Become a fan of Slashdot on Facebook


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Not-Good-Enough Syndrome (Score 1) 120

by Greyfox (#49148357) Attached to: Invented-Here Syndrome
Yeah, the quality of the open source programs that I look at is usually far superior than anything I've ever seen inside a corporation. Although... at one company I worked for, I had to audit the source code for the original AT&T C standard library. That was obviously done by people who knew what they were doing. I also recently submitted a pull request to the gnu flex maintainer on github. Flex seems to generate some pretty decent code, but the code it uses to do it is a maze of global variables. I did manage to tweak it to generate a C++ class that works for me without the #include fuckery that flex typically requires, but I don't know if the maintainer is going to actually like that change. Doesn't matter to me, I can just use my version from now on.

Comment: Re:About time... (Score 1) 120

by Greyfox (#49148297) Attached to: Invented-Here Syndrome
I'd be happy to just go into a company and write unit tests for their code, but in most cases that would require dictating huge design changes to a lot of their code. If I take over a code base, I like to start writing unit tests for new development and bug fixes (Write the test prior to fixing the bug.) Last project I worked on was an old C code base with hundreds or possibly thousands of global variables. In some cases there were multiple global variables for the same value, and they got used in different places and often had to be set to different values in order for the code to work correctly. It might not have been too bad to go through and make sure it was just passing everything it used, but it was a lot of code and it kind of all needed to be changed at the same time. Much too much of an effort for the team that was working on it.

Comment: Re:About time... (Score 3, Insightful) 120

by Greyfox (#49148259) Attached to: Invented-Here Syndrome
Or is just complex and unfamiliar. The problem with these frameworks is they work great when they work, but you only ever see them working because they've been published with the most trivial example. When you actually start trying to do things with them, you have to know implementation-level details of the framework in order to make it work for you. By the time you've invested all that time, you may as well have written something less generic that actually does what you want.

Oh and when I say they work great, I was kind of lying. I have a favorite example. A while back a developer I was working with wrote some Spring/Hibernate code to pull records in from the database and print a billing report. Soon as he handed it off to me, I thought "What happens if I throw 100000 records at this?" Well what happened is that it crashed. So I cut the number in half and it still crashed. Down around 30000 records, it started taking about half an hour and THEN crashing.

Turns out he was using the framework to pull all the records from a couple of different tables and doing the join in Java. The SQL join I wrote to test the code took a couple of minutes to run on a million records and returned the correct output. On a hundred thousand it was neighborhood of 10 seconds.

Now the Spring/Hibernate people will be quick to point out that you can edit some XML file or something and make the framework do a join for you, thus solving that problem. And that is true, if you know a fair bit about the framework. And you'd have to know a fair bit about all the other frameworks they used on that project, too. By the time you got done learning all the frameworks they were using to the level of detail where you could actually be that effective with them, you could have written the application they'd built 10 times over.

Fortunately this story has a happy ending. The team ended up deciding to run the original developer's code against the billing database several times a day so that it would never have so many records to process that it would crash, thus solving the problem once and for all!

Comment: Re:git blame (Score 1) 292

by Tom (#49145963) Attached to: Moxie Marlinspike: GPG Has Run Its Course

I'm not saying users are completely blameless littel angels. But I'm so sick and tired of this reflex of blaming everything on stupid users.

Some comedian said it very nicely about another topic: When a house burns down, and the firefighters put out the flames, they don't just go home and write a report saying "fire destroyed the house". They go in and sift through the debris and try to figure out what caused the fire.

In IT we largely don't do that. We treat users as mystical black boxes and root causes and once we've found the user somewhere in the chain of causality, we stop. We don't ask ourselves why the user made this mistake or why the users don't seem to want security. We say "stupidity" the same way ancient map makers put "here be dragons" on their maps.

And that, I say, is stupid. We should go in there and figure out what actually is in that white spot. Why did the user make this mistake? Why do they fall for phishing? Why do they want speed over security? And a boilerplate "because they're stupid" is not an acceptable answer.

We're so smart (or so we think), but we can't figure out how to make security desirable, unobtrusive and a positive experience. Really?

Comment: Re:git blame (Score 1) 292

by Tom (#49145943) Attached to: Moxie Marlinspike: GPG Has Run Its Course

You can lead a horse to water but you can't make him drink.

cheap excuse

People are too lazy to type in a password in order to send mail.

Then make it not necessary to type in a password. Even I don't understand why I should type a password for every mail I send.

Yes I do use GPG its the best thing we have going right now for the average person to protect his data.

No, it's not. It might be technically the best tool, but if it's unusable, then in sum total, it's not. There are many factors that go into these equations, and we techies are sometimes blind to some of them.

Comment: easy (Score 1) 320

by Tom (#49144853) Attached to: The Programmers Who Want To Get Rid of Software Estimates

But it's so easy to make a good estimate, takes less than 10 seconds:

Take your instinctive estimate.
Double it.
Increase units by one (if you think "hours", make it days. If you think "weeks" make it months, etc.)

So if you think it'll take 2-3 days, tell your manager it'll be ready in 4-6 weeks. Don't forget that in management school, they teach these fuckers to under-promise and over-deliver. He understands.

Comment: Re:Tilting at Windmills (Score 1) 320

by Tom (#49144837) Attached to: The Programmers Who Want To Get Rid of Software Estimates

From a human psychology standpoint he would rather know that it will be done in 3 days, barring delays, than not know when it will be done and have it in two hours. I personally think that is a dumb way of doing things, but I am the outlier, not the director.

The psychological issue is that you don't know, but you have a hunch, you have some insight. You know it's probably going to be a few hours.

But for non-techies, all this stuff is a total blackbox. When you say "I don't know" they panic, because for them that means anything from a day to a month or maybe infinity. Uncertainty is a horrible psychological state and people try to avoid it. It's an instinct. When you don't know if that shadow is a monkey or a lion, it's better to panic just in case.

By saying "three days", you give him certainty. Now he knows the shadow isn't a lion.

Comment: Re:Unintended Consequences (Score 3, Insightful) 89

by dpilot (#49143143) Attached to: Xeroxed Gene May Have Paved the Way For Large Human Brain

At what point does it become unethical to consider and treat these as lab animals. How much brain complexity is enough? This probably isn't it, and our A.I. isn't good enough yet. But some year we're going to cross the line, and I'm sure that as a society we're going to be completely unaware and in denial when we do.

No amount of genius can overcome a preoccupation with detail.