submitted 1 day ago by [email protected] to c/[email protected]
[-] [email protected] 2 points 2 days ago

Remembering ActiveX Controls, the Web’s Biggest Mistake:

Running JavaScript everywhere is looming as one of the biggest screwups in InfoSec. What do userscript extensions like Grease monkey teach us?

[-] [email protected] 3 points 2 days ago* (last edited 2 days ago)

Ah, the Microsoft tradition of always having the wrong priorities.

I wouldn't be too hard on Microsoft. The requirement to curate public package repositories only emerged somewhat recently, as demonstrated by the likes of npm, and putting in place a process to audit and pull out offending packages might not be straight-forward.

I think the main take on this is to learn the lesson that it is not safe to install random software you come across online. Is this lesson new, though?

submitted 2 days ago by [email protected] to c/[email protected]
submitted 3 days ago by [email protected] to c/[email protected]
Needlessly Public (euroquis.nl)
submitted 3 days ago by [email protected] to c/[email protected]
[-] [email protected] 1 points 4 days ago

Agile is not a system. It’s a set of principles, set by the Agile manifesto.

The Agile manifesto boils down to a set of priorities that aren’t even set as absolutes.

I strongly recommend you read upon Agile before blaming things you don’t like on things you don’t understand .

submitted 4 days ago by [email protected] to c/[email protected]
submitted 1 week ago by [email protected] to c/[email protected]
submitted 1 week ago by [email protected] to c/[email protected]
Announcing HAProxy 3.0 (www.haproxy.com)
submitted 2 weeks ago by [email protected] to c/[email protected]
submitted 2 weeks ago by [email protected] to c/[email protected]
submitted 2 weeks ago by [email protected] to c/[email protected]
submitted 2 weeks ago by [email protected] to c/[email protected]
[-] [email protected] 44 points 2 weeks ago

First communication, because they clearly were confused about what was happening and felt like they didn’t have anyone technical explain it to them and it felt like a sales pitch.

I don't think that was the case.

The substack post is a one-sided and very partial account, and one that doesn't pass the smell test. They use an awful lot of weasel worlds and leave about whole accounts on what has been discussed with cloud flare in meetings summoned with a matter of urgency.

Occam's razor suggests they were intentionally involved in multiple layers of abuse, were told to stop it, ignored all warnings, and once the consequences hit they decided to launch a public attack on their hosting providers.

submitted 2 weeks ago by [email protected] to c/[email protected]
[-] [email protected] 29 points 2 months ago

But in my humble opinion, those projects shouldn’t really exist.

What's the point of your opinion if not only do these projects exist but they are also pervasive?

You cannot wish things away and pretend reality is something different.

[-] [email protected] 62 points 6 months ago

Eduards Sizovs, the DevTernity organizer accused of making up fake female speakers, felt it was the right PR move to post this message on Twitter:


So I've been called out (and canceled?) by listing a person on my conference's website (who never actually made it to the final program). JUST A RANDOM PERSON ON THE CONFERENCE WEBSITE canceled all the good work I've been doing for 15+ years. All focus on that.

I said it was a mistake, a bug that turned out to be a feature. I even fixed that on my website! We're cool? Nooooo, we want blood! Let's cancel this SINNER!

The amount of hate and lynching I keep receiving is as if I would have scammed or killed someone. But I won't defend myself because I don't feel guilty. I did nothing terrible that I need to apologize for. The conference has always delivered on its promise. It's an awesome, inclusive, event. And yes, I like Uncle Bob's talks. They're damn good.

When the mob comes for you, you're alone. So, let it be. I'll keep doing a great conference. With all speakers, half the speakers, or I'll be speaking alone on all tracks and lose my voice. But the event will be a blast. Like always. I'll die while doing great work. But the mob won't kill me.

I don't think that tone-deaf is the right word for this.

[-] [email protected] 90 points 6 months ago

From the article:

"To spell it out why this conference generated fake women speakers," Orosz alleges, it was "because the organizer wants big names and it probably seemed like an easy way to address their diversity concerns. Incredibly lazy."

How hard is it for these organizers to actually reach out to women developers and extend an invite to talk about any topic they are interested in? In the very least, there are tons of high-profile bloggers who are vocal about things and stuff. Even though women are severely outnumbered, you almost need to go way out of your way to avoid actually extending an invite to a woman in the field.

[-] [email protected] 33 points 7 months ago* (last edited 7 months ago)

but I don’t understand why they don’t self-host

Why would anyone self-host a FLOSS project? Trade secrets is not a concern, nor is it barring access to the source code repository. Why would anyone waste their resources managing a service that adds no value beyond a third-party service like GitHub?

[-] [email protected] 113 points 9 months ago* (last edited 9 months ago)

A few years ago I was in a hiring loop where four interviewers grilled me on a number of subjects, including algorithms and data structures. They asked me all sorts of trivia questions on assimptotic complexity of this and that algorithm, how to implement this and that, how to traverse stuff, etc. As luck would have it, I was hired. I spent a few years working for that company and not a single time did I ever implemented a data structure at all or wrote any sort of iterator. Not once.

I did spend months writing stuff in an internal wiki.

I can't help but feel that those bullshit leetcode data structures computational complexity trivia are just a convoluted form of ladder-pulling.

[-] [email protected] 49 points 9 months ago

Elon Musk buying it.

Holy hell, you went for the jugular.

[-] [email protected] 37 points 9 months ago* (last edited 9 months ago)

Java gets a bad reputation from proponents of FOMO/fad-driven development, but the whole Java ecosystem was built for the web. Anyone is hard-pressed to find a better tech stack than Java-based frameworks without resorting to hand waving and passing personal opinions as facts.

I love C# and the whole .NET Core ecosystem, but even I have to admit it's very hard to argue against java.

[-] [email protected] 33 points 10 months ago

Also, double can and does in fact represent integers exactly.

view more: next ›


joined 10 months ago