Forgot your password?

Comment: Re:de Raadt (Score 1) 304

by PhrostyMcByte (#46759751) Attached to: OpenBSD Team Cleaning Up OpenSSL

If Theo had a more constructive outlook, this would go a lot different and we'd all benefit.

Instead of screaming vitriol at someone's app architecture inadvertently defeating his platform-specific feature, he should be asking why they felt the need to go with that architecture (hint: it was a perfectly reasonable need), and perhaps if he can do something to make integrating his security feature easier for that type of architecture.

Like you say, freelists are an extremely common design choice when performance is critical. This security feature could be hugely beneficial to many apps that use them (like, say, Apache HTTPd). Instead you've got the too-common case of an unbending programmer mad at someone for having needs other than his own.

Comment: Right on. (Score 4, Interesting) 304

by PhrostyMcByte (#46759259) Attached to: OpenBSD Team Cleaning Up OpenSSL

Otherwise known as "the only sane way to simulate exceptions in C". Seriously. Read up on how "goto" is used in low-level code bases such as OS kernels, instead of citing some vague memory of a 1960s paper without understanding its criticisms.

People who don't use goto for error handling in C more often than not either have incorrect error handling or way too much error-prone duplication of resource cleanup code. It makes sense to very strictly warn newbies away from goto, much in the same sense that you warn them from multithreading. You don't want them used as a universal hammer for every nail in the code. At some point though, people need to jump off the bandwagon and learn to respect, not fear, these things that actually have some very compelling uses.

Comment: Re:That isn't what a CSci degree is for (Score 2) 287

by PhrostyMcByte (#46747623) Attached to: Bachelor's Degree: An Unnecessary Path To a Tech Job

Unless a programmer is working for a very large company, there's a good chance they're in pretty direct contact with their users.

Throwing someone into contact with users doesn't help someone become good at UX. Just look at the multitude of Open Source projects -- most of them interact directly with users and still end up with pretty atrocious UX that is designed based on the programmer's workflow and how easy it is to implement.

You did something wrong. You need to do step A, B, C, and you skipped over B!

Every time I hear this from a developer, I cringe. Good UX is a choice. You can train in it, but until you really alter your mindset towards user interaction and embrace it, your projects will suffer. It's so easy, too:

A user is having difficulty performing X. Is there something I can change to ensure they land on an optimal path next time?

Comment: His rant could apply to almost any large project (Score 3, Insightful) 301

by PhrostyMcByte (#46714863) Attached to: Theo De Raadt's Small Rant On OpenSSL

A lot of large performance-sensitive projects implement custom allocators in the form of arenas and freelists. Lots of platforms have a fast malloc implementation these days, but none of them will be as fast as this for the simple reason that the program knows more about its memory usage patterns than any general-purpose allocator ever could.

Not to say I can't understand Theo's point of view -- if he wants maximum security, then a program which bypasses one of his layers in the name of performance might not be the best for him.

On the flip side, the standards have no notion of such security layers and I feel it is perfectly reasonable for a team to not throw away performance in the interests of some platform-specific behavior. This was a bug, pure and simple. There's nothing wrong with using custom allocators. To say that "OpenSSL is not developed by a responsible team" is simply nonsense.

Comment: Re:Neat, for me.. And pretty much no one else. (Score 2) 42

by PhrostyMcByte (#46699525) Attached to: Sony and Toyota Bring Real-Life Racing Into the Game World

People who buy TRD are generally going for either aesthetics (the TRD exhaust for GT86 is rather unique looking), warranty/insurance, or loans. Increase my payment by $10/mo for the TRD catback? Warrantied and insured without question? Awesome, go for it!

People looking for perf will always go third party. You'll never see a TRD intake that gives large gains because it needs to work with the stock ECU. Go third party and you can get a giant intake that requires MAF scaling or a catless header etc. -- so many more options that TRD simply won't offer.

Comment: Re:Great news for (some) programming language fans (Score 1) 100

by PhrostyMcByte (#46665525) Attached to: Microsoft To Allow Code Contributions To F#

If you replace "functional" with "object oriented" and went back in time 20 years ago, your dismissive, skeptical attitude would have fit right in that era as well.

I think you've misread my comment, or perhaps I've not expressed my position well enough. You're speaking like I've dismissed functional programming. I haven't. In fact, I really love it! The parts of it that have bled through into the more imperative/OO-focused languages, like C#'s LINQ and your Python example, are phenomenal and a joy to use.

So, here it is again: not saying functional is bad. Certainly not being dismissive or skeptical of it. I'd just like to see what compelling features haven't yet bled through. What makes pure functional or even just mostly-functional languages useful, that isn't yet in other languages? What is the killer feature, the killer problem they can still solve way easier?

If a good, experienced programmer dives deep into a language for a month and doesn't surface with anything compelling, how much more time should they spend? I'm not looking to master F#, I'm looking for a reason to master F#.

Comment: Re:Great news for (some) programming language fans (Score 1) 100

by PhrostyMcByte (#46663743) Attached to: Microsoft To Allow Code Contributions To F#

F#, like it's other ML-based dialects, is amazing for solving certain problems in a expressive and concise manner ... it is still a joy to use when you can.

Can you give some examples? Many C-based languages have benefited by gaining strong functional aspects. With that, I haven't really found a reason to use a functional-focused language.

A while ago I decided to dedicate a month to coding in nothing but F# (my usual choices are C++ or C#) in attempt to find the areas they really kick-ass in, and just couldn't land on anything. There are some rare circumstances that I found it to be useful, but I just didn't find it compelling enough to warrant applying elsewhere. I'd never done functional programming before, I'm fully aware a month isn't long enough to master anything, but usually it's enough to discover if something has a really cool, earth-shattering aspect about it. So I'm honestly interested here -- what did I miss?

Comment: Sounds like a good band-aid for PHP codebases (Score 3, Insightful) 230

by PhrostyMcByte (#46537835) Attached to: Facebook Introduces Hack: Statically Typed PHP

Every few months someone announces a new fad language despite them rarely bringing anything new to the table, or the new things they do bring not being significant enough to warrant switching from some other well-established one.

I'm actually happy with this one, because it serves an easier to justify purpose: migrating your existing PHP codebase and developers to something that is immediately better and familiar.

Comment: Re:One side of the story (Score 1) 710

That said, I think what Julie Ann Horvath did was highly unprofessional. You do not badmouth your former employer, no matter what they did. You may sue them or come to an agreement that makes suing them unnecessary. I would not hire her now for the sole reason that she seems to believe discretion and loyalty to a company becomes optional after you leave. Not so.

I wouldn't badmouth a former employer, specifically because future hiring managers would see it as a huge red flag. And that's kind of pathetic, if you think about it -- if you're having a terrible experience that your higher-ups show no care of fixing, is it not ethical to warn others away from a poisonous company? The industry has scored fear into us under a facade of "professionalism".

Comment: Re:Alibaba and the thieves (Score 2) 93

by PhrostyMcByte (#46502373) Attached to: Alibaba Confirms Plans To Offer IPO In US

I guess it's a bit of a crapshoot if you get a bad seller, but the fact that prices are 1/4rd of what you'd pay to buy something similar domestically is a pretty good lure.

I've ordered twice from Ali Express -- once for a RTL2832 tuner, and once for a mini-Gorillapod knockoff. Both times I received exactly what the page advertised, in perfect condition and they continue to work great today.

Comment: Re:Dumb (Score 1) 358

by PhrostyMcByte (#46488975) Attached to: EU Votes For Universal Phone Charger

it wouldn't surprise me if we see a few more proprietary systems in the next few years.

It's already happening in the States. AT&T recently put its support behind Powermat, a competing and incompatible standard. They actually stripped Qi from a number of the phones they sell -- phones that on other carriers support it natively -- and instead offer Powermat charging cases for them.

% APL is a natural extension of assembler language programming; ...and is best for educational purposes. -- A. Perlis