Slashdot Mirror

← Back to Domains

Domain: worsethanfailure.com

Stories and comments across the archive that link to worsethanfailure.com.

Comments · 100

  1. Re:Alexa's Spiders by Quietust · · Score: 1 · on The Real Problem With Alexa

    Ah, so you're the one that got bitten by The Spider of Doom. Or at least you're another person who got bitten by a variant of it.

  2. Were any of them REALLY successful? by Quietust · · Score: 1 · on Identifying (and Fixing) Failing IT Projects

    One almost has to wonder if the current 35% "success rate" is for truly successful projects, as opposed to ones where the only criteria for success was completing it. An article from WorseThanFailure (previously TheDailyWTF), originally intended to explain why the site's name had changed, does a nice job of explaining just why "success rates" can be misleading.

  3. Website That i LOVE by nytrokiss · · Score: 1 · on Any "Pretty" Code Out There?

    http://worsethanfailure.com/Default.aspx This site is very funny and all about bad code!

  4. Re:Surely we all saw this coming by RuBLed · · Score: 2, Informative · on Microsoft's OOXML Formulas Could Be Dangerous

    My dear friend, I am quite sure that at the very least, you are not a reader of http://worsethanfailure.com/ There's still hope and time for those who are yet to be welcomed to the fold. My friend, read and be enlightened...

  5. Re:Thanks for the quick review by Bake · · Score: 1 · on Forget Math to Become a Great Computer Scientist?

    ...extending Boolean logic with a third value...

    Sorry, that has already been done: http://worsethanfailure.com/Articles/What_Is_Truth _0x3f_.aspx.

  6. Re:Anti-Intellectualism by dblyth · · Score: 1 · on Forget Math to Become a Great Computer Scientist?

    You're right on the point. Take the math/science out of Computer Science and you end up with 98% of all of the examples posted to http://worsethanfailure.com/ -- people writing solutions purely to convert inputs to outputs without any thought put in to doing it the best/easiest/cleanest/most extensible/etc.

  7. Re:Idiots by m94mni · · Score: 1 · on National Archive File Format Time Bomb

    Been there, done that.

    http://worsethanfailure.com/Comments/Classics-Week -Immaculate-Backup.aspx

  8. Re:WTF by Hognoxious · · Score: 1 · on Recognizing Your Own Handwriting As A Password

    But I think there should be an option "C," though that would make this not a real t/f question:
    C) WTF?!
    As any fule kno, a boolean can have one of three values: true, false, or file-not-found.
  9. Re:A good explanation by The+MAZZTer · · Score: 1 · on Major Flaw Found In Security Products

    GET isn't the problem. It's not requiring authentication for delete actions!

    http://worsethanfailure.com/Articles/The_Spider_of _Doom.aspx

  10. Re:Internet Explorer 6 by Anonymous Coward · · Score: 0 · on Opera 9.5 To Fully Support CSS?

    But what about poor developers who try to make it work for IE?

    http://worsethanfailure.com/Articles/A-Plea-from-t he-Heart.aspx

  11. Re:Wow! by SEMW · · Score: 5, Funny · on Microsoft To Change Desktop Search After Google Complaint

    You have a point. There is indeed a hint of WTF in this story. I mean, we're not talking about middleware like WMP here -- we're talking about finding files on the user's hard drive. If that's ruled to be no longer a core OS function to the extent that Microsoft are legally obliged to offer alternatives to it with the OS, you have to wonder what's next...

    Newswire - 21st June, 2017

    Microsoft (Nasdaq:MSFT) has announced they will be bundling the Linux kernel with Windows as an alternative to their own, after a 490-page antitrust complaint was filed by the Linux foundation. "We are extremely pleased with this development", Linux kernel BDFL Linus Torvalds was quoted as saying. "For too long have Microsoft been able to get away with forcefully bundling the NT kernel with their OS, forcing other products out of the market in clear violation of antitrust law as it applies to convicted monopolists. No longer!"

    This development is not without precedent. After the original case in 2007 forced Microsoft to offer alternative hard drive search tools with the OS, a ruling in 2009 following an antitrust complaint by Stephen Oberholtzer had them bundling an an alternative to the Windows calculator. By 2014, after the famous Litestep case had Windows presenting the user with a choice of window managers on first boot, some have said this step was inevitable.

    Asked whether there was any truth in the rumours that Richard Stallman was secretly preparing a dossier to set out the case that Microsoft had failed to offer enough choice to the consumer with regard to product names that feature recursive acronyms and references to     Flanders and Swann, he declined to comment.

  12. Re:Strange.. by adamofgreyskull · · Score: 1 · on Games They'd Like Us To Forget

    Brilliant, wasn't it?
    Don't you mean: Brillant ?
  13. Re:Code Release by smittyoneeach · · Score: 1 · on What Microsoft Could Learn from OSS and Linux

    but who really wants to implement things like
    An entire website exists for the purpose of exploring this question, and the various baroque-en answers thereto:
    http://worsethanfailure.com/
  14. Can't think... by Anonymous Coward · · Score: 0 · on Memory Checker Tools For C++?

    After seeing some of http://www.worsethanfailure.com/ OMGWTF C Calculator Contest submissions today, I do believe you could get some fine examples of what you're looking..

    *hides*

  15. Re:KISS it by Sir+Toby · · Score: 1 · on RAID Vs. JBOD Vs. Standard HDDs

    > Another issue, RAID is NOT a backup solution

    It (RAID1) can be, with some caveats. Just 'fail' one of the mirrors and take it off site (same as you would a tape).

    I'm sure it works very nicely in some situations. Just don't do it like these guys.
  16. Re:The whole article is -1 redundant. by mstahl · · Score: 1 · on How to Keep Your Code From Destroying You

    The whole article is -1 redundant.

    You'd think so, but I think there are enough examples out there to show that there are a lot of people out there writing sub-standard code and thinking there's nothing at all wrong with it. There have been a lot of times when I was tutoring computer science in college where I'd ask a student, "Just what in the hell were you doing here?" and point to some ridiculous incantation in their code.

    In particular I think people ignore that last two when they're in school, because everybody wants to look impressive and figure out the "best" way to approach the problem at hand. What takes maturity and experience to realize, though, is that elegant simplicity will always win above arcane obfuscation.

    I'm not defending bad code here. I'm just saying it happens so often it's hard to really hard to criticize so much.

  17. Ah, yes. Enterprise. by Anonymous Coward · · Score: 0, Flamebait · on 8 Reasons Not To Use MySQL (And 5 To Adopt It)

    I know all about enterprise solutions. Those guys over at dailyWTF?! can't shut up about them. Every developer should model himself after what Enterprise Pushers say, because they obviously know best. XML, COM+ and J2EE for teh people!

  18. Re:Just get prints by Phisbut · · Score: 1 · on A Digital Picture Frame Without the Lock-In?

    I think that's the problem with Slashdot and other sites. Too often, I see suggestions that only make sense within the "bubble" of that site.

    That sure sounds like the Complicator's Gloves story.

  19. The complicator strikes again by LizardKing · · Score: 0, Troll · on A Digital Picture Frame Without the Lock-In?

    Over at the Daily WTF, they have an article titled The Complicator's Gloves. Perhaps the submitter of this Slashdot article might want to give it a once over, and if the message still doesn't sink in PRINT THE F*CKING PICTURES OUT JUST LIKE YOUR MOTHER WANTS.

  20. Re:Don't trust any bank that relies on credentials by SEMW · · Score: 1 · on IE Devs Criticize Bank Security Vulnerabilities

    Somewhere, the hashes are stored. Find those and the solution presents itself. No they're not, they're hashes; they're produced on-the-fly with a hashing algorithm from a combination of the hardware GUID and the encryption key. Since the dongle and the bank's webserver would both be using the same (probably open-source) algorithm, the hashes they produce would be the same, hence they can compare them to verify security. Every 30 seconds the hash would be discarded and a new one generated from a new (randomly generated) encryption key that's sent to the dongle encrypted with the previous encryption key. The only stored list necessary is the table of user's login name / customer number / whatever against their hardware GUID; but even if this was compromised it would not affect the security of the system since a cracker would need the hash, which is produced with the encryption key as well as the GUID.

    OK, so it's not impenetrable. In theory, someone could compromise the encryption used and find a way to analyse the radio waves in order to guess the encryption key. This would, however, be very difficult since the data being sent over radio would be a repeated (say) 256-bit key -- it's not like when the attacker finds the right key the stream will resolve itself into human-readable text, one 256-bit length of highly entropic bits looks much like another, even if someone does find a way to brute-force a 256-bit key in 30 seconds, which is pretty unlikely. If someone *does* crack AES (or whatever), it's not like people won't know about it -- the current state of vulnerability of the well-known encryption algorithms is widely known. The bank could just recall the dongles and release new ones which use whatever 2050's favorite encryption algorithm is.

    The point is, if I put a file up on the internet, encrypted with easily available tools using highest security and a highly random, good-length password, I can be pretty damn sure it won't get cracked open; within a few years, at least. 30 seconds is easily a short enough time.

    All that said, however; you're absolutely right, it won't work.

    Why?

    Human stupidity.

  21. Re:Right what we needed by the+hermit · · Score: 1 · on Research Team Makes Quantum Computing Progress

    True, False, and File Not Found.

    -the hermit

  22. Re:Right what we needed by MajinBlayze · · Score: 1 · on Research Team Makes Quantum Computing Progress

    Or, True, False, FileNotFound

  23. Re:Right what we needed by micksam7 · · Score: 1 · on Research Team Makes Quantum Computing Progress

    enum Bool
    {
            True,
            False,
            FileNotFound
    }; :)

    http://worsethanfailure.com/Articles/What_Is_Truth _0x3f_.aspx

  24. Beware of the complicators!!11!! by chthon · · Score: 1 · on Microsoft Invents Split Screen PC

    Stupid engineering ideas

  25. Re:We should go beyond sudo by chthon · · Score: 1 · on Microsoft Says Other OSes Should Imitate UAC

    Beware of the complicators

  26. Re:Yes. by mkbosmans · · Score: 1 · on Worrying About Employment Contracts?

    Be careful though with the striking trough. It can get you in a lot of trouble [TheDailyWTF]

  27. Did they perhaps build it in MUMPS? by Yoozer · · Score: 2, Funny · on Big HMO Jolted By Email, System Failures

    More horrors than you want to imagine.

  28. Re:IT staff by ruffles321 · · Score: 1 · on Hi, I'm a Mac, and I'm Your Enterprise Computer

    We can be driven by business needs, but still, we should choose our path of doing things. Imagine business app written by marketing dept.... kinda like the stories you read on http://worsethanfailure.com/, or worse. Oh, and outsorcing has nothing to do with it, they can ignore the business' needs just as well as we can.

  29. Preposterous. by Inoshiro · · Score: 2, Interesting · on Virtues of Monoculture, Or Why Microsoft Wins

    "Every job has its unpleasant parts, and while a F/OSS coder can skip them a commercial coder can not; if the spec calls for an embedded testing code, for example, or Doxygen comments, you put it in."

    The percentage of non-FOSS which is documented and the percentage of FOSS which is documented are pretty similar in my experience. Perhaps you are unaware of the incredible 95% of software which is developed commercially, but which is not sold in a shrink-wrapped box in Circuit City. Many companies have internal IT departments which couldn't code their way out of a paper bag in VB, let alone document it. Go read the daily WTF if you think I'm lying.

    "s/he might be wrong but at least the product is consistent, and not designed by a committee as it sometimes happens."

    Andrew Morton. That's a name I can think of when I think of someone with vision for a particular FOSS project which are willing to say when things (don't) match their vision. Linus Torvalds also fits this bill. There are similar names in other projects, but I'm most familiar with the kernel.

    "These clones haven't been weeded out by the market, and so many of them are not viable - but they are out there,"

    The weeding doesn't occur at the store level, it occurs at the reputation level. All FOSS stuff is staked on reputation. If you have a high reputation, you are going to be used more and included in more distributions. If you are a crappy app, you'll never see a real user base. Since the programmer is programming for ego (see the somewhat inaccurate women/baby analogy), the programmer should be motivated to produce better work which becomes more popular. The KDE programmers sure seem to have worked to make sure that KDE is useful. The Gnome programmers have also worked towards some mindshare. Given how people used to choose window managers, but now choose desktop environments, I'd say that these programmers have changed the game wrt GUI interfaces on Linux. That sounds much like a market shift, but with eyeballs and hearts instead of money.

    "Effort dispersed, spent on competing projects is ultimately wasted."

    Oh, I'm sorry, I guess you're just a troll. Or you simply don't understand what FOSS is.

  30. Job Interviews by Khammurabi · · Score: 2, Informative · on Tech Sector Expansion Blunting U.S. Job Outsourcing

    I've interviewed job candidates for the past 2 years for a small company and the honest truth of the matter is that most people with CS degrees are horrible programmers. About 50% don't make it past the phone interview, and of those who do, we've probably hired about 20%. We're mainly a C# shop, but we look for anyone with OOP background and if they know a C language or Java we'll phone them up for a pre-screen.

    We require the candidate to do a couple critical thinking and programming tasks during the on-site interview, and you'd be surprised how bad other people's code can be. Three or more loops to collect data that could be done in one. No persistent data storage for objects. No comments in the code. Inability to fix code to the desired standard after being handed a spec. Not testing the code to see if it works (not even a paper run through).

    The critical thinking exercises help us see how an individual tackles and solves a problem. We can discern whether they have more of an academic or pragmatic approach to coding. It also helps us see whether people can catch obvious answers if they're available. We use it to gauge how much direction they'll need if we hire them, and where they'd be immediately useful.

    I doubt most companies are as rigorous as we are in the hiring process, but from my interviews it's blatantly apparent that the individuals who rely solely on academic credentials are at least 1-2 years from being useful to a company. Whereas candidates that do any kind of side project or personal coding on their own are more likely to be useful within a shorter amount of time.

    In summary, learn the latest technologies, bring your OOP skills up to snuff, and do some fun side projects of your own choosing. There are enough free development platforms out there that it shouldn't be difficult to keep your skills in practice. And remember that just because you have a degree doesn't mean you're any good at coding.

    Tip: Go to Worse Than Failure (formerly "The Daily WTF") and learn what NOT to do. So many people we've interviewed couldn't tell us what's wrong with some of the examples listed there.

  31. Re:Stored procedures BAD... story by Hemogoblin · · Score: 1 · on MySQL Stored Procedure Programming
    Do you happen to be a government employee?

    "Our security consultant uninstalled all the stored procedures. They were too insecure."
    "Uh, I can reinstall the procedures, I have the SQL Server CD with me."
    "Get OUT."
  32. You realize the problem is with the trash can... by kalirion · · Score: 1 · on Customers Treated as Culprits in Support Calls?

    When in doubt, tell the callers to move the trash can.

  33. Your daily cup of WTF. by Anonymous Coward · · Score: 0 · on Preparing for the Worst in IT

    Just read Worse than Failure.

  34. Re:Lesser of two evils is still evil. by Sigma+7 · · Score: 1 · on Word 2007 Flaws Are Features, Not Bugs

    Buffer overflows? Create and use a SAFE version of functions... Like.. I don't know? Try snprintf with only the output buffer's size?


    Writing your own version will simply cause duplication of existing functions. However, you can't really use the existing functions unless they are known to be ratified in at least one known standard.

    In particular, I am referring to "safe" versions of sprintf, strcpy, strlen, strcat, sscanf, and other string manipulation functions. There's also a secondary issue with fopen(), which uses a dual-purpose return value (with more detailes in a global variable not guarenteed to be thread-safe) instead of splitting the error from the actual pointer.

    Unless security issues are addressed in a known standard (and I'm having difficulty confirming which variant functions are ratified), I'm writing Windows-only code without even knowing.
  35. Quick! by Some_Llama · · Score: 1, Troll · on Bethesda Investigates Shivering Isles Bug

    Somebody should submit this to http://www.worsethanfailure.com/

  36. Good example of it.... by Col+Bat+Guano · · Score: 1 · on Canadian University Students Taught To Protect IP

    Good example of this here
    Comments have more examples...

  37. Re:Summary of the Corporate Attitudes by AKAImBatman · · Score: 4, Interesting · on Study Finds Cost Major Factor In Outsourcing Positions
    From TFA:

    [The study] asserts that the United States is risking losing its global edge by outsourcing critical R&D and India is falling behind by playing politics with education.

    Duke's 2005 study reported serious problems with the quality of Indian and Chinese bachelor-level engineering graduates, and predicted both shortages in India and unemployment in China. The current report finds these predictions to be accurate, with China's National Reform Commission reporting that the majority of its 2006 graduates will not find work. There are also oft-heard whisperings of a engineering shortage in India, though private colleges and "finishing schools" are going far to make up for the Indian deficiencies, the report said.

    "Respondents said the advantages of hiring U.S. engineers were strong communication skills, an understanding of U.S. industry, superior business acumen, strong education or training, strong technical skills, proximity to work centers, lack of cultural issues, and a sense of creativity and desire to challenge the status quo," wrote Wadhwa in the 2007 report.


    Thus the basic issue is that you're giving up your best and your brightest who are ALREADY familiar with your business and the local marketplace, and you're replacing them with cheap "yes-men" who have no concept of your business, cultural barriers, aren't even in the same time zone, run effectively unchecked by the corporation, and have little chance of being India or China's "best and brightest". (As you say, those people are making their money elsewhere.)

    For a good feel for what's happening with outsourcing, check out these horror stories:

    http://img.worsethanfailure.com/Comments/Discount_ Enterprise.aspx

    http://worsethanfailure.com/Articles/Of_Course_We_ Tested_It__0x2e__0x2e__0x2e_.aspx

    While not every company sees results this bad, I've heard very few positive reports. And more of those were before the outsourcing "craze", when it was easier to find the competent developers overseas.

    Shades of the tech bubble? Yeah. I'm glad we learned so much from that debacle. :-/
  38. Re:Summary of the Corporate Attitudes by AKAImBatman · · Score: 4, Interesting · on Study Finds Cost Major Factor In Outsourcing Positions
    From TFA:

    [The study] asserts that the United States is risking losing its global edge by outsourcing critical R&D and India is falling behind by playing politics with education.

    Duke's 2005 study reported serious problems with the quality of Indian and Chinese bachelor-level engineering graduates, and predicted both shortages in India and unemployment in China. The current report finds these predictions to be accurate, with China's National Reform Commission reporting that the majority of its 2006 graduates will not find work. There are also oft-heard whisperings of a engineering shortage in India, though private colleges and "finishing schools" are going far to make up for the Indian deficiencies, the report said.

    "Respondents said the advantages of hiring U.S. engineers were strong communication skills, an understanding of U.S. industry, superior business acumen, strong education or training, strong technical skills, proximity to work centers, lack of cultural issues, and a sense of creativity and desire to challenge the status quo," wrote Wadhwa in the 2007 report.


    Thus the basic issue is that you're giving up your best and your brightest who are ALREADY familiar with your business and the local marketplace, and you're replacing them with cheap "yes-men" who have no concept of your business, cultural barriers, aren't even in the same time zone, run effectively unchecked by the corporation, and have little chance of being India or China's "best and brightest". (As you say, those people are making their money elsewhere.)

    For a good feel for what's happening with outsourcing, check out these horror stories:

    http://img.worsethanfailure.com/Comments/Discount_ Enterprise.aspx

    http://worsethanfailure.com/Articles/Of_Course_We_ Tested_It__0x2e__0x2e__0x2e_.aspx

    While not every company sees results this bad, I've heard very few positive reports. And more of those were before the outsourcing "craze", when it was easier to find the competent developers overseas.

    Shades of the tech bubble? Yeah. I'm glad we learned so much from that debacle. :-/
  39. Re:I have my own software by Anonymous Coward · · Score: 0 · on Better Jukebox Software for Bigger Libraries?

    http://worsethanfailure.com/

    'Nuff said.

  40. Security bugs by suitti · · Score: 1 · on What is the Best Bug-as-a-Feature?

    Security bugs are more appropriately names insecurity bugs.

    Lots of security bugs are really insecurity features.

    I had a Unix system where i had a normal user login, but did not have
    the root login. It was noticed that a mail client, usual for Unix,
    was setuid to root - which was unusual. So, it was fired up, and
    then, the shell escape command was issued. Presto. Root shell.
    Very handy.

    The Daily WTF has this kinda stuff:
    http://forums.worsethanfailure.com/forums/

    Any sufficiently advanced bug is indistinguishable from a feature.
    -- Rich Kulawiec

  41. Re:How? by tx_kanuck · · Score: 1 · on Do You Allow Webmail Use on Your Network?

    Then you should read http://worsethanfailure.com/ to see the stupid things engineers do. Just because someone is educated in one field doesn't mean they know another. My dad is an engineer, and has been since he got his PhD at 25. Does that mean he's a computer wizard? Nope. Nor is my Godfather who is also an engineer and ends up calling his companies helpdesk for things.

  42. Re:Wow! by Pseudonym · · Score: 1 · on Is Computer Science Dead?

    Who wrote them? These people.

  43. Re:First hit on a google search by Rodyland · · Score: 1 · on Crazy Non-Compete Contracts?

    Either that, or you can tell your friend to strike out the clause, initial it, and ask the employer to initial it as well. Crossing out clauses, or modifying clauses to make them more reasonable, is another very "standard" practice.



    "Standard" practices in contract negotiations are not always as standard as one would expect.

    http://worsethanfailure.com/Articles/Security_by_I nsanity.aspx

  44. Strike the clause?? by upside · · Score: 1 · on Crazy Non-Compete Contracts?

    You must not alter the contract!

  45. Re:Data Types by Bloke+down+the+pub · · Score: 2, Interesting · on Computer Foul-up Breaks Canadian Tax Filing System

    A date of birth wouldn't be 9 digits by any scheme I can think of
    Maybe they use the date of birth as a a natural key (or part of one) and the extra digit is in case more than one person is born on the same day. Implausible, right? It would be a "solution" to this.
  46. Re:What science? by GTMoogle · · Score: 1 · on Bill Gates Speaks Out Against Immigration Policies

    Don't you mean http://worsethanfailure.com/? :D

  47. Re:Microsoft's open XML format: by atamyrat · · Score: 2, Interesting · on California Joins Open Document Bandwagon

    http://worsethanfailure.com/Articles/XML_vs_CSV__0 x3a__The_Choice_is_Obvious.aspx

  48. Re:Rarely Just TRUE or FALSE by BetterThanCaesar · · Score: 1 · on Windows Genuine Advantage Gets More Lenient

    Give credit where credit is due: http://worsethanfailure.com/Articles/Rarely_Just_T RUE_or_FALSE.aspx

  49. Ah, three-way boolean logic! by Silverlancer · · Score: 1 · on Windows Genuine Advantage Gets More Lenient

    But its still missing some very important identifiers. We must have at least TRUE, FALSE, and FILE_NOT_FOUND!

  50. Re:Related work by MrTrick · · Score: 2, Informative · on Honeynet Delineates Web Application Threats
    No-index is not the issue here.

    As GP stated, you could publish on any webpage a list of links that contain malicious code in them. When Google, Yahoo, and other spiders crawl the links, *THEY* end up doing the attacking. That is rather dangerous, I'd say - it'd be very difficult to track down the person responsible, especially if the original webpage was posted on a zombie server.

    It reminds me of this DailyWTF story: http://worsethanfailure.com/Articles/The_Spider_of _Doom.aspx