What part of software development do you wish was "fixed"?
-
so many things. a final end to source dependency hell. a big undo button that lets me unhose my dev machine after I destroyed it. a shiny object I can distract clients with when I won't have the deliverable they want, when they want it. :-D
Real programmers use butterflies
honey the codewitch wrote:
a shiny object
You mean a knife?
"The only place where Success comes before Work is in the dictionary." Vidal Sassoon, 1928 - 2012
-
Let's say you had a genie in a bottle that could make your daily developer life slightly better. What would it be? I think about this a regularly and it's not necessarily things like "A better IDE" or "a faster computer". Often it's things like - A TODO list that thinks like I do - A means of managing source code reviews simply - A set of templates that actually work - Something that will scan my setup & tool/component versions and fix it all up (Python, for example, is a nightmare) - Something that will actually help solve those Nuget / .NET DLL reference issues - A way to emergency fix my code using my phone (hey - sometimes I break things properly and I'm not near a computer when the screaming starts) - Something that warns me when a package I'm including (pip, npm, Nuget) has an issue (security, use of a bad library, deprecated soon etc) without needing to do anything (I want a popup notification) I could go on, but I'd love to hear your wish lists.
cheers Chris Maunder
Dunno, but for the last point you might be interested in: devops-security-tools[^] :-\
-
Chris Maunder wrote:
A way to emergency fix my code using my phone (hey - sometimes I break things properly and I'm not near a computer when the screaming starts)
Not on my wishlist - I have an answer. An ssh client (I use JuiceSSH on Android) and an ssh-aware editor (DroidEdit). Using the on-screen keyboard is a pita, but it's surprisingly usable with a small bluetooth keyboard. Oh, and nail down your ssh servers tight. No userid/password logon, decent ECDSA or long RSA keys. Cheers, Peter
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
You might want to also update your prime moduli. Most of the operating system vendors are giving everyone the same exact list of primes. Anyone can precompute group G used in the Diffie–Hellman key exchange and save the tables to disk. It actually requires lots of storage... but you can also estimate how much storage space and cpu time is required for the calculation. Today (2021) it would require less than 20 million dollars of hardware to do this for some of the algorithms/primes used in the 1990's. On the Linux/BSD family of operating systems you would want to also remove all primes less than 2048 bits from /etc/ssh/moduli On Windows 10 the designated location is at C:\ProgramData\ssh\moduli awk '$5 > 4095' /etc/ssh/moduli > /etc/ssh/moduli.better Someone is probably going to read this and make a comment about the computational difficultly. But you only need to attack a single known prime (like the list of default primes) and it becomes probabilistic whether or not your future SSH connections have a group G precomputation within the table. I don't need to calculate all of the space... I just need to get lucky that your connection parameters fall within the precalculated space. It would become even easier if I can control your PRNG. Have a look at RFC 2409 section 6[^] from the late 1990's. It's hard to believe that everyone fell for the Oakley primes specified in the standard. It really reveals how very few people understood crypto back in those days. Best Wishes, -David Delaune
-
Let's say you had a genie in a bottle that could make your daily developer life slightly better. What would it be? I think about this a regularly and it's not necessarily things like "A better IDE" or "a faster computer". Often it's things like - A TODO list that thinks like I do - A means of managing source code reviews simply - A set of templates that actually work - Something that will scan my setup & tool/component versions and fix it all up (Python, for example, is a nightmare) - Something that will actually help solve those Nuget / .NET DLL reference issues - A way to emergency fix my code using my phone (hey - sometimes I break things properly and I'm not near a computer when the screaming starts) - Something that warns me when a package I'm including (pip, npm, Nuget) has an issue (security, use of a bad library, deprecated soon etc) without needing to do anything (I want a popup notification) I could go on, but I'd love to hear your wish lists.
cheers Chris Maunder
The [super chicken](https://www.ted.com/talks/margaret\_heffernan\_forget\_the\_pecking\_order\_at\_work?language=en) problem.
To alcohol! The cause of, and solution to, all of life's problems - Homer Simpson ---- Our heads are round so our thoughts can change direction - Francis Picabia
-
You might want to also update your prime moduli. Most of the operating system vendors are giving everyone the same exact list of primes. Anyone can precompute group G used in the Diffie–Hellman key exchange and save the tables to disk. It actually requires lots of storage... but you can also estimate how much storage space and cpu time is required for the calculation. Today (2021) it would require less than 20 million dollars of hardware to do this for some of the algorithms/primes used in the 1990's. On the Linux/BSD family of operating systems you would want to also remove all primes less than 2048 bits from /etc/ssh/moduli On Windows 10 the designated location is at C:\ProgramData\ssh\moduli awk '$5 > 4095' /etc/ssh/moduli > /etc/ssh/moduli.better Someone is probably going to read this and make a comment about the computational difficultly. But you only need to attack a single known prime (like the list of default primes) and it becomes probabilistic whether or not your future SSH connections have a group G precomputation within the table. I don't need to calculate all of the space... I just need to get lucky that your connection parameters fall within the precalculated space. It would become even easier if I can control your PRNG. Have a look at RFC 2409 section 6[^] from the late 1990's. It's hard to believe that everyone fell for the Oakley primes specified in the standard. It really reveals how very few people understood crypto back in those days. Best Wishes, -David Delaune
I'd be flattered if someone threw $20E6 at cracking my miserable little server! ;P
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
-
Let's say you had a genie in a bottle that could make your daily developer life slightly better. What would it be? I think about this a regularly and it's not necessarily things like "A better IDE" or "a faster computer". Often it's things like - A TODO list that thinks like I do - A means of managing source code reviews simply - A set of templates that actually work - Something that will scan my setup & tool/component versions and fix it all up (Python, for example, is a nightmare) - Something that will actually help solve those Nuget / .NET DLL reference issues - A way to emergency fix my code using my phone (hey - sometimes I break things properly and I'm not near a computer when the screaming starts) - Something that warns me when a package I'm including (pip, npm, Nuget) has an issue (security, use of a bad library, deprecated soon etc) without needing to do anything (I want a popup notification) I could go on, but I'd love to hear your wish lists.
cheers Chris Maunder
I'd like to see software development best practice being informed by science instead of the opinions of influential groups and individuals.
-
I'd be flattered if someone threw $20E6 at cracking my miserable little server! ;P
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
-
Let's say you had a genie in a bottle that could make your daily developer life slightly better. What would it be? I think about this a regularly and it's not necessarily things like "A better IDE" or "a faster computer". Often it's things like - A TODO list that thinks like I do - A means of managing source code reviews simply - A set of templates that actually work - Something that will scan my setup & tool/component versions and fix it all up (Python, for example, is a nightmare) - Something that will actually help solve those Nuget / .NET DLL reference issues - A way to emergency fix my code using my phone (hey - sometimes I break things properly and I'm not near a computer when the screaming starts) - Something that warns me when a package I'm including (pip, npm, Nuget) has an issue (security, use of a bad library, deprecated soon etc) without needing to do anything (I want a popup notification) I could go on, but I'd love to hear your wish lists.
cheers Chris Maunder
Dev life MOSTLY depends from IDE. Your items can be useful in a narrow applications, but in general you sit in IDE. Me personally use Visual Studio and even after 20 years of "improvements" it still suxx in many features. Intellisense still on the level of 80es. Code organization still primitive. Navigation suxx. A LOT of problems, but M$ doesn't care - they play with ugly Git and teams features. Teams? On Personal Computer? They definitely loose main point of personal tool.
-
Dev life MOSTLY depends from IDE. Your items can be useful in a narrow applications, but in general you sit in IDE. Me personally use Visual Studio and even after 20 years of "improvements" it still suxx in many features. Intellisense still on the level of 80es. Code organization still primitive. Navigation suxx. A LOT of problems, but M$ doesn't care - they play with ugly Git and teams features. Teams? On Personal Computer? They definitely loose main point of personal tool.
Thornik wrote:
Dev life MOSTLY depends from IDE.
At the lower levels, yes. By the time you are expected to write specifications, high- and low-level designs, perform mentoring, etc., your major tools are Word and PowerPoint.
Thornik wrote:
Me personally use Visual Studio and even after 20 years of "improvements" it still suxx in many features.
Agreed. But it's still better than much of the competition.
Thornik wrote:
they play with ugly Git and teams features. Teams? On Personal Computer? They definitely loose main point of personal tool.
Most professional programmers work in teams, and need to integrate their code with others'. Having an IDE that helps with this is a plus. That is not to say that they couldn't do it better...
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows. -- 6079 Smith W.
-
You might want to also update your prime moduli. Most of the operating system vendors are giving everyone the same exact list of primes. Anyone can precompute group G used in the Diffie–Hellman key exchange and save the tables to disk. It actually requires lots of storage... but you can also estimate how much storage space and cpu time is required for the calculation. Today (2021) it would require less than 20 million dollars of hardware to do this for some of the algorithms/primes used in the 1990's. On the Linux/BSD family of operating systems you would want to also remove all primes less than 2048 bits from /etc/ssh/moduli On Windows 10 the designated location is at C:\ProgramData\ssh\moduli awk '$5 > 4095' /etc/ssh/moduli > /etc/ssh/moduli.better Someone is probably going to read this and make a comment about the computational difficultly. But you only need to attack a single known prime (like the list of default primes) and it becomes probabilistic whether or not your future SSH connections have a group G precomputation within the table. I don't need to calculate all of the space... I just need to get lucky that your connection parameters fall within the precalculated space. It would become even easier if I can control your PRNG. Have a look at RFC 2409 section 6[^] from the late 1990's. It's hard to believe that everyone fell for the Oakley primes specified in the standard. It really reveals how very few people understood crypto back in those days. Best Wishes, -David Delaune
With the exception of our holiday snapshots, everything on my home server can be purchased online for a small fraction of US$20,000,000. I have no IP that requires protection. Even if someone breaks in just in order to destroy the server, I have copies of everything offline. Other than the time to restore everything, I'd lose nothing. So why bother?
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows. -- 6079 Smith W.
-
Well, you seemingly have a gun and ammo. :laugh:
Robust Services Core | Software Techniques for Lemmings | Articles
The fox knows many things, but the hedgehog knows one big thing.Greg Utas wrote:
Well, you seemingly have a gun an armoury and ammo.
JSOP's a Texan... :D
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows. -- 6079 Smith W.
-
With the exception of our holiday snapshots, everything on my home server can be purchased online for a small fraction of US$20,000,000. I have no IP that requires protection. Even if someone breaks in just in order to destroy the server, I have copies of everything offline. Other than the time to restore everything, I'd lose nothing. So why bother?
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows. -- 6079 Smith W.
-
Let's say you had a genie in a bottle that could make your daily developer life slightly better. What would it be? I think about this a regularly and it's not necessarily things like "A better IDE" or "a faster computer". Often it's things like - A TODO list that thinks like I do - A means of managing source code reviews simply - A set of templates that actually work - Something that will scan my setup & tool/component versions and fix it all up (Python, for example, is a nightmare) - Something that will actually help solve those Nuget / .NET DLL reference issues - A way to emergency fix my code using my phone (hey - sometimes I break things properly and I'm not near a computer when the screaming starts) - Something that warns me when a package I'm including (pip, npm, Nuget) has an issue (security, use of a bad library, deprecated soon etc) without needing to do anything (I want a popup notification) I could go on, but I'd love to hear your wish lists.
cheers Chris Maunder
Ask me again in a few weeks! Whatever is broken in the technical ecosystem I’m using at the time will come to mind first. Right now, I’m doing a lot of JavaScript. The language itself is bad enough, but when you look at the big picture, it’s a disaster. * Issues in the language itself are well-known. You may not agree with all the criticisms of the language, but you have to agree with some. * The dev environment is something out of the movie Brazil: a curious mix of technologies and practices that seem intended mostly to annoy everyone involved and can only have evolved because no sane person would ever design it this way. * The lack of a standard library leads to NPM and frameworks that change every six minutes and it’s a cesspool. I’d go on, but focusing on this is starting my day off the wrong way!
-
Let's say you had a genie in a bottle that could make your daily developer life slightly better. What would it be? I think about this a regularly and it's not necessarily things like "A better IDE" or "a faster computer". Often it's things like - A TODO list that thinks like I do - A means of managing source code reviews simply - A set of templates that actually work - Something that will scan my setup & tool/component versions and fix it all up (Python, for example, is a nightmare) - Something that will actually help solve those Nuget / .NET DLL reference issues - A way to emergency fix my code using my phone (hey - sometimes I break things properly and I'm not near a computer when the screaming starts) - Something that warns me when a package I'm including (pip, npm, Nuget) has an issue (security, use of a bad library, deprecated soon etc) without needing to do anything (I want a popup notification) I could go on, but I'd love to hear your wish lists.
cheers Chris Maunder
oh totally the part where we have only loser coders (or pretending/being forced to be losers) nowadays, that only can use those horrible non languages that are object oriented based... with focus only on stupid capitalism, and totally lack of quality or compatibility.... instead of the beauty and freedom that regular C is... with the simplicity of a simple build system... ofcourse one IDE that would allow to compile as you type, causing modules to become obsolete, and that can understand what you do with some minor form of AI, so that it can suggest the next piece of code for you to code even on the phone (if it was possible to code for phones without all that java/OOP garbage) touch would be nice... i wanted to do that if i had a team... and that is very lightweight (totally not the MSVC monstruosity) ... but this IDE part is optional, but as a wish that would be very nice....
-
Let's say you had a genie in a bottle that could make your daily developer life slightly better. What would it be? I think about this a regularly and it's not necessarily things like "A better IDE" or "a faster computer". Often it's things like - A TODO list that thinks like I do - A means of managing source code reviews simply - A set of templates that actually work - Something that will scan my setup & tool/component versions and fix it all up (Python, for example, is a nightmare) - Something that will actually help solve those Nuget / .NET DLL reference issues - A way to emergency fix my code using my phone (hey - sometimes I break things properly and I'm not near a computer when the screaming starts) - Something that warns me when a package I'm including (pip, npm, Nuget) has an issue (security, use of a bad library, deprecated soon etc) without needing to do anything (I want a popup notification) I could go on, but I'd love to hear your wish lists.
cheers Chris Maunder
Users
veni bibi saltavi
-
so many things. a final end to source dependency hell. a big undo button that lets me unhose my dev machine after I destroyed it. a shiny object I can distract clients with when I won't have the deliverable they want, when they want it. :-D
Real programmers use butterflies
honey the codewitch wrote:
a final end to source dependency hell.
OH PLEASE YES !!! THIS THIS THIS.
I'd rather be phishing!
-
You might want to also update your prime moduli. Most of the operating system vendors are giving everyone the same exact list of primes. Anyone can precompute group G used in the Diffie–Hellman key exchange and save the tables to disk. It actually requires lots of storage... but you can also estimate how much storage space and cpu time is required for the calculation. Today (2021) it would require less than 20 million dollars of hardware to do this for some of the algorithms/primes used in the 1990's. On the Linux/BSD family of operating systems you would want to also remove all primes less than 2048 bits from /etc/ssh/moduli On Windows 10 the designated location is at C:\ProgramData\ssh\moduli awk '$5 > 4095' /etc/ssh/moduli > /etc/ssh/moduli.better Someone is probably going to read this and make a comment about the computational difficultly. But you only need to attack a single known prime (like the list of default primes) and it becomes probabilistic whether or not your future SSH connections have a group G precomputation within the table. I don't need to calculate all of the space... I just need to get lucky that your connection parameters fall within the precalculated space. It would become even easier if I can control your PRNG. Have a look at RFC 2409 section 6[^] from the late 1990's. It's hard to believe that everyone fell for the Oakley primes specified in the standard. It really reveals how very few people understood crypto back in those days. Best Wishes, -David Delaune
Ooh, I didn't know I had primes :) Must look them up.:thumbsup:
-
Let's say you had a genie in a bottle that could make your daily developer life slightly better. What would it be? I think about this a regularly and it's not necessarily things like "A better IDE" or "a faster computer". Often it's things like - A TODO list that thinks like I do - A means of managing source code reviews simply - A set of templates that actually work - Something that will scan my setup & tool/component versions and fix it all up (Python, for example, is a nightmare) - Something that will actually help solve those Nuget / .NET DLL reference issues - A way to emergency fix my code using my phone (hey - sometimes I break things properly and I'm not near a computer when the screaming starts) - Something that warns me when a package I'm including (pip, npm, Nuget) has an issue (security, use of a bad library, deprecated soon etc) without needing to do anything (I want a popup notification) I could go on, but I'd love to hear your wish lists.
cheers Chris Maunder
Were it not for Nagy V, I'd be risking broaching this subject - which was surprisingly absent. In part, however, it's because I'm so well isolated from management and my only real "customer" is someone who actually needs what they ask for and knows how to ask for it. But the star fixes would be in the following categories:
- Mandatory Intelligence test for users before they can use applications
- Mandatory Intelligence test for managers, cyber-security, and others before they make comments/suggestions
- Painful consequences for those who have me create and refine a project and then never use it
- Renewal of my 007ish license to enforce the above
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
-
Were it not for Nagy V, I'd be risking broaching this subject - which was surprisingly absent. In part, however, it's because I'm so well isolated from management and my only real "customer" is someone who actually needs what they ask for and knows how to ask for it. But the star fixes would be in the following categories:
- Mandatory Intelligence test for users before they can use applications
- Mandatory Intelligence test for managers, cyber-security, and others before they make comments/suggestions
- Painful consequences for those who have me create and refine a project and then never use it
- Renewal of my 007ish license to enforce the above
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
Maybe it's Users and Coders understanding each other a tad more (and managers getting out of the way) ;) .
-
Maybe it's Users and Coders understanding each other a tad more (and managers getting out of the way) ;) .
I'm afraid that ship has sailed. The penultimate example:
Screen: "Press ANY Key to continue"
User: "I can't find the ANY key""The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
