Forgot your password?
typodupeerror

Comment: Re:UX can only go so far (Score 1) 199

by Jaime2 (#47675259) Attached to: Ask Slashdot: Should You Invest In Documentation, Or UX?
You can't make UX the documentation because it doesn't cover all of the use cases. UX is great for answering the question "What does this button do?". You need independent documentation to answer questions like "How do I mail-merge?". This goes double for processes where the industry standard term is trademarked, so you can't actually use it in your product.

Comment: Re:Nobody kills Java (Score 1) 371

by Jaime2 (#47631891) Attached to: Oracle Hasn't Killed Java -- But There's Still Time

There's a lot of room for improvement in programming languages. New features aren't just novelty. The database/language impedance mismatch is still pretty big, language feature to support multithreading are still weak, strongly typed languages still need to handle "dynamic-ness" better. Microsoft has done a great job of introducing new features that people actually want while still maintaining backwards compatibility. Oracle is being way too conservative here and it does matter to their customers - even the big ones.

I spent a lot of time recently working at a fortune 20 company. Java was the official programming language of the company, but the Enterprise Architecture group was starting to lean closer to .Net when I left.

Comment: Re:JAVA EE is not dead. (Score 1) 371

by Jaime2 (#47630713) Attached to: Oracle Hasn't Killed Java -- But There's Still Time

For a language which forced Microsoft to up it's game with C#

Java has been playing catch up with C# for almost ten years. Attributes, generics, and lambdas were all added to Java long after they were added to C#. Also, Microsoft made them part of the runtime, while Java only made them part of the compiler (for the most part), so the features work a lot better in C#.

The point of this article is that Oracle has been slowing down the pace of innovation to an even slower pace than Sun was at, and Sun had already lost a five year head start to Microsoft very quickly.

Comment: Re:Nobody kills Java (Score 2) 371

by Jaime2 (#47630641) Attached to: Oracle Hasn't Killed Java -- But There's Still Time
"runtime and a language with a huge install base" describes a future where Java just coasts. By contrast, Python, Ruby, and .Net are all runtimes and languages (several languages in the case of .Net) with a huge install base that are actively introducing new frameworks, development tools, and feature on a regular basis. I'm calling an interpreter a runtime for the purposes of this conversation.

Comment: Re:Put in a separate table (Score 1) 62

by Jaime2 (#47626835) Attached to: Oracle Database Redaction Trivial To Bypass, Says David Litchfield
The number of possible valid credit card numbers is so small that any hashing solution can be brute forced very quickly, even if each record has its own salt. The only protection would be to make the algorithm secret, but then you've just reduced your system to security by obscurity and as soon as someone figures out the algorithm, you're toast.

Comment: Re:pdf.js (Score 2) 132

by Jaime2 (#47625663) Attached to: Ask Slashdot: Best PDF Handling Library?
I wouldn't recommend Office Automation on a server if there is any alternative. For beginners, there's too many gotchas and for advanced users, there's plenty of alternatives that will do what you want without too much difficulty. Office with .Net is especially problematic because the COM components run as out-of-process servers and due to .Net's garbage collection and COM interoperability, they are difficult to get to shut down properly.

Comment: Re:Put in a separate table (Score 5, Informative) 62

by Jaime2 (#47622897) Attached to: Oracle Database Redaction Trivial To Bypass, Says David Litchfield
In the payment card industry, this is called a token, not a hash. The difference is that a hash can be algorithmically generated from the source material, while a token cannot. Because there is no forward link outside the entity that generated the token to go from card to token, the tokens can be different at each merchant, making a loss of token much less of a problem than a loss of hashes would be. It's also 100% infeasible to break the token generating algorithm since there isn't one. In my experience, tokens are simply generated sequentially (skipping those that don't pass Luhn check). Another beauty of tokens is that they can pass validity checks for credit card numbers, so they can be handed to third-party software and treated just like card numbers, but without the risk of breach.

Comment: Re:So 40% dwarfs 60%? (Score 1) 256

by Jaime2 (#47613825) Attached to: 40% Of People On Terror Watch List Have No Terrorist Ties
They didn't say that. They said that the 40% "dwarfs the number of watchlisted people suspected of ties to al Qaeda, Hamas, and Hezbollah combined". That means that the second list is only a small portion of the remaining 60%. It also means that most of the 60% aren't suspected of having ties to the three groups - and therefore also are probably false positives. Note that they said "suspected", most of the 60% aren't even suspected of having ties to the big three.

We are Microsoft. Unix is irrelevant. Openness is futile. Prepare to be assimilated.

Working...