineered a system to treat type 2 diabetes in mice with sips of coffee, specifically Nespresso Volluto coffee. Essentially, when the animals drink the coffee (or any other caffeinated beverage), a synthetic genetic system in cells implanted in their abdomens switches on. This leads to the production of a hormone that increases insulin production and lowers blood sugar levels -- thus successfully treating their diabetes after a simple morning brew.

The system, published Tuesday in Nature Communications, is just the start, Fussenegger and his colleagues suggest enthusiastically. "We think caffeine is a promising candidate in the quest for the most suitable inducer of gene expression," they write. They note that synthetic biologists like themselves have long been in pursuit of such inducers that can jolt artificial genetics. But earlier options had problems. These included antibiotics that can spur drug-resistance in bacteria and food additives that can have side effects. Caffeine, on the other hand, is non-toxic, cheap to produce, and only present in specific beverages, such as coffee and tea, they write. It's also wildly popular, with more than two billion cups of coffee poured each day worldwide.

An anonymous reader quotes ITWire: Well-known British security researcher Kevin Beaumont says the breach of the British operations of American multinational ticket sales and distribution company Ticketmaster, that has led to the possible leak of tens of thousands of credit card details, was caused by the incorrect placement of a single line of code... Beaumont said Inbenta was providing a chat bot for website developers "by providing a single line of HTML which calls a JavaScript from Inbenta's Web server...."

He pointed out that while Inbenta had provided Ticketmaster a customised JavaScript one-liner, the ticketing company had placed this chatbot code on its payment processing website without informing Inbenta it had done so. "This means that Inbenta's webserver was placed in the middle of all Ticketmaster credit card transactions, with the ability to execute JavaScript code in customer browsers," Beaumont said. This code had been altered by some malicious person back in February and the problems began at that point, he said.
Beaumont warns businesses to be cautious with third-party JavaScript code in sensitive processes. "Check your supply chain. Because attackers are."

And he also highlights how anti-virus tools started flagging the the script months before Ticketmaster announced the breach. "I can see the Javascript file being uploaded to a variety of threat intelligence tools from April through just before the breach announcement, so clearly somebody was looking into it."