To make matters worse, companies will often shove network drives down your throat via the domain policy, that, once your password changes, lock you out of everything. Security through inconvenience of your authorized users. Great!
If you don't enforce this, regardless of what you say lots of people will save everything locally and you either wind up having to backup (and be prepared to restore in the case of hardware failure) an inordinate number of PCs or you have people losing data when their PC dies.
My employer has direct contact with several of the universities in the area (Boston). I recently (~two months ago) interviewed a handful of candidates and ended up hiring two. We only go through universities for finding candidates for our internship programs; we don't accept unsolicited résumés.
After working closely with one of these interns, I completed an evaluation for consideration as a full-time employee.
I see. I'm supposed to be able to look around corners for rogue cyclists and dance around them when they don't show courtesy for people around them, ESPECIALLY when they come out of nowhere going 20 mph. Well, my apologies, then. Everyone knows all cyclists have lights and bells and it's impossible to not see them. They're just as big as cars, right? (Nobody said anything about (not) looking both ways.)
Not going the wrong way down a one-way isn't hard. Anyone who thinks otherwise shouldn't be operating a vehicle.
The cyclists (mostly couriers, I think) around here pay no attention to traffic lights, one-way signs, or pedestrians crossing the road. There are lots of one-ways in Boston where pedestrians just wouldn't expect someone to come barreling down the street at them the wrong way. I've actually been hit by a cyclist going the wrong way down a one-way street. I had a severely bloody nose and a sprained ankle thanks to that loser (who also fell, scraped her knee, got up, started screaming at me for “not paying attention”, then just sped off).
I have absolutely no sympathy for the cyclists who get killed doing stupid things like running red lights and going the wrong way down a one-way. None whatsoever.
If you're a cyclist going the wrong way down a one-way in Boston and you see a tall man taking a swing at you, yeah, that's me. Obey the traffic rules or don't ride. It's that simple.
My comment was in reply to your sweeping generalization that “everyone” knew using eval() is just setting oneself up for failure. json2.js is proof that, with adequate attention given to security, eval() usage isn't a problem.
To the best of my knowledge, as of this writing, the only browser that supports native JSON is Firefox 3/Mozilla 1.9: http://developer.mozilla.org/en/docs/nsIJSON -- this still excludes most people, however.
The rest all require an external parser, such as Crockford's, which eval()s JSON code for everyone else. If you personally feel like writing a JSON parser based entirely on a combination of regex and String.substring()/String.indexOf(), for the sole purpose of avoiding evil eval(), be our guest.
I also started with HTML, then began messing around with event handlers (thanks to Joe Burns at HTML Goodies). I eventually wrote my own basic Checkers game in JavaScript, which caught the attention of the programming instructor in my high school. He invited me to his Programming III class, which was C++, skipping two years of BASIC (I still don't know how to program in BASIC). While taking the C++ class, I started teaching myself Perl and had my first introduction to Visual Basic in a marine biology class (oddly enough) putting together an ecosystem simulation in Excel with VBA. Then came PHP, Java, Python, shell scripting,...
For immediately visible results, I recommend an interpreted language. I know I'm biased, but I think JavaScript is a good introduction: loops, conditionals, recursion, OOP (to a degree)... Furthermore, you don't have to learn a GUI toolkit (although I guess you could equate the DOM with this). Best of all, it's platform-agnostic.
For a book, I learned C++ with Deitel & Deitel. I leafed through a D&D JavScript book shortly after that class and I noticed all the examples and assignments in the beginning of the book were identical (they mostly just replaced cout << with document.write()).
And yes, buying an Xbox so you can hack it is also retarded.
I just bought a used Xbox (not the 360) for $50. With a simple modification, I can get it to run XBMC. I've already done this once before. This is a very powerful and versatile platform, and it's dirt cheap. How exactly is this “retarded”?
And even if they were, and then they were marked as such, do you really want the changelog easily greppable by them?
In a word, yes.
The changelog is useful. Obscuring it or leaving out relevant information in fear of someone abusing it is silly.
While we're at it, why don't be ban all “hacking tools” (like nmap or nessus or gcc), guns, knives, etc.? While it's true that they can be useful, they can also be abused!
If you're using JSON, you're using eval(). Sure, there are some workarounds that avoid calling the eval() function directly, but in the end, they all eval-uate remote code.
JSON parsers use eval() after checking the JSON string to make sure it's actually a JSON string.
Slashdot Mirror
FTW. Who are they trying to kid? They are building man/machine interfaces.
No, they're building rat/machine interfaces. Duh.
To make matters worse, companies will often shove network drives down your throat via the domain policy, that, once your password changes, lock you out of everything. Security through inconvenience of your authorized users. Great!
If you don't enforce this, regardless of what you say lots of people will save everything locally and you either wind up having to backup (and be prepared to restore in the case of hardware failure) an inordinate number of PCs or you have people losing data when their PC dies.
...Huh? Don't you mean if you do enforce this...?
So, then, what's the solution?
Belief is the antithesis of science.
My employer has direct contact with several of the universities in the area (Boston). I recently (~two months ago) interviewed a handful of candidates and ended up hiring two. We only go through universities for finding candidates for our internship programs; we don't accept unsolicited résumés.
After working closely with one of these interns, I completed an evaluation for consideration as a full-time employee.
I can't imagine the IOC wants to be associated with the atrocities alluded to.
And yet, by hosting the Olympics in China, they are anyway. If that is the case, they should've thought harder about their choice of venue.
And then watch people die left and right from anaphylaxis. Brillant!
You actually RTFA? Wow... you're a pioneer... boldly going and all that... like James T. Kirk... or something...
I see. I'm supposed to be able to look around corners for rogue cyclists and dance around them when they don't show courtesy for people around them, ESPECIALLY when they come out of nowhere going 20 mph. Well, my apologies, then. Everyone knows all cyclists have lights and bells and it's impossible to not see them. They're just as big as cars, right? (Nobody said anything about (not) looking both ways.)
Not going the wrong way down a one-way isn't hard. Anyone who thinks otherwise shouldn't be operating a vehicle.
I see... what's the URL for using Gnus through my Web browser again?
Are you in Boston, by any chance?
The cyclists (mostly couriers, I think) around here pay no attention to traffic lights, one-way signs, or pedestrians crossing the road. There are lots of one-ways in Boston where pedestrians just wouldn't expect someone to come barreling down the street at them the wrong way. I've actually been hit by a cyclist going the wrong way down a one-way street. I had a severely bloody nose and a sprained ankle thanks to that loser (who also fell, scraped her knee, got up, started screaming at me for “not paying attention”, then just sped off).
I have absolutely no sympathy for the cyclists who get killed doing stupid things like running red lights and going the wrong way down a one-way. None whatsoever.
If you're a cyclist going the wrong way down a one-way in Boston and you see a tall man taking a swing at you, yeah, that's me. Obey the traffic rules or don't ride. It's that simple.
Was there even a point to your tirade?
My comment was in reply to your sweeping generalization that “everyone” knew using eval() is just setting oneself up for failure. json2.js is proof that, with adequate attention given to security, eval() usage isn't a problem.
To the best of my knowledge, as of this writing, the only browser that supports native JSON is Firefox 3/Mozilla 1.9: http://developer.mozilla.org/en/docs/nsIJSON -- this still excludes most people, however.
The rest all require an external parser, such as Crockford's, which eval()s JSON code for everyone else. If you personally feel like writing a JSON parser based entirely on a combination of regex and String.substring()/String.indexOf(), for the sole purpose of avoiding evil eval(), be our guest.
This made me LOL. Which caused me to get looks from coworkers. Now they're going to report me for slacking off. I'm going to get fired, thanks to you.
You're a job thief!
I also started with HTML, then began messing around with event handlers (thanks to Joe Burns at HTML Goodies). I eventually wrote my own basic Checkers game in JavaScript, which caught the attention of the programming instructor in my high school. He invited me to his Programming III class, which was C++, skipping two years of BASIC (I still don't know how to program in BASIC). While taking the C++ class, I started teaching myself Perl and had my first introduction to Visual Basic in a marine biology class (oddly enough) putting together an ecosystem simulation in Excel with VBA. Then came PHP, Java, Python, shell scripting, ...
For immediately visible results, I recommend an interpreted language. I know I'm biased, but I think JavaScript is a good introduction: loops, conditionals, recursion, OOP (to a degree)... Furthermore, you don't have to learn a GUI toolkit (although I guess you could equate the DOM with this). Best of all, it's platform-agnostic.
For a book, I learned C++ with Deitel & Deitel. I leafed through a D&D JavScript book shortly after that class and I noticed all the examples and assignments in the beginning of the book were identical (they mostly just replaced cout << with document.write()).
Tell that to the Ancients.
And yes, buying an Xbox so you can hack it is also retarded.
I just bought a used Xbox (not the 360) for $50. With a simple modification, I can get it to run XBMC. I've already done this once before. This is a very powerful and versatile platform, and it's dirt cheap. How exactly is this “retarded”?
And even if they were, and then they were marked as such, do you really want the changelog easily greppable by them?
In a word, yes.
The changelog is useful. Obscuring it or leaving out relevant information in fear of someone abusing it is silly.
While we're at it, why don't be ban all “hacking tools” (like nmap or nessus or gcc), guns, knives, etc.? While it's true that they can be useful, they can also be abused!
Mod parent insightful!
Where are my mod points when I need them??? +1 Underrated
I heard they're going after Excite first.
Have you heard? The chocolate ration has been increased to 25 grammes! Doubleplusgood, that!
In my best Jeff Foxworthy voice:
If you keep applying for the same job at the same place even when you're told “no” every single time, you might be a nutjob.
See http://www.json.org/js.html
If you're using JSON, you're using eval(). Sure, there are some workarounds that avoid calling the eval() function directly, but in the end, they all eval-uate remote code.
JSON parsers use eval() after checking the JSON string to make sure it's actually a JSON string.
cat http://www.json.org/json2.js | grep eval(
I wouldn't count on first-party titles remaining console-exclusive forever. Look at Sonic the Hedgehog, for example.
a Windows OS
Windows 1.0 doesn't count.