As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/

YA[Programming]T :: Interview? That's an MVC thing, right?

24567100

Posts

  • EndEnd Registered User regular
    edited May 2012
    so much rubbish gets stored in Documents

    my code ends up in %USERPROFILE%\code
    and then I have %USERPROFILE%\dump where I put other stuff that might have ended up in Documents if there wasn't like a hundred folders in there already.

    End on
    I wish that someway, somehow, that I could save every one of us
    zaleiria-by-lexxy-sig.jpg
  • Monkey Ball WarriorMonkey Ball Warrior A collection of mediocre hats Seattle, WARegistered User regular
    I guess my main problem with UAC is that windows is fundamentally insecure and UAC does not and can not fix that, so I don't see the point in even the mild inconvenience.

    "I resent the entire notion of a body as an ante and then raise you a generalized dissatisfaction with physicality itself" -- Tycho
  • iTunesIsEviliTunesIsEvil Cornfield? Cornfield.Registered User regular
    In what way is Windows "fundamentally insecure", and in what way does UAC not, at the very least, help to fix it's deficiencies?

    I'm curious as to what fundamentally core portion of the OS is inherently insecure, especially on the systems that use UAC (Vista, 7). I assume this fundamental insecurity is something not present in *nix variant OS's (OS X included)?

    I can see (I've made|am making) it a fun Friday in the coding thread...

  • jackaljackal Fuck Yes. That is an orderly anal warehouse. Registered User regular
    edited May 2012
    I would agree that it is fundamentally insecure if you run as admin, but that's true of all OSes. There's this fundamental problem where you buy a PC and you turn it on and asks you for a user name instead of two. It's hard to say, "Look, even if there is one of you, you are two users. One of these users like's to run any exe you get your hands on and go to the most questionable of websites. The other is the one that's responsible for the actual computer, and you have to be both. User two doesn't put in his UAC password just because user one wanted to see titties and now something is trying to install itself, and maybe it will install itself to user one's account because it can do that, but now user two can just wipe user one's profile out and boom, at least no OS reinstall." This is kind of the fundamental problem with consumer computers.

    jackal on
  • Monkey Ball WarriorMonkey Ball Warrior A collection of mediocre hats Seattle, WARegistered User regular
    edited May 2012
    I thought that windows' poor security was a universally accepted fact. As far as UAC not fixing it, there was this a few years ago. Not that those guys don't have a vested interest in making Windows sound less secure, but that's not exactly a hard sell.

    jackal wrote: »
    I would agree that it is fundamentally insecure if you run as admin, but that's true of all OSes. There's this fundamental problem where you buy a PC and you turn it on and asks you for a user name instead of two. It's hard to say, "Look, even if there is one of you, you are two users. One of these users like's to run any exe you get your hands on and go to the most questionable of websites. The other is the one that's responsible for the actual computer, and you have to be both. User two doesn't put in his UAC password just because user one wanted to see titties and now something is trying to install itself, and maybe it will install itself to user one's account because it can do that, but now user two can just wipe user one's profile out and boom, at least no OS reinstall." This is kind of the fundamental problem with consumer computers.

    Linux's setup with sudo/gksudo solves that problem perfectly. If windows had a real user/permission system, then they could emulate it fine, but as it is I'm pretty sure Window's user setup is a thin veneer of security theater.

    To be fair, my feelings on this matter are colored by 15 years of dealing with windows, back to Win95, which has left me with a fundamental lack of trust in microsoft's competence in this area.

    I am reminded of when I was a kid, my mom set a password on her new 486, and I got around it by pressing "cancel" on the login dialog, which dropped me to the desktop.

    EDIT: Wait this is a programming thread! Right, uh.

    Writing this app in WebPy has been a rollercoaster of "Wtf why isn't this working" and "Holy crap I can't believe just that works"

    Monkey Ball Warrior on
    "I resent the entire notion of a body as an ante and then raise you a generalized dissatisfaction with physicality itself" -- Tycho
  • PhyphorPhyphor Building Planet Busters Tasting FruitRegistered User regular
    The 95/98 line had literally no security. The NT line does. Modern windows is no more insecure than anything else. All that link shows is that if you run viruses then UAC won't help you, most viruses can be quite happy running as a normal user anyway if they can't get admin, especially botnet ones. The solution is to not run viruses, because running viruses on your linux box will infect that too. The real question is: if you run a virus, can it get higher permissions?

    Also, Windows is actually the one with the "real" user/permission setup - ACLs vs user/group/other

  • BarrakkethBarrakketh Registered User regular
    edited May 2012
    Linux's setup with sudo/gksudo solves that problem perfectly. If windows had a real user/permission system, then they could emulate it fine, but as it is I'm pretty sure Window's user setup is a thin veneer of security theater.
    Have you never looked at the ACL options available on NTFS filesystems? There is a real user and permission system.

    UAC is, AFAIK, basically like a Linux GUI app triggering a gksudo/kdesu dialog.

    Barrakketh on
    Rollers are red, chargers are blue....omae wa mou shindeiru
  • bowenbowen How you doin'? Registered User regular
    edited May 2012
    User/group/other and it's by far the biggest thing I hate about *nix.

    bowen on
    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • jackaljackal Fuck Yes. That is an orderly anal warehouse. Registered User regular
    edited May 2012
    The 9x line died with Windows ME. May it burn in hell forever.

    jackal on
  • bowenbowen How you doin'? Registered User regular
    Super fun to play around in still though. Trying to get my hands on windows 3.1 to put it in a VM still.

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • Monkey Ball WarriorMonkey Ball Warrior A collection of mediocre hats Seattle, WARegistered User regular
    No I have not looked at it at all. I mean, I saw that they implemented some sort of permission system back in XP, but I assumed it was trivially circumventable, because it was windows.

    I guess my philosophy with Microsoft is the "Walder Frey Disappointment Principle": if I have no expectations of it, I will never be disappointed.

    I really don't want to pollute this code thread with a MS vs. Linux argument though.

    "I resent the entire notion of a body as an ante and then raise you a generalized dissatisfaction with physicality itself" -- Tycho
  • SaerisSaeris Borb Enthusiast flapflapflapflapRegistered User regular
    jackal wrote: »
    The 9x line died with Windows ME. May it burn in hell forever.

    You've got it backwards; the 9x line is hell, an undeniable incarnation of the unholy nether realm.

    borb_sig.png
  • jackaljackal Fuck Yes. That is an orderly anal warehouse. Registered User regular
    edited May 2012
    This reminds me of an argument a couple of my friends had about MMOs. One was like, "Rift is so much better than WoW. It has so many features that WoW doesn't."
    The other replied, "Are you kidding. Rift is fine, but it doesn't win on features."
    ...various nerd-linger hand waving...
    First Guy finally says, "Are you kidding Rift has... (some list of features)".
    "WoW has had all of those features for years."
    "Oh, I haven't played since Vanilla."

    Edit: Actually this argument happened more directly. My father in law kept his windows 98 computer for almost a decade. Finally he upgraded to a Mac, and he couldn't stop raving about how much better it was than Windows. And it might be, but he wouldn't know.

    jackal on
  • bowenbowen How you doin'? Registered User regular
    edited May 2012
    Rift looks like it's covered in mud and plays like it's covered in mud. Just thought I'd mention that.

    bowen on
    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • jackaljackal Fuck Yes. That is an orderly anal warehouse. Registered User regular
    edited May 2012
    And has a class system that is literally impossible to balance, but I stayed out of the argument, because it was in mixed company and NERRRRDS!

    jackal on
  • bowenbowen How you doin'? Registered User regular
    I don't even know why I spent money on that game, what the fuck was I thinking.

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • Gilbert0Gilbert0 North of SeattleRegistered User regular
    siiiiiigh, so our company is (FINALLY) starting the slow swtich from XP -> Win 7. We've been using Oracle Developer suite (9.0.4) for years. Guess what's not supported in Win 7 anymore :S. Guess our one developer with Win 7 isn't doing any form/report work for a while.

    Sent an email to our licensing guy to see if our current license has coverage to the lowest supported version (10.1.2) or we're going to have to pay $texas to get an upgrade. Though we're already paying $texas for 9.0.4 so maybe it won't be so bad.

  • urahonkyurahonky Registered User regular
    Also if you XOR the same object you just get a 0 right?
    XOR eax,eax
    

    Should return a 0 right?

  • SaerisSaeris Borb Enthusiast flapflapflapflapRegistered User regular
    Look at the truth table. Colloquially, it's "true if different, false if same".

    So yes, since every digit will be the same in both values, the result for every digit in the new value will be false (zero).

    borb_sig.png
  • jackaljackal Fuck Yes. That is an orderly anal warehouse. Registered User regular
    IIRC it is done because it is faster than setting eax to 0 directly.

  • urahonkyurahonky Registered User regular
    jackal wrote: »
    IIRC it is done because it is faster than setting eax to 0 directly.

    Good to know, thanks :)

  • bowenbowen How you doin'? Registered User regular
    edited May 2012
    Reminds me of swapping bits with XOR.
    int val1 = 10;
    int val2 = 20;
    
    val1 ^= val2;
    val2 ^= val1;
    val1 ^= val2;
    
    //val 1 is now 20
    //val 2 is now 10
    

    http://codepad.org/DIg1LVp6

    bowen on
    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • PhyphorPhyphor Building Planet Busters Tasting FruitRegistered User regular
    That's one of the things where it's fast because the processor has special handling to prevent it treating the xor as creating a read dependency. And it's shorter than mov eax, 0

  • IncindiumIncindium Registered User regular
    edited May 2012
    I relate about the UAC stuff. I'm the only Dev at work that keeps it on. I run into goofiness all the time with it. I have to run Visual Studio, SQL Managment Studio and a few other things as Administrator and every time I have something not working it usually means I need to run it as an Administrator explicitly to get it to work.

    Incindium on
    steam_sig.png
    Nintendo ID: Incindium
    PSN: IncindiumX
  • lazerbeardlazerbeard Registered User regular
    edited May 2012
    Linux's setup with sudo/gksudo solves that problem perfectly. If windows had a real user/permission system, then they could emulate it fine, but as it is I'm pretty sure Window's user setup is a thin veneer of security theater.

    They do have it. It's just that running as administrator is basically running as a "super user" in linux all the time. This is generally regarded as a terrible idea in linux and it should generally be regarded as a terrible idea in Windows. The problem is that too many programs decide to do things that require admin access because it's more convenient to do it that way. UAC was less intended to make you more secure. It was supposed to annoy you to encourage developers to not do unsafe things because it would now also promote a bad user experience. It would also alert users that the people making the program were doing something they probably shouldn't. Noble goal, universally hated in practice.

    In short, everytime a UAC thing pops up, that is more or less something that would require a "sudo" to do in linux, as I understand it.

    Also, I haven't been around here in forever. How you guys doing?

    lazerbeard on
  • iTunesIsEviliTunesIsEvil Cornfield? Cornfield.Registered User regular
    @Incindium what are you doin' with Visual Studio that's requiring you to run it as Admin? I've never heard of that before. Is it some sort of plugin needing Admin rights?

    Sorry about getting my panties in a bunch about Windows security, and dragging us on a tangent. It's just that it has gotten A LOT better with things like ACL and UAC (hell, even the Malicious Software Removal Tool via Windows Update), and it bugs me when people pull a "Windows is sooooo insecure." The thing that provides the biggest gap in Windows security right now is the same thing that provides the biggest gap in other OS's: users going "clicky-clicky, ooooh, boobies/computer-speeder-upper, I need those/that."

  • InfidelInfidel Heretic Registered User regular
    Security is 95% PEBKAC.

    Let's move on though on OS security and get back to watching honky dance from project to project. :popcorn:

    OrokosPA.png
  • JasconiusJasconius sword criminal mad onlineRegistered User regular
    edited May 2012
    so today the jackoff IT guy came over and tried to tell me how great it would be if I let him migrate my windows VM to the server so I could just remote into it

    something I abhor and detest


    i stonewalled him as much as possible



    i've got eight cores, dawg. i don't need "the cloud", as he referred to it. and by "the cloud" he means a small rack of Windows 2008 machines on the 5th floor

    i guess they don't teach microsoft networking guys what a cloud is

    Jasconius on
  • TofystedethTofystedeth Registered User regular
    That's what we in the biz* call "the puff".

    *
    Me. Just now.

    steam_sig.png
  • TofystedethTofystedeth Registered User regular
    Incindium wrote: »
    I relate about the UAC stuff. I'm the only Dev at work that keeps it on. I run into goofiness all the time with it. I have to run Visual Studio, SQL Managment Studio and a few other things as Administrator and every time I have something not working it usually means I need to run it as an Administrator explicitly to get it to work.
    You and @iTunesisEvil
    Tell your coworkers to turn it back on. UAC isn't just that annoying password box that pops up. A lot of other background security stuff depends on it, and when you turn it off, those stop working too.
    http://support.microsoft.com/kb/2526083
    Go the More Information section. I didn't look super closely to see if any of those only apply to server OSes and not desktop, but some of them are definitely both. Such as File and Registry Virtualization and Protected Mode IE.

    steam_sig.png
  • IncindiumIncindium Registered User regular
    edited May 2012
    @Incindium what are you doin' with Visual Studio that's requiring you to run it as Admin? I've never heard of that before. Is it some sort of plugin needing Admin rights?

    Sorry about getting my panties in a bunch about Windows security, and dragging us on a tangent. It's just that it has gotten A LOT better with things like ACL and UAC (hell, even the Malicious Software Removal Tool via Windows Update), and it bugs me when people pull a "Windows is sooooo insecure." The thing that provides the biggest gap in Windows security right now is the same thing that provides the biggest gap in other OS's: users going "clicky-clicky, ooooh, boobies/computer-speeder-upper, I need those/that."
    We use a bunch of windows batch file (cmd) stuff for post/pre build steps and building our DB template as part of the solution build. That stuff just doesn't work without running VS as Administrator if UAC is on (at least that was the easiest fix for me).

    Incindium on
    steam_sig.png
    Nintendo ID: Incindium
    PSN: IncindiumX
  • InfidelInfidel Heretic Registered User regular
    Incindium wrote: »
    @Incindium what are you doin' with Visual Studio that's requiring you to run it as Admin? I've never heard of that before. Is it some sort of plugin needing Admin rights?

    Sorry about getting my panties in a bunch about Windows security, and dragging us on a tangent. It's just that it has gotten A LOT better with things like ACL and UAC (hell, even the Malicious Software Removal Tool via Windows Update), and it bugs me when people pull a "Windows is sooooo insecure." The thing that provides the biggest gap in Windows security right now is the same thing that provides the biggest gap in other OS's: users going "clicky-clicky, ooooh, boobies/computer-speeder-upper, I need those/that."
    We use a bunch of windows batch file (cmd) stuff for post/pre build steps and building our DB template as part of the solution build. That stuff just doesn't work without running VS as Administrator if UAC is on (at least that was the easiest fix for me).

    Why can't those run unelevated, or run things as administrator themselves?

    OrokosPA.png
  • CantidoCantido Registered User regular
    PyroCMS is pretty damn fantastic.

    3DS Friendcode 5413-1311-3767
  • PhyphorPhyphor Building Planet Busters Tasting FruitRegistered User regular
    I was part of the win7 pre-deployment test group at work and there were a bunch of UAC/admin issues. Our build system would outright fail if not run as a real administrator; the linker was trying to use a temporary file at \tmpzzzz.bin or something, root of the drive instead of %TEMP%.

    Additionally, IT uses these no-UI installer scripts, which fail horribly if not run as a real admin and Windows doesn't detect it's an installer so no prompts. This would be fine, but they either fail silently or just never complete.

    I also do debugging of apps and services that have to interact with drivers, so I would have to run as a real admin to enable cross-user debugging

  • electricitylikesmeelectricitylikesme Registered User regular
    Phyphor wrote: »
    I was part of the win7 pre-deployment test group at work and there were a bunch of UAC/admin issues. Our build system would outright fail if not run as a real administrator; the linker was trying to use a temporary file at \tmpzzzz.bin or something, root of the drive instead of %TEMP%.

    Additionally, IT uses these no-UI installer scripts, which fail horribly if not run as a real admin and Windows doesn't detect it's an installer so no prompts. This would be fine, but they either fail silently or just never complete.

    I also do debugging of apps and services that have to interact with drivers, so I would have to run as a real admin to enable cross-user debugging

    Sounds a lot like they should've been using NSIS for their scripts. I've never had any trouble with NSIS and UAC, even in silent mode provided I set it to ask for administrator rights.

  • PhyphorPhyphor Building Planet Busters Tasting FruitRegistered User regular
    edited May 2012
    Oh they're terrible. I got VS2010 installed a few weeks ago, but I was running low on space on C (we also get really small drives too!) so I told them to install to D instead. But nope, they just ran the wrapped up installer normally which did its thing, failed without any warning in like 2 minutes due to lack of space, then the sent me an email telling me it installed fine to C.

    I ended up moving the extracted installer from c:\windows\temp to another drive, freeing up the 2GB for that, then running it myself

    Phyphor on
  • LindenLinden Registered User regular
    You know, exponential cost blowouts are not nice things. And if I had a few machines and the patience to rewrite and test the existing codebase, I could probably process this dataset in a few hours. But, because of aforementioned exponential costs, I can't tell in advance. It's a frustrating combination of a fundamentally complex process (empirical analysis of an exponential algorithm) and hilarious implementation inefficiencies.

    But you know what? I'm still not dealing with the inane things urahonky is, so that's a blessing.

  • ghost_master2000ghost_master2000 Registered User regular
    Jasconius wrote: »
    so today the jackoff IT guy came over and tried to tell me how great it would be if I let him migrate my windows VM to the server so I could just remote into it

    something I abhor and detest


    i stonewalled him as much as possible



    i've got eight cores, dawg. i don't need "the cloud", as he referred to it. and by "the cloud" he means a small rack of Windows 2008 machines on the 5th floor

    i guess they don't teach microsoft networking guys what a cloud is

    Nothing bothers me more in the IT world than the phrase "the cloud". It's just a remote server, that's all. Nothing new, so stop acting like "the cloud" is new technology... goddamit.

  • Monkey Ball WarriorMonkey Ball Warrior A collection of mediocre hats Seattle, WARegistered User regular
    Jasconius wrote: »
    so today the jackoff IT guy came over and tried to tell me how great it would be if I let him migrate my windows VM to the server so I could just remote into it

    something I abhor and detest


    i stonewalled him as much as possible



    i've got eight cores, dawg. i don't need "the cloud", as he referred to it. and by "the cloud" he means a small rack of Windows 2008 machines on the 5th floor

    i guess they don't teach microsoft networking guys what a cloud is

    Nothing bothers me more in the IT world than the phrase "the cloud". It's just a remote server, that's all. Nothing new, so stop acting like "the cloud" is new technology... goddamit.

    You can put a sticky note on it that says "The Cloud" if that makes you feel better.

    "I resent the entire notion of a body as an ante and then raise you a generalized dissatisfaction with physicality itself" -- Tycho
This discussion has been closed.