Frameworks are great. People who use them often suck.
I disagree. Good frameworks are great when used in the context they were built for. Most frameworks I've encountered in my programming career aren't good, they're just overgrown libraries that aren't as flexible as they could be. Then those people-who-suck that you mentioned use those inflexible frameworks where they're not appropriate, and the result is a combination of huge amounts of boilerplate that wasn't really necessary and a whole load of truly clunky code just to work around the limitations in the framework.
The cure is to perform test-driven development, so that you are not afraid to change existing code. I can't emphasize how liberating it is to be able to come in and uproot some inflexible crap (which was good enough for a long time, but is not anymore), put in an improved design, and then know that you didn't break anything. You can roll with the punches and not waste your time designing in unnecessary flexibility.
Unfortunately, you appear to make the same honest mistake as most TDD advocates I have encountered: you sincerely believe that having a good test suite automatically makes it safe to go in and change code. How do you know your tests really cover all the important behaviour? What if it's not practical to model all the possible scenarios your code has to cope with separately, for example because there are an effectively infinite number of them? A reasonably large software project may have 10k decision points. How many of those projects have test suites containing the millions of test cases that will typically be needed to test all execution paths independently? Even then, with around 10^3010 theoretical possibilities, how do you know you really got all the paths that are possible given the dependencies in the code?
Automated tests are, in general, a good thing. Refactoring to maintain a clean code base is, in general, a good thing. But automated unit tests are only one way you try to keep your code working properly, and having a test suite is no substitute for understanding how the code works before your change it. Small-scale refactoring — as typically advocated by TDD supporters, though I recognise that you didn't write this explicitly yourself — is no substitute for maintaining a coherent overall design: it may lead to local maxima in code quality, but after a while if there are significant changes in the system requirements due to new features, you might just be taking careful, small steps towards a dead end, when you should have back-tracked and gone around.
The trick is to know when to make small, incremental changes to the code, and when it's worth taking a step back and perhaps adopting a new approach or rewriting a larger section more generically. Both having automated tests and having a clean design in the existing code will help you to make such decisions and to implement them as safely as possible, but they do not guarantee it.
We all use goto, we just call it something else
on
Beautiful Code Interview
·
· Score: 3, Interesting
Which is presumably why languages like Pascal, Java, Python, Ruby, etc. all support goto.
But how many of the above languages support...
early function return?
exceptions?
break/continue/last/next escapes within loops?
goto is like assembly language: it's a flexible tool, but very primitive. Just as higher level languages are more expressive than assembly, meaning we rarely have reason to write raw assembly any more, so higher level languages have developed more expressive versions of goto, meaning we rarely have to write a raw goto any more.
I think someone needs to write a new article, called “Dogmatic structured programming considered harmful”. While block structure with the sequence, iteration and decision operations has proven a useful model for describing algorithms, other powerful abstractions for control and data flow exist. Functional programming tends to use recursion rather than iteration, for example, and many functional languages don't really model sequence in the classical sense either. Almost all modern, general purpose programming languages support the concept of exceptions, which are just a more systematic form of goto. In some programming languages, there is no explicit concept of control flow at all.
I don't see many people who understand these extended or alternative models complaining about how we should go back to doing everything with block-structured, procedural code. We just have to learn to use different models effectively, as functional programmers found before they realised the importance of tail recursion, as OO programmers found before they learned to control stack unwinding. This is called “progress”, and is what happens with experience... unless you adhere dogmatically to the way things are done at the moment, regardless of any objective merit an alternative may have.
If we built our cars like we build our software, they would look great, they would have controls even a five-year-old could use, and every 65,536 miles they'd teleport you back to where you started.
FWIW, while it was indeed a window/conservatory firm I was thinking of, I'm pretty sure it wasn't them. Ironically, though, the one thing I can't remember after their aggressive advertising campaign is who they were.:-)
If he were selling his software commercially, or people were being directed from the Slashdot front page to a page full of ads, then you might have a point, but that's not the case here. The guy has made an obviously useful tool, gives it away for free, and is warning about an obviously relevant threat. The most he's likely to get out of this is a few small donations or a few more page hits on his site, perhaps making enough to cover the server costs for hosting a popular Firefox extension for a while and a bit of beer money. I think your post is way over the top.
The problem with ads is that, apparently, the annoying ones are exactly the ones that work. People like you and me hate them, but we're never going to buy their **** anyway. Those irritating jingles that get played endlessly on TV ads irritate the **** out of us, but they attract the attention (and memory) of those gullible enough to buy the goods.
I'm not sure how much this is really backed up by evidence and how much is just "accepted wisdom" in the marketing community, though. There was a particular local firm advertising on the biggest local radio station in these parts a few years ago. They basically took traditional melodies from things like popular nursery rhymes, and rewrote the lyrics to mention their company name repeatedly and the product they were pitching. After a while, they even ran an ad that had the lyrics "We know the songs get on your nerves", which I remember all too well, perhaps making the point for them. That was, however, the last ad they ever ran on that radio station as far as I can tell. I'm not sure what happened to the company...
To bring this back to the current context, though, the theory seems entirely reasonable. Most of us will never support spammers or get caught by phishing, but those stupid enough to reply to bank password checks or ads for legal software downloads are probably also the ones stupid enough to click on the slightly odd-looking dialog warning about a virus attempting to install itself through your web browser. Sadly, given the tiny running costs, it only take a very small proportion of people to be idiots for the spammers/adware merchants to make an awful lot of money.
There's no one programmer who does the work of ten other programmers.
The thing is, that depends on your metric. If you're measuring useful work done, in terms of actual problems solved and perhaps with some sort of cost and/or speed factors built in, then it is entirely possible for one great programmer to do the work of many mediocre ones. This is for three reasons, and I think most people only really think of the first one.
Firstly, contrary to what you wrote about the size of a problem, I think it's clear that a good programmer will generally solve a problem of average difficulty faster than a mediocre one. The point here is that the two will not most likely come up with the same solution. Each may solve the problem, but the good programmer's solution will typically have a clearer design, be more concise in the implementation, have fewer special cases to deal with, be more flexible when it comes to future expansion, and come with useful tools as needed. So that's your first win: the good programmer comes up with better solutions, which tend to be faster to develop than mediocre ones.
The second win is usually bigger than the first IME, but it's the one most people overlook. A programmer typically doesn't just write new code. In fact, writing code is usually a relatively small part of how he spends his working hours. Usually, he also has overheads such as investigating bug reports and documenting what he's doing for future reference. Because good programmers tend to have cleaner designs and higher quality implementations, they can spend far less of their time fixing bugs, and they usually don't need to write as much to document their code to the same standard. Because they incur lower overheads, they have extra time to spend writing code that solves the next problem, and the one after that.
Finally, there are the indirect benefits. If you have a good programmer in a development team, then typically any smart designs, time-saving tools, useful implementation techniques and the like that they create will filter through to improve the productivity of other team members as well. This applies to some extent whatever the skill level of those other team members. Non-experts will learn from the expert, and be able to do things they otherwise couldn't (or at least couldn't do as fast) thanks to the expert's tools and techniques. Multiple experts will gain from bouncing ideas of each other and getting informed second opinions before committing to something, resulting in less work changing things down the line.
It's true, as you said, that some problems are simply too hard for programmers below a certain level to solve at all, and for those you need someone above that level. It's also true that some problems are so easy that almost anyone would produce the same trivial solution just as quickly. But in real life, most problems fall somewhere between these extremes. For the three reasons above, I think it's wrong to pretend that great programmers won't be more productive in dealing with those. When you combine the direct speed benefits of a better design and implementation, the lower overheads, and the support given to others, an order of magnitude or more is easily believable.
You're right that there's always some sort of obscurity, but you argued for pure obscurity. You said that you didn't want all the social networks to work together because it would make it easy for Bad Guys to do Bad Things.
No, I criticised the generic statement that interoperability was always a good thing. I have made no comment on the extent to which that applies in this particular case.
Perhaps, but it's no one's fault that you were the only one who didn't know how it worked. You should have found out. Caveat Emptor.
This isn't about personal morality, it's about the norms on a particular social net. If you don't like them, don't join that net.
That's lovely. And how, exactly, is someone who isn't yet a member of a social net and can't see what features it offers supposed to find this out before joining?
Oh here's something for you think about: Your facebook profile? It still exists. Sign in again, and it all comes back just how you left it. Think about it.
Yes, I'm aware of that. I believe such action should be illegal, and indeed the legality of certain common practices of social networks is already questionable under European data protection laws. If memory serves, a formal investigation recently began into whether to take legal action against them for this reason, though I can't immediately find a reference so perhaps I'm not quite right on this.
If you think this is an unreasonable position to take, consider that Amazon.com currently hold my credit card details. They stored these after my first transaction with them, with no warning obvious enough for me to notice it, and I appear to have no way to get them not to store those details and to ask for them only when they actually need them. Numerous large-scale leaks of credit card details resulting from poor security practices have occurred in the past, so this presents a real threat to my financial security. Do you still think it's appropriate for companies to be allowed to data mine personal information about people in this way, without any real checks and balances to make sure the data is handled with appropriate care and respect for people's wishes?
There is no ethical basis for putting business interests ahead of the privacy and security of the people in this way. The law just hasn't caught up to the age of the Internet and massive scale data-mining operations yet. It will do. The only question is how much innocent people must suffer damage ranging from a little embarrassment to complete identity theft taking years to clear up before our "representatives" understand the problem well enough to address it in a meaningful way.
Let's be honest here. You're arguing for security through obscurity. "Security" through poor interoperability is an illusion.
Easy on the soundbites, there, partner. All security ultimately comes through some form of obscurity, unless it's backed up by physical force. It comes through a password that only I know, or having my fingerprint, or knowing which two large primes multiply to give the number in front of you. All such security can therefore be broken if you're prepared to work hard enough, and the only question is whether it's worth the effort. I think perhaps you misunderstand what people are criticising when they talk about security through obscurity.
You knew when you joined Facebook, that friends were going to show up in your social network, either through explcity invites or by posting things to your wall. That's the whole point of joining any social net. To say that you were shocked to find that your connections to your friends would be accessible is the strain credulity to the breaking point.
Actually, I didn't know how the site worked at all. I knew that it was a place where my friends were putting their photos on-line, and that to see those photos you had to join by giving an e-mail address based at my university. I had no idea that in addition to the photo sharing, the site encouraged sharing numerous other forms of information, or that the system encouraged others to provide this information about you. I certainly had no idea just how fast that mechanism could work. It's scary, it really is. That's why I got out.
It's very dangerous to judge this sort of issue based on your personal experiences, perceptions and prejudices. What may be obvious to you, or morally acceptable to you, may not be so to someone else.
We're talking about interoperability. Interoperability is always good.
No, it isn't. In fact, in the context of the dangers of having too much information on-line and having it data mined for purposes you wouldn't like, interoperability and the One True Database are just about the most dangerous things there are.
If you're afraid of personal information getting out, don't post it.
Well, I guess that's one step better than "If you've got nothing to hide, you've got nothing to fear."
Does it occur to you that much of the information about someone on a social networking site isn't actually put there by the person themselves, but implicitly by the contacts within their social network? This is, in fact, exactly what made me get out of Facebook when I tried it a while back. Within a few days of signing up, and having carefully put in nothing but my name, e-mail address and the place I went to university, they had a relatively complete idea of who my closest friends were, my interests, where I go in my spare time and when that typically is during the week, what I look like, what car I drive, and much more. All of that was added by my friends, separately and probably completely innocently, within a matter of days.
The author was NOT calling for a network where all information is freely available to everyone, simply an open framework within which people can network as they please.
Really? There's a lot of specific examples in the article that pretty much say exactly that, AFAICS. The stuff about interoperability and standards is all very nice, but how exactly do you think those are going to work without making the data itself open to some extent as well? What you're basically talking about, if you don't have that, is just the usual "wouldn't single sign-on be nice?" musing.
Methinks a few too many people in this discussion have read this one article and missed the wider context. This is hardly the first post using the walled garden metaphor. Bloggers were talking about this several weeks ago; see this blog post at Coding Horror and the various things linked around it, for example.
Statistically, something like 1 in 30 people is a sociopath.
There you go, I just killed the idea of successfully running a fully open social networking site any time in the near future, right there. Sorry about that.
'Open social networks' is greed-speak for 'easier SPAM access' AFAIAC.
Or worse. I'm far more concerned with things like identity theft or profiling of child targets for other crimes than I am with spam.
Opening up the social networks might be an ideal for a completely open society, but our society isn't grown up enough to be that open yet. Doing it now will just mean that anyone can abuse the system by data mining for their own ends, instead of just the hosting services and their current and (unknown) future owners and business partners.
Of course, some of us removed our personally identifiable data from all social networks pretty early on, precisely because you have no idea who really has access to all that juicy insider gossip about your life and what they're going to use it for, even on the "closed" networks today. Facebook's entire MO is basically to get friends to spy on each other, thus resolving the one remaining block in intelligent data mining of the entire population.
I have a legal Windows license, and I don't use PS or Microsoft Office, as I only use Windows for games. I buy the games that like, because I want to support developers that make good games. For the rest of my computing needs, I use Linux and other F/OSS.
Yes, I take much the same view. Where OSS is good enough for my needs, great, no need to spend any money. Where OSS isn't up to the job, I believe in fairly supporting those who write software I want to use, so I buy it. As far as I'm aware, everything on my PC is 100% legal, including the software and music.
Actually, the most expensive thing I bought recently was a pro-grade font set. Sure, I could have ripped it off, but someone (probably several people, actually) worked for months (probably years, actually) to make that font look as good as it does, and they have rent to pay as well. If I didn't want my work to look good in print, I wouldn't be bothering with a careful choice of font, so why wouldn't I want to support people who set the same high standards as I do?
I wouldn't be surprised to find that all of this was a minority position. Some choose to show their contempt for unreasonably high prices by ripping off the software makers. I choose to show it by not buying their product. I find it hypocritical when people argue that a product isn't worth buying because it's buggy/missing features/<insert excuse here>, but then proceed to rip it and use it anyway.
There are many comments on here presenting the sort arguments such as:
- "Open Office is not 100% compat with MSOffice"
- "My Visio docs cant be used on linux/other-non-MS-os"
- "I cant connect to our exchange servers without Windows"
- "Our company intranet requires active-x controls"
[...]
None of these arguments demonstrate anything lacking with Linux.
On the contrary. If, by Linux, you really mean "Linux and the apps that run on it", then something lacking is exactly what each of those things demonstrates.
Take the corporate intranet example. We have various web pages that do rely on ActiveX, for useful things. What alternative do you propose based on Linux and your browser of choice?
We also use many of the automation and customisation features within MS Office to streamline our document creation and review process. Again, what alternative do you propose based on Linux and your office suite of choice?
The ALL demonstrate how very badly your organisation's IT policies and strategies has backed itself into a corner and locked itself so deeply into a closed and proprietary architecture... that it has lost all ability to conform to international standards.
You miss the point, twice in fact. Firstly, organisations' IT policies are typically geared towards finding a tool that helps the organisation to do its job. If the tool they find does that job, it doesn't matter how many other choices there were. If they can pick between one good option and a choice of many inferior ones, they are always going to pick the one good option. Since they are unlikely to use more than one product for the same purpose, any theoretical choice provides a very limited practical benefit, and vendor lock-in provides a very limited practical risk.
And here's the kicker: you talk about international standards. Windows and MS Office are the international standards. If you run a business, it is close to a 100% bet that everyone you deal with will be using Windows and MS Office on their desktop. You can bleat about so-and-so's published formats all you like, but the simple fact is that IT departments want something that works with everyone else. Whatever works with everyone else is the standard for all practical purposes. It may be de facto rather than de jure, but it's still the most important standard in the game. Arguing in denial of this is just banging your head against a wall.
Or, have you used these [OSS] applications under Microsoft Windows(tm), and found them wanting?
I think that's part of the problem with promoting OSS culture today. The focus for OSS projects is often Linux development, and for all they claim to be multi-platform, the Windows ports are frequently bug-ridden to the point of being completely useless. The GIMP and Scribus are the too most obvious offenders, having been completely unusable every time I've tried them, and that means several versions over several years on several different Windows boxes so it's no fluke. However, even the mighty Firefox and OpenOffice have their moments: see "printing" and "font handling" respectively, for example.
The irony, of course, is that even if these applications are rock solid and fit in perfectly on Linux, the negative PR they get from being rubbish on Windows makes people think the applications themselves are rubbish. Then, far from being a credit to Linux, they make the average punter wonder whether Linux itself is just more of that "unstable Open Source stuff", without ever even installing it.
You mention Photoshop so I assume that you are a professional graphic designer or similar and you are not just using a warezed copy.
As amazing as it may seem to certain people here, some of us actually pay for good software even at home. Not every home user of Windows illegally rips all the software they run on it, you know.
This, to me, is actually quite a good argument for using OSS applications on Windows. I like the fact that I can have Firefox, Thunderbird and OpenOffice installed legally and without cost, and these are perfectly adequate for my simple needs at home. It leaves me more money to pay for things like good games and good graphics/design/DTP/fonts related stuff for when I'm being creative.
Even though I'm only getting this stuff for fun, like the GP poster I wouldn't choose to use an alternative platform if it didn't have the same quality of software available. It doesn't need to be the same software, but it does need to be similarly capable.
But now we're seeing a lot of government agencies move online, with extra charges if you want readable hard copy. For example, there are a number of states that charge less for things like licenses if you renew online. But this decision takes this change a step farther: It holds the prospect that, to read the document that you are legally required to read and obey, you must pay a specific corporation (Microsoft) for the software to read it.
If that happens, then the documents are not "freely available", at least by any meaning of the word "freely" I intended in my previous post!
Note that I didn't say what sort of machine(s) I have at home, because this shouldn't matter for government docs.
Of course it matters.
The important thing is that the information is freely available to the public. It is the responsibility of the government to provide reasonable access to this information, for example by providing facilities for everyone to use at their local library or City Hall.
Whether or not people running on whatever the trendy (or not-so-trendy) hardware/software of the day is at home can read the documents is really far less important. Indeed, you can make a good case that governments shouldn't spend additional public money supporting additional protocols for home use, particularly where these lack longevity and/or aren't widely used.
Sure, but AOL aren't really the good guys: the economic damage they did to the coaster industry was enough to send the world's stock markets into meltdown for years!
Yeah, keyboard shortcuts suck and no-one can remember them. That's why keys like Shift and Ctrl are so rarely used these days, particularly by experienced typists, and never in combination.:-)
Personally, I've always quite fancied trying one of these Datahand units, but obviously there's a high cost involved and quite a steep learning curve. I can well believe that when properly configured, it's much nicer for things that aren't simple typing jobs, such as programming, writing in mark-up languages like LaTeX, or playing games with complicated UIs.
Well, not quite. The law changes and Data Protection Act exemptions being proposed would allow much more than that, if you read what is actually being said rather than the PR-spun version.
Yes they are but ANPR identifies vehicles, you know, the things with wheels on. NOT people. They haven't got a clue who is in which vehicle unless they make the assumption that one of the people is the owner - and that is only a guess - or the vehicle is already under police surveillance using other assets. Nobody is tracking people to the extent that you believe they are.
OK, try this on for size. If your vehicle is used to commit a motoring offence, then in many cases you are considered guilty by default, and the onus is on you to prove that someone else was driving, or that it wasn't your car in the first place (number plate theft/duplication is one of the fastest growing crimes in the UK today — no prizes for guessing why). This is not due process, innocent-until-proven-guilty stuff. It's a computer-generated nastygram that arrives in the post and screws up your life for a few weeks. Often, it isn't financially worthwhile to defend yourself, since the trial will typically be arranged where the alleged offence took place, and it may cost you more time and money to defend yourself than you'd save by doing so successfully. This is already a serious problem with the various ANPR-based systems, and connecting them all up and giving the authorities unrestricted access to all the data in a single place is only going to make this worse.
That aside, in fact they are trying to track the individual people. Facial recognition technology isn't quite there yet, but notice that all the new generation ANPR-friendly cameras are front-facing; this isn't an accident. Even without such truly privacy-destroying steps, it still doesn't take much for them to match up your logged number plate with use of a card to pay for petrol or similar. None of this is hypothetical; both the intent and the R&D to develop the technology are public knowledge — though not emphasised, funnily enough.
So the police conduct an investigation, find that the person is innocent (i.e. their suspicions were unfounded), and the person is allowed to continue with their life.
Sure, after losing anything up to a month of it (and they're trying — yet again — to claim they need more time than that, without — yet again — providing a single example of where it would actually have helped). Oh, and after having your DNA sample taken, forcibly if necessary, and held in perpetuity for matching in yet another error-prone process that is known to lead to mistaken identities and future persecution by the authorities. Oh, and did I mention having your whole life destroyed because you're a "terrorist suspect"? Arresting someone because you make a mistake, messing with their life for a few days, destroying their reputation, and then letting them go because it's "just normal policing" is not OK, and systems that will likely to lead to more of the same are not to be welcomed.
But you haven't done anything of the sort. They are watching vehicles - NOT people. Re-read it a few times until you can understand the difference. And it does not provide a full record of every vehicles' movements. It flags up those that have irregularities (no licence, no MOT etc) in real time so that traffic police can stop the vehicle and take action.
You simply haven't read the documentation properly. Real-time checking is what the various roadside units and in-car cameras do, but they are building the database to keep that full record as well.
And as I've noted above, there is a thin line between watching vehicles and watching their occupants, and they are trying to erase it as fas
No, the committee decided that, although such a usage could be justified on the grounds of crime prevention, it would NOT be justified on the grounds of intrusion and invasion of privacy.
I believe we're talking at cross-purposes. My point is exactly that if the data were only used to prevent crimes, then of course that seems like a positive thing, but in reality, you can't guarantee that every time you look up the data a crime will be prevented and there is a risk of less positive uses of the information as well.
It is not a question of time. Under data protection laws the police would never know that the vehicle of interest had appeared in London, so they would never have the opportunity to apply for a warrant.
So why not reverse the bias, and allow the police to designate vehicles of interest so they can be flagged and investigated further if the system picks them up? We do not need to give the police (there is no distinction in law between an average copper and "anti-terrorist police") centralised access to every camera in the UK by default. This could be fully automated if security was a concern.
You can repeat it as much as you like but it does not make it true. All vehicles that are identified by the congestion cameras in London are identified but, until today, that information was not made available to the police for any purpose other than congestion control.
It's not my repeating it you should be worried about. The national vehicle tracking database is a matter of public record, first highlighted after a leaked document reached the Sunday Times a couple of years ago. The police are deliberately building a nationwide network of ANPR-enabled cameras with the explicit intent of tracking everyone, and the congestion charging cameras in London are just one more nail in the coffin. This intent has been acknowledged by the ACPO, and questions have been asked by MPs given the way various aspects of this scheme have been done using technicalities and loopholes to avoid the usual Parliamentary oversight.
Many people who are stopped for speeding are let off with a warning. Many people who commit minor offences are let of with a caution. That is not to say that the police shouldn't investigate crimes.
Of course not. I'm not arguing that it is reasonable to expect every arrest to result in a conviction. I'm simply demonstrating that the suspicions raised by all these so-called anti-terrorist techniques are wrong, a lot.
There is no mass surveillance. There is no blanket approval of police investigations into anybody or everybody without judicial oversight. There is no justification for the claim that we are all being tracked. And finally, I looked very closely at your reply but you haven't offered a better alternative. You have simply stated that you don't like the current suggestion. OK, that is your right. Have you tried contacting your MP about it?
I think I've shown beyond any doubt that your denial of mass surveillance is wishful thinking. This is the explicit, publicly stated intent of our police forces, as shown by the document I cited above. You can also search for discussions in the House, reports by the Information Commissioner and information from other similarly authoritative bodies if you want more proof. And of course, we're not just talking about vehicle tracking now.
As for better alternatives, I have suggested one method above that provides all the same opportunities yet does not entail the same dangerous centralisation of other information. But frankly, just not doing this would be better than the current creep towards a complete surveillance society. I don't think there is a serious problem that needs fixing. I thin
The public threat scale thing is just another tool for the government fear machine. The effective default state is the fourth highest of five levels, and when they need a PR boost, they push it up to five. Apparently it has never, in recent history, been below those highest two levels. But you've got to admit, it's a great way to scare people.
Perhaps we should have a new scale: the honest-o-meter, which rates the credibility of what the politicians are saying today on a scale of "truly insightful", "makes sense", "worth a try", "slightly misleading" and "deliberately deceptive". I suggest that we just leave it on "slightly misleading" by default, and push it up to "deliberately deceptive" whenever any Labour cabinet minister opens their mouth.
Frameworks are great. People who use them often suck.
I disagree. Good frameworks are great when used in the context they were built for. Most frameworks I've encountered in my programming career aren't good, they're just overgrown libraries that aren't as flexible as they could be. Then those people-who-suck that you mentioned use those inflexible frameworks where they're not appropriate, and the result is a combination of huge amounts of boilerplate that wasn't really necessary and a whole load of truly clunky code just to work around the limitations in the framework.
The cure is to perform test-driven development, so that you are not afraid to change existing code. I can't emphasize how liberating it is to be able to come in and uproot some inflexible crap (which was good enough for a long time, but is not anymore), put in an improved design, and then know that you didn't break anything. You can roll with the punches and not waste your time designing in unnecessary flexibility.
Unfortunately, you appear to make the same honest mistake as most TDD advocates I have encountered: you sincerely believe that having a good test suite automatically makes it safe to go in and change code. How do you know your tests really cover all the important behaviour? What if it's not practical to model all the possible scenarios your code has to cope with separately, for example because there are an effectively infinite number of them? A reasonably large software project may have 10k decision points. How many of those projects have test suites containing the millions of test cases that will typically be needed to test all execution paths independently? Even then, with around 10^3010 theoretical possibilities, how do you know you really got all the paths that are possible given the dependencies in the code?
Automated tests are, in general, a good thing. Refactoring to maintain a clean code base is, in general, a good thing. But automated unit tests are only one way you try to keep your code working properly, and having a test suite is no substitute for understanding how the code works before your change it. Small-scale refactoring — as typically advocated by TDD supporters, though I recognise that you didn't write this explicitly yourself — is no substitute for maintaining a coherent overall design: it may lead to local maxima in code quality, but after a while if there are significant changes in the system requirements due to new features, you might just be taking careful, small steps towards a dead end, when you should have back-tracked and gone around.
The trick is to know when to make small, incremental changes to the code, and when it's worth taking a step back and perhaps adopting a new approach or rewriting a larger section more generically. Both having automated tests and having a clean design in the existing code will help you to make such decisions and to implement them as safely as possible, but they do not guarantee it.
Which is presumably why languages like Pascal, Java, Python, Ruby, etc. all support goto.
But how many of the above languages support...
goto is like assembly language: it's a flexible tool, but very primitive. Just as higher level languages are more expressive than assembly, meaning we rarely have reason to write raw assembly any more, so higher level languages have developed more expressive versions of goto, meaning we rarely have to write a raw goto any more.
I think someone needs to write a new article, called “Dogmatic structured programming considered harmful”. While block structure with the sequence, iteration and decision operations has proven a useful model for describing algorithms, other powerful abstractions for control and data flow exist. Functional programming tends to use recursion rather than iteration, for example, and many functional languages don't really model sequence in the classical sense either. Almost all modern, general purpose programming languages support the concept of exceptions, which are just a more systematic form of goto. In some programming languages, there is no explicit concept of control flow at all.
I don't see many people who understand these extended or alternative models complaining about how we should go back to doing everything with block-structured, procedural code. We just have to learn to use different models effectively, as functional programmers found before they realised the importance of tail recursion, as OO programmers found before they learned to control stack unwinding. This is called “progress”, and is what happens with experience... unless you adhere dogmatically to the way things are done at the moment, regardless of any objective merit an alternative may have.
If we built our cars like we build our software, they would look great, they would have controls even a five-year-old could use, and every 65,536 miles they'd teleport you back to where you started.
FWIW, while it was indeed a window/conservatory firm I was thinking of, I'm pretty sure it wasn't them. Ironically, though, the one thing I can't remember after their aggressive advertising campaign is who they were. :-)
If he were selling his software commercially, or people were being directed from the Slashdot front page to a page full of ads, then you might have a point, but that's not the case here. The guy has made an obviously useful tool, gives it away for free, and is warning about an obviously relevant threat. The most he's likely to get out of this is a few small donations or a few more page hits on his site, perhaps making enough to cover the server costs for hosting a popular Firefox extension for a while and a bit of beer money. I think your post is way over the top.
The problem with ads is that, apparently, the annoying ones are exactly the ones that work. People like you and me hate them, but we're never going to buy their **** anyway. Those irritating jingles that get played endlessly on TV ads irritate the **** out of us, but they attract the attention (and memory) of those gullible enough to buy the goods.
I'm not sure how much this is really backed up by evidence and how much is just "accepted wisdom" in the marketing community, though. There was a particular local firm advertising on the biggest local radio station in these parts a few years ago. They basically took traditional melodies from things like popular nursery rhymes, and rewrote the lyrics to mention their company name repeatedly and the product they were pitching. After a while, they even ran an ad that had the lyrics "We know the songs get on your nerves", which I remember all too well, perhaps making the point for them. That was, however, the last ad they ever ran on that radio station as far as I can tell. I'm not sure what happened to the company...
To bring this back to the current context, though, the theory seems entirely reasonable. Most of us will never support spammers or get caught by phishing, but those stupid enough to reply to bank password checks or ads for legal software downloads are probably also the ones stupid enough to click on the slightly odd-looking dialog warning about a virus attempting to install itself through your web browser. Sadly, given the tiny running costs, it only take a very small proportion of people to be idiots for the spammers/adware merchants to make an awful lot of money.
There's no one programmer who does the work of ten other programmers.
The thing is, that depends on your metric. If you're measuring useful work done, in terms of actual problems solved and perhaps with some sort of cost and/or speed factors built in, then it is entirely possible for one great programmer to do the work of many mediocre ones. This is for three reasons, and I think most people only really think of the first one.
Firstly, contrary to what you wrote about the size of a problem, I think it's clear that a good programmer will generally solve a problem of average difficulty faster than a mediocre one. The point here is that the two will not most likely come up with the same solution. Each may solve the problem, but the good programmer's solution will typically have a clearer design, be more concise in the implementation, have fewer special cases to deal with, be more flexible when it comes to future expansion, and come with useful tools as needed. So that's your first win: the good programmer comes up with better solutions, which tend to be faster to develop than mediocre ones.
The second win is usually bigger than the first IME, but it's the one most people overlook. A programmer typically doesn't just write new code. In fact, writing code is usually a relatively small part of how he spends his working hours. Usually, he also has overheads such as investigating bug reports and documenting what he's doing for future reference. Because good programmers tend to have cleaner designs and higher quality implementations, they can spend far less of their time fixing bugs, and they usually don't need to write as much to document their code to the same standard. Because they incur lower overheads, they have extra time to spend writing code that solves the next problem, and the one after that.
Finally, there are the indirect benefits. If you have a good programmer in a development team, then typically any smart designs, time-saving tools, useful implementation techniques and the like that they create will filter through to improve the productivity of other team members as well. This applies to some extent whatever the skill level of those other team members. Non-experts will learn from the expert, and be able to do things they otherwise couldn't (or at least couldn't do as fast) thanks to the expert's tools and techniques. Multiple experts will gain from bouncing ideas of each other and getting informed second opinions before committing to something, resulting in less work changing things down the line.
It's true, as you said, that some problems are simply too hard for programmers below a certain level to solve at all, and for those you need someone above that level. It's also true that some problems are so easy that almost anyone would produce the same trivial solution just as quickly. But in real life, most problems fall somewhere between these extremes. For the three reasons above, I think it's wrong to pretend that great programmers won't be more productive in dealing with those. When you combine the direct speed benefits of a better design and implementation, the lower overheads, and the support given to others, an order of magnitude or more is easily believable.
You're right that there's always some sort of obscurity, but you argued for pure obscurity. You said that you didn't want all the social networks to work together because it would make it easy for Bad Guys to do Bad Things.
No, I criticised the generic statement that interoperability was always a good thing. I have made no comment on the extent to which that applies in this particular case.
Perhaps, but it's no one's fault that you were the only one who didn't know how it worked. You should have found out. Caveat Emptor. This isn't about personal morality, it's about the norms on a particular social net. If you don't like them, don't join that net.
That's lovely. And how, exactly, is someone who isn't yet a member of a social net and can't see what features it offers supposed to find this out before joining?
Oh here's something for you think about: Your facebook profile? It still exists. Sign in again, and it all comes back just how you left it. Think about it.
Yes, I'm aware of that. I believe such action should be illegal, and indeed the legality of certain common practices of social networks is already questionable under European data protection laws. If memory serves, a formal investigation recently began into whether to take legal action against them for this reason, though I can't immediately find a reference so perhaps I'm not quite right on this.
If you think this is an unreasonable position to take, consider that Amazon.com currently hold my credit card details. They stored these after my first transaction with them, with no warning obvious enough for me to notice it, and I appear to have no way to get them not to store those details and to ask for them only when they actually need them. Numerous large-scale leaks of credit card details resulting from poor security practices have occurred in the past, so this presents a real threat to my financial security. Do you still think it's appropriate for companies to be allowed to data mine personal information about people in this way, without any real checks and balances to make sure the data is handled with appropriate care and respect for people's wishes?
There is no ethical basis for putting business interests ahead of the privacy and security of the people in this way. The law just hasn't caught up to the age of the Internet and massive scale data-mining operations yet. It will do. The only question is how much innocent people must suffer damage ranging from a little embarrassment to complete identity theft taking years to clear up before our "representatives" understand the problem well enough to address it in a meaningful way.
Easy on the soundbites, there, partner. All security ultimately comes through some form of obscurity, unless it's backed up by physical force. It comes through a password that only I know, or having my fingerprint, or knowing which two large primes multiply to give the number in front of you. All such security can therefore be broken if you're prepared to work hard enough, and the only question is whether it's worth the effort. I think perhaps you misunderstand what people are criticising when they talk about security through obscurity.
Actually, I didn't know how the site worked at all. I knew that it was a place where my friends were putting their photos on-line, and that to see those photos you had to join by giving an e-mail address based at my university. I had no idea that in addition to the photo sharing, the site encouraged sharing numerous other forms of information, or that the system encouraged others to provide this information about you. I certainly had no idea just how fast that mechanism could work. It's scary, it really is. That's why I got out.
It's very dangerous to judge this sort of issue based on your personal experiences, perceptions and prejudices. What may be obvious to you, or morally acceptable to you, may not be so to someone else.
We're talking about interoperability. Interoperability is always good.
No, it isn't. In fact, in the context of the dangers of having too much information on-line and having it data mined for purposes you wouldn't like, interoperability and the One True Database are just about the most dangerous things there are.
If you're afraid of personal information getting out, don't post it.
Well, I guess that's one step better than "If you've got nothing to hide, you've got nothing to fear."
Does it occur to you that much of the information about someone on a social networking site isn't actually put there by the person themselves, but implicitly by the contacts within their social network? This is, in fact, exactly what made me get out of Facebook when I tried it a while back. Within a few days of signing up, and having carefully put in nothing but my name, e-mail address and the place I went to university, they had a relatively complete idea of who my closest friends were, my interests, where I go in my spare time and when that typically is during the week, what I look like, what car I drive, and much more. All of that was added by my friends, separately and probably completely innocently, within a matter of days.
The author was NOT calling for a network where all information is freely available to everyone, simply an open framework within which people can network as they please.
Really? There's a lot of specific examples in the article that pretty much say exactly that, AFAICS. The stuff about interoperability and standards is all very nice, but how exactly do you think those are going to work without making the data itself open to some extent as well? What you're basically talking about, if you don't have that, is just the usual "wouldn't single sign-on be nice?" musing.
Methinks a few too many people in this discussion have read this one article and missed the wider context. This is hardly the first post using the walled garden metaphor. Bloggers were talking about this several weeks ago; see this blog post at Coding Horror and the various things linked around it, for example.
Statistically, something like 1 in 30 people is a sociopath.
There you go, I just killed the idea of successfully running a fully open social networking site any time in the near future, right there. Sorry about that.
'Open social networks' is greed-speak for 'easier SPAM access' AFAIAC.
Or worse. I'm far more concerned with things like identity theft or profiling of child targets for other crimes than I am with spam.
Opening up the social networks might be an ideal for a completely open society, but our society isn't grown up enough to be that open yet. Doing it now will just mean that anyone can abuse the system by data mining for their own ends, instead of just the hosting services and their current and (unknown) future owners and business partners.
Of course, some of us removed our personally identifiable data from all social networks pretty early on, precisely because you have no idea who really has access to all that juicy insider gossip about your life and what they're going to use it for, even on the "closed" networks today. Facebook's entire MO is basically to get friends to spy on each other, thus resolving the one remaining block in intelligent data mining of the entire population.
I have a legal Windows license, and I don't use PS or Microsoft Office, as I only use Windows for games. I buy the games that like, because I want to support developers that make good games. For the rest of my computing needs, I use Linux and other F/OSS.
Yes, I take much the same view. Where OSS is good enough for my needs, great, no need to spend any money. Where OSS isn't up to the job, I believe in fairly supporting those who write software I want to use, so I buy it. As far as I'm aware, everything on my PC is 100% legal, including the software and music.
Actually, the most expensive thing I bought recently was a pro-grade font set. Sure, I could have ripped it off, but someone (probably several people, actually) worked for months (probably years, actually) to make that font look as good as it does, and they have rent to pay as well. If I didn't want my work to look good in print, I wouldn't be bothering with a careful choice of font, so why wouldn't I want to support people who set the same high standards as I do?
I wouldn't be surprised to find that all of this was a minority position. Some choose to show their contempt for unreasonably high prices by ripping off the software makers. I choose to show it by not buying their product. I find it hypocritical when people argue that a product isn't worth buying because it's buggy/missing features/<insert excuse here>, but then proceed to rip it and use it anyway.
There are many comments on here presenting the sort arguments such as :
- "Open Office is not 100% compat with MSOffice"
- "My Visio docs cant be used on linux/other-non-MS-os"
- "I cant connect to our exchange servers without Windows"
- "Our company intranet requires active-x controls"
[...]
None of these arguments demonstrate anything lacking with Linux.
On the contrary. If, by Linux, you really mean "Linux and the apps that run on it", then something lacking is exactly what each of those things demonstrates.
Take the corporate intranet example. We have various web pages that do rely on ActiveX, for useful things. What alternative do you propose based on Linux and your browser of choice?
We also use many of the automation and customisation features within MS Office to streamline our document creation and review process. Again, what alternative do you propose based on Linux and your office suite of choice?
The ALL demonstrate how very badly your organisation's IT policies and strategies has backed itself into a corner and locked itself so deeply into a closed and proprietary architecture ... that it has lost all ability to conform to international standards.
You miss the point, twice in fact. Firstly, organisations' IT policies are typically geared towards finding a tool that helps the organisation to do its job. If the tool they find does that job, it doesn't matter how many other choices there were. If they can pick between one good option and a choice of many inferior ones, they are always going to pick the one good option. Since they are unlikely to use more than one product for the same purpose, any theoretical choice provides a very limited practical benefit, and vendor lock-in provides a very limited practical risk.
And here's the kicker: you talk about international standards. Windows and MS Office are the international standards. If you run a business, it is close to a 100% bet that everyone you deal with will be using Windows and MS Office on their desktop. You can bleat about so-and-so's published formats all you like, but the simple fact is that IT departments want something that works with everyone else. Whatever works with everyone else is the standard for all practical purposes. It may be de facto rather than de jure, but it's still the most important standard in the game. Arguing in denial of this is just banging your head against a wall.
Or, have you used these [OSS] applications under Microsoft Windows(tm), and found them wanting?
I think that's part of the problem with promoting OSS culture today. The focus for OSS projects is often Linux development, and for all they claim to be multi-platform, the Windows ports are frequently bug-ridden to the point of being completely useless. The GIMP and Scribus are the too most obvious offenders, having been completely unusable every time I've tried them, and that means several versions over several years on several different Windows boxes so it's no fluke. However, even the mighty Firefox and OpenOffice have their moments: see "printing" and "font handling" respectively, for example.
The irony, of course, is that even if these applications are rock solid and fit in perfectly on Linux, the negative PR they get from being rubbish on Windows makes people think the applications themselves are rubbish. Then, far from being a credit to Linux, they make the average punter wonder whether Linux itself is just more of that "unstable Open Source stuff", without ever even installing it.
You mention Photoshop so I assume that you are a professional graphic designer or similar and you are not just using a warezed copy.
As amazing as it may seem to certain people here, some of us actually pay for good software even at home. Not every home user of Windows illegally rips all the software they run on it, you know.
This, to me, is actually quite a good argument for using OSS applications on Windows. I like the fact that I can have Firefox, Thunderbird and OpenOffice installed legally and without cost, and these are perfectly adequate for my simple needs at home. It leaves me more money to pay for things like good games and good graphics/design/DTP/fonts related stuff for when I'm being creative.
Even though I'm only getting this stuff for fun, like the GP poster I wouldn't choose to use an alternative platform if it didn't have the same quality of software available. It doesn't need to be the same software, but it does need to be similarly capable.
But now we're seeing a lot of government agencies move online, with extra charges if you want readable hard copy. For example, there are a number of states that charge less for things like licenses if you renew online. But this decision takes this change a step farther: It holds the prospect that, to read the document that you are legally required to read and obey, you must pay a specific corporation (Microsoft) for the software to read it.
If that happens, then the documents are not "freely available", at least by any meaning of the word "freely" I intended in my previous post!
Note that I didn't say what sort of machine(s) I have at home, because this shouldn't matter for government docs.
Of course it matters.
The important thing is that the information is freely available to the public. It is the responsibility of the government to provide reasonable access to this information, for example by providing facilities for everyone to use at their local library or City Hall.
Whether or not people running on whatever the trendy (or not-so-trendy) hardware/software of the day is at home can read the documents is really far less important. Indeed, you can make a good case that governments shouldn't spend additional public money supporting additional protocols for home use, particularly where these lack longevity and/or aren't widely used.
Sure, but AOL aren't really the good guys: the economic damage they did to the coaster industry was enough to send the world's stock markets into meltdown for years!
Yeah, keyboard shortcuts suck and no-one can remember them. That's why keys like Shift and Ctrl are so rarely used these days, particularly by experienced typists, and never in combination. :-)
Personally, I've always quite fancied trying one of these Datahand units, but obviously there's a high cost involved and quite a steep learning curve. I can well believe that when properly configured, it's much nicer for things that aren't simple typing jobs, such as programming, writing in mark-up languages like LaTeX, or playing games with complicated UIs.
Well, not quite. The law changes and Data Protection Act exemptions being proposed would allow much more than that, if you read what is actually being said rather than the PR-spun version.
OK, try this on for size. If your vehicle is used to commit a motoring offence, then in many cases you are considered guilty by default, and the onus is on you to prove that someone else was driving, or that it wasn't your car in the first place (number plate theft/duplication is one of the fastest growing crimes in the UK today — no prizes for guessing why). This is not due process, innocent-until-proven-guilty stuff. It's a computer-generated nastygram that arrives in the post and screws up your life for a few weeks. Often, it isn't financially worthwhile to defend yourself, since the trial will typically be arranged where the alleged offence took place, and it may cost you more time and money to defend yourself than you'd save by doing so successfully. This is already a serious problem with the various ANPR-based systems, and connecting them all up and giving the authorities unrestricted access to all the data in a single place is only going to make this worse.
That aside, in fact they are trying to track the individual people. Facial recognition technology isn't quite there yet, but notice that all the new generation ANPR-friendly cameras are front-facing; this isn't an accident. Even without such truly privacy-destroying steps, it still doesn't take much for them to match up your logged number plate with use of a card to pay for petrol or similar. None of this is hypothetical; both the intent and the R&D to develop the technology are public knowledge — though not emphasised, funnily enough.
Sure, after losing anything up to a month of it (and they're trying — yet again — to claim they need more time than that, without — yet again — providing a single example of where it would actually have helped). Oh, and after having your DNA sample taken, forcibly if necessary, and held in perpetuity for matching in yet another error-prone process that is known to lead to mistaken identities and future persecution by the authorities. Oh, and did I mention having your whole life destroyed because you're a "terrorist suspect"? Arresting someone because you make a mistake, messing with their life for a few days, destroying their reputation, and then letting them go because it's "just normal policing" is not OK, and systems that will likely to lead to more of the same are not to be welcomed.
You simply haven't read the documentation properly. Real-time checking is what the various roadside units and in-car cameras do, but they are building the database to keep that full record as well.
And as I've noted above, there is a thin line between watching vehicles and watching their occupants, and they are trying to erase it as fas
I believe we're talking at cross-purposes. My point is exactly that if the data were only used to prevent crimes, then of course that seems like a positive thing, but in reality, you can't guarantee that every time you look up the data a crime will be prevented and there is a risk of less positive uses of the information as well.
So why not reverse the bias, and allow the police to designate vehicles of interest so they can be flagged and investigated further if the system picks them up? We do not need to give the police (there is no distinction in law between an average copper and "anti-terrorist police") centralised access to every camera in the UK by default. This could be fully automated if security was a concern.
It's not my repeating it you should be worried about. The national vehicle tracking database is a matter of public record, first highlighted after a leaked document reached the Sunday Times a couple of years ago. The police are deliberately building a nationwide network of ANPR-enabled cameras with the explicit intent of tracking everyone, and the congestion charging cameras in London are just one more nail in the coffin. This intent has been acknowledged by the ACPO, and questions have been asked by MPs given the way various aspects of this scheme have been done using technicalities and loopholes to avoid the usual Parliamentary oversight.
Of course not. I'm not arguing that it is reasonable to expect every arrest to result in a conviction. I'm simply demonstrating that the suspicions raised by all these so-called anti-terrorist techniques are wrong, a lot.
I think I've shown beyond any doubt that your denial of mass surveillance is wishful thinking. This is the explicit, publicly stated intent of our police forces, as shown by the document I cited above. You can also search for discussions in the House, reports by the Information Commissioner and information from other similarly authoritative bodies if you want more proof. And of course, we're not just talking about vehicle tracking now.
As for better alternatives, I have suggested one method above that provides all the same opportunities yet does not entail the same dangerous centralisation of other information. But frankly, just not doing this would be better than the current creep towards a complete surveillance society. I don't think there is a serious problem that needs fixing. I thin
The public threat scale thing is just another tool for the government fear machine. The effective default state is the fourth highest of five levels, and when they need a PR boost, they push it up to five. Apparently it has never, in recent history, been below those highest two levels. But you've got to admit, it's a great way to scare people.
Perhaps we should have a new scale: the honest-o-meter, which rates the credibility of what the politicians are saying today on a scale of "truly insightful", "makes sense", "worth a try", "slightly misleading" and "deliberately deceptive". I suggest that we just leave it on "slightly misleading" by default, and push it up to "deliberately deceptive" whenever any Labour cabinet minister opens their mouth.