Category Archives: Tech News

5 Programming Languages Marked for Death

Now, every developer has some preferences

Preferences depending on the language he or she wishes to write to. But as people evolve and new technologies arise languages are more or less being used by people. By the time some people abandon a language, there is high chance this language will die.

Quiz: Name the Movie.... :D
Quiz: Name the Movie…. :D

According to Dice.com…

The future dead languages are the following:

Perl

There was a time when everyone seemingly programmed in Perl. But for those of us who used the language regularly, there was something about it that didn’t seem right. One programmer I knew called it a “piecemeal” language, because it seemed as if the creators had just piled features on top of features without giving much thought as to how everything fit together. Indeed, even its creators seemed to (implicitly) acknowledge that something was wrong, kicking off work on Perl6, currently under development as a complete revamp of the language. Work on Perl6 started in… the year 2000. Where is it? Who cares? Perl is dead. Don’t bother learning it. Incidentally, here’s a “Goodbye World!” written in Perl:

#!/usr/bin/perl
 print “Content-type: text/html\n\n”;
 print “Goodbye, world!\n”;>

Ruby

Just ten years ago, Ruby was all the rage. Invented in 1995, the unique language hit its stride by themid-aughts. People who use Ruby on a regular basis absolutely love it. But those of us who grew up with C-style languages tend to have a little trouble learning its ropes. Here’s a simple “Goodbye World!” in Ruby:

puts ‘Bye bye, Miss American Ruby! Drove my Chevy to the Levie…’
puts ’2011 was the day that Ruby died, yeah…’

By all accounts, it’s a cool language and everybody has good things to say about it… except Twitter. In April 2011, Twitter announced that they had rewritten much of their code in order to move away from Ruby and its popular Web framework, Ruby on Rails, claiming the platforms were inefficient. That, I would argue, was the day Ruby started to die; over the past three and a half years, interest has begun to wane. If you love Ruby, you can thank Twitter for its demise.

Visual Basic.NET

Ten years ago, I landed a job rewriting massive amounts of code for a company that shall go nameless, converting from VB6 to Visual basic.NET. I only lasted a couple months before I bailed: It was an excruciating task. Microsoft’s long love of the BASIC programming language extends all the way back to 1991, when the company purchased a pretty awesome (for its time) visual programming designer from Alan Cooper. He originally used a different language, but Bill Gates told him to replace the language with BASIC, which he felt was the easiest language in use at the time. For most of the 1990s, we got to see this new breed of BASIC, dubbed Visual Basic, grow to include objects and other newer programming techniques. Then something interesting happened. The guy who headed up the creation of Borland Delphi, Anders Hejlsberg, moved over to Microsoft and headed up the creation of a new language called C#. This language was very similar to Java. It took a while for people to start using it, but once they did, they loved it. C# soon became Microsoft’s flagship programming language. To this day, there are many, many C# jobs, and C# programmers command high salaries. While Microsoft created C# to target its own CLR runtime, its engineers also created a version of Gates’ beloved BASIC language, named it Visual Basic.NET. The language still bore the syntax of BASIC, but the coding approach was similar to that of C#. Both languages moved forward, but it was inevitable that the world would embrace one (C#) at the expense of the other. That’s why Visual Basic.NET has been reduced to C#’s little stepbrother in hospice care. Here’s a Visual Basic.NET program from Microsoft’s website:

‘ Allow easy reference to the System namespace classes.
Imports System
‘ This module houses the application’s entry point.
Public Module modmain
   ‘ Main is the application’s entry point.
   Sub Main()
     ‘ Write text to the console.
     Console.WriteLine (“Hello World using Visual Basic!”)
   End Sub
End Module

Adobe Flash and AIR

Technically these are platforms, not languages. I’m including them because, in order to use them, you need Adobe’s own version of EcmaScript, called ActionScript. ActionScript is a close cousin to JavaScript, which (love it or hate it) is one of the most popular languages today due to its implementation in all browsers. ActionScript adds a few details to EcmaScript (which is the official name of the standard, of which JavaScript is an implementation); you won’t really find ActionScript anywhere except for Adobe Flash. Do you use Flash? Steve Jobs hated how it hogged his devices’ processors, and refused to allow it onto the iPhone. As the iPhone (and subsequently the iPad) grew in popularity, Web developers found themselves forced to create websites that didn’t rely on Flash. Developers who made a living coding up ActionScript for Flash-powered sites screamed bloody murder. (I personally saw a Flash developer tell off a room of JavaScript developers for destroying his career.) Adobe tried to keep its programming platform alive via AIR, paired with a tool for building AIR apps called Flex. AIR was, in the estimation of many, a disaster. It wasn’t clear what Adobe wanted out of the whole process; did they want people to ditch Flash and use AIR instead? Or were they expecting AIR and Flash to live on together? For a short time it looked as if AIR would take off, thanks to its use in a popular Twitter platform called TweetDeck, which required users to install the AIR runtime on their computers. That might have opened up millions of PCs for AIR apps, except Twitter bought TweetDeck in 2011 and rewrote it using native code instead of AIR. So much for AIR. And between the deaths of both Flash and AIR, Adobe’s ActionScript can kiss the world goodbye as well. Here’s some sample ActionScript code. (If you use the Flex command-line tools you can compile this into a Flash thingamajob that you can embed in an HTML page):


package {

import flash.display.*;

import flash.text.*;

public class HelloWorld extends Sprite {

private var greeting:TextField = new TextField();

public function HelloWorld() {

greeting.text = “Hello World!”;

greeting.x = 100;

greeting.y = 100;

addChild(greeting);

}
}
}

Delphi’s Object Pascal

With sincere apologies to my fallen Delphi comrades, I must announce the death of Object Pascal. Okay, Delphi (the tool for developing Object Pascal) actually lives on, having moved between companies (it originated with Borland, and now sits with Embarcadero). The original Delphi and its Object Pascal language actually presented a great working environment; the language was a bit wordy, but the compiler was fast and it was much easier to create Windows programs in compared to Visual Basic (I’m talking pre-Visual Basic.NET here, around 1995). The momentum didn’t continue. It’s hard to say just why, since the platform was really quite good. Meanwhile, Borland began supporting C# and C++ in its Delphi line of products. Long story short, Delphi was eventually sold off to Embarcadero, which continues to produce it. It’s big, and it’s sophisticated, and continues to do reasonably well—but its focus is not Pascal. Yes, you can still do Pascal programming in it, but few people do; in fact, you can use Delphi to build for many different platforms including iOS, Android, and, soon, Linux. But if you go to the Embarcadero website, you’ll see that they mainly promote Delphi’s C++ support. So, Object Pascal is dead. I say this with sadness, as I’ve spent quite a bit of time programming in Pascal and especially Delphi’s Object Pascal. But that’s life. 5 Programming Languages Marked for Death.

Popcorn Time Is So Good at Movie Piracy, It’s Scary

Pop Corn Time
Pop-Corn Time !

One thing that iTunes, Netflix, Amazon and Hulu have proven is that content makers can fight piracy by providing a better, easier service to paying customers. But what happens when piracy fights back with something just as convenient?

A new app called Popcorn Time raises that very question. Available for Windows, Mac and Linux, Popcorn Time lets you stream the latest movies — including American HustleGravity and Frozen – with just a couple clicks. The software uses BitTorrent to find and download movies, but eliminates the usual hassle of wading through sketchy torrent sites and waiting for the file to finish downloading. (Clarification: Popcorn Time does not use BitTorrent to find files, but finds its movies through YTS, a website that indexes movie torrent files.)

Basically, it’s the version of Netflix that you’ve always wanted — and maybe have been willing to pay extra for — but that Hollywood may never allow. It’s also a flagrant enabler of copyright violation, at least in the United States.

Popcorn Time’s creators are quick to acknowledge the legal dangers. A disclaimer, warning that it may be illegal in your country to download copyrighted material, appears on the Popcorn Time website and again in the app itself. Movie studios have been known to monitor torrent traffic and sue individual file sharers, so Popcorn Time isn’t necessarily safe unless you’re using a virtual private network to mask your whereabouts.

But the creators aren’t particularly worried about the movie industry hounding them. “We don’t expect legal issues,” a developer named Sebastian told TorrentFreak. “We don’t host anything, and none of the developers makes any money. There are no ads, no premium accounts, and no subscription fees or anything like that. It’s an experiment to learn and share.”

I have a feeling Hollywood will try its best to attack Popcorn Time, but as a free, open-source project, it’s going to be tough to take down. The developers have shown that movie piracy can be intuitive and user-friendly. If movie studios can’t break down the release windows and old business models that prevent new movies from being available on-demand, they should be very afraid of apps like Popcorn Time.

source : Times

Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping

Hundreds of open source packages, including the Red Hat, Ubuntu, and Debian distributions of Linux, are susceptible to attacks that circumvent the most widely used technology to prevent eavesdropping on the Internet, thanks to an extremely critical vulnerability in a widely used cryptographic code library.

The bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) and Transport Layer Security (TLS) protections available on websites that depend on the open source package. Initial estimates included in Internet discussions such as this one indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn’t be surprising if the actual number is much higher. Web applications, e-mail programs, and other code that use the library are vulnerable to exploits that allow attackers monitoring connections to silently decode encrypted traffic passing between end users and servers.

The bug is the result of commands in a section of the GnuTLS code that verify the authenticity of TLS certificates, which are often known simply as X509 certificates. The coding error, which may have been present in the code since 2005, causes critical verification checks to be terminated, drawing ironic parallels to the extremely critical “goto fail” flaw that for months put users of Apple’s iOS and OS X operating systems at risk of surreptitious eavesdropping attacks. Apple developers have since patched the bug.

“It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification,” anadvisory issued by Red Hat warned. “An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker.”

GnuTLS developers published this bare-bones advisory that urges all users to upgrade to version 3.2.12. The flaw, formally indexed as CVE-2014-0092, is described by a GnuTLS developer as “an important (and at the same time embarrassing) bug discovered during an audit for Red Hat.” Debian’s advisory is here.

Distant relative of “goto fail”

As was the case with last week’s critical encryption bug from Apple, the GnuTLS vulnerability is the result of someone making mistakes in source code that controls critical functions of the program. This time, instead of a single misplaced “goto fail” command, the mistakes involve errors with several “goto cleanup” calls. The GnuTLS program, in turn, prematurely terminates code sections that are supposed to establish secure TLS connections only after the other side presents a valid X509 certificate signed by a trusted source. Attackers can exploit the error by presenting vulnerable systems with a fraudulent certificate that is never rejected, despite its failure to pass routine security checks. The failure may allow attackers using a self-signed certificate to pose as the cryptographically authenticated operator of a vulnerable website and to decrypt protected communications. It’s significant that no one managed to notice such glaring errors, particularly since they were contained in code that anyone can review.

Security researchers are still studying the vulnerability and assessing its effect on the wide array of OSes and applications that depend on GnuTLS. For the moment, readers should assume that the severity is critical given the dizzying amount of downstream code that may be affected. One example: the apt-get installer some distributions of Linux use to distribute and update applications relies on GnuTLS, although exploits against the package can probably be caught by cryptographic code-signing of the downloaded program (thanks to readers for pointing out this secondary level of protection). Version 3 of lib-curl, which is distributed in Debian and Ubuntu, also depends on GnuTLS. Some Debian- and Ubuntu-based virtual private networking applications that work with Cisco Systems hardware are also affected. This list goes on and on.

Matt Green, a Johns Hopkins University professor specializing in cryptography, characterized the vulnerability this way: “It looks pretty terrible.”

Kenneth White, a principal security engineer of Social & Scientific Systems, agreed, saying the vulnerability “has a lot of side effects.”

This article will be updated if important additional details become available.

Article updated to add details in fourth-to-last paragraph. Article updated to correct misstatements about Cisco virtual private networking software.

Source: Ars Technica