An anonymous reader writes "If you've been hired by a serious software development house, chances are one of your early familiarization tasks was to read company guidelines on coding standards and practices. You've probably been given some basic guidelines, such as gotos being off limits except in specific circumstances, or that code should be indented with tabs rather than spaces, or vice versa. Perhaps you've had some more exotic or less intuitive practices as well; maybe continue or multiple return statements were off-limits. What standards have you found worked well in practice, increasing code readability and maintainability? Which only looked good on paper?"

Delchanat points out a blog entry which notes, "The two biggest computing-providers of today, Amazon and Google, are building their concurrent offerings on top of really concurrent programming languages and systems. Not only because they want to, but because they need to. If you want to build computing into a utility, you need large real-time systems running as efficiently as possible. You need your technology to be able to scale in a similar way as other, comparable utilities or large real-time systems are scaling — utilities like telephony and electricity. Erlang is a language that has all the right properties and mechanisms in place to do what utility computing requires. Amazon SimpleDB is built upon Erlang. IMDB (owned by Amazon) is switching from Perl to Erlang. Google Gears is using Erlang-style concurrency, and the list goes on."

A few weeks ago, you asked questions of Lt. Col. John Bircher, head of an organization with a difficult-to-navigate name: the U.S. Army Computer Network Operations (CNO)-Electronic Warfare (EW) Proponent's Futures Branch. Lt. Col. Bircher has answered from his perspective, at length, not just the usual 10 questions, but several more besides. Read on for his take on cyberwar, jurisdiction, ethics, and more.

jsuda writes "At least a half-dozen times in the book 'Foundations of Mac OS X Leopard Security' the authors state that there is a misconception that the Macintosh computer is immune from security problems. That allegation may explain why there are very few books published (and nearly none in recent years) about security for the Mac. This book is meant to change all that. The authors acknowledge that the Mac OS X software has had little of the security problem experience of Windows (and other operating systems, to a lesser extent) but they spend 455 pages detailing exactly where and how the Macintosh platform is (or may be) vulnerable." Read below for the rest of Jsuda's review.

Jon Mitchell writes "As a Perl programmer recently thrown in to the world of C development on Linux, I have been looking for something that would take my K&R level of experience and bring it up to date with modern methods, hopefully letting me write more efficient and reliable programs. Linux System Programming is a volume that targets this need. Robert Love, former "Chief Architect, Linux Desktop" at Novell, kernel hacker of many years, and Gnome developer of well known features such as Beagle and NetworkManager, attempts in this book to document the Linux system call and C API to common systems programming tasks. Given that he developed the pre-emptive kernel and inotify he has the knowledge." Read below for the rest of Jon's review.

symbolset writes "InternetNews is reporting that Cisco's new Application eXtension Platform turns several models of Cisco switches into Linux application servers. With certified libraries in C, Java and Perl, developers will be able to use a downloadable SDK to build their apps. The AXP server is just another module in a Cisco switch running Cisco's own derivation of a modern Linux distro (Kernel 2.6.x) specifically hardened to run on that particular hardware. Modules will include up to 1.4-GHz Intel Pentiums with 2 GB RAM and a 160 GB hard drive."

LinucksGirl writes to share an IBM DeveloperWorks article that shows how to support user verification through keystroke-dynamics processing by modifying the GNOME Display Manager (GDM). You can create and store a one-way encrypted hash of your keystroke patterns when entering your user name. The article shows how to add code to GDM to read current keystroke patterns and permit a user to log in when the characteristics are a match. An interesting idea to be sure but I know I certainly am not that consistent when I type, so I'm skeptical of how well this may work.

An anonymous reader writes "Engineers' focus and attention to details, along with their perceived lack of social skills, make them ideal targets to be recruited as terrorists, according to EETimes. Planning skills make engineers good 'field operatives' was written up by Raphael Perl, who heads the Action against Terrorism Unit of Organization for Security and Cooperation in Europe. He offers that 'Engineers ideally make excellent strategic planners, and they make excellent field operatives. They think differently from how other people think.' That may sound like a stereotype, but Perl claims that 'because of those traits, terrorist groups actively recruit engineers.' He says that Al-Qaeda has widely acknowledged that a significant number of the group's top leadership had engineering backgrounds." This is the second time in just a few months that engineers have been likened to terrorists.

Michael J. Ross writes "When software developers need to manipulate text programmatically — such as finding all substrings within some text that match a particular pattern — the most concise and flexible solution is to use "regular expressions," which are strings of characters and symbols that can look anything but regular. Nonetheless, they can be invaluable for locating text that matches a pattern (the "expression"), and optionally replacing the matched text with new text. Regular expressions have proven so popular that they have been incorporated into most if not all major programming languages and editors, and even at least one Web server. But each one implements regular expressions in its own way — which is reason enough for programmers to appreciate the latest edition of Regular Expression Pocket Reference, by Tony Stubblebine." Read below for the rest of Michael's review.

simoniker writes "Over at Dobbs Code Talk, Chris Diggins has been discussing programming languages beyond C++ or Java, suggesting options such as Ruby ('does a great job of showing how powerful a dynamic language can be, and leverages powerful ideas from Smalltalk, Perl, and Lisp') but suggesting Scala as a first choice ('Very accessible to programmers from different backgrounds.') What would your choice be for programmers extending beyond their normal boundaries?"

Cory Doctorow sounds the alarm over a Library of Congress deal with Microsoft that will have collections locked up in Silverlight. I'll double the Microsoft deal and offer them $6M in perl scripts and an infinite value of free OS software if they let me (or Google or any other honest company) publish their collections in free formats. "This deal involves the donation of 'technology, services and funding' (e.g., mostly not money) with a purported value of $3M from Microsoft to the Library of Congress. The Library, in turn, agrees to put kiosks running Vista in the library and to use Microsoft Silverlight to 'help power the library's new Web site, www.myloc.gov.'"

CBR is reporting that open source use in the workplace is continuing to grow at an astonishing rate. Up 26% since last year, businesses are using 94 different open source tools to get the job done. "[OpenLogic's] breakdown of licenses for the top 25 packages found that Apache, not the GPL, is the most common license. 62% of the packages use Apache, 27% use some variant of GPL and 4% each use BSD, CPL, Eclipse, MPL and Perl licenses (since packages may be released under two or more licenses, percentages total to more than 100%).

Stony Stevenson writes "Organizations using Python will be affected in a major way by changes in store for the language over the course of the next twelve months, Linux.conf.au attendees were told this morning. The Python development community is working towards a new, backwards-incompatible version of the language, version 3.0, which is slated for release in early 2009. Anthony Baxter, the release manager for Python and a senior software engineer at Google Australia, said "We are going to break pretty much all the code. Pretty much every program will need changes." Baxter also added another tidbit for attendees, saying that Python accounts for around 15 percent of Google's code base."

Esther Schindler writes "Developers spend a lot of time telling managers, 'Let me use the tool that's appropriate for the job' (cue the '...everything looks like a nail' meme here). But rarely do we enumerate when a language is the right one for a particular job, and when it's a very, very wrong choice. James Turner, writing for CIO.com, identifies five tasks for which perl is ideally suited, and four that... well, really, shouldn't you choose something else? This is the first article in a series that will examine what each language is good at, and for which tasks it's just plain dumb. Another article is coming RSN about JavaScript, and yet another for PHP... with more promised, should these first articles do well."

mAriuZ writes "Bob Rogers just released Parrot 0.5.2. This monthly release includes a couple of interesting new features. First, we've bundled Patrick Michaud's Rakudo (thats the implementation of Perl 6 on Parrot) such that you can type make perl6 on Unixy platforms and make perl6.exe on Windows and get a working standalone Perl 6 binary. This is experimental and we hope to iron out some installation and deployment issues by next months release, but it was important to demonstrate our progress. The second new feature is a toolkit for starting your own compiler. Max Mohun built a prototype several months ago, and we've added a stripped-down version for now that builds the skeleton of a compiler for you using the Parrot Compiler Tools. I mentioned the LOLCODE compiler in What the Perl 6 and Parrot Hackers Did on Their Christmas Vacation; this is how Simon and Company were able to get LOLCODE up and running so quickly."

Coverity is claiming they have found and helped to fix more than 7,500 security flaws in open source software since the inception of the governmentally backed project designed to harden open source software. The company has also identified eleven projects that have been especially responsive in correcting security problems. "Eleven projects have been awarded the newly announced status of Rung 2, including those known as Amanda, NTP, OpenPAM, OpenVPN, Overdose, Perl, PHP, Postfix, Python, Samba, and TCL."

The TIOBE Programming Community Index has declared Python as the Programming Language of 2007 due to a 58% surge in its popularity rating during the year, making it now the sixth most popular programming language and finally surpassing Perl. They also assert that Python has become the "defacto glue language," being "especially beloved by system administrators and build managers."

Stony Stevenson alerts us to a US Department of Homeland Security program in which subcontractors have been examining FOSS source code for security vulnerabilities. InformationWeek.com takes a glass-half-empty approach to reporting the story, saying that for FOSS code on average 1 line in 1000 contains a security bug. From the article: 'A total of 7,826 open source project defects have been fixed through the Homeland Security review, or one every two hours since it was launched in 2006 ...' ZDNet Australia prefers to emphasize those FOSS projects that fixed every reported bug, thus achieving a clean bill of health according to DHS. These include PHP, Perl, Python, Postfix, and Samba.

alfcateat writes "Perl 1 was released to the public by Larry Wall 20 years ago yesterday. To celebrate, Perl5Porters have released Perl5.10, the latest stable version of Perl 5. Happy Birthday Perl! Perl 5.10 isn't just a bug fix version: it's full of new features that I'm eager to use: named captures in regular expressions, state variables for subroutines, the defined-or operator, a switch statement (called given-when, though), a faster regex engine, and more. You can read more about the changes in perldelta."

chromatic writes "Larry Wall's State of the Onion 11 address is now online. Every year, he describes the state of Perl and its community through metaphor and analogy. This year, Larry explored the history of scripting languages, from their dimly-lit beginnings to their glorious future. Along the way, he also describes several of the design principles invoked in the design of Perl 6. 'When I was a RSTS programmer on a PDP-11, I certainly treated BASIC as a scripting language, at least in terms of rapid prototyping and process control. I'm sure it warped my brain forever. Perl's statement modifiers are straight out of BASIC/PLUS. It even had some cute sigils on the ends of its variables to distinguish string and integer from floating point. But you could do extreme programming. In fact, I had a college buddy I did pair programming with. We took a compiler writing class together and studied all that fancy stuff from the dragon book.'"