New analysis demonstrates that the design of OAuth 2.0 runs completely counter to the needs of the enterprise market as well.
So if OAuth 2.0 isn't good for the web nor the enterprise, so who is it good for? And why is service after service switching to it, offering a confusing non-protocol, and crippling their capabilities?"
insane_coder writes: I always thought you get the best man for the job. Boy was I wrong. Turns out some companies would rather have a program designed incorrectly if it means they can easily swap out the programmers they use at any given time. Read the story for the full details.
insane_coder writes: "The Insane Coding Blog has a nice story up about wether one can trust their applications. An interesting point from the article: "Not using a high level compiler or virtual machine gives us a layer of security in that it would be harder for one to pass out an 'evil compiler' that would understand what the developer was trying to do and instead have it do something malicious." If you're wondering where your 'evil compiler' would come from, "If you're using a Linux distro which offers binary packages, what really stops a package maintainer from compiling a modified application and putting that in the distro's repositories?""
insane_coder writes: "I wrote a short article explaining the virtues of file descriptors, and how file management security is now going to get much better and easier to program with soon to be standardized functions, yet why we can't make good use of it. I also propose what we may be able to do to fix it."
insane_coder writes: "I'm a software developer who writes a lot of freeware utilities in C/C++ which are all cross platform and work well. Lately some of my users have been pestering me to stop wasting precious development time supporting minority OSs like Linux, and get more work done for the majority — the Windows users.
Now all of my utilities are simple tools that perform various operations on files such as compression or rearranging. I've also made a few frontends for them using the excellent Qt library to allow the user to select a file and process using a simple GUI.
In the dozens of applications I wrote, most of them several thousand lines long, I haven't written a single conditional for any particular OS. When I release, I just compile each app for all the OSs I have access to and post them on my website. I barely expend any effort at all to achieve portability.
So the question I have to ask is: "Why do the masses perceive portability as something that requires effort and a waste of time?"
Most applications don't do anything fancy or need to talk to devices and therefor there is no need to do anything special other than compile them on a particular OS to run on that OS. So why are there so many simple apps using native APIs to do simple things like file reading instead of the standard ones? Why are we projecting an image that one must go out of their way or switch to a different language in order to achieve portability?"