Intel unveiled ControlFlag – a machine programming research system that can autonomously detect errors in code. Even in its infancy, this self-supervised system shows promise as a productivity tool to assist software developers with the labor-intensive task of debugging.
In preliminary tests, ControlFlag trained and learned novel defects on over 1 billion unlabeled lines of production-quality code.
ControlFlag and debugging
In a world increasingly run by software, developers continue to spend a disproportionate amount of time fixing bugs rather than coding. It’s estimated that of the $1.25 trillion that software development costs the IT industry every year, 50 percent is spent debugging code.
Debugging is expected to take an even bigger toll on developers and the industry at large. As we progress into an era of heterogenous architectures — one defined by a mix of purpose-built processors to manage the massive sea of data available today — the software required
What’s New: Today, Intel unveiled ControlFlag – a machine programming research system that can autonomously detect errors in code. Even in its infancy, this novel, self-supervised system shows promise as a powerful productivity tool to assist software developers with the labor-intensive task of debugging. In preliminary tests, ControlFlag trained and learned novel defects on over 1 billion unlabeled lines of production-quality code.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20201203005346/en/
Dr. Justin Gottschlich is principal scientist and founder of Intel’s Machine Programming Research team. The team’s goal is to automate software development to reduce coding errors and address a shortage of trained expert programmers. (Credit: Intel Corporation)
“We think ControlFlag is a powerful new tool that could dramatically reduce the time and money required to evaluate and debug code. According to studies, software developers spend approximately 50% of the time debugging. With ControlFlag, and systems like it,
ControlFlag is a new tool that can autonomously detect errors in code.
Intel announced on Thursday during Intel Labs Day that it has created a machine programming research system that autonomously detect errors in code. The tool is ControlFlag and in preliminary tests it trained and learned novel defects on more than 1 billion unlabeled lines of production-quality code, according to Intel.
Must-read developer content
“We think ControlFlag is a powerful new tool that could dramatically reduce the time and money required to evaluate and debug code. According to studies, software developers spend approximately 50% of the time debugging. With ControlFlag, and systems like it, I imagine a world where programmers spend notably less time debugging and more time on what I believe human programmers do best—expressing creative, new ideas to machines,” said Justin Gottschlich, principal scientist and director/founder of machine programming research at Intel Labs, in a
The personal information of more than 243 million Brazilians, including alive and deceased, has been exposed online after web developers left the password for a crucial government database inside the source code of an official Brazilian Ministry of Health’s website for at least six months.
The security snafu was discovered by reporters from Brazilian newspaper Estadao, the same newspaper that last week discovered that a Sao Paolo hospital leaked personal and health information for more than 16 million Brazilian COVID-19 patients after an employee uploaded a spreadsheet with usernames, passwords, and access keys to sensitive government systems on GitHub.
Estadao reporters said they were inspired by a report filed in June by Brazilian NGO Open Knowledge Brasil (OKBR), which, at the time, reported that a similar government website also left exposed login information for another government database in the site’s source code.
President-elect Joe Biden’s team has hidden a secret job advert within the source code of their website, which has now been found by Internet sleuths.
Hiding fun easter eggs in the back-end of websites is almost as old as html itself. Job adverts have been hidden within code on sites for any developer to see, completely hidden from the average user so uncurious they’ve probably never even tried out the inspect element tool, except that one time when they did it accidentally, panicked, and immediately called IT.
Some cool ones in the past have been by Apple and The Guardian.
In a recent hidden easter egg, Google hid a text adventure game within Chrome’s development console. No stranger to hiding fun games to play around with (it once hid a version of Mario Kart within Google Maps), the tech giant hid the new retro adventure within a specific
The secret advert was spotted by “The Jester,” an anonymous “hacktivist” who was listed by Time magazine as one of the most influential people on the internet in 2015.
“NICE!!! In the rendered source code of president-elect @joebiden’s https://buildbackbetter.gov website,” the Jester wrote in a Twitter post highlighting the section of code that contains the advert.
“This harkens back to the likes of the UK’s MI5 and MI6 who I believe used to recruit the type of people they were looking for by publishing obscure crossword and puzzle competitions in newspapers,” the hacktivist said.
OPA-Based architecture eases governance across multiple cloud native technologies
From KubeCon + CloudNativeCon North America – Accurics, the cloud cyber resilience specialist, today announced that Terrascan, the open source static code analyzer that enables developers to build secure infrastructure as code (IaC), has been extended to support Helm and Kustomize, both projects from the Cloud Native Computing Foundation (CNCF) that have gained immense popularity. This enables organizations to ensure applications on Kubernetes clusters are secure and compliant before they are deployed.
“Given the increasing scale and velocity of cloud breaches, organizations need policy guardrails to ensure that cloud native infrastructure is securely defined and managed,” said Cesar Rodriguez, creator of Terrascan and head of Developer Advocacy at Accurics. “Now, with the additional support for Helm and Kustomize, teams using Terrascan to programmatically establish Policy as Code guardrails in their high-velocity, component-based Kubernetes projects have a way to reduce security
Microsoft has released a new version of the Python language extension for its Visual Studio Code (VS Code) code editor that breaks out its Jupyter Notebooks functionality into a distinct VS Code extension, and has hired Python’s creator, Guido van Rossum.
Python these days is a top-two programming language and is even more popular than Java, the widely used software that Oracle gained after its 2008 acquisition of Sun Microsystems.
Python’s popularity is also borne out by downloads of the Python extension for Microsoft’s VS Code, one of the most popular code editors on the market.
The ascent of Python is attributable to data science and machine learning, but it’s also a critical language for back-end system automation and scripting. It’s popular because it’s easy to learn, allowing non-developers to use the language.
It’s become a language of first resort and is used for thousands of small projects, according to
Alleged source code belonging to commercial penetration testing software Cobalt Strike has been published on GitHub, potentially providing a new path for hackers to attack companies.
Penetration testing, usually abbreviated as pen testing, has legitimate uses as a security tool to test security but can also be used by bad actors to attack a company. Ethical pen testing involves simulated attacks on a computer system to evaluate the security of the given system. In the hands of hackers, the same pen testing software can be used to identify security issues that can be exploited.
Cobalt Strike, which pitches itself as being a legitimate pen testing solution has been controversial for years due to its use by hacking groups, be it they had to pay $3,500 per year for a license to use the software or use a pirated copy. Malpedia has a page dedicated to Cobalt Strike, noting that it
Commentary: New declarative programming languages like HCL and Polar might just be the perfect way to boost productivity with IaC.
There are a lot of programming languages–over 700, as Wikipedia lists them. And yet, we arguably don’t have nearly enough programming languages. Not since cloud upended the way applications get built.
Must-read developer content
Developers are moving away from managing physical servers to calling APIs that touch storage, compute, and networking resources. In turn, developers are trying to automate everything as code through static configurations, scripts, and files. Such automation would be easier if developers had programming languages that matched the task at hand, but they don’t. So, using a general purpose language like Java, a developer might invest thousands of lines of code to try to express business logic…and mostly fail.
To solve for this, we’re seeing companies like HashiCorp (HCL) and oso (Polar) release