Forgot your password?
typodupeerror
Programming Security IT Technology

Guido van Rossum Leaves Zope.com 248

Posted by timothy
from the happenstance-meeting dept.
VladDrac writes "Guido van Rossum, the author of the Python programming language, announced at OSCON last night that he's leaving zope.com, to work for a new startup called 'Elemental Security', founded by Dan Farmer (known from several security tools such as Satan). Guido leaving Zope.com will also probably mean that he will be no longer involved in Zope3 development, but hopefully he'll have more time to spend on Python development." Guido says that he's excited about his new employer, but that nothing substantial will change about Python as a result of the move. "It's just that I'll be working from the West coast." Python is "already quite secure," he says, and will be the basis of an upcoming security product ("just getting started") from Elemental.
This discussion has been archived. No new comments can be posted.

Guido van Rossum Leaves Zope.com

Comments Filter:
  • by DeltaSigma (583342) <.onu.public. .at. .gmail.com.> on Wednesday July 09, 2003 @12:07PM (#6400820) Journal
    It sounded more like 5% hackers going "Oh yeah?" and 95% script kiddies scratching their heads...
  • I think he was referring to its existence, not any inherent invulnerability. As in, it's firmly entrenched and will continue to be developed.
  • by Da VinMan (7669) on Wednesday July 09, 2003 @01:38PM (#6401423)
    Granted, badly written Python can be hard to read, no doubt about it. However, I will assert that it's simply not possible to obfuscate Python to the same extent as C or Perl. It just isn't possible.

    Go ahead and show me some nested lambda + encoding of eval'ed source + pickle or some other monstrosity if you like, but it will have to be indented properly to even execute. ;+)
  • Re:Good times. (Score:3, Insightful)

    by Scaba (183684) <`moc.aicnarfeoj' `ta' `eoj'> on Wednesday July 09, 2003 @01:40PM (#6401438)
    So Java has both static and dynamic typing? Or do OO languages just confuse things?

    Neither. Your argument is specious, because what you're referring to is inheritance, not typing. Inheritance is another aspect of OOP that says "If my parent is an Object(), by definition, I am an Object(), too." However, in your example, myvar will only have the properties and methods of Object(), not Foo(), unless you cast myvar like ((Foo)myvar).someFooMethod() (which disproves your argument, by the way).

    Java is strongly and statically typed. To prove it, try this:

    String s = "Poop";

    s = new Integer(23);

    You'll notice a compilation error about incompatible types.

  • by Da VinMan (7669) on Wednesday July 09, 2003 @01:58PM (#6401541)
    We may have to agree to disagree. I understand your assertion but I will maintain that the choice of programming language does in fact affect the readability of the solution. This is especially true when you consider that the choice of a language often goes hand in hand with participation in a given software sub-culture. That plays right into your idea of readability being more a question of the programmer in question rather than the language, so we may be saying the same thing from different perspectives.

    If you don't believe that the choice of programming language affects readability, I can easily find programming languages which, no matter who the programmer, are not readable by any standard.

    As far as the Pythonic indentation issue goes, I stand by that concept as well. It requires less typing, less reading, and it's more a question of suspending habits from other programming languages than anything. The only reason I see people objecting to it is because they're too used to brackets, which isn't much of a reason IMO. I will say though that I DO wish Python had a bracket option for the language. It wouldn't be hard to add and it would finally silence all the detractors who use this (minor) issue to bash Python. It gets old. Continuing to use that issue to bash Python is like bashing Perl because the variables look too much like QuickBasic.
  • Re:Good times. (Score:2, Insightful)

    by msaavedra (29918) on Wednesday July 09, 2003 @05:11PM (#6403179)
    I never was able to pin down exactly what it was about the style that I disliked.

    Out of curiosity, I just checked out the BitTorrent code, and I can offer some concrete examples of what I don't like about it:

    1. Almost no comments. Python has very good built in documentation features, and they are completely unused here.
    2. Frequent use of single-letter variable names, or names that are abbreviated so heavily that someone unfamiliar with the code has no idea what they mean.
    3. Very long lines. I saw a few that were about 160 characters long, twice what they should be.
    4. Deeply nested code blocks. I'll have to agree with Linus Torvalds here, who said that if you're nesting more than three layers deep, you probably need to rethink what you're doing. Though I'd increase this to four layers for OOP languages like python.

    I'm sure others can think of more. I don't mean to give this guy a hard time, though; I've definitely seen much worse, and some areas of the code actually seem fairly clean to me. Also, for anyone interested, there, is a good, standard for python coding style in PEP 8 [python.org]

  • by jesterzog (189797) on Wednesday July 09, 2003 @05:23PM (#6403252) Homepage Journal

    I was experimenting with Zope last year and again during the first half of this year. It's definitely a cool product, but what threw me for now at least was that the documentation is abysmal, at least online.

    From what I've been able to tell, there are several editions of the Zope book -- the only up-to-date version [zope.org] of which (currently 2.6) is still work in progress. The rest of the documentation [zope.org] is a mish-mash of user-written howto's, some of which are excellent, some of which are dupes of others, many of which are out of date, and others of which are just badly written. Searching the database of these is hard, and it's very difficult to distinguish well written old ones that are still relevant from newer ones that aren't very useful.

    My main problem with it though is that although it focuses hugely on the differences between zope development and regular web development without seriously dealing with implementation examples of common tasks. On and off it took me about a month to figure out how to make a simple form-based login system (similar to slashdot's) and tie it into Zope's user folder system. Co-incidentally The only zope-based website I could find that actually did this was zope.org itself.

    I really like Zope and I've shown off how it works to people many times over. But I'll only seriously consider using it more once the documentation is more coherent. At the moment I think that's one of the main places where itfalls over.

  • Re:Good times. (Score:3, Insightful)

    by axxackall (579006) on Wednesday July 09, 2003 @09:46PM (#6404717) Homepage Journal
    By the way, why doesn't Twisted have "resemblance" with some of Jabber-server for its IM? IMHO new IP protocol will be re-implementing the wheel. Moreover, the implementation of proprietary IM protocols while ignoring the most famous open-source IM protocol (Jabber) should be considered as a shame for any open-source project, don't you think?

    Anyway, I dislike the concept of re-implementing such protocols as SSH - it must be very secured, that's why I trust more to OpenSSH (and its libraries). Again, in embedded systems there might be no place for OpenSSH, but in "real world"... You've got a point.

    To be honest, there are two things I don't like in Zope.

    1. First is that it re-implements an http listener. Alternatively Zope works with Apache through a sort of CGI (CGI? Today?). I'd rather use Zope with Apache through some sort of mod-zope, like Tomcat.

    2. Also, I don't like ZODB - another reinventing the wheel while there are good open source databases. Besides, ZODB is a sort of ODBMS, while I think ODBMS is a techological dead-end, even more dead-end than RDBMS. ORDBMS is the only way to go, IMHO. Thanks to PostgreSQL, there is an open-source ORDBMS. Unfortunately, it's mot possible (or it's not documented) how to get rid off ZODB completely and to use PostgreSQL as the primary DB backend.

    Apart of that Zope is well focused on a web-based content-management - right as it should following the Unix path :)

Any sufficiently advanced bug is indistinguishable from a feature. -- Rich Kulawiec

Working...