I'm working at a three-letter acronym this summer for an internship, doing development on another three-letter acronym. We use a third-party open-source (GPL- hey, that's a TLA too! or three!) somethingorother - not strictly a library, not really Java, but, well, kinda similar... anyway. We can't ship this open source somethingorother with the product, or our lawyers will explode (no, that's not a good thing; when lawyers explode, they get everywhere). Apparently, we can't even mirror the somethingorother. In our case, we've decided that the customer will have to obtain, set up and install the somethingorother themselves, though this is nontrivial and a little tedious for our particular scenario.
Last assignment I did use Java. With regular expressions! Ended up targetting an embedded J2ME device with only Java 1.3. Oops. Had to yank them out.
(And no, don't simply tell us to get better lawyers. If these ones aren't good enough, well, you're not going to just be able to go off and find better ones.)
If you're developing software for someone else and you use a third-party library, you need to a) ship it with your product or b) require the user get it separately. The latter is a hassle (and hassling customers is bad). The former will make your lawyers explode.
Not so. Exposure to radiation does not inherently make something radioactive. Radiation is just alpha particles (helium nuclei - as others have said, they can be stopped "by a sheet of tissue paper"), beta particles (just high-energy electrons) and gamma rays (a high-energy form of light). So, something is struck by radiation. So what? If Something is some cells, they might develop cancer. The worst that can really happen is something absorbs a beta particle or such and transmutes to another element. This is seldom a significant source of radiation.
The real risk is some of the (radioactive) material getting stuck on the containers. I'm sure that's far more manageable than all of the original waste.
Sounds like, aside from the ongoing costs of having people up there (food oxygen fuel replacement-parts) all the current investment could be qualified as a sunk cost.
I disagree - there is something different, but it's not in the effect itself. Rather, consider: the fantasy premise of "You have awesome destructive powers" is different from the scifi premise of "You have equipment with awesome destructive powers". Or, take some sort of fantasy healer: "You heal your wounded comrade with the energies of Nature and the purity of your own soul" versus the scifi: "You heal your wounded comrade with the medpack, the tricorder, and the powers of Science".
These are two different mindsets, and they really do make all the difference for a role-playing game. The sci in scifi, the idea that it's Scienc and technology and such, is really different from the more spiritually-mystically-oriented realms of fantasy.
Unfortunately, you can't just order new friends over the Internet to be delivered to your doorstep. Depending on where you live / who else lives nearby / where you work / how much free time you have and a number of other factors like that, you may or may not be able to find a suitable set of convenient friends. As for the inconvenient friends, well.... then you have the Internet.
It may be multi-user chat, but can you just pop in and join whenever you want? That's the real nicety of IRC (and perhaps what I should have emphasized over mere multiuserness) - you don't have to be invited in, you can just plop yourself down in #perl, wait around, see a few questions, learn a thing or two about closures or typeglobs that you didn't know before.... This is the sort of thing which makes it a resource to both the n00b and the experienced alike.
Big Blue's chairman and chief executive writes in today's Financial Times that traditional multinational companies need to abandon their almost colonial approach to operations outside their home country. He cites as examples of this old-style method the way GM, Ford and his own company built factories in Europe and Asia but kept all the research and development in the US.
Instead, he argues they need to move towards full global integration of their operations...
It seems to me that some sort of "group chat" would be better at harnessing this Wisdom-of-Crowds stuff. Instead of just instant messaging one person to another, you could also provide a chat room - wait, I know, let's call them "channels"! And you can join them and ask questions and maybe learn something from the answers to others questions in the "message board community spirit" but in real time! We could call it Internet Relay Chat.
Take Freenode - an IRC network dedicated to various sorts of community tech support (and, well, general community collaboration for sites like Wikipedia and such). A notable bias towards open-source projects and technologies, admittedly, but the same idea applies.
So what's Qunu got over IRC then? A fluffy little search-engine?:P
They sort of have an "in-house" edition of Firefox that you can install through the IBM Standard Software Installer (or which you might get preinstalled on your ThinkPad). It's effectively the exact same thing, has a few extra search engines maybe (for searching the intranet, the internal "blue pages" directory, et cetera) and a little string in the window titlebar... maybe a few icons are different here and there...
Re:There's an expression that idiots don't underst
on
When Wikipedia Fails
·
· Score: 1
Consider the source of criticism, too. While these people seem sincere, whenever these stories get posted on Slashdot there's inevitable SOME loony or another who is deriding the Wikipedia Establishment (tm) for being some great and terrible instrument of oppression. Usually, though, there's a good reason that the person is being "oppressed" (such as, say, trying to install their own spin in articles).
(As a good measure of such things: those who have been legitimately slighted tend to be more just "well... blah" whereas those who are screaming "stabbitystabbity die die die" or setting up sites like "Wikipedia Watch" or Jimmy Wales hate-sites and the like are slightly less well-inclined.)
Forgive me. With regards to my assertion "you HAVE to use the shell" I had been referring to the convenient ability of many-languages-which-are-not-PHP to call a command outside PHP without invoking, say, bash (a shell). Which avoids the pesky shell-metacharacter processing, instead of merely trying to escape things. (But that's not the PHP way. The PHP way to carry water is to give you a collander, instead of a bucket, and require that you plug the holes yourself.)
It's not the fault of the language that you didn't bother to keep up with how to use it as it evolved.
No, it's certainly not my fault that I didn't bother to keep up with it; I'm not the one writing PHP code that's full of holes. But if the language shouts to the novice "Look, an obvious, easy way to do something!" while standing quietly to the side a PEAR extension is mumbling "here's the way to do something that doesn't suck so much"... what do you expect is going to happen?
Maybe if the language had been intelligently designed instead of "evolved"... (*cough cough*)
Not only is the CTrax web download interface, umm, "absolutely pathetic", that's just the beginning of things. Even if you just want to play the music you've downloaded, the darned thing keeps crashing.
This is still the sort of thing colleges spend money on, instead of, oh, say, that long-overdue raise for faculty...
Re:I'm not a php/perl guru, but
on
PHP Hacks
·
· Score: 2, Informative
Well, of course you can write solid code in PHP. You just need to plug all the security holes yourself, explicitly. I, for one, would like to have prepared statements deal with escaping parameters, not have to worry about the fourth parameter of mail() turning my form into a spam machine... and if you've never used add_slashes - are you relying on magic quotes? Is that script of yours supposed to be portable? Sorry.
Re:From the title...
on
PHP Hacks
·
· Score: 3, Insightful
Is it the fault of the language when a lot of open source applications are written poorly?
Yes. The language doesn't actually compel you to write insecure code, but it would be hard to imagine one which came closer. It's practically begging for injection everywhere. You need to manually escape everything. Database work? Sorry, no prepared statements. Going to send mail()? Leave a few newlines in the wrong variable and you can turn your form into a lean, mean spamming machine! Going to try and call system() with any sort of parameters? Quick check: do you want escapeshellcmd, or escapeshellarg? (and of course, you HAVE to use the shell.) There's more, much more, and if that's not enough, two words should make your skin crawl: "register globals".
use strict; use warnings; taint mode? In your dreams maybe...
Model-view-controller design?... I think they used a shotgun on it.
GAAH.
Re:I'm not a php/perl guru, but
on
PHP Hacks
·
· Score: 2, Informative
It's all true. Now, I know Perl has its own set of issues, and as far as speed is concerned you can't expect plain vanilla CGI to favorably compare to decently cached PHP in a DSO module for Apache (though you CAN run spiffy-fast with things like mod_perl or FastCGI, especially if you're willing to leave Apache for lighttpd like the Ruby on Rails people like). And of course you can write some really incoherent stupid code in Perl, certainly -- especially when you're not smart enough to realize there's something nice in CPAN or your standard Perl distribution that already does what you're asking. But you can also write simple, clean, beautiful, elegant code to do amazing things (and I will always love my hash of anonymous coderefs:)
PHP is the Windows of web programming. It's simple (on the surface), extremely prevalent, trivial to get started with... and then it's inflexible, promotes droolingly bad design decisions, and has a security layer full of holes.
According to a calculator I found online (grain of salt, but it passes my smell test and I can't be arsed to really research this just now), $200 in 1985 translates to $363 in 2005.
A calculator you found online? I'm going to go out on a limb and assume you mean this little thing (which returns your answer as $363.01). So you have nothing to fear. From the source note:
The numbers since 1913 use the CPI compiled by the United States' Bureau of Labor Statistics and released by that agency every month.
These are as accurate as the CPI is meaningful. Thank you for using EH.Net.
If the US imposed import duties on very-low-wage countries that equalized wage costs to even $1/hour, this excessive "offshoring" would stop.
Is that a good thing? If the machines do most of the work, that means some human isn't getting paid for the work. Don't we want to pay people? Especially the poorest sorts of people in the world? Why aren't we thanking these manufacturers for giving these workers jobs, which are apparently better than any of the other opportunities which are available to them? I know it's not the Coziest Job In the World, but should they have to offer All the Luxuries of the West and a 2-week vacation to Hawaii every year before hiring anyone? Do you really think these people would be Amazingly Better Off if they were unemployed instead?
the ability to handle international characters is another.
Wait. I don't develop Ruby. But you're not honestly telling me that it doesn't at least have support for UTF-8, are you? I would have thought that UTF-8, at least, would have been a given for such a project. Is the support only partial, or is it limited, or... something?
Slashdot Mirror
Last assignment I did use Java. With regular expressions! Ended up targetting an embedded J2ME device with only Java 1.3. Oops. Had to yank them out.
(And no, don't simply tell us to get better lawyers. If these ones aren't good enough, well, you're not going to just be able to go off and find better ones.)
If you're developing software for someone else and you use a third-party library, you need to a) ship it with your product or b) require the user get it separately. The latter is a hassle (and hassling customers is bad). The former will make your lawyers explode.
It's not that grand of a CMS, either.
The real risk is some of the (radioactive) material getting stuck on the containers. I'm sure that's far more manageable than all of the original waste.
Sounds like, aside from the ongoing costs of having people up there (food oxygen fuel replacement-parts) all the current investment could be qualified as a sunk cost.
These are two different mindsets, and they really do make all the difference for a role-playing game. The sci in scifi, the idea that it's Scienc and technology and such, is really different from the more spiritually-mystically-oriented realms of fantasy.
Unfortunately, you can't just order new friends over the Internet to be delivered to your doorstep. Depending on where you live / who else lives nearby / where you work / how much free time you have and a number of other factors like that, you may or may not be able to find a suitable set of convenient friends. As for the inconvenient friends, well.... then you have the Internet.
It may be multi-user chat, but can you just pop in and join whenever you want? That's the real nicety of IRC (and perhaps what I should have emphasized over mere multiuserness) - you don't have to be invited in, you can just plop yourself down in #perl, wait around, see a few questions, learn a thing or two about closures or typeglobs that you didn't know before.... This is the sort of thing which makes it a resource to both the n00b and the experienced alike.
Take Freenode - an IRC network dedicated to various sorts of community tech support (and, well, general community collaboration for sites like Wikipedia and such). A notable bias towards open-source projects and technologies, admittedly, but the same idea applies.
So what's Qunu got over IRC then? A fluffy little search-engine? :P
It's called public-key authentication. Well, 1024-bit keys ~= 128 characters... but that's not quite the same thing really.
Who exactly gets the money? Lucky them. Surprised they don't levy fines like this more often.
They sort of have an "in-house" edition of Firefox that you can install through the IBM Standard Software Installer (or which you might get preinstalled on your ThinkPad). It's effectively the exact same thing, has a few extra search engines maybe (for searching the intranet, the internal "blue pages" directory, et cetera) and a little string in the window titlebar... maybe a few icons are different here and there...
(As a good measure of such things: those who have been legitimately slighted tend to be more just "well... blah" whereas those who are screaming "stabbitystabbity die die die" or setting up sites like "Wikipedia Watch" or Jimmy Wales hate-sites and the like are slightly less well-inclined.)
Forgive me. With regards to my assertion "you HAVE to use the shell" I had been referring to the convenient ability of many-languages-which-are-not-PHP to call a command outside PHP without invoking, say, bash (a shell). Which avoids the pesky shell-metacharacter processing, instead of merely trying to escape things. (But that's not the PHP way. The PHP way to carry water is to give you a collander, instead of a bucket, and require that you plug the holes yourself.)
No, it's certainly not my fault that I didn't bother to keep up with it; I'm not the one writing PHP code that's full of holes. But if the language shouts to the novice "Look, an obvious, easy way to do something!" while standing quietly to the side a PEAR extension is mumbling "here's the way to do something that doesn't suck so much"... what do you expect is going to happen?
Maybe if the language had been intelligently designed instead of "evolved"... (*cough cough*)
This is still the sort of thing colleges spend money on, instead of, oh, say, that long-overdue raise for faculty...
Well, of course you can write solid code in PHP. You just need to plug all the security holes yourself, explicitly. I, for one, would like to have prepared statements deal with escaping parameters, not have to worry about the fourth parameter of mail() turning my form into a spam machine... and if you've never used add_slashes - are you relying on magic quotes? Is that script of yours supposed to be portable? Sorry.
Yes. The language doesn't actually compel you to write insecure code, but it would be hard to imagine one which came closer. It's practically begging for injection everywhere. You need to manually escape everything. Database work? Sorry, no prepared statements. Going to send mail()? Leave a few newlines in the wrong variable and you can turn your form into a lean, mean spamming machine! Going to try and call system() with any sort of parameters? Quick check: do you want escapeshellcmd, or escapeshellarg? (and of course, you HAVE to use the shell.) There's more, much more, and if that's not enough, two words should make your skin crawl: "register globals".
use strict; use warnings; taint mode? In your dreams maybe... ... I think they used a shotgun on it.
Model-view-controller design?
GAAH.
PHP is the Windows of web programming. It's simple (on the surface), extremely prevalent, trivial to get started with... and then it's inflexible, promotes droolingly bad design decisions, and has a security layer full of holes.
These are as accurate as the CPI is meaningful. Thank you for using EH.Net.
Okay. Maybe my bank just sucks. At least I don't have any money. :)
4.7 percent? Holy APR Batman! I can't even get a 60-month CD with interest like that.
Wait. I don't develop Ruby. But you're not honestly telling me that it doesn't at least have support for UTF-8, are you? I would have thought that UTF-8, at least, would have been a given for such a project. Is the support only partial, or is it limited, or... something?