there's one thing that's "good" about it - usually all that crap would be stored in a cookie and passed back and forth, back and forth each request. At least now the cookie can be a tiny token to pass to the server and all the session-cached data can be stored locally. At least that's what I hope will happen.
There is a need for local storage, even if its caching data. If you want security, there needs to be built-in support for encrypting the storage and keeping the key in the browser tied to a section of the url of the site you're working with. If that could happen transparently, then we'd have better security than what's we'd get otherwise (you can't use a login as many sites don't have one, and you need to keep each site secure from each other, so you can't even store the key in a cookie in case it gets hijacked as it passes over the network)
Anyway, at least people are thinking security of this stuff from the start, rather than wait for it to be exploited first.
I wonder then, if a bill requiring all public employee's surfing habits while at work be published regularly, that the whole idea of monitoring web surfing habits will quietly be dropped?
according to this guy's results, it should now be 4th behind C, C++ and node.js
but I guess it depends on the work you're doing. I'd say C# and Java are exactly comparable in terms of performance and memory bloat as they're roughly the same thing.
Re:PHP 6.0 without the stupid?
on
PHP 5.5.0 Released
·
· Score: 4, Funny
so do I.. but then, I'm old and I have to do that for everything. Maybe its not the language after all.. just saying:-)
wtf? winforms was easy and simple, and worked. ITs stupid-ass WPF that is a performance dog, required a service just to render fonts FFS, and has such a sucky xml-based declaration that its driven everyone to HTML.
vb.net is actually better than C#, falls into the "strange but true" category - my mate's just got a new job and he has to use vb.net, at first he was a bit miffed, but when he realied coding become little more than typing the first 2 letters then pressing . a few times (the IDE does most of the work for you) he;s hooked. It has a few nice features than C# doesn't have too. So as its the same thing basically as C#, if you can get round the syntax (people complain about it being bloated, but then happily use some of the C# methods like IPropertyChangeNotification that they then create delegates from.....) then you'll find its not so bad at all.
Its the history of VB6 devs that have tarnished it IMHO. Trouble is, all those VB6 devs are now writing C#...
yeah, RAM is expensive - especially when your server will only stack a fixed number of sticks in there, and its being shared with several other teams. (and before you say "buy another server", you have to consider the up-front cost of it, plus the maintenance contract with the supplier plus the electricity to power it and the aircon - and electricity certainly isn't cheap nowadays, especially when you go down that road, because next thing you know, each team will want their own, and then some will want 2 or 3 just to run your crap bloated piece of software-suckness)
Whereas developers are really cheap - you can get whole teams of them in India for next to nothing.
the main thing is that making efficient software costs a lot less than you want to make out - given the costs of developing the features in the first place, plus maintenance, the added overhead of a good design and implementation is insignificant (and possibly will save you money in hardware and maintenance and support). People think that writing software quickly is a good thing, its not - spending time to figure out what you need and writing it right is the way to do it. The implementation in code should be a relatively small part overall.
yes, because those "developers" (eg the one earlier in this story who claimed that everything in.NET was derived from Object) are thew ones who will code for little pay, thus kicking your out of your job. After all, why pay for one quality guy when you can get ten programmers for the same price - a programmer is a programmer, right, and if there's issues with quality, you obviously just don't have enough managers, QA analysts and project management team leads to manage the process...
One of the reasons C# was faster than Java was its use of primitive types. These are obviously not Object-based.
obviously this gives rise to other problems - such as boxing.
What I find surprising is that these languages have people using them that have simply bought into the hype written by some marketing guy rather than look at what they are really using.
Look at Chris Brumme's excellent blog posts about what they did to make the CLR work the way it does. Questions like "why did we host the CLR in SQL Server and IIS like that", "why did we allow AppDomains to be such a security risk", "why are exceptions so slow" and a million other nuggets of insight into why writing a system like.NET was so difficult (hint: its mostly about interacting with the rest of MS ecosystem).
Its awesome what he did, and fortunately he's a techie type who gives it to us straight.
there was an example of the broken financial system on the news last night.
Basically Guinea (IIRC) has some mountains that are 60% pure iron, so the (allegedly corrupt) dictator of Guinea gave the mining rights to an (allegedly dodgy) mining company.
Said company then didn't bother to mine the iron, instead it used the backing of having a huge iron asset to make trades on the markets and made a load of cash that way. Meanwhile the people of Guinea are dirt poor with no hope of even getting jobs digging said iron out of the ground for 10p a day, let alone seeing the extraction of the iron benefit the country's economy.
This is one way of seeing why a financial market that does nothing but deal within itself is a bad thing. If we changed focus so stock markets were tied to something in the real world (eg Microsoft profits, or Apple growth) no matter how tenuous, that you held for some time because of that real-world item's worth wrt the stock then we'd see stock markets become more investment based and less trade based.
We might as well base the stock market on TV shows - you could trade on the love life of some TV character without any difference with how financial companies trade today.
amen to that. Its not just ecological issues that benefit from efficiency - there's a reason why modern applications run about the same perceived speed as their ancient counterparts did on ancient hardware - generally its because the programming involved is now built on layers of layers of abstracted frameworks.
For example, I run a few graphics-intensive games and they work fine, then I run a couple of not-so graphically intensive games that were written using XNA and the cooling fans come on full blast. I don't think its a coincidence that the 'easy to use' abstraction of XNA leads to overall inefficient use of my gfx card (and the power required to run it) where the better libraries that require better developer skills don't.
If MS is targeting efficiency, then we should see an improvement in speed as well as saving the planet from all those millions of PCs running these things.
na, if you suck at your job but have the right kind of personality, then its easy to succeed
That said, if the boss is failing at running the dept, because he "just parrots what his subordinates tell him", then that suggests the subordinates need to go - if they were competent, they'd be giving him good advice after all.
It can also be exploited by supplying data to APIs in the specified Component without using untrusted Java Web Start applications or untrusted Java applets, such as through a web service.
explicitly says it can be exploited by passing data to a Java webservice. No untrusted applets involved.
You need to read what it really says, not what you want it to say.
good for you, tabs were invented for one reason - and that is indentation. So it bothers me that the recommendation is to use spaces - which are a PiTA. If Python only used tabs for indents, I'd be ok with it, though I still think braces to enclose code blocks is a sensible idea.
to be fair to Microsoft, they never even suggested that programming in.NET would be anything other than quite expensive for the tooling.
Unless you count the Express versions.... in which case, yeah... they're just as bad as Oracle. But at least you still have Java, unlike Silverlight and XNA and VB6:-)
The security exploits are in the Java plugin. I don't care much about those because I disabled the plugin in my browsers years ago. Don't folks understand that 99.99% of Java users are unaffected by the plugin exploits???
Don't folks realise all the security flaws are in the JRE
Scroll down, look at all the JRE flaws. Then look at how many of them are listed with "Access Vector" of Network.
Don't try to claim java is secure because you disabled the plugin. Being a fanboi in these cases is stupid. There are security flaws in everything, but suggesting Java is immune to them is moronic.
the whole of the problem is with the server end anyway - what's the difference between allowing someone access for an hour, and allowing them access for a day? Or a minute?
The server side either has security controls on it, in which case it doesn't really matter how long someone's connected; or it doesn't have adequate security in which case a 1 minute connection is sufficient to blast a heap of viruses at the server.
Seems to me the poster is just a whiny fool who is inept himself.
LINQ2SQL -> EF: fuck you. (That was EF 3.5, the version that sucked. EF4 sucked less. EF5... they say its fine, but they said that about the last 2 versions too)
Any native DB technology (yes, that include Jet, ADO, DAO, RDO, OLEDB, etc) -> ODBC. Yes, they finally realised all those crappy DB access technologies they came up with every other year were all crap. And so they standardise on 1: ODBC. You'd think they'd learn that old tech that's still around is usually good tech. Take the hint with all your other software technologies MS.
Outlook 2013 todo pane: this used to tell you tomorrow's meetings, but no longer.. awesome failure of basic usability. Not to mention the choice of colours: white, bright white, or eyeburning white.
Hotmail.com, replaced with outlook.com and such a complex page it takes minutes to load, then happily ignores clicks until its refreshed itself a few times.
general quality issues are another thing - often driven by cost cutting measures than anything else, but there are auto manufacturers that make a reliable model - when a friends car broke down, she asked the breakdown car what she should get, and he said "I can't recommend any make, but I can say I don't carry any Honda spares"
I suppose we should use an engineering analogy instead of cars - a bridge is a complex piece of engineering, that has to work. If only we had software that performs like bridges. Or maybe aircraft,complex as hell and works reliably more often than the media would like to portray (as there's no news in "airplane flies without problem for 10 years").
Still, even if we don;t go to the extreme of making stuff as reliable as a bridge or a building, we should be working towards reducing the truly excessive and mostly pointless churn in technology.
amen.... but your problem isn't Agile, its the methology you call agile you're using.
I used to do agile year and years ago - we had 6 week iterations, no standups, and it worked beautifully. Tell that to an agile proponent today and they'll tell you it isn't agile.
I've had a project where we spent roughly half of a 2 week period on admin and setup tasks,so we asked for the sprint to change to 3 weeks so we could get some work done - and were told no, that's not agile.
The problem isn't with agile, its with the stupid-minded not getting what its really about and trying to maintain their control over what you do.
I really beg to differ there - you see the design that goes into a car and you'd understand that software is pathetically simplistic in comparison. There's a reason a new car takes years from inception to delivery, and why my car doesn't have a USB media, or Android or iPhone interaction - when it was designed, these components were too new for inclusion in car specs. Your argument that software is always new, while it has some merit in that our industry does too much re-engineering of stuff that should be stable, doesn't compare to car designs that have to utilize new stuff too.
Still, it doesn't take away from the fact that cars are designed well, and software is hacked together on a sloppy basis. No matter what unit tests or "best practices" or methodology you use, the comparison is still that software is cobbled together.
Now software used to be well designed, (and I don't mean where that means a huge requirements specification that can never be fulfilled), but designed as software. When I started out we were taught to write software by first laying out on paper how it would work and how it would interact with all of its components. Nobody does that today, and its probably why the software of yesteryear are still running your banks systems compared to how Microsoft cannot produce software that requires service pack after service pack, or a framework that they won't scrap and replace with something else after 2 years!
If we want our industry to be mature and well-respected, and for our software to keep running for decades, then we have to move away from the continual reinvention of the same old shit. We have to put up with moving goalposts all the time - thanks to the suppliers like Microsoft that keep on changing the OS or OS components so they can sell us new versions. We don;t help ourselves by chasing new languages and frameworks all the time too though. If we could fix this, we could start writing software that did whatever it was designed to, and didn't need replacing.
My experience with tablet computing is, you generally get only a "lite" version of a given application, compared to what's done on a full-fledged PC or Mac. If nothing else, it's sorely lacking in local storage capabilities compared to a computer
the browser on my phone is as fully functional as on my PC, apart form a small screen of course, but its the same functionality. So if you were to run web apps (and a lot of people do, and lots are turning to this platform as a cross-device system to replace their legacy apps) then a tablet would be equal to your PC.
Storage - well, admittedly I cannot store as much on my phone, I only have a 32gig SD card in it, compared to the 750gb HDD. But the phone has full wireless access to the cloud, and there is as much data storage available there and the supplier can persuade you to pay for.
and that's the rub - no-one cares what I have on my PC, but they all want a piece of the mobile pie. There's money to be had from me to keep my phone running well in today's data-connected world, and they will spend all their attention trying to keep me focussed on it. You wonder why windows 8 was so mobile-oriented? Think no more.
Slashdot Mirror
there's one thing that's "good" about it - usually all that crap would be stored in a cookie and passed back and forth, back and forth each request. At least now the cookie can be a tiny token to pass to the server and all the session-cached data can be stored locally. At least that's what I hope will happen.
There is a need for local storage, even if its caching data. If you want security, there needs to be built-in support for encrypting the storage and keeping the key in the browser tied to a section of the url of the site you're working with. If that could happen transparently, then we'd have better security than what's we'd get otherwise (you can't use a login as many sites don't have one, and you need to keep each site secure from each other, so you can't even store the key in a cookie in case it gets hijacked as it passes over the network)
Anyway, at least people are thinking security of this stuff from the start, rather than wait for it to be exploited first.
I wonder then, if a bill requiring all public employee's surfing habits while at work be published regularly, that the whole idea of monitoring web surfing habits will quietly be dropped?
... paints a rainbow on a Dash-8 ...
thank goodness you didn't suggest surfing goatse instead!
according to this guy's results, it should now be 4th behind C, C++ and node.js
but I guess it depends on the work you're doing. I'd say C# and Java are exactly comparable in terms of performance and memory bloat as they're roughly the same thing.
so do I.. but then, I'm old and I have to do that for everything. Maybe its not the language after all.. just saying :-)
wtf? winforms was easy and simple, and worked. ITs stupid-ass WPF that is a performance dog, required a service just to render fonts FFS, and has such a sucky xml-based declaration that its driven everyone to HTML.
vb.net is actually better than C#, falls into the "strange but true" category - my mate's just got a new job and he has to use vb.net, at first he was a bit miffed, but when he realied coding become little more than typing the first 2 letters then pressing . a few times (the IDE does most of the work for you) he;s hooked. It has a few nice features than C# doesn't have too. So as its the same thing basically as C#, if you can get round the syntax (people complain about it being bloated, but then happily use some of the C# methods like IPropertyChangeNotification that they then create delegates from.....) then you'll find its not so bad at all.
Its the history of VB6 devs that have tarnished it IMHO. Trouble is, all those VB6 devs are now writing C# ...
yeah, RAM is expensive - especially when your server will only stack a fixed number of sticks in there, and its being shared with several other teams. (and before you say "buy another server", you have to consider the up-front cost of it, plus the maintenance contract with the supplier plus the electricity to power it and the aircon - and electricity certainly isn't cheap nowadays, especially when you go down that road, because next thing you know, each team will want their own, and then some will want 2 or 3 just to run your crap bloated piece of software-suckness)
Whereas developers are really cheap - you can get whole teams of them in India for next to nothing.
the main thing is that making efficient software costs a lot less than you want to make out - given the costs of developing the features in the first place, plus maintenance, the added overhead of a good design and implementation is insignificant (and possibly will save you money in hardware and maintenance and support). People think that writing software quickly is a good thing, its not - spending time to figure out what you need and writing it right is the way to do it. The implementation in code should be a relatively small part overall.
yes, because those "developers" (eg the one earlier in this story who claimed that everything in .NET was derived from Object) are thew ones who will code for little pay, thus kicking your out of your job. After all, why pay for one quality guy when you can get ten programmers for the same price - a programmer is a programmer, right, and if there's issues with quality, you obviously just don't have enough managers, QA analysts and project management team leads to manage the process...
One of the reasons C# was faster than Java was its use of primitive types. These are obviously not Object-based.
obviously this gives rise to other problems - such as boxing.
What I find surprising is that these languages have people using them that have simply bought into the hype written by some marketing guy rather than look at what they are really using.
true, but MS had made plenty of mistakes with C#.
Look at Chris Brumme's excellent blog posts about what they did to make the CLR work the way it does. Questions like "why did we host the CLR in SQL Server and IIS like that", "why did we allow AppDomains to be such a security risk", "why are exceptions so slow" and a million other nuggets of insight into why writing a system like .NET was so difficult (hint: its mostly about interacting with the rest of MS ecosystem).
Its awesome what he did, and fortunately he's a techie type who gives it to us straight.
there was an example of the broken financial system on the news last night.
Basically Guinea (IIRC) has some mountains that are 60% pure iron, so the (allegedly corrupt) dictator of Guinea gave the mining rights to an (allegedly dodgy) mining company.
Said company then didn't bother to mine the iron, instead it used the backing of having a huge iron asset to make trades on the markets and made a load of cash that way. Meanwhile the people of Guinea are dirt poor with no hope of even getting jobs digging said iron out of the ground for 10p a day, let alone seeing the extraction of the iron benefit the country's economy.
This is one way of seeing why a financial market that does nothing but deal within itself is a bad thing. If we changed focus so stock markets were tied to something in the real world (eg Microsoft profits, or Apple growth) no matter how tenuous, that you held for some time because of that real-world item's worth wrt the stock then we'd see stock markets become more investment based and less trade based.
We might as well base the stock market on TV shows - you could trade on the love life of some TV character without any difference with how financial companies trade today.
its making waves because the PS4 totally raped the XBone yesterday at E4 :-)
amen to that. Its not just ecological issues that benefit from efficiency - there's a reason why modern applications run about the same perceived speed as their ancient counterparts did on ancient hardware - generally its because the programming involved is now built on layers of layers of abstracted frameworks.
For example, I run a few graphics-intensive games and they work fine, then I run a couple of not-so graphically intensive games that were written using XNA and the cooling fans come on full blast. I don't think its a coincidence that the 'easy to use' abstraction of XNA leads to overall inefficient use of my gfx card (and the power required to run it) where the better libraries that require better developer skills don't.
If MS is targeting efficiency, then we should see an improvement in speed as well as saving the planet from all those millions of PCs running these things.
na, if you suck at your job but have the right kind of personality, then its easy to succeed
That said, if the boss is failing at running the dept, because he "just parrots what his subordinates tell him", then that suggests the subordinates need to go - if they were competent, they'd be giving him good advice after all.
so the bit that says:
It can also be exploited by supplying data to APIs in the specified Component without using untrusted Java Web Start applications or untrusted Java applets, such as through a web service.
explicitly says it can be exploited by passing data to a Java webservice. No untrusted applets involved.
You need to read what it really says, not what you want it to say.
good for you, tabs were invented for one reason - and that is indentation. So it bothers me that the recommendation is to use spaces - which are a PiTA. If Python only used tabs for indents, I'd be ok with it, though I still think braces to enclose code blocks is a sensible idea.
to be fair to Microsoft, they never even suggested that programming in .NET would be anything other than quite expensive for the tooling.
Unless you count the Express versions.... in which case, yeah... they're just as bad as Oracle. But at least you still have Java, unlike Silverlight and XNA and VB6 :-)
Head, say hello to sand.
The security exploits are in the Java plugin. I don't care much about those because I disabled the plugin in my browsers years ago. Don't folks understand that 99.99% of Java users are unaffected by the plugin exploits???
Don't folks realise all the security flaws are in the JRE
Scroll down, look at all the JRE flaws. Then look at how many of them are listed with "Access Vector" of Network.
Don't try to claim java is secure because you disabled the plugin. Being a fanboi in these cases is stupid. There are security flaws in everything, but suggesting Java is immune to them is moronic.
the whole of the problem is with the server end anyway - what's the difference between allowing someone access for an hour, and allowing them access for a day? Or a minute?
The server side either has security controls on it, in which case it doesn't really matter how long someone's connected; or it doesn't have adequate security in which case a 1 minute connection is sufficient to blast a heap of viruses at the server.
Seems to me the poster is just a whiny fool who is inept himself.
actually, you've reminded me of others:
LINQ2SQL -> EF: fuck you.
(That was EF 3.5, the version that sucked. EF4 sucked less. EF5... they say its fine, but they said that about the last 2 versions too)
Any native DB technology (yes, that include Jet, ADO, DAO, RDO, OLEDB, etc) -> ODBC. Yes, they finally realised all those crappy DB access technologies they came up with every other year were all crap. And so they standardise on 1: ODBC. You'd think they'd learn that old tech that's still around is usually good tech. Take the hint with all your other software technologies MS.
Outlook 2013 todo pane: this used to tell you tomorrow's meetings, but no longer.. awesome failure of basic usability. Not to mention the choice of colours: white, bright white, or eyeburning white.
Hotmail.com, replaced with outlook.com and such a complex page it takes minutes to load, then happily ignores clicks until its refreshed itself a few times.
general quality issues are another thing - often driven by cost cutting measures than anything else, but there are auto manufacturers that make a reliable model - when a friends car broke down, she asked the breakdown car what she should get, and he said "I can't recommend any make, but I can say I don't carry any Honda spares"
I suppose we should use an engineering analogy instead of cars - a bridge is a complex piece of engineering, that has to work. If only we had software that performs like bridges. Or maybe aircraft,complex as hell and works reliably more often than the media would like to portray (as there's no news in "airplane flies without problem for 10 years").
Still, even if we don;t go to the extreme of making
stuff as reliable as a bridge or a building, we should be working towards reducing the truly excessive and mostly pointless churn in technology.
amen.... but your problem isn't Agile, its the methology you call agile you're using.
I used to do agile year and years ago - we had 6 week iterations, no standups, and it worked beautifully. Tell that to an agile proponent today and they'll tell you it isn't agile.
I've had a project where we spent roughly half of a 2 week period on admin and setup tasks,so we asked for the sprint to change to 3 weeks so we could get some work done - and were told no, that's not agile.
The problem isn't with agile, its with the stupid-minded not getting what its really about and trying to maintain their control over what you do.
I really beg to differ there - you see the design that goes into a car and you'd understand that software is pathetically simplistic in comparison. There's a reason a new car takes years from inception to delivery, and why my car doesn't have a USB media, or Android or iPhone interaction - when it was designed, these components were too new for inclusion in car specs. Your argument that software is always new, while it has some merit in that our industry does too much re-engineering of stuff that should be stable, doesn't compare to car designs that have to utilize new stuff too.
Still, it doesn't take away from the fact that cars are designed well, and software is hacked together on a sloppy basis. No matter what unit tests or "best practices" or methodology you use, the comparison is still that software is cobbled together.
Now software used to be well designed, (and I don't mean where that means a huge requirements specification that can never be fulfilled), but designed as software. When I started out we were taught to write software by first laying out on paper how it would work and how it would interact with all of its components. Nobody does that today, and its probably why the software of yesteryear are still running your banks systems compared to how Microsoft cannot produce software that requires service pack after service pack, or a framework that they won't scrap and replace with something else after 2 years!
If we want our industry to be mature and well-respected, and for our software to keep running for decades, then we have to move away from the continual reinvention of the same old shit. We have to put up with moving goalposts all the time - thanks to the suppliers like Microsoft that keep on changing the OS or OS components so they can sell us new versions. We don;t help ourselves by chasing new languages and frameworks all the time too though. If we could fix this, we could start writing software that did whatever it was designed to, and didn't need replacing.
My experience with tablet computing is, you generally get only a "lite" version of a given application, compared to what's done on a full-fledged PC or Mac. If nothing else, it's sorely lacking in local storage capabilities compared to a computer
the browser on my phone is as fully functional as on my PC, apart form a small screen of course, but its the same functionality. So if you were to run web apps (and a lot of people do, and lots are turning to this platform as a cross-device system to replace their legacy apps) then a tablet would be equal to your PC.
Storage - well, admittedly I cannot store as much on my phone, I only have a 32gig SD card in it, compared to the 750gb HDD. But the phone has full wireless access to the cloud, and there is as much data storage available there and the supplier can persuade you to pay for.
and that's the rub - no-one cares what I have on my PC, but they all want a piece of the mobile pie. There's money to be had from me to keep my phone running well in today's data-connected world, and they will spend all their attention trying to keep me focussed on it. You wonder why windows 8 was so mobile-oriented? Think no more.
but you're comparing unity with CryEngine... when you should be comparing it with Irrlicht or Ogre or similar.