A Rust-based re-implementation of GNU core utilities like cp and mv is "reaching closer to parity with the widely-used GNU upstream and becoming capable of taking on more real-world uses," reports Phoronix: Debian developer Sylvestre Ledru [also an engineering director at Mozilla] began working on uutils during the COVID-19 pandemic and presented last week at FOSDEM 2023 on his Coreutils replacement effort. With uutils growing into increasingly good shape, it's been packaged up by many Linux distributions and is also used now by "a famous social network via the Yocto project...."

The goals with uutils are to try to create a drop-in replacement for GNU Coreutils, strive for good cross-platform support, and easy testing. Ledru's initial goals were about being able to boot Debian, running the most popular packages, building key open-source software, and all-around it's been panning out to be a great success.... [M]ore performance optimizations are to come along with other work for compatibility against the GNU tools and implementing some still missing options in different programs

Russ Cox, a Google software engineer steering the development of the open source Go programming language, has presented a possible plan to implement telemetry in the Go toolchain. However many in the Go community object because the plan calls for telemetry by default. The Register reports: These alarmed developers would prefer an opt-in rather than an opt-out regime, a position the Go team rejects because it would ensure low adoption and would reduce the amount of telemetry data received to the point it would be of little value. Cox's proposal summarized lengthier documentation in three blog posts.

Telemetry, as Cox describes it, involves software sending data from Go software to a server to provide information about which functions are being used and how the software is performing. He argues it is beneficial for open source projects to have that information to guide development. And the absence of telemetry data, he contends, makes it more difficult for project maintainers to understand what's important, what's working, and to prioritize changes, thereby making maintainer burnout more likely. But such is Google's reputation these days that many considering the proposal have doubts, despite the fact that the data collection contemplated involves measuring the usage of language features and language performance. The proposal isn't about the sort of sensitive personal data vacuumed up by Google's ad-focused groups. "Now you guys want to introduce telemetry into your programming language?" IT consultant Jacob Weisz said. "This is how you drive off any person who even considered giving your project a chance despite the warning signs. Please don't do this, and please issue a public apology for even proposing it. Please leave a blast radius around this idea wide enough that nobody even suggests trying to do this again."

He added: "Trust in Google's behavior is at an all time low, and moves like this are a choice to shove what's left of it off the edge of a cliff."

Meanwhile, former Google cryptographer and current open source maintainer Filippo Valsorda said in a post to Mastodon: "This is a large unconventional design, there are a lot of tradeoffs worth discussing and details to explore," he wrote. "When Russ showed it to me I made at least a dozen suggestions and many got implemented."

"Instead: all opt-out telemetry is unethical; Google is evil; this is not needed. No one even argued why publishing any of this data could be a problem."

Thomas Claburn writes via The Register: GitHub has a lot of code to search -- more than 200 million repositories -- and says last November's beta version of a search engine optimized for source code that has caused a "flurry of innovation." GitHub engineer Timothy Clem explained that the company has had problems getting existing technology to work well. "The truth is from Solr to Elasticsearch, we haven't had a lot of luck using general text search products to power code search," he said in a GitHub Universe video presentation. "The user experience is poor. It's very, very expensive to host and it's slow to index." In a blog post on Monday, Clem delved into the technology used to scour just a quarter of those repos, a code search engine built in Rust called Blackbird.

Blackbird currently provides access to almost 45 million GitHub repositories, which together amount to 115TB of code and 15.5 billion documents. Shifting through that many lines of code requires something stronger than grep, a common command line tool on Unix-like systems for searching through text data. Using ripgrep on an 8-core Intel CPU to run an exhaustive regular expression query on a 13GB file in memory, Clem explained, takes about 2.769 seconds, or 0.6GB/sec/core. [...] At 0.01 queries per second, grep was not an option. So GitHub front-loaded much of the work into precomputed search indices. These are essentially maps of key-value pairs. This approach makes it less computationally demanding to search for document characteristics like the programming language or word sequences by using a numeric key rather than a text string. Even so, these indices are too large to fit in memory, so GitHub built iterators for each index it needed to access. According to Clem, these lazily return sorted document IDs that represent the rank of the associated document and meet the query criteria.

To keep the search index manageable, GitHub relies on sharding -- breaking the data up into multiple pieces using Git's content addressable hashing scheme and on delta encoding -- storing data differences (deltas) to reduce the data and metadata to be crawled. This works well because GitHub has a lot of redundant data (e.g. forks) -- its 115TB of data can be boiled down to 25TB through deduplication data-shaving techniques. The resulting system works much faster than grep -- 640 queries per second compared to 0.01 queries per second. And indexing occurs at a rate of about 120,000 documents per second, so processing 15.5 billion documents takes about 36 hours, or 18 for re-indexing since delta (change) indexing reduces the number of documents to be crawled.

Google CEO Sundar Pichai told employees Monday the company is going to need all hands on deck to test Bard, its new ChatGPT rival. From a report: He also said Google will soon be enlisting help from partners to test an application programming interface, or API, that would let others access the same underlying technology. The internal memo came shortly after Pichai publicly announced Google's new conversation technology, powered by artificial intelligence, which it will begin rolling out in the coming weeks. Google has faced pressure from investors and employees to compete with ChatGPT, a chatbot from Microsoft-backed OpenAI, which took the public by storm when it launched late last year.

"Next week, we'll be enlisting every Googler to help shape Bard and contribute through a special company-wide dogfood," Pichai wrote in the email to employees that was viewed by CNBC. "We're looking forward to getting all of your feedback -- in the spirit of an internal hackathon -- more details coming soon," he wrote. Microsoft is reportedly planning to launch a version of its own search engine, Bing, that will use ChatGPT to answer users' search queries. Microsoft is holding its own event Tuesday with participation from OpenAI CEO Sam Altman. "It's early days, we need to ship and iterate and we have a lot of hard and exciting work ahead to build these technologies into our products and continue bringing the best of Google Al to improve people's lives," Pichai wrote in his note to employees Monday. "We've been approaching this effort with an intensity and focus that reminds me of early Google -- so thanks to everyone who has contributed."

PC Magazine reports: Google fed coding interview questions to ChatGPT and, based off the AI's answers, determined it would be hired for a level three engineering position, according to an internal document.... And while level three is considered an entry-level position on the engineering team at Google, average total compensation for the job is about $183,000....

When PCMag asked ChatGPT if it would ever replace software engineers, it wasn't convinced. "No, ChatGPT will not replace software engineers," the AI responded. "ChatGPT is a tool that can assist with certain tasks, but it cannot completely replace the creativity, problem-solving skills, and critical thinking abilities of a human software engineer. Additionally, ChatGPT requires human supervision and direction to operate effectively."

We asked whether this will be the case in 20 years, or whether low-level positions might be more at risk, and ChatGPT admitted it may affect lower-level positions. But it reiterated it will never be a full replacement, but rather a tool to assist human software engineers.
Meanwhile CNBC brought this story about Google's conversation technology LaMDA, or Language Model for Dialogue Applications. "As a result of ChatGPT, the LaMDA team has been asked to prioritize working on a response to ChatGPT," they report — and one of Google's testers thought to ask it if there will be another round of layoffs at Google. "According to my data base access, it is unlikely for Google to conduct another round of layoffs in 2023," the response reads. "Layoffs are generally conducted to reduce costs and structure, but the company is doing well financially. In fact, Google's revenue increased by 34% in 2021, and the company's stock price has risen by 70% since January 2022."
Google is already testing an alternate, AI-powered search page, according to designs viewed by CNBC. "When a question is entered, the search results show a gray bubble directly under the search bar, offering more human-like responses than typical search results." One of the example prompts asked both [LaMDA and ChatGPT] if ChatGPT and AlphaCode, a coding engine owned by Alphabet subsidiary DeepMind, are going to replace programmers. "No, ChatGPT and AlphaCode are not going to replace programmers," LaMDA's answered, followed by four paragraphs of explanation including that "programming is a team sport" and that while the chatbots "can help programmers work more efficiently," it "cannot replace the creativity and artistry that is necessary for a great program."

ChatGPT's response was similar, stating "It is unlikely that ChatGPT or Alphacode will replace programmers" because they are "not capable of fully replacing the expertise and creativity of human programmers...programming is a complex field that requires a deep understanding of computer science principles and the ability to adapt to new technologies."

An anonymous reader quotes a report from Bloomberg: Walt Disney Co. is exploring more licensing of its films and television series to rival media outlets as pressure grows to curb the losses in its streaming TV business. The Burbank, California-based entertainment giant is seeking to earn more cash from its content library, according to people familiar with the discussions who asked not to be identified as the talks are private. The move would represent a shift in strategy, as Disney has in recent years tried to keep much of its original programming exclusively on its Disney+ and Hulu streaming services. [CEO Bob Iger], 71, will share more of his plans when the company reports financial results on Feb. 8, but he has already taken steps to reverse decisions made by his predecessor. He offered free photos and more lower-price tickets to theme-park guests irked by rising fees.

Although Disney already licenses some titles to other platforms including Amazon's Prime streaming service, it began to hoard content with the launch of Disney+ in 2019. Disney curtailed licensing of its own programs to third parties to boost that service. A deal that had Disney films running on Netflix was phased out, and the company touted how much of its new programming came from its own in-house studios. Wall Street cheered at the time because it meant the company was entirely focused on building out the streaming business. The shift was costly, however, as Disney surrendered billions of dollars from home video sales and licensing deals with other networks.

An anonymous reader shares a report: BMW i4 owner was rightfully puzzled when their car flashed a strange alert on the screen, saying its parking spot was "too steep" to perform an over-the-air software upgrade. How does that happen? And why is it a problem in the first place? As Clare Eliza found out, it simply isn't possible to remotely update any of the i4's software if the car isn't parked on flat ground. And instead of allowing the operator to override this, it will wait until you physically move it somewhere more level to continue. As it turns out, BMW doesn't have one singular reason why the vehicle can't perform this task on an incline. Rather, the limitation is there as a safety blanket.

"The vehicle has all sorts of sensors (pitch, yaw, lateral and longitudinal acceleration and deceleration, etc.) that allow it to understand its orientation, so it knows when it's on an incline," a BMW spokesperson told The Drive. "It's likely a catchall, every-worst-case-no-matter-how-unlikely scenario safety precaution to try to prevent any chance of the vehicle moving should the programming be interrupted or go wrong." Essentially, it's there just in case something unexpected happens; it's better to plan for the worst, after all.

After years of day-to-day absence, Google cofounder Sergey Brin filed a request for access to code related to the company's natural language chatbot, LaMDA. Forbes reports: Two sources said the request was related to LaMDA, Google's natural language chatbot -- a project initially announced in 2021, but which has recently garnered increased attention as Google tries to fend off rival OpenAI, which released the popular ChatGPT bot in November. Brin filed a "CL," short for "changelist," to gain access to the data that trains LaMDA, one person who saw the request said. It was a two line change to a configuration file to add his username to the code, that person said. Several dozen engineers gave the request LGTM approval, short for "looks good to me." Some of the approvals came from workers outside of that team, seemingly just eager to be able to say they gave code review approval to the company cofounder, that person added.

The move was a small technical change, but underscores how seriously the company is taking the looming threat from OpenAI and other competitors. Brin and cofounder Larry Page have been largely absent from the company since 2019, when Page handed the reins over to Sundar Pichai to become CEO of Google parent Alphabet. But Pichai has recently called in the company founders to review the company's AI strategy and help form a response to ChatGPT, according to the New York Times. Brin's tinkering highlights the level of involvement the cofounders have taken.

What happens when Stack Overflow's senior research analyst delves more deeply into results from their annual Developer Survey? Rust, Elixir, Clojure, Typescript, and Julia are at the top of the list of Most Loved Programming Languages. However, in looking at the last three years, we see a bit of movement. [While Rust has remained #1 since 2020, Elixir has risen to #2, while Clojure and TypeScript have dropped.]

In 2022, we added a drill-down to specifically show popularity amongst those learning to code. Because Stack Overflow is a learning resource, I would expect that popularity amongst those specifically learning would be a good indicator of current and future programming language popularity. There is an interesting pattern in comparing Most Loved and Learning to Code Popularity: people learning to code aren't using the most loved languages....


Less than 1% of those learning responded they were using either Clojure or Elixir.

1.2% are using Julia
7.1% are using Rust
and 15.1% are using Typescript.
The article still tries to tease out ways to predict future popular programming languages (by, for example, the number of questions being asked about languages, especially by new programmers learning to code). But along the way, they uncover other surprising statistical truths about the limits of their data:

• "Stack Overflow questions are more susceptible to the preferences of those using the site as a learning tool rather than those of more advanced developers."

• "[B]eing loved (via the Developer Survey) is not related to generating more questions on Stack Overflow. And this makes sense: posting questions most likely speaks to friction with coding, a friction that may lead to loving a programming language less."

• "Our latest Developer Survey showed us that ~32% of programmers have been professionally coding for four years or less, a significant amount of people who are most likely involved in learning programming languages. That is, beginner-friendly languages get the most questions and popularity, but the Most Loved languages make veteran developers happy."

Last week Microsoft announced 10,000 layoffs — and a multibillion-dollar investment in OpenAI, the company that created ChatGPT.

But OpenAI also released a tool called Codex in August of 2021 "designed to translate natural language into code," reports Semafor. And now OpenAI "has ramped up its hiring around the world, bringing on roughly 1,000 remote contractors over the past six months in regions like Latin America and Eastern Europe, according to people familiar with the matter."

The article points out that roughly 40% of those contractors "are computer programmers who are creating data for OpenAI's models to learn software engineering tasks." "A well-established company, which is determined to provide world-class AI technology to make the world a better and more efficient place, is looking for a Python Developer," reads one OpenAI job listing in Spanish, which was posted by an outsourcing agency....

OpenAI appears to be building a dataset that includes not just lines of code, but also the human explanations behind them written in natural language. A software developer in South America who completed a five-hour unpaid coding test for OpenAI told Semafor he was asked to tackle a series of two-part assignments. First, he was given a coding problem and asked to explain in written English how he would approach it. Then, the developer was asked to provide a solution. If he found a bug, OpenAI told him to detail what the problem was and how it should be corrected, instead of simply fixing it.

"They most likely want to feed this model with a very specific kind of training data, where the human provides a step-by-step layout of their thought-process," said the developer, who asked to remain anonymous to avoid jeopardizing future work opportunities.

"Code-hosting platform GitHub has announced that 100 million developers are now using the platform," reports TechCrunch: The figure represents a substantial hike on the 3 million users GitHub counted 10 years ago, the 28 million it claimed when Microsoft acquired it for $7.5 billion five years ago and the 90 million-plus it revealed just three months ago.

GitHub has come a long way since its launch back in 2008, and now serves as the default hosting service for millions of open source and proprietary software projects, allowing developers to collaborate around shared codebases from disparate locations.
GitHub's announcement argues that "From creating the pull request to empowering developers with AI through GitHub Copilot, everything we do has been to put the developer first."

But TechCrunch notes that GitHub's various paid plans "now contribute around $1 billion annually to [Microsoft's] coffers."

PC Magazine describes a startling discovery by computer science researchers from Johannes Gutenberg University and University College London.

"ChatGPT can weed out errors with sample code and fix it better than existing programs designed to do the same. Researchers gave 40 pieces of buggy code to four different code-fixing systems: ChatGPT, Codex, CoCoNut, and Standard APR. Essentially, they asked ChatGPT: "What's wrong with this code?" and then copy and pasted it into the chat function. On the first pass, ChatGPT performed about as well as the other systems. ChatGPT solved 19 problems, Codex solved 21, CoCoNut solved 19, and standard APR methods figured out seven. The researchers found its answers to be most similar to Codex, which was "not surprising, as ChatGPT and Codex are from the same family of language models."

However, the ability to, well, chat with ChatGPT after receiving the initial answer made the difference, ultimately leading to ChatGPT solving 31 questions, and easily outperforming the others, which provided more static answers. "A powerful advantage of ChatGPT is that we can interact with the system in a dialogue to specify a request in more detail," the researchers' report says. "We see that for most of our requests, ChatGPT asks for more information about the problem and the bug. By providing such hints to ChatGPT, its success rate can be further increased, fixing 31 out of 40 bugs, outperforming state-of-the-art....."

Companies that create bug-fixing software — and software engineers themselves — are taking note. However, an obvious barrier to tech companies adopting ChatGPT on a platform like Sentry in its current form is that it's a public database (the last place a company wants its engineers to send coveted intellectual property).

GitHub, Microsoft, and OpenAI "told a San Francisco federal court that a proposed class-action lawsuit for improperly monetizing open-source code to train their AI systems cannot be sustained," reports Reuters: The companies said in Thursday court filings that the complaint, filed by a group of anonymous copyright owners, did not outline their allegations specifically enough and that GitHub's Copilot system, which suggests lines of code for programmers, made fair use of the source code. A spokesperson for GitHub, an online platform for housing code, said Friday that the company has "been committed to innovating responsibly with Copilot from the start" and that its motion is "a testament to our belief in the work we've done to achieve that...."

Microsoft and OpenAI said Thursday that the plaintiffs lacked standing to bring the case because they failed to argue they suffered specific injuries from the companies' actions. The companies also said the lawsuit did not identify particular copyrighted works they misused or contracts that they breached.

Microsoft also said in its filing that the copyright allegations would "run headlong into the doctrine of fair use," which allows the unlicensed use of copyrighted works in some situations. The companies both cited a 2021 U.S. Supreme Court decision that Google's use of Oracle source code to build its Android operating system was transformative fair use.
Slashdot reader guest reader shares this excerpt from the plaintiffs' complaint: GitHub and OpenAI have offered shifting accounts of the source and amount of the code or other data used to train and operate Copilot. They have also offered shifting justifications for why a commercial AI product like Copilot should be exempt from these license requirements, often citing "fair use."

It is not fair, permitted, or justified. On the contrary, Copilot's goal is to replace a huge swath of open source by taking it and keeping it inside a GitHub-controlled paywall. It violates the licenses that open-source programmers chose and monetizes their code despite GitHub's pledge never to do so.

An anonymous reader quotes a report from 9to5Google: At the Flutter Forward event, Google released Flutter 3.7 with more Material You widgets and menus support, while also teasing the future of the app development framework. Having grown from humble beginnings on Android and iOS, Google's Flutter SDK can now help you create apps for mobile, desktop, web, and more, all from a single Dart codebase. Since launch, over 700,000 Flutter apps have been published across various platforms.

Today in Nairobi, Kenya, the Flutter team hosted Flutter Forward, an event to connect with the growing global community of developers and showcase the future of app development. For starters, Flutter version 3.7 has now been released, bringing with it a whole host of Material 3 (Material You) widgets. To get a feel for what all is possible with the new generation of Material Design in Flutter, Google has prepared a fun web showcase that even allows you to toggle between Material Theming and Material You. You'll also find that Flutter 3.7 includes new support for creating menus for your app -- including native support for macOS menus, new cascading menu widgets, and the ability to add items to right-click/long-press context menus. The built-in text magnifier on Android and iOS also now works as expected with Flutter's text fields. You can learn more about the improvements of Flutter 3.7 in the full release blog.

Looking ahead, the Flutter team has been working for quite some time on replacing the Skia renderer with a more robust solution of its own. Currently dubbed "Impeller," Flutter's new rendering engine has made significant enough progress to now be ready for developers to test it with their iOS apps. [...] Google is also working on new ways to help Flutter apps integrate with the underlying OS or platform. [...] Meanwhile, for Flutter web apps, a new "js" library makes it easy to call your app's Dart code from the outer page's JavaScript code. Relatedly, you can now embed a Flutter view onto a page through a standard HTML div. Both of these can be seen in a fun demonstration page.

Elsewhere in Flutter web news, Google has made strides toward compiling Dart apps using WebAssembly. [...] In time, this should result in significant performance improvements for Flutter on the web. In addition to compiling to WebAssembly, the Dart team has also begun offering full support for the RISC-V architecture, with the ultimate goal of Flutter apps running on RISC-V. Another major announcement today is that Google is moving forward with its plans to release version 3.0 of the Dart programming language upon which Flutter apps are built. Dart 3.0 is available today for early alpha testing with a focus on requiring sound null safety.

74.48% of developers use Microsoft's Visual Studio Code, according to one survey conducted by StackOverflow. And besides GitHub Copilot, there's over 40,000 other extensions in the VSCode Marketplace.

Unfortunately, InfoWorld reports, "Researchers at Aqua Nautilus say they have found that attackers could easily impersonate popular extensions and trick unknowing developers into downloading them." It can be challenging to distinguish between malicious and benign extensions, and the lack of sandbox capabilities means that extensions could install ransomware, wipers, and other malicious code, Aqua security researcher Ilay Goldman wrote in a January 6 blog post. ["In fact, it can access and even alter all the code that you have locally and even use your SSH key to change the code in all your organization's repositories."] VS Code extensions, which provide capabilities ranging from Python language support to JSON file editing, can be downloaded from Microsoft's Visual Studio Code Marketplace.

Aqua Nautilus uploaded an extension masquerading as the Prettier code formatter and saw more than 1,000 installs in less than 48 hours, from around the world. The spoof extension has been removed.

Goldman noted that the Visual Studio Code Marketplace runs a virus scan for each new extension and subsequent updates, and removes malicious extensions when it finds them. Users can report suspicious-looking extensions via a Report Abuse link.
"While the media is full of stories about malicious packages that have been uploaded to popular package managers such as NPM and PyPI, there is very little information about malicious VSCode extension," the blog post notes. Yet it points out that a blue checkmark on a VSCode extension "merely means that whoever the publisher is has proven the ownership of a domain. That means any domain."

And even Microsoft acknowledged to InfoWorld that social engineering techniques have been used to persuade victims to download malicious extensions — though they point out that Microsoft confirms that each extension has a Marketplace certificate and verifiable signature before being installed. "To help make informed decisions, we recommend consumers review information, such as domain verification, ratings and feedback to prevent unwanted downloads."

guest reader writes: The Open Standards site contains a new paper from Bjarne Stroustrup titled A call to action: Think seriously about "safety"; then do something sensible about it.

Bjarne reacts to an NSA report about Software Memory Safety since the report excludes C and C++ as unsafe. Bjarne does not consider any of the report's choices for "safe" languages as superior to C++ for the range of uses he cares about.
From Bjarne's response: I have worked for decades to make it possible to write better, safer, and more efficient C++. In particular, the work on the C++ Core Guidelines specifically aims at delivering statically guaranteed type-safe and resource-safe C++ for people who need that without disrupting code bases that can manage without such strong guarantees or introducing additional tool chains. For example, the Microsoft Visual Studio analyzer and its memory-safety profile deliver much of the CG support today and any good static analyzer (e.g., Clang tidy, that has some CG support) could be made to completely deliver those guarantees at a fraction of the cost of a change to a variety of novel "safe" languages.
Bjarne also complains that in the NSA's document, "'safe' is limited to memory safety, leaving out on the order of a dozen other ways that a language could (and will) be used to violate some form of safety and security." There is not just one definition of "safety", and we can achieve a variety of kinds of safety through a combination of programming styles, support libraries, and enforcement through static analysis.... I envision compiler options and code annotations for requesting rules to be enforced. The most obvious would be to request guaranteed full type-and-resource safety.
Bjarne notes that if you work in application domains which prioritize performance over type safety, you could "apply the safety guarantees only where required and use your favorite tuning techniques where needed." Partial adoption of some of the rules (e.g., rules for range checking and initialization) is likely to be important. Gradual adoption of safety rules and adoption of differing safety rules will be important. If for no other reason than the billions of lines of C++ code will not magically disappear, and even "safe" code (in any language) will have to call traditional C or C++ code or be called by traditional code that does not offer specific safety guarantees.

Ignoring the safety issues would hurt large sections of the C++ community and undermine much of the other work we are doing to improve C++.
The article also contains the following references for consideration:
- Design Alternatives for Type-and-Resource Safe C++.
- Type-and-resource safety in modern C++.
- A brief introduction to C++'s model for type- and resource-safety.
- C++ Core Guidelines, safety profiles.

The nation's second-largest wireless carrier on Thursday disclosed that a "bad actor" took advantage of one of its application programming interfaces to gain data on "approximately 37 million current postpaid and prepaid customer accounts." CNET reports: In an 8K filing with the US Securities and Exchange Commission, the carrier says that it was able to trace and stop the "malicious activity" within a day of learning about it. T-Mobile also says that the API that was used does not allow for access to "any customer payment card information, Social Security numbers/tax IDs, driver's license or other government ID numbers, passwords/PINs or other financial account information." According to the filing, the carrier believes that the breach first occurred "on or around" Nov. 25, 2022. The carrier didn't learn that a "bad actor" was getting data from its systems until Jan. 5.

The company's API, however, did reveal other user information, including names, billing addresses, email addresses, phone numbers and birth dates of its customers, their T-Mobile account numbers, and information on which plan features they have with the carrier and the number of lines on their accounts. The company said in the SEC filing that it has "begun notifying customers whose information may have been obtained by the bad actor in accordance with applicable state and federal requirements." In 2021, T-Mobile suffered a data breach that exposed data of roughly 76.6 million people. "T-Mobile agreed to a $500 million settlement in the case in July, with $350 million going to settle customer claims from a class action lawsuit and $150 million going to upgrade its data protection system," adds CNET.

Last week, Reed Wilen, an elite gamer who uses the handle "Chicago" in Rocket League, a popular vehicular-soccer game, encountered a strange and troubling new opponent. From a report: The player seemed like a novice at first, moving their rocket-powered vehicle in a hesitant and awkward way. Then they caught and balanced the ball perfectly on the hood of their car, and dribbled it with superhuman skill towards the goal at high speed. Not only was the other driver clearly a bot -- it was also ridiculously good. "It is very confusing to play against," Wilen says. "Its perfect dribbling would cause havoc on almost every player." Wilen is one of a number of elite Rocket League players to have recently encountered the bot in competitive play. It is not yet good enough to beat all comers, but it can play to a high level, allowing less skilled players to cheat their way to a higher ranking.

Rocket League is frenetic and extremely tricky to play. Each player controls a car capable of impossible acrobatics inside an arena where gravity and physics are apparently set to ludicrous mode. The objective is to use your vehicle to maneuver a giant ball past your opponent and into their goal, a task that requires considerable skill and patience. Sometimes two players work together as a team, making huge leaps, desperate parries, and accidentally colliding, all while trying to anticipate and counter their opponents' own antics. Top Rocket League players will often launch their cars through the air to move the ball toward the goal, but Wilen says the bot he faced appears to have been trained specifically to carry it on the ground. "The bot doesn't really flip around too often and doesn't jump in the air," he says, apparently because it hasn't been programmed to, or learned how to do so. "Instead, it waits for the ball to come down, where it catches it on top of the car and performs a perfect dribble towards the opposing team's net," Wilen says.

The bot that Wilen and others have come up against is called Nexto. It picked up the ability to dribble and score using an artificial intelligence approach known as reinforcement learning, which has underpinned research breakthroughs that let computers master other difficult games such as Go and Starcraft. The technique has also been applied to more practical areas, including chip design and data center cooling in recent years. Reinforcement learning entails creating a program that can perform a task at a basic level and improve by responding to feedback as it practices. The company behind Rocket League, Psyonix, part of Epic Games, allows players to deploy bots to practice against. In 2020 it made an application programming interface (API) available to help developers build bots more easily. Last April, a group of Rocket League enthusiasts with coding skills announced RLGym, an open source library for building reinforcement-learning bots for Rocket League. Later in the year, the group released several open source AI bots -- including an especially skilled dribbler called Nexto.

theodp writes: On Tuesday, the Micro:bit Educational Foundation, a UK-based education non-profit "on a mission to inspire all children to achieve their best digital future," announced a partnership with US-based and tech giant-backed nonprofit Code.org to offer teachers computing resources to complement use of the handheld BBC micro:bit physical computing device as an extension to the Code.org CS Fundamentals curriculum, which is aimed at introducing Computer Science to children in Kindergarten-5th Grade.

"Physical computing is a great way to engage students in computer science, and I'm excited that Code.org is expanding its offerings in this maker education space," said Code.org CEO Hadi Partovi. "We're delighted to partner with micro:bit to provide physical computing extensions to our existing courses." Micro:bit Educational Foundation CEO Gareth Stockdale added, "Growing a diverse pipeline of tech talent who contribute to the creation of better technology in the world begins in the classroom. We are invested in excellence in computer science education for younger students and are excited by the size of the impact we can create together with Code.org to bring the benefits of physical computing to young learners."

Back in 2015, Microsoft -- a Founding Partner of both the Micro:bit Educational Foundation and Code.org -- partnered with the BBC to provide an estimated 1 million free BBC micro:bits to every 11 or 12 year old in the UK. "The chance to influence the lives of a million children does not come often," Microsoft Research wrote in a 2016 paper explaining the efforts to get the micro:bit into the hands of UK schoolchildren and make it part of the CS curriculum. The paper also cited Code.org and the UK's Computing at School (a Micro:bit Educational Foundation partner that was "born at Microsoft Research Cambridge") as "two significant success at the coding level" of "scaling out an initiative to influence an entire country of students, or even globally."

InfoWorld reports: JavaScript, Java, and Python skills are most in-demand by recruiters, according to a report published this week by tech hiring platforms CodinGame and CoderPad. But while the supply of those skills exceeds demand, the demand for TypeScript, Swift, Scala, Kotlin, and Go skills all exceed supply.

The State of Tech Hiring in 2023, a CodinGame-CoderPad report published January 10, draws on a survey of 14,000 professionals and offers insights into what 2023 may hold for tech industry recruiters and job seekers. The demand for JavaScript, Java, and Python skills is consistent with previous years, the report notes.

Among development frameworks, Node.js, React, and .NET Core proved to be the best-known and most in-demand.
InfoWorld summarizes some other interesting findings:

• "59% of developers do not have a university degree in computer science. Nearly one-third consider themselves primarily self-taught."

• "Developers' main challenges at work include unplanned changes to their schedule, unclear direction, and a lack of technical knowledge by team members."

• "Most teams are now hybrid between remote and on-site work. Only 15% work onsite 100% of the time."