Malware distributors "have started disseminating real-time, accurate information about global infection rates tied to the Coronavirus/COVID-19 pandemic in a bid to infect computers with malicious software," reports security researcher Brian Krebs: In one scheme, an interactive dashboard of Coronavirus infections and deaths produced by Johns Hopkins University is being used in malicious Web sites (and possibly spam emails) to spread password-stealing malware. Late last month, a member of several Russian language cybercrime forums began selling a digital Coronavirus infection kit that uses the Hopkins interactive map as part of a Java-based malware deployment scheme.

The kit costs $200 if the buyer already has a Java code signing certificate, and $700 if the buyer wishes to just use the seller's certificate. "It loads [a] fully working online map of Corona Virus infected areas and other data," the seller explains. "Map is resizable, interactive, and has real time data from World Health Organization and other sources. Users will think that PreLoader is actually a map, so they will open it and will spread it to their friends and it goes viral...!" The sales thread claims the customer's payload can be bundled with the Java-based map into a filename that most Webmail providers allow in sent messages... The seller says the user/victim has to have Java installed for the map and exploit to work, but that it will work even on fully patched versions of Java...

It's unclear how many takers this seller has had, but earlier this week security experts began warning of new malicious Web sites being stood up that used interactive versions of the same map to distract visitors while the sites tried to foist the password-stealing AZORult malware.

Ars Technica's senior tech reporter took a long long at Google's reimplementation of Java in Android -- and the lawsuit filed against it by Oracle in 2010. And he discovers "a possible downside" to Oracle's stance on API copyrights. If anyone should understand the importance of such copying, it's Oracle. After all, Oracle got its start in the 1970s selling a database product based on the then-new structured query language (SQL). SQL was invented by IBM. And Oracle doesn't seem to have gotten a license to use it...

Oracle's copying of SQL seems pretty similar to Google's copying of Java. But an Oracle spokeswoman disagrees. "It's an incorrect premise, comparing apples with broccoli, and being completely divorced from the facts of the case," she wrote in a Tuesday email.

America's Supreme Court will soon decide whether Google infringed on a copyright that Oracle says it holds on the APIs of Java. But this week Oracle's executive vice president also wrote a blog post arguing that Google "sought the support of outside groups to bolster its position" by using friend-of-the-court briefs to "create the impression that this case is of great import and controversy, and a ruling in Oracle's favor will impede innovation."

"Upon closer inspection, what these briefs reveal is a significantly different picture, one where Google is the outlier, with very little meaningful support outside the purview of its financial fingerprints." As we discussed in a previous post, this case is not about innovation, it is about theft. Google copied verbatim more than 11,000 lines of software code, and now attempts post hoc to change the rules in order to excuse its conduct... As those of us that have watched Google over the past few decades know, Google's view boils down to the self-absorbed position that the work it is doing is of such consequence that the rules shouldn't apply to them. The problem for Google is that very few outside of its self-generated atmosphere agree.

Let's be clear, it is not commonplace or foundational in the software industry to steal other developer's software code. Rather, what is commonplace is a confluence of interests where code is licensed to facilitate its widespread deployment, with the owner choosing the terms... Java embraced choice, with three different licensing alternatives, including a freely deployed open source license, and a commercial license designed to maintain interoperability. And it turns out that nobody except Google found it necessary to steal despite Java's enormous popularity. It is not in dispute in this matter that Google destroyed Java interoperability so it is unbelievable that many of its amici take the position that Google needs to prevail in order to protect interoperability...

Out of 26 briefs, we found:

- 7 briefs representing 13 entities that received "substantial contributions" from Google;

- 8 briefs filed by entities or individuals that have financial ties to Google through grants, dues, cy pres settlement proceeds or employment of individual amici;

- 2 briefs filed by companies with a clear commercial interest in Google prevailing;

- 1 brief filed by several former U.S. government employees all of whom worked for a small government agency run by a former Google executive, despite the U.S. government itself filing a brief in favor of Oracle;

- 4 separate briefs representing a total of 7 individuals;

- A few other briefs where Google financial ties are likely;

- 1 brief submitted by a serial copyright infringer repeatedly sanctioned by the Courts;

What masqueraded as a mass show of support for Google, may not be much more than an exercise in transactional interests.
The groups Oracle is criticizing include the American Library Association, EFF, and the Python Software Foundation, as well as a brief by 83 computer scientists which included Doug Lea, a former memeber of the executive committee of the Java Community Process. Oracle's blog post also makes the argument that besides Microsoft and IBM, "not a single brief from the other 98 of the Top 100 tech companies was filed."

There was a response on Twitter from Joshua Bloch, who worked on the Java platform at Sun before leaving in 2004 to become Google's chief Java architect for the next 8 years. He called Oracle's blog post "nonsense." For example, Doug Lea -- who is in no small measure responsible for Java's success -- accepted one small grant from Google fourteen years ago, and promptly doled it out to deserving undergrads who were testing java.util.concurrent. Have you no shame, Oracle?

We are not Google shills. We are scientists and engineers. Some of us laid the theoretical groundwork for the profession, some designed the computers you grew up on, and some wrote the software you use every day.

We depend on the right to reimplement each others' APIs, and we are truly afraid that your irresponsible lawsuit may deprive us of that right, which we've enjoyed throughout our long careers.

The tech jobs marketplace at Hired.com crunched their data on more than 400,000 interview requests and job offers over the last year to produce their annual "State of Software Engineers" report. Among its surprising insights: software engineers with more than 10 years of experience get 20% fewere interview requests than engineers with 4 to 10 years of experience.

Other insights: Demand for AR/VR talent is up by 1400%, mirroring blockchain's 517% demand growth last year... In large U.S. tech hubs AR/VR engineer salaries range from $135k - $150k... 46% of software engineers rank AR/VR as one of the top 3 technologies they'd like to learn in 2020... If you work in AR/VR, you may want to move to San Francisco, where they pay $150k/year on average.
The next-highest growth in demand came for "gaming engineers" and "computer vision engineers" -- with both positions seeing a 146% increase in demand over 2018. The next-highest demand growth was for "search engineers" (increasing 137%) and for "machine learning engineers" (increasing 89%). Demand for "blockchain engineers" increased by just 9%.

But they also report that demand for frontend and backend engineers "grew steadily by 17%, which shows that all companies -- not just Silicon Valley tech giants -- are evolving into being tech companies..." The worldwide process of digital transformation, while something of a buzzword, reflects a critical truth: every company is now a technology company. Whether the company is Bank of America, Alaska Airlines, Sainsbury's, or Tesla, investment in top software engineering talent isn't a future ambition, it's a matter of survival.
And the #1 most-desired coding skill was Go (for the second year in a row), "garnering an average of 9.2 interview requests for every Go-skilled candidate..." But there may be a larger trend. All told, the number of interview requests across all languages remained nearly constant year-over-year, with only minor fluctuations in average requests, and zero change in how each language ranked against others. This could suggest that supply for these skills has not yet caught up with demand...

According to Robert Half, 67% of IT managers plan to expand their teams in areas such as security, cloud computing and business intelligence, but 89% reported challenges in recruiting that talent. Those challenges in hiring are even greater for roles related to machine learning, artificial intelligence, and blockchain.
Their analysis concludes the most in-demand programming languages are Go, Scala, Ruby, TypeScript, Kotlin, Objective C, JavaScript, Swift, PHP, Java, HTML, and then Python -- though Python, JavaScript, and Java are engineers' favorite coding languages, "largely because of their useful and well-maintained libraries and packages..."

"Ruby, PHP and Objective C are ranked the least favorite (and least fun) languages for software engineers."

An anonymous reader quotes ZDNet: Python is tying with Java as the second most popular programming language behind JavaScript, according to developer analyst RedMonk's latest ranking.

The second spot for Python is the highest position it's ever attained in RedMonk's list of top programming languages, which is based on an analysis of GitHub and Stack Overflow data. Historically, Python has been steady in fourth position but it rose to third spot three years ago in RedMonk's tables... Python has been rising across several programming language popularity indexes, including Tiobe and IEEE Spectrum.

Microsoft-maintained TypeScript for large-scale JavaScript projects has also risen one place to ninth position along with C... Rust is a popular language among developers who discuss technical challenges on StackOverflow, but it hasn't moved from its spot at 21.

America's Justice Department "has filed a brief in support of Oracle in its Supreme Court battle against Google over whether Java should have copyright protection," reports ZDNet: The Justice Department filed its amicus brief to the Supreme Court this week, joining a mighty list of briefs from major tech companies and industry luminaries — including Scott McNealy, co-founder of Sun, which Oracle bought in 2010, acquiring Sun-built Java in the process. While Microsoft, IBM and others have backed Google's arguments in the decade-long battle, McNealy, like the Justice Department, is opposing Google. McNealy called Google's description of how it uses Java packages a "woeful mischaracterization of the artful design of the Java packages" and "an insult to the hard-working developers at Sun who made Java such a success...."

Joe Tucci, former CEO of now Dell-owned enterprise storage giant EMC, threw in his two cents against Google. "Accepting Google's invitation to upend that system by eliminating copyright protection for creative and original computer software code would not make the system better — it would instead have sweeping and harmful effects throughout the software industry," Tucci's brief reads.
Oracle is also questioning the motives of Google's allies, reports The Verge: After filing a Supreme Court statement last week, Oracle VP Ken Glueck posted a statement over the weekend assailing the motives of Microsoft, IBM, and the CCIA industry group, all of which have publicly supported Google. Glueck's post comes shortly after two groups — an interdisciplinary panel of academics and the American Conservative Union Foundation — submitted legal briefs supporting Oracle. Both groups argued that Google should be liable for copying code from the Java language for the Android operating system. The ACUF argued that protecting Oracle's code "is fundamental to a well-ordered system of private property rights and indeed the rule of law itself...."

Earlier this year, Google garnered around two dozen briefs supporting its position. But Oracle claims that in reality, "Google appears to be virtually alone — at least among the technology community." Glueck says Google's most prominent backers had ulterior motives or "parochial agendas"; either they were working closely with Google, or they had their own designs on Java...

Even if you accept Oracle's arguments wholeheartedly, there's a long list of other Google backers from the tech community. Advocacy groups like the Electronic Frontier Foundation and the Center for Democracy and Technology signed on to amicus briefs last month, as did several prominent tech pioneers, including Linux creator Linus Torvalds and Apple cofounder Steve Wozniak. The CCIA brief was signed by the Internet Association, a trade group representing many of the biggest companies in Silicon Valley. Patreon, Reddit, Etsy, the Mozilla Corporation, and other midsized tech companies also backed a brief raising "fundamental concerns" about Oracle's assertions.

kimanaw shares a report: The Trump administration urged the U.S. Supreme Court to reject an appeal by Alphabet's Google, boosting Oracle's bid to collect more than $8 billion in royalties for Google's use of copyrighted programming code in the Android operating system. The administration weighed in on the high-stakes case on the same day that President Donald Trump attended a re-election campaign fundraiser in California hosted by Oracle's co-founder, billionaire Larry Ellison. Ellison hosted a golf outing and photos with Trump. The event cost a minimum of $100,000 per couple to attend, with a higher ticket price of $250,000 for those who wanted to participate in a policy roundtable with the president, the Palm Springs Desert Sun reported. Google is challenging an appeals court ruling that it violated Oracle copyrights when it included some Oracle-owned Java programming code in Android. The dispute has split Silicon Valley, pitting developers of software code against companies that use the code to create programs. Google's "verbatim copying" of Oracle's code into a competing product wasn't necessary to foster innovation, the U.S. Solicitor General Noel Francisco said Wednesday in a filing with the court.

Phoronix's Michael Larabel is doing some performance testing on Walmart's $199 Motile-branded M141 laptop (which has an AMD Ryzen 3 3200U processor, Vega 3 graphics, 4GB of RAM, and a 14-inch 1080p display).

But first he compared the performance of its pre-installed Windows 10 OS against the forthcoming Ubuntu 20.04 LTS Linux distribution.

Some highlights: - Java text rendering performance did come out much faster on Ubuntu 20.04 with this Ryzen 3 3200U laptop...

- The GraphicsMagick imaging program tended to run much better on Linux, which we've seen on other systems in the past as well.

- Intel's Embree path-tracer was running faster on Ubuntu...

- Various video benchmarks were generally favoring Ubuntu for better performance though I wouldn't recommend much in the way of video encoding from such a low-end device...

- The GIMP image editing software was running much faster on Ubuntu 20.04 in its development state than GIMP 2.10 on Windows 10...

- Python 3 performance is still much faster on Linux than Windows.

- If planning to do any web/LAMP development from the budget laptop and testing PHP scripts locally, Ubuntu's PHP7 performance continues running much stronger than Windows 10. - Git also continues running much faster on Linux.
Their conclusion? "Out of 63 tests ran on both operating systems, Ubuntu 20.04 was the fastest... coming in front 60% of the time." (This sounds like 38 wins for Ubuntu versus 25 wins for Windows 10.)

"If taking the geometric mean of all 63 tests, the Motile $199 laptop with Ryzen 3 3200U was 15% faster on Ubuntu Linux over Windows 10."

From a report: JetBrains has added further destinations to the IntelliJ-based roadmap it sketched out last year, promising more localization, machine learning and Git integration amongst a range of other goodies for the Java IDE...

The Prague-based firm's CTO Dimitry Jemerov said users had long asked to be able to use its IDEs for "general purpose text editing". While this is possible to some degree currently, in some situations it created a temporary project file, leading to disk clutter and "other inconveniences". However, recent performance improvements mean "the possibility of using our IDEs as lightweight text editors has become more plausible, so we're now building a dedicated mode for editing non-project files. In this mode, the IDE will work more like a simple text editor." This will be faster, he promised, but the feature set will be very limited and "you'll be able to easily switch to the full project mode if you need to use features such as refactoring or debugging...

Other upcoming features include more machine learning. Jemerov said this was already being used to improve code completion, but would now be rolled out for other completion features. "We're teaching ML completion to make better use of the context for ranking completion suggestions and to generate completion variants that go beyond a single identifier (full-line completion)". That might take a while, he said, but was a "major area where we are investing our efforts."

Monday Red Hat and IBM jointly filed their own amicus brief with the U.S. Supreme Court in the "Google vs. Oracle" case, arguing that APIs cannot be copyrighted.

"That simple, yet powerful principle has been a cornerstone of technological and economic growth for over sixty years. When published (as has been common industry practice for over three decades) or lawfully reverse engineered, they have spurred innovation through competition, increased productivity and economic efficiency, and connected the world in a way that has benefited commercial enterprises and consumers alike."

An anonymous reader quotes Red Hat's announcement of the brief: "The Federal Circuit's unduly narrow construction of 17 U.S.C. 102(b) is harmful to progress, competition, and innovation in the field of software development," Red Hat stated in the brief. "IBM and Red Hat urge the Court to reverse the decision below on the basis that 17 U.S.C. 102(b) excludes software interfaces from copyright protection...."

The lower court incorrectly extended copyright protection to software interfaces. If left uncorrected, the lower court rulings could harm software compatibility and interoperability and have a chilling effect on the innovation represented by the open source community... Red Hat's significant involvement with Java development over the last 20 years has included extensive contributions to OpenJDK, an open source implementation of the Java platform, and the development of Red Hat Middleware, a suite of Java-based middleware solutions to build, integrate, automate and deploy enterprise applications. As an open source leader, Red Hat has a stake in the consistent and correct determination of the scope of copyright protection that applies to interfaces of computer programs, including the Java platform interface at stake in this case.

Open source software development relies on the availability of and unencumbered access to software interfaces, including products that are compatible with or interoperate with other computer products, platforms, and services...

"Not sure if this is good news (Oracle is very busy patching their stuff) or bad news (Oracle is very busy patching their stuff) but this quarterly cycle they tied their all-time high number of vulnerability fixes released," writes Slashdot reader bobthesungeek76036. "And they are urging folks to not drag their feet in deploying these patches." Threatpost reports: The software giant patched 300+ bugs in its quarterly update. Oracle has patched 334 vulnerabilities across all of its product families in its January 2020 quarterly Critical Patch Update (CPU). Out of these, 43 are critical/severe flaws carrying CVSS scores of 9.1 and above. The CPU ties for Oracle's previous all-time high for number of patches issued, in July 2019, which overtook its previous record of 308 in July 2017. The company said in a pre-release announcement that some of the vulnerabilities affect multiple products. "Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update patches as soon as possible," it added.

"Some of these vulnerabilities were remotely exploitable, not requiring any login data; therefore posing an extremely high risk of exposure," said Boris Cipot, senior security engineer at Synopsys, speaking to Threatpost. "Additionally, there were database, system-level, Java and virtualization patches within the scope of this update. These are all critical elements within a company's infrastructure, and for this reason the update should be considered mandatory. At the same time, organizations need to take into account the impact that this update could have on their systems, scheduling downtime accordingly."

Indonesia's Lion Air considered putting its pilots through simulator training before flying the Boeing 737 Max but abandoned the idea after the planemaker convinced them in 2017 it was unnecessary, Bloomberg reported Tuesday, citing people familiar with the matter and internal company communications. From the report: The next year, 189 people died when a Lion Air 737 Max plunged into the Java Sea, a disaster blamed in part on inadequate training and the crew's unfamiliarity with a new flight-control feature on the Max that malfunctioned. Boeing employees had expressed alarm among themselves over the possibility that one of the company's largest customers might require its pilots to undergo costly simulator training before flying the new 737 model, according to internal messages that have been released to the media. Those messages, included in the more than 100 pages of internal Boeing communications that the company provided to lawmakers and the U.S. Federal Aviation Administration and released widely on Thursday, had Lion Air's name redacted.

Areyoukiddingme writes: EFF has filed an amicus brief with the U.S. Supreme Court in Google v. Oracle, arguing that APIs are not copyrightable. From the press release: "The Electronic Frontier Foundation (EFF) today asked the U.S. Supreme Court to rule that functional aspects of Oracle's Java programming language are not copyrightable, and even if they were, employing them to create new computer code falls under fair use protections. The court is reviewing a long-running lawsuit Oracle filed against Google, which claimed that Google's use of certain Java application programming interfaces (APIs) in its Android operating system violated Oracle's copyrights. The case has far-reaching implications for innovation in software development, competition, and interoperability.

In a brief filed today, EFF argues that the Federal Circuit, in ruling APIs were copyrightable, ignored clear and specific language in the copyright statute that excludes copyright protection for procedures, processes, and methods of operation. 'Instead of following the law, the Federal Circuit decided to rewrite it to eliminate almost all the exclusions from copyright protection that Congress put in the statute,' said EFF Legal Director Corynne McSherry. 'APIs are not copyrightable. The Federal Circuit's ruling has created a dangerous precedent that will encourage more lawsuits and make innovative software development prohibitively expensive. Fortunately, the Supreme Court can and should fix this mess.'" Oral arguments before the U.S. Supreme Court are scheduled for March 2020, and a decision by June.

This week a former engineer for the Microsoft Windows Core OS Division shared an insightful (and very entertaining) list with "some changes I have noticed over the last 20 years" in the computer programming world. Some excerpts: - Some programming concepts that were mostly theoretical 20 years ago have since made it to mainstream including many functional programming paradigms like immutability, tail recursion, lazily evaluated collections, pattern matching, first class functions and looking down upon anyone who don't use them...

- 3 billion devices run Java. That number hasn't changed in the last 10 years though...

- A package management ecosystem is essential for programming languages now. People simply don't want to go through the hassle of finding, downloading and installing libraries anymore. 20 years ago we used to visit web sites, downloaded zip files, copied them to correct locations, added them to the paths in the build configuration and prayed that they worked.

- Being a software development team now involves all team members performing a mysterious ritual of standing up together for 15 minutes in the morning and drawing occult symbols with post-its....

- Since we have much faster CPUs now, numerical calculations are done in Python which is much slower than Fortran. So numerical calculations basically take the same amount of time as they did 20 years ago...

- Even programming languages took a side on the debate on Tabs vs Spaces....

- Code must run behind at least three levels of virtualization now. Code that runs on bare metal is unnecessarily performant....

- A tutorial isn't really helpful if it's not a video recording that takes orders of magnitude longer to understand than its text.

- There is StackOverflow which simply didn't exist back then. Asking a programming question involved talking to your colleagues.

- People develop software on Macs.
In our new world where internet connectivity is the norm and being offline the exception, "Security is something we have to think about now... Because of side-channel attacks we can't even trust the physical processor anymore."

And of course, "We don't use IRC for communication anymore. We prefer a bloated version called Slack because we just didn't want to type in a server address...."

Former Slashdot contributor Nick Kolakowski is now a senior editor at Dice Insights, where he's just published a list of the top programming skills employers were looking for during the last 30 days.
If you're a software developer on the hunt for a new gig (or you're merely curious about what programming skills employers are looking for these days), one thing is clear: employers really, really, really want technologists who know how to build, maintain, and scale everything database- (and data-) related.

We've come to that conclusion after analyzing data about programming skills from Burning Glass, which collects and organizes millions of job postings from across the country.
The biggest takeaway? "When it comes to programming skills, employers are hungriest for SQL." Here's their ranking of the top most in-demand skills:

1. SQL
2. Java
3. "Software development"
4. "Software engineering"
5. Python
6. JavaScript
7. Linux
8. Oracle
9. C#
10. Git

The list actually includes the top 18 programming skills, but besides languages like C++ and .NET, it also includes more generalized skills like "Agile development," "debugging," and "Unix."

But Nick concludes that "As a developer, if you've mastered database and data-analytics skills, that makes you insanely valuable to a whole range of companies out there."

Which programming language saw the biggest jump on TIOBE's index of language popularity over the last year?

Unlike last year -- it's not Python. An anonymous reader quotes TIOBE.com: It is good old language C that wins the award this time with an yearly increase of 2.4%... The major drivers behind this trend are the Internet of Things (IoT) and the vast amount of small intelligent devices that are released nowadays...

Runners up are C# (+2.1%), Python (+1.4%) and Swift (+0.6%)...

Other interesting winners of 2019 are Swift (from #15 to #9) and Ruby (from #18 to #11). Swift is a permanent top 10 player now and Ruby seems [destined] to become one soon.

Some languages that were supposed to break through in 2019 didn't: Rust won only 3 positions (from #33 to #30), Kotlin lost 3 positions (from #31 to #35), Julia lost even 10 positions (from #37 to #47) and TypeScript won just one position (from #49 to #48).
And here's the new top 10 programming languages right now, according to TIOBE's January 2020 index.

• Java
• C
• Python
• C++
• C# (up two positions from January 2019)
• Visual Basic .NET (down one position from January 2019)
• JavaScript (down one position from January 2019)
• PHP
• Swift (up six positions from January 2019)
• SQL (down one position from January 2019)

"Linux kernel head Linus Torvalds has warned engineers against adding a module for the ZFS filesystem that was designed by Sun Microsystems -- and now owned by Oracle -- due to licensing issues," reports ZDNet: As reported by Phoronix, Torvalds has warned kernel developers against using ZFS on Linux, an implementation of OpenZFS, and refuses to merge any ZFS code until Oracle changes the open-source license it uses.

ZFS has long been licensed under Sun's Common Development and Distribution License as opposed to the Linux kernel, which is licensed under GNU General Public License (GPL). Torvalds aired his opinion on the matter in response to a developer who argued that a recent kernel change "broke an important third-party module: ZFS". The Linux kernel creator says he refuses to merge the ZFS module into the kernel because he can't risk a lawsuit from "litigious" Oracle -- which is still trying to sue Google for copyright violations over its use of Java APIs in Android -- and Torvalds won't do so until Oracle founder Larry Ellison signs off on its use in the Linux kernel.

"If somebody adds a kernel module like ZFS, they are on their own. I can't maintain it and I cannot be bound by other people's kernel changes," explained Torvalds. "And honestly, there is no way I can merge any of the ZFS efforts until I get an official letter from Oracle that is signed by their main legal counsel or preferably by Larry Ellison himself that says that yes, it's OK to do so and treat the end result as GPL'd," Torvalds continued.

"Other people think it can be OK to merge ZFS code into the kernel and that the module interface makes it OK, and that's their decision. But considering Oracle's litigious nature, and the questions over licensing, there's no way I can feel safe in ever doing so."

Long-time Slashdot reader twocows writes: Hyperbola GNU/Linux, a FSF-approved distribution of GNU/Linux, has declared their intent to fork OpenBSD and become HyperbolaBSD..."
The news came earlier this week in a roadmap announcement promising "a completely new OS derived from several BSD implementations" (though Hyperbola was originally based on Arch snapshots and Debian development).

"This was not an easy decision to make, but we wish to use our time and resources to create a viable alternative to the current operating system trends which are actively seeking to undermine user choice and freedom." In 2017 Hyperbola dropped its support for systemd -- but its concerns go far beyond that: This will not be a "distro", but a hard fork of the OpenBSD kernel and userspace including new code written under GPLv3 and LGPLv3 to replace GPL-incompatible parts and non-free ones.

Reasons for this include:

- Linux kernel forcing adaption of DRM, including HDCP.

- Linux kernel proposed usage of Rust (which contains freedom flaws and a centralized code repository that is more prone to cyber attack and generally requires internet access to use.)

- Linux kernel being written without security and in mind. (KSPP is basically a dead project and Grsec is no longer free software)

- Many GNU userspace and core utils are all forcing adaption of features without build time options to disable them. E.g. (PulseAudio / SystemD / Rust / Java as forced dependencies....)

HyperbolaBSD is intended to be modular and minimalist so other projects will be able to re-use the code under free license.

An anonymous reader quotes Mike Melanson's "This Week in Programming" column: WebAssembly is a binary instruction format for a stack-based virtual machine and this week, the World Wide Web Consortium (W3C) dubbed it an official web standard and the fourth language for the Web that allows code to run in the browser, joining HTML, CSS and JavaScript... With this week's news, WebAssembly has officially reached version 1.0 and is supported in the browser engines for Firefox, Chrome, Safari, and Internet Explorer, and the Bytecode Alliance launched last month to help ensure "a WebAssembly ecosystem that is secure by default" and for bringing WebAssembly to outside-the-browser use.

Of course, not everything is 100% rosy. As pointed out by an article in The Register, WebAssembly also brings with it an increased level of obfuscation of what exactly is going on, giving it an increased ability to perform some surreptitious actions. For example, they cite one study that "found 'over 50 percent of all sites using WebAssembly apply it for malicious deeds, such as [crypto] mining and obfuscation.'" Nonetheless, with WebAssembly gaining this designation by W3C, it is, indeed, time to pay closer attention to the newly nominated Web language standard.

The WebAssembly Working Group has published today the three WebAssembly specifications as W3C Recommendations, marking the arrival of a new language for the Web which allows code to run in the browser. From a report: WebAssembly Core Specification defines a low-level virtual machine which closely mimicks the functionality of many microprocessors upon which it is run. Either through Just-In-Time compilation or interpretation, the WebAssembly engine can perform at nearly the speed of code compiled for a native platform. A .wasm resource is analogous to a Java .class file in that it contains static data and code segments which operate over that static data. Unlike Java, WebAssembly is typically produced as a compilation target from other programming languages like C/C++ and Rust.

WebAssembly Web API defines a Promise-based interface for requesting and executing a .wasm resource. The structure of a .wasm resource is optimized to allow execution to begin before the entire resource has been retrieved, which further enhances responsiveness of WebAssembly applications.

WebAssembly JavaScript Interface provides a JavaScript API for invoking and passing parameters to WebAssembly functions. In Web browsers, WebAssembly's interactions with the host environment are all managed through JavaScript, which means that WebAssembly relies on JavaScript's highly-engineered security model.