Follow Slashdot stories on Twitter


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:The reason I hate WordPress is PHP. (Score 2) 119

Like everything if you RTFM it works as described. If you are coding PHP you would know this behaviour.

I disagree that most or even many PHP programmers know this issue. A few months ago I demo'ed an exploit in code that a coworker wrote which had the same flaw, this time in comparing MD5 hashes. He had been using PHP for all of his professional career and had no idea how PHP compares strings with leading digits.

Of course, I only knew about the issue because of a similar bug that I wrote, sometime a bit over a decade ago. At that time I had been using PHP for over five years.

So the maxim "know your tools" still stands, but string comparison in PHP _is_ broken in subtle, dangerous ways that most devs will never (knowingly) encounter. I've never seen code that _relies_ on this behaviour, I would love to see it fixed in a major version release. Too bad PHP 7 still carries this flaw.

Comment Re: pick one: convenience, privacy (Score 2) 74

Because this: Feds Walk Into a Building, Demand Everyone's Fingerprints To Open Phones

Using a pass code is protected by the Fifth Amendment, using a fingerprint is not.

Why not use the 'sticker' part of the glove _instead_ of one of your actual fingers? Then you could visibly try every finger and plausibly deny that the phone is yours.

Comment Re:Now I know how the rest of the world feels... (Score 1) 227

Next time I'm going to be more clear about what I'm trying to convey.

I wasn't criticizing the summary, I was amused by it, and then reflected that most non-US visitor probably feel like this all the time.

Clearly I need to use more smiley faces next time. :) :) :) :)

Comment Re:Look it up already! (Score 1) 143

Note that this is audience-specific--if you're writing for /., you shouldn't have to say...

Agreed - that's exactly what I'm pushing. Here on /. we should be expected to know about technology, or have enough interest to go look it up (or be mature enough to ignore it). One of the ways that /. can differentiate itself from other websites is by attracting a more technically proficient audience, and part of that is to implicitly establish the 'floor' of knowledge expected of participants.

Personally, I find this to be a good way to figure out what I ought to know - if something comes up and I don't know what it is I might ignore it the first time. And the second time. By the third time it's clear that I need to know more about it because clearly it's important.

Also - I love your technology examples :)

Comment Look it up already! (Score 1) 143

If you have to ask, you should first look it up, then ask an informed question

One of the reasons why I come here is to be exposed to tech that I haven't seen before. See something that you're not familiar with? Look it up!
Especially for this topic - "Xamarin", just by itself, is an extremely unique search term thus enabling you to self-educate with almost no effort. And today the whole Xamarin+VS is at the top of any search results for either.

Slashdot is "news for nerds", not "news for people who kinda like plunking around on their computers in between their online first-person shooter games but don't really want to have to, y'know, think about this stuff"

Slashdot Top Deals

Never call a man a fool. Borrow from him.