|
Interesting though that Google had this functionality in Chrome at least 3 years ago....
....and that quote starts...
Kent Sharkey wrote that : Microsoft yesterday...
So yesterday, Microsoft. So yesterday.
EDIT
Oh here's the Chrome extension that does that.
Chrome Remote Desktop - Chrome Web Store[^]
|
|
|
|
|
When you are dead, you won't even know that you are dead. It's a pain only felt by others.
Same thing when you are stupid.
modified 19-Nov-21 21:01pm.
|
|
|
|
|
And I live in that extension some days, how could I have forgotten it.
TTFN - Kent
|
|
|
|
|
Do you ever feel over-extended ?
«While I complain of being able to see only a shadow of the past, I may be insensitive to reality as it is now, since I'm not at a stage of development where I'm capable of seeing it. A few hundred years later another traveler despairing as myself, may mourn the disappearance of what I may have seen, but failed to see.» Claude Levi-Strauss (Tristes Tropiques, 1955)
|
|
|
|
|
That's a Chrome extension, not an HTML 5 app. So to get the benefits, you must be using a specific browser. Having it in standard HTML 5, rather than an extension, is an obvious improvement.
"If you don't fail at least 90 percent of the time, you're not aiming high enough."
Alan Kay.
|
|
|
|
|
Gosh, what could possibly go wrong ?
«While I complain of being able to see only a shadow of the past, I may be insensitive to reality as it is now, since I'm not at a stage of development where I'm capable of seeing it. A few hundred years later another traveler despairing as myself, may mourn the disappearance of what I may have seen, but failed to see.» Claude Levi-Strauss (Tristes Tropiques, 1955)
|
|
|
|
|
Oracle has just announced the general availability of Java SE 9, Java EE 8 and the Java EE 8 Software Development Kit (SDK). From now on, it’s all about faster releases and more open source engagement. Best download quickly, before they decide to postpone it another year or two
|
|
|
|
|
Vulnerabilities in Android code -- including but not limited to insecure data storage, unprotected inter-component communication, broken TLS implementations, and violations of least privilege -- have enabled real-world privacy leaks and motivated research cataloguing their prevalence and impact. Researchers have speculated that appification promotes security problems, as it increasingly allows inexperienced laymen to develop complex and sensitive apps. Anecdotally, Internet resources such as Stack Overflow are blamed for promoting insecure solutions that are naively copy-pasted by inexperienced developers. In this paper, we for the first time systematically analyzed how the use of information resources impacts code security.
[...]
The participants were assigned to one of four conditions: free choice of resources, Stack Overflow only, official Android documentation only, or books only. Those participants who were allowed to use only Stack Overflow produced significantly less secure code than those using, the official Android documentation or books, while participants using the official Android documentation produced significantly less functional code than those using Stack Overflow. To assess the quality of Stack Overflow as a resource, we surveyed the 139 threads our participants accessed during the study, finding that only 25% of them were helpful in solving the assigned tasks and only 17% of them contained secure code snippets.
[...]
Taken together, our results confirm that API documentation is secure but hard to use, while informal documentation such as Stack Overflow is more accessible but often leads to insecurity.
Does the results apply to CP too?
|
|
|
|
|
Researchers have speculated that appification promotes security problems, as it increasingly allows inexperienced laymen to develop complex and sensitive apps That is not due to appification, but a choice made by the person spending money. Also not a new trend in IT, and one of the reasons I do not pity any company that is "hacked" after forgetting to lock their door.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
I see 2 good points...
- Stack Overflow users create more functional code - yes because it is an idea resource and provides a lot of good code snippets.
- Stack Overflow users created less secure code - yes because a 'correct' answer 2 years ago can be a broken algorithm today.
Stack Overflow is great for ideas and examples, but ultimately, bleeding edge technology (security) isn't reliably there - and you must read the manual. Most folks don't recognize a difference between coding security (which is constantly updating) and coding other features (which are much more stagnant by comparison).
I updated a security related question on SO some time back because the 'correct' answer from a few years back was absolutely unsafe in today's environment. Not that it was wrong then - but how can a person recognize the difference when he/she can't even get the basic code running?
|
|
|
|
|
I think it has more to do with "what's easy" vs "what's right". The fact is that application security isn't bleeding edge; it's just a pain in the ass.
Let's take a basic and old standard: passwords.
There are plenty of ways to implement password protections, but there are very few ways to implement passwords properly. You might find an answer on SO (or CP for that matter) that will do the trick, but do not consider how to properly secure the password in transit. A dev might look at the documented standard for password handling, balk, and use an easier pattern found on a code website. It happens all the time.
How about another oldie-but-goodie: SQL injection. The attack vector hasn't changed in 20 years, and it can affect any software that processes SQL regardless of age if not approached properly.
By and large application security has more to do with how you handle APIs and data than with what APIs (i.e. technology) you're using.
"There are three kinds of lies: lies, damned lies and statistics."
- Benjamin Disraeli
|
|
|
|
|
I was thinking more along the lines of encryption algorithms, communication protocols, and the like - which do change frequently as they are broken and new must be used. There are some security vulnerabilities that must be monitored and updated very frequently (bleeding edge).
I'll agree that Password requirements and sql injection are fairly old hat by now and those types of things are known on Stack Overflow.
|
|
|
|
|
... and people who only used books produced apps that only use features that are at least a few years old?
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
At the Bloomberg Global Business Forum today, Carlyle Group co-founder and CEO David Rubenstein asked Microsoft founder Bill Gates to account for one of the most baffling questions of the digital era: Why does it take three fingers to lock or log in to a PC, and why did Gates ever think that was a good idea? But sometimes you really need to give three fingers
|
|
|
|
|
Not that again. What rubbish.
|
|
|
|
|
Because in the DOS days kiddies, a CTRL-ALT-DELETE was immediate and fatal to anything you might have going without confirmation. So it was best to make it next to impossible to accidentally execute.
Rant
I miss it - thank goodness we still have a reset button.
Now we not only have "Are you sure?" but the joys of "Working on Updates Don't turn off the PC."
/Rant
|
|
|
|
|
One reason was that anybody needs both hands for it and so cant do it as easy per accident.
The history of Windows begun by copying from the MacOS.
Press F1 for help or google it.
Greetings from Germany
|
|
|
|
|
Which in turn, was copied from the Xerox OS, along with the mouse.
When you are dead, you won't even know that you are dead. It's a pain only felt by others.
Same thing when you are stupid.
modified 19-Nov-21 21:01pm.
|
|
|
|
|
Old news, but I still disagree. It gives me warm and fuzzies.
|
|
|
|
|
Kent Sharkey wrote: But sometimes you really need to give three fingers
I don't give any finger. I just take away four.
|
|
|
|
|
Pluralsight IQ is designed to assist developers in assessing their competencies and determining their proficiencies relative to their peers. 20 questions to find out just what you know
Or at least to figure out if it's bigger than a breadbox.
(Which is about 21,000 cm^3, apparently)
|
|
|
|
|
Kent Sharkey wrote: Pluralsight IQ is designed to assist developers in assessing their competencies and determining their proficiencies relative to their peers.
I failed. Doesn't that mean everyone is dumber than me then?
|
|
|
|
|
This feature was already there, they just updated the name for it i think, i used to do assessment for C# and it would rank the level of developer that is he novice, intermediate or expert.
|
|
|
|
|
I took that test too...
After 15 years of coding (started .NET around 2004 I think), it turned out I was a novice at C# and given the associated beginner's learning path.
It gives 1 'retry' without doing the learning. I retried the next day and rated as expert and given a very different learning path (exempt from all beginner and intermediate modules). I didn't learn anything in between - so I think those tests are a little suspect
|
|
|
|
|
i appeared two times and both times i was given expert rating, but i followed intermediate courses too to get more better understanding.
|
|
|
|