Seven pet h8s: Verity is sorely vexed
Where's pocket Bjarne Stroustrup when you need him?
Stob Peter Wayner, a tech columnist, claims to have identified the seven most vexing problems in programming. According to his subheadings, these are: multithreading, closures, "too big data", np-completeness, security, encryption and identity management.
Such lists are constructed to be disputed. Game on. To start with, Mr Wayner's discussion of the term "closures" suggests he is suffering some ghastly and previously unreported side effect of taking statins:
The name doesn't help - it's not like access is closed down permanently like a bar announcing last call. If anything, access is open but only through a wormhole in the data-time continuum.
A wormhole in the data-time continuum, eh? Cor.
Furthermore, his concerns about np-completeness feel a tad highfalutin for a weekday. I contend the programmer-on-the-Clapham-omnibus only occasionally falutes at this level. He - the passenger on the No. 88, that is - is instinctively confident that his current assignment, a new set of dialogs to configure the medium term trend exports, will indeed run to completion in polynomial time, unless the server is down again.
Then there's the discussion of security... but this picky criticism is too easy. The more honourable thing is to offer one's own hide for a good tanning. Let's get started.
An excess of builders
In the beginning of time, O Best Beloved, there was but one build tool, and it was called Make. And it was okay.
Well, I say "okay". Actually it is a pig to use, and its makefiles tend to be as robust and immune to environmental changes as a mechanical wristwatch fashioned from ice. But at least it was standard.
Over the years, the world-and-its-husband-or-civil-partner have resolved to do better. Inevitably, all they have actually achieved is more. We are now deluged by an unhelpful surfeit of choice.
Early attempts were often variations on the original Make with a few extra incompatibilities thrown in, just to secure the full attention of the casual user. Microsoft's Nmake is an example of this genre.
Do you remember that weird period, 10-15 years ago, when "XML" was always the answer, irrespective of the question? During this time, it was realised that makefiles were too easy for people to read and understand, and too hard for machines. Bucket loads of angle-bracketed tags were introduced to fix the problem. Say hello to Ant, Nant and MsBuild.
The people at Boost, the famously-brainy C++ code collection, evolved a tool of formidable complexity called Boost.Build. This comes with a largish documentation set of its own - something else to read when you grow tired of mugging up the actual library you want to use.
Then there's CMake, a cross platform builder that creates files for other builders, not to be confused with Bakefile, a builder that generates files for native builders, and works cross platform.
One particular irritation: every programming language must have its own personal build system, or preferably several. A little searching suggests Ruby has Rake, Java has Ant and Maven, Python is associated with A-A-P, Buildout, Scons and Waf.
And so on and so on - Wiki has a page of these things, which I suspect is far from comprehensive.
A case in point. It feels like but a few short weeks ago that I was sweating over Angular.js textbooks late into the night. But when, last week, finding myself among webbies, I tried out a newly-minted witticism turning on the difference between a Factory, a Service and a Provider, I discovered the company laughter was against me instead of with me.
It turns out Angular.js V1 is now as fresh and relevant as water-damaged copies of the Cameron manifesto, and I must now decide whether to get to grips with Angular V2 (the principal area of compatibility between the two frameworks being: similar name), or go off and mug up on the now-fashionable React and Redux frameworks instead.
But this is just one example among many. This article articulates the problem neatly, although, needless to say, since it was published in October its references have all become hopelessly out of date.
No answer on StackOverflow
Here's a vexation. Have you noticed how, some days, SO just stops working?
For example, the other week I needed to implement an RFC protocol. So off I google to SO for a suitable class.
Not minded to be too fussy, you understand. Prepared to take sloppy C++ that wasn't indented correctly, with inappropriate comments in sub-standard Spanish. Or some rusty, elderly C, full of pointers to pointers, with all the internal functions declared static. Or even some of that really scrappy, ugly code, often written by superannuated maths teachers, where they start by declaring an unsightly mess of (never used) one- and two-letter variables "just in case":
int pos,i,j,k,l,m, n,o,p,sy,ta,st,mi,wert,driver,datatype,
(Ok, so this stuff never works. But at least it gives you something to start debugging, enabling you to put off that evil moment when you are forced to engage with the problem.)
In the end, insert-groany-face-emoji-here, I actually had to write all the code myself. It was like being back in the 1990s.
Death of NNTP
Pretty much my first encounter with the internet was the newsgroup comp.lang.c++, where once I came upon a student from Imperial College, posting with his academic address, expansively laying into the eponymous programming language in the confident and airy manner of one leaning on the bar in the union. He concluded his remarks with a complacent generalisation along the lines of: "Of course, C++ was never designed for this sort of thing."
The next message in the thread recalled the famous scene in Annie Hall, when Marshall McLuhan magically appears to back up Woody Allen. No less than Bjarne Stroustrup himself posted to the thread, with a brief but devastating comment: "That's funny, I don't remember you being there when we designed C++". Exit IC student, tail in groove.
Fast forward to today, and the C++ newsgroup has declined to a foetid trickle of grandstanding, spam and, absurdly, Christian proselytising - long gone are the days when to observe that a given topic was "a religious issue" was a short and effective way to remove it from the discussion.
A few hardy souls try to keep the spirit of the old newsgroup going, but the net effect is ghastly.
I realise there are many modern substitutes for comp.lang.c++ in particular and NNTP in general, but none of them have quite the same rhythm and scope of the originals at their best. These things should be designated world sites of special loveliness, like steam railways though beautiful countryside. The fact that they actually could be pretty horrible even in their heyday should be conveniently forgotten.
Questions of certification
Why aren't all your sites SSLed? Why aren't all your sites covered with Extended Validation? Do you know when your certificates will expire? Do you know what will happen if you let that happen? Are you really certain your self-signed certification suffices? Wouldn't you be better off with ROT-13? Why haven't you converted to a free system yet? Or do you need some other type of certificate? Why don't you sign your email with an email certificate? Why don't you sign your programs with a code signing certificate? Did you download the code signing certificate with the same browser that you used to order it? Do you understand the difference between FireFox's certificate store and the OS's? Have you installed all the correct secondary certificates to create your Chain of Trust? Do you understand the difference between certificate file extensions .csr, .cer, .der, .crt, .p7b, .p7r, .spc, .pfx and .p12? Why haven't you got the code-signing program attached to your ordinary build? Can you remember the passwords for the private key? Can you explain why the passwords for the private keys are not in the password database?
Why don't you stop mucking about with SSL, Verity, and get on with some work?
I do like Python. Really. It is as neat and handsome a language as one could wish. I admit I have never seriously got into bed with it; just flirted with it a little on the Programming Haystacks of Life. But I do think of it as a friend. I'd like to believe that it feels the same way about me.
That having been established: what the hell is going on with Python 3?
Released in 2008 - that was the year they introduced the iPhone App Store, that's how long ago that was - and yet it's still attracting tear-soaked blog posts from Pythonistas explaining how it will never take off, and spells wrack and ruin for their language.
Here's a recent example, written by the author of an admired Python textbook.
To a disinterested but interested party (ie me), the technical objections that the article raises come across as rather incoherent. But it appears to be right on the money about the lukecold support that Python 3 musters. This piece reports that less than one third of new commercial Python projects on a hosting site use Python 3.
Sheesh, Python guys. Sort it out.
Some people don't understand that StackOverflow is about give as well as take. Such people just swoop in, collect what they need in the copy/paste buffer and swoop out again.
But we don't need to put with this negative attitude to the key shared resource of our community. Let this be my clarion call to all right-thinking SO users. It's time to put a stop to the me-me-me-millennials, and Take Back Control.
Here's my community plan. I hope all like-minded Reg readers will join. Scrimp the 500 SO points to obtain reviewing privileges - easily achieved by copy/pasting slightly reworded answers from other questions. Then spend every spare moment on the Question Triage page, marking as "Requires Editing" any question that meets our movement's rejection criteria. These are:
- can't be bothered to do the work, or
- command of English is indifferent or, worst of all,
- probably cleverer than us.
With just a little littlehitlerism, I'm confident we can rid SO of this scum and step into a bright new future. ®
Ready to smite other things? There's more from the Chronicles of Delphi scribe here.
Sponsored: Becoming a Pragmatic Security Leader