Update on Meltdown-Spectre security vulnerabilities

Anti-virus software makers are detecting malware that attempts to exploit the security vulnerabilities identified as Spectre and Meltdown. Since code must execute on the computer to exploit these vulnerabilities, anti-virus software is being updated to detect such malware attacks. Of course, some such malware may yet get through our defenses and could end up on machines.

Source: Meltdown-Spectre: Malware is already being tested by attackers | ZDNet

My view is that for most of us, its just another form of malware. We all need to be pro-active about avoiding malware by taking appropriate steps such as installing code we know to be good, using anti-virus software, and keeping our systems generally update. Meltdown and Spectre are just two more exploits that hackers can use.

High level look at the SPECTRE exploit

In early January, two security exploits were revealed, both of which take advantage of ways that processors work to improve their performance. This video looks at the SPECTRE exploit; the other exploit is called MELTDOWN. Rather than speculative execution, it exploits a feature of Intel processor known as “out of order” execution to gain access to protected system memory. MELTDOWN is not covered in this video, however.


High level overview of compiling a program into executable instructions

A high level look at the concepts of compilers, interpreters, byte codes and Just-in-Time compilation, as ways of converting our programs into executable programs or machine instructions processed by the CPU.

The first video provided a high level look at computer system architecture.

The second video introduced the concepts of the CPU or processor.

This video introduces the conversion of our high level programs into machine executable code. Note that this video does not cover specifically how App Inventor blocks code is converted into an executable program.

The fourth video, relying on the information covered in the first 3 videos, will explain the ideas behind the SPECTRE exploit.


Google introduces Blockly 1.0 for Android, iOS and web

If you have used MIT App Inventor (and of course you have!), you can quickly adapt to using Blockly for programming.  Blockly is basically a “Drag and Drop” code editor (like in App Inventor), providing a visual programming system. It uses the same ideas as MIT App Inventor.

To see it in operation, visit MIT’s Scratch project to create a simple program.

Google has released code libraries that, when combined with other tools, enable use of Blockly to create code for the web, for iOS and Android. For iOS you also need XCode and for Android you need Android Studio. Blockly is not a programming language itself; it outputs code in JavaScript, Python, Lua and other formats.

Source: Google Developer’s Blog


(FYI I am half way through my period of traveling too much and not getting much programming done!)

Fewer professional coders in the future?

That is the actual future of software development: It will become so easy and second nature, that for ordinary tasks you won’t even have to think about it.

Source: Dear Google, the future is fewer people writing code | TechCrunch

Tools like MIT App Inventor, and others, are making programming so easy that it no longer requires extensive training and high levels skills to create many types of useful programs.


Writing code will become less and less necessary, making software development more accessible to everyone. This will allow people to solve new and unique problems for themselves, and true software engineers will continue to find ways to empower others through various platforms.

We used to call people who wrote programs, programmers. Later, this was change to titles like software developer, software engineer or sometimes computer engineer. Today, the media has short circuited the entire field to just “coders”, which seems like a downgrading of skills and title.

Writing Android apps in Javascript

Another way to develop apps for Android is to write apps in the Javascript program scripting language (note – Javascript is not related to Java, in spite of the similar name). By using a special platform called Cordova, it is possible to package Javascript programs into a self contained Android .apk file that runs on the Android OS.

Even better – it is possible to package your Javascript app, using Cordova, into forms that run on iOS (iPhones and iPad) and Windows Phone too!

Continue reading

MIT App Inventor “Extensions”

Some new “extension” features are available for testing in App Inventor at MIT App Inventor Extensions. The 4 extensions include vector addition, simple image processing, simple audio processing to identify the pitch of a sound, and the addition of multi-touch gestures to the Canvas.

I have not yet had time to try these but this is a sign of things to come as 3rd parties can begin to develop extensions to the core set of App Inventor features.

Look forward to trying these out! Click on the link above to take a look.