In the traditional, manual working environment, information (in the form of texts, numbers,
etc.) and medium (such as paper) were closely intertwined. Long experiences in their usage and
the application of anti-counterfeit technology have made traditional forms of information very
difficult to alter. Similarly, it was also difficult to send bogus information by an impersonator.
Even those who succeeded in doing so usually were discovered very easily. In today's world of
information and technology, the Internet is rapidly changing many ways people do things.
Similarly, it has also introduced many management problems. For man and information to
interact, there is a need to establish a reliable information system working environment in which
we grasp, distribute, store and manage information. Such an environment must be able to provide
ample protection against tampering, stealing, delaying, transmission by fictitious parties, denial
of having faxed a document, illegal intrusion and the like. Only so can we build a strong
foundation for an information society.
Security in the process of transmission, data resemble all the cash in a bank armored van. It
can be lost or robbed anytime. With the purpose of maintaining data transmission security on the
Internet, most people use encryption technology. Data to be transmitted is first encrypted as a
way to prevent snooping or theft. The "Public-Key Cryptographic System" has the functions of a
"digital signature" and requires no prior exchange of keys while offering the advantages of
"secret communication." To make this system work smoothly, it is first necessary to agree and
certify beforehand as to who or which institution holds a certain key. This goes to say that a
certification management system must first be established to handle issuance or revocation of
electronic certification. In addition to this system, all matters related to its usage and application
services must form part of the basic operations framework of the whole system.
The first important thing in maintaining data security is the periodic making of back-ups.
Personal computer users must periodically make back-ups of data using different back-up tools
(such as diskettes, magnetic tape, removable hard drives, etc.) and store them in a safe location. If
and when data from a personal computer is damaged and cannot be recovered, the back-up copies
will serve their purpose. Thus, the first step in data security is to develop the habit of making
periodic back-ups. It is the most effective way to assure data security under extreme circumstances.
There are many factors that pose a threat to data security. They include viruses, deliberate acts of
sabotage and theft. Users can guard against them using the following methods: Use a protection
password for access to personal computers and the Internet. This prevents the unauthorized from
stealing or damaging data inside personal computers. Handle files with encryption protection and
decipher only when necessary. In this way, even if files are stolen, encryption would still be
necessary to use the files. Files transmitted through the Internet must first be encrypted. The
Internet is an open environment where anybody can intercept data during transmission. Encryption
of such data is an effective way to prevent unwanted disclosure. Respect intellectual property rights
by refraining from using software programs of dubious sources. This way, viral attack can be
avoided or the use of Trojan Horse by the unscrupulous to steal data can be thwarted.
Passwords and names of users of databases and application programs must be kept
confidential. Avoid using birth dates, telephone numbers and other readily accessible figures as
passwords. They must be handled carefully and recorded in secret locations. Periodic changing of
passwords is also recommended. Print-outs of application software programs no longer used must
be shredded to prevent disclosure of data. Build up a no-diskette system environment to avoid
computer virus contamination.
To guarantee data security, the Information Department must, in addition to setting up
comprehensive regulations, ensure cooperation by users. Their usage of computer equipment
according to regulated procedures contributes to the effective maintenance of data security.
It is necessary to build up a data security audit system that includes periodic and random
spot checks and testing of information security and protection operations, as well as conduct
tracking and improvement of deficiencies.
1, intertwined [,intə:'waind]
adj. 缠绕的;错综复杂的
v. 使缠结,缠绕(intertwine的过去式)
2, bogus ['bəuɡəs]
adj. 假的;伪造的
n. 伪币
3, impersonator [im'pə:səneitə(r)]
n. 演员;模拟艺人
4, grasp [ɡrɑ:sp, ɡræsp]
n. 抓住;理解;控制
vt. 抓住;领会
vi. 抓
5, tampering ['tæmpəriŋ]
n. 贿赂
adj. 干涉的
v. 干预(tamper的ing形式)
6, fictitious [fik'tiʃəs]
a. 假想的,编造的,虚伪的
7, van [væn]
n. 先锋;厢式货车;增值网
vt. 用车搬运
8, snooping
v. 窥探(snoop的现在分词);探听
9, revocation [,revə'keiʃən]
n. 废弃,取消
10, decipher [di'saifə]
n. 密电译文
vt. 解释(过去式deciphered,过去分词deciphered,现在分词deciphering,第三人称单数deciphers,名词decipherer,形容词decipherable);译解
11, thwarted
adj. 挫败的
v. 挫败(thwart的过去分词);反对
12, thwart [θwɔ:t]
vt. 挫败;反对;阻碍;横过
adj. 横放的;固执的
n. 划手座;独木舟的横梁
adv. 横过
prep. 横过
13, unscrupulous [ʌn'skru:pjuləs]
a. 肆无忌惮的,无天理的
14, conduct ['kɔndʌkt, kən'dʌkt]
vi. 导电;带领
vt. 管理;引导;表现
n. 进行;行为;实施
Continue reading it-e-53 The Development of Data Transmission
今天发现SaveAs命令不会将最新的dom的html保存。
例如:使用脚本向一个iframe里面写日志doc.body.innerHTML += ‘<div>…</div>’;
这样写了很多行后,再调用doc.execCommand(‘SaveAs’,true,’abc.log’)保存.打开一看,什么都没有?
解决办法是,在调用保存之前将完整的内容使用doc.write写入一遍。
Continue reading IE SaveAs命令问题
The information security system is an integral part of the national security system. The main
functions of the information security system are:
assessing the state of information security in the country, identifying and forecasting
internal and external threats to information security, drafting an information security
doctrine;
developing a comprehensive system of legal, administrative, economic, technical and
other measures and methods aimed at ensuring information security;
coordinating and monitoring the work of information security entities;
protecting information security entities against incomplete, inaccurate and distorted
information and against exposure to information damaging to their life and health;
protecting protected information;
counteracting technical intelligence services;
developing and perfecting an information infrastructure, an information technology
industry, systems, means and services;
organizing scientific research, developing and implementation of scientific,
scientific-technical programmes in the field of information security;
licensing the activities of corporations and individual entrepreneurs in the field of
information security;
certifying information systems and means, assessing and rating the compliance of
information facilities with information protection requirements;
state inspection in the field of information security;
creating conditions for preserving and developing intellectual potential in the
information sphere;
preventing, identifying and suppressing offences which are aimed at hurting the rights
and freedoms of corporations and individuals in the information sphere, prosecuting and
trying in court perpetrators of crimes in the information sphere;
carrying out international cooperation in the sphere of information security.
1, integral ['intigrəl]
a. 构成整体所必需的,完整的
n. [数学] 积分, 完整, 部分
2, assess [ə'ses]
vt. 评定;估价;对…征税
3, doctrine ['dɔktrin]
n. 教义,主义,学说
4, distorted [dis'tɔ: tid]
a. 扭歪的, 受到曲解的
5, counteract [,kauntə'rækt]
vt. 抵消;中和;阻碍
6, sphere [sfiə]
a. 球体的
n. 范围,领域,球,球体
7, perpetrator [,pə:pi'treitə]
n. 犯罪者;作恶者;行凶者
Continue reading it-e-52 Information Security System
The issue of information security and data privacy is assuming tremendous importance among
global organizations, particularly in an environment marked by computer virus and terrorist attacks,
hackings and destruction of vital data owing to natural disasters. [1] When it comes to information
security, most companies fall somewhere between two extreme boundaries: complete access and
complete security. A completely secure computer is one that is not connected to any network and
physically unreachable by anyone. A computer like this is unusable and does not serve much of a
practical purpose. On the other hand, a computer with complete access is very easy to use, requiring
no passwords or authorization to provide any information. [2] Unfortunately, having a computer with
complete access is also not practical because it would expose every bit of information publicly,
from customer records to financial documents. Obviously, there is a middle ground this is the art
of information security.
The concept of information security is centered on the following components:
Integrity: gathering and maintaining accurate information and avoiding malicious modification
Availability: providing access to the information when and where desired
Confidentiality: avoiding disclosure to unauthorized or unwanted persons
For an information system to be secure, it must have a number of properties:
[3] service integrity. This is a property of an information system whereby its availability,
reliability, completeness and promptness are assured;
data integrity. This is a property whereby records are authentic, reliable, complete, unaltered
and useable, and the processes that operate on them are reliable, compliant with regulatory
requirements, comprehensive, systematic, and prevent unauthorized access, destruction, alteration
or removal of records. These requirements apply to machine-readable databases, files and archives,
and to manual records;
data secrecy . This is a property of an information system whereby information is available
only to those people authorized to receive it. Many sources discuss secrecy as though it was only
an issue during the transmission of data; but it is just as vital in the context of data storage and
data use;
authentication. Authentication is a property of an information system whereby assertions
are checked. Forms of assertion that are subjected to authentication include:
"data authentication", whereby captured data's authenticity, accuracy, timeliness,
completeness and other quality aspects are checked;
"identity authentication", whereby an entity's claim as to its identity is checked.
This applies to all of the following:
the identity of a person;
the identity of an organizational entity;
the identity of a software agent; and
the identity of a device.
"attribute authentication", whereby an entity's claim to have a particular attribute is
checked, typically by inspecting a "credential". Of especial relevance in advanced
electronic communications is claim of being an authorized agent, i.e. an assertion by a
person, a software agent or a device to represent an organization or a person.
Non-repudiation. This is a property of an information system whereby an entity is unable
to convincingly deny an action it has taken.
There is a strong tendency in the information systems security literature to focus on the
security of data communications. But security is important throughout the information life-cycle,
i.e. during the collection, storage, processing, use and disclosure phases, as well as transmission.
Each of the properties of a secure system identified above needs to be applied to all of the
information life-cycle phases.
1, tremendous [tri'mendəs]
a. 巨大的,惊人的
2, malicious [mə'liʃəs]
a. 怀恶意的,恶毒的
3, disclosure [dis'kləuʒə]
n. 揭发,败露
4, promptness [prɔmptnis]
n. 机敏,敏捷;迅速
5, whereby [(h)wєə'bai]
ad. 借此(在...旁,凭什么)
6, relevance
n. 中肯,适当,关联,相关性
7, literature ['litəritʃə]
n. 文学,文献
Continue reading it-e-51 Concept of Information Security
What's actually involved in programming the actual process of writing programs? Here's a
quick overview of the process:
Write a program.
Compile the program.
Run the program.
Debug the program.
Repeat the whole process until the program is finished.
Let's discuss those steps one by one.
I have a small amount of bad news for you: you can't write programs in English. It would be
nice indeed to be able to type "count the number of words in a sentence" into your computer and
have it actually understand, but that's not going to happen for a while (unless someone writes a
program to make a computer do that, of course). Instead, you have to learn a programming
language.
Much of a programming language is indeed in English. Programming languages commonly
use words like "if", "repeat", "end" and such. Also, they use the familiar mathematical operators
like "+" and "=". It's just a matter of learning the "grammar" of the language; how to say things
properly.
So, we said "Write a program". This means: write the steps needed to perform the task,
using the programming language you know. You'll do the typing in a programming environment
(an application program which lets you write programs, which is an interesting thought in itself).
A common programming environment is CodeWarrior, and another common one is InterDev, but
you don't need to worry about those just yet. Some programming environments are free, and
some you have to buy just like any other application program. Commercial (non-free)
programming environments cost anything from $50 to $500+, and you'll almost always get a
huge discount if you're a student or teacher of some kind.
Incidentally, the stuff you type to create a program is usually called source code, or just code.
Programmers also sometimes call programming coding. We think it sounds slightly cooler.
In order to use a program, you usually have to compile it first. When you write a program
(in a programming language, using a programming environment, as we mentioned a moment
ago), it's not yet in a form that the computer can use. This isn't hard to understand, given that
computers actually only understand lots of 1s and 0s in long streams. You can't very well write
programs using only vast amounts of 1s and 0s, so you write it in a more easily-understood form
(a programming language), then you convert it to a form that the computer can actually use. This
conversion process is called compiling, or compilation. Not surprisingly, a program called a
compiler does the compiling.
It's worth mentioning that if your program has problems which the compiler can't deal with,
it won't be able to compile your program.
You'll be pleased to hear that your programming environment will include a suitable compiler
(or maybe more than one compiler: each different programming language your programming
environment allows you to use requires its own compiler). Compilers are just fancy programs, so
they too are written by programmers. Programmers who write compilers are a bit like gods; they
make it possible for everyone else to program.
Now that you've compiled the program into a form that the computer can use, you want to
see if it works: you want to make the computer perform the steps that you specified. This is
called running the program, or sometimes executing it. Just the same as how a car isn't of much
use if you don't drive it, a program isn't of much use if you don't run it. Your programming
environment will allow you to run your program too.
You've probably heard the term "debug" before (it's pronounced just as you might expect:
"dee-bug"). It refers to fixing errors and problems with your program. As I'm sure you know, the
term came about because the earliest computers were huge building-sized contraptions, and
actual real-life insects sometimes flew into the machinery and caused havoc with the circuits and
valves. Hence, those first computer engineers had to physically "debug" the computers they had
to scrape the toasted remains of various kinds of flying insects out of the inner workings of their
machines. The term became used to describe any kind of problem-solving process in relation to
computers, and we use it today to refer purely to fixing errors in our code.
You may also have heard the phrase "it's not a bug, it's a feature". Programmers sometimes
say this when someone points out a problem with their programs; they're saying that it's not a bug,
but rather a deliberate design choice (which is almost always a lie). This is rather like
accidentally spilling coffee all over yourself whilst simultaneously falling down some stairs, then
getting up and saying "I meant to do that".
Once again, your programming environment will help you to debug your programs (indeed,
you'll often find the picture of an insect shown in your programming environment to indicate
debugging). You usually debug your program by stepping through it. This means just what it
sounds like: you go through your program one step at a time, watching how things are going and
what's happening. Sooner or later (usually later), you'll see what's going wrong, and slap yourself
upside the head at the ridiculously obvious error you've made.
And then you repeat the whole process until you're happy with the program. This is trickier
than it might sound, since programmers are never happy with their programs. You see,
programmers are perfectionists never satisfied until absolutely everything is complete and
elegant and powerful and just gorgeous. Programmers will commonly release a new version of
their program every day for a couple of weeks after the initial release.
As you can imagine, enjoying an intellectual challenge is an important trait to have when
you're going back to correct and enhance your code many times over. You'll actually find that you
can't wait to get back into your program and fix the bugs, make improvements, and refine the
existing code.
And that's the basic process of programming. Note that most programming environments
will make a lot of it much easier for you, by doing such things as:
Warning you about common errors
Taking you to the specific bit of code which is causing the compiler to puke
Letting you quickly look up documentation on the programming language you're using
Letting you just choose to run the program, and compiling it automatically first
Colouring parts of your code to make it easier to read (for example, making numbers a
different colour from other text)
And many other things
So, don't worry too much about the specifics of compiling then running then debugging or
whatever. The purpose of this section was mostly to make you aware of the cyclical nature of
programming: you write code, test it, fix it, write more, test it, fix, and so on.
1, fancy ['fænsi]
n. 幻想;想像力;爱好
adj. 想象的;奇特的;昂贵的;精选的
vt. 想象;喜爱;设想;自负
vi. 幻想;想象
2, contraption [kən'træpʃən]
n. 奇妙的装置
3, havoc ['hævək]
n. 大破坏,蹂躏
4, valves
n. 阀门;瓣膜(valve的复数);真空管
v. 装阀于…;以活门调节(valve的三单形式)
5, insects
昆虫纲
昆虫类
6, circuits
n. 电路
7, scrape [skreip]
n. 刮掉,擦掉
v. 刮掉,擦掉
8, toasted
adj. 烤的
v. 烤(toast的过去分词);敬酒
9, spilling ['spiliŋ]
泄漏
10, whilst [wailst]
conj. 当...时(可是,虽然,只要)
11, slap [slæp]
n. 掴,侮辱,拍击声
v. 拍击,侮辱,申斥
ad. 正面地,直接地,突然地
12, ridiculously
ad. 可笑地
13, gorgeous ['gɔ:dʒəs]
a. 华丽的,灿烂的,好极了
14, trait [treit]
n. 特征,特点,特性
Continue reading it-e-50 What's actually involved in programming
我不得不再次痛恨一番maven,用起来真是恶心:
今天遇到这么个问题,我想在war包里面的manifest.mf文件中加入时间戳。怎么写pom?
首先maven文档说,可以用那个maven-antrun-plugin来加入时间啊,照着它说的做:
http://maven.apache.org/plugin-developers/cookbook/add-build-time-to-manifest.html (不推荐)
打jar包倒没问题,可我要打war包就不行了。
然后看到这么个插件buildnumber-maven-plugin:
需要添加配置:
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>buildnumber-maven-plugin</artifactId>
<executions>
<execution>
<phase>validate</phase>
<goals>
<goal>create</goal>
</goals>
</execution>
</executions>
<configuration>
<format>{0,date,yyyyMMdd-HHmmss}</format>
<items>
<item>timestamp</item>
</items>
<buildNumberPropertyName>
current.timestamp
</buildNumberPropertyName>
</configuration>
</plugin>然后在maven-war-plugin中添加入口:
<plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-war-plugin</artifactId> <configuration> <warName>xxxxx</warName> <archive> <manifestEntries> <Project-name>${project.name}</Project-name> <Project-version> ${project.version} </Project-version> <Build-Time> ${current.timestamp} </Build-Time> </manifestEntries> </archive>
……
这样写还没完,直接打包会报错误:
java.lang.NullPointerException: The scm url cannot be null. at org.apache.maven.scm.manager.AbstractScmManager.makeScmRepository(AbstractScmManager.java:183)
查了查,说是要加个没用的scm节点才行:
<scm>
<connection>scm:svn:http://127.0.0.1/none</connection>
<developerConnection>
scm:svn:https://127.0.0.1/none
</developerConnection>
<tag>HEAD</tag>
<url>http://127.0.0.1/isaynone</url>
</scm>
这里面的url都是无用,瞎写都可以。直接复制过去也可。
这样就可以加入时间戳到manifest.mf里面去了。
不过我真服了这样的解决办法。maven有多恶心就多恶心了!
----------
这里补充一下jar包的情形:
不要使用官方http://maven.apache.org/plugin-developers/cookbook/add-build-time-to-manifest.html
这个办法容易遇到m2e的老问题 http://ljhzzyx.blog.163.com/blog/static/383803122013440345857/
所以还是推荐使用buildnumber-maven-plugin的方式,大部分一样针对maven-jar-plugin修改
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<version>2.2</version>
<configuration>
<archive>
<manifestEntries>
<Copyright>kzg 2013</Copyright>
<Project-name>${project.name}</Project-name>
<Project-version>${project.version}</Project-version>
<Build-Time>${current.timestamp}</Build-Time>
</manifestEntries>
</archive>
<skip>true</skip>
</configuration>
</plugin>
还有个方法:
http://m.oschina.net/blog/95181
Continue reading maven打包,在manifest.mf里面加入时间戳
这两天倒腾了下macos,安装在我的leveo g550上。目的是想在上面开发iphone。最后倒是安装成功了,但是上不了网,没声音,显卡驱动估计也不对,因为界面看起来灰蒙蒙的。我就倒腾这个驱动啊,哎呀我的神呀,搞得我头昏眼花的,还是搞不定。这期间看诸多论坛,都是不推荐黑苹果和虚拟机,要开发iphone那还得整个mac book。
我也颇有同感,这黑苹果安装成功的本就少,你要找个驱动那就难上加难了。出了什么问题也没有什么资料,大把的时间倒是花在倒腾山寨去了。即使安装成功,遇到个什么升级啊,你只能干咽口水。
还是记录下过程:
照着这篇文档:http://bbs.weiphone.com/read-htm-tid-517742.html
他整的比较详细,我按照上面的来就安成功了。我下的是very cd上的安装文件。
主要注意安装好后活动分区被修改的问题,教程说使用winpe什么的,但有个前提,要将bios里面修改硬盘模式为ide(compatible)再启动winpe或其他。活动分区修复后又得再将硬盘模式改回 sata(ahci)。否则winpe什么的都运行不正常。或者mac os启动不了。
我遇到的问题主要就是驱动:网卡,声卡。在www.kexts.com上找了些,下载了都不行,改了权限还是不行。错误的驱动还导致无法关闭mac os。
上不了网可最麻烦了,没有声音写程序不好调试。
这期间还遇到奇怪的问题,一在google上差英文苹果,就被土啬了,不知这怎么也成敏+ 感+ 词了。不知道谷歌还能撑几天……
Continue reading 黑苹果安装手记
第二章:
UIKit:也可用来开发简单的游戏,如果不要求达到60fps,它是可行的。
Quartz 2D and Core Animation:它也可以开发游戏,但是有点慢。Core Animation可以为UIKit的元素创建动画,而且是硬件加速的。
OpenGL ES(6-8章):则是首要工具了,可以绘制3D,2D.
Audio APIs(9-12章):openAL提供声音API.
Networking(13-16章):sockets,streams, Bonjour, servers, clients, Bluetooth, and Wi-Fi.
矩阵类型?
绘制基础:
EAGLView.包装了CAEAGLLayer.
暂且打住(没有mac book),先熟悉下webGL.……
Continue reading Beginning.iPhone.Games.Development 读书笔记
If your program exits abnormally, then there is almost certainly a logical error (a bug) in
your program. 99% of programming is finding and removing these bugs. Here are some tips to
help you get started.
Before going on, it is necessary to reiterate the standard OLC policy on program debugging:
Do *NOT* ask OLC for help debugging a program.[1] This stock answer is intended to give you
some tips on how to get started in this area; however, in general, program debugging requires
more time and effort than consultants are usually able to provide.
The first step is to find the exact line where the program exits. One way of doing this is with
print statements scattered through your code. For example, you might do something like this in
your source code:
myplot(int x, int y)
{ printf("Entering myplot()\n"); fflush(stdout);
---- lots of code here ------
printf("Exiting myplot()\n"); fflush(stdout);
return; }
The fflush() command in C ensures that the print statement is sent to your screen immediately,
and you should use it if you're using printf() for debugging purposes.
[2] Once you have narrowed down the line where your bug occurs, the next step is to find out
the value of your variables at that time. You will probably find that one of your variables
contains very strange values. This is the time to check that you have not done the following
things:
Assigned an integer value to a pointer variable; or
Written to a subscript that is beyond the end of an array (remember that in C array
subscripts go from 0 to N-1, not from 1 to N.)
Other mistakes also cause bugs. Make sure that your loops test correctly for their end conditions,
for example.
Other kinds of bugs (programs not exiting, incorrect output) are debugged using similar
methods. Again, find the line where the first error occurs, and then check the values of your
variables. Once you fix a bug, recompile your program, run it again, and then debug it again as
necessary.
Using printf() is a primitive method of debugging, but sometimes it's the only one that will
work . If your program is too big for a debugger (such as Saber or Ddbx) or if you are working
on a non-Athena platform, you may not have a debugger available. Usually, though, it is quicker
and easier to use a debugger. Athena has several sophisticated debugging tools available. Saber is
the tool of choice for C programmers. Gdb and Dbx may also come in handy, and both of these
work with Fortran as well as with C. There are stock answers that introduce Saber and Dbx, and
Saber even comes with a tutorial.
It is a fact of life in program design but there seems to be always one last bug or error to be
corrected. We can broadly classify the errors as:
Syntax errors this class of error means that a mistake is made in the language used to
state the algorithm.
Logic errors the algorithm is syntactically correct but doesn't do what is intended.
Data range and data type errors the algorithm is syntactically correct and logically
correct but can be threatened by the wrong kind of data or by values which are out of
range.
[3] The syntax errors aren't a serious issue during the program design phase since in practice,
after designing and testing the design, the program will be implemented in a computer program
language and it is at this point that syntax errors become a problem. Even so syntax errors are a
minor problem since the process of building the program will capture the errors. The program
simply won't build until all the syntax errors are removed.
The logic errors are a much more serious problem since there is no way to eliminate these
other than rigorously testing the program design.
The data errors are also serious errors and in some respects are harder to deal with than logic
errors.
Once launched, the program needs to be maintained. Definition for program maintenance is
that updating programs from time to time keeps abreast of changes in an organization's needs or its
hardware and software. Based on the maintenance tasks needed to be performed, the program
administrators should determine on-going financial and staffing needs and how they will be met.
Program maintenance represents a major portion of the total expenditures on application programs.
OLCThe Online Learning Center
1, expenditures
n. 开支,支出(expenditure复数形式)
2, staff [stɑ:f]
n. 全体人员,同事
n. 杆,棒
vt. 配备员工
Continue reading it-e-49 Program Debugging and Program Maintenance
Like many ideas that sound good in theory but are clumsy in practice, object-oriented
programming (OOP) offers benefits only in a specialized context—namely, group programming.
And even in that circumstance the benefits are dubious, though the proponents of OOP would
have you believe otherwise. Some shops claim OOP success, but many I've spoken with are still
"working on it." Still trying to get OOP right after ten years? Something strange is going on here.
Certainly for the great majority of programmers—amateurs working alone to create
programs such as a quick sales tax utility for a small business or a geography quiz for
Junior—the machinery of OOP is almost always far more trouble than it's worth. OOP just
introduces an unnecessary layer of complexity to procedure-oriented design. That's why very few
programming books I've read use OOP techniques (classes, etc.) in their code examples. The
examples are written as functions, not as methods within objects. Programming books are trying
to teach programming—not the primarily clerical and taxonomic essence of OOP. Those few
books that do superimpose the OOP mechanisms on their code are, not surprisingly, teaching
about the mysteries of OOP itself.
Of course professional gang programming has specialized requirements. Chief among them
is that the programmers don't step on each other's toes. For instance, a friend who programs for
one of the world's largest software companies told me he knows precisely what he'll be working
on in one year. Obviously, OOP makes sense in such a bureaucratic system because it needs to be
intensely clerical. Helping to manage large-scale, complex-programming jobs like the one in
which my friend is involved is the primary value of OOP. It's a clerical system with some built-in
security features. In my view, confusing OOP with programming is a mistake.
Contradiction Leads to Confusion
Consider the profound contradiction between the OOP practices of encapsulation and
inheritance. To keep your code bug-free, encapsulation hides procedures (and sometimes even
data) from other programmers and doesn't allow them to edit it. Inheritance then asks these same
programmers to inherit, modify, and reuse this code that they cannot see—they see what goes in
and what comes out, but they must remain ignorant of what's going on inside. In effect, a
programmer with no knowledge of the specific inner workings of your encapsulated class is
asked to reuse it and modify its members. True, OOP includes features to help deal with this
problem, but why does OOP generate problems it must then deal with later?
All this leads to the familiar granularity paradox in OOP: should you create only extremely
small and simple classes for stability (some computer science professors say yes), or should you
make them large and abstract for flexibility (other professors say yes). Which is it?
A frequent argument for OOP is it helps with code reusability, but one can reuse code
without OOP—often by simply copying and pasting. There's no need to superimpose some
elaborate structure of interacting, instantiated objects, with all the messaging and fragility that it
introduces into a program. Further, most programming is done by individuals. Hiding code from
oneself just seems weird. Obviously, some kind of structure must be imposed on people
programming together in groups, but is OOP—with all its baggage and inefficiency—the right
solution?
1, dubious ['dju:bjəs]
a. 怀疑的,可疑的
2, proponents
n. 支持者;建议者(proponent的复数)
3, quiz [kwiz]
n. 小考,随堂测验,恶作剧
v. 简单测验,恶作剧
4, clerical ['klerikəl]
n. 牧师
a. 书记的,事务上的,抄写员的
5, essence ['esns]
n. 本质,精髓
6, bureaucratic [,bjurəu'krætik]
adj. 官僚的;官僚政治的
7, intensely
ad. 强烈地(一心一意地)
Continue reading it-e-48 OOP Is Much Better in Theory Than in Practice
Pagination
