Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Discipline (Score 1) 314

Being a good programmer is actually all about discipline. Something that is likely much easier for you than the youngsters. No one likes a programmer with tons of bravado and not enough sense. Code needs to use good design patterns and be well tested, not thrown together as a rapid prototype then squirted into production. The best way to program is to continually educate yourself and adopt new best practices. Continually challenge yourself to work on new technology that would be useful if you were to need to change jobs.
A lot of older programmers I've known fell into the trap of maintaining one component, working with one technology. They probably felt secure that it would be too difficult to replace them, especially if their code was unintelligible. But this, invariably, did not work out. And then they are left without current and marketable skills. I don't know if the passion for acquiring new skills weakens later as I'm still in my 30s but if you no linger have a built in drive, you must cultivate one to stay relevant. But, some programming skills remain relevant regardless of language or platform.
please, please read "Design Patterns" by the gang of four and "Clean Code" by uncle bob. They should be required reading in every CS curriculum. Sadly they are not. Those books? Recommended to me by an awesome white haired software architect.

Comment Re:To all "They're not REAL scientists!" posters (Score 1) 308

In my mind, what they do is actually more important that what Scientists do in a lot of respects. Science has less worth if most of the population rejects its findings because they don't align with their world view.

What the Mythbusters do is help us see where our physical intuitions about the world, that evolution has built for us, are inaccurate in the face of our understanding of the physical sciences. You can read something 1 million times in a text book, and it might not sink in unless your (often incorrect) intuition of physics is challenged by a physical demonstration right in front of you.

The Mythbusters, through their style of presentation and their frequent failings on-air, have built up a mysterious credibility in our minds that let them easily dismantle some of our errors of intuition in a style that sticks with us. I think this is valuable beyond measure, and wish there were more shows like this, and less like GhostHunters, for example.

Comment Re:I've lost track of my passwords... (Score 1) 207

Have you read the code?
And I'm not familiar with this one in particular, but if its released on the Android marketplace, for example, what's to stop someone from having used a different version of the source to compile the distributed app than the open source code that was published? Is there a good way to compare a hash of such an apps binaries to a known good compile of the source?

Just because an app is open, doesn't make it safe. Of course, I'm just overly paranoid perhaps. But sometimes it feels nicer for there to be an entity behind a product that I can bring a lawsuit against if their software is doing illicit things without my permission.

Comment Re:Weird thread atmosphere here (Score 1) 213

I haven't used Android. But WP7 is certainly better than the iPhone. It provides a single cohesive experience while everything on the iPhone is insular and poorly integrated. Its anecdotal, but, everyone I've shown the phone too has been seriously impressed, and might be converts. Even die hard android fans seem to love this thing when they play with it in person. I would suggest you check one out at a kiosk rather than relying only on jaded reviewers.

The problem with the kiosk demos, though, is that probably all the social features of the phone are disabled, which is one of the main selling points of the OS.

One thing I personally like a lot about the software is that it seems like there is always immediate feedback when you perform an action. Sometimes with android and iOS you can be left wondering if the click you performed was actually received. But everything seems to animate in some way as soon as you click it in WP7.

That, and working with Silverlight is a dream from a hobby development standpoint. You can put a semi complicated app together in an afternoon. This could turn out to be a bit of a detriment in the end though, as I'm sure a lot of junk will accumulate in the marketplace.

Comment Re:WPF (Score 1) 331

I would have to second that WPF is fantastic. It uses a lot of new paradigms so it can be tough to get into if all you've used is qt or winforms, but its totally worth it. Its also very easy to separate View logic from Presentation logic in WPF, so much so that new UI patterns are emerging all the time to take advantage of WPFs unique features and further decouple your view logic.

Also, vector graphics and animation were part of the core design of WPF (rather than tacked on later). So the whole thing works very naturally for creating very compelling UI with not a lot of work invested. Also, when you are learning WPF you are also learning Silverlight in the process, as Silverlight is merely a subset of WPF.

To those wondering why Mono doesn't seem too concerned about WPF, it may be because they intend to use MoonLight (Silverlight port) for a 2D UI framework on the Linux platform. This is just theory as I haven't kept up to date with their roadmap there. Also, you could probably add Silverlight to your list of 2D frameworks there. You can create out of browser apps with it, and its the 2D framework that Windows Phone 7 uses.

Comment "Kinect for Windows" (Score 1) 200

I'd like to point out the fact that they called the product "Kinect for Xbox 360" means its highly likely they are planning on releasing a "Kinect for Windows" at some point. Along with support for the kinect being used as a multitouch input driver for Windows (7/8). But its nice we are getting a head start.

Comment Re:Use md5 (or something) over the wire (Score 1) 185

As I noted in my post, your suggestion still leaves you open to interception attacks. Which are, admittedly harder to perform than replay attacks, but are nonetheless problematic. My statement that all tokens sent in the clear were replayable was a bit inaccurate though, yes, as I contradicted with suggestions later in the same post! :)

Comment Re:Use md5 (or something) over the wire (Score 1) 185

But this attack shows crackers just intercepting an replaying the creds. Discouraging that might involve IP or other checks. Defeating it might involve total encryption.

Anything that you send in the clear to assert your identity can be replayed. IPs etc are easy to spoof so are not an adequate counter. You can include a timestamp in the hashed information so that the hashed info cannot be reused more than a certain amount of time after it is generated, but you have to allow for transmission delay and the server's clocks being out of sync, so if an attacker is quick enough they can replay your tokens even if you have made them time sensitive.

Using a request counter + timestamp or a one time password in the token would be much more preferable, but is more expensive to assert with each request, and is still suseptible to interception and spoof attacks, if not replay attacks.

There's really very little that is a valid substitution for encrypting all traffic here, IMO. The rampant use of unencrypted transmission of tokens on these sites today rely on the fact that it is harder to stage a man in the middle attack once requests leave your local network. But as tools for use on public wi-fi networks become easier to use and more prevalent this is only going to become a larger and larger problem.

Slashdot Top Deals

Waste not, get your budget cut next year.