Maybe I'm still not getting your point. Sure, if you need to understand the details of Unicode character composition and such because you're the one rendering the output glyphs, or you want to sort or search across different encodings of the same word, that's rough, but there's no excuse for a security failure while doing those tasks.

On your other point: the notion of "sanitizing input" is fundamentally flawed to begin with. You can never know what future framework that user data will be interacting with, and what might be interpreted as an escape sequence in that mysterious future, but you can assume that the guy doing that future work will just assume "the input was sanitized", and you're screwed. Instead, don't go there. If e.g. you need to store a user string in a SQL DB, do it in such a way that there's no possible problematic string (perhaps the DB has a way of doing queries that's guaranteed safe, for example). If e.g. you need to send a user sting inside an XML blob, just convert the user string to a hex/base64/whatever representation first - guaranteed safe.

What usecase were you thinking of that makes any of this hard at all?

A contract would have prevented that just as well as a law, is the thing. Engineering a shortage in an attempt to corner a market is hardly a new idea - it's older than the idea of commodities markets, for sure. That's why commodities contracts are carefully written, backed up by especially brutal contract law, and market rules prevent any one entity from controlling too large a position.

All of this is centuries-old best practices, and none of it requires price-fixing.

There are plenty of laws around modern markets. That's how they evolved. Trying to make some sort of anarchist strawman really doesn't make you look smart, you know.

What there aren't are prices fixed by law. It's really not that complicated a concept: government regulating product quality, fraud, and contracts: good; government setting prices or granting monopolies: bad.

You miss the point. The exact problem with retail price controls and a wholesale free market is that it's vulnerable to gaming, Enron-style. Proper markets expect every participant to be gaming the system as hard as they can. They're built on it from the start, have evolved for centuries to cope, and they work nicely for most commodities in the world - just a few government-granted monopolies left over causing problems.

Well, when a state school didn't come with a crushing debt burden, it was much less of an issue (compared to even 10 years ago it's nuts). My own solutions was to get that first job in my home city, paying peanuts, then once I had enough experience to be credible, move away. That first job wasn't so hard to get because everyone else was doing the same thing, so they were constantly hiring.

With you on the home economics. I was such a moron with money for almost the first 10 years.

Ha! That's been happening continuously since the beginning - better languages, better frameworks, etc. You almost never need to write a toolkit these days, or a script to refactor code in some simple way. I started with assembly, and for all Java's many problems, it's several times as productive. Turns out the need for programmers is mostly limited by budget, not by the universe of problems that need to be solved, and so more companies started hiring developers as the better tools made the payoff better.

One or two; one or two. Somehow I've never managed to develop one that would crash due to malformed input, however.

You might be right, but it's such an old problem - it was a big deal 10 years ago in the Windows world as UCS2 didn't handle it. C# was actually UTF from the start, like Java, of course.

Still, crashing because of, what, a null in the input? I could certainly understand truncation (just like other incorrect display problems), but a crash?

UTF8 has nothing to do with it.

The problem commonly is: people try to "clean" input with some stupid regex, rather than treating all user-provided strings as permanently dirty. You can do anything you need to, risk-free, with this attitude. You have to understand the encoding you use for storage/transmission (if your framework doesn't provide a way to safely, blindly store/transmit any string, then just encode the string in some way first), but that's a much, much smaller world than the universe of possible user string.

Render? Displaying a glyph incorrectly is one thing, but crashing or leaving some exploit open is raw incompetence. Parse? If you need to parse user input, you likely have bigger issues (if you're running user scripts or whatever). Compare? Again, you might get the order wrong (is there even a defined order for pictographic languages?), but crashing is inexcusable.

They're just bytes for fuck's sake. What kind of moron can't process them safely in this day and age?

But then, this is Chrome we're talking about - the initial release would crash with a 2-character string (";=" was it?), due to an error that never should have made it past code review - subtracting 1 from an unsigned value, then using the result as a limit in a for loop IIRC. Might as well be checking your passwords into github.

Total bullshit in every way. It's like you can't think beyond your hatred of brown people. Programming is a world market, and you compete with the world for jobs. Every H1B is a person who is paid more than they would be to do the very same job in their home country! And they pay US taxes, besides. The tragedy of the H1B program is that we should just be giving them green cards instead - we surely need to tax revenue in the coming years!

The nice thing is: there are still plenty of jobs world-wide. There was a time when the labor pool in programming was increasing exponentially as every country with a CompSci program was opened to outsourcing for the first time, but that's all explored now. The world's supply of coders is expanding linearly now, as all the worlds universities crank out coders at a steady rate (plus the few like me who make it without the degree). The demand is growing faster.

The US economy just went through a long-ass downturn, nothing programming-specific about it (blame the banks and the politicians that enable them). But the big software companies are hiring like crazy now (my team has 9 open positions, it's nuts), and while you may have to move away from Arkansas to where the jobs are, that's pretty much win-win.

Schools as they are teach kids to be good little manufacturing workers. That was actually a great idea 100 years ago, but now the "novel fad trend" has passed. Coding seems pretty likely to be a rewarding job skill for the next 100 years. As everything that can be automated becomes automated, there will be plenty of jobs developing that automation.

I am saying there shouldn't be consequences for what he did. Nothing on Facebook is trustworthy. Nothing done by Facebook is trustworthy. Burning Facebook to the ground, scattering the stones, and salting the earth should not have consequences.

Yes, yes it is. It's not acceptance, but it's tolerance. Tolerance is the willingness to live and work alongside people you dislike while working to outlaw the actions you dislike. Driving people out of their jobs? Not tolerance.

It has already started, around the edges, with non-Church wedding chapels and the like. Again, review the insanity of the eHarmony verdict. The stat will compel you to provide service against your conscience.

I see you don't understand markets. You also don't understand the very clear history of central planning committees. There's nothing therefore for us to discuss. Enjoy your community-based reality.

What does "hurts the same" have to do with anything? That's just a baseless assertion of a moral principle - you need to argue for that principle. There's no doubt that "everyone pays the same dollar amount" is fair - totally unbiased by any prejudice. Just like settling a court case by flipping a coin would be - totally fair. Fairness is perhaps not the highest goal?

But to argue from "righteousness", you have to establish a moral basis, and humanity has never been able to agree on that. It all comes down to values, and no matter how obvious a given moral principle seems to you, intelligent people may disagree, as it's impossible to argue morality from fist principles (well, other than the "God said so" principle).