Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment: Re:I wouldn't (Score 1) 171

by r (#26313265) Attached to: Balancing Performance and Convention

If that's a major chore for you, may I suggest investing in a test suite, so that you don't have to go through manually and test all your patches?

Yes, that would help with testing, but also multiplies the work: now you have patches and the new test suite to maintain and shepherd through upgrades. :)

Testing patches actually wasn't the main obstacle. The far bigger time sink was when some patched piece of functionality moved over to a different location in the codebase. Then the engineer had to go and become familiar with their changes, find how things got rearranged, and adopt the patch to the new code. That's a lot of unnecessary work just to maintain the status quo.

As for whether we needed to upgrade so frequently - yeah, we actually did. Hopefully the OP doesn't, though. :)

Comment: I wouldn't (Score 1) 171

by r (#26312353) Attached to: Balancing Performance and Convention

Maintaining custom patches for a foreign codebase is going to be painful, proportionally to the number of patches, and how badly spread out they are through the codebase.

Consider this: every time the Rails team changes things, you'll have to go through your patches and make sure they still apply correctly. And if, heavens forbid, they do some major refactoring, you'll have to spend the time figuring out what functionality got moved where, and re-apply the patches as necessary.

My project was maintaining a custom set of patches for a major open source library for a while, and it was fairly labor-intensive: every time the library provider released a new version, a senior engineer spent a good part of a day going through the codebase and repatching it, testing the new version, etc. The problem was, however, that they released new versions frequently, and we needed them as soon as they were released.

If your patches aren't going to migrate upstream, I'd be very wary of spending a lot of time maintaining them as the core library keeps evolving. Try to measure how much time it would take to update your local patched Rails when they release a new version (especially a major one, if you can), and project future work estimates from that.

For us, we ended up sacrificing functionality for development speed, and we switched to a less capable library that worked right out of the box without endless patching.

Cellphones

+ - Security Flaw in Android Web Browser

Submitted by r
r (13067) writes "The New York Times reports on a security flaw discovered in the new Android phones. The article is light on details, but it hints at a security hole in the browser, allowing for trojans to install themselves in the same security partition as the browser:

"The risk in the Google design, according to Mr. Miller, who is a principal security analyst at Independent Security Evaluators in Baltimore, lies in the danger from within the Web browser partition in the phone. It would be possible, for example, for an intruder to install software that would capture keystrokes entered by the user when surfing to other Web sites. That would make it possible to steal identity information or passwords.""
Windows

Vista SP1 Is Even Less Compatible 278

Posted by kdawson
from the preemptive-diasabling dept.
I Don't Believe in Imaginary Property writes "Microsoft is now saying that Vista SP1 disables some 3rd party applications. The KB article on SP1 incompatibility states: 'For reliability reasons, Microsoft blocks these programs from starting after you install Windows Vista SP1.' It does link to several vendor support pages with updates or workarounds. Unfortunately, at least one of the suggestions consists of merely disabling part of the program, which could leave you with half an anti-virus solution."
The Internet

+ - Felon Became COO of Wikimedia Foundation 1

Submitted by r
r (13067) writes "The San Francisco Chronicle recently found that the former COO of the Wikimedia Foundation had a questionable past, including being convicted of theft, drunken driving, and fleeing a car accident. "Before she left in July, Carolyn Bothwell Doran, 45, had moved up from a part-time bookkeeper for the Wikimedia Foundation and spent six months as chief operating officer, responsible for personnel and financial management. In March, she signed the small nonprofit's tax return, which listed more than $1.3 million in donations. At the time, she was on probation for a 2004 hit-and-run accident in Virginia that had landed her seven months in prison. Doran had multiple drunken-driving convictions, and records show earlier run-ins for theft, writing bad checks and wounding her boyfriend with a gunshot to the chest." How could Wikimedia fail to perform a basic background check on the person handling the foundation's financials?"

Comment: Re:Can we get some parental supervision on this si (Score 1) 567

by r (#21792728) Attached to: Notebook Makers Moving to 4 GB Memory As Standard
Lots of people get confused about the various caveats in how 32-bit machines handle more than 32-bits worth of physical address space:

  • x86 processors have been able to access 36-bit physical address space for a long time now (since the Pentium Pro?), but many motherboards flat out don't support it
  • Even when they do, the OS needs to turn it on explicitly. Windows needs to be started with the /PAE switch to extends its physical address space
  • Even with PAE in place, the virtual space is still 4GB per process.
  • And out of the box, Windows limits user virtual address space to 2GB; getting more requires the infamous /3GB switch


So yes, there's a lots of parts that people don't necessarily understand. Besides, facts would get in the way of a good flame fest. :)
Toys

Why Microsoft's Zune is Still Failing 593

Posted by Zonk
from the fall-over-dead dept.
DECS writes "Last winter, RDM detailed why Microsoft's iPod Killer would fail miserably. This year, the site argues, Microsoft will fail again, but for a new set of reasons. It is not obvious that the company has figured this out itself. 'Microsoft doesn't seem to learn from its mistakes in consumer electronics very well. When it does however, it frequently gets the timing wrong. This year, Microsoft appears set to compete against the Apple of 2006. It now offers two flash models, last year's leftover 30 GB unit, and new 80 GB version. The problem is that Apple moved the goalpost dramatically. Apple's new 3G Nano is ultra thin and small, but delivers the same video resolution as Microsoft's boxy flash Zunes at the same price. It also plays games.'"
Math

LA Airport Uses Random Numbers To Catch Terrorists 321

Posted by CmdrTaco
from the better-than-searching-me-whenever-i-have-a-beard dept.
An anonymous reader writes "Los Angeles International Airport (LAX) is using randomization software to determine the location and timing of security checkpoints and patrols. The theory is that random security will make it impossible for terrorists to predict the actions of security forces. The ARMOR software, written by computer scientists at the University of Southern California, was initially developed to solve a problem in game theory. Doctoral student Praveen Paruchuri wrote algorithms on how an agent should react to an opponent who has perfect information about the agent's choices."
The Internet

+ - San Francisco free Wi-Fi plan falls through->

Submitted by r
r (13067) writes "Earthlink backs out of contract negotiations to blanket San Francisco with free Wi-Fi, citing money problems. From the SF Chronicle article: The contract, which was three years in the making, had run into snags with the Board of Supervisors, but ultimately it was undone when Atlanta-based EarthLink announced Tuesday that it no longer believed providing citywide Wi-Fi was economically viable for the company. ... EarthLink spokesman Jerry Grasso said that EarthLink was willing to work with San Francisco but had decided that it "was not willing to work in the business model where EarthLink fronts all the money to build, own and operate the network.""
Link to Original Source
The Courts

+ - British Police Identify Killer in Radiation Case

Submitted by
reporter
reporter writes "According to a story by the Associated Press and a front-page story by "The Guardian", British authorities have identified Andrei Lugovoi to be the murderer who used radioactive pollonium-210 to kill Andrei Litvinenko. The British government will ask Moscow to extradite Lugovoi. "The Guardian" states, "The British government is preparing to demand the extradition of a Russian businessman to stand trial for the poisoning with polonium-210 of the former KGB officer Alexander Litvinenko. Senior Whitehall officials have told the Guardian that a Scotland Yard file on the murder which is about to be passed to the Crown Prosecution Service alleges that there is sufficient evidence against Andrei Lugovoi for the CPS to decide whether he should face prosecution.""
Announcements

+ - OCaml Summer Project

Submitted by Anonymous Coward
An anonymous reader writes "Jane Street Capital is sponsoring the OCaml Summer Project. It looks similar to Google's SOC, except it's much smaller (5-10 students) and it's 100% OCaml. At $6000 for 8 weeks, the pay looks pretty decent for a student. From the OSP website: "The OCaml Summer Project, in a nutshell: Jane Street Capital pays you to work on open source OCaml projects for a summer. Sounds pretty cool, huh?""
PC Games (Games)

+ - Boston Game Devs Make 8 Games in 36 Hours

Submitted by
Darius Kazemi
Darius Kazemi writes "This past weekend, a bunch of Boston-area game developers got together and did a 36-hour Boston Game Jam, inspired by the Indie Game Jam. We made eight games in 36 hours based on the theme of "shift" for platforms as diverse as PC, GBA, and cell phones. The games range from a surprisingly complex behavioral sim to a game where you have to squish your opponent in a 2D physics deathmatch. Most of the games are available for download right now, and some of them even include the source code. In days to come, we'll be adding developer diaries and other goodies."
Security

MySpace and GoDaddy Shut Down Security Site 344

Posted by kdawson
from the sudden-darkness dept.
Several readers wrote in with a CNET report that raises novel free-speech questions. MySpace asked GoDaddy to pull the plug on Seclists.org, a site run by Fyodor Vaskovich, the father of nmap. The site hosts a quarter million pages of mailing-list archives and the like. MySpace did not obtain a court order or, apparently, compose a DMCA takedown notice: it simply asked GoDaddy to remove a site that happened to archive a list of thousands of MySpace usernames and passwords, and GoDaddy complied. Fyodor says the takedown happened without prior notice. The site was unavailable for about seven hours until he found out what was happening and removed the offending posting. The CNET article concludes: "When asked if GoDaddy would remove the registration for a news site like CNET News.com, if a reader posted illegal information in a discussion forum and editors could not be immediately reached over a holiday, Jones replied: 'I don't know... It's a case-by-case basis.'"

"Consider a spherical bear, in simple harmonic motion..." -- Professor in the UCB physics department

Working...