Slashdot Mirror
Guido van Rossum Leaves Zope.com
VladDrac writes "Guido van Rossum, the author of the Python programming language, announced at OSCON last night that he's leaving zope.com, to work for a new startup called 'Elemental Security', founded by Dan Farmer (known from several security tools such as Satan). Guido leaving Zope.com will also probably mean that he will be no longer involved in Zope3 development, but hopefully he'll have more time to spend on Python development." Guido says that he's excited about his new employer, but that nothing substantial will change about Python as a result of the move. "It's just that I'll be working from the West coast." Python is "already quite secure," he says, and will be the basis of an upcoming security product ("just getting started") from Elemental.
You can read his goodbye posting to the zope3 list here
What other projects are being done in Python?
http://mail.zope.org/pipermail/zope3-dev/2003-July /007598.html
Guido van Rossum guido@python.org
Wed, 09 Jul 2003 10:24:54 -0400
Dear Zope 3 developers,
Last night at OSCON I announced that I am moving to California. I
have accepted a new job at Elemental Security, a security software
startup in San Mateo. You may have heard of one of the founders, Dan
Farmer, who is the (co-)author of several well-known free security
checking programs: Satan, Titan and The Coroner's Toolkit.
Elemental is a brand new company, and I can't say much yet about the
product, except that it will be aimed at enterprise security and use
Python. I'm very excited about working with Dan on its design and
implementation.
I'm also excited about moving to California, which has long been a
dream of mine. I'm looking forward to getting together with the many
local Python users and developers once I'm settled; right now, my life
and that if my family is total chaos because we're trying to find a
home and move into it by August 1st.
I will still have time for Python (it's in my contract) and I will
continue to lead Python's development. The other PythonLabs folks:
Fred Drake, Jeremy Hylton, Barry Warsaw and Tim Peters, are staying at
Zope, by the way.
But unfortunately, this move pretty much ends my involvement in Zope
3. I've signed a contributors agreement, but with the new job and my
Python work I don't expect to have much time for Zope. So this is
also a goodbye, of sorts. I've enjoyed working with many of you, Zope
3 developers, and I expect we'll run into each other at some future
Python event.
In the mean time, I'm here at OSCON with a busy schedule and limited
access to my email, and the following weeks I will be in transition,
so please be kind if I don't reply immediate when you write me.
--Guido van Rossum (home page: http://www.python.org/~guido/)
PS. guido@zope.com no longer works. Please use guido@python.org!
That sound you are hearing is a thousand hackers and script kiddies going "Oh yeah?" in unison.
It hurts when I pee.
..known from several security tools such as Satan ..."I'll be working from the West coast".
Please, stay where you are, sir. We have enough problems out here already.
We have the Yopy 3700 and now someone's leaving Zope.com. Has Disney been put in charge of naming things lately? Try the new Dopey 2003(C)!
When you lose something irreplaceable, you don't mourn for the thing you lost, you mourn for yourself. - Harpo Marx
"Python has been an important part of Google since the beginning, and remains so as the system grows and evolves. Today dozens of Google engineers use Python, and we're looking for more people with skills in this language." said Peter Norvig, director of search quality at Google, Inc
Which unfortunately has nothing to do with the ideas behind Python.
It tends to be much more than "strongly-typed effective scripting language" and if there was some big corporation promoting it as development platform(not even providing support, the guys from the team are doing really good job) , you can bet that Java would had one more serious competitor to worry about...
1. No sig. 2. ???? 3. Profit!!!
"Perhaps they could do this by borrowing a few tips from perl, which although slower has code that looks much neater."
Perl code looks much neater than Python?
Are u nuts?
One of the strong points of Python language is its clean and intuitive syntax. Perl is a very powerful language, but its strong point is *NOT* neat syntax.
With python there is no question his importance, 'with out Guido there is no python'.. ( thankfully that wont change, that would be a tremendous loss to the community )
What his is level of involvement with zope? Does this spell a slow painful death or just a minor speed bump.. ( I admit I don't follow *new* zope development so I'm just curious )
---- Booth was a patriot ----
Great! I've been hoarding oxygen and have become increasingly concerned that my neighbors may try to liberate it. Damn free radicals.
Could you clarify what you mean? Python is already fully object-oriented (although it doesn't _force_ you to write object-oriented code, but then neither does VB).
And are you joking about Perl? Perl is widely known for having MUCH messier-looking code than Python, but running slightly faster on certain tasks.
-Billy
Python _is_ more object oriented then VB. VB6 is object based, since there is no inheritence. (and python supports single and multiple inheritance) Perl neater then Python? I love both languages but Python programs are amazingly more readable then Perl programs. Perl slower then Python? not in my experience. They are really close in performance. see, http://www.bagley.org/~doug/shootout/ And have you done OO in Perl? compared to Python it's a pain. VB code 2-3x shorter then the Python version? I've had the exact opposite experience and usually the Python version is 5-10x shorter then the VB version.
PhysicsGenius is a known troll... and it's amusing to see just how many moderators get caught by him. All of his posts have just enough in them to sound intelligent, but they're all very deeply wrong -- usually twisting the facts backwards (such as this one) or flying off into realms of thought usually reserved for the insane.
Maybe some moderators with a clue will beat the grandparent post down now.
On topic - I've known Perl for awhile and am starting to code in Python... the syntax is certainly cleaner, but the docs certainly aren't. To put it kindly, they suck. Yes, if I was sufficiently motivated then I could contribute instead of just bitching, but: A) I'm not, B) I don't know nearly enough Python yet to do it right. I find Perl's documentation to be layed out in a much more rational and useful structure. Shrug.
... is yet another guy named "Guido" wanting everyone to admire his "Python".
SoCal is the land of double entendre and uber-image, Mr. Van Rossum. We don't care about your substance, we want to know about your style. So the question the really needs to be answered now is,
Python: Is It Sexy Enough? Join us on E! when we ask your favorite celebs just what scripting language they use for their daily information processing! We know Pamela Anderson loves Perl, and Carmen Daily is crazy about Java, but what happens when these two sexy stars get their hands on Python? Watch at 11 and find out!
Chr0m0Dr0m!C
That's funny. I switched from Perl to Python several years ago and one of the things that I like best about Python is the documentation. Perl's Camel book made a pretty fair reference, but I didn't really like busting out a hard-copy book every time I wanted to look something up. The electronic Perl documentation was pretty nice, but it wasn't quite as comprehensive as the Camel book, and the POD format simply can't compete with Python's documentation. The PDF and HTML formats are nice, but I really like the fact that the Python documentation is available in info format for easy reading in Emacs (complete with a comprehensive index). The indexes in Python's electronic documentation really make a heck of a difference once you start using them. Perl's pile o' man pages simply can't touch Python in this regard (IMHO).
Perl's TIMTOWTDI style means that every time you edit someone else's Perl code you will encounter four or five new Perlisms that you have never seen and that require the Camel book for deciphering. When I was hacking Perl, that meant carring around the Camel book in my laptop bag "just in case." With Python that's no longer a problem.
My guess is that you have gotten use to the structure of Perl's documentation. You know where to find Perl information, and are simply frustrated by the fact that Python requires that you start from scratch with a new set of documentation.
On the other hand, it is possible that we simply have different documentation requirements. What precisely is the problem? "They suck," is not particularly descriptive.
I tried satan for my network security. Cost me my soul, but it's damn good. One kid tried to hack around our proxy to play games at work, and he got engulfed in flame and dragged down to the 3rd layer of hell for the rest of the day! Sure, I have to use a massive water cooling system to keep the firewall (and I mean a wall of fire that I run the ethernet cable through) from melting the other servers, but when the dark lord is watching your back, you don't even have to think twice about security.
I've tried and I even have friends already working there to use as references. My impression has been that for any kind of fun job there you need a PhD or at least a Masters. Oh well.. we can always dream.
;)
A more interesting project would be to make a search engine that functions as well as Google on a much more modest budget. That's an ongoing game of mine. I figure if I ever succeed maybe they'll hire me finally.
At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.
I'd like to point out a thread that I found a little while back on Python-Dev about Guido's decision to remove the rexec module (similar to the Java sandbox):
posting 1
and Guido's reply:
posting 2
A little bit further down that thread we find this:
posting 3
Since this last one is particularly telling, I will quote the relevant text for our impatient readers:
I think Guido's rationale for removing all these features will be widely misunderstood. Me channeling him: it is not that he believes that the architectures developed were inherently incapable of providing security. Instead, he feels that no "expert" for these matters has reviewed these architecture for flaws, and that the continuing maintenance of these things isn't going to happen.
If this understanding is correct, then any new approaches will likely suffer from the same fate. Unless somebody steps forward and says: "I am a security expert, and I guarantee that this and that feature is secure (in some documented sense)", then I think he will dislike any changes that mean to provide security.
So this not a matter of engineering but of authority. Somebody must take the blame, and Guido doesn't want to be that someone.
Disclaimer: I love python. However, I am working on a project that depends on rexec, and when I discovered that it was being removed, I was a little annoyed - especially at the reasoning behind the decision.
--WH--
Looking at Guido's Home Page I noticed that his picture shows a clean, healthy looking guy with all his hair.
I hereby cast my vote for Guido VanRossum for Least Ugly Open-Source Project Leader.
Zope is a very cool web application system, and while I don't know of Guido's specific contributions I have to assume that they were great. Still, I'm confidant that Zope will carry on.
For those not familiar with Zope, it is a web application server written entirely in Python. It features an object database that, for example, lets you create an image object, and then call it from other code to automatically build your image tag based on the dimensions and title of the image stored in the object.
It's open source, developed both by the Zope community and the Zope corporation. There are at least two kick ass, open source content management systems built on top of Zope Corp's content management framework that I know of: Plone and Silva. There are a ton of add-on products that are downloadable too.
Zope does have a pretty steep learning curve, if you don't do stuff with "real" web applications (stuff that needs access control lists, user management, templating, etc) it might not be right for you, but it's great for bigger applications. Edd Dumbill talks in a recent blog entry about why Zope is worth learning and DevShed (which runs on Zope) has a good overview.
Guido and Dan Farmer are both smart guys and I'm sure that we can expect good things.
Why can't I moderate something "Wrong" or at least "Grossly Misinformed"?
Granted, badly written Python can be hard to read, no doubt about it. However, I will assert that it's simply not possible to obfuscate Python to the same extent as C or Perl. It just isn't possible.
;+)
Go ahead and show me some nested lambda + encoding of eval'ed source + pickle or some other monstrosity if you like, but it will have to be indented properly to even execute.
Please mod this post only if you think others should/n't read this. I have enough ego^H^H^Hkarma. Thanks!
emmental is a swiss cheese known for it's big holes.
list of new features at bash.cx
(Please don't mod offtopic; The parent's author doesn't provide any way to contact him privately.)
As an active Pythonic, and a most interested observer over the last two and a half years, it seesm to me that Guido leaving Zope should not raise any fears whatsoever about the future of Zope. I will explain below. Secondly, Guido's joining the new company is a positive for Python, which I will also explain. When Guido joined Zope a while back, I was very happy because it was good for Python, as it gave Guido a safe and comfortable corporate home and presumably a good living, while still allowing him to devote a lot of time to Python. I viewed it as a great goodwill move by Zope because they would be helping to support the future development of Python at their own expense. While Guido no doubt contributed a lot to Zope's efforts, Zope was a breakthrough and great product long before Guido joined Zope, Zope development team is extensive and capable, and Guido was till devoting a lot of time anyway to Python. Therefore Guido leaving is not a bad thing for Zope. Guido joining Elemental Security is great for Python, because that company will base an important new product on Python, and because it still gives Guido a secure corporate position and salary, and because he may be allowed even more time to develop Python at the expense of a good corporate citizen. This is a win-win situation. I say thanks to Zope, to Elemental Security, and to Guido and team. Ursus Maximus aka Ron Stephens
Writing C code that works ok, and designing a secure sandbox require different skills.
:)
According to my aquiantance with the Python C code, the first skill is there
As for the other, I am not sure.
I was experimenting with Zope last year and again during the first half of this year. It's definitely a cool product, but what threw me for now at least was that the documentation is abysmal, at least online.
From what I've been able to tell, there are several editions of the Zope book -- the only up-to-date version of which (currently 2.6) is still work in progress. The rest of the documentation is a mish-mash of user-written howto's, some of which are excellent, some of which are dupes of others, many of which are out of date, and others of which are just badly written. Searching the database of these is hard, and it's very difficult to distinguish well written old ones that are still relevant from newer ones that aren't very useful.
My main problem with it though is that although it focuses hugely on the differences between zope development and regular web development without seriously dealing with implementation examples of common tasks. On and off it took me about a month to figure out how to make a simple form-based login system (similar to slashdot's) and tie it into Zope's user folder system. Co-incidentally The only zope-based website I could find that actually did this was zope.org itself.
I really like Zope and I've shown off how it works to people many times over. But I'll only seriously consider using it more once the documentation is more coherent. At the moment I think that's one of the main places where itfalls over.