Slashdot Mirror

One thing I've noticed about software engineers is that too many of them are lacking the critical statistics skills they need to function effectively. Perhaps it's because we tend to think in Boolean terms of true and false. Thus, "I have a 1:450,000,000 chance of winning the lottery" turns into "I have a chance of winning the lottery", which is a different wording that is remarkably easy to misinterpret as a "50:50" chance, even though both outcomes are statistically equal to false. They apply that same lack of understanding to any risk, including vaccination (a 1:3,000,000 chance of a serious adverse reaction becomes "a chance of a serious adverse reaction".)

This says it all.

Are you Zed Shaw?

At risk of feeding the troll, in what way is protecting my hard work from being co-opted into someone else's pockets "evil"? Or do you have other political concerns that I should know about? Perhapsyou're concerned that people will see the big caping hole in the BSD license that allows all of these shitty startups to get a free ride, and people will start using GPL to cover works...which would mean the jig is up?

If you want to measure something, then don’t measure other shit.

Careful, Zed Shaw is going to find you while you're sleeping and hit you with a statistics textbook.

see Programmers Need To Learn Statistics Or I Will Kill Them All

I don't think that's necessary, but the people who think his post is insightful should read this blog post: http://zedshaw.com/essays/programmer_stats.html

Zed fired off an angry post yesterday after noticing he was slashdotted. It looks like some sort of retaliation swing for the onslaught of pissed off programmers gunning for Zed. http://zedshaw.com/blog/2010-01-09.html

My first thought was is Zed on some heavy duty medication? He seriously has some sort of anger problem going on and a deep seeded hatred toward his idealized concept of the "programmer". Maybe a programmer made him feel bad so now he's got a vendetta. Programmers surely can be dicks. I know because I work with them, but Zed is coming off like a dick programmer times 1000. (I chose 1000 because it's a power of 10.)

If he wants programmers to listen to him and actually change their ways, why doesn't he go with the educator approach instead of going with the approach of flame the world, stomp my feet, and call everyone stupid until they pay attention to me? The best way to get someone to ignore everything you say is to call them an idiot jackass who can't remember anything after 2 minutes. They will kindly oblige by living up to your expectation.

This Zed character may be good at some things like stats but he's damned awful at communication and demonstrating tact. I wonder if he behaves this way on the job, because I would not want to work with such a caustic person. Maybe at work he keeps the anger under wraps and behaves like a great guy, but if I were his coworker I'd lose all respect for him after reading those 2 posts.

"The GPL protects any actual innovator better than BSD style licenses because it stops free riders. See Zed Shaw's explanation of why he uses the GPL: http://zedshaw.com/blog/2009-07-13.html [zedshaw.com] ."

That is nonsense and, if true, it would be ironic that a license that claims to be the champion of freedoms "stops free riders".

The lack of IP protection (nee, the deliberate elimination of IP protection) is not something companies who innovate are likely to embrace.

There is no actual evidence for that - in fact the evidence (academic studies) point the other way. Most of the studies are on patents, not copyright, but it is all the evidence there is.

The GPL protects any actual innovator better than BSD style licenses because it stops free riders. See Zed Shaw's explanation of why he uses the GPL: http://zedshaw.com/blog/2009-07-13.html .

The article gives one actual real life example, and they prefer the Apache license because they prefer the patent clause, not because they want to allow proprietary forks.

BSD style licenses can be better for those who want to accept outside patches and sell a proprietary version (e.g. Django). It is more appealing to the outside contributors than a copyright assignment (like MySQL and ZImbra). In many cases they could also use the LGPL (provided they can cleanly separate the proprietary and open components), and I have no idea why they do not.

Zed, man, we gotta talk. Your site has changed since Slashdot last led me to it. Back then I thought it was black and had huge scrawled letters over the top of it that said "Zed's So Fucking Awesome!" So what happened to ZSFA? Also, now when I click that link you seemed to have replaced your badass rant against people with an apologetic explanation of your "parody" and you won't grant poermission to publish it? That's a shame I quoted the best part on the Slashdot story.

What happened to you, man? You used to be cool! Where's all the in your face swearing and abrasiveness? You used to be hardcore! Your 'music' is so alive with raw power but now your site is somehow more respectable.

And now in your latest rant you're complaining that by writing Mongrel you weren't given a consulting job? You weren't handed a company to destroy? Well, way to stick it to the man, my friend. You seem to enjoy bashing the hell out of developers trying to get a job done for not standing up and screaming "Zed's So Fucking Awesome" but now you are complaining that didn't win you a job.

You, are a great software developer. Much better than I in all probability. You are a complete and utter asshole in nearly every other respect (yes, even in your music) and it should come as no surprise that you cannot land a job on a team. I would not pay money for your projects since I don't use them but I will send you $20 to stay in a hole, write software and restrict yourself from communicating with the outside world. Really, the world would be a better place.

My 2c, this review is entirely the norm for the rails community.

This is a community of 'developers' who spend (so far as I can tell) the vast majority of their time coming up with names (rails, merb, cucumber, etc) and writing blog posts (yes, I get the irony of pointing at *his* blog) about how badass they think are, while writing trivial libraries and using that to trumpet how 1337 they they think they are. Both this review and likely this book should be passed up, along with the rails community as a whole.

*Clue*, when looking for a development community, look for a group of people who spend time *coding* at their conventions instead of a development community who spends the vast majority of their time grandstanding about how awesome they thing they are.

But Rails, that's great stuff!

I don't believe Rails is more crash-prone or scaling-challenged than other platforms.

You can read the Rails is a Ghetto" rant and do a find for "restart". Apparently Rails had a buggy garbage collector.

Business just wants to do what the Federal Government can get away with... What's the problem?

By the way if you mean this in reference to Zed Shaw and ABGs then you should read the link from my sig. I think you will enjoy its out look on production vs. non-production.

A harsher punishment doesn't reduce the amount of crime -- that's a false belief.

I keep hearing this, but it sounds to me like bullshit on its face: If harsher punishments don't do anything, then we could save a lot of money by reducing all punishments to incarceration for a single day. According to this theory, doing so would not increase crime. That seems really unlikely to me, and our experience with rioting (where the probability of getting punished drops, and at the same time, crime increases dramatically) seems to suggest otherwise. You're going to need some compelling evidence and an explanation of how this affects rioting to convince me of the soundness of your theory.

I'm guessing that somebody did a study showing that, for example, an increase in fines for speeding on the highway did not significantly change the number of speeding tickets issued. Or maybe it was a study showing that increasing the penalties for possession of illegal drugs didn't reduce the number of convictions for possession.

Assuming that, let's look at some possible confounding factors:

1. In both cases, it's still fairly unlikely that any particular person is going to get caught, so the expected cost of the illegal activity (penalty_if_convicted * probability_of_conviction) doesn't change much.
2. In both cases, if the people who enforce the law are operating at capacity, then the limiting factor will actually be their capacity, not the number of actual instances of the illegal activity.
3. In the second case (drugs), addiction is involved. For addicts, the cost of quitting is probably quite high compared to the expected cost of the illegal activity, even if penalties are increased. (See #1, above.)
4. Were data in the papers collected through double-blind experimentation? If not, can we account for experimenter bias? (How do you do a double-blind experiment with this kind of thing anyway?)
5. Are the statistical models in the paper sound, and are the calculations correct? Smart people routinely screw up statistics in very significant ways.

That's a far cry from proving that "an increase in penalties never affects crime".

Maybe you should read what some of the senior Rails people say about the product after some years in the field.

http://www.zedshaw.com/rants/rails_is_a_ghetto.html

A hilarious read:

http://www.zedshaw.com/rants/rails_is_a_ghetto.html

Well, silly boys and girls, rails-core ripped off the idea and probably most of the workings for Campfire from NextApp Echo2 ChatClient Demo. I know this because I was in the rails-core IRC channel and I showed them how cool this Echo2 framework was, including that chat demo. A few weeks later they had Campfire and since they say it took them two weeks to write it, I'm guessing they got lots of inspiration.

Well, silly boys and girls, rails-core ripped off the idea and probably most of the workings for Campfire from NextApp Echo2 ChatClient Demo. I know this because I was in the rails-core IRC channel and I showed them how cool this Echo2 framework was, including that chat demo. A few weeks later they had Campfire and since they say it took them two weeks to write it, Iâ(TM)m guessing they got lots of inspiration.

Also, the 400 restarts/day were across probably 60 processes. So
perhaps the drama pitch of "That's a production application that can't
stay up for more than 4 minutes on average" is a key or two stretched
beyond what it can bear.

I wish lip syncing pseudo-technocrats like you appear to be would actually be up to date on semi-current issues. Please read http://www.zedshaw.com/blog/announcing_my_retirement.html.

It would actually be nice for idiots that comment on things to actually have half a clue for once... Due diligence? The people that actually DO due diligence would be pissed for you for clouding the picture.

He's also completely right about the widespread ignorance of statistics which more of should really be concerned about.

To get an idea of what's wrong with Zed, who is an awesome programmer with an obvious ego problem, check out his project Utu. I'll save you the trouble of clicking and just post the first line on the site "The Internet needs more hate. Much more." While the tech is fascinating, it's pretty disturbing when you read the vitriolic reasoning underpinning it and realize how much effort he's put into this.

I found Zed's post yesterday by the way, and consciously decided NOT to post it to Slashdot even though I knew I'd see it here within a couple days because it's NOT NEWSWORTHY. As many people have noted above, him getting pissed off about the people he's worked with. He's obviously not comfortable unless he's doing something different like when he talks about Ragel State Machines and gleefully demonstrates that Rick Olsen doesn't understand Ragel after a quick intro to it (it's in the middle of the document). Zed's a bright guy, but a lot of these people, like Rick Olsen have contributed TONS of high quality code to the community.

Are we really supposed to believe, that this incredibly smart programmer latched onto a technology that is a piece of crap and stayed there for as long as he did without thinking it had merit? His best argument against rails, about DHH having to restart his site 400 times a day is now a non-issue thanks to the software he wrote to fix it. And that portion of the software really had little to do with rails per-se, but rather how rails interfaces with Apache (FastCGI had tons of issues). All it proves is that DHH and the rails core at the time did a shitty job integrating the framework into the web-server, nothing more.

Really, this is just a tragedy, Zed's a smart, incredibly talented person, who just can't handle people, and wound up in some bad situations. It's a loss for the Rails community, but the problem isn't rails, it's Zed.

Funny.

If you haven't noticed, I'm funny and enjoy having fun. Enjoy my site, tell me if you use my projects. Don't take it too seriously though, it's all an act.

I think he is having you all on.

Chris

--I love Ruby, by the way, not that it matters

I agree with you completely on this. And after taking a look at his recent postings on his weblog, I'm now much more convinced that he's probably just someone who's a real irritation to work with.

Fortunately, there's no need to read the long internet-tough-guy pissing-contest to find out what an joy Zed would be to have as a coworker. He has conveniently provided an All About Me section that condenses his titanic ego in a smaller, more easily digested form.

It's titled "Zed's So Fucking Awesome", and proceeds in the opposite direction of humility after that.

Average is an almost useless figure.

This may help Programmers Need To Learn Statistics Or I Will Kill Them All.

> I'm sure that for sites with dozens (or hundreds) of servers, it's more problematic

Although in those cases I'd hope that they'd have everything nicely automated so that pushing out updates is just a matter running some utility that executes the update on all the machines. As Zed Shaw says, "if you're ssh'ing in to your servers more than once a week, you haven't automated things enough."

Of course there will be exceptions - custom installations and whatnot - but hopefully a change like this could just be shoved right out there.

This is Zed A. Shaw here posting as AC since I'm too lazy to sign up.

Just a comment that I appreciate people's feedback and hope that the essay at least gets people talking about common criteria for analysis papers. Whether I'm right or wrong is no big deal to me. Hopefully folks will look at the list and possibly start doing their own (hopefully better) criteria.

And people might also be interested in my essay for an entertaining rant with the obnoxious title of "Programmers Need To Learn Statistics Or I Will Kill Them All". Have fun!

Thanks Aredridel, you're a peach!

There are lots of such tools, including CVS, Subversion (SVN), GNU arch, Monotone, Aegis, CVSNT, Darcs, FastCST, OpenCM, Vesta, Superversion, Codeville, Bazaar, Arx, and Bazaar-NG.

"The better SCM initiative was established to encourage improved OSS/FS SCM systems, by discussing and comparing them. Among other things, see their comparison file. Zooko has written a short review of OSS/FS SCM tools. Shlomi Fish's OnLamp.com article compares various CM systems as does his Evolution of a Revision Control User. The arch folks have developed a comparison of arch with Subversion and CVS (obviously, they like arch). Another pro-arch discussion is Why the Future is Distributed. A pro-subversion discussion is available at Dispelling Subversion FUD. Slashdot had a discussion when Subversion 1.0 was announced. Kernel traffic posted a summary of a technical discussion about BitKeeper. Brad Appleton has collected lots of interesting SCM links. jemfinch has some interesting essays about SCMs (he uses the term VCS), including why he thinks the approach to branches used by Darcs, Arch, and Bazaar-ng is a poor one. A brief overview of SCM systems that can run on Linux is available."

There are lots of OSS/FS software configuration management (SCM) tools. CVS, Subversion (SVN), and GNU arch get lots of press, but there are many others such as Aegis, CVSNT, Darcs, FastCST, OpenCM, Vesta, Codeville, Bazaar and Bazaar-NG.

You might also take a peek at my paper Software Configuration Management (SCM) Security.

• If it were that simple, than there should be no buffer overflows in modern C/C++ programs. But it apparently isn't that simple, for several reasons. Using container libraries costs extra time and effort, and it is less efficient than error checking that is built into the compiler, for example. Also, using container libraries is not something that the C/C++ compilers help enforce; that is, if some module doesn't use it, nobody ever gets warned about it.

• Because of its superior API (closer to higher level languages, and a superset of what C/C++ has to offer) it is Easier to use than the C/C++ alternatives. (The functions do more and do things that other languages have done with strings for a long time.)
• Because of its superior architecture (length delimited) and implementation (uses the fastest corners of the state of the art in C/C++ compiler technology) it is Faster than the C/C++ alternatives. (I've got the benchmark numbers to prove it)
• It comes with the optional bsafe module that creates link overrides to the standard C library functions where buffer overflows occurr most often and which are redundant to functionality in the Better String Library. I.e., deprecation of bad C library routines can be Enforced.
• And, of course, the API is completely buffer overflow safe.