"Serde, a popular Rust (de)serialization project, has decided to ship its serde_derive macro as a precompiled binary," reports Bleeping Computer.

"The move has generated a fair amount of push back among developers who worry about its future legal and technical implications, along with a potential for supply chain attacks, should the maintainer account publishing these binaries be compromised." According to the Rust package registry, crates.io, serde has been downloaded over 196 million times over its lifetime, whereas the serde_derive macro has scored more than 171 million downloads, attesting to the project's widespread circulation... The Serde ecosystem consists of data structures that know how to serialize and deserialize themselves along with data formats that know how to serialize and deserialize other things," states the project's website. Whereas, "derive" is one of its macros...

Some Rust developers request that precompiled binaries be kept optional and separate from the original "serde_derive" crate, while others have likened the move to the controversial code change to the Moq .NET project that sparked backlash. "Please consider moving the precompiled serde_derive version to a different crate and default serde_derive to building from source so that users that want the benefit of precompiled binary can opt-in to use it," requested one user. "Or vice-versa. Or any other solution that allows building from source without having to patch serde_derive... Having a binary shipped as part of the crate, while I understand the build time speed benefits, is for security reasons not a viable solution for some library users."

Users pointed out how the change could impact entities that are "legally not allowed to redistribute pre-compiled binaries, by their own licenses," specifically mentioning government-regulated environments.
The official response from Serde's maintainer: "The precompiled implementation is the only supported way to use the macros that are published in serde_derive. If there is implementation work needed in some build tools to accommodate it, someone should feel free to do that work (as I have done for Buck and Bazel, which are tools I use and contribute significantly to) or publish your own fork of the source code under a different name.

"Separately, regarding the commentary above about security, the best path forward would be for one of the people who cares about this to invest in a Cargo or crates.io RFC around first-class precompiled macros so that there is an approach that would suit your preferences; serde_derive would adopt that when available."

Researchers at Georgia Tech have developed a prototype pipeline for the Defense Advanced Research Projects Agency (DARPA) that can "distill" binary executables into human-intelligible code so that it can be updated and deployed in "weeks, days, or hours, in some cases." The work is part of a five-year, $10 million project with the agency. The Register reports: After running an executable through the university's "distillation" process, software engineers should be able to examine the generated HAR, figure out what the code does, and make changes to add new features, patch bugs, or improve security, and turn the HAR back into executable code, says GT associate professor and project participant Brendan Saltaformaggio. This would be useful for, say, updating complex software that was written by a contractor or internal team, the source code is no longer or never was to hand and neither are its creators, and stuff needs to be fixed up. Reverse engineering the binary and patching in an update by hand can be a little hairy, hence DARPA's desire for something a bit more solid and automatic. The idea is to use this pipeline to freshen up legacy or outdated software that may have taken years and millions of dollars to develop some time ago.

Saltaformaggio told El Reg his team has the entire process working from start to finish, and with some level of stability, too. "DARPA sets challenges they like to use to test the capabilities of a project," he told us over the phone. "So far we've handled every challenge problem DARPA's thrown at us, so I'd say it's working pretty well." Saltaformaggio said his team's pipeline disassembles binaries into a graph structure with pseudo-code, and presented in a way that developers can navigate, and replace or add parts in C and C++. Sorry, Java devs and Pythonistas: Saltaformaggio tells us that there's no reason the system couldn't work with other programming languages, "but we're focused on C and C++. Other folks would need to build out support for that." Along with being able to deconstruct, edit, and reconstruct binaries, the team said its processing pipeline is also able to comb through HARs and remove extraneous routines. The team has also, we're told, baked in verification steps to ensure changes made to code within hardware ranging from jets and drones to plain-old desktop computers work exactly as expected with no side effects.

An anonymous reader quotes a report from TorrentFreak: In the summer of 2021, DISH Network and Sling filed a copyright lawsuit against four unlicensed sports streaming sites, among them the popular SportsBay.org. After the plaintiffs named two alleged operators of the sites, this week a court in Texas held the pair liable for almost 2.5 million violations of the DMCA's anti-circumvention provisions and almost half a billion dollars in damages. [...] The complaint alleged that the unknown defendants circumvented (and provided technologies and services that circumvented) security measures employed by Sling and thereby provided "DISH's television programming" to users of their websites. The plaintiffs requested a permanent injunction, control of the defendants' domains, and damages of up to $2,500 for each violation of the DMCA's anti-circumvention provisions.

According to DISH's first amended complaint filed in January 2022, information obtained from the third-party service providers enabled the company to identify two men responsible for operating the SportsBay sites. Juan Barcan, an individual residing in Buenos Aires, Argentina, used his PayPal account to make payments to Namecheap and GitHub. Juan Nahuel Pereyra, also of Buenos Aires, used his PayPal account to make payments to Namecheap. On January 20, 2022, DISH sent a request to the Argentine Central Authority to serve Barcan and Pereyra under the Hague Convention. On October 31, 2022, the Central Authority informed DISH that Pereyra was served in Buenos Aires on September 14, 2022. Barcan was not served so after obtaining permission from the court, DISH served Barcan via a Gmail address used to make payments to Namecheap for the Sportsbay.org, Live-nba.stream, and Freefeds.com domain names. When the defendants failed to appear, DISH sought default judgment. [...]

In his order (PDF) handed down yesterday, District Judge Charles Eskridge entered a default judgment against Juan Barcan and Juan Nahuel Pereyra for violations of the DMCA's anti-circumvention provisions. The defendants and anyone acting in concert with them are permanently enjoined from circumventing any technological protection measure that controls access to Sling or DISH programming, including through the use of websites or any similar internet streaming service. Then comes the award for damages. "Plaintiffs are awarded $493,850,000 in statutory damages against Defendants, jointly and severally, for Defendants' 2,469,250 violations of section 1201(a)(2) of the DMCA," the order reads.

"Stack Overflow is adding artificial intelligence to its offerings," reports ZDNet (which notes traffic to the Q&A site has dropped 5% in the last year).

So in a video, Stack Overflow's CEO Prashanth Chandrasekar says that search and question-asking "will evolve to provide you with instant summarized solutions with citations to sources, aggregated by generative AI — plus the option to ask follow-up questions in a chat-like format."

The New Stack provides some context: As computer scientist Santiago Valdarrama remarked in a tweet, "I don't remember the last time I visited Stack Overflow. Why would I when tools like Copilot and ChatGPT answer my questions faster without making me feel bad for asking?" It's a problem Stack Overflow CEO Prashanth Chandrasekar acknowledges because, well, he encountered it too.

"When I first started using Stack Overflow, I remember my first experience was quite harsh, because I basically asked a fairly simple question, but the standard on the website is pretty high," Chandrasekar told The New Stack. "When ChatGPT came out, it was a lot easier for people to go and ask ChatGPT without anybody watching...."

But what may be of more interest to developers is that Stack Overflow is now offering an IDE (integrated development environment) extension for Visual Studio Code that will be powered by OverflowAI. This means that coders will be able to ask a conversational interface a question and find solutions from within the IDE.

Stack Overflow also is launching a GenAI Stack Exchange, where the community can post and share knowledge on prompt engineering, getting the most out of AI and similar topics.
And they're integrating it into other workflows as well. "Of course, AI isn't replacing humans any time soon," CEO Chandrasekar says in the video. "But it can help you draft a question to pose to our community..."

Signups for the OverflowAI preview are available now. "With your help, we'll be putting AI to work," CEO Chandrasekar says in the video.

An anonymous reader shared this report from the Register: ChatGPT, OpenAI's fabulating chatbot, produces wrong answers to software programming questions more than half the time, according to a [pre-print] study from Purdue University. That said, the bot was convincing enough to fool a third of participants.

The Purdue team analyzed ChatGPT's answers to 517 Stack Overflow questions to assess the correctness, consistency, comprehensiveness, and conciseness of ChatGPT's answers. The U.S. academics also conducted linguistic and sentiment analysis of the answers, and questioned a dozen volunteer participants on the results generated by the model. "Our analysis shows that 52 percent of ChatGPT answers are incorrect and 77 percent are verbose," the team's paper concluded. "Nonetheless, ChatGPT answers are still preferred 39.34 percent of the time due to their comprehensiveness and well-articulated language style." Among the set of preferred ChatGPT answers, 77 percent were wrong...

"During our study, we observed that only when the error in the ChatGPT answer is obvious, users can identify the error," their paper stated. "However, when the error is not readily verifiable or requires external IDE or documentation, users often fail to identify the incorrectness or underestimate the degree of error in the answer." Even when the answer has a glaring error, the paper stated, two out of the 12 participants still marked the response preferred. The paper attributes this to ChatGPT's pleasant, authoritative style.

"From semi-structured interviews, it is apparent that polite language, articulated and text-book style answers, comprehensiveness, and affiliation in answers make completely wrong answers seem correct," the paper explained.

Shoddy guidebooks, promoted with deceptive reviews, have flooded Amazon in recent months. Their authors claim to be renowned travel writers.

But do they even exist?

The New York Times: The books are the result of a swirling mix of modern tools: A.I. apps that can produce text and fake portraits; websites with a seemingly endless array of stock photos and graphics; self-publishing platforms -- like Amazon's Kindle Direct Publishing -- with few guardrails against the use of A.I.; and the ability to solicit, purchase and post phony online reviews, which runs counter to Amazon's policies and may soon face increased regulation from the Federal Trade Commission. The use of these tools in tandem has allowed the books to rise near the top of Amazon search results and sometimes garner Amazon endorsements such as "#1 Travel Guide on Alaska." A recent Amazon search for the phrase "Paris Travel Guide 2023," for example, yielded dozens of guides with that exact title. One, whose author is listed as Stuart Hartley, boasts, ungrammatically, that it is "Everything you Need to Know Before Plan a Trip to Paris."

The book itself has no further information about the author or publisher. It also has no photographs or maps, though many of its competitors have art and photography easily traceable to stock-photo sites. More than 10 other guidebooks attributed to Stuart Hartley have appeared on Amazon in recent months that rely on the same cookie-cutter design and use similar promotional language. The Times also found similar books on a much broader range of topics, including cooking, programming, gardening, business, crafts, medicine, religion and mathematics, as well as self-help books and novels, among many other categories. Amazon declined to answer a series of detailed questions about the books.

An anonymous reader quotes a report from TechCrunch: Google today announced the launch of Project IDX, its foray into offering an AI-enabled browser-based development environment for building full-stack web and multiplatform apps. It currently supports frameworks like Angular, Flutter, Next.js, React, Svelte and Vue, and languages like JavaScript and Dart, with support for Python, Go and others in the works. Google did not build a new IDE (integrated development environment) when it created IDX. Instead, it is using Visual Studio Code -- Open Source as the basis of its project. This surely allowed the team to focus on the integration with Codey, Google's PaLM 2-based foundation model for programming tasks. Thanks to Codey, IDX supports smart code completion, a ChatGPT/Bard-like chatbot that can help developers with general coding questions as well as those related specifically to the code you are working on (including the ability to explain it) and the ability to add contextual code actions like "add comments."

"We spend a lot of time writing code, and recent advances in AI have created big opportunities to make that time more productive," the IDX team explains in today's announcement. "With Project IDX, we're exploring how Google's innovations in AI -- including the Codey and PaLM 2 models powering Studio Bot in Android Studio, Duet in Google Cloud and more -- can help you not only write code faster, but also write higher-quality code." As a cloud-based IDE, it's no surprise that Project IDX integrates with Google's own Firebase Hosting (and Google Cloud Functions) and allows developers to bring in existing code from the GitHub repository. Every workspace has access to a Linux-based VM (virtual machine) and, soon, embedded Android and iOS simulators right in the browser.

Canonical engineering manager Ben Hoyt believes that a variable's name is more important than its type, so "the name should be more prominent and come first in declarations." In many popular programming languages, including C, C++, Java, and C#, when you define a field or variable, you write the type before the name. For example (in C++):

// Struct definition
struct person {
std::string name;
std::string email;
int age;
};

In other languages, including Go, Rust, TypeScript, and Python (with type hints), you write the name before the type. For example (in Go):

// Struct definition
type Person struct {
Name string
Email string
Age int
}

There's a nice answer in the Go FAQ about why Go chose this order: "Why are declarations backwards?". It starts with "they're only backwards if you're used to C", which is a good point — name-before-type has a long history in languages like Pascal. In fact, Go's type declaration syntax (and packages) were directly inspired by Pascal.

The FAQ goes on to point out that parsing is simpler with name-before-type, and declaring multiple variables is less error-prone than in C. In C, the following declares x to be a pointer, but (surprisingly at first!) y to be a normal integer:

int* x, y;

Whereas the equivalent in Go does what you'd expect, declaring both to be pointers:

var x, y *int

The Go blog even has an in-depth article by Rob Pike on Go's Declaration Syntax, which describes more of the advantages of Go's syntax over C's, particularly with arrays and function pointers.

Oddly, the article only hints at what I think is the more important reason to prefer name-before-type for everyday programming: it's clearer.
Hoyt argues a variable's name has more meaning (semantically) — pointing out dynamically-typed languages like Python and Ruby don't even need types, and that languages like Java, Go, C++ and C# now include type inference.

"I think the takeaway is this: we can't change the past, but if you're creating a new language, please put names before types!"

Long-time Slashdot reader theodp writes: The necessity of multiple drafts may be an idea that's drilled into children's minds by teachers and parents, but in 2023 there's still a need to remind software engineers to Throw Away Your First Draft of Your Code. "The next time you start on a major project," advises Nicole Tietz-Sokolskaya, "I want you to write code for a couple of days and then delete it all. Just throw it away. I'm serious. And you should probably have some of your best engineers doing this throwaway work. It's going to save you time in the long run."

While Tietz-Sokolskaya's advice echoes that of Ernest Hemingway ("the first draft of anything is shit"), do developers tend to scrap or ship their first drafts in the real world?

An anonymous reader quotes a report from Wired: Travel rewards programslike those offered by airlines and hotels tout the specific perks of joining their club over others. Under the hood, though, the digital infrastructure for many of these programs -- including Delta SkyMiles, United MileagePlus, Hilton Honors, and Marriott Bonvoy -- is built on the same platform. The backend comes from the loyalty commerce company Points and its suite of services, including an expansive application programming interface (API).But new findings, published today by a group of security researchers, show that vulnerabilities in the Points.com API could have been exploited to expose customer data, steal customers' "loyalty currency" (like miles), or even compromise Points global administration accounts to gain control of entire loyalty programs. The researchers -- Ian Carroll, Shubham Shah, and Sam Curry -- reported a series of vulnerabilities to Points between March and May, and all the bugs have since been fixed.

"The surprise for me was related to the fact that there is a central entity for loyalty and points systems, which almost every big brand in the world uses," Shah says. "From this point, it was clear to me that finding flaws in this system would have a cascading effect to every company utilizing their loyalty backend. I believe that once other hackers realized that targeting Points meant that they could potentially have unlimited points on loyalty systems, they would have also been successful in targeting Points.com eventually." One bug involved a manipulation that allowed the researchers to traverse from one part of the Points API infrastructure to another internal portion and then query it for reward program customer orders. The system included 22 million order records, which contain data like customer rewards account numbers, addresses, phone numbers, email addresses, and partial credit card numbers. Points.com had limits in place on how many responses the system could return at a time, meaning an attacker couldn't simply dump the whole data trove at once. But the researchers note that it would have been possible to look up specific individuals of interest or slowly siphon data from the system over time.

Another bug the researchers found was an API configuration issue that could have allowed an attacker to generate an account authorization token for any user with just their last name and rewards number. These two pieces of data could potentially be found through past breaches or could be taken by exploiting the first vulnerability. With this token, attackers could take over customer accounts and transfer miles or other rewards points to themselves, draining the victim's accounts. The researchers found two vulnerabilities similar to the other pair of bugs, one of which only impacted Virgin Red while the other affected just United MileagePlus. Points.com fixed both of these vulnerabilities as well. Most significantly, the researchers found a vulnerability in the Points.com global administration website in which an encrypted cookie assigned to each user had been encrypted with an easily guessable secret -- the word "secret" itself. By guessing this, the researchers could decrypt their cookie, reassign themselves global administrator privileges for the site, reencrypt the cookie, and essentially assume god-mode-like capabilities to access any Points reward system and even grant accounts unlimited miles or other benefits.

A proposed state tax in Massachusetts on streaming video services could increase prices for popular platforms like Netflix and Hulu, as the 5 percent fee would support approximately 200 community access cable channels struggling due to declining cable subscriptions. The Boston Globe reports: In July, the Joint Committee on Advanced Information Technology held hearings on legislation filed by Democratic State Representative Joan Meschino and Republican Representative Mathew J. Muratore, both of Plymouth. Their bill would require streaming video companies to pay a 5 percent fee on the gross revenues generated in the state. The estimated $65 million a year raised by the fee would support roughly 200 community access channels, the most in any state. The community channels are run by nonprofit organizations or town governments, and funded by cable TV companies, which are assessed a fee by local governments for the right to run their cables through city property. The cable companies pass the cost on to subscribers.

But subscriptions are plummeting as US consumers abandon pay TV for streaming services. Cable and satellite subscribers now number about 70 million, down more than 25 percent from 95.5 million a decade ago, according to Leichtman Research Group, a New Hampshire research and analysis company specializing in media, entertainment, and broadband industries. "The next three to five years it's really going to dry up even more so," said Muratore. Meschino said citizens can't afford to lose access to community media channels, because so many local newspapers have shut down. "There's literally no other way to consume that sort of hyperlocal programming," Meschino said.

About a dozen US states levy sales taxes on consumers' streaming video bills. But Meschino said that sales tax money goes into each state's general fund. Instead, she wants the streaming fee to be dedicated entirely to support for community media services, just like the fee paid by traditional cable TV companies. Some or all of the fees would likely be passed on to consumers. Gauthier estimates that a typical household's costs could rise about $2.40 a month, spread among several streaming networks. "Maybe it'll be 75 cents for your Amazon," he said. "Maybe it'll be 80 cents for your Disney."

Michael Larabel, reporting at Phoronix: Alpine Linux remains one of the most popular lightweight Linux distributions built atop musl libc and Busybox. Alpine Linux has found significant use within containers and the embedded space while now sadly the most prolific maintainer of packages for the Linux distribution has decided to step down from her roles. Alice "psykose" who is easily responsible for the highest number of commits per author over the past year has decided to step down from maintaining her packages.

These Alpine aports stats put her at 13,894 commits over the past year. In comparison, the second most prolific packager saw just 2,053 commits... Or put another way, psykose has 6.7x the number of commits as the next packager. The 13.8k commits is also about half of the 26.8k commits seen in total over the past year. Over the weekend I was alerted to the fact that psykose/nekopsykose has begun dropping maintainership of packages she maintained. All of her recent alpinelinux/aports commits two days ago were removing packages she oversaw.

Saleforce's chief impact officer, writing in Forbes: Code and computer programming — the backbone of modern business — has a long way to go before it can be called "green..." According to a recent report from the science journal Patterns, the information and communication technology sector accounts for up to 3.9% of global emissions... So far, the focus has been on reducing energy consumption in data centers and moving electrical grids away from fossil fuels. Now, coders and designers are ready for a similar push in software, crypto proof of work and AI compute power...

Our research revealed that 75% of UX designers, software developers and IT operations managers want software to do less damage to the environment. Yet nearly one in two don't know how to take action. Half of these technologists admit to not knowing how to mitigate environmental harm in their work, leading to 34% acknowledging that they "rarely or never" consider carbon emissions while typing a new line of code... Earlier this year, Salesforce launched a sustainability guide for technology that provides practical recommendations for aligning climate goals with software development.
In the article the Salesforce executive makes four recommendations, urging coders to design sites in ways that reduce the energy needed to display them. ("Even small changes to image size, color and type options can scale to large impacts.") They also recommend writing application code that uses less energy, which "can lead to significant emissions reductions, particularly when deployed at scale. Leaders can seek out apps that are coded to run natively in browsers which can lead to improvement in performance and a reduction in energy use."

Their article includes links to the energy-saving hackathon GreenHack and the non-profit Green Software Foundation. (Their site recently described how the IT company AVEVA used a Raspberry Pi in back of a hardware cluster as part of a system to measure software's energy consumption.)

But their first recommendation for fighting the climate crisis is "Adopt new technology like AI" to "make the software development cycle more energy efficient." ("At Salesforce, we're starting to see tremendous potential in using generative AI to optimize code and are excited to release this to customers in the future.")

An anonymous reader quotes a report from Reuters: The U.S. Senate Commerce Committee approved legislation on Thursday to bar automakers from eliminating AM broadcast radio in new vehicles and require companies like Ticketmaster to put total ticket prices including fees in marketing materials. The AM radio bill and the ticket-pricing bill both had strong bipartisan support and both have companion measures in the House of Representatives. The AM radio bill would direct the Transportation Department to issue regulations mandating AM radio in new vehicles without additional charge. Senators said this year that at least seven automakers have removed AM broadcast radio from their electric vehicles, including Tesla, BMW, and Volkswagen. Ford reversed course in May under pressure from Congress. Lawmakers say losing AM radio undermines a federal system for delivering key public safety information to the public. The National Association of Broadcasters said the bill "will ensure that the tens of millions of AM radio listeners across the country retain access to local news, diverse community programming and emergency information." The Alliance for Automotive Innovation, a trade group representing major automakers, opposed the measure: "This is simply a bill to prop up and give preference to a particular technology that's now competing with other communications options and adapting to changing listenership."

The U.S. Senate Commerce Committee also approved two bills aimed at tightening privacy protections for children online.

Long-time Slashdot reader theodp writes: The number one movie in North America is Warner Bros. Discovery's Barbie, which Deadline reports has teamed up with Oppenheimer to fuel a mind-blowing $300M+ box office weekend. ["Oppenheimer Shatters Expectations with $80 Million Debut," read the headline at Variety.]

Now it seems everybody is trying to tap into Barbie buzz, including Microsoft's Xbox [which added Barbie and Ken's cars to Forza Horizon 5] and even Microsoft-backed education nonprofit Code.org. ("Are your students excited about Barbie The Movie? Have them try an HourOfCode [programming game] with Barbie herself!").
The idea is to inspire young students to become coders. But as Code.org shares Instagram images of a software developer Barbie, Slashdot reader theodp remembers when, nine years ago, Code.org's CEO "took to Twitter to blast Barbie and urge for her replacement." They'd joined a viral 2014 Computer Engineer Barbie protest that arose in response to the publication of Barbie F***s It Up Again, a scathing and widely reported-on blog post that prompted Mattel to pull the book Barbie: I Can Be a Computer Engineer immediately from Amazon. This may have helped lead to Barbie's loss of her crown as the most popular girls' toy in the ensuing 2014 holiday season to Disney's Frozen princesses Elsa and Anna, and got the Mattel exec who had to apologize for Computer Engineer Barbie called to the White House for a sit down a few months later. (Barbie got a brainy makeover soon thereafter)...

The following year, Disney-owned Lucasfilm and Code.org teamed up on Star Wars: Building a Galaxy with Code, a signature tutorial for the 2015 Hour of Code. Returning to a Disney princess theme in 2016, Disney and Code.org revealed a new Hour of Code tutorial featuring characters from the animated film Moana just a day ahead of its theatrical release. It was later noted that Moana's screenwriters included Pamela Ribon, who penned the 2014 Barbie-blasting blog post that ended Barbie's short reign as the Hour of Code role model of choice for girls.

Interestingly, Ribon seems to bear no Barbie grudges either, tweeting on the day of the Barbie movie release, "I was like holy s*** can't wait to see it."
To be fair, the movie's trailer promises "If you hate Barbie, this movie is for you," in a deconstruction where Barbie is played by D.C. movies' "Harley Quinn" actress Margot Robbie (Suicide Squad, Birds of Prey), whose other roles include Tonya Harding and the home-wrecking second wife in The Wolf of Wall Street.

There's been several articles on how programmers can adapt to writing code with AI. But presumably AI companies will then gather more data from how real-world programmers use their tools.

So long-time Slashdot reader ThePub2000 has a question. "Where's the generative leaps if the humans using it as an assistant don't make leaps forward in a public space?" Let's posit a couple of things:

- First, your AI responses are good enough to use.
- Second, because they're good enough to use you no longer need to post publicly about programming questions.

Where does AI go after it's "perfected itself"?

Or, must we live in a dystopian world where code is scrapable for free, regardless of license, but access to support in an AI from that code comes at a price?

An anonymous reader shares this report from Dice.com: C++ is enjoying a surge in popularity, according to the latest update to the TIOBE Index, which tracks programming languages' "buzz."

C++ currently sits right behind C and Python on TIOBE's list. "A few months ago, the programming C++ language claimed position 3 of the TIOBE index (at the expense of Java). But C++ has not finished its rise. C seems to be its next victim," added the note accompanying the data... ["At the moment, the gap between the two is only 0.76%."]

Matlab, Scratch and Rust also match their all time high records at respectively positions #10, #12 and #17.
So here, according to TIOBE, are the 10 most popular programmings languages:

1. Python
2. C
3. C++
4. Java
5. C#
6. JavaScript
7. Visual Basic
8. SQL
9. PHP
10. MATLAB

The site I Programmer digs deeper: C++ was the only one of the top four languages to see a positive year-on-year change in its percentage rating — adding 0.79% to stand at 10.8%. Python had the smallest loss of the entire Top 20, -0.01% leaving it with a share of 13,42% while Visual Basic had the greatest loss at -2.07%. This, combined with JavaScript gaining 1.34%, led to JavaScript overtaking it to occupy #6, its highest ever ranking in the TIOBE Index.
They also note that COBOL "had a 3-month rise going from a share of 0.41% in April to 0.86% in July which moved it into #20 on the index."

Cerebras Systems and G42 have introduced the Condor Galaxy project, a network of nine interconnected supercomputers designed for AI model training with a combined performance of 36 FP16 ExaFLOPs. The first supercomputer, CG-1, located in California, offers 4 ExaFLOPs of FP16 performance and 54 million cores, focusing on Large Language Models and Generative AI without the need for complex distributed programming languages. AnandTech reports: CG-2 and CG-3 will be located in the U.S. and will follow in 2024. The remaining systems will be located across the globe and the total cost of the project will be over $900 million. The CG-1 supercomputer, situated in Santa Clara, California, combines 64 Cerebras CS-2 systems into a single user-friendly AI supercomputer, capable of providing 4 ExaFLOPs of dense, systolic FP16 compute for AI training. Based around Cerebras's 2.6 trillion transistor second-generation wafer scale engine processors, the machine is designed specifically for Large Language Models and Generative AI. It supports up to 600 billion parameter models, with configurations that can be expanded to support up to 100 trillion parameter models. Its 54 million AI-optimized compute cores and massivefabric network bandwidth of 388 Tb/s allow for nearly linear performance scaling from 1 to 64 CS-2 systems, according to Cerebras. The CG-1 supercomputer also offers inherent support for long sequence length training (up to 50,000 tokens) and does not require any complex distributed programming languages, which is common in case of GPU clusters.

This supercomputer is provided as a cloud service by Cerebras and G42 and since it is located in the U.S., Cerebras and G42 assert that it will not be used by hostile states. CG-1 is the first of three 4 FP16 ExaFLOP AI supercomputers (CG-1, CG-2, and CG-3) created by Cerebras and G42 in collaboration and located in the U.S. Once connected, these three AI supercomputers will form a 12 FP16 ExaFLOP, 162 million core distributed AI supercomputer, though it remains to be seen how efficient this network will be. In 2024, G42 and Cerebras plan to launch six additional Condor Galaxy supercomputers across the world, which will increase the total compute power to 36 FP16 ExaFLOPs delivered by 576 CS-2 systems. The Condor Galaxy project aims to democratize AI by offering sophisticated AI compute technology in the cloud. "Delivering 4 exaFLOPs of AI compute at FP16, CG-1 dramatically reduces AI training timelines while eliminating the pain of distributed compute," said Andrew Feldman, CEO of Cerebras Systems. "Many cloud companies have announced massive GPU clusters that cost billions of dollars to build, but that are extremely difficult to use. Distributing a single model over thousands of tiny GPUs takes months of time from dozens of people with rare expertise. CG-1 eliminates this challenge. Setting up a generative AI model takes minutes, not months and can be done by a single person. CG-1 is the first of three 4 ExaFLOP AI supercomputers to be deployed across the U.S. Over the next year, together with G42, we plan to expand this deployment and stand up a staggering 36 exaFLOPs of efficient, purpose-built AI compute."

Most outsourced programmers in India will see their jobs wiped out in the next year or two, Stability AI CEO Emad Mostaque said. CNBC reports: Mostaque, on a call with UBS analysts, said that most of the country's outsourced coders will lose their jobs as the effects of AI mean that it is now possible for software to be developed with far fewer people. "I think that it affects different types of jobs in different ways," Mostaque said on a call with analysts at the Swiss investment bank last week. "If you're doing a job in front of a computer, and no one ever sees you, then it's massively impactful, because these models are like really talented grads."

According to Mostaque, not everyone will be affected in the same way, however. That is due in no small part to differing rules and regulations around the world. Countries with stronger labor laws, like France, will be less likely to see such an impact, for example. In India, Mostaque said, "outsourced coders up to level three programmers will be gone in the next year or two, whereas in France, you'll never fire a developer." "So it affects different models in different countries in different ways in different sectors."

Mostaque reiterated a previous statement he made saying that there will be "no more programmers" in five years' time -- however, he caveated this to say that he meant coders in the traditional sense. "Why would you have to write code where the computer can write code better? When you deconstruct the programming thing from bug testing to unit testing to ideation, an AI can do that, just better," Mostaque said. "But it won't be doing it automatically, it will be AI 'co-pilots,'" Mostaque said. "That means less people are needed for classical programming, but then are they needed for other things? This is the question and this is the balance that we have to understand, because different areas are also affected differently."

Plexamp, the music player originally incubated by the Labs division of media company Plex, is now free, the company announced today. From a report: The project was first launched in 2017 as Plex's own spin on the classic Winamp media player app, offering visualizations to accompany your tunes, tools for programming mixes, and more recently, a ChatGPT-powered "Sonic Sage" feature that builds unique playlists from users' music libraries. However, after its expansion from desktop to mobile, Plexamp was only available to subscribers.

Now, Plex says the Plexamp app will become free, allowing users to play tracks from their own library or the TIDAL music streaming service with high-quality audio and support for lossless audio. The app also includes gapless playback, loudness leveling, and smooth transitions between tracks, among other things. In addition to Library Radio, a feature used to rediscover your music, users can create playlists with Plexamp to match their current mood: like "brooding, cathartic, confident, intense, playful, poignant, swaggering, and wistful," the company says.