The short answers are "yes" and "no." America's Constitution prohibits government intervention into public expression, reports the business-news radio show Marketplace, "protecting free speech and expression "through, for example.... writing, protesting and coding languages like JavaScript, HTML, Python and Perl."

Specifically protecting code started with the 1995 case of cryptographer Daniel Bernstein, who challenged America's "export controls" on encryption (which regulated it like a weapon). But they also spoke to technology lawyer Kendra Albert, a clinical instructor at Harvard Law School's Cyberlaw Clinic, about the specific parameters of how America protects code as a form of expression: Albert: I think that the reality was that the position that code was a form of expression is in fact supported by a long history of First Amendment law. And that it, you know, is very consistent with how we see the First Amendment interpreted across a variety of contexts.... [O]ne of the questions courts ask is whether a regulation or legislation or a government action is specifically targeting speech, or whether the restrictions on speech are incidental, but not the overall intention. And that's actually one of the places you see kind of a lot of these difficulties around code as speech. The nature of many kinds of regulation may mean that they restrict code because of the things that particular forms of software code do in the world. But they weren't specifically meant to restrict the expressive conduct. And courts end up then having to sort of go through a test that was originally developed in the context of someone burning a draft card to figure out — OK, is this regulation, is the burden that it has on this form of expressive speech so significant that we can't regulate in this way? Or is this just not the focus, and the fact that there are some restrictions on speech as a result of the government attempting to regulate something else should not be the focus of the analysis?

Q: Congress and federal agencies as well as some states are looking to tighten regulations around cryptocurrencies and blockchain technology. What role do you think the idea of code as speech will play in this environment moving forward?

Albert: The reality is that the First Amendment is not a total bar to regulation of speech. It requires the government meet a higher standard for regulating certain kinds of speech. That runs, to some extent, in conflict with how people imagine what "code is speech" does as sort of a total restriction on the regulation of software, of code, because it has expressive content. It just means that we treat code similarly to how we treat other forms of expression, and that the government can regulate them under certain circumstances.

While there is a lot of noise about the hottest programming languages and the evolution of Web3, blockchain and the metaverse, none of this will matter if the industry doesn't have highly skilled software developers to build them," argues ZDNet.

So they spoke to Ori Bendet, VP of product management at CheckMarx, a builder software that tests application security. His prediction? Automatic code generators (ACG) like Github CoPilot, AWS CodeWhisperer and Tab9 will eventually replace "traditional" coding. "Although ACG is not as good as developers may think," Bendet says, "over the next few years, every developer will have their code generated, leaving them more time to focus on their core business." As businesses turn to automation as a means of quickly building and deploying new apps and digital services, low code and no code tools will play a fundamental role in shaping the future of the internet. According to a 2021 Gartner forecast, by 2025, 70% of new applications developed by enterprises will be based on low-code or no-code tools, compared to less than 25% in 2020. A lot of this work will be done by 'citizen developers' — employees who build business apps for themselves and other users using low code tools, but who don't have formal training in computer programming. In order to build a proficient citizen developer workforce, companies will need an equally innovative approach to training.

"Low code and no code tools are democratizing software development and providing opportunities for more people to build technology, prompting more innovation across industries," says Prashanth Chandrasekar, CEO of Stack Overflow....

The rise of low-code and no-code will also help to further democratize tech jobs, creating more opportunities for talented individuals from non-tech or non-academic backgrounds. A 2022 survey by developer recruitment platforms CoderPad and CodinGame found that 81% of tech recruiters now readily hire from 'no-degree' candidate profiles. CodinGame COO Aude Barral believes this trend will only grow as the demand for software professionals intensifies.
Stack Overflow's CEO sees some limitations. "Without taking the time to learn the fundamentals of writing code or the context in which code is used, developers using low-code or code suggestion tools will hit a limit in the quality and functionality of their code."

How is this playing out in the real world of professional IT? I'd like to invite Slashdot's readers to share their own experiences in the comments.

Are you seeing low-code and no-code development replacing traditional coding?

Recently the authors of Elements of Publishing shared an update. "After ten years in print, our publisher decided against further printings and has reverted the rights to us. We are publishing Elements of Programming in two forms: a free PDF and a no-markup paperback."

And that's not the only old book that's getting a new life on the web...

22 years ago, long-time Slashdot reader Stephen T. Satchell (satch89450) co-authored Linux IP Stacks Commentary, a book commenting the TCP/IP code in Linux kernel 2.0.34. ("Old-timers will remember the Lion's Unix Commentary, the book published by University xerographic copies on the sly. Same sort of thing.") But the print edition struggled to update as frequently as the Linux kernel itself, and Satchell wrote a Slashdot post exploring ways to fund a possible update.

At the time Slashdot's editors noted that "One of the largest complaints about Linux is that there is a lack of high-profile documentation. It would be sad if this publication were not made simply because of the lack of funds (which some people would see as a lack of interest) necessary to complete it." But that's how things seemed to end up — until Satchell suddenly reappeared to share this update from 2022: When I was released from my last job, I tried retirement. Wasn't for me. I started going crazy with nothing significant to do. So, going through old hard drives (that's another story), I found the original manuscript files, plus the page proof files, for that two-decade-old book. Aha! Maybe it's time for an update. But how to keep it fresh, as Torvalds continues to release new updates of the Linux kernel?

Publish it on the Web. Carefully.

After four months (and three job interviews) I have the beginnings of the second edition up and available for reading. At the moment it's an updated, corrected, and expanded version of the "gray matter", the exposition portions of the first edition....

The URL for the alpha-beta version of this Web book is satchell.net/ipstacks for your reading pleasure. The companion e-mail address is up and running for you to provide feedback. There is no paywall.
But there's also an ingenious solution to the problem of updating the text as the code of the kernel keeps changing: Thanks to the work of Professor Donald Knuth (thank you!) on his WEB and CWEB programming languages, I have made modifications, to devise a method for integrating code from the GIT repository of the Linux kernel without making any modifications (let alone submissions) to said kernel code. The proposed method is described in the About section of the Web book. I have scaffolded the process and it works. But that's not the hard part.

The hard part is to write the commentary itself, and crib some kind of Markup language to make the commentary publishing quality. The programs I write will integrate the kernel code with the commentary verbiage into a set of Web pages. Or two slightly different sets of web pages, if I want to support a mobile-friendly version of the commentary.

Another reason for making it a web book is that I can write it and publish it as it comes out of my virtual typewriter. No hard deadlines. No waiting for the printers. And while this can save trees, that's not my intent. The back-of-the-napkin schedule calls for me to to finish the expository text in September, start the Python coding for generating commentary pages at the same time, and start the writing the commentary on the Internet Control Message Protocol in October. By then, Linus should have version 6.0.0 of the Linux kernel released.

I really, really, really don't want to charge readers to view the web book. Especially as it's still in the virtual typewriter. There isn't any commentary (yet). One thing I have done is to make it as mobile-friendly as I can, because I suspect the target audience will want to read this on a smartphone or tablet, and not be forced to resort to a large-screen laptop or desktop. Also, the graphics are lightweight to minimize the cost for people who pay by the kilopacket. (Does anywhere in the world still do this? Inquiring minds want to know.)

I host this web site on a Protectli appliance in my apartment, so I don't have that continuing expense. The power draw is around 20 watts. My network connection is AT&T fiber — and if it becomes popular I can always upgrade the upstream speed.

The thing is, the cat needs his kibble. I still want to know if there is a source of funding available.

Also, is it worthwhile to make the pages available in a zip file? Then a reader could download a snapshot of the book, and read it off-line.

Long-time Slashdot reader theodp writes: A new study on the Impact of Programming on Primary Mathematics Learning (abstract only, full article $24.95 on ScienceDirect) is generating some buzz on Twitter amongst K-12 CS educator types. It concluded that:

1. Programming did not benefit mathematics learning compared to traditional activities
2. There's a negative though small effect of programming on mathematics learning
3. Mindful "high-road transfer" from programming to mathematics is not self-evident
4. Visual programming languages might distract students from mathematics activities

From the Abstract: "The aim of this study is to investigate whether a programming activity might serve as a learning vehicle for mathematics acquisition in grades four and five.... Classes were randomly assigned to the programming (with Scratch) and control conditions. Multilevel analyses indicate negative effects (effect size range 0.16 to 0.21) of the programming condition for the three mathematical notions.

"A potential explanation of these results is the difficulties in the transfer of learning from programming to mathematics."

The findings of the new study come 4+ years after preliminary results were released from the $1.5M 2015-2019 NSF-funded study Time4CS, a "partnership between Broward County Public Schools (FL), researchers at the University of Chicago, and [tech-bankrolled] Code.org," which explored whether learning CS using Code.org's CS Fundamentals curriculum may be linked to improved learning in math at the grade 3-5 level. Time4CS researchers concluded that the "quasi-experimental" study showed that "No significant differences in Florida State Assessment mathematics scores resulted between treatment and comparison groups."

Perl's major version number hasn't changed since 1994, notes a new blog post at Stack Overflow by Perl book author Dave Cross. Yet the programming language has still undergone "massive changes" between version 5.6 (summer of 2000) and version 5.36 (released this May).

But because the Perl development strives for backwards compatibility, "many new Perl features are hidden away behind feature guards and aren't available unless you explicitly turn them on...." You're no doubt familiar with using print() to display data on the console or to write it to a file. Perl 5.10 introduced the say() command which does the same thing but automatically adds a newline character to the output. It sounds like a small thing, but it's surprisingly useful. How many times do you print a line of data to a file and have to remember to explicitly add the newline? This just makes your life a little bit easier....

Some of the improvements were needed because in places Perl's Unix/C heritage shows through a little more than we'd like it to in the 21st century. One good example of this is bareword filehandles... It is a variable. And, worst than that, it's a package variable (which is the closest thing that Perl has to a global variable)... [But] for a long time (back to at least Perl 5.6), it has been possible to open filehandles and store them in lexical variables... For a long time, Perl's standard functions for dealing with dates and times were also very tied to its Unix roots. You may have seen code like this:

my @datetime = localtime();

The localtime() function returns a list of values that represent the various parts of the current local time... Since Perl 5.10, the standard library has included a module called Time::Piece. When you use Time::Piece in your code, it overrides localtime() and replaces it with a function that returns an object that contains details of the current time and date. That object has a strftime() method... And it also has several other methods for accessing information about the time and date [including a method called is_leap_year]... Using Time::Piece will almost certainly make your date and time handling code easier to write and (more importantly) easier to read and understand....

In most languages you'd have a list of variable names after the subroutine name and the parameters would be passed directly into those. Well, as of version 5.36 (which was released earlier this summer) Perl has that too. You turn the feature on with use feature 'signatures'.... Subroutine signatures have many other features. You can, for example, declare default values for parameters.
And new features possibly coming soon incude a new object-oriented programming framework named Corinna being written into the Perl core. "Beyond that, the Perl development team have their eye on a major version number bump."

And to avoid confusion with Raku -- the offshoot programming language formerly known as Perl 6 -- the next major version of Perl will be Perl 7.

North Carolina-based developer Idrees Hassan loves Minecraft so much that he recently created a monospaced font for programming based on the typeface found in the wildly popular video game. The result, Monocraft, gives programmers the feel of being in Minecraft without using any assets from the game. From a report: "To be honest, I made this font because I thought it'd be fun to learn how fonts worked," Hassan told Ars. "Existing Minecraft fonts were missing a bunch of small details like proper kerning and pixel size, so I figured I should make my own. Once that was done, there was nothing stopping me from going overboard and turning it into a 'proper' programming font. Plus, now I can write Minecraft plugins in a Minecraft font!" To adapt the Minecraft font for development purposes, Hassan redesigned characters to look better in a monospaced format, added a few serifs to make letters such as "i" and "l" easier to distinguish, created new programming ligature characters, and refined the arrow characters to make them easier to read. (Ligature characters combine popular operational character strings such as "!=" into a single new character, but they aren't always popular with developers.)

T-Mobile won the lion's share of spectrum licenses in the latest Federal Communications Commission auction, helping it fill rural network gaps that evoked comparisons to Swiss cheese. T-Mobile's winning bids totaled $304.3 million, letting it obtain 7,156 licenses out of 7,872 that were sold, the FCC announced yesterday. From a report: T-Mobile's licenses are spread across 2,724 counties (out of 3,143 total in the US). The second-highest bidder in dollar terms was PTI Pacifica, which spent $17.7 million on nine licenses in five counties. "With most of the available spectrum in the 2.5 GHz band located in rural areas, this auction provides vital spectrum resources to support wireless services in rural communities," the FCC said. The auction provided up to three blocks of spectrum, totaling 117.5MHz in each county. In terms of the number of licenses won, the second-place finisher was the North American Catholic Educational Programming Fund. Its winning bids totaled $7.8 million and cover 107 licenses in 84 counties. There were 63 winning bidders overall, and the auction raised $427.8 million. Small entities and rural service providers were given discounts on the license costs. The 2.5 GHz spectrum was originally set aside for educational institutions but has been repurposed for commercial service.

Derivatives-focused decentralized finance (DeFi) platform OptiFi accidentally closed its mainnet platform in a programming blunder, locking away $661,000 in USDC. CoinDesk reports: The Solana blockchain-powered protocol made the error when it tried to update its program code. Instead of a standard update, OptiFi accidentally used the "solana program close" command, resulting in the permanent closure of the platform on the mainnet, according to a blog post. The funds are irretrievable, although OptiFi said that it will return all users' deposits and settle positions manually on Friday. The estimated process time will be two weeks. [...] In a tweet, OptiFi said that 95% of total value locked is from one of its team members, meaning that customer asset may equate to only $33,000.

The IEEE's official publication, IEEE Spectrum, has released its ninth annual ranking of the top programming languages. The results? Python remains on top but is closely followed by C. Indeed, the combined popularity of C and the big C-like languages — C++ and C# — would outrank Python by some margin.

Java also remains popular, as does Javascript, the latter buoyed by the ever-increasing complexity of websites and in-browser tools (although it's worth noting that in some quarters, the cool thing is now deliberately stripped-down static sites built with just HTML and simple CSS).

But among these stalwarts is the rising popularity of SQL. In fact, it's at No. 1 in our Jobs ranking, which looks solely at metrics from the IEEE Job Site and CareerBuilder. Having looked through literally hundreds and hundreds of job listings in the course of compiling these rankings for you, dear reader, I can say that the strength of the SQL signal is not because there are a lot of employers looking for just SQL coders, in the way that they advertise for Java experts or C++ developers. They want a given language plus SQL. And lots of them want that "plus SQL...."

Job listings are of course not the only metrics we look at in Spectrum. A complete list of our sources is here, but in a nutshell we look at nine metrics that we think are good proxies for measuring what languages people are programming in. Sources include GitHub, Google, Stack Overflow, Twitter, and IEEE Xplore [their library of technical content]. The raw data is normalized and weighted according to the different rankings offered — for example, the Spectrum default ranking is heavily weighted toward the interests of IEEE members, while Trending puts more weight on forums and social-media metrics.
Python is still #1 in their "Trending" view of language popularity, but with Java in second place (followed by C, JavaScript, C++ and C# — and then SQL). PHP is next — their 8th-most-trending language, followed by HTML, Go, R, and Rust.

Crop of expensive fantasy adaptations from Amazon and HBO Max served up at subsidised prices. Financial Times: Since 2016, the veteran US television executive John Landgraf has been predicting the arrival of "peak TV" -- the moment when the number of new scripted shows reaches an all-time high. The streaming boom has proved him wrong every time but he gamely made the prediction again this month, telling guests at the Television Critics Association press tour that 2022 would mark "the peak of the peak TV era." Landgraf, chair of Disney's FX network, conceded that he could be wrong this time too. But there is little doubt that this autumn will present audiences with a flood of some of the most expensive television ever produced. On September 2, Amazon Prime will release its adaptation of The Lord of the Rings, with an estimated budget of $465mn for the first season -- almost enough to make Top Gun: Maverick three times over.

HBO Max's House of the Dragon -- the prequel to Game of Thrones -- is reported to have cost $200mn for the season's 10 episodes. At Disney Plus, Star Wars: Andor will lead a large slate of new programmes that include a Pinocchio remake, She Hulk, and a spin-off of the Cars franchise. These shows are being served up to consumers at subsidised prices by streaming platforms making record losses. The only profitable exception is Netflix, but the industry pioneer's market value has plunged almost $200bn over the past year because of slowing subscriber growth. Its share price is languishing at a four-year low. The forthcoming crop of new programming was given the green light during a headier time, when Wall Street cheered as streaming services committed lavish sums to compete. But faith in the streaming business model -- and investor tolerance for profligate spending -- has waned as Netflix's once-blistering subscription growth has gone into reverse.

[...] On top of that, there are growing concerns that inflation will bite into discretionary spending, including on streaming services. "Everyone [in Hollywood] is throwing big dollars after big things," said Niels Juul, who was an executive producer of Martin Scorsese's Netflix film The Irishman. "But [subscribers] are inundated now to the point where they are looking at their monthly bills and saying, 'Something's got to go -- I've got $140 worth of subscriptions here!'" Even so, Tom Harrington at Enders Analysis said consumers were still getting a better deal than the streaming companies themselves. "People get through $100mn of TV in a day and say: 'what's next?' From a consumer point of view that is great. But for a video operator, it's clearly unsustainable."

After offering them for over a decade, Heroku announced this week that it will eliminate all of its free services -- pushing users to paid plans. From a report: Starting November 28, the Salesforce-owned cloud platform as a service will stop providing free product plans and shut down free data services and soon (on October 26) will begin deleting inactive accounts and associated storage for accounts that have been inactive for over a year. In a blog post, Bob Wise, Heroku general manager and Salesforce EVP, blamed "abuse" on the demise of the free services, which span the free plans for Heroku Dynos and Heroku Postgres as well as the free plan for Heroku Data for Redis.

[...] Wise went on to note that Heroku will be announcing a student program at Salesforce's upcoming Dreamforce conference in September, but the details remain a mystery at this point. For the uninitiated, Heroku allows programmers to build, run and scale apps across programming languages including Java, PHP, Scala and Go. Salesforce acquired the company for $212 million in 2010 and subsequently introduced support for Node.js and Clojure and Heroku for Facebook, a package to simplify the process of deploying Facebook apps on Heroku infrastructure. Heroku claims on its website that it's been used to develop 13 million apps to date.

It turns out, software testers are relying more on automation than ever before, driven by a desire to lower testing costs and improve software quality and user experience. VentureBeat shares the findings from a new report by Kobiton: Kobiton asked 150 testers in companies with at least 50 employees across a range of industries. [...] For context, there are two kinds of software testing: manual and automated. Manual is still common but it's not ideal for repetitive tests, leading many testers to choose automation, which can expedite development and app performance. To wit, 40% of testers responding to Kobiton's study said their primary motivation for using automation is improving user experience. "In a study we conducted two years ago, half the testers we asked said their automation programs were relatively new, and 76% said they were automating fewer than 50% of all tests," said Kevin Lee, CEO of Kobiton. "Nearly 100% of testers participating in this year's study are using automation, which speaks to how far the industry has come."

Testing managers are prioritizing new hires with automation experience, too. Kobiton's study found that automation experience is one of the three skills managers are most interested in. And how is automation being used? A plurality (34%) of respondents to Kobiton's survey said they are using automation for an equal mix of regression and new feature testing. And it's made them more efficient. Almost half (47%) of survey respondents said it takes 3-5 days for manual testing before a release, whereas automated tests can have it done in 3-6 hours.

The kingdom of Google's third major operating system, Fuchsia, is growing a little wider today. ArsTechnica: 9to5Google reports Google completed the rollout of Fuchsia to the Google Nest Hub Max. Along with the original Nest Hub/Google Home Hub, that puts two of Google's three smart displays on the new OS, with the one holdout being the 2nd Gen Nest Hub. The Nest Hub Max is the first device running Fuchsia that Google is currently selling -- the Home Hub only got Fuchsia after it had been discontinued. The Google smart display user interface is written in Flutter, a Google programming language designed for portability, which runs on Android, iOS, Fuchsia, and the weird cast platform Nest Hubs typically use. So it's not right to describe the user interface as "similar" after the OS swap -- it's the exact same code because Flutter runs on nearly everything.

You are getting a slightly newer code version, though, and it comes with a Bluetooth menu. If you dive into the settings and hit "about device," you'll see a "Fuchsia Version" field that will say something like "6.20211109.1.3166243." It's a bit weird to do an entire OS switch to the futuristic, secretive Fuchsia project and then have basically nothing to show (or say) for it in terms of obvious improvements in performance or security. You can dive into the minutia of the Fuchsia source code, but it continues to be a mystery in terms of what practical benefits it offers consumers. Google never talks about Fuchsia, so not much is known about what, exactly, Google is accomplishing here.

Co-creator of core Unix utility, now 80, just needs to run a few more tests. From a report: A Princeton professor, finding a little time for himself in the summer academic lull, emailed an old friend a couple months ago. Brian Kernighan said hello, asked how their US visit was going, and dropped off hundreds of lines of code that could add Unicode support for AWK, the text-parsing tool he helped create for Unix at Bell Labs in 1977. "I have tested this a fair amount but clearly more tests are needed," Kernighan wrote in the email, posted as a kind of pseduo-commit on the onetrueawk repo by longtime maintainer Arnold Robbins. "Once I figure out how ... I will try to submit a pull request. I wish I understood git better, but in spite of your help, I still don't have a proper understanding, so this may take a while." Kernighan is the "K" in AWK, a special-purpose language for extracting and manipulating language that was key to Unix's pipeline features and interoperability between systems. A working awk function (AWK is the language, awk the command to invoke it) is critical to both Standard UNIX Specification and IEEE POSIX certification for interoperability. There are countless variants of awk, but "One True AWK," sometimes known as nawk, is the version based on Kernighan's 1985 book The AWK Programming Language and his subsequent input.

Kernighan is also the "K" in "K&R C," the foundational 1978 book The C Programming Language he cowrote with Dennis Ritchie that sticks with programmers, mentally and in dog-eared paper form. C's roots go much deeper. Kernighan had been teaching C to workers at Bell Labs and convinced its creator, Dennis Ritchie, to collaborate on a book to spread the knowledge. That book gave birth to "the one true brace style," the endless debate that goes with it, and the structure underpinning every modern programming language. Kernighan also named Unix and first demonstrated the "Hello, world" code example.

"Hyundai predictably fails in attempting to secure their car infotainment system with a default key lifted from programming examples," writes Slashdot reader sinij. "This level of security is unfortunately expected from auto manufacturers, who also would like to sell you always-connected Car2Car self-driving automobiles." Cryptographer and security experience Bruce Schneier writes: "Turns out the [AES] encryption key in that script is the first AES 128-bit CBC example key listed in the NIST document SP800-38A [PDF]," writes an unidentified developer under the name "greenluigi1." Luck held out, in a way. "Greenluigi1" found within the firmware image the RSA public key used by the updater, and searched online for a portion of that key. The search results pointed to a common public key that shows up in online tutorials like "RSA Encryption & Decryption Example with OpenSSL in C." Two questions remain:
1.) How did the test key get left behind?
2) Was it by accident or design?

The USB Rubber Ducky "has a new incarnation, released to coincide with the Def Con hacking conference this year," reports The Verge. From the report: To the human eye, the USB Rubber Ducky looks like an unremarkable USB flash drive. Plug it into a computer, though, and the machine sees it as a USB keyboard -- which means it accepts keystroke commands from the device just as if a person was typing them in. The original Rubber Ducky was released over 10 years ago and became a fan favorite among hackers (it was even featured in a Mr. Robot scene). There have been a number of incremental updates since then, but the newest Rubber Ducky makes a leap forward with a set of new features that make it far more flexible and powerful than before.

With the right approach, the possibilities are almost endless. Already, previous versions of the Rubber Ducky could carry out attacks like creating a fake Windows pop-up box to harvest a user's login credentials or causing Chrome to send all saved passwords to an attacker's webserver. But these attacks had to be carefully crafted for specific operating systems and software versions and lacked the flexibility to work across platforms. The newest Rubber Ducky aims to overcome these limitations.

It ships with a major upgrade to the DuckyScript programming language, which is used to create the commands that the Rubber Ducky will enter into a target machine. While previous versions were mostly limited to writing keystroke sequences, DuckyScript 3.0 is a feature-rich language, letting users write functions, store variables, and use logic flow controls (i.e., if this... then that). That means, for example, the new Ducky can run a test to see if it's plugged into a Windows or Mac machine and conditionally execute code appropriate to each one or disable itself if it has been connected to the wrong target. It also can generate pseudorandom numbers and use them to add variable delay between keystrokes for a more human effect. Perhaps most impressively, it can steal data from a target machine by encoding it in binary format and transmitting it through the signals meant to tell a keyboard when the CapsLock or NumLock LEDs should light up. With this method, an attacker could plug it in for a few seconds, tell someone, "Sorry, I guess that USB drive is broken," and take it back with all their passwords saved.

This week the Rust team announced the release of Rust 1.63.

One noteable update? Adding scoped threads to the standard library: Rust code could launch new threads with std::thread::spawn since 1.0, but this function bounds its closure with 'static. Roughly, this means that threads currently must have ownership of any arguments passed into their closure; you can't pass borrowed data into a thread. In cases where the threads are expected to exit by the end of the function (by being join()'d), this isn't strictly necessary and can require workarounds like placing the data in an Arc.

Now, with 1.63.0, the standard library is adding scoped threads, which allow spawning a thread borrowing from the local stack frame. The std::thread::scope API provides the necessary guarantee that any spawned threads will have exited prior to itself returning, which allows for safely borrowing data.
The official Rust RFC book says "The main drawback is that scoped threads make the standard library a little bit bigger," but calls it "a very common and useful utility...great for learning, testing, and exploratory programming.

"Every person learning Rust will at some point encounter interaction of borrowing and threads. There's a very important lesson to be taught that threads can in fact borrow local variables, but the standard library [didn't] reflect this." And otherwise, "Implementing scoped threads is very tricky to get right so it's good to have a reliable solution provided by the standard library."

"Python seems to be unstoppable," argues the commentary on August's edition of the TIOBE index (which attempts to calculate programming-language popularity based on search results for courses, vendors, and "skilled engineers").

By that measure Python's "market share" rose another 2% in this month's index — to an all-time high of 15.42%. It is hard to find a field of programming in which Python is not used extensively nowadays. The only exception is (safety-critical) embedded systems because of Python being dynamically typed and too slow. That is why the performant languages C and C++ are gaining popularity as well at the moment.

If we look at the rest of the TIOBE index, not that much happened last month. Swift and PHP swapped places again at position 10, Rust is getting close to the top 20, Kotlin is back in the top 30, and the new Google language Carbon enters the TIOBE index at position 192.
InfoWorld notes it's been 10 months since Python first claimed the index's #1 spot last October, "becoming the only language besides Java and C to hold the No. 1 position." In the alternative Pypl Popularity of Programming Language index, which assesses language popularity based on Google searches of programming language tutorials, the top 10 rankings for August were:

1. Python, 28.11% share
2. Java, 17.35%
3. JavaScript, 9.48%
4. C#, 7.08%
5. C/C++, 6.19%
6. PHP, 5.47%
7. R, 4.35%
8. TypeScript, 2.79%
9. Swift, 2.09%
10. Objective-C, 2.03%

True 5G wireless data, with its ultrafast speeds and enhanced security protections, has been slow to roll out around the world. As the mobile technology proliferates -- combining expanded speed and bandwidth with low-latency connections -- one of its most touted features is starting to come in to focus. But the upgrade comes with its own raft of potential security exposures. From a report: A massive new population of 5G-capable devices, from smart-city sensors to agriculture robots and beyond, are gaining the ability to connect to the internet in places where Wi-Fi isn't practical or available. Individuals may even elect to trade their fiber-optic internet connection for a home 5G receiver. But the interfaces that carriers have set up to manage internet-of-things data are riddled with security vulnerabilities, according to research that will be presented on Wednesday at the Black Hat security conference in Las Vegas. And those vulnerabilities could dog the industry long-term. After years of examining potential security and privacy issues in mobile-data radio frequency standards, Technical University of Berlin researcher Altaf Shaik says he was curious to investigate the application programming interfaces (APIs) that carriers are offering to make IoT data accessible to developers.

These are the conduits that applications can use to pull, say, real-time bus-tracking data or information about stock in a warehouse. Such APIs are ubiquitous in web services, but Shaik points out that they haven't been widely used in core telecommunications offerings. Looking at the 5G IoT APIs of 10 mobile carriers around the world, Shaik and his colleague Shinjo Park found common, but serious API vulnerabilities in all of them, and some could be exploited to gain authorized access to data or even direct access to IoT devices on the network. "There's a big knowledge gap. This is the beginning of a new type of attack in telecom," Shaik told WIRED ahead of his presentation. "There's a whole platform where you get access to the APIs, there's documentation, everything, and it's called something like 'IoT service platform.' Every operator in every country is going to be selling them if they're not already, and there are virtual operators and subcontracts, too, so there will be a ton of companies offering this kind of platform."

In addition to NVIDIA being busy working on transitioning to an open-source GPU kernel driver, yesterday they made a rare public open-source documentation contribution... NVIDIA quietly published 73k lines worth of header files to document the 3D classes for their Fermi through current-generation Ampere GPUs. Phoronix's Michael Larabel reports: To NVIDIA's Open-GPU-Docs portal they have posted the 73k lines worth of 3D class header files covering RTX 30 "Ampere" GPUs back through the decade-old GeForce 400/500 "Fermi" graphics processors. These header files define the classes used to program the 3D engine of the GPU, the texture header and texture sampler layout are documented, and other 3D-related programming bits. Having all of these header files will be useful to the open-source Nouveau driver developers to save on their reverse-engineering and guessing/uncertainty over certain bits.

NVIDIA's Open GPU Kernel Driver is for only GeForce RTX 20 "Turing" series and newer, so it's great seeing NVIDIA now posting this documentation going back to Fermi which is squarely to help the open-source community / Nouveau. [...] The timing of NVIDIA opening these 3D classes back to Fermi is interesting and potentially tied to SIGGRAPH 2022 happening this week. Those wanting to grab NVIDIA's latest open-source GPU documentation can find it via this GitHub repository.