<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">PHP is … well it just is, and that happens to be the problem. There is no good way around it, it’s far too much in use to quickly deprecate and back out of, and it’s also very far from being well designed, or just designed at all. If you don’t believe anyone just Google “Why is PHP Such a horribly designed language” for all the fun references to the developers just magically patching this thing in real time to cobble the language. <div class=""><br class=""></div><div class="">The problem with these kinds of things, is that PHP allowed us all to have stuff on the web very quickly, which we all liked. Facebook has no choice at this moment but to try and “correct” PHP the best it can, because stating over on a new Facebook is more than likely out of the question by now.</div><div class=""><br class=""></div><div class="">I don’t however see us going from better to best in the choices we are making. While we have some interesting languages like rust, what we are now seeing is migration away from PHP with people running (frantically) to Javascript frameworks. Ahh, Javascript, A language that was more or less designed in about 2 weeks time and that it’s only marketing was to use the ‘java’ in it. If you want to lol over Javascript, a co-worker pointed this out (<a href="https://www.destroyallsoftware.com/talks/wat" class="">https://www.destroyallsoftware.com/talks/wat</a>)</div><div class=""><br class=""></div><div class="">To make matters worse than anything PHP has done, the javascript developers have decided that inside of javascript (which mostly runs on the client side inside a C++ compiled binary that we know as a browser) they will enable web assembly (<a href="https://brendaneich.com/2015/06/from-asm-js-to-webassembly/" class="">https://brendaneich.com/2015/06/from-asm-js-to-webassembly/</a>). This way you can run all those awesome native C and C++ apps inside of javascript inside your browser.</div><div class=""><br class=""></div><div class="">Or maybe on the server side as well. Who knows the possibilities here are endless, but then again we can all run Quake in our browser at the same speed as the native app so .. there’s that.</div><div class=""><br class=""></div><div class="">-@mosesrenegade</div><div class=""><br class=""></div><div><blockquote type="cite" class=""><div class="">On Aug 2, 2016, at 4:12 PM, Kristian Erik Hermansen <<a href="mailto:kristian.hermansen@gmail.com" class="">kristian.hermansen@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><p dir="ltr" class="">Do you feel the same way about FaceBook PHP? Or general PHP v7? It sounds like everyone has cancer, smokes, and is pregnant...</p>
<div class="gmail_extra"><br class=""><div class="gmail_quote">On Aug 2, 2016 8:59 AM, "dave aitel" <<a href="mailto:dave@immunityinc.com" class="">dave@immunityinc.com</a>> wrote:<br type="attribution" class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000" class="">
Last week I did the technical review of one of our deliverables.
Super secure website, run by smart people. They'd limited their
exposure to one PHP file. But a good security services company
provides strategic advice, along with individual tactical
recommendations. In this case, the consultant found two critical
vulnerabilities in just that one lonely PHP file. Our strategic
recommendation is always this: Use as much PHP on your website as
cigarettes you would allow a pregnant woman to smoke per day. <br class="">
<br class="">
Everyone knows they should stop smoking. But sometimes it takes a
doctor to pull up the X-Ray of your lungs and look at them sadly for
a brief second for you to invest in that first pack of nicotine gum.
I'm not saying PHP is cancer, I'm just saying that when I see <a href="https://hackerone.com/uber" target="_blank" class="">Uber write up a long post</a>
about how they're trying to use Bug Bounties to help them secure
their WordPress plugins it makes me think maybe they should go to
the doctor instead.<br class="">
<br class="">
-dave<br class="">
<br class="">
</div>
<br class="">_______________________________________________<br class="">
Dailydave mailing list<br class="">
<a href="mailto:Dailydave@lists.immunityinc.com" class="">Dailydave@lists.immunityinc.com</a><br class="">
<a href="https://lists.immunityinc.com/mailman/listinfo/dailydave" rel="noreferrer" target="_blank" class="">https://lists.immunityinc.com/mailman/listinfo/dailydave</a><br class="">
<br class=""></blockquote></div></div>
_______________________________________________<br class="">Dailydave mailing list<br class=""><a href="mailto:Dailydave@lists.immunityinc.com" class="">Dailydave@lists.immunityinc.com</a><br class="">https://lists.immunityinc.com/mailman/listinfo/dailydave<br class=""></div></blockquote></div><br class=""></body></html>