jmix's comments

This is obvious if you took a DB course, and if you didn't, you have no business building a DB. Sadly, all the NoSQL junkware was built by people who didn't.

The example is flawed -- if there is an exception incurred before or during the sending of the email, the operation will be erroneously marked as "cancelled" without having completed all of the cancellation flow. Namely, with the example as given, it is possible to have a cancelled order for which an email has not been sent out.

Moving the second line (the one that changes the status to "cancelled") to the end fixes this issue, though it does not implement "exactly once" semantics for the sending of the email. If "exactly once" is desirable, then additional logic is required. But in every case, the example as given is incorrect.

What a self-indulgent writeup. The article came nowhere near answering the central question: what are the devs doing other than constantly changing the name of the project and how is this thing better than gimp.

Good riddance to these tools because this technique, of relying on embedded strings in the code, is inherently insecure and unreliable. You can only really on it when you know you can trust the build, and yet they are used in cases where the build is of unknown etiology, so there's an inherent mismatch between when the tool is used and what it does.

Thanks for the clarification. On a related note do you understand where the X.509 Name Constraints effort sits? Which, if any, browsers implement it? If it's not 100%, do you know why browsers are hesitant to deploy it?

Since it takes a while to digest the report after having seen it, chances are that they were in possession of the report far earlier than T-400ms but waited until they were in a time window where they knew the regulators would not come after them.

This is how fortunes are made. By taking advantage of loopholes in the regulatory mechanism.

If a data store touted as fault-tolerant isn't fault-tolerant, it's broken.

These articles invariably end in "does not follow" fallacies.

In this case, he gets his accounts hacked, and his advice is "don't use any cloud-hosted email." Ok, but what evidence have you presented that shows that self-hosted email is any more secure? At least, a set of professionals were able to restore your account -- I doubt that would have happened if you had been hosting your own email server.

I have mixed feelings about this announcement. On the one hand, I really enjoyed Triumph of the Nerds. On the other, Cringely came off as a self-oriented, egotistical guy (I remember the scene where he threatened the TV crew with a piece of bat when his plane build project wasn't going well) with few unique insights and little depth.

Now that I think about it, these two facts are in line with his announcement. What he brought to the scene was to act as a tech interpreter for the baby boomers. The novelty has worn off and he's tapped out. This seems very similar to what happened to Dvorak, and what happens to a lot of bloggers: he exhausted his material and the world passed him by.

He does not need to be able to point to an extant, better alternative for his criticisms to be "credible."

BTW, I can't believe you're implying that his post is not credible. The practical outcome of your demand for a solution is to shut down legitimate criticism.

In what entitled universe do you live in where a guy who carefully and patiently points out problems is also obligated to solve every single one of them?

Also, do you really need someone to spell out the alternatives to MySQL? There are too many to list.

LaTeX is the geek's connection to Gutenberg and his legacy. Surely your grandma knows Gutenberg.

Yes, we all follow what you have said, but I see no guarantees offered by Wolfram, the service provider. You can pretend to be offended and avoid the question, but at the end of the day, the assurance you are trying to provide here is not legally binding and you know it. If you really believe in your last paragraph, why don't you have the Wolfram legal staff put these guarantees in writing, into the ToS and Privacy Policy?

At $600/hour for a lawyer and 30 minutes of their time to add a sentence or two, it'll cost $300 to make the changes. That's well under however much your time cost to make unbacked assurances online. And at the end of the day, your service and your users will be better off for it.

These is non-responsive PR:

1. The PP explicitly says that Wolfram can collect and retain data indefinitely. The FAQ promises a horizon of 1 hour. 1 != ∞. Which of these documents is to be believed? Which of them constitutes a legally binding document?

2. I don't want reassurance from some Joe Random Shmoe. Your users have a relationship with Wolfram LLC (or whatever the legal entity is). So any meaningful guarantee needs to come from that entity. But until now, Wolfram has only provided weasel wording and cagey language. I appreciate you sharing your name, but then again you have a product to peddle, and we both know that nothing you say here is legally binding for Wolfram, so you could say anything.

3 & 4. PP provides no meaningful long-term guarantee. Saying that this is standard for many in the industry is a cop out. If your company is really committed to these principles of privacy you espouse and claim here in this forum, it certainly has the legal staff to get it written into those two documents to which you linked.

Time to get your principles in your legal documents. It's duplicitous to claim the high road while peddling agreements that sign away so much PII to Wolfram.

Great, then you can respond to some observations and answer some questions:

1. Your FAQ is at odds with your privacy policy (http://www.wolframalpha.com/privacypolicy.html) which states that you can collect and retain Personally Identifying Information. How do you explain the discrepancy?

2. In a conflict between a "FAQ" and Privacy Policy, which one is the officially binding document? Why should I entrust my data to comments made by a pseudonymous user or to something that is called a FAQ?

3. Your privacy policy is subject to change without notice. How can I be assured of any guarantee given that you have this blanket clause? Why would you not offer your users to opt out of any changes that weaken their privacy?

Please back up your responses with URLs to legally binding documents that provide strong guarantees we can rely on.

Thanks.

It used to be that, in order to get access to someone's rolodex, you'd have to befriend them and do a ton of things with them to maintain that said friendship. And even then, you still had to go through them to take advantage of that rolodex of connections, where they would keep rough tabs on who you were and how often you took advantage of these connections, so that they could come back to you when they need to take advantage of your connections in turn.

Looks like these days, someone like Wolfram can get full access for the price of a few cute graphs.

At least, the data that the egomaniacal Wolfram gets his hands on is limited to those people who are easily fooled by shiny gifs.

Section 1.1 starts out by listing some "principles": availability, reliability, cost, etc. None of these are principles.

At a higher level, the main point of the book, a Service Oriented Architecture composed of independent, separable, small components, doesn't really make sense: many of the critical concerns in distributed systems are cross-cutting. E.g. if you're using Mongo as a storage component, you will be doomed to the morass of eventual consistency throughout your application. Cross cutting concerns require end-to-end thinking.

Now, SOA is a meaningless term and one can redefine it to mean anything, so don't defend the book by redefining critical terms. I am not arguing that componentized designs don't make sense. I am arguing that you cannot componentize in the manner described in the book, without constant concern for the whole. Yes, you can bolt crap together into a bigger pile (of crap), but it'll stink as badly as the weakest, stinkiest component.

It's strange that when you cite a tweet, MLA wants you to include the tweet contents, whereas for every other citation, they want you to embed just enough info to form a pointer to the actual content. Tweet citations are closer to footnotes than to citations.

Doesn't type check.

Consider the case where the grad student, acting alone and not as part of an officially sanctioned project, invented something awesome using some resources from MIT like an internet connection and lab space. How eager do you think MIT would be to say "well, we didn't endorse anything you did, so you own the entire IP rights to everything; we want no piece of your new startup" ? Or the student discovers a flaw that gets a lot of press attention; how eager is MIT to feature the work saying they supported it, as opposed to saying "it was all unendorsed." Hint: both of these have happened many times, you can look up the relevant MIT policies, and you can ask people about how it went. MIT benefits immensely from "unendorsed" (i.e. implicitly endorsed after the fact) activities conducted on its campus.

Do you now see why it's ethically questionable for MIT to try to wash its hands off when the same researcher's exploration incurs some legal costs?

Pointlessly awesome. Care to describe why it would make sense to run LaTeX on JS?