Tech News

ReactOS, the free and open source “ Windows-like” operating system has been released as a new version. ReactOS 0.4.9 comes with system stability and general consistency improvements such as Self-hosting, shell improvements, FastFAT crash fixes and more. As they target a newer release every three months, more focus is given on improvements with fewer headliner changes. ReactOS is now capable of Self-Hosting Self-hosting is a process of building an OS on an OS. Self-hosting although considered to be a milestone in any OS’ maturity, is associated with many challenges of its own. First, compiling any large codebase requires high memory usage and storage I/O stressing the operating system. Scheduling is also stressed, as modern build systems in general attempt to produce multiple compilation processes to speed up the build process. ReactOS featured self-hosting in an older version. However, changes brought by subsequent releases, such as the reworking of the kernel, made this self-hosting process non-existent. However, with the recent changes made to the filesystem, Self-hosting is now completely established in the 0.4.9 release. The open source FreeBSD project’s implementation of qsort played a major role in achieving this. Stability brought in by fixing FastFAT crashes ReactOS had significant resource leakages caused by the FastFAT driver. This leakage was eating up the common cache to the point where attempts to copy large files would result in a crash. The new version fixes the FastFAT driver’s behavior by adding in write throttling support and restraining its usage of the cache. A conservative usage of the cache may slow the system a bit during IO operations. However, it ensures that resources remain available to service for large IO operations instead of crashing like before. FastFAT driver also featured a complete rewrite of the support for dirty volumes greatly reducing the chance of file corruptions. This will protect the system from becoming unusable after a crash. Shell Improvements & Features Shell has also received several upgrades. It now has a built-in zipfldr (Zip Folder) extension. With this, ReactOS can also uncompress zipped files without needing to install third-party tools to accomplish it. It also allows users to now choose whether to move, copy, or link a file or folder when they drag it with the right mouse button. Some other new improvements A new mouse properties dialog in the GUI component of the ReactOS installer The inclusion of RAPPS, the gateway program used for getting various applications installed on ReactOS. With this Unicode support, ReactOS can now easily support many different languages. ReactOS can now present itself as Windows 8.1 with the Version APIs. These are just a select few major updates. For a full list of features, upgrades, and improvements, read the changelog. Microsoft releases Windows 10 SDK Preview Build 17115 with Machine Learning APIs Microsoft releases Windows 10 Insider build 17682! What’s new in the Windows 10 SDK Preview Build 17704

In today’s world, organizations and companies go to great lengths to protect themselves from network breaches. However, even a pinhole is enough for the attackers to intrude into any system. Last week, routers by Cisco and Huawei were hacked by two separate groups using different methods. Cisco’s routers were hacked using a backdoor attack while Huawei routers were exploited using a much older vulnerability programming code. An abnormal rise in the Cisco router backdoors Cisco in the year 2004 had written the IETF proposal for a “lawful intercept” backdoor for their routers. This proposal stated that the law enforcement teams could use the intercept to remotely log in to routers. These routers which are sold to ISPs and other large enterprises would allow the law enforcement agents to wiretap IP networks. These law enforcement agents are supposed to gain such an access only via a court order or other legal access request. [box type="shadow" align="" class="" width=""]A backdoor is a malware type which can surpass the normal authentication process for accessing any system or application. Some backdoors are legitimate and assist, for instance, manufacturers to regain lost passwords. However, these backdoors can be used by attackers to remotely access the systems without anyone on the system knowing it.[/box] However, later in the year 2010, an IBM security researcher stated that such a protocol would give an easy access to malicious attackers and would take over Cisco IOS routers. Also, the ISPs related to these routers would also end up being hacked. Some undocumented backdoors were discovered in the year 2013, 2014, 2015, and 2017. According to Tom’s Hardware, this year alone, Cisco recorded five different backdoors within their routers, which resulted in a security flaw for the company’s routers. Let’s have a look at the list of undocumented backdoors found and when. The month of March recorded two backdoors. Firstly, a hardcoded account with the username ‘cisco’, which would have provided an intrusion within more than 8.5 million Cisco routers and switches in a remote mode. Another hardcoded password was found for Cisco's Prime Collaboration Provisioning (PCP) software. This software is used for the remote installation of Cisco voice and video products. May revealed another backdoor in Cisco’s Digital Network Architecture (DNA) Center. This center is used by enterprises to provision devices across a network. Further, in the month of June, Cisco’s Wide Area Application Services (WAAS) found a backdoor account. Note that this is a software tool for traffic optimizations in the Wide Area Network (WAN). The most recent backdoor, found this month, was in the Cisco Policy Suite, which is a software suite for ISPs and large companies that can manage a network’s bandwidth policies. Using this backdoor, the attacker gets a root access to the network with no mitigations against it. However, this backdoor has been patched with Cisco’s software update. The question that arises from these incidents is whether these backdoors were created accidentally or actually by intruders? The recurrence of such incidents does not paint a good picture of Cisco as a responsible, reliable and trustworthy network for end users. Botnet built in a day brings down Huawei routers Researchers from the NewSky security spotted a new botnet last week, which nearly enslaved 18,000 Huawei’s IoT devices within a day. [box type="shadow" align="" class="" width=""]Botnets are huge networks of enslaved devices and can be used to perform distributed denial-of-service attack (DDoS attack), send malicious packets of data to a device, and remotely execute code.[/box] The most striking feature of this huge botnet is that it was built within a day and with a vulnerability which was previously known, as CVE-2017-17215. Anubhav said, “It's painfully hilarious how attackers can construct big bot armies with known vulns"This botnet was created by a hacker, nicknamed Anarchy, says Ankit Anubhav, security researcher at NewSky security. Other security firms including Rapid7 and Qihoo 360 Netlab also confirmed the existence of this new botnet. They first noticed a huge increase in Huawei’s device scanning. Anubhav states that the hacker revealed to him an IP list of victims. This list has not been made public yet. He further adds that the same code was released as public in January this year. The same code was used in the Satori and Brickerbot botnets, and also within other botnets based on Mirai botnets (Mirai botnets were used in 2016 to disrupt Internet services across the US on a huge scale). The NetSky security researcher suspects that Anarchy may be the same hacker known as Wicked, who was linked with the creation of the Owari/Sora botnets. Moreover, Anarchy/Wicked told the researcher that they also plan to start a scan for Realtek router vulnerability CVE-2014-8361, in order to enslave more devices. After receiving such a warning from the hacker himself, what new security measures will be taken henceforth? Read more about this Huawei botnet attack on ZDNet. Is Facebook planning to spy on you through your mobile’s microphones? Social engineering attacks – things to watch out for while online DCLeaks and Guccifer 2.0: How hackers used social engineering to manipulate the 2016 U.S. elections

A video went viral in February showcasing a dog like robot opening a door for another robot. These agile robots are the brainchild of Boston Dynamics, an American Robotics company. Fast forward to this month, Boston Dynamics is all geared up to produce thousands of these robot dogs. According to a report by Inverse, the company has set a target date of July 2019 to manufacture 1,000 of its SpotMini robot dogs annually. SpotMini is a smaller variant of Boston Dynamics’ many robots. This four-legged robot weighs around 30 kgs and can comfortably fit in an office or home. It is one of the quietest robots built by the company. SpotMini is completely mobile with a 5 degree-of-freedom arm. It also has multiple perception sensors for navigation and mobile manipulation. SpotMini Spot, SpotMini’s elder version stands at close to four feet and weighs about 75 kgs. This four-legged robot is exclusively made for rough terrain mobility and superhuman stability. Its video has been streamed on Youtube nearly 19 million times. Spot According to founder Marc Raibert, SpotMini is currently being tested for use in construction, delivery, security, and home assistance applications. The company has already announced plans to launch it in 2019 as their short-term goal. They have currently built almost ten robodogs by hand, and are in plans to build 100 models with contract manufacturers at the end of this year. In the long run, the company intends SpotMini to eventually become a multi-use platform of sorts. At TechCrunch’s TC Sessions: Robotics event 2018, Raibert stated that “the goal for us is to become the what Android operating system is for phones: a versatile foundation for limitless applications.” Sony resurrects robotic pet Aibo with advanced AI AI powered Robotics : Autonomous machines in the making How to assemble a DIY selfie drone with Arduino and ESP8266 What we learned at the ICRA 2018 conference for robotics & automation

Facebook has suspended Boston-based data analytics firm Crimson Hexagon following concerns that the company has misused data. The decision was made after the Wall Street Journal reported that the company has contracts with government agencies and "a Russian nonprofit with ties to the Kremlin." Back in March 2017, Facebook banned the use of data to develop surveillance tools. It's this ruling for which Crimson Hexagon are being investigated. A Facebook spokesperson, speaking to CNN Money on Friday, said: "We don't allow developers to build surveillance tools using information from Facebook or Instagram... We take these allegations seriously, and we have suspended these apps while we investigate.” Crimson Hexagon CTO responds with a blog post Crimson Hexagon hasn't explicitly responded to their suspension, but CTO Chris Bingham did write a blog post: "Understanding the Role of Public Online Data in Society." He writes that "the real conversation is not about a particular social media analytics provider, or even a particular social network like Facebook. It is about the broader role and use of public online data in the modern world." Although the investigation is ongoing it's worth noting, as TechCrunch has, that Crimson Hexagon isn't quite as opaque in its relationships and operations as Cambridge Analytica. They have, for example, done data analytics projects for the likes of Adidas, the BBC, and Samsung. Read next Google, Microsoft, Twitter, and Facebook team up for Data Transfer Project Is Facebook planning to spy on you through your mobile’s microphones? Did Facebook just have another security scare?

Last week Intel acquired eASIC, a fabless semiconductor company that makes customizable eASIC chips for use in wireless and cloud environments. The actual transaction amount for this merger was not disclosed by Intel. They believe that this acquisition is more “strategic” than just pure business as the competition for FPGAs is booming due to increasing demand for data and cloud services. The rise of FPGAs and Intel’s strategy to diversify beyond CPUs FPGAs were first introduced back in the 80s and were considered as an evolution in the path of fabless semiconductors. With each passing year, researchers have been trying to find innovative solutions to improve system performance, to meet the needs of big data, cloud computing, mobile, networking and other domains. FPGA is at the heart of this quest to develop high performing systems and is being paired with CPU’s to facilitate compute-intensive operations. Intel has a Programmable Solutions Group (PSG), which they created after acquiring Altera in 2015 for $16.7 billion. Altera is considered to be one of the leading FPGA manufacturers. The idea behind the eASIC acquisition is to complement Altera chips with eASIC’s technology. Dan McNamara, corporate vice president and GM of the PSG division mentioned in the official announcement, “We’re seeing the largest adoption of FPGA ever because of explosion of data and cloud services, and we think this will give us a lot of differentiation versus the likes of Xilinx”. Xilinx leads the race in the FPGA market with Intel being a distant second. The acquisition of eASIC is seen as a step towards catching up with the market leaders. Intel’s most recent quarterly earnings reports showed that PSG division had earned $498 million with 17% compound annual growth rate (CAGR), whereas on the other hand the company’s biggest division ‘Client Computing Division (CCG) made $8.2 billion but with a CAGR of 3%. Although PSG’s overall revenue is small when compared to CCG, it shows potential in terms of future growth. Hence Intel plans to increase their investments in acquiring futuristic companies like eASIC. It wouldn’t be surprising that we will see more such acquisitions in the coming years. You can visit Intel’s PSG blog for more interesting news on FPGAs. Frenemies: Intel and AMD partner on laptop chip to keep Nvidia at bay Baidu releases Kunlun AI chip, China’s first cloud-to-edge AI chip AMD’s $293 million JV with Chinese chipmaker Hygon starts production of x86 CPUs

Text-to-speech synthesis has been a booming research area, with Google, Facebook, Deepmind, and other tech giants showcasing their interesting research and trying to build better TTS models. Now Baidu has stolen the show with ClariNet, the first fully end-to-end TTS model, that directly converts text to a speech waveform in a single neural network. Classical TTS models such as Deepmind’s Wavenet usually have a separately text-to-spectrogram and waveform synthesis models. Having two models may result in suboptimal performance. ClariNet combines the two models into one fully convolutional single neural network. Not only that, their text-to-wave model significantly outperforms the previous separate TTS models, they claim. Baidu’s ClariNet consists of four components: Encoder, which encodes textual features into an internal hidden representation. Decoder, which decodes the encoder representation into the log-mel spectrogram in an autoregressive manner. Bridge-net: An intermediate processing block, which processes the hidden representation from the decoder and predicts log-linear spectrogram. It also upsamples the hidden representation from frame-level to sample-level. Vocoder: A Gaussian autoregressive WaveNet to synthesize the waveform. It is conditioned on the upsampled hidden representation from the bridge-net. ClariNet’s Architecture Baidu has also proposed a new parallel wave generation method based on the Gaussian inverse autoregressive flow (IAF).  This mechanism generates all samples of an audio waveform in parallel, speeding up waveform synthesis dramatically as compared to traditional autoregressive methods. To teach a parallel waveform synthesizer, they use a Gaussian autoregressive WaveNet as the teacher-net and the Gaussian IAF as the student-net. Their Gaussian autoregressive WaveNet is trained with maximum likelihood estimation (MLE). The Gaussian IAF is distilled from the autoregressive WaveNet by minimizing KL divergence between their peaked output distributions, stabilizing the training process. For more details on ClariNet, you can check out Baidu’s paper and audio samples. How Deep Neural Networks can improve Speech Recognition and generation AI learns to talk naturally with Google’s Tacotron 2

Marvel's Infinity War might well have been 'the most ambitious crossover in history' but there's a new crossover that might just beat it. In a blog post Google has revealed that it's working with Microsoft, Facebook, and Twitter on something called 'Data Transfer Project'. The Data Transfer Project is, according to Google, "an open source initiative dedicated to developing tools that will enable consumers to transfer their data directly from one service to another, without needing to download and re-upload it." Essentially, the product is about making data more portable for users. For anyone that has ever tried to move data from one source to another, that could save some massive headaches. Standardizing and securing data with the Data Transfer Project The tools being developed by Google, Microsoft, Facebook and Twitter, should be able to transform a proprietary API into a standardized format. Google explains that "this makes it possible to transfer data between any two providers using existing industry-standard infrastructure and authorization mechanisms, such as OAuth." Tools for adapting data from 7 different services and 5 different data formats have already been developed. With trust and security being two key issues for consumers in terms of tech, Google was also to keen to point out how the Data Transfer Project is fully committed to data security: "Services must first agree to allow data transfer between them, and then they will require that individuals authenticate each account independently. All credentials and user data will be encrypted both in transit and at rest. The protocol uses a form of perfect forward secrecy where a new unique key is generated for each transfer. Additionally, the framework allows partners to support any authorization mechanism they choose. This enables partners to leverage their existing security infrastructure when authorizing accounts." Google urges the developer community to get involved. You can find the source code for the project here and learn more about the history of the project in a white paper here. Read next: Why Twitter (finally!) migrated to Tensorflow 5 reasons government should regulate technology Microsoft’s Brad Smith calls for facial recognition technology to be regulated

Google has been stealthily working on its mystery Project Fuchsia OS for the past few years. There are suggestions that it could succeed Android. The project was discovered via Google’s Github repository as the company started posting code there back in 2016. Once Project Fuchsia launches, it will be Google’s first open source kernel and operating system. According to Bloomberg’s new report, Google’s aim with this project is to solve the issues that Android poses as more devices and gadgets make it to the market. It wants to create a single operating system which would be able to run across all of Google’s key products, including Pixel phones, smart speakers, Chrome as well as third-party apps that rely on Android. Fuchsia is currently being powered by around 100 engineers at Google. The team includes Matias Duarte, a design executive and the person behind Google’s several pioneering projects. How is Fuchsia different from other Google operating systems? Fuchsia is built on a new, Google-built kernel called “Zircon” (earlier called Magenta). This is a departure from the Android and Chrome OS which are both based on Linux. Fuchsia’s kernel makes use of a microkernel;  this is very different from the larger monolithic Linux kernels that usually power Google’s operating systems. Fuchsia has undergone a major transformation from the command line form it existed in when it was first uncovered in August 2016. Ever since then Google has been working on changing its UI. It has, for example, added an early user interface to Fuchsia that features a card-based system. The user interface design for Fuchsia is called “Armadillo” and was first revealed by Kyle Bradshaw at Hotfix last year. This is considered to be “the default system UI for Fuchsia.” Armadillo uses Google’s Flutter SDK. This SDK helps in creating cross-platform code which is capable of running on multiple operating systems.   https://www.youtube.com/watch?v=_7rRK4S9uk0   Fuchsia OS May 2017 Armadillo preview What are the key features of Fuchsia? Voice interaction technology appears to be at Fuchsia’s core. Google is already experimenting with different applications for the system by playing around with features like interactive screen displays and voice commands for youtube. Rich security is another key focus for Fuchsia. This is an initiative which could help Google efficiently compete with Apple’s more secure iOS. In terms of the timeframe for Fuchsia’s release, Bloomberg reports that Google plans on releasing fuchsia-based connected home devices within the next three years. It will then move on to rolling Fuchsia out to larger devices such as laptops within the next five years. Its ultimate plan would appear to be replacing Android. This isn’t going to be an easy process as Android is one of the most dominant mobile platforms in the world. It supports a lot of hardware partners, developers and billions of consumers. Google is keeping its cards close to its chest Currently, there’s no indication from Google’s side as to what it plans to do with Fuchsia. In a statement to Bloomberg, a Google spokesperson simply stated: “Google views these open-source experiments as an investment in innovation”.   It’s also worth noting that back in 2015 Hiroshi Lockheimer, Senior Vice President, Platforms & Ecosystems at Google, wrote a blog post stating that “while we've been working on ways to bring together the best of both [Android and Chrome] operating systems, there's no plan to phase out Chrome OS.” What are your views? Do you think Fuchsia is the future operating system to replace Android and Chrome OS? Or is it simply an experiment to try new development ideas? Let us know your thoughts below. For more coverage on project Fuchsia, check out its original documentation. Google AI releases Cirq and Open Fermion-Cirq to boost Quantum computation A quick look at E.U.’s antitrust case against Google’s Android Google becomes a new platinum member of the Linux Foundation  

E-mail is the traditional, primary, and the most vital part of communication within business organizations. They hold minutes of important discussions, confidential documents as attachments, high-profile business contact details, and much more. Hence, hackers or intruders often use emails as a medium to deliver dangerous content to the victim via attachments or by providing links to malicious websites. Companies throughout the world take huge efforts to detect malicious content within their communication media by setting up robust antivirus firewalls. But, how secure are they? Many choose antivirus engines based on their popularity than its performance. The myth that famous antivirus packages get you utmost security is now debunked by Email-sec-360°. According to Phys Org, it surpasses 60 other popular antivirus packages known to us. Email-sec-360° is developed by Aviad Cohen, a Ph.D. student, and researcher at the Ben-Gurion University of the Negev (BGU) Malware Lab researchers. It detects unknown, malicious emails much more accurately than the popular antivirus products such as Kaspersky, McAfee, Avast, etc. Email-sec-360° vs other popular antivirus engines Present antivirus engines use rule-based methods to analyze specific email sections. These often overlook the other important parts of the email. Dr. Nir Nissim, head of the David and Janet Polak Family Malware Lab at Cyber@BGU, stated that the existing antivirus engines use signature-based detection methods. These methods are at times insufficient for detecting new and unknown malicious emails. However, Email-sec-360° is based on machine learning methods and leverages 100 general descriptive features extracted from all email components, which include the header, body and attachments. Also an interesting fact about this method is that, it does not require an internet access. Thus, it provides a seamless threat detection in real-time and can be easily deployed by any individual or organizations. A well-experimented approach by the Malware Lab The researchers used a collection of 33,142 emails, which included 12,835 malicious and 20,307 benign emails obtained between 2013 and 2016. Later, they compared their detection model to 60 industry-leading antivirus engines as well as previous research. On doing this, they found their system to outperform the next best antivirus engine, Cyren, by a 13 percent range. BGU’s Malware Lab method vs the others BGU Malware Lab plan to extend this method by including research and analysis of attachments (PDFs and Microsoft Office documents) within the Email-sec-360°. Dr. Nissim adds,”since these are often used by hackers to get users to open and propagate viruses and malware.” They are also planning to develop an online system that evaluates the security risk posed by an email message. This system will be based on advanced machine learning methods and would also allow users to submit suspicious email messages and quickly obtain a maliciousness score. The system will further recommend on how to treat the email and would help to collect benign and malicious emails for research purposes. Read more about Email-sec-360° in the Phys Org blog post Pentest tool in focus: Metasploit 12 common malware types you should know 4 Ways You Can Use Machine Learning for Enterprise Security

Following the release of Unreal Engine 4.19 this April, Epic games have launched the Unreal Engine 4.20. This major update focuses on enhancing scalability and creativity, helping developers create more realistic characters, and immersive environments, for games, film, TV, and VR/AR devices. Multiple optimizations for Mobile Game development Epic games brought over 100 optimizations created for Fortnite on iOS and Android, for Unreal Engine 4.20. Hardware Occlusion Queries are now supported for high-end mobile devices on iOS and Android that support ES 3.1 or Vulkan using the GPU. Developers can also iterate and debug on Android without having to repackage the UE4 project. Game developers now have unlimited Landscape Material layers on mobile devices. Mixed Reality Capture Unreal Engine 4.20 provides a new Mixed Reality Capture functionality, which makes it easy to composite real players into a virtual space for mixed reality applications. It has three components: video input, calibration, and in-game compositing. You can use supported webcams and HDMI capture devices to pull real-world green-screened video into the Unreal Engine from a variety of sources.  The setup and calibration are done through a standalone calibration tool that can be reused across Unreal Engine 4 titles. Niagara Visual effects editor The Niagara visual effects Editor is available as an early access plugin. While the Niagara editor builds on the same particle manipulation methods of Cascade (UE4’s previous VFX), unlike Cascade, Niagara is fully Modular. UE 4.20 adds multiple improvements to Niagara Effect Design and Creation. All of Niagara’s Modules have been updated to support commonly used behaviors in building effects for games. New UI features have also been added for the Niagara stack that mimic the options developers have with UProperties in C++. Niagara now has support for GPU Simulation when used on DX11, PS4, Xbox One, OpenGL (ES3.1), and Metal platforms. Niagara CPU Simulation now works on PC, PS4, Xbox One, OpenGL (ES3.1) and Metal. Niagara was showcased at the GDC 2018 and you can see the presentation Programmable VFX with Unreal Engine’s Niagara for a complete overview. Cinematic Depth of Field Unreal Engine 4.20 also adds Cinematic Depth of Field, where developers can achieve cinema quality camera effects in real-time. Cinematic DoF, provides cleaner depth of field effect providing a cinematic appearance with the use of a procedural Bokeh simulation. It also features dynamic resolution stability, supports alpha channel, and includes settings to scale it down for console projects. For additional information, you can see the Depth of Field documentation. Proxy LOD improvements The Proxy LOD tool is now production-ready. This tool improves performance by reducing rendering cost due to poly count, draw calls, and material complexity. It  results in significant gains when developing for mobile and console platforms. The production-ready version of the Proxy LOD tool has several enhancements over the Experimental version found in UE4.19. Improved Normal Control: The use may now supply the hard-edge cutoff angle and the method used in computing the vertex normal. Gap Filling: The Proxy system automatically discards any inaccessible structures. Gap Filling results in fewer total triangles and a better use of the limited texture resource. Magic Leap One Early Access Support With Unreal Engine 4.20, game developers can now build for Magic Leap One. Unreal Engine 4 support for Magic Leap One uses built-in UE4 frameworks such as camera control, world meshing, motion controllers, and forward and deferred rendering. For developers with access to hardware, Unreal Engine 4.20 can deploy and run on the device in addition to supporting Zero Iteration workflows through Play In Editor. Read more The hype behind Magic Leap’s New Augmented Reality Headsets Magic Leap’s first AR headset, powered by Nvidia Tegra X2, is coming this Summer Apple ARKit 2.0 and Google ARCore 1.2 Support Unreal Engine 4.20 adds support for Apple’s ARKit 2.0, for better tracking quality, support for vertical plane detection, face tracking, 2D and 3D image detection, and persistent and shared AR experiences. It also adds support for Google’s ARCore 1.2, including vertical plane detection, Augmented Images, and Cloud Anchor to build collaborative AR experiences. These are just a select few updates to the Unreal Engine. The full list of release notes is available on the Unreal Engine blog. What’s new in Unreal Engine 4.19? Game Engine Wars: Unity vs Unreal Engine

A former Spotify engineer, Mattias Peter Johansson, has outlined how the music streaming platform uses JavaScript on it's desktop application. It's complicated and, according to Reddit, "kind of insane". Responding to a question on Quora, Johansson says it could be "among the top 25 most intricate uses of JavaScript in the world." What's particularly interesting is how this intricate JavaScript has influenced the Spotify architecture and the way the development teams are organized. How JavaScript is used on the Spotify desktop app JavaScript is used across the Spotify desktop client. Wherever UI is concerned, it uses JavaScript. C++ is used for functionality beneath the UI, with JavaScript sitting on top of it. The languages are connected by an interface aptly called a 'bridge.' Spotify's squads and spotlets The Spotify team is made up of small squads of anywhere from 3 to 12 people. Johansson explains that  "a feature is generally owned by a single squad, and during normal conditions the squad has all it needs to develop and maintain its feature." Each team has as many backend, front end, and mobile developers as necessary for the particular feature it owns. These features are known as 'spotlets.' Each of these spotlets are essentially web apps that come together to power the desktop app's UI. Johansson explains how they work, saying: They all run inside Chromium Embedded Framework, each app living within their own little iframe, which gives squads the ability to work with whatever frameworks they need, without the need to coordinate tooling and dependencies with other squads. The advantage of this is that it makes technical decision making much easier. As Johansson explains, "introducing a library is a discussion between a few people instead of decision that involves ~100 people and their various needs." Shared functionalities across the Spotify development team Although spotlets and squads create a somewhat fragmented picture of a development team, things are unified. "The latest versions of all Spotlets are zipped and bundled with the desktop client binary on every release, assets and all," says Johansson. Individual spotlets are also sometimes released where an emergency fix might be needed. Although tooling decisions are left up to individual squads, there are a couple of tools that are used across the team. This includes GLUE, a CSS framework that allows some coordination and alignment in terms of design. The team also rely heavily on npm, as you might expect. "We have our own internal npm repository where we publish internal modules, and we package the code together using a Browserify-like tool."

Tornado recently announced the release of version 5.1 and dropped the plans for a major release of Tornado 6.0. Tornado is a Python-based web framework and consists of asynchronous networking libraries for complete web development in Python. It is known for its ability to scale a huge number of connections on the web and is considered ideal for the applications that require uninterrupted connectivity on the web. Features included in Tornado 5.1 Improvement in the command-line wrapper. It will no longer clash with the active processes on Windows. New module to support non-ASCII characters in username and password Consistent behavior of the client-server modules like simple_httpclient and curl_httpclient Improved compatibility with GNU Hurd Improved WebSocket modules to protect against DoS attacks Preparation for Tornado 6.0 Tornado 6.0 will drop the support for Python versions 2.7 and 3.4 while making Python 3.5.2 as the minimum supported version. To make sure systems running on older Python versions do not break, the deprecation warnings are emitted. In order to receive the deprecation warnings, you need to run -wd argument or set the environment variable for your Python ecosystem. Also, Tornado maintainers have informed that the applications running on Python 3, which do not receive the deprecation warning will be able to move to Tornado 6.0 without breaking. To avoid the risk of errors that are introduced due to the connection leak, the ExceptionStackContext module will be removed from Tornado 6.0. Tornado 6.0 will remove obsolete packages to make a lean standard framework. For example, the Stack context module will be removed as it will stand obsolete after the introduction to co-routines. To learn more about the deprecated features in Tornado 5.1 and in-depth feature notice, you can check out the release notes page of Tornado 5.1. Read more Masonite 2.0 released, a Python web development framework Python web development: Django vs Flask in 2018 Python founder resigns – Guido van Rossum goes ‘on a permanent vacation from being BDFL’

Qt team released Qt Creator 4.7.0 yesterday. The latest release includes features such as C++ Support, Test Integration, Windows Hosts and other improvements. The highlights of this latest release are: C++ Support Clang code model has now been turned on by default. The built-in model, earlier, wasn’t able to keep up with the developments in the C++ language and the tooling around it. You can still continue to use the built-in model by disabling the ClangCodeModel plugin. Clang code model has been upgraded to Clang 6.0. and provides information for the document used for the symbols dropdown, outline pane and “.” locator filter. There’s a new tool in Debug mode (Analyze > Clang-Tidy and Clazy) with the help of which you can run checks over your entire code. You can check the warnings and errors from the code model in the Issues pane. Test Integration For cases when your text cursor in the C++ editor is inside a test function, an individual test can be directly run with the new Run Test Under Cursor action. The location of failed tests is also marked by test integration in the editor. Google Test provides support for filtering. Windows Hosts The scanning for MSVC compilers on Windows has been improved. Issue leading to short-term freezes during Windows debug stream has been fixed. Now, saving files on network drives should work in all configurations. Other Improvements The kit options are put in their own top-level entry in the preferences dialog. Now, easily choose if you want Qt’s automatic scaling by enabling or disabling the new option in Environment > Interface ( for HiDPI screen on Windows or Linux). The File System is equipped with new options which show folder on top as well as turn off the base folder synchronization. New folders can be created directly in the File System view. The open source version of Qt Creator 4.7.0  is available on the Qt download page. You can find commercially licensed packages on the Qt Account Portal. Qt Creator 4.7.0 is also available through an update in the online installer. Apart from these major updates, there have been many other improvements and fixes. Check out the official changes file for more coverage on Qt Creator 4.7.0. How to create multithreaded applications in Qt How to Debug an application using Qt Creator Qt 5.11 has arrived!  

Google got fined with €4.34 billion yesterday for breaching EU antitrust laws. According to EU, Google has been found guilty of imposing illegal restrictions on Android device manufacturers and network operators, since 2011, in an attempt to get all the traffic from these devices to the Google search engine. Here’s a tweet from Competition commissioner Margrethe Vestager confirming the penalty. https://twitter.com/vestager/status/1019537297925197824 Google will now have to end this illegal conduct within 90 days of the decision, says the press release from the regulator. The Commission wants Google to completely stop its engagement in the following types of practices: Illegal tying of Google's apps such as Google Play Store, Google search app and the Google Chrome browser with the device manufacturers. Illegal financial incentives conditional on exclusive pre-installation of the Google Search app. Illegal blocking of development and distribution of the competing Android operating systems, thereby, preventing device manufacturers from using its alternative version, which is not approved by Google (Android forks).  For instance, Amazon’s Android fork, Fire OS, a rival Android platform has suffered greatly from Google’s restrictive contracts with the phone makers. Here’s a quick look at E.U.’s antitrust case against Google’s Android. Apart from engaging in the aforementioned practices, Google is also required to refrain from any measure that has the same effect as these practices. Google's activities will be watched closely by the commission and Google is under an obligation to comply with EU’s decision. If Google fails to comply with the decision made by EU, it will further face penalty payments of up to 5% of the average daily worldwide turnover of Alphabet (Google’s parent company). Sundar Pichai, CEO of Google, has challenged the decision made by the commission in the official press release. Google is now preparing to appeal the decision. According to Pichai, the decision ignores the fact that Android phones pose tough competition to the iOS phones. He argues that Android has provided a wide scope of choices to a huge number of phone manufacturers, mobile network operators, app developers and billions of users (who are able to easily afford these Android smartphones). This fact has been completely missed by the commission. He also raises a point saying how history has proved that without the rules set for compatibility, open-source platforms tend to fragment which causes extreme discomfort to the users, developers as well as the phone makers. Google Android’s compatibility rules help avoid this situation and make the platform more reliable for everyone. “Web browsers such as Opera Mini and Firefox have been downloaded more than 100 million times, UC Browser more than 500 million times” states Pichai. He mentions that “the Commission’s Android decision — ignores clear evidence about how people use their phones today.” He insists that preventing Google from bundling its apps would “upset the balance of the Android ecosystem” and that the Android business model guaranteed zero charges for the phone makers. This now seems like a warning from Google’s side that its Android business model may consider licensing the popular operating system to phone makers. Mozilla, on its official blog, openly supported the European Commission’s decision against Google saying that EU’s decision “drives home the importance of true openness in the mobile ecosystem”. It also hopes that the result will “level the playing field for mobile browsers like Firefox, and foster openness to creates and sustain the competition and innovation”. Many Experts are comparing this case to a previous EU investigation into Microsoft and its desktop web browser. But, Google claims that the two cases are quite different as Android is free, while Microsoft charged for Windows. At the press conference with the commissioner on the antitrust decision, Vestager was asked about breaking up Google as a better remedy than the current decision made by the Commission. To which Vestager replied “here we have a decision which is very clear, which will allow mobile device producers to have a choice. That will allow us as consumers to have a choice as well. That's what competition is about. And I think that is much more important than a discussion of whether or not breaking up a company would do that." Public opinion about EU’s decision against Google is varied. https://twitter.com/gchampeau/status/1019550037888716801 https://twitter.com/BenVanRompuy/status/1019563725085343744 https://twitter.com/Visualfy/status/1019845990185144320 https://twitter.com/axa1981/status/1019543107971502080 Google begs to differ. “Today’s decision rejects the business model that supports Android, which has created more choice for everyone, not less. We intend to appeal” says Pichai. Google releases Android Things library for Google Cloud IoT Core Top 5 Google I/O 2018 conference Day 1 Highlights: Android P, Android Things, ARCore, ML kit and Lighthouse  

After the first preview of its Blockchain Cloud Service at OpenWorld last October, Oracle has confirmed the general release and availability of its Blockchain platform in an official press release this Monday. Before this release, Oracle’s pre-release version of  Blockchain Cloud Service was being used by different businesses across the globe such as Arab Jordan Investment Bank, Certified Origins, Solar Site Design, CargoSmart, etc. These organizations say have seen a major difference in their business after adopting Oracle’s Blockchain as a service (BaaS). For instance,  Andrea Biagianti, CIO of Certified Origins (Italy based olive oil producer) mentions that the company wanted to trace the products (Bellucci EVOO) that they sell in the market of United States across the entire supply chain. Oracle’s Blockchain service helped the company by making the implementation and collaboration of all the included parties quite simple. It also provided them with a competitive edge over the others in the market. “It adds a further level of transparency and information that is valuable for consumers looking for quality products and helps us to support the excellence of the small farms”, says Biagianti. This Blockchain service will be of great help to organizations in three major ways. Firstly, it provides them with a development platform to build their own Blockchain networks. Secondly, it allows integration with Oracle SaaS, existing third-party applications, Oracle PaaS and other Blockchain networks to drive more reliable transactions. Lastly, clients or customers can program and test smart contracts to automate processes over the Blockchain distributed electronic ledger. The new service is based on top of the Linux Foundation’s Hyperledger Fabric, which is a collaboration tool that comes with in-built infrastructure dependencies, REST proxy, and a number of monitoring and operation tools. It helps in building Blockchain based automated ledger such as smart contract technology. A smart contract is an automation tool based on the Blockchain technology. It gets rid of the middleman in a business by enabling automatic exchange of money, property, etc, in a transparent and hassle-free manner. According to Amit Zavery, executive vice president of Oracle Cloud Platform, “Blockchain promises to be one of the most transformative technologies of our generation”. This is quite true as Blockchain is helping transform businesses by making interactions more secure, efficient and cost-effective. It has also made the future Blockchain implementations easier. This means that as the Hyperledger specification evolves and makes new updates, there is no need for the developers to rewrite the company-specific Blockchain applications. Apart from that, new SaaS applications are being offered by Oracle for the Blockchain technology. These can be used in cases like track and trace, warranty and usage, cold chain, etc. Organizations wanting to avail Oracle’s Blockchain services can either pay per usage (without a contract) or via a monthly, yearly or a multi-year deal. There is also a 30-day free trial of the cloud service that the Customers can sign up for. Oracle Apex 18.1 is here! Oracle announces Oracle Soar, a tools package to ease application migration on cloud