|
ExcessBLarg! posted:Furthermore, only one user needs a weak password for you to get in. With per-password salts you don't necessarily know which passwords are weak, so you either have to guess which users might have weak passwords, or otherwise iterate through the entire list of users, wasting time on the stronger ones. I hate to resurrect password chat, but I don't understand this line. Is the idea that your cracker will find derpPassword1 derpPrettyPrincess etc and you can figure out that "derp" is the salt pretty quickly, letting you power through the rest?
|
# ¿ Mar 5, 2013 01:05 |
|
|
# ¿ Apr 28, 2024 10:44 |
|
Jabor posted:Basically it means that instead of having to try and break hashes one-by-one, you can hash "derpabc123", and check that hash against the entire list to see if anyone at all has abc123 as their password. Thanks, I understand now. That's a clever attack.
|
# ¿ Mar 5, 2013 13:40 |
|
Fuoco posted:I saw an ad on my site essentially doing the following: From the outside it looks silly, but it's probably a combination of AdServer: code:
Ad ingestion: code:
Awful app is making it impossible to output & lt; without spaces. Even tried replacing & with & amp; Volmarias fucked around with this message at 16:51 on Mar 7, 2013 |
# ¿ Mar 7, 2013 16:48 |
|
pokeyman posted:Whoops, I'm on it. I have no idea what the internals look like but I think it's pretty well designed as an end user.
|
# ¿ Mar 8, 2013 14:47 |
|
If you instantiate, push, pop, you get an exception because he starts at -1 instead of 0. You must push a sacrificial element to this implementation. I would recommend pushing it's own reference. E;f,b...
|
# ¿ Mar 9, 2013 18:11 |
|
Freakus posted:Also, memory leak: references to popped elements stay around until that spot is re-used. Aha, good catch. Obviously not a leak in C but he doesn't know Java at all.
|
# ¿ Mar 9, 2013 21:38 |
|
Yeah, I'm assuming that he took away things like * which caused compile errors in Java. So it was probably something likecode:
code:
|
# ¿ Mar 10, 2013 18:52 |
|
Ithaqua posted:Keep in mind, you are learning basically no marketable skills. This. Unless you really, really need the money, I would gtfo pronto. You will learn only bad habits here, you'll have a giant black hole on your resume, and unless you're a total nitwit you can do better. Take two weeks and learn some Android. You'll get an immediate pay bump over this job and people will actually be interested in what you've done.
|
# ¿ Mar 13, 2013 13:20 |
|
McGlockenshire posted:Someone implemented XKCD's StackSort (hover over the comic). This is magnificent
|
# ¿ Mar 19, 2013 00:28 |
|
dis astranagant posted:It doesn't check for sortedness so it reports all kinds of bullshit as sorted if you go past the first result That's part of the joke
|
# ¿ Mar 19, 2013 13:40 |
|
Suspicious Dish posted:You wrote your own OS? Yikes. Not just that but their own firmware on their own hardware? You should probably if that guy isn't on the way out.
|
# ¿ Mar 20, 2013 13:19 |
|
Doctor w-rw-rw- posted:
Nope; if retflag is 10, we want to store 0, not 2. I'm not sure there's a clever bitwise way to do this. Edit: retflag = !((retflag >> 2) || (retflag << 30))*2 maybe? Volmarias fucked around with this message at 22:07 on Mar 20, 2013 |
# ¿ Mar 20, 2013 22:03 |
|
Presto posted:What have I done? I'm honestly curious if there's a good way to do this using dumb bit twiddling and no ==
|
# ¿ Mar 20, 2013 22:32 |
|
bucketmouse posted:The best part about the xor-swap story is that it didn't slip by unnoticed and was reverted quickly. Holy hell.
|
# ¿ Mar 22, 2013 12:48 |
|
https://code.google.com/p/go/issues/detail?id=5107 posted:
I think he's upset about javadoc?
|
# ¿ Mar 22, 2013 19:10 |
|
O Tempora! O Mores! posted:At my work, one of the projects I'm on is a J2EE web application where a large portion of the dev team outsourced through an Indian consulting firm. Insofar as I can tell, the servlets they pump out work fine, but I keep running across weird code in the JSPs that makes me think they don't understand how Javascript works: I'd be charitable and assume that they just made a mental error. The first time.
|
# ¿ Mar 24, 2013 03:08 |
|
MrMoo posted:It amusing works misinterpreted as cargo-pant cult programming. Cargo pants give you a place to put all of your things and there is nothing wrong with that
|
# ¿ Mar 24, 2013 17:29 |
|
HappyHippo posted:Creationist science is cargo cult science because it copies the outward manifestations of scientific research (papers, journals, conferences, "universities") with the actual essence of what makes up science. Creationist "science" isn't really cargo cult science, because the goal isn't to try to duplicate scientific study and discourse; the goal is to create a thin veneer of credibility which they can lay on top of the Bible to say "there is controversy about evolution and the origins of the universe, therefore we should not teach evolution in schools." Cargo cults are fundamentally about not understanding how something works, and trying to reproduce behaviors by rote ritual. Creationist "science" is fundamentally about lying to people, a lot, for political gain.
|
# ¿ Mar 24, 2013 19:40 |
|
HappyHippo posted:Yeah fair enough. I still think it's a cargo cult because what they seek is the credibility of science and if you read the wedge document you can tell they somehow feel it comes from the papers and conferences. But that's not what cargo cult is at all. Cargo cult is seeing X cause Y, and then trying to do X a lot hoping it will do Y, such as Pacific island tribes making dirt airfields because they think it will make aircraft come without understanding or knowing WHY aircraft come. Creation science is trying to dress up the Bible in trappings of scientific rigor and calling it science. It's taking creationist texts and performing ctrl-H to replace "creator" with "intelligent designer." At the levels of people who can critically think, no one is fooling anyone. This is being done because it's hoped that pseudo scientific things can be used to confuse enough naive, credulous people into saying "but isn't this science too?", not because creation scientists are actually looking for a credible reason to discount evolution. It's people who don't understand cause and effect, vs literal scam artists who want to keep us at a middle ages level of science. Volmarias fucked around with this message at 21:30 on Mar 24, 2013 |
# ¿ Mar 24, 2013 21:24 |
|
HappyHippo posted:I guess I should have stuck to programming examples People who try to make things objectively worse for everyone just for personal gain get me riled up like nothing else. Sorry for the awful digression, let's get back to talking about horrible beep boop button press things
|
# ¿ Mar 24, 2013 22:36 |
|
The Gripper posted:They do, but then you have to deal with there being no authoritative repository and all the bullshit that comes with that (mostly just verifying that the copy you choose to start from is pristine). Isn't that part of the reason for signing commits, though? Being able to authenticate them? And doesn't git work on the idea that a commit includes all of its history (recursively)? The Gerrit server can sign a commit before pushing it, meaning that you can at least trust from that commit and back if you trust the signature. Edit: it looks like they weren't totally up the creek even if that last mirror failed: quote:Also, one thing I forgot to mention in the original post: we actually had tarballs of all repositories. We create them every few days, but they are not perfect backups. They’re detailed further in the update post. Volmarias fucked around with this message at 12:51 on Mar 25, 2013 |
# ¿ Mar 25, 2013 12:49 |
|
Hughlander posted:I'm completely at a lost as to why someone would do that. What happened next? git push --force origin master? Go track down someone's old laptop, merge/rebase the current repo onto an old copy and force push to restore the history! I think someone was trying to reduce the repo size. Git keeps the full history locally, you see, so this is more efficient! Of course there's repack and prune and compression mechanisms but don't worry your pretty head about that.
|
# ¿ Mar 28, 2013 14:04 |
|
Freakus posted:I don't understand: This. It sounds like a godawful way to filter out empty strings, likely copy/pasted from some forum.
|
# ¿ Mar 29, 2013 23:04 |
|
HORATIO HORNBLOWER posted:Due to downsizing at my work, I have two peoples' jobs now. Half my time is spent on new development and half my time is spent on supporting a horrendous beast of a legacy web application that is considered mission critical for a whole bunch of external customers. This app is huge and an entire book could be written about the horrors that lay within. Spend two days "fixing" it that you actually spend on making other things with less visibility better.
|
# ¿ Apr 3, 2013 23:40 |
|
The coding horrors I come across every day are the coding question implementations that my phone screen candidates give me. Is it really so hard to do LinkedList implementations?
|
# ¿ Apr 11, 2013 15:41 |
|
Hard NOP Life posted:In what language? Any language the candidate wants; I tell them to use whatever they're most comfortable with. Most choose Java, though I've had a couple do C#. At this point, I'm pleasantly surprised if the method implementation they write would actually compile. Volmarias fucked around with this message at 20:15 on Apr 11, 2013 |
# ¿ Apr 11, 2013 20:01 |
|
yaoi prophet posted:Oh, well that makes sense. I love the guy with the bananas.
|
# ¿ Apr 12, 2013 00:43 |
|
No, you don't have to clone the repo to make a branch. Yes, I understand, if you make a commit and then another commit the second commit points to the first commit. Yes, in git you can create a branch that points to an arbitrary commit. Yes, this is a common workflow.
|
# ¿ Apr 16, 2013 22:45 |
|
Doctor w-rw-rw- posted:And people like me. I always git fetch --all then git rebase origin/master master. I do this too, but mostly because I usually don't want to merge right now but I still want those patches, not because I oppose the philosophical impurity of using git pull or whatever. Volmarias fucked around with this message at 00:51 on Apr 18, 2013 |
# ¿ Apr 18, 2013 00:49 |
|
Progressive JPEG posted:Sorry that you don't care enough to learn your tools? Yeah, I was going to post this. Reflog is great; unless you go into the .git directory and physically mess something up, it's pretty hard to get into a state you can't get out of using reflogs to check out a good state.
|
# ¿ Apr 19, 2013 12:59 |
|
Arcsech posted:Is it a horror if it was made specifically to explore how horrific something could become? I wonder if they realize that people are going to want to use this in real projects? Are they aware of the horror they have unlocked?
|
# ¿ Apr 20, 2013 20:52 |
|
Wheany posted:I'm taking a pretty basic OOP course at the university, and there is nothing special about the lectures. But excercise sessions are pretty fun. This week we had to impelement Conway's game of life (in Java) without using if, switch or try. The idea was to take single responsibility principle to the extreme. I notice that there was no mention made of while or for. code:
|
# ¿ Apr 21, 2013 20:49 |
|
Suspicious Dish posted:The horror was *supposed* to be that this guy was amazingly getting around the "single entry, single exit, no goto" rules by using a do...while (FALSE);, but: Came to complain about do/while, shocked when goons found out that his code was horribly broken. The coding horror here is you, Suspicious Dish.
|
# ¿ Apr 27, 2013 16:00 |
|
FOLLOW ME BRUH posted:This was the most recent commit. I can't tell if he's learned something over the 9 months he's been doing this, or he's just run out of steam. This is strangely familiar, almost as if a coworker does the same thing and I repeatedly bang my head against a wall trying to make him write good messages. The only reason we get any good messages now is because we use Gerrit and won't accept his patches if he can't give a reasonable message. Otherwise, we'd get the same 20k lines "fixed" messages.
|
# ¿ May 4, 2013 19:03 |
|
nielsm posted:It's probably a case of just hacking away and pasting in giants chunks of googled code, and once a week or so remembering, "oh yeah that 'source control' poo poo they're forcing me to use..." Yes, this. There are many source control sins of this developer, but the worst is that he works on multiple things simultaneously, so a patch will have a feature and maybe part of another. Put it in another patch? Nah, just comment it out with "uncomment later when ready" as a comment next to it.
|
# ¿ May 4, 2013 20:45 |
|
Edit: nevermind
Volmarias fucked around with this message at 17:03 on May 5, 2013 |
# ¿ May 5, 2013 16:53 |
|
Don Music posted:In a uni programming contest, where you can use any language you like, one student writes in C, and writes like this. I started reading this until I realized that life is too short for this kind of horseshit unless someone is paying me.
|
# ¿ May 6, 2013 13:47 |
|
Dren posted:Have you ever tried interviewing intra-company candidates who you wouldn't be interviewing if it weren't for the fact that you were doing HR a solid? Oh, this wasn't a joke about how they were probably just as competent. For all the guff that Atwood gives/gets, I'm really getting tempted to actually ask fizzbuzz and see what happens.
|
# ¿ May 7, 2013 00:01 |
|
Jabor posted:Be careful with fizzbuzz, because it doesn't really help with screening out the degree mill graduates who study those "interview questions" and can regurgitate an answer, but still don't actually know how to program. My "go to" question is asking them to remove an element from a linked list, where they give the linked list structure beforehand as a convenience. Is this really so much to ask? I want "can give the correct answer" to be the bare minimum but so many can't even handle that
|
# ¿ May 7, 2013 01:13 |
|
|
# ¿ Apr 28, 2024 10:44 |
|
Dren posted:I've found that you don't have to ask people about code in order to figure out that they can't code. You can weed them out before that. Ask them to explain some projects on their resume, their role on those projects, and describe a code problem they encountered. This doesn't work, at least not for us. We get people who talk a great game but literally cannot code anything.
|
# ¿ May 7, 2013 03:28 |