Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Check out the brand new SourceForge HTML5 speed test! Test your internet connection now. Works on all devices. ×

Comment Very happy with NodeJS (Score 1) 341

We replatformed a legacy C# app to a modern stack including Node.JS, and are very happy. The "win" wasn't so much the Node.JS language itself as that it was part of a platform that gives us fantastic code development velocity and fluidity. The "stack" includes CircleCI and Docker, MongoDB and Mongoose, Node.JS for a thin web services layer, and Angular (JavaScript) for the user experience, all integrated into HipChat for "ChatOps". Selenium and BrowserStack for end-to-end testing.

I'll agree that JavaScript isn't my favorite language, but the tooling around it is fantastic, making development teams very productive.

The benefits of using Node.JS in the overall stack include:
- Same language for the whole stack, so a single developer can implement a whole feature (story). This eliminates the coordination cost of having three different people (front-end JavaScript, server-side C#, and database SQL) having to coordinate for use cases, giving much better velocity.
- Node/JavaScript has fantastic testing support, making it fairly easy for us to maintain 90%+ unit code coverage, and end-to-end testing of user paths. This is integrated into the CircleCI builds means that after every code commit we have a fully built, unit and end-to-end tested, and deployed (to a test environment) application.
- npm is awesome. It's a great tool, and the community support means many things are very easy.
- Mongoose is awesome.
- it's very easy to run Node.JS in AWS Lambda, which makes operations easier and is absurdly cheap to run, since you only pay for the compute you actually utilize, measured in fractions of a second. We're building one project in Lambda, and if that works well we'll likely move all the Node.JS code into Lambda, and save a lot of money at AWS.
- Yeah, event-driven programming is complex. Luckily promises make it much easier. But in return for wrapping your head around a more complex programming model, you can more scalable applications. Similar tradeoff to multi-threaded programming.

Yes, none of this is about the Node.JS language itself.

Comment Re:Can I please have an unencrypted phone? (Score 1) 47

Encrypted storage these days works quite well, and is built into Windows and MacOS at no cost. When we have employees working in insecure areas (such as shared offices) we encrypt their hard drives, and there's no noticeable performance impact. If they forget their credentials they lose access to their hard drive, but they also can't get to their email, calendar, file servers, etc., so that's hardly insurmountable.

And the value of encrypting storage is pretty high - if a laptop is lost or stolen, encrypting storage protects source code, email, documents, etc.

To be fair, five years ago the situation was different - the encryption software back then could rendering machines painfully slow, and the productivity cost was too high. But either from faster CPU and disk, or better software, these days disk encryption is free and painless, so it's worth doing.

Comment A few points (Score 1) 47

There are a dew distinct aspects to this (IMO):
- There's a fundamental difference between "police can hack into iPhones" and "Apple puts a backdoor into iPhones so that iPhones are trivially hackable by anyone with the key", because Apple's role in the process matters. If Apple's job is to make iPhones secure, the police (and criminals) can of course still hack phones, but any vulnerabilities are treated as bugs to be fixed, and the iPhone gets more and more secure over time. If the police can force Apple to put a backdoor into the iPhone, then when the key is leaked (which always happens, when you give a key to thousands of police departments and other agencies, their contractors and vendors, etc., just as happened with DVDs) then anyone who can get the key can hack any iPhone, rendering it fundamentally insecure, and because it's required by a law, Apple cannot make the iPhone more secure, forever.
- The iPhone will never be 100% secure, because there's no such thing as 100% secure - the goal of security measures is to increase the cost/time of a successful attack, but infinite money/time can always ultimately succeed. For example, AES 256 is quite secure, but that just means that brute forcing a key would take enough time and harder (e.g. https://www.reddit.com/r/theyd...) that it's not worth it - you'd have to be a government to have the resources to do so, and very few secrets are worth spending a building full of supercomputers to hack. Every so often new techniques or technologies emerge that can change the equation (quantum computing...) but the same is true of physical locks - if you can photograph a key you can 3D print a duplicate. So it's always been a game of "cat and mouse" between lock-makers and lock-breakers.
- Because encryption is software, which can't be controlled globally, any laws restricting encryption only limits what can be embedded in systems from US manufacturers. But it won't have any control over anyone with internet access, since the rest of the planet can (and does) produce uncompromised security systems with no backdoors, which anyone on the planet can download and use (including good open source, free tools). So any law against secure systems won't help against real criminals, because presumably they'll either avoid digital communications (i.e. what real terrorists do now) or use true end-to-end encryption, but it'll certainly make it easier to eliminate privacy for the rest of us. Compare, for example, how the data collected by the government's massive surveillance of phone calls and emails hasn't helped against terrorists at all, but has been used for other purposes, such as to allow a government agent to spy on his wife to see if she was cheating on him.

Comment After waiting, I just bought an Apple Watch (Score 1) 359

I've been a long-time (and happy) Pebble wearer, from the first Kickstarter model to the Pebble Time Steel (color). But I'd been keeping an eye on Apple Watch, and last week I made the jump.

Why?

The biggest driver is that Apple Watch has amazing app support, while Pebble's app support are "OK". Not only does the Apple Watch have many more apps, the apps are better integrated. In part this is because of the APIs (Pebble's SDKs are very good, but Apple's are better, and very easy for iOS developers to work with), but I think the largest issue is market share - developers are clearly putting more effort into Apple Watch apps than Pebble Apps. From reports, Apple Watch is something like 75% of the smart watch market share (e.g. http://nypost.com/2015/07/30/a...), making it hard for developers to justify investing in competing platforms. And Pebble, while having an early lead in developers (very nice SDK, etc.) is showing very little new third-party app support - most Pebble apps are released and then never updated, and Pebble having layoffs after a series of price drops is probably not a great sign of their future.

In addition, the quality of the Apple Watch hardware (case, bands and display), are worlds better than Pebble. It's a beautiful watch and band, with a brilliant display, while the Pebble Time Steel is a good looking watch case, the display is quite slow and washed out. So yes, Apple Watch costs a little more ($299 is the least expensive Apple Watch which is metal body, plastic band, color display, while the cheapest Pebble (plastic, B&W) is $99, $199 for the Pebble Time Round, $249 for the Pebble Time Steel).

Really the main thing going for Pebble is the lower price for the low-end units, and longer battery life. Both of those are good things, and I think that Pebble will have a market segment just based on that. At least, I hope so. But the nicer Pebbles cost almost as much as the Apple Watch, and for battery life, the Apple Watch lasts two days, and charges so fast that I can wear it all day and night (for sleep monitoring), and charge sufficiently in the morning while getting dressed that it's not an issue.

My conclusion was that I am only going to wear one watch, and I want that watch to have a great display, and I'm willing to put up with charging every day. So Apple Watch wins.

Comment Re:If so, Petraeus was hosed for political reasons (Score 1) 554

That's a lazy little "hit piece", but then the Daily Mail is always eager to stretch stories to create a "scandal" and sell more papers. The email exchange in question includes Clinton telling the aide to strip out the secure info to sanitize the document ("non paper"), after which it's approved to send through standard ("nonsecure") channels. Admittedly it's written in "insider" shorthand, but it's routine and legally just fine.

Comment This has nothing to do with Apple (Score 1) 103

The fundamental issue is that more efficient distribution in a growing market benefits companies with strong brands and more resources, who can drive people to their products. I'd suggest that the App Store's handling infrastructure (sales, distribution, in-store marketing) makes it easier for indie companies to focus on writing apps, so they'd be worse off if they could only sell via their web sites.

The "missing functionality" in the App Store - upgrade pricing and free trials - can both be effectively achieved using other mechanisms. That is, companies can (and do) release new versions of their apps as separate apps when they think that the differences are significant enough that people will pay for the app upgrade. And companies often release "free" apps that have an in-app purchase for the "real" game, which gives you a free trial that you pay to continue to play. Of course, the "freemium" model is an extension of a free trial, breaking the purchase into ongoing small purchases.

Comment What is a "toy" language? (Score 1) 414

I'm not sure why these are labeled "toy" languages.

If you're literally programming a toy, you'd use an embedded controller and something like Arduino (based on C/C++), or lua.

If it's intended to be languages that can't be used to build real stuff, that excludes Scheme, Scratch (SmallTalk), BASIC, and Logo, all of which are fully functional languages capable of expressing anything you like, and have all been used to write "real" software. Admittedly it'd be painful to write complex software in very old versions of BASIC, but it was certainly used to do so back in the day. Scheme, Smalltalk, and Logo are fully capable languages.

If they're going after languages used by kids to learn programming, the joke languages don't belong. And Python is a very popular learning language.

So what's "toy" supposed to mean?

Comment Re:Making fun of Trump is easy - HAIR! POMP! LOL! (Score 1) 154

Actually in Vermont Sanders was _great_ for business. It turns out that when you break down the anti-competitive barriers put in place by the biggest companies, all other businesses do better, and their innovation and competitiveness is GREAT for the economy.

Want to try again?

Comment Re:Advertising 101. (Score 2) 154

According to people who work for Trump he's not particularly smart - mainly a raging egotist who's pretty good at structuring deals so as to stiff vendors and partners, so business people really don't like dealing with him. Perhaps as a result, or just due to bad judgement on his part, his business hasn't been terribly successful either - he started by his Dad giving him a ton of money, which in total he managed to grow at half the rate of the stock market, making him a dramatically below-average investment.

Comment Re:Money for nothin... (Score 1) 456

Things people care about, like infrastructure and education, get cut because "there's not enough money". If corporations paid historically normal tax rates, there would be "enough money", so that excuse would be gone.

Of course, there's always some excuse for wasting money on defense instead of on constructive things...

Comment Re:Money for nothin... (Score 1) 456

To be clear, government spending relative to GDP in the US isn't particularly high by historical standards. The reason that there are deficits is largely because corporations are actually paying far less in taxes than they did a few decades ago, and the US real-world corporate tax rates actually paid are lower than in most other countries.

The result is that infrastructure, education, etc., are all underfund. The government ran better in the 50s through the early 70s, when corporate taxes were balanced with individual taxes, and there was enough money to run the country well, build highways, etc. Now corporations have managed to manipulate the tax laws such that they pay very low taxes, so even with government spending down quite a bit, there are still deficits. If corporate tax breaks to profitable companies (e.g. to oil companies) were stopped (since they're completely unnecessary) the budget would be in great shape. Cut defense spending to just being high (e.g. after the Carter/Reagan buildup) and we'd have huge surpluses, and could achieve really great things. Remember when the US dared to be great instead of terrified?

Comment Re:Moot Point Now (Score 1) 347

Any any non-programmer can download and run secure communications software. All that outlawing secure online communications in the US would do is destroy a large chunk of the US technology industry, as everyone would shift to buying technology from more rational suppliers.

Comment Re:IP matching (Score 2) 136

A big problem with "VPNs" is that there are a ton of incompatible, proprietary VPN tools out there, generally horrible and incompatible with each other, and/or expensive, so it's far from surprising that the security company doesn't want to deal with any of it.

If the goal of the OP is to make sure that nobody is watching his home's video other than the security company, I'd suggest using https streaming (which is what his system likely already does) with a certificate configured at the security company, verified by the sending side (in the house) so that can prove the stream is going to the security company. For extra credit, put a cert on the sending side, verified by the receiver.

Of course, you still have to trust the security company. But there's no way around that.

Comment Re:Anonymous Has Already Done This (Score 1) 69

Terrorism isn't a military contest, it is a political contest, taken by people who are committed to a cause that is clearly losing (islamic fanatics, christian fanatics, white supremacists). If you kill terrorists, you kill many non-terrorists as well, and that just makes more people hate you, aiding their recruiting. Layer on top idiot politicians (Trump) that spew racist broadsides that promote terrorist recruiting even more, and the situation never gets better.

The way to defeat terrorists is to remove the desperation that makes people vulnerable to being recruited to do horrible things. If people have decent lives, jobs, schools, family ties, etc., they're not tempted to join crazy causes. That's why the millions of Moslems in Indonesia (for example) aren't terrorists.

Comment Re:Anything Is Possible . . . (Score 3, Insightful) 69

Ads can afford a low 'hit' rate, because the cost of being wrong is very low. A good ad gets a 3% response rate, meaning 97% of the time it's a "false positive", but it's still profitable because ads are dirt cheap (0.5 cents would be high) so if you make a few dollars on the 'hits' you can easily cover the misses. In counter-terrorism, each false positive requires detectives to work the lead, making them extremely expensive to pursue. That's why every data mining approach to counter-terrorism has failed so far - the cost of pursuing the false positives gives data mining leads negative value, because they pull resources away from more productive approaches.

But the government's non-technical management loves the idea, and keeps allocating money to it, and unscrupulous researchers will keep taking the money.

Slashdot Top Deals

After an instrument has been assembled, extra components will be found on the bench.

Working...