Slide 1

Slide 1 text

Happiness Through Ignorance a presentation by Armin Ronacher for PyCon Japan 2012 @mitsuhiko http://lucumr.pocoo.org/

Slide 2

Slide 2 text

About the Name mitsuhiko: name is from the Detective Conan Manga I don't actually speak Japanese :-(

Slide 3

Slide 3 text

Foreword Take everything with a grain of salt … and that includes this talk

Slide 4

Slide 4 text

Why Happiness Matters and why I talk about happiness

Slide 5

Slide 5 text

Happiness There is no value in doing something you don't like. It might work for a while, but you will get grumpy

Slide 6

Slide 6 text

Happy People are Productive People If you like your work you are willing to work overtime Without happiness there would be no Open Source

Slide 7

Slide 7 text

We Love Python Many of us are using Python because it makes us happy (or at least happier than the alternatives)

Slide 8

Slide 8 text

Why Ignorance Matters and why being ignorant can be important

Slide 9

Slide 9 text

Ignorance We start out ignorant

Slide 10

Slide 10 text

Education When we're learning we become less ignorant …

Slide 11

Slide 11 text

Education … start learning more and more …

Slide 12

Slide 12 text

Education … explore less …

Slide 13

Slide 13 text

Education … worry more.

Slide 14

Slide 14 text

Ignorance is Bliss Ignorance & dedication gets you far

Slide 15

Slide 15 text

Wolfire Indie Game Developer (known for running the humble indie bundles)

Slide 16

Slide 16 text

Lugaru Wolfire's first successful indie game eventually open sourced under the GPL license

Slide 17

Slide 17 text

Lugaru Screenshot from Lugaru

Slide 18

Slide 18 text

Overgrowth Screenshot from Overgrowth (their current game)

Slide 19

Slide 19 text

void Screenshot(void) // Make an FSSpec static char buf[256]; if(numscreenshots==0){ buf[0]=26; buf[1]=':'; buf[2]='S'; buf[3]='c'; buf[4]='r'; buf[5]='e'; buf[6]='e'; buf[7]='n'; /* ... */ buf[26]='0'; }

Slide 20

Slide 20 text

void Game::Tick() { declare 40 variables; handle network messages; handle keyboard input; handle main menu code; handle all menu pages; handle game saving; handle game loading; handle game sounds; handle player movements; handle collisions; handle attacks; handle screenshots; }

Slide 21

Slide 21 text

Game Ticks Executed every frame one function with 10000 lines of C++ code up to 12 levels of indentation

Slide 22

Slide 22 text

Dedication Instead of not doing it They did it They made a successful game

Slide 23

Slide 23 text

Too Much Information humanity knows so much

Slide 24

Slide 24 text

I want to make a website HTML, XHTML, CSS, JavaScript, Python, PHP, Ruby, Templates, Flask, Django, CodeIgnitor, XML, Ruby on Rails, node.js, OpenID, OAuth, Facebook Connect, bcrypt, SSH, SHA1, FTP, HTTP, SPDY, Puppet, Chef, Salt, Backbone JS, MD5, Flash, jQuery, Dojo, DOM, XPath, XInclude, XSLT, Jinja, Genshi, i18n, l10n, unicode, utf-8, MIME, email, websockets, server side events, pubsub, pubsubhubbub, Atom, RSS, …

Slide 25

Slide 25 text

Where do you even start? It's increasingly difficult to learn things people tell you to learn Technology X when you're done, X gets replaced with Y

Slide 26

Slide 26 text

Step by Step You start somewhere and go small steps from there

Slide 27

Slide 27 text

Quick Iteration every small step is a achievement

Slide 28

Slide 28 text

Learn to love and hate instead of taking hackernews' word that PHP sucks you can learn it first hand

Slide 29

Slide 29 text

A Healthy Balance Ignorance requires a healthy balance start ignorant — don't end there

Slide 30

Slide 30 text

Cargo Cult Programming “why didn't you?“

Slide 31

Slide 31 text

“Why didn't you use X?” Chances are that if you present something you did someone will ask why you didn't do it with technology X instead of Y

Slide 32

Slide 32 text

But it's O(n)! There is theory and there is practice Something that's slow in theory could still be a valid solution in practice

Slide 33

Slide 33 text

Infinite is a lie n often really is a constant think about it

Slide 34

Slide 34 text

Scripting languages are slow Can't program computer games in it Unreal Engine 3 has considerable amount written in Unreal script

Slide 35

Slide 35 text

Complexity kills Happiness Examples from the real world

Slide 36

Slide 36 text

SOAP Simple Object Access Protocol

Slide 37

Slide 37 text

SAML 2.0 Security Assertion Markup Language

Slide 38

Slide 38 text

SAML 2.0 … is an XML-based open standard for exchanging authentication and authorization data between security domains, that is, between an identity provider and a service provider.

Slide 39

Slide 39 text

Specification Breakdown SAML 2.0, XML, XPath, XPath Filter 2.0, XPointer, XLST, HTTP, XMLENC, X509, XMLDSIG, Canonical XML

Slide 40

Slide 40 text

This is no Sign-in protocol … it's a way to make money of SAML because barely anyone has the resources to implement it securely

Slide 41

Slide 41 text

SSO 101 Shared Secret + HMAC + encapsulated payload

Slide 42

Slide 42 text

SSO 101 import hashlib, hmac, json class BadSignature(Exception): pass def get_signature(payload): m = hmac.new(SHARED_SECRET, digestmod=hashlib.sha1) m.update(payload) return m.hexdigest() def sign(payload): payload = json.dumps(payload) return get_signature(payload) + '.' + payload def get_payload(data): if '.' not in data: raise BadSignature() signature, payload = data.split('.', 1) verify_sig = get_signature(payload) if verify_sig != signature: raise BadSignature() return json.loads(payload)

Slide 43

Slide 43 text

Is it secure? For as long as you have a long secret key which you don't lose. Takes 10 minutes to implement and is easy to understand. Would you know if SAML is secure?

Slide 44

Slide 44 text

Pluggable Applications All the over-engineering in the WSGI community in the end just gave us systems that look like J2EE. Meanwhile Django has a global settings module and is popular

Slide 45

Slide 45 text

PHP Barely a programming language, but hugely successful. No consistent language design but fast iteration speeds.

Slide 46

Slide 46 text

C No namespaces, no OOP, not functional, no type safety, bad standard library, worst string type, theoretically hard to optimize, no form of GC — the pillar of modern software development

Slide 47

Slide 47 text

Personal Guidelines things I follow because I think they make sense

Slide 48

Slide 48 text

Disclaimer Personal experience I have not nearly done enough to tell others what to do

Slide 49

Slide 49 text

Learn Asking Questions And then ask the right ones I notice many times (on myself and others) that we ask the wrong questions

Slide 50

Slide 50 text

Avoid Global State Just avoid it. It's easy to do. If you think the API suffers consider thread/context locals. But really. Avoid global state.

Slide 51

Slide 51 text

Refactor often At the end of an iteration/milestone go over the code and try to see if implementation can be simplified

Slide 52

Slide 52 text

Examples First I always write APIs and I start with the examples. Often shows when something does not make sense.

Slide 53

Slide 53 text

Q&A http://fireteam.net/ — Armin Ronacher — @mitsuhiko