Page 1 of 1 [ 15 posts ] 

MyFutureSelfnMe
Veteran
Veteran

User avatar

Joined: 26 Feb 2010
Age: 44
Gender: Male
Posts: 1,385

20 Jun 2012, 6:01 am

Where source control *is* the file system and distributed builds launched on a high powered server farm?



MyFutureSelfnMe
Veteran
Veteran

User avatar

Joined: 26 Feb 2010
Age: 44
Gender: Male
Posts: 1,385

20 Jun 2012, 6:06 am

Nevermind, cloude-ide.com looks really good. Too bad it's really targeted for cloud apps, I'd like to do desktop app development on something like it. Some sort of remote access window could be used to run the app. I could hit all the major OSes at once in a tabbed remote access view.



Oodain
Veteran
Veteran

User avatar

Joined: 30 Jan 2011
Age: 33
Gender: Male
Posts: 5,022
Location: in my own little tamarillo jungle,

20 Jun 2012, 6:48 am

there are plenty but most seem to be aimed at java or ruby.

most are also part of a learning website and some are basically only a glorified interactive shell.


_________________
//through chaos comes complexity//

the scent of the tamarillo is pungent and powerfull,
woe be to the nose who nears it.


MyFutureSelfnMe
Veteran
Veteran

User avatar

Joined: 26 Feb 2010
Age: 44
Gender: Male
Posts: 1,385

20 Jun 2012, 11:21 am

A really good one (i.e. indistinguishable from Visual Studio) could serve as my main development environment if it existed. Especially since I could bust out builds instantaneously on a farm.



Evinceo
Deinonychus
Deinonychus

User avatar

Joined: 13 Apr 2012
Age: 31
Gender: Male
Posts: 392

20 Jun 2012, 5:05 pm

I've wondered why Google didn't do this years ago-a google-docs like interface with something like google code as a back end then just clone a popular IDE rather than microsoft word.



MyFutureSelfnMe
Veteran
Veteran

User avatar

Joined: 26 Feb 2010
Age: 44
Gender: Male
Posts: 1,385

21 Jun 2012, 8:48 pm

They killed Google Code Search too if I remember correctly. It's not where the money is.



DC
Veteran
Veteran

User avatar

Joined: 15 Aug 2011
Age: 45
Gender: Male
Posts: 1,477

22 Jun 2012, 1:37 pm

MyFutureSelfnMe wrote:
They killed Google Code Search too if I remember correctly. It's not where the money is.


The problem with google code search was that it was being used to identify hackable targets by just googling for a known exploit. You could also use it to automate target finding, they made a couple of attempts to prevent it being used this way and then just decided to dump it.



MyFutureSelfnMe
Veteran
Veteran

User avatar

Joined: 26 Feb 2010
Age: 44
Gender: Male
Posts: 1,385

22 Jun 2012, 8:19 pm

DC wrote:
MyFutureSelfnMe wrote:
They killed Google Code Search too if I remember correctly. It's not where the money is.


The problem with google code search was that it was being used to identify hackable targets by just googling for a known exploit. You could also use it to automate target finding, they made a couple of attempts to prevent it being used this way and then just decided to dump it.


I don't see why that's a problem. I think long term that would cause less vulnerability, not more.



DC
Veteran
Veteran

User avatar

Joined: 15 Aug 2011
Age: 45
Gender: Male
Posts: 1,477

23 Jun 2012, 6:55 pm

MyFutureSelfnMe wrote:
DC wrote:
MyFutureSelfnMe wrote:
They killed Google Code Search too if I remember correctly. It's not where the money is.


The problem with google code search was that it was being used to identify hackable targets by just googling for a known exploit. You could also use it to automate target finding, they made a couple of attempts to prevent it being used this way and then just decided to dump it.


I don't see why that's a problem. I think long term that would cause less vulnerability, not more.


It was particularly the automated target acquisition.

Lets say there 125,000 sites running phpnuke and a new vulnerability is discovered, a single google search gives you a list of every single public website that is vulnerable and your nasty program just runs down the list, emptying out creditcard details as it goes. It made things a lot easier for the do-badders.

There were also privacy concerns, at one point a vulnerability in home security software meant you could gain access to people's private CCTV cameras, a quick google search and all unpatched cameras pop up.

It wasn't particularly useful, it wasn't making any more and it was causing problems, so google ditched it.

PS If you are feeling voyeuristic:

https://www.google.co.uk/search?q=inurl ... ndex.shtml

But that is for cameras that are supposed to be publicly accessible out of the box...



MyFutureSelfnMe
Veteran
Veteran

User avatar

Joined: 26 Feb 2010
Age: 44
Gender: Male
Posts: 1,385

23 Jun 2012, 8:39 pm

Google Code is used to search source code, not to give you a list of sites running phpnuke.



DC
Veteran
Veteran

User avatar

Joined: 15 Aug 2011
Age: 45
Gender: Male
Posts: 1,477

23 Jun 2012, 9:42 pm

http://www.networkworld.com/news/2006/1 ... oogle.html

http://www.shoemoney.com/2006/12/26/how ... -your-site

http://ilia.ws/archives/133-Google-Code ... riend.html


Ilia is the bloke who literally wrote the book on php security and is one of those rare people you find that genuinely brilliant masters of their field, if you won't take my word for it, take his.

Google code search was being exploited a lot, did you never come across those red flag restrictions on any web code searches when you were using it?



MyFutureSelfnMe
Veteran
Veteran

User avatar

Joined: 26 Feb 2010
Age: 44
Gender: Male
Posts: 1,385

23 Jun 2012, 9:47 pm

Ok I misunderstood you.

I maintain that this would ultimately reduce vulnerability, not increase it. Anyone who finds a bug in phpnuke regardless of whether that bug was found via Google Code or elsewhere will be able to use it to exploit sites running that product. I do not see making it easier to find bugs as a problem.

In that vein, I think requesting user approval by default before installing security updates to either the OS or any applications is absurd. If the user wants to be able to say no to those things, they should have to go to the trouble to configure it that way.



DC
Veteran
Veteran

User avatar

Joined: 15 Aug 2011
Age: 45
Gender: Male
Posts: 1,477

23 Jun 2012, 10:50 pm

MyFutureSelfnMe wrote:
Ok I misunderstood you.


Don't worry it happens a lot, almost certainly due to my poor communication skills
Quote:
I maintain that this would ultimately reduce vulnerability, not increase it. Anyone who finds a bug in phpnuke regardless of whether that bug was found via Google Code or elsewhere will be able to use it to exploit sites running that product. I do not see making it easier to find bugs as a problem.


In a perfect world yes, but I've highlighted major security problems in software costing £100,000 per annum to it's creators and been exasperated that they didn't bother fixing it three years after I first reported it.

Even explaining exactly what the problem is and providing them fresh secure code, nope no patch.

The amount of lousy insecure code doing mission critical stuff in organisations probably doesn't bear thinking about.

Quote:
In that vein, I think requesting user approval by default before installing security updates to either the OS or any applications is absurd. If the user wants to be able to say no to those things, they should have to go to the trouble to configure it that way.


True, but microsoft lost a lot of trust by secretly foisting all sorts of drm crap on people, you also have the problem that people with laptops have multiple connections, some free and some very expensive. It would be rather annoying if your computer was downloading a 300mb security update over a satellite connection just because you happened to be on a building site checking architectural schematics etc etc (extreme example)



NeantHumain
Veteran
Veteran

User avatar

Joined: 24 Jun 2004
Age: 44
Gender: Male
Posts: 4,837
Location: St. Louis, Missouri

25 Jun 2012, 9:40 pm

There's also Light Table.



monkeykoder
Blue Jay
Blue Jay

User avatar

Joined: 7 Feb 2012
Age: 38
Gender: Male
Posts: 76

30 Jun 2012, 11:00 am

I was wanting to do one of these not too long ago I'd be game for the project for a C++ IDE I've been wanting to do a lot of projects with my buddies that are well out of town and out of country but I really don't want to have to maintain a development infrastructure to do it. I already have little enough time after work to sit down and code after coding all day I don't want to be stuck in .config files all day getting everything set up right (to hopefully avoid most vulnerabilities that would turn said server into a drone in someones botnet army). Offloading all that to a central hub would be a fun project and be very useful in the future for said projects.

P.S. Light Table looks awesome.