Connect with us

Science & Technology

How a Programmer Nearly Broke The Internet by Deleting Just 11 Lines of Code –

You might not be aware, but on 23 March 2016, the internet as we know it almost came crashing down.

A huge amount of the software the Internet is built upon crashed when an angry programmer decided to unpublish all his code from a popular Javascript registry called npm.

That doesn’t sound like a big deal – after all, code is deleted and re-uploaded all the time – but Oakland-based developer Azer Koçulu just happened to be the creator of a simple but frequently-used 11-line package that was relied upon by companies such as Facebook, Netflix, and Airbnb.

The problem was promptly fixed, and for the vast majority of us users, there was no down-time thanks to caching, and we wouldn’t have noticed anything out of the ordinary.

But for web developers, it was a temporary nightmare that resulted in thousands of builds failing each second. One developer wrote on the github forum at the time: “This kind of just broke the Internet”.

So how the hell does such deleting such a small chunk of code pull down the rest of the Internet like a house of cards? First, you need to understand that when it comes to building programs, there are a whole lot of modules and tools available to make the process quicker and simpler.

The biggest registry of these Javascript modules is an open-source platform called npm, which works sort of like an App store for developers. They look up the functionality they want, and hopefully fund a module that does it for them.

One of the most popular of these modules was Koçulu’s 11-line-long ‘left-pad’ module, which was a surprising simple, yet heavily relied upon, piece of code. In fact, the programming community didn’t even realise how relied-upon it was until Koçulu pulled it down.

Basically, left-pad is used as a shortcut by developers, so they didn’t have to write a whole bunch of basic code from scratch each time. “If a developer calls on an npm module, it’s basically shorthand for ‘put this code in later’, and a software compiler will just download the code when the time is right,” Matt Weinberger reports for Business Insider.

And it’s not just kids at home using those modules, we’re talking about high-profile Silicon Valley ventures here. Software that was reliant on left-pad included Babel, which helps Facebook, Netflix, and Spotify run code faster, and React, which helps developers build better interfaces, as Weinberger reports.

And most of the time that works just fine – unless of course the module in question disappears, which is what happened with left-pad after Koçulu unceremoniously unpublished it.

To give credit to the open source community, within 10 minutes, someone else had published a functionally identical version of left-pad, which fixed a few of the problems, but not all of them.

In the face of ongoing build fails, npm decided to take the unprecedented step of re-publishing the original ‘left-pad’ from a back up, which resolved the remaining problems.

But the move caused backlash and debate amongst the programming community, as well as discussions over why companies such as npm are allowing developers to build software on modules that can be unpublished at any time.

So why did Koçulu delete left-pad in the first place? As he explained in a post over on Medium, it all started because of a dispute with messaging company Kik, over a module Koçulu was working on, also called kik.

The company wanted him to change the name of his module so they could roll out their own product, but he declined, leading to some heated emails between the two parties (which you can see here).

Eventually, npm got pulled into the argument, and instead of siding with their long-time developer, they agreed that, for the sake of their users, having Kik the company use the package name kik would make more sense.

“It very quickly became obvious that they were not going to be able to resolve their dispute over the name,” npm CEO, Isaac Schlueter, told Ars Technica. “We made the decision based on what we thought would be in the best interest of the npm community. What it came down to is that a reasonably well-informed user who types ‘npm install kik’ would expect to get something related to Kik. So that’s why we turned (the name) over.”

Koçulu was understandably pretty annoyed by the decision, and sent them an email back saying:

“I know you for years and would never imagine you siding with corporate patent lawyers threatening open source contributors … I want all my modules to be deleted including my account, along with this package. I don’t wanna be a part of npm anymore. If you don’t do it, let me know how do it quickly. I think I have the right of deleting all my stuff from npm.”

A few hours later, npm gave him the command to do just that, and he deleted all 273 modules he’d registered on npm. But with all the focus on kik, no one considered the ramifications of deleting left-pad, and chaos ensued.

Koçulu has since apologised for the unexpected disruption, but stands by his decision. “Feeling very sorry for interrupting people’s work,” he wrote in an email to Ars Technica. “I did it for the benefit of the community in long term. Npm’s monopoly won’t be dictated to the free software community anymore.”

The bigger issue that remains is how to deal with these problems in future, and how to avoid them happening in the first place – and that’s something npm are now looking into.

“We dropped the ball in not protecting you from a disruption caused by unrestricted unpublishing. We’re addressing this with technical and policy changes,” wrote the company in a blog post last week. “We’ll continue to do everything we can to reduce friction in the lives of JavaScript developers.”

In the meantime, be careful with code out there, kids. You never know what could be relying on it.

A version of this article was originally published in March 2016.

Read More On This At ScienceAlert – Latest

Advertisement
Comments

Science & Technology

10 robotic dogs pull truck along in new video

Image Credit: YouTube / Boston Dynamics

The robots seemed to have no problem hauling the truck.

A small army of Boston Dynamics’ dog-like robots have been filmed hauling a truck through a parking lot.

Known as SpotMini, this four-legged contraption has become something of a celebrity in recent years thanks to videos showing it performing a wide range of tasks and balancing acts.

This latest footage shows more of the robots than ever before – ten of them to be exact – all working together to haul a large truck through the parking lot outside Boston Dynamics’ headquarters.

Each robot is 0.84 meters tall and can carry a payload of around 14kg.

What’s interesting is that these robots will actually be available for companies to purchase in the near future, meaning that they are no longer just a work-in-progress.

“It only takes 10 Spotpower (SP) to haul a truck across the Boston Dynamics parking lot,” the firm wrote in the caption for the video on YouTube.

“These Spot robots are coming off the production line now and will be available for a range of applications soon.”

Source: Evening Standard

Continue Reading

Science & Technology

New CRISPR Tech Could Cure Herpes

Hunter-Seeker

Gene hacking techniques that were recently used in human cells for the first time could someday let doctors shred up and destroy viruses like herpes or hepatitis B inside human cells, scientists say.

The new technique is called CRISPR-Cas3 — usually, when you hear about CRISPR tech, it’s the Cas9 variety — and Cornell researchers believe it could be used to cure viral diseases, according to a university-published press release.

DNA Shredder

The scientists used Cas3 to identify and shred long stretches of human DNA, according to research published in the journal Molecular Cell last week. The new gene-hacking tool makes more and broader cuts in genetic material than CRISPR-Cas9, meaning it could let scientists quickly learn what specific, long stretches of genetic information do and how they interact with certain diseases.

It also means that the gene-hacking tool could attack and shred viral DNA.

“My lab spent the past ten years figuring out how CRISPR-Cas3 works. I am thrilled that my colleagues and I finally demonstrated its genome editing activity in human cells,” said Cornell molecular biologist Ailong Ke. “Our tools can be made to target these viruses very specifically and then erase them very efficiently. In theory, it could provide a cure for these viral diseases.”

READ MORE: CRISPR-Cas3 innovation holds promise for disease cures, advancing science [Cornell Chronicle]

Source link

Continue Reading

Science & Technology

Scientists Put Human Brain Genes in Monkeys and Made Them Smarter

It’s time for the latest edition of “What Could Possibly Go Wrong?”, the game show that pits seemingly unethical science against potentially catastrophic predictions. In today’s competition, scientists in China (one point already for the catastrophic team) announce they used gene-editing to place human brain genes in rhesus macaque monkeys and it made their brains smarter. Cue the music from every “Planet of the Apes” movie and let the game begin!

“The presented data represents the first attempt to experimentally interrogate the genetic basis of human brain origin using a transgenic monkey model, and it values the use of nonhuman primates in understanding human unique traits.”

If the opening paragraph of the new study, “Transgenic rhesus monkeys carrying the human MCPH1 gene copies show human-like neoteny of brain development,” published recently in the journal National Science Review, is any indication, scientists are learning from lawyers how to protect their clients/experiments by hiding them in clouds of big, confusing words and phrases. Experimentally interrogate?

This is interesting.

China Daily reports that researchers from the Beijing-based National Science Review, the Kunming Institute of Zoology, Chinese Academy of Sciences and the University of North Carolina (that’s in the U.S. – looks like it’s playing for the Seemingly Unethicals) edited human MCPH1 genes – a gene that is critical in fetal brain development because it controls brain size and rate of growth – and created 11 transgenic (a cloud word meaning “artificially carrying DNA from an unrelated organism”) monkeys. Eight of those monkeys were first-generation and three were second-generation, obliterating the ‘artificial’ part of ‘transgenic’ by getting their human genes from their monkey parents.

“According to the research article, brain imaging and tissue section analysis showed an altered pattern of neuron differentiation and a delayed maturation of the neural system, which is similar to the developmental delay (neoteny) in humans.”

In other words, the monkeys showed the human trait of slow brain development (neoteny) rather than the rapid growth of normal monkey brains. What was the benefit of this slow growth?

“The study also found that the transgenic monkeys exhibited better short-term memory and shorter reaction time compared to wild rhesus monkeys in the control group.”

To put it bluntly — even the monkeys could understand the results because the human genes made them smarter!

Ding-ding-ding! That bell means it’s time to play the lightning “What could possibly go wrong?” round.

Time-out called by the Potentially Catastrophics. In a shocking and somewhat honorable display of conscience, Martin Styner, a University of North Carolina computer scientist and coauthor of the Chinese report, told the MIT Technology Review that his role was merely to train Chinese student on how to extract brain volume data from MRI images and, after learning the true purpose, considered removing his name from the paper, which he claims could not find a publisher in the West. Styner then throws his “What could possibly go wrong?” pitch:

“I don’t think that is a good direction. Now we have created this animal which is different than it is supposed to be. When we do experiments, we have to have a good understanding of what we are trying to learn, to help society, and that is not the case here.”

Is this going to be a sequel to Planet of the Apes or Flowers for Algernon?

Unfortunately, that pitch didn’t strike out Bing Su, the geneticist at the Kunming Institute of Zoology who led the research. He told the MIT Technology Review he is planning to create more smart monkeys and is planning to test another gene — SRGAP2C – which has been called the “humanity switch” and the “missing genetic link” because it appeared about two million years ago when Australopithecus (the Southern Ape) was being replaced by the smarter Homo habilis.

Putting the “humanity switch” in a monkey? What could possibly go wrong? This game isn’t over … it’s barely starting. Is this progress … or an unethical march down the field to unforeseen consequences?

If we’ve learned anything from “Planet of the Apes,” it’s that if this game goes into overtime, it won’t be a sudden death.

Source: Mysterious Universe

Continue Reading

Trending