Credits : Internetofthingsagenda.techtarget

 

One of the biggest perks of the Java language is the robustness of its app code. While C uses explicit pointers for referencing memory, all Java object references are implicit pointers that could not be manipulated by app code. This automatically rules out possible issues, like memory access violations, that inevitably could cause an app to stop suddenly. Although migrating apps written in C to a new platform could be time-consuming and expensive, as well as error-prone, another benefit of Java is that it runs anywhere after it’s written. If the APIs used by the app stay unchanged, it’s only a matter of redeploying the existing JAR files class. A simple recompile is enough to move to a newer Java version.

Top reasons why Java will remain in IoT
IoT apps made with Java are very important and will continue to be in the long run. The following are reasons why Java would stay relevant in the future:

It’s mature and continues to evolve. Java is currently one of the most stable and mature programming languages around. Every new version comes with various new features and improved performance. For instance, some well-known Java applications support functional and concurrent programming.
It has robust security features. The security features of Java make it easier for programmers to develop big and enterprise apps. The Java virtual machine (JVM) evaluates intermediate bytecode to prevent the app from doing unsafe operations. Developers can use its advanced security management features to prevent untrusted bytecode from accessing certain APIs and features by running them in a sandboxed scenario. At the same time, developers could also benefit from the robust security APIs provided by the platform, which together with user authentication and secure communication protocols can help developers trust Java more than other languages.
It supports IoT. Currently, Java is one of the programming languages that support IoT. Project Jigsaw aims to make Java run on a bigger variety of portable and small devices. Nevertheless, the project still aims to maintain the scalability of Java, as well as networking, security, performance and other features, while making it run on these newer and smaller devices.
It is platform independent. Programmers today have to write apps by targeting a lot of devices and platforms. Thus, they seek a programming language that lets them write the app code once and deploys it across several platforms with no need to put in extra effort. Programmers could simply compile Java code into bytecode and deploy the bytecode across a lot of platforms without having to compile code again.
Java benefits the internet of things
The advantages of Java are well-known. Developers can build and debug code on their desktop and move it to any chip using a JVM. This means that the code can not only run in places where JVMs are common, such as on smartphones and servers, but also on the smallest machines as well. Java Micro Edition (ME) has been available on small phones as well as other embedded devices since the specification was approved in 2000. It saved space with a limited collection of class libraries, as well as other tools. Nowadays, most of the focus is on Java SE Embedded, which is much closer in capacity to the Standard Edition. Developers could use the current features of Java 8 and move their code to a smaller, embedded device. Most of the computing resource savings with Java comes from stripping out the classes required for displaying information when machines could be configured to run headless without a keyboard or monitor. All communication goes via the network.

Why Java is required for IoT
Java provides network portability. It’s also easy for developers to learn. These two aspects come together to make Java the perfect program to help devices connect with one another. Almost all devices, from personal computers to mobile phones, use Java. It is also an integral part of the internet world, making it a great choice for IoT. Java provides every device the best functionality level, high security levels and a good amount of scalability in the industry. Moreover, the fact that Java has a big ecosystem makes it much more suitable for the internet of everything. Senior Java developers can create innovative apps to help achieve the goal of a connected world.

When people consider writing an embedded app, there are many factors that should be taken into account, such as which real-time operating system and protocols to use. When Java ME is used, it will abstract all the factors, making it easier to write apps that run on different devices without any call for change anywhere.

As a platform, Java is a great starting point for the internet of things when it comes to ubiquity as well as built-in security and encryption technology.

This article is shared by www.itechscripts.com | A leading resource of inspired clone scripts. It offers hundreds of popular scripts that are used by thousands of small and medium enterprises.

Credits : Zdnet

 

Even software that has been built with secure development procedures may still be vulnerable to attack, due to flaws in the interpreted programming languages they depend on.

IOActive researcher Fernando Arnaboldi revealed at last week’s Black Hat Europe conference that serious flaws in interpreters for five popular programming languages put applications parsed by them at risk.

Arnaboldi found, for example, that Python has “undocumented methods and local environment variables that can be used for OS command execution”.

NodeJS, a JavaScript interpreter, meanwhile could leak file contents through error messages it outputs, while JRuby, the Java implementation of Ruby, “loads and executes remote code on a function not designed for remote code execution”.

For Perl, Arnaboldi cites the ability of its typemaps function, included in its default set of modules, to execute code. While in PHP, certain native functions can be passed a constant’s name to perform a remote command execution.

He believes these vulnerabilities may have been caused by attempts to simplify software development.

“The vulnerabilities ultimately impact regular applications parsed by the affected interpreters; however, the fixes should be applied to the interpreters,” he noted.

“With regards to the interpreted programming languages vulnerabilities, software developers may unknowingly include code in an application that can be used in a way that the designer did not foresee. Some of these behaviors pose a security risk to applications that were securely developed according to guidelines,” wrote Arnaboldi.

The researcher discovered the flaws using the XDiFF, a ‘differential fuzzer’ he created and targeted at several interpreters for different languages.

For JavaScript, targets included Google’s v8 JavaScript engine, and Microsoft’s ChakraCore equivalent, Mozilla’s SpiderMonkey, and NodeJS, and Node-ChakraCore.

In PHP, he fuzzed PHP and HHVM, while for Ruby the targets included Ruby and JRuby. He also fuzzed Perl, ActivePerl, CPython, PyPy, and Jython.

As he’s previously pointed out, the research shows that applications can suffer from security issues when using certain features from programming languages.

“There are a number of possibilities to be abused in different implementations that could affect secure applications. There are unexpected scenarios for the interpreted programming languages parsing the code in JavaScript, Perl, PHP, Python and Ruby,” Arnaboldi wrote.

This article is shared by www.itechscripts.com | A leading resource of inspired clone scripts. It offers hundreds of popular scripts that are used by thousands of small and medium enterprises.

Credits : Youthkiawaaz

 

During my second year, I was browsing the Internshala website for an internship. I discovered that most of the internships intended for engineering students were either in web development or app development. I decided to go for web development because there were plenty of opportunities in that field. The only problem was that I knew nothing about web development. Then it struck me that Internshala also offered online training. I strolled through their course content, found it interesting, and enrolled in the training.

My training was to begin in a week, so I spent some time googling the basics of web development and learnt the syntax and semantics. Reading the theoretical concepts was tedious, and I ended up learning almost nothing. The training commenced, and I started with HTML and CSS simultaneously, watching all the videos comprehensively. The modules were short, simple, and descriptive enough to raise my interest in this domain. I progressed to the next module which was Bootstrap. Working on Bootstrap presented the real fun, and it made me love coding. Once I had learned the concepts, I didn’t even need to write the complete code; I’d just add the class name and observe the magic! The next module was about SQL which I found comparatively difficult, but I guess it was made so to instigate critical thinking in students. The most challenging part was PHP since I didn’t even know what it meant. I was worried about linking backend and frontend development, but all my doubts and worries were removed during this training. I appreciated how challenging the assignment for this section was.

I had a lot of doubts and got stuck in numerous places. I had difficulty understanding the commands of PHP and needed help with the unavailability of images, errors in the codes, improper functioning of web pages, and my final project. I’d email them every time I needed support (28 times to be precise), and they would provide suggestions within a few hours. The support I received from team Internshala made me competent in web development in just five weeks and four days. In the end, I built a project on an e-commerce website in three days. This refreshed my mind and boosted my confidence. I enjoyed the training throughout and found it invaluable but had a few concerns such as a deeper knowledge could be provided, and everyone should be offered similar discounts.

I developed a website for the DSW department of my college, working on both frontend and backend development. The website consisted of all the relevant student data such as tuition fee, hostel and mess charges, scholarships, insurances, etc. I added the search bar to it, to make the department’s job easier. I used the same layout as the college website and am still working on its design.

The training had ended, and it was time to further my career by getting a web development internship. I was familiar with the basics and had enhanced my coding skills via YouTube videos and a few more resources related to web designing. I started building various web pages. Within a few days, I updated my resume with the new skills and added my web pages to my GitHub profile. I applied to Sri Saradhi Foundation via Internshala and got shortlisted. I gave a telephonic interview wherein I was asked some real-time questions, my views on taking up a job, numerical problems, etc. After clearing this round, I advanced to the technical interview where I was supposed to design a webpage similar to the mailed format. Within five hours, I sent the code and got selected as a web development intern for six months. Internshala training has laid a strong foundation for my career, and I owe this success to them.

This article is shared by www.itechscripts.com | A leading resource of inspired clone scripts. It offers hundreds of popular scripts that are used by thousands of small and medium enterprises.

Credit : Eweek

Coding Dojo came to its findings by analyzing the hundreds of thousands of job postings that contained the name of a programming language on job search engine Indeed.com.

One of the world’s largest coding bootcamps, Coding Dojo, has released an objective analysis of the most in-demand programing languages of 2018.

Coding Dojo came to its findings by analyzing the hundreds of thousands of job postings that contained the name of a programming language on job search engine Indeed.com. It found that Java is the most in-demand followed by Python and JavaScript.

“Software development is a dynamic field,” Speros Misirlakis, Coding Dojo’s Head of Curriculum, wrote in a media advisory to eWEEK. “New programming languages, frameworks and technologies can emerge, become popular, and then fade away in the course of a few years. Developers need to constantly be learning new skills to stay relevant.

“At Coding Dojo, we’re continually evaluating which programming languages are in high demand from employers so we can prepare our students to enter the job market. There are many ways to measure a programming language’s popularity, but we believe examining job demand is most useful because it shows developers the skills to learn to improve their career prospects.”

Data for Research Gathered on Indeed.com

To accomplish that, Misirlakis said, Coding Dojo analyzed data from job website Indeed.com on 25 programming languages, stacks and frameworks to determine the top seven most in-demand coding languages as the business moves into 2018.

This analysis is based on the number of job postings for each language. Some languages, such as Swift and Ruby, didn’t make the top seven because they have lower job demand, even though developers love them. You can read the results of similar analyses from 2016 and 2017.

Here’s Coding Dojo’s 2018 list, with languages named in order of demand:

No. 1:  Java

Java decreased in popularity by about 6,000 job postings in 2018 compared to 2017, but is still extremely well-established. Java is over 20 years old, used by millions of developers and billions of devices worldwide, and able to run on any hardware and operating system through the Java Virtual Machine. All Android apps are based on Java and 90 percent of Fortune 500 companies use Java as a server-side language for backend development. Java Enterprise Edition 8 and Java 9 both launched in September 2017 as the Eclipse Foundation took over managing Java EE from Oracle.

No. 2:  Python

Python grew in popularity by about 5,000 job postings over 2017. It is a general-purpose programming language used for web development and as a support language for software developers. It’s also widely used in scientific computing, data mining and machine learning. The continued growth and demand for machine learning developers may be driving the popularity of Python.

No. 3:  JavaScript

JavaScript, the grandfather of programming languages, is roughly as popular today as it was in our last blog post. That’s no surprise to us – JavaScript is used by more than 80% of developers and by 95% of all websites for any dynamic logic on their pages. Several front-end frameworks for JavaScript such as React and AngularJS have huge future potential as IoT and mobile devices become more popular, so we doubt we’ll see JavaScript drop in popularity anytime soon.

No. 4:  C++

C++ changed very little in popularity from early 2017 to now. An extension of the old-school “C” programming language, C++ is usually used for system/application software, game development, drivers, client-server applications and embedded firmware. Many programmers find C++ complex and more difficult to learn and use than languages like Python or JavaScript, but it remains in use in many legacy systems at large enterprises.

No. 5:  C#

C# (pronounced “C sharp”) went down slightly in demand this year. C# is an object-oriented programming language from Microsoft designed to run on Microsoft’s .NET platform and to make development quicker and easier than Microsoft’s previous languages. C# 7.2 came out in November, adding several new features geared toward avoiding unnecessary copying. C#, like C++, is heavily used in video game development, so aspiring video game developers would do well to learn both of them.

No. 6:  PHP

PHP, a scripting language used on the server side, moved up to No. 6 in our ranking from No. 9 last year. Most developers use PHP for web development, either to add functions that HTML can’t handle or to interact with MySQL databases.

No. 7:  Perl

Perl dropped by about 3,000 job postings and stayed in seventh place in our analysis. Perl 5 and Perl 6 are both chugging along; Perl continues to be popular for system and network administrators and as a glue language.

Up and Comers

These are the languages that haven’t made it onto the top seven yet but have been growing in use and popularity in 2017. Keep an eye out for them in the future.

Swift: Swift, the programming language for iOS and macOS that Apple release in 2014, came in at No. 14 on the list. This may be partially because many job posting ask for “iOS” experience without naming specific languages. Swift has been growing steadily in popularity since it launched, according to IEEE Spectrum and Stackify.
R: R came in at No. 11 on the list, but we expect to see it climb in our ranking in the next few years. It’s rising in popularity in both international and U.S. search rankings and was the “least-disliked” language on a Stack Overflow survey this year. Its growth may be due to the growth of big data analysis jobs.
Rust: Although Rust ranks low on the list, it has been steadily growing in popularity according to Google Trends data.
Other Technologies Developers Should Know

These software frameworks or technologies aren’t technically programming languages but are still important for developers to know in 2018 and are commonly advertised technical skills for developers found on Indeed.

SQL: SQL is the standard query language for storing, retrieving and manipulating data in databases. It’s not technically a programming language since it lacks looping and other basic functions, but extensions like PL/SQL have added some of these. SQL is in extremely high job demand, with more than 30,000 more job postings mentioning it than our top programing language, Java. If you only have time to learn one new technology in 2018, this is the one to pick.
.NET: .NET is Microsoft’s platform for desktop, web, mobile, gaming and IoT app development. It was released to the open source community in 2016 and is used by the C#, Visual Basic and F# programming languages. .NET Core, a cross-platform .NET implementation, extends .NET to iOS, Linux, and Android. Many Windows applications run on .NET, making it extremely prevalent in the business world; Coding Dojo expects it to become more popular now that it’s become open source.
Node.js: Node.js is an open source runtime environment that allows JavaScript code to be run on the server side, allowing web developers to use one language for an entire web application. Node.js was the 12th most-popular technology in our analysis, not good enough to make the list but enough to show a solid demand for these skills. Coding Dojo recommends that any JavaScript developers spend some time with Node.js to make themselves more well-rounded, even if they focus on the client side.
MEAN: The MEAN stack (MongoDB, ExpressJS, AngularJS and Node.js) ranked 18th in the Coding Dojo analysis. Using the MEAN stack allows you to create an entire application using JavaScript, which is simple, quick and highly versatile. Learning MEAN will give any developer a strong background in one of the most common and active programming languages in the world.

This article is shared by www.itechscripts.com | A leading resource of inspired clone scripts. It offers hundreds of popular scripts that are used by thousands of small and medium enterprises.

Computer-Developer-1024x576

 

CLEVELAND – It’s a threat that could slow down advances in technology and leave us more vulnerable online.

A massive worldwide shortage of skilled cybersecurity workers is expected in the next two years.

Right now, a unique program is trying to beef-up that workforce by getting students not only interested, but proficient in computer science.

Students at the Cleveland School of Science and Medicine are getting a crash course on computer programming.

“When I saw Java I was like coding, that’s fun,” said Jalen brown, an 11th grader at Cleveland School of Science and Medicine.

The two-people leading Jalen’s class aren’t teachers but software developers.

“It’s good that they’re spending their time teaching us this because their jobs are really demanding,” said Stacy Glaspy, a 10th grader at Cleveland School of Science and Medicine.

More than a dozen developers volunteer their time each week as part of the TEALS Program.

“Technology is really advancing these days,” said Glaspy.

TEALS brings computer science into high school classrooms across the country.

“We need more computer science at the middle and high school level,” said Sheryl Edwards, computer science teacher.

Edwards is learning right alongside her students.

“It helps so much to have professionals in the classroom, best thing I’ve ever done in my career. I hope to be able to teach a java class on my own,” said Edwards.

Now in her 24th year of teaching, Edwards tells News 5 her students know a lot about technology when it comes to fun.

“We need more technology for problem solving and logic, and more of the serious side of technology for students,” said Edwards.

TEALS just launched in Cleveland, along with two suburban districts this year.

Volunteer Molly Fessel tells News 5 it forces students to think logically.

“Which isn’t helpful for just computer science, it’s helpful for a wide variety of things. Their math classes, science classes, even music,” said Fessel.

In college, the software developer said she was the only woman in her classes of 30 people. Fessel is also hoping to empower young ladies and get them engaged in a male dominated profession.

“To see so many women in this class and getting involved is really great,” said Fessel.

TEALS, which is supported by Microsoft Philanthropies requires volunteers to go through 40-hours of training before hitting the classroom.

Those behind the project here in Northeast Ohio tell News 5 the goal is to have double the number of volunteers and be in more school districts in 2018.

This article is shared by www.itechscripts.com | A leading resource of inspired clone scripts. It offers hundreds of popular scripts that are used by thousands of small and medium enterprises.

49395565

49395565

 

Are you hiring the right kind of software developer?

That might seem like a ridiculous question considering developers are in short supply around the world. In fact, a recent survey on software developer hiring highlighted the high demand for developers. On average, developers get 11 headhunter calls a year. But with the explosion of low-code/no-code development platforms, a rapidly changing technology landscape and a strong move to DevOps, it’s more important than ever that the assembled developer team fits the job description.

In the old days, it was enough to know a developer had programming chops and knowledge of the latest tools. Today, everything from communication skills to experience on the business side, an ability to integrate and a deep understanding of user experience all need to be on the résumé. And that’s just for starters.

What’s not necessarily on that résumé is a computer science degree. Jeffrey Hammond, a principal analyst at Forrester Research, pointed out that he’s seeing more and more developers at conferences without traditional development backgrounds. Part of the reason is the tools that make it easier than ever to code — low-code/no-code platforms — and part of it is that the job of the developer itself is changing.

“Salesforce is building a community of developers right now without traditional backgrounds,” he explained. So a key question to ask yourself about software developer hiring is whether those traditional backgrounds are really what will get the job done in your organization.

Also keep in mind whether you need truly custom software. In the recent Harvey Nash 2017 Technology Survey, 47% of the 3,000 participants said custom software is in decline. Even two years ago, that thought would have been dismissed as crazy. But between low-code/no-code platforms, easy access to APIs and the move to microservices, the idea of using building blocks created by others and essentially rearranging them to make new software is no longer far-fetched.

If a custom product doesn’t add value to your organization, then why choose — and pay a huge premium for — a full-fledged developer? Instead, you’ll want to look for someone who is more of an integrator, comfortable with weaving bits and pieces together to create the right solution. That person often won’t have a traditional development background, but on the flip side, you’ll avoid paying the higher salary — or “hiring tax” — for a software developer.

Sometimes, you’ll need serious development chops, but only for a particular job. That’s what happened to Lucy Warner, CEO at the U.K.’s National Health Service (NHS) Practitioner Health Programme. Her users are NHS doctors looking for physicians to treat them, but they don’t want to go to a close working colleague or a former fellow medical school student. She needed an app that would let them find local doctors but with sufficient information to ensure they’d feel comfortable with their choice. And she wanted to use the “swipe right, swipe left” interface that’s become ubiquitous.

The only problem is her IT team didn’t have the skills to make this happen. She reached out to low-code platform maker Out Systems and a third-party development team from Portugal that had already created about 70% of the type of app that she wanted. In nine weeks, the app was up and running. “It was fantastic,” Warner said. “We didn’t have to hire a single staffer or look for more space. And our patients love it; the feedback is wonderful.”

For companies in the throes of software developer hiring and needing classic development skills, it’s still important to match the business need with the skill set. Despite the custom development pessimism, the Harvey Nash survey indicated that 36% of respondents believe this type of development will continue to grow. But the survey also suggested that custom software development won’t necessarily be used across the board — 56% said it’s going to be used to drive innovation. And for those respondents already working for “highly innovative companies,” the percentage jumped to 67%.

Likewise, keep in mind that DevOps and its probable successor BizDevOpstweak developer requirements substantially. Even with software developer hiring today in DevOps shops, Forrester’s Hammond is seeing a split between front-end and back-end developers. In a BizDevOps team, the lines could be drawn even finer. His bottom line: Get ready for a time of intense specialization when it comes to the development team.

But also be ready to know software developer hiring will remain competitive, perhaps indefinitely. “Businesses embracing technology and those who choose to be digital-product focused need strong engineers to help them execute ideas,” said David Savage, associate director of Harvey Nash. “[T]he need to compete also sees increased importance on being different from peers.”

This article is shared by www.itechscripts.com | A leading resource of inspired clone scripts. It offers hundreds of popular scripts that are used by thousands of small and medium enterprises.

1513286731736-Denver_V3 (1)

 

It’s hard to believe that only two decades ago, cell phones were luxury items that were too expensive and/or clunky to be marketable. Today, it is no small stretch to say cell phones are an intractable facet of modern life—we use them not only to make calls and send text messages, but also to browse the web, make payments, and navigate the world.

Yet as cell phone technologies have become more sophisticated, so have the ways they can be used to violate the privacy of their users. Indeed, cell phones are one of the most powerful surveillance tools ever created, a portal for law enforcement authorities to spy on the communications and location of cell phone owners without much difficulty. Denver Gingerich, a programmer in New York City, wants to change that.

Earlier this year, Gingerich published the code for Sopranica, a DIY, surveillance-free cell phone network. At the moment, it consists of a protocol that allows anyone to register for a phone number to make calls and send texts over the internet totally anonymously. In the future, this protocol will be paired with a network of small radio devices run by members of a community that will replace users’ reliance on cell phone towers run by telecommunications companies.

Although just released to the public in January, Gingerich said he’s been working on Sopranica for years.

“I used landlines growing up, but I ended up going to a university far from where I grew up and I decided long distance would cost too much when I wanted to call home,” Gingerich told me.

To get around this issue, Gingerich bought a session initiation protocol (SIP) hard phone, which is basically like a normal telephone except it makes calls over the internet. He then bought a SIP ATA for his parents, which converts normal phones into devices that can make calls over the internet. Voilà: he was able to do long distance calls with his family over the internet and avoid the steep calling fees.

In 2009, not too long after Gingerich had graduated from university, he discovered Google Voice, which allowed him to text his friends’ cell phones from his laptop. For calling, he stuck with his SIP hard phone. This worked well enough for a few years, but Gingerich realized he couldn’t depend on Google to keep their VoIP service alive forever.

“As Google built and killed projects, I started to get a little anxious about the viability of Google Voice in the long term,” Gingerich told me. “So I started building the first version of Sopranica and that became my replacement for Google Voice.”

This initial prototype, which Gingerich began using around 2014, laid the foundations for JMP, the version of Sopranica he released earlier this year. Using JMP, anyone can visit Sopranica’s website, get a free phone number, and then download any app that can run an open-source instant messaging client called Jabber on their normal cell phone. Neither JMP nor Jabber requires identifying information to register, which means that anyone can get a cell phone number that isn’t linked to their real name for free and anonymous calling and text messaging.

At the moment, Gingerich is working with 15 collaborators from around the world to develop the next phase of Sopranica, called WOM. WOM will consist of small radio units that anyone can buy and plug into their internet router at home. These radio units can then be placed in windows or on the outside of buildings to act as internet access points for anyone on the Sopranica network. This will essentially create the physical infrastructure necessary for Sopranica to expand.

For near-field communications, Gingerich also plans on developing a meshing protocol to allow Sopranica users to pass data from user to user until it reaches its destination.

The next phase of Sopranica is still in development and it will likely be several months, if not years, before it is widely deployed enough to actually use.

“The biggest challenge is just getting people motivated to switch away from their existing cell carriers,” Gingerich said. “We want to replace all aspects of the cell phone network with their freedom-respecting equivalents so we can have the same functionality without having to give up all of that privacy that we have to give up right now. I foresee that taking place in a lot of ways, but most of them are further down the road.”

This article is shared by www.itechscripts.com | A leading resource of inspired clone scripts. It offers hundreds of popular scripts that are used by thousands of small and medium enterprises.

code_programming_software_astract_background_thinkstock_537331500-100729677-large

 

PHP 7.2, the latest version of the popular server-side web development language, has numerous features and fixes.

The November 30, 2017, release is the second feature update to the PHP 7 series. PHP 7.0 debuted in December 2015 to much fanfare, with the upgrade offering double the performance of previous PHP iterations.

New security features in PHP 7.2
The PHP 7.2 release offers multiple security improvements:

The Argon2 algorithm for securely hashing passwords addresses downsides of current algorithms in that it was designed for the highest memory filling rate.
The Libsodium cryptography library, for authenticated encryption, is now a core extension. The library also offers high-speed elliptic cryptography.
SSL/TLS (Secure Sockets Layer/Transport Layer Security) constants have been improved.
The Mcrypt cryptography library extension has been removed. PHP’s developers have said Mcrypt has inhibited the growth of the PHP language and serves as “abandonware.”
Improved programming features in PHP 7.2
PHP 7.2 has several new and enhanced programming capabilities:

Conversion of numeric keys in object/array casts addresses an issue with the Zend Engine, which powers PHP 7. The engine has had cases where array hash tables can contain numeric strings while object hash tables can have integer keys. In such cases, PHP code can’t find the keys. With the fix in PHP 7.2, keys of arrays or object hash tables are converted as appropriate, so numeric string property names in objects become integer array keys and vice versa, solving the issue of inaccessible properties.
Object typehints fix a situation in which a developer can’t declare a function that needs to be passed an object as a parameter or declare that a function should return an object. The fix uses object as a parameter type and as a return type.
HashContext as Object migrates the hash extension to use an object extension for hash contexts instead of using resources.
A new warning has been added when calling the count () function with a parameter that is a scalar, a parameter that is null, or an object that does not implement the Countable interface.

This article is shared by www.itechscripts.com | A leading resource of inspired clone scripts. It offers hundreds of popular scripts that are used by thousands of small and medium enterprises.

Credits : Bleepingcomputer

Credits : Bleepingcomputer

 

PHP got a whole lot more secure this week with the release of the 7.2 branch, a version that improves and modernizes the programming language’s support for cryptography and password hashing algorithms.

Of all, the most significant change in PHP 7.2 is, by far, the support for Argon2, a password hashing algorithm [1, 2, 3] developed in the early 2010s and which won the Password Hashing Competition in 2015 [1, 2].

Argon2 beat 23 other algorithms to win the Password Hashing Competition, and is now in the midst of becoming a universally recognized Internet standard at the Internet Engineering Task Force (IETF), the reward for winning the contest.

Argon2 considered superior to Bcrypt
The algorithm is currently considered to be superior to Bcrypt, today’s most widely used password hashing function, in terms of both security and cost-effectiveness.

Besides password hashing functions, the algorithm is also ideal for proof-of-work operations, used with modern electronic (crypto)currencies.

Starting with PHP 7.2, released on Thursday, Argon2 v1.3 has been added to the PHP core, and developers can use it via the password_hash() function.

Mcrypt out, Libsodium in
The other major change in PHP 7.2 was the removal of the old Mcrypt cryptographic library from the PHP core and the addition of Libsodium, a more modern alternative.

This modification came after a suggestion made by Scott Arciszewski, Chief Development Officer at Paragon Initiative Enterprises.

“Let’s get rid of ext/mcrypt, which is abandonware and inhibits the growth of the language, as soon as humanly possible,” Arciszewski wrote in early 2016.

“Libmcrypt hasn’t been touched in eight years (last release was in 2007), leaving OpenSSL as the only viable option for PHP 5.x and 7.0 users,” the expert also added. “Libsodium is a modern cryptography library that offers authenticated encryption, high-speed elliptic curve cryptography, and much more. Unlike other cryptography standards (which are a potluck of cryptography primitives; i.e. WebCrypto), Libsodium is comprised of carefully selected algorithms implemented by security experts to avoid side-channel vulnerabilities. ”

Bleeping Computer had a chat with Mr. Arciszewski this past February about Libsodium’s addition to PHP when work started on the early dev versions of the PHP 7.2 code. At the time, PHP became the first programming language to embed a modern cryptography library in its core distribution, instead of a plug-in.

Despite being the butt of all jokes in the programming world for the last decade, PHP has become quite faster and more secure since the release of version 7.x in late 2015.

This article is shared by www.itechscripts.com . A leading resource of inspired clone scripts. It offers hundreds of popular scripts that are used by thousands of small and medium enterprises.

516291-630x330

PHP received a shot in the arm with the release of a new version of the programming language that provides support for an improved password hashing algorithm and includes high-speed cryptography.

The release of PHP 7.2 includes support for the algorithm Argon2 and provides strong benefits in comparison to existing techniques. The update to the PHP programming language also replaces an outmoded cryptographic library with a modern version known as Libsodium.

Developers and IT decision-makes should view the update as welcome news since many business websites still rely on PHP programming techniques.

Understanding the Benefits of Argon2
The password hashing algorithm Argon2 has been added to the newly updated PHP core. Password hashing is one of the most basic security elements developers must consider when designing applications that accept passwords from users.

A strong hashing algorithm reduces the risk of an attacker being able to determine the original password while still allowing a database to compare the resulting hash in the long term. Argon2 is believed to offer a better alternative to bcrypt, Bleeping Computer reported, in terms of both cost efficiency and security.

Argon2, which defeated more than 20 algorithms to win the Password Hashing Competition in 2015, is now recognized as a universal internet standard by the Internet Engineering Task Force (IETF), according to Bleeping Computer. It is also ideal for the data-based protective measures used in cryptocurrencies.

The Plus Points of Libsodium
The PHP development team announced the availability of PHP 7.2 at the end of November. The release includes a range of improvements in addition to the inclusion of Argon2.

Among the most notable of these advancements was the ejection of the mcrypt cryptographic library from the core and its replacement with Libsodium. PHP’s developers have previously suggested that mcrypt, which was last updated almost a decade ago, was inhibiting the growth of the language and should be removed as quickly as possible.

InfoWorld reported that the Libsodium cryptography library is now a core extension in PHP 7.2 and provides high-speed elliptic cryptography.

Protecting Users and Data From PHP Programming Flaws
Late last year, security specialists unearthed three PHP vulnerabilities that could have had serious consequences for organizations and consumers worldwide. Then, earlier this year, reports surfaced about a rootkit that hides inside a PHP module and attacks servers through Apache modules. That was followed by fears that unfinished installations of WordPress could give attackers admin access.

IT managers must be aware of these risks and welcome the updated version of PHP. The Libsodium library should be developers’ go-to source for application-layer cryptography. Its addition to PHP is a crucial step toward implementing more concrete security for the programming language.

This article is shared by www.itechscripts.com . A leading resource of inspired clone scripts. It offers hundreds of popular scripts that are used by thousands of small and medium enterprises.