Perhaps, how not to do Open Source Software!

In grepping my feeds, I noticed something interesting about Diaspora finally hitting some recent publicity since my last check in. For those not in the know, Diaspora is meant to be a replacement for Facebook. The idea is good, basically take everything you could bitch about privacy issues on FB, fix it and roll it out with a distributed system that gives you as much control as possible over your stuff. I agree with Mark Zuckerberg (the FB guy) that Diaspora is a cool idea, really it is because of the decentralisation.

From what I’ve been reading about their first code drop however, I must say that it does not seem to be off to a very good start. A system that, to my knowledge touts privacy and security (compared to Facebook) as one of it’s strong points, obviously should not premier with more leaky holes than a Windows 98 demonstration. As much as I would like to crack a joke at that old relic, I can’t help but think how well Bill Gates took that incident in public. Old farts and fellow history lovers might see the inner-humour in that comparison. (Yes I used ’98.)

Being able to get a lot more eyes on target and the freedom in which fixes may flow, is one virtue of open source development, especially if you have enough people with a vested “Interest” in the projects outcome. There are many people who would like to see something like Diaspora succeed, and among them surely, more than a couple people willing to contribute aid towards that end. In a closed source environment, problems like that found in Diaspora would have only been findable by playing around with the release, and consequentially only fixed by the original developers a long time after attacks went wild. Like wise investors would be a different sort. Yes, even power users do glance at how their software works, let along crackers. Of those who really are looking closely, most are probably the dregs of the Internet or paid for the job, and either way it would be bad to bank business on the kindness of others. To my knowledge the only profit in finding exploits, is what you can slurp out of saps before it gets patched.

In the first article I checked out, some of the (now fixed) defects highlighted from Disporas code base were just blaringly, “WHAT THE FUCK WERE YOU THINKING!?” kind of problems. In the least, several of them are on my heads internal list of “No, No” to check before wrapping up. It makes me think the masterminds behind implementing the thing, were woefully unprepared for the task: web development is no easy task—and it is best if you take an anal approach to security early on, in my honest opinion.

The thing that irks me however, is who should be fixing those kind of things? Most of what I’ve seen highlighted should have been fixed before the code even left the developers workstation, if you go by my coding ethic. That gives my mind a moment to think about student-programmers, but this isn’t a rant; yet. Any way you slice it however, it is no the whole wide world of Open Sources job to be fixing everybody else’s code! Before you put your name on it, geeze, make sure it smells like a roll before you get rolled. I don’t mean to say anything against the developers… but this is looking like the start of an epic failure. Sadly.

A reminder of why I don’t miss Ruby

About two minutes if thumbing around the official documentation for Ruby’s standard library, I quickly realised it would be faster to Google how to use the module for MD5/SHA* stuff than read the official stuff:



    def encrypt_password
      # This is just a place holder implementation for now
      require ‘digest’
      self.password = Digest::SHA512.hexdigest(password)
    end
Compare the documentation for Ruby’s Digest to Pythons’ hashlib. Even an uncommented C++ header file would be more useful than the docs for Ruby’s Digest module :-S.

I’ve been reading a rather worrisome article, talking about a proposal for an Internet treaty. Can’t say the same for my fellow netizens, but that is a damn scary idea! Politics and the control of the ‘net, should have no association IMHO. One might be able to argue that politics is an essential part of every aspect of our existence, whether we accept it or not, while I think it’s more so a crock.

The older I get, the more the good things fade away into the history books.

Somehow, I could swear that food must be the single most discussed thing between me and friends :-/. What is it that is so universal about food!!!

Today I was woken up bright and early, to deal with the not so unusual affair that my mothers computer isn’t working correctly 8=). Of course, never ask a luser for details, you will only get an answer that leads to twenty plus possibilities depending on the missing context information o/.

In this case, the one useful bit of information: that doesn’t have to do with my mother’s inability to read error messages, was that there was a power bleep eariler this morning. Something that I have noticed about the equipment here, if the power is out for minutes or hours, it usually retains it’s settings. Ditto for the occasional power cycle. If the power however, goes out briefly and then quickly back on, the fuckers tend to reset to “Factory defaults”. In this particular case both the router and modem did that. Normally that’s not so bad, since the *********** modem our ISP issued just requires an old copy of IE to get to the setup page. In abusing it through both the last bit of battery power on my laptop, and carting ma’s computer down here, I found the relevant portion of the P.O.S.ASP pages were locked out, even when you have the magic key o/. I.e. the only way to get their fucking modem working with our rat fucking router, courtesy of their changes: was to call and deal with a voice recognition program and get the bloody thing reset (so much the damn reset button working) and keyed in again. All of this, I did manually ages ago when we changed to this ISP. Something about being locked out of crap that was paid for ten times over, because other people are to fucking numb to know what the fuck they’re doing, I personally find insulting. Especially when if you consider how little security checks the machine had on “Doing it”. Can anyone say D.O.S. with a dirty mind?

On the upside, I managed to calm down for a bit and got to spend time playing around with several API docs, as well as finally setting up F#. I’m interested to see how well that works, hehe ;). I’ve also gotten in some COD6 time, mostly Free For All mode. Modern Warfare 2 in Team Death Match has about as much to do with modern warfare, as Free For All has to do with a bunch of trainees at BUD/S doing Log PT. For those that don’t comprehend, unless you’re the Terminator, one man can’t toat one of those huge ass logs, and if you try pretending war is like COD6, your ass will be grass fast in the real world, and it might just be blown off by your squad lol.

For the most part, I gave up on many adversarial games some years back. In 90% of games, even in “Team” modes, the only benefit is only part of the server is out for your blood. I only care about structured team games, the kind that have some basis in being serious. In a reasonable game, you’ll either get maps that reward skilled tacticians (Delta Force games used to be great for scout sniping for example) or make it possible for team games to actually become team games, when enough like minded folk are present. BF2 and even COD:UO being examples.

For the most part, when I want an adversarial game, I usually go for Quake Live FFA or Urban Terror TDM/FFA. The former is a frag fest like four times faster than Modern Warfare 2 and the former only about twice as fast a pace, but has the advantage that sniping is still practical once you go into TDM. COD6 plays almost the same in TDM as FFA, except you have to discriminate your targets first.

Programming: Things We Should Take For Granted

Since an anniversary is coming up, and I’ve accumulated a nice chunk of experience in the years since I started learning how to program—I’ve been reflecting on what languages have thought me, about getting stuff done. This is also, obviously a rant.

That’s the cardinal rule. I don’t give a shit if it has more fan boys than Apple, or if it’s the most brilliant idea since they blamed the invention of fire on Prometheus. It has to be useful for getting stuff done!

Here’s some nick nacks that you should expect from programming languages since the 1970s, oh how little we have moved forward…







Serious Scoping

The ability to define modular scopes. In most cases this simply has to do with managing namespaces, either via built in language constructs (C++, PHP5.3, C#) or the natural order of modules in general (C, Java, Python), but really it’s trivial. It kind of has to do with building out of the whole ‘scope’ concept in general.  In other wards, we could say that a namespace is a kind of scope. Looking at the Wikipedia page, it seems someone agrees with that notion. Using this lingual functionality, you essentially have object oriented programming at your disposal: sans the the ‘tors hidden behind the curtain. Some languages even thrown those in, making OOP a real snap. While the inheritance model is popular and the less well known prototyping model is interesting, they are not required for achieving the core aims of object oriented programming; at least not the ones touted ;).

Anonymous Executable Code Blocks

Basically anonymous functions. This means we can write higher order functions, in other words functions can take and return functions. We can even do part of this in C through the use of function pointers (and C++ also has function objects, which are nicer if more verbose). But we can’t define those functions on the fly, right there and then, making things harder. C++ and Java will at long fucking last be gaining a solution to this, if we live long enough to see it happen. Most languages worth learning have made doing all this pretty easy.

Abuse of Lexical Scoping

This usually means lexical closures, which in tern makes the aforementioned anonymous functions a prerequisite for happiness in normal cases. They could also cook up something different but equivalent to that for a change, but alas don’t count on that! So the anon’ func’ thing is where it’s at for now. If the language lacks closures, it’s obviously a fucking moron, or it had better be old. C at least has that excuse. What about you Java? The road to 7 is a sick joke.  Anyway as I was saying, if you have both serious scoping and a way to define executable blocks without a name, you ought to be able to treat it just like anything else that has a value. Here’s an example in pseudo code:

var x = function {
  var y = 0
  return function { y = y+1; return y }
}

test1 = x()
test2 = x()

do { test1(); test2() } for 0 to 5

You can expect either of two things to happen here:

  1. Every function returned by x will increment the instance of y stored in x.
  2. Every function returned by x will get it’s own private copy of y.

The latter is the norm. I rather think the former is better, if you also provide means of doing the latter, syntactically; this makes the closing over of data more explicit. In terms of how it would look, think about the static and new keywords in many staticly typed OO languages and copy constructors, then you’ll get some sort of idea. I blame my point of view on this on spending to much time with Python. Ditto for my thoughts on memory allocation, courtesy of C.

While we’re at it, if the vaguely EcmaScript like pseudo code above was a real language: you should expect that function x {} and test1(), test()2 for … to be sugar for the relevant snippets out of the above, or else you ought to break out the tar and feathers! I wrote them as I did to make it painfully obvious what’s happening to people still struggling at var x = function {}. Kudios if you figured out why I wrote do { } for instead of for {}. If you’re laughing after reading this, after reading the above paragraph, yippe :-). If you’re now scrolling back up, then sorry.

Just shuddup & build it!

Which is so sorely missed in most compiled languages. There should be no need to define the relationship between modules or how to build it, it should be inferable from the source code. So should the type of most things, if the Lisp, SML, C#, and C++0x people are anyone to listen to. Building a cross platform C or C++ app is a bitch. Java is gay. Most dynamic languages are fine, so long as you keep everything in that language and have no C/C++ extensions to build. The closest that is possible to this “Just shuddup & build it” concept in most main stream languages, depends on dedicated build infrastructures built on top of make tools (FreeBSD, Go, etc) or IDEs. Either case is a crock of shit until it comes as part of the language, not a language implementation or a home brewed system. Build tools like CMake and SCons can kiss my ass. It’s basically a no win situation. JVM/CLI-languages seem to take a stab at things but still fail flat; Go manages better.

Dependency management also complicates things, because building your dependencies and using them becomes part of building your project. Most dynamic languages have gown some method of doing this, compiled ones are still acting like it’s the 70s. For what it’s worth, Google’s goinstall is the least painful solution I’ve encountered. Ruby’s gems would come in second place if it wasn’t for Microsoft Windows and C/C++ issues cropping in here and there. Python eggs and Perl modules are related.

Here’s an example of brain damage:

using Foo;

class X {
  public test() {
    var x = new Foo.Bar();
    // do something to x
  }
}

Which should be enough to tell the compiler how to use Foo. Not just that you can type new Bar() instead of new Foo.Bar(), should you wish to do so. Compiling the above would look something like:

dot-net> csc -r:Foo.dll /r:SomeDependencyOfFoo.dll
mono$ mcs -r:Foo.dll -r:SomeDependencyOfFoo.dll

Which is a lazy crock of shit excuse for not getting creative with C#’s syntax (See also the /r:alias=file syntax in Microsoft’s compiler documentation for an interesting idea). The only thing that a using statement lacks for being able to tell the compiler, is what file is being referenced, i.e. where to find the Foo namespace at run time. Some languages like Java (and many .NET developers seem to agree) impose a convention about organising namespaces and file systems. It’s one way, but I don’t care for it.

What is so fucking hard about this:

using "Foo-2.1" as Foo;

in order to say that Foo is found in Foo-2.1.dll instead of Foo.dll. If that sounds like weird syntax, just look closer at P/Invoke, how Java does packages, and Pythons import as syntax.

So obviously we can use the languages syntax to provide whatever linking info should be needed at compile time; figuring out where to find the needed files at compile and run time is left as an exercise for the reader (and easily thunk about if you know a few language implementations).

In short, beyond exporting an environment variable saying where extra to look for dependencies at compile/runtime, we should not have to be arsed about any of that bull shit. If you’re smart, you will have noted most of what I just talked about has to do with the compiling and linking against dependencies, not building them. Good point. If we’re talking about building things without a hassle, we also have to talk about building dependencies.

Well guess what folks, if you can build a program without having to bitch fuck about with linking to your libraries, you shouldn’t have to worry about building them either. That’s the sense behind the above. What’s so hard about issuing multiple commands (one per dependency and then again for your program) or doing it recursively. Simple. But no, just about every programming language has to suck at this. Some language implementations (Visual C++) make a respectable crack at it, so long as you rely on their system. Being outside the language standards, such things can suck my rebel dick before I’ll consider them in this context.

Let’s take a fairly typical language as an example. C# and Java for starters, and to the lesser extent of C and C++ as far as their standards allow, we can infer a few things by looking at source code. Simply put if the main method required for a program is not there, obviously the bundle of files refer to a library or libraries. If it is there, you’re building a program. Bingo, we have a weener! Now if we’re making life easier, you might ask about a case where the code is laid out in the file system in a way that makes that all harder to figure out. Well guess what, that means you laid it out wrong, or you shouldn’t be caring about the static versus dynamic linking stuff. D’uh.

Run down of the Main Stream

Just about every language has had serious scoping built in from day one, or has grown it over the years, like FORTRAN and COBOL. Some languages get a bit better at it, C# for example is very good at it. C++ and Python get the job done but are a bit faulty, since you can circumvent the scoping in certain cases; although I reckon that’s possible in any language that can compile down to a lingual level below such scoping concepts. Some might also wonder why I had listed PHP 5.3 earlier when talking about “Serious scoping”, well 5.3 basically fixes the main faults PHP had, the only problem is in common practice PHP is more often written like an unstructured BASIC. Die idiots Die. Languages like Java and Ruby basically run it fairly typical. By contrast Perl mostly puts it in your hands by abusing lexical scope. I love Perl.

In terms of anonymous functions, Perl, Lisp, and SML are excellent at it and modern C# manages quite nicely (if you don’t mind the type system). Where as C, C++, and Java are just fucking retards on this subject. Python and Ruby also make things someone icky: functions are not first class objects in Ruby, so you have to deal with Proc to have much fun; like wise Pythons lambda’s are limited, so you usually have to result to Pascalesque scope abuse to manage something useful, in the way of nesting things in the scope. Lisp is queen here, Perl and JavaScript are also very sexy beasts when getting into anonymous functions.

In terms of lexical closures across languages, I’ll just leave it to the text books.

As far as being able to shout “Just shuddup & build it!”, they all suck!!! Most of the build related stuff is not iron clad defined by the C99/C++03 standards documents, and you are a fucking moron if you expect the entire world to use any given tool X to build their C/C++ software o/. That rules out things like Visual Studio (vcbuild/msbuild), Make, and all the wide world of build tools you can think of. The most common dynamic languages in the main stream are better. In order of least to most suckyness Perl, Ruby, and Python make the process less painful; my reason for rating them thus is because of extension modules. PHP and Java, I’m not even going to rate. They provide tools to help you build and distribute your extension modules and your native modules. The only gripes come from the principal language implementations being implemented in C. For pure modules (E.g. no C extensions), they are excellent! The least painful language that I’ve gotten to use, has been Go – which has the best thing since CPAN. Which is still harder than it should be o/.

The question I wonder, is if it took until like the 2000s to get closures going strong after the serious scoping stuff took off by the late 1960s/early 1970s; will I have to survive until the 2030s-2050s to be able to bask in the wake of just being able to build stuff in peace? Most likely old friend C will still be there, but other languages should reach main stream in another 30+ years… not just the ones we have now. That, or we could go back to lisp…. hehehe.

Just saw last years Sherlock Holmes flick, and I must say, that it’s both stimulating and bloody brilliant! While Basil Rathbone’s portrayals typically come to mind when I think of Holmes, I must admit that I loved the take spun on the original duo ;).

Can you ask for more than the master detective and the dear doctor, pitted against a super-genius and the black arts? Even better the films constructed so you can follow it, even with varying levels of intellect. Of course the obvious question is who the heck is Blackwood but it makes sense. Unless you’re able to connect the Holmesian dots in your brains background thread, rather then wait for Irene Adler to spell it out at the end: even the biggest surprise is revealed, superbly I might add.

Although I do enjoy a stimulating mystery, I’ve never been a big fan of Sherlock Holmes or the genre. I do however, admire such a mind :-). I reckon that would be obvious, for anyone knowing parts of mine lol.

A downside to being a super geek

In reading this page, I can’t help but think about these two sentences:

We thought, “Sheesh, people are too busy running their businesses to learn how to code HTML emails. Email marketing is so easy, a monkey could be doing it for them.

To a geek like me, that is like saying, “Sheesh, people are to busy running their businesses to learn how to write“. I admit, many people are ‘that’ busy or just lazy – they pay someone to write it for them. That’s how life is.

But for the love of Pete’s sister, you should still learn how to write!
Anyone who thinks HTML is hard stuff, should power off their computer, stand up, and check themselves for brain damage. Because learning to how to write down your A, B, and Cs back in school was ten thousand times harder. Seriously.
For those who are merely ignorant, HTML is the system of writing used to write web pages. Just like most of us used to use cursive for writing letters, before everyone got into e-mail and text messaging. The difference is HTML actually is actually the minimal effort needed to learn it, where as it is very debatable if the (comparatively) large amount of time needed to learn cursive is worth adding to your répertoire. That’s not even counting trying to read someone else’ handwriting!

Another day at the races

Well, I’ve completed the last part of my job hunt that requires me hoofing it across the city! Across two days, I’ve compiled a list of just about every business in my city, omitting those that obviously dead weights, like hair & nails salons. I’m not qualified for their work, nor have I any sense in trying to sell them on computerising things lol. My intention is to cross reference all the info into a data store on my computer, than have a program compile it down into an order of contact:

  1. Which ones to cold call and offering my “Services” as a super geek.
  2. Which ones to apply for online out of necessity.
  3. Which ones to walk in and apply.
  4. Which ones to call and see if they are hiring.
Believe it or not, more companies have moved their application processes into the clouds than you would think, to the extent that the only way to apply is by a computer. For how shitty web sites tend to be and how little point I see in a kiosk subbing for one, I actually prefer walking in and dealing with a paper application. O.K. maybe I am old fashioned in some ways, even if I usually groan at the notion of hard copy >_>.
On Friday I collected about half the city using a mixture of car and foot travel, the main central hubs for work in this rattle trap. By that, I mean it’s a city where people live and most commute, be it for work or pleasure lol. Today I took off on foot and got the other half. I think this year, I have seen more of this place on foot than I have seen in 10 years of riding in cars. Tonight or tomorrow I’ll get a program thrown together for the data entry procedure; which is a trivial task for my programming skills.
Somehow it figures that have nearly 5 hours of marching almost continuously, it’s an hour of sitting with my feet up at home that makes my legs stiff as a board! On the upside though, I absolutely love my new boots and the boonie hat really keeps me cool :-D.  Then again, anything under 40 C is practically like air conditioning for me lolololol.

According to the BBC, it seems that some people think modern technology is making people stupid. I think they were already stupid ;).

The Internet in particular tasks us with the acquisition and evaluation of knowledge, something that separates me from Joe Blow from kokomo, is my super power to quickly gather and parse massive amounts of info, evaluate the details, and push forward using it.