Re:Blame should be shared between coder and langua
on
PHP and SQL Security
·
· Score: 1
It seems that very few of the latest batch of new web app developers know what a database is and what they do. The vast majority that I've seen tend to use databases as a flat file for pulling info out of.
I'll second that! I've been tasked with updating some old PHP apps to remove reliance on register_globals. In most cases, this has meant a total rewrite of the (really crappy) code. Most of the apps have a DB (and I mean this loosely) backend to them.
Web design/programming courses that teach DB use should have a whole course devoted to DB normalization. I usually sit in front of the code shuddering for about half an hour before I'm able to dig in and get to work. I'm not kidding...I've got some real hall of fame $#!+ to wade through.
For me, updating these apps has usually turned into re-writing them, from the DB structure up.
Along the same lines; Would a doctor perform an operation without first performing a thorough examination and asking enough questions to get the full picture? Your Mom likely thought that she was giving you enough info by saying: "My printer won't print." Don't ask, don't tell...right?
Not a personal dig, as I've done the exact same thing, I'm just highlighting a point. Most users with problems don't even have the language or knowledge to properly describe said problem.
I agree with you in theory, but if you look at it from the perspective of "how do you get the average user interested in alternatives?" angle, this might be the way to go.
Consider that people use IE because "it's there," and not generally for any other reason. These people are going to continue to do so until the consequences are too high. Really, the same should apply to corporations too. The more often they get bent over, and the rougher those encounters are, the more the point gets "driven" home...I've been on a campaign lately trying to get people to switch from IE. I've been pushing Netscape 7.x instead of Mozilla though, as I find explaining the difference is tedious to say the least. I'd prefer if they used the AOL-brand free version, but Netscape is better than nothing.
Really, this should go for all MS products with shoddy track records. Any time you have to explain why "the computer was infected with another virus, even though you had AntiVirus software," be very _blunt_ about the reasons. Internet Explorer was designed to kill Netscape, not be secure..."Yes, you're virus signatures were up-to-date (not likely), and you still got a virus." That's because MS knew about the problem 3 months ago but it wasn't made public so they didn't fix it. It's not Norton/McAfee's fault. This virus didn't exist until yesterday...
Now, I'm not saying I think every use should immediately switch to Linux, but I do recommend Mac OS X quite often. I know that nothing is perfect, but it's time people started using _anything_ other than Windows and IE. Don't hide the flaws of the other systems. Yes, Mac OS X did have a problem recently. Nothing is perfect. Most things just happen to be more perfect than Windows and IE.
-Ben
Re:casual desktop users may want to try Knoppix
on
Debian 3.0r2 Released
·
· Score: 1
I would second this. I downloaded the 100 meg sarge iso with the beta installer (mentioned on/. the other day), did a net install and was very impressed. Now if only there were easily available debs of gnome 2.4 + evolution 1.4.5, I'd be all set...
I do love debian, but it does have it's drawbacks too, sometimes!
Ever been to Thunder Bay? It's pretty bleak up there tech-wise too. Not that my current location is that much better...at least it's a little closer to civilization instead of 8 hours (driving) to any other decent sized city.
So you're saying that if it's too expensive to switch from one product to any other that we should just give in, and turn an 80% monopoly into a 100% monopoly?
'Geez, that Hitler guy is looking pretty tough these days, we'd better rush out and join the Nazi party!'
Spending a little bit of extra money on education is never a bad thing...
This applies to more than just education too. If we just start giving up whenever a critical mass is reached, we'll never get anywhere. Imagine if square wheels had reached an 80% majority before round ones came along.
True, but please let there be a GroupWise plugin for Evolution. I was actually thinking about this the other day, while thinking about the whole Novell services on Linux OS strategy. To be honest, I think this could be really fantastic!
That, and I'm stuck in a Novell shop with Windows on the desktop right now with no great alternatives. Give me a GW alternative, and the rest is a piece of cake.
Care to elaborate on 'more powerful scripting than unix'? I'm curious. VBScript? Windows would have a long, long, way to go to beat unix for scripting of any kind.
And what about timely releases for new virus defs? MS is sometimes quite slow to release other security patches...what makes you think they'll be quick on the draw with virus definitions.
As much as I don't generally like the whole virus industry (they make their money from the misery of others; see lawyers), they are generally pretty good at early detection and fast updates...all without breaking other software!!
This is a large undertaking. Will they rise to the occassion or will everything else suffer too?
Although Evolution admittedly isn't dominating the marketplace, I would like to point out that it does still meet the Unix criteria of 'do one thing, but do it well.' Evolution is basically a set of small components that are tied together in another component that is the interface. Try this the next time you launch Evolution:
I had it pegged as a good way of showing the meticulous nature typical of many 'geeks.' I thought that although not thrilling, it was appropriate to character development.
If you find this concept interesting, and enjoy Sci-Fi, try the book Wheelers by Ian Stewart and Jack Cohen. It's a neat book that fleshes out this concept in intricate detail. I picked it up in a clearance sale at my local book store, and was glad of the purchase!
The difference is that the people who originally designed the UNIX APIs really did a great job and that their design still holds up after 30 years. Microsoft and Apple throw out their stuff every few years and start over.
Could this be the difference between people crafting systems for research/scientific purposes vs. corps crafting them for money? Really, if you think about it, the best of the best has always come from the research arena (academia, coporate research [including MS]), whereas crap like Windows has come from pushing things out the door too quickly. I'm not saying that Windows is totally void of any technical merit, I'm just commenting on the relative longevity and beauty of the design principles...
Slashdot Mirror
It seems that very few of the latest batch of new web app developers know what a database is and what they do. The vast majority that I've seen tend to use databases as a flat file for pulling info out of.
I'll second that! I've been tasked with updating some old PHP apps to remove reliance on register_globals. In most cases, this has meant a total rewrite of the (really crappy) code. Most of the apps have a DB (and I mean this loosely) backend to them.
Web design/programming courses that teach DB use should have a whole course devoted to DB normalization. I usually sit in front of the code shuddering for about half an hour before I'm able to dig in and get to work. I'm not kidding...I've got some real hall of fame $#!+ to wade through.
For me, updating these apps has usually turned into re-writing them, from the DB structure up.
-Ben
Sounds like somebody forgot which site they were posting on...!!
-Ben
Along the same lines; Would a doctor perform an operation without first performing a thorough examination and asking enough questions to get the full picture? Your Mom likely thought that she was giving you enough info by saying: "My printer won't print." Don't ask, don't tell...right?
Not a personal dig, as I've done the exact same thing, I'm just highlighting a point. Most users with problems don't even have the language or knowledge to properly describe said problem.
-Ben
You probably need Rogers Hi Speed Cable Internet. It doesn't tie up your phone line!
-Ben
I agree with you in theory, but if you look at it from the perspective of "how do you get the average user interested in alternatives?" angle, this might be the way to go.
Consider that people use IE because "it's there," and not generally for any other reason. These people are going to continue to do so until the consequences are too high. Really, the same should apply to corporations too. The more often they get bent over, and the rougher those encounters are, the more the point gets "driven" home...I've been on a campaign lately trying to get people to switch from IE. I've been pushing Netscape 7.x instead of Mozilla though, as I find explaining the difference is tedious to say the least. I'd prefer if they used the AOL-brand free version, but Netscape is better than nothing.
Really, this should go for all MS products with shoddy track records. Any time you have to explain why "the computer was infected with another virus, even though you had AntiVirus software," be very _blunt_ about the reasons. Internet Explorer was designed to kill Netscape, not be secure..."Yes, you're virus signatures were up-to-date (not likely), and you still got a virus." That's because MS knew about the problem 3 months ago but it wasn't made public so they didn't fix it. It's not Norton/McAfee's fault. This virus didn't exist until yesterday...
Now, I'm not saying I think every use should immediately switch to Linux, but I do recommend Mac OS X quite often. I know that nothing is perfect, but it's time people started using _anything_ other than Windows and IE. Don't hide the flaws of the other systems. Yes, Mac OS X did have a problem recently. Nothing is perfect. Most things just happen to be more perfect than Windows and IE.
-Ben
I would second this. I downloaded the 100 meg sarge iso with the beta installer (mentioned on /. the other day), did a net install and was very impressed. Now if only there were easily available debs of gnome 2.4 + evolution 1.4.5, I'd be all set...
I do love debian, but it does have it's drawbacks too, sometimes!
-Ben
Is public faith in the system more important than overall system security?
I love the Leader too!
-Ben
Ever been to Thunder Bay? It's pretty bleak up there tech-wise too. Not that my current location is that much better...at least it's a little closer to civilization instead of 8 hours (driving) to any other decent sized city.
-Ben
You should have used the 'zoom in from the left' powerpoint animation then
-Ben
Wouldn't that mean they'd have to hire all new admins? The ones they've got now can only point and click, right?
It's funny, laugh!
-Ben
So you're saying that if it's too expensive to switch from one product to any other that we should just give in, and turn an 80% monopoly into a 100% monopoly?
'Geez, that Hitler guy is looking pretty tough these days, we'd better rush out and join the Nazi party!'
Spending a little bit of extra money on education is never a bad thing...
This applies to more than just education too. If we just start giving up whenever a critical mass is reached, we'll never get anywhere. Imagine if square wheels had reached an 80% majority before round ones came along.
-Ben
True, but please let there be a GroupWise plugin for Evolution. I was actually thinking about this the other day, while thinking about the whole Novell services on Linux OS strategy. To be honest, I think this could be really fantastic!
That, and I'm stuck in a Novell shop with Windows on the desktop right now with no great alternatives. Give me a GW alternative, and the rest is a piece of cake.
-Ben
Score: +1 Cruel and Unusual!!
-Ben
Care to elaborate on 'more powerful scripting than unix'? I'm curious. VBScript? Windows would have a long, long, way to go to beat unix for scripting of any kind.
-Ben
Bad stuff? About Unix? Did you forget which forum you're posting to? This is /. after all!
-Ben
And what about timely releases for new virus defs? MS is sometimes quite slow to release other security patches...what makes you think they'll be quick on the draw with virus definitions.
As much as I don't generally like the whole virus industry (they make their money from the misery of others; see lawyers), they are generally pretty good at early detection and fast updates...all without breaking other software!!
This is a large undertaking. Will they rise to the occassion or will everything else suffer too?
-Ben
Although Evolution admittedly isn't dominating the marketplace, I would like to point out that it does still meet the Unix criteria of 'do one thing, but do it well.' Evolution is basically a set of small components that are tied together in another component that is the interface. Try this the next time you launch Evolution:
e ssbooky
% ps axww | grep evo | awk '{print $5}' | grep -v grep
My box shows:
evolution
evolution-mail
evolution-addr
evolution-calendar
evolution-alarm-notif
evolution-executive-summary
Nifty, eh? And because they're components, it's (relatively) easy to make use of them elsewhere!
-Ben
Quick, somebody call Giligan!
-Ben
People are always going to complain. Half of most people's working hours are spent complaining about 'this and that'.
They'll get over it and move on. They always do. This is largely due to short attention spans and the next big crisis in the office.
Once they're able to send all of their emails to the printer, they'll be perfectly content!
-Ben
That eliminates just about every PHB I've ever met !
-Ben
I had it pegged as a good way of showing the meticulous nature typical of many 'geeks.' I thought that although not thrilling, it was appropriate to character development.
-Ben
If you find this concept interesting, and enjoy Sci-Fi, try the book Wheelers by Ian Stewart and Jack Cohen. It's a neat book that fleshes out this concept in intricate detail. I picked it up in a clearance sale at my local book store, and was glad of the purchase!
-Ben
Well put.
-Ben
Could this be the difference between people crafting systems for research/scientific purposes vs. corps crafting them for money? Really, if you think about it, the best of the best has always come from the research arena (academia, coporate research [including MS]), whereas crap like Windows has come from pushing things out the door too quickly. I'm not saying that Windows is totally void of any technical merit, I'm just commenting on the relative longevity and beauty of the design principles...
-Ben
...and then bash Microsoft?
-Ben