Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Ballsy, but stupid ... (Score 2) 308

by Xest (#49377845) Attached to: Attempted Breach of NSA HQ Checkpoint; One Shot Dead

I absolutely agree with the latter half of your post, that these guys got what they deserved for trying to ram a military checkpoint, but I disagree that non-lethal options couldn't have worked.

I say this because I live in the UK, where non-lethal is the only option available to most our law enforcement officers, and they stop aggressive drivers regularly without harm. Even where armed police are involved they typically shoot the vehicle unless there's evidence one of the people in the car physically has hold of a gun and has started firing back. I do not believe it increases the overall risk to people doing the stop, because our officers also have far lower casualty rates than yours by just about every metric breakdown.

On a base like this I'm surprised they don't just have retractable barriers in the floor that a car simply cannot pass until the barrier has been lowered after being given permission to enter. From there it's trivial to hold guns up at the people in the car and tell them to get out slowly, without having to actually shoot them. These sorts of barriers are widely available, as are one way barriers that pop down when driven over, but block if you try and reverse back meaning such a vehicle would be completely trapped between two sets of barriers.

So whilst I disagree with the AC's view that these people shouldn't have expected to be shot, I do think there's some merit in his point that in the US the gun has in far too many circumstances become the first course of action, when it should really be the last.

Comment: Re:Product Placement Taco Bell (Score 2) 18

by Xest (#49352795) Attached to: Ordnance Survey Releases Mapping Tools

So Slashdot shouldn't post anything about new product or data releases ever because it's product placement?

It's not like Slashdot is shilling for some ultra-rich company in this case that's just trying to make a quick buck off the user base here. Ordnance Survey is the UK government's official mapping agency - it's a government department, not a private company.

More governmental data being release to the public is a good thing, as it's a continued expansion of transparency and freedom to access data that the tax payer pays to produce in the first place. Open access to data is a big deal in the tech world right now, and it's exactly the sort of thing a tech site like Slashdot should cover as a result - this isn't a story about the latest iWhatever.

Comment: Re:people are going to be saying (Score 1) 737

by Xest (#49344253) Attached to: Germanwings Plane Crash Was No Accident

I'm surprised at this point there's not been more effort to allow remote override of aircraft such each plane can have it's autopilot enabled remotely overriding the pilot's actions. I know there's always the fear of hacking, but would that really be much of a threat if:

1) The worst you could do remotely was enable an enforced pre-programmed autopilot course.

2) The system was secure with a one-time key that's set on the runway by an authorised individual

If you put this equipment in an area of the aircraft that's inaccessible during flight I don't really see how this could be a problem? Surely if you've reached a point where radio and radar contact have stopped making sense, and the pilot isn't responding sufficiently, you should be able to remotely force a plane back on course against the will of the pilot in this day and age? It would even likely save lives in the case of cockpit de-pressurisation and so forth. I get that you wouldn't want to do this all the time because the pilot is always going to have better situational awareness and might need to do things manually, but when the pilot is the problem, doesn't this make sense?

Is there a fundamental reason why this can't/won't work or is it simply that there's not been enough will for or interest in this sort of thing yet? It seems odd that we're talking about releasing secure self-driving cars, yet the far easier problem of self-flying planes (that frankly is already a solved problem anyway in modern drones) seem to be out of the question right now.

Comment: Re:Couch programmers bashing again. (Score 1) 179

by Xest (#49343743) Attached to: Modern PHP: New Features and Good Practices

"multithreading can be used to implement async io but it is not a requirement, see node.js."

Oh god. Node.js uses IOCP, which implements a thread based model. Did you think it used magic or something?

No wonder you're posted AC, you're just embarrassing yourself. Acting as living proof that PHP developers are clueless. Well done, you've successfully proven my points throughout.

Comment: Re:Couch programmers bashing again. (Score 1) 179

by Xest (#49342819) Attached to: Modern PHP: New Features and Good Practices

Okay, so it sounds like I was right then after all if you're conflating curl hacks which require the spawning of a completely different process and a full blown TCP connection to achieve anything with an actual proper threading solution or async IO implementation (FWIW I find it amusing that you claim multithreading and async IO are completely unrelated things and then pretend curl is an async IO implementation- facepalm. You don't even know how PHP's curl library works).

I was going to reply in a bit more detail to everything in between, but then I got to this section of your post and realised it's fruitless as you don't even understand the basics:

"You're still going to spend 90% of your time waiting on blocking io. you can't complete your request until that io request is done, sure if i have 30ms of php code executing and a 180ms sql query I can use asynchronous io to make that entire request take 180ms instead of 210ms, but you're still spending the bulk of your time waiting for that 180ms sql query."

There's two problems with this:

1) You still demonstrate that your knowledge doesn't stretch beyond basic CRUD environments, you believe that everything you do on the web is simplistic web front-end, database backend CRUD type stuff. This is false, and if you had any worthwhile professional experience you'd know that a lot more typically goes on behind the scenes than my first website type setups (but that's probably also why you think PHP is acceptable, because you're not doing anything that matters).

2) On one hand you're talking about high throughput environments, and on the other you're talking about a process only handling one client at a time, which is what I was referring to when I talked about the PHP way. In more professional environments you don't need a whole new process for each concurrent request. That's a massive amount of unnecessary overhead, and environments like .NET and Java allow you to simply process other incoming requests in the same process whilst one is awaiting IO.

You seem to completely lack any grasp of the cost of firing up processes, as you seem to believe that spawning a process is an equivalently performant thing to do as firing off a new thread. It's sad, and you just prove my point that PHP folks only support PHP so vehemently because they don't know any better.

There's a reason that PHP stirs up hatred towards it more than anything else (well, except maybe Javascript) - it's because it's objectively shit, and the only ones that can't see that are those that are inexperienced and don't know any better. Languages like C# and so on just aren't even close to as controversial because for the most part they largely just work as you expect them to, and aren't as poorly designed.

Comment: Re:Couch programmers bashing again. (Score 1) 179

by Xest (#49336425) Attached to: Modern PHP: New Features and Good Practices

Yeah you're right, I haven't touched PHP in a couple of years now so I haven't seen anything about (nor can I find anything even now) PHP's new async support for the things you list. Yes I'm aware it's now got some half-arsed threading support hacked in to move away from basing attempts at multi-threading on curl hacks, but it's not me you need to be telling this to - it's the other guy whose argument that PHP is fine performance wise is because you're spending 90% of the timing waiting on blocking IO, which is obviously nonsense. This was historically the PHP way and it shouldn't come as a surprise to someone claiming to be well versed in PHP that this is a deeply entrenched way of doing things in the PHP community for that very reason, but it's never been the way of doing things in the languages I mentioned because they've all been designed to support it from the outset.

At the end of the day, in things like C++, Java and .NET you've got control of asynchronicity through the entire stack, but with PHP you're still limited by a strict bunch of fudges.

Comment: Re: Sometimes bad tools are just bad. (Score 1) 179

by Xest (#49334517) Attached to: Modern PHP: New Features and Good Practices

The problem is that people like you will continue to deflect the problems away because you're not competent enough to understand them in the first place. You don't know your code is broken.

The fact that you don't know that the type system is broken means that you're wholly unaware that any code you have written involving integers can behave completely differently when you move your codebase from a 32bit system to a 64bit system. It means you probably don't realise that your code is failing when you expect '0.0' to translate in a boolean expression to 0.0 as '0' does 0. It means you probably aren't aware of bugs stemming from the fact that the confused implementation of arrays such that they're partially ordered list, partially hash maps, but that the inherent conflicts that arise mean they fail at both can create nonsensical iteration. It means you don't realise that you have to explicitly declare a global as global, but if you do it might not actually be global depending on where you make the declaration.

But perhaps maybe you do know these things, you're just too much of a PHP fanboy to accept that these sorts of gotchas and faults you have to deal with are problems that people using almost any other language do not. Perhaps you've simply sold it to yourself that it's okay that these inconsistencies and this poor design exists on the language, because you've fallen into the trap of becoming a one trick PHP pony and have cornered yourself with nowhere to go. I've yet to meet anyone with a broad amount of experience across multiple languages (and I mean working on multi-year projects with different languages, not just hacking something together for a day) that really believes that PHP is somehow equally as good as everything else - when someone is genuinely experienced enough to be objective, it becomes obvious that PHP is just a poor choice. I know this precisely because I have not just worked on, but led a multi-year PHP project and have worked on multi-year Java, C#, and C++ projects too - I know that PHP is just objectively bad. It didn't stop us delivering on type and on budget, but it did cut our profit margins by about 10 - 15% on the project compared to if we had used C#, Java, or even RoR.

You talk about customers and revenue streams, but that's exactly when PHP's faults matter - what's a customer going to prefer, PHP with it's higher development costs because of the sorts of poor design above requiring greater development effort, greater unit test coverage, and/or greater testing, or the language that doesn't have those problems and lets developers get things done faster because they don't have to deal with them or even a remotely similarly sized amount of equivalent problems as PHP has and still often get a performance boost to boot given how painfully slow PHP is and how terribly it handles threading (meaning it's blocking and limiting requests more than is optimal).

PHP is fine if you want to do a "doesn't matter" hack project quickly and dirtily, but when professionalism and money is involved it's about the worst option going - it's quirks, problems, and low performance add an inherent cost increase to any development done with it. If you don't understand this it's probably because you just don't know any better, as you've proven with having to even ask the question as to what's broken with the PHP type system.

The TCO of PHP is the overriding reason as to why it's a bad choice, and that's why I'm surprised you try and write off it's problems by implying they're not an issue in the real world when money and customers are involved as that's precisely when it's quirks do become a problem. Obviously you've never had any accountability or responsibility for delivering a project with maximised profit margins, maximised customer happiness, and maximised stability, performance and maintainability or you'd know full well that you've spouted an awful lot of nonsense.

Comment: Re:PHP is fine (Score 1) 179

by Xest (#49334503) Attached to: Modern PHP: New Features and Good Practices

"I'm fed up with the equivocation PHP fans trot out whenever any criticism heads their way. Yes, the quality of a language really does have an effect on the quality of the code you write with it. This is plain for anybody to see, and if you don't see the difference in quality, then you should seriously question your competence."

Absolutely and evidence of this is always only a Google search away. Search on how to do something with a database and the results you get are riddled with things like SQL injection vulnerabilities, even when the source of the official documentation.

There's a reason why like 90% of websites that get hacked nowadays are running PHP - because the community is full of people who just don't know why their language is bad, and because they don't know why their language is bad, they definitely don't understand why their own code is bad.

Comment: Re:Couch programmers bashing again. (Score 1) 179

by Xest (#49334421) Attached to: Modern PHP: New Features and Good Practices

The second half of the paragraph proves that I understand VM technology in quite a lot of detail, and understand the sorts of difficulties involved in moving from a language to executable code through an intermediate form.

I know that HHVM doesn't support strict PHP which is presumably what you're referring to, but if you're confusing the moderate changes made to make it work in a JIT at all with the complete break needed to be able to act in a competitively optimised JITted environment then it's not me that doesn't know the topic, it's you.

Comment: Re:Couch programmers bashing again. (Score 1) 179

by Xest (#49331281) Attached to: Modern PHP: New Features and Good Practices

"HHVM just closes that gap entirely"

This is wholly false, HHVM is still a long way behind the level of JIT optimisation that both the JVM and the CLR perform, in part because PHP was never designed with the intention of being JIT'd from the outset making it much harder to JIT well in the first place. The amount of language inconsistency, edge cases where it contradicts itself and general design whereby things have been bolted on unplanned and ad-hoc all but guarantees you'll never write a JIT compiler for PHP that can be as effective as the CLR and JVM. The only way you'll get PHP to the point it's a serious competitor for .NET, Java, and C++ is if you create a version of the language that completely breaks free from it's past, tightens up the rules and changes the way things work- it can't even be backwards compatible, put simply, it wont even really be PHP anymore. IIRC someone started a project to do exactly this, maybe it'll bear fruit, though I'd question if it's even necessary when the JVM and now CLR are open source.

"These are web apps not 3d games, io is your limiting factor in almost all instances, even if you're cracking md5 passwords in php you're still going to be using a rainbow table and hence io bound."

Even if you are IO bound this still highlights the problem with PHP thinking- the idea that you can only do one thing at a time, it's nonsense. In .NET, in Java, even in node.js and of course in C++ with IOCP (which node uses on Windows anyway) you don't just sit and wait for IO completion, you process other things. If you're genuinely working in a high end environment the CPU will be kept busy regardless of what IO waits are occuring. The fact that these technologies can get much more done whilst waiting is still wholly relevant. If you think all processing should be done in serial then you really don't understand the way high end server processing is done. If you're only using the CPU 10% of the time and waiting for IO the other 90% of the time you're doing it very wrong.

"The language itself being poorly designed generally boils down to preference, that php is a fractal of bad design site whines about the syntax of the array push operators and how when people put == they really mean ===, these aren't legitimate complaints, i've seen real world bugs in other languages where people put = instead of == or := instead of =, typos and inexperienced developers happen, get over it."

It's got nothing to do with preference. Inconsistencies, additional verbosity and so forth inherently increase the risk of mistakes no matter how good you are (or think you are). Much of it is a result of the fact that many of PHP's key features were bolted on after the fact (like OO for example). It's absurd to suggest that a language that has had things bolted on that it was never designed for from the outset is no worse than a language that was properly planned and thought through from the outset. You cannot increase the complexity of a language without adding anything beneficial in the process and expect it to be just as good for writing software as something more streamlined and better designed from the outset, this is objective fact - more room for mistakes is more room for mistakes and the quality of programmer is irrelevant as the perfect programmer is a myth.

I've always said you can get things done with PHP, I have, I've delivered a large multi year project with it - it's faults aren't crippling. But there's a cost- more development time, or more bugs. Dollar for dollar, pound for pound, you'll get more for you money if you use one of PHP's competitors rather than PHP whether that's faster development time, lower defect rates, better performance, better maintainability, or a combination of these factors - the fact you admit you have your own framework highlights this sort of issue that you face with PHP, you've had to spend time building something that is unnecessary in something like .NET where the framework is extremely well designed and built from the outset.

If you've already invested in it there's probably not much point switching, I wouldn't dispute that, but if there's an opportunity to start again, or to migrate away, right now I'd take it as I see no compelling reason to stick with it. Yes you absolutely can do what you need to do with it, but if you've got the choice you can do more for less with various alternatives.

Comment: Re:Couch programmers bashing again. (Score 1) 179

by Xest (#49328015) Attached to: Modern PHP: New Features and Good Practices

That requires a few assumptions though, that you're using HHVM rather than the official PHP interpreter and that your application really is IO bound (which is entirely application dependent), and finally that you're not fully optimising your .NET, Java, or whatever else environment too.

Even given these assumptions though, there's still the problem that PHP simply doesn't offer the breadth of support for hosting your application to optimally cater to different cases in the first place. For example, with WCF you can configure it to support node.js style event based programming with few threads rapidly offloading incoming requests, or lots of threads to handle long running IO bound processing requests concurrently.

For typical SMEs and even quite a few large companies you're rarely optimising to this degree, but for those where you are you're still left with far more tools in the .NET and Java world and the divide is typically growing, with improved support for things like .NET native. Effectively you're comparing an optimised PHP environment against a typical .NET/Java environment, rather than comparing two optimised environments where both are using the most cutting edge optimisation options available.

To me the performance benefits of not going with PHP and going for something faster would be an acceptable loss if PHP offered some compelling benefit on top, but the problem is that it really doesn't - the language is more poorly designed, the libraries are more inconsistent, often less useful, and even the toolchain available is typically worse. As such the problem is that the .NET/Java JIT advantage is effectively just a free bonus for using those platforms over PHP which just makes PHP that much less compelling again.

There's a fair argument that with C++ the performance advantage it has over say, .NET really isn't worth it because .NET offers more rapid development (though that's ultimately going to depend on how high performance rates on your scale), but PHP just does not have that same advantage - any initial up and running advantage with PHP is rapidly lost by way of the requirement for more intricate unit test coverage and/or greater testing and more time consuming debugging. PHP is fundamentally both slower to develop with and slower to execute, and that's the problem.

I agree with you about the importance of a good DBA, all too often the benefits of having one is painfully under-appreciated by many companies.

Comment: Re:Couch programmers bashing again. (Score 1) 179

by Xest (#49327121) Attached to: Modern PHP: New Features and Good Practices

Hmm. No idea what the fuck just happened to the rest of my post, lucky Slashdot isn't written in PHP or I could blame it for that too :)

Anyway, basically my point was that it's really not in question that PHP has a number of problems that it's competition simply does not have, those problems are not caused by the programmer, they're caused by the language and it's libraries.

Yes you can write bad code in .NET, Java, C++ and whatever else, you can also write good code in PHP. None of that is in doubt, but it's a common argument in favour of PHP that sidesteps the fact that like for like, skill for skill, there is a higher cost to PHP- you need to implement more unit tests, you need to spend more time peer reviewing, the code is more verbose and has a higher maintenance burden, and so on and so forth. So yes, you can do things with PHP just fine, but you're paying more to achieve less, and that's really the problem - you're throwing money down the drain by using PHP. It maybe that that's acceptable if you've reached a point where you have so much invested in it that switching would cost too much at that point, but ultimately if you're going to rewrite anything or do it again you're better off switching away from PHP to technologies that are more secure by default, perform better by default, have languages that better support refactoring and maintainability by default, and let you get more done with less cost.

Comment: Re:Couch programmers bashing again. (Score 1) 179

by Xest (#49327055) Attached to: Modern PHP: New Features and Good Practices

It's got nothing to do with laziness, at the end of the day the fact remains that PHP has an awful lot more inconsistencies, and has an awful track record on security, stability and functionality.

I'm skeptical that anyone who claims to have a good depth of experience of PHP but claims it's as fine as anything else really does have the experience they're claiming. As soon as you need to start doing anything serious, like say, making use of threads, PHP's deficiencies rapidly come to the fore when compared to other technologies like Java and .NET. It's a simple fact that PHP has more inconsistencies in both it's language design and libraries, it's a simple fact that PHP is interpreted not compiled or JIT compiled making it inherently slower, and it's a simple fact

"Success covers a multitude of blunders." -- George Bernard Shaw