It was all over the British press. The BBC did run it but yes, they showed a great deal more skepticism and quoted other skeptical people. The BBC gets ragged on a lot but I tend to find it's still a lot more obviously neutral than newspapers are.

Oops, I forgot something important.

There is a simple web based IDE that you can use to experiment and learn the language at try.kotlinlang.org. For me it seems there's a layout issue with Chrome right now, but it works fine in Safari.

Is Swift suitable for writing applications for all? If not, developers would be writing for a limited, albeit popular platform, but limited to a certain subset nonetheless.

No, it's Apple specific. However that's OK because there's a language which is much like Swift, except it runs on pretty much every device you might have.

That language is new. It's called Kotlin, and it is from JetBrains, the makers of the highly popular IntelliJ series of IDEs (+ WebStorm, PHPStorm, RubyMine, PyCharm etc).

Kotlin targets the JVM and JavaScript. It interops perfectly with Java. That means code written in it runs on Windows, Mac, Linux and Android. Additionally, via the RoboVM project, JVM bytecode can be compiled to native ARM iOS/OSX binaries. There is no JIT compiler. RoboVM provides bindings to all Objective-C APIs on iOS so you can build native UIs and access all the same functionality as a native app. Programs written this way are on the app store, so Apple is cool with the technique.

Kotlin has a clean, concise syntax and many modern features that match those in Swift. For example it has nullability/optionality integrated with the type system. It has Markdown comments. It has extension functions. It has some support for pattern matching. It has named parameters. It has the ability to define "data classes" that have easy immutability, content equality, hashcodes, serialization etc all in a single line of code. It has type inference and compile-time inlined lambdas, so you can do high performance functional programming with it. It has features to support complex DSLs. It has a full IDE with many built in refactorings, online static analysis, and via the JVM it has high quality CPU/memory profilers and debugging support.

In short, programming with Kotlin is much like programming with Swift, except you have better tools, an IDE at least as strong as Xcode and in my experience stronger, and you can write apps with it that are indistinguishable from native iOS and Android apps.

google really throws a hissy fit when I send email from my home (on a vpn) using imap. mostly they grey list me and time me out. but this anti-vpn concept annoys me. I don't believe it rejects fraud.

It does reject fraud. I know this because I designed the system at Google that is rejecting your logins, back when I worked there. There's a blog post about the system here. Obviously location (actually: geographical coordinates) are not the only thing that is used, it's just a signal that's carefully blended with others.

The main reason location works as a useful anti-fraud signal is that the datasets that hackers are working off are very sparse. Normally only usernames and passwords. So they don't know where in the world you live, meaning that they have to guess. It's almost like a second password. And mostly their guess will be wrong, leading to an ID verification check.

Now if you use VPNs or Tor or whatever that actually move you around the world constantly, then you're in a tiny minority of people that this heuristic doesn't work for. That's not so great. But here's a tip - if you enable 2-step verification on your Google account and then give your IMAP client an "app specific password" you shouldn't see rejected logins anymore, as is documented in the Google support pages. If your IMAP client knows how to use OAuth to log in, that would also work, but most don't.

They didn't just "have" her number, it was on a list of numbers being tapped.

Also, the US admitted it and then said they weren't doing it anymore. That's kind of odd - normally a public admission backed by documentary evidence would be sufficient for a criminal prosecution, no? Certainly it often happens with less (like almost any rape case).

Sounds more like the powers that be didn't want to disturb the intelligence agencies cosy little setup. And let's face it, the BND were not exactly going to co-operate with any investigation.

What if the claim that the files have been decrypted is false?

That's almost certainly the case. The story reeks of propaganda. For instance, the claim that the UK has some kind of large Russian spy network is rather contradicted by the fact that they only recently started recruiting Russian speakers. Pretty hard to get intel from a country where you don't have any staff that speak the language.

The notion that a "cache of documents" was cracked also sounds like nonsense. None of the Snowden documents have dealt with human intelligence ("HUMINT" as they call it). We're being asked to believe that there's hugely detailed info about British spies in what Snowden leaked, yet, no mention of documents from MI6 has been made up until now? Not even alluded to?

And the Russians and Chinese, working independently, both managed to crack this cache ... at the same time?

And none of the spies that were found after this calamitous event were arrested or deported? Not a single one? Even though when Russian spies were found in the USA they were turned into a media circus and then put in front of a judge?

No way. None of the things we're being asked to believe make even a shred of sense. There's a far, far more plausible explanation that does fit the facts: British intelligence was far, far more reliant on SIGINT for insight into Russia and China than they wanted their bosses to believe. MI6, in particular, is stretched to the limit. We know that they routinely cancel surveillance of people they believe might be dangerous jihadis because they don't have the resources to continue. Lacking Russian language speakers, lacking any real motivation to spy on Russia until very recently, you can see how they might have become super reliant on the very fragile techniques used by GCHQ. Now I absolutely do believe that foreign governments became harder to spy on as a result of Snowden, but this terrible disaster that has afflicted UK intelligence is much more likely to be the result of foreign embassies upgrading their VPNs to non-weak Diffie-Hellman, than the result of moving agents who may or may not even exist.

There won't be any evidence offered, because this event is almost certainly a work of fiction. A careful reading of the articles and simply thinking things through will reveal colossal, gaping holes in the story the British government is peddling.

Firstly: we know beyond doubt that this story is at least partly fictional. We know this because the anonymous government sources (i.e. civil service officials) keep contradicting each other. We see for example this quote in the Independent, "However, despite a senior government official was quoted by the paper as saying that Snowden had "blood on his hands", Downing Street confirmed that there was “no evidence of anyone being harmed” as a result of his leaks". Different versions of the same story contradicting each other is a good sign that what we're being fed is a story: things always grow in the telling, especially when we're hearing a third or fourth hand account of what happened. The way US officials contradicted each other in the wake of the bin Laden assassination is a good example of that.

Secondly: this story asks us believe several extraordinary and completely implausible things.

In the UK foreign spying with people is the mandate of MI6, a separate agency to GCHQ, which handles signals intelligence only. It's like the split between the CIA and the NSA. Yet in several years of Snowden reporting there has never been any mention of documents from MI6. There has in fact only been a single mention of MI6 in the GCHQ/NSA documents, and that was a joint presentation about spying on climate change conferences! So the UK government is asking us to believe that journalists like Greenwald (who hates the UK because of the holding of his partner at Heathrow) would have a large cache of documents from an entirely separate agency and yet find nothing newsworthy in them at all ..... indeed, apparently MI6 is so boring that the existence of such documents isn't even worth mentioning? Apparently the UK has never done anything even embarrassing in many years of engaging in foreign HUMINT? That stretches the bounds of credulity beyond breaking point.

But it goes on. We are asked to swallow a second utterly ridiculous idea. Apparently the Russians and Chinese suddenly got access to a wealth of information on British spies, information so detailed it allowed them to be targeted:

The newspaper quoted a senior Home Office source as saying: “Putin didn't give him asylum for nothing. His documents were encrypted but they weren't completely secure and we have now seen our agents and assets being targeted.”

What normally happens when spies are caught? Well, they are normally arrested and tried, or at minimum thrown out of the country. Yet Downing Street is telling us that there was "no evidence of anyone being harmed". In short, we're being asked to believe that Russian and Chinese counter-intelligence suddenly found themselves with information so detailed that it amounts to a brain-dump of MI6, including lists of foreign agents ...... yet they walked away from the biggest gift in counter-intel history with nothing at all. Not a single arrest, not a single trial.

That the KGB and Chinese counter-intelligence are so incompetent defies belief - indeed, it is literally unbelievable.

There's a third totally implausible thing about this story. It asks us to believe that there is a cache of encrypted Snowden documents out there .... somewhere ..... and the Russians/Chinese were both able to obtain this cache, yet they could not obtain the accompanying password. So where did this cache come from? Again, the civil service is asking us to believe something utterly stupid: "Putin didn't give him asylum for nothing" .... in other words, he was given asylum in return for a secret cache of unreadable documents, that Snowden did not have any ability to unlock. What a great deal for Putin! Such a story makes little sense, and is also contradicted by Snowden himself: he said many times he did not take any documents with him. Once they were given to the journalists, that was it. And he clearly sees himself as an American patriot, so such a move would make sense: he knew he must leave America, and he knew if he had the documents he'd be forced to give them up. Solution: leave without the documents.

So if the story we're being fed here is just propaganda, where did it come from?

I strongly suspect that the genesis of this story is some kind of internal report from MI6 or GCHQ that tries to explain a drop in foreign intel performance. The home office official quoted above says only that "they have been targeting our agents and assets". I suspect the story evolved like this:

1) MI6/GCHQ - the quality of our intel has gone down. The Russians/Chinese seem to be harder to spy on than before. We're moving agents around to try and fix things. Possible explanations include a mole inside our operations, improvements in RU/CN counter-intel, or information gleaned from the Snowden leaks.

2) Home office flunky - the quality of our intel has gone down. The Russians/Chinese are using the Snowden documents to stop us from spying on them. We're being forced to move agents around.

3) More senior home office flunky - we've had an intelligence disaster. The RU/CNs have cracked the encryption on the Snowden documents and that forced us to move our agents. We're lucky no-one was killed. Snowden could have had blood on his hands.

4) Home office "official leaker to the press" - there's been a massive intelligence disaster, Snowden has blood on his hands after our enemies cracked the encryption and started targeting our agents and assets, we have been forced to move spies to keep them out of harms way.

With each iteration up the management chain the story grows in the telling. The "cracked the encryption" part is pure Hollywood - nobody who knows anything about encryption or hacking can really believe this story. But it's the sort of thing that'd sound absolutely convincing to a middle aged civil servants with an arts degree whose entire knowledge of spycraft comes from the movies.

Actually, I'll take my speculation a step further - I strongly suspect that in reality MI6 has very few or no agents inside Russia or China and they were almost entirely reliant on GCHQ SIGINT operations for insight there. Partly because their staff are all so busy running around after jihadi's, partly because the people running those agencies know that Russia and China aren't all that dangerous, and partly because pre-Snowden SIGINT was so much more effective. We know this because of this story from the British press in March which quotes the Foreign Secretary as saying:

Making a speech earlier this week, Philip Hammond, the foreign secretary, said Russia’s “aggressive behaviour” posed a significant threat to the UK, adding: “It is no coincidence that all the agencies are recruiting Russian speakers again.”

The lulz! They are so strong! So in March we're being told that Brit intelligence is "recruiting Russian speakers again" and in June we're being told that we have a vast network of spies and assets in Russia that are being "moved" instead of being arrested. Again this whole crap beggars belief. How exactly is MI6 supposed to run a spy network inside Russia if it didn't even bother recruiting Russian speakers until two months ago?

No, the more I think about this, the clearer it gets. This story is garbage.

If you can't beat them, destroy their revenue stream. It's the same reason Google released free online office software to combat Microsoft and why Android is free. It's just good business sense.

That analogy is really poor - Google Apps is only free for personal use. Corporates pay for it. And Android is free because they wanted to help unify the mobile OS space, and knew that doing an open source OS was one way to do that.

With this strategy Apple are trying to destroy the revenue stream not only of Google, but of lots of companies that don't compete with them and have nothing to do with them. In fact advertising is the revenue model of most of the web, ignoring a handful of paywalled newspapers and other services. If this is Apple's way to try and "compete" with Google, then it's a scorched earth policy that says they don't care how many enemies they make along the way. And it's not about making a better or cheaper product, like how Android competes with iOS, it's about using existing market share to quietly interfere with other people's businesses.

This is far closer to Microsoft strategies than Google's. It's only "good business sense" if you've confused legitimate capitalist competition with destroying your competitors via any means possible.

I thought that at first too. But if you read the reports more closely it strongly suggests this is Israeli intelligence, not NSA.

One strong indicator of this is that Kaspersky already found and analysed the current-gen NSA malware platform, they call the NSA the "Equation Group" and the things linking it to the NSA are extremely strong, to the extent that known NSA codenames are found in the binaries. However they also say that they found at least one victim that was hacked by NSA and "Duqu 2" simultaneously. It wouldn't really make sense for the NSA to have two entirely duplicative/redundant malware development projects over such a long period of time.

Additionally, various other things suggest Israeli intelligence, like timestamps and working hours indicative of Israel and the fact that one of the victims was linked to some anniversary of the liberation of Auschwitz.

The people from Kaspersky posited the idea that Duqu has no value to the people who wrote it - likely because by the time they attacked Kaspersky, they had already infected the people they were really after and could safely throw it away.

I believe Israeli intelligence has a big budget for hacking. But not that big. Duqu 2 seems to have over 100 plugins. They burned three zero days on this attack. Much of the code is clearly an evolution of Duqu 1.0 which was being used years ago.

It seems obvious that each intelligence agency has developed its own malware platform over a period of many years and these things must represent large investments for them. To simply throw it away by attacking Kaspersky makes no sense.

Occam's Razor says pick the simplest theory. We know from the Stuxnet leaks that the Israeli's fucked up and made Stuxnet way too aggressive, that's why it spread way outside its intended victims. We know Israel is an astonishingly aggressive country that thanks to the US protection it gets, sees itself as being able to do whatever it likes. The simplest explanation is that they got cocky and thought they could beat Kaspersky. Perhaps they had beaten Kaspersky: the report notably doesn't give many details about when they think they got attacked. They might have been compromised for a long time already. Regardless, eventually they lost, and now any company that uses Kaspersky AV is probably able to detect the Israeli malware platform. Unless they have a limitless supply of kernel exploits, eventually they will not be able to patch the AV driver's brains out and their platform will start getting detected.

The report says that at least one victim has been targeted by Equation Group (NSA) and Duqu simultaneously. The targeting of something related to a WW2 anniversary also strongly suggests Israel.

Sorry having fully read the report now I'm gonna guess that Duqu is more likely to be Israeli intelligence than the NSA. The report notes that at least one victim has been hacked by the "Equation Group" (very clearly NSA) and Duqu at the same time. Additionally the target list is things like anything to do with the Iranian nuclear program (very interesting to the Israelis) and also something to do with an anniversary of an event related to Auschwitz? Doesn't seem likely to interest the Americans. And apparently the few unfaked timestamps that remain are GMT+2 or GMT+3, the developers work on January 1st, and there's at least one English spelling mistake in the code.

Additionally, Duqu and Stuxnet are apparently somehow related but not quite the same thing, and we know from leaks by US officials wanting to take credit that Stuxnet was a US/Israeli collaboration.

They were probably aware that this would come up anyway so their PR department took action

Come up how? Who the hell cares about hacking an anti-virus company except intelligence agencies anyway? They, at least for now it seems, aren't in the business of blackmailing companies in ways that could only lead directly back to them.

To be hacked when you are a security focused company is hurting their image whatever advanced attack was used

No way! This can only help their image, not hurt it.

Look. This attack speaks to the idiocy and hubris of whichever intelligence agency is behind Duqu (probably the NSA, iirc). Kaspersky have repeatedly revealed western intelligence malware; they are not idiots, as anyone who reads their reports can attest. Indeed they've done massively more than any other AV company in the business. The people who thought it was a good idea to attack a company staffed by some of the best reverse engineers in the industry must be crazy: they just burned three zero days ..... for what? To get a sneak preview of upcoming products? Those must be some mighty scary products!

What sort of message does this send to anyone outside the USA? It says that Kaspersky AV is so frickin' badass that the world's best funded intelligence agencies tried to spy on it ..... and failed. It says that Kaspersky, being Russian, doesn't give a shit about being prosecuted by the US government and will happily add NSA malware to their AV product scans, it reinforces their image of being in the lead when it comes to analysing state-sponsored malware, it reveals a strong commitment to transparency (they could have said nothing), and it says "if you think you may be targeted by government attackers, you can't do better than buy Kaspersky AV".

I think this is a genius move by them.

The reason why companies develop new languages is because the ones coming from academia are focused on the wrong things. Product development requires an industrial strength, strongly typed (for the most part) fast language.

Projects coming from academia are interpreted, JVM based, functional, obsessed with (im)mutability, closures, and lambda functions

Whilst I don't disagree that academic languages rarely get used directly in industry, one of the world's most successful industrial programming languages is Java, and Java is interpreted, JVM based, and in version 8 got things like functional streams and lambda functions. Still no help with immutability, but value types will partly address that.

So choosing these features as examples of stuff that's irrelevant to large scale industrial systems seems particularly perverse.

Once you learn of an investigation or a law suit, or can be reasonably expected to know one is coming, it's incumbent upon you to save all records

The article claims that since Sarbanes-Oxley this statement is no longer true: destruction of records can be a crime even if you had no idea there was an investigation taking place.

This sounds absurd but there are other US laws that turn people into "accidental criminals" like this.