|
pg--az wrote: How embarrassing, I did not immediately notice the issue with "redefining ==" - you are rewarded with a free book tip, Jeff Johnson's latest "Designing with the Mind in Mind", might be alternately titled "Don't even TRY to make me think". This is a brief very-well-edited book, if you haven't got a lot of time the book-price for this slim volume is OK because you learn a lot in few pages, there's no "padding".
Thanks. I am good at designing consumable classes/services/subsystems/frameworks that do not make programmers think more than they are supposed to, and sometimes make them think less. Perhaps because I am a fellow programmer, and I especially like systems programming. On the other hand, I am terrible at designing user interfaces that do not make users think more. Designing user interfaces is more of an art than a technical discipline, especially if your users are not engineers, accountants or finance guys.
pg--az wrote: Also on the same topic, somewhere in Gary Kasparov's "How Life Imitates Chess", he describes how he carefully designed his first try at a chess website, because after all who could be expected to think more than world-class-chess-player-wannabe's. But the usability cameras captured these folks just instinctively clicking without a conscious thought, the way we all do, sigh.
Help: First read without the parentheses. Then use the information in parentheses to add context/extra information/gratuitous pedantry.
Well, after having spent my whole childhood and adolescence believing I was inherently superior because I could do math and science (this is what gives you license to be pedant in first place, but, wait, there is more), learn languages with ease (by tackling grammar and syntax first, and only then vocabulary, unlike most people), play chess (I was second board of my first school's team (not because the guy on first board was stronger, but because he was more calm than I, and could handle losses better) and first board of my second school's team), understand music theory (which is nothing more than "applied" (for non-real world definitions of "applied") integer arithmetic modulo 12), tell a musical note right after I listened to it (aka absolute pitch, which I could have applied in real life to impress chicks by playing their favorite songs, but I had my own set of favorite songs, mainly Dream Theater "songs" back then, and I was like "I do not play the s*** you listen to"), and write computer programs (mostly programs that solved my physics homework assignments, hahaha, because I was too clever, see); I have finally come to realize that I make the same mistakes most people do on most situations, like clicking instinctively without a conscious thought (heh, this is why I use a Mac everyday and not, say, Linux); and even some mistakes most people simply do not do (like getting my girlfriend pregnant despite not having the means to support her?). Thus, why not take into consideration the fact people are just not clever, when designing things to be used by people?
Eduardo León
modified on Wednesday, October 20, 2010 10:45 AM
|
|
|
|
|
leonej_dt wrote: e believing I was inherently superior because I could do math and science
Yes, me too. But what might count even more is the "Visio-spatial tasks", like say picking up a pail of water with a "Cat 432 Backhoe-Loader". If you go to youtube and search for (( BBC Secret of the Sexes (part 2) )), you get the thumbnail of the woman in the cab with the yellow-hard-hat. This is a FASCINATING video, probably motivating you to go back and get the context from part 1, parts 3 and 4 are also great.
leonej_dt wrote: learn languages with ease
You're one-up on me there, but again if you goto youtube and search for (( tammet icelandic language )), the fourth hit mentions that Daniel Tammet learned icelandic in a week, to a sufficient conversational standard to pass muster on a TV Talk Show ! I forget exactly which of the videos shows snippets from his week-of-learning, and then the final TV appearance, but this is amazing. It motivated me to read his book "Embracing the Wide Sky" which contains great insight into how being multilingual really DOES have "spin-off" benefits in other areas, especially of course if you got thay way as a toddler.
Probably you should not dare to reply, these are the top tidbits on my personal armchair quest to get a meta-model of my own mind, but most likely we could continue WAY off-topic on this.
pg--az
|
|
|
|
|
|
The language doesn't, but maybe the author of this crapware does. What he should get instead is death by redefining his extremities as hamburger.
|
|
|
|
|
Proof of the old adage that you can write rubbish in any language. Just because you used a hammer to remove your own teeth, does not imply hammers are faulty.
|
|
|
|
|
A new low in obfuscation. Why use just the comparison operators when you can involve the rest in the task!! I'm curious what this person was thinking in doing this? Of course, there is the attendant fear of discovering what they were thinking.. I retract my question.
|
|
|
|
|
Just making some changes on my project, found this pearl on a catch block which was the subject, wrapper with the exception message and stack trace:
errormessages += "Fatal error. Please Restart. We are sorry." + sessionExp.Message + ";" + sessionExp.StackTrace;
|
|
|
|
|
Not sure what the horror is. Looks like it is just accumulating error messages (though a list or StringBuilder would seem more appropriate). By the way, you may want to toss that code in a PRE block.
|
|
|
|
|
If this is .Net, the horror is using .Message instead of .ToString() which will already include the StackTrace
|
|
|
|
|
Not sure I would call that a horror either. The ToString might include the stack trace, but even if it does it probably doesn't have the message in front of the rest of the stack trace, as is the case with this example. If this is a log that is meant to be read by humans, it would seem smart to put the message ahead of the rest so people can avoid having to scan through the stack trace to get to the most important part.
|
|
|
|
|
I think the "We are sorry" bit is the horror.
You never admit liability.
The correct message should read:
"You screwed up the system again. Look here's a stack trace of all the functions you broke. Call the Helpdesk and apologise and maybe...just maybe we can get this sh*t working before Monday.
You've made me miss my sons soccer game tomorrow. You do realise that don't you? He'll be heartbroken. He still hasn't recovered from the weekend you made me miss his brithday by trying to print an end of month report in the middle of the month. It's called the end of month for a reason you MORON.
Do you care? Noooo, you're a user, you swan in here Monday to Friday, breaking systems when you feel like it. You'll probably spend the weekend fishing."
-Rd
Hit any user to continue.
|
|
|
|
|
That's awesome. I should have tried those messages in my college projects...
|
|
|
|
|
Just last week a security flaw was discovered in the company I am working for as a contractor. The IT Security audit department found that directory browsing was enabled in one of the website of the QA environment which was open across the internet.
What later was discovered that search engine crawlers had indexed all the documents that were in there and now anybody could find that information in google if they happened to search those keywords.
Has anyone come across things like this?
|
|
|
|
|
Nothing on that scale.
I did see a file once that listed a set of IP addresses that could hit a particular "sensitive" machine.
In debugging trying to get the security working, someone had stuck * at the end of the file.
They sadly forgot to remove the wildcard when everything was set up.
I believe it worked away quite happily for well over a year before anyone noticed. Nobody who shouldn't be there ever bothered to connect.
Those were simpler times of course.
-Rd
Hit any user to continue.
|
|
|
|
|
rohans84 wrote: I am working for as a contractor
Yeah, that's pretty bad.
|
|
|
|
|
its not when you know more about the system then their best employees
|
|
|
|
|
we had this ftp in our company that one day appeared full of porn
apparently anonymous access to the ftp was enabled
|
|
|
|
|
But it saves having to go out and search for it yourself.
In a related note, at another place I worked, every once in a while we went out to the network drives and searched for unauthorized files: music, films, etc. Sent the owners of the network directories nastygrams...and scarfed the content for ourselves.
|
|
|
|
|
Sometimes it is fun to just setup a machine, stick it out in the DMZ and see what happens to it.
Grab a pizza, sit back and what the logs... It is amazing how quick stuff gets found.
I was staging a machine once, got called to dinner and by the time I cam back it was full of stuff. Kind of funny really.
|
|
|
|
|
At a firm where I worked, a consultancy was contracted to prepare a new, interactive web site to allow people to make bookings on-line (this was when broadband first started being rolled out).
There were two problems with the new web-server:
The web-site itself (written using IIS/ASP (VB)) was unreliable and would crash intermittently, requiring a reboot of the server to wake it. The firm who wrote it were unable to find/fix the problem.
The ftp wasn't secured: one day, after the customary reboot to restart the web service, the machine started whinging about disk space etc. When I investigated I found some very cleverly hidden directories, hundreds of levels down a directory structure attached to the \Windows tree, containing hundreds of illicit copies of Playstation games which it was serving to the 'pirate' community...
Needless to say, we took the management of that server in-house from that point, and then also rewrote the entire site in PHP, hosted it on a small linux machine and had no further problems...
8)
|
|
|
|
|
My personal favorite was a lab machine we were (re)installing XP on, and we forgot to disconnect the network cable. The machine was infected with several viruses before the XP install completed...
Software Zen: delete this;
|
|
|
|
|
Camilo Sanchez wrote: we had this ftp in our company that one day appeared full of porn
apparently anonymous access to the ftp was enabled
Anonymous access to the ftp was enabled?
There's an excuse I need to remember.
-Richard
Hit any user to continue.
|
|
|
|
|
I just found my favorite. We paid a third party for a site redesign. They have talented project managers and artists, but crap developers. They added a link on every page that invites the world to "email this page to a friend." The .net app had input fields for from name, from email, to email, subject line(!) and "special message". The email body was "I thought you might be interested in this..." followed by the same full paragraph of legal crap we are required to use in our corporate sig. The mail was routed through our main exchange server. To demonstrate the danger, I spoofed an email as the CEO that looked completely legitimate.
|
|
|
|
|
I knew of an IT services company that had an incident once where they found one of their employees had been saving viruses on their personal network share! A "virus hobbyist", if you will, who had somehow figured that this was not only a good idea, but that it should also be done on the corporate network. Brilliant.
|
|
|
|
|
I know this is kind of off-topic but the worst security flaw I've ever seen/read about was at news. (5 o'clock, the morbid news here)
A 19 years old boy was home alone and he was... watching porn and doing other unchristian stuff.
After 4 hours of "working out" he closed the browser and put his torrents on seed and then went to sleep.
Well half an hour later his mother (who was very religious) came home and she had to check a few emails.
When she opened the browser some web pages were restored, 4 of which were porn videos. (like one wasn't enough >.>)
And the consequences: The mother castrated her child while he was asleep (with a salad knife, ironically) and popped out his eyes out of his head. (with the same knife)
Well, the mother ended up in a hospital (for severe mental illness) (St. Paraschiva Hospital ) and her (dead) son was buried... Her 4 other children ( ) were given to their grandparents.
Cause: Her son forgot to enable Private Browsing or open a Private Tab or use a similar feature of his browser.
Consequence: Castration, eyeball popping and, eventually, death.
Nobody died because of your security flaws. That boy did!
_______________________
Anyway, I use my netbook computer for "Shared Storage" - as I call it in the network. It's a folder in my laptop that I am sharing over the home network for code storage.
When I went to sleep, I forgot to shut down my netbook. The problem is, I also had Remote Desktop enabled for all connections and I was connected to the internet!
Well, while I was asleep, someone broke into my netbook and copied all my codes for himself and now he's making lots of money out of it - while I am making free, little programs for both personal and public use.
I can name that person but I won't, because it's not nice. I'll remain with the knowledge out of this... (Which is more important than money, in my humble opinion.)
The flaw(s) is(are) Microsoft's f***ing fault - When someone attempts to remotely connect to your computer, you are given a 20-seconds warning to log out or you will be automatically logged out OR that I forgot to shut down my computer. That person or someone else would have eventually broke into my netbook but whatever.
Because of Microsoft and/or my remembering skills someone else makes now profit (Which I could use a lot these days!).
I <3 C#!
|
|
|
|
|