Thousands of universities all over the world use open-source software to support learning, teaching, and research. There are plenty of advantages that this specific type of software delivers for example, it costs less to use and provides educational institutions with more flexibility.

This article will discuss precisely what open-source software is and how universities can use it. We will also mention how it reduces institutional costs and improves flexibility.

What Is Open-Source Software?

Open-source software provides the user with plenty of opportunities when it comes to editing and changing the coding. In short, this type of software is released with its source code, allowing the user to edit, study, use, or share the program.

As we have already discussed, there are plenty of advantages to using this type of software. One of the most essential features of open-source software is that it can be adapted to the users needs and wants. Also, there is an element of complete transparency when the code is used and shared.

With this being said, open-source software is perfect for universities and other educational institutions. Below, we will be discussing why that is true based on flexibility and cost.

Cost and Capacity

Many educational facilities use open-source software primarily because it is free from licensing costs. Seeing as thousands, if not millions, of students, are plagued by student debt, this is a significant aspect.

While there are no licensing costs, the school will still have to pay for additional features, such as enterprise-grade support, input into new features, extra functionality, and rapid bug fixes. However, these costs are still much lower than proprietary software, making it perfect for universities and other businesses.

Flexibility

Open-source software provides universities with plenty of flexibility. As we have already mentioned, this type of program is released with its source code, allowing the user to edit, study, use, or share the software.

This means that the university will be able to alter the code according to their needs and wants. Many educational institutions use open-source software to attract students from around the world. Additionally, plenty of platforms can create courses, share learning materials, assess students, etc.

Concluding Thoughts

Many universities and educational institutions around the world use open-source software as opposed to proprietary software. There are various reasons for this for example, open-source software can be adapted to the universitys, teachers, and students needs. On top of that, there is an element of transparency when the code is used.

However, arguably the most important and attractive aspect of open-source software is the fact that it is free from licensing costs. This type of software also provides the user with more flexibility and adaptability.

More here:

Why Universities Are Choosing Open-Source Software - The Tech Edvocate

Opinion We're going to be cleaning up Apache Log4j security problems for months to come, but the real problem isn't that it was open-source software. It's how we track and use open-source code.

When security vulnerabilities were found in the extremely popular open-source Apache Log4j logging library, we knew we were in trouble. What we didn't know was just how much trouble we were in. We know now. Just ask the Belgian defence ministry. In this ongoing security disaster, many people blame open source for all our troubles.

In the Financial Times (FT), Richard Waters, the newspaper's west coast editor, wrung his hands, saying it's a "little alarming to discover that, more than two decades into the open-source era, glaring security holes sometimes surprise even the experts."

Surprising? I think not. It's software. It always has bugs. Sometimes they're really bad bugs. As security maven Bruce Schneier said over 20 years ago: "Security is a process, not a product." There's no surprise here.

Waters went on: "If an orphan software project like this could be sitting in the heart of the world's internet infrastructure, how many other potential time-bombs are out there?"

Orphan? A major Java library such as Log4j? I think not.

Now, there are vital open-source projects that are orphans. We all know the xkcd cartoon about the tiny but all-important program thanklessly maintained by a person in Nebraska since 2003. The serious part of the joke is that it's not far wrong. Remember OpenSSL's Heartbleed fiasco?

Today, there are fewer such programs. That's because shortly after Heartbleed bled out, the Linux Foundation and mates started the Core Infrastructure Initiative (CII). Its job, and its successor's, the Open Source Security Foundation (OpenSSF), is to find those little under-supported projects and make sure they get the help they need to keep the lights on and the code safe.

But, repeat after me, "security is a process, not a product." Linus's law, as Eric S Raymond phrased it in his seminal work on open source The Cathedral and the Bazaar, "given enough eyeballs, all bugs are shallow" does work. If, and it's a big if, those eyeballs are there and looking. If the code just sits there getting copied over and over again without a moment's thought, no bugs will be found. Simple, isn't it?

Now some people say that the problem is not enough money. As the programmer Xe argues, "'Open Source' is broken" because even now no one is paying the developers. Xe's not wrong. Ralph Goers, the Log4j maintainer who made the initial fix, confessed he works on Log4j in his spare time and has "always dreamed of working on open source full time." As Xe also remarked, "GitHub stars famously cannot be used to pay rent."

So far, so right. But would Goers get paid to go over old Java code with a fine-tooth comb looking for security vulnerabilities even if Oracle were to hire him just to work on Java? I doubt it. Coders are paid to make new code, not fix old code. That's just how things work whether your programs are proprietary or open source.

And if anyone ever tells you proprietary code is safer, ask them about Patch Tuesday. Microsoft Exchange still blew up on New Year's Day because of a Y2K-style problem with a 32-bit integer variable that couldn't handle the new year.

Until the day comes when companies pay developers to fix and clean their old code while looking for security bugs, we will always have this kind of problem pop up. I expect that to be the same day when companies finally make and check their backups reliably and Jane and Joe stop using "password" for their password.

That said, the real reason why Log4j has proven to be such a pain in the ass isn't the code. I mean, we've now had four, count 'em, four Log4j patches. As I write this, if you want to be safe you should be using Log4j 2.17.1. But the real trick, my friend, is making sure you've replaced all those instances of Log4j 2, which aren't so safe. There's the rub.

You see, Java hides its source code and binaries in numerous Java Archive (JAR) variations. There is honestly no telling where a vulnerable Log4j library might be hiding. The only thing you can do is use a variety of tools to help you win this game of high-tech security hide-and-seek. Oh, one problem. None of these security-scanning programs, not one, can find every possible case. Is it a great time to be working in IT or what?

The answer to this are Software Bills of Material (SBOM). Well done, an SBOM does just what it says. It tells you exactly what software libraries, routines, and other code are used in your program.

As David A Wheeler, the Linux Foundation's director of Open Source Supply Chain Security, has explained, with SBOMs and verified reproducible builds, you can make sure you know what's what in your programs. That way, when not if a security hole is found in a component, you can simply patch it rather than search like a madman for the problem code before being able to fix it.

SBOMs, however, are still a work in progress. If we manage to have reliable SBOMs by the end of the 2020s, I'll be a happy man. That will be a pleasant surprise. Oh, and if we can actually pay people to search for trouble in code before things go wildly askew that would be great too. But I'm not holding my breath on that one.

Link:

Open source isn't the security problem misusing it is - The Register

Danish Intelligence Chief Detained Over Leak of Confidential Information

Lars Findsen, the head of Denmarks foreign intelligence service, was revealed as one of the four people detained in December of 2021 for leaking highly classified information. All four detainees are employees of the Danish intelligence service, but Findsen is the only one who remains in custody. He has reportedly been charged with violating a section of the penal code by sharing highly classified information and faces a maximum penalty of 12 years in prison. Unnamed sources said the chargesare a consequence ofFindsen leaking classified information to news outlets. This isnt Findsens first punishment for mishandling classified information, as he had been suspended from his role as intelligence chief since August 2020 for allegedly sharing raw data with the National Security Agency in 2020.

TSMC Will Invest up to $44 Billion for Semiconductor Production in 2022

Taiwan Semiconductor Manufacturing Company announced that it would increase investments in its production capacity to its highest levels ever in 2022, allocating over $40 billion towards expanding semiconductor production. That figure represents a $10 billion increase from the previous high.TSMCs finance chief also said that between seventy and eighty percent of the spending would be directed towards TSMCs most advanced manufacturing processes, with the remainder earmarked for legacy chips. TSMC has been expanding its production capacity recently, with plans to open plants in Arizona and Japan in the next five years.

U.S. Cyber Command Releases Malware Samples from Iranian APT MuddyWater

More on:

Cybersecurity

Iran

Supply Chains

China

Cyber Command provided an official attribution for the threat actor MuddyWater, describing it as a direct subordinate group of the Iranian Ministry of Intelligence and Security. Included in the release was an analysis of several malware tools and techniques used by the group. In December 2021, MuddyWater was detected orchestrating a campaign against telecommunications companies in the Middle East and Southeast Asia. While cybersecurity firms have previously linked MuddyWater to the Iranian government, Cyber Commands announcement is the first time the U.S. government has marked the group as Iranian-sponsored.

White House Hosts Summit on Open-source Software

Net Politics

CFR experts investigate the impact of information and communication technologies on security, privacy, and international affairs.2-4 times weekly.

Digital and Cyberspace Policy program updates on cybersecurity, digital trade, internet governance, and online privacy.Bimonthly.

A summary of global news developments with CFR analysis delivered to your inbox each morning.Most weekdays.

A weekly digest of the latestfrom CFR on the biggest foreign policy stories of the week, featuring briefs, opinions, and explainers. Every Friday.

The White House convened a summit on Thursday with several major technology companies to discuss how to increase security for open-source software. The summit comes in the wake of the disclosure of a flaw in the Log4j open-source software, potentially one of the most damaging vulnerabilities ever discovered. The summit brought together technology companies, government agencies, and foundations supporting open-source software projects. Log4j has mostlybeen used in ransomware attacks since its detection although Iranian hackers used the vulnerability to launch a PowerShell backdoor earlier this week. Since the disclosure of the Log4j flaw, the White House has described securing open-source software as a key national security concern, and this summit appears to reflect that emphasis.

Omicron outbreak in Xian shuts down factories, threatens chip supply chains

As Xian locks down due to Chinas largest outbreak of the Omicron variant to date, chipmaking factories in the northwestern city are experiencing production hiccups. Samsung Electronics and Micron Technology, who together account for 67% of DRAM chips and 45% of NAND flash chips globally, have modified operations in their Xian hubs due to staff shortages. It has been speculated that prolonged manufacturing slowdowns induced by the Omicron variant could worsen the global semiconductor shortage, especially if factories must close their doors. Micron has said that it remains optimistic that it will meet consumer demand with only near-term delays in the wake of Chinas biggest COVID challenge since Wuhan.

More on:

Cybersecurity

Iran

Supply Chains

China

Read the original post:

Cyber Week in Review: January 14, 2022 - Council on Foreign Relations

Your browser doesnt support HTML5 audio

On Friday, Chinese tech firm Tencent officially announced the the open source status of PAG (Portable Animated Graphics), its core animation tool. This product has been widely used in dozens of the firms apps, such as WeChat, mobile QQ and Honor of Kings, as well as other applications outside the company.

PAG is a complete animation workflow solution independently developed by Tencents AVGenerator OTeam. It can effectively reduce or eliminate R&D expenses in animation, significantly speeding up the process from designer creation to material delivery, and continuously delivering high-quality animation content that can be edited at runtime.

Compared with animation workflow solutions commonly used in the industry, PAG supports more AE features, features a wider platform availability (macOS, Windows and Linux), and delivers a highly optimized performance. It supports text and placeholder editing and replacement, and can be closely integrated with video editing scenarios.

Adobe After Effects (AE) is the most widely used animation design software. While this may work for animation production and app presentation, AE comes with high communication costs and its difficult to guarantee performance.

SEE ALSO: Huawei Donates OpenEuler Open Source Operating System, Releases ORA Talent Development Acceleration Plan

Compared with traditional methods of R&D and restoration, Tencents PAG scheme significantly improves the efficiency of online animation material. Designers can directly produce animation files after design, free from code restoration in R&D. They only need to access SDK once to make materials go online on their own. It also avoids the joint adjustment time cost of repeated effect confirmation, and can also produce materials in batches, directly replace the traditional small workshop form from the process, and greatly improve the design and R&D efficiency by using industrial production methods.

Originally posted here:

Tencent's Animation Tool PAG Now Open Source, Used Widely in WeChat - Pandaily

The cryptocurrency firm FTX has announced the launch of a $2 billion venture capital fund called FTX Ventures. The funds focus will be on advancing blockchain and Web3 technology alongside investments in social, gaming, fintech, software, and healthcare.

FTX Trading Limited has announced the launch of a new venture capital fund aimed at bolstering blockchain and cryptocurrency solutions that are applied to an assortment of different industries. In addition to launching FTX Ventures $2 billion venture capital fund, the company has hired former Lightspeed Ventures partner, Amy Wu. According to the announcement, Wu will lead FTX Ventures gaming, M&A and commercial initiatives.

The venture capital fund announcement sent to Bitcoin.com News explains:

FTX Ventures core mission is to advance global blockchain and web3 adoption, with a broad investment mandate across social, gaming, fintech, software, and healthcare. The fund will invest in multi-stage companies and projects, providing flexible funding and strategic support from FTX and its network of global partners.

Wu says that she looks forward to working alongside FTX CEO Sam Bankman-Fried and she remarked that FTX Ventures looks forward to supporting businesses and entrepreneurs. Were particularly excited about web3 gaming and its ability to bring mainstream audiences into the ecosystem, Wu said in a statement.

FTX has been making a great number of moves during the last 12 months with a significant focus on sports and entertainment. Last year, FTX partnered with Monumental Sports Entertainment (MSE), Sports Illustrated, the Los Angeles Angels Shohei Ohtani, the global esports firm TSM, Green Bay Packers running back Aaron Jones, the Mercedes-AMG Petronas Formula One team, and seven-time Super Bowl winner Tom Brady and his supermodel wife Gisele Bndchen.

During the first week of November 2021, FTX joined Solana Ventures and Lightspeed in order to launch a $100 million blockchain gaming fund. Our investors at FTX have made a deep impact in supporting our growth and development, Sam Bankman-Fried said on Friday in regard to the new venture capital fund. We strive to do the same at FTX Ventures and are excited to find the brightest minds and disruptive innovation in tech, Bankman-Fried added.

What do you think about the new $2 billion venture capital fund called FTX Ventures? Let us know what you think about this subject in the comments section below.

Jamie Redman is the News Lead at Bitcoin.com News and a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written more than 5,000 articles for Bitcoin.com News about the disruptive protocols emerging today.

Image Credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

Continued here:

FTX Launches $2 Billion Venture Capital Fund Focused on Bolstering Blockchain, Web3 Adoption Finance Bitcoin News - Bitcoin News

These words were well received earlier. However, at the present time, the idea of saying farewell to a sport that is one's passion and source of income makes it very hard for a cricketer.

Age is now no longer a concern. The modern fitness and health regimes have prolonged the life of a cricketer. In the past, anyone past 30 years was looked upon as one heading into the veteran zone, and for one to make a debut nearing that age was highly improbable.

Many of the greats of Indian cricket fell victim to the subject of retirement. One can understand the reason and that was because having given their blood, sweat and tears to cricket, it was not an easy call to make.

Timing one's departure from the sport is a decision which at most times is very scary. In cricket, a cricketer from his school days to the International level goes through the ups and downs that the game provides and the arduous journey that each one faces is what makes an end difficult to digest.

The digital world and live cricket coverage have given a life to many of the former cricketers. Several of the well-known cricketers have captured the television and multi-media world by becoming commentators. Others have also become leadership and performance-related speakers and coaches. Cricket, off the field, is now more than just a game and one can make a career as a specialist coach, umpire and get involved in the business-related areas of the game.

In the past, after retirement, cricketers were soon forgotten, and many went through hardship and depression. They went straight from the glamorous world to one of obscurity. There were very few opportunities in the cricketing world and most had to find a source to keep their home fires burning through a job. Therefore, quite understandably, although they chose to play, they were weeded out at most times unceremoniously.

The present cricketers, although they may have a longer tenure, the plethora of cricket at all levels and formats of the game, keeps them pursuing a journey without a thought as to what the future holds for them.

The journey of the three such stalwarts, Pujara, Rahane and Ishant Sharma, one feels, has the curtains coming down on their careers as Test cricketers. One does feel for them, especially for what they have contributed towards the progress of Indian cricket. However, none of them saw the writing on the wall as to what position they were putting themselves into.

Ajinkya Rahane, once relieved of his vice captaincy, Cheteshwar Pujara being questioned about his technique and Ishant Sharma on his loss of speed and fitness were asking for the inevitable to happen.

Cricket has this aura about it that one feels one is just one innings away from reviving one's form and reputation. However, understanding where one stands if it does not work out is what a modern-day cricketer will need to evaluate.

See the article here:

CLOSE-IN: Always a difficult decision as to when to hang up one's boots in cricket - National Herald

Chances are unless you're a JavaScript programmer, you've never heard of the open-source Javascript libraries 'colors.js' and 'faker.js." They're simple programs that respectively let you use colored text on your node.js, a popular JavaScript runtime, console, and create fake data for testing. Faker.js is used with more than 2,500 other Node Package Manager (NPM) programs and is downloaded 2.4 million times per week. Colors.js is built into almost 19,000 other NPM packages and is downloaded 23 million times a week. In short, they're everywhere. And, when their creator, JavaScript developer Marak Squires, fouled them up, tens of thousands of JavaScript programs blew up.

Thanks, guy.

This isn't the first time a developer deliberately sabotaged their own open-source code. Back in 2016, Azer Koulu deleted a 17-line npm package called 'left-pad, 'which killed thousands of Node.js programs that relied on it to function. Both then and now the actual code was trivial, but because it's used in so many other programs its effects were far greater than users would ever have expected.

Why did Squires do it? We don't really know. In faker.js's GitHub README file, Squires said, "What really happened with Aaron Swartz?" This is a reference to hacker activist Aaron Swartz who committed suicide in 2013 when he faced criminal charges for allegedly trying to make MIT academic journal articles public.

Your guess is as good as mine as to what this has to do with anything.

What's more likely to be the reason behind his putting an infinite loop into his libraries is that he wanted money. In a since-deleted GitHub post, Squires said, "Respectfully, I am no longer going to support Fortune 500s ( and other smaller-sized companies ) with my free work. There isn't much else to say. Take this as an opportunity to send me a six-figure yearly contract or fork the project and have someone else work on it."

Excuse me. While open-source developers should be fairly compensated for their work, wrecking your code isn't the way to persuade others to pay you.

This is a black eye for open-source and its developers. We don't need programmers who crap on their work when they're ticked off at the world.

Another problem behind the problem is that too many developers simply automatically download and deploy code without ever looking at it. This kind of deliberate blindness is just asking for trouble.

Just because a software package was made by an open-source programmer doesn't mean that it's flawless. Open-source developers make as many mistakes as any other kind of programmer. It's just that in open source's case, you have the opportunity to check it out first for problems. If you choose to not look before you deploy, what happens next is on you.

Some criminal developers are already using people's blind trust to sneak malware into their programs. For example, the DevOps security firm JFrog recently discovered 17 new JavaScript malicious packages in the NPM repository that deliberately attack and steal a user's Discord tokens. These can then be used on the Discord communications and digital distribution platform.

Is that a lot of work? You bet it is. But, there are tools such as NPM audit, GitHub's DependendaBot, and OWASP Dependency-Check that can help make it easier.

In addition, you can simply make sure that before any code goes into production, you simply run a sanity check on it in your continuous integration/continuous distribution (CI/CD) before deploying it to production.

I mean, seriously, if you'd simply run either of these libraries in the lab they would have blown up during testing and never, ever make it into the real world. It's not that hard!

In the meantime, GitHub suggests you revert back to older, safer versions. To be exact, that's colors.js 1.40 and faker.js 5.5.3.

As CodeNotary, a software supply chain company, pointed out in a recent blog post, "Software is never complete and the code base including its dependencies is an always updating document. That automatically means you need to track it, good and bad, keeping in mind that something good can turn bad." Exactly!

Therefore, they continued, "The only real solution here is to be on top of the dependency usage and deployment. Software Bill of Materials (SBOMs) can be a solution to that issue, but they need to be tamper-proof, queryable in a fast and scalable manner, and versioned.

CodeNotary suggests, of course, you use their software, Codenotary Cloud and the vcn command-line tool, for this job. There are other companies and projects that address SBOM as well. If you want to stay safe, moving forward you must -- I repeat must -- use an SBOM. Supply chain attacks, both from within projects and without, are rapidly becoming one of the main security problems of our day.

Related Stories:

Read the original here:
When open-source developers go bad - ZDNet

Learn these programming languages to perform efficient backend development.

Backend development includes the process of using languages and frameworks to facilitate the development of robust systems for web applications. Web development activities at the backend of programs are referred to as backend development. It covers server-side web application logic and integration activities, like writing APIs, creating libraries, and working with system components, unlike frontend development. Backend developers build codes using programming languages that allow databases and applications to communicate with one another. With the rising development in technology, the usefulness of backend programming languages is increasing. In this article, we have listed the top backend programming languages that aspiring professionals should learn in 2022.

JavaScript is one of the most trustworthy programming languages. Coders and developers use this language for both server-side and frontend tasks. It offers many advantages, including rich interfaces, virtual availability of enormous resources, and interoperability. Furthermore, it is also considered one of the top programming languages in the industry.

Python is quite famous among individuals for its compatibility with advanced technologies like machine learning, IoT, data science, and others. Leading tech giants rely on Python for its functionality. One of its major advantages is that it can be used for web development due to its huge collection of standard libraries that makes the developers work more efficient and easier.

Ruby is another widely-used programming language for backend development. Time efficiency is one of the main advantages of using Ruby. The language facilitates the users with a variety of coding tools to accelerate the backend development process. Ruby is a convenient programming language where data types are not defined while declaring the variables.

Java is another ideal programming language. It is an object-oriented programming language that is widely used for developing enterprise-scale web applications, desktop applications, scientific applications and much more. The main advantage of using Java is that it offers multithreading that allows two or more threads to run simultaneously to maximize CPU usage.

PHP is an open-source server-side scripting language that is specifically designed for web development. The language does not require a compiler and includes features such as cross-platform compatibility, OOPs, and provides support for various standard databases such as MySQL, SQLite, and others.

Rust is famous for being a multi-paradigm programming language. The language guarantees memory safety by using a borrow checker for validating the references in itself. The error messages are much more evident in Rust than in other programming languages.

Kotlin is a well-known programming language that is especially used for Android app development. The language allows the developers to add extensions to the classes without modifying the source code. Kotlin is quite efficient for writing complex programs.

C# is one of the most widely used languages for creating system backends due to its incredible features, such as Windows server automation. It is quite efficient to use since it can run codes faster. Some other features which make the language special are cross-platform compatibility, garbage data, and value collection, to name a few.

Solidity is another beneficial programming language that is used to write complex programs and applications. The language is mostly preferred by experts and professionals who are focused on developing blockchain or contract applications.

Perl is a multipurpose programming language originally designed for text manipulation. But it is used for various activities, including system administration, network programming, web development, GUI construction and so much more. Perl can handle encrypted web data that enables secure e-commerce transactions.

Share This ArticleDo the sharing thingy

See more here:
10 Backend Programming Languages that You Should Know in 2022 - Analytics Insight

WebAssembly, also known as WASM, is being touted as one of the top cloud native trends to watch out for in 2022. WASM a fast, secure and powerful way to run code across a variety of platforms bears an uncanny resemblance to container runtimes. A number of projects and startups are working on accelerating its adoption.

The technology is relatively new it was first released just under five years ago. So theres still a lot of work being done to improve the toolchain setup, as Fintan Ryan, a senior analyst at Gartner, noted in a previous New Stack article.

The newness of WASM, and the rapid innovation around it could feel daunting to those from the web developer background, However, knowledge of TypeScript, a strongly typed language building on JavaScript, might just make taking those first steps a little less intimidating.

JavaScript wasnt designed to be a compilation target for the web. Owing to its ubiquity and lower entry-level barrier for adoption, it ended up becoming one. But JavaScript brings with it some pitfalls.

Although portable and fast, the performance of JavaScript was unpredictable when it came to complex web applications. This paved the way for efforts to design a compilation target for the web that was fast, secure, portable and enabled high performance and for standardizing those efforts.

Enter WebAssembly. With a bytecode format and an associated text code format that could be used by virtually every browser irrespective of the platform as a compilation target, it won on almost all these fronts.

But one look at the compiled code was enough to intimidate programmers, because it lacked all the high-level abstractions that a programming language offered. While its purpose was not to be manually written, since it was designed to be a compilation target, adopters did need to learn one of the languages that could compile to WASM.

While compilers were developed for typed languages like C, C++, and Rust, those without a type system like JavaScript were left behind, owing to the fact that WASM itself was statically typed.

It was only in 2017 that AssemblyScript made its way into the ecosystem and eliminated the need for web devs to learn a new language altogether if they wanted to harness the benefits of WASM.

A variant of TypeScript, AssemblyScript targets the WASM feature set and allows programmers to have low-level control over their code. Like TypeScript, AssemblyScript is also open source.

The documentation for AssemblyScript states, Unlike TypeScript, which targets a JavaScript environment with all of its dynamic features, AssemblyScript targets WebAssembly with all of its static guarantees, hence intentionally avoids the dynamicness of JavaScript where it cannot be compiled ahead of time efficiently.

Unlike TypeScript that compiles to JavaScript, AssemblyScript is compiled to WebAssembly directly by Binaryen, correlating to higher speed and performance.

If JavaScript is your preferred programming language, TypeScript is pretty much its superset, with an addition of optional static typing while remaining syntactically similar. AssemblyScript, as mentioned previously, is a stricter variant of TypeScript which means that there isnt a requirement to start from scratch and adopters are therefore able to build upon existing knowledge.

TypeScript, the statically typed variant of JavaScript, is a widely adopted and easy to understand type safety system for web apps, Connor Hicks, founder and CEO of the serverless engine company Suborbital, told The New Stack.

Since WebAssembly is very strongly typed, it made a lot of sense to create a language using TypeScript syntax for web developers to easily build with WASM, Hicks said. AssemblyScript is one of the easiest ways for developers to use a familiar language while getting the performance and portability benefits of WebAssembly

However, even though it bears some similarities to TypeScript, AssemblyScript should not be mistaken as a subset of it. Behavioral and feature-specific surprises need to be accounted for because, after all, they are compiling to two very different targets.

A quick glance at the documentation is enough to understand that the features making JavaScript (and TypeScript) a favorite among web devs have been stripped off when it comes to the development of AssemblyScript.

Whether that means the absence of common operators like any, void, and undefined or of DOM access due to WebAssembly modules running in sandboxes, there is definitely a lot of cultural and mindset shift that accompanies the adoption of AssemblyScript (and WebAssembly).

With greater maturity, some important features of TypeScript, like closure support for all functions, will likely get incorporated into AssemblyScript. However, one must remember that while familiarity with TypeScript could be a stepping stone towards WebAssembly adoption via AssemblyScript, keep in mind that AssemblyScript is not an exact subset of TypeScript.

Because it was tailor-made for WebAssembly, AssemblyScripts evolution will be tied to the ways in which WebAssembly specifications develop. If you know Typescript, theres much to build upon in the syntactic similarities between that and AssemblyScript but the latter is writing a brand new story with elements of a familiar language.

See the rest here:
How TypeScript Can Speed Up Your Adoption of WebAssembly - thenewstack.io

Job portal monster.coms annual trend report has projected big data, AI and ML as the hottest job sectors in 2022.

Nitin Agarwal, Google Head of Cloud AI Industry Solution and Services (India), recounted the challenges he faced while hiring his team in India. One common theme that I found, in the candidates that didnt get selected, is that they prepared for the interviews well but lacked the real work But the time I started having a detailed conversation on their projects, the problem starts coming up. Answers were very shallow and very textbook-ish, said his LinkedIn post.

Though the demand for AI/ML roles is at an all time high, the niche talent is in short supply. A KPMG survey predicted 50% of the workforce will be preparing for AI, ML and related technologies in the next few years.

Of late, companies have started investing in their own employees to help them adapt to the latest technologies by putting them in upskilling and reskilling programmes. Experts believe incorporating AI/ML courses in the curriculum can make the workforce future-ready. However, with over 5000 engineering colleges still sticking with the traditional courses, the skill gap has increased in the industry.

Data science is an umbrella term for multiple disciplines. While data scientists focus on algorithms and ensure the entire data processing pipeline is in order, ML engineers focus on the deployment of models.

A data scientist needs to have a deep understanding of a programming language, an IDE/visualization platform and a querying language.

Data Scientist is expected to be fluid in programming languages including Python and R. The goal is to ingest data, process it, feature engineer, build models and communicate results.

Data scientists also often use Jupyter Notebook or a popular IDE to code, write text, and view various outputs like results and visualizations from one place. Other popular IDEs include PyCharm and Atom.

Data scientists utilise structured query language (SQL) to query the first data, create new features, etc., after which the model is run and deployed.

Machine learning engineers come into play after the model has been built by the data scientist. They need to dive deeper into the code and deploy it.

Both data scientists and ML engineers are expected to know Python. However, machine learning engineers focus on more object-oriented programming (OOP) in Python, whereas data scientists are not as OOP-heavy. Most ML engineers also need to use Git and GitHub to version and store code repositories.

ML engineers are experts with deployment tools. There are plenty of tools like AWS, Azure, Google Cloud, Docker, MLFlow, Flask, and Airflow that ML experts are expected to know. Also, the title machine learning engineer means machine learning operations engineer (MLOps) as well in the job market.

While some companies prefer a well-rounded candidate capable of both data science and machine learning (operations), many prefer a specialist.

The option of doing an added ML course from EdTech companies is always open. Companies always look for experienced candidates for ML deployments. Freshers find it hard to land big shot jobs in this area.

But candidates can overcome such limitations by demonstrating value via personal projects, open-source projects, hackathons, and coding challenges.

The AI industry is rife with opportunities. However, the market is still nascent, with a high demand for a skilled workforce. Therefore, it is essential to put in the time, by both employers and employees, to bridge the skill gap and take the AI/ML industry to the next level.

Read the original here:
How to address the yawning skill gap in AI/ML sectors - Analytics India Magazine