"Google is taking aim at Microsoft's dominance in government technology and security," reports NBC News: Jeanette Manfra, director of risk and compliance for Google's cloud services and a former top U.S. cybersecurity official, said Thursday that the government's reliance on Microsoft — one of Google's top business rivals — is an ongoing security threat.

Manfra also said in a blog post published Thursday that a survey commissioned by Google found that a majority of federal employees believe that the government's reliance on Microsoft products is a cybersecurity vulnerability. "Overreliance on any single vendor is usually not a great idea," Manfra said in a phone interview. "You have an attack on one product that the majority of the government is depending on to do their job, you have a significant risk in how the government can continue to function."

Microsoft pushed back strongly against the claim, calling it "unhelpful." The study comes as Google is positioning itself to challenge Microsoft's dominance in federal government offices, where Windows and Office programs are commonly used....

The blog post comes as hackers continue to discover critical software vulnerabilities at an increasing pace across major tech products, but especially in Microsoft programs. Last year, researchers discovered 21 "zero-days" — an industry term for a critical vulnerability that a company doesn't have a ready solution for — actively in use against Microsoft products, compared to 16 against Google and 12 against Apple. he most prominent zero-day was used against Microsoft's Exchange email program, which cybersecurity experts say was first employed by Chinese cyberspies and then quickly adopted by criminal hackers, leading to hundreds of companies becoming compromised.

WHO has been using the Greek alphabet to name coronavirus strains, but avoided two letters that presented problems. From a report: As health authorities around the world grappled with the emergence of a new strain of the coronavirus, virologists were struggling with a thorny question of their own: What should they name it? The World Health Organization has been using Greek letters to refer to the most widely prevalent coronavirus variants, which otherwise carry unwieldy scientific names. It had already gone through 12 letters of the Greek alphabet when a new variant called B.1.1.529 was detected. But the next two letters in the Greek alphabet, Nu and Xi, posed problems. The WHO said it had skipped them because Nu was too easily confused with "new," while Xi is a common surname. The body cited best practices for naming diseases that seek to avoid causing offense to any cultural, social, national, regional, professional or ethnic groups.

Xi ranked 296th last year among the most common family names in China, according to the government. The top 100 family names are used by about 85% of the population, official data show. The Xi surname is shared by Chinese President Xi Jinping. Until the practice of naming variants after characters in the Greek alphabet was adopted in May, new strains of the virus were commonly referred to by the country where they were first detected. The new system sought to avoid stigmatizing countries that discover new variants. And so what was known as the U.K. variant -- also the Kent variant after the English county where it was discovered -- became Alpha, while a strain detected in South Africa was named Beta. Another thought to have originated in Brazil was given the name Gamma, while Delta was one of the variants first found in India.

In January ElasticSearch made what it calls "an incredibly hard decision" — to change the licensing on its scalable data-search solution. They called this an effort to "stand up to" Amazon's AWS for offering ElasticSearch functionality as a service "without collaborating with us... after years of what we believe to be Amazon/AWS misleading and confusing the community." Amazon then forked ElasticSearch, releasing a new "OpenSearch" product under the original Apache 2.0 licensing. Last month AWS's fork reached General Availability/1.0 status.

Now Mike Melanson's "This Week in Programming" column reports that ElasticSearch is "making further attempts at closing off access to ElasticSearch and shutting out AWS — while AWS is fighting back: AWS says that "OpenSearch aims to provide wire compatibility with open source distributions of Elasticsearch 7.10.2, the software from which it was derived," making it easy to migrate to OpenSearch. While Elastic can't do anything about that, they can make changes to some open source client libraries that are commonly used. "Over the past few weeks, Elastic added new logic to several of these clients that rejects connections to OpenSearch clusters or to clusters running open source distributions of Elasticsearch 7, even those provided by Elastic themselves," AWS writes. "While the client libraries remain open source, they now only let applications connect to Elastic's commercial offerings..."

AWS is again coming out as the savior of open source in this scenario, it would seem, this time promising to offer "a set of new open source clients that make it easy to connect applications to any OpenSearch or Elasticsearch cluster" that "will be derived from the last compatible versions of corresponding Elastic-maintained clients before product checks were added."

"In the spirit of openness and interoperability, we will make reasonable efforts to maintain compatibility with all Elasticsearch distributions, even those produced by Elastic," they write. In the meantime, while the OpenSearch community works on creating the replacement libraries, AWS recommends that users do not update to the latest version of any Elastic-maintained clients, lest their applications potentially cease functioning.
"It's disappointing to see this," reads a comment (upvoted 35 times) on the ElasticSearch repository announcing the change in late June. "You're forcing us as bystanders in a battle to choose sides." And Amazon responded with its own take on the situation in their AWS press release this week. "Our experience at AWS is that developers find it painful to update their already-deployed applications to use new versions of server software, so backward compatibility for clients and APIs weighs heavily in our designs..."

The press release also calls ElasticSearch's changes "disruptive," adding "The most broadly adopted open source projects generally emphasize flexibility, inclusion, and avoidance of lock-in..."

An anonymous reader quotes a report from the BBC: Household appliances will become easier to repair thanks to new standards being adopted across the European Union. From 2021, firms will have to make appliances longer-lasting, and they will have to supply spare parts for machines for up to 10 years. The rules apply to lighting, washing machines, dishwashers and fridges. But campaigners for the "right to repair" say they do not go far enough as only professionals -- not consumers -- will be able carry out the repairs. The legislation has been prompted by complaints from consumers across Europe and North America infuriated by machines that break down when they are just out of warranty. Under the European Commission's new standards, manufacturers will have to make spares, such as door gaskets and thermostats, available to professional repairers. These parts will have to be accessible with commonly-available tools and without damaging the product. Manufacturers say they are only making the parts available for independent professionals because if consumers were allowed to buy spares and mend their own machines it would raise questions about risk and liability.

The report also notes that "star ratings for the energy efficiency of appliances will be ratcheted up," which "could directly save 20 billion euros on energy bills per year in Europe from 2030 onwards -- equivalent to 5% of EU electricity consumption."

An anonymous reader quotes a report from Ars Technica: One of the great purported boons of GMOs is that they allow farmers to use fewer pesticides, some of which are known to be harmful to humans or other species. Bt corn, cotton, and soybeans have been engineered to express insect-killing proteins from the bacterium Bacillus thuringiensis, and they have indeed been successful at controlling the crops' respective pests. They even protect the non-Bt versions of the same crop that must be planted in adjacent fields to help limit the evolution of Bt resistance. But new work shows that Bt corn also controls pests in other types of crops planted nearby, specifically vegetables. In doing so, it cuts down on the use of pesticides on these crops, as well.

Entomologists and ecologists compared crop damage and insecticide use in four agricultural mid-Atlantic states: New Jersey, Delaware, Maryland, and Virginia. Their data came from the years before Bt corn was widespread (1976-1996) and continued after it was adopted (1996-2016). They also looked at the levels of the pests themselves: two different species of moths, commonly known as the European corn borer and corn earworm. They were named as scourges of corn, but their larvae eat a number of different crops, including peppers and green beans. After Bt corn was planted in 1996, the number of moths captured for analysis every night in vegetable fields dropped by 75 percent. The drop was a function of the percentage of Bt corn planted in the area and occurred even though moth populations usually go up with temperature. So the Bt corn more than counteracted the effect of the rising temperatures we've experienced over the quarter century covered by the study.

An anonymous reader shares a report: In case you haven't heard the news, JavaScript and NodeJS are single handedly eating the world of software. NodeJS is an Open Source server-side JavaScript environment based on the V8 JS rendering engine found in Google Chrome. Once only thought of as a "hipster" framework, NodeJS is fastly becoming one of the most commonly used languages in building web applications and is beginning to find its way into the Enterprise. Netflix, Microsoft, PayPal, Uber, and IBM have adopted the popular "hipster" server-side JavaScript engine for use inside high traffic, high profile production projects. Java still powers the backend of Netflix, but all the stuff that the user sees comes from Node. In addition to Node, Netflix is also using ReactJS in their stack. PayPal too is moving away from Java and onto JavaScript and NodeJS for use in their web application platform. Uber has built its massive driver / rider matching system on Node.js Distributed Web Architecture. IBM has also embraced NodeJS as well. Even Microsoft has embraced NodeJS, offering direct integrations into their Azure Platform, releasing a wealth of tutorials targeted at Node and they have even announced plans to fork the project and build their own version of Node powered by their Edge Javascript engine instead of Chrome's V8.

This question was inspired by news that Stanford's computer science professor Eric Roberts will try JavaScript instead of Java in a new version of the college's introductory computer programming course. The Stanford Daily reports: When Roberts came to Stanford in 1990, CS106A was still taught in Pascal, a programming language he described as not "clean." The department adopted the C language in 1992. When Java came out in 1995, the computer science faculty was excited to transition to the new language. Roberts wrote the textbooks, worked with other faculty members to restructure the course and assignments and introduced Java at Stanford in 2002... "Java had stabilized," Roberts said. "It was clear that many universities were going in that direction. It's 2017 now, and Java is showing its age." According to Roberts, Java was intended early on as "the language of the Internet". But now, more than a decade after the transition to Java, Javascript has taken its place as a web language.
In 2014 Python and Java were the two most commonly-taught languages at America's top universities, according to an analysis published by the Communications of the ACM. And Java still remains the most-commonly taught language in a university setting, according to a poll by the Special Interest Group on Computer Science Education. In a spreadsheet compiling the results, "Python appears 60 times, C++ 54 times, Java 84 times, and JavaScript 28 times," writes a computing professor at the Georgia Institute of Technology, adding "if Java is dying (or "showing its age"...) it's going out as the reigning champ."

I'm guessing Slashdot's readers have their own opinions about this, so share your educational experiences in the comments. What was your first programming language?

You asked, he answered!

Perl creator Larry Wall has responded to questions submitted by Slashdot readers. Read on for his answers...

Alaa and his friends at Linux-Egypt put a lot of thought into answering your questions. Alaa wrote, "we felt there was much misinformation or lack of information about egypt while reading the comments so I kinda used each question to inject some extra info," which makes this Q&A worth reading for insight into Egyptian society even if you have no particular interest in Linux. Thanks, Alaa and Linux-Egypt.

Jeff Carroll writes "Developers building Java applications for wireless handheld devices have been looking forward for some time now to the release of devices supporting version 2.0 of the Connected Limited Device Configuration (CLDC), and version 1.1 of the Mobile Information Device Profile (MIDP). These new releases contain support for features demanded by developers that didn't make the original releases. In support of CLDC 2.0 and MIDP 1.1, Roger Riggs and his team of authors from Sun, Nokia, and Motorola have released Programming Wireless Devices with the Java 2 Platform, Micro Edition, Second Edition (since I don't have a copy of the first edition, I can only evaluate the new edition on its own merits)." (Read on for his review.) Update: 07/23 16:31 GMT by T : Whoops -- that's CLDC 1.1 and MIDP 2.0, not the other way around.

Stephanie Black contributes this review of a book which might be nice to have around if someone suggests that Open Source is "not for business use." Managing Open Source Projects is one of a class of books that will probably expand hugely in the next few years.

Monday we had over 550 assorted questions and comments for and about Bjarne Stroustrup. Excellent moderation (Thanks, Monday Moderators!) helped cull this mass down to 10 extremely high-quality questions Bjarne has kindly answered in amazing depth, for which he deserves a loud round of applause. Update: 02/28 02:12 by R : Bjarne later took the time to dig through all the comments and reply to some of them. The additional material is appended to the end of the original Q&A session.

Jonas Oberg , chief webmaster of the GNU project has submitted an essay has calls "On the Subject of RMS" where he talks about Linux vs GNU/Linux, Free Software vs. Open Source, and other things that seem to pop up a lot these days. Check it out.