Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Programming

The $5 Onion Omega2 Gives Raspberry Pi a Run For Its Money (dailydot.com) 124

An anonymous reader writes from a report via The Daily Dot: Onion's Omega2 computer may give the Raspberry Pi a run for its money if the success of the Kickstarter campaign is any indication. The Daily Dot reports: "With an initial goal of just $15,000, over 11,560 backers have pledged the company $446,792 in hopes of getting their hands on this little wonder board. So why are thousands of people losing their minds? Simple; the Omega2 packs a ton of power into a $5 package. Billed as the world's smallest Linux server, complete with built-in Wi-Fi, the Omega2 is perfect for building simple computers or the web connected project of your dreams. The tiny machine is roughly the size of a cherry, before expansions, and runs a full Linux operating system. For $5 you get a 580MHz CPU, 64MB memory, 16MB storage, built-in Wi-Fi and a USB 2.0 port. A $9 model is also available with 128MB of memory, 32MB of storage, and a MircoSD slot. The similarly priced Raspberry Pi Zero comes with a 1GHz Arm processor, 512MB of memory, a MicroSD slot, no onboard storage, and no built-in Wi-Fi. Omega2 supports the Ruby, C++, Python, PHP, Perl, JavaScript (Node.js), and Bash programming languages, so no matter your background in coding you should be able to figure something out." You can also add Bluetooth, GPS, and 2G/3G support via add-ons or expansions. It looks promising, though it is a Kickstarter campaign and the product may not come into fruition.
Operating Systems

Canonical Releases Snapcraft 2.14 For Ubuntu With New Rust Plugin, Improvements (softpedia.com) 44

Marius Nestor, reporting for Softpedia News: Canonical, through Sergio Schvezov, has had the great pleasure of announcing the release and general availability of Snapcraft 2.14 Snap creator tool for the Ubuntu 16.04 LTS (Xenial Xerus) operating system. Coming hot on the heels of Snapcraft 2.13, the new 2.14 maintenance update is here to introduce a bunch of new plugins, namely rust, godeps, and dump. You can find more information about each one by running the "snapcraft help " command in a terminal window. Also new in the Snapcraft 2.14 release is support for alternate relocation mechanisms in the "make" plugin (for example, you can use DESTDIR alternatives), as well as many improvements to the "go" plugin, such as support for local sources, which are now preferred instead of fetching new ones, and proper handling of the source entry. The list of improvements implemented in Snapcraft 2.14 continues with support for building a kernel Snaps for multiple hardware architectures using a single snapcraft.yaml file, support for "oneshot" daemons, better wiki parser source management, as well as proper setting of "shebangs" and support for requirement files in the "python" plugin.
Programming

C Isn't The Most Popular Programming Language, JavaScript Is (networkworld.com) 241

An anonymous reader quotes Network World: U.K.-based technology analyst firm RedMonk just released the latest version of its biannual rankings of programming languages, and once again JavaScript tops the list, followed by Java and PHP. Those are same three languages that topped RedMonk's list in January. In fact, the entire top 10 remains the same as it was it was six months ago...
Python ranked #4 on RedMonk's list, while the survey found a three-way tie for fifth place between Ruby, C#, and C++, with C coming in at #9 (ranking just below CSS). Network World argues that while change comes slowly, "if you go back deeper into RedMonk's rankings, you can see slow, ongoing ascents from languages such as Go, Swift and even TypeScript."

Interestingly, an earlier ranking by the IEEE declared C to be the top programming language of 2016, followed by Java, Python, C++, and R. But RedMonk's methodology involves studying the prevalence of each language on both Stack Overflow and GitHub, a correlation which "we believe to be predictive of future use, hence their value."
Java

C Top Programming Language For 2016, Finds IEEE's Study (ieee.org) 315

IEEE Spectrum, a highly regarded magazine edited by the Institute of Electrical and Electronics Engineers, has released its annual programming languages list, sharing with the world how several languages fared against each other. To assess the languages the publication says it worked with a data journalist and looked into 10 online sources -- including social chatter, open-source code production, and job postings. The publication has rated C as the top programming language this year, followed by Java, Python, C++, and R. From their article:After two years in second place, C has finally edged out Java for the top spot. Staying in the top five, Python has swapped places with C++ to take the No. 3 position, and C# has fallen out of the top five to be replaced with R. R is following its momentum from previous years, as part of a positive trend in general for modern big-data languages that Diakopoulos analyses in more detail here. Google and Apple are also making their presence felt, with Google's Go just beating out Apple's Swift for inclusion in the Top Ten. Still, Swift's rise is impressive, as it's jumped five positions to 11th place since last year, when it first entered the rankings. Several other languages also debuted last year, a marked difference from this year, with no new languages entering the rankings.The publication has explained in detail the different metrics it uses to evaluate a language.
Java

TIOBE's Language-Popularity Index Sees A New Top 10 Language: Assembly (tiobe.com) 348

TIOBE's "Programming Community Index" measures the popularity of languages by the number of skilled engineers, courses, and third-party vendors. Their July report indicates that Assembly has become one of the 10 most popular languages: It might come as surprise that the lowest level programming language that exists has re-entered the TIOBE index top 10. Why would anyone write code at such a low level, being far less productive if compared to using any other programming language and being vulnerable to all kinds of programming mistakes? The only reasonable explanation for this is that the number of very small devices that are only able to run assembly code is increasing. Even your toothbrush or coffee machine are running assembly code nowadays. Another reason for adoption is performance. If performance is key, nobody can beat assembly code.
The report also noted that CFML (ColdFusion) jumped from #102 to #66, Maple from #94 to #74, and Tcl from #65 to #48. But Java still remains the #1 most-popular language, with C and C++ still holding the #2 and #3 positions. Over the last five years, C# and Python have risen into the #4 and #5 spots (made possible by PHP's drop to the #6 position) while JavaScript now holds the #7 position (up from #9 in 2011). Visual Basic .NET came in at #8, and Perl at #9.
GNU is Not Unix

Slackware 14.2 Released, Still Systemd-Free (slackware.com) 179

sombragris writes: Slackware, the oldest GNU/Linux distribution still in active maintenance, was released just minutes ago. Slackware is noted for being the most Unix-like of all Linux distributions. While sporting kernel 4.4.14 and GCC 5.3, other goodies include Perl 5.22.2, Python 2.7.11, Ruby 2.2.5, Subversion 1.9.4, git-2.9.0, mercurial-3.8.2, KDE 4.14.21 (KDE 4.14.3 with kdelibs-4.14.21) Xfce 4.12.1... and no systemd!

According to the ChangeLog: "The long development cycle (the Linux community has lately been living in "interesting times," as they say) is finally behind us, and we're proud to announce the release of Slackware 14.2. The new release brings many updates and modern tools, has switched from udev to eudev (no systemd), and adds well over a hundred new packages to the system. Thanks to the team, the upstream developers, the dedicated Slackware community, and everyone else who pitched in to help make this release a reality." Grab the ISOs at a mirror near you. Enjoy!
The torrents page can be found here.
Python

Python/Unix Hybrid Demoed at PyCon (xon.sh) 181

A new shell "combines the Python language with features of Bash Unix and the fish and zsh shells," according to InfoWorld. An anonymous reader writes: Pronounced "conch," but spelled Xonsh, it runs on Linux, Windows, and Mac OS X systems, bringing Python libraries to the command line -- for example, the ability to use regular expressions when globbing files. "The first thing you'll notice about Xonsh is that it's really meant to be used as a general-purpose shell," the lead developer explained in a presentation at PyCon. "But on the other hand, it really is Python, so you can do things like add two numbers together."

They're describing it as "a Python-ish, BASHwards-looking shell language and command prompt...a superset of Python 3.4+ with additional support for the best parts of shells that you are used to, such as Bash, zsh, fish, and IPython...the superglue that bonds Python to a command-line interface and other shells."

Security

Huge Number Of Sites Imperiled By Critical Image-Processing Vulnerability (arstechnica.com) 104

Dan Goodin, reporting for Ars Technica: A large number of websites are vulnerable to a simple attack that allows hackers to execute malicious code hidden inside booby-trapped images. The vulnerability resides in ImageMagick, a widely used image-processing library that's supported by PHP, Ruby, NodeJS, Python, and about a dozen other languages. Many social media and blogging sites, as well as a large number of content management systems, directly or indirectly rely on ImageMagick-based processing so they can resize images uploaded by end users. According to developer and security researcher Ryan Huber, ImageMagick suffers from a vulnerability that allows malformed images to force a Web server to execute code of an attacker's choosing. Websites that use ImageMagick and allow users to upload images are at risk of attacks that could completely compromise their security. "The exploit is trivial, so we expect it to be available within hours of this post," Huber wrote in a blog post. He went on to say: "We have collectively determined that these vulnerabilities are available to individuals other than the person(s) who discovered them. An unknowable number of people having access to these vulnerabilities makes this a critical issue for everyone using this software."
Electronic Frontier Foundation

Humble Bundle Announces 'Hacker' Pay-What-You-Want Sale (humblebundle.com) 52

An anonymous reader writes: Humble Bundle announced a special "pay what you want" sale for four ebooks from No Starch Press, with proceeds going to the Electronic Frontier Foundation (or to the charity of your choice). This "hacker edition" sale includes two relatively new titles from 2015 -- "Automate the Boring Stuff with Python" and Violet Blue's "Smart Girl's Guide to Privacy," as well as "Hacking the Xbox: An Introduction to Reverse Engineering" by Andrew "bunnie" Huang, and "The Linux Command Line".

Hackers who are willing to pay "more than the average" -- currently $14.87 -- can also unlock a set of five more books, which includes "The Maker's Guide to the Zombie Apocalypse: Defend Your Base with Simple Circuits, Arduino, and Raspberry Pi". (This level also includes "Bitcoin for the Befuddled" and "Designing BSD Rootkits: An Introduction to Kernel Hacking".) And at the $15 level -- just 13 cents more -- four additional books are unlocked. "Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software" is available at this level, as well as "Hacking: The Art of Exploitation" and "Black Hat Python."

Nice to see they've already sold 28,506 bundles, which are DRM-free and available in PDF, EPUB, and MOBI format. (I still remember Slashdot's 2012 interview with Make magazine's Andrew "bunnie" Huang, who Samzenpus described as "one of the most famous hardware and software hackers in the world.")
Python

Interview With Python Creator Guido Van Rossum (techrocket.com) 222

The online programming school Tech Rocket just published a new interview with Guido van Rossum, the creator of Python. "Looking back I don't think I ever really doubted Python, and I always had fun," he tells the site. "I had a lot of doubts about myself, but Python's ever-increasing success, and encouragement from people to whom I looked up (even Larry Wall!), made me forget that."

He describes what it's like being Python's Benevolent Dictator for Life, and says that the most astonishing thing he's seen built with Python is "probaby the Dropbox server. Two million lines of code and counting, and it serves hundreds of millions of users." And he leaves aspiring programmers with this advice. "Don't do something you don't enjoy just because it looks lucrative -- that's where the competition will be fiercest, and because you don't enjoy it, you'll lose out to others who are more motivated."
Microsoft

Microsoft Releases CentOS-Based 'Linux Data Science Virtual Machine' For Azure (betanews.com) 23

An anonymous reader writes: Microsoft has announced a CentOS-based VM image for Azure called 'Linux Data Science Virtual Machine'. The VM has pre-installed tools such as Anaconda Python Distribution, Computational Network Toolkit, and Microsoft R Open. It focuses on machine learning and analytics, making it a great choice for data scientists. "Thanks to Azure's worldwide cloud infrastructure, customers now have on-demand access to a Linux environment to perform a wide range of data science tasks. The VM saves customers the time and effort of having to discover, install, configure and manage these tools individually. Hosting the data science VM on Azure ensures high availability, elastic capacity and a consistent set of tools to foster collaboration across your team", says Gopi Kumar, Senior Program Manager, Microsoft Data Group.
Java

PHP, Python and Google Go Fail To Detect Revoked TLS Certificates (softpedia.com) 64

An anonymous reader writes: Four years after the release of a groundbreaking study on the state of SSL/TLS certificates in non-browser applications (APIs [to be exact]), some programming languages fail to provide developers with the appropriate tools to validate certificates. Using three simple test scripts connected to a list of known vulnerable HTTPS servers, researchers logged their results to see which programming languages detected any problems. According to the results, all tested programming languages (PHP, Python, Go), in various configurations, failed to detect HTTPS connections that used revoked SSL/TLS certificates. This is a problem for HTTPS-protected APIs since users aren't visually warned, like in browsers, that they're on an insecure connection. "PHP, Python, and Google Go perform no revocation checks by default, neither does the cURL library. If the certificate was compromised and revoked by the owner, you will never know about it," noted Sucuri's Peter Kankowski.
Education

Why Learning To Code Won't Save Your Job (fastcompany.com) 155

Over the years, several governments and organizations have become increasingly focused on teaching kids how to code. It has given rise to startups such as Codecademy, KhanAcademy and Code.org that are making it easier and more affordable for many to learn how to program. Many believe that becoming literate in code is as essential as being educated in language, science, and math. But can this guarantee you a job? And can coding help you save that job? An anonymous reader cites an interesting article on Fast Company which sheds more light into this: Looking for job security in the knowledge economy? Just learn to code. At least, that's what we've been telling young professionals and mid-career workers alike who want to hack it in the modern workforce. Unfortunately, many have already learned the hard way that even the best coding chops have their limits. More and more, 'learn to code' is looking like bad advice. Anyone competent in languages such as Python, Java, or even Web coding like HTML and CSS, is currently in high demand by businesses that are still just gearing up for the digital marketplace. However, as coding becomes more commonplace, particularly in developing nations like India, we find a lot of that work is being assigned piecemeal by computerized services such as Upwork to low-paid workers in digital sweatshops. This trend is bound to increase.
The Internet

Research Establishes 13-Hour Gap Between Viral Misinformation and Correction (thestack.com) 54

An anonymous reader writes: Researchers in China and America will soon launch a platform called Hoaxy, designed to identify and analyze what happens when misinformed news goes viral, and the processes which lead to a correction of the misinformation. The study, which compared 71 likely and prominent sources of inaccurate internet news over a period of three months to the same news stories on fact-checking sites, concludes that the average interval between viral diffusion of inaccurate news and the discovery of facts which disprove it stands at about 13 hours. Hoaxy uses a custom crawler written in Python and diffused via the Scrapy web crawling framework.
OS X

BorgBackup 1.0.0 Released (github.com) 64

An anonymous reader writes: After almost a year of development, bug fixing and cleanup, BorgBackup 1.0.0 has been released. BorgBackup is a fork of the Attic-Backup project — a deduplicating, compressing, encrypting and authenticating backup program for Linux, FreeBSD, Mac OS X and other unixoid operating systems (Windows may also work using CygWin, but that is rather experimental/unsupported). It works on 32bit as well as on 64bit platforms, x86/x64 and ARM CPUs (maybe as well on others, but these are the tested ones). For Linux, FreeBSD and Mac OS X, there are single-file binaries which can be just copied onto a system and contain everything needed (Python, libraries, BorgBackup itself). Of course, it can be also installed from source. BorgBackup is FOSS (BSD License) and implemented in Python 3 (91%), speed critical parts are in C or Cython (9%).
Google

Google Says Angular 2 Will Support Python, Java (thenewstack.io) 92

An anonymous reader writes: Google will release a faster beta version of Angular 2 in about two weeks, with a smaller version targeted for April. "We're improving our ability to handle different languages," says Google's Brad Green, noting that 213 contributors are currently working on Angular. "Our plan is to have versions that will work with many server-side technologies, from Java to Python." Microsoft has already demonstrated how it's building Angular into ASP.NET and Google is also working with the Drupal team. But Green says they'll also continue supporting Angular 1 for at least another year, until a majority of users have transitioned to the new syntax. Google says there are currently 21.3 million developers using Angular 1, compared to just 300,000 using Angular 2. "We've got a ways go to," Green admitted.
Operating Systems

ReactOS 0.4 Brings Open Source Windows Closer To Reality (techrepublic.com) 141

jeditobe was one of several readers to point out the newest major release of Windows NT-inspired ReactOS, which has just hit version 0.4, brings open source Windows compatibility a little bit closer. The new release includes out-of-the-box support for ext2, ext3, and ext4, as well as (remember, it is NT based) read-only support for NTFS. What else? Support was generally improved for third-party device drivers, making it substantially easier to install and use real hardware, as opposed to just virtual machines like VirtualBox. The internal WINE library was updated to improve support for Win32 programs. Support for Python 2.7 was added, making it possible to use python scripts in ReactOS. A substantial number of visual changes were added, with a vastly improved shell and file explorer, newer icons throughout ReactOS, improved support for fonts, and customizable visual themes. Even with these improvements, ReactOS 0.4 is still generally considered alpha-level software, though Alexander Rechitskiy, the innovation manager for ReactOS, notes that 0.4.1 may be almost beta-level software.
Bug

Red Hat, Google Disclose Severe Glibc DNS Vulnerability; Patched But Widespread 121

An anonymous reader writes: Today Google's online security team publicly disclosed a severe vulnerability in the Gnu C Library's DNS client. Due to the ubiquity of Glibc, this affects an astounding number of machines and software running on the internet, and raises questions about whether Glibc ought to still be the preferred C library when alternatives like musl are gaining maturity. As one example of the range of software affected, nearly every Bitcoin implementation is affected. Reader msm1267 adds some information about the vulnerability, discovered independently by security researchers at Red Hat as well as at Google, which has since been patched: The flaw, CVE-2015-7547, is a stack-based buffer overflow in the glibc DNS client-side resolver that puts Linux machines at risk for remote code execution. The flaw is triggered when the getaddrinfo() library function is used, Google said today in its advisory. "A back of the envelope analysis shows that it should be possible to write correctly formed DNS responses with attacker controlled payloads that will penetrate a DNS cache hierarchy and therefore allow attackers to exploit machines behind such caches," Red Hat said in an advisory. It's likely that all Linux servers and web frameworks such as Rails, PHP and Python are affected, as well as Android apps running glibc.
Open Source

DjangoCon 2016 To Be Held In Philadelphia In July (defna.org) 19

New submitter FlipperPA writes: It has just been announced that the 2016 vintage of DjangoCon US will be held in Philadelphia at The Wharton School of the University of Pennsylvania from July 17th through 22nd. DjangoCon US is a 6-day international community conference for the community by the community, held each year in North America, about the Django web framework. From its humble beginnings in a newsroom in Lawrence, KS, Django now powers some of the better known web sites on the planet, including The Washington Post, Mozilla, Instagram, Disqus, and Pinterest. Considered by many to be the "batteries included" web framework for Python, Django continues to attract new developers across the globe.

Slashdot Top Deals