Category Archives: Computers and Internet

Posts on computer science and the web, rants about OS:es, Window Managers, Platforms for almost publishing content on the web, and the like.

Miserable excuse for a User Interface

Simple test:

If you double click something in the user interface, the interface redraws and rearranges controls at the exact same moment causing your double click to end up on something else, then you know you’re dealing with a miserable excuse for a user interface… (Apple? Microsoft? If you’re interested… No? Why am I not surprised?)

My first (and last?) attempt at security programming

My first, and probably last, attempt at security programming was back in the 80ies, on a Spectravideo. I remember spending some hours on the program, and I had an if-clause to check for a password, and if the password was wrong, obviously the program needed to be protected… so I deleted it from memory…

Some BASIC along the line of:

1820 IF password <> "******" THEN NEW

…of course, after some hours of programming I’d forgotten the password… and forgotten that I didn’t knew it so I typed in the wrong one and off my program went…

…did I save it to cassette before I tested it. Nope. Did I learn the cassette equivalent of the “ctrl-s”-reflex. Yup!

Does this in any way resemble modern security programming? In my experience? It is as if nothing has happened since the 80ies. In fact, I’m fairly certain there are systems out there that will format c: if you fail to type in the right password too many times.

Or like moron Azure DevOps. What happens if you try to view a page you don’t have access to? Yup, you get a 404 error (as in page does not exist, not a 403=you don’t have access). They’re even helpful enough to tell you so. You know, so no one will know that the page do in fact exist. If they don’t have access. How many people spend how many hours bug hunting that one? Do we bill Microsoft? Ah, no, they’re billing us, right…

format azuredevops:

It seems that if it’s about security and doing the wrong thing makes something explode and burn, some security manager somewhere will have mental, or not so mental, orgasms… But I guess usable security systems will be hacked because the users will be too comfortable using them… right…?

Header image by MKFI – Own work, Public Domain, Link

A Go Fuck yourself User Fucker Function

“…and the customer support section has a… quote-unquote user contact function… or as we like to call it in the business: a go fuck yourself user fucker function. Needless to say, you will not be disturbed by your customers…”
“Good, we have neither the time nor the personnel for that shit! They should just buy the products and be happy… and have no problems!”

Programming Course from hell

Today we visit a fictional “Java Programming 101” course where both the pupils and the teacher are from hell…

Why is it called “class”? Is there some kind of hidden political meaning here?

It’s a public class so, don’t worry…

But, I can still change it, so it’s not really final in the first place… it should be called “kind of final”… but that won’t compile…

Oh, it really is final, but when you change it the universe splits in two. In one universe the code is still final and unchanged and in the other the code is final and changed. In one of the universes a cat will also die, so please try not to change final code too often…

What if I wanted to use “what if” instead of “if”? Then I get compilation errors… What if I want it to work?

What if you learned to program and programmed a compiler where “what if” didn’t cause a compilation error?

How do I change a volatile variable? I don’t want shit to go crazy or anything!

If you encapsulate the modification operations, you’re safe…

I do not want to use static. It’s a huge mistake. You’ll probably miss business opportunities and go bankrupt in a year. Static is the first step to death!

Not to worry! If you only use “static” in agile programming it’ll sort itself out.

Since my programming problem is far from superficial I need to use something far less flimsy than “floats”, and I am fairly certain “double”-ing down is not the right way to go!

This problem needs byte arrays and bitwise operators.

If “void” truly was a void, would there even be a word for it?

The true void is such a vast and complex mystery a simple human mind can never comprehend its full meaning and our only hope lies in the application of simplistic symbols.

This is insane! I try to catch using grep but once I’ve serialized the exceptions I don’t know how to find the regex from the catch clause!

Have you tried to decompile the class-file first?

Shouldn’t you install the plumbing before you open any streams? I don’t want a total mess…

Streams have pipes and terminators to help with that…

Come on, you’ve seen Windows! You already know there’s no logic to this!

What if my transient variable decides to move to another class?

Just make it private and it’ll stay private…

I looked through the code of the jre last night and I’ve deduced that synchronized methods aren’t synchronized at all! They should be called unsynchronized!

You should look into reprogramming the jre to make them truly synchronized…

Header image: By PIXNIO