Matrix & Riot Hosts Shut Down Due to Hack

Matrix team says that the hacking was done through a vulnerability in an un-upgraded Jenkins continuous integration system
12 April 2019   765

The developers of the platform for decentralized messaging Matrix have announced an emergency shutdown of the servers Matrix.org and Riot.im (the main client of the Matrix) in connection with the hacking of the project infrastructure. The first shutdown took place last night, after which the servers were restored, and the applications were reassembled from the reference source. But a few minutes ago the servers were compromised a second time.

The attackers placed on the main page of the project detailed information about the server configuration and the data on whether they have a database with hashes of almost five and a half million Matrix users. As evidence, hash password of project leader is in open access. The modified site code is placed in the repository of attackers on GitHub (not in the official matrix repository). Details about the second hack are not yet available.

After the first hacking, the Matrix team published a report stating that the hacking was done through a vulnerability in an un-upgraded Jenkins continuous integration system. After gaining access to the server with Jenkins, the attackers intercepted the SSH keys and were able to access other infrastructure servers. It was stated that the source code and packages were not affected by the attack. The attack also did not affect Modular.im servers. But the attackers gained access to the main DBMS, which also contains unencrypted messages, access tokens and password hashes.

All users were adviced to change passwords. But in the process of changing passwords in the main Riot client, users are faced with the loss of files with backup copies of keys for restore encrypted correspondence and the inability to access message history.

TIOBE Index June 2019 to be Rolled Out

Java is still on the top, but experts noted fast growth of Python search queries, and they believe it can reach 1st place in 3-4 years
13 June 2019   319

June 2019 TIOBE Index has been released. Analysts noted a sharp increase in the proportion of searches for Python.

This month Python has reached again an all time high in TIOBE index of 8.5%. If Python can keep this pace, it will probably replace C and Java in 3 to 4 years time, thus becoming the most popular programming language of the world. The main reason for this is that software engineering is booming. It attracts lots of newcomers to the field. Java's way of programming is too verbose for beginners. In order to fully understand and run a simple program such as "hello world" in Java you need to have knowledge of classes, static methods and packages. In C this is a bit easier, but then you will be hit in the face with explicit memory management. In Python this is just a one-liner. 
 

TIOBE Team

Experts attributed the growing popularity of Python to the fact that now many have hit the development of software. And newcomers prefer Python - succinct and concise. According to analysts, Java for beginners is too verbose, and C sooner or later will force to understand the intricacies of memory management.