The Almighty Buck

Stack Overflow Launches Salary Calculator For Developers (stackoverflow.com) 102

An anonymous reader writes: Stack Overflow today launched Salary Calculator, a tool that lets developers check out typical salaries across the industry. The calculated results are based on five factors: location, education, years of professional coding experience, developer type, and technologies used professionally. Stack Overflow is releasing the tool because it believes developers should be empowered with more information around job searches, careers, and salary. The company noticed ads on Stack Overflow Jobs that include salary information get 75 percent more clicks than ads without salary information. Even in cases when the salary range is below average, the ads still get 60 percent more clicks.
Java

IBM Open Sources Their Own JVM/JDK As Eclipse OpenJ9 (eclipse.org) 179

IBM has open sourced a "high performance, scalable virtual machine" with "a great pedigree... [it's] at the core of many IBM enterprise software products." Slashdot reader dxb1230 writes: IBM has open sourced their JDK/JVM implementation named J9 as OpenJ9. The community now has an alternative implementation of Java which has been well tested on enterprise workloads and hardware. This unlike, OpenJDK, has all the bells and whistles like jit.
Python

Python's Official Repository Included 10 'Malicious' Typo-Squatting Modules (bleepingcomputer.com) 69

An anonymous reader quotes BleepingComputer: The Slovak National Security Office (NBU) has identified ten malicious Python libraries uploaded on PyPI -- Python Package Index -- the official third-party software repository for the Python programming language. NBU experts say attackers used a technique known as typosquatting to upload Python libraries with names similar to legitimate packages -- e.g.: "urlib" instead of "urllib." The PyPI repository does not perform any types of security checks or audits when developers upload new libraries to its index, so attackers had no difficulty in uploading the modules online.

Developers who mistyped the package name loaded the malicious libraries in their software's setup scripts. "These packages contain the exact same code as their upstream package thus their functionality is the same, but the installation script, setup.py, is modified to include a malicious (but relatively benign) code," NBU explained. Experts say the malicious code only collected information on infected hosts, such as name and version of the fake package, the username of the user who installed the package, and the user's computer hostname. Collected data, which looked like "Y:urllib-1.21.1 admin testmachine", was uploaded to a Chinese IP address. NBU officials contacted PyPI administrators last week who removed the packages before officials published a security advisory on Saturday."

The advisory lays some of the blame on Python's 'pip' tool, which executes arbitrary code during installations without requiring a cryptographic signature.

Ars Technica also reports that another team of researchers "was able to seed PyPI with more than 20 libraries that are part of the Python standard library," and that group now reports they've already received more than 7,400 pingbacks.
Advertising

First Ever Malvertising Campaign Uses JavaScript To Mine Cryptocurrencies In Your Browser (bleepingcomputer.com) 70

An anonymous reader writes from a report via Bleeping Computer: Malware authors are using JavaScript code delivered via malvertising campaigns to mine different cryptocurrencies inside people's browsers (mostly Monero), without their knowledge. The way crooks pulled this off was by using an online advertising company that allows them to deploy ads with custom JavaScript code. The JavaScript code is a modified version of MineCrunch (also known as Web Miner), a script released in 2014 that can mine cryptocurrencies using JavaScript code executed inside the browser. Cryptocurrency mining operations are notoriously resource-intensive and tend to slow down a user's computer. To avoid raising suspicion, crooks delivered malicious ads mainly on video streaming and browser-based gaming sites (currently mostly Ukrainian and Russian sites). Both types of sites use lots of resources, and users wouldn't get suspicious when their computer slowed down while accessing the site. Furthermore, users tend to linger more on browser games and video streaming services, allowing the mining script to do its job and generate profits for the crooks.
Java

Java EE Is Moving To the Eclipse Foundation (adtmag.com) 70

Oracle has chosen the Eclipse Foundation to be the new home of the Java Platform Enterprise Edition (Java EE), the company announced this week. Oracle made the decision in collaboration with IBM and Red Hat, the two other largest contributors to the platform. From a report: "The Eclipse Foundation has strong experience and involvement with Java EE and related technologies," wrote Oracle software evangelist David Delabassee in a blog post. This will help us transition Java EE rapidly, create community-friendly processes for evolving the platform, and leverage complementary projects such as MicroProfile. We look forward to this collaboration." Mike Milinkovich, executive director of the Eclipse Foundation, is optimistic about this move, which he said is exactly what the enterprise Java needs and what the community has been hoping for.
Google

Google Publicly Releases Internal Developer Documentation Style Guide (betanews.com) 96

BrianFagioli shares a report from BetaNews: The documentation aspect of any project is very important, as it can help people to both understand it and track changes. Unfortunately, many developers aren't very interested in documentation aspect, so it often gets neglected. Luckily, if you want to maintain proper documentation and stay organized, today, Google is releasing its internal developer documentation style guide. This can quite literally guide your documentation, giving you a great starting point and keeping things consistent.

Jed Hartman, Technical Writer, Google says, "For some years now, our technical writers at Google have used an internal-only editorial style guide for most of our developer documentation. In order to better support external contributors to our open source projects, such as Kubernetes, AMP, or Dart, and to allow for more consistency across developer documentation, we're now making that style guide public. If you contribute documentation to projects like those, you now have direct access to useful guidance about voice, tone, word choice, and other style considerations. It can be useful for general issues, like reminders to use second person, present tense, active voice, and the serial comma; it can also be great for checking very specific issues, like whether to write 'app' or 'application' when you want to be consistent with the Google Developers style."
You can access Google's style guide here.
Programming

Is Python Really the Fastest-Growing Programming Language? (stackoverflow.blog) 254

An anonymous reader quotes Stack Overflow Blog: In this post, we'll explore the extraordinary growth of the Python programming language in the last five years, as seen by Stack Overflow traffic within high-income countries. The term "fastest-growing" can be hard to define precisely, but we make the case that Python has a solid claim to being the fastest-growing major programming language... June 2017 was the first month that Python was the most visited [programming language] tag on Stack Overflow within high-income nations. This included being the most visited tag within the US and the UK, and in the top 2 in almost all other high income nations (next to either Java or JavaScript). This is especially impressive because in 2012, it was less visited than any of the other 5 languages, and has grown by 2.5-fold in that time. Part of this is because of the seasonal nature of traffic to Java. Since it's heavily taught in undergraduate courses, Java traffic tends to rise during the fall and spring and drop during the summer.

Does Python show a similar growth in the rest of the world, in countries like India, Brazil, Russia and China? Indeed it does. Outside of high-income countries Python is still the fastest growing major programming language; it simply started at a lower level and the growth began two years later (in 2014 rather than 2012). In fact, the year-over-year growth rate of Python in non-high-income countries is slightly higher than it is in high-income countries... We're not looking to contribute to any "language war." The number of users of a language doesn't imply anything about its quality, and certainly can't tell you which language is more appropriate for a particular situation. With that perspective in mind, however, we believe it's worth understanding what languages make up the developer ecosystem, and how that ecosystem might be changing. This post demonstrated that Python has shown a surprising growth in the last five years, especially within high-income countries.

The post was written by Stack Overflow data scientist David Robinson, who notes that "I used to program primarily in Python, though I have since switched entirely to R."
Bug

Bug In Windows Kernel Could Prevent Security Software From Identifying Malware (bleepingcomputer.com) 75

An anonymous reader writes: "Malware developers can abuse a programming error in the Windows kernel to prevent security software from identifying if, and when, malicious modules have been loaded at runtime," reports Bleeping Computer. "The bug affects PsSetLoadImageNotifyRoutine, one of the low-level mechanisms some security solutions use to identify when code has been loaded into the kernel or user space. The problem is that an attacker can exploit this bug in a way that PsSetLoadImageNotifyRoutine returns an invalid module name, allowing an attacker to disguise malware as a legitimate operation. The issue came to light earlier this year when enSilo researchers were analyzing the Windows kernel code. Omri Misgav, Security Researcher at enSilo and the one who discovered the issue, says the bug affects all Windows versions released since Windows 2000. Misgav's tests showed that the programming error has survived up to the most recent Windows 10 releases." In an interview, the researcher said Microsoft did not consider this a security issue. Bug technical details are available here.
Education

Following Cheating Scandals, Harvard Dean of Undergrad Ed Visits CS50 Class and Tells Students Not To Cheat (thecrimson.com) 107

theodp writes: After a flood of cheating cases roiled Harvard's Computer Science 50: "Introduction to Computer Science I" last year, Dean of Undergraduate Education Jay Harris implored students in the course not to cheat on assignments at an orientation session Wednesday night. Course head David Malan, the Harvard Crimson reports, spent the last five minutes of the orientation session fielding questions from students confused about the course's collaboration policy and whether or not CS50 enrollees are allowed to use code found online. He told them never to Google solutions, and never to borrow a friend's work. Last week, CS50 students were informed via a CS50 FAQ that they are also now "encouraged" to physically attend the course's taped weekly lectures. In an essay last year, Prof. Malan had questioned the value of saying everyone should attend every lecture. Attendance is now also expected at every discussion section until the first mid-semester exam. In case you're curious, the estimated sticker price for attending Harvard College during the 2017-2018 school year is $69,600-$73,600 (health insurance sold separately).
Chrome

Chrome 61 Arrives With JavaScript Modules, WebUSB Support (venturebeat.com) 115

The latest version of Google Chrome has launched, bringing a host of new developer features like JavaScript modules and WebUSB support. An anonymous Slashdot reader shares a report from VentureBeat: Google has launched Chrome 61 for Windows, Mac, and Linux. Additions in this release include JavaScript modules and WebUSB support, among other developer features. You can update to the latest version now using the browser's built-in silent updater or download it directly from google.com/chrome. Google also released Chrome 61 for Android today. In addition to performance and stability fixes, you can expect two new features: Translate pages with a more compact toolbar and pick images with an improved image picker.

Chrome now supports JavaScript modules natively via the new element, letting developers declare a script's dependencies. Modules are already popular in third-party build tools, which use them to bundle only the required scripts. Native support means the browser can fetch granular dependencies in parallel, taking advantage of caching, avoiding duplications across the page, and ensuring the script executes in the correct order, all without a build step. Google recommends these two blog posts for more information: ECMAScript modules in browsers and ES6 Modules in Depth. Speaking of JavaScript, Chrome 61 also upgrades the browser's V8 JavaScript engine to version 6.1. Developers can expect performance improvements and a binary size reduction. The WebUSB API meanwhile allows web apps to access user-permitted USB devices. This enables all the functionality provided by hardware peripherals such as keyboards, mice, printers, and gamepads, while still preserving the security guarantees of the web.

Businesses

Oracle Staff Report Big Layoffs Across Solaris, SPARC Teams (theregister.co.uk) 239

Simon Sharwood, reporting for the Register: Soon-to-be-former Oracle staff report that the company made hundreds of layoffs last Friday, as predicted by El Reg, with workers on teams covering the Solaris operating system, SPARC silicon, tape libraries and storage products shown the door. Oracle's media relations agency told The Register: "We decline comment." However, Big Red's staffers are having their say online, in tweets such as the one below. "For real. Oracle RIF'd most of Solaris (and others) today," an employee said. A "RIF" is a "reduction in force", Oracle-speak for making people redundant (IBM's equivalent is an "RA", or "resource action"). Tech industry observer Simon Phipps claims "~all" Solaris staff were laid off. "For those unaware, Oracle laid off ~ all Solaris tech staff yesterday in a classic silent EOL of the product."
Android

With Android Oreo, Google Is Introducing Linux Kernel Requirements (betanews.com) 120

Mark Wilson shares a report from BetaNews: As is easy to tell by comparing versions of Android from different handset manufacturers, developers are -- broadly speaking -- free to do whatever they want with Android, but with Oreo, one aspect of this is changing. Google is introducing a new requirement that OEMs must meet certain requirements when choosing the Linux kernel they use. Until now, as pointed out by XDA Developers, OEMs have been free to use whatever Linux kernel they wanted to create their own version of Android. Of course, their builds still had to pass Google's other tests, but the kernel number itself was not an issue. Moving forward, Android devices running Oreo must use at least kernel 3.18, but there are more specific requirements to meet as well. Google explains on the Android Source page: "Android O mandates a minimum kernel version and kernel configuration and checks them both in VTS as well as during an OTA. Android device kernels must enable the kernel .config support along with the option to read the kernel configuration at runtime through procfs."
Government

Thousands of Job Applicants Citing Top Secret US Government Work Exposed In Amazon Server Data Breach (gizmodo.com) 115

According to Gizmodo, "Thousands of files containing the personal information and expertise of Americans with classified and up to Top Secret security clearances have been exposed by an unsecured Amazon server, potentially for most of the year." From the report: The files have been traced back to TigerSwan, a North Carolina-based private security firm. But in a statement on Saturday, TigerSwan implicated TalentPen, a third-party vendor apparently used by the firm to process new job applicants. "At no time was there ever a data breach of any TigerSwan server," the firm said. "All resume files in TigerSwan's possession are secure. We take seriously the failure of TalentPen to ensure the security of this information and regret any inconvenience or exposure our former recruiting vendor may have caused these applicants. TigerSwan is currently exploring all recourse and options available to us and those who submitted a resume."

Found on an insecure Amazon S3 bucket without the protection of a password, the cache of roughly 9,400 documents reveal extraordinary details about thousands of individuals who were formerly and may be currently employed by the U.S. Department of Defense and within the U.S. intelligence community. The files, unearthed this summer by a security analyst at the California-based cybersecurity firm UpGuard, were discovered in a folder labeled "resumes" containing the curriculum vitae of thousands of U.S. citizens holding Top Secret security clearances -- a prerequisite for their jobs at the Central Intelligence Agency, the National Security Agency, and the U.S. Secret Service, among other government agencies.

Java

Why Oracle Should Cede Control of Java SE (infoworld.com) 110

An anonymous reader quotes InfoWorld: Now that Oracle wants to turn over leadership of enterprise Java's (Java EE's) development to a still-unnamed open source foundation, might the same thing happen with the standard edition of Java (Java SE) that Oracle also controls? Such a move could produce substantial benefits... Oracle said it has no plans to make such a move. But the potential fruits of a such a move are undeniable.

For one, a loosening of Oracle's control could entice other contributors to Java to participate more... [W]ith the current Oracle-dominated setup, other companies and individuals could be reluctant to contribute a lot if they see it as benefiting a major software industry provider -- and possible rival -- like Oracle... Indeed, the 22-year-old language and platform could be given a whole new lease on life, if the open source community rises to the occasion and boosts participation...

Despite the potential to grow Java SE by ceding control, Oracle seems content to hold on to its place as the steward of JDK development. But that could change given the tempestuous relationship Oracle has with parts of the Java community. Oracle has been at loggerheads with the community over both Java SE and Java EE... Oracle may at some point decide it is easier to just cede control rather than having to keep soothing the ruffled feathers that keep occurring among its Java partners.

Programming

Solve a 'Simple' Chess Puzzle, Win $1 Million (st-andrews.ac.uk) 125

An anonymous reader brings an important announcement: Researchers at the University of St Andrews have thrown down the gauntlet to computer programmers to find a solution to a "simple" chess puzzle which could, in fact, take thousands of years to solve, and net a $1 million prize. Computer Scientist Professor Ian Gent and his colleagues, at the University of St Andrews, believe any program capable of solving the famous "Queens Puzzle" efficiently would be so powerful, it would be capable of solving tasks currently considered impossible, such as decrypting the toughest security on the internet. In a paper [PDF] published in the Journal of Artificial Intelligence Research today, the team conclude the rewards to be reaped by such a program would be immense, not least in financial terms with firms rushing to use it to offer technological solutions, and also a $1 million prize offered by the Clay Mathematics Institute in America.

Devised in 1850, the Queens Puzzle originally challenged a player to place eight queens on a standard chessboard so that no two queens could attack each other. This means putting one queen in each row, so that no two queens are in the same column, and no two queens in the same diagonal. Although the problem has been solved by human beings, once the chess board increases to a large size no computer program can solve it.

Education

Do Code Bootcamps Work? (inc.com) 139

"Computer programming is highly specialized work; it can't be effectively taught in an intensive program," writes Inc. magazine's contributing editor: Last month, two of the country's largest and most well-regarded coding bootcamps closed. While there are still over 90 such camps in the U.S. and Canada, these for-profit intensive software engineering schools aren't successfully preparing their students for programming jobs. According to a recent Bloomberg article, the Silicon Valley recruiter Mark Dinan characterized the bootcamps as "a freaking joke," while representatives of Google and Autodesk said respectively that "most graduates from these programs are not quite prepared" and "coding schools haven't been much of a focus for [us]."

In one sense, the failure of coding bootcamps reflects the near-universal failure of for-profit universities, colleges, and charter schools to provide a usable education. In another sense, though, coding bootcamps represent a profound misunderstanding of what computer programming is all about... Coding at the professional level is highly specialized and requires years of practice to master... the idea of a bootcamp for coding is just as practical as the idea of a bootcamp for surgery.

Android

Petition Asks the Developers of Phoenix OS to Open Source the Kernel (xda-developers.com) 34

An anonymous reader shares a report: Android is mainly considered an open source mobile operating system, but there are a number of closed source elements that hundreds of millions of people use every day. The actual requirements of Android is that the kernel be open sourced for the public. This is enforced by the GPL but sadly this is one of those gray areas where someone actually needs to take legal action to enforce it. Some companies have violated this time and time again, and a new petition is calling for the developers of Phoenix OS to do the right thing. For those who are unaware, Phoenix OS is one of the only full desktop versions of Android that is still being maintained. [...] So a dedicated fan of the platform, Karol Putra, has created a Change.org petition in hopes that it will change their minds.
Oracle

Oracle Finally Decides To Stop Prolonging the Inevitable, Begins Hardware Layoffs (theregister.co.uk) 177

Shaun Nichols, reporting for The Register: Oracle is starting layoffs that will hit its hardware division, The Register has learned. Current and some soon-to-be former staffers have whispered that the database giant is shipping out packages containing the paperwork for ending their employment. The workers have received alerts from FedEx that the packages, which will need to be signed for, are en route for a September 1 delivery. "One of my co-workers emailed that he received a notification from FedEx of a label created by Oracle America, Inc," writes one anonymous employee. "I just checked and a label has been created for my home address. This is in the US. Looks like Friday is it for Sparc MicroElectronics." The layoffs are hardly a surprise, given the performance of Oracle's hardware unit as of late. In the last financial year, Oracle reported hardware revenues of $4.15bn. By comparison, in 2016 the unit logged hardware revenues of $4.67bn. In 2015 it was $5.2bn, and 2014 saw $5.37bn.
Businesses

Coders In Wealthy and Developing Countries Lean on Different Programming Languages (vice.com) 92

Stack Overflow data scientist David Robinson published an interesting observation: There exists a small but meaningful divide between the programming technologies used in wealthy countries and those used in developing countries. From a report: To be sure, programmers everywhere tend to build things with the same tools, which makes sense because software is a global industry. The first is in data science, which tends to employ the programming languages Python and R. "Python is visited about twice as often in high-income countries as in the rest of the world, and R about three times as much," Robinson writes. "We might also notice that among the smaller tags, many of the greatest shifts are in scientific Python and R packages such as pandas, numpy, matplotlib and ggplot2. This suggests that part of the income gap in these two languages may be due to their role in science and academic research. It makes sense these would be more common in wealthier industrialized nations, where scientific research makes up a larger portion of the economy and programmers are more likely to have advanced degrees." C and C++ use is similarly skewed toward wealthy countries. This is likely for a similar reason. These are languages that are pushed in American universities. They also tend to be used in highly specialized/advanced programming fields like embedded software and firmware development where you're more likely to find engineers with advanced degrees.
Businesses

China Regulator To Review Apple Antitrust Complaint (bloomberg.com) 30

China's State Administration for Industry and Commerce is reviewing an antitrust complaint accusing Apple of abusing its dominant position in smartphone applications, people familiar with the matter told Bloomberg. From the report: The regulator is studying the information following a complaint filed on behalf of developers before deciding if a formal investigation is necessary, said the people, who asked not to be named because the matter isn't public. The review is preliminary and Chinese antitrust agencies usually review such information before deciding whether a official probe is needed. Beijing-based law firm Daxiao, or Dare & Sure, said earlier this month it filed complaints on the developers' behalf to the SAIC and the National Development and Reform Commission. The lawyers accused Apple of removing apps without a proper explanation and taking an excessive 30 percent cut of in-app transactions, it said in an Aug. 8 statement. The law firm now represents close to 50 developers, producing games and a number of other apps, according to Lin Wei, managing partner of Dare & Sure.
Google

Google Unveils ARCore, Its Answer To Apple's ARKit (fastcompany.com) 40

Google has taken the wraps off its answer to Apple's ARKit -- a new augmented reality development platform called "ARCore." In a blog post, the company said it's releasing a "preview" software development kit for ARCore to Android developers today. From a report: Google released its Tango AR platform in 2014, but AR experiences built on that platform could run only on a few phones sporting advanced sensors and cameras. With ARCore, Google says, developers can create AR apps and games that run on virtually any Android smartphone -- existing and forthcoming. "We've been developing the fundamental technologies that power mobile AR over the last three years with Tango, and ARCore is built on that work," says Android Engineering VP Dave Burke in today's blog post. Developers who have already developed on the Tango platform, Burke says, can use that experience to help them create on the ARCore platform. ARCore games and apps will use an Android phone's camera to determine the position and movement of the phone itself within a real-world environment. The camera will determine the location of horizontal surfaces on which to place digital objects. The camera will also measure the ambient light in a given space, so that digital objects will appear to reflect light in convincing ways.
Java

OpenJDK May Tackle Java Security Gaps With A Secretive New Group (infoworld.com) 79

An anonymous reader quotes InfoWorld: To shore up Java's security, a private group that operates outside the normal open source community process is under consideration. The proposed OpenJDK Vulnerability Group would provide a secure, private forum in which trusted members of the community receive reports on vulnerabilities in code bases and then review and fix them... The vulnerability group and Oracle's internal security teams would work together, and it may occasionally need to work with external security organizations.

Due to the sensitive nature of its work, membership in the group would be more selective, there would be a strict communication policy, and members or their employers would need to sign both a nondisclosure and a license agreement, said Mark Reinhold, chief architect of the Java platform group at Oracle. "These requirements do, strictly speaking, violate the OpenJDK bylaws," Reinhold said. "The governing board has discussed this, however, and I expect that the board will approve the creation of this group with these exceptional requirements." If the Java security group is approved, Andrew Gross, leader of Oracle's internal Java vulnerability team, would lead it.

AI

Could AI Transform Continuous Delivery Development? (thenextweb.com) 78

An anonymous reader quotes The Next Web: According to one study, high-performing IT units with faster software releases are twice as likely to achieve their goals in customer satisfaction, profitability, market share and productivity. Acknowledgement of this has fueled a headlong rush toward what software developers call "continuous delivery"... It's a process most technology departments aspire to but only a fraction have achieved. According to a recent survey by Evans Data, 65 percent of organizations are using continuous delivery on at least some projects, but only 28 percent are using it for all their software. Among non-SaaS companies, that proportion is just 18 percent...

So what comes next? The future of application development depends on using artificial intelligence within the continuous delivery model... We're at the precipice of a new world of AI-aided development that will kick software deployment speeds -- and therefore a company's ability to compete -- into high gear. "AI can improve the way we build current software," writes Diego Lo Giudice of Forrester Research in a recent report. "It will change the way we think about applications -- not programming step by step, but letting the system learn to do what it needs to do -- a new paradigm shift." The possibilities are limited only by our creativity and the investment organizations are willing to make.

The article was written by the head of R&D at Rainforest QA, which is already using AI to manage their crowdsourced quality assurance testing. But he ultimately predicts bigger roles for AI in continuous delivery development -- even choosing which modifications to use in A/B testing, and more systematic stress-testing.
Businesses

A New Non-Money Oriented Crowdsourcing Platform Based On Code Contributions (crowdsourcer.io) 84

An anonymous reader shares a new crowdfunding site built on open source principles to "remove the money element from project creation" so creators "don't have to take extreme actions such as quitting their jobs or compromising on their ideas because of investor demands. Because of the nature of crowdsourcer.io projects, project creators can remain as ambitious as funded projects and get all the contributors they need to make their idea a reality."

From the site: Crowdsourcer.io is an alternative crowd sourcing platform that allows developers and designers alike to create or join in on software related projects, build up their contribution and earn an income from the final product. Think of Crowdsourcer.io as something between open source software creation and Kickstarter start ups, a new crowd sourcing alternative, in its purest form"
The site's creator recently answered questions on Reddit, saying they'd spent years fine-tuning the idea, and writing that "It's really focussed on people who don't want to quit their job to form their own software company, and don't want to become embroiled in debt or other financing." A note at the bottom of the site adds that "Crowdsourcer.io is young. We want your ideas!"
Cloud

Employers Want More Open Source Workers, Says Linux Foundation Study (zdnet.com) 164

As in past years, "Open source is professionalizing, and employers are seeking staff with demonstrable skills," says the executive director of the Linux Foundation, describing the results of a new study with Dice.com. An anonymous reader quotes ZDNet: According to the two groups' 2017 Open Source Jobs Survey and Report, "Not only do 89 percent of hiring managers report difficulty in finding qualified talent for open source roles, but 58 percent report needing to hire more open source professionals in the next six months than in the six months prior"... Seventy percent of employers, up from 66 percent in 2016, are hunting for workers with cloud experience. Web technologies placed second, with 67 percent of hiring managers hunting for workers with JavaScript and related skills. This is up five percent from last year's 62 percent. The demand for Linux talent remains strong. Sixty-five percent of hiring managers are looking for Linux experts. That's down slightly from 2016's 71 percent.
The three most common positions that they're looking to fill are developer, DevOps engineer, and systems administrator, according to the study, and "a growing number of companies (60 percent) are looking for full-time hires, compared with 53 percent last year.

"Nearly half (47 percent) of companies will pay for employees to become open-source certified."
Software

Software Is Eating the Auto Industry (strategyanalytics.com) 101

Roger Lanctot, writing for research firm Strategy Analytics: There are many more opportunities in cars today for things to go wrong as software takes over an ever-expanding array of functionality from the car stereo to enhanced safety systems and the vehicle powertrain. There are software bugs, updates, conflicts and, lately, cybersecurity vulnerabilities to worry about so it is perhaps no surprise that software is figuring in vehicle recalls. In the latest update of software-based recalls from CX3 Marketing, software-based recalls crept up higher again in 2016, surpassing 6M vehicles. It's a small portion of the overall total but it is growing -- especially as a proportion of the total. This expanding crisis in vehicle recalls is both good news and bad news for the automotive industry. The good news is that software recalls can often be corrected with over-the-air software updates. The bad news is that auto makers are in the very earliest stages of deploying software updating technology and, particularly in the U.S., they have yet to sort out conflicts with state-level dealer franchise laws that require warranty service work such as software updates be handled by dealers. The expanding role of software and the growing number of software-related recalls reflects an emerging battleground in the industry. The creation of software is expensive and labor intensive and also poses an ownership question. Starting approximately 10 years ago with BMW and Intel's mutual effort to bring Linux into cars on a larger scale via the GenIVI Alliance, auto makers have been seeking to segregated hardware from software in such a manner that hardware could conceivably be relegated to sourcing from contract manufacturers (like Flextronics) and software development costs could be reduced by sharing code. At the same time, car makers have sought to take ownership of the code written for their vehicles. Car enthusiasts have taken issue with the ownership question, asserting their right to modify vehicle software as they see fit. That particular struggle is yet to be resolved but has gained new life as more tinkerers experiment with home-grown self-driving car technology.
United States

As Coding Boot Camps Close, the Field Faces a Reality Check (nytimes.com) 179

An anonymous reader shares a report: In the last five years, dozens of schools have popped up offering an unusual promise: Even humanities graduates can learn how to code in a few months and join the high-paying digital economy. Students and their hopeful parents shelled out as much as $26,000 seeking to jump-start a career. But the coding boot-camp field now faces a sobering moment, as two large schools have announced plans to shut down this year -- despite backing by major for-profit education companies, Kaplan and the Apollo Education Group, the parent of the University of Phoenix. The closings are a sign that years of heady growth led to a boot-camp glut, and that the field could be in the early stages of a shakeout. [...] One of the casualties, Dev Bootcamp, was a pioneer. It started in San Francisco in 2012 and grew to six schools with more than 3,000 graduates. Only three years ago, Kaplan, the biggest supplier of test-preparation courses, bought Dev Bootcamp and pledged bold expansion. It is now closing at the end of the year. Also closing is The Iron Yard, a boot camp that was founded in Greenville, S.C., in 2013 and swiftly spread to 15 campuses, from Las Vegas to Washington, D.C. Its main financial backer is the Apollo Education Group. Since 2013, the number of boot camp schools in the United States has tripled to more than 90, and the number of graduates will reach nearly 23,000 in 2017, a tenfold jump from 2013, according to Course Report, which tracks the industry.
United States

Apple Is Pulling Apps By Iranian Developers From The App Store To Comply With US Sanctions (buzzfeed.com) 101

An anonymous reader shares a report: Apple is pulling apps created by Iranian developers that are specifically designed for people in Iran from its App Stores to comply with US sanctions, The New York Times reports. Apple does not sell its products in Iran and an Iranian version of the Apple App Store doesn't exist, but smuggled iPhones are popular among wealthy Iranians. Iranian developers have created thousands of apps for these users and offer them on App Stores in other countries including the US App Store. For the last few weeks, Apple has been removing Iranian food delivery and shopping apps, and on Thursday, it removed Snapp, an Uber-like ride hailing app that is popular in Iran.
Programming

Node.js Forked Again Over Complaints of Unresponsive Leadership (thenewstack.io) 338

New submitter Kant shares a report: The codebase for popular Node.js JavaScript runtime has been forked again -- the second time in less than three years -- with a growing number of contributors charging that the Technical Steering Committee (TSC) leadership is ignoring repeated violations of the project's code of conduct. The new project, called Ayo will be managed under an open governance model. The complaints centered around ongoing behavior of NodeSource Director of Engineering, and Node.js TSC member Rod Vagg. The TSC received multiple complaints from Node.js members about a Tweet from Vagg promoting a Men's Rights Activist-slanted article, one that cast doubt on the validity of project Code-of-Conducts. In that Tweet, Vagg commented "If you've never considered the potential downsides of codes of conduct, here's a good place to start." [...] On August 21, The TSC voted on whether or not to remove Vagg from its ranks. Of the 10 TSC members who voted, 60 percent voted against removing Rod from the TSC and 60 percent voted against asking Rod to voluntarily resign. That the TSC voted to keep Vagg on the committee inflamed others in the project. One committee member, Myles Borins, resigned in protest. The decision to keep Vagg "undermines our Conduct Guidelines, drives away potential contributors, and in my opinion undermines the Committee's ability to govern," he wrote in a blog post. In a post further explaining the need for the forked Ayo project, developer Rudolf Olah explained that "Driving away contributors can be fatal in the open source world where most developers are essentially using their free time and volunteering to contribute. It is already difficult enough to attract contributors to smaller projects and larger projects, such as Node.js, need to be careful to make all contributors feel welcome."
Programming

JavaScript Is Eating The World (dev.to) 349

An anonymous reader shares a report: In case you haven't heard the news, JavaScript and NodeJS are single handedly eating the world of software. NodeJS is an Open Source server-side JavaScript environment based on the V8 JS rendering engine found in Google Chrome. Once only thought of as a "hipster" framework, NodeJS is fastly becoming one of the most commonly used languages in building web applications and is beginning to find its way into the Enterprise. Netflix, Microsoft, PayPal, Uber, and IBM have adopted the popular "hipster" server-side JavaScript engine for use inside high traffic, high profile production projects. Java still powers the backend of Netflix, but all the stuff that the user sees comes from Node. In addition to Node, Netflix is also using ReactJS in their stack. PayPal too is moving away from Java and onto JavaScript and NodeJS for use in their web application platform. Uber has built its massive driver / rider matching system on Node.js Distributed Web Architecture. IBM has also embraced NodeJS as well. Even Microsoft has embraced NodeJS, offering direct integrations into their Azure Platform, releasing a wealth of tutorials targeted at Node and they have even announced plans to fork the project and build their own version of Node powered by their Edge Javascript engine instead of Chrome's V8.
Crime

Iowa Computer Programmer Gets 25 Years For Lottery Scam (desmoinesregister.com) 131

An anonymous reader quotes a report from The Des Moines Register: Eddie Tipton, the Iowa brainpower behind a case of multi-state lottery fraud, will spend up to 25 years in prison for rigging "random" drawing jackpots. It's unknown how many years Tipton will actually spend in prison. He could be paroled within three or four years, his attorneys noted. Tipton, 54, was a longtime computer programmer in the Iowa offices of the Multi-State Lottery Association who installed software that allowed him to pick winning numbers in some of the nation's most popular lottery drawings. His scam began to unravel following unsuccessful attempts to anonymously collect a $16.5 million Hot Lotto ticket that was purchased at a Des Moines convenience store in 2010. "I certainly regret," Tipton said. "It's difficult even saying that. With all the people I know behind me that I hurt and I regret it. I'm sorry."
Education

Ask Slashdot: How Can You Teach Programming To Schoolchildren? 353

Slashdot reader SPopulisQR writes: A new school year is approaching and I wanted to ask what are appropriate programming languages for children of various ages. Specifically, 1) what coding languages should be considered, and 2) are there are any self-guided coding websites that can be used by children to learn coding using guidance and help online? Let's say the ages are 8 and 12.
I know there's lots of opinions about CS education (and about whether or not laptops increase test scores). So leave your own best thoughts in the comments. How can you teach programming to schoolchildren?
Java

Red Hat Gives Ceylon To The Eclipse Foundation (eclipse.org) 97

An anonymous reader writes: Some media outlets called Ceylon an attempted "Java killer" when Gavin King first unveiled his secret two-year development project in 2011. In 2013 Red Hat finally released version 1.0 of the modern, modular statically-typed programming language for the Java and JavaScript virtual machines. After another four years, "Ceylon has a small but very active and enthusiastic community of developers and users, and indeed is the fruit of the hard work of a large number of contributors over the years," says a project proposal page at Eclipse.org seeking "to further grow our community... a key strategy to achieve that would be to move Ceylon from Red Hat to a vendor-neutral foundation."

That project has now been approved, and the "Eclipse Ceylon" project has been created. It includes the Ceylon distribution and its SDK, plus the Java2Ceylon converter and the Ceylon Herd project's server (and related services) for Ceylon module sharing. There's also three IDEs (and their code-formatting and functionality-sharing modules).

Back in 2011 InfoWorld predicted that instead of becoming a Java killer, "it is more likely Ceylon will join a growing list of new languages resting atop the JVM, while the Java language and platform will continue on as staples of enterprise computing."
Java

Oracle Now Wants To Give Java EE to an Open Source Foundation (infoworld.com) 106

An anonymous reader quotes InfoWorld: Oracle wants to end its leadership in the development of enterprise Java and is looking for an open source foundation to take on the role. The company said Thursday that the upcoming Java EE (Enterprise Edition) 8 presents an opportunity to rethink how the platform is developed. Although development is done via open source with community participation, the current Oracle-led process is not seen as agile, flexible, or open enough. "We believe that moving Java EE technologies to an open source foundation may be the right next step, to adopt more agile processes, implement more flexible licensing and change the governance process," Oracle said in a statement...

Despite its desire to retreat from Java EE leadership, Oracle said it plans to continue participating in the evolution of Java EE technologies. "But we believe a more open process, that is not dependent on a single vendor as platform lead, will encourage greater participation and innovation, and will be in best interests of the community"... Oracle's goals for offloading Java EE would have Oracle not lead the project as it still effectively does with Java SE.

Red Hat's senior principal product manager called this "a very positive move," while Eclipse's executive director said that moving Java EE to a vendor-neutral open source foundation "would be great for both the platform and the community," adding "If asked to so, the Eclipse Foundation would be pleased to serve as the host organization."
Databases

Google and ProPublica Team Up To Build a National Hate Crime Database (techcrunch.com) 310

In partnership with ProPublica, Google News Lab is launching a new tool to track hate crimes across America. The "Documenting Hate News Index" is being powered by machine learning to track reported hate crimes across all 50 states, collecting data from February 2017 onward. TechCrunch reports: Data visualization studio Pitch Interactive helped craft the index, which collects Google News results and filters them through Google's natural language analysis to extract geographic and contextual information. Because they are not catalogued in any kind of formal national database, a fact that inspired the creation of the index to begin with, Google calls the project a "starting point" for the documentation and study of hate crimes. While the FBI is legally required to document hate crimes at the federal level, state and local authorities often fail to report their own incidents, making the data incomplete at best.

The initiative is a data-rich new arm of the Documenting Hate project which collects and verifies hate incidents reported by both individual contributors and by news organizations. The Hate News Index will keep an eye out for false positives (casual uses of the word "hate" for example), striking a responsible balance between machine learning and human curation on a very sensitive subject. Hate events will be mapped onto a calendar in the user interface, though users can also use a keyword search or browse through algorithmic suggestions. For anyone who'd like to take the data in a new direction, Google will open sourced its data set, making it available through GitHub.

IT

Developer Accidentally Deletes Three-Month of Work With Visual Studio Code (bingj.com) 765

New submitter joshtops writes: A developer accidentally three-month of his work. In a post, he described his experience, "I had just downloaded VScode as an alternative and I was just playing with the source control option, seeing how it wanted to stage -- five thousand files -- I clicked discard... AND IT DELETED ALL MY FILES, ALL OF THEM, PERMANENTLY! How the f*uk is this s*it possible, who the hell is the d******* who made the option to permanently delete all the files on a project by accident even possible? Cannot even find them in the Recycle Bin!!!! I didn't even thought that was possible on Windows!!! F*ck this f*cking editor and f*ck whoever implemented this option. I wish you the worst.'
Desktops (Apple)

In Defense of the Popular Framework Electron (dev.to) 138

Electron, a popular framework that allows developers to write code once and seamlessly deploy it across multiple platforms, has been a topic of conversation lately among developers and users alike. Many have criticised Electron-powered apps to be "too memory intensive." A developer, who admittedly uses a high-end computer, shares his perspective: I can speak for myself when I say Electron runs like a dream. On a typical day, I'll have about three Atom windows open, a multi-team Slack up and running, as well as actively using and debugging my own Electron-based app Standard Notes. [...] So, how does it feel to run this bloat train of death every day? Well, it feels like nothing. I don't notice it. My laptop doesn't get hot. I don't hear the fan. I experience no lags in any application. [...] But aside from how it makes end-users feel, there is an arguably more important perspective to be had: how it makes software companies feel. For context, the project I work in is an open-source cross-platform notes app that's available on most platforms, including web, Mac, Windows, Linux, iOS, and Android. All the desktop applications are based off the main web codebase, and are bundled using Electron, while the iOS and Android app use their own native codebases respectively, one in Swift and the other in Kotlin. And as a new company without a lot of resources, this setup has just barely allowed us to enter the marketplace. Three codebases is two too many codebases to maintain. Every time we make a change, we have to make it in three different places, violating the most sacred tenet of computer science of keeping it DRY. As a one-person team deploying on all these platforms, even the most minor change will take at minimum three development days, one for each codebase. This includes debugging, fixing, testing, bundling, deploying, and distributing every single codebase. This is by no means an easy task.
AI

Amazon Will Pay Developers With the Most Engaging Alexa Skills (venturebeat.com) 41

Amazon today announced a new program to bring revenue to developers of Alexa skills based on how much engagement their voice app is able to generate among users of Alexa-enabled devices. From a report: Amazon appears to be the first of the major tech companies with AI assistants and third-party integrations -- like Google, Samsung, Apple, and Microsoft -- with a program to compensate developers based on engagement created by their voice app. Metrics used to measure engagement of an Alexa skill include minutes of usage, new customers, customer ratings, and return visitors, an Amazon spokesperson told VentureBeat. Developers of Alexa skills in the U.S., U.K., and Germany are eligible to join. Developers with a skill active in all three countries will receive separate payments based on engagement in each country.
Software

App Developers Should Charge More If They Want People To Buy Subscriptions, Suggests Report (theverge.com) 50

A new report from Liftoff, a Silicon Valley-based mobile app marketing and retargeting firm, says that subscription-based apps may do better if developers charge a higher price for services, rather than setting prices too low to lure users in initially. The Verge reports: The Liftoff report, which analyzed data gathered between June 2016 and June 2017, categorized app subscriptions into low-cost monthly subs ($0.99 to $7), medium ($7 to $20), and high-cost subs ($20 to $50), while also factoring the cost of acquisition per customer. The company found that apps in the medium price range had the highest conversion rate -- 7.16 percent -- and the lowest cost to acquire a subscriber, at just over $106 dollars. This was five times higher than the rate of people who subscribed to apps when the apps were in the low-cost category. This may partly be because streaming media apps, like Netflix and Spotify, have already conditioned people to pay around $10 a month for services. But it also might be attributable to the sunk cost fallacy, Liftoff says: the "cognitive bias people have that makes them stay the course because they have already spent time or resources on it." The report also examines apps that fulfill "need states," like dating apps or cloud services. These have the potential to offer services that customers are willing to pay for, again and again. But, according to Liftoff, utility apps have a much higher install-to-subscriber rate compared to dating apps. Blame those who eventually find love?
Google

Google Hires Former Star Apple Engineer Chris Lattner For Its AI Team (bloomberg.com) 49

An anonymous reader shares a report: Chris Lattner, a legend in the world of Apple software, has joined another rival of the iPhone maker: Alphabet's Google, where he will work on artificial intelligence. Lattner announced the news on Twitter on Monday, saying he will start next week. His arrival at Mountain View, California-based Google comes after a brief stint as head of the automated driving program at Tesla, which he left in June. Lattner made a name for himself during a decade-plus career at Apple, where he created the popular programming language Swift. Lattner said he is joining Google Brain, the search giant's research unit. There he will work on a different software language: TensorFlow, Google's system designed to simplify the programming steps for AI, according to a person with knowledge of the matter.
Programming

New 'Asciidots' Programming Language Uses Ascii Art (And Python) (github.com) 28

An anonymous reader quotes Motherboard: If the esoteric programming language Asciidots looks like a mess, it is at least a very different-looking and even aesthetically pleasing mess. Simply, its mechanics and syntax are based on Ascii art... Asciidots is a unique sort of programming language known as a dataflow language. In this sort of language, we can imagine units of data (like our variable x) following a data go-kart track that's interrupted in different places with pit stops that change the value of the data go-kart that's following the track around. One pit stop might add 1 to the variable, while another might chop it in half. At some points, the track might even split, with the data go-kart picking one fork depending on its current value. If, say, it's greater than 2 it might go left; otherwise, it goes right...

In Asciidots, the aforementioned go-kart track is represented by lines (|,-,/,\)... Most of the other non-line symbols are mathematical operators, but there are also symbols that direct the program to request input from the user, set values, print values, and change the direction of the unit of data... Under the hood, Asciidots is a Python program. An Asciidots program is just fed into that underlying program and digested into normal Python code, which is then executed.

The article includes some examples, and argues that esoteric esolangs like Asciidots force programmers to consider fresh perspectives. And in addition, "it looks really cool."
GNOME

Canonical Needs Your Help Transitioning Ubuntu Linux From Unity To GNOME (ubuntu.com) 111

BrianFagioli quotes BetaNews: On August 24 and 25, the Ubuntu Desktop team will be holding a "Fit and Finish Sprint," where they will aggressively test GNOME. Canonical is also asking the Ubuntu community to help with this process. In other words, you might be able to assist with making Artful Aardvark even better.

What makes this particularly cool, however, is that Canonical will be selecting some community members to visit its London office on August 24 between 4 pm and 9 pm. "Over the two days we'll be scrutinizing the new GNOME Shell desktop experience, looking for anything jarring/glitchy or out of place," says Alan Pope, Community Manager. "We'll be working on the GTK, GDM and desktop theme alike, to fix inconsistencies, performance, behavioral or visual issues. We'll also be looking at the default key bindings, panel color schemes and anything else we discover along the way."

A few caveats: Canonical won't pay anyone's travel expenses to London, and "Ideally we're looking for people who are experienced in identifying (and fixing) theme issues, CSS experts and GNOME Shell / GTK themers."
Oracle

Oracle Fiddles With Major Database Release Cycle Numbers (theregister.co.uk) 69

An anonymous reader shares a report: Big Red has changed its database release cycle, scrapping names that see decimal points and numbers added on for an indeterminate amount of time, instead plumping for annual releases numbered by the year. So what would have been Oracle Database 12.2.0.2 will now be Oracle Database 18; 12.2.0.3 will come out a year later, and be Oracle Database 19. The approach puts Oracle only about 20 years behind Microsoft in adopting a year-based naming convention (Microsoft still uses years to number Windows Server, even though it stopped for desktop versions when it released XP). [...] Well, Big Red will surely be using the revamp as a way to boost sales of database licences -- a crucial part of its business -- which have been in decline for two years running. In fiscal 2016, Oracle reported a 12 per cent drop in annual sales of new software licences, and its most recent results for fiscal 2017 revealed a further 5 per cent drop. And, for all that Oracle has shouted about its cloudy success of late, it isn't yet a major money-maker for the biz. New software license sales make up a quarter of overall revenue, while support for that software makes up a further 45 per cent. In part, the new numbering will be a handy marketing ploy. Rather than playing with the decimal points, a release with a new whole number could be an attempt to give the impression of agility in the face of younger, fresher competitors. Meanwhile, fewer patches and releases on each system also allows Oracle to know more quickly, and more accurately, what security features each customer has. The annual numbering system is also a very simple way of telling you your system is old.
The Courts

Developers File Antitrust Complaint Against Apple in China (reuters.com) 27

A Chinese law firm has filed a complaint against Apple on behalf of 28 local developers alleging the firm breached antitrust regulations. From a report: The complaint, lodged by Beijing-based Dare & Sure Law Firm, accuses Apple of charging excessive fees and removing apps from its local store without proper explanation, Lin Wei, an attorney at the firm told Reuters on Thursday. "During its localization process Apple has run into several antitrust issues ... after an initial investigation we consulted a number of enterprises and got a very strong response," said Lin. The law firm invited developers to join the complaint in April and on Tuesday filed it to China's State Administration for Industry and Commerce and the National Development and Reform Commission, which oversees antitrust matters in the country.
China

China's VPN Developers Face Crackdown (bbc.com) 55

China recently launched a crackdown on the use of software which allows users to get around its heavy internet censorship. Now as the BBC reports, developers are facing growing pressure. From the report: The three plain-clothes policemen tracked him down using a web address. They came to his house and demanded to see his computer. They told him to take down the app he was selling on Apple's App Store, and filmed it as it was happening. His crime was to develop and sell a piece of software that allows people to get round the tough restrictions that limit access to the internet in China. A virtual private network (VPN) uses servers abroad to provide a secure link to the internet. It's essential in China if you want to access parts of the outside world like Facebook, Gmail or YouTube, all of which are blocked on the mainland. "They insisted they needed to see my computer," the software developer, who didn't want us to use his name, told us during a phone interview. "I said this is my private stuff. How can you search as you please?" No warrant was produced and when he asked them what law he had violated they didn't say. Initially he refused to co-operate but, fearing detention, he relented. Then they told him what they wanted: "If you take the app off the shelf from Apple's App Store then this will be all over." 'Sorry, I can't help you with that'. Up until a few months ago his was a legal business. Then the government changed the regulations. VPN sellers need a licence now.
Businesses

Apple Employees Rebelling Against Apple Park's Open Floor Plan, Report Says (neowin.net) 271

During a new episode of The Talk Show podcast on Daring Fireball, John Gruber touched on the topic of the open floor plans that Apple has implemented within its new campus, Apple Park. A WSJ profile of Jony Ive, where he talked about Apple Park, mentioned how programmers, engineers, and other employees had already expressed concerns about working in such an environment. Gruber shared what he has heard: I heard that when floor plans were announced, that there was some meeting with [Apple Vice President] Johny Srouji's team. He's in charge of Apple's silicon, the A10, the A11, all of their custom silicon. Obviously a very successful group at Apple, and a large growing one with a lot on their shoulders. When he [Srouji] was shown the floor plans, he was more or less just "F--- that, f--- you, f--- this, this is bulls---." And they built his team their own building, off to the side on the campus ... My understanding is that that building was built because Srouji was like, 'F--- this, my team isn't working like this.'"
IOS

Developers Explain Why iOS Apps Are Getting Bulkier (ndtv.com) 140

Reader joshtops shares a report: Apps are getting bigger in size, in part because developers add new features, something many users obviously appreciate, developers say. "Apps are getting bigger because iOS devices are more powerful, and developers are building more and more complex things for them without considering the impact the size will have around the world," developer Stephen Troughton-Smith tells Gadgets 360. But in part, it is also happening because developers are being careless, and adding more than one instance of files, Troughton-Smith added. "So Facebook, Twitter, and other large companies have perhaps tens or hundreds of people building their iOS apps. A lot of the components for these apps are developed independently as components, or frameworks. For each additional component you glue together into an app, there is some overhead," he explained. "Some of the teams will duplicate functionality some other team wrote. Images and other resources end up being duplicated." The high-resolution image assets that developers are required to add also contributes to the size of an app, two India-based developers, and Peter Steinberger, founder and CEO of PSPDFKit, a dev kit that is used by several popular PDF apps, told Gadgets 360. Apple can itself take some blame, too. Developers using Apple's Swift language, which the company introduced in 2014, are required to add several components to their apps that make them heavier. "Apple's new Swift language, for example, requires a bunch of components to be embedded each time it's used, because it's not yet 'ABI stable,'" Troughton-Smith explained. This means developers need to embed the versions of libraries they've developed against, and not count on the one available on the system. Another developer who didn't want to be identified said a typical app built with Swift language requires as many as 30 Swift runtime libraries to be stuffed within the app. On top of this, he added, "you will be surprised at just how many apps use common code found at places like GitHub. Developers often don't care about removing the bits that wasn't relevant to their app," he added.
Social Networks

First Evidence That Social Bots Play a Major Role In Spreading Fake News (technologyreview.com) 144

An anonymous reader writes: Researchers from Indiana University in Bloomington provide an answer for how social bots play a major role in spreading fake news. MIT Technology Review reports: "At issue is the publication of news that is false or misleading. So widespread has this become that a number of independent fact-checking organizations have emerged to establish the veracity of online information. These include snopes.com, politifact.com, and factcheck.org. These sites list 122 websites that routinely publish fake news. These fake news sites include infowars.com, breitbart.com, politicususa.com, and theonion.com. 'We did not exclude satire because many fake-news sources label their content as satirical, making the distinction problematic,' say researcher Chengcheng Shao and co. Shao and co then monitored some 400,000 claims made by these websites and studied the way they spread through Twitter. They did this by collecting some 14 million Twitter posts that mentioned these claims. At the same time, the team monitored some 15,000 stories written by fact-checking organizations and over a million Twitter posts that mention them. Next, Shao and co looked at the Twitter accounts that spread this news, collecting up to 200 of each account's most recent tweets. In this way, the team could study the tweeting behavior and work out whether the accounts were most likely run by humans or by bots. Having made a judgment on the ownership of each account, the team finally looked at the way humans and bots spread fake news and fact-checked news.

'Accounts that actively spread misinformation are significantly more likely to be bots,' say Shao and co. 'Social bots play a key role in the spread of fake news.' Shad and co say bots play a particularly significant role in the spread of fake news soon after it is published. What's more, these bots are programmed to direct their tweets at influential users. 'Automated accounts are particularly active in the early spreading phases of viral claims, and tend to target influential users,' say Shao and co."

Australia

Buggy Software Made Us Miss Money Laundering Scam, Says Australian Bank (theregister.co.uk) 57

An anonymous reader shares a report: Australia's Commonwealth Bank has blamed a software update for a money laundering scam that saw criminals send over AU$70m (US$55m) offshore after depositing cash into automatic teller machines. News of the Bank's involvement in the laundering scam broke last week, when Australia's financial intelligence agency AUSTRAC announced that it had found over 53,500 occasions on which the Bank failed to submit reports on transactions over $10,000. All transactions of that value are reportable in Australia, as part of efforts to crimp the black economy, crime and funding of terrorism. The news was not a good look for the Bank (CBA), because most of the cash was deposited into accounts established with fake drivers licences. Worse still is that each failure of this type can attract a fine of AU$18m, leaving CBA open to a sanction that would kill it off. Today the bank has explained the reason for its failure: "a coding error" that saw the ATMs fail to create reports of $10,000+ transactions. The error was introduced in a May 2012 update designed to address other matters, but not repaired until September 2015.
GNOME

GNOME's Text Editor gedit 'No Longer Maintained', Needs New Developers (gnome.org) 239

AmiMoJo brings news about gedit, the default text editor for GNOME: In a post to the gedit mailing list, Sébastien Wilmet states that gedit is no longer maintained and asks "any developer interested to take over the maintenance of gedit?" Just in case you were considering it, he warns "BTW while the gedit core is written in C (with a bit of Objective-C for Mac OS X support), some plugins are written in Vala or Python. If you take over gedit maintenance, you'll need to deal with four programming languages (without counting the build system). The Python code is not compiled, so when doing refactorings in gedit core, good luck to port all the plugins (the Python code is also less "greppable" than C). At least with Vala there is a compiler, even if I would not recommend Vala."
Sébastien's comments were surrounded by a <rant-on-languages> tag, but they're still crying out for some serious discussion. Any Slashdot readers want to share their own insights on Python, some fond thoughts on gedit, or suggestions for maintaining a great piece of open source software?

Slashdot Top Deals