Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:A few very general, some very specific (publici (Score 2) 103

First, there ARE software patents. They describe ideas that can be implemented on a general purpose computer without any specialized hardware.

Second, pretty much NONE of software patents are useful. Most of them are filed for defensive purposes or to show "value" for investors and are never asserted or licensed. During the recent years 20 years or so the cost of patent litigation exceeded the licensing revenue for software patents ( https://arstechnica.com/inform... ).

Third, there ARE useful patents. Pretty much none of them are purely software ones. A novel agent for extinguishers would be a great invention. However, in software patent speech it would be described as: "An agent consisting of chemical matter that utilizes heat-sensitive decomposition reactions to rapidly terminate the free-radical heat-driven chains reactions", - without any actual chemical structure specified in the patent.

Comment Re:give them green cards (Score 0) 267

I hate misconceptions about H1B and GC. H1B holders can change work easily. A new employer simply applies for an H1B transfer that is granted more or less automatically, and the old employer has no knowledge of this until the worker quits. There can even be multiple concurrent H1B transfers (and the worker chooses which one to complete).

GC is pretty much full citizenship. Obtaining GC is complicated and can take any amount of time from 1 year to 10 years depending on type of GC and the applicant's home country. And the GC actually binds the candidate to the workplace, as the process has to be sponsored by the employer.

Comment Re:The reason I hate WordPress is PHP. (Score 1) 119

String comparison in PHP is broken between two strings. Nothing to do with types. You can't compare two strings with ==, it doesn't work properly (it works most of the time and becomes a security hole when you least expect it). Since clearly you think PHP is the bees' knees and documentation is everything, of course you knew this, right?

Now tell me in what universe it is reasonable for the == operator to be unable to compare two strings correctly.

Comment Re:The reason I hate WordPress is PHP. (Score 2) 119

PHP was slow as molasses until recently, and cleaning up compromised servers after you get pwned isn't cheap, nor is maintaining a legacy code-rotting PHP codebase, which is what PHP encourages.

PHP became popular because it was easy back when the dynamic web was getting started and people just wanted to write quick hacks. By the time people realized it was a terrible idea we had legions of PHP coders who thought they knew what they were doing, and tons of PHP frameworks evolving from toys to something that was trying to be serious, with the language following a similar path. But the foundation was rotten to the core, and as much as they've tried, nobody has yet managed to fix PHP, nor is it really possible without reinventing, effectively, a whole new language. Even deprecating completely batshit insane ideas like magic_quotes_gpc has taken years of effort.

Meanwhile Python 2 was pretty good, way better than PHP ever was (and probably ever will be), but even then the Python community knew that some things needed to be torn up and redone properly, and thus we got Python 3. Things work differently when the people designing and maintaining a language actually know what they're doing. The Python 2 to 3 transition has been long, but worth it in the long term.

Comment Re:The reason I hate WordPress is PHP. (Score 1) 119

Oh, I agree that JavaScript is full of WTFs. Not nearly as many as PHP, but plenty going around. I wouldn't write a web backend in node.js either, even though many people seem to think that's a good idea.

Joomla is just as bad as WordPress. I just spend last weekend cleaning up a compromised server that was running an outdated Joomla version managed by other people. Ended up sandboxing it in a VM to make sure that if it gets pwned again it doesn't start sending spam nor has access to any sensitive information.

Comment Re:The reason I hate WordPress is PHP. (Score 1) 119

That premise is nonsense. By your definition, there is no stupid design, as long as it is accurately documented.

Just because it's documented doesn't make it not stupid. There is such a thing as the principle of least surprise. PHP almost seems to try to be as surprising as possible, in all the wrong ways.

Comment Re:Plea for simplification: static HTML (Score 3, Insightful) 119

This.

The irony is that any WordPress site getting any reasonable amount of traffic is already using WP-Super-Cache... which generates static HTML pages for public content to be served directly from the web server. So they get the worst of both worlds: caching issues and a dynamic backend that is still just as susceptible to exploits as without the cache.

Comment Re:Great. (Score 4, Interesting) 119

The only secure way to use WordPress is as a static site generator, where the live version is deployed with no dynamic functionality and the administration backend is secured by a layer above WordPress (e.g. HTTP BASIC authentication).

WordPress isn't particularly terrible code, but it is written in a particularly terrible programming language where it's practically impossible to write something secure because things are insecure-by-default and you're expected to defend against all the gotchas explicitly.

Comment Re:The reason I hate WordPress is PHP. (Score 5, Insightful) 119

The flaw was specifically made possible by PHP's eagerness to convert malformed strings to best-guess integers instead of raising an error like any sane programming language. You didn't read TFA, did you?

Parent is mostly correct, except where he lumps together all "scripting" languages. This isn't a problem with "scripting" languages, it's a problem with languages like PHP that were designed by people who had no idea what they were doing. Worse, PHP is designed to be deployed in a way that encourages mistakes (PHP files directly in the webroot). PHP security is a game of whack-a-mole where if you forget to whack all the moles in one of your scripts, your site is toast. This wouldn't have happened with a sane scripting language, like Python.


$ php7.1 -r 'echo (int) "123test";'
123
$ python3.5 -c 'print(int("123test"))'
Traceback (most recent call last):
    File "", line 1, in
ValueError: invalid literal for int() with base 10: '123test'

Comment Re:Maybe train the American kid first (Score 1) 660

Honestly, from what I see the problem is societal. The whole society in the US disdains engineers and scientists and instead focuses on performers and athletes. It's not important to study "maths", and it's much better to study "people skills". If you live here you might not notice this, like a fish doesn't notice water.

In the US the most popular BS degrees are: business, healthcare, social studies, psychology, education (source: https://nces.ed.gov/fastfacts/... ). Engineering is on the distant 8-th place, number of math graduates has actually decreased since 70-s ( https://nces.ed.gov/programs/d... ).

It hits you like a punch in the face if you visit China or (to lesser degree now) Japan. They actually show state-sponsored motivational ads on TVs with engineers building rockets, dams and automobiles! And the whole attitude towards humanities (history, language, literature) is different - it's seen as an occupation for truly interested people rather than a checkbox "higher education" item on job applications.

I've studied the US public schools (to see if I ever want to educate my children here) and its... adequate. If you live in a good location then the public schools offer enough flexibility for motivated students to succeed. But the problem is that the parents are not really motivated themselves and this rubs off on their children.

Slashdot Top Deals

Money isn't everything -- but it's a long way ahead of what comes next. -- Sir Edmond Stockdale

Working...