I think from a practical standpoint, the science community has fallen into the hole the educational industry has: Relying soley on references on papers. If you have sufficient number of references, your paper gets a pass regardless on your data. This means you can easily piece together a paper that contradicts itself but still get published if you pet enough egos in the process.

I've found from my observations toward universities, even right down to high school level that it is taught that unless you reference a "known name" your work is crap. Many students (and even professional scientists) are not allowed to question any works produced by these "known names" unless they are a direct peer. This means even if one can with substancial data prove both Albert Einstinen and Stephen Hawking totally wrong in every respect with emprical evidence, that they would not be allowed (and in fact be shunned/banned from scientific groups) because it goes against "the norm". Take note of many revolutionary inventors in how hard it was to get even their practical empirical experiments acknowledged because major science panels did not want them disrupting what was the common belief to be true established by various notible names.

At this point and how referencing is regarded now, referencing is the scientific and acedemic community's way of enforcing a status quo. It is no longer about proving yourself or your data, it is about providing another column to another work to ensure that that other work is made "more unquestionable". Only if you're high enough on the food chain do you get columns supporting your work.

Referencing needs to get back to being a secondary measure of solidity where one's own data along with the mode of how an experiment was performed is the first, where if one wants to challenge, one can say "The mode of experimentation is faulty because..." and to intrinsicaly challenge the work on its own merits, THEN to use the references to back that up. Not references first then experimentation second.

Today's job market is way too unpredictable. These unpredictable elements include things like employers hiring people only temporarily, laying them off at the end of their trial periods, hiring only part time while assigning practically full time hours (e.g. full time may qualify at 38 hours, but the employer may only want the worker to work 36-37) to dodge paying full time wages or benefits, extremely small contracts or nitpicking about job performance so they don't have to keep workers on.

This is worsened by the fact the job market is divided between a "public" and "hidden" job market. All of the jobs on the "public" side are very unstable for the above reasons. The "hidden" market is only accessible if you know people pretty high up AND are pretty much already within the industry — which I guarantee most "ground floor" do not and are not.

One significant aspect about the "public" job market is that it is one of service and manual jobs that are really only designed to be temporary, but many "uncertified" people are duped by the job market into ending up working these permanently.

Now, I know many who have stable office/skilled jobs with job security may be of the belief that all one needs is hard work and determination to get a good job — this may have been true 20+ years ago, but not today. One needs contacts (if you're in a skilled industry, you likely already have 30+ contacts at a minimum outside of your company) in today's day and age, those already "in the system" to "bring you in" essentially.

Now to talk on the whole element of education for a moment (which always tends to come up as an alleged silver bullet to solve any employment problem), given the state of the job market in how it has become a circle-jerk of self-gratification by those already in various industries, education is not a guarantee, in fact it is a truly unstable investment as there's far too many variables. Thinking of education in terms of a business deal, would you invest in something that 1) plunges you into debt; 2) you cannot guarantee that the product will be relevant any more by the time it is complete and 3) you cannot withdraw your funding and support from the project once it is committed and in progress to invest elsewhere... it is something that is a disaster waiting to happen from a business perspective. This doesn't even start to include the job market nonsense.

I do not blame people for seeking methods to create their own systems to sustain themselves, as frankly until these barriers are lowered (and they won't as long as that self-gratification is going on by industries and businessmen alike internally), nothing will ever change. The HR expectation of "experience" is code for "we only want someone already deep in the industry". Though of course eventually industry will see these new systems as threats to the status-quo and demand them shut down or made prohibitive (look at the financial industry's aversion to bitcoins).

Finally, look at how employment has shifted away from having managers having control over employment over to an HR model where HR has control over job postings, where hiring managers can only "suggest" people be hired. Often times HR doesn't even understand the jobs they are hiring for and as such just gets a list of keywords and if those keywords aren't in someone's resume, it is overlooked even if that person is the best in the industry. As such even application for most jobs is onerous and prohibitive.

To summarize, the job market and current system is way too unstable for people to have faith in it anymore, thus people have stopped trying to have faith in it. I speak to homeless and unemployed on a regular basis and most of them want jobs, but many have lost faith in employers to give them one that won't be taken away in less than a year due to "economics" and the aforementioned instabilities.

Ultimately it isn't possible to speak of the language without speaking of the execution evironment without becoming purely academic (little practical discussion and a lot of discussion about the form/syntax of the code). One cannot have a programming language without implementation.

Javascript is broken because it really has a lack of standardization. As it stands now it is just a loose agreement among browser vendors to design javascript engines to run like other vendors' browsers. There's often "special case" code you have to use if you want your code to run on a specific browser for instance.

Furthermore, Javascript security is a joke. Either you have to let it all in or reject it all, the finest grade control one has over javascript is being able to block it/allow it from specific domains. Since Javascript runs in the context of the browser, it's also impossible to utilize firewalls to block any javascript-initiated traffic without also taking the browser down. And given that a good chunk of the HTTP internet now relies on javascript, it's really no longer feasable to say "just use noscript or turn it off".

I could go into a full rant, but suffice to say, javascript was a noble idea when it was started, but now it has become a pool of bad ideas, a way too powerful language for what it is and poor implementation. The need to sandbox it is a sign of that.

While it is an ideal setup to lock everything down and while software used in business environments is content running in a restricted setup, there is a lot of home software still (games especially) that make it prohibitive to use restricted accounts. A few examples include:

- Game updates - often games will demand the ability to write to C:\Program Files and not actually store the game packages in the user's profile directory. On a truly locked down system, game updates would fall over due to permissions.

- Game DRM/"Anti-Cheat" - some DRM and "Anti-Cheat" engines require the ability to be able to administratively oversee the entire system process table as to prevent debuggers and memory dumpers from functioning. Many games with these systems will complain and refuse to run if they don't have enough privledges to get what they want.

- Many programs - a significant amount of programs used in home environments do not store things in the user's profile directory and instead insist on storing stuff in the program's install directory.

The problem is we're not living in an ideal world where you can simply lock accounts down and expect everything to play nice without your intervention and much of this falls on the shoulders of software vendors (their developers for largely being incompetent and the management for demanding DRM/Anti-Cheat engines).

In an office environment, it can be extremely easy to lock things down where software has been developed with restrictions in mind, not so much in a home environment unless you plan to reject a lot of software that your children may want.

This is an incorrect assertion, an assertion my previous post debunked, but I suppose I'll re-explain:

You could have a drive full of PDFs, you could have it full of PNGs, whatever file format you'd like. You could mount the drive as noexec, however when it comes down to it, a trusted program (NOT ON THAT DRIVE) can interact with those files and since file formats can be complex AND since the programs opening them are also complex, there's a chance that the program will be vulnerable to a crafted file that tricks the program to do something that a "regular movie" or whatever wouldn't do and may not have been tested for.

If you've written a file parser of any kind, you'll see how complicated it gets in having your program code check the file for abnormalities before interacting with it. This complexity is a steep curve and all it takes is not checking an array boundary for your program to mistakenly leak data memory into its executable memory space.

The old addage plays correct here: Never trust user inputs.

The parent couldn't be more correct.

People discount regular data files as being malicious simply because they're not labelled executables. What they don't think is that those files are opened by executables. These executables are often trusted programs which makes this an even bigger threat to a system as the malicious code can run hidden under the legitimate process and do its work. There's anything from buffer overruns to file parsing mistakes in the programs that can open them up to become a conduit for abuse.

An example of this is Adobe Reader's countless exploits with the PDF file format.

I disagree. Applications should be optimised but many developers aren't doing that anymore as it means more development time.

Over the years, if you compared in ratio how much resources applications used in 2000-2005 compared to what they use now, you'll see that applications use an unjustified amount of resources. A large problem is this "If your computer can't run X, upgrade your computer" movement instead of pressing developers into reviewing how they can optimise.

Nearly no modern practical use (read: browsers, office productivity, etc) program can run on a modern average computer anymore without paging to disk, and that is a disturbing trend.