kottke.org posts about programming
From a bunch of security experts, the top 25 most dangerous programming errors that can lead to serious software vulnerabilities.
Cross-site scripting and SQL injection are the 1-2 punch of security weaknesses in 2010. Even when a software package doesn't primarily run on the web, there's a good chance that it has a web-based management interface or HTML-based output formats that allow cross-site scripting. For data-rich software applications, SQL injection is the means to steal the keys to the kingdom. The classic buffer overflow comes in third, while more complex buffer overflow variants are sprinkled in the rest of the Top 25.
More about...
A programmer lists 20 lessons learned in the past 20 years.
5. You are not the best at programming. Live with it. — I always thought that I knew so much about programming, but there is always someone out there better than you. Always. Learn from them.
(via @h_fj)
More about...
If you're Dan Bricklin, co-inventor of the spreadsheet, how do you go about learning a new programming environment? Just like everyone else:
In mid-September I purchased a shiny new 24" Apple iMac and an iPhone 3GS. I signed up for the Apple iPhone Developer Program. I bought some books and started doing the tutorials, step by step. I came up with the idea for an app I needed and built a prototype, then plunged in and started creating a full app that would be good for others, too.
Personally, I find this really inspiring.
More about...
Hackers Can Sidejack Cookies, a poem by Heather McHugh.
Designs succumbing
to creeping featuritis
are banana problems.
("I know how to spell banana,
but I don't know when to stop.")
More about...
After writing The Cat in the Hat in 1955 using only 223 words, Dr. Seuss bet his publisher that he could write a book using only 50 words. Seuss collected on the wager in 1960 with the publication of Green Eggs and Ham. Here are the 50 distinct words used in the book:
a am and anywhere are be boat box car could dark do eat eggs fox goat good green ham here house I if in let like may me mouse not on or rain Sam say see so thank that the them there they train tree try will with would you
From a programming perspective, one of the fun things about Green Eggs and Ham is because the text contains so little information repeated in a cumulative tale, the story could be more efficiently represented as an algorithm. A simple loop would take the place of the following excerpt:
I do not like them in a box.
I do not like them with a fox.
I do not like them in a house.
I do not like them with a mouse.
I do not like them here or there.
I do not like them anywhere.
I do not like green eggs and ham.
I do not like them, Sam I am.
But I don't know...foreach (\$items as \$value) doesn't quite have the same sense of poetry as the original Seuss.
More about...
I have no idea how to describe the Chef programing language to you, but here is its Hello World program, in the form of a souffle:
Ingredients.
72 g haricot beans
101 eggs
108 g lard
111 cups oil
32 zucchinis
119 ml water
114 g red salmon
100 g dijon mustard
33 potatoes
Method.
Put potatoes into the mixing bowl. Put dijon mustard into the mixing bowl. Put lard into the mixing bowl. Put red salmon into the mixing bowl. Put oil into the mixing bowl. Put water into the mixing bowl. Put zucchinis into the mixing bowl. Put oil into the mixing bowl. Put lard into the mixing bowl. Put lard into the mixing bowl. Put eggs into the mixing bowl. Put haricot beans into the mixing bowl. Liquefy contents of the mixing bowl. Pour contents of the mixing bowl into the baking dish.
Serves 1.
Ok, I think I get it now...the programs look like food recipes but act like code when run through the proper interpreter. Mmmm, fibonacci with caramel sauce! (via ben fry)
More about...
Read in the right way, Strunk and White's The Elements of Style becomes an important reference for software development.
5.21. Prefer the standard to the offbeat
Young writers Inexperienced programmers will be draw at every turn toward eccentricities in language. They will hear the beat of new vocabularies abstractions, the exciting rhythms of special segments of their society industry, each speaking a language of its own. All of us come under the spell of these unsettling drums; the problem for beginners is to listen to them, learn the words, feel the vibrations, and not be carried away.
More about...
A guy who started working as a game programmer for Atari when he was 21 years old recounts his experiences, notably his work on the Donkey Kong cartridge.
Basically, Atari's marketing folks would negotiate a license to ship GameCorp's "Foobar Blaster" on a cartridge for the Atari Home Computer System. That was it. That was the entirety of the deal. We got ZERO help from the original developers of the games. No listings, no talking to the engineers, no design documents, nothing. In fact, we had to buy our own copy of the arcade machine and simply get good at the game (which was why I was playing it at the hotel - our copy of the game hadn't even been delivered yet).
(via girlhacker)
More about...
The programmers profiled in the 1986 book, Programmers at Work...where are they now?
Bill Gates. Then: founder of Microsoft, popularizer of the word "super". Now: richest guy in the world. After a stint in the 90s as pure evil, semi-retired to focus on philanthropic work.
More about...
Casey Reas and Ben Fry, inventors of the Processing programming language (that's Proce55ing to you old schoolers), have just come out with a book on the topic that looks fantastic. In addition to programming tutorials are essays and interviews with other heavy hitters in the programmatic arts like Golan Levin, Alex Galloway, Auriea Harvey, and Jared Tarbell. The site for the book features a table of contents, sample chapters, and every single code example in the book, freely available for download. Amazon's got the book but they're saying it's 4-6 weeks for delivery so I suggest hoofing it over to your local bookstore for a look-see instead.
More about...
A brief history of programming languages from the September 1995 issue of Byte magazine. Amazing how many of these languages are now extinct or otherwise not widely used...and that Perl, PHP, Java, JavaScript, etc. didn't make the list.
Update: I corrected the above statement about Perl et. al. not existing and modified it to read that they didn't make the list. Perl, Ruby, nd Java all existed in one form or another in 1995. (thx to everyone who sent this in)
More about...
I was telling a friend this weekend about an article I'd read long ago about Larry Wall approaching the development of Perl as if it were a natural language. I think this is the article in question. Perl, the first postmodern computer language and a conversation with Larry Wall also touch on Perl and linguistics.
Update: Here's the original post to comp.lang.perl.misc by Wall. (thx, marc)
More about...
CodeIDE is an browser-based IDE for editing code. Supported languages include LISP, HTML, Basic, Perl, and JavaScript. My favorite bit is the scrolling list of results and error messages from other users.
More about...
Some of the onscreen special effects on Doctor Who were generated by a home computer called the BBC Micro. "A brief sequence during this program actually showed the BBC Basic and assembler code used to create the console display"
More about...
Bakeoff! A Gladwell article from back in September on a project that used different team methodologies to attempt to create the perfect cookie: an open source approach, an approach based on extreme programming, and a traditional hierarchical team. You may be surprised which team won.
More about...
We ran across the nerdiest board game today called c-jump, the computer programming game. More info: "Skiers and snowboarders line up at the start location and race along the ski trails. Spaces on the board show statements of programming language. First player to move all skiers past the finish line is the winner."
Update: here's the game's web site. "This game eliminates intimidation of many kids and their parents, bored by the mention of 'computer programming', often associated with visions of geeky guys glued to their computers."
More about...
Here's a story that mentions that Slashdot commenter that outsourced his job. "About a year ago I hired a developer in India to do my job. I pay him $12,000 out of the $67,000 I get. He's happy to have the work. I'm happy that I have to work only 90 minutes a day just supervising the code. My employer thinks I'm telecommuting. Now I'm considering getting a second job and doing the same thing."
More about...
Impressive demonstration of Ruby on Rails. "How to build a blog engine in 15 minutes with Ruby on Rails".
More about...
Newer posts
