top Anonabox Accused of Lying About Its Product Being Open-Source On Kickstarter
This is horrifying - how gullible do you have to be to back and trust this? It's such a big fat juicy target for the NSA (or FBI or Russian hackers or any other group of
miscreants). It's a 'spy on me!' box for the people they most want to spy on. If they have the full help of the company then they can add cheap hardware to the build so that even if you completely wipe and reflash the main partition their stuff still runs. Even if the company were legit, all you need is one guy or one pwned computer inside it.
A couple years ago you'd be crazy paranoid to think they'd bother, but post-Snowden we know they have the time, the interest, and unlimited resources.
top Snapchat Says Users Were Victimized By Their Use of Third-Party Apps
The 3rd party apps only even worked because Snapchat is hideously insecure and has been from day one. It stored the pictures unencrypted on the device and didn't even bother actually erasing them (just moved them to another folder!). It's since improved slightly, but it's a fundamentally insecure design and they're apparently being too disruptive and innovative to fix it.
about a month and a half ago
top What's Been the Best Linux Distro of 2014?
This is it! The year of FreeBSD on the desktop!
about a month and a half ago
top The Single Vigilante Behind Facebook's 'Real Name' Crackdown
I apologize for the semi-offensive subject, but nothing else I tried was as accurate or clear.
There's no 'lone actor' or 'rogue account' forcing them to do this. This is THEIR OWN POLICY. Claiming someone else 'forced' them to do it is standard corporate/military/law enforcement weaseling. 'The officer's gun was discharged 30 times into the suspect.' Well darn, that poor officer with his gun going off like that and all.
Total damage control bullcrap.
top Internet Explorer Implements HTTP/2 Support
Parsing is not necessary. When it's binary, you can directly read and use the values.
*facepalm* This is
/exactly/ why it opens up a whole new class of client (or server) vulnerabilities. You have to assume you are being lied to by something malicious instead of just using the values. Easiest one - in a length field, lie about how many bytes are in the field. That's the Heartbleed bug!
And you're still going to have to parse it - you get a binary blob, but it's not a fixed struct you can just drop into memory and access the members of directly (that would be bad, anyhow). But it's a much easier parsing job... Tag, Length, Value... unless you're being lied to.
top NY Magistrate: Legal Papers Can Be Served Via Facebook
Paper serving is not some super serious must be done in person thing. You usually do need to try to have a process server try to serve the papers in person. But when that fails, then it's good enough to just give it to a housemate or relative. If you can't do that, then it can be mailed. If it gets down to it, *the papers can be served just by posting a notice in the newspaper*.
Facebook has 'the message was seen', which is more reliable than a lot of these. If it goes into your spam then it doesn't get marked as read. And it's fairly obvious whether you've been active on your account or not - it's (hopefully) much harder for someone to fake being you on FB for six months without anyone noticing than it is to just register a mail address in your name.
The courts are used to dealing with all manner of tricksy dirtbags, so when they go into hiding mode, the courts go into more aggressive, more error-prone methods. This fits right in there. You can, of course, just lock down your FB account for posting - or use an app that doesn't mark the message as read. But FB users are more likely to be posting public photos of their crimes on FB than to fix their privacy settings.
top Technological Solution For Texting While Driving Struggles For Traction
Another engineer who thinks he can cobble up a single technological solution to a social problem.
This is the same sort of hubris that has legislators passing random crap to 'fix' a problem with zero understanding of the problem or the consequences of their solution. It's arrogance. For one, it assumes you're smarter (or at least sharper) than the people you're trying to control.
(Disclaimer: I'm an engineer.)
top Is the Software Renaissance Ending?
Everyone thinks this when their specific little niche goes away for whatever reason. Or even when it changes.
Opportunists who are just in it for easy money will bail out and find whatever the land rush is this month. The others will find a way. Remember when AAA gaming crushed all small budget games forever? Yeah.
(This can be 'bad' as well if you're one of those people who think income is the only thing that matters... some of those people could have done better financially elsewhere).
top The Simultaneous Rise and Decline of
"he doesn't really offer an opinion on how good the game is"
The game's not out yet. But odds are, based on every other entry in the franchise, it will be terribly broken and buggy at launch and the servers won't stay up. That's the point of the article.
top Report: YouTube Buying Twitch.tv For $1 Billion
Since by YouTube's standards, everything on Twitch is a 'copyright violation' (streaming footage of a video game and completely ignoring that most of it is Fair Use with added content) I really have to wonder how they intend to deal with the corporate trolls who are now going to descend on Twitch like the vultures they are.
I imagine that will involve giving most of the money currently going to the content creators to the copyright asserters. The RIAA model.
top Job Postings For Python, NoSQL, Apache Hadoop Way Up This Year
TFA is kind of dumb for not giving the numbers, but a quick search on Dice turns up 4800 python listings.
Compare to 1770 Hadoop listings, 1490 NoSQL, and 3250 for 'Big Data' and you can see that it's kind of the opposite of what you were suggesting. The reason Python is only up 16% is because it had so many listings last year already.
2700 Ruby listings for comparison, regarding another post.
top C++ and the STL 12 Years Later: What Do You Think Now?
Compared to what it used to be, C++11 is very nice. But it's still one of the ugliest, most obfuscated languages for general production work. I realize why this is so - speed and memory concerns still make it the go to language (har) when you really care about either of those.
I used to use C++ constantly. But it's very rare now that we can't just write what we need in C# (medium to large scale) or Python (small to medium scale) in 1/3rd the time (or 1/10th for anything GUI). And for embedded we're still using pure C.
So we use C++ in that very rare intersection where we have some complexity and speed actually matters. Most recently in an image pipeline where the app itself is all C# and the heavy lifting (billions of pixels) is done in non-managed C++ (they didn't want to require GPU). It was okay, but using C++ and C# together makes you really aware of just how much administrative overhead C++ has, though the classes certainly made things better compared to pure C.
So... it definitely has a niche, but it's not normally the most efficient way to do things, for implementation speed, cleanliness, or maintainability.
top Biofuels From Corn Can Create More Greenhouse Gases Than Gasoline
Corn (maize) is one of the worst possible plant masses you could grow to make biofuel. It's horribly inefficient compared to other crops.
We've always known this. And it drives up the price of food. Globally.
Why are we still using corn to make ethanol? Farm lobby.
top Ask Slashdot: Can an Old Programmer Learn New Tricks?
I've been programming longer than you have and I'm still learning new things every day. That's not an exaggeration - we have so many cool projects at work that I can't stagnate.
The key here is to have a problem to solve, then learn whatever you need to learn to solve that problem.
You don't decide 'Well I should learn PHP now... okay, now what do I do with this?' or 'I hear Java is good on a resume.' You find a problem that's interesting to you (I want to make a game that... I want to make a neat device that...) and then you learn whatever it is you have to learn. For instance starting to deal with firmware, motors, devices, etc is like a rebirth for a lot of people compared to the boring ennui of database and web services. It's amazing how much you can do with a little Arduino or Raspberry Pi or the equivalent, and that's often enough to kick you out of your stupor.
If you can't think of anything, or if coming up with a game or trying a neat little embedded system doesn't put you back into obsessive creative mode then it's probably time to consider a new line of work, or just how to ride out your days till retirement.
top PC Game Prices — Valve Starts the Race To Zero
If you're going to read the article, read the comments (on Gamasutra). Other devs point out that you've always been able to set your price on Steam games - it just takes less intervention to change it now. You could always launch a free or 99 cent game there. The Steam market is not the mobile market (thank god).
top Good Engineering Managers Just "Don't Exist"
I work for one of them. I've worked for two others previously.
Current boss likes being able to have his fingers in all the design pies, which he can do because he doesn't have to code any more. That could be a disaster if he were a micromanaging ego driven tool who wanted to own everything, but he knows what he doesn't know and defers to the area experts/leaders. He comes up with very good ideas or ties it together with another part of the project, so he's also contributing.
He spends the other half of the time doing all those horrible managery things the rest of us don't want to do. And for that he makes more money.
Of course this
/requires/ someone who can manage his time and his ego effectively to work well, but they do exist.
top Headhunters Can't Tell Anything From Facebook Profiles
This seems to be a common theme, but recruiters on LinkedIn, who have easy access to prefiltered data right from my own fingers, can't even manage to comprehend that.
My info: EE/CS, no interest in management, no interest in relocating from west coast.
Recruiter: Hey Sarusa, plz call me about this great ME (Mechanical Engineer) management opportunity in Madison, Wisconsin that just opened up.
I'm not making that one up. I wish I were. Ones that bad happen rarely, but weaker forms of that happen constantly.
top Clam That Was Killed Determining Its Age Was Over 100 Years Older Than Estimated
Since the Chinese formula is rarity + cost = raging boners, I sure hope they ground this guy up into aphrodisiac powder and saved a couple tigers or black rhinos.
top Ask Slashdot: How Do You Choose Frameworks That Will Survive?
Sadly, this isn't a technical question, it's a political question. You've got the following considerations:
- Is it a clean, well designed framework with good docs and good support?
- Can I count on the ecosystem it's designed for surviving?
- What's the owner's record on this?
Only the first is really technical. In the case of Flex, at the time you couldn't predict that Flash would fall from grace so fast and that Adobe would abandon the Linux version. In the case of Qt, well, there's always a need for embedded device GUIs - but there was a chance that after Nokia bought Trolltech it might have ended up being bought and killed by Microsoft when they bought Nokia. Luckily it was already spun off into Digia.
I guess you could collapse this into 'Do I trust the owner?' I don't trust Adobe, so I would have skipped Flex, but on the other hand Flash had a good long run. I know going in that any MS framework like XNA will be obsoleted in a couple years, but will be supported for quite a while at least. I trusted Trolltech, but then they got bought by Nokia - that's the sort of thing you can't really predict.
top Facebook May Dislike the Social Fixer Extension, but Many Users Love It (Video)
And of course in theory you can actually leave Facebook, though in practice the peer pressure works pretty damn well.
Let me just bury that metaphor under a rock somewhere.
Sarusa has no journal entries.