My condolences to you. Now your product has become a target of mockery.
Also I love cats and feel sorry that the name of those lovely animals is used in a discredited entity.
The problem is that your product did not have just a security vulnerability, but had a number of blatantly unprofessional mistakes showing off ignorance and carelessness of its authors.
This is the worst that can happen with an author of open source and especially security software.
I hope at least you the poor cat's devs realize what has happened.
I feel this is something that many a [insert security software in which critical bug was recently found here] has gone through. We've been following full disclosure principles and fixing bugs as they come for the past couple of years. It's really unfortunate that the comments tend to be so dismissive and personal — a quick look at our codebase or blog shows a serious and professional effort. That said, we definitely mess up.
While I admire the effort and overall mission, the problem is that when an application promotes 'secure communications', there are people who actually may use it as such.
Mistakes are understandable, however I think in-depth code review and auditing in any environment involving cryptography is an absolute must. Potentially, peoples lives could be jeopardized (either legally or physically) if they believed their communications were secure, when in fact they were not.
Seriously, come on, people are not rationally thinking creatures at all, nobody is. There is nothing to even measure.
If everybody became rational, the world would collapse instantly. Do you realize how many people would cease their socially indispensable work if they acted perfectly rational from an individual (meaning egotistical) perspective?
I clearly see that I am irrational, but I cannot stop being so.
I estimate that in order to become rationally thinking, I would have to undergo an unbearably painful transformation of my entire mental entity. My mind just works that way, it is hardwired irrationally, as any other human's mind.
The article and the attempt itself are great though.
> Do you realize how many people would cease their socially indispensable work if they acted perfectly rational from an individual (meaning egotistical) perspective?
It is often in the interest of individuals to contribute to the group.
Iterator invalidation, returning references that outlive their referent, storing references in data structures that outlive their referent, invalidation of the "this" pointer, etc.
Basically those are examples of bare pointer manipulations (as references are essentially syntactically sugared bare pointers).
Although it can be mitigated with specially written collections (incompatible with the standard collections) and strict coding guidelines, I have to agree with you that the C++ memory model itself is insanely dangerous.
Don't you think that first off you need to be an expert in all those languages, in web-technologies, have vast experience and up to date knowledge in all of that, to make such claims?
I'm pretty sure you just have wrong impression of C++, or to put it simply, you don't know C++.
In what way does C++ have worse response time in terms of maintenance? What do you mean exactly?
In general, statically typed compiled languages are better at refactoring than dynamically typed interpreted ones. Changing programs in the latter without fair test coverage means teetering on the brink of a catastrophe. Just recently I have seen an article on HN claiming unmaintainability of dynamic languages.
The truth is that every general purpose language is general purpose, and the claim about language suitability is a commonplace and an overgeneralization. You can do 3D games in JavaScript and client web apps in C++. Different languages have different drawbacks and that may limit their applications, but C++ is not targeted for OS development, and JavaScript is not targeted for web development, both are just general purpose languages.
Speaking of "low-levelness" of C++, with all the modern features and libraries it is as high level as other languages, and in some aspects is even more high level, e.g. JavaScript or Python have no corresponding means as the template metaprogramming which is the high high level. C++ just allows you to do low-level manipulations, you are not required to.
There are many myths and prejudices against C++ caused by ignorance and frustration of those who have not cracked it at a time.
Exactly! C++, well used, is largely a vertical language, not a low-level or high-level one. That's why it's easy to create a fairly big system entirely in C++. And having worked with such a system, I can say that it's quite comfortable, in some ways that most so-called "higher-level" languages don't offer. For example, your comment about refactoring is absolutely spot-on.
Most criticisms of C++ rely on outdated prejudices. Some people still think that modern C++ code is rife with pointers to void and reinterpret_casts.
The C++ vs Javascript example was, wait for it, an _example_.
It was a general statement aimed at a general framework. I said in some other place here that C++ is relevant but when it is, it's usually done via in-house library that are specific to your need.
All the example of company here using C++ use their own solution and most use C++/C/etc as a VM or code interpreter and uses another language for the logic.
Don't be offended because C++ doesn't do everything. For all I care, you code your server in C++. I'll code it in whatever I want and I'll sleep like a baby.
Hikikomori, momorikiki. Those are usual mental health problems such as depression (probably, around 98%), psychopathy, or mental retardation. Those guys just need to see the doctor, a psychotherapist.
Giving them tags and doing nothing about their problems is just uncivilized, such as in developing countries where most people are uneducated, the people with rare physical diseases who desperately need help get alienated or are made fun of.
