InfoWorld's senior writer calls Python a "living language," citing its recent addition of the "walrus operator" for in-line assignments and the newly-approved pattern matching.

"And they're only two of a slew of useful features that could be added to Python to make the language more expressive, more powerful, more suited to the modern programming world. What else might we wish for?" True constants - Python doesn't really have the concept of a constant value... [E]very time a name is used, Python goes to the trouble of looking up what object it's pointing at. This dynamism is one of the chief reasons Python runs more slowly than some other languages. Python's dynamism offers great flexibility and convenience, but it comes at the cost of runtime performance. One advantage of having true constant declarations in Python would be some reduction in the frequency of object lookups that take place during runtime, and thus better performance. If the runtime knows ahead of time that a given value never changes, it doesn't have to look up its bindings...

True overloading and generics - In many languages, multiple versions of the same function can be written to work with different kinds of input... PEP 3124, advanced in April 2007, proposed a mechanism for decorating functions to indicate they could be overloaded. The proposal was deferred rather than being rejected outright — meaning the idea was fundamentally sound, but the time wasn't right to implement it. One factor that might speed the adoption of overloading in Python — or cause the idea to be ditched entirely — is the implementation of the newly proposed pattern matching system.

In theory, pattern matching could be used under the hood to handle overload dispatch. However, pattern matching could also be given as a rationale for not implementing generics in Python, since it already provides an elegant way to dispatch operations based on type signatures. So we might get true overloading in Python one day, or its advantages might be superseded by other mechanisms.
The article lists two more features Python "probably won't get" — starting with multiline lambdas (anonymous functions). Guido van Rossum had argued in 2006 he couldn't find an acceptable syntax, and the article argues "there is probably no way to do it that doesn't involve creating a special case." And it argues the final missing feature is tail recursion optimizations, "where functions that call themselves don't create new stack frames in the application, and thus risk blowing up the stack if they run for too long.

"Python doesn't do this, and in fact its creators have consistently come out against doing so."

"Programming language Python is now firmly the second most popular programming language, for the first time knocking Java out of the top two places in RedMonk's language popularity rankings," reports ZDNet: It's the first time since 2012 that Java is not one of the top two most popular languages in the developer analyst firm's programming language popularity list. The company's previous rankings in March placed machine-learning propelled Python in a tie for second place with Java, behind JavaScript.

RedMonk's influential programming popularity rankings are based on GitHub and Stack Overflow data. The company combines them "for a ranking that attempts to reflect both code (GitHub) and discussion (Stack Overflow) traction", says RedMonk analyst Stephen O'Grady, who notes "all numerical rankings should be taken with a grain of salt....

"Python is the first non-Java or JavaScript language ever to place in the top two of these rankings by itself, and would not have been the obvious choice for that distinction in years past," O'Grady notes, comparing it to Perl in its heyday because it has become a "language of first resort" and the "glue" for thousands of small projects, while enjoying high adoption in growing categories such as data science...

Five-year-old systems-programming language Rust, created by Mozilla, has hit a more positive milestone, for the first time becoming the 20th most popular language in RedMonk's rankings.
Last week IEEE Spectrum also declared Python "dominated" their assessment of language popularity (compiled from 11 different online metrics), followed by Java and C (and then C++ and JavaScript).

Google and Apple, which already battle over mobile operating systems, are opening a new front in their fight. How that plays out may determine the future of the web. From a report: Google was born on the web, and its business reflects its origin. The company depends on the web for search and advertising revenue. So it isn't a surprise that Google sees the web as key to the future of software. Front and center are web apps, interactive websites with the same power as conventional apps that run natively on operating systems like Windows, Android, MacOS and iOS. Apple has a different vision of the future, one that plays to its strengths. The company revolutionized mobile computing with its iPhone line. Its profits depend on those products and the millions of apps that run on them. Apple, unsurprisingly, appears less excited about developments, like web apps, that could cut into its earnings.

The two camps aren't simply protecting their businesses. Google and Apple have philosophical differences, too. Google, working to pack its dominant Chrome browser with web programming abilities, sees the web as an open place of shared standards. Apple, whose Safari browser lacks some of those abilities, believes its restraint will keep the web healthy. It wants a web that isn't plagued by security risks, privacy invasion and annoyances like unwanted notifications and permission pop-ups. Google leads a collection of heavy-hitting allies, including Microsoft and Intel, trying to craft new technology called progressive web apps, which look and feel like native apps but are powered by the web. PWAs work even when you have no network connection. You can launch PWAs from an icon on your phone home screen or PC start menu, and they can prod you with push notifications and synchronize data in the background for fast startup. PWA fans include Uber, travel site Trivago and India e-commerce site Flipkart. Starbucks saw its website usage double after it rolled out a PWA.

The split over native apps and web apps is more than just a squabble between tech giants trying to convert our lives online into their profits. How it plays out will shape what kind of a digital world we live in. Choosing native apps steers us to a world where we're locked into either iOS or Android, limited to software approved by the companies' app stores and their rules. Web apps, on the other hand, reinforce the web's strength as a software foundation controlled by no single company. A web app will work anywhere, making it easier to swap out a Windows laptop for an iPad. "What you're seeing is the tension between what is good for the user, which is to have a flexible experience, and what's good for the platform, which is to keep you in the platform as much as possible," said Mozilla Chief Technology Officer Eric Rescorla.

Cloudflare today announced the private beta launch of Workers Unbound, the latest step in its efforts to offer a serverless platform that can compete with the likes of AWS Lambda. TechCrunch reports: The company first launched its Workers edge computing platform in late 2017. Today it has "hundreds of thousands of developers" who use it, and in the last quarter alone, more than 20,000 developers built applications based on the service, according to the company. Cloudflare also uses Workers to power many of its own services, but the first iteration of the platform had quite a few limitations. The idea behind Workers Unbound is to do away with most of those and turn it into a platform that can compete with the likes of AWS, Microsoft and Google. Cloudflare aims to expose to third-party developers all of the services it builds for its internal consumption. The original Workers service will continue to operate (but under the Workers Bundled moniker) and essentially become Cloudflare's serverless platform for basic workloads that only run for a very short time. Workers Unbound -- as the name implies -- is meant for more complex and longer-running processes.

When it first launched Workers, the company said that its killer feature was speed. Today, [CEO Matthew Prince] argues that speed obviously remains an important feature -- and Cloudflare Workers Unbound promises that it essentially does away with cold-start latencies. But developers also adopted the platform because of its ability to scale and its price. Indeed, Workers Unbound, Cloudflare argues, is now significantly more affordable than similar offerings. "For the same workload, Cloudflare Workers Unbound can be 75% percent less expensive than AWS Lambda, 24 percent less expensive than Microsoft Azure Functions, and 52 percent less expensive than Google Cloud Functions," the company says in today's press release.

Another feature Prince highlighted is regulatory compliance. "I think the thing we're realizing as we talk to our largest enterprise customers is that for real companies -- not just the individual developer hacking away at home -- but for real businesses in financial services or anyone who has to deal with a regulated industry, the only thing that trumps ease of use is regulatory compliance, which is not sexy or interesting or anything else but like if your GC says you can't use XYZ platform, then you don't use XYZ platform and that's the end of the story," Prince noted. Speed, though, is of course something developers will always care about. Prince stressed that the team was quite happy with the 5ms cold-start times of the original Workers platform. The way the team engineered this is by queuing up the process while the two servers are still negotiating their TLS handshake. Cloudflare also argues that developers can update their code and have it go live globally within 15 seconds. Another area the team worked on was making it easier to use the service in general. Among the key new features here is support for languages like Python and a new SDK that will allow developers to add support for their favorite languages, too.

IEEE Spectrum's August issue will include an article titled "The Top Programming Languages."

Calculated using metrics from 11 online sources, it concludes that "One thing remains constant: the dominance of Python." Our default ranking is weighted toward the interests of an IEEE member, and looking at the top entries, we see that Python has held onto its comfortable lead, with Java and C once again coming in second and third place, respectively. Arduino has seen a big jump, rising from 11th place to seventh. (Purists may argue that Arduino is not a language but rather a hardware platform that is programmed using a derivative of Wiring, which itself is derived from C/C++. But we have always taken a very pragmatic approach to our definition of "programming language," and the reality is that when people are looking to use an Arduino-compatible microcontroller, they typically search for "Arduino code" or buy books about "Arduino programming," not "Wiring code" or "C programming.")

One interpretation of Python's high ranking is that its metrics are inflated by its increasing use as a teaching language: Students are simply asking and searching for the answers to the same elementary questions over and over. There's an historical parallel here. In the 1980s, BASIC was very visible... But few professional programmers used it, and when the home computer bubble burst, so did BASIC's, although some advanced descendants like Microsoft Visual Basic are still relatively popular professionally.

There are two counterarguments, though: The first is that students are people, too! If we pay attention only to what professional and expert coders do, we're at risk of missing an important part of the picture. The second is that, unlike BASIC, Python is frequently used professionally and in high-profile realms, such as machine learning, thanks to its enormous collection of high quality, specialized libraries.
C++ came in fourth, followed by JavaScript, R, "Arduino," Go, Swift, and Matlab.

But because different programmers have different needs, they've also created a special interactive version of their rankings online, "allowing you to weight the metrics as you see fit... "

Plex is bringing back the cable grid. The popular media center app added 80 live TV channels Thursday, complete with a programming guide that will look very familiar to anyone who has ever subscribed to pay TV, albeit with a few key differences: Plex's new live TV service is free to use, and it doesn't feature popular cable channels like CNN, TBS or Lifetime. From a report: Instead, its lineup includes channels like Reuters TV, Toon Goggles and the Bob Ross Channel. This type of ad-supported linear programming is growing in popularity across the industry; with consumers forced to tighten their belts, it could further contribute to cord cutting and fasten the shift from cable bundles to online video -- a future that may, at least to consumers, look very much like the best of TV's past. Plex has long positioned itself as an app for cord cutters, with free on-demand video and DVR functionality for broadcast TV networks. With its 80 new live TV channels, the company wants to offer its customers an experience that's closer to the lean-back viewing known from traditional pay TV. The Los Gatos-based startup has plans to add another 50 to 100 channels in the coming months.

Executives freely admitted in a conversation with Protocol that their take on live TV doesn't provide a 1:1 replacement for individual cable channels, but they argued that it's a good-enough experience. "It becomes a dirt-cheap way to replace cable," said co-founder and Chief Product Officer Scott Olechowski. One of the companies supplying Plex with TV feeds is Cinedigm, which operates around a dozen linear online channels, Including the Bob Ross channel, ConTV and standup-focused Comedy Dynamics. Cinedigm only began developing linear channels a little over a year ago and already has 13.5 million monthly viewers for these channels on smart TVs. "There is a lot of power in lean-back entertainment," said Cinedigm Digital Networks President Erick Opeka.

An anonymous reader writes: A rare 1944 four-rotor M4 Enigma cipher machine, considered one of the hardest challenges for the Allies to decrypt, has sold at a Christie's auction for $437,955. As noted by Christie's, the M4 Enigma has a special place in computing history as the Allied efforts to break its encryption led to the development of the first programmable computer, the one developed at Bletchley Park that was used to secretly break the M4, giving Allied forces visibility into German naval planning during the Battle of the Atlantic until its surrender in mid-1945.

The M4 Enigmas are considered rare because they were made in smaller numbers than three-rotor machines. After Germany capitulated, the country ordered troops to destroy remaining Enigmas in order to keep them from Allied forces. After the war Winston Churchill also ordered all remaining Enigmas destroyed to help preserve the secret of Allied decoding successes at Bletchley. The M4 Enigmas were made on the order of Admiral Karl Donitz, the commander of the German U-boat fleet, who had concerns over repeated Allied successes against his submarines. The M4 became available to the U-boat fleet in May 1941, preventing Allies from knowing where German's U-boats were positioned for almost a year until Turing and Joe Desch in Dayton, Ohio developed the computer that broke M4 encryption to decipher German messages. By mid-1943 the majority of M4 Enigma messages were being read by the Allies, but it was not until the 1970s that knowledge of the Allied successes against the Enigma was made public. "Rival auction house Sotheby's sold an M4 Enigma last year for $800,000, which may have reached a higher selling price because it was one of one of 15 Enigma machines found in a bunker at Germany's key Northern European naval base in Trondheim, Norway, which Germany had occupied since 1940," adds ZDNet.

Microsoft-owned GitHub has finally moved its snapshot of all active public repositories on the site to a vault in Norway. ZDNet reports: GiHub announced the archiving plan last November and on February 20 followed through with the 21 terabyte snapshot written to 186 reels of film. GitHub cancelled plans for a team to "personally escort the world's open-source code to the Arctic" due to the coronavirus pandemic, leaving the job to local partners who received the boxed films and deposited them in an old coal mine on July 8. The archive is being stored in Svalbard, Norway, a group of islands that's also home to the global seed bank.

"The code landed in Longyearbyen, a town of a few thousand people on Svalbard, where our boxes were met by a local logistics company and taken into intermediate secure storage overnight," said Julia Metcalf, director of strategic programs at GitHub. "The next morning, it traveled to the decommissioned coal mine set in the mountain, and then to a chamber deep inside hundreds of meters of permafrost, where the code now resides fulfilling their mission of preserving the world's open-source code for over 1,000 years." The repository includes public code repositories and significant dormant repos. The snapshot consists of the HEAD of the default branch of each repository, minus any binaries larger than 100kB in size. Each repository is then packaged as a single TAR file, and for efficiency's sake, most of the data will be stored as QR codes. A human-readable index and guide will itemize the location of each repository and explain how to recover the data.

Cambridge Engineering alumnus Hal Evans has built a fully-functioning replica of a 1930s Polish cyclometer -- an electromechanical cryptologic device that was designed to assist in the decryption of German Enigma ciphertext. The replica currently resides in King's College, Cambridge. TechXplore reports: Work on the hardware-based replica began in 2018, as part of Hal's fourth year Master's project under the supervision of King's College Fellow and Senior Tutor Dr. Tim Flack. The aim was to investigate further into cryptologist Marian Rejewski's cyclometer -- an early forerunner to Cambridge University mathematician Alan Turing's machine, known as the Bombe, which was used to crack the German Enigma code during the Second World War. Hal said he chose to work on the cyclometer as it was the very first machine used to assist the decryption effort. To his knowledge, the replica is the first fully-functioning hardware-based electromechanical cyclometer to exist since the years preceding the Second World War. The original machines would have been destroyed in 1939 to prevent them from falling into the hands of German invaders.

Rejewski's cyclometer exploited the German's procedure at the time of double encipherment of the Enigma message key, and semi-automated the process for calculating what were known as 'characteristics' for every possible Enigma rotor starting position. There were more than 100,000 of these rotor starting positions, and they each needed their characteristic to be calculated and catalogued in a card index system. The cyclometer therefore eliminated the arduous task of calculating these characteristics by hand. The machine consisted of, in effect, two interlinked Enigma systems side-by-side -- one offset by three positions relative to the other -- and 26 lamps and switches to cover the alphabet. On operation, a certain number of bulbs illuminated, indicating the lengths of the characteristics. These were recorded for every single possible rotor starting position to create an immense look-up catalogue. Once this was completed, obtaining the daily Enigma rotor starting settings to decode messages was a simple matter of intercepting enough messages and referencing the catalogue, taking only a matter of minutes.

Today I learned that Microsoft "has been providing support for the development and building of the PHP programming language on Windows," according to Bleeping Computer. "This support includes developing security patches for PHP and creating native Windows builds."

But that's going to change: Microsoft has announced that it will not offer support in 'any capacity' for PHP for Windows 8.0 when it is released... To add some clarity to Microsoft PHP Windows Lead Dale Hirt's post, PHP Release Manager Sara Golemon posted to Reddit explaining that this does not mean PHP 8.0 will not be supported in Windows. It just means that Microsoft will not be the one building and supporting it. "For some possibly missing context, Microsoft runs https://windows.php.net and produces all the official builds of PHP for Windows... This message means Microsoft aren't going to produce official builds for PHP 8 onwards. This message does NOT mean that nobody will."

Microsoft has not stated why they will no longer support PHP 8.0, but it could be due to the extensive PHP support already existing in the Windows Subsystem for Linux (WSL). Microsoft has been actively developing WSL, which allows users to install various Linux distributions that run directly in Windows 10.

As these distributions already support PHP 7.4 and will support PHP 8.0 when released, Microsoft may see it as unnecessary to continue supporting a native PHP build in Windows.

The R programming language is experiencing a surge in popularity "in the slipstream of Python," according to this month's TIOBE index, leaping into the top ten.

"For historical context, we wrote of R's spot in TIOBE nearly two years ago, and it had just made the leap from #50 to #39," writes programming columnist Mike Melanson.

ZDNet writes: In May, when R crashed out of the top 20 for the first time in three years, Tiobe speculated that the language could be a victim of consolidation in statistical programming, with more developers in the field gravitating towards Python.
But there's been a lot of motion since then, Tech Republic reports: R rose one space to eighth place in July, but its comparison to 2019 is where the real surprise lies: It was in 20th place at the same time last year. TIOBE CEO Paul Jansen cites two reasons why R may be increasing in popularity:

- Universities and research institutes have moved away from commercial statistical languages like SAS and Stata in favor of open source languages Python and R.

- The increase in analytics being used to search for a COVID-19 vaccine....

The largest gainers in popularity between July 2019 and July 2020 are Go, which jumped from 16th to 12th place, Perl, jumping from No. 19 to No. 14, Scratch, jumping from No. 30 to No. 17, Rust, which moved from No. 33 to No. 18, and PL/SQL, which moved from No. 23 to No. 19.

Ruby fell the most, moving from 11th place to 16th, while SQL, MATLAB, and Assembly Language also slipped down the list.
ZDNet adds that "Besides R's upwards shift, Tiobe's July index doesn't show much movement in the popularity of the top languages. The top 10 in descending order are C, Java, Python, C++, C#, Visual Basic, JavaScript, R, PHP and Swift."

Visual Studio magazine argues that the biggest surprise may be that the 29-year-old language classic Visual Basic is still in the top 20 — since its last stable release was 22 years ago, and by 2008 it was finally retired by Microsoft. "VB6 just refuses to go away, achieving cult-like status among a group of hard-core supporters."

"Other terms are more inclusive and precise," reads a merged Pull request for the Rust programming language titled "Avoid 'whitelist'."

"This doesn't look like it affects any 'user visible' flags or anything like that," core developer Niko Matsakis had pointed out in a comment on the pull request, asking "It's purely internal...?"

The pull request has since been merged.

theodp writes: From the Home Office in Cupertino: "Apple today announced a new set of tools to help educators teach coding to students from grade school to college. In addition to significant enhancements to the Develop in Swift and Everyone Can Code curricula, Apple is also starting a new professional learning course for Develop in Swift, available to educators at no cost. The course is designed to supplement the need for computer science educators in the US, and helps instructors of all skill levels build foundational knowledge to teach app development with Swift. In addition, with many institutions operating remotely, Apple is adding resources for educators and parents to help ensure they have the tools they need to help students learn and grow from anywhere. [...] To support parents with kids learning to code at home, Apple is adding a new guide to its set of remote learning resources. 'A Quick Start to Code' is now available and features 10 coding challenges designed for learners ages 10 and up, on iPad or Mac. [...] In 2016, Apple launched Everyone Can Code, a comprehensive program and curriculum to help students of all abilities, from kindergarten to college, learn coding to solve problems and prepare them for the workforce. Develop in Swift was released in 2019, and today more than 9,000 K-12 and higher education institutions worldwide are using the Everyone Can Code and Develop in Swift curricula from Apple."

Back in 2018, Apple CEO Tim Cook claimed that most students shunned programming before Apple introduced Swift "because coding languages were 'too geeky.'" As Apple introduced Swift in 2016, Cook called for requiring all children to start coding in 4th grade (9-10 years old), which Cook reiterated to President Trump in a 2017 White House meeting with tech titans.

Asraa Mustufa and David Eads, reporting for Chicago Reporter: With Chicago reeling this week from a bloody July 4 weekend that saw more than 80 shootings claim the lives of at least 17 people, including young children, police Superintendent David Brown doubled down on his approach to stemming the violence at a press conference Monday. "We must keep violent offenders in jail longer," Brown said, arguing that arrestees are getting released too quickly and that the electronic monitoring program is "clearly not working" and needs to be revamped. Mayor Lori Lightfoot agreed on the need to keep violent offenders locked up in order to reduce crime. Brown had deployed an additional 1,200 officers on the streets ahead of the holiday weekend to break up "drug corners," in a strategy not unlike that of police chiefs before him. His plan was criticized by civil rights advocates and criminologists, WBEZ reported. "Our endgame is arrests for the precursors to violence," Brown said. "But when we clear the corner, we're pleading with the court systems: Keep them in jail through the weekend."

Brown's remarks raise many questions. How did officers carry out this policing strategy? Did they make arrests for violent crimes or other charges? How long were arrestees in police custody? Do these defendants quickly bond out or remain detained? Do these kinds of arrests really keep violent offenders off the street and effectively prevent more violence? Queries like these are key to digging into Brown's claims and gauging how effective CPD's tactics are. But it's now substantially more difficult to check CPD's claims and details about arrests. That's because the department recently shut down its arrest API used by journalists and researchers. A data API, or application programming interface, provides access to structured information in a way machines can read, akin to the difference between getting data in a spreadsheet file versus copying it by hand into a spreadsheet. CPD's API provided access to comprehensive and timely data about arrests going back to 2014 in ways that can be processed and analyzed by software engineers and reporters.

The Chicago Reporter used the API last month to analyze police tactics during local mass protests following the Minneapolis police killing of George Floyd. CPD had released figures stating that the majority of arrests made on the weekend of May 29 were for criminal conduct related to looting, not protesting. But by using CPD's own data from the arrest API, we found the opposite to be true: the majority of civil unrest-related arrests made that weekend had been for offenses related to protesting. [...] Within a day of our publishing this analysis, CPD removed access to the API for all users.

Apple today seeded the first public betas of upcoming iOS 14 and iPadOS 14, and tvOS 14 updates to its public beta testing group, two weeks after first providing the updates to developers after the WWDC keynote.

Microsoft is forming a team internally under the Microsoft Devices division that will handle the development of the Android OS for Surface Duo going forward. Windows Central: According to my sources, up until now, Microsoft had contracted the OS work out to third-party vendors such as Movial, who had the expertise required to bring Android to life on Surface Duo. Movial is a software, services, and design engineering company that was working closely with Microsoft on Surface Duo during its prototype and development stages. Microsoft has now acquired the local operations of Movial in Romania, Taiwan, and the USA, and is bringing on-board all the Movial employees that were working on the Surface Duo as full-time employees at Microsoft.

Microsoft is not acquiring Movial as a whole. Movial will continue to operate as a standalone company, with employees at its headquarters in Finland remaining at Movial. SeeNews reports that Movial's Iasi office will become Microsoft Romania's fourth research and development center, as it on-boards 60 employees from Movial in that location.

theodp writes: Code.org's $10+ million "Diamond" supporters include Microsoft, Facebook, Amazon, and Infosys. Its $3+ million "Platinum" supporters include Google, the Gates Foundation, and the Ballmer Group. And its $1+ million "Gold" supporters include Jeff Bezos and Bill Gates, the world's two richest men. So, it was somewhat surprising to see the nonprofit -- which is dedicated to pushing CS into K-12 classrooms -- pop up on the list of Seattle-area tech companies that received a PPP loan from the federal government. According to Paycheck Protection Program data released by the SBA and Treasury, Code.org was approved on April 15th for a loan between $1-2 million to retain 81 jobs due to the pandemic. Khan Academy, another pet nonprofit of Gates and other billionaires, received approval for a $2-5 million PPP loan to retain 185 jobs.

JPMorgan Chase is eliminating terms like "blacklist," "master" and "slave" from its internal technology materials and code as it seeks to address racism within the company, said two sources with knowledge of the move. Reuters reports: The terms had appeared in some of the bank's technology policies, standards and control procedures, as well in the programming code that runs some of its processes, one of the sources said. The phrases "master" and "slave" code or drive are used in some programming languages and computer hardware to describe one part of a device or process that controls another. "Blacklist" is used to describe items that are automatically denied, like a list of websites forbidden by a company's cybersecurity division. "Whitelist" means the opposite - a list of items automatically approved. While JPMorgan appears to be the first in the financial sector to remove most references to these racially problematic phrases, they're not the only company to do so. GitHub, Google, and Twitter are a few others who have made similar moves recently.

An anonymous reader quotes a report from Ars Technica: Nearly 20 years after its initial release, a hacker has found a way to run homebrew software on an unmodified PlayStation 2 using nothing but a carefully burned DVD-ROM. Previous efforts to hack the PS2 relied on internal modifications, external hardware (like pre-hacked memory cards and hard drives), or errors found only on very specific models of the system. The newly discovered FreeDVDBoot differs from this previous work by exploiting an error in the console's DVD video player to create a fully software-based method for running arbitrary code on the system.

Security researcher CTurt laid out the FreeDVDBoot discovery and method in detail in a blog post this weekend. By decrypting and analyzing the code used for the PS2's DVD player, CTurt found a function that expects a 16-bit string from a properly formatted DVD but will actually easily accept over 1.5 megabytes from a malicious source. Sending carefully formatted data to that function causes a buffer overflow that in turn triggers another badly written function to tell the system to jump to an area of memory with arbitrary, attacker-written code. That code can then tell the system to load an ELF file written to a burned DVD-R in the system. Building on previous PS2 homebrew efforts like uLaunchELF, it's relatively simple to use that DVD-R to load homebrew software or even full copies of otherwise copy-protected PS2 games. The exploit is currently limited to very specific versions of the PS2's DVD player firmware (as of press time, firmwares 3.10 and 3.11, when set to "English") found in later editions of the console and won't work in earlier systems. But CTurt writes that he's "confident that all other versions also contain these same trivial IFO parsing buffer overflows" and can be exploited with broadly similar methods. The possibility of similar hacks through the Blu-ray player on the PS3 and PS4 (or the CD player on the PS1) are also being examined by the community.

Oracle's Java magazine is celebrating the 25th anniversary of the programming language with a list of the 25 greatest Java apps ever written: From space exploration to genomics, from reverse compilers to robotic controllers, Java is at the heart of today's world. Here are a few of the countless Java apps that stand out from the crowd.

The story of Java began in 1991, at a time when Sun Microsystems sought to extend their lead in the computer workstation market into the burgeoning personal electronics market. Little did anyone know that the programming language Sun was about to create would democratize computing, inspire a worldwide community, and become the platform for an enduring software development ecosystem of languages, runtime platforms, SDKs, open source projects, and lots and lots of tools. After a few years of secret development led by James Gosling, Sun released the landmark "write once, run anywhere" Java platform in 1995, refocusing it beyond its original design for interactive television to applications for the burgeoning World Wide Web. By the turn of the century, Java was animating everything from smartcards to space vehicles.

Today, millions of developers program in Java. Although Java continues to evolve at an ever-faster pace, on the occasion of the platform's 25th anniversary, Java Magazine decided to take a look back at how Java molded our planet. What follows is a list of the 25 most ingenious and influential Java apps ever written, from Wikipedia Search to the US National Security Agency's Ghidra. The scope of these applications runs the gamut: space exploration, video games, machine learning, genomics, automotive, cybersecurity, and more.
The list includes Eclipse, Minecraft, the Maestro Mars Rover controller, and "VisibleTesla," the open source app created by an automobile enthusiast to monitor and control his Tesla Model S.