Slashdot Mirror


User: Skapare

Skapare's activity in the archive.

Stories
0
Comments
6,883
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,883

  1. Re:C++ isn't so unsafe on Gosling Claims Huge Security Hole in .NET · · Score: 1

    Excuse me? C is more like driving a Ferrari. At least with a Ferrari you can smash yourself to bits by making a mistake. And it goes fast. The best you can do with a horse is hope it stomps on you in a fit of rage. It also goes slow and has a mind of its own.

  2. Re:C++ isn't so unsafe on Gosling Claims Huge Security Hole in .NET · · Score: 1

    C does all I need at this level. I've been programming with pointers (and addresses) since 1972. I do know how to handle them safely. I don't need the bloat of a big STL coming along for the ride. If I have an app that needs OOP and the bloat won't matter, I do it in Pike.

  3. Re:If Java is the answer what is the question? on Gosling Claims Huge Security Hole in .NET · · Score: 1

    I do find a few web sites online that have really crappy programming. Various errors occur, ranging from empty content, to corrupted output, to big error messages. The most common programming languages involved (based on the extensions of the filenames) are: ASP and Java. Often these errors happen due to unexpected conditions that just don't get handled properly.

    Java may be able to cover up things like bad programmers leaving buffer overflows in socket I/O. But languages like Java and Perl also make it easier for morons to think they can be programmers. Then we end up with web sites and other applications that just don't do the right things at all. But at least they don't have buffer overflows and they might even have been delivered on time.

    C/C++ certainly has some flaws. But we've known about them for a couple decades; good programmers know what and how to avoid them.

    The real solution is to clean up the ranks of programmers. About 75% of them out there need to find another line of work. I hear Walmart has some openings.

  4. Good programmers vs. bad programmers on Gosling Claims Huge Security Hole in .NET · · Score: 1

    Good programmers can produce good code in any language that doesn't have security holes. Of course they have to be allowed to do so, and not distracted by silly management directives like meeting deadlines. While bad programmers can create massive security holes no matter what language is involed ... and sometimes even deliver these security holes on time. Management just eats it right up.

  5. Re:Missing the point: A cure is not needed on Monkeys Pay for Monkey Porn · · Score: 0
    ... a wonderful boy who happens to have autsim [typo?] ...

    If autism is what someone is (which I, like you, believe in), then you should say your son "happens to be autistic".

    And apparently you happen to be a bad typist ... but, hey, that's normal on /. :-)

  6. Re:Still thinking? on Safeway Club Card Leads to Bogus Arson Arrest · · Score: 2, Informative

    Most stores will let you provide the phone number in lieu of the actual card. Security is not generally much of a concern, as each usage only benefits the card owner ... it doesn't cost them anything (except when the data is misinterpreted by law enforcement, as was in this case, or other parties, such as your health or life insurance provider who thinks you are buying ... and eating ... too much cholesterol laden, heart artery clogging, foods).

    I've never applied for, nor received, any of these cards. I do, however, have a few, obtained from relatives and friends. In other cases I've used their phone numbers, as well as phone numbers of complete strangers. If the phone number I pick out of the blue doesn't have a card (I've gotten about 50/50 on this), the clerk usually lets me use theirs when I act like I'm upset that their computer has lost the data.

    FYI, I read the conditions and terms on the application for one of these cards, once. They made it clear they would never sell your name or data for any marketing purposes. But what about others ... like health insurance companies (who might want to know your eating habits)?

  7. 95% sucks on Custom Software vs. COTS Products · · Score: 1

    95% of commercial off the shelf software sucks.

    95% of custom developed software sucks.

    I've had to deal with both, and it was very tempting to switch the other way when dealing the some of the absolute crap that gets programmed. So whoever is saying one particular kind of software is bad was probably dealing with that kind of software most recently.

    The conclusion: 95% of developers (analysts, programmers, project managers) suck.

    The solution: hire the other 5% regardless of whether you need something special developed in house or are developing the next greatest commercial software.

  8. Re:24 January is my birthday... on Monday, January 24th to be Worst Day of the Year · · Score: 1

    And it is mine, too. But I'm not 37.

  9. Re:24 January is my birthday... on Monday, January 24th to be Worst Day of the Year · · Score: 1

    What's the probability that someone on Slashdot would have this birthday?

  10. DNS is binary; does that make it proprietary? on Does the World Need Binary XML? · · Score: 2, Interesting

    DNS is binary; does that make it proprietary? Not at all. It is a published open standard in RFC 883 and later documents. Other examples include ASN.1/BER as used in SNMP. It's not whether it is binary or text that matters; it's whether it is openly documented and unencumbered by intellectual property claims (a separate issue some of XML has).

    The decision of binary vs. text for a format should be the result of specific needs. XML is verbose. XML can be compressed for transmission purposes, but it still has to be uncompressed to its verbose form for parsing. If speed in parsing is necessary (it might be as I have noticed quite many XML based progams are rather slow), a binary format can have things like length prefixes and continuation tags, instead of having to detect and verify collection of characters whose position is unknown. A parser that does not recognize a given tag, or does not need to process it, in a binary format can simply skip it by jumping the specified number of bytes. Binary format is very optimal for machine processing.

    The usual argument for a text format spans the range of permitting humans to create the content for most things directly in an editor like vi or emacs (no wars here, I listed my favorite last), or reading that content directly, such as to diagnose the real cause of misunderstood errors. XML is too utterly complex for human creation or interpretation to be effective on a direct basis. There may be some argument that it can still be effective for diagnostic purposes (I have in fact needed to do so many times). Given that it is the powerful tools of XML that are used as the basis for the benefit of XML and promoting it, then what does it really matter what format is underneath as long as it is open and unencumbered?.

    A binary format for XML will absolutely not kill XML. DNS is obviously not dead (and you'll love it even more when IPv6 rolls into your network). What a binary format might do is weed out some of the weaker programmers who are sticking their fingers a bit too deep into the inner workings of some applications and tools.

  11. expertise and authority on Wikipedia Criticised by Its Co-founder · · Score: 1

    I notice that Larry combined "expertise and authority" at one point. I do think almost everyone respects expertise. The few that don't are either seriously misinformed, or might have something new we need to learn. But the real problem comes from authority. When authority exists, then censorship can happen. Initially, authority is usually well intentioned. And in most cases it never departs from that. But there are enough cases where authority does result in censorship that people rightfully fear authority.

    I'm reminded of when I was at university decades ago. For many topics I did research in I could not find the information I sought. It was quite easy to get abstracts of papers that were written. It was quite difficult to get the actual papers. A lot of that was the costs, at the time, of handling the information. But the excuse so often given was that I didn't really need that information, or in some cases that I even had no right to it (because I was a lowly undergrad student). In most cases there was a cost structure associated with it, but no means to pay for the costs because it was set up only to work from departmental accounts.

    The internet changes the costs structure. Getting information is so cheap it's virtually free. If you can't afford to run a server to provide it (see, it's not 100% free) you can hand it off by other means and it's free anyway. Post it on Usenet and it's on Google Groups forever. Put it on a P2P network and then everyone will have it.

    But there are powers that be. The legacy academic process is still going strong. Research publication is still refereed, and always should be. But the structure is wrong in terms of how it is financed. But those who benefitted well from the legacy structure are trying to keep it in place.

    All research results should be available. Peer review should not ever be a form of censorship (though in the past it has had that effect). Instead, it should simply be a form of recognition. For example if every researcher published all their own work on their own web servers (or their department or university server), and then the peer review process indexed it all and made the decision on what to highlight, we'd have a better system; the best of both the peer review "elitism" and the openness of anarchy and anti-elitism. As long as the author wants to make it available, you can find it. And those who want to narrow their search based on the experts they trust, can do so as well.

    So, forking Wikipedia would, in my opinion, not be a bad thing at all. As long as it is done in a friendly way, we get the best of both. One possible way to do this under a single site would be for articles written or rewritten by experts to always still link to the alternatives others offer. But even if it is done via separate sites, we still can have our cake and consume it.

  12. Re:Ranting is warranted on German Court Sets Copyright Tax on New PCs · · Score: 1

    I guess I better hurry up and file for the patent on the business model of "gaining consumer acceptance by lowering prices, while really raising profits through the use of backdoor levy schemes" ... so I can get rich off them :-)

  13. Ranting is warranted on German Court Sets Copyright Tax on New PCs · · Score: 1

    I retain my right to foam at the mouth.

    First of all, this system charges the levy on those who do not use their computers to copy copyrighted content. And even among those who do, the charge is not in proportion to how much content you have or how much copying you do. If I buy 5 CD's all year and occaisionally just play them on my computer, I'm being force to pay the same price as someone else who buys 500 CD's a year and rips every one of them into his computer, and makes extra copies for car, bike, etc.

    And, of course, there's that ambiguity of how to apply the levy to computer components people often build their own customized systems from. Should it be charged by the CPU? The disk drive? Did the courts actually say?

    And does they levy come with a law that prohibits any attempt by the copyright owners to use any DRM that blocks any form of legal copying?

    Charging a levy on blank media gets a bit closer to being fair. But this media can still be heavily used by people backing up, or even distributing, their own data and content. So it's still nowhere near the ideal solution.

    Adding the levy to the actual sales of the original material is what is actually most fair. The person who buys 500 CD's pays 100 times as much as the person who buys only 5 CD's. It won't exactly compensate for the number of copies made, but that's not nearly as likely to vary in scale as much. Some people may make no copies, many will make one copy, and very few will make more than three copies ... when considering only legal copies this law is intended to compensate for (e.g. we're not talking about all those pirated copies made to give or sell to friends, and internet uploads/shares).

    And of course, this most fair way of charging is exactly what the industry is fully capable of doing since it is they who are selling that product in the first place. They just don't want to do it that way because then people will see the added price.

    Now I'm not going to defend the legal system in the USA over the German. It's crap here, too, and probably even more so. I'm just saying that what is being done in Germany is wrong; but it would be just as wrong if done anywhere else, including the USA.

    As for your reference to your 18th century reference ... it's actually more 19th century here. US industrialism, and the creation of the "corporate person" concept, came about in the late 1800's, which was the 19th century. It's then been going downhill ever since.

  14. Re:Sounds like a bargain! on German Court Sets Copyright Tax on New PCs · · Score: 1

    Why can't the cost of your (non-free) right to make a "home copy" be included in the original content purchase price?

  15. Re:mmap on What's Wrong with Unix? · · Score: 1

    I would consider it a flaw that a mapping can be revoked at all. What happens to a file descriptor under similar circumstances? Is it revoked, too? It would have to be. And that can leave a sloppy program equally confused. So it's not really an mmap() issue. The asyncronous notifications is based on the signal model, which is a bit weak. A message model might have been better.

  16. Re:mmap on What's Wrong with Unix? · · Score: 1

    mmap() is for those that want to be able to read data with only one copy in RAM for all the many processes that might need it. My first web shopping cart program, written in 1996, in C, needed access to a 450 MB inventory data file. The file was structured similar to a B-tree for efficiency, but still any one web request would typically touch 8 to 12 pages of the data. With potentially thousands of requests a minute, and only 256 MB of RAM on the machine at the time, doing it via mmap() made sense. If every process had to read() pages, the working set size would be a lot larger. By sharing the RAM occupancy between processes, instead of duplicating it, the capacity of the server was greatly increased.

  17. Re:The C language on What's Wrong with Unix? · · Score: 1

    Yes, C has its bugs and security holes. Yet some of the worst I've seen are done in Perl and Java. But I'm not going to place blame on the languages (because there are also plenty of programs in all of them that are done right). Much more of the blame belongs to the programmers, many of which can barely accomplish little more than the classic helloworld program in their language of choice (and they wouldn't even get that to work in C, but at least Perl and Java let these idiots become programmers).

    As for the time it takes, the answer is the one which I've been given for Java when I asked "what makes it so great?" ... "all the tools that have been created for it". So how well stocked is your C toolbox? Mine has plenty of tools. Maybe not as many as Java, but enough to make programming in C relatively fast, and reasonably safe.

  18. Re:Target them (SCO) on SCO Targets UK Firms · · Score: 1

    Why offend dogs like that?

  19. Re:A way around it all. on Labels Trying New CD Copy Prevention Systems · · Score: 5, Insightful

    Taking away your fair-use copying rights is where the money is. Despite all the piracy, and hype being made about it, those who regularly download music are still a minority. What the hype is doing is shielding them enough to let them use petty DRM like this. Assuming 25% of the market for any given music are pirates (a high figure) and 75% are not, by forcing that 75% to have to buy a 2nd copy at full price for on the road, the corporations will be 50% ahead.

    The music industry doesn't really care about the piracy as long as it stays small enough, which their various legal threats and other campaigns can ensure. What they will be doing is using the existance of such piracy to justify their own form of ripping the average consumer to get profit levels hat exceed what they could get with zero piracy and total fair-use. It's not really much different than terrorism being used as an excuse to take away lots of freedoms that wouldn't really impact terrorism.

  20. They will get rich, anyway on Labels Trying New CD Copy Prevention Systems · · Score: 1

    They will get rich, anyway, with this. All they have to do is sell it for millions in licensing to various corporations that are not run by geeks. As long as it is secure enough to defeat the CEO's own teen kid, he'll be suckered into the technology. Then when it gets worked around via analog recording, they'll just say "analog hole ... that's your problem". But the guys who created this will have a few million by then, and be working on something else now.

    The quickest, fastest, way for a small time developer to get rich in the technology age is to come up with something that wows the big corporate executives. Then sell the technology or even the whole company to them. Valuation of businesses is based on expected future revenues and growth.

  21. Re:I enjoy working with Indians and others on Debugging Indian Computer Programmers · · Score: 1

    That paradigm shift can only happen if there is something else to go to.

    But hey ... sHiFt HaPpEnS!

  22. Re:I enjoy working with Indians and others on Debugging Indian Computer Programmers · · Score: 1

    Nearly all the Indians I have met here in the USA have been very smart people. It would give you the idea that all Indians are super geniuses. The truth is that only the top elite want to come here and can make it here. India is a huge country ... full of the poor, the weak, and to put it mildly, many who are total idiots. Just assuming that the same percentage of Indians are good at engineering and programming as in America or Europe, what you have a huge (relative to how many are here) untapped reserve of people who (because India is nowhere near the level of America and Europe in business development ... yet) represent what is still the cream of the top of the crop. India alone has more people than the USA and Europe combined. China has even more. What they don't have is business to hire them and keep them occupied. Well, to a degree that is happening now.

    One problem with this is that by making this transition so rapidly in just certain fields, American and European businesses are effectively destroying the resource base, and even the intellectual property, just to scramble for global expansion. In about 30 years, India and China will basically be the global leaders of all the technology.

  23. Re:pick one: H1b or chinese outsourcing on Debugging Indian Computer Programmers · · Score: 4, Insightful

    There would be more Americans taking up jobs in engineering and programming if there were good paying job prospects. Part of the problem is that these fields have become so widespread that employers no longer can know the people they are hiring, and instead are hiring bodies. When your job becomes just a number on a CFO's spreadsheet, then you get no respect. And only those willing to do the work for the least get the job.

    So yes, there are fewer and fewer Americans and Europeans going into these fields. College enrollment in these majors for some big schools is down 30% in the last 2 or 3 years. The impact of this is that the unemployment percentage in these fields, which runs about 2 to 3 times that of the population as a whole, is not rising as fast as the rate the jobs continue to vanish.

    It's the American employers that no longer want to hire the people that make the technology. If they did, then the unemployment would vanish, and those of us doing the work would be screaming for more H-1B's so we can get a few weekends off. Instead, employers are more interested in hiring sales people. Only sales people climb to the top in most corporations, so that means there is essentially no understanding, and no respect, at the top corporate levels, for the creation of technology. All they know about is how to make sales pitches, close deals, and cook the books to hide the profits. That, and hire the cheapest and the fewest people in all the grunt roles they can.

    The people in, and from, India and China and other places are just trying to do better for themselves. You can't blame them for that. The real problem is not them. No, the real problem is the top executives, venture capitalists, intitutional investors, and stock brokers, who are pushing business to the brink of destruction.

  24. Re:My business also targets competitor keywords on GEICO vs Google Ads: Google Wins · · Score: 1

    As long as your use of "Xerox" is in fact a reference to the true Xerox®, then I'd say that reference is in fact truthful, and therefore (at least under US law) is not infringing. What else you might also say around that time or that space, is free speech. So if I were to say "Microsoft® sucks" or something like that, there would be a truthful reference to Microsoft® along with a truthful expression of my opinion. Of course, Bill would be royally pissed that these truths might get so close to each other.

  25. Projects take time ... sometimes on Battle of the Ages; Stereotypes Collide · · Score: 1

    From the article:

    • CIOs don't have the luxury of time. Hiring external consultants to introduce new technology may be the only way to implement a project within businesses' time constraints. Remember, IT staffers: That is why IT exists.

    Based on my experience in several companies, projects get dragged out for months, mired in meetings to decide what to do. Too many of those meetings leave technical people out, and so the management ends up making highly mis-informed decisions. They might take 10 months to make a decision, then demand the doomed project be completed within two weeks.

    But this reminds me of a project in one of my earlier employers (involving what we today call legacy systems). A committee of 6 top executives spent about 6 months trying to decide whether or not it was worth the effort to try to integrate accounting data between two unlike mainframe systems. Eventually, they decided it was worth doing. The project was assigned down to my manager, who then assigned it to me. It was a top priority project, meaning everything else I was doing would be handed off to other people, and I would be taken off the rotating on-call cycle for the 3 months they expected the project to take. When my manager told me what it is they wanted done, it was hard to keep myself from laughing. It got the assignment during the 10 AM meeting once a week. I started working on it right after lunch the same day. 45 lines of assembly language code patching, and it was done in under 3 hours. ALL DONE! I came in at 5 AM the next morning to take the system offline and actually test it. It worked perfectly. All accounting data was transferred with all batch jobs and came out on the reports exactly as intended. So I just took it easy for the next couple days, then finally went to my manager and told him it was all done. His response to me: "you should have held onto it for at least another couple weeks or so". We both had a 10 minute laugh fest, thinking about the executive committee and their meetings.