Hacker Newsnew | past | comments | ask | show | jobs | submit | topac's commentslogin

That's exactly how i would have changed things to make the website faster!!! -4 jan 1991-


Best place to work?


https://github.com/topac/twitch-plays-pokemon-keypad


ba dum tss


But in all seriousness, php is not the bad guy here, bad coders are.


Are you referring to the people who implemented PHP? Because I would be.


[deleted]


There is not about PHP. Is about blocking an innocent website :)


Innocence has yet to be proven. Right now it's looking like static.php.net might have been compromised.


we have no proofs that is related with the fact that the domain has been blacklisted by google


It's "tagged" by Google. When I search php from the iPhone I get:

"PHP: Hypertext Preprocessor

php.net/

This site may harm your computer.

Server-side HTML embedded scripting language. It provides web developers with a full suite of tools for ..."

Google inserts the "harm" note.


Yes, but there are quite a few ways to get flagged by Google.


You are correct. Like I said, I doubt that is the case. Php can be very secure if configured correctly.


that's the issue, PHP should be secure(ie restrictive) by default, Linux style... it is not. PHP+Apache => recipe for disaster. PHP is a templating language yet doesnt do html sanitizing by default !

95% of compromised websites are PHP ones.

That's the reason why PHP will die eventually,when businesses understand while it's cheap to go online with a PHP cms, once you get hacked , it will cost you your business.


Where do you find out about the non-blocking io?


I suppose he refers to this...

* IO

  * extended methods:

    * IO#seek supports SEEK_DATA and SEEK_HOLE as whence.

    * IO#seek accepts symbols (:CUR, :END, :SET, :DATA, :HOLE) for 2nd argument.

    * IO#read_nonblock accepts optional `exception: false` to return symbols

    * IO#write_nonblock accepts optional `exception: false` to return symbols
see https://github.com/ruby/ruby/blob/v2_1_0_preview1/NEWS


Everyone love and use wikipedia but i do not see 10k posts per day saying that wikipedia is the new god.


You're just a couple of years late.


Agree, BUT, people should not use absolute statements (like "just use" or "don't use") cause sometimes (sadly) it easily leads to a religious approach.


The point of "just use" in this case is the implied, but often unstated, first part: don't learn crypto, just use _____. Because when you think you've learned "enough" crypto to know what to do (whether writing a library or just picking one), is exactly when you're the most dangerous. Either really learn crypto (i.e. the 10000 hours way)--and don't build any cryptosystems until you have--or just avoid the problem-space altogether, and do exactly what the experts tell you. Which, in this case, is "use bcrypt."

The experts don't say "use bcrypt" because it's the best pluggable key derivation function. They say it because it's a satisfactory key derivation function, with viable APIs for every language you can think of. It's the McDonalds of crypto packages: a known quantity, anywhere you want it. Which is exactly what you want to point at if you want people doing as they're told ("just use...") instead of trying to learn what a "pluggable key derivation function" is... and following that path until, inevitably, they become dangerous.

An analogy, to take that last idea further: imagine if there was a universe like that of Harry Potter, with young witches and wizards capable of learning powerful, dangerous magics. But these magics require no wands, nor any other implement or component that could be taken away from the magician; once the spells are learned, they are irrevocably in the magician's possession, even if the corresponding safety lessons for use of that spell are never absorbed. And then, imagine that most learning of magic occurred through autodidacty...


Dan did such a great job on the Stanford Crypto course, it's worth learning the basics to learn the important bits.

https://www.coursera.org/course/crypto


I just have a 30 seconds mind-trip in this dystopian universe and it was horrifying :)


That's strange for hn because it's known that in a vast and rich sea such as the IT world, stability leads to a slow/fast failure or disappearing. They'll have to innovate, for their business and for the users.


And yet the reverse is true too. Over-innovating which I see as almost universally putting form ahead of function kills web enterprises dead too.

I think craigslist is a great example of success going with the most minimal "innovation" - in the last ten years I can think of two changes there, and one wasn't even voluntary. First, the map-view for housing listings and second the giving up of sex services to other sites like backpage under threat from a bunch of point-scoring district attorneys.


I'm checking the mobile version right now. The "4chan-feeling" is conserved and the site is simple and readable without the need to zoom or scroll r/l


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: