Python "is often described as being slow when it comes to performance... But is that truly the case?" writes Patrick Wohlschlegel, Arm's senior product manager for infrastructure and high-performance computing tools.

Slashdot reader igor.sfiligoi writes: Effectively profiling Python has always been a pain. Arm recently announced that their Arm Forge is now able to profile both Python and compiled code.
It's available for any hardware architecture, Wohlschlegel writes, adding that developers "typically assume that most of the execution time is spent in compiled, optimized C/C++ or Fortran libraries (e.g. NumPy) which are called from Python..."

"How confident are you that your application is not wasting your precious computing resources for the wrong reasons?"

Tech Republic re-visits the story of the earliest attempts to build the Raspberry Pi, and the dramatic launch of a quest "to rekindle the curiosity about computing in a generation immersed in technology but indifferent to how it worked." [T]he dominant computers -- games consoles and later tablets and smartphones -- no longer offered an invitation to create, but rather to consume. Eben Upton recalls a bonfire party in 2007 where an 11-year-old boy told him he wanted to be an electrical engineer, and his disappointment at realizing the boy didn't have access to a computer he could program on. "I said, 'Oh, what computer have you got?'. He said, 'I've got a Nintendo Wii'. And there was just that awful feeling about there being a kid who was excited, a kid who was showing concrete interest in our profession, and who didn't have access to a programmable computer, a computer of any sort. He just had a games console."

At this time Upton was working as a system-on-a-chip architect at chip designer Broadcom, and realized he had the skills to try to halt this drift away from computers that encouraged users to code.
Upton describes the Raspberry Pi as "a very conscious attempt" to bring back the easily programmable home computers that he remembered as a child in the 1980s -- and he was gratified at its success. "Even early on you started to see those pictures of kids lying on the living room floor, looking up at the TV with Raspberry Pi plugged into it, the same way we used to."

It was named "Pi" because it booted into a version of Python, and Raspberry because "There's a lot of fruit-named computer companies, and the 'blowing a raspberry' thing was also deliberate."

It's gone on to become the world's third best-selling general-purpose computer.

Free online courses -- also called Massive Open Online Courses -- have quite a year. An anonymous reader shares a blog post: It's been seven years since these courses rose to prominence, when a few Stanford professors decided to offer their courses online free. Since then over over 900 universities have launched over 11,000 courses. And in its seven years these Massive Online Open Courses (MOOCs) have achieved new milestone: 100 million plus learners. [...] At the end of every year, I do an extensive analysis of the MOOC space. To help me with analysis, I send the top MOOC providers a set of questions, one of them being the top enrolled courses of 2018.

The list below contains the top enrolled courses from the major MOOC providers: Coursera, edX, Udacity, and FutureLearn. Combined, these providers represent a big chunk of the MOOC learners (70 million plus). Without further ado, here are the most popular free online university courses of 2018:
Learning How to Learn: Powerful mental tools to help you master tough subjects from University of California, San Diego.
Machine Learning from Stanford University.
The Science of Well-Being from Yale University.
Introduction to Computer Science and Programming Using Python from Massachusetts Institute of Technology.
CS50's Introduction to Computer Science from Harvard University.

A Bloomberg columnist asks whether this week's rise in bitcoin's price is a turning point -- or just a "dead cat bounce"? After hitting a year's low of about $3,143, down about 80 percent from January highs, Bitcoin has risen 27 percent this week. Short-sellers are closing their positions, while fans smell fresh opportunity. Even more eye-watering market moves are happening elsewhere in the digital currency's ecosystem. Bitcoin Cash, a spin-off intended to be more usable as a payments mechanism, has almost tripled this week from about $80 to $225. That this is happening at the same time as a U.S. stock-market selloff will no doubt warm the hearts of crypto-evangelists, who believe their currencies offer genuine alternatives for where to put money in times of trouble....

A cursory glance at the price of Bitcoin Cash over the past year shows that it has fallen about 95 percent from its December 2017 record. So, anyone refusing to crystallize their losses this year has seen their 98-percent loss narrow over the past few days to, well, 95 percent. Celebrating now is like the Monty Python knight calling it a draw after losing all his limbs. It's not entirely clear either what kind of investor has the appetite, let alone the resources, to make meaningful bets on digital currencies today after a boom-and-bust cycle driven entirely by speculative hype rather than the adoption of Bitcoin in the real world. The long-awaited wave of money from Wall Street looks as far away as ever. So we're probably getting back to more natural territory for crypto: True believers and small-time gamblers.
Their conclusion? "One still can't rule out that these particular crypto-cats are dead."

The Python Software Foundation has settled on a new governance model for the programming language Python. The decision to come up with a new model was made after Python creator and chief Guido van Rossum stepped down as the "Benevolent Dictator For Life" (BDFL). SDTimes: The new governance model will rely on a five-person steering council to establish standard practices for introducing new features to the Python programming language. Based on tested methods, the proposal was designed to be "boring," comprehensive, flexible and lightweight, the steering council model document explained. "We're not experts in governance, and we don't think Python is a good place to experiment with new and untried governance models," software developers Nathaniel Smith and Donald Stufft explained in the Python documentation.

"So this proposal sticks to mature, well-known, previously tested processes as much as possible. The high-level approach of a mostly-hands-off council is arguably the most common across large successful F/OSS projects, and low-level details are derived directly from Django's governance." The steering council will serve as the "court of final appeal" for changes to the language and will have broad authority over the decision-making process, including the ability to accept or reject PEPs (Python Enhancement Proposals) (such as the one used to introduce this governance model), enforce and update the project's code of conduct, create subcommittees and manage project assets. But the intended goal of the council is to take a more hands-off and occasional approach to flexing its powers, Smith and Stufft explained.

quantic_oscillation7 shares a report: The latest notes from the Debian anti-harassment team on Wednesday caught my attention when reading, "We were requested to advice on the appropriateness of a certain package in the Debian archive. Our decision resulted in the package pending removal from the archive." Curiosity got the best of me... What package was deemed too inappropriate for the Debian archive?

When digging further, the package raised to the Debian Anti-Harassment Team was "Weboob." Weboob is short for "Web Outside of Browsers" as it's an open-source collection of software to script and automate the parsing/scraping/gathering-via-API of web data so that it can be consumed by different modules/applications. Weboob.org describes itself as "Weboob is a collection of applications able to interact with websites, without requiring the user to open them in a browser. It also provides well-defined APIs to talk to websites lacking one."

Weboob is Python-based and offers Qt-based user interfaces for accessing these different modules for reading data from different web-sites outside of any conventional web browser. Those interested can learn more about the software at Weboob.org. But, yes, the name is juvenile and likely inappropriate in most professional/corporate environments.

Steve Dower, a Python developer at Microsoft, describes how the language become popular internally: In 2010, our few Pythonistas were flying under the radar, in case somebody noticed that they could reassign a few developers to their own project. The team was small, leftover from a previous job, but was chipping away at a company culture that suffered from "not invented here" syndrome: Python was a language that belonged to other people, and so Microsoft was not interested. Over the last eight years, the change has been dramatic. Many Microsoft products now include Python support, and some of the newest only support Python. Some of our critical tools are written in Python, and we are actively investing in the language and community....

In 2018, we are out and proud about Python, supporting it in our developer tools such as Visual Studio and Visual Studio Code, hosting it in Azure Notebooks, and using it to build end-user experiences like the Azure CLI. We employ five core CPython developers and many other contributors, are strong supporters of open-source data science through NumFOCUS and PyData, and regularly sponsor, host, and attend Python events around the world.
"We often felt like a small startup within a very large company" Downer writes, in a post for the Medium community "Microsoft Open Source Stories."

Microsoft's Visual Basic .NET now ranks above JavaScript, PHP, SQL on TIOBE's index of programming language popularity, which ZDNet notes is "the highest it's ever been since [TIIOBE] started tracking the Microsoft language in 2001." Tiobe analysts said it was "very surprising" that Visual Basic .Net is now the fifth most popular language, only behind C++, Python, C, and Java. It's even ahead of JavaScript, which currently lies in seventh place, down from sixth a year ago. C# meanwhile fell from fifth spot a year ago to sixth this month. The language index still reckons Visual Basic .Net will "sooner or later go into decline", but concedes it's popular for dedicated office applications in small and medium enterprises, and is probably still used by many developers because it's easy to learn.
TIOBE's methodology "basically...comes down to counting hits for the search query +"<language> programming," TIOBE explains on its web page -- though its results don't always agree with other analysts.

InfoWorld points out that on this month's PyPL Popularity of Programming Language index, which analyzes how often language tutorials are searched for on Google, VB.NET "doesn't even register Visual Basic.Net or Visual Basic among its Top 10 languages" -- and JavaScript comes in third, behind only Python and Java.

A recent TechCrunch article claimed to have identified the best indicator of programming language popularity: GitHub's annual "State of the Octoverse" reports. So Austin-based technology reporter Mike Melanson explored the new verdict in GitHub's 2018 report: It felt to me like the overarching theme of the numbers was one of quiet stasis for the year past, at least when it comes to those languages deemed the cream of the crop. One of the first graphics offered in the post shows the top languages according to the number of repositories created and we see that everything seems to be flowing along, just as it has for the last decade. While GitHub points to a "steady uptick" for JavaScript after 2011, it looks like this list of languages hasn't changed much over time. [The graphic shows the four most popular languages -- every year since early 2014 -- have been JavaScript, Java, Python, and PHP.]

When we look at the top languages according to the number of contributors, we see a similar story, with the top four languages mirrored. In this chart, of course, we see that Ruby is on a steady decline, while Typescript is on a steady rise. The only surprise to be seen here is that C, after a brief uptick in popularity, has taken a bit of a nosedive over the past year. Either way, seven of 10 languages have the same exact ranking....

Finally, beyond the language rankings themselves, GitHub offers a wonderful analysis of just what it is that makes a particular language popular in 2018, boiling it down to three key characteristics: thread safety, interoperability, and being open source.
GitHub's report also identifies its fastest growing languages over the last year -- including Kotin, TypeScript, Rust, Python, and Go. "This year, TypeScript shot up to #7 among top languages used on the platform overall, after making its way in the top 10 for the first time last year," the report notes.

"TypeScript is now in the top 10 most used languages across all regions GitHub contributors come from -- and across private, public, and open source repositories."

GitHub saw more than 67 million pull requests this year -- more than a third of GitHub's "lifetime" total of 200 million pull requests since its launch in 2008. It now hosts 96 million repositories, and has over 31 million contributors -- including 8 million who just joined within the last 12 months.

These are among the facts released in GitHub's annual "State of the Octoverse" report -- a surprising number of which involve Microsoft.

• GitHub's top project this year, by contributor count, was Microsoft's Visual Studio Code (with 19,000 contributors), followed by Facebook's React Native (10,000), TensorFlow (9,300) and Angular CLI (8,800) -- as well as Angular (7,600) -- and the open source documentation for Microsoft Azure (7,800).

• Microsoft now has more employees contributing to open source projects than any other company or organization (7,700 employees), followed by Google (5,500), Red Hat (3,300), U.C. Berkeley (2,700), and Intel (2,200).

• The open source documentation for Microsoft Azure is GitHub's fastest-growing open source project, followed by PyTorch (an open source machine learning library for Python).

• Among the "Cool new open source projects" is an Electron app running Windows 95.

But more than 2.1 million organizations are now using GitHub (including public and private repositories) -- which is 40% more than last year -- and the report offers a fun glimpse into the minutiae of life in the coding community.

Read on for more details.

What do Heartbleed, WannaCry, and million dollar iPhone bugs have in common? From a report: One bug affects iPhones, another affects Windows, and the third affects servers running Linux. At first glance these might seem unrelated, but in reality all three were made possible because the software that was being exploited was written in programming languages which allow a category of errors called "memory unsafety." By allowing these types of vulnerabilities, languages such as C and C++ have facilitated a nearly unending stream of critical computer security vulnerabilities for years.

Imagine you had a program with a list of 10 numbers. What should happen if you asked the list for its 11th element? Most of us would say an error of some sort should occur, and in a memory safe programming language (for example, Python or Java) that's what would happen. In a memory unsafe programming language, it'll look at wherever in memory the 11th element would be (if it existed) and try to access it. Sometimes this will result in a crash, but in many cases you get whatever happens to be at that location in memory, even if that portion of memory has nothing to do with our list. This type of vulnerability is called a "buffer-overflow," and it's one of the most common types of memory unsafety vulnerabilities. HeartBleed, which impacted 17 percent of the secure web servers on the internet, was a buffer-overflow exploit, letting you read 60 kilobytes past the end of a list, including passwords and other users' data.

Security researcher David Buchanan has found that Twitter image uploads can be polyglot files, meaning they can be valid simultaneously in multiple formats, such as a .jpg, a .rar archive and a .zip archive. From a report: Using some Python code he wrote, he created a thumbnail image of William Shakespeare overlaid with the words, "Unzip Me" and posted it to Twitter. The .jpg image is also a valid .zip file, so if you download it, you can unzip it and extract the contents, a multipart .rar archive of the text of Shakespeare's plays. [...] Twitter performs some processing on uploaded images, which has the potential to mess with the data. But Buchanan found that his multi-format file survived this process. It may be that image itself (excluding the rather bulky metadata) is light enough not to trigger any compression or post-upload processing.

Jeffrey M. Perkel, writing for Nature: Perched atop the Cerro Pachon ridge in the Chilean Andes is a building site that will eventually become the Large Synoptic Survey Telescope (LSST). When it comes online in 2022, the telescope will generate terabytes of data each night as it surveys the southern skies automatically. And to crunch those data, astronomers will use a familiar and increasingly popular tool: the Jupyter notebook. Jupyter is a free, open-source, interactive web tool known as a computational notebook, which researchers can use to combine software code, computational output, explanatory text and multimedia resources in a single document. Computational notebooks have been around for decades, but Jupyter in particular has exploded in popularity over the past couple of years. This rapid uptake has been aided by an enthusiastic community of user-developers and a redesigned architecture that allows the notebook to speak dozens of programming languages -- a fact reflected in its name, which was inspired, according to co-founder Fernando Perez, by the programming languages Julia (Ju), Python (Py) and R.

[...] For data scientists, Jupyter has emerged as a de facto standard, says Lorena Barba, a mechanical and aeronautical engineer at George Washington University in Washington DC. Mario Juric, an astronomer at the University of Washington in Seattle who coordinates the LSST's data-management team, says: "I've never seen any migration this fast. It's just amazing." Computational notebooks are essentially laboratory notebooks for scientific computing. Instead of pasting, say, DNA gels alongside lab protocols, researchers embed code, data and text to document their computational methods. The result, says Jupyter co-creator Brian Granger at California Polytechnic State University in San Luis Obispo, is a "computational narrative" -- a document that allows researchers to supplement their code and data with analysis, hypotheses and conjecture. For data scientists, that format can drive exploration.

An anonymous reader writes: A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code. The 12 packages used typo-squatting in the hopes a user would install them by accident or carelessness when doing a "pip install" operation for a mistyped more popular package, like Django (ex: diango).

Eleven libraries would attempt to either collect data about each infected environment, obtain boot persistence, or even open a reverse shell on remote workstations. A twelfth package, named "colourama," was financially-motivated and hijacked an infected users' operating system clipboard, where it would scan every 500ms for a Bitcoin address-like string, which it would replace with the attacker's own Bitcoin address in an attempt to hijack Bitcoin payments/transfers made by an infected user.
54 users downloaded that package -- although all 12 malicious packages have since been taken down.

Four of the packages were misspellings of django -- diango, djago, dajngo, and djanga.

Economist Paul Romer, a co-winner of the 2018 Nobel Prize in economics, uses the programming language Python for his research, according to Quartz. Romer reportedly tried using Wolfram Mathematica to make his work transparent, but it didn't work so he converted to a Jupyter notebook instead. From the report: Romer believes in making research transparent. He argues that openness and clarity about methodology is important for scientific research to gain trust. As Romer explained in an April 2018 blog post, in an effort to make his own work transparent, he tried to use Mathematica to share one of his studies in a way that anyone could explore every detail of his data and methods. It didn't work. He says that Mathematica's owner, Wolfram Research, made it too difficult to share his work in a way that didn't require other people to use the proprietary software, too. Readers also could not see all of the code he used for his equations.

Instead of using Mathematica, Romer discovered that he could use a Jupyter notebook for sharing his research. Jupyter notebooks are web applications that allow programmers and researchers to share documents that include code, charts, equations, and data. Jupyter notebooks allow for code written in dozens of programming languages. For his research, Romer used Python -- the most popular language for data science and statistics. Importantly, unlike notebooks made from Mathematica, Jupyter notebooks are open source, which means that anyone can look at all of the code that created them. This allows for truly transparent research. In a compelling story for The Atlantic, James Somers argued that Jupyter notebooks may replace the traditional research paper typically shared as a PDF.

At an event this month (you can find the video of it here), Davide Cavalca, a production engineer at Facebook, spoke about the growing adoption of systemd at the data centers of the company. From a report: Facebook continues making use of systemd's many features inside their data centers. Some of their highlights for systemd use in 2018 includes: Facebook's servers have been relying on systemd for about the past two years. Facebook is using CentOS 7 everywhere from hosts to containers. While relying on CentOS 7, Facebook backports a lot of packages including new systemd releases, Meson, other dependencies, and of course new Linux kernel releases. Facebook is working on "pystemd" as a Python (Cython) wrapper on top of SD-BUS.

talonyx writes: D-Wave Systems, the contentious but scrappy maker of quantum annealing processors, has launched a cloud-based platform where developers can sign up for free and run problems on their quantum processor unit (QPU). There's an in-depth set of demos, documentation, and an open-source Python SDK to look at. "Leap is the latest addition to the quantum cloud -- services that virtualize quantum computing for almost anyone with a computer and a broadband connection to use," reports IEEE Spectrum. "Leap allows anyone to sign up, giving them one minute of time on a cloud-connected 2000Q each month. That might not sound like much, but a key advantage of quantum computing is to be able to solve in milliseconds problems like factoring large numbers, optimizing routes, or calculating molecular structures that could take traditional computers days or weeks."

"D-Wave estimates that each user's free minute of quantum computing time should be enough to run between 400 and 4,000 jobs each month," the report adds. "If developers want more, the company will charge commercial users $2,000 for one hour of access each month."

"There is a kind of programming trap I occasionally fall into that is so damn irritating that it needs a name," writes Eric S. Raymond, in a new blog post: The task is easy to specify and apparently easy to write tests for. The code can be instrumented so that you can see exactly what is going on during every run. You think you have a complete grasp on the theory. It's the kind of thing you think you're normally good at, and ought to be able to polish off in 20 LOC and 45 minutes.

And yet, success eludes you for an insanely long time. Edge cases spring up out of nowhere to mug you. Every fix you try drags you further off into the weeds. You stare at dumps from the instrumentation until you're dizzy and numb, and no enlightenment occurs. Even as you are bashing your head against a wall of incomprehension, consciousness grows that when you find the solution, it will be damningly simple and you will feel utterly moronic, like you should have gotten there days ago.

Welcome to programmer hell. This is your shtoopid problem.... If you ever find yourself staring at your instrumentation results and thinking "It...can't...possibly...be...doing...that", welcome to shtoopidland. Here's your mallet, have fun pounding your own head. (Cue cartoon sound effects.)
Raymond's latest experience in shtoopidland came while working on a Python-translating tool, and left him analyzing why there's some programming conundrums that repel solutions. "You're not defeated by what you don't know so much as by what you think you do know," he concludes. So how do you escape?

"[I]nstrument everything. I mean EVERYTHING, especially the places where you think you are sure what is going on. Your assumptions are your enemy; printf-equivalents are your friend. If you track every state change in the your code down to a sufficient level of detail, you will eventually have that forehead-slapping moment of why didn't-I-see-this-sooner that is the terminal characteristic of a shtoopid problem."

Share your own stories in the comments. Are there any programmers on Slashdot who've experienced their own shtoopid problems?

Long-time Slashdot reader mni12 writes: Anybody interested to try out this "retro game" Amazon Alexa skill I created? Just say "Alexa, enable moon lander".

DESCRIPTION:
Your mission is to land the Apollo 11 Lunar Module to the surface of the Moon.Alexa will help you by reading out your altitude and velocity. Houston Mission Control is also monitoring your descend using telemetry. The telemetry data is shown on your Alexa companion app or website.

HOW TO PLAY:
You control the descent by throttling the rocket engine burn."Burn 100" will give maximum 100% thrust and "Burn 0" will give you no thrust.You can use any value between 0 and 100 to control the descent velocity.

The game starts at 1000 meters with descent velocity of -50 meters/second.The maximum landing velocity is 5 meters/second and you have 75 seconds to complete the mission.If you make a successful landing, you will be added on the Leader board with your score and ranking.
In a discussion on Reddit, the Python developer behind the game also remembers watching Neil Armstrong and Buzz Aldrin's actual 1969 moon landing on TV. "I added some 1969 sound clips from Apollo 11 mission to make the game experience sound more real...."

The original submission also offers some more hints about winning the game, while Wikipedia has a whole page devoted to the "Lunar Lander videogame genre," noting that the first version was created in 1969 on a PDP-8.

After breaking into the top three most popular programming languages for the first time this month, behind C and Java, Python has also won the hearts of hackers and web nasties, according to attack statistics published this week by web security biz Imperva. From a report: The company says more than a third of daily attacks against sites the company protects come from a malicious or legitimate tool coded in Python. Imperva says that around 77 percent of all the sites the company protects, have been attacked by at least one Python-based tool. Furthermore, when the company looked at the list of tools that hackers used for their attacks, more than a quarter were coded in Python, by far the attackers' favorite tool. "Hackers, like developers, enjoy Python's advantages which makes it a popular hacking tool," the Imperva team says.