2016 week 46 in programming

Programmers are having a huge discussion about the unethical and illegal things they’ve been asked to do

Dozens of people have already been killed by faulty software in cars, while hundreds of people have been killed from faulty software during air travel. Martin pointed out, “The weird thing is, it was software developers who wrote that code. It was us. Some programmers wrote cheating code. Do you think they knew? I think they probably knew.” Sourour’s “Ashamed” post went viral on Hacker News and Reddit and it unleashed a long list of confessions from programmers about the unethical and, sometimes, illegal things they’ve been asked to do. Programmers then wrote scripts to help the company’s salespeople target these people. Now, he says, these same programmers are “Working on startups that scoop up massive amounts of people’s location data.” Another programmer was hired to write software for a radio device and was asked to make it use channels reserved for emergency services because this would make the device operate faster. He warned, if programmers don’t start to govern themselves, after that apocalypse event that kills thousands of people occurs, legislators will do it for them, dictating everything about their jobs, down to the languages they are allowed to use.

The code I’m still ashamed of

If you write code for a living, there’s a chance that at some point in your career, someone will ask you to code something a little deceitful - if not outright unethical. In Canada, there are strict limits on how pharmaceutical companies can advertise prescription drugs directly to consumers. As a result, these companies would create websites that present general information about whatever symptoms their drugs were meant to address. In the end, I understood that the real purpose of the site was to push a particular drug. We had discovered while working on the project that she had actually been prescribed the very drug I was building a site for. Still, I’ve never felt okay about writing that code. It’s not hard to imagine them recommending prescription drugs soon, too.

Microsoft joins The Linux Foundation as a Platinum member

At its Connect(); 2016 developer event in New York City today, Microsoft announced it is joining The Linux Foundation. Microsoft already contributes to several of its projects, including Node.js Foundation, OpenDaylight, Open Container Initiative, R Consortium, and Open API Initiative. “Microsoft has grown and matured in its use of and contributions to open-source technology,” The Linux Foundation executive director Jim Zemlin said in a statement. “The company has become an enthusiastic supporter of Linux and of open-source and a very active member of many important projects. Membership is an important step for Microsoft, but also for the open-source community at large, which stands to benefit from the company’s expanding range of contributions.” We interviewed Zemlin, who was excited to elaborate on the news, noting that The Linux Foundation and Microsoft started conversations about membership earlier this year. Microsoft naturally stands to benefit as well, and not just in terms of PR. In addition to Microsoft taking an active role in making the organization better, membership means the company can better collaborate with the open-source community to improve mobile and cloud technology that millions rely on. “The Linux Foundation is home not only to Linux, but many of the community’s most innovative open-source projects. We are excited to join The Linux Foundation and partner with the community to help developers capitalize on the shift to intelligent cloud and mobile experiences.”

To Learn Programming, Do Projects You Actually Care About

Data Rebellion is all about getting your programming abilities to the point of usefulness as quickly as possible. Now, a majority of the time the fate of the planet won’t depend on your latest Python project. Have you ever had the experience where you start a course and get through the first few lectures, only to forget about it the next week? Or download an ebook and never get around to opening it? Or get bored of artificial exercises? Or lose interest in a project you know isn’t really useful to you or that you don’t truly care about? Personally, I’ve lost count of all the things I’ve started and never finished. Sounds kind of pathetic, doesn’t it? But at that point I was starting to get a feel for the language, and I came up with a personal project I was genuinely interested in: writing a program that composed music. It didn’t win any Grammy’s, but going through the entire process of envisioning an ambitious project, methodically working through it, and ending with an actual working product brought me to a whole new level in programming, more so than any course or ebook ever did. So if you’re in the beginning-to-intermediate stages of your programming journey, here’s my suggestion to you: find a need or passion of yours that you think might just be possible to address with code and start working on it ASAP. Here’s a list of projects to jump-start your thinking. If you can’t see exactly how to get from point A to point B, good! That means you’re going to learn something along the way.

8 million GitHub profiles were leaked from GeekedIn’s MongoDB

I wasn’t aware of any implementation within GitHub that publicly exposed this information for the purpose of mass consumption, and frankly, by now it was starting to smell a bit bad…. Last thing before I start talking about disclosure: when I analysed the data set I found almost 8.2 million unique email addresses. Moving on, given what I’d seen thus far I decided to reach out to GitHub directly as it was their data that was involved here, even if it was leaked from another service. Particularly if data was circulating among traders, there was every chance people would start popping up and saying “Hey, I’ve got the GitHub data breach”. Third parties frequently scrape public GitHub data for various reasons, such as research or archival purposes. It is wrong, not just the scraping of GitHub in the first place in order to commercialise our information, but then subsequently losing it via a MongoDB with no password and now having it float around the web in data breach trading circles. No, it shouldn’t have been aggregated en masse and no, it definitely shouldn’t have been leaked, but it is data that on a per-individual basis you can go and retrieve from anyone’s GitHub profile. That’s it! Once again, you’re only going to show up here if your email address was successfully pulled from GitHub, but I hope it’s useful for the million plus people whose data was exposed somewhere they never expected it to be.

Introduction to Machine Learning for developers

Today’s developers often hear about leveraging machine learning algorithms in order to build more intelligent applications, but many don’t know where to start. One of the most important aspects of developing smart applications is to understand the underlying machine learning models, even if you aren’t the person building them. Machine learning studies computer algorithms for learning to do stuff. Machine learning is about learning to do better in the future based on what was experienced in the past. The two main types of machine learning algorithms are supervised and unsupervised learning. Pandas is a Python library that uses data frames such as R. While it slow to use in production, Pandas is a favorite in using for data analysis and machine learning in a Python environment. Scikit-learn is another favorite Python library and is a great place to find machine learning models with tutorials and documentation that have been vetted by many Python developers.

Google joins .NET Foundation

NET Foundation, the open-source organization Microsoft established to guide the future development of the. NET Foundation, where it joins the likes of Red Hat, Unity, Samsung JetBrains and Microsoft in the Technical Steering Group. NET applications thanks to its support for Windows Server, and offers. NET by launching support for it on its Tizen platform. As Samsung’s Hong-Seok Kim told me, Samsung was looking for a framework in addition to the web framework and C API that Tizen developers currently use to write their applications. “We looked into alternatives but.NET was superior,” he said and noted that Samsung was looking for a framework with a strong foundation in terms of language support, APIs and tooling, as well as one with a large built-in developer base and open-source community. NET’s existing ecosystem, Samsung surely hopes that this move will also broaden its own Tizen developer ecosystem.

How We Make Money at Stack Overflow: 2016 Edition

The more companies and developers we have, the better and faster the matching we can do with developers and hopefully their dream jobs. I helped build this because I think it’s an awesome way we can improve life over resumes and CVs. It helps developers show off who they are, the things they do, and in an approachable way that’s maintainable. While we’d love to help match you to a perfect company, we built both Jobs and Developer Story to support our core mission of serving ALL developers, including those of you who just don’t care about job searching right now. We’re working to change how companies treat developers not only through the standards built into Jobs, but also through our Developer Hiring Blog, which we created for the express purpose of improving employer and recruiter practices. With Developer Story, we want to change the perception that developers are only as good as their last gig or a title. We’re going to spend more time developing Stack Overflow Enterprise. We are in the process of sending out an email now announcing Developer Story to the larger community in the hopes that we can help some percentage of developers.

Glacially Slow IP Over QR Code Tunnel!

This time I wanted to send data using your monitor and a webcam, but how could I send data reliably without too much work? QR Code! So the idea this time is to use a tun device, read packets from it, convert to QR Code and display on screen. First, you need some way to acknowledge that the other side read my message, so I added a simple header of the form SEQ/ACK where I increment the sequence with each new qrcode and increment the acknowledge when I successfully read the other sides qr code. QR Codes support a binary mode, but this is the least efficient and decided to instead use alphanumeric and base32 encode the packet data. Base64 would not work because the QR Code in this mode only supports uppercase letters. Next was an issue were the library I used to encode the data, qrtools, would generate a qr code, but the data would not be the same when decoding! So I fixed this by detecting this, then adding some padding to the data and trying again until it works, then strip the padding off on the other side. To maintain my sanity during testing, I was able to run the code in a docker container for the remote side, and instead of using webcam, just pass the qr code image file in a volume mount. Speeeeeeed! Only rewrite qrcode when new data is available pack as much data into a qrcode as possible cleanup code, fix syn/ack to avoid packet dups better detection library? Get a better camera for the laptop? Non-vertical youtube videos 🙂. Related.

How to calculate a nation state’s election result in your bedroom

With this in mind, on July 11 - a week after the election itself - I started hacking away on some code to compute the election result from the CSV files published on the AEC’s website. STV what now?The Australian senate uses a proportional representation system called single transferable vote which allows voters to specify several candidates they’d like to vote for in order of least to most evil. If your first choice doesn’t get enough votes to be elected, your vote is transferred to your second, and so on, until either you run out of people you can bring yourself to vote for, or all the available spots in the senate are filled. The ballot parsing is the most nuanced, as we have to enforce rules about the number of candidates each voter has to specify, and decide which vote to count if someone has voted both above the line and below the line. Although it’s tempting to represent these fractions as floating point numbers, this will result in an inevitable loss of accuracy, which could throw the whole election result off. Interestingly, the result of the 2016 election seems reasonably stable with respect to minor alterations of the algorithm and ballot validation rules. Are voting errors uniformly distributed across political allegiances? If not, could the AEC tweak the validation rules to alter the result? Does rounding favour small or large parties? Would we better off paying the computational price to use an exact algorithm with no rounding at all?Pretty graphs related to either of the above.

Elasticsearch: Adventures in scaling a multitenant platform

Our previous production platform assigned each store to a single shard, in a single index. With limited information available at the time of implementation and without a reasonably defined set of product requirements, the hypothesis was that it would be faster for Elasticsearch to only have to query a single shard rather than broadcasting the query over the entire cluster of up to 60+ shards. Stores with big catalogs could create shards upto 150GB Unbalanced shards, data is not distributed evenly over all shards Massive shards take a significant amount of time to relocate when the index is re-sharded Massive shards cause heap stress resulting in heavy Garbage Collection and stop the world events Routed index causes nodes with big shards to get “Hot” Often seen during traffic bursts and site crawling Causes poor responses times for other stores on shards on those nodes Causes GC pauses on nodes. Must be scalable to allow faceted search for all stores Should limit shard sizes to <50GB Should limit JVM heap size to around 16GB Must be able to meet and exceed current and historical load from current platform Should stick to Elasticsearch default configurations as much as possible, the fewer tweaks the better. Using shard allocation filtering, we can create multiple indexes and assign their shards to particular nodes, essentially creating small clusters within the overall larger cluster. Having fewer shards increases the performance, seemingly regardless of the number of shards. So now to find the documents for any given store, we only need to query 8 shards so we only have to wait for those 8 shards to be searched.

MSSQL Sever for Linux runs on user-mode NT kernel library

In March, when Microsoft announced plans to release SQL Server for Linux, Scott Guthrie, EVP of Microsoft’s cloud and enterprise group, said, “This will enable SQL Server to deliver a consistent data platform across Windows Server and Linux, as well as on-premises and cloud.” The release of the first public preview of SQL Server for Linux on Wednesday reveals just how consistent that platform is: It’s the Windows version of SQL Server running on the Windows NT kernel as a guest app, more or less. Microsoft could have ported SQL Server to run as a native Linux application. SQL Server for Linux runs atop a Drawbridge Windows library OS - a user-mode NT kernel - within a secure container called a picoprocess that communicates with the host Linux operating system through the Drawbridge application binary interface. In other words, Microsoft’s SQL Server for Linux is really the Windows SQL Server executable with a small Windows 8 kernel glued underneath, all running in a normal Linux process. In theory, Microsoft can use this technology to bring its other Windows server applications to Linux with minimal changes, using SQL Server as a starting point. Where once Linux was a cancer to Microsoft, now Windows is growing inside of Linux.

How to easily modify regular expressions someone else wrote

When confronted with a problem, think “I know, I’ll use regular expressions.” Now they have two problems. I’m not completely sure where I stand as to the universal utility of regular expressions, but I did meet with a problem recently with the markdown parser that our team was using on a project. As I needed an immediate fix, I went to the source, soon finding myself amidst regular expressions like the following. Then I remembered having seen a service called regexper.com, a site that helps turn regular expression strings into something like this. Anyway, this was how the regular expression turned out for me. Regular expressions that were once hard to describe using only words, with the help of imaging, are now much easier to express and understand. Satisfied with the results, and since I was on the subject, I thought I’d apply “Regexper” on all the regular expressions that showed up in the “Marked” module I was working with.

How to write an object oriented program that doesn’t suck

I have seen many computer programmers proudly proclaim “Yup, I designed my code in an object oriented way - I have defined my data members as private, they can be only accessed through public methods - I have created base classes and sub-classes that follow a hierarchy - I have created virtual methods in the base class that shares common behavior that can be used in derived classes.” Is that what object orientation is all about? There is definitely more to it. Now the Account class has the flexibility to delegate the logging activity to the Logger class and it can focus only on Account related activities. Can we try extending the code by adding a new class whenever a new account type needs to be added and inherit it from Account class? By doing so, we are not only abstracting the Account class but also allowing it to share common behavior across it’s child classes. The OnlineAccount class will only implement IProcessInterest while the Account class will implement both IProcessInterest and IWithdrawable. Let’s go back to the first issue we resolved where we added Logger class to delegate the responsibility of logging from Account class. We are again violating the Account class by giving more responsibility to decide which instance of the Logging class to be created. It is not the job of Account class to decide on object creation for logging.

New Google AI Experiment - Quick Draw - Have Google’s Neural Network guess your doodles

You draw, and a neural network tries to guess what you’re drawing. The more you play with it, the more it will learn. It’s just one example of how you can use machine learning in fun ways.

Powershell to replace CMD as windows default shell (Inside 14971)

Today we are excited to be releasing Windows 10 Insider Preview Build 14971 for PC to Windows Insiders in the Fast ring. Read EPUB books in Microsoft Edge: The reading experience will get even better with the Windows 10 Creators Update! In addition to providing a great reading experience for PDF files - you can now read any unprotected e-book in the EPUB file format with Microsoft Edge. Bringing 3D to Everyone via the Paint 3D Preview app: Starting with this build and going forward, the Paint 3D Preview app is now included as part of Windows 10. Remix 3D Preview, the community counterpart to Paint 3D Preview, is expanding to Austria, Belgium, Denmark, Germany, Ireland, Netherlands, Norway, Sweden, and Switzerland for Windows Insiders today! Remix 3D Preview is currently only available in English but we will continue to expand our region and language support. For those who prefer to use Command Prompt, you can opt out of the WIN + X change by opening Settings > Personalization > Taskbar, and turning “Replace Command Prompt with Windows PowerShell in the menu when I right-click the Start button or press Windows key+X” to “Off”. As we have previously announced we are working on the Windows Holographic Shell that is going to be included in the upcoming Windows 10 Creators Update. We love seeing our Windows Insiders organize #WINsiders4Good events on their own! This is exactly why we created the DIY kit and we love seeing you all use it to build relationships and solve problems in your communities.

Grace Hopper posthumously awarded Presidential Medal of Freedom

The Presidential Medal of Freedom is the Nation’s highest civilian honor, presented to individuals who have made especially meritorious contributions to the security or national interests of the United States, to world peace, or to cultural or other significant public or private endeavors. The awards will be presented at the White House on November 22nd. President Obama said, “The Presidential Medal of Freedom is not just our nation’s highest civilian honor - it’s a tribute to the idea that all of us, no matter where we come from, have the opportunity to change this country for the better. From scientists, philanthropists, and public servants to activists, athletes, and artists, these 21 individuals have helped push America forward, inspiring millions of people around the world along the way.” He has been nominated for the Academy Award for Best Actor in a Leading Role five times, and received the award for his work in Philadelphia and Forrest Gump. During his career, he won six championships, five Most Valuable Player awards, and appeared in 14 All-Star games. Diana Ross is an Academy Award nominee, inductee into the Rock & Roll Hall of Fame, and recipient of the Grammy Awards highest honor, the Lifetime Achievement Award. She has won two Emmy Awards and a Tony Award, and is known for her performances in Sounder, The Autobiography of Miss Jane Pittman, and The Help. In 2013, she returned to the stage with The Trip to the Bountiful, and was awarded the Tony Award for best leading actress.

Amazon to drop dreaded stack-ranking performance reviews

“We’re launching a new annual review process next year that is radically simplified and focuses on our employees’ strengths, not the absence of weaknesses,” Amazon spokeswoman Teal Pennebaker said. The changes, first reported by tech news site GeekWire and set to become effective in 2017, make Amazon the latest tech firm to abandon the dreaded stack-ranking system. On Friday, several “Affinity groups” within Amazon wrote to Bezos expressing concern about members feeling “Undeservingly pulled into the spotlight” of racial and gender controversy during the heated campaign. Bezos replied on Sunday saying that diversity is a core Amazon principle. In the case of Amazon, the regime has generated some unrest. At a website dubbed “The Former And Current Employees of Amazon,” where Amazonians can post anonymous accounts of their complaints with the company, “Performance Reviews” is one of the most popular categories. Bloomquist, the recruiter, said that phasing out stack ranking could boost Amazon’s competitiveness as an employer as others try to encroach on its talent.

So Finally, New Features in C# 7.0

Unless this has changed in the release version than it seems there is a mistake within pattern matching example where the variable ‘i’ is used outside its if level scope. If the pattern appears in the condition of an if statement, its scope is the condition and controlled statement of the if statement, but not its else clause. If this is correct than the i variable should not be in scope after the if.

The Balanced Ternary Machines of Soviet Russia

“Perhaps the prettiest number system of all is the balanced ternary notation” - Donald E. Knuth, The Art of Computer Programming, Vol. Enter Setun, a balanced ternary computer developed in 1958 by a small team led by Nikolay Brusentsov at the Moscow State University. In its balanced form, we can think of the ternary values as being “Balanced” around the mid-point of 0. In balanced ternary, as we’re about to discover, to represent the inverse of a number we simply have to swap all +'s with -‘s and vice versa. The development of balanced ternary machines has all but faded into a small footnote in the annals of computer history. For the moment at least, I don’t think that you’ll be hearing much more about balanced ternary computers in the near future. Although Setun was the first electronic device to operate on balanced ternary, it’s worth mentioning that the idea of using balanced ternary in computing devices was first popularized over 100 years before.

Jāas: JavaScript as a Service

Jāas abstracts away the abstractions created by JavaScript libraries, frameworks, toolchains, compilers, and linters so you can enjoy the benefits of being on the bleeding edge without having to learn about them. You can write JavaScript like it’s 1998, and Jāas will turn it into modern type-safe, modular, and maintainable JavaScript that uses the hottest new libraries to accomplish the same thing.

What is “:-!!” in C code?

Another common mechanism is to call a function that isn’t defined and rely on the optimizer to compile-out the function call if your assertion is correct. In sympathy for the need for compile-time assertions, GCC 4.3 introduced the the error function attribute that allows you to extend upon this older concept, but generate a compile-time error with a message of your choosing - no more cryptic “Negative sized array” error messages! This macro will evaluate its parameter exactly once and create a compile-time error that says “I told you not to give me a five!” if the expression evaluates to five or is not a compile-time constant. So why aren’t we using this instead of negative-sized bit-fields? Alas, there are currently many restrictions of the use of statement expressions, including their use as constant initializers even if the statement expression is completely constant its self test). Hopefully, GCC will amend these shortcomings soon and allow constant statement expressions to be used as constant initializers. The challenge here is the language specification defining what is a legal constant expression. So I hope that gcc can make a constexpr functionality available as an extension via -std=gnuc99 & -std=gnuc11 or some such and allow its use on statement expressions et.

Google Cloud is 50% cheaper than AWS

Either way, the Google entry-level instance is significantly cheaper than both AWS entry-level instances. All Google instances have significantly faster network than the equivalent AWS instances, to the point where they’re not even playing in the same league. Google is cheaper per CPU. Google CPU instances have half the memory of AWS CPU instances. Google memory instances have 15% less memory than AWS CPU instances. AWS forces you to buy a big instance to get enough SSD space whereas Google allows you to attach a SSD to a small instance. Only a very particular instance can fulfil the requirements, it comes with many cores and 4800 GB of unnecessary local SSD. The AWS bill is $4k higher than the equivalent setup on Google Cloud. We could recreate any instance from AWS on Google Cloud.

Do not change Linux files using Windows apps and tools

DO NOT, under ANY circumstances, create and/or modify Linux files using Windows apps, tools, scripts, consoles, etc. Creating/changing Linux files from Windows will likely result in data corruption and/or damage your Linux environment requiring you to uninstall & reinstall your distro! If WSL can’t find Linux file metadata for a given file, it assumes the file is corrupted/damaged, and will likely fail to open/read the file correctly, causing apps, tools, etc. Several Windows tools implement different strategies to handle file updating and don’t actually edit files in-place. To work on files using both Windows and Linux tools, store & work on those files in your Windows filesystem, and access them from both Windows and from Bash via /mnt//path. So you can easily access the same files using both Windows tools and Bash tools without having to copy files back and forth between filesystems. DO store files in your Windows filesystem that you want to create/modify using Windows tools AND Linux tools DO NOT create / modify Linux files from Windows apps, tools, scripts or consoles.

OpenGL Renderer Design (how I write OpenGL these days)

In a typical renderer, you might have a table of all the materials, a table of all the meshes, a table of all the instances of meshes, a table of all the cameras, and etc. The specifics of these tables depends on your project, so if you’re doing a skeletal animation project you would also have a table of the skeletons, instances of skeletons, and so on. Table usually have a “Primary key”, which can be used to identify each object in the table uniquely, and can also be used to efficiently lookup the object. Each mesh instance would then have a foreign key to the mesh table, and a foreign key to the transform table. I should point out that since my Scene class is implemented only in terms of plain OpenGL objects, that makes it easy for anybody to write an OpenGL renderer that reads the contents of the tables and renders them in whatever way they see fit. You might have a table for all the transforms, a table for mesh instances, and a table for meshes. To support relative transformations, I suggest creating a new table that stores the edges of the transformation tree, meaning each object in the table stores the foreign keys of two transforms: The parent and the child.

comments powered by Disqus