So like, safe guess is that you have no idea what is CSRF, how cryptographic hash algorithms differ or what it is certificate validation. Hint: they have zero to do with where variables are store, how they are accessed, language you use nor anything else similar.
I'm not Khyber, but I'll answer anyway: Yes, I know what those things are. And though they are important to security, they are not the mechanism by which most security vulnerabilities occur. Ever heard of a buffer overrun? Neither have most Java programmers. All the certificates in the world aren't going to make a damn bit of difference if an attacker can inject code into a running process by taking advantage of a rookie mistake.
One could argue the exact opposite: by spending more time on teaching students exactly how variables are stored in memory, you would have less time to teach students about all of the other security issues involved in writing software.
And yet, as the rate of Java-trained college grads has gone up, security vulnerabilities have skyrocketed. Correlation is not causation, but the graph doesn't do a lot to support your argument, either.
This is a web site, made by web developers. Criticizing web developers is childish and pointless.
Speaking of pointless, your statement is orthogonal to the discussion. The fact that this is a website has nothing whatsoever to do with the claim that web developers, are, on the whole, lousy programmers.
You are afraid of people having opinions and information which conflicts with your narrative.
Bullshit. I want people to be informed, with actual facts. I don't care whether the facts agree with my "narrative". This post-fact bullshit will be the end of us all.
The problem with suppressing conspiracy theories, and promoting "authoritative" sources, is that it makes real conspiracies even easier for the authorities to cover up.
Taken as a whole, there are far more conspiracy theories than there are actual conspiracies. Probably by many orders of magnitude. I'd say the side they erred on is probably correct.
I tried starting with Basic, but it made little sense to me. I then tried C, but I couldn't quite grasp it, but I did like the syntax. Then I tried ASM, and it was perfect. Around the age of 8, I gave C another shot, and it suddenly made sense because I understood ASM.
ASM will certainly give you much better insight into what's happening under the hood, so I mostly agree with this.
No. It's the fault of the universities that say "This is a great teaching language! We don't have to waste our time on the fundamentals at all! We can just dive right in and start creating classes without understanding niceties like where my variables are actually stored!"
Java is okay for what it is, but if you make it the foundational language for your students, those students will be shite programmers.
I'm a veteran of the software industry (3 decades, now) and regularly screen, interview, and hire software engineers -- mostly college grads, some with a few years of experience in the industry. I can tell you with absolute certainty that Java programmers -- those who primarily learned Java in college -- are easily the worst programmers I encounter while hiring. And to date, I haven't hired a single one of them, even though I've talked to and interviewed countless numbers of them.
Want to learn to program? Start with C. You can expand to whatever you want after that, but you have to master C first.
If stack overflow supported nested comments, these "security experts" could post corrections for the insecure code, kinda like how you can correct someone on slashdot. It's pretty stupid to not support nested comments in 2017 (and not the tiny font remarks SO currently uses that make them unsuitable for code).
I've actually studied this at length, and even read a few treatises on the subject. Short answer: nope. Nested comments pretty much suck.
Nested conversations (like those here on slashdot) don't actually make conversations better. They just splinter the conversation into a thousand shards, each of them relatively short, and rarely on topic. They also promote shitty quoting habits and make it difficult to pick up a conversation where you left off without re-reading the whole damn thing.
Flat, linear comments tend to stay on topic, force people to quote properly, and are ordered properly with respect to time.
You are pedantically correct in that its not a 'principle of computing', its an issue of trust. You cant just hand-wave away the issue that none of us can say what an iphone actually does. All we can do is take Apple's word, and that is simply unacceptable and will be used to abuse the people over and over for the next few decades.
You don't get to inspect all the software you will encounter. You never have, and you never will. It's a stupid dream invented by wildly naive and impractical people who don't seem to understand the size of the wave that's carrying software forward.
Even if you could inspect all that software for yourself, there's so much of it that you could spend your entire life looking at shitty code and never actually doing anything. Better start getting used to that fact, instead of tilting at windmills and bitching about it on slashdot.
Dont fucking tell me to trust something if i cant see the source code. Its a principle of computing
It's not a "principle of computing", if that's even a thing. It's a naive and idealistic viewpoint largely promulgated by weirdos who eat toejam. It is neither universally shared among all practitioners of software engineering, nor even all members of slashdot. Sure, there are lots of those types on slashdot, but don't think for a minute that you speak for everyone.
No amount of band-wagon nonsense is going to change these fundamental facts
No amount of armchair prognostication is going to change the fact that there are lots of people out here in sunny California driving around in electric cars. Somehow, all of these people make it work, despite your dire predictions that it will never work. In fact, it already does.
Why should I listen to anything you have to say, when I can see with my own eyes that you are dead wrong?
Two car families can always fall back on their ICE car in the short term. In the long term, the problems you cite will likely be resolved by improved battery and charging technology.
Pfffft. This is slashdot, whose denizens are far too absorbed in being snarky to ever even contemplate having a "family".
By replacing the tactile feedback with haptic feedback using the vibration motor, Apple was able to eliminate all the moving parts from the home button
You've just contradicted yourself in one sentence. A vibration motor (or whatever they use for haptics) is by definition a moving part.
Slashdot Mirror
That's chump change. I have two diamond stacks in each of the 25+ ender chests I have scattered around my world.
Four-digit account that has been dormant for eight years suddenly comes back to life to troll for Trump? How's the weather in Moscow, comrade?
The email address tells the whole story.
I maintain that if you know how to make booze, you can get anything else you need.
So like, safe guess is that you have no idea what is CSRF, how cryptographic hash algorithms differ or what it is certificate validation. Hint: they have zero to do with where variables are store, how they are accessed, language you use nor anything else similar.
I'm not Khyber, but I'll answer anyway: Yes, I know what those things are. And though they are important to security, they are not the mechanism by which most security vulnerabilities occur. Ever heard of a buffer overrun? Neither have most Java programmers. All the certificates in the world aren't going to make a damn bit of difference if an attacker can inject code into a running process by taking advantage of a rookie mistake.
One could argue the exact opposite: by spending more time on teaching students exactly how variables are stored in memory, you would have less time to teach students about all of the other security issues involved in writing software.
And yet, as the rate of Java-trained college grads has gone up, security vulnerabilities have skyrocketed. Correlation is not causation, but the graph doesn't do a lot to support your argument, either.
This is a web site, made by web developers. Criticizing web developers is childish and pointless.
Take two: The quality of slashdot does far more to reinforce my point than it does yours.
This is a web site, made by web developers. Criticizing web developers is childish and pointless.
Speaking of pointless, your statement is orthogonal to the discussion. The fact that this is a website has nothing whatsoever to do with the claim that web developers, are, on the whole, lousy programmers.
Unfortunately - what most people think is "reality" or "fact" is actually opinion.
One from Trump election days - "Trump campaign manager assaults female reporter".
This was reported as fact for weeks. It was definitely not a fact. Etc.
I didn't vote for Trump and think he's terrible.
No, that was actually a fact. He was even charged. It didn't go anywhere, but there was ample evidence to show the incident actually happened.
No, you want to dictate what is fact, and suppress anything that is inconvenient or in conflict with your pre-determined narrative.
Citation required, asshole.
You are afraid of people having opinions and information which conflicts with your narrative.
Bullshit. I want people to be informed, with actual facts. I don't care whether the facts agree with my "narrative". This post-fact bullshit will be the end of us all.
The problem with suppressing conspiracy theories, and promoting "authoritative" sources, is that it makes real conspiracies even easier for the authorities to cover up.
Taken as a whole, there are far more conspiracy theories than there are actual conspiracies. Probably by many orders of magnitude. I'd say the side they erred on is probably correct.
I tried starting with Basic, but it made little sense to me. I then tried C, but I couldn't quite grasp it, but I did like the syntax. Then I tried ASM, and it was perfect. Around the age of 8, I gave C another shot, and it suddenly made sense because I understood ASM.
ASM will certainly give you much better insight into what's happening under the hood, so I mostly agree with this.
If people simply hired web developers, most web hacking shit would be gone over fucking night.
No. Just no. The only thing worse than Java programmers are web developers.
Not really the fault of the language....
No. It's the fault of the universities that say "This is a great teaching language! We don't have to waste our time on the fundamentals at all! We can just dive right in and start creating classes without understanding niceties like where my variables are actually stored!"
Java is okay for what it is, but if you make it the foundational language for your students, those students will be shite programmers.
I'm a veteran of the software industry (3 decades, now) and regularly screen, interview, and hire software engineers -- mostly college grads, some with a few years of experience in the industry. I can tell you with absolute certainty that Java programmers -- those who primarily learned Java in college -- are easily the worst programmers I encounter while hiring. And to date, I haven't hired a single one of them, even though I've talked to and interviewed countless numbers of them.
Want to learn to program? Start with C. You can expand to whatever you want after that, but you have to master C first.
If stack overflow supported nested comments, these "security experts" could post corrections for the insecure code, kinda like how you can correct someone on slashdot. It's pretty stupid to not support nested comments in 2017 (and not the tiny font remarks SO currently uses that make them unsuitable for code).
I've actually studied this at length, and even read a few treatises on the subject. Short answer: nope. Nested comments pretty much suck.
Nested conversations (like those here on slashdot) don't actually make conversations better. They just splinter the conversation into a thousand shards, each of them relatively short, and rarely on topic. They also promote shitty quoting habits and make it difficult to pick up a conversation where you left off without re-reading the whole damn thing.
Flat, linear comments tend to stay on topic, force people to quote properly, and are ordered properly with respect to time.
You are pedantically correct in that its not a 'principle of computing', its an issue of trust. You cant just hand-wave away the issue that none of us can say what an iphone actually does. All we can do is take Apple's word, and that is simply unacceptable and will be used to abuse the people over and over for the next few decades.
You don't get to inspect all the software you will encounter. You never have, and you never will. It's a stupid dream invented by wildly naive and impractical people who don't seem to understand the size of the wave that's carrying software forward.
Even if you could inspect all that software for yourself, there's so much of it that you could spend your entire life looking at shitty code and never actually doing anything. Better start getting used to that fact, instead of tilting at windmills and bitching about it on slashdot.
Get over it, already. Open source lost.
Dont fucking tell me to trust something if i cant see the source code. Its a principle of computing
It's not a "principle of computing", if that's even a thing. It's a naive and idealistic viewpoint largely promulgated by weirdos who eat toejam. It is neither universally shared among all practitioners of software engineering, nor even all members of slashdot. Sure, there are lots of those types on slashdot, but don't think for a minute that you speak for everyone.
No amount of band-wagon nonsense is going to change these fundamental facts
No amount of armchair prognostication is going to change the fact that there are lots of people out here in sunny California driving around in electric cars. Somehow, all of these people make it work, despite your dire predictions that it will never work. In fact, it already does.
Why should I listen to anything you have to say, when I can see with my own eyes that you are dead wrong?
You can lease an electric car for $200/month, with very small fuel charges.
Less, even. I'm paying $129/mo for a 3-year lease.
Two car families can always fall back on their ICE car in the short term. In the long term, the problems you cite will likely be resolved by improved battery and charging technology.
Pfffft. This is slashdot, whose denizens are far too absorbed in being snarky to ever even contemplate having a "family".
Then why bother to reply, if you understood the intent? Just to be obnoxious?
You must be new here.
I call bullshit. Especially since the iPhone X hasn't shipped yet.
By replacing the tactile feedback with haptic feedback using the vibration motor, Apple was able to eliminate all the moving parts from the home button
You've just contradicted yourself in one sentence. A vibration motor (or whatever they use for haptics) is by definition a moving part.