snydeq writes "Smart coders always optimize the slowest thing. But what if 'the slowest thing' is the code supplied by your vendor? That was exactly the situation Vipul Ved Prakash discovered when he tinkered with a company Linux box on which Perl code was running at least 100 times slower than expected. The code, he found, was running on CentOS Linux, using Perl packages built by Red Hat. So Prakash got rid of the Perl executable that came with CentOS, compiled a new one from stock, and the bug disappeared. 'What's more disturbing,' McAllister writes, 'is that this Red Hat Perl performance issue is a known bug,' first documented in 2006 on Red Hat's own Bugzilla database. Folks affected by the current bug have two options: sit tight, or compile the Perl interpreter from source — effectively waiving your support contract. If a Linux vendor can't provide comprehensive maintenance and support for the open source software projects you depend on, McAllister asks, who ever will?"

Anti-Globalism recommends a posting up at O'Reilly's ONLamp on reasons that some companies are turning away from Perl. "[In one company] [m]anagement have started to refer to Perl-based systems as 'legacy' and to generally disparage it. This attitude has seeped through to non-technical business users who have started to worry if developers mention a system that is written in Perl. Business users, of course, don't want nasty old, broken Perl code. They want the shiny new technologies. I don't deny at all that this company (like many others) has a large amount of badly written and hard-to-maintain Perl code. But I maintain that this isn't directly due to the code being written in Perl. Its because the Perl code has developed piecemeal over the last ten or so years in an environment where there was no design authority.. Many of these systems date back to this company's first steps onto the Internet and were made by separate departments who had no interaction with each other. Its not really a surprise that the systems don't interact well and a lot of the code is hard to maintain."

Chromodromic writes "Apress's newest Django offering, Practical Django Projects by James Bennett, weighs in lightly at 224 pages of actual tutorial content, but trust me, they're dense pages. Filled with pragmatic examples which directly address the kinds of development issues you will encounter when first starting out with Django, this book makes an important addition to the aspiring Django developer's reference shelf. In particular, the book's emphasis on demonstrating best practices while building complete projects does an excellent job of accelerating an understanding of Django's most powerful features — in a realistic, pragmatic setting — and which a developer will be able to leverage in very short order." Read below for the rest of Greg's review.

Corrupt brings us a ZDNet column by Jeremy Allison, who says Linux could benefit from more "tough love" in order to improve its functionality and popularity. Excerpting: "As Elie Wiesel said, 'the opposite of love is not hate, it is indifference.' LinuxHater really doesn't hate Linux, despite the name. No one takes that much time to point out flaws in a product that they completely loathe and despise. The complaints are really cries of frustration with a system that just doesn't quite do what is desired (albeit well disguised). A friend pointed out to me that the best way to parse LinuxHaters blog is to treat it as a series of bug reports. A perl script could probably parse out the useful information from them and log them as technical bug reports to the projects LinuxHater is writing about. Deep down, I believe LinuxHater really loves Linux, and wants it to succeed."

An anonymous reader writes "If you've been hired by a serious software development house, chances are one of your early familiarization tasks was to read company guidelines on coding standards and practices. You've probably been given some basic guidelines, such as gotos being off limits except in specific circumstances, or that code should be indented with tabs rather than spaces, or vice versa. Perhaps you've had some more exotic or less intuitive practices as well; maybe continue or multiple return statements were off-limits. What standards have you found worked well in practice, increasing code readability and maintainability? Which only looked good on paper?"

Delchanat points out a blog entry which notes, "The two biggest computing-providers of today, Amazon and Google, are building their concurrent offerings on top of really concurrent programming languages and systems. Not only because they want to, but because they need to. If you want to build computing into a utility, you need large real-time systems running as efficiently as possible. You need your technology to be able to scale in a similar way as other, comparable utilities or large real-time systems are scaling — utilities like telephony and electricity. Erlang is a language that has all the right properties and mechanisms in place to do what utility computing requires. Amazon SimpleDB is built upon Erlang. IMDB (owned by Amazon) is switching from Perl to Erlang. Google Gears is using Erlang-style concurrency, and the list goes on."

A few weeks ago, you asked questions of Lt. Col. John Bircher, head of an organization with a difficult-to-navigate name: the U.S. Army Computer Network Operations (CNO)-Electronic Warfare (EW) Proponent's Futures Branch. Lt. Col. Bircher has answered from his perspective, at length, not just the usual 10 questions, but several more besides. Read on for his take on cyberwar, jurisdiction, ethics, and more.

jsuda writes "At least a half-dozen times in the book 'Foundations of Mac OS X Leopard Security' the authors state that there is a misconception that the Macintosh computer is immune from security problems. That allegation may explain why there are very few books published (and nearly none in recent years) about security for the Mac. This book is meant to change all that. The authors acknowledge that the Mac OS X software has had little of the security problem experience of Windows (and other operating systems, to a lesser extent) but they spend 455 pages detailing exactly where and how the Macintosh platform is (or may be) vulnerable." Read below for the rest of Jsuda's review.

Jon Mitchell writes "As a Perl programmer recently thrown in to the world of C development on Linux, I have been looking for something that would take my K&R level of experience and bring it up to date with modern methods, hopefully letting me write more efficient and reliable programs. Linux System Programming is a volume that targets this need. Robert Love, former "Chief Architect, Linux Desktop" at Novell, kernel hacker of many years, and Gnome developer of well known features such as Beagle and NetworkManager, attempts in this book to document the Linux system call and C API to common systems programming tasks. Given that he developed the pre-emptive kernel and inotify he has the knowledge." Read below for the rest of Jon's review.

symbolset writes "InternetNews is reporting that Cisco's new Application eXtension Platform turns several models of Cisco switches into Linux application servers. With certified libraries in C, Java and Perl, developers will be able to use a downloadable SDK to build their apps. The AXP server is just another module in a Cisco switch running Cisco's own derivation of a modern Linux distro (Kernel 2.6.x) specifically hardened to run on that particular hardware. Modules will include up to 1.4-GHz Intel Pentiums with 2 GB RAM and a 160 GB hard drive."

LinucksGirl writes to share an IBM DeveloperWorks article that shows how to support user verification through keystroke-dynamics processing by modifying the GNOME Display Manager (GDM). You can create and store a one-way encrypted hash of your keystroke patterns when entering your user name. The article shows how to add code to GDM to read current keystroke patterns and permit a user to log in when the characteristics are a match. An interesting idea to be sure but I know I certainly am not that consistent when I type, so I'm skeptical of how well this may work.

An anonymous reader writes "Engineers' focus and attention to details, along with their perceived lack of social skills, make them ideal targets to be recruited as terrorists, according to EETimes. Planning skills make engineers good 'field operatives' was written up by Raphael Perl, who heads the Action against Terrorism Unit of Organization for Security and Cooperation in Europe. He offers that 'Engineers ideally make excellent strategic planners, and they make excellent field operatives. They think differently from how other people think.' That may sound like a stereotype, but Perl claims that 'because of those traits, terrorist groups actively recruit engineers.' He says that Al-Qaeda has widely acknowledged that a significant number of the group's top leadership had engineering backgrounds." This is the second time in just a few months that engineers have been likened to terrorists.

Michael J. Ross writes "When software developers need to manipulate text programmatically — such as finding all substrings within some text that match a particular pattern — the most concise and flexible solution is to use "regular expressions," which are strings of characters and symbols that can look anything but regular. Nonetheless, they can be invaluable for locating text that matches a pattern (the "expression"), and optionally replacing the matched text with new text. Regular expressions have proven so popular that they have been incorporated into most if not all major programming languages and editors, and even at least one Web server. But each one implements regular expressions in its own way — which is reason enough for programmers to appreciate the latest edition of Regular Expression Pocket Reference, by Tony Stubblebine." Read below for the rest of Michael's review.

simoniker writes "Over at Dobbs Code Talk, Chris Diggins has been discussing programming languages beyond C++ or Java, suggesting options such as Ruby ('does a great job of showing how powerful a dynamic language can be, and leverages powerful ideas from Smalltalk, Perl, and Lisp') but suggesting Scala as a first choice ('Very accessible to programmers from different backgrounds.') What would your choice be for programmers extending beyond their normal boundaries?"

Cory Doctorow sounds the alarm over a Library of Congress deal with Microsoft that will have collections locked up in Silverlight. I'll double the Microsoft deal and offer them $6M in perl scripts and an infinite value of free OS software if they let me (or Google or any other honest company) publish their collections in free formats. "This deal involves the donation of 'technology, services and funding' (e.g., mostly not money) with a purported value of $3M from Microsoft to the Library of Congress. The Library, in turn, agrees to put kiosks running Vista in the library and to use Microsoft Silverlight to 'help power the library's new Web site, www.myloc.gov.'"

CBR is reporting that open source use in the workplace is continuing to grow at an astonishing rate. Up 26% since last year, businesses are using 94 different open source tools to get the job done. "[OpenLogic's] breakdown of licenses for the top 25 packages found that Apache, not the GPL, is the most common license. 62% of the packages use Apache, 27% use some variant of GPL and 4% each use BSD, CPL, Eclipse, MPL and Perl licenses (since packages may be released under two or more licenses, percentages total to more than 100%).

Stony Stevenson writes "Organizations using Python will be affected in a major way by changes in store for the language over the course of the next twelve months, Linux.conf.au attendees were told this morning. The Python development community is working towards a new, backwards-incompatible version of the language, version 3.0, which is slated for release in early 2009. Anthony Baxter, the release manager for Python and a senior software engineer at Google Australia, said "We are going to break pretty much all the code. Pretty much every program will need changes." Baxter also added another tidbit for attendees, saying that Python accounts for around 15 percent of Google's code base."

Esther Schindler writes "Developers spend a lot of time telling managers, 'Let me use the tool that's appropriate for the job' (cue the '...everything looks like a nail' meme here). But rarely do we enumerate when a language is the right one for a particular job, and when it's a very, very wrong choice. James Turner, writing for CIO.com, identifies five tasks for which perl is ideally suited, and four that... well, really, shouldn't you choose something else? This is the first article in a series that will examine what each language is good at, and for which tasks it's just plain dumb. Another article is coming RSN about JavaScript, and yet another for PHP... with more promised, should these first articles do well."

mAriuZ writes "Bob Rogers just released Parrot 0.5.2. This monthly release includes a couple of interesting new features. First, we've bundled Patrick Michaud's Rakudo (thats the implementation of Perl 6 on Parrot) such that you can type make perl6 on Unixy platforms and make perl6.exe on Windows and get a working standalone Perl 6 binary. This is experimental and we hope to iron out some installation and deployment issues by next months release, but it was important to demonstrate our progress. The second new feature is a toolkit for starting your own compiler. Max Mohun built a prototype several months ago, and we've added a stripped-down version for now that builds the skeleton of a compiler for you using the Parrot Compiler Tools. I mentioned the LOLCODE compiler in What the Perl 6 and Parrot Hackers Did on Their Christmas Vacation; this is how Simon and Company were able to get LOLCODE up and running so quickly."

Coverity is claiming they have found and helped to fix more than 7,500 security flaws in open source software since the inception of the governmentally backed project designed to harden open source software. The company has also identified eleven projects that have been especially responsive in correcting security problems. "Eleven projects have been awarded the newly announced status of Rung 2, including those known as Amanda, NTP, OpenPAM, OpenVPN, Overdose, Perl, PHP, Postfix, Python, Samba, and TCL."