23 April 2025

IntelliJ IDEA 2025.1 release highlights

Most remarkable features for me in this release:

  • kotlin notebook
  • you can now partially display intellij's classic main menu, which is otherwise hidden under the hambnurger button. This will certainly help people find some feartures. But I've gotten used to the hidden menu by now, and I like my main options like projects drop down to be at the same place all the time, so I don't think I will use this.
  • Uses OS default file browser, rahter than IntelliJ's. It is annoying however that it is always opening in my home diretory, rather than remembering the same location as IntelliJ's. Also, in IntelliJ's browser, it was easier to go to the map of another project bu selecting that project and navigating from there.
    I switched back to IntelliJ's file browser using: Settings | Advanced Settings | Use native file chooser dialog in Windows/macOS. It just started to refresh a bit faster these last relases, so this is the best option for me.
  •  Automatic creation of Sring Data repositories
  • Better WSL support
  •  Gradle
    • Easier setting of JDK for Gradle, hopefully getting rid of daemon warnings that it is using a different JVM
    • Automatic download of library sources upon source code access 
  • Preconfiguration of Qodana security analysis

22 April 2025

Using AI to write hacking code from CVE exploit publication

AI can help hackers to quickly write exploit code from published security problems.

Here's an interesting report of the journey to generate hacking code using AI. 

The engineer generated the initial code using chapGpt. The code did not work, then he fixed it with Cursor and Claude Sonnet.

The impleciation is that security administrators now even have a shorter time to install patches, as the hackers can generate the attacks in no time.

 

21 April 2025

JetBrains new user license removes perpetual license

When installing a 2025 upgrade to a JetBrains product you have to accept a new user agreement.

 Biggest change I see is the removal of the right to use an old product indefinitely. 

This is effectively moving the products from a buy and use to a subscription model. Quite a big change to force without any explanation.

more...

12 April 2025

AI hallucinated dependencies security risk

Some of AI generated code is wrong (hallucinations).

When AI generate dependencies attackers could create packages with commonly hallucinated names.

When the developer loads the dependencies, running the code is a security risk.

more...

27 March 2025

Android dessert names

 With version 10 Google stopped referring to Android versions using dessert names. Internally these names do still exist however. With version 13 I'm seeing external references to the desserts again.

  1. Quince Tart
  2. Red Velvet Cake
  3. Snow Cone
  4. Tiramisu
  5. Upside Down Cake
  6. Vanilla Ice Cream
  7. Baklava (!?)

18 March 2025

New features since Java 21 LTS

 Java 22

_  name for variables that are declared but not used

 Java 23

/// Markdown comments 

Java 24

  • Intermediate stream operation: gather()
  • security manager removed