Show newer we had a client that had a site which, as web2.0 took off, you would have sworn was Ajax laden. But there wasn't a bit of that in it. I used to admire the devs on that project somewhat for being able to pull that off so well. They've since moved the way everyone else has and there Ajax everywhere now but that site was a bear to pentest anyway (we worked w them for quite a while) and we don't do much work for them anymore.

@craigmaloney That's depend's on how thorough you need to be.

If you're just looking for a sniff test, all I can add is cppcheck. Though, I haven't used it myself. It also seems like gcc and clang have added some analysis features.

Just remember, analysis tools will only catch flaws in the programs logic and even then they're only going to do so well. They'll never catch business logic flaws (e.g., authz/authn) and usually are limited to the most glaring of logic issues.

@lea_eule @codeawayhaley that makes no sense. What's the difference made by federation? They can already host a blog anywhere and people can read it regardless of the host it's on.

@craigmaloney define good? Personally, I just use a good IDE/Text editor for code review. Most of the scanners out there will throw so many false positives they're just not worth running for the low hanging fruit they find.

tduehr boosted

Computer Science is like being sat down at a buffet where there are all sorts of salads and salad fare. So you dutifully pull up a plate and begin piling on the lettuce and toppings and a heavy cream dressing and dig in. Then you have another helping and dig in some more. It's delicious and you're grateful for the feast.

Them you realize there's another four wings of food and wine and you've loaded up on salad.

@vascorsd that's why I have an iPhone. I need a phone not a science experiment.

just a little rageranting about RoR 

@troublesome0 Try writing a spring app or even just installing someone else's.

@twitter @lx @DatTux @troublesome0 @tinker That's not too terrible an idea. Could be implemented on the client side but probably better implemented server side.

@lx @DatTux @troublesome0 @tinker It'd be nice if you could view the local feed of another instance without joining it. Or even, login to another instance via a federated authz protocol to the same effect.

@postmodern corollary: paying a little more for staples is a large increase in quality.

@postmodern I look forward to the day I can tell people I knew about you before you were cool in techno…

tduehr boosted

Forgetting to wear gloves while making green chili reminds you that you're alive.

Hilbert curve embroidery is pretty shiny. Surprisingly, not all that difficult. His is just a PoC, I have a project planned once I clear out a couple others.

@postmodern Serrano sounds good. Not sure how you'd work the habanero in other than maybe the sauce...

@postmodern in short: they're approachable and known by more people. Most people hear habanero and they think of face melting heat. Serrano is some king of Mexican pepper that's probably too hot.

They're all wrong on those counts.

tduehr boosted

Had the strangest dream where I crashed Alex Jone's birthday party. I was constantly afraid his entourage would figure out that I didn't actually believe the world was being controlled by 4th dimensional shape shifting lizard men.

tduehr boosted

"I" before "e" except after "Old MacDonald had a farm".

Show older

Everyone is welcome as long as you follow our code of conduct! Thank you. is maintained by Sujitech, LLC.