crabel writes "In Java 1.6.0_21, the company field was changed from 'Sun Microsystems, Inc' to 'Oracle.' Apparently not the best idea, because some applications depend on that field to identify the virtual machine. All Eclipse versions since 3.3 (released 2007) until and including the recent Helios release (2010) have been reported to crash with an OutOfMemoryError due to this change. This is particularly funny since the update is deployed through automatic update and suddenly applications cease to work."

rsk writes "Paul Tyma, the man behind Mailinator, has put together an excellent performance analysis comparing old-school synchronous programming (java.io.*) to Java's asynchronous programming (java.nio.*) — showing a consistent 25% performance deficiency with the asynchronous code. As it turns out, old-style blocking I/O with modern threading libraries like Linux NPTL and multi-core machines gives you idle-thread and non-contending thread management for an extremely low cost; less than it takes to switch-and-restore connection state constantly with a selector approach."

snydeq writes "Google distinguished engineer Rob Pike ripped the use of Java and C++ during his keynote at OSCON, saying that these 'industrial programming languages' are way too complex and not adequately suited for today's computing environments. 'I think these languages are too hard to use, too subtle, too intricate. They're far too verbose and their subtlety, intricacy and verbosity seem to be increasing over time. They're oversold, and used far too broadly,' Pike said. 'How do we have stuff like this [get to be] the standard way of computing that is taught in schools and is used in industry? [This sort of programming] is very bureaucratic. Every step must be justified to the compiler.' Pike also spoke out against the performance of interpreted languages and dynamic typing."

Nushio writes "The code wasn't even released, and yet Roy van Rijn, a Music & Free Software enthusiast received a C&D from Landmark Digital Services, owners of Shazam, a music service that allows you to find a song, by listening to a part of it. And if that wasn't enough, they want him to take down his blog post (Google Cache) explaining how he did it because it 'may be viewed internationally. As a result, [it] may contribute to someone infringing our patents in any part of the world.'" Update: 07/09 00:31 GMT by T :Story updated to reflect that Shazam is multiplatform, not Android-only, as implied by the original phrasing.

RickJWagner writes "This is a book targeted primarily towards the Java programmer who doesn't yet know Groovy. Groovy is a dynamic scripting language that runs on the JVM and offers easy integration with the Java language. Groovy also offers dynamic language features that lend themselves to the creation of DSLs (Domain-Specific Languages). This book attempts to simultaneously teach the reader how to use Groovy and how to build a DSL." Keep reading for the rest of RickJWagner's review.

GMGruman writes "In an InfoWorld blog, Paul Krill suggests that those concerned that Java might get lost in Oracle's tangle of acquired technologies should relax a little: Java's future isn't wholly in Oracle's hands, so if Oracle screws up or lets Java languish, the popular language has other forces to move it forward nonetheless."

thisisauniqueid writes "In light of the clamor over the iPhone 4 Grip of Death, AnandTech recently reverse-engineered the phone's signal-strength-to-bars mapping. Because Android is open source, we can determine the corresponding mapping for Android in combination with the 3GPP spec referenced in the source, allowing the signal-strength-to-bars mapping for both Android and the iPhone 4 to be plotted on the same axes. This shows that the iPhone 4 consistently reports a higher percentage signal strength (as defined by the fraction of bars lit) than Android GSM devices at the same signal strength."

eldavojohn writes "The latest versions of Microsoft Windows have some good security options available — now if only they could get their most popular third-party applications to use them. A report from Secunia takes a look at two such options — DEP and ASLR — and Brian Krebs breaks down who is using them and who is not. A security specialist noted, 'If both DEP and ASLR are correctly deployed, the ease of exploit development decreases significantly. While most Microsoft applications take full advantage of DEP and ASLR, third-party applications have yet to fully adapt to the requirements of the two mechanisms (PDF). If we also consider the increasing number of vulnerabilities discovered in third-party applications, an attacker's choice for targeting a popular third-party application rather than a Microsoft product becomes very understandable.' Among those with neither DEP or ASLR: Apple Quicktime, Foxit Reader, Google Picasa, Java, OpenOffice.org, RealPlayer, and AOL's Winamp. While Flash player can't implement DEP, it does have ASLR. Google Chrome is the only popular third-party application listed with stars across the board." It's worth noting that several apps highlighted in the Secunia research paper have added support for those security options in recent patches, or are in the process of doing so. Examples include Firefox, VLC, and Foxit Reader.

DragonHawk writes "Mozilla Firefox 3.6.4 went to general release today. The big new feature in this release is out-of-process plugins (OOPP). This means things like Flash, Java, QuickTime, etc., all run in separate processes, so when Flash decides to crash, it won't take your browser out with it. If Flash starts consuming all the CPU it can find, you can kill it without nuking your browser session. I've been using this feature since it was in the 'nightly build' stage, and it was still more stable than 3.6.3, just because Flash was isolated." And reader Trailrunner7 supplies another compelling reason to download 3.6.4: "Security researcher Michal Zalewski has identified a problem with the way Firefox handles links that are opened in a new browser window or tab, enabling attackers to inject arbitrary code into the new window or tab while still keeping a deceptive URL in the browser's address bar. The vulnerability, which Mozilla has fixed in version 3.6.4, has the effect of tricking users into thinking that they're visiting a legitimate site while instead sending arbitrary attacker-controlled code to their browsers."

An anonymous reader writes "The recently published Top 500 list of the world's fastest supercomputers is based on the Linpack benchmark developed decades ago by Jack Dongarra. This same test has been ported to Android mobile phones, which means that we can compare the performance of our phones against that of the supercomputers of the past. For example, a tweaked Motorola Droid can hit 52 Mflop/s, which is more than 15 times faster than the CPUs used in the 1979 Cray-1." But even today's most powerful cellphones don't come with an integrated bench.

bonch writes "Objective-C has entered the top 10 of the Tiobe Programming Community Index. Last year, it was at #39. The huge jump is attributed to its use in iPhone and iPad development. C, of which Objective-C is a strict superset, has reclaimed the #1 spot from Java, which slides to #2. Tiobe also explains how it determines its rankings."

eldavojohn writes "Programming Clojure by Stuart Halloway was very near to the perfect book for me. It covers many things common to many Lisp languages while highlighting in moderate detail the things that make Clojure unique and worthy of some attention. The book spends a large amount of time dealing with the intricacies of interfacing fluidly with Java (down to a package rewrite inside a large project). This fits me perfectly as a Java programmer, and I now feel ready to experiment with peppering functional language capabilities into an object oriented language. The book also strives to show how to simplify multithreading through functional programming, which is good because I find multithreading in Java a serious headache that few are good at. Programming Clojure, released in May 2009, is currently the only book out there devoted to Clojure, and the introduction is written by the language's creator, Rich Hickey, who says, 'What is so thrilling about Stuart's book is the extent to which he "gets" Clojure.' The book earns its place on the Pragmatic Bookshelf by guiding the user through rewriting a part of Ant into a new build tool called Lancet — adding to the project what you just learned about Clojure at the end of each chapter." Keep reading for the rest of eldavojohn's review.

VitaminB52 writes "A-level computer science students will no longer be taught C, C#, or PHP from next year following a decision to withdraw the languages by the largest UK exam board. Schools teaching the Assessment and Qualifications Alliance's (AQA) COMP1 syllabus have been asked to use one of its other approved languages — Java, Pascal/Delphi, Python 2.6, Python 3.1, Visual Basic 6, and VB.Net 2008. Pascal/Delphi is 'highly recommended' by the exam board because it is stable and was designed to teach programming and problem-solving."

tbitiss writes "A new open source project dubbed Guacamole allows users to access a desktop remotely through a web browser, potentially streamlining the requirements for client support and administration. Guacamole is an HTML5 and JavaScript (Ajax) VNC viewer that makes use of a VNC-to-XML proxy server written in Java. According to its developers, Guacamole is almost as responsive as native VNC and should work in any browser supporting the HTML5 canvas tag. Supporting 10 Linux desktops in 10 browser tabs? I like the sound of that."

bgweber writes "Last year, the IEEE conference on Computational Intelligence and Games hosted a competition to determine who could write the best AI for playing Mario levels (YouTube video). This year, the conference has expanded the competition to include a track on level generation as well, where the goal is to generate new levels online procedurally. Submitting an entry is as easy as implementing a Java interface that performs procedural content generation. The implications of this competition are techniques for greatly increasing the replayability of games, since each gameplay session could present new levels to the player."

rmoskal recommends his blog post up at Most Media on finding the right level of abstraction, Grails, and SOFEA. "[Three years ago] I was very excited about Apache Wicket as the way to develop line of business applications with a domain model, CRUD [create-read-update-delete] screens for maintaining the model, and in the most interesting cases, doing something else useful besides. I still like Wicket. It has, as its website says, a small conceptual surface area.' It reminds me of Python in that 'You try something it usually just works.' In many respects, though, Wicket seems to be at the wrong level of abstraction for the for the sorts of line-of-business applications described above. If your team is spending any time at all writing code to produce listing, filtering, and sorting behavior, not to mention creating CRUD screens and the back-end logic for these operations, they are probably working at the wrong level of abstraction. ... Recently I did a small project using Grails and was quite pleased. Grails uses groovy, a dynamic language compatible with Java, and is based on the proven technologies that I know and love well: Spring, Hibernate, SiteMesh, Maven, etc. ... I get all the power of the Java ecosystem without the fustiness and lack of expressivity of the core language (no more getters and setters, ever!)."

Trailrunner7 writes "In a sudden about-face, Sun has rushed out a Java update to fix a drive-by download vulnerability that exposed Windows users to in-the-wild malware attacks. The patch comes less than a week after Sun told a Google researcher it did not consider the issue serious enough to warrant an out-of-cycle patch and less than a day after researchers spotted live exploits on a booby-trapped Web site. The flaw, which was also discovered independently by Ruben Santamarta, occurs because the Java-Plugin Browser is running 'javaws.exe' without validating command-line parameters. Despite the absence of documentation, a researcher was about to figure out that Sun removed the code to run javaws.exe from the Java plugin. The about-face by Sun is another sign that some big vendors still struggle to understand the importance of working closely with white hat researchers to understand the implications of certain vulnerabilities. In this case, Google's Tavis Ormandy was forced to use the full-disclosure weapon to force the vendor into a proper response."

Thrashing Rage writes "James Gosling has confirmed he is leaving Sun/Oracle: 'Yes, indeed, the rumors are true: I resigned from Oracle a week ago (April 2nd). I apologize to everyone in St. Petersburg who came to TechDays on Thursday expecting to hear from me. I really hated not being there. As to why I left, it's difficult to answer: just about anything I could say that would be accurate and honest would do more harm than good. The hardest part is no longer being with all the great people I've had the privilege to work with over the years. I don't know what I'm going to do next, other than take some time off before I start job hunting.'"

Trailrunner7 writes "There is a serious vulnerability in Java that makes all current browsers vulnerable to simple Web-based attacks that could lead to a complete compromise of the affected system. Two separate researchers released information on the vulnerability on Friday, saying that it has been present in Java for years. The problem lies in the Java Web Start framework, a technology that Sun Microsystems developed to enable the simplified deployment of Java applications. In essence, the JavaWS technology fails to validate parameters passed to it from the command line, and attackers can control those parameters using specific HTML tags on a Web page, researcher Ruben Santamarta said in an advisory posted Friday morning."

Low Ranked Craig writes "Apple had an event today to show off the next major update to the iPhone OS. iPhone OS 4.0 should arrive this summer (presumably with a new iPhone) for iPhone and iPod Touch, and in the fall for the iPad. According to Apple the update has more than 1,500 new APIs and 100 new features including the sorely missed multitasking. Other highlights include unified inbox, improved security, support for multiple Exchange accounts, application folders, iBooks, and iAd, an advertising framework for developers to put ads in their applications. The official word from Steve on Flash and Java remains a simple 'No.'" Updated 20100408 22:09 GMT by timothy: Read on for more information, including some bad news if you want to program for the iPhone in C# or Flash CS5.