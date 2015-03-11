I think that what I witnessed at our company (which I won't name) is representative for what Samsung saw.
The stereotypical development model was one where individual developers were perceived as lego blocks that could be moved from one area to another about as the project(s) progressed without any regard for the individual contributors accumulated knowledge. Large volumes of contributors ("bug resolvers") were valued over smaller, coherent teams with smarter contributors.
There was also a disturbing amount of machoismo surrounding everything - nothing could be questioned; everything was a of sense pride to someone.
(What I heard from the local engineering managers supports the above.)
- There's quite a big span between the average level to high level to top level when it comes to polish devs. Specifically, it goes a lot lever than what I'm used to. It goes high too, though, but those individuals are not necessarily cheaper than a western european employee of the same calibre (probably similar).
- (Engineering) Management culture is totally whacko and quite a bit behind the western world. I blame the machoismo.
It is very rare that Warsaw devs that write good quality code are compensated appropriately.
Actually it's the author of the rant that comes of as totally uninformed and with unwarranted snark to boot.
And they even scold the author of the software for responding in an emotional tone, while the whole "wtf" rant was full of personal attacks (and misunderstanding C programming, not bothering with facts etc).
And thusly, a website originally created for people to point to actual coding WTFs by incompetent programmers is running posts by incompetent users, voted by other incompetent users.
@Carsten_Haitzler said:
as for the "you bitch" comment. that does not appear anywhere inside efl at asll. i can only assume you are full of bullshit here as with a lot of the prior "facts" you have disclosed, as a grep through our codebase for efl and elementary shows no such string:
core/efl.git - EFL core libraries
evas - change error out from bitch to complain - cosmetic changeHEADmaster
committer Carsten Haitzler (Rasterman) raster@rasterman.com 2015-03-11 12:59:01 (GMT)
F#*k off.
Even more so after one reads the replies.
Perhaps we didn't read the same reply?
Because the response you've posted:
1) only addresses one of the tens of points in the reply -- the others still being valid.
2) while true, it is still irrelevant from a technical standpoint (not to mention softened in the subsequent version anyway).
3) At worst, the Evas author failed to grep the right version for it. Whereas the ranter, at best, fails to understand C coding, failed to consult documentation that was right there, complaints for valid behavior, cites several wrong facts about the behavior of the code (like the supposed "512" object limit), and closes with the BS "it will take man-years" to build a sample simplistic media player with the lib (using a ready made codecs/media player widget component).
Evas/Eve etc have some questionable design decisions, and not the best documentation. But the original post is full of crap in almost every aspect, and with unwarranted language to boot.
> key names - no - we didn't document it, but it'll be the same set as you get in x11. we emulate it elsewhere. yes- maybe we should explicitly document that but to date no one has actually complained
> if its a const char * of course you don't free - if it's a char * return (example) it'll be documented as to how to free it. if its' objects - objects stay alive until you delete them ... or the canvas they live in is deleted, or an object that has taken ownership is deleted (and objects that take ownership are in charge of deletion). it's the same throughout efl - its similar to gtk in that sense. it hasn't been explicitly documented i guess because it's a convention that is common enough.
On dynamic typing, and checking object types - and why it's a warning rather than hard error when a type doesn't match what's expected:
> default is to march on and recover with a complaint - the complaint is your signal to enable this next time you run and hunt down the detail. ... mostly the errors are harmless. the majority of code marches on fine - thus prefer staying alive over suddenly falling over.
He only found that it was "bitch" (single word) later from a later corrected comment and fixed it (out in the open, in the the public code repository in any way).
In any case, again, not technical, not a WTF, and not pertaining to the actual code/implementation.
If he does not, that invites the question of how many similar error messages are there in the code. Note that this is something that actually gets printed to stdout - in other words, if there's a bug in your app (or EFL, for that matter), your end user might see that message. I would dare say that's a pretty big WTF.
And even a customer is not some holy being that gets to behave in any way they like and it has to be accepted "regardless of the provocation". What he wrote has FUD and professionally damaging to mr. Haitzler (as a programmer), while also wrong in most aspects.
Nobody should just bend over for someone (even a "customer") "regardless of the provocation". Besides FUD and insults, should the "regardless" also allow for sexual or racist comments from a customer?
And speaking of duties, does the company (Samsung) see well to an employee of them bad-mouthing their OS and choices on some random forum?
Now I am aware that several leaders of several major open-source communities do not consider such restraint to be necessary or even desirable. They're of course welcome to manage their communities as they see fit. I think it's a mistake though, and I believe it will lead inevitably to serious issues in those communities, if indeed it hasn't already.
Unless you have evidence to the contrary...?
> Nobody should just bend over for someone...
There is a world of difference between being assertive (which is fine) and being dismissive and belittling (which is not). Mr. Haitzler went way over the line. He thought that tit for tat was appropriate. It is not.
By the way, given the rather suggestive way you phrased this, you might want to check your own use of sexualized comments before criticizing someone else's.
1. Write a long and angry rant about how terrible the software is on a public forum.
2. File issues, participate in the community, ask questions on the mailing list, submit pull requests to improve the docs, try and understand the design decisions behind the software you're using - it's possible that the author knows more about the problem than you, and there are perfectly good reasons for why things are as they are.
One of these things is more productive than the other.
I do have to note, though, that the options are actually:
1. Use something else that's better.
2. <same as what you wrote above>
Based on everything I've read about EFL, including responses from its devs, #1 is by far the most productive choice you can make in these circumstances.
The rant is not really an option as such. It's just a way for someone to vent their frustration, which people occasionally need when dealing with problems like that in order to make themselves feel sane again. You can rant first, but you still have a choice of #1 or #2.
I also have to note that, for the author of the rant, neither was an option, because they weren't working on a project where they had a choice of framework - they were working on Tizen, and had to use EFL, that choice being made for them. I also doubt that their manager would allow them to use some of their work hours to go fix bugs in EFL, even assuming its maintainers would agree that these things are bugs (which they clearly didn't) - they had their own backlog and schedule. So they did the rant because they felt like they needed it, and they didn't really have the option of either #1 or #2 to fix anything.
Why plug every hole in a colander when you can use a bowl from another supplier?
> efl checks object validity by looking at the first 4 bytes of the memory of the object. in here is a "magic number" that indicates both type and that the object isn't freed or garbage memory.
I'm really beggining to think that code should be left to smaller and medium sized outfits. i.e samsung should buy or hire a small startup to independently develop and grow their next ecosystem. Large enterprises just seem too clumsy pull pull it off unless they wholly dedicate themselves to developing that one piece of technology.
I think the big vs small comparison is flawed. I've seen some atrocious code produced by small/medium sized outfits. My fondest memory including auditing code from a 3 person outfit who's code quite literally setup an RPC on the server that executed any string it was sent, verbatim, against a database that handled money.
From TFA: Another attack on Samsung Smart TVs was published last week that used malicious commands embedded in broadcast TV signals.
So, even if it's airgapped, a tv that's been compromised in this way is effectively a hostile general-purpose computer with a wifi card running inside your house.
If this is something you would do for a Klondike bar, then go ahead. I'll keep my dumb TV and my Kodi box, though.
So why bother with a "smart" TV if you're going to be using an external computer anyway. Saving a few hundred dollars to spend on that external computer seems like a better investment. I run a "dumb" big LG TV hooked up to a raspberry pi running Kodi via LibreElec. I'm very happy with the set up in terms of functionality and price.
Edit: the attack via signal is linked from the article, reading now.
I'm in the market for a 4k TV with low input lag. If you look at input lag tests (e.g., http://uk.rtings.com/tv/tests/inputs/input-lag) you'll see that every single TV listed there is a smart TV, at least in the 43"-50" range anyway. In fact, are there even such things as "dumb" TVs anymore?
That said, I've done some more research and realised tha the LG UH6* range is actually also pretty good for low input lags and runs webOS to boot so I think I'll go for an LG instead.
Furthermore, their mobile business is mature and well-known enough that even if they were staffed with complete amateurs whose legacy code was awful, Samsung has been a prominent player for a long time in terms of tech-biz-years. The chances are significant that they have among their ranks a wise-enough manager to realize that it's time to tackle technical debt. Or, in lieu of that, that Samsung would've by now had a come-to-Security-Jesus security fuckup traumatic enough to force a thorough audit and revamp.
Clearly that hasn't happened here so I'm interested in learning the details as they come out.
I took from their "perfect on the first try" requirement for interviewing that their strategy for handling technical debt was supposed to be "don't create technical debt".
