wkk @ wkk @lemmy.world

Posts

0

Comments

73

Joined

2 yr. ago

It's definitely not Rust's fault, but it's kinda Windows' one and cmd.exe escape logic... It's really difficult to write logic that will correctly escape any argument given to it, cmd.exe really is a pain to deal with :/

The Rust security team faced a significant challenge when dealing with cmd.exe's complexity since they couldn't find a solution that would correctly escape arguments in all cases.

As a result, they had to improve the robustness of the escaping code and modify the Command API. If the Command API cannot safely escape an argument while spawning the process, it returns an InvalidInput error.

"If you implement the escaping yourself or only handle trusted inputs, on Windows you can also use the CommandExt::raw_arg method to bypass the standard library's escaping logic," the Rust Security Response WG added.

I get that in situations where they can't safely escape a parameter they'll just stop with an error, which sound as sane as one could go with this!

It's like piercings that healed except the hole is in the hands? I want to believe he did something so that they didn't have to mutilate his hands every 35 times they did this... But at the same time the face he makes when they remove the nails is not reassuring me :/

Windows was made this way by humans, spare the machines!

https://www.khanacademy.org/computing/computers-and-internet/xcae6f4a7ff015e7d:the-internet/xcae6f4a7ff015e7d:routing-with-redundancy/a/internet-routing

I wouldn't call that "messy and inefficient" but you do you. I'd be curious to know what's a "clean and efficient" solution for you when it comes to routing packets around the planet :)

It's like you're sucking the fun out of us... Wait a minute

Ever heard of CREDIT? /s

Long COVID Seems to Be a Brain Injury, Scientists Discover

Bad title maybe

Il ne faut pas avoir peur !

By "the most exposure to writing code the better" I might have meant to expose people to as many paradigms and patterns as possible and them have dealt with it. i.e. Writing a (shitty) eventloop is what really made it stick for me with async/callback-based programming.

I'm not a good comment writer so here's some text:

Not a teacher, but Python is great to discover various aspects of programming (algorithmic, flow control, I/O, OOP, metaprogramming). It's also easy to setup.

Java is just painful. The environment setup and the various frameworks available there are just way too overwhelming.

JS is actually close to Python in my opinion, and better suited for getting introduced to functional programming while still using a non-functional language. See anonymous functions/arrow functions. APIs are heavily callback-oriented which is also a great thing to get used to: You can register a bit of computation (a function) to be executed some other time, i.e. when something happens. You are not in control of the execution of that function, someone else is and will call you back. This is something important to learn (imo).

Finding the optimum algorithm is not important in the beginning (imo). When writing code there's often two pretty different activities that happen:

1. Defining and organizing your abstractions and flow.
2. Identify bottlenecks and search for fast enough/memory efficient solutions.

In most real world scenarios, having good program flow and abstractions will be enough. Not everyone works on real-time terabyte-sized data processing. See gamemaking: it's a very performance sensitive domain yet frameworks allow anyone to make a decent game. Why? Because for most problems, someone already wrote a library that's fast enough. You just need to wire things properly together.

Teaching something lower-level like C/C++ is great, but you need to spend time deconstructing all the goodies people got used too when dealing with other languages. i.e. Why you can't create an array with different types/structs inside anymore (not without pointers).

And then just get them to practice writing different bits of software with increasing complexity, over the year(s). The most exposure to writing code the better. Trial and error is how anything is learned, and while you might try to warn your students about common pitfalls it might only really click once they'll make the mistake. Push them in situations where they'll make mistakes.

The most important mindset to have (imo) is to constantly challenge yourself and your work: find ways to break your own stuff. Maybe you'll miss cases but the better you get at anticipating breakage, the better you'll get at writing robust software.

The second most important thing is to seek to understand every line of code you write and as many implications as possible. A program is supposed to be deterministic, there's very few surprises to be had when dealing with code (there are some though). What I mean by that is: if someone reports a bug, it can often be enough to read the code with the unexpected result in mind and work your way back to the places that allowed for this bug to occur, just by reading statically.

Lastly one thing that was motivating for me when learning programming was when our programs would run against one another. Competition fosters innovation.

I hope these pieces of opinion help with anything...

You're right that this is not generating monetary gains

But it's generating outrage towards Google when what you accuse them of doing isn't the reality, that's pretty disingenuous

Not defending Google as a whole, but let's keep honest about the current developments

The day sponsored trips are the default is the day I'm dropping Maps

Please change "added a sponsored detour" to "proposed a sponsored detour" and it won't be as misleading anymore

It's important to look at the dockerhub page to see the available tags (I usually prefer smaller images like alpine)

The usage docs for the docker image should be in the dockerhub readme.

But the first result to the query docker redis image should be the dockerhub entry, followed maybe by blog posts and tutorials.

Otherwise you can query something like redis doc or redis docker tutorial.

With such a query the first expected result would be https://hub.docker.com/_/redis, and then blog posts if really that's what you want.

On my device I cannot find a link to dockerhub at all with the same query.

You may not be a developer, but the first expected result with that query would be a link to https://hub.docker.com/_/redis

Google is really bad at this for some reason and will point you to blogs that as a dev I don't care in the slightest. Hell, using the same query I cannot find a single link to dockerhub on my device, it's extremely frustrating

Weapon balance is completely broken, depending on what you use you'll go from losing every 1v1 to winning them all: BAS-B is the current broken battle rifle.

Then you have people learning maps by heart and prefiring corners, maybe they heard you, maybe there was a UAV, don't overthink it.

You're completely right that people turned a blind eye to what the Nazis were doing for as long as they could. But once shit hit the fan the Holocaust was no null part of why people kept fighting while protecting the jewish people that were unfortunate enough to live in their region. The main goal was liberating themselves from the occupation, but what the Nazis were trying to do just made it so much more important to gain control back from these monsters.

Having a european perspective on the way this part of history is told I took the following phases away:

• Allied nations tried their best to avoid confrontation.
• Nazis attacked and WW2 began.
• The Allied lost more and more territory.
• Inside these occupied territories people did the following things:
  • Fight to liberate themselves.
  • Otherwise fight undercover to hide and protect jewish people living in their region.

So while the main reason was to gain sovereignty back, the Holocaust heavily contributed to people fighting back at all costs. Witnessing such atrocities marked europeans really hard, and teachings of this story try to emphasis the scale of the horrors that the Nazis were inflicting to occupied places. It's documented, witnesses are still somewhat around to tell what they've seen and if not their testimony was properly shared with later generations.

All that to say that while WW2 was fought over protecting sovereignty, it became more than that once people ended up as the first witnesses of the ongoing genocide.

Now I have to say that I have no idea what's a north-american perspective on that matter.

Dad?