The R programming language "is sometimes frowned upon by 'traditional' software engineers," says the CEO of software quality services vendor Tiobe, "due to its unconventional syntax and limited scalability for large production systems." But he says it "continues to thrive at universities and in research-driven industries, and "for domain experts, it remains a powerful and elegant tool."

Yet it's now gaining more popularity as statistics and large-scale data visualization become important (a trend he also sees reflected in the rise of Wolfram/Mathematica). That's according to December's edition of his TIOBE Index, which attempts to rank the popularity of programming languages based on search-engine results for courses, third-party vendors, and skilled engineers. InfoWorld explains: In the December 2025 index, published December 7, R ranks 10th with a 1.96% rating. R has cracked the Tiobe index's top 10 before, such as in April 2020 and July 2020, but not in recent years. The rival Pypl Popularity of Programming Language Index, meanwhile, has R ranked fifth this month with a 5.84% share. "Programming language R is known for fitting statisticians and data scientists like a glove," said Paul Jansen, CEO of software quality services vendor Tiobe, in a bulletin accompanying the December index...

Although data science rival Python has eclipsed R in terms of general adoption, Jansen said R has carved out a solid and enduring niche, excelling at rapid experimentation, statistical modeling, and exploratory data analysis. "We have seen many Tiobe index top 10 entrants rising and falling," Jansen wrote. "It will be interesting to see whether R can maintain its current position."
"Python remains ahead at 23.64%," notes TechRepublic, "while the familiar chase group behind it holds steady for the moment. The real movement comes deeper in the list, where SQL edges upward, R rises to the top 10, and Delphi/Object Pascal slips away... SQLclimbs from tenth to eighth at 2.10%, adding a small +0.11% that's enough to move it upward in a tightly packed section of the table. Perl holds ninth at 1.97%, strengthened by a +1.33% gain that extends its late-year resurgence."

It's interesting to see how TIOBE's ranking compare with PYPL's (which ranks languages based solely on how often language tutorials are searched on Google):

TIOBE	PYPL
Python	Python
C	C/C++
C++	Objective-C
Java	Java
C#	R
JavaScript	JavaScript
Visual Basic	Swift
SQL	C#
Perl	PHP
R	Rust

Despite their different methodologies, both lists put Python at #1, Java at #5, and JavaScript at #7.

This week the Free Software Foundation honored Andy Wingo, Alx Sa, and Govdirectory with this year's annual Free Software Awards (given to community members and groups making "significant" contributions to software freedom): Andy Wingo is one of the co-maintainers of GNU Guile, the official extension language of the GNU operating system and the Scheme "backbone" of GNU Guix. Upon receiving the award, he stated: "Since I learned about free software, the vision of a world in which hackers freely share and build on each others' work has been a profound inspiration to me, and I am humbled by this recognition of my small efforts in the context of the Guile Scheme implementation. I thank my co-maintainer, Ludovic Courtès, for his comradery over the years: we are just building on the work of the past maintainers of Guile, and I hope that we live long enough to congratulate its many future maintainers."

The 2024 Award for Outstanding New Free Software Contributor went to Alx Sa for work on the GNU Image Manipulation Program (GIMP). When asked to comment, Alx responded: "I am honored to receive this recognition! I started contributing to the GNU Image Manipulation Program as a way to return the favor because of all the cool things it's allowed me to do. Thanks to the help and mentorship of amazing people like Jehan Pagès, Jacob Boerema, Liam Quin, and so many others, I hope I've been able to help other people do some cool new things, too."

Govdirectory was presented with this year's Award for Projects of Social Benefit, given to a project or team responsible for applying free software, or the ideas of the free software movement, to intentionally and significantly benefit society. Govdirectory provides a collaborative and fact-checked listing of government addresses, phone numbers, websites, and social media accounts, all of which can be viewed with free software and under a free license, allowing people to always reach their representatives in freedom...

The FSF plans to further highlight the Free Software Award winners in a series of events scheduled for the new year to celebrate their contributions to free software.

A former Chinese official who fled to the U.S. says Beijing has used advanced surveillance technology from U.S. companies to track, intimidate, and punish him and his family across borders. ABC News reports: Retired Chinese official Li Chuanliang was recuperating from cancer on a Korean resort island when he got an urgent call: Don't return to China, a friend warned. You're now a fugitive. Days later, a stranger snapped a photo of Li in a cafe. Terrified South Korea would send him back, Li fled, flew to the U.S. on a tourist visa and applied for asylum. But even there -- in New York, in California, deep in the Texas desert -- the Chinese government continued to hunt him down with the help of surveillance technology.

Li's communications were monitored, his assets seized and his movements followed in police databases. More than 40 friends and relatives -- including his pregnant daughter -- were identified and detained, even by tracking down their cab drivers through facial recognition software. Three former associates died in detention, and for months shadowy men Li believed to be Chinese operatives stalked him across continents, interviews and documents seen by The Associated Press show.

The Chinese government is using an increasingly powerful tool to cement its power at home and vastly amplify it abroad: Surveillance technology, much of it originating in the U.S., an AP investigation has found. Within China, this technology helped identify and punish almost 900,000 officials last year alone, nearly five times more than in 2012, according to state numbers. Beijing says it is cracking down on corruption, but critics charge that such technology is used in China and elsewhere to stifle dissent and exact retribution on perceived enemies.

Outside China, the same technology is being used to threaten wayward officials, along with dissidents and alleged criminals, under what authorities call Operations "Fox Hunt" and "Sky Net." The U.S. has criticized these overseas operations as a "threat" and an "affront to national sovereignty." More than 14,000 people, including some 3,000 officials, have been brought back to China from more than 120 countries through coercion, arrests and pressure on relatives, according to state information.

id Software employees voted to form a wall-to-wall union with the CWA, covering all roles at the Doom studio. "The vote wasn't unanimous, though a majority did vote in favor of the union," notes Engadget. From the report: The union will work in conjunction with the Communications Workers of America (CWA), which is the same organization involved with parent company ZeniMax's recent unionization efforts. Microsoft, who owns ZeniMax, has already recognized this new effort, according to a statement by the CWA. It agreed to a labor neutrality agreement with the CWA and ZeniMax workers last year, paving the way for this sort of thing.

From the onset, this union will look to protect remote work for id Software employees. "Remote work isn't a perk. It's a necessity for our health, our families, and our access needs. RTO policies should not be handed down from executives with no consideration for accessibility or our well-being," said id Software Lead Services Programmer Chris Hays. He also said he looks forward to getting worker protections regarding the "responsible use of AI."

Phoebe Gates, Bill Gates' youngest daughter, has raised $30 million for the AI shopping app she built in her Stanford dorm room with classmate Sophia Kianni. The app is called Phia and is pitched as a way to simplify price comparison and secondhand shopping. "Its AI-powered search engine -- available as an app and as a browser extension for Chrome and Safari -- pulls listings from more than 40,000 retail and resale sites so users can compare prices, surface real-time deals, and determine whether an item's cost is typical, high or fair," reports the San Francisco Chronicle. The app has reached 750,000 downloads in eight months and is valued at $180 million. From the report: Gates told Elle that when she first floated the idea to her parents, they urged her to keep it as a side project -- advice she followed by enrolling in Stanford's night program after moving to New York and finishing her degree in 2024. "They were like, 'Okay, you can do this as a side thing, but you need to stay in school.' I don't think people would expect that from my family, to be honest," she said.

Her father dropped out of Harvard University in 1975 to launch Microsoft. Kianni even paused her degree temporarily "to learn, as quickly as possible, as much as we could about the industry that we would be operating in," she told Vogue. Bill Gates has not invested in the company, though he has publicly supported its mission.

Berlin's regional parliament has passed a far-reaching overhaul of its "security" law, giving police new authority to conduct both digital and physical surveillance. From a report: The CDU-SPD coalition, supported by AfD votes, approved the reform of the General Security and Public Order Act (ASOG), changing the limits that once protected Berliners from intrusive policing. Interior Senator Iris Spranger (SPD) argued that the legislation modernizes police work for an era of encrypted communication, terrorism, and cybercrime. But it undermines core civil liberties and reshapes the relationship between citizens and the state.

One of the most controversial elements is the expansion of police powers under paragraphs 26a and 26b. These allow investigators to hack into computers and smartphones under the banner of "source telecommunications surveillance" and "online searches." Police may now install state-developed spyware, known as trojans, on personal devices to intercept messages before or after encryption.

If the software cannot be deployed remotely, the law authorizes officers to secretly enter a person's home to gain access. This enables police to install surveillance programs directly on hardware without the occupant's knowledge. Berlin had previously resisted such practices, but now joins other federal states that permit physical entry to install digital monitoring tools.

joshuark shares a report from BleepingComputer: More than 10,000 Docker Hub container images expose data that should be protected, including live credentials to production systems, CI/CD databases, or LLM model keys. After scanning container images uploaded to Docker Hub in November, security researchers at threat intelligence company Flare found that 10,456 of them exposed one or more keys. The most frequent secrets were access tokens for various AI models (OpenAI, HuggingFace, Anthropic, Gemini, Groq). In total, the researchers found 4,000 such keys. "These multi-secret exposures represent critical risks, as they often provide full access to cloud environments, Git repositories, CI/CD systems, payment integrations, and other core infrastructure components," Flare notes. [...]

Additionally, they found hardcoded API tokens for AI services being hardcoded in Python application files, config.json files, YAML configs, GitHub tokens, and credentials for multiple internal environments. Some of the sensitive data was present in the manifest of Docker images, a file that provides details about the image.Flare notes that roughly 25% of developers who accidentally exposed secrets on Docker Hub realized the mistake and removed the leaked secret from the container or manifest file within 48 hours. However, in 75% of these cases, the leaked key was not revoked, meaning that anyone who stole it during the exposure period could still use it later to mount attacks.

Flare suggests that developers avoid storing secrets in container images, stop using static, long-lived credentials, and centralize their secrets management using a dedicated vault or secrets manager. Organizations should implement active scanning across the entire software development life cycle and revoke exposed secrets and invalidate old sessions immediately.

During the company's first "Autonomy & AI Day" event today, Rivian unveiled a major autonomy push featuring custom silicon, lidar, and a "large driving model." It also hinted at a potential entry into the self-driving ride-hail market, according to CEO RJ Scaringe. TechCrunch reports: Rivian said it will expand the hands-free version of its driver-assistance software to "over 3.5 million miles of roads across the USA and Canada" and will eventually expand beyond highways to surface streets (with clearly painted road lines). This expanded access will be available on the company's second-generation R1 trucks and SUVs. It's calling the expanded capabilities "Universal Hands-Free" and will launch in early 2026. Rivian says it will charge a one-time fee of $2,500 or $49.99 per month.

"What that means is you can get into the vehicle at your house, plug in the address to where you're going, and the vehicle will completely drive you there," Scaringe said Thursday, describing a point-to-point navigation feature. After that, Rivian plans to allow drivers to take their eyes off the road. "This gives you your time back. You can be on your phone, or reading a book, no longer needing to be actively involved in the operation of vehicle." Rivian's driver assistance software won't stop there; the EV maker laid out plans on Thursday to enhance its capabilities all the way up to what it's calling "personal L4," a nod to the level set by the Society of Automotive Engineers that means a car can operate in a particular area with no human intervention.

After that, Scaringe hinted that Rivian will be looking at competing with the likes of Waymo. "While our initial focus will be on personally owned vehicles, which today represent a vast majority of the miles driven in the United States, this also enables us to pursue opportunities in the ride-share space," he said. To help accomplish these lofty goals, Rivian has been building a "large driving model" (think: an LLM but for real-world driving), part of a move away from a rules-based framework for developing autonomous vehicles that has been led by Tesla. The company also showed off its own custom 5nm processor, which it says will be built in collaboration with both Arm and TSMC.

Stanford researchers spent much of the past year building an AI bot called Artemis that scans networks for software vulnerabilities, and when they pitted it against ten professional penetration testers on the university's own engineering network, the bot outperformed nine of them. The experiment offers a window into how rapidly AI hacking tools have improved after years of underwhelming performance.

"We thought it would probably be below average," said Justin Lin, a Stanford cybersecurity researcher. Artemis found bugs at a fraction of human cost -- just under $60 per hour compared to the $2,000 to $2,500 per day that professional pen testers typically charge. But its performance wasn't flawless. About 18% of its bug reports were false positives, and it completely missed an obvious vulnerability on a webpage that most human testers caught. In one case, Artemis found a bug on an outdated page that didn't render in standard browsers; it used a command-line tool called Curl instead of Chrome or Firefox.

Dan Boneh, a Stanford computer science professor who advised the researchers, noted that vast amounts of software shipped without being vetted by LLMs could now be at risk. "We're in this moment of time where many actors can increase their productivity to find bugs at an extreme scale," said Jacob Klein, head of threat intelligence at Anthropic.

An anonymous reader quotes a report from TechCrunch: Apple on Wednesday released its annual list of the most downloaded apps and games for the year. For the U.S. market, OpenAI's ChatGPT topped the ranks of free iPhone apps (not including games) with the most installs in 2025. The AI app was followed by Threads, Google, TikTok, WhatsApp, Instagram, YouTube, Google Maps, Gmail, and Google's Gemini. ChatGPT made it to No. 4 last year, but the top spot was taken by Chinese shopping app Temu. In 2023, the AI app didn't make the top-10 list despite being released on the iPhone in May 2023 to a strong debut.

Longtime Slashdot reader MadCow42 writes: Canonical just announced that they're packaging AMD's ROCm libraries (for AIML and HPC with both data-center GPUs as well as desktop/laptop GPUs), directly into the Ubuntu Universe archive. You can run ROCm on Ubuntu today but you have to install it via a script from AMD and manually remove and reinstall for any upgrades or bug fixes. Having it in Ubuntu as a normal Debian package will make it much easier to install and also to maintain in the long run via normal apt tooling ('apt upgrade'). This also means that ROCm can be an automatically-installed dependency for other packages, which doesn't happen today.

And, interestingly, Canonical has committed to providing long-term-support for ROCm in Ubuntu -- which is particularly exciting for edge and IoT devices that may have a long life in the field and need regular security patches and updates.

Adobe is integrating Photoshop, Express, and Acrobat directly into ChatGPT so users can edit photos, design graphics, and tweak PDFs through the chatbot. The Verge reports: The Adobe apps are free to use, and can be activated by typing the name of the app alongside an uploaded file and conversational instruction, such as "Adobe Photoshop, help me blur the background of this image." ChatGPT users won't have to specify the name of the app again during the same conversation to make additional changes. Depending on the instructions, Adobe's apps may offer a selection of results to choose from, or provide a UI element that the user can manually control -- such as Photoshop sliders for adjusting contrast and brightness.

The ChatGPT apps don't provide the full functionality of Adobe's desktop software. Adobe says the Photoshop app can edit specific sections of images, apply creative effects, and adjust image settings like brightness, contrast and exposure. Acrobat in ChatGPT can edit existing PDFs, compress and convert other documents into a PDF format, extract text or tables, and merge multiple files together.

The Adobe Express app allows ChatGPT users to both generate and edit designs, such as posters, invitations, and social media graphics. Everything in the design can be edited without leaving ChatGPT, from replacing text or images, to altering colors and animating specific sections. If ChatGPT users do want more granular control over a project they started in the chatbot, those photos, PDFs, and designs can be opened directly in Adobe's native apps to pick up where they left off.

New submitter emangwiro shares a report: The HDMI Forum, responsible for the HDMI specification, continues to stonewall open source. Valve's Steam Machine theoretically supports HDMI 2.1, but the mini-PC is software-limited to HDMI 2.0. As a result, more than 60 frames per second at 4K resolution are only possible with limitations. In a statement to Ars Technica, a Valve spokesperson confirmed that HDMI 2.1 support is "still a work-in-progress on the software side." "We've been working on trying to unblock things there."

The Steam Machine uses an AMD Ryzen APU with a Radeon graphics unit. Valve strictly adheres to open-source drivers, but the HDMI Forum is unwilling to disclose the 2.1 specification. According to Valve, they have validated the HDMI 2.1 hardware under Windows to ensure basic functionality.

Nvidia has developed location verification technology that could determine which country its AI chips are operating in, Reuters reports, citing a source, a capability that may help address ongoing concerns about the smuggling of advanced semiconductors to restricted markets like China. The feature, which Nvidia has demonstrated privately in recent months but has not released, would be an optional software tool that customers install. It taps into the confidential computing capabilities of Nvidia's GPUs and uses the time delay in communicating with Nvidia-run servers to approximate a chip's location.

The technology will first be available on Nvidia's newest Blackwell chips, though the company is examining options for its older Hopper and Ampere generations. U.S. lawmakers and the White House have pushed for location verification measures as the Department of Justice has brought criminal cases against smuggling rings allegedly attempting to move more than $160 million worth of Nvidia chips to China.

Michael Saylor's software company Strategy, formerly known as MicroStrategy, built a financial model that some observers called an "infinite-money machine" by stockpiling hundreds of thousands of bitcoins and issuing stock and debt to buy more, but that machine appears to be breaking down. The company's stock peaked above $450 in mid-July and ended November at $177.18, a 60% decline. Bitcoin fell only 25% over the same period. The gap between Strategy's market cap and the value of its bitcoin holdings has nearly vanished.

At one point last week, the company's market value dipped below the value of its bitcoins after accounting for debt. Strategy announced it had built a $1.4 billion dollar reserve by selling more stock to cover required dividend payments to preferred shareholders over the next twelve months. The company also disclosed it might sell some of its coins if its value continues to fall, a reversal from Saylor's February tweet declaring "Never sell your Bitcoin." Professional short seller Jim Chanos, who had questioned the strategy's sustainability, told Sherwood he made money by shorting the stock and buying bitcoins.

Microsoft Excel, the 40-year-old spreadsheet application that helped establish personal computers as essential workplace tools and contributed to Microsoft's current valuation of nearly $4 trillion, has weathered both the rise of cloud computing and the current AI boom largely unscathed. In its most recent quarter, commercial revenue for Microsoft 365 -- the bundle including Excel, Word, and PowerPoint -- increased 17% year over year, and consumer revenue rose 28%.

The software traces its origins to a 1983 Microsoft offsite under the code name Odyssey, where engineers set out to clone Lotus 1-2-3. That program had itself cloned VisiCalc, the first computerized spreadsheet, created by Dan Bricklin for the Apple II in the late 1970s. Bricklin never patented VisiCalc. "Financially it would have been great if we'd have been able to patent it," he told Bloomberg. "And there would be a Bricklin Building at MIT, instead of a Gates Building."

Excel now counts an estimated 500 million paying users. The Pentagon pays for 2 million Microsoft 365 licenses. Google's free Sheets product, launched in 2006, captured casual use cases like potluck sign-ups but failed to dislodge Excel from enterprise work. AI chatbots present the latest challenge, but venture capitalists say nearly every AI spreadsheet startup they meet builds on top of Excel rather than replacing it.

Anthropic is bringing Claude Code directly into Slack, letting developers spin up coding sessions from chat threads and automate workflows without leaving the app. TechCrunch reports: Previously, developers could only get lightweight coding help via Claude in Slack -- like writing snippets, debugging, and explanations. Now they can tag @Claude to spin up a complete coding session using Slack context like bug reports or feature requests. Claude analyzes recent messages to determine the right repository, posts progress updates in threads, and shares links to review work and open pull requests.

The move reflects a broader industry shift: AI coding assistants are migrating from IDEs (integrated development environment, where software development happens) into collaboration tools where teams already work. [...] While Anthropic has not yet confirmed when it would make a broader rollout available, the timing is strategic. The AI coding market is getting more competitive, and differentiation is starting to depend more on integration depth and distribution than model capability alone.

IBM is buying Confluent for $11 billion in a major push to own real-time data streaming infrastructure essential for enterprise AI workloads. It marks Big Blue's biggest acquisition since Red Hat in 2019. Bloomberg reports: The AI boom has touched off billions of dollars in deals for businesses that build, train or leverage the technology, propelling the value of an entire ecosystem of data center developers, software makers, generative AI tool developers and data management firms. Mountain View, California-based Confluent sits in the data corner of that world, providing a platform for companies to gather -- or "stream" -- and analyze data in real time as opposed to shipping data in clunkier batches.

Manufacturers such as Michelin, for example, have used Confluent's platform to optimize their inventories of raw and semi-finished materials live. Instacart adopted Confluent to develop real-time fraud detection systems and gain more visibility into the availability of products sold on its grocery delivery platform. Businesses are increasingly tapping AI systems that manage tasks like this in real-time and require live flows of data to do so. IBM, which pioneered mainframe computers, has been trying to reposition its business around AI over the past few years. Under Chief Executive Officer Arvind Krishna, it's been buying software companies and selling generative AI-related services to enterprise clients. Software now makes up almost half its total revenue and continues to grow at a steady rate.

Google said it's working to create two different categories of artificial intelligence-powered smart glasses to compete next year with existing models from Meta Platforms: one with screens, and another that's audio focused. From a report: The first AI glasses that Google is collaborating on will arrive sometime in 2026, it said in a blog post Monday. Samsung Electronics, Warby Parker and Gentle Monster are among its early hardware partners, but the companies have yet to show any final designs. Google also outlined several software improvements coming to Samsung's Galaxy XR headset, including a travel mode that will allow the mixed-reality device to be used in cars and on planes.

What triggered that Airbus emergency software recall? The BBC reports that Airbus's initial investigation into an aircraft's sudden drop in altitude linked it "to a malfunction in one of the aircraft's computers that controls moving parts on the aircraft's wings and tail." But that malfunction "seems to have been triggered by cosmic radiation bombarding the Earth on the day of the flight..."

The BBC believes radiation from space "could become a growing problem as ever more microchips run our lives." What Airbus says occurred on that JetBlue flight from Cancun to New Jersey was a phenomenon called a single-event upset, or bit flip. As the BBC has previously reported, these computer errors occur when high-speed subatomic particles from outer space, such as protons, smash into atoms in our planet's atmosphere. This can cause a cascade of particles to rain down through our atmosphere, like throwing marbles across a table. In rare cases, those fast-moving neutrons can strike computer electronics and disrupt tiny bits of data stored in the computer's memory, switching that bit — often represented as a 0 or 1 — from one state to another. "That can cause your electronics to behave in ways you weren't expecting," says Matthew Owens, professor of space physics at the University of Reading in the UK. Satellites are particularly affected by this phenomenon, he says. "For space hardware we see this quite frequently."

This is because the neutron flux — a measure of neutron radiation — rises the higher up in the atmosphere you go, increasing the chance of a strike hitting sensitive parts of the computer equipment on board. Aircraft are more vulnerable to this problem than computer equipment on the ground, although bit flips do occur at ground level, too. The increasing reliance of computers in fly-by-wire systems in aircraft, which use electronics rather than mechanical systems to control the plane in the air, also mean the risk posed by bit flips when they do occur is higher... Airbus told the BBC that it tested multiple scenarios when attempting to determine what happened to the 30 October 2025 JetBlue flight. In this case also, the company ruled out various possibilities except that of a bit flip. It is hard to attribute the incident to this for sure, however, because careering neutrons leave no trace of their activity behind, says Owens...

[Airbus's software update] works by inducing "rapid refreshing of the corrupted parameter so it has no time to have effect on the flight controls", Airbus says. This is, in essence, a way of continually sanitising computer data on these aircraft to try and ensure that any errors don't end up actually impacting a flight... As computer chips have become smaller, they have also become more vulnerable to bit flips because the energy required to corrupt tiny packets of data has got lower over time. Plus, more and more microchips are being loaded into products and vehicles, potentially increasing the chance that a bit flip could cause havoc. If nothing else, the JetBlue incident will focus minds across many industries on the risk posed to our modern, microchip-dependent lives from cosmic radiation that originates far beyond our planet.
Airbus said their analysis revealed "intense solar radiation" could corrupt data "critical to the functioning of flight control." But that explanation "has left some space weather scientists scratching their heads," adds the BBC.

Space.com explains: Solar radiation levels on Oct. 30 were unremarkable and nowhere near levels that could affect aircraft electronics, Clive Dyer, a space weather and radiation expert at University of Surrey in the U.K., told Space.com. Instead, Dyer, who has studied effects of solar radiation on aircraft electronics for decades, thinks the onboard computer of the affected jet could have been struck by a cosmic ray, a stream of high-energy particles from a distant star explosion that may have travelled millions of years before reaching Earth. "[Cosmic rays] can interact with modern microelectronics and change the state of a circuit," Dyer said. "They can cause a simple bit flip, like a 0 to 1 or 1 to 0. They can mess up information and make things go wrong. But they can cause hardware failures too, when they induce a current in an electronic device and burn it out."