Edymtt

Zach Holman discusses the various stumbling blocks GitHub encountered as the company grew over the years. By Zach Holman

Crista Lopes writes a program in multiple styles -monolithic/OOP/continuations/relational/Pub-Sub/Monads/AOP/Map-reduce- showing the value of using more than a style in large scale systems. By Crista Lopes

Mitchel Sellers introduces .NET 4.5 Async, showing how to use it by means of examples. By Mitchel Sellers

Dennis Fisher talks with Jeremiah Grossman of WhiteHat Security about the company’s new Aviator browser, which employees have used for years, but the company just released as a public project.

http://threatpost.com/files/2013/10/digital_underground_130.mp3

digital_underground_130.mp3

Continuous delivery integrates many practices that in their totality might seem daunting. But starting with a few basic steps brings immediate benefits. Here's how.

Want to start a unique and truly useful open-source project? These three guidelines on choosing wisely will get you there.

This is part one, out of 5, focusing on the built-in Developer Tools in Firefox, their features and where we are now with them. The intention is to show you all the possibilities available, the progress and what we are aiming for.

Firefox 4 saw the launch of the Web Console, the first of the new developer tools built into Firefox. Since then we’ve been adding more capabilities to the developer tools, which now perform a wide range of functions and can be used to debug and analyze web applications on desktop Firefox, Firefox OS, and Firefox for Android.

This is the first in a series of posts in which we’ll look at where the developer tools have got to since Firefox 4. We’ll present each tool in a short screencast, then wrap things up with a couple of screencasts illustrating specific workflow patterns that should help you get the most of the developer tools. These will include scenarios such as mobile development, and altering and debugging CSS based applications, etc.

In this first post we present the latest Web Console and JavaScript Debugger.

Web Console

The Web Console is primarily used to display information associated with the currently loaded web page. This includes HTML, CSS, JavaScript, and Security warnings and errors. In addition network requests are displayed and the console indicates whether they succeeded or failed. When warnings and errors are detected the Web Console also offers a link to the line of code which caused the problem. Often the Web Console is the first stop in debugging a Web Application that is not performing correctly.

The Web Console also lets you execute JavaScript within the context of the page. This means you can inspect objects defined by the page, execute functions within the scope of the page, and access specific elements using CSS selectors. The following screencast presents an overview of the Web Console’s features.

Take a look at the MDN Web Console documentation for more information.

JavaScript Debugger

The JavaScript Debugger is used for debugging and refining JavaScript that your Web Application is currently using. The Debugger can be used to debug code running in Firefox OS and Firefox for Android, as well as Firefox Desktop. It’s a full-featured debugger providing watch expressions, scoped variables, breakpoints, conditional expressions, step-through, step-over and run to end functionality. In addition you can change the values of variables at run time while the debugger has paused your application.

The following screencast illustrates some of the features of the JavaScript Debugger.

For more information on the JavaScript Debugger, see the MDN Debugger documentation.

Learn More

These screencasts give a quick introduction to the main features of these tools. For the full details on all of the developer tools, check out the full MDN Tools documentation.

Coming Up

In the next post in this series we will be delving into the Style Editor and the Scratchpad. Please give us your feedback on what features you would like to see explained in more detail within the comments.

Charles Bailey takes a look at Git Index’s internals, explaining why it is used, what and how is stored in it, and what operations can be used against it. By Charles Bailey

Having a solid grasp of the fundamentals of systems development provides programmers with crucial concepts that that serve them regardless of their day-to-day development tasks. One of the highly regarded books in this field is Advanced Programming in the UNIX Environment. Now in its 3rd edition, coauthor Stephen Rago speaks with InfoQ about the book. By Jeff Martin

If you haven’t heard, Apple unveiled two new iterations of the iPhone at one of the Cupertino company’s typically grandiose product events yesterday. As usual, there was plenty of hype to go around, but the biggest change as far as security is concerned is the addition of a fingerprint scanner on the high-end new iPhone 5S.

Biometric authentication as a replacement for passwords has been the talk of the town for years, mainly because good passwords are hard to remember, so people just create bad ones (or just one bad one) that are easy to guess. No biometric form factor is more well-known and widely deployed than the fingerprint scanner. Apple is by no means the first computer company to put a fingerprint reader on a device. Laptop makers dabbled with the idea here and there throughout the 2000s. The practice never really caught on, but the popularity of the iPhone promises to bring the fingerprint reader to the public like never before.

Assuming it works, the real question is this: Will fingerprint-based verification be more secure than passwords? The answer appears to be a wholly unsatisfying maybe.

In a Wired op-ed yesterday, famed cryptographer Bruce Schneier said that “fingerprint authentication is a good balance between convenience and security for a mobile device.” However, he pointed out that the devices have a long history of vulnerabilities. A solid photocopy is enough to trick some of these things, he wrote, while better scanners will examine fingerprint ridges, pores, heat, and pulses and are therefore more reliable. In the end, Schneier reasons that an attacker could reasonably compromise the fingerprint scanner on an iPhone. He also expressed concern about the possibility that Apple may maintain a centralized database of fingerprints, though most of the reporting on this seems to indicate that the fingerprint storage will take place locally, in an encrypted format inside a hidden file on the iPhone itself.

In an NPR report yesterday, Charlie Miller, a well-known Apple hacker and security researcher who has found several iOS bugs, seemed pretty underwhelmed by the security implications of Apple’s new fingerprint scanner. He said it would be possible to reverse-engineer the encrypted fingerprint hash in order to ascertain a plain-text copy of the fingerprint and suggested that the scanner may make iPhones even easier to break into.

“They are not going to do away with the pass code entirely,” Miller told NPR security and privacy reporter, Steve Henn. “So, really, by creating another way to unlock the phone they have created another access point for a hacker to try and exploit.”

As is generally the case with Apple products, the detractors and the proponents are in equal supply. Rich Mogull, a security analyst and the CEO of Securosis, explained in a Macworld article yesterday that there are two types of fingerprint readers: optical readers that merely take a picture of you fingerprint and capacitance readers that actually measure the electrical conductivity of the ridges on your fingers and use those measurements in order to create an image of the user’s fingerprint. The iPhone 5S uses the latter.

Ultimately, Mogull acknowledges (as did Schneier for that matter) that fingerprints are somewhat inherently insecure because – unlike a cryptographic key or password – they are unchangeable. Once a fingerprint is stolen, it is stolen forever. Despite this, Mogull argues that the fingerprint is a vast improvement on the four-digit passcode, and claims it could have serious implications as mobile devices are increasingly used as tokens to access other services and devices.

Phil Dunkelberger, the CEO of Nok Nok Labs, a firm that specializes in authentication (and is also a founding member of the FIDO Alliance), penned a blog on the Nok Nok Labs website yesterday singing praises to Apple for bringing simple but strong security to the masses.

“Apple now has an embedded Fingerprint Sensor (FPS) that it can use to bind a user and a device, reducing the risk of fraud and improving the customer experience within the Apple walled ecosystem,” he wrote.

It remains to be seen how secure the iPhone 5S fingerprint scanner will be, but the good news is that a user’s fingerprint will only be good to access the iPhone itself. In order to access iCloud, App Store, and other Apple services that are reachable from multiple devices that don’t have such scanners, users must still enter a password or phrase.

Apple primed itself to implement new authentication measures into its products when it acquired the biometric authentication company AuthenTec last year.

Robin Johnson discusses using a data management model for games that can be scaled, and the bottlenecks and challenges met by OMGPOP scaling to millions of users. By Robin Johnson

Earlier this year I gave a keynote at the Goto conference in Amsterdam. It’s now up on YouTube. As usual it follows my ‘Software Design in the 21st Century’ template with a pair of short talks. I begin with talking about Schemaless data structures, explaining why there is always an implicit schema and the consequences of that. Second up I talk about the essence of agile software development and the agile fluency model.

Mary considered retirement 1998, but instead found herself managing a government software project where she first encountered the word "waterfall". When Mary compared her experience in successful software and product development to the prevailing opinions about how to manage software projects, she decided the time had come for a new paradigm. By Mary Poppendieck

Sony is planning a film version of PlayStation-exclusive racing series Gran Turismo.

The Social Network and Fifty Shades of Grey producers Mike de Luca and Dana Brunetti have signed on to the project, movie site The Wrap reported, which will somehow be based on Sony's popular driving simulator.

70 million Gran Turismo games have been sold thus far, making the brand name itself an attractive prospect.

Read more…

Software Engineer – (Mobile & Tablet Development Tooling)

As a software engineer at Nomad, you’ll design, build, and maintain software for cross-platform mobile and tablet developers across the globe. This work will include desktop and web applications, and plenty of DevOps work: APIs, builds, dashboards and libraries. You’ll empathise with both your users and your team; this means considering how users will use our software, and how the team will use your code. You appreciate that building great products is not exclusively about writing great code – it’s much harder!

Engineering @ Nomad

• Nomad is a service for building hybrid cross-platform mobile and tablet applications
• Engineering is at the centre of everything we do
• Product teams are autonomous and agile
• We work with a wide range of platforms and technologies including: PhoneGap/Cordova, .NET, HTML5, JavaScript, CSS, Ruby, WPF, Azure, EC2, Linux, OSX, iOS, Android

Requirements

• Experience building and maintaining products with real-world usage
• Opinions about good and bad products, and the ability to justify them
• Side projects that separate you from your peers

Package

• A great benefits package
• You’ll work about 40 hours per week, with flexible work time
• Salary is £35,000 – £55,000, depending upon experience

About Red Gate Software

Red Gate makes ingeniously simple software used by 650,000 IT professionals who work with SQL Server, Azure, .NET, and Oracle. More than 100,000 companies use our products, including 93% of the Fortune 100.

Our philosophy is to design highly usable, reliable tools which elegantly solve the problems that developers and database administrators face every day. We focus on software for database delivery, data management, and insight into how code performs, and many of our tools are the industry-standards in these areas.

We employ about 300 people in Cambridge, Pasadena, and Singapore, and we’ve been repeatedly recognised as one of the UK’s best workplaces.

Sven Efftinge keynotes on the history, the current status and the future of code generation tools and techniques. By Sven Efftinge

Robbie Clutton takes a look at the tools assisting a startup in making technical decisions needed for scaling and growing. By Robbie Clutton

DeviceGuru writes "Linaro has just published videos and slides from keynotes, technical presentations, and panel discussions at last week's Linaro Connect Europe 2013 event held in Dublin, Ireland. Linaro is a nonprofit organization focused on consolidating and optimizing open source software for the ARM architecture, including the GCC toolchain, the Linux kernel, ARM power management, graphics and multimedia interfaces. The conference's sessions spanned a wide range of topics, including Android, Builds and Baselines, Enterprise, Graphics and Multimedia, Linux Kernel, Network, Project Management Tools, Training, and more." The list of videos, hosted on Youtube and many with slides available.

Read more of this story at Slashdot.

Anders Hejlsberg and Charles Torre talked about a future version of C#, version 6.0, at Windows Build 2013.  http://channel9.msdn.com/Events/Build/2013/9-006 (34:30)

Visual Studio 2013 is the minor release version in an annual major/minor release cycle. The version of .NET included in VS  2013 is 4.5.1 which is an in-place upgrade of version 4.5. Major changes are expected for Visual Studio 2014 and .NET 5.0.

C# 6.0 will feature an all new C#-based compiler based on Roslyn, which will be released with VS 2014. Roslyn is currently available as a community technology preview, which opens up new compiler services for third parties. The C# team aims to make Roslyn as close to the performance of the native compiler as possible (within a factor of 2 during development and better on release), and, in some cases, Roslyn already outperforms the native compiler due to a more modern immutable AST architecture that supports parallel compilation. The immutable AST architecture is detailed in a recently filed patent.

Roslyn will enable C# to innovate faster due to a better designed codebase in a more productive language. This is good news, because languages like Scala, F#, D, and arguably C++ are currently innovating at a faster pace than C# and Java.

Anders stated that a number of frequently requested features are already being introduced into the new compiler. One of these features includes succinct syntax for class definitions, such as those found in Scala and F#. This feature may have already been introduced in TypeScript, with which C# has been exchanging design ideas. In TypeScript, properties can be declared directly from the constructor.

class Engine implements IEngine {
    constructor(public horsePower: number, public engineType: string) { }
 }

TypeScript/Javascript will not be replacing C# and is not a substantial diversion from Anders’s “day job,” which remains C#. A transcribed excerpt of the video interview is included here:

Charles: We noticed that there were a lot of questions about C# and Roslyn. So now Anders has kindly agreed to hangout for a little while longer and we will get to some of your questions. Right off the bat, Max wants to know if there will be another version of C# in Visual Studio 2013.

Anders: We switched to a much faster cadence. So that release will be... And we are targeting for Roslyn the next one after. We are going to start previewing Roslyn as soon as we can, because we are actually now at a point where we can. The Roslyn compilers are done and we are compiling pretty much all the managed code we can find in-house and externally. Literally we code-scraped CodePlex and Github. We keep finding little issues.

We have a very high level of stability at this point and we are working on the language services and its all finally getting there.

---

Charles: So, Al nice to see you again. As Anders just said, we are not going to ship in 2013, but you will probably see a preview in some point in time before 2015.

Anders: The sooner the better.

---

Charles: Shaggy wants to know of any new updates of Roslyn. Is there a new CTP soon?

Anders: We talked about CTPS and I think ... The way we are thinking about it right now is that we need to get VS 2013 out. We have done prepwork in VS2013 such that we can just drop the Roslyn compiler VSIX extensions, which you can enable/disable to test them. All of that infrastructure is done... so once we 2013 out, we will be able to start previewing Roslyn.

---

Charles: Just to be clear, the goal is that Roslyn will be the compiler for C# at some point.

Anders: Yes.. and VB and the new language services in the IDE. It's all written on top of Roslyn. So there's a huge amount of work there. It's taken longer than we thought and I will readily admit that. The thing that you can't ignore is that there are millions and millions and millions of ... and I venture to say ... probably even billions of lines of code of C# out there and we got to compile all of them exactly. We can't just go and say, oh that doesn't work anymore. This is about obtaining the elusive 100% and backwards compatibility. There are things in the old compiler that are clearly wrong. We do the right thing for this but then in this particular case, we do the wrong thing. Now should we keep the bug, because if we fixed the bug then that breaks. Is it a new warning? We are spending a lot of time getting that just right..

---

Charles: Now one of the questions ... The  old compiler is written in native code C/and C++. So are you noticing an increase in compiler time. So what are the performance characteristics of Roslyn..

Anders: Right from the get go of the Roslyn project, we set some tough goals. At no point during development do we want to be more the 2X of the old compiler. That was just during development and that we wanted to at least reach the same speeds as the native compiler in the final release. The way we get there is different.

One of things about the Roslyn compiler is that it's a much more modern codebase written using more modern functional algorithms and that means a lot of the data structures in the compiler are immutable like the entire ASTs. You can work on the entire API for that and it's like one big immutable data structure.

What immutability gives you is sharing for free. And that means this compiler unlike the older compiler works beautifully on multicore systems. If you have a multicore machine, we can farm out a lot of compilation work on separate cores... Yes, if you have 4 separate compilations, we can completely spin out 4 separate processes. That's a given. But even for a single compilation, we can internally parallelize IL generation for example... Each method is individually independent of each other, so we can get IL.. the emit phase can go 3-4 times faster because of the ability to take advantage of the all the latent parallelism. So in the aggregate if you look at how the new compiler is performing against the old compiler... it's actually in many cases beating the old compiler, particularly for large projects. It scales a lot better and scalability ... You wouldn't believe the size of some of these projects that people build in C#. They're enormous.

Typing responsiveness is vastly better with Roslyn. There are a lot of advantages we get out of this.

---

Charles: You still work on C#?

Anders: C# is my day job. I'm been pitching in on TypeScript... There was some downtown in the Roslyn project since it took longer than we thought...

---

Charles: Because you spend a lot of your time on TypeScript, have you learned anything from that work that you could apply back to C#?

Anders: Yeah... that's a good question. I am coming away from it with a new appreciation for the value of the dynamism or dynamic typing being completely effortless. We have support for dynamic typing in C# but sometimes it's not as smooth as how I would like it to be. For example, making it easy to dynamically dot into a JSON document... That's actually not as easy as it should be today.

Those are things that we are actually looking at right now. From a language design, it goes both ways. We actually ... We have been thinking about ways of making C# classes more succinct by looking at some things we can do with F# where you can put parameters in classes and capture them in methods. And then you can get into a very succinct style of writing code and we used some of that early on in a model of classes that we implemented in typescript.. Then the Ecmascript committee went in a different direction and we align with that instead, but that was interesting to apply work that hadn't been seen yet in C# in Typescript. We may revisit that once we get done with Roslyn.. We actually have now in earnest... design meetings for C# 6.0. So there's a bunch of new features there and we looked at all the new features that people have logged over time in C#. It's time to finally fix this issue.. We have a hitlist of features that we should now just do in the Roslyn codebase, because now that we have a codebase that is so much easier to do in. There was a big cost in the old codebase and that cost has gone down dramatically, so we should be able to move a lot faster.

---

Charles: The world has changed... Developers are writing mobile applications.
There are many ways it impacts.... For example, dynamic data is getting more and more important. The ability to talk to web services and so forth in a completely frictionless manner. In mobile devices and small form factors, battery consumption is important so native code is becoming more important. It costs battery performance to jit an app. So delivering native code to deices is getting more important.

Anders: Third parties out there like Xamarin like ...

---

Charles: Is the effort on TypeScript slowing down C#?

Anders: Actually, strangely enough, no because getting to completion to the Roslyn compiler has taken longer...

Neural networks have long been an interesting field of research for exploring concepts in machine learning (otherwise known as artificial intelligence). Dr James McCaffrey of Microsoft Research recently gave an introduction to neural networks for those looking to learn more about them in an engaging talk that includes working demo code. By Jeff Martin

Charlie Hunt and Monica Beckwith describe the operational basics of G1 and how to tune it, along with tips on what to expect when migrating from Parallel GC or CMS to G1 GC. By Charlie Hunt and Monica Beckwith

Red Gate is looking for experienced developers to join us as we tackle the challenge of building simple tools to solve complex problems. You’ll work with a world class team to build ingeniously simple software that solves complicated customer problems, from backing up SQL Server databases to the cloud, to managing deployment infrastructure, to development software for mobile applications.

Red Gate has some big challenges ahead. Over the next few years we expect more of our services to be delivered in the cloud, rather than on the desktop. As an experienced developer you’ll help us realize this vision.

Red Gate practices agile development; you’ll ship early and often and continually be delighting our end users.

You’ll be an ambassador for great software engineering and share your knowledge and experience with the team and perhaps further afield.

Red Gate is proud to be independently recognised as Cambridge’s best workplace as well as an award winning software provider – we aspire to be the best place you’ve ever worked. To apply, simply upload your CV and covering letter or get in touch with our Head of Software Engineering if you’d like to talk to us first. If you want to stand out from the crowd, tell us about the work that excites you most or give us a link showcasing your work.

What makes you a Red Gate Software Engineer?

You are an experienced engineer with plenty of war stories to share about the good, bad and ugly of software development.

You’ll have a solid grasp of object oriented design with success stories to share. You can demonstrate your experience with a language such as Java, C#, Ruby, or C++ (most of our current products are written in C#). You value clean code in any language and aren’t afraid to relentlessly refactor code. Knowledge of the challenges of distributed systems and experience designing web APIs would be beneficial, though not required.

You’ll have worked in an agile environment and be comfortable working in short iterations with frequent releases. You’ll understand that you both need to build the product right and build the right product, so you’ll be happy to engage with customers, UX specialists, product support, and more to make that happen.

You’ll be continually honing your skills by seeking out, learning, and sharing new tools and techniques to make yourself an even better problem solver.

What’s the package?

• A great benefits package.
• Salary is between £40,000 and £55,000, depending on experience.
• You’ll work about 40 hours a week, with flexible work time.

Victor Grazi presents the functionality of the components in the java.util.concurrent library through a series of animations implemented with the respective concurrent methods. By Victor Grazi

hypnosec writes "Harlan – a declarative programming language that simplifies development of applications running on GPU has been released by a researcher at Indiana University. Erik Holk released his work publicly after working on it for two years. Harlan's syntax is based on Scheme – a dialect of LISP programming language. The language aims to help developers make productive and efficient use of GPUs by enabling them to carry out their actual work while it takes care of the routine GPU programming tasks. The language has been designed to support GPU programming and it works much closer to the hardware." Also worth a mention is Haskell's GPipe interface to programmable GPUs.

Read more of this story at Slashdot.

During the Build 2013 conference Marytn Lovell revealed some of the inner workings of the WinRT threading model. While .NET developers may be surprised at its complexity, especially when multiple windows are involved, traditional COM developers are going to be relieved to learn that it is much simpler than what they are used to. By Jonathan Allen

Architecture is about intent, we have made it about frameworks and details, Robert C. Martin, “Uncle Bob”, stated earlier at this year’s DDD Exchange Day in London. Robert refers to a book by Ivar Jacobson from 1992 and brings the original thoughts about use cases into architecture models, e.g. Hexagonal architecture and Clean architecture to improve these models. By Jan Stenberg

Async/Await is arguably the most powerful language feature introduced in C# 5. But what pitfalls are to be avoided? And what are the costs associated with these keywords? By Roopesh Shenoy

Maximiliano Firtman overviews of what you need to know, including labs testing on progressive enhancement, feature detection and HTML5 APIs: UI, core, data, network and hardware. By Maximiliano Firtman

Dietmar Kuehl discusses creating a C/C++ source code analyzer based on clang. By Dietmar Kuehl

This talk will cover the evolution of LinkedIn's architecture and a few of the key lessons we have learned. This includes how we grew our technology stack from a monolithic application to a distributed set of services, how we moved from a single centralized database to distributed data stores, and how we scaled our development practices to support hundreds of engineers. By Jay Kreps