Linux Ransomware Debut Fails on Predictable Encryption Key (Bitdefender Labs)

At around the same time when I learned PHP, I learned Perl. Because Perl was for the commandline, and PHP for the Web, as simple as that; and doing one with the other was a major hassle.

Java did not enter the picture for a long time, because it was a CPU and memory hog; as an ISP you couldn't possibly offer Java on a shared hosting, and shared hosting was what most people used. And running Java on webservers is still a hassle, because you still need this monstrum of JDK somewhere within the webserver, and it still won't work with non-exec stacks and such. In fact, I'm pretty sure the Java runtime is related to Jabba, the Hutt. They look the same and have the same footprint. (Yes, language-wise Java is much nicer than PHP, but face it: nice syntax doesn't excuse any ugly runtime. Just look at C# and its abysmal trash of a runtime; Jabba looks quite nice compared to those Sith).

Farnz below also mentions this and explains it very well.

I do wonder why people keep mentioning things like:

"formal programming education"

The formal programming education I had didn't teach me anything about secure programming or input validation. Guess I was to early, different times.

While I sympathize with people who can't grasp that their tool is not the only solution possible for any given situation (one thing I notice is that php critics almost never actually list what tool would perform better for END users and CLIENTS). I understand perfectly well that the high cost of development, and updates, for many other languages, make the person attached to that language a decent income, and may even create the illusion of having a 'career', but that's as far as it goes.

Personally, I have no need to debate this, since my top clients are rapidly becoming industry leaders, delivering products and services that nobody else in the world can offer. And at a tiny fraction of the budget you'd expect to have to pay. Why? Because I use php. PHP is friendly, it has a deep respect for my needs as a web developer, and basically does not care about what various geeks think who hate it, because their focus is on me and my needs. This means extremely stable feature set, many years advanced warning on deprecated features (you know, the opposite of python, that is), which means, I can note the fact that I will have to do some small modifications of the code base at some time in the next x years, but there's no hurry, because the php authors are going to respect my needs as a developer over their own geeky need to break things release to release. That alone puts PHP on a pedestal that few other languages can touch.

Since we, as a team, like facebook, do not have to pay any attention to the critics, and can deliver feature after feature at low cost, fast times, there is simply nothing anyone who must bitch about php can say that has any relevance, it's like reading the opinions of a child who whines because his toys are the wrong color. I use an incredibly solid, reliable, php cms, that again, like php itself, has a deep respect for both my needs as a developer, the the admin staff who do the updating. So again, childish rants about php etc simply have nothing to do with our workflow, but I know that will never stop these types of critics, who I assume simply have no idea of what budgets and developer friendly tools actually look like, at least that's my guess.

However, I can't spend more time commenting, have to roll out some new industry leading features, I've been slacking a bit.

When PHP 7 rolls around, our code will work. Because they respect me and my needs.

For what it's worth, I started with asp 6, or what it 5, hated it, I found the stench of corporations to permeate it at every level, including the deep contempt for the needs of the developer, which was proven at I think maybe asp 6, then asp.net, each of which basically broke existing code bases. But I just hated the logic and syntax, I thought it was ugly and painful to use. When I started to explore the options, I first checked out perl, which I found to be a huge mess, way too prone to write only errors. My view on perl has since changed, I now view it more as a language made by and for someone with a profoundly different brain than me, or most other users who wanted to generate web presences. Subsequent readings with Larry Walls interviews, particularly his profoundly flawed views of linguistics, showed me where that difference came from, on a deeper meta level, but it's important to grasp that just because a language is alien to my brain (which views perl as criminally insane), does NOT mean it is alien to all brains. Seeing this makes me sort of almost wince grownup, I hate to admit. Python I find absurd, I WANT brackets, I do not want the language forcing me to make my code hard to read. I can type fast, adding a ; or { ] does not hurt me, anyone whose typing is so slow that a few characters makes a difference in code production should find another line of work. But again, some people like that way of doing things, making everything objects, whatever. So python fails to meet my needs as a developer. It meets other people's, which is good, that's why we have different languages.

So after giving perl its chance, and finding it nuts (a view apparently shared by many amazon programmers internally), I found php, and I was like, ok, whoah!! this tool is made for me. This is almost perfect. Not perfect, no language is, but I was astounded by how great it was and is for my needs. Every time I work with other languages, and come back to php, I am always filled with relief, a sense of, oh, thank god, I don't have to deal with the stuff I can't stand, and now can get real work done, fast.

I see the same nonsense here about mysql/mariadb, and all the whining words I read about these things never explains why we NEVER have any issues with these things. Never. They work. This does not mean they are the right tool for every job, but as facebook has shown, you can go pretty damned far with these tools if you stop obsessing about geek things and focus on the actual job, which is winning in your niche. no user in the world cares what tools are used, but I can assure you, our users care deeply without knowing it that I use php, because they can now do what they could NEVER do before online. Never. So pardon me while I laugh at those critics, then get back to work.

Or more realistically: $deep->{'ly'}->{'nested'}->[3]->{'structures'}->{'work'}. A bit longer, but no less readable in Perl than in PHP. And if you have that many indexing operators strung together in one expression, you really need to refactor the code anyway.

The same response to something like that is to flag that commit as 'shit', re-open the issue/feature and tell the SoB to GTFO and refactor that:
if you need a million levels of indirection, your design is shit.

The same goes for 'C is \'notoriously buggy\' due to naked pointers and heap memory not de-allocated' which, most likely, is quoted more than 0x4A 0x6F 0x68 0x6E 0x20 0x33 0x3A 0x31 0x36 0x00 ... I don't want to be an asshole and brag, but I don't do that because I actually know what I am doing, I assert post and pre conditions in code, I write tests, I run my programs through valgrind etc ... Unfortunately, due to corporate greed, we hire people who 'heard' of valgrind and never actually ran it, we hire people to write network code who never opened wireshark and so on ... And if you think technology solves a fundamental human/social problem (narrow-minded short term profits irrespective of consequences) you haven't debug and/or ported (to another language, mainly C/C++ ) Java servers ... The amount of memory and thread leaks a long running Java server can have is truly astounding, irrespective of all the 'design' that went into the language to prevent all the 'shit wrong with C/C++'. Until we can fully automate programming and have a sassy businessman bark 'OK Siri, make me exponential profits' and out it spews formally-verified production code, rest assure that various linear combinations of cheap programmers and xls management will produce abject shit in any conceivable programming language.