Lindsay Clark reports via The Register: Only 14 percent of Oracle Java subscribers plan to stay on Big Red's runtime environment, according to a study following the introduction of an employee-based subscription model. At the same time, 36 percent of the 663 Java users questioned said they had already moved to the employee-based pricing model introduced in January 2023. Shortly after the new model was implemented, experts warned that it would create a significant price hike for users adopting it. By July, global tech research company Gartner was forecasting that those on the new subscription package would face between two and five times the costs compared with the previous usage-based model.

As such, among the 86 percent of respondents using Oracle Java SE who are currently moving or plan to move all or some of their Java applications off Oracle environments, 53 percent said the Oracle environment was too expensive, according to the study carried out by independent market research firm Dimensional Research. Forty-seven percent said the reason for moving was a preference for open source, and 38 percent said it was because of uncertainty created by ongoing changes in pricing, licensing, and support. [...]

To support OpenJDK applications in production, 46 percent chose a paid-for platform such as Belsoft Liberica, IBM Semeru, or Azul Platform Core; 45 percent chose a free supported platform such as Amazon Corretto or Microsoft Build of OpenJDK; and 37 percent chose a free, unsupported platform. Of the users who have already moved to OpenJDK, 25 percent said Oracle had been significantly more expensive, while 41 percent said Big Red's licensing had made it somewhat more expensive than the alternative. The survey found three-quarters of Java migrations were completed within a year, 23 percent within three months.

An anonymous reader shared this report from InfoWorld: Rust has leaped to its highest position ever in the monthly Tiobe index of language popularity, scaling to the 13th spot this month, with placement in the top 10 anticipated in an upcoming edition. Previously, Rust has never gone higher than 17th place in the Tiobe Programming Index. Tiobe CEO Paul Jansen attributed Rust's ascent in the just-released July index to a February 2024 U.S. White House report recommending Rust over C/C+ for safety reasons. He also credited the growing community and ecosystem support for the language. "Rust is finally moving up."
The article adds that these rankings are based on "the number of skilled engineers worldwide, courses, and third-party vendors pertaining to languages, examining websites such as Google, Amazon, Wikipedia, and more than 20 others to determine the monthly numbers."

1. Python
2. C++
3. C
4. Java
5. C#
6. JavaScript
7. Go
8. Visual Basic
9. Fortran
10. SQL

Interestingly, Rust has just moved into the top ten on the rival rankings from the rival Pypl Popularity of Programming Language index (which according to the article "assesses how often languages are searched on in Google.")

1. Python
2. Java
3. JavaScript
4. C#
5. C/C++
6. R
7. PHP
8. TypeScript
9. Swift
10. Rust

IEEE Spectrum (the IEEE's official publication) asks the question. "How does an AI code generator compare to a human programmer?" A study published in the June issue of IEEE Transactions on Software Engineering evaluated the code produced by OpenAI's ChatGPT in terms of functionality, complexity and security. The results show that ChatGPT has an extremely broad range of success when it comes to producing functional code — with a success rate ranging from anywhere as poor as 0.66 percent and as good as 89 percent — depending on the difficulty of the task, the programming language, and a number of other factors. While in some cases the AI generator could produce better code than humans, the analysis also reveals some security concerns with AI-generated code.
The study tested GPT-3.5 on 728 coding problems from the LeetCode testing platform — and in five programming languages: C, C++, Java, JavaScript, and Python. The results? Overall, ChatGPT was fairly good at solving problems in the different coding languages — but especially when attempting to solve coding problems that existed on LeetCode before 2021. For instance, it was able to produce functional code for easy, medium, and hard problems with success rates of about 89, 71, and 40 percent, respectively. "However, when it comes to the algorithm problems after 2021, ChatGPT's ability to generate functionally correct code is affected. It sometimes fails to understand the meaning of questions, even for easy level problems," said Yutian Tang, a lecturer at the University of Glasgow. For example, ChatGPT's ability to produce functional code for "easy" coding problems dropped from 89 percent to 52 percent after 2021. And its ability to generate functional code for "hard" problems dropped from 40 percent to 0.66 percent after this time as well...

The researchers also explored the ability of ChatGPT to fix its own coding errors after receiving feedback from LeetCode. They randomly selected 50 coding scenarios where ChatGPT initially generated incorrect coding, either because it didn't understand the content or problem at hand. While ChatGPT was good at fixing compiling errors, it generally was not good at correcting its own mistakes... The researchers also found that ChatGPT-generated code did have a fair amount of vulnerabilities, such as a missing null test, but many of these were easily fixable.
"Interestingly, ChatGPT is able to generate code with smaller runtime and memory overheads than at least 50 percent of human solutions to the same LeetCode problems..."

An anonymous reader quotes a report from Ars Technica: More than 384,000 websites are linking to a site that was caught last week performing a supply-chain attack that redirected visitors to malicious sites, researchers said. For years, the JavaScript code, hosted at polyfill[.]com, was a legitimate open source project that allowed older browsers to handle advanced functions that weren't natively supported. By linking to cdn.polyfill[.]io, websites could ensure that devices using legacy browsers could render content in newer formats. The free service was popular among websites because all they had to do was embed the link in their sites. The code hosted on the polyfill site did the rest. In February, China-based company Funnull acquired the domain and the GitHub account that hosted the JavaScript code. On June 25, researchers from security firm Sansec reported that code hosted on the polyfill domain had been changed to redirect users to adult- and gambling-themed websites. The code was deliberately designed to mask the redirections by performing them only at certain times of the day and only against visitors who met specific criteria.

The revelation prompted industry-wide calls to take action. Two days after the Sansec report was published, domain registrar Namecheap suspended the domain, a move that effectively prevented the malicious code from running on visitor devices. Even then, content delivery networks such as Cloudflare began automatically replacing pollyfill links with domains leading to safe mirror sites. Google blocked ads for sites embedding the Polyfill[.]io domain. The website blocker uBlock Origin added the domain to its filter list. And Andrew Betts, the original creator of Polyfill.io, urged website owners to remove links to the library immediately. As of Tuesday, exactly one week after malicious behavior came to light, 384,773 sites continued to link to the site, according to researchers from security firm Censys. Some of the sites were associated with mainstream companies including Hulu, Mercedes-Benz, and Warner Bros. and the federal government. The findings underscore the power of supply-chain attacks, which can spread malware to thousands or millions of people simply by infecting a common source they all rely on.

theodp writes: As with last year," tweeted College Board's AP Program Chief Trevor Packer, "the most challenging free-response question on this year's AP Computer Science A exam was Q4 on 2D Array." While it takes six pages of the AP CS A exam document [PDF] to ask question 4 (of 4), the ask of students essentially boils down to using Java to move from the current location in a 2-D grid to either immediately below or to the right of that location based on which neighbor contains the lesser value, and adding the value at that location to a total (suggested Java solution, alternative Excel VBA solution). Much like rules of the children's game Pop-O-Matic Trouble, moves are subject to the constraint that you cannot move to the right or ahead if it takes you to an invalid position (beyond the grid dimensions).

Ironically, many of the AP CS A students who struggled with the grid coding problem were likely exposed by their schools from kindergarten on to more than a decade's worth of annual Hour of Code tutorials that focused on the concepts of using code to move about in 2-D grids. The move-up-down-left-right tutorials promoted by schools came from tech-backed nonprofit Code.org and its tech giant partners and have been taught over the years by the likes of Bill Gates, Mark Zuckerberg, and President Obama, as well as characters from Star Wars, Disney Princess movies, and Microsoft Minecraft.

The news of American high school students struggling again with fairly straightforward coding problems after a year-long course of instruction comes not only as tech companies and tech-tied nonprofits lobby state lawmakers to pass bills making CS a high school graduation requirement in the US, but also as a new report from King's College urges lawmakers and educators to address a stark decline in the number of UK students studying computing at secondary school, which is blamed on the replacement of more approachable ICT (Information and Communications Technology) courses with more rigorous computer science courses in 2013 (a switch pushed by Google and Microsoft), which it notes students have perceived as too difficult and avoided taking.

Last month TIOBE announced its estimate that the four most popular programming languages were:

1. Python
2. C
3. C++
4. Java

But this month C++ "overtook" C for the first time, TIOBE announced, becoming (according to the same methodology) the #2 most popular programming language, with C dropping to #3. " C++ has never been that high in the TIOBE index," says TIOBE Software CEO Paul Jansen in the announcement, "whereas C has never been that low."

1. Python
2. C++
3. C
4. Java

C++ started a new life as of 2011 with its consistent 3 yearly updates. Although most compilers and most engineers can't take up with this pace, it is considered a success to see the language evolve.

The main strengths of C++ are its performance and scalability. Its downside is its many ways to get things done, i.e. its rich idiom of features, which is caused by its long history and aim for backward compatibility.

C++ is heavily used in embedded systems, game development and financial trading software, just to name a few domains.
There's different rankings from the rival PYPL index of programming language popularity. It lumps C and C++ together to award them a collective ranking (#5). But unlike TIOBE, it shows Java [and JavaScript and C#] all being more popular (with Python still the #1 most popular language).

Of course, statistical anomalies could be also skewing the results. Visual Basic also lost two ranks in popularity in the last month, according to TIOBE, dropping from the #7 position to the #9 position (now falling just behind Go and SQL). This becomes the first time that Go has risen as high as #7, according to TIOBE's announcement — with Rust also reaching an all-time high of #17...

Long-time Slashdot reader theodp writes: "Great news, Louisiana!" tech-backed Code.org exclaimed Wednesday in celebratory LinkedIn, Facebook, and Twitter posts. Louisiana is "officially the 10th state to make computer science a [high school] graduation requirement. Huge thanks to Governor Jeff Landry for signing the bill and to our legislative champions, Rep. Jason Hughes and Sen. Thomas Pressly, for making it happen! This means every Louisiana student gets a chance to learn coding and other tech skills that are super important these days. These skills can help them solve problems, think critically, and open doors to awesome careers!"

Representative Hughes, the sponsor of HB264 — which calls for each public high school student to successfully complete a one credit CS course as a requirement for graduation and also permits students to take two units of CS instead of studying a Foreign Language — tweeted back: "HUGE thanks @codeorg for their partnership in this effort every step of the way! Couldn't have done it without [Code.org Senior Director of State Government Affairs] Anthony [Owen] and the Code.org team!"

Code.org also on Wednesday announced the release of its 2023 Impact Report, which touted its efforts "to include a requirement for every student to take computer science to receive a high school diploma." Since its 2013 launch, Code.org reports it's spent $219.8 million to push coding into K-12 classrooms, including $19 million on Government Affairs (Achievements: "Policies changed in 50 states. More than $343M in state budgets allocated to computer science.").

In Code.org by the Numbers, the nonprofit boasts that 254,683 students started Code.org's AP CS Principles course in the academic year (2025 Goal: 400K), while 21,425 have started Code.org's new Amazon-bankrolled AP CS A course. Estimates peg U.S. public high school enrollment at 15.5M students, annual K-12 public school spending at $16,080 per pupil, and an annual high school student course load at 6-8 credits...

"Rust is the fastest-growing programming language, with its developer community doubling in size over the past two years," writes The New Stack, "yet JavaScript remains the most popular language with 25.2 million active developers, according to the results of a recent survey." The 26th edition of SlashData's Developer Nation survey showed that the Rust community doubled its number of users over the past two years — from two million in the first quarter of 2022 to four million in the first quarter of 2024 — and by 33% in the last 12 months alone. The SlashData report covers the first quarter of 2024. "Rust has developed a passionate community that advocates for it as a memory-safe language which can provide great performance, but cybersecurity concerns may lead to an even greater increase," the report said. "The USA and its international partners have made the case in the last six months for adopting memory-safe languages...."

"JavaScript's dominant position is unlikely to change anytime soon, with its developer population increasing by 4M developers over the last 12 months, with a growth rate in line with the global developer population growth," the report said. The strength of the JavaScript community is fueled by the widespread use of the language across all types of development projects, with at least 25% of developers in every project type using it, the report said. "Even in development areas not commonly associated with the language, such as on-device coding for IoT projects, JavaScript still sees considerable adoption," SlashData said.

Also, coming in strong, Python has overtaken Java as the second most popular language, driven by the interest in machine learning and AI. The battle between Python and Java shows Python with 18.2 million developers in Q1 2024 compared to Java's 17.7 million. This comes about after Python added more than 2.1 million net new developers to its community over the last 12 months, compared to Java which only increased by 1.2 million developers... Following behind Java there is a six-million-developer gap to the next largest community, which is C++ with 11.4 million developers, closely trailed by C# with 10.2 million and PHP with 9.8 million. Languages with the smallest communities include Objective-C with 2.7 million developers, Ruby with 2.5 million, and Lua with 1.8 million. Meanwhile, the Go language saw its developer population grow by 10% over the last year. It had previously outpaced the global developer population growth, growing by 5Y% over the past two years, from three million in Q1 2022 to 4.7 million in Q1 2024.
"TNS analyst Lawrence Hecht has a few different takeaways. He notes that with the exceptions of Rust, Go and JavaScript, the other major programming languages all grew slower than the total developer population, which SlashData says increased 39% over the last two years alone."

Mistral, the French AI startup backed by Microsoft and valued at $6 billion, has released its first generative AI model for coding, dubbed Codestral. From a report: Codestral, like other code-generating models, is designed to help developers write and interact with code. It was trained on over 80 programming languages, including Python, Java, C++ and JavaScript, explains Mistral in a blog post. Codestral can complete coding functions, write tests and "fill in" partial code, as well as answer questions about a codebase in English. Mistral describes the model as "open," but that's up for debate. The startup's license prohibits the use of Codestral and its outputs for any commercial activities. There's a carve-out for "development," but even that has caveats: the license goes on to explicitly ban "any internal usage by employees in the context of the company's business activities." The reason could be that Codestral was trained partly on copyrighted content. Codestral might not be worth the trouble, in any case. At 22 billion parameters, the model requires a beefy PC in order to run.

"While general-purpose languages like Python, C++, and Java remain popular in AI development," writes VentureBeat, "the resurgence of AI-first languages signifies a recognition that AI's unique demands require specialized languages tailored to the domain's specific needs... designed from the ground up to address the specific needs of AI development." Bend, created by Higher Order Company, aims to provide a flexible and intuitive programming model for AI, with features like automatic differentiation and seamless integration with popular AI frameworks. Mojo, developed by Modular AI, focuses on high performance, scalability, and ease of use for building and deploying AI applications. Swift for TensorFlow, an extension of the Swift programming language, combines the high-level syntax and ease of use of Swift with the power of TensorFlow's machine learning capabilities...

At the heart of Mojo's design is its focus on seamless integration with AI hardware, such as GPUs running CUDA and other accelerators. Mojo enables developers to harness the full potential of specialized AI hardware without getting bogged down in low-level details. One of Mojo's key advantages is its interoperability with the existing Python ecosystem. Unlike languages like Rust, Zig or Nim, which can have steep learning curves, Mojo allows developers to write code that seamlessly integrates with Python libraries and frameworks. Developers can continue to use their favorite Python tools and packages while benefiting from Mojo's performance enhancements... It supports static typing, which can help catch errors early in development and enable more efficient compilation... Mojo also incorporates an ownership system and borrow checker similar to Rust, ensuring memory safety and preventing common programming errors. Additionally, Mojo offers memory management with pointers, giving developers fine-grained control over memory allocation and deallocation...

Mojo is conceptually lower-level than some other emerging AI languages like Bend, which compiles modern high-level language features to native multithreading on Apple Silicon or NVIDIA GPUs. Mojo offers fine-grained control over parallelism, making it particularly well-suited for hand-coding modern neural network accelerations. By providing developers with direct control over the mapping of computations onto the hardware, Mojo enables the creation of highly optimized AI implementations.

According to Mojo's creator, Modular, the language has already garnered an impressive user base of over 175,000 developers and 50,000 organizations since it was made generally available last August. Despite its impressive performance and potential, Mojo's adoption might have stalled initially due to its proprietary status. However, Modular recently decided to open-source Mojo's core components under a customized version of the Apache 2 license. This move will likely accelerate Mojo's adoption and foster a more vibrant ecosystem of collaboration and innovation, similar to how open source has been a key factor in the success of languages like Python.

Developers can now explore Mojo's inner workings, contribute to its development, and learn from its implementation. This collaborative approach will likely lead to faster bug fixes, performance improvements and the addition of new features, ultimately making Mojo more versatile and powerful.
The article also notes other languages "trying to become the go-to choice for AI development" by providing high-performance execution on parallel hardware. Unlike low-level beasts like CUDA and Metal, Bend feels more like Python and Haskell, offering fast object allocations, higher-order functions with full closure support, unrestricted recursion and even continuations. It runs on massively parallel hardware like GPUs, delivering near-linear speedup based on core count with zero explicit parallel annotations — no thread spawning, no locks, mutexes or atomics. Powered by the HVM2 runtime, Bend exploits parallelism wherever it can, making it the Swiss Army knife for AI — a tool for every occasion...

The resurgence of AI-focused programming languages like Mojo, Bend, Swift for TensorFlow, JAX and others marks the beginning of a new era in AI development. As the demand for more efficient, expressive, and hardware-optimized tools grows, we expect to see a proliferation of languages and frameworks that cater specifically to the unique needs of AI. These languages will leverage modern programming paradigms, strong type systems, and deep integration with specialized hardware to enable developers to build more sophisticated AI applications with unprecedented performance. The rise of AI-focused languages will likely spur a new wave of innovation in the interplay between AI, language design and hardware development. As language designers work closely with AI researchers and hardware vendors to optimize performance and expressiveness, we will likely see the emergence of novel architectures and accelerators designed with these languages and AI workloads in mind. This close relationship between AI, language, and hardware will be crucial in unlocking the full potential of artificial intelligence, enabling breakthroughs in fields like autonomous systems, natural language processing, computer vision, and more.

The future of AI development and computing itself are being reshaped by the languages and tools we create today.
In 2017 Modular AI's founder Chris Lattner (creator of the Swift and LLVM) answered questions from Slashdot readers.

"The TIOBE Index sets out to reflect the relative popularity of computer languages," writes i-Programmer, "so it comes as something of a surprise to see two languages dating from the 1950's in this month's Top 20. Having broken into the the Top 20 in April 2021 Fortran has continued to rise and has now risen to it's highest ever position at #10... The headline for this month's report by Paul Jansen on the TIOBE index is:

Fortran in the top 10, what is going on?

Jansen's explanation points to the fact that there are more than 1,000 hits on Amazon for "Fortran Programming" while languages such as Kotlin and Rust, barely hit 300 books for the same search query. He also explains that Fortran is still evolving with the new ISO Fortran 2023 definition published less than half a year ago....

The other legacy language that is on the rise in the TIOBE index is COBOL. We noticed it re-enter the Top 20 in January 2024 and, having dropped out in the interim, it is there again this month.
More details from TechRepublic: Along with Fortran holding on to its spot in the rankings, there were a few small changes in the top 10. Go gained 0.61 percentage points year over year, rising from tenth place in May 2023 to eighth this year. C++ rose slightly in popularity year over year, from fourth place to third, while Java (-3.53%) and Visual Basic (-1.8) fell.
Here's how TIOBE ranked the 10 most popular programming languages in May:

1. Python
2. C
3. C++
4. Java
5. C#
6. JavaScript
7. Visual Basic
8. Go
9. SQL
10. Fortran

On the rival PYPL ranking of programming language popularity, Fortran does not appear anywhere in the top 29.

A note on its page explains that "Worldwide, Python is the most popular language, Rust grew the most in the last 5 years (2.1%) and Java lost the most (-4.0%)." Here's how it ranks the 10 most popular programming languages for May:

1. Python (28.98% share)
2. Java (15.97% share)
3. JavaScript (8.79%)
4. C# (6.78% share)
5. R (4.76% share)
6. PHP (4.55% share)
7. TypeScript (3.03% share)
8. Swift (2.76% share)
9. Rust (2.6% share)

The PHP programming language has sunk to its lowest position ever on the long-running TIOBE index of programming language popularity. It now ranks #17 — lower than Assembly Language, Ruby, Swift, Scratch, and MATLAB. InfoWorld reports: When the Tiobe index started in 2001, PHP was about to become the standard language for building websites, said Paul Jansen, CEO of software quality services vendor Tiobe. PHP even reached the top 3 spot in the index, ranking third several times between 2006 and 2010. But as competing web development frameworks such as Ruby on Rails, Django, and React arrived in other languages, PHP's popularity waned.

"The major driving languages behind these new frameworks were Ruby, Python, and most notably JavaScript," Jansen noted in his statement accompanying the index. "On top of this competition, some security issues were found in PHP. As a result, PHP had to reinvent itself." Nowadays, PHP still has a strong presence in small and medium websites and is the language leveraged in the WordPress web content management system. "PHP is certainly not gone, but its glory days seem to be over," Jansen said.
A note on the rival Pypl Popularity of Programming Language Index argues that the TIOBE Index "is a lagging indicator. It counts the number of web pages with the language name." So while "Objective-C" ranks #30 on TIOBE's index (one rank above Classic Visual Basic), "who is reading those Objective-C web pages? Hardly anyone, according to Google Trends data." On TIOBE's index, Fortran now ranks #10.

Meanwhile, PHP ranks #7 on Pypl (based on the frequency of searches for language tutorials).

TIOBE's top ten?

1. Python
2. C
3. C++
4. Java
5. C#
6. JavaScript
7. Go
8. Visual Basic
9. SQL
10. Fortran

The next two languages, ranked #11 and #12, are Delphi/Object Pascal and Assembly Language.

"It's a bad day for bugs," joked TechCrunch on Wednesday. "Earlier today, Sentry announced its AI Autofix feature for debugging production code..."

And then the same day, BleepingComputer reported that GitHub "introduced a new AI-powered feature capable of speeding up vulnerability fixes while coding." This feature is in public beta and automatically enabled on all private repositories for GitHub Advanced Security customers. Known as Code Scanning Autofix and powered by GitHub Copilot and CodeQL, it helps deal with over 90% of alert types in JavaScript, Typescript, Java, and Python... After being toggled on, it provides potential fixes that GitHub claims will likely address more than two-thirds of found vulnerabilities while coding with little or no editing.

"When a vulnerability is discovered in a supported language, fix suggestions will include a natural language explanation of the suggested fix, together with a preview of the code suggestion that the developer can accept, edit, or dismiss," GitHub's Pierre Tempel and Eric Tooley said...

Last month, the company also enabled push protection by default for all public repositories to stop the accidental exposure of secrets like access tokens and API keys when pushing new code. This was a significant issue in 2023, as GitHub users accidentally exposed 12.8 million authentication and sensitive secrets via more than 3 million public repositories throughout the year.
GitHub will continue adding support for more languages, with C# and Go coming next, according to their announcement.

"Our vision for application security is an environment where found means fixed."

Databricks CTO Matei Zaharia "said that Databricks had to keep track of scheduling a million things," remembers adjunct MIT professor Michael Stonebraker. " He said that this can't be done with traditional operating system scheduling, and so this was done out of a Postgres database. And then he started to whine that Postgres was too slow, and I told him we can do better than that...."

This resulted in DBOS — short for "database operating system" — which they teamed up to build with teams Stanford and MIT, according to The Next Platform: They founded a company to commercialize the idea in April 2023 and secured $8.5 million initial seed funding to start building the real DBOS. Engine Ventures and Construct Capital led the funding, along with Sinewave and GutBrain Ventures...

"The state that the operating system has to keep track of — memory, files, messages, and so on — is approximately linear to the resources you have got," says Stonebraker. "So without me saying another word, keeping track of operating system state is a database problem not addressed by current operating system schedulers. Moreover, OLTP [Online Transaction Processing] database performance has gone up dramatically, and that is why we thought instead of running the database system in user space on top of the operating system, why don't we invert our thinking 180 degrees and run the operating system on top of the database, with all of the operating services are coded in SQL...?"

For now, DBOS can give the same kind of performance as that full blown Linux operating system, and thanks to the distributed database underpinnings of its kernel, it can do things that a Linux kernel just cannot do... One is provide reliable execution, which means that if a program running atop DBOS is ever interrupted, it starts where it left off and does not have to redo its work from some arbitrary earlier point and does not crash and have to start from the beginning. And because every little bit of the state of the operating system — and therefore the applications that run atop it — is preserved, you can go backwards in time in the system and restart the operating system if it experiences some sort of anomaly, such as a bad piece of application software running or a hack attack. You can use this "time travel" feature, as Stonebraker calls it, to reproduce what are called heisenbugs — ones that are very hard to reproduce precisely because there is no shared state in the distributed Linux and Kubernetes environment and that are increasingly prevalent in a world of microservices.

The other benefit of the DBOS is that it presents a smaller attack surface for hackers, which boosts security, and that you analyze the metrics of the operating system in place since they are already in a NoSQL database that can be queried rather than aggregating a bunch of log files from up and down the software stack to try to figure out what is going on...

There is also a custom tier for DBOS, which we presume costs money, that can use other databases and datastores for user application data, stores more than three days of log data, can have multiple users per account, that adds email and Slack support with DBOS techies, and that is available on other clouds as well as AWS.
The operating system kernel/scheduler "is itself largely a database," with services written in TypeScript, according to the article. The first iteration used the FoundationDB distributed key-value store for its scheduling core (open sourced by Apple in 2018), according to the article — "a blazingly fast NoSQL database... Stonebraker says there is no reason to believe that DBOS can't scale across 1 million cores or more and support Java, Python, and other application languages as they are needed by customers..."

And the article speculates they could take things even further. "There is no reason why DBOS cannot complete the circle and not only have a database as an operating system kernel, but also have a relational database as the file system for applications."

Rust's official survey team released results from their 8th annual survey "focused on gathering insights and feedback from Rust users". In terms of operating systems used by Rustaceans, the situation is very similar to the results from 2022, with Linux being the most popular choice of Rust users [69.7%], followed by macOS [33.5%] and Windows [31.9%], which have a very similar share of usage. Rust programmers target a diverse set of platforms with their Rust programs, even though the most popular target by far is still a Linux machine [85.4%]. We can see a slight uptick in users targeting WebAssembly [27.1%], embedded and mobile platforms, which speaks to the versatility of Rust.

We cannot of course forget the favourite topic of many programmers: which IDE (developer environment) do they use. Visual Studio Code still seems to be the most popular option [61.7%], with RustRover (which was released last year) also gaining some traction [16.4%].
The site ITPro spoke to James Governor, co-founder of the developer-focused analyst firm RedMonk, who said Rust's usage is "steadily increasing", pointing to its adoption among hyperscalers and cloud companies and in new infrastructure projects. "Rust is not crossing over yet as a general-purpose programming language, as Python did when it overtook Java, but it's seeing steady growth in adoption, which we expect to continue. It seems like a sustainable success story at this point."

But InfoWorld writes that "while the use of Rust language by professional programmers continues to grow, Rust users expressed concerns about the language becoming too complex and the low level of Rust usage in the tech industry." Among the 9,374 respondents who shared their main worries for the future of Rust, 43% were most concerned about Rust becoming too complex, a five percentage point increase from 2022; 42% were most concerned about low usage of Rust in the tech industry; and 32% were most concerned about Rust developers and maintainers not being properly supported, a six percentage point increase from 2022. Further, the percentage of respondents who were not at all concerned about the future of Rust fell, from 30% in 2022 to 18% in 2023.

The Tiobe index tries to gauge the popularity of programming languages based on search results for courses, programmers, and third-party vendors, according to InfoWorld.

And by that criteria, "Google's Go language, or golang, has reached its highest position ever..." The language, now in the eighth ranked position for language popularity, has been on the rise for several years.... In 2015, Go hit position #122 in the TIOBE index and all seemed lost," said Paul Jansen, CEO of Tiobe. "One year later, Go adopted a very strict 'half-a-year' release cycle — backed up by Google. Every new release, Go improved... Nowadays, Go is used in many software fields such as back-end programming, web services and APIs," added Jansen...

Elsewhere in the February release of Tiobe's index, Google's Carbon language, positioned as a successor to C++, reached the top 100 for the first time. Python is #1 on both TIOBE's index and the alternative Pypl Popularity of Programming Language index, which InfoWorld says "assesses language popularity based on how often language tutorials are searched on in Google." But the two lists differ on whether Java and JavaScript are more popular than C-derived languages — and which languages should then come after them. (Go ranks #12 on the Pypl index...)

TIOBE's calculation of the 10 most-popular programming languages:

1. Python
2. C
3. C++
4. Java
5. C#
6. JavaScript
7. SQL
8. Go
9. Visual Basic
10. PHP

Pypl's calculation of the 10 most-popular programming languages:

1. Python
2. Java
3. JavaScript
4. C/C++
5. C#
6. R
7. PHP
8. TypeScript
9. Swift
10. Objective-C

On Tuesday, The Independent, Tom's Hardware, and many other tech outlets reported on a story about how three million smart toothbrushes were used in a DDoS attack. The only problem? It "didn't actually happen," writes Jason Koebler via 404 Media. "There are no additional details about this apparent attack, and most of the article cites general research by a publicly traded cybersecurity company called Fortinet which has detected malicious, hijacked internet of things devices over the years. A search on Fortinet's website shows no recent published research about hacked smart toothbrushes." From the report: The original article, called "The toothbrushes are attacking," starts with the following passage: "She's at home in the bathroom, but she's part of a large-scale cyber attack. The electric toothbrush is programmed with Java, and criminals have unnoticed installed malware on it - like on 3 million other toothbrushes. One command is enough and the remote-controlled toothbrushes simultaneously access the website of a Swiss company. The site collapses and is paralyzed for four hours. Millions of dollars in damage is caused. This example, which seems like a Hollywood scenario, actually happened. It shows how versatile digital attacks have become." [...]

The "3 million hacked smart toothbrushes" story has now been viral for more than 24 hours and literally no new information about it has emerged despite widespread skepticism from people in the security industry and its virality. The two Fortinet executives cited in the original report did not respond to an email and LinkedIn message seeking clarification, and neither did Fortinet's PR team. The author of the Aargauer Zeitung story also did not respond to a request for more information. I called Fortinet's headquarters, asked to speak to the PR contact listed on the press release about its earnings, which was published after the toothbrush news began to go viral, and was promptly disconnected. The company has continued to tweet about other, unrelated things. They have not responded to BleepingComputer either, nor the many security researchers who are asking for further proof that this actually happened. While we don't know how this happened, Fortinet has been talking specifically about the dangers of internet-connected toothbrushes for years, and has been using it as an example in researcher talks. In a statement to 404 Media, Fortinet said "To clarify, the topic of toothbrushes being used for DDoS attacks was presented during an interview as an illustration of a given type of attack, and it is not based on research from Fortinet or FortiGuard Labs. It appears that due to translations the narrative on this topic has been stretched to the point where hypothetical and actual scenarios are blurred."

An anonymous reader quotes a report from Tom's Hardware: According to a recent report published by the Aargauer Zeitung (h/t Golem.de), around three million smart toothbrushes have been infected by hackers and enslaved into botnets. The source report says this sizable army of connected dental cleansing tools was used in a DDoS attack on a Swiss company's website. The firm's site collapsed under the strain of the attack, reportedly resulting in the loss of millions of Euros of business. In this particular case, the toothbrush botnet was thought to have been vulnerable due to its Java-based OS. No particular toothbrush brand was mentioned in the source report. Normally, the toothbrushes would have used their connectivity for tracking and improving user oral hygiene habits, but after a malware infection, these toothbrushes were press-ganged into a botnet.

Stefan Zuger from the Swiss branch of the global cybersecurity firm Fortinet provided the publication with a few tips on what people could do to protect their own toothbrushes -- or other connected gadgetry like routers, set-top boxes, surveillance cameras, doorbells, baby monitors, washing machines, and so on. "Every device that is connected to the Internet is a potential target -- or can be misused for an attack," Zuger told the Swiss newspaper. The security expert also explained that every connected device was being continually probed for vulnerabilities by hackers, so there is a real arms race between device software/firmware makers and cyber criminals. Fortinet recently connected an 'unprotected' PC to the internet and found it took only 20 minutes before it became malware-ridden. UPDATE 1/7/24: This attack "didn't actually happen," writes Jason Koebler via 404 Media. "There are no additional details about this apparent attack, and most of the article cites general research by a publicly traded cybersecurity company called Fortinet which has detected malicious, hijacked internet of things devices over the years. A search on Fortinet's website shows no recent published research about hacked smart toothbrushes."

The cybersecurity firm Fortinet said in a statement: "To clarify, the topic of toothbrushes being used for DDoS attacks was presented during an interview as an illustration of a given type of attack, and it is not based on research from Fortinet or FortiGuard Labs. It appears that due to translations the narrative on this topic has been stretched to the point where hypothetical and actual scenarios are blurred. FortiGuard Labs has not observed Mirai or other IoT botnets target toothbrushes or similar embedded devices."

"Oracle's plans to evolve Java in 2024 involve OpenJDK projects," writes InfoWorld, citing a recent video by Oracle Java developer relations representative Nicolai Parlog. (Though many improvements may not be usable until 2025 or later...) - For Project Babylon, Parlog cited plans for code reflection, expanding the reflection API, and allowing transformation of Java code inside a method. The goal is to allow developers to write Java code that libraries then can interpret as a mathematical function, for example. The Babylon team in coming weeks plans to publish work on use cases such as auto-differentiating, C# LINQ emulation, and GPU programming.

- In Project Leyden, which is aimed at improving startup times, plans for 2024 involve refining the concept of condensers and working toward the production-readiness of prototype condensers.

- In Project Amber, current features in preview include string templates, a simplified main method, and statements before this() and super(). "I expect all three to finalize in 2024," said Parlog. Under exploration are capabilities such as primitive types in patterns and with expressions.

- In Project Valhalla, work will focus on value classes and objects, which provide class instances that have only final instance fields and lack object identity [to] significantly reduce the run time overhead of boxed Integer, Double, and Byte objects...

- In Project Lilliput, aimed at downsizing Java object headers in the HotSpot JVM and reducing Java's memory footprint, work now centers on polishing a fast-locking scheme.

- Project Panama, for interconnecting JVM and native C code, "has three irons in the fire," Parlog said.

It's a geek tradition that started online back in 2000. Programming language "advent calendars" offer daily tips about a programming language (if not a Christmas-themed programming puzzle) -- one a day through December 25th.

And 2023 finds a wide variety of fun sites to choose from:

• For example, there's 24 coding challenges at the Advent of JavaScript site (where "each challenge includes all the HTML and CSS you need to get started, allowing you to focus on the JavaScript.") And there's another 24 coding challenges on a related site... Advent of CSS.

• The cyber security training platform "TryHackMe.com" even coded up a site they call "Advent of Cyber," daring puzzle-solvers to "kickstart your cyber security career by engaging in a new, beginner-friendly exercise every day leading up to Christmas!"

• The programming puzzles at Advent of Code are continuing through the 25th (though so far less than 30,000 people have solved both parts of Saturday's challenge.)

• Every year since 2000 there's also been a new edition of the Perl Advent Calendar, and this month Year 23 started off with goodies from Perl's massive module repository, CPAN. (Specifically its elf-themed story references the Music::MelodicDevice::Ornamentation module) -- along with the MIDI::Util library and TiMidity++, a software synthesizer that can play MIDI files without a hardware synthesizer.)

• Meanwhile, since 2009 there's also been an advent calendar for Raku (the programming language formerly known as Perl 6), promising an article a day. (Day One's entry was titled "Rocking Raku Meets Stodgy Debian...")

• James Bennett, from the Django project's core team, is even attempting a Python/Django Advent calendar.

• There's also a JVM advent calendar for the Java Virtual Machine, plus another advent calendar promising daily posts about C#.

• The HTMHell site — which bills itself as "a collection of bad practices in HTML, copied from real websites" — is celebrating the season with the "HTMHell Advent Calendar," promising daily articles on security, accessibility, UX, and performance.