Slashdot Mirror

That still doesn't break threading

Which is yet another advantage of threaded discussions. Unfortunately Atwood hates them, so <strike>rubyBB</strike>Discourse doesn't support it.

The ability of Slashdot (and Reddit, etc.) to sort conversations is very much predicated on the existence of threaded discussion. Without threaded discussion, the direct replies to a topic get lost and scattered, and may even end up before the post they were replying to, with all the temporal paradoxes that involves.

In my experience, there is nothing more controversial in the realm of online discussion boards as the for/against on threaded conversation. There are people (mostly older folks who remember Usenet) who adore threaded discussion. There are others who absolutely *loathe* threaded discussion, and wish it would die in a fire.

Jeff's very much in the anti-threading camp, (2) though mostly on a practical, rather than ideological basis: "I have yet find any threaded discussion format I like". So Discourse only has a very limited threading model - basically just a "WTF is this person replying to?" button.

Without the ability to directly look at the context of a post, sorting posts removes all sorts of context about the discussion. Conversation is all about context, so removing it destroys the ability of the conversation to function. Flat posting forums solve this issue in one of three ways - either by forcing all readers into the same - usually chronological - context; by inducing users to heavily quote context in each post (quoting being something that also generates a large amount of acrimony); or by discarding the concept of "discussion" entirely, meaning posts devolve into disconnected soliloquies, related to each other only tenuously.

There is a great article by Jeff Atwood on building a system: http://blog.codinghorror.com/t... If you aren't familiar, he's developer that has been blogging for about a decade and is read by a number of developers.

In this article, he references a series of articles wrote back in 2007, when he was building his previous development machine. It includes a section on Overclocking: http://blog.codinghorror.com/b...

The take-away: there is a risk of stability, but it's considered low enough in the the cost/performance ratio that he advocates overclocking his development box.

There is a great article by Jeff Atwood on building a system: http://blog.codinghorror.com/t... If you aren't familiar, he's developer that has been blogging for about a decade and is read by a number of developers.

In this article, he references a series of articles wrote back in 2007, when he was building his previous development machine. It includes a section on Overclocking: http://blog.codinghorror.com/b...

The take-away: there is a risk of stability, but it's considered low enough in the the cost/performance ratio that he advocates overclocking his development box.

I think its probably inarguable that the biggest innovation StackOverflow brought to the web was the centrality of reputation and user moderation to its design. Sure, our own /. had done something similar years before, and it was hardly the first either, but no website I know of had before taken it to its logical conclusion in quite the way SO does. This effectively "crowdsourced" a lot of traditional website administrative activities, which turned out to be an incredibly powerful idea. Practically all the functionality of SO is built around the concept.

So when I saw you were tackling online message boards, I expected the same kind of thing. But browsing around a typical Discourse thread, I'm not seeing that at all. Sure, users can "heart" posts, but all that does is bump a small counter next to the heart. There is no way to tell at a glance which posts users found the best and/or worst. Higher rated posts don't sort to the top, or get bigger or anything. As a result, I don't even see that feature used much. Certainly its nothing like SO, where post voting is the central activity. It also seems like moderation on Discourse is designed to be done by administrators, not users. I don't see any facility for users getting moderation privs as they gain reputation. Compared to SO, Discourse seems kind of, well, like a big step backwards in interactivity.

I'm sure I'm missing something here. What is it? Or did you really decide SO's centering of its design around users and their opinion on posts was a mistake, or perhaps just not a good fit for a more generalized discussion board?

Not long ago I was reading a recent discussion on reddit's woes and the hiring of a new CEO. It made me think how we have seen communities come and go for many years.

Clay Shirky wrote about his experience in 1978: "Communitree was founded on the principles of open access and free dialogue... And then, as time sets in, difficulties emerge. In this case, one of the difficulties was occasioned by the fact that one of the institutions that got hold of some modems was a high school. ... the boys weren't terribly interested in sophisticated adult conversation. They were interested in fart jokes. They were interested in salacious talk. ... the adults who had set up Communitree were horrified, and overrun by these students. The place that was founded on open access had too much open access, too much openness. They couldn't defend themselves against their own users. The place that was founded on free speech had too much freedom."

There are two clear trends. One is that less input and customization tends to grow bigger. Note how Geocities was replaced with Myspace which was then replaced with Facebook and Twitter. These newer systems take away personal freedom of expression and makes people follow a 'prescribed' system, albeit an easier one to use. The other trend is that communities that try to be truly free and open end up either stifled by that openness or give up. The only obvious exception is a platform that allows us to simply filter out everything we don't want to see, which becomes a series of the feared echo chamber. With the excessive amount of data and the build up of complex rules on how information is shared, where does this leave us? It seems that like the famous iron triangle allowing free (and legal) speech with the possibility of diverse opinions, a cohesive group, and growth only allows you to pick two.

It seems to me this is a wicked problem, perhaps unsolvable. But I wonder what you think regarding what other design options exist? Is this even possible with human nature as it is? Which do you value most: free speech, a cohesive group or growth?

Not mentioning The Story About Ping? Heathen.

The country you live in does not decide how good of a coder you are. However, the education you have access to is much more influential, and that typically has a geopolitical correlation. For one thing, speaking English as a native language will give you an advantage over non-English-speaking coders, because almost all programming languages have English keywords, and almost all documentation is available in English first. Refer to that well-known quote about Linus Torvalds commenting his code in English because it didn't occur to him not to. Heck, read the whole article, JA says it better than I could.

Yes, it doesn't seem to offer any advantage over menlo

I've never really been a big fan of Menlo, the characters just seem... fat to me, the weight is too high. My preferred coding font is Consolas.

I don't want this to transition into an 'I am right' contest, but you're making strawman arguments. First, it makes sense to take a snapshot and put it in a message (email, IM...) directly. Don't project your usage patterns onto others as exclusive or 'right'. Also, there are four-key shortcuts for screen capture, should my response be, you should CERTAINLY know about them? You emphasized the word GROUP as if it was something novel, but if you take a look, I also referred to the chords in plural.

I've been using emacs, and have also used Linux, so I'm OK with key chords, mkdir and similar, but having a shortcut isn't an excuse for inconsistent design. Haven't used OS X that long, so while the command-shift-N doesn't shock me, I haven't known about it, so ultimately your message was informative.

An operating system is not just for techies, but also for people who just want to do something, and in the process, create a folder, and maybe they don't even know what a keyboard shortcut is. I believe that it's puzzling that the 'as List' and 'as Coverflow' views in the folder don't even have a context menu item for making a folder, while the 'as Icons' and 'as Columns' do; and these four options are interleaved, so the logic of why it works eludes me, tho I haven't analysed it. There might be some good reason but as someone who has programmed since the 8 bit era, and used old Macs, and iOS devices, and bought into the hype about how Apple design is great, I definitely expected OS X to be more intuitive than my experience turned out to be.

Another example: if you minimize a window, then select the application with the alt-tab, it won't actually switch to the previously minimized window of the application. It takes extra steps to get it back. Someone who was an expert OS X user, and a developer, told be this when I asked, how he handles this: 'I never minimize windows'. Interesting. Ah, and don't accidentally touch the mouse while doing the command-tab - it'll hijack the application selection.

Yet another example: you can't maximize a window. Yes, there is what used to be the green button (now just the rightmost of the three identical, unmarked circles), but it doesn't stretch the window edge to edge: it puts the desktop into some other 'presentation' mode, and the previous navigation modes will be all weird, especially with multiple monitors, multiple desk spaces and/or multiple documents within the same 'app'. Command-tabs will make windows zoom around, and it's all pretty haphazard and definitely not intuitive, but let's stick to screen maximization. I can manually adjust the edges to the side of the window. Also, if I previously double-click on the top bar of the window, it'll maximize it at least vertically.

So okay, I manually move the window edges to the sides of the desktop. By grabbing the window edge. This, of course, implies that when I want to use the scroll bar (yes, sometimes useful), I can't just flick the mouse all the way to the right side with a quick move, click and expect that it moves the scrollbar. Because, if I flick it to the right, it'll actually still be the window border. So I have to flick to the right, then MOVE BACK A LITTLE. The Mac is intuitive and efficient like that.

There is Fitt's law, explained here, for example: http://blog.codinghorror.com/f...
The above usability problem implies that the designers of OS X haven't considered it important, and that's OK, but there isn't a real alternative. You either have a dumb full-screen window - even if you have a 32 inch monitor - or you must resort to tweaking and adjusting window borders manually. In Windows, there is snap to the side, snap to top, etc, not to mention the split screen and other attempts.

I took a quick glampse, and there seem to be a bunch of workarounds to solve what Apple hasn't solved: https://news.ycombinator.com/i...

Clicking on a promising link (ca

I can't understand why they hang on to the top menu bar for app menus though.

That's easy. Fitts' Law. Putting menus on the edge of the screen makes it easier and faster to select the menu.

More than likely, a CS major can code. Almost certainly a Computer Engineer can code. Lots of people can code.

Are you sure about that?

I've been reading Fivethirtyeight.com since back when it was an expert blog on statistical analysis of polls. I guess that's not what it is any more, but I still read it.

I still read CodingHorror, although Jeff's output has gone way down since StackOverflow took off (or since he starting having kids. I'm not sure which was the real driver).

But I think for the most part youtube series have replaced a lot of my blog reading.

Given that especially IT jobs get an incredible number of applications from utterly non-qualified people (see http://blog.codinghorror.com/t...), these statistics would not tell us much. Also remember that those with the worst qualifications write the most job applications, skewing the numbers further.

Just to add to your comment, there are beginning of studies that claim they can distinguish between those who can from those who can't as early as first day of school.

Shachar

I agree that many people can play instruments if they work hard enough at it, but I don't think that you can draw a direct comparison between something like playing violin and programming.

I think that the music equivalent of programming would be something like song writing or composing. With playing a song, your are really just following the instructions that somebody else gave you, like following a recipe in a cook book. Most people can learn to do this well. However, composing an original piece of music is more like making up a recipe of your own from scratch and having it turn out well. I know people who are very good at following recipes and make amazing food, but who are unable to figure out which spice to substitute for another when they are out of an ingredient. Or are unable to take a random bunch of stuff they have left over in their cupboard and turn it into something good.

Relating this back to programming, I think that programming is quite hard to grasp for a lot of people. It's easy enough for them to grasp the basics. Tell them the exact specifications of small function, such as "write a function that removes all the vowels from a string", and they could probably do a pretty good job of it. However, give them a larger problem without a direct answer, like for instance, "write an application that allows 2 users to send messages to eachother" and they are completely lost. They have no idea how to plan out the application and will probably take 10 times longer to complete the project than a good programmer would.

There's a huge problem, even with people already working in the field, who can't do something as complicated as Fizz Buzz. That should be a simple function, and yet a lot of people fail even this simple test.

You just want to believe that you're somehow special because you can write computer programs.

Sorry, no. You should be able to smell your own bullshit, because I sure as hell can.

I was told about the double-tassel distribution by no less than three people with PhDs in CS who taught at university, all in my first year of university.

I can cite references, can you?

I have no need to feel myself as being some special little snowflake because I learned how to program. It certainly isn't something which I feel should be restricted to a specific group of people. But I sure as hell believe that in a random group of students you will not see results which follow a bell curve.

I have seen the grade distributions in classes I've marked, been told this by people who taught CS for a very long time, and seen it in classmates.

You can like it or not like it ... I simply don't give a shit. But that it's a real, documented, and oft-referenced thing has been true for decades. Is it 100% indicator? I honestly have no idea, because I've not studied it.

But if you think I'm pulling it out of my ass or because I want to feel special ... you're a moron.

If this thread is like all the others then we'll get a lot of posts along the lines of how kids shouldn't be taught CS, how if they're not self motivated to find it for themselves then they shouldn't learn it.

I don't think that's the prevalent argument. I think the prevalent argument is that a significant percentage of people can't learn it, no matter how hard they try.

And no, we can't explain what's different about CS that causes that -- so far, we can only measure the outcome. Nevertheless, unless there's some kind of breakthrough in CS teaching, making it mandatory for all students is just setting many of them up for failure.

As much as I dislike what Firefox has become, let's not for a second assume that the vocal minority that actually provides advice to your developers is in any way guaranteed to represent the rest of your user base.

Your community can provide feedback to specific cases. It cannot tell you how to design your product. You want good design, hire people with experience in design. You want the ultimate "design-by-committee", let users have a disproportionate access to your design process and watch them fight and fracture the community as they grab for power.

Relevant clicky "Listen to Your Community, But Don't Let Them Tell You What to Do":

http://blog.codinghorror.com/l...

I am not a "programmer", so I would not know from the inside. I do create high-quality software from time to time though, and do the occasional code-review.

My take is that about 90% of programmers have no business being in that field due to lack of talent, insight, passion and general incompetence. Many might have thought this was an easy lunch-ticket, but the central problem I see is that "business" people do not get at all that it requires significant skills and education to create good software and hence hire people that are cheap per hour, but exceptionally expensive with regard to their TCO. At the same time, this causes quite a few people that would be good at it to go into other fields.

Nice reference: http://blog.codinghorror.com/t...

That is why you were not asked about them. In most cases, web-developers are the bottom of the barrel, spotty CS skills at best, no other engineering skills at all. The interview process you experiences tries to make sure the people interviewed are not completely incompetent, nothing more. You are vastly overqualified.

And no, this is not prejudice. I did run into really badly done mission-critical web-applications repeatedly and in different places and tried to find out why they were made so badly. Turns out this is standard. Best so far I found are a couple of web-developers that cannot manage to read and understand the teo content pages of an RFC, where half of the pages are pictures. The one using a self-written bubble-sort to sort an arbitrary large array in Java was also nice.

Also relevant: http://blog.codinghorror.com/t...

Most people can learn how to write a program that works. Few master design. Paul Graham wrote a great essay on design that captures what I mean: Taste for Makers. This is crucial because, as Brian Kernighan said, "Controlling complexity is the essence of computer programming."

I've worked with just a few web programmers and interviewed just a few more. But in talking with friends and coworkers, reading articles, and in general just living in America, I get the impression that a sense of design is not a prominent part of American culture. In general we think that bigger is better, newer is better, and expensive is better. In general these are really bad criteria.

Then again, maybe it's that people can't even program. Jeff Atwood tells about how many programmers struggle with even simple FizzBuzz Questions:

Write a program that prints the numbers from 1 to 100. But for multiples of three print "Fizz" instead of the number and for the multiples of five print "Buzz". For numbers which are multiples of both three and five print "FizzBuzz".

I regard Android as an abomination, basically engineered to geo-locate us, sell us stuff, isolate us from the web, 'give' us tons of mutually incompatible insecure 'apps' all in an unnecessary thick 'sauce' of Java, the COBOL of the 1990s. See also, this rant: http://techcrunch.com/2011/12/... and this: http://blog.codinghorror.com/a.... Of course, it's Google too, though, in principle, open-source, another huge reason to avoid.

So I'm waiting for Linux phones, essentially I probably trust Canonical more than I trust Google. That may make me a fool, we'll see...

How do you think the pineal gland reacted due to inputs conveying this scheme?

Double shot of espresso?

I'll bet it was easier than hunting down the invisible bugs from mixed tabs/spaces or introduced by your editor mangling indentation while moving bits of code around.

Which is easily solvable by setting spaces-for-tabs in your editor (and which I do when working in Python, ... or Java... or C/C++... or pretty much everything because that really solves a whole bunch of issues.)

And violations of spacing/indentation rules are trivially caught by with automated testing/CI, which I do with Jython... or Java... or even C/C++ .... or pretty much everything whenever possible because it is the sane thing to do.

I've only been doing Python for 2 years, including C-to-Python bindings using Python 2.7x, Java-to-Jython/WLST integration (with Jython/WLST being based on Python 2.2), and a tiny bit of Windows automation with IronPython.

Most of my background is Java for enterprise development and C/C++ for embedded/system-level development.

As such, I initially I stumbled across some of the nuisances with Python, the spaces, the lack of a stack trace on exceptions, or the fact that exception hierarchies are slightly, but oh-so-different between Python 2.2 and 2.7. But past those stumbles, I simply use tool configs, procedures and coding standards to deal with them.

And that is the same when I do Java or C++. Each has their own gotchas and effective Java/C++ developers simply do the same - use tool configs, procedures and coding standards to deal with them.

Why would anyone mix tabs with spaces. Use one or the other, regardless of whether you do Python or not. If I see a code base in any language that has that shit mixed up, I know I'm bound to find some other stupid shit in the code.

Why? Because mixing tabs with spaces all over the place, like spelling errors, lack of meaningful comments and/or deeply nested code (arrow anti-patterns), these are all proxies for bad coding practices.

I originally found Python indentation rules to be annoying. After all, how hard is it to auto-indent from an IDE or a command line (or force an auto-indent of code before checking in, or en mass before merging back to the trunk)?

But you know what, people are idiots, and I've learned IN GENERAL not to expect them to write clean code (nor tell clean code from apple pie.)

It is still possible to write horrible Python code, but it is a lot harder to do so in it than in Java or C++ or C#. I would still have preferred to see Python having start and end markers for blocks (a-la begin/end or curly braces) on top of indentation rules.

But it is still a good compromise. Hard to see where code blocks end? Increase indentation. Better yet, refactor that shit out. If I see I have a harder time telling the end of a block, chances are that block is already large (time to refactor out), or that there is a lot of code around it (time to split it into better levels of abstraction).

You know, the kind of stuff we are supposed to do in any language anyways.

Besides, accidental violations that render Python code invalid, those things are trivially solvable by doing shit we are supposed to be doing anyway (namely, avoiding mixing tabs and spaces, automated testing, keeping code small and at least dry-run your shit before committing it to source control.)

I'm not saying programming in Python is Nirvana (for some things, it truly sucks.) But some of the things people complain about, they are just asinine complains for shit that broke because, on a fundamental level, they are not following good industrial practices IMO.

... regarding feedback, see bret Victor on this. Computer programming is different from building bridges because every time you change code you change everything that interacts with it. Whereas the laws of nature for bridge building don't change, every time you modify code you end up having network effects that effect every instruction afterward.

http://blog.codinghorror.com/v...

Since most (non multi-core) code happens sequentially. To see this, imagine an extremely simple computer with only a few KB of memory, all you are going to do is draw something. Every time you add more code, you change the nature of the problem, this is hard to see but the best way to visualize it is as a "ring" that expands or contracts vs the computers resouces. We'll use a metaphor for hitting targets for the goal you want to accomplish: Say the target you want to hit is a circle of a given size and everytime you grow the ring (code) you begin to miss the target (aka the ring grows because of more work/timing/etc). You have to stay roughly the size of the fixed target but you don't fully grasp the nature of the problem, partially because the feedback process is broken with coding tools and performance against the problem (requirements) you are trying to solve is unknown until implementation.

I agree with the idea to study mathematics, as a useful exercise, that would in many cases benefit programmers by giving them a good mental workout, and hopefully reinforce if not expand their understanding of mathematics, logic, and reasoning.

Beyond that I would argue for the study of writing, in a natural (human-oriented) language of your choice.

Programming as a profession, and as an art, is about the meaningful expression of ideas; in a detailed, unambiguous manner that can be processed by a computer. Programming languages are tiny, simplistic, and restrictive in their ability to express ideas, and the execution of these ideas. Writing in a natural language is much more complex, particularly when you strive to remove undesired ambiguity*. The other issue is that as a professional, programming is not done in isolation. Even if you are an independent contractors, you must be able to communicate effectively with clients and users.

*) Ambiguity can be desirable in humor and poetry.

I think that any programmer can benefit from the abilities to make logically sound, comprehensible arguments in a written document; that these abilities will make them better in their ability to understand, and be understood by users, customers, or colleagues.

The argument has been made in the past by Steven C. McConnell in Code Complete, in The Pragmatic Programmer by Andrew Hunt and David Thomas, Coding Horror by Jeff Atwood, and Joel Spolsky (of Joel on Software) in his Introduction to Best Software Writing I and College Advice. And like tons of other software developers, and their managers; repeatedly.

You see, communication is the only really important aspect of software development that people really have trouble with. The rest are details and small bugs, but for really big screw-ups you need miscommunication (or greed)

That is a great point !

Yes, they really need to look at the same programmer across procedural, functional, and OOP languages. In my experience programmers that don't understand how to use C well tend to be very poor Java, etc. programmers. :-( Understanding low levels such as memory usage and cache performance, the ability to read assembly, and knowing concepts such as register spell and branch prediction, while not "necessary" for the modern programmer all help you to be a much better programmer by understanding what the machine is doing. People who suggest "Just throw memory / cpu / hardware at a problem" are piss-poor programmers.

However consider the majority of programmers 0.5% can't even grok a simple 4* case if-then statement of FizzBuzz ....

* http://blog.codinghorror.com/w...
* http://c2.com/cgi/wiki?FizzBuz...

... then I would say the bigger problem is teaching programmers to have critical thinking. Stop over-engineering everything. Here is an article on "Criminal Overengineering."

* http://coderoom.wordpress.com/...

This is the reason modern programs chew up megabytes of RAM and people _still_ are waiting on a GHz CPU.

Somewhere along the way we lost the importance of K.I.S.S. -- Keep it Simple Stupid.

--

* The 4 cases are:

  1. n mod 15 = 0, print fizzbuzz
  2. n mod 5 print buzz
  3. n mod 3 printf fizz
  4. default: print n

After all, Real Programmers can write FORTRAN in any language.

I'd be more impressed if they could write APL in COBOL (or vice versa).

I wonder if you can do an analysis of code bases across languages for the same team? I regularly write significant amounts of C++ (these days, C++11), Perl and assembly language. Those are three rather different languages, with strong, weak and largely non-existent type systems, respectively.

Of course, all three languages also open themselves to a wide range of programming styles, and I imagine if you picked any other set of languages you could make a similar statement. But if you measure the same programmers programming in across them (assuming a reasonably high level of proficiency in all of them), then perhaps you can determine what portion of the effect is due to the programmer vs. due to the language.

After all, Real Programmers can write FORTRAN in any language.

My guess it is mostly from people that find learning languages really, really hard and that try to get by with one (or sometimes two) languages, like Java and JavaScript. When these people are told "why not do COBOL?", they immediately freak out, as they are reminded that they are not really programmers, but 1-trick-ponies and actually have really no business producing software because they suck at it. And then they feel that COBOL is not something new and it is safe to lash out at it. Unfortunately, these people represent the majority of all "programmers": http://blog.codinghorror.com/t...

Conversely, competent programmers will just see it as yet another language and learn it at need and without any issues in a few weeks. A friend of mine once had to learn APL (the one with the bizarre symbols) and even that did not take more than a couple of weeks to become productive.

A working programmer and a computer scientist are two different things, but the computer scientist should be able to write a basic program:

A surprisingly large fraction of applicants, even those with masters' degrees and PhDs in computer science, fail during interviews when asked to carry out basic programming tasks.

For programmers, this is a basic test, but when a computer scientist can't do something this fundamental, it calls their higher-level qualifications into question; and even if it doesn't, it makes you worry that their architecture or design will consider real-world issues and implementability.

While that certainly plays a role, it is a minor one. It does stand in the way of solving things, but if you do not have developers that can do secure software engineering competently (and that is the normal case), then giving them too little time and money to do secure software engineering does not matter. The other thing is that people that actually understand software security are much less likely to declare something finished or secure than those with only a superficial understanding of things. Software security really is an additional, and exceedingly hard to obtain, qualification. That most "programmers" these days struggle even with simple things (see http://blog.codinghorror.com/t... , for example) is not the root cause.

And here is an article on Dictionary Attacks by Jeff Atwood. Notice how nowhere in the article does he mention anything about already having password hashes? And here is the original article from Wired about the very dictionary attack used against Twitter which is the context of Jeff's article. Here is a nice relevant quote:

The intrusion began unfolding Sunday night, when GMZ randomly targeted the Twitter account belonging to a woman identified as "Crystal." He found Crystal only because her name had popped up repeatedly as a follower on a number of Twitter feeds. "I thought she was just a really popular member," he said.

Using a tool he authored himself, he launched a dictionary attack against the account, automatically trying English words. He let the program run overnight, and when he checked the results Monday morning at around 11:00 a.m. Eastern Time, he found he was in Crystal’s account.

Notice how that quote or even the rest of the article makes any mention of the attacker already having hashes yet it was still called a dictionary attack.

IP banning is less effective against a DDoS using a botnet of thousands of compromised home PCs.

Already mentioned in another post. At that point, you just lock the account entirely and just ignore any and all further login attempts into you can get in contact with the account holder and work out things from there. It's an inconvenience for them, but much better than a breach.

Someone who wants to keep a legit user from being able to use the service could just log in a few times with an incorrect password and then repeat a few minutes later. Each IP would DDoS a separate user.

Better they be kept out of the service for some period of time versus their account being breached. You can also get around this by some sort of whitelisting mechanism paired with a two-factor authentication.

It's amusing how everyone is telling me that my ideas are bad yet they are basic security measures that almost every decent website and service use. I can even name drop Jeff Atwood to back me up as well:

Limiting the number of login attempts per user is security 101. If you don't do this, you're practically setting out a welcome mat for anyone to launch a dictionary attack on your site, an attack that gets statistically more effective every day the more users you attract. In some systems, your account can get locked out if you try and fail to log in a certain number of times in a row. This can lead to denial of service attacks, however, and is generally discouraged. It's more typical for each failed login attempt to take longer and longer, like so:

http://blog.codinghorror.com/d...

And even Bruce Schneier agrees and quotes the very same article:

Bad Password Security at Twitter
Twitter fell to a dictionary attack because the site allowed unlimited failed login attempts:

Cracking the site was easy, because Twitter allowed an unlimited number of rapid-fire log-in attempts.

Coding Horror has more, but -- come on, people -- this is basic stuff.

http://www.schneier.com/blog/a...

So are you guys going to tell me how Jeff Atwood and Bruce Schneier are idiots and don't know anything despite the fact that what I said is basically parroting their own suggestions?

I used to agree with your sentiment, but by now I think it is not doable. And in addition you get a lot of almost completely incompetent people that think they are programmers because they manage (sometimes) to write simple code. This describes the phenomenon: http://blog.codinghorror.com/t...

I fully agree that people need to learn that programming is hard and that people that can do it well are valuable. But this will have to go the way other hard professions became known to be hard, and that is high standards for entry.

Better ... http://blog.codinghorror.com/p...

Interesting response: http://blog.codinghorror.com/p...

Although personally I still avoid PHP whenever possible.

How about Core War?

http://en.wikipedia.org/wiki/C...
http://www.koth.org/info/akdew...
http://blog.codinghorror.com/c...

JS is NOT a big contender for PHP, because it isn't the functional equivalent of the double-clawed hammer.

The unwashed masses gravitate to PHP because it is very easy to get something running and imposes almost no restrictions on the developer. Thus, we get nightmares like phpBB and vBulletin.

The problem is the other way round: Far to many people that have trouble handling the basics fancy themselves to be "programmers". Just read this and be surprised: http://blog.codinghorror.com/t...

This blog-posting is not too pessimistic. If these people were doctors, they would fail at applying a band-aid.

everal people have recommended the Gang of Four book because.. it's a perfect fucking book for software engineers.

It's a terrible book that has caused more harm than good.

Further, how do you suppose it's useful for software "engineers" when the book has extremely limited applicability? (It's not language agnostic. A point even the authors admit.) What about the lack of research behind their "discovery" of those "patterns"? Let's face it -- it's nothing more than another programming self-help book that happened to catch-on.

A Pattern Language

Ah, the book from which the GoF borrowed their title, and completely misunderstood.

• Ability to read and follow a specification. For instance, for "fizzbuzz" will the candidate remember to print the numbers which fail both modulo tests, and not print the number when one of these test succeeds?
• Familiarity with language of choice/test. The second example, as given, would require one to cold-recall the order of arguments (and return value) to a very common library function; properly coding the boolean logic example requires writing a variadic function.
• Coding practices and problem solving skills. A test with multiple solutions (or at least, seeming to support multiple solutions) allows you to see the candidate's thought process.

As the parent poster stated: you probably can pass this sort of test and only be a 40%-skill programmer, and many 90%-skill programmers would fail at least one of the above tests. However, the how and why candidates 'fail' (did you ask for clarification, or just rush in? Did you mis-read the requirements, or not think the problem through? Does your code contain a fencepost error?) is just as revealing of desired skill set as any 'success'.

And did you look at when that was written? 2012 or three years ago.

Worse look at http://blog.codinghorror.com/t... and what do we find? The same person who was talking how bad SSDs are using one as his boot drive. :)

_Your_ tale of completely flawless SSD operation is anecdotal. What uncited "collective wisdom" gains a Code Horror post? Every SSD hard drive that I've owned has failed within a year, and I don't see the value in that when <spoiler>my neighbor's Windows 98 box still chugs out IE6 within 10 seconds.

Actually, it will matter very little, as most people (85-90% or so) cannot learn to program well, no matter what. Sure, it is nice to give the few that can some pointers early on as to what they may like doing later, but the bright ones will look at salaries, place in corporate hierarchy and social prestige and most will stay away from a CS career as a consequence. The few good ones that remain will have a passion for CS and would have found that without school as well.

What this may achieve though is to increase the large number of folks in CS that have no business being there, with low or negative productivity and keeping salaries and employment opportunities for the ones that are good down. If you do not believe me regarding the skill level of most "programmers", then read this: http://blog.codinghorror.com/t...

So IMO, this is a really terrible, terrible idea.

Most programmers these days are "small skill". I blame IDEs and languages that coddle them and let "small skill" people produce something resembling code without understanding what they are doing. http://blog.codinghorror.com/t... is an eye-opener.

Not only is it hard for people to learn new skills later in life, but coding is something that requires a certain aptitude. Sure, some coal miners might be able to learn how to code, but I would think very few of them could. If they could, they wouldn't be working in a coal mine. There's plenty of people who chose programming as a career and yet still can't program their way out of a paper bag (fizz buzz), I don't think the chances of most people from non-technical fields are good at all.

In the 70's we did not need degrees to get most jobs. We still do not need degrees to work most jobs, the tools have gotten more complex, but their interfaces remain as easy and teachable as ever through on the job training, if not more so. In fact, at many fields where they've contracted my computing related solutions I put in place systems that require ME to know the jobs of their workers better than their workers themselves, and yet I am a software and hardware architect, not a chemist. I overheard a chemist new hire being told, "You got a degree, that shows you were interested. Forget that stuff you learned in college, you'll learn our process and as long as you didn't flunk highschool chemistry, you'll do fine."

Degrees can be seen as a barrier to entry to the poor who self educate. The final exam itself is problematic because degree mills exist. This is true even in the field of computer programming. I have met masters of computer science that can spout mountains of complexity theory but can not code anything more complex than what I teach 12 year old children at the community center on alternate weekends.

Don't you see? This is the Information Age. College degrees are unnecessary. Colleges are no longer the noble institutions they once were in the 70's when you didn't need a degree to get a job. They should be elective learning centers, not defacto requirement for employment. Now they sadde people with large debts and useless mandatory studies to extract more wealth, and even their corporate co-conspirators leverage the degrees for their devious ends. That's why even though much research has shown that even 60 year old coders run rings around newbies, corporations value "new degrees" in new languages or platforms -- ignoring that the experienced developer picks up platforms and languages without needing degrees as a matter of doing their job. The younger guy works harder instead of smarter, but their insurance is cheaper: They want young obedient singles. That's why you're dead to silicon valley at the child raising age of 40...

Colleges have become political social justice indoctrination camps where new ideas and research are stifled in the name of ideology. The stench of the dark ages shrouds these idealogical echo chambers. We need to dismantle these gatekeepers of employment before we find ourselves in an even darker age. Granting colleges defacto monopoly over white-collar employment is folly: Power corrupts, and brother, they are rife with the stuff. We need to outlaw the final exam, and use Entrance Exams to PROVE you know what you need to know to do the job you'll be doing. Many jobs do this already, so that means requiring a degree is merely a means to discriminate on the poor who could not afford college but are self educated at or above said degree's level. College degrees have become a system for oppression. They have become a means to force workers to compete amongst themselves ever more desperately as they become increasingly unable to afford exorbitant tuition fees.

The rich corporations take huge tax breaks then cry out for more H1B visas to employ lower pay foreign workers who's credentials mean even less than those in the USA and further drive the ROI of college investment down for local workers, when in reality, there never was a shortage of STEM workers. Now that the economy is crying the ROI of college is lower and it becomes apparent that the self taught billionaire drop-outs might be onto something. It's not that kids should drop out and expect to become rich, but instead that it's stupid to pay a college to teach them what they already know. They can start makin

The best part of using SSD's? You learn to make your backups religiously, because they will die and they will die fast. I have some very long-lived SSD's in production (SLC) but each one that I've had fail (I have a stack of about 20 on my workbench which may or may not go back for 'lifetime warranty' claims - do I really want replacements of crappy SSD's?) has gone from perfect to unreadable in minutes.

2014 and they're still Hot & Crazy.