Helpdesk? You guys are like the people who have to go and fix a melting nuclear reactor. Necessary but only do it for like a year or two otherwise you get broken.
Only people I ever have a problem with are Project Managers. I have had way more bad experiences with utterly psychotic PMs than PMs who are actually good at their job. Everybody else is super cool, but I swear all of you are alcoholics. At least Sales pays for the drinks?
Ohhh that’s me right now. I work in a consultancy and I only got assigned to projects that are on fire. It’s almost 24 months without a gap between projects. Help me ಥ_ಥ
Put your foot down, establish boundaries, and take a well deserved vacation with 0 communication to work while on it. Otherwise, I would start looking somewhere else. Your health is more important.
Edit: Also, hit them a few times with your Wabbajack for me.
“For those of us who are about to die, we salute you!”
I’m hoping you’re not just an employee of that consultancy, but a contractor instead, and that you charge a good hourly rate, considering the situation you’re in.
Yup, before I went into tech I worked at an architecture firm and we had this one absolutely amazing PM from Australia who was smart, a clear communicator, and so much more on top of his shit then any other PM, and he burnt out and quit and moved back to Australia after like 2 years because they just kept throwing him into the absolute biggest messes since he was clearly the best at cleaning them up.
He’s also the one who I got drunk at an airport bar with and just repeatedly urged me to leave the company and go somewhere well run … there were pretty clear signs he wasn’t enjoying his assignments.
Is there even a remotely possible chance something like that would work? I have to drive past a ALPR that checks for insurance every day. I wouldn’t mind plastering code across my tailgate in a design that resembles a license plate.
It’s a link to a comment on this subject that says:
Ok, so to explain. This DID happen,literally 500m from my home :) the system was designed to store reg plate numbers and later turned to a speed camera. The stunt was done by a few students of the Technical University, it did bring the whole db down. They tried to revive it, but ultimately the boards have been dead for the past 5 years or so. Mind that this hack was performed around 7 or 8 years ago:) I can provide pics of the dead board now and exact coordinates too:)
And then later in the replies they do give the coordinates of the camera billboard thing they broke, and someone posts a Google Maps screenshot of the board at the coordinates they gave that just looks like a little digital billboard that’s turned off and is just black, and the OP confirms that it is the board they mentioned.
Hope that all makes sense; I’ve got a lot brain fog/stress brain and stuff and it felt like too much to screenshot lol
They tried to revive it, but ultimately the boards have been dead for the past 5 years or so.
That’s a new level of incompetence, even for the government. So, after spending all that tax-payer money, they just let the entire project die rather than have a developer spin up a new database schema, which would take anyone competent like 5 minutes? For real? And these are the people that everyone expects to fix our problems?
Worth a shot. Wouldn’t surprise me if this backwoods town is vulnerable. That being said, I’m open to anyone’s code suggestions and I’ll slap it on there. My coding abilities are limited to BASIC and just enough C to make microcontrollers work.
we’ve updated our terms of service, you’re now opted in to everything, good luck!
And
Yes, you unsubscribed from that mailing list, but before you did we went and put your name down for 575 new email lists which you have not unsubscribed from.
That first one should be punishable by flogging. Also the second one, but the first one is a very common strategy for opting you in to things you explicitly opted out of, and I’m pretty sure it’s illegal. But, since no one ever enforces the law against mega corps, they’re free to operate with impunity.
Don’t need an if, just set the variable and collect the data. Saved you a jump instruction. The compiler is going to optimize it out anyway, but simpler code is better and some people forget the -O flag.
Java: “Sorry, but the developers of Peanut didn’t declare it to implement the Crackable interface, even though it has all the relevant methods, so if you want to treat it like a nut your choices are write a wrapper class or call those methods using Reflections”
Ditto, but Rust’s traits. God those are so fun. It’s like duck typing a la Python but you can just slap whatever methods you want on a foreign type without worrying about breaking anything because they’re only visible to the current crate (or other crates that import the Trait)
Yeah. The verdict is still out on whether having a deeply surly compiler will help me focus on iterating and understanding the client’s needs.
I run Python CICD controls on main with at least the same level of prissiness (as Rust comes with), but at least Python knows how to shut up and let me prototype.
I’m currently not convinced that Rust’s opinionated design hits a useable long term sweet spot.
But I think if Rust adds a debug flag –fuck-off-i-need-to-try-something, it could genuinely become the next Python, and the world would be better for it.
Edit: And if I just missed the –fuck-off-i-need-to-try-something Rust flag, someone point me at it, and I’ll gladly give Rust another run.
Yeah. Which is how I roll with Python now, as a Python Zen master. But Python was a little charmer when I was learning it to replace my Perl scripts.
In contrast, Rust would not shut up the last time I was trying to do an unsafe local bubble sort, just to get to know it. What I got to know was that I was working with a language that was going to go out of it’s way to get in my, each time way I wanted to do something it didn’t like.
Rust was easily the worst first date with a programming language I have had in a long time, and I can code in both varieties of ‘Pikachu’.
Again, it’s just my first impression, not the last word on the language. But I have enough tools in my belt that I didn’t need to add Rust.
I’ll try that ‘unsafe’ flag next time, and we will see if it can sort my local music files by artist name without having a security fit.
Edit: Responses here have convinced me not to give Rust another shot. Reeks of the Java community. If that’s what’s happening here, the Java devs can have this one to themselves. They’ll probably fill it with XML again. I didn’t want to like Rust anyway. And everyone needs to get off my lawn.
You’re missing the point. Tools are different. Trying to learn and use rust by writing unsafe bubble sorta is pointless. Use it to actually accomplish something and you’ll find out just how amazing it is.
Using the ecosystem that exists to be productive and not have to think at all about whether what you’re doing is correct is the point. It catches the subtle errors for you and lets you use the powerful libraries like clap for command line parsing, tokio, etc.
I wasn’t being that picky, and I was using the ecosystem. Rust just has lousy compiler warnings.
I know dozens of languages, so I don’t mind risking looking dumb when I say “this tool isn’t very good yet”.
Rust’s compiler, considering what it asks for, isn’t good enough at guiding the developer toward those asks. It actively wastes the one crucial low-supply computing resource: developer time.
I could have figured it out, if I had to. But I didn’t have to. I moved on to the next interesting language to try out. It was goLang, and it had isn’t own bullshit, but it wasn’t as bad as Rust.
I’ve written in Haskell and Brainfuck. I don’t mind esoteric languages.
But Rust presents itself as a solid general purpose pragmatic development tool, which is great to strive for, but it wasn’t there yet, last time I gave it a chance.
I want Rust to succeed in replacing Python, because the world would be better off with better security defaults. But Rust had not, last I checked, attracted the necessary usability specialist contributors, to have any chance at that goal.
Edit: I no longer want Rust to replace Python. Y’all got a problem presenting yourselves, kids. It’s going to hurt your language adoption rate.
Thanks. I found and tried that, but what I really needed was a useful compiler error, which Rust did not provide.
Rust desperately needed a usability makeover, last time I tried it.
It amuses me that my fellow security gurus push Rust hard, because we sit in the same policy-pushers conferences as the usability specialists, but we don’t always learn enough from them.
Edit: The responses here are quite revealing. I’m not seeing any of my usability mentors in the Rust diehard fan mix.
None of this has convinced me to give Rust another go. Its community, did not present well here.
Sorry what? Rust has literally been known for having some of the most useful compiler warnings imaginable. It’s like, a huge selling point. Misleading warnings are far and few, and usually it’ll literally point you at the exact tokens that caused an error and gives you a solution to fix it.
Are you sure that your inability to write Rust isn’t caused by a lack of understanding of the language’s pointer/ownership/lifetime rules, or the type system? I would be inclined to believe that someone who mainly just uses Python (or any other GC’d language really, but especially extremely high-level/“low-code” dynamically-typed languages like Python/Lua/JavaScript) wouldn’t exactly be too good at those concepts, but they’re pretty important in the context of languages like Rust.
Sorry what? Rust has literally been known for having some of the most useful compiler warnings imaginable. It’s like, a huge selling point
And yet, that was not my experience.
Are you sure that your inability to write Rust isn’t caused by a lack of understanding of the language’s pointer/ownership/lifetime rules, or the type system?
I’m sure it is. I’m an old man who codes proficiently in dozens of languages.
Rust isn’t some messianic message I need to forget everything I previously learned for.
I’m happy to adapt. I let Python have it’s goddamned four spaces, even.
But Rust couldn’t be arsed, at the time, to tell me what it wanted in terms clear to someone only proficient in dozens of other languages.
So Rust can either up it’s ‘here’s what you need to know’ game, or it can continue to get off my damn lawn.
It’s possible, even hopeful, that Rust has massively improved since I gave it a test run. It would be hard for it have gotten worse, frankly.
Your tone, here, comes across like the folks who denied that Java had a serious community culture problem while the rest of us quietly moved on to Python.
If you’re confident it’s better now, you can simply say, “I think it’s a lot better now, you might like it.”
That flag exists, it’s called unsafe for if you need to tell the borrow checker to trust you or unwrap if you don’t want to deal with handling errors on most ADTs.
You can always cast anything to an unmanaged pointer type and use it in unsafe code.
That’s misinformation. There’s no overestimation. The problem is so bad that even the US government advocates the use of memory safe languages (including GC languages).
I have used C and C++. You need laser sharp focus to avoid memory safety errors even after you learn what causes them and how to avoid them. It’s significantly easier to write programs in Rust because any lapse in care to avoid memory safety bugs are caught by the compiler.
What I mean is that even if you use GC languages like Java or Go you will still encounter annoying bugs. I’m not saying that memory safety isn’t important.
You said bugs caused by ‘memory problems’. And that Rust programmers vastly overestimate them. Those aren’t generic logical bugs that you get in Go or Java. And Rust never claimed to solve logical bugs.
I’m sorry to hear that. I think at one point in my past, about half my job was tracking down nil dereference errors in Ruby. And probably a quarter was writing tests for things a good type system would catch at compile time.
And I’m sorry to hear about that Ruby experience. I authored one of the Ruby stdlibs, and similar issues with the language, and the inevitable encroachment of Rails into every project, eventually drove me away from it.
I was, however, excluding interpreted languages from my comparison. Dynamically typed languages are a different matter and can’t hope to be any kind of safe - but that’s not the game where they excel.
Sure. I haven’t seen a proper segfault from any modern, post-C/C++ language in ages. I’ve never seen a Go program segfault, or a Nim one (although, there are comparatively few of those as a sample size).
So, it seems to me that - purely from the perspective of a user of programs - Rust still seems about as safe as any other modern language - since I’ve seen no other modern (say, created in the past decade) compiled language segfault. Even the C segfaults seem to be largely becoming rare occurrences, which I have to chalk up to better tooling, because I highly doubt that there’s been some magical increase in general C programmer quality in the intervening years.
Yes, the problems rust is solving are already solved under different constraints. This is not a spicy take.
The world isn’t clamoring to turn a go app into rust specifically for the memory safety they both enjoy.
Systems applications are still almost exclusively written in C & C++, and they absolutely do run into memory bugs. All the time. I work with C almost exclusively for my day job (with shell and rust interspersed), and while tried and tested C programs have far fewer memory bugs than when they were first made, that means the bugs you do find are by their nature more painful to diagnose. Eliminating a whole class of problems in-language is absolutely worth the hype.
Everything is slower than C (I haven’t seen a benchmark yet where a language bests C; even hand-crafted ASM ceded the high ground decades ago when compilers got better than human assembly programmers), but then, C compiler technology has had literally 40+ years to mature.
Go and Java (once warm) do pretty well, but absolutely give up execution speed for coding simplicity and (in Go’s case, anyway) speed. Nim is young; I’m curious to see how it matures. They’re having a bit of a performance crisis at the moment, but assuming they get past that it seems like a fair middle ground between Go’s simplicity and Rust’s bare-metal performance. Then again, manual memory management was absolutely my least favorite thing about C and is what eventually drove me away; worst. Boilerplate. Ever. Even worse than Go’s error handling (which they almost fixed and looks like will be addressed within the next free releases). Anyhoo, going back to that shit is going to be a hard pill to swallow.
Rust is still having its honeymoon, and is the hip language of the decade now. We’ll see!
Arguably when LLVM gets a bit better, Rust can be even faster than C because rust can be optimised in more places safely than C code can. The issue is that LLVM wasn’t written with that in mind, so some performance is left on the table.
I don’t know if you’re talking about panics and abort or about crashes caused by memory safety errors. The latter class is very unlikely in safe rust, other than as rare compiler bugs. Panics and aborts are your call. You can easily write code that doesn’t panic or abort.
As a user. I don’t write Rust, but lots of programs I use do and, as I said, they seem to crash about as much as any other compiled language tools I use are written in. I almost never seesegfaults; I can’t say I’ve ever seen one in a Go program, and I use a bunch on those.
If we’re only talking about segfaults, the only language I can remember seeing doing that has been C, or C++. If not doing segfaults is what makes a language “safe,” then it seems to me most modern languages are as safe as Rust. If we include crashes, then as I said, I see Rust programs crashing about as much as any other proglang.
This is definitely into the territory of misinformation.
I don’t write Rust, but lots of programs I use do and, as I said, they seem to crash about as much as any other compiled language tools I use are written in
I already addressed this before. Regular crashes are almost always (I can’t remember any exceptions) due to panics or aborts chosen by the user - especially due to unwraps. Using that to equate Rust programs’ stability to ‘any other compiled language tools I use are written in’ is very disingenuous - because it’s just as easy to handle those errors and prevent a crash at all.
If not doing segfaults is what makes a language “safe,” then it seems to me most modern languages are as safe as Rust
You are unnecessarily conflating issues here. ‘Most modern languages’ are not a replacement for what C, C++ and Rust can do. Go most famously had to retract their ‘systems programming language’ tag, for example. If a GC language meets your requirements - then by all means, use it. But it’s not without reason that many companies have rewritten even their web backends in Rust. Memory safety without GC is a very big feature that a lot of professionals care about. It’s not something to dismiss as trivial.
And while at it, you neglecting what segfaults represent. It’s just a benign example of memory safety bug. It’s benign because it gets caught causes the program to crash. There are a whole lot of them that causes the program to continue running - causing serious vulnerabilities. This is why even the US government and agencies recommend memory safety languages and especially Rust if performance and other limitations matter.
If we include crashes, then as I said, I see Rust programs crashing about as much as any other proglang.
I really don’t want to repeat the reason twice in a single comment and 3 times including in my previous comment. But the only way you are going to make Rust crash as much as ‘any other prolang’ is to neglect idiomatic Rust. That isn’t surprising because crashing anything is possible if that’s your intention.
I think you’re missing the point where I said I don’t write Rust. I’m merely making an observation - as a user who’s more than usual, probably, aware of which language any given tool is written in, of what I observe.
I know I’ve seen a Rust program segfault, and I’m certain that I saw this only once. I’m equally confident that almost every other segfault has been from C/C++ code, but not other languages.
What I’m hearing you say is that crashes aren’t a risk, per se, as long as they aren’t memory related and so the crashes I see from Rust programs don’t count because they aren’t segmentation faults. Did I read that right? And I also hear you claiming that, e.g., NPEs are security issues, even if the runtime catches them and safely exits the program in a controlled manner (“crashing out” safely) - is that right?
So you can’t get a Rust program to segfault without trying really hard. I haven’t observed a single segfault in the normal Rust code I wrote in the past 8 years.
The code used in cve-rs is not that complicated, and it’s not out of the realm of possibility that somebody would use lifetimes like this if they had just enough knowledge to be dangerous.
I’m as much a rust evangelist as the next guy, but part of having excellent guard rails is loudly pointing out subtle breakages that can cause hard to diagnose issues.
No, I’m saying that when people run into strange bugs, sometimes they put together an issue (like the person behind cve-rs), and sometimes they quietly work around it because they’re busy.
Seeing as I don’t often trawl through issues on the language git, neither really involve notifying me specifically.
My lack of an anecdote does not equate to anecdotal evidence of no issue, just that I haven’t met every rust developer.
Have you really used Rust or are you spreading FUD? I have not managed to cause even a single segfault in my 8 years of writing Rust code. Nor have I heard anyone else complaining about it, other than deliberately as proof of concept.
Why are you getting downwoted man, getting segfaults in safe rust is on compiler not us. When you segfault in C and such it’s almost always your fault, if you manage to do that in rust it’s a bug in compiler.
Because the rust crowd spent a lot of time learning rust, and they’ll be damned if it isn’t the literal savior catch all silver bullet solution to programming.
programmer_humor
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.