Programming

New Alexa Blueprints Let Users Make Custom Skills Without Knowing Any Code (arstechnica.com) 44

An anonymous reader quotes a report from Ars Technica: Amazon just released a new way for Alexa users to customize their experience with the virtual assistant. New Alexa Skill Blueprints allow you to create your own personalized Alexa skills, even if you don't know how to code. These "blueprints" act as templates for making questions, responses, trivia games, narrative stories, and other skills with customizable answers unique to each user. Amazon already has a number of resources for developers to make the new skills they want, but until now, users have had to work within the confines of pre-made Alexa skills. Currently, more than 20 templates are available on the new Alexa Skill Blueprints website, all ready for Alexa users to personalize with their own content. Any blueprint-made skills you make will show up on the "Skills You've Made" section of the blueprints website. While these skills will exist for your Amazon account until you delete them, they aren't posted to the general Alexa Skills score, so strangers will not have access to your couple's trivia game that's personalized for you, your spouse, and your best coupled friends.
Businesses

Survey Finds 'Agile' Competency Is Rare In Organizations (sdtimes.com) 269

An anonymous reader writes: The 12th annual "State of Agile" report has just been released by CollabNet VersionOne, which calls it "the largest and longest-running Agile survey in the world." After surveying more than 1,400 software professionals in various roles and industries over the last four months of 2017, "Only 12% percent responded that their organizations have a high level of competency with agile practices across the organization, and only 4% report that agile practices are enabling greater adaptability to market conditions... The three most significant challenges to agile adoption and scaling are reported as organizational culture at odds with agile values (53%), general organizational resistance to change (46%), and Inadequate management support and sponsorship (42%)...

"The encouraging news is that 59% recognize that they are still maturing, indicating that they do not intend to plateau where they are." And agile adoption does appear to be growing. "25% of the respondents say that all or almost all of their teams are agile, whereas only 8% reported that in 2016."

The researchers also note "the recognized necessity of accelerating the speed of delivery of high-quality software, and the emphasis on customer satisfaction," with 71% of the survey respondents reporting that a DevOps initiative is underway or planned for the next 12 months.
Open Source

Ask Slashdot: How Can I Make My Own Vaporware Real? 126

Long-time Slashdot reader renuk007 is a retired Unix/Linux systems programmer with the ultimate question: After retiring I started a second career as a teacher -- and I'm loving it. My problem: I designed a (I feel) wonderful new language compiler, but implementing it will take me another ten years if I have to do it part-time.

Linus Torvalds was able to leverage the enthusiasm of the Internet to make Linux exist, but 1990 was a more innocent time. How does it work today? Any thoughts?

Or, to put it another way, how can you build a community to bring your ideas to light? Leave your best thoughts and suggestions in the comments. How can you make your own vaporware real?
Security

You Think Discovering a Computer Virus Is Hard? Try Naming One (wsj.com) 49

Like astronomers who discover new stars, security experts who first identify computer bugs, viruses, worms, ransomware and other coding catastrophes often get to name their finds. Such discoveries now number in the thousands each year, so crafting a standout moniker can be a serious challenge. From a report: Two years ago, German security firm SerNet GmbH figured a punchy name for their bug discovery would give the company a publicity jolt. They called it Badlock, designed a fractured-lock logo and set up a website. The marketing push backfired when some security experts decided Badlock wasn't that bad. Cynical hackers called it Sadlock. "We would not do this again," says SerNet Chief Executive Johannes Loxen of the branding blitz, which he says was overkill because a relatively small number of people were affected by Badlock. Hackers are no fans of marketing. They brand things in their own way. Puns and historic references are the name of the game. "They see it as a kind of grass-roots initiative," says Gabriella Coleman, an anthropologist who teaches courses on hacker culture at McGill University in Montreal.

Some venerable names that have stood the test of time: The Love Bug, for the worm that attacked millions of Windows personal computers in 2000, and Y2K, a turn-of-the-century programming scare that didn't live up to its hype. Many names tend more toward geekspeak. The title of hacker magazine 2600 is a tip of the hat to 2600 hertz, the frequency old-school hackers reproduced to trick AT&T phone lines into giving them free calls. Computer worm Conficker is an amalgam of "configure" and a German expletive. Code Red is named after the Mountain Dew drink researchers guzzled while investigating the worm.

IT

Ask Slashdot: Are Companies Under-Investing in IT? 325

Long-time Slashdot reader johnpagenola writes: In the middle 1970's I had to choose between focusing on programming or accounting. I chose accounting because organizations were willing to pay for good accounting but not for good IT.

Forty years later the situation does not appear to have changed. Target, Equifax, ransomware, etc. show pathetically bad IT design and operation. Why does this pattern of underinvestment in and under-appreciation of IT continue?

Long-time Slashdot reader dheltzel argues that the problem is actually bad hiring practices, which over time leads to lower-quality employees. But it seems like Slashdot's readership should have their own perspective on the current state of the modern workplace.

So share your own thoughts and experiences in the comments. Are companies under-investing in IT?
Ruby

Can Ruby Survive Another 25 Years? (techradar.com) 195

TechRadar marked the 25th anniversary of the Ruby programming language by writing "there are still questions over whether it can survive another 25 years." The popularity of the Ruby language has been bolstered for many years by the success of the Ruby on Rails (RoR) web application framework which dominated the web scene, particularly among startups who wanted something that deal with much of the heavy lifting... But RoR, although popular, isn't the superstar that it was and It has faced fierce competition as issues such as scaling have become a greater concern for web companies. The JavaScript framework Node.js, for instance, has become popular as it requires less memory to deal with numerous connections because of its callback functions...

To improve performance further Ruby is introducing JIT (Just-In-Time) technology, which is already used by JVM and other languages. "We've created a prototype of this JIT compiler so that this year, probably on Christmas Day, Ruby 2.6 will be released," Matz confirmed. You can try the initial implementation of the MJIT compiler in the 2.6 preview1... Probably the clearest overview explanation of how MJIT works is supplied by Shannon Skipper: "With MJIT, certain Ruby YARV instructions are converted to C code and put into a .c file, which is compiled by GCC or Clang into a .so dynamic library file. The RubyVM can then use that cached, precompiled native code from the dynamic library the next time the RubyVM sees that same YARV instruction.

Ruby creator Yukihiro Matsumoto says Ruby 3.0 "has a goal of being three times faster than Ruby 2.0," and TechRadar reports that it's obvious that Matsumoto "will do anything he can to enable Ruby to survive and thrive..."

And in addition, "he's thoroughly enjoying himself doing what he does... and his outlook is quite simple: Programming is fun, he's had fun for the last 25 years making Ruby, and at the age of 52 now, he hopes that he'll get to spend the next 25 years having as much fun working on the language he dreamt up and wrote down in -- a now lost -- notebook, at the age of 17."

"We want Ruby to be the language that is around for a long time and people still use," Matsumoto tells another interviewer, "not the one people used to use."
Programming

Ask Slashdot: Should Coding Exams Be Given on Paper? 273

Slashdot reader Qbertino is pursuing a comp sci degree -- and got a surprise during the last exam: being asked to write code on paper. Not that I'd expect an IDE -- it's an exam after all -- but being able to use a screen and a keyboard with a very simple editor should be standard at universities these days... I find this patently absurd in 2018...

What do you think and what are your recent experiences with exams at universities? Is this still standard? What's the point besides annoying students? Did I miss something?

A similar question was asked on Slashdot 16 years ago -- but apparently nothing has changed since 2002.

Leave your best answers in the comments. Should coding exams be given on paper?
Programming

Ask Slashdot: Are 'Full Stack' Developers a Thing? 371

"It seems that nearly every job posting for a software developer these days requires someone who can do it all," complains Slashdot reader datavirtue, noting a main focus on finding someone to do "front end work and back end work and database work and message queue work...." I have been in a relatively small shop that for years that has always had a few guys focused on the UI. The rest of us might have to do something on the front-end but are mostly engaged in more complex "back-end" development or MQ and database architecture. I have been keeping my eye on the market, and the laser focus on full stack developers is a real turn-off.

When was the last time you had an outage because the UI didn't work right? I can't count the number of outages resulting from inexperienced developers introducing a bug in the business logic or middle tier. Am I correct in assuming that the shops that are always looking for full stack developers just aren't grown up yet?

sjames (Slashdot reader #1,099) responded that "They are a thing, but in order to have comprehensive experience in everything involved, the developer will almost certainly be older than HR departments in 'the valley' like to hire."

And Dave Ostrander argues that "In the last 10 years front end software development has gotten really complex. Gulp, Grunt, Sass, 35+ different mobile device screen sizes and 15 major browsers to code for, has made the front end skillset very valuable." The original submitter argues that front-end development "is a much simpler domain," leading to its own discussion.

Share your own thoughts in the comments. Are "full-stack" developers a thing?
Education

Apple Trains Chicago Teachers To Put Coding In More Classrooms (engadget.com) 64

Apple has unveiled a partnership with Northwestern University and public schools to help teachers bring programming and other forms of computer science into Chicago-area classrooms. "The trio will set up a learning hub at Lane Tech College Prep High School that will introduce high school teachers to Apple's Everyone Can Code curriculum," reports Engadget. "They'll also have the option to train in an App Development with Swift course to boost the number of high school-oriented computer science teachers. Teachers will also have options for in-school coaching and mentorship to make sure they're comfortable with the curriculum when they're in front of actual students."
Google

Oracle Wins Revival of Billion-Dollar Case Against Google (bloomberg.com) 332

Google could owe Oracle billions of dollars after an appeals court said it didn't have the right to use the Oracle-owned Java programming code in its Android operating system on mobile devices. From a report: Google's use of Java shortcuts to develop Android went too far and was a violation of Oracle's copyrights, the U.S. Court of Appeals for the Federal Circuit ruled. The case was remanded to a federal court in California to determine how much the Alphabet unit should pay.

The dispute is over pre-written directions known as application program interfaces, or APIs, which can work across different types of devices and provide the instructions for things like connecting to the internet or accessing certain types of files. By using the APIs, programmers don't have to write new code from scratch to implement every function in their software or change it for every type of device. The case has divided Silicon Valley for years, testing the boundaries between the rights of those who develop interface code and those who rely on it to develop software programs.

Databases

Shodan Search Exposes Thousands of Servers Hosting Passwords and Keys (fossbytes.com) 41

Thousands of etcd servers "are spitting sensitive passwords and encrypted keys," reports Fossbytes: Security researcher Giovanni Collazo was able to harvest 8781 passwords, 650 AWS access keys, 23 secret keys, and 8 private keys. First, he ran a query on the hacker search engine Shodan that returned around 2300 servers running etcd database. Then, he ran a simple script that gave him the login credentials stored on these servers which can be used to gain access to CMSs, MySQL, and PostgreSQL databases, etc.

etcd is a database used by computing clusters to store and exchange passwords and configuration settings between servers and applications over the network. With the default settings, its programming interface can return administrative login credentials without any authentication upfront... All of the data he harvested from around 1500 servers is around 750MB in size... Collazo advises that anyone maintaining etcd servers should enable authentication, set up a firewall, and take other security measures.

Another security research independently verified the results, and reported that one MySQL database had the root password "1234".
Java

Oracle Releases Java 10, Promises Much Faster Release Schedule (adtmag.com) 134

An anonymous reader quotes Application Development Trends: Oracle announced the general availability of Java SE 10 (JDK 10) this week. This release, which comes barely six months after the release of Java SE 9, is the first in the new rapid release cadence Oracle announced late last year. The new release schedule, which the company is calling an "innovation cycle," calls for a feature release every six months, update releases every quarter, and a long-term support (LTS) release every three years. Java 10 is a feature release that obsoletes Java 9. The next LTS release will be Java 11, expected in September. The next LTS version after that will be Java 17, scheduled for release in September 2021...

The six-month feature release cadence is meant to reduce the latency between major releases, explained is Sharat Chander, director of Oracle's Java SE Product Management group, said in a blog post. "This release model takes inspiration from the release models used by other platforms and by various operating-system distributions addressing the modern application development landscape," Chander wrote. "The pace of innovation is happening at an ever-increasing rate and this new release model will allow developers to leverage new features in production as soon as possible. Modern application development expects simple open licensing and a predictable time-based cadence, and the new release model delivers on both."

This release finally adds var to the Java language (though its use is limited to local variables with initializers or declared in a for-loop). It's being added "to improve the developer experience by reducing the ceremony associated with writing Java code, while maintaining Java's commitment to static type safety, by allowing developers to elide the often-unnecessary manifest declaration of local variable type."
Twitter

Hackers Are So Fed Up With Twitter Bots They're Hunting Them Down Themselves (theintercept.com) 45

An anonymous reader writes: Even if Twitter hasn't invested much in anti-bot software, some of its most technically proficient users have. They're writing and refining code that can use Twitter's public application programming interface, or API, as well as Google and other online interfaces, to ferret out fake accounts and bad actors. The effort, at least among the researchers I spoke with, has begun with hunting bots designed to promote pornographic material -- a type of fake account that is particularly easy to spot -- but the plan is to eventually broaden the hunt to other types of bots. The bot-hunting programming and research has been a strictly volunteer, part-time endeavor, but the efforts have collectively identified tens of thousands of fake accounts, underlining just how much low-hanging fruit remains for Twitter to prune.

Among the part-time bot-hunters is French security researcher and freelance Android developer Baptiste Robert, who in February of this year noticed that Twitter accounts with profile photos of scantily clad women were liking his tweets or following him on Twitter. Aside from the sexually suggestive images, the bots had similarities. Not only did these Twitter accounts typically include profile photos of adult actresses, but they also had similar bios, followed similar accounts, liked more tweets than they retweeted, had fewer than 1,000 followers, and directed readers to click the link in their bios.

Programming

Demand For Programmers Hits Full Boil as US Job Market Simmers (bloomberg.com) 272

When the American job market heats up, demand for technology talent boils, an anonymous reader writes citing a Bloomberg report. From the story: Nationally, the unemployment rate was 4.1 percent in January, and analysts project that it declined to 4 percent, the lowest since 2000, in Labor Department figures due Friday. For software developers, the unemployment rate was 1.9 percent in 2017, down from 4 percent in 2011. While companies are writing bigger checks, they are also adopting new strategies to find engineers for an economy where software is penetrating even mundane processes. Companies are focusing more on training, sourcing new talent through apprenticeships, and looking at atypical pools of candidates who have transferable skills.

"It is probably the most competitive market in the last 20 years that I have been doing this," said Desikan Madhavanur, chief development officer at Scottsdale, Arizona-based JDA Software, whose products help companies manage supply chains. "We have to compete better to get our fair share." What's happening in the market for software engineers may help illustrate why one of the tightest American labor markets in decades isn't leading to broader wage gains. While technology firms are looking at compensation, they are also finding ways to create the supply of workers themselves, which helps hold costs down.

Programming

Developers Love Trendy New Languages, But Earn More With Functional Programming: Stack Overflow's Annual Survey (arstechnica.com) 111

Stack Overflow has released the results of its annual survey of 100,000 developers, revealing the most-popular, top-earning, and preferred programming languages. ArsTechnica: JavaScript remains the most widely used programming language among professional developers, making that six years at the top for the lingua franca of Web development. Other Web tech including HTML (#2 in the ranking), CSS (#3), and PHP (#9). Business-oriented languages were also in wide use, with SQL at #4, Java at #5, and C# at #8. Shell scripting made a surprising showing at #6 (having not shown up at all in past years, which suggests that the questions have changed year-to-year), Python appeared at #7, and systems programming stalwart C++ rounded out the top 10.

These aren't, however, the languages that developers necessarily want to use. Only three languages from the most-used top ten were in the most-loved list; Python (#3), JavaScript (#7), and C# (#8). For the third year running, that list was topped by Rust, the new systems programming language developed by Mozilla. Second on the list was Kotlin, which wasn't even in the top 20 last year. This new interest is likely due to Google's decision last year to bless the language as an official development language for Android. TypeScript, Microsoft's better JavaScript than JavaScript comes in at fourth, with Google's Go language coming in at fifth. Smalltalk, last year's second-most loved, is nowhere to be seen this time around. These languages may be well-liked, but it looks as if the big money is elsewhere. Globally, F# and OCaml are the top average earners, and in the US, Erlang, Scala, and OCaml are the ones to aim for. Visual Basic 6, Cobol, and CoffeeScript were the top three most-dreaded, which is news that will surprise nobody who is still maintaining Visual Basic 6 applications thousands of years after they were originally written.

Programming

JavaScript Rules But Microsoft Programming Languages Are On the Rise (zdnet.com) 141

Microsoft languages seem to be hitting the right note with coders across ops, data science, and app development. From a report: JavaScript remains the most popular programming language, but two offerings from Microsoft are steadily gaining, according to developer-focused analyst firm RedMonk's first quarter 2018 ranking. RedMonk's rankings are based on pull requests in GitHub, as well as an approximate count of how many times a language is tagged on developer knowledge-sharing site Stack Overflow. Based on these figures, RedMonk analyst Stephen O'Grady reckons JavaScript is the most popular language today as it was last year. In fact, nothing has changed in RedMonk's top 10 list with the exception of Apple's Swift rising to join its predecessor, Objective C, in 10th place. The top 10 programming languages in descending order are JavaScript, Java, Python, C#, C++, CSS, Ruby, and C, with Swift and Objective-C in tenth.

TIOBE's top programming language index for March consists of many of the same top 10 languages though in a different order, with Java in top spot, followed by C, C++, Python, C#, Visual Basic .NET, PHP, JavaScript, Ruby, and SQL. These and other popularity rankings are meant to help developers see which skills they should be developing. Outside the RedMonk top 10, O'Grady highlights a few notable changes, including an apparent flattening-out in the rapid ascent of Google's back-end system language, Go.

Television

Cable Industry Finally Fights Cord Cutting With Fewer Ads (dslreports.com) 106

The cable industry is slowly realizing that more advertisements and higher prices aren't the solution to cord cutting. Karl Bode writes via DSLReports: AT&T and Dish have explored offering cheaper, more flexible streaming alternatives (DirecTV Now and Sling TV, respectively), both understanding that getting out ahead of the cord cutting trend is the right play, even if the net result is making less money from traditional television. And on the broadcasting front, several companies this month made it clear they'll be reducing the ad loads on their programming, since charging users a subscription fee and socking them with endless ads is becoming a dated concept in the cord cutting era. Fox, for example, told the Wall Street Journal this week that the company would be reducing TV ad time in its content to two minutes an hour by 2020. Comcast NBC Universal says it's also following suit, having cut advertising time in its own shows by 10%, and reduced the overall number of advertising during commercial breaks by 20%. Given there's 83 million households still subscribing to traditional cable TV, many cable executives are under the false impression they can keep doubling down on bad ideas without the check coming due. But the data indicates this head in the sand approach simply isn't sustainable. Pay TV providers saw a reduction of more than 500,000 traditional pay TV customers during the fourth quarter, a decline of 3.4% total pay TV customers from the year before. That 3.4% decline was up from the 2% rate during in the fourth quarter of 2016 and a 1% rate of decline one year before that.
Security

Vatican Invites Hackers To Fix Problems, Not Breach Security (apnews.com) 72

From a report: Computer hackers with a heart are descending on the Vatican to help tackle pressing problems particularly dear to Pope Francis, including how to better provide resources for migrants and encourage solidarity for the poor. The "Vatican Hackathon," an around-the-clock computer programming marathon, starts Thursday in the Vatican, with the full support of the pope, several Vatican offices and student volunteers from Harvard and MIT. Organizers stressed that no firewalls will be breached or acts of computer piracy committed.
Amiga

A Short Documentary About 81-Year-Old Commodore Amiga Artist, Programmer Samia Halaby (youtube.com) 58

erickhill shares a short documentary about Samia Halaby, an 81-year-old Commodore Amiga artist and programmer: Samia Halaby is a world renowned painter who purchased a Commodore Amiga 1000 in 1985 at the tender age of 50 years old. She taught herself the BASIC and C programming languages to create "kinetic paintings" with the Amiga and has been using the Amiga ever since. Samia has exhibited in prestigious venues such as The Guggenheim Museum, The British Museum, Lincoln Center, The Chicago Institute of Art, Arab World Institute, Mathaf: Arab Museum of Modern Art, Sakakini Art Center, and Ayyam Gallery just to name a few.
AI

Ubisoft is Using AI To Catch Bugs in Games Before Devs Make Them (wired.co.uk) 126

AI has a new task: helping to keep the bugs out of video games. From a report: At the recent Ubisoft Developer Conference in Montreal, the French gaming company unveiled a new AI assistant for its developers. Dubbed Commit Assistant, the goal of the AI system is to catch bugs before they're ever committed into code, saving developers time and reducing the number of flaws that make it into a game before release. "I think like many good ideas, it's like 'how come we didn't think about that before?'," says Yves Jacquier, who heads up La Forge, Ubisoft's R&D division in Montreal. His department partners with local universities including McGill and Concordia to collaborate on research intended to advance the field of artificial intelligence as a whole, not just within the industry.

La Forge fed Commit Assistant with roughly ten years' worth of code from across Ubisoft's software library, allowing it to learn where mistakes have historically been made, reference any corrections that were applied, and predict when a coder may be about to write a similar bug. "It's all about comparing the lines of code we've created in the past, the bugs that were created in them, and the bugs that were corrected, and finding a way to make links [between them] to provide us with a super-AI for programmers," explains Jacquier.

Slashdot Top Deals