Now if someone uses this exploit and steals your password (which is honestly rather unlikely), you know who to blame
Who? The one who made the mistake or the one that found it? Heh.
This must be the most trivial, ridicuolus and dangeorus bug I have ever seen in an email system
Now everybody and their little sister will start creating these emails, it is trivial to do on a large scale, everybody is screwed, your only hope is that it will happen to someone else
I have a TiVo moment, I'm in this meeting and I drift away a bit, then I hear something interesing and find myself trying to reach for non-existing remote to rewind.
FWIW I have a PhD in physics. One thing I learned is how to spot pseudo-science the one for the plebs to chew on. This is one of those. They plugged some numbers in some equations, so booyah. What's the error on those? How accurate is it?
Note how they back off and say that none of the predictions are actually verifiable... heh
"Powergaming" as you say it is only fun for power gamers. No one else. One of the few bold moves that Blizzard did is nerfing them.
I think they have learned a few painful lessons from Diablo, I quit playing after the third instance of teaming up with someone only to get killed by them right when we entered the dungeon.
All "power" features will be abused. For a casual gamer like me WoW is the best game I have ever played second to Civ and xcom maybe. I have tried many times to get into the genre, tried Everquest and Anarchy Online dead ass boring stuff, killing bunnies with litte overall story. WoW has an amazingly well crafted story and locations most immersive experiences I ever had on a computer.
Did you notice how they ganged up on WoW. I can see how simplifying the MMOG genre yet being more succefull at it can be annoying.
You came up with an especially python-favored example.
I didn't come up with it, I actually have to rewrite a long strech of code that looks all like that
When you run that perl code, it doesn't even compile. Perl sees the bug, and won't run the program.
You should put that into context. The auto-vivification (where undeclared variables would just spring into life) was such an atrocious feature that Perl was practically unusable for larger projects. They had to invent something to mitigate that, in this case the strict mode
If you ask me Perl is still in a very sorry shape where variables can be evaluated in numerical and string contexts without any kind of warning.
Python never had that kind of problems to begin with. Unlike Perl, variables have types and therefore programming errors that would be deviously hard to catch in Perl manifest themselves in a very explicit manner.
In some of my last projects I had to analyze a Perl and a Java program. I programmed a few years in both of these, but now after a year with Python I was truly suprised of how primitive these languages felt.
All those funny symbols, casting back and forth in perl just getting in the way yet don't really say anything useful... here is an example:
whether or not this is good code is not the point, I have to make it work, look at all that pointless markup, in python this same thing would look like this:
for val in G.spec_val: ...G.species = G.dbh.selectrow_array(G.sth_species, None, val) ...if G.species: ......G.spec_label[val] = G.species[0] + ';' + val
(leading . stands for a space )which version would you rather read?
or that uselessly verbose java where you have to write X number of lines before any action starts...
Python is a simple, clean and powerful language where the real value comes tomorrow or next month, when you have to understand and modify what you wrote today.
There are no objective measures of this quality you have to try it to believe it.
I think free fall refers to 'your state' and not the actual path the the plane.
Think of it as being thrown (accelerated) on a parabolic trajectory but and then having the plane follow this trajectory thus creating the net effect of you moving independently from the airplane.
It is ridiculous to claim that the open source process can eradicate all of the cleverly hidden intentional bugs when it can't find thousands of unintentional bugs left lying around in the source code.
Heh, I would argue that the reason that bugs are hard to find is because they are unintentional.
Historical and empirical evidence suggest that hiding intentional bugs a.k.a backdoors is in closed source software is far more dangerous and easier to get away with...
Reminds me of the Seinfled episode when Jerry (and then George) became bootleggers.
George: I'm a bootlegger.
Anna: You're a what?
George: I'm bootleggin' a movie, baby!
Anna: Isn't that illegal?
George: I can do hard time for this one. And community service!
Jerry: I don't care about Brody. I was up on 96th Street today, there was a kid couldn't have been more than ten years old. He was asking a street vendor if he had any other bootlegs as good as Death Blow. That's who I care about. The little kid who needs bootlegs, because his parent or guardian won't let him see the excessive violence and strong sexual content you and I take for granted.
Hands dow the best introduction to Python from a programmer's prespective. That is if you are already familiar with basic programming concepts.
The great thing about the book is that covers just about every aspect in an extremely concise way that does not bore you to death.
I'm a certified Java and XML developer, gave up on Perl long time ago, discovered Python, somehow got over my initial suspicions regarding the whitespace... within two weeks it became my favorite language. I do just about everything in Python and it takes about 80% less effort. Love it baby!
Quote of the week from the python newsgroup:
"What can I do with Python that I can't do with C#?
You can go home on time at the end of the day." -- Daniel Klein
you know, I have tivo and hate ads, yet I always stop fast forwarding when the "great taste-less filling" ad comes up... (for those that haven't heard about it, it is with two hot babes that beat each other up over beer)
I also regulary watch the Mitsubishi ads too, those are pretty fun
Just because there might be a million computers doing SETI it does not mean they are a million times more effective that one computer doing SETI...To me SETI is a concept that sounds fascinating, it is easy to implement, provides great exposure to the university and people doing it yet in the end I just do not see how real science can come out of it.
Consider the time it takes to synchronize all that data, the time it takes to recheck and validate the results, the costst associated with the bandwith, storage etc... consider the hacks and tricks people play for fun
Why not take a 100 node beowulf cluster, optimize the searching code using the best and most effective techniques, fire it up and let it run. It will beat millions of computers all doing some small redundant parts of the same problem.
It will still be cheaper thatn SETI@home.
We all grew up with the story of the tortoise and the hare, but the rabbits in science do not go to sleep... In that case we all know how the story would have ended.
But it is not like SETI should be shut down. No other project provides more effective outreach and involves the public the way SETI does. Even if it just an illusion, keep it running folks.
h.
I've been developing with XMl for a half a year now, and I found both validation methods to be really bad
DTD is easy to learn, simple to write, only that
you cannot really do what it is supposed to do, that is validate well formedness, it is pathetic, for example, you have cardinality operators that allow you to specify one or more, none or more and optional elements but to constrain element occurances to say 2 to 5 is just too much,
the founding fathers never thought about that level of complexity
then you have the silly parsed character data as type definintion, sheesh
Schemas aren't really better either. Most schemas are utterly incomprehensible to humans, it is like the Perl there's more than one way to do it philosphy permeates it, you can do the same schemas in so many different ways that it takes a serious mental effort to understand someone else's schemas
gimme something better folks b/c both of these just suck
Misprinted citations have absolutely no relation to whether one has actually read that paper.
This whole study misinterprets two major mechanisms that cause misprints:
- each scientific journals has a peculiar way of formatting the citations and most require people to follow these guidelines. Some of these are pretty unintuitive. It is pretty common to look up the way another paper cites the one you want to and take that as example.
- secondly a lot of people share huge bibtex files, I know of one with over 50K entries. A BibTex file allows one to easily format in any journal style any citation it contains. A single improper entry will affect dozens of users.
What is struts? Why it is better/different than JSP? How is better/different from XML/XSLT transformations? What's the point in publishing a review that sounds like sales pitch?
I have not used Struts but from what I have seen these high-level solutions are a dime a dozen. In most cases the examples in the "Getting started" chapter are really simple but it only takes a moderatley complicated site to really see the the weaknesses and warts.
I found the Almanach to be extremely useful in displaying the intended usage for many of the classes. Java builds on numerous desing patterns that can be overwhelming for a novice.
For example just browsing the API I had a hard time figuring out how to use the crypto package to encrypt data. The almanac shows that in ten lines.
In many respects the Almanach is superior to the "Java Cookbook" by O'Reilly because this latter spends way to much time on trivial implementations.
The aspect that I don't like is the huge index(or listing at the end whatever that is). I found that to be totally useless. There are dozens of methods with identical names anyway so finding the one you need is easier to do on the package level in table of contents. This index makes the book unnecessarily bulky.
I noticed that many posters brought up NASA engineers as the ultimate high-quality software developers.
Not to crash their party but hasn't NASA that crashed their multi-million dollar Mars probe because one sensor took measurements in the metric system while the other was stuck with the imperial one (yuck!) and the software did not convert those? Anybody can tell you that science and the imperial system do not go together... Ain't rocket science ya know...
Or (this are the frecnh now) hasn't the Ariane rocket crashed because of a integer overflow in a software component "inherited" from a previous rocket that could not have produced such a value and therefore was not checked...
I found the TiVo recommendation service quite underwhelming.
It looks to me as if they simply look at the genre of the program you rate high and then take that to be your preference.
I found out that the hard way, one day I went home and I found the tivo filled with idiotic shows like: "Price is right" and "Spend $1000 in 1 minute", "Blind date" etc... upon investigating I realized that I've have rated "Junkyard Wars" (a competition of building things from junk) and "BattleBots" (remote controlled robot fight show) high the previous day, this triggered the game-show category to be recorded.
As Larry David would say: pretty-pretty-pretty dumb.
Slashdot Mirror
Now if someone uses this exploit and steals your password (which is honestly rather unlikely), you know who to blame Who? The one who made the mistake or the one that found it? Heh.
Guess what? The Emperor is Naked
This must be the most trivial, ridicuolus and dangeorus bug I have ever seen in an email system
Now everybody and their little sister will start creating these emails, it is trivial to do on a large scale, everybody is screwed, your only hope is that it will happen to someone else
stupid, stupid Google!
I have a TiVo moment, I'm in this meeting and I drift away a bit, then I hear something interesing and find myself trying to reach for non-existing remote to rewind.
FWIW I have a PhD in physics. One thing I learned is how to spot pseudo-science the one for the plebs to chew on. This is one of those. They plugged some numbers in some equations, so booyah. What's the error on those? How accurate is it?
Note how they back off and say that none of the predictions are actually verifiable ... heh
Sour grapes. After all EQ had a great many year lead time, yet WoW is better in great many ways.
Blizzard is notorious for killing "powergamers"
"Powergaming" as you say it is only fun for power gamers. No one else. One of the few bold moves that Blizzard did is nerfing them.
I think they have learned a few painful lessons from Diablo, I quit playing after the third instance of teaming up with someone only to get killed by them right when we entered the dungeon.
All "power" features will be abused. For a casual gamer like me WoW is the best game I have ever played second to Civ and xcom maybe. I have tried many times to get into the genre, tried Everquest and Anarchy Online dead ass boring stuff, killing bunnies with litte overall story. WoW has an amazingly well crafted story and locations most immersive experiences I ever had on a computer.
Did you notice how they ganged up on WoW. I can see how simplifying the MMOG genre yet being more succefull at it can be annoying.
I didn't come up with it, I actually have to rewrite a long strech of code that looks all like that
You should put that into context. The auto-vivification (where undeclared variables would just spring into life) was such an atrocious feature that Perl was practically unusable for larger projects. They had to invent something to mitigate that, in this case the strict mode
If you ask me Perl is still in a very sorry shape where variables can be evaluated in numerical and string contexts without any kind of warning.
Python never had that kind of problems to begin with. Unlike Perl, variables have types and therefore programming errors that would be deviously hard to catch in Perl manifest themselves in a very explicit manner.
All those funny symbols, casting back and forth in perl just getting in the way yet don't really say anything useful ... here is an example:
whether or not this is good code is not the point, I have to make it work, look at all that pointless markup, in python this same thing would look like this:
(leading . stands for a space )which version would you rather read?
or that uselessly verbose java where you have to write X number of lines before any action starts ...
Python is a simple, clean and powerful language where the real value comes tomorrow or next month, when you have to understand and modify what you wrote today. There are no objective measures of this quality you have to try it to believe it.
Yeah, let's turn the radioactive solid into radioactive fumes. Then we can reuse it by filling party baloons with them.
I think free fall refers to 'your state' and not the actual path the the plane.
Think of it as being thrown (accelerated) on a parabolic trajectory but and then having the plane follow this trajectory thus creating the net effect of you moving independently from the airplane.
Historical and empirical evidence suggest that hiding intentional bugs a.k.a backdoors is in closed source software is far more dangerous and easier to get away with...
i.George: I'm a bootlegger.
Anna: You're a what?
George: I'm bootleggin' a movie, baby!
Anna: Isn't that illegal?
George: I can do hard time for this one. And community service!
Jerry: I don't care about Brody. I was up on 96th Street today, there was a kid couldn't have been more than ten years old. He was asking a street vendor if he had any other bootlegs as good as Death Blow. That's who I care about. The little kid who needs bootlegs, because his parent or guardian won't let him see the excessive violence and strong sexual content you and I take for granted.
My recomendation:
Python in a Nutshell by Alex Martelli
Hands dow the best introduction to Python from a programmer's prespective. That is if you are already familiar with basic programming concepts. The great thing about the book is that covers just about every aspect in an extremely concise way that does not bore you to death.
I'm a certified Java and XML developer, gave up on Perl long time ago, discovered Python, somehow got over my initial suspicions regarding the whitespace ... within two weeks it became my favorite language. I do just about everything in Python and it takes about 80% less effort. Love it baby!
Quote of the week from the python newsgroup:
"What can I do with Python that I can't do with C#?
You can go home on time at the end of the day." -- Daniel Klein
h
Sadly this game sucked real bad. For the gory details read the Greyk Analysis
send it vith SOAP.
I think Miller Light is a bad beer, and I am Subaru man. h.
you know, I have tivo and hate ads, yet I always stop fast forwarding when the "great taste-less filling" ad comes up ... (for those that haven't heard about it, it is with two hot babes that beat each other up over beer)
I also regulary watch the Mitsubishi ads too, those are pretty fun
all we need are fun ads
h.Just because there might be a million computers doing SETI it does not mean they are a million times more effective that one computer doing SETI...To me SETI is a concept that sounds fascinating, it is easy to implement, provides great exposure to the university and people doing it yet in the end I just do not see how real science can come out of it.
Consider the time it takes to synchronize all that data, the time it takes to recheck and validate the results, the costst associated with the bandwith, storage etc... consider the hacks and tricks people play for fun
Why not take a 100 node beowulf cluster, optimize the searching code using the best and most effective techniques, fire it up and let it run. It will beat millions of computers all doing some small redundant parts of the same problem. It will still be cheaper thatn SETI@home. We all grew up with the story of the tortoise and the hare, but the rabbits in science do not go to sleep... In that case we all know how the story would have ended.
But it is not like SETI should be shut down. No other project provides more effective outreach and involves the public the way SETI does. Even if it just an illusion, keep it running folks. h.
I've been developing with XMl for a half a year now, and I found both validation methods to be really bad
DTD is easy to learn, simple to write, only that you cannot really do what it is supposed to do, that is validate well formedness, it is pathetic, for example, you have cardinality operators that allow you to specify one or more, none or more and optional elements but to constrain element occurances to say 2 to 5 is just too much, the founding fathers never thought about that level of complexity
then you have the silly parsed character data as type definintion, sheesh
Schemas aren't really better either. Most schemas are utterly incomprehensible to humans, it is like the Perl there's more than one way to do it philosphy permeates it, you can do the same schemas in so many different ways that it takes a serious mental effort to understand someone else's schemas
gimme something better folks b/c both of these just suck
Misprinted citations have absolutely no relation to whether one has actually read that paper.
This whole study misinterprets two major mechanisms that cause misprints:
- each scientific journals has a peculiar way of formatting the citations and most require people to follow these guidelines. Some of these are pretty unintuitive. It is pretty common to look up the way another paper cites the one you want to and take that as example.
- secondly a lot of people share huge bibtex files, I know of one with over 50K entries. A BibTex file allows one to easily format in any journal style any citation it contains. A single improper entry will affect dozens of users.
Again, this study proves nothing.
so where's the review?
What is struts? Why it is better/different than JSP? How is better/different from XML/XSLT transformations? What's the point in publishing a review that sounds like sales pitch?
I have not used Struts but from what I have seen these high-level solutions are a dime a dozen. In most cases the examples in the "Getting started" chapter are really simple but it only takes a moderatley complicated site to really see the the weaknesses and warts.
If I spend time watching a suggested program only to find out that was crap then I lost something.
i.
I found the Almanach to be extremely useful in displaying the intended usage for many of the classes. Java builds on numerous desing patterns that can be overwhelming for a novice.
For example just browsing the API I had a hard time figuring out how to use the crypto package to encrypt data. The almanac shows that in ten lines.
In many respects the Almanach is superior to the "Java Cookbook" by O'Reilly because this latter spends way to much time on trivial implementations.
The aspect that I don't like is the huge index(or listing at the end whatever that is). I found that to be totally useless. There are dozens of methods with identical names anyway so finding the one you need is easier to do on the package level in table of contents. This index makes the book unnecessarily bulky.
i.
Not to crash their party but hasn't NASA that crashed their multi-million dollar Mars probe because one sensor took measurements in the metric system while the other was stuck with the imperial one (yuck!) and the software did not convert those? Anybody can tell you that science and the imperial system do not go together... Ain't rocket science ya know...
Or (this are the frecnh now) hasn't the Ariane rocket crashed because of a integer overflow in a software component "inherited" from a previous rocket that could not have produced such a value and therefore was not checked...
So there you have it.
It looks to me as if they simply look at the genre of the program you rate high and then take that to be your preference.
I found out that the hard way, one day I went home and I found the tivo filled with idiotic shows like: "Price is right" and "Spend $1000 in 1 minute", "Blind date" etc... upon investigating I realized that I've have rated "Junkyard Wars" (a competition of building things from junk) and "BattleBots" (remote controlled robot fight show) high the previous day, this triggered the game-show category to be recorded.
As Larry David would say: pretty-pretty-pretty dumb.