Forgot your password?
typodupeerror

Comment: Re:Java or Python (Score 1) 408

by grcumb (#47412687) Attached to: Python Bumps Off Java As Top Learning Language

The ability to seamlessly use + with mixed text and numeric types in a language without explicitly declared types is usually considered a design flaw, not a positive feature. Perl uses separate operators for strings vs. numbers to avoid ambiguity....

Though in fairness, it should be mentioned that, as with other aspects of the language, Perl also assumes that you are using the right operator, and that you actually mean what you wrote:

perl -e 'print "x" + 1;'
1

Or, even better:

perl -e 'print "x" x 22;'
xxxxxxxxxxxxxxxxxxxxxx

Comment: Re:say wha? (Score 4, Informative) 68

by grcumb (#47412419) Attached to: 'Rosetta Flash' Attack Leverages JSONP Callbacks To Steal Credentials

JSONP callback functions normally return a JSON blob wrapped in a user-specified callback function, which the browser will then execute as JavaScript. Nothing out of the ordinary here. However, the new attack has leveraged a method of crafting a Flash file to contain a restricted character set that's usable within JSONP callbacks (i.e. in a URL). By combining the two, the attack demonstrates it's possible to use a JSONP URL with the contents of the crafted Flash file as the callback function. When set as the data of a standard HTML object tag, the SWF file executes on the targeted site, bypassing all Same-Origin policies in place.

ummmm what? english please!

The code sneaks a Flash file disguised as a URL into some JSON data and cons the browser into treating it as JavaScript, but on the local machine it acts like an HTML <OBJECT>, and because the browser is executing the Flash code locally now (due to the masquerade), it can run with greater privileges than if it were from a remote site.

Or in layman's terms: Flash totally sucks the suckage, dude. Always did. Still does.

Comment: Re:Perl with Mojolicious (Score 1) 534

Very powerful and very flexible, without the heavy lifting of many frameworks. We use on a large ISP as RESTFull Server.

Seconded.

Mojolicious is an excellent back-end or middle layer (depending on your data needs), mostly because it removes the need for many of Perl's more infamous convolutions and contortions. With a bit of Bootstrap and/or AngularJS on the front end, you can get a useable online service put together in a very limited amount of time.

Comment: Re:Why? (Score 1) 309

by grcumb (#47225841) Attached to: Google Engineer: We Need More Web Programming Languages

Genuine question, here, since I've never done any web dev. Why not write libraries in an existing language that spit out HTML/Javascript/PHP/whatever? Why do we need a new language to do this?

Sit down, my child. This may take a while....

I started writing web apps in 1994. Using CGI.pm in Perl was pretty much state of the art - and the art wasn't very pretty. ColdFusion appeared shortly thereafter, but only supported basic control structures - no functions or even subroutines at the start. Then came ASP and a disastrous mishmash of security holes, ActiveX objects being called from the only thing worse than PHP for tag soup with spaghetti code for filler. PHP, for our sins, went from being a 'hey, kids, look - I made a web page!' app to an actual application platform.

.. and the list goes on.

I've lived through the browser standards wars, I've seen such sins committed in the name of the Web that I would wake up screaming, 'Why, Tim Berners Lee?!? WHY???!!' I've lived through <BLINK>, Flash, animated GIFs, <MARQUEE>... and other monstrosities whose names Shall Not Be Spoken.

I've used JavaScript since it was a toy.

But this, my child, is the key: It's not a toy any more. Finally, after two decades of stumbling around blindly, wreaking more chaos and mayhem than a shirtless, drunken Australian on a JetStar weekend in Bali, web development has finally matured. A bit. It's learned that being cool doesn't earn you nearly as many friends as being useful. It's learned that a guy's gotta eat, fer Chrissakes, and sleep from time to time. It's learned that popsicle-stick bridges may be neat, but won't carry the load that a boring old concrete one will.

But, as the scripture says, 'then I put away my childish things.' Oh, it's true that just because we've grown up doesn't mean we've learned every lesson ever. It's true that we Web Developers still get seduced by Teh Shiney. But all in all, we've grown; we've lost our innocence and our hair. But we sleep at night. And we parallelise. And we scale. We're grown-ups now. With grown-up tools.

So put down your PHP child. It's really just Poorly Hung Perl. Accept that JavaScript is a language. REST in your Bower and accept that some change is for the better.

Comment: Re:I don't like this. (Score 1) 76

by grcumb (#47200201) Attached to: South African Schools To Go Textbook Free

I'm old and I don't like this. Fuck progress.

I couldn't agree more about Slashdot curmudgeonery, but the real problem is when that quote comes from the mouths of teachers. Which it all too often does.

Based on my experience (10+ years) working in ICT in a developing country, I think that this plan is:

1) Very audacious; and
2) Very likely to fail. These things work well in micro scale (because of committed individuals), but are very hard to systematise, because of 'I'm old and I don't like this.'

Comment: Re:insert PKD joke here (Score 1) 138

by grcumb (#46976959) Attached to: Electric Stimulation Could Help You Control Your Dreams

Torn between "Do androids dream of electric sheep" joke and a "we'll remember it for you wholesale" one.

I was thinking more about tweaking the summary to read:

"Researchers recruited 27 men and women to spend several nights in a sleep lab, located on Elm Street. Each night, the surviving volunteers were plunged into REM sleep..."

Comment: Re:A good sign (Score 1) 177

by grcumb (#46946169) Attached to: Programming Language Diversity On the Rise

not when you start to have too many tools.

part of your value is being experienced in a language. you can't do that if you are spread thin amongst too many.

As a 50-year-old, I'm inclined to agree with the statement that there is such a thing as too many tools, but not for the same reason. Expertise and experience are important, no question about that. But both are often easily transferred from one language or framework to the next. For my part, I'm quite enjoying working with NodeJS, Angular, NoSQL and a bunch of things that take significantly different approaches to problems I've been solving my entire career.

But a problem I face quite often these days is trying to apply the toolkit approach with newer software. On any decent POSIX-supporting platform, you can generally leverage libraries and modules for just about anything and still expect at least a modicum of consistency. Each tool has its own quirks and foibles and strengths, all of which need to be understood, but with a bit of time and perseverance, these can be coped with.

But the application I'm working on right now requires the integration of an Angular framework with UI elements derived from JQuery, D3 and Bootstrap as well as one or two products of the inspiration of some young developers who are clever but sadly too confident in their own abilities. Trying to reconcile them all has resulted in a LOT of time spent pondering, refactoring and coping with bugs that inevitably result from using the tool in a way that wasn't foreseen by enthusiastic but inexperienced developers.

So far, the benefits have outweighed the costs, but there's a fine line between saving time by appropriating others' tools and wasting time shaving a very big, hairy yak.

I like many of the new technologies I'm using, and I love learning new tricks, notwithstanding the few grey hairs remaining on my shining dome. But yes, there is such a thing as too many tools. And many young developers these days are going to have to learn that the hard way.

Comment: Re:alternative to (C) that protects freedoms? (Score 2) 394

by grcumb (#46936763) Attached to: Richard Stallman Answers Your Questions

2) Publisher B wants a cut of the profits and so makes a run of the books with their own cover art. However, they put the author's name on the cover. They don't sign a deal with the author or give him any money.

This (specifically #2) is what originally spawned copyright.

Not to take away from your argument, but that statement is incorrect. The very first copyright law was "An Act for preventing the frequent Abuses in printing seditious treasonable and unlicensed Bookes and Pamphlets and for regulating of Printing and Printing Presses."

In other words, its original motivation was to limit the ability of people to print whatever they liked - in other words, an engine of censorship.

The US Constitution framed the rationale for copyright differently, as did French copyright law, which introduced the concept of 'droits d'auteur', or authors' rights.

Comment: Re:I don't think, they worry about non-US users (Score 1) 259

by grcumb (#46846049) Attached to: Hulu Blocks VPN Users

Why, when Hulu detects a visitor arriving from a country other than the United States, does it not refer the user to the licensee doing business in that particular country?

Because for the majority of the world's population, there simply is no legal way to obtain this stuff. I live in a country where the majority of the population cannot get a credit card, and for whom internet is a luxury beyond the means of most. But even for people like me who have full-time access, the prospect of actually paying for things is a daunting one. Many companies simply won't accept my credit card; virtually none of them ship to my country, and a number of software makers (I'm looking at you, Apple & Adobe) don't even admit that my country exists.

Someone who goes to the lengths required to maintain a VPN presence and a subscription should be welcomed by the industry, not cast out. But instead they drive us back to our shonky screeners purchased for a buck at the local Chinese store.

Comment: Re:Why? (Score 1) 127

by grcumb (#46797325) Attached to: Google's New Camera App Simulates Shallow Depth of Field

lenses that can achieve a narrower field of focus are the more expensive ones, so there is established artistic value.

I'm not really taking issue with your conclusion, but a decent quality 50mm lens (widely known as a portrait lens because of its shallow depth of field) can be got new for about $200. And I got a beautiful 1984-vintage 105mm prime lens for $250 a few years back. It's an exception to the rule, yes, but sometimes the glass is less expensive than the camera body. That said, if you've got good lenses, they can make up for a lot of shortcomings in the camera body.

My own feeling about algorithms such as this is that they'd be better off chasing the ideal of perfect focus for everything - or better yet, for pseudo-3D renderings - those would be more desirable goals, IMO. I suppose it's possible to get the same effect as really good glass, but something tells me the laws of physics (well, optics) will always win over computed logic.

Advertising is a valuable economic factor because it is the cheapest way of selling goods, particularly if the goods are worthless. -- Sinclair Lewis

Working...