A number of programmers have taken it to Twitter to bring it to everyone's, but particularly recruiter's, attention about the grueling interview process in their field that relies heavily on technical questions. David Heinemeier Hansson, a well-known programmer and the creator of the popular Ruby on Rails coding framework, started it when he tweeted, "Hello, my name is David. I would fail to write bubble sort on a whiteboard. I look code up on the internet all the time. I don't do riddles." Another coder added, "Hello, my name is Tim. I'm a lead at Google with over 30 years coding experience and I need to look up how to get length of a python string." Another coder chimed in, "Hello my name is Mike, I'm a GDE and lead at NY Times, I don't know what np complete means. Should I?" A feature story on The Outline adds: This interview style, widely used by major tech companies including Google and Amazon, typically pits candidates against a whiteboard without access to reference material -- a scenario working programmers say is demoralizing and an unrealistic test of actual ability. People spend weeks preparing for this process, afraid that the interviewer will quiz them on the one obscure algorithm they haven't studied. "A cottage industry has emerged that reminds us uncomfortably of SAT prep," Karla Monterroso, VP of programs for Code2040, an organization for black and Latino techies, wrote in a critique of the whiteboard interview. [...] This means companies tend to favor recent computer science grads from top-tier schools who have had time to cram; in other words, it doesn't help diversify the field with women, older people, and people of color.

An anonymous reader writes: Google "developer advocate" Felipe Hoffa has determined the top "weekend programming languages," those which see the biggest spike in commit activity on the weekends. "Clearly 2016 was a year dedicated to play with functional languages, up and coming paradigms, and scripting 3d worlds," he writes, revealing that the top weekend programming languages are:

Rust, Glsl, D, Haskell, Common Lisp, Kicad, Emacs Lisp, Lua, Scheme, Julia, Elm, Eagle, Racket, Dart, Nsis, Clojure, Kotlin, Elixir, F#, Ocaml

Earlier this week another data scientist calculated ended up with an entirely different list by counting the frequency of each language's tag in StackOverflow questions. But Hoffa's analysis was performed using Google's BigQuery web service, and he's also compiled a list of 2016's least popular weekend languages -- the ones people seem to prefer using at the office rather than in their own free time.

Nginx, Matlab, Processing, Vue, Fortran, Visual Basic, Objective-C++, Plsql, Plpgsql, Web Ontology Language, Smarty, Groovy, Batchfile, Objective-C, Powershell, Xslt, Cucumber, Hcl, Puppet, Gcc Machine Description

What's most interesting is the changes over time. In the last year Perl has become more popular than Java, PHP, and ASP as a weekend programming language. And Rust "used to be a weekday language," Hoffa writes, but it soon also grew more popular for Saturdays and Sunday. Meanwhile, "The more popular Go grows, the more it settles as a weekday language," while Puppet "is the champion of weekday coders." Ruby on the other hand, is "slowly leaving the week and embracing the weekend."
Hoffa is also a long-time Slashdot reader who analyzed one billion files on GitHub last summer to determine whether they'd been indented with spaces or tabs. But does this new list resonate with anybody? What languages are you using for your weekend coding projects?

mikeatTB quotes TechBeacon: Some things in the programming world are so easy to misuse that most people prefer to never use them at all. These are the programming equivalent of a flamethrower... [But] creative use of features such as goto, multiple inheritance, eval, and recursion may be just the right solution for experienced developers when used in the right situation. Is it time to resurrect these four forgotten code constructs?
The article notes that the Linux kernel uses goto statements, and links to Linus Torvalds' defense of them. ("Any if-statement is a goto. As are all structured loops...") And it points out that eval statements are supported by JavaScript, Python, PHP, and Ruby. But when the article describes recursion as "more forgotten than forbidden," it begs the inevitable question. Are you using these "forgotten code constructs" -- and should you be?

You asked, he answered! The creator of Apple's Swift programming language (and a self-described "long-time reader/fan of Slashdot") stopped by on his way to a new job at Tesla just to field questions from Slashdot readers. Read on for Chris's answers...

Slashdot reader horrido shares an article that "has done more for Smalltalk advocacy than any other article in memory." It was the second-most popular article of the year on the Hewlett Packard Enterprise site TechBeacon (recently passing 20,000 views), with Richard Eng, the founder of the nonprofit Smalltalk Renaissance, arguing that the 44-year-old language is much more than a tool for teachers -- and not just because Amber Smalltalk transpiles to JavaScript for front-end web programming. It's a superlative prototyping language for startups. It's an industrial-strength enterprise language used by businesses both big and small all around the globe... Smalltalk's implementation of the object-oriented paradigm is so excellent that it has influenced an entire generation of OO languages, such as Objective-C, Python, Ruby, CLOS, PHP 5, Perl 6, Erlang, Groovy, Scala, Dart, Swift, and so on. By learning Smalltalk, you'll understand how all of those useful features in today's OO languages came to be.
The article also argues that Smalltalk pioneered just-in-time compilation and virtual machines, the model-view-controller design paradigm, and to a large extent, even test-driven development. But most importantly, Smalltalk's reliance on domain-specific languages makes it "the 'purest' OO, and one of the earliest... It is often said that programming in Smalltalk or Python is rather like Zen; your mind just flows effortlessly with the task. This is the beauty and value of language simplicity, and Smalltalk has this in spades... Smalltalk, by virtue of its object purity and consistency, will give you a profoundly better understanding of object-oriented programming and how to use it to its best effect."

The company behind Ashley Madison, the adultery enabling website, has agreed to pay a $1.6 million settlement related to a major data breach last year that exposed account details of 36 million users. From a PCWorld report: Ashley Madison's operator, Toronto-based Ruby, is making the settlement for failing to protect the account information and for creating fake user profiles to lure in prospective customers, the U.S. Federal Trade Commission said on Wednesday. In July 2015, a hacking group called Impact Team managed to steal the account details and then post them online a month later -- potentially damaging the reputation of the customers using the adultery website. The FTC alleges the Ashley Madison site suffered from lax security, allowing hackers to break in several times between Nov. 2014 and June 2015. The service also retained personal information of users who had paid $19 to delete their data from the site, the FTC said.

marekkirejczyk, the VP of Engineering at development shop Daftcode, shares a warning about hype-driven development: Someone reads a blog post, it's trending on Twitter, and we just came back from a conference where there was a great talk about it. Soon after, the team starts using this new shiny technology (or software architecture design paradigm), but instead of going faster (as promised) and building a better product, they get into trouble. They slow down, get demotivated, have problems delivering the next working version to production.
Describing behind-schedule teams that "just need a few more days to sort it all out," he blames all the hype surrounding React.js, microservices, NoSQL, and that "Test-Driven Development Is Dead" blog post by Ruby on Rails creator David Heinemeier Hansson. ("The list goes on and on... The root of all evil seems to be social media.") Does all this sound familiar to any Slashdot readers? Has your team ever succumbed to hype-driven development?

Long-time Slashdot reader theodp writes: In August, Melinda Gates penned Computers Are For Girls, Too, in which she lamented that her daughters "are half as likely to major in computer science as I was 30 years ago." So, what's changed in the last 30 years? Well, at last week's DreamForce Conference, Gates credited access to Apple computers at school and home for sparking her own interest in computer science [YouTube], leading to a career at Microsoft.

So, as she seeks ways to encourage more women to get into tech, Melinda may want to consider the effects of denying her own children access to Apple products [2010 interview] and of Microsoft [in 1984] stopping computers from shipping with a beginner's programming language (a 14-year-old Melinda reportedly cut her coding teeth on BASIC).
Melinda can raise her kids however she wants -- maybe her kids will just start programming with the Ubuntu that's shipping with Windows 10. But is it a problem that there's no beginner's programming language currently shipping with Macs? Over the years Macs have shipped with Perl, Python, Ruby, tcl, and a Unix shell. Do you think Apple could encourage young programmers more by also shipping their Macs with BASIC?

After analyzing 1.4 million scores on HackerRank's tests for coding accuracy and speed, Chinese programmers "outscored all other countries in mathematics, functional programming, and data structures challenges". Long-time Slashdot reader DirkDaring quotes a report from InfoWorld: While the United States and India may have lots of programmers, China and Russia have the most talented developers according to a study by HackerRank... "If we held a hacking Olympics today, our data suggests that China would win the gold, Russia would take home a silver, and Poland would nab the bronze. Though they certainly deserve credit for making a showing, the United States and India have some work ahead of them before they make it into the top 25."
While the majority of scores came from America and India, the two countries ranked 28th and 31st, respectively. "Poland was tops in Java testing, France led in C++, Hong Kong in Python, Japan in artificial intelligence, and Switzerland in databases," reports InfoWorld. Ukrainian programmers had the top scores in security, while Finland showed the highest scores for Ruby.

You asked, he answered!

Ruby on Rails Creator and founder/CTO of Basecamp, David Heinemeier Hansson has responded to questions submitted by Slashdot readers. Read on for his answers.

An anonymous reader writes from a report via The Daily Dot: Onion's Omega2 computer may give the Raspberry Pi a run for its money if the success of the Kickstarter campaign is any indication. The Daily Dot reports: "With an initial goal of just $15,000, over 11,560 backers have pledged the company $446,792 in hopes of getting their hands on this little wonder board. So why are thousands of people losing their minds? Simple; the Omega2 packs a ton of power into a $5 package. Billed as the world's smallest Linux server, complete with built-in Wi-Fi, the Omega2 is perfect for building simple computers or the web connected project of your dreams. The tiny machine is roughly the size of a cherry, before expansions, and runs a full Linux operating system. For $5 you get a 580MHz CPU, 64MB memory, 16MB storage, built-in Wi-Fi and a USB 2.0 port. A $9 model is also available with 128MB of memory, 32MB of storage, and a MircoSD slot. The similarly priced Raspberry Pi Zero comes with a 1GHz Arm processor, 512MB of memory, a MicroSD slot, no onboard storage, and no built-in Wi-Fi. Omega2 supports the Ruby, C++, Python, PHP, Perl, JavaScript (Node.js), and Bash programming languages, so no matter your background in coding you should be able to figure something out." You can also add Bluetooth, GPS, and 2G/3G support via add-ons or expansions. It looks promising, though it is a Kickstarter campaign and the product may not come into fruition.

David Heinemeier Hansson created the Ruby on Rails open-source web framework in 2003. David is also the founder and CTO of Basecamp, a project management tool that's been used by more than 15 million people. In addition, David is the best-selling author of REWORK, a book about starting and running businesses a better way. David has agreed to take some time to answer some of your questions.

Ask as many questions as you'd like, but please, one per comment. (And feel free to also leave your suggestions for who Slashdot should interview next.) We'll pick the very best questions -- and forward them on to David Heinemeier Hansson himself.

An anonymous reader quotes Network World: U.K.-based technology analyst firm RedMonk just released the latest version of its biannual rankings of programming languages, and once again JavaScript tops the list, followed by Java and PHP. Those are same three languages that topped RedMonk's list in January. In fact, the entire top 10 remains the same as it was it was six months ago...
Python ranked #4 on RedMonk's list, while the survey found a three-way tie for fifth place between Ruby, C#, and C++, with C coming in at #9 (ranking just below CSS). Network World argues that while change comes slowly, "if you go back deeper into RedMonk's rankings, you can see slow, ongoing ascents from languages such as Go, Swift and even TypeScript."

Interestingly, an earlier ranking by the IEEE declared C to be the top programming language of 2016, followed by Java, Python, C++, and R. But RedMonk's methodology involves studying the prevalence of each language on both Stack Overflow and GitHub, a correlation which "we believe to be predictive of future use, hence their value."

You asked, he answered!

Perl creator Larry Wall has responded to questions submitted by Slashdot readers. Read on for his answers...

sombragris writes: Slackware, the oldest GNU/Linux distribution still in active maintenance, was released just minutes ago. Slackware is noted for being the most Unix-like of all Linux distributions. While sporting kernel 4.4.14 and GCC 5.3, other goodies include Perl 5.22.2, Python 2.7.11, Ruby 2.2.5, Subversion 1.9.4, git-2.9.0, mercurial-3.8.2, KDE 4.14.21 (KDE 4.14.3 with kdelibs-4.14.21) Xfce 4.12.1... and no systemd!

According to the ChangeLog: "The long development cycle (the Linux community has lately been living in "interesting times," as they say) is finally behind us, and we're proud to announce the release of Slackware 14.2. The new release brings many updates and modern tools, has switched from udev to eudev (no systemd), and adds well over a hundred new packages to the system. Thanks to the team, the upstream developers, the dedicated Slackware community, and everyone else who pitched in to help make this release a reality." Grab the ISOs at a mirror near you. Enjoy! The torrents page can be found here.

steveb3210 writes: Today, Ruby On Rails released version 5.0.0 of the platform. Major new features include ActionCable which brings support for WebSockets and a slimmed-down API-only mode From the official blog post:After six months of polish, four betas, and two release candidates, Rails 5.0 is finally done! It's taken hundreds of contributors and thousands of commits to get here, but what a destination: Rails 5.0 is without a doubt the best, most complete version of Rails yet. It's incredible that this community is still going so strong after so long. Thanks to everyone who helped get us here. [...] Note: As per our maintenance policy, the release of Rails 5.0 will mean that bug fixes will only apply to 5.0.x, regular security issues to 5.0.x and 4.2.x, and severe security issues also to 5.0.x and 4.2.x (but when 5.1 drops, to 5.1.x, 5.0.x, and 4.2.x). This means 4.1.x and below will essentially be unsupported! Ruby 2.2.2+ is now also the only supported version of Rails 5.0+.

"Researchers have discovered a vulnerability within the Swagger specification which may place tools based on NodeJS, PHP, Ruby, and Java at risk of exploit," warns ZDNet's blog Zero Day, adding "the severe flaw allows attackers to remotely execute code." Slashdot reader msm1267 writes: A serious parameter injection vulnerability exists in the Swagger Code Generator that could allow an attacker to embed executable code in a Swagger JSON file. The flaw affects NodeJS, Ruby, PHP, Java and likely other programming languages. Researchers at Rapid7 who found the flaw disclosed details...as well as a Metasploit module and a proposed patch for the specification. The matter was privately disclosed in April, but Rapid7 said it never heard a response from Swagger's maintainers.

Swagger produces and consumes RESTful web services APIs; Swagger docs can be consumed to automatically generate client-server code. As of January 1, the Swagger specification was donated to the Open API Initiative and became the foundation for the OpenAPI Specification. The vulnerability lies in the Swagger Code Generator, and specifically in that parsers for Swagger documents (written in JSON) don't properly sanitize input. Therefore, an attacker can abuse a developer's trust in Swagger to include executable code that will run once it's in the development environment.

An anonymous reader writes: David Heinemeier Hansson, the creator of Ruby on Rails, is applauding talk of an after-work e-mail ban, writing that "the ever-expanding expectations for when someone is available have gotten out of hand... Work emails are ticking in at all sorts of odd hours and plenty of businesses are dysfunctional enough to believe they have a right to have those answered, whatever the hour. That's unhealthy, possibly even exploitative... Same goes for forcing everyone to work in an open office. The research is mounting on all the ills that come from persistent noise and interruptions from that arrangement."

While acknowledging that his firm's project management tool Basecamp has a "perfect storm" of features that can send emails and texts after hours, Hansson points out that at least version 3 (released in 2015) shipped with a scheduling feature that will hold notifications during weekends and other specified off-work periods. "What we need before we can even dream of having something like the French response is a change in attitudes. Less celebration of workaholism, more #WorkCanWait. More recognition that stress from unrealistic and unhealthy expectations and work habits is actually a real hazard to health and sanity."

Earthquake Retrofit quotes this report from The Register: More than four years since its previous issue, iconic hacker zine Phrack has published a new issue. Phrack issue number 69 contains articles from researchers Aaron Portnoy and Alisa Esage, as well as articles on OS X rootkits and exploiting Ruby on Rails...

First released in 1985 via BBS, Phrack has been staffed by dozens of editors and contributors in its three-plus decades. The long-running zine has also hosted a number of notable articles, including the famed Hacker Manifesto and Smashing The Stack For Fun And Profit.

Dan Goodin, reporting for Ars Technica: A large number of websites are vulnerable to a simple attack that allows hackers to execute malicious code hidden inside booby-trapped images. The vulnerability resides in ImageMagick, a widely used image-processing library that's supported by PHP, Ruby, NodeJS, Python, and about a dozen other languages. Many social media and blogging sites, as well as a large number of content management systems, directly or indirectly rely on ImageMagick-based processing so they can resize images uploaded by end users. According to developer and security researcher Ryan Huber, ImageMagick suffers from a vulnerability that allows malformed images to force a Web server to execute code of an attacker's choosing. Websites that use ImageMagick and allow users to upload images are at risk of attacks that could completely compromise their security. "The exploit is trivial, so we expect it to be available within hours of this post," Huber wrote in a blog post. He went on to say: "We have collectively determined that these vulnerabilities are available to individuals other than the person(s) who discovered them. An unknowable number of people having access to these vulnerabilities makes this a critical issue for everyone using this software."