Coffeehouse Thread

79 posts

David finally took down Goliath

Back to Forum: Coffeehouse
  • User profile image
    PaoloM

    May28th2018 said:
    littleguru said:
    *snip*

    You sound lazy. The framework features are documented in a table of contents that I so nicely linked in my last post.

    You need to RTFM or STFU. I mean that in the nicest way.

    You sound lazy. The framework features are documented in a table of contents that I so nicely linked in my last post. You need to RTFM or STFU. I mean that in the nicest way.

    I can see you getting very quickly on the path of your predecessors...

    Be corteous, polite and respectful. Don't assume you know more than anyone else (because you don't) and don't insult other niners.

  • User profile image
    blowdart

    Minh said:
    kettch said:
    *snip*

    FF 3.5 on my netbook (Win7 / 1GB / SSD) is just plain broken. Simple pages peg out CPU.

    Whereas FF 3.5 on my Mac Mini (OSX / 1 GB) is just the best browsing experience I've ever had.

    Go figures.

    P.S.

    Yet another IE vulnerability. We keep hearing that IE isn't any less safe than other browsers, but why are these stories keep coming up for IE?

    That's not an IE vulnerability, but an vulnerability with a particular ActiveX control.

    Of course ActiveX is IE only... but still it's not a problem with the IE code.

     

  • User profile image
    magicalclick

    Perhaps ZF is not a suitable development envirnment for IE platform? But, if you want to go Chorm exclusively, go ahead. Like I always said, if you don't like USA, move to somewhere else. If you don't like the product, don't buy it. Your lack of support may one day be enough to convince MS's policies. If less and less website support IE, I am sure MS will starts to get worried.

    I am sure everyone has their own crappy story about other platforms. We are the developers, shits happens, and we debug. That's not going to happen. Just like those HTML5 standards, assume you get 40% FF3 and 25% FF2 markets, you still need to code HTML4 for that 25% of FF2. Develope backward compatible software is always difficult. And * just happens. If you are so frustrated by web developement, try a software development, at least now you only have to fix your own mess or your teamates' mess.

     

    Leaving WM on 5/2018 if no apps, no dedicated billboards where I drive, no Store name.
    Last modified
  • User profile image
    magicalclick

    blowdart said:
    Minh said:
    *snip*

    That's not an IE vulnerability, but an vulnerability with a particular ActiveX control.

    Of course ActiveX is IE only... but still it's not a problem with the IE code.

     

    The thing is when are we going to kill ActiveX? The whole system seems to have too much freedom for attacks. Why not making something much more protected, like read only or something.

    Leaving WM on 5/2018 if no apps, no dedicated billboards where I drive, no Store name.
    Last modified
  • User profile image
    kettch

    magicalclick said:
    blowdart said:
    *snip*

    The thing is when are we going to kill ActiveX? The whole system seems to have too much freedom for attacks. Why not making something much more protected, like read only or something.

    If Flash, PDF, Silverlight, QuickTime, Mesh, and Windows Media, were ported over to a new plugin architecture then I would probably be 95%+ covered.

    The remaining cases are all either miscellaneous Microsoft plugins or specialized stuff like WebEx, which I've only used once.

  • User profile image
    Cream​Filling512

    magicalclick said:
    blowdart said:
    *snip*

    The thing is when are we going to kill ActiveX? The whole system seems to have too much freedom for attacks. Why not making something much more protected, like read only or something.

    How is it anymore open to attacks than NSAPI?

  • User profile image
    AndyC

    kettch said:
    May28th2018 said:
    *snip*

    You pretend like there are no possible problems with Firefox.

    There is no single application on my machine that crashes, locks up, or just plain breaks more often than Firefox. Since v2 it has refused to update. I have to uninstall it completely and download the latest installer from the website.

    At this point I don't care if the browser renders everything with pixel perfect precision. I just want it to work! This is why I've relegated FF to being the (red headed) stepchild who gets drug out once in a while for a beating and stuffed back in the closet.

    "At this point I don't care if the browser renders everything with pixel perfect precision. I just want it to work! This is why I've relegated FF to being the (red headed) stepchild who gets drug out once in a while for a beating and stuffed back in the closet."

    It's a fair point. It would almost be forgivable if the HTML rendering was perfect, at least it would make for a good reference renderer. It's not though, it has its own share of unique HTML rendering bugs too.

  • User profile image
    LeoDavidson

    May28th2018 said:
    LeoDavidson said:
    *snip*

    Sounds more like you're underpaid. Otherwise you wouldn't really care. I can't say I *really* care about it, except that IE just makes my job annoying. IE7 caused a huge problem today as a matter of fact where it was switching a DOM element between absolute and relative positioning for no reason at all when the CSS on the element was fixed at relative positioning. This was caused by the user simply clicking random points on the screen and anchor tags before the page load had completed.

    There is no firebug to edit CSS variables in real time and IE6, 7, 8, oh why the hell not, even 9 just sucks. I haven't used 9 yet, but from historical development, I already know it will suck.

    Just to test in IE6, I have to start a virtual machine and go into Windows XP to run multiple IEs. What a complete joke. FF runs side by side on any operating system.

    What a horrible joke that such shoddy development got 90% of the market share.

    At least when I come home I get to do PHP programming with ZF, and Java programming where I don't have to care if it works in IE.

    If this keeps going I'm going to have to use Google App Engine exclusively.

    WTF does how much I'm paid have to do with anything?

    Everyone has better things to do than fight with poorly designed technology (HTML + CSS).

    I could be paid $1,000,000 per second I still wouldn't want to waste time fighting with bad tech when I could be getting on with something else. Web design isn't my job or my hobby; it's just a chore I go through to get things on the web. Even if it was my job, and I was paid by the hour rather than by the site, I'd much rather get on with another site instead of have each one take longer over fiddly details which, if CSS wasn't so awful, should be trivial. There's satisfaction in finishing and delivering things and it's more interesting to get something done and move to the next thing than it is to spend forever on boring, tedious work.

    I suppose if I was super rich I could pay someone else to do that, but I don't see how that validates your argument.

    HTML + CSS suck; end of story. Things don't stop sucking if you're paid a lot for the time they make you waste or if you can pay someone else to hide them from you.

    Time is worth more than money.

    (And FYI, my last salary was enough that, after resigning for other reasons, I've been able to spend most of the last two years working on pet projects which pay me zero.)

  • User profile image
    LeoDavidson

    kettch said:
    May28th2018 said:
    *snip*

    You pretend like there are no possible problems with Firefox.

    There is no single application on my machine that crashes, locks up, or just plain breaks more often than Firefox. Since v2 it has refused to update. I have to uninstall it completely and download the latest installer from the website.

    At this point I don't care if the browser renders everything with pixel perfect precision. I just want it to work! This is why I've relegated FF to being the (red headed) stepchild who gets drug out once in a while for a beating and stuffed back in the closet.

    If you've getting a lot of FF crashes, try removing your extensions. If you still get them then you might need to clear our your Firefox profile (probably due to some junk in it created by an extension).

    Extensions are a huge blessing, and the main reason I use Firefox, but they can also cause things to go catastrophically wrong due to being so intertwined with the browser's code.

    Firefox 2 and 3 have been very stable for me, FWIW, and when people have a lot of crashes it usually seems to be due to extensions gone wrong. (Of course, it can also be because different people visit different sites and some sites trigger bugs.)

    It's like Windows Explorer: If it crashes then 99% of the time it's because of a bad shell extension (and there are a lot of them!). Problem is that Explorer.exe still gets the blame and looks bad.

     

  • User profile image
    kettch

    LeoDavidson said:
    kettch said:
    *snip*

    If you've getting a lot of FF crashes, try removing your extensions. If you still get them then you might need to clear our your Firefox profile (probably due to some junk in it created by an extension).

    Extensions are a huge blessing, and the main reason I use Firefox, but they can also cause things to go catastrophically wrong due to being so intertwined with the browser's code.

    Firefox 2 and 3 have been very stable for me, FWIW, and when people have a lot of crashes it usually seems to be due to extensions gone wrong. (Of course, it can also be because different people visit different sites and some sites trigger bugs.)

    It's like Windows Explorer: If it crashes then 99% of the time it's because of a bad shell extension (and there are a lot of them!). Problem is that Explorer.exe still gets the blame and looks bad.

     

    I have no extensions, because I don't use the browser. You aren't pinning the blame for crappy software on the user this time. Tongue Out

  • User profile image
    W3bbo

    AndyC said:
    kettch said:
    *snip*

    "At this point I don't care if the browser renders everything with pixel perfect precision. I just want it to work! This is why I've relegated FF to being the (red headed) stepchild who gets drug out once in a while for a beating and stuffed back in the closet."

    It's a fair point. It would almost be forgivable if the HTML rendering was perfect, at least it would make for a good reference renderer. It's not though, it has its own share of unique HTML rendering bugs too.

    In my experience cases where Firefox's rendering has differed from WebKit is when it's within the specification, like the default typeface and line-height settings which can be easily overridden in the stylesheet.

    Do you have any examples where Firefox has gone against the spec?

  • User profile image
    LeoDavidson

    kettch said:
    LeoDavidson said:
    *snip*

    I have no extensions, because I don't use the browser. You aren't pinning the blame for crappy software on the user this time. Tongue Out

    Fair enough. Might be a bug triggered by pages I don't view or something.

     

  • User profile image
    AndyC

    W3bbo said:
    AndyC said:
    *snip*

    In my experience cases where Firefox's rendering has differed from WebKit is when it's within the specification, like the default typeface and line-height settings which can be easily overridden in the stylesheet.

    Do you have any examples where Firefox has gone against the spec?

    I'm no web expert, I merely hear the swears from across the office. A quick perusal of Twitter feeds apparently reveals that "setting text-decoration on buttons doesn't work" was the latest. Whatever that means?

  • User profile image
    magicalclick

    CreamFilling512 said:
    magicalclick said:
    *snip*

    How is it anymore open to attacks than NSAPI?

    I didn't think about NSAPI. This is not about comparing who is worse, but to think about a safer way to the same stuff as ActiveX. Something like ReadOnly ActiveX, and then, you have special user granted WriteToMyDocumentOnly ActiveX, and then, the finally Admin granted nasty ActiveX. I think it is better to kill ActiveX and think of something with security in mind.

     

    Leaving WM on 5/2018 if no apps, no dedicated billboards where I drive, no Store name.
    Last modified
  • User profile image
    Minh

    magicalclick said:
    CreamFilling512 said:
    *snip*

    I didn't think about NSAPI. This is not about comparing who is worse, but to think about a safer way to the same stuff as ActiveX. Something like ReadOnly ActiveX, and then, you have special user granted WriteToMyDocumentOnly ActiveX, and then, the finally Admin granted nasty ActiveX. I think it is better to kill ActiveX and think of something with security in mind.

     

    PS. I removed the Skype add-in for FF 3.5 and life is good w/ FF 3.5 + Netbook again. Nothing near FF 3.5 on OSX but I'm happy.

    PSS. wrt NSAPI... the security note says that the ActiveX control has no business being instantiated by the browser... so if you look at the potential target for NSAPI exploits, it'd be shoddy components interfacing w/ NSAPI. Whereas, exploits targeting ActiveX controls can aim for EVERY ActiveX control written... even if they never were meant for the web.

    At least that's my limited knowledge of NSAPI...

  • User profile image
    SlackmasterK

    kettch said:
    May28th2018 said:
    *snip*

    You pretend like there are no possible problems with Firefox.

    There is no single application on my machine that crashes, locks up, or just plain breaks more often than Firefox. Since v2 it has refused to update. I have to uninstall it completely and download the latest installer from the website.

    At this point I don't care if the browser renders everything with pixel perfect precision. I just want it to work! This is why I've relegated FF to being the (red headed) stepchild who gets drug out once in a while for a beating and stuffed back in the closet.

    I've found FF is good for using ABC's crappy video player. For some reason they don't recognize the IE8 user agent.

  • User profile image
    punkouter

    W3bbo said:
    littleguru said:
    *snip*

    W3C specifications only hit the final "TR" stage when there are at least two independent implementations. This does create a chicken/egg scenario for Microsoft as they won't implement specifications until they're finalised, which means it's up to the more flexible and supple development groups at Mozilla, Apple, and Opera to implement them first, which means IE will always have to play catch-up.

    Microsoft needs to change their policy so they'll at least implement the major things that are unlikely to change, like rounded corners and client-side databases,

    I somewhat agree with your opinion that Microsoft needs to make a move and be more active. But implementing the standard partially is also not a good solution. IE had been non standard in the past and have bad reputations, even now after IE is fully standard. You definitely do not want make those people to come back and start pointing fingers at IE anymore.

    What I think Microsoft needs to do is to have some kind of a fork from ie for community review. Whatever they call this product, this will completely for review only and will never see an official release. The product may only consist of the trident engine without any bells and whistles on it. That way Microsoft can get community reviews while contributing to the standardization process. Microsoft can even put a proof of concept on new suggestions there and noone will probably complains about it.

  • User profile image
    fknight

    magicalclick said:
    blowdart said:
    *snip*

    The thing is when are we going to kill ActiveX? The whole system seems to have too much freedom for attacks. Why not making something much more protected, like read only or something.

    Short of pushing out an update disabling ActiveX under IE and XP, which would make loads of business software and numerous websites all of a sudden non-functional, what else should they do (other than patch whatever needs to be patched, of course)?

    Seeing as the latest vulnerability is mitigated completely in Windows Vista and Windows 7 due to it's improved security, I would say they've done what they needed to do as far as ActiveX without breaking existing applications that depend on it.  

    If a seven year old operating system and web browser is as much a security problem as it's perceived to be and there's evidence that Vista and Windows 7 solve those, I'm pretty confident as to what the logical answer is.

     

Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.