Posts by clocKwize

No picture from the outside?

Odd to review a car without posting a photo of it..

Where does the fault lie?

"secret access key" to the database... You mean password.

Posted to a gist, which was probably a secret gist, but it's still accessible by anyone who knows the url... I'm assuming they are trying to find the engineer who probably accidentally posted it with a paste of some code.

Is it their fault alone? Probably not.. Keys should be stored in configuration files or ENV, not code. If that was the case the whole team is responsible for never fixing that massively bad practice

If you are going out of your way to manually generate bytecode that does not conform to the specification but just happens to work, I'm not sure how much sympathy I have.

I know it might be indirectly via some tool or another and those doing it might not know it was happening, but someone somewhere was doing it and it sounds like an all round bad idea that would obviously byte(geddit) them in the arse at some point.

RE: This bug represents a cultural problem at FB

Unfortunately people can't possibly comprehend every possible path an application can take especially when that application has as many different parts as facebook. I'm sure they try their very best but its easy to overlook something once in a while.

At least they are doing something positive by paying bounties to security researchers who find bugs, instead of prosecuting them..

The best possible way to try and fix vulnerabilities like these is to get a bunch of people to try and find them from the outside in and tell them, looks like its working.

Meh, I have an iPhone, I got it a month or 2 ago after having various android handsets for the last 4 or 5 years. I also have a mac book air.

Because they are just far less hassle. They just work most of the time. Which in my experience is far more than an android.

Also my mac book air is way more powerful than most laptops, and I sometimes have to check to make sure its in my bag, not reposition the strap because its hurting my shoulder.

I also dislike fanbois. I don't buy apple products because they are hip and make me look cool (the hundreds of comments so far prove that is not the case right?) I bought these 2 because they do a better job than other things I've used.

I think its wrong to not give a job to someone because of their phone choice. I'd definitely have been happy to not work there anyway.

This reminds me, I'm still waiting for my 2 pairs of active 3D glasses to arrive that I got free "via redemption" with my Panasonic TV - Why didn't they just put them in the box with the damn 3D TV?

You can't bash Ruby for not handling a global service that has clocked 15k tweets in a single second. Ruby is slower than other languages, we know this. Yet we'd all still rather use it and know our systems are slightly slower.

If you were to build the same system in java/c++/c# it would be faster, hell yes. But it'd also take a LOT longer time to build and would be harder to maintain.

It's very easy to over-optimize "my app isn't as fast as it can possibly be, lets spend 3 months making it quick" but then there is probably a 95% chance you will never have enough traffic to even notice it being slow. That is a waste of resources.

and if in the happy event that your site does become so popular its straining under the load, thats GREAT. spend some of the mountains of cash you've just made rebuilding it for what you now know isn't wasted effort.

Might I point out, is exactly what Twitter have done.

This reminds me of exploits in online games when I used to write them...

In F.E.A.R MP I basically copied some code that was called when you were in a car and hit someone, it sent an event to the server like PLAYER_HIT(player_id, damage) I put the damage to 10000 and called it in a loop for everyone I could trace a ray to and hit from my current location, then run it every tick...

That had the effect of everyone who is in view of your character dying the second the come round the corner...

Maybe this is something similar? I know the anit-cheat in WoW is meant to be good but it can't be perfect and I be there must be some holes like this? Obviously FEAR was badly written in a way that let clients tell the server what had just happened, not the other way around, but there must be some?

For a start don't be bias just because its from Apple and you HATE apple fanbois.

I fucking hate iPhones, iPods, iPads, iMacs and anything else with an i on the start. All overpriced and ok, but nothing special.

I'd never have tried a mac book pro or air if my company didn't buy me one. Having said that, they are fucking amazing to work on, the operating system once you get over all the weird/pretty ui and just use it like you want, is great.

Build quality is amazing, I've now had a MBP 15" and an MBA 11" - both are the best computers I've ever had. Things never go wrong, it always just works as expected, it doesn't feel like you might break it by dropping it, we've had someone knock a bottle of water over a MBP, about 300ml from a 500ml bottle, and we turned it upside down and left it to drip out for a few minutes, wiped it off and carried on, it didn't ever crash it or shut it down..

If you want a really high spec computer, then don't spend your money on a MB but if you are realistic about your usage of said computer, I'm a developer, I don't need high power spec or graphics, i need a decent amount of ram, a dooable processor and I need it to work without any hicups. which it does fine. my MBA has 4gb of ram, which isn't great nowadays, but the systems runs smooth no matter what i do on it, no matter how many things i have open, it just works. 4gb on a windows pc just about keeps the operating system happy.

If I was to buy my own laptop, I maybe wouldn't go for a MB, they are expensive, no doubt about it. But if you get over the fact you won't get as high spec for your money, its clearly worth it.

penguin because its in there somewhere.