After a few rounds on import-sig PEP 451 is really for general
consumption. I also have a patch up now.
HTML: http://www.python.org/dev/peps/pep-0451/
implementation: http://bugs.python.org/issue18864
Your comments would be appreciated.
-eric
===
On Sat, Oct 05, 2013 at 01:27:37AM +0200, Victor Stinner wrote:
> I have no idea of the price of renting a botnet, it's probably
> expensive (and illegal as well).
Twelve cents per machine. Cheaper in bulk, and cheaper still for
machines outside of the US. For those on a budget, you can get ten
On Oct 4, 2013, at 2:14 PM, Antoine Pitrou wrote:
> I think "usability tests" should be conducted on people who actually
> have a need for the API. Otherwise they simply don't make sense: if you
> don't need an API, then you don't have to learn / understand it either.
You're right. Students do
2013/10/4 :
>
> Quoting Victor Stinner :
>
>> I still fail to understand the real impact of a hash DoS compared to
>> other kinds of DoS.
>
>
> I think the key question is: how many attacking nodes do you need to
> control to effectively make some system deny service. A threat is bigger
> if you c
2013/10/5 Larry Hastings :
> On 10/04/2013 11:15 AM, Victor Stinner wrote:
>
> 2013/10/4 Armin Rigo :
>
> The current hash randomization is
> simply not preventing anything; someone posted long ago a way to
> recover bit-by-bit the hash randomized used by a remote web program in
> Python running on
On 10/04/2013 11:15 AM, Victor Stinner wrote:
2013/10/4 Armin Rigo :
The current hash randomization is
simply not preventing anything; someone posted long ago a way to
recover bit-by-bit the hash randomized used by a remote web program in
Python running on a server.
Oh interesting, is it public
On Oct 4, 2013, at 2:06 PM, Victor Stinner wrote:
> I'm not convinced by your usability test.
You're not the one who needs to be convinced ;-)
Please do conduct your own API tests and report back.
This is necessary for a new class like TransformDict
that was constructed from scratch and pro
Good evening,
On Fri, 4 Oct 2013 13:38:05 -0700
Raymond Hettinger wrote:
>
> You can also add to the discussion by trying out your own usability
> tests on people who haven't been exposed to this thread or the pep.
I think "usability tests" should be conducted on people who actually
have a nee
2013/10/4 Raymond Hettinger :
> * Another issue is that we're accumulating too many dictionary
> variants and that is making it difficult to differentiate and choose
> between them. I haven't found anyone (even in advanced classes
> with very experienced pythonistas) would knew about
> all the var
On Sep 22, 2013, at 6:16 PM, Ethan Furman wrote:
> Are we close to asking for pronouncement?
When you're ready, let me know.
In the meantime, I conducting usability tests on students in Python classes
and researching how well it substitutes for existing solutions for
case insensitive diction
ACTIVITY SUMMARY (2013-09-27 - 2013-10-04)
Python tracker at http://bugs.python.org/
To view or respond to any of the issues listed below, click on the issue.
Do NOT respond to this message.
Issues counts and deltas:
open4256 ( +0)
closed 26682 (+58)
total 30938 (+58)
Open issues wit
Le Fri, 04 Oct 2013 17:13:32 +0200,
mar...@v.loewis.de a écrit :
>
> Whether this is a serious threat or not depends on what other threats
> the system being attacked is vulnerable to. Maybe there is something
> even simpler, or maybe the hash attack is the only hope of bringing
> the system to it
Quoting Victor Stinner :
I still fail to understand the real impact of a hash DoS compared to
other kinds of DoS.
I think the key question is: how many attacking nodes do you need to
control to effectively make some system deny service. A threat is bigger
if you can do it in 10 requests/s fro
On 10/02/2013 11:58 AM, Stefan Behnel wrote:
I'm looking back on a rather unpleasant experience that I recently had in
this developer community. Actually, twice by now. Here's what I take from it:
You should take responsibility for your commits.
It doesn't sound like you learned anything, the
Le Fri, 4 Oct 2013 11:15:17 +0200,
Victor Stinner a écrit :
> 2013/10/4 Armin Rigo :
> > The current hash randomization is
> > simply not preventing anything; someone posted long ago a way to
> > recover bit-by-bit the hash randomized used by a remote web program
> > in Python running on a server
Am 04.10.2013 11:15, schrieb Victor Stinner:
> 2013/10/4 Armin Rigo :
>> The current hash randomization is simply not preventing anything;
>> someone posted long ago a way to recover bit-by-bit the hash
>> randomized used by a remote web program in Python running on a
>> server.
>
> Oh interesting
2013/10/4 Armin Rigo :
> The current hash randomization is
> simply not preventing anything; someone posted long ago a way to
> recover bit-by-bit the hash randomized used by a remote web program in
> Python running on a server.
Oh interesting, is it public? If yes, could we please search the URL
Stephen,
thank you for your very thoughtful answer.
Stephen J. Turnbull, 03.10.2013 04:23:
> Stefan Behnel writes:
>
> > Hi, I'm looking back on a rather unpleasant experience that I
> > recently had in this developer community. Actually, twice by
> > now. Here's what I take from it: You shou
18 matches
Mail list logo
