Slashdot Mirror


User: DavidTC

DavidTC's activity in the archive.

Stories
0
Comments
10,705
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,705

  1. Re:But on Ajax Sucks Most of the Time · · Score: 1

    AJAX doesn't require a damn thing in the web browser to support blind people. The web browser merely needs to pay attention when part of the page is changed and read it.

  2. Re:as in all new directions... on Ajax Sucks Most of the Time · · Score: 1
    Exactly. Anyone who says 'I don't like AJAX.' is welcome to explain how Google Maps should work. (I guess, in theory, it could be done without using XML as a transport, and hence would not technically be 'AJAX', but that's a bit nitpicky.)

    The problem is, like any new technology, people are using it in stupid places, and thus there is a backlash against it. Eventually, most new tech either finds a useful place, and workarounds for problems, like frames did, or won't, like Flash, which continues to be used by people with too much knowledge and not enough intelligence.

    Actually, speaking of new technology finding a niche, I'll argue that Javascript really didn't have one until now. Sure, there was form validation, but you had to do form validation again server side, and the menus just pissed 15% of people off. It didn't really take off until DHTML, which was really just the precursor to AJAX, although without server communication it was limited to fancy menus.

    Now, with AJAX, there is actually a functional reason to write sites that rely on Javascript, because now there are things that are actually impossible to do without it, and these things are very useful. 95% of these are 'applications', where you've got a bunch of stuff straight from a database and want to let the user manipulate it.

  3. Re:cause property theft is kewl! on Barcode Scam Redux - Target's $4.99 iPod · · Score: 1
    That is an idiotic example.

    Shooting everyone in the head seriously raises your risks, because, if you get caught, you're going down for murder. And it means you can't take hostages.

    The least risky way to rob a bank, in fact, is the way that breaks the fewest laws. Ideally, you could use some sort of money-teleporter to just take the money, and not even be charged with breaking-and-entering.

    Actaully, the least risky way to rob a bank is to not, in fact, commit a crime, then they can't get you on anything. The risks are zero. However, at that point, the rewards have also gone down to infintesimal. You're basically reduced to standing around and waiting for the bank to explode by random chance, showering you in money, and that is pretty damn unlikely.(1)

    And, by using the second person in that example, I have just proven you to have a criminal mind. HA! ;)

    However, as was pointed out, figuring out how to commit a crime is the only way to ever stop crime. You can catch criminals without thinking like them, but you cannot stop them from commiting a crime in the first place if you cannot think of the crime.

    And the only way to figure out how to do it is to say 'How would I do this?'. It's a psychological fact. You are the only person whose decisions you see, so when you're imagining a random someone deciding what to do, you put yourself in that place.

    Yes, even writers, when thinking 'What would character X do?', are really thinking 'If I was character X and thought like him, what would I do?'. You can imagine other people acting, because you see that all the time, but you cannot imagine other people making decisions without taking their decision making process and figuring out what you would do if you thought like that, because you have no access to the inside of other peoples' heads.(2)

    This is expecially true when figuring out crimes, because you aren't intentionally trying to limit your decision making process to someone else's. You don't go 'Let's pretend I'm a poor housewife named 'Sandy' with a husand whose income is $20,000, and two kids, how would I commit this crime?', that's just silly.

    Whether or not it's phrased as 'me' doing those things, or some random person, or even some specific person like you, it's really how 'I' came up with a way of doing them.

    So what person you state the result in is irrelevant. Either you can't understand why anyone does actions you disapprove of (Which makes you eligable for sainthood, and makes you the most naive person in the world.), or you understood their actions by reverse engineering them through your decision-making process.

    1) But, hey, I check every time I drive past a bank, just in case.

    2) Poor writers make everyone either think like themselves, or they make everyone just act, with no thinking behind it, or some combination of this.

  4. Re:The crime is in getting caught... on Barcode Scam Redux - Target's $4.99 iPod · · Score: 1
    Do you perchance live near Georgia? Because something like that happened at a Walmart near here.

    Although I heard they just didn't ring up the game consoles at all. While cashiers can, in fact, edit prices at the register (For price matching and incorrect ones), that seems like a rather stupid thing to do and trivial to get caught at.

    I've always imagined there was a person in the backroom whose job was to look at every single price alteration, every day, and go 'That's another 10 dollars off that same quilt, someone much have them on sale in a flyer.' and 'Why the hell have we sold six X-Boxes for 40 dollars?'.

    OTOH, high schoolers helping friends rip off the Walmart they work at must happen all the time, and the main thing male high schoolers want to rip off has to be electronics, and there are only so many way to do that if you're a cashier.

    Or, wait. Do you mean they mislabeled them in the store, by sticking new barcodes over the UPC labels? So they weren't cashiers, they were...um...actually, I don't know who does that. People who work in that department? Stock people? (I was a cashier, so don't know how all that works.)

    Okay, that makes more sense.

  5. Re:similar story on Barcode Scam Redux - Target's $4.99 iPod · · Score: 1
    Until I see someone convicted of something, it doesn't 'appear' to be illegal. Saying 'No, we didn't mean to do that, you have to give us more' has never been any sort of legal argument. I've never heard of that standing up in court.

    And I didn't say it was moral to take advantage of gas stations. I said it was legal.

  6. Re:similar story on Barcode Scam Redux - Target's $4.99 iPod · · Score: 1
    You do not purchase things from ATMs, ergo, absolutely no consumer protection laws are in place. They are merely a way to transfer money to and from your bank acounts.

    Using an ATM, or accessing other people's bank account at all under false pretenses is illegal. Hence using any error that involves you being mistaken for someone else is illegal. You are should immediately stop using the ATM, although it's probably legal to attempt to log that person out so others can't abuse their account. If you get an ATM card from the machine that isn't yours, you should return it to the bank, usually via putting it in the depository.

    If it doesn't involve any bank acount, if you can just walk up and push two buttons and get money, then you still have absolutely no reason to believe that is your money, and hence walking off with it is theft, just like if you'd walked up to a drink machine and there was a six pack of Coke sitting next to it. You should put it in the depository or something. (The money, that is, not the Coke. Do not put drinks in ATM machines.)

    If you are using it 'legitimately', logging in as yourself, and attempting to withdraw funds from your account, and they aren't being deducted from it, you are under the same banking laws as the bank is...if you notice errors in your bank transactions, you are obliged to report them to the bank, and correct them, just like they have to do the same to you.

  7. Re:similar story on Barcode Scam Redux - Target's $4.99 iPod · · Score: 1
    You're close, but wrong. It's not bait-and-switch or false advertising, it is a good deal more serious.

    Displaying the wrong price on a sign, and a different one at the pump, would be false advertising. (Not bait-and-switch. That would be something like advertising regular gas 50 cents cleaper than everyone, because you don't have any, and you're hoping they'll get premium instead.)

    At least, in general. Actually, there are specific laws about gas station signs and what they can and can't say or imply, so there would be more specialized punishment for that.

    However, raising the price between pumping and purchase, or attempting to raise the price after the transaction is completed, or raising the price during pumping, isn't a crime, because it's impossible. It cannot be done. You agreed to sell them something for X amount of money, they took you at your word and consumed it, that is all they owe you, period.

    However, attempting it, and then threatening to charge people with theft if they do not pay, is extortion. It's exactly akin to selling someone something, letting them walk out with it, and theatening to call the police and have them charged with shoplifting if they don't pay for it again.

    Luckily, in both cases, it would be trivial to disprove the charge...you have a receipt. You paid the amount they wished. Unless they can show you tricked the system into giving more gas than it registered, or tricked it into taking less money from you, they have nothing on you.

    Extortion, OTOH, is a felony. It's really amazing how many stores are willing to threaten someone with charges of theft when they should know full well a legal purchase was made, a charge of theft they can 'get out of' if they just pay more money. That's so illegal it's not funny.

  8. Re:similar story on Barcode Scam Redux - Target's $4.99 iPod · · Score: 1
    The reason the difference between the sign and the pump was important is because, duh, this was such a difference.

    Unless your assertion is that the real price was printed nowhere, in which case this already shaky legal case is on rather absurd grounds. They'd just supposed to magically know how much the company wanted to charge?

  9. Re:The real thieves... on Barcode Scam Redux - Target's $4.99 iPod · · Score: 2, Interesting
    That's a classic scam. It happened at a Walmart near the one I worked at a few years ago. Some high school kid started 'selling' some sort of game console, I think it was a Gamecube. He'd collect 50 bucks from other kids at school, and then tell them when he was working. They were to get the gamecube, put a piece of tape over the barcode, and at least 10 other items or something.

    He actually had it down to a science, but failed to consider that Walmart notices when people start 'shoplifting' two to three large boxes a week that obviously couldn't be snuck out of the store under a coat, especially one with such a high-turnover rate. At first, they thought that people were stealing them from stock, so checked they were actually getting out on the floor, which they were. Then they just had people stand around electronics and follow people who picked up Gamecubes to the checkout. (This example was mentioned during training which is why I know about it.)

    However, picking the TV and the game conses were pretty stupid. Although the TV, at least, has plausibly denability if it stays in the cart. Running things over the scanner and failing to notice when it didn't beep is harder to explain, considering that's like 90% of a cashier's job. (I say that as a cashier.;))

    If you actually want to do something like that, the trick is to pick something small that looks like a lot of other things. For example, a game in a bunch of other games. It's almost impossible to detect. (And feel free to return all the other games, unopened, the next day, to steal them later.)

    However, the shrinkwrap thing is genius. I've actually heard stories about people trying to reseal (or just seal in the first place) things, but obviously that works a great better when you operate a sealing machine. And, assuming the Besy Buy return counter works like Walmart's, people behind it say 'This is good' and stick it in a cart to get put back on the floor by other employees, so no one would could ever notice when items didn't get there.

    Yeah, I'm cynical about this, because I don't give a damn about big retail and how much people steal from them. Like I said, I used to work for Walmart, where I was incidentally, required to put in a full 40 hour week for Christmas despite being part-time. I don't steal from them, but you people feel free.

    If you don't want to 'steal' from them, do what I do...I use Walmart as an ATM. I purchase items that cost like 60 cents, and then get cash back, which costs them like $1.50 from my bank. And I get a candy bar out of it.

    Once, when I needed 40 dollars and was really bored, I went around twice. ;)

  10. Re:The real thieves... on Barcode Scam Redux - Target's $4.99 iPod · · Score: 1
    People would steal less from those stores if they actually had any loyalty to the store, which they do not.

    The reason they do not is the store has no loyalty to them.

  11. Re:Some people are just plain stupid on Barcode Scam Redux - Target's $4.99 iPod · · Score: 1
    In fact, if the criminal was smart, he'd swap it with an iPod accessory tag, so it'd show up in the receipt as '4.99$ IPOD HEADPHONE ADAP' or something.

    Although $4.99 is a completely stupid price, and I'm not amazed he got caught. Seriously, that's just obviously not right. Something like $39.99, maybe.

  12. Re:similar story on Barcode Scam Redux - Target's $4.99 iPod · · Score: 1
    Erm, what?

    Are you saying that it is illegal to pay less than is on the sign, even if a different price is at the pump? That's idiotic. (For one thing, when they change gas prices, they try to always make sure the sign shows more than the pump. If the price went down, they change the pump first, and if it went up, the change the sign, because they don't want to appear to be bringing in customers under false promises. Aka, the sign showing more than the pump happens every time they change the price, at least for a few seconds.)

    I'll agree it's unethical, but it's not illegal under any logic I can see.

    Your assertation that the seller can determine the price at the point of sale is idiotic, as a gas station is explicitly one of those places that's not true, as, duh, the gas has already been pumped and you can't unpump it. They can't change the terms of the sale at that point.

    It would be an interesting legal question as to what would happen if the problem was discovered between the pumping and that paying. The courts, at least in the US, have always come down on the side of the lowest price ever displayed to the customer, when there was a difference between the sign and the pump, or the price went up during pumping. Admitted, they might see a difference between a 10 cent difference and a 10x difference.

    But no matter what, if you walk out of there with a receipt for X gallons of gas that says you paid Y amount of money for it, and assuming you actually did pay that much, and didn't actually get more than that, there isn't a damn thing anyone can do to you.

    They can get you if you secretly got more than that and somehow fooled the machine, or if you managed to trick the machine into thinking you'd paid more than you did, (Just like you can get them for the reverse.) but assuming the stuff printed on the receipt matches reality, the sale is over and legal. They can't then go 'Oops, we meant to charge more. Pay us some more or go to jail.' That's the entire point of receipts.

    Oh, and even if it was a crime to take advantage of the situtation, there's a hell of a problem in proving intent. I'll assume that most people paid at the pump with credit cards, and filled up their tank, because that makes the most sense. Well...there's absolutely no evidence they even knew how much they paid. Maybe they just swiped their card, filled their tank, and drove off. And, hell, it assumes they also looked at the sign and noticed the difference.

    That's rather a large legal burden, even assuming there was some sort of actual law there, which there probably isn't.

    And, no, this iPod thing isn't the same thing, because he was attempting to fool the cashier and machine into giving out the price for the wrong item, hence 'an iPod' wouldn't be on his receipt.

  13. Re:"What happens if..." on Artificial Tornadoes · · Score: 1
    Especially if some complete fool happened to build a power plant right where the tornado escapes.

    Oh, wait.

  14. Re:Seems like some people don't understand coding on Why Can't Microsoft Just Patch Everything? · · Score: 1
    The registry can be used for trivial interprocess communication. If you have an antivirus widget who's only purpose is to monitor the daemon, they can both open a memory-only register location and put simple info in there, like 'anti-virus running' or 'stop running as soon as possible'. It's not ideal, and you can't pass pointers or anything except text, but works fine for simple purposes, where all you want is an icon in the system tray to control something.

    As for named pipes and mail slots...Windows does, in theory, have them. No one uses them. I've never seen anyone use a mail slot.

    And in no universe are those things easier than sending messages. Applications already have to have code to process messages, adding another one isn't difficult, and on the other end it's a single line of code to send the message.

    Any other form of communication requires, at the least, setting up a specific communication channel in advance, at both ends.

  15. Re:Seems like some people don't understand coding on Why Can't Microsoft Just Patch Everything? · · Score: 1
    So how should it have been done securely ? (multi-user unix workstations used from various XTerminals, late 80s). I still say you couldn't do it secure back then.

    Not only 'could' you secure it, it was secure by default. X has always started with the default assumption that only programs launched under a certain process (The X startup scripts) could talk to that X instance. Not even other local programs run by the same user could take to X. This is always, and will forever be, true by default.

    Of course, users would often wish to start X programs from other places on their computer, besides programs already running inside X. This would leave to 'xhost +localhost', thus rendering everyone able to run programs that talk to X.

    This meant, if you were on a 'traditional' unix network, where home directories are NFS mounted and everyone has identical accounts on every machine, that basically anyone could telnet in and run anything they want that talks to your X. Or if you were running X apps off a mainframe with bunch of a dumb X terminals, everyone was also 'local', or rather the same remote machine that you had to enable.

    This is not a bug. This is not a security flaw. This is logic flaw in whoever enable 'localhost' to do whatever they wanted, and then was surprised when that meant anyone@localhost instead of them@localhost. It is self-evidentally stupid to give permissions to a whole computer when multiple people have the right to run things on it, and then complain when, gasp, they have those permissions.

    This could, when designed, be fixed by doing 'xhost +user@localhost' or some variation of it, but that only works as long as the remote machine is running ident correctly. Sadly, ident went away, and there are no way to determine a user on a remote system, or even a local system if it was coming in via TCP/IP loopback.

    So the stupid-ass magic cookie was invented, which was so confusing no one used it, and a lot of systems were wedged wide-open, and a lot of people just used X as it was intended and didn't try to do the incredibly silly trick of starting applications intended to run in X from outside X.

    And it either does that securely or it doesn't - secure and insecure mechanisms are available whether you are on Windows or Unix.

    It is also (from history) clear that a badly written superuser background process reading messages from untrusted sources can give privs to attackers - whether you are on Windows or Unix.

    Ah. I see your confusion. You believe I am describing some sort of program flaw. I am not. I am describing an OS flaw. It does not matter how your application is coded...if it has any window open on a desktop I can open a window on, I can steal your privs without executing a single byte of your code. This is the 'shatter' attack, and it is not a program flaw. (I said 'any window open' before, but the other post here reminded me that all applications have some window open...it's just that Windows will create 'pretend desktops' for you if you wish, and you can safely open windows there, as no one can get to them.)

    While all X, and all Windows and OSX and OS/2 and probably Amiga applications could have some sort of flaw in their actual message handling routines, that is not what I was talking about.

    Of course, in the Windows world, communicating by passing messages between windows is basically how everyone learns to make app communicate. For example, on my computer right now, Skype sends a message to 'Winamp', via that system, to pause it when a call comes in. 'Winamp' is actually foobar2000 that has opened a window named what Skype expects, that Skype sends various messages to. There are no named pipes or anything. The only other thing to use is the registry, which is frowned on, and loopback connections, which is a lot of work, so most programmers don't even bother to think of any other way.

    It is a very nice and easy to use system, certainly a lot easier than anything X had until v

  16. Re:Seems like some people don't understand coding on Why Can't Microsoft Just Patch Everything? · · Score: 1
    Well, yes. I didn't say there weren't ways to for programs to avoid shatter attacks against themselves.

    I was just saying that, thanks to a design flaw (and it is a design flaw), every single program that runs with elevated privs needs to be aware of the issue and coded correctly. Windows can't fix it, and even users that are paying attention can't fix it, and it happens way more than it should. (Including a few cases of MS doing it in Windows 2000, IIRC.)

  17. Re:Seems like some people don't understand coding on Why Can't Microsoft Just Patch Everything? · · Score: 1
    Just because your network was set up insecurely doesn't mean that X is insecure.

    And you do not need to bolt on a tunnel to make X secure. You need to bolt on one to make it secure over a network.

    As Windows doesn't operate on a network at all by itself, at least not until recently, that seems a pretty silly thing to compare it to.

    However, your example is actually quite good demonstration of the quite real design flaw in Windows:

    In X, user-set permissions often allowed random users to launch programs that run in your X. People would want to run something remotely, or something from another terminal that they want to show up in X, so they'd allow that IP to connect to their X, and then never undo that. So any idiot there could run a program on their screen.

    Luckily X, as I said, doesn't allow X programs to talk to each other, so they couldn't do things to other people...but they could do things to X itself, like, as you say, steal passwords, probably via the same method that allows global hotkeys.

    This is not a bug. Programs running within X have the ability to do certain things to X, period. It doesn't matter if they're run by the same user that started X, because X, after all, is running as root anyway. It doesn't even matter if they are on the same computer. They can do things to X.

    So far inthe story, Windows and X are exactly the same, except Windows can't be told to respond to anything except localhost, metaphorically. So Windows, in theory, is 'more secure' there, only if by 'more secure' you mean 'less able to have connectivity'. No X has even been installed where people could do that by default. Yes, stupid users often remove such protections for convience.

    However, what X programs cannot do, and what they can do under Windows, is talk to any other window. Well, they can move the mouse and pretend to type, but they cannot send messages that look as if they are from the GUI, whereas, in Windows, they can.

    Under Windows, if you were stupid enough to let randon users start programs on your screen, these programs could do anything to other windows. They can send random messages, and, because of how Windows passes window handles, they can often trick those other programs into elevating their priviledges.

    Now, admitted, the X problem was much bigger. You'd do xhost +localhost to launch something from a background script sometimes, and any random user account could do things to your X. Whereas in Windows, no one cared what programs did to each other. Unlike GPFs, this was not going to happen by accident.

    That was 1994. Fast forward to 2005.

    Nowdays, Unix people tend to have their own machine they run X on. Usually they stay in X, and no one but X can run programs in X, so they bind X to localhost only. Sometimes they want other programs to show up, so they do xhost +localhost, but that is their own computer and random users aren't going to be firing up programs in X. And ssh has been invented, thus allowing them to run X programs on other machines, but have them appear to coming from localhost, and work.

    Meanwhile, people who have Windows are out there trying running to run as non-root. They've carefully tweaked permissions and everything. If they get malware, all it can touch is their user...or so they think.

    They also have a nice virus scanner. It's great. It runs as Administrator, of course.

    And it has a little control icon in the system tray. This icon runs as a normal user, and it communicates with the virus scanner by means of message passing with the superuser background process.

    Wait. Did I just say message passing? Why, that would imply that anyone can pass messages to the background process. In fact, thanks to design flaws I don't want to get into right now, it is possible to any program, running under that user, to create a window handle and pass it in using a certain type of message, and get the privs of that program. Aka,

  18. Re:Seems like some people don't understand coding on Why Can't Microsoft Just Patch Everything? · · Score: 1
    You seemed confused.

    There is no point in having security between different processes run as the same user. It is not insecure to let program A run as user X kill program B run as user X. If program A is comprimised, it can do things that are a million times worse than just killing programs.

    Anyway, the point, programs in X can't talk to each other via X. This removes 95% of the danger in X automatically, as almost nothing in X runs as root. If daemons need control from X, they talk to their unpriv'd processes via a named pipe.

    In theory, Windows programs do this to, via RPC. Except, when they do completely unsafe things like like background processes creating windows with elevated privs and communicating via those, which is utterly unsafe as any Windows programs can send messages to each other.

    X programs can't communicate with each via X so couldn't do that anyway. And while they can send messages (called signals) to each other, these require, tada, permissions to do so.

    If you still don't understand what I'm talking about, google the 'shatter' attack and think long and hard why it can't be fixed except by making sure every single window in Windows is created by the same user.

    And your 'security issues' are gibberish. Yes, if you're running X over a network by itself, you are completely insecure. You are also completely fucking stupid. The way to run X is to have it listen on localhost and use ssh tunneling. No one has X listen on their external IPs.

    And you can 'minimze' windows in X just find if you have a windows manager. X has no native support for minimizing windows, or manipulating windows at all. It just sticks them on the screen. A windows manager is needed to show up and draw titlebars and icons and move them around and stuff like that.

    Of course, X has to talk to the various windows. But unlike Windows, J. Random Program can't stick messages in other program's queue that look like they came from the GUI.

  19. Re:Seems like some people don't understand coding on Why Can't Microsoft Just Patch Everything? · · Score: 3, Interesting
    This, BTW, is a very important lesson: Anytime a program can be crashed by invalid input causing execution to go somewhere random, it can exploited by a certain subset of invalid input.

    This is actually only true about 50% of the time, but it is a very good thing to pretend is true when fixing security bugs.

    MS discovered a bug that sent execution off to a magical realm of fairies and candy, and decided 'Well, that's okay, we'll fix it someday.', which was just completely idiotic. They didn't even bother to notice that the magical realm was user-supplied text, thus begging to be replaced with actual machine instructions.

  20. Re:Seems like some people don't understand coding on Why Can't Microsoft Just Patch Everything? · · Score: 1
    You'd think there were all sorts of security holes (After all, the X client has to run as root.)

    You'd be wrong.

    Why? Because services in Unix do not talk to X. And they do not use X's method to talk to each other, they used named pipes or loopback connections.

    And X is rather better designed, security-wise. Random programs can't just start up converstations with each other, or screw around inside each other. (As evidenced by the creation of Cobra so X programs could do just that.)

    Right now, in Windows, I have a program called PowerPro that lets me, say, assign a hotkey to 'Minimize Window', and I can press it and the windows hets sent the the 'minimze window' message and does that.

    That is impossible in X. It sometimes looks like it's possible only because all the 'Window Manager' windows are the same program, and you can get probably get that program to have a global hotkey, but it's not sending any messages to the windows it's minimizing, because it can't, at least not through X.

  21. Re:I hope it doesn't get widely deployed on Driving Away Teens With High Frequency Noise · · Score: 1
    By that logic, I was including the police in there, as police are part of society.

    And thus my statement was rather paradoxical.

    As are store owners, rendering my statement redundent.

    Or you could realize that when someone says 'Action X is not the fault of society', they mean society as a whole, and not 'Action X is not the fault of any member of society.', which would only make sense in the case of acts of God or alien invasions.

  22. Re:You mean on How to Write Comments · · Score: 1

    Any sufficiently advanced prayer is indistinguishable from magic.

  23. Re:The why not the how on How to Write Comments · · Score: 1
    I hate 'fixes' in comments when in reality they're just 'the code later down is mess up, so we make sure we don't execute it in certain circumstances', because it implies some sort of God-like knowledge. How do you know someone didn't fix the same problem somewhere else later on, and thus your 'fix' is not needed?

    It's much better to say something like: // If the tarrif is nothing, this function does not apply (And does not work as of 30-11-2005)

    And no one gives a damn of what kind of bug it is that won't happen. That's just insanity.

    Also, I hate dating changes. What, do people have a time machine when working on the code? It wasn't fixed, now it is fixed, and it will remained fixed from now on.

    They really only make sense when you're using them as some sort of versioning system, and you really should be using, you know, actual versions, where you grab a copy of the code and call it 4.2.34 or whatever.

    Instead of having to ask 'Are you running the code from 30-11-2005 or 25-11-2005?' and then having to go and figure out what differences have been made.

  24. Re:Haiku Commenting? on How to Write Comments · · Score: 1
    That's what I do. Almost all code has logical blocks to break it up, where you do a bunch of related things and then switch to another set of things. Sometimes these are programmic blocks like 'if' and whatnot, but they tend to exist regardless.

    I try to make sure I say something between each group, just to make sure the reader and I are on roughly the same page. Even if it's 'Now that we've just done X and Y, it's time to start setting up Z.'.

  25. Re:Haiku Commenting? on How to Write Comments · · Score: 1
    The intention of the code and the code itself, which is an interpretation of that intention, may not be in agreement.

    That's actually a fairly good defination of a bug.

    And, yes, if people don't know why the code is doing what it's doing, they don't know when it gets it wrong without having to read all the code.

    If you have 'int c=0' outside a loop, and inside a loop:

    if (++c) {

    Is that an error? Should it be 'if (c++) {'?

    If c had been calculated each time, from something which returns a -1 on failure, and you're adding 1 before checking it to make sure it's not an error, the 'if' would be completely correct.

    However, if you're just starting with c=0, and want to run this code all but the first time, that 'if' is wrong, it will never not run, as 1 gets added before the check.

    A simple comment, or reading the whole function to see if 'c' gets set anywhere else, pick one.