|
My post The Unreasonable Effectiveness of C generated a ton discussion on Reddit and Hacker News, nearly 1200 comments combined as people got in to all sorts of heated arguments. I also got a bunch of private correspondence about it.
So I'm going to answer some of the most common questions, feedback and misunderstandings it's gotten.
|
|
|
|
|
I write a lot about website security. Sometimes I’ll publicly point out flaws in software but there are many, many other times where it remains a private conversation for various reasons. The one common thread across most of these incidents is that as developers, we often make bad security design decisions. It’s us – the organic matter in the software development process – that despite the best of intentions make bad choices that introduce serious risks. The best way to combat risks in software is to educate developers.
|
|
|
|
|
Terrence Dorsey wrote: The best way to combat risks in software is to educate developers.
Judging by recent security problems in the world I think the best course of actions are these:
1. Do not connect factories and nuclear power plants to the internet.
2. Do not store user passwords in plain text (Looking at you Sony)
=====
\ | /
\|/
|
|-----|
| |
|_ |
_) | /
_) __/_
_) ____
| /|
| / |
| |
|-----|
|
=====
===
=
|
|
|
|
|
3. Never link sensitive information to URL's with unrestricted access.
The equivalent of hiding your key under the doormat.
.
|
|
|
|
|
Terrence Dorsey wrote: The best way to combat risks in software is to educate developers management.
Takes time, costs money, and a dev is not a security-expert. Given time and money, quality is a given.
I've never met a project where security was ignored simply because the devs lacked understanding. Heard quite some people say "I'm not sure if this is safe", with the predictable answer that it's safe enough.
until the universe proves otherwise.
|
|
|
|
|
I’m learning a bit of R in my current stint at ThoughtWorks. Coming from python, I was happy to see most of the plotting functions are very similar, as well as many of the vector-level data handling functions. Besides the fact that lists start at 1 instead of 0, things were looking pretty familiar. But then I came across something that totally changed my mind. In R they have these data frames, which are like massive excel spreadsheets: very structured matrices with named columns and rows, on which you can perform parallelized operations. File under: stupid data analysis tricks.
|
|
|
|
|
PHP is not a “real” or “pure” functional language. Far from it. We don’t have a proper type system, the cool kids make fun of our exotic syntax for closures and we have array_walk() that looks functional but allows altering state. Nevertheless, there are a few interesting building blocks for functional programming. Eventually I'm going to convice you guys that PHP is still cool.
|
|
|
|
|
Math Problem of the Day: In this post, we’ll explore a scenario where the non-commutativityassociativity of floating point arithmetic can lead us into trouble. I prefer to blame the CPU.
|
|
|
|
|
So you had a project. You scratched your head a couple of days and came up a really nice and robust design. “The design solves the problems now and it should be able to handle future changes.” You thought that.... Two years later, the ‘future’ has come. What gives you joy in coding?
|
|
|
|
|
Terrence Dorsey wrote: What gives you joy in coding?
...not corporate firewalls deciding random sites are "suspicious".
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
Japanese digital device consumers are some of the savviest in the world. So, a report Thursday showing that the Nexus 7 has bested the iPad in market share is worthy of attention.... Not surprisingly, one of the big draws of the Nexus 7 -- which is co-branded with Asus, the manufacturer of the tablet -- is price, according to Nikkei. It's about a $100 less in Japan than Apple's least expensive tablet, the iPad Mini. Morphology? Longevity? Incept dates?
|
|
|
|
|
Is the recent drop in Apple share price + the reduced orders for iPhone5 supplies maybe a bit of a clue?
|
|
|
|
|
Following the trend of bell bottoms and the atari 2600... the ipad fad is beginning to fade.
|
|
|
|
|
thrakazog wrote: ipad fad
The iFad?
Bob Dole The internet is a great way to get on the net.
2.0.82.7292 SP6a
|
|
|
|
|
|
In politics we often hear that every vote counts. In Reddit, we can actually figure out how much each vote counts. If I upvote or downvote a post, how far does my individual vote move that post in time? If my calculations are correct, when this baby hits 88 upvotes per hour...
|
|
|
|
|
In the last few years, many of the larger mainstays of the existing database industry have leapt onto the bandwagon. Companies like Microsoft, Dell, HP and Oracle have made many strategic and tactical moves to stay relevant with this move toward big data and nosql databases solutions. However, the leadership is still outside of these stalwarts and in the hands of the open source community. Notice that the results are in a linked list, not a table.
|
|
|
|
|
Firefox is widely regarded as a very secure web browser, and that’s a reputation that Mozilla has worked tirelessly to build over the past eight years — blacklisting extensions, shutting down insecure plug-ins, revoking certificates, and patching holes as quickly as they appear. But even Firefox has some lingering security issues. One of those is the ease with which a third-party application can sneak unwanted (and potentially malicious) extensions into a user’s profile.... All your silent extension installs are belong to us.
|
|
|
|
|
There is so much happening on the Internet during a year that it’s impossible to capture it all in a blog post, but we’re going to give it a shot anyway. How many emails were sent during 2012? How many domains are there? What’s the most popular web browser? How many Internet users are there? These are some of the questions we’ll answer for you. We found over 3500 news posts for you in 2012... and more are on the way!
|
|
|
|
|
The danger of aggregating numbers from multiple sources without doing anything to sanitize differences in methodologies...
Quote: 61% – Share of emails that were considered non-essential.
68.8% – Percentage of all email traffic that was spam.
...so apparently 11% of all spam sent is considered essential.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
A parcel containing a camera is sent to Julian Assange at the Ecuadorian embassy in London through the Royal Mail. Through a hole in the parcel, the camera documents its journey through the postal system.
Go to https://twitter.com/bitnk/ to see some of the images (the primary website is being overwhelmed with traffic, so they're using Twitter instead for the time being).
|
|
|
|
|
Shame their all just images of darkness!
=====
\ | /
\|/
|
|-----|
| |
|_ |
_) | /
_) __/_
_) ____
| /|
| / |
| |
|-----|
|
=====
===
=
|
|
|
|
|
The live feed has been like that for a while, but they had a bunch of images of the package in transit before. If it gets to where it's supposed to be, we should eventually see Assange.
|
|
|
|
|
|
"if it's behind a paywall, it hasn't been published."
Word.
Reminds me of when ISO 8601:2004 became available. I grudgingly paid about $100 (US) for a copy. I wasn't allowed to give anyone a copy, but I wrote up a summary of the changes and put it on the Yahoo ISO 8601 group.
|
|
|
|