#development

For something they see as not important

Security experts are not on board as well as far as I know.

Because they aren't researching and exploiting vulnerabilities all the time

security experts barely agree lol

And who even qualifies for that

I consider people like Bruce Schneier an expert.

If we go off that

I almost qualify

https://security.stackexchange.com/questions/53594/why-is-client-side-hashing-of-a-password-so-uncommon

@dapper laurel yeah

Those are all the people who don't actively work hands on with this stuff

Handling and storing password should IMO be as few steps and as simple as possible. Each step introduces new potential for bugs.

@dapper laurel I'm not atm but I have done in the past many times but do sec research mostly atm

send to back end over https, put server seed + user seed + password and hash, store.

I would not overcomplicate things.

That's literally the developer mentality approach

Have you considered that it might be a correct approach?

😃

It's not the secure approach

You can't be completely secure but when there are steps to remove insecurities you should take them

Here we have to agree to disagree I guess.

Unless they're going to cause large issues you definitely should take them

Simpler algorithms yeah, but hashing is something that is well documented and previously done

It's the same when some people think they are smart and create a new encryption algorithm because oldones "are not secure enough" only to find out that their solution is easily broken in a way they did not foresee.

But how could this break security???

At worst you use a terrible hash and yet it's still more secure that it was before

Well, for example. Everyone starts to hash on client side. Someone makes a npm package to handle this. Everyone includes that npm package because it is easier. Now someone writes chrome extension that steals passwords before hashing because everyone uses the same package.

One scenario where it would be bad for security.

Who would you rather be when there's another cloudflare bug that exposes user data? The people who can tell their users that their passwords are mostly fine or the people who have to say they aren't safe

@obtuse stump that's just stupid developers

Maybe. But the end result is the same.

But what stops someone making a chrome extension to steal passwords anyway

Literally search for inputs with a keyword pass or password somewhere in there

You can do heaps of different things

literally nothing, its called a keylogger.

It was just a scenario that I came up from the top of my head. The main reason noone (almost) hashes passwords on the front end is that there is little to no benefit.

Except there is a benifit

You stop a whole range of exploits

From stealing user data

Would be interesting to know if google for example hashes on the frontside.

For certain things they do, for certain things they don't

granted you are doing a SSL connection, does it matter?

Imo it does not.

It's a layer of security to prevent users passwords being leaked by many different vulnerabilities

imo or Lmo?

imo 😃

By preventing the users password from never leaving their client you can prevent it being leaked due to vulnerabilities on your end

Which there are a lot of

but you have better control over the code server side.

You can encrypt the hashes serverside

Which you should do with passwords

personally, i would use a special rotating double hash method.

Google does not hash before sending password over https. Looked it up.

It does for certain things, doesn't for others

where the password is at its most vunerable when you set it.

It does not hash google account password on login.

It's not one thing for everything

There's a bunch of different things both google and facebook do

Which I know because I've tracked

I am talking about Google account password atm.

Not anything else.

This is what we were talking about, account passwords, yes? 😃

...

btw I'm really surprised that battlefront 2 hasn't got a cheater problem yet

Facebook does not hash password on login page as well.

They literally have no clientside anti cheat

thats beacuse EA pulled bullshit with DLC

I mean you can literally write to the games values

Nothing is protected

You can inject whatever

No sig detection

They have a tiny bit of anti debug and that's it

thats almost a good thing

if their server-size anticheat works good enough, then modders (they dont hack anything) are unsure of what the code is doing.

I say cheaters is better

They are just cheating

They don't mod or hack

not the people using it, the people modifying the game.

they are modding it.

Depends on what they're doing

There's a lot of re involved

Sometimes a lot of patching

there is a lot of C++ (usually) involved.

C++ is a dick

Depends who

the people know what they are doing, just not what the srver is doing.

The people reversing the game or the people who just copy sigs and offsets and make cheats like that

For games like csgo you literally don't need to do any reversing

Everything is just online

And you read memory and react to it how you want

Or very rarely write memory

Unless you are trying to bypass ESEA

That gets a bit more complicated but still straightforward

@proper gale the chams have already been reversed as well (not gonna link here tho) and most of the games structures have

client or server?

Client

doesnt matter

?

You get wallhacks

what the client does, does not matter.

By writting chams

if the server can properly ban for cheating, then all is well.

But it can't detect wallhacks

It only detects rage hacking

It doesn't detect aimbots or wallhacks or a bunch of other stuff

@whole quail on the password client hash, note that the only thing you are protecting with clientside is the cleartext. Even if you hash in the client, if an adversary can get access to client (xss, etc.), they get the hash, which is enough to prove to the server you are the impersonated person, so you still get full access. The only way to really protect from that would be to include an interactive proof system, i.e. you would need to reimplement TLS all over again in javascript.

What kind of development belongs here?

2. if someone has access to client, they can probably access raw input values anyway

all the development

development is pretty broad, but I only see programming

ah okay

I guess, real state development is not appropriate

(software dev)

just wondering because I do some game-dev type stuff involving 3D work as well as programming

@jolly pelican what gaem eng?

no game engine

...that part's not my job

LOL... you said game-dev type stuff just thought... LOL

@small escarp again, not even talking about that. Talking about leaking passwords through memory which is becoming very common.

"Very common" is a gross overstatement. I stand by my argument that if it is a real problem, Google, Facebook etc would also hash passwords before sending them over HTTPS POST. But they do not, so likely this is not a common problem at all.

I mean it's far less of a problem for Facebook and Google or anyone who runs custom everything including hardware configurations

You two, what is your experince in the info sec sector?

Specifically infosec - some courses and trainings, day-to-day I work as a software engineer.

Hashing on the client wouldn't help though... if someone could somehow obtain the password hash by exploiting a vulnerability that leaked memory (which can happen in specific vulnerabilities, I wouldn't call exploitation of that in the wild "very common") they could still obtain access to the account by sending that hash they've obtained rather than the password itself... it doesn't really change anything

@bright olive <insert developy talk here>

@static latch about access to the password not access to the account

@whole quail if memory leaks is what worries, that's even worse. You need the cleartext password in memory forever for UI reasons. The moment you lose it, the user can't edit the password anymore (e.g. use backspace). After sending the password to the server, it is never used again because you get the random hash session cookie. No website ever holds the password in memory longer than the login page.

@small escarp that's assuming the server writes over the old memory

??.... we are talking about the client

No server

it's about either in the example being proposed. the password protects to the account... if an attacker can compromise an account why would they care whether they know they password the user originally set or not? the point is to figure out what to tell the server to let you access the account... normally thats the password, but if that's some hash derived from the password then you just compromise that. Hashing the password client-side before sending does not protect you from an eavesdrop-and-replay attack,

Essentially, it's a lot of work for zero gain. And I'd argue there's a case for the fact that it might lead people to a false sense of security, with site developers perhaps being less careful with this sensitive information since it seems more secure but is in fact no better than a normal password - in fact you must secure it just as you would a plaintext password. But now you've also added the complexity of hashing on the client, which would mean storing a separate client_salt on the server so the user can access your service from multiple browsers and sending them that salt so they can do their client-side hash... this is a lot of work for something that won't help you because whatever the client generates is now the password.

Long story short, rule #1 of crypto is don't roll your own crypto. Research industry best practices and do that.

Take a look at my website: http://vegardsteinnes.co.nf

The about page says forbidden for some reason....

seems like your htaccess is blocking about.html?

English? I'm kinda new to web development

Apache reads a special file named .htaccess when it reads a file in the same directory; this file specifies certain settings for the page, such as whether to allow requests outright, to require passwords, and to set error handling documents (e.g. redirect 404s to a /404.html page)

It looks like you may have a htaccess which denies access to about.html

indeed, .htaccess or file permissions would be my starting points to look at.

Fixed it. Its a free service I use for webhosting that filters out common phrases found when their sevices are abused, so the link to my steam profile was detected and they restricted access to it.

@static latch I mean you literally just ignored my point completely

Like most people here

huh?

@whole quail , I just disagree with your point 😃

If you want ot torture yourself? 😛 https://www.humblebundle.com/books/java-books

What is your guy's opinion of kotlin?

its still java like

but at least its a bit bettr

what language sohuld jake start with

golang

10/10

the lead backend dev decided to leave for a self driving car company. I don't have much confidence for the rest of the team. T_T

ripperoni

rip

So, my coworker calls golang a blub language. nothing really exciting about writing in it. very straightforward and wordy, and easy to collaborate on.

but golang is easy to learn, fast, fast compile times etc

exactly.

similar to python?

no

similar to c

nononononoonooooo

C

nonono

not python

please

I wouldn't even call it similar to C

it's garbage collected.

golang is for writing software

or

backand servers

ah

not really useful for me at this point

but can do lots of things

man golang is incredibly versatile.

just not a lot of GUI librarys yet

Start with Fortran

start with assambly

i think i wanna learn node

twitch's entire metrics pipeline ingestion is written across 4-5 go services. atleast as of a year and a half ago.

netflix uses go

What's your objective?

dropbox etc

discord is written in elixr/erlang which is neat.

idk those

those new hipster languages?

one of those pure functional lanugages. elixr is the web framework for erlang.

Arnold c :)

like how rails is the MVC framework for ruby.

I never used any functional languages, I think

id like to learn one tho

haskell, erlang, etc. once you understand it, your mind undergoes a fundamental paradigm shift.

esp out of OOP

but if @bright olive wants to learn to code, honestly idk

esp?

especially*

I dont like OOP

its to complex for no improvement

erlang

maybe ill do that

LOL

I'll be honest. if you want to lean how to code, start with python. it's simple. syntactic pseudo code. lots of bumpers. then try java and get used to it's wordyness. then golang for it's multi-threaded primitives like goroutines and channels. and then C++ if you want to go native, tc.

dont try java

C# Master Race! 😃

its way to complecated

i have some experience with java

its kind of gross

idd

and after you're dont with python forget about it.

just know how to write in it and never use it again

C is chalanging to write a programm in, so use that if you're in for one

"ts still java like
but at least its a bit bettr"
I reject this notion that Java is some evil bad language -.-

Kotlin or Scala is better than Java

I think kitlin is cool, its just to much like java

Java is trying to become functional

It has added functional elements, yeah.

but it actually sucks pretty damn hard at everything

Hard to argue against that logic.

ey man, I wrote code in C

logic is all I know

I dislike blanket statements, is all.

Code in Skala: fork of Dotty but in German

I'm too awful to not use anything that's lower level that C# and JS. >:[

you cant go much higher then JS

maybe java of scratch

Pseudo code? 😛

your thoughts

https://www.scala-lang.org/blog/2017/04/01/announcing-skala.html

If you want to go functional, go all the way, why stop at scala 😛

most good java folks self select into scala or kotlin. but it takes time to understand the magic of the JVM in java before you can appreciate languages like scala and kotlin IMO

@bright olive if you are learning and want to be able to use the tool you've learnt for a bunch of different stuff just learn python

yep

It's easy to learn, let's you do a lot and will let you experiment with a lot of different ideas in programming

When you first start learning don't worry about what you are using the language for (to a certain extent)

but its hard to unlearn

python fanboys are worse then apple

Python fanboys aren't that bad

meh. if you learn with the intention of understanding good programming style and structure, along with datastructures and algorithms, you tend to pick up languages pretty fast.

I hate that whitespace matters, just hate it.

Same

also true

then you spend time learning the intricacies and gotchas of a language. I feel comfortable writing production code in a language I've never seen before in about a month

I dont know, I still do not feel comfortable with JS 😄

oooh, are we telling people what language to learn?

It's been a long time since I first started learning to program so I've forgotten a lot of what I did

rest of the languages are okay 😛

Not only does whitespace matter, but you also can't mix indenting or the inturpreter will yell at you.

C# is the best language :^)

C# was my second/third language depending on whether you count BASIC

I heard somebody mention Erlang earlier, and while Erlang is cool, you probably want to learn Elixir instead

😐

😐

C#

Elixir runs on the same VM as Erlang, but is more like a classical programming language

So it's easier to learn

learn C

it has nothing to much

Don't learn C

10 print "learn python"
20 goto 10

and no strings

Only learn C if you need it.

😃

C is always fun, but it's becoming less and less useful as time goes on

yeah

You need to learn too mcuh comp science and you don't get much out of it

if you need to program atmega32, then you C

but if you want to learn how to code its a nice language for a chalange

I would suggest C++ but I'm sure some people would cry if I suggested it 😛

its horrible as first language

C++ seems too daunting. 😐

dont C++

It really isn't

c>C++

@carmine relic if the person has a comp science background and good idea about structure it's actually a good start

Wait, nobody has suggested ASM yet!

matlab 😛

The only reason C++ seems daunting is because there's a lot of bad advice out there

I have actually

And a lot of outdated stuff

And the standard libraries for C++ SUCK SO BAD

I didn't see that. 👀

yes matlab. lets start indexing at 1 like savages.

Nah, the C++ stdlib is actually really good

its like 10 pages up

That's the one thing I hate with Lua

Stupid 1 index

go has a better one

Lua also indexes at 1.

You have to use a modern C++ standard though, like C++14

go learn brainfuck

So many people will get stuck with pointers and not learn programming. Sure its important to understand pointers eventually, just not immediately.

Lua? That's a great language to learn for a beginner, too.

@carmine relic it's actually really slow and a giant mess xd

pointers and pointers of pointers of pointers

I learnt Lua accidentally when I was 10

pointers are great

whats wrong with pointers

People dont understand them

and quit

If you have trouble understanding pointers you either learnt wrong or can't program

@whole quail The C++ stdlib is actually really fast. The only reason people think it's slow is because they're using it wrong.

haha

Which again, bad documentation and examples

but go is faster

I think

@carmine relic it's really slow compared to custom solutions

That's because Go is designed to be extremely concurrent 😛

hmmmmmm

@whole quail It really isn't 😛

What about Visual C++? 🤔

what about C--++--=+# visual

I promise you an unordered_map that I write will be a lot slower than std::unordered_map

VBA is the best, no question.

welll the advantage is that go provides pretty much failsafe concurrency primitives fi you know how to set up things like thread/go-routine pools and know how to set up your channels appropriately for safe shutdown.

@proper saddle Visual C++ is absolutely horrible

@carmine relic I know someone who using their own standard library only, everything he does is at least 3-15x faster than the standard alternative

xd

It's like a mish-mash of C++98, C++11 and C++14 with no real idea of where it is

and why do C and C++ have diferent styles and stuff

like c99 vs c14

They are completely different languages

@carmine relic Is there a good resource for C++ that isn't a book, because r/learnprogramming is like "books are the only good resource."

@whole quail If that's the case then they probably know what they're doing. But for most cases, the C++ stdlib is fast enough

@carmine relic agree, it's fast enough for most people but it's slugish compared to what it could be

https://www.youtube.com/watch?v=Rub-JsjMhWY

and use logics

Don't learn C++ from a book

Not anymore

5 years ago that'd be the right way to go

the internet is a pretty good resource for leaning languages

@proper saddle cppreference is one of the best places to look for C++ documentation, and I suggest the C++ core guidelines for learning the general "gold standard" for writing fast maintainable C++ code

you guys want to start a real war. lets go. What's your favorite DB technology and why.

oracle because expensive = better, right?

Also once you've learnt something, don't stick to guidelines just because

As long as you document your code well enough people should be able to read it

@obtuse stump. I'm drowning in your sarcasm.,

also having family that works in oracle. I absolutely agree.

Personally, I just use Entity Framework in .NET and stick whatever backend is necessary for the thing I'm working on

I use SQL Server because it's easier for me. 😛

I have to use oracle and some of the decisions are just mind puzzling.

And I use it with EF core

e.g. if I need simple relational data storage, I'll use sqlite. If I need something more advanced, I'd likely jump to postgres first

honestly. you can solve most problems with postgres.

keep in mind the more things you pay for the more points of failure you have

postgres or mariadb are my go-tos for personal projects.

im terrible at databases

@coral flame the more things you have the more points of failure you have, really

Personally I use mysql and mongodb then have custom endpoints with all the information in memory while also taking backups

paying for it just makes it a larger point

true

more like a circle rather than a point

keeping it centralized makes it more reliable

not a circle, a hole you fall into 😛

lmao

It also keeps 1 point of failure

holes can be circles too

Which is less reliable

not in some cases

holes are negative circles with some depth

I want to have few points of failure so I program everything as db routines

I mean, are we talking about small projects here or industrial size

so I only have db as backend

Cause small projects who gives a fuck

idd

use mysql if you want

I generally write my solutions to be as scalable as possible. I kind-of inherited it from ASP.NET

I also overengineer my pet projects 😛

true

I have a stupidly over-engineered Discord bot running right now, actually

I have a friend that writes 100 lines of code for somethign that could be done in 5

its name is Monika, and it's a chat bot

I was ready for "Its name is FiniteReality, and its a chat bot"

lmao

that would have been funny

if you think about it

But yeah, if you want to look at my over-engineered beauty: https://gitlab.com/FiniteReality/Monika

Unpopular about to get me linched opinion: PHP (modern) is actually quite nice for small projects with a single developer

oh i forgot to de-embed that

oh well

java is over-engineered machine code

java is bad and slow, and impossible to write in

java is easy to write in, what are you talking about 😛

Monika is written in C#, with a Lua component because writing a libgd wrapper would have been a pain in the arse

try doing anything functional

you'll kill yourself writing in java

^

Oh, functional programming is fun

curry all the functions!

It's like saying Ferrari is shit because it cannot drive offroad.

and make them anonymous

I'm learning Haskell because it's part of my A-Level course

I've actually wanted to learn it for a while but I've only just gotten around to it because it's on my A-Level spec 😛

I have tried haskell for 30 minutes, and then I forgot it. Should try it again.

I don't have much use learning new languages now

Since I mostly use C++ for the types of things I do

I have no use in learning new languages

but I still do

Functional JS.

I've learned so many languages that I can pretty much just pick up languages as I go

usefull JS.

The last language I learnt was Hack and I can't remember much since I never got to use it LOL

unicorn

@carmine relic same

I have a small project I write in every new language I try.

I can't even remember what languages I can use

I also have grown fond of C++ after using it so much

It's a log processor for quite large files. Rust has been the fastest so far. Javascript not so much 😄

I can list a bunch of languages I can write, but it's definitely not exhaustive

Gitlab vs Github vs Bitbucket, which do you prefer and why?

C, C++, PHP, Lua, Javascript, C#, Python are the only ones I can think of right now

I have used bitbucket for quite some time because of unlimited private repos, some projects in github.

C#, JavaScript and Python.

Never used gitlab so far.

Unless we count languages we don't completely know

Then the list gets massive

ikr

gitlab is annoying sometimes

I use github, I get unlimited private repos from education discount

But gitlab when it works, works amazingly

I don't completely know JS, but I know enough to do some algoithms in it. :v

I use it for a gta v mp mod project I'm with

Personally, I love GitLab.

meanwhile the people on the hardware side here use svn and redmine

I know a lot of languages, as in i know how to do algorithms in them

@carmine relic you forgot the "when it's not down" clause

it's always been up when I needed it @whole quail ¯_(ツ)_/¯

I have never used any other versioning system besides git (zip backups is not versioning, right? 😄 )

It's been going down for me so often

I must be lucky then ¯_(ツ)_/¯

zip backups is the best versioning!

svn is actually terrible

at least the way I was forced to use it

.1, .2, .3 pls

either way, I used to host a local GitLab instance but my server's SATA controller died (at least I think) so I haven't really used it in a while

git can also be messy if you do not know 100% what you are doing.

ah yes

that good old xkcd

git can definitely be messy if you don't know what you're doing

https://xkcd.com/1597/

so im gonna learn elixir

yolo

If you're familiar with Discord.Net, I'd like you to try out version 1.0.0 (specifically that version) - You will find that it is completely and utterly broken. And that was mostly my fault 👀

Has anyone used rich presence here yet?

thats some damn good advertising

Like, I fucked up with git so much for the 1.0.0 release that we named it the #blamefinite release

It's so easy to implement

rich presence is really easy to use, yeah

there were serious BC breaks between RC1, and stable for D.net

super annoying

@molten kindle I bet most of those breaking changes were my fault 👀

the dependency map

changed

entirely

idk who did that

that was a collaboration between foxbot and myself

but i can't update my bot to stable now

too much work

lol

lmao

that's why I abandoned Modatron

Modatron ran beta1-00420

i THINK LFGBot was up to the first RC

i think.

and bunehammer

anyway, as for rich presence, I have a rich presence app on my computer which sets a presence "Staring at Monika" with a few pictures. It's not running since I'm on my laptop

if you've seen that one

bunehammer? Nope.

If it wasnt 11:55pm, I would start programming something, kinda hyped up after this discussion 😛

but instead I go to sleep, cya \o

Haha, it's 21:55 here. (11PM for the inferior people who use 12hr time 👀)

I wrote 12h so everyone understands 😛

used to doing it in international chats for some reason

I mean, 23:55 is pretty much impossible to get wrong

it's obviously not 12hr

Unless you get it wrong.

and the only other standard is 24hr

There is base-10 as well 😛

10base?

binary??

decimal time?

hexadecimal?
\

jesus christ people still use decimal time?

https://en.wikipedia.org/wiki/Decimal_time

i thought that died in the french revolution

who needs 24 hour time when we could define everything in picoseconds after 1/1/2000

@carmine relic https://i.imgur.com/o4WFdvh.png xd

the real magic is always being aware of UTC time wrt your own time zone and being able to convert to it and back instantaneously. you can tell how often I've had to debug/parse logs.

@whole quail is that the C++ stuff?

yeh

@zealous tangle oh yeah, that's pretty magic

@carmine relic that's rich presence

wathever

For me it is quite easy, UTC is -2/-3, so not that hard to calc 😛

in US it is somewhat more tricky

UK = -1 rest of eu = +2

though I'm right in UTC so it's not hard to figure out 😝

for me, -7/-8 so it can be kind of interesting.

huh no

rest of the world = idc

UK is UTC

uses google

https://i.imgur.com/5NMS9GN.png

except in BST when it's UTC+1

@whole quail match secret is just a secret used for joining game servers

"TODO" is like my most used comment

it means nothing

it could be "a" for all discord cared

I still have no idea how the joining works

as long as your game client can figure out which server to join based on it, its fine

I had to do something else before I worked it out

TODO: remove this nasty hack to get this working again

Actually though

oh boy do I have a comment that will make people mad

RP::Ready is just a callback to let you know that the IPC connection is ready

https://i.imgur.com/UaxMlvU.png

@whole quail Nah, I do that all the time in cpp files when I know it's safe to do so

it's not that bad

@carmine relic pm me how join works when you have time

At least you have comments it is so hard to get my team to comment anything

I don't completely understand it

We have almost no comments at all. Code should be self-documenting.

sensible names for functions etc

@carmine relic also it's pretty bad xd

I reviewed a junior engineer's django code once. he accidentally overwrote a primitive with a value, because you can do that in python. Lets just say I added two new linters to our CI/CD pipeline after that.

Well sometimes some things can't document themselves

You shouldn't do it on anything important or anything large

@whole quail I forget how the flow works entirely, but IIRC you get a join request with the secrets and stuff and you're supposed to use that to connect

I don't get where the connecting happens and what gets sent where

¯_(ツ)_/¯

It's literally undocumented

I haven't looked that much into it

i wonder where mason put the dev documentation for discord-rpc 😛

anyway

but in the real world, when your CEO is breathing down your neck to get this feature built because it's going to "change everything" so you end up writing it pretty messily. hence why I still write docstrings and whatnot.

as for using namespace std... whoops I guess? https://github.com/FiniteReality/SourceLua/blob/master/src/thread/scheduler.cpp

how did i manage to hit enter there

dumb laptop keyboard

LOL

I mean, if that was me I'd probably fix that up

meh, std::chrono::duration_cast<std::chrono::milliseconds> is long

i could probably use a namespace alias instead but oh well ¯_(ツ)_/¯

auto

Put using chrono in SourceLua or put your code in a namespace and put anything you need there

auto doesn't solve the duration cast issue

namespaces are the dirtiest clean thing

it's in an implementation file, and it's in a namespace anyway so yea, it's not that bad

I mean, it's worse than what I did it in

i definitely never put 'using namespace' in a header file

I did it in a 543 line csgo cheat

that's my golden rule about 'using namespace': never in header files

my favourite bit about that C++ file though, is line 55 😛

Why do people have to abuse ReClass so much

I decide to spawn a new thread to join another thread 👍

ReClass?

https://github.com/CoolOppo/ReClass

...huh

I didn't know anything like that existed

oh that's a basic tool

There's better stuff out there

I always made the structs myself

I have like a thousand C# structs for when I was writing a WoW server in my free time 😛

You can probably guess why I lost motivation in the project lmao

Oh, that and implementing SRP6 was a nightmare

For the mp mod I work on, GTA V has been reversed so much that there isn't that much needed

like, if there's one thing I recommend you never do, ever, it's implement World of Warcraft SRP6

I played wow for like 3 days

Then stopped

Forever

jesus christ I spent so many weeks of hair pulling on trying to get that stuff to work

ReClass is so messyyyyyy

i never figured out what the problem was, because I even translated line by line the implementation of CMaNGOS' SRP6 and it refused to work

a coworker and i spent today trying to de-tangle some code... we hit header files last modified in the 90s...

90 istn legacy code right? at least not in my definition

I mean, C++ 98 looks quite a lot different than C++ 11

Can't really argue for other languages lol

@daring anchor , it's not legacy until you hit 198x and Cobol.

Doesn't financial stuffs still use Cobal?

Not only financial stuff. Quite a lot of systems that were built pre 1990s use Cobol.

It's just that financial systems are more likely to have been started in 1980s

they had money for computers

if it aint broke dont fix it

Thing is, they often are bottlenecks, but too hard or expensive to replace.

Cobol's last stable release was 2014. 😐

I prefer that to JS where frameworks had last stable release in 1 hour ago... oh sorry, 1 minute ago.

and 1h ago release is deprecated

😄

😛

Eh, I think yearly is the best though! 😃

Cobol is so mature that maybe it is okay.

Cannot say really, I have never used it myself.

Security fixes would be nice, can never be too secure. :v

Maybe Cobol is done, nothing to fix anymore 😄

fucking PHP

ah PHP ain't so bad if you use it properly... except all the ways in which it's terrible like terniary operator order, flipped needle / haystack parameters, things like that

you spoiled kids

The Lisp one on Git the Princess is my favorite! Even though I've never used it. xd

Does anyone have experience in building a NPS extension dll?

I need to do this for a school project but i can't find any information on how to begin

PHP is like a synonym of despair

i'd like to correct you

PHP is a synonym of cancer

I feel I must be doing it wrong. I do JS without libraries.

o: You don't really need libraries or frameworks, it just makes it easier. 😛

Doing JS without libraries is cool. It's just not that productive. Imo.

@obtuse stump I'd say it's more productive than using the wrong libraries.

I suggest not using the wrong libraries 😛

I cannot imagine building a web page without React or Vue or Angular or something similar.

And having maintain it.

Actually, it's harder to maintain it with Angular 😛

At least assuming you compare it with a decent MVC web framework

Never tried React though

I haven't used Angular myself.

React is okay, I have heard vue is better.

But I dare say, using Angular is basically 1.5-2x the effort of a simple webpage supported by JS

Well, for simple page it might be overkill to use framework.

And it is likely to be much buggier as well

But if you have decent amount of business logic etc, it is a neccessity imo.

The thing is, not every website has to be an SPA

True.

In fact, as fun as SPAs are, if you want something you can put ads on, it's a clusterfuck

Cause obviously, advertisers just HAVE to use document.write on async loaded ads.

Yeah, I am fortunate, I have never dealed with ads 😛

Then your users will be asking why they get empty pages

That you are. It sucks 😛

I can imagine, with all that fancy JS they bring along.

But honestly, I can only see the benefit of an SPA in very few cases

Modern PHP is okay

And it's not cancer if you don't use it in cancer ways

Everyone remembers old PHP 😃

And every time I have had to work with legacy PHP project... oh wow.

@whole quail I have yet to see a non-cancerous PHP project

plus, it still has a LOT of bad things about it

PHP 7 is completely different

PHP 7 is actually nice to program in

People just hate on PHP because it used to be literal cancer for a long time

So is whitespace.

PHP7 is only pleasant to program in compared to PHP5

PHP 5 isn't that bad either lol

PHP 4 and below are complete cancer however

PHP 7 can also be faster than Hack

You are still comparing PHP to itself 😛

And PHP5 is still terrible

I haven't heard anyone who actually uses PHP 5, PHP 7 and Hack say that lol

Now you have

The only thing worse than the language artifacts are the super-popular garbage with actual support that people make with it

The only people who I haven't heard talk bad about PHP (including 7) are the people who have only ever used PHP

The rest are already using NodeJS, Python, Go, Java or C# or something else

the code any bot should have

if ( message.mentions.everyone )
    message.channel.sendMessage( "Do that again you little ike", {
        file: "https://cdn.weeb.sh/images/ryKLMPEj-.png"
    } );

Oh yes

Oh god, every coding channel on discord is just full of d.js

Try discord api. Everyone flips their shit if you talk about libraries in the wrong channel

what's wrong with d.js?

d.js is great

i've only used it once though

i mainly code in J A V A

Dunno about d.js, Microsoft fanboys have had async/await in typscript for years o3o

Cmd hardcore mode

Oh god

@gritty rain btw, sendMessage is Deprecated, use message.channel.send('test')

@torn remnant @carmine relic I’m a (modern) PHP developer. AMA

rEEEEEE

in other news, typesetting text is extremely hard

Machine learning is fun Scary! https://github.com/255BITS/HyperGAN

@hollow stirrup when did you kill yourself?

(start php)

@proper gale I dd() multiple times a day.

PHP was my 2nd language.

Anyone have any suggestions for learning how to code in Kotlin, I have some ideas on some Android apps I want to create but would appreciate it if someone could show me some free online courses/instructions. Thanks!

The official docs?

Also, using a native language isn't a requirement, react native etc is always an option

Jetbrains did a great job on the docs/tutorial on the kotlin website.

For the language, not the Android API

@hollow stirrup Where does it hurt?

LOL

@hollow stirrup do you ever work with other developers? do they hate you?

PHP is fine and all but if you make anyone else use it with you you're the devil

Or if you need more than 1 person on the project it's so annoying

@whole quail Our team's core site is a mainly Laravel and Vue.js based app.

I hate vanilla PHP myself lol

It's great at quick small 1 person projects

And some smaller things

Not only 😃

https://CodePier.io/?ref=ltt

@hollow stirrup that looks terrible lol

😦

What specifically?

Uses so many techniques on the website to make it look better than it is

It's in beta lol

Looks b grade

Landing page is really bad

Look at the UI though if you'd like

(video is very outdated)

idk I don't have a use for UI 98% of the time

wat?

oo Laravel en Vue, my dayjob

I use cli for most important things

Then CodePier isn't for you lol

Can someone pls copy the -----text---- category for me pls, i want to add it to my server.

cli, vs, vs code is all I use

We automate infrastructure for web devs that would prefer to not worry about it.

I'm like the opposite of a web dev

Then CodePier isn't for you lol

See, I do web development, I just use a giant ass pole while doing it as to not get anywhere near it

Most modern frameworks on the cloud automate it, honestly

Uploading a website to Azure takes 2 clicks. Another 3 or so for the first time. Making it scale is just about the same 3 clicks.

Same with node

@torn remnant One of the ways that CodePier is different from say a PaaS, is in the sense that you have full control over your infrastructure.

Considering that like 40% of all the programming I do atm is making cheats for games in C++ on windows I'm definitely not the target audience xd

we use automatic deployment systems for all clients. and all external env's . i might haved logged in to one server ssg as a developer role. am pretty happy about it

@hollow stirrup So I can SSH into any of the individial, automatically provisioned machines that might be replaced at any time due to provisioning/maintenance. Cool.

That's a loaded sentence if I've ever seen one hahaha

It's meant to be. Automatic provisioning is both a boon and a nightmare.

Loaded multiple times too

@torn remnant Yeah, you can. We won't overwrite any changes you've made.

It's a double barrel shotgun

@torn remnant has a point though

@whole quail It's a railgun

A giant point

With a stack of bullets in the barrel

You need a solution that is specific enough to your problem that you can maintain it in specific ways

Or you have a solution that is too restrictive and because of that makes things harder

Or you have a solution that let's some junior dev (or at least give the junior dev the blame) make a tiny mistake that takes days to find

@hollow stirrup If you want something properly nice, add a manually editable command list that is automatically ran on every new server deployment. And add .NET Core and SQL Server 2017 for Linux to that stack, or enterprises won't even look your way

Also setup editable user restrictions so that if someone does need to do something manually they can't fuck things up too badly

And if there isn't a backup system that can constantly take backups with enough data to restore a server but not any unnecaserry repetitive information

You really should add one

With configurable excemptions too

Free SSL certificates... Who even needs to buy non-EV certificates with CloudFlare and Let's Encrypt around...

Also after those additions (and probably more) you still would need to have a large enough advantage over other solutions

Well priced dedicated servers would be a good starting point

Something that has proper horsepower

Not an overprovisioned hyperthread on a 40-core 2Ghz machine

If you can't undercut an aws solution by at least 50% it's very difficult to get someone to go with you over an aws solution

It doesn't take much to undercut AWS/GCS/Azure

You can basically calculate your /core price by assuming you get hyperthreads instead of cores, each at 2.2Ghz

Keeping speed/reliability it's not that easy

In some cases impossible

In others really simple

@whole quail The thing is, if you made an auto-provisioning system on OVH dedicated machines, and increased their price by 50% that way, you'd still be like 70-90% under cloud prices

You wouldn't have their reliability though

Honestly? I'm not even sure about that

I've seen more downtimes from AWS and Azure than from dedicated machines

I've seen the opposite

Plus, Azure even recommends you to add a duplicate app service on another region that is paired against your primary region in case of regional maintenance, and using a load balancer to manage it.

Which is just BS

I personally won't use Azure and haven't used it much

Also, it wasn't that long ago when AWS died

Taking half of the web with it

Wasn't for long

And it happened to everyone

2-3 hours

Maybe more

I thought it was less

Also I've found that AWS seems less reliable because you expect it to be up

Actually

It's more

It seems

So when it isn't it's really annoying

10:30AM to 2PM PST

3.5 hours

Actually, started even before 10:30AM

9:45AM

That's a loooong downtime

Plus, the pricing is so expensive that, while it does take more work, if you double up on dedicated servers you are still getting away much cheaper

Of course, that assumes you do have someone to maintain it so obviously not really worth it otherwise

Depends on the needed power too

Yeah. On small scale, maintenance and SLA is a bother

On larger scale though, clouds so aren't worth it

And if you do something irregular like hosting images, the network pricing is crippling.

Plus, my PC can run circles around 3 entire 4-core cloud instances on both AWS and Azure

Hello guys. I want to start ccna but I don't know if it still worth. Could anyone who has ccna tell me if it is worthy?

ccna?

Yes

@inner umbra If you don't need it right now I would wait. The certification only lasts for 3 years or something. No point in taking it before you need it.

One doesn't realise the benefit of operator overloading until it's lost. Man coding Java looks like a pain after I finally did C++.

I mean look at this bullshit: b.negate().multiply(a.modInverse(n)).mod(n);

All what this should do is essentially this: a^-1 * -b (mod N)

@torn remnant Cisco Certified Network Associate

Certified

Yeah I figured in the 5.5 hours since 😛

man, do you know how painful rendering text is?

like, it's insanely painful

@carmine relic I do, I've done it.

What API are you using?

@proper gale I'm using freetype to get kerning information, and gd to render images

i would use gd's built in freetype stuff but unfortunately it doesn't deal well with wrapping text

Freetype is fine.

yeah, freetype is ok

Gd, couldn't be as hard as OpenGL.

it's just wrapping text is hard 😛

I did it in opengl

That, is a pain

https://gitlab.com/FiniteReality/Monika/blob/master/src/ImageGenerator/main.lua#L74 Here's pretty much what I came up with... and even then it's not 100%...

thats not that bad

in terms of size

choice of language could be argued, but its not that long

yeah

i havent written a text renderer in a few years, and the one i did make was shit

i chose lua because it had already available bindings for the libs I wanted to use, and would have been easier to debug than something written in C

C is ezpz to debug

well, C++ when you are not segfaulting is at least.

it is... except when you fuck memory up

i sniped you on that

yeah, i saw 😛

but i'd rather not fuck memory up and since lua is garbage collected, it makes things a lot easier

you dont have to use new/delete in C++

see https://git.roguelogix.net/Cubit/CubitClient/blob/master/cubit/vk/shaders/Processor.cpp

GLSL shader processor ^

yeah i know

no manual memory in there

if you use new or delete you're generally doing something wrong

generally, yes

unless you are writing a library class (IE, your own vector)

well yeah

unless you need to use it, you probably shouldn't, is all i'm saying 😛

or are using global pointers/references (bad idea but you kinda need new/delete for that)

because a global smart pointer will never hit deconstruction

Retard moment, Hex is 0-8, A-F isn't it?

yeah, F being 15 and 0 being 0

@woeful jay 0-9, A-F

0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F

16 individual characters/digits

^

quick sort of programming related question: would you choose 29" 2560x1080 or 27" 2560x1440 for programming productivity?

take the 1440p one

what's the reasoning behind that? if it helps i will be pairing it with my existing 24" 1080p

the 16:9 aspect ratio is better than ultrawide for this kinda stuff. Also more pixels contribute to you being able to read more text on the screen

ok sounds good thanks for your help

👌

also if you do webcoding or make uis it will be beneficial since you can use the 1080p screen to see the at in realtime as you code

yeah i do some web stuff and also some unity game dev which definitely benefits from 2 monitors

^^

1440p is just nice

4k makes a lot of things look weird

I have a 1440p, gysnc, 144hz 27inch monitor

nice

i only have a 1080p 60hz 15,6" 😄

27" has more pixels. And should be bigger area as well iirc.

Plus depending on what your needs and current monitor are,maybe you can use it in portrait mode

Also, 29" + 24" side by side is too wide imo

Quad+ monitor is nice for game dev stuff

Having more than one monitor in general helps greatly when you're trying to write code 😛

I’m a web developer o/
I think I’m going to buy a ultrawide screen for development with two 23 inch screens next to it

haha

I have two 1080p displays, one 24" and the other 21", it's p. nice

at least I think the smaller one is 21"

ive got a 24" main, twin 23.x" secondarys and a some cheapo old dell that fits on my shelf for a quaternary monitor.

its very nice to have lots of screen

29" ultrawide main, 24" secondary

Man, writing an AI is so much fun

while(true)
destroyHumankind();

how does one write an ai?

Honestly, I don't know. I'm just using Dialogflow, which is based on Tensorflow

Dialogflow is doing all the magic here, really

its not magic

its math

math that i sort of understand but could not give a good explanation of.

I also sort-of understand how neural networks work, but I don't get how they work

like, I understand that it's a network of nodes linked together which calculate values based on weights

but I don't get how they can be used to, say, convolute an image

how the comutation works is math, how that computation works to actually do something, is magic.

yeah

can't wait digging into that

that's when/if my game project ever gets that far

still stuck at physics and collisions

already did a small image recognition test in Unreal engine, surprisingly easy to set up

writing the OpenCL code to accellerate that at a reasonable speed, is hard.

very, very, hard.

yea at acceptable rates

I once tried to learn OpenCL

it was fun

its not that hard

I was aiming to write a simple audio transcoder using it so I could massively parallelize and hopefully improve the speed of audio transcoding for a music bot project I had

not im comparison to Vulkan

the hard part is spliting the work

and factoring in stuff like instruction divergince

yeah, that's where I gave up 😛

I was trying to design a good "flow" to doing it but I couldn't come up with anything that didn't have serious bottlenecks somewhere

i would probably have split the file by small chunks and had each kernel work on a very small section of it.

IE, each kernel does 0.05s of audio (~4000 work items at 4 minutes of audio)

@rich cradle what language are you learning?

little bit of C#

not exactly a c# supporter

From what I see, it combines the worst of Java and C++

i was told its a very flexible lanuage for software and game dev

i was also recommended Python

it is

but C++ is too, technically

i don't have the experience to know the difference, but i remember a game dev complaing about C++ and eventually switched to C# due to more efficent load times

also i haven't heard a reason to use C++ over C#

C# isn't a combination of the "worst of Java and C++" 😠

performance

namespaces are a dick

namespaces in C# are far better than Java packages, and you don't even need them

and does C# support native prodecural code?

pesedual?

no objects

.NET is object based; you can't have a not-object-based language in an object-based platform

heck, even if you did have a language that was purely procedural, it would likely just wrap everything in a class anyway

C

(in the .NET ecosystem, that is)

and im not looking for how its working on the hardware

im talking about the language

in the end, its all C

C# very much isn't C

C is to C# as car is to carpet

Can you write c style code in c#

what have i started?

You can't in Java. Well, static exists but I don't count that

What do you mean "C style code"?

Purely procedural?

You could take "C style code" to mean anything, really

yes, pure procedural

No. Objects are generally easier to deal with, anyway.

@rich cradle welcome to the club.

The last time I tried writing pure procedural code I literally ended up with spaghetti

Glad you came.

Like, purely procedural code makes sense in some cases

I code in a hybrid manner.

but for the sort of target that C# and .NET in general is targeted at, pure procedural code really doesn't make sense

But I love the ability of PP

OOP only is restrictive in a different way.

@proper gale on the site im being taught (sololearn.com), its a lot of basic terms for someone who's never done coding before like conditionals, loopss, methods, class & objects , etc. which im still not too familiar with (since im still learning)

But yeah, C# is definitely not the worst of Java, for what its worth

C# is leaps and bounds ahead of Java

and Java have only just started trying to catch up 😛

Java has some darker parts, yes.

i was respond to your earlier message btw about there being little terms despite me not even understanding half of what even goes on here

In general: anything you can do in Java, you can do in C# with less code and get similar or better performance

Java 9 modules are very nice. I'm aware its basically namespaces, but it's separate bot intertwined.

java 9 modules are nice in theory, practice is to be seen 😃

That's on the developers

Yeap

Same as c++ style standards

or rather the lack there of

I like the fact that C++ doesn't really have any specific style standard. It means that you get to choose something you prefer, instead of being forced into the "widely accepted norm"

I mean, as long as you're consistent with your style

I generally have my IDE set up to format files before saving so I naturally force myself into my configured style

Everyone should use autoformat. Not using it in 2017 is just being lazy imo.

autoformat?

Basically what you said, different IDE-s call it differently. Some do it on save, some do it on some shortcut.

oh, basically what i described

ok

yeah, visual studio usually uses ctrl+k, d

cmd+alt+L or ctrl+alt+L in IDEA iirc

since I'm mainly a C# dev, I used to use visual studio a lot so I configure most of my editors to use ctrl+k, d to format files

and I also enable the "format on save" option if it exists

Reasonable.

And if some dev forgets, our build env will throw a big red error and tell them how stupid they are 😄

It's literally muscle memory for me at this point, so its impossible for me to not remember 😛

I don't throw errors on style violations though... Mostly because I haven't found the options to do that

Crtl+alt+l is correct

I use idea and clion mainly myself

Msvs can go suck a dick

It's funny how I am not sure what a shortcut is when I have to tell someone else. But when I have to use it, it is just there. 😛

I hate IntelliJ so I stay away from it like its some sort of disease 😛

Why so?

For me, its UI is back-asswards and I end up having to jump through hoops trying to get to something I want ¯_(ツ)_/¯

Idea is amazballs, not sure what crack you are on.

Compared with Visual Studio, where everything just "made sense" to my mind

I am the opposite of that 😄

Plus I like that different jetbrain products use the same logic. So if I use webstorm, all my knowledge applies.

^^^

Clion is idea for c++

either way, I personally use KDevelop for C/C++ and VS Code for anything else

Not a second IDE.

Clion, Webstorm, Pycharm etc

Vs code != Vs

all the same, just different skin 😛

Yeah, I know VS Code isn't Visual Studio 😛

I use VS Code as well, a lot actually.

But mostly as a clipboard 😛

Visual Studio doesn't run on linux so I'm stuck in the VS Code boat until Microsoft do something about it

Vs code is fine

a great place to store SOAP requests/replies and compare them

Vs is trash.

It'd be dope if Visual Studio ran on linux, at least for me

N++ is my clipboard

Oh, another problem with IntelliJ is that Rider uses Resharper as its backend

which means that you don't get the niceties of Roslyn

Roslyn analysers are literally dope

They can do everything Resharper can, and more

and they're pretty easy to write

compared to Resharper, where you're stuck with JetBrains' limited set of things which don't expand far out of what they implement

That sounds legit (foreign problem for me 😃 )

Yeah

I can see how it would have made sense in the past when Roslyn wasn't really "stable", because Resharper may have legitimately provided far superior semantic analysis than Visual Studio

but now that Roslyn is very much a thing, it's just dead weight really

I usually feel sorry for the devs who are locked into using Resharper since it's literally second nature to them

Resharper is nice for c++

I'm a fan of KDevelop's semantic analysis ¯_(ツ)_/¯

it's powered by clang so it's super accurate, and is generally quite unobtrusive

On another topic, what is your CPU usage on http://floatplane.com
On my Macbook Pro 15" mid 2014 the fans got almost to full speed after a few minutes 😄 With Safari.

Signed in or no? Because I obviously don't have an account 😛

landing page

noone has account there yet 😛

except for Linus, Luke etc