[Hiring] DevOps Lead and PHP Developer (Gastown)

littlemonster010 · 5 months

You should also consider cooking with Lambic, a type of fruit beer from Belgium. Something like this: http://agriculturesociety.com/green-living/easy-exotic-grassfed-pot-roast-for-the-holidays/

stoenr · 5 months

Fuck those. Belgium's least known national treasure is belegde broodjes.

whenipeeithurts · 6 months

The only reason they put the period inside the quotation marks was to protect the fragile metal type when printing.

Putting it outside makes more sense and is the norm outside of the US.

neoronin · 6 months

So, why does everyone keep using this red-yellow-blue color wheel, even though it doesn't match any color model?

Look at a solid green surface for a while. Now close your eyes: you will see purple, not red. Look at a cyan surface, you will see red, not orange. Doesn't this mean that the opposites are not what the wheel indicates?

mcnica · 6 months

Why do you need things explained to you instead of, you know, reading the papers that have been published?

mrsnakers · 6 months

Honestly though, I find it's just one of those things you need to make part of your work-flow. Never finish something and immediately send it to others. Just go do something else and then come back after 5 or 10 minutes. You will notice most of your own mistakes and save possible embarrassment with your clients and/or boss.

GrantSolar · 6 months

But what you describe isn't really an aspect of "internet marketing" or a "design choice". It's simply how culture and ideas work. An idea that doesn't get successfully transmitted from one individual to another is an idea that will go extinct. The internet is no exception in this. Culture follows the activity of the participants in it.

The internet is less designed for "mass appeal", because it actually makes so called 'long tail' phenomena viable. Before Amazon.com, book stores had to reserve their limited shelf space for popular items. But in the digital world, it is almost entirely as profitable to sell one product 1000 times, as it is to sell 1000 different products once.

The same with YouTube. Before, we only had the popular TV channels with a minimum threshold of appeal. Now, 24 hours of video are uploaded to YouTube every minute or so, most of it receiving less than 100 views over its entire lifetime.

And something else is going on: if you look at the view counts of related videos, you will find that they are correlated. But interestingly enough, the algorithm behind YouTube (adsorption) actually operates only on what people are doing. In other words, it will only recommend video B for video A, if someone else watched video B after watching video A. The recommendations you get are averaged out over the entire YouTube library and population.

But if the recommendations group together videos of equal popularity, then that means the humans do too. In other words, a set of related ideas and interests appears to occupy a pretty narrow region of the long tail and moves up or down pretty slowly.

Think about it: the internet itself has no meaningful structure to its users. You simply connect and receive an IP address. Everything else is the result of human behavior, and I think a lot more of it is hardwired into our brains than we like to admit.

(Also see: [Zipf's Law](http://en.wikipedia.org/wiki/Zipf's_law) for other long-tail phenomena that appear to be hardwired)

GrantSolar · 6 months

... who are just as annoyed by the heteronormative idolization of a very narrow set of women.

GrantSolar · 6 months

I think the more likely split is this:

Slightly attractive person posts normal picture

Internet: "We now have license to stalk you forever"

Slightly unattractive person posts normal picture

Internet: "I am offended that you dared expose your ugly and revolting presence. Everything must appeal to me! CONSUME CONSUME!"

Algiers · 6 months

"Racism" is what happens when you take certain aspects of a certain culture or subculture, and directly relate them to superficial traits like skin color or accent.

That doesn't mean that those attitudes or behaviors aren't true stereotypes within that culture. That's the whole meaning of (sub)cultures: a set of behaviors and norms that can be clearly identified to be different from another culture.

There is no difference between "valley girl" and "ghetto thug" as a stereotype. Both 'valley' and 'ghetto' imply a place, and an association with the people that live there.

mrsnakers · 6 months

... and didn't proof-read before posting on the internet.

woofwoofwoof · 6 months

Laws against libel/slander, against false advertising, against quack medicine, etc. This why e.g. Scientology changed from being an unlicensed medical practice to being a religion.

There is no absolute freedom of speech anywhere. That's just a myth created by US propagandists. In reality there is a line, and we can argue about where it should be drawn.

I'm not saying this is a case where the law needs to be adjusted though. But e.g. the fact that the US doesn't require news outlets to tell the truth is disturbing.

woofwoofwoof · 6 months

Yeah, invoking nazis is a faux-pas, but jumping onto a thread just to point out Godwin is the pinnacle of enlightened debate, isn't it?

xueye · 6 months

IP lawyers do what they can to make sure that these people are rewarded for their inventions and ideas. "Patent" lawyers protect inventions; they're the ones you want if you're a programmer or an engineer, as they'll secure your claim to your invention, and make sure you're compensated for it.

As a programmer and engineer, I give you a hearty fuck you. Your kind does nothing to ensure my kind is compensated fairly. All the money goes to lawyers and executives who couldn't execute an idea themselves if their life depended on it. Patents have fucked over the software industry over and over again and are not desired by the people who actually built it. They're only wanted by the MBA types who see themselves as indispensable and their workforce as interchangeable.

Ashley5ash · 6 months

I'm a gay male geek. The thing that annoys me the most in women is the neuroses about appearance and weight. You know how it goes... "I'm going on a cleanse!" "Watch me prepare this salad in the office kitchen while I loudly announce it!" ....... "OOOOOH CHOCOLATE CAN I HAVE SOME?"

I know it's inflicted upon you by society, but it still destroys your credibility and it's painfully obvious.

tinou · 6 months

Ok. Story time.

I feel confident in talking about this because I was a core maintainer of Drupal for 7 years, was part of its security team that polices the community, designed most of its input and output filtering infrastructure and wrote about it extensively. I have a very good understanding of which kinds of security errors PHP programmers make, and which ones are systemic and which ones aren't.

Around the same time, Rasmus Lerdorf would tour PHP conferences and talk about security. As part of this, he would demonstrate a scanning tool he'd made that would seek out common PHP security errors. Invariably, he would embarrass people in the audience by showing security errors on their high profile sites. He rightly said that if the tool got out into the wild, PHP sites everywhere would be fucked. The vast majority of these errors would be XSS-related, but it also included cookies and sneaky errors through HTTP_HOST and such.

From this perspective, it's pretty obvious that they wanted to implement something that would magically make everyone's sites secure, but wouldn't actually require them to learn anything. Hence, data integrity must go out the window. This is the same thing they tried to do with "magic quotes". The filter extension just acts as a more sophisticated version of that.

Look at this list of web security issues:

http://code.google.com/docreader/#p=doctype&s=doctype&t=ArticlesXSS

Notice how they say "How to filter user input in [output context]" and how each has different rules. Reducing the problem to just the input side teaches you to protect against the obvious 90% errors, but doesn't give you the mental tools to deal with the other 10%. That's where my beef lies.

tinou · 6 months

I'm quoting from your link, the PHP docs.

His claim was that the filter extension is something they've done a great job on. My reply is that it's really not, because it fails to provide a comprehensive solution for the output-escaping problem and instead relies on clumsy input filtering mechanisms. These mechanisms are biased towards HTML escaping (overlapping with SQL) and fail to protect against many other similar issues in other formats (such as JSON, MIME, HTTP). Despite this, the PHP code implies there is such a thing as universal string sanitization and a single set of "special chars".

I never said it was only created for XSS/SQL. Only that the part of it that is, is dumb.

duopixel · 6 months

Well... designing web sites with CSS is like designing programs by starting to write code. You'll get too bogged down in the details of what you're working on to objectively see the big picture. Instead, open up Photoshop, put in the basic content (including the body copy), and start actually designing: be creative, try out things, make variations, compare them side by side, and make sure you get an accurate idea of what the final thing will look like.

Remember that layout and typography is like a subliminal layer of communication that needs to be tailored to the content. The size and weight of elements dictate the hierarchy. The ordering and positioning of elements determines their relations. If you take any well designed site and blur it in Photoshop, you will still be able to guess what all the different pieces are. Or just think of how you can take one glance at a newspaper and know where the different articles are.

What most programmers seem to forget is that design is visual, and hence needs to be tailored to how humans perceive things. Our brains are not objective: we can be tricked by optical illusions, and our perception of contrast, color, etc is decidedly non-linear. When programmers design, they tend to rely too much on automation (e.g. for aligning) without realizing that mathematical correctness can actually look completely unbalanced.

And if you want to learn from the masters, there is one trick that I've found that is really good: take a good look at their design, and then try to replicate it yourself without looking again. At the end, the differences between what you did and what they did will be what makes theirs better.

I once did a 2 hour presentation about this topic at a conference. It went ok but it was the first time I talked about design. You may get something out of it.

erauqssidlroweht · 6 months

Except for the part where she lumps together low-power applications like wifi with high power applications like cell phones, and ignores all the other 2.4GHz devices that share the wifi spectrum.

Just because she can cite research doesn't mean her position isn't emotionally motivated.

tinou · 6 months

Touchy much?

FILTER_SANITIZE_SPECIAL_CHARS: HTML-escape '"<>& and characters with ASCII value less than 32, optionally strip or encode other special characters FILTER_SANITIZE_STRING: Strip tags, optionally strip or encode special characters.

Notice the wording of the constants: "Special characters" and "Sanitize string" when they actually mean "Make this string safe for outputting in a limited HTML context". And it's not even water tight. If someone writes <a title=$title>, then you can do an XSS injection with only a space and an equals sign (<a title=foo onclick=...>).

I had this argument in person with Rasmus Lerdorf in 2006. He kept insisting that protecting PHP programmers from themselves was more important than data integrity.

themediumisthe · 6 months

This is a serious question: other functioning democracies have had green parties in the government since the 80s. Canada got its first Green MP in 2011, and she had to move across the country to have a chance at getting elected. And now she's already on her way out because she panders too much to the kookie crystal-loving-homeopathy-left.

Starting a new party is a kiss of death in your current electoral system (Duverger's law).

What makes you people think the Pirate Party has any chance at all at effecting any sort of change?

erauqssidlroweht · 6 months

Yeah. Remember that school that had parents complaining how their kids were agitated and suffering from mystery illnesses because of the new school wi-fi? And then it was revealed they'd actually turned off the wifi for weeks while the complaints kept coming in.

Elizabeth May is pandering to the kooky, paranoid left. Shame.

indianajosh · 6 months

Yeah, but due to Chaos Theory, this applies to literally everything. It doesn't even have to be a conscious thing.

Maybe he was inspired by something he saw on the way to work, and it blossomed into a whole plot. Maybe someone bumped into him and pissed him off, which made him reject an idea that would've gotten better if they had just worked on it.

tinou · 6 months

I disagree.

The filter module's solution to XSS/SQL injection is a set of sanitizing filters. This is a dumb approach, because the problem never actually occurs on the input side. The problem occurs when you concatenate strings of differing contexts on the output side, towards the DB server or the browser.

It represents a fundamental misunderstanding of data security.

The first thing they don't seem to get is that there is no such thing as "sanitized text". If you want to cover e.g. JSON, SQL, MIME, HTTP, etc. the only allowed characters are pretty much letters and numbers. No punctuation, no whitespace, etc. and there are still tons of sequences that will show up as garbage on the other end, or worse, cause other bad software to crash.

The second thing is that if you sanitize/escape data on the input side, then you've just placed an incredible burden on your own code. It has to guarantee that whatever restrictions are in place will not be violated at any time, and you have to guarantee that there is no other way for data to get into your application but through the PHP input side.

Ultimately, it just creates a false sense of security. Proper applications instead allow you to enter anything, including script code, and simply apply water-tight escaping on the output side, unique to every output format.

UnConeD

TROPHY CASE

UnConeD

TROPHY CASE

you'll need to login or register to do that

create a new account

login