Forgot your password?
typodupeerror

Comment: Doesn't CSS Already Solve This? (Score 1) 161

by Carcass666 (#47812993) Attached to: New HTML Picture Element To Make Future Web Faster

You set up a background image for elements in CSS, with the appropriate media queries. What do we need another new tag for? If you are building responsive sites, you should be managing it in CSS anyway. Embedding CSS type media queries into a document tag is about the same as including embedded styles instead of classes. It makes for ugly and redundant HTML (okay, HTML itself is redundant, but stating that would be redundant... er...).

Comment: Fundamentals (Score 1) 116

by Carcass666 (#47642909) Attached to: Wiring Programmers To Prevent Buggy Code

In the B2B space, a lot of code gets written to wire up databases to front-ends of some time, and most of the time it involves an RDBMS. Unfortunately, with all the reliance upon ORM frameworks, developers often can't write or diagnose decent SQL to save their lives. We have a good chunk of Oracle code written by a large integrator, and there are innumerable cursors, one after the other, where a simple SQL join would have done the job much more easily. In Microsoft land, people are leaning way too much on LINQ, with transaction integrity and locking effects as distant afterthoughts.

On the front-end, things are even more chaotic. Whatever Javascript or UI framework you are using, there is always something newer, more "efficient" and inevitably more buggy if you don't take the time to learn to use it properly. Something like Angular is very cool, but very different, and there is a lot of front-end time to learn to use it properly in a production site. Unfortunately, in B2B space, we don't always get the time we would like to learn how to use the latest "hotness".

Abstraction for abstraction's sake is a killer too. Templates, abstraction and such re-use techniques get way overused. Yeah, it might be nice if every single block of code was reusable, and we could arbitrarily stub in test data for every possible call, but the complexity isn't always worth it. Setting up three levels of abstraction to make a class library call that was already abstracted accomplishes nothing. People that code this way never had to worry about stack or heap.

Maybe I'm old, maybe I'm yelling "get off my lawn", but I truly believe that, for especially internal, B2B applications, a focus on fundamentals would make life a little easier to manage.

Comment: Re:Bears repeating (Score 1) 126

by Carcass666 (#47614521) Attached to: Alleged Massive Account and Password Seizure By Russian Group

Not sure I get what you are saying... Is it that Putin is sitting in his easy chair, munching caviar, laughing about "those crazy kids", and that he is above instructing his former colleagues at the FSB to check things out? What are we supposed to base Putin's indifference (or altruism) about this purloined user data? The lack of a Russian Snowden? Absence of evidence is not evidence of absence.

Comment: Shock and Awe (Score 5, Insightful) 220

by Carcass666 (#47272839) Attached to: US Supreme Court Invalidates Patent For Being Software Patent

A unanimous decision, authored by the most conservative voice on the court (Thomas) with a concurring opinion by one of the most liberal (Sotomayor). If this were the beginning of April, I would say this story was a prank. Yeah, it doesn't completely kill software patents, but it does seem to mortally wound the "business process + software = patent troll profit" problem that is plaguing software development. This is a good day for the judicial branch. It's a good day for the USA.

Comment: Re:Please make it a mental one (Score 1) 625

by Carcass666 (#47231201) Attached to: EU's Top Court May Define Obesity As a Disability

Health insurance != Health care costs. Health insurance is largely an American problem. You can argue its merits versus single-payer, but in countries like the UK and Canada, health insurance is largely seen as a queue cutting mechanism, and most people get on without it. Costs are going up everywhere, but per-capita, the US has among the highest cost in the industrialized world.

I don't understand how forcing people to buy private insurance is destroying the market, although it is certainly distorting it (types of plans are way more regulated than they ought to bbe). You can argue that forcing the purchase of insurance is beyond the powers of the federal government (which I agree with), but it's pretty far from single-payer socialism. States can set up their own exchanges, and choose whether or not they want to take the federal money for Medicaid expansion. I fully agree about the state of oligopolic competition with regards to medical insurance, but that is hardly a recent phenomenon.

Somehow you read my post complaining about subsidies (agricultural and Medicaid) and taxation as an endorsement of Obamacare, I'm not sure how you got there. If you live in the US, unless you are rich enough to have tax shelters sufficient to keep you from paying federal taxes, you are helping to pay for health care of those aren't paying for their own healthcare, you are helping to pay subsidies for corn farmers, and you are, in fact, one of "us". Like it or not, you are helping to pay for that person stroking out that has been living on snacks and fast food.

Comment: Re:Please make it a mental one (Score 1) 625

by Carcass666 (#47229525) Attached to: EU's Top Court May Define Obesity As a Disability

Who is "we?" I'm not obese. Nobody in my family is obese. My family does not manufacture nor sell food. Therefore, it is not my problem. I do not care if others are obese and die ae a result of their obesity. It is not my concern. You live your life your way, I'll live my life my way. There is no "we."

Yep, no obese people in my family either. I work and have health insurance (I'm in the US, it's a big deal here). And yet, I still care. Why? There are unpaid hospital bills in the amount of $41 billion. Except those bills really aren't unpaid now, are they? You might want to let the obese die, but doctors operate under the Hippocratic Oath and cannot turn people away from the emergency room because they are obese or poor. High insurance premiums and, of course, our friend taxes (which fund state-level Medicaid entitlements) are how the costs get covered. Prices rise because insurance (public and private) will only pay a portion of actual costs.

There is a "we" in US. Your federal taxes fund the subsidies to the corn syrup producers so politicians in the Midwest can remain relevant. The crop space used to grow subsidized corn used in corn syrup and ethanol make you more dependent upon product brought in from South America (not so bad, but does make our food supply vulnerable to political instability in that region) and food products from China (ask Fido how that's working out for him). Market distortion is a problem, and it affects all of us.

Comment: Integrated Appliances Already Hit by This (Score 2) 240

by Carcass666 (#47151089) Attached to: The Coming IT Nightmare of Unpatchable Systems

I have an Onkyo amplifier (mid-range) and an LG BlueRay player (low-end). A few months back, the Onkyo no longer could connect to Rhapsody (yah, I know, Rhapsody, but the wife likes it). Onkyo knows about it, and basically says "tough" because it's an old model (~ 4 years). I can use Chromecast, but it's an annoyance, because now I have to have a phone or tablet around to listen to music. The BlueRay player no longer shows images for Netflix in its bundled application. I can use Chromecast, but again, it's annoying. It's apparently in neither company's interest to update the firmware (which is updateable on both devices) to fix these issues, because they believe I will go out and by a more recent device (if I do, obviously it will be from neither of these companies).

The whole concept of integrated A/V appliances continues to underwhelm me. Fortunately, I didn't drop extra coin for a "smart" TV, but it seems that it's how the market is moving.

Comment: Re:Microsoft cheaper on the very short run (Score 1) 589

by Carcass666 (#46928367) Attached to: Microsoft Cheaper To Use Than Open Source Software, UK CIO Says

I dunno... I think since the Server 2008 days, Microsoft server OSs and application stack, such as IIS Microsoft SQL, plays pretty nicely in the SMB space, and are reliable and decently priced. You can throw up the servers and sites pretty quickly, and as long as you aren't talking about thousands of current transactions you're going to have good success, even without huge amounts of specific training. We run both Microsoft (mostly custom applications) and Oracle (mostly e-Business Suite) and when I compare the difficulty of managing the two from a server and updates point-of-view, I am shocked that Oracle gets away with what they do. Even Oracle's database, arguably their best technology, takes constant tweaking and tuning to perform fewer transactions than Microsoft databases. Granted, a lot of this is due to the poor coding of Oracle's EBS, but still...

It's when you have to scale the Microsoft stack out (when you get big enough to think about words like "enterprise") where it all sort of starts going downhill. Your standard server and SQL licenses have to be upgraded to their enterprise brethren to get real load balancing and fault tolerance, and it's not an incremental cost update, it's balance sheet altering. Your in-house team likely aren't going to have the expertise to stand up clusters and such, so your consulting and/or training budgets go way up. And eventually somebody gets convinced that Sharepoint is a must-have, and then your days of smooth sailing are forever over, and you start wondering if open source really would have been much worse.

Comment: Re:Source code can come with proprietary libs ... (Score 1) 88

by Carcass666 (#46414025) Attached to: Ask Slashdot: Reviewing 3rd Party Libraries?

In this particular case, the library is a component of a deployed system (put into place before I got here) for inventory management. The library is the "documented" way to be able for our website to be able to query the system and to be able to perform operations on the inventory (take some out of stock, put some back in, etc.). I could deal with the database directly, but then I don't have any guarantee that I am implementing the same business logic as the library. This particular vendor is very touchy about their proprietary code (and, after seeing a bit how it is built, I can certainly see why).

So, I guess the point I'm trying to make is sometimes, you're screwed, and you have to deal with the mess somebody else made. At least, that's where I'm at right now...

+ - Ask Slashdot: Reviewing 3rd Party Libraries

Submitted by Carcass666
Carcass666 (539381) writes "It is usually good to use existing libraries, rather than reinventing the wheel, especially with open source. Unfortunately, sometimes we have to work with closed source implementations. Recently, we were diagnosing a .NET assembly and, after getting nowhere with the vendor, ran it through a decompiler. The code was a morass of SQL concatenation, sloppy type conversions, and various things that are generally thought of as insecure.

My question is: What are Slashdot readers' preferred tools for analyzing .NET and Java compiled libraries (not source code) for potential security vulnerabilities? Ideally, I would like to know if a library is a security liability before I code against it. For example, Microsoft used to have something called FxCop, but it hasn't been updated for current versions of the .NET framework."

Debug is human, de-fix divine.

Working...