Blog‎ > ‎

Python 3.6 and Performance, Security Policies, Reporting Bugs, WeChat

posted Jun 3, 2017, 11:22 PM by Sami Lehtinen   [ updated Jun 3, 2017, 11:22 PM ]
  • Python 3.6 improvements. I personally think one of largest benefit for my programs, will be the improved dictionary (dict). Because almost everything I do extensively uses dicts. Another extremely nice thing is 'utf-8' default on Windows. It has been so so frustrating to notice that print('€uro') will make your program crash, because the characters in string can't be printed on terminal. Of course you can deal with it, but it's still extremely awkward. I'm almost sure way too many developers have been suffering from that simple fail on several levels. Hail the legendary CP437 and Windows-1252.
  • Sometimes user account security policies are just totally and absolutely ridiculous. One organization absolutely required that there must not be any shared accounts and all accounts must be always personal, no exceptions. After a while they whined how many accounts were required after all. But that's not all, it got even better. When the accounts were finally created, they sent one email to all the user account holders which contained every accounts login credentials. Of course including the password. It was pretty funny. But it still got much funnier. I thought that's fine, I'll got and change my personal password now. The best part is that there's no way for the users to change the password for these accounts. Exactly how does this differ from having one or a few shared accounts between all the users? I just don't get it. Before you ask, no there's no 2FA or anything else than the user name & password required for access. This is pretty perfect example where they can boast about having such high tech solutions and policies when in reality it's all bs and doesn't matter at all. Only good thing I found out of this was that the initial password they set were random and not something like default pwd or so, which I unfortunately way too often see. Yes, I notified them about this. And they didn't give me any reasonable reasoning why they did what they did.
  • As said, it's also interesting to follow what kind of reaction you get when you report something.
    Is it like:
    1) Thank you for reporting. We've just fixed it.
    2) Hey come on, don't waste our time. Nobody gives a bleep about that. It's the way we do stuff here.
    3) Or the most common one, where you don't get any reply at all ever. Nobody cares enough to even read the reports.
  • If I would be paranoid. I would think that the user list which seems to be delivered to users, would be honey pot trap. But in reality, all the accounts do work. And I'm pretty sure they didn't plan this to be a trap. But you'll never know. In some other circumstances that kind of setup could be exactly that, a setup.
  • Watched awesome video about WeChat in China and how it's one application does it all. From privacy purposes that's absolutely horrible. Privacy is eroding faster than ever. I wonder what kind of privacy there will be left in a decade or two. - Well, these privacy issues are also being thought about with e-receipts.
  • Something different: Recoilless rifle
  • Finally something Python 3.6 related performance testing to end some discussions.
All that discussion about + vs % vs format when using Python. Here's some timings and code.

Results:

Test pass: 0.05777428500005044
Test format: 0.2573048029989877
Test percent: 0.05647015100112185
Test plus: 0.25693506800053
Self check
test 1 test
test 1 test
test 1 test
test 1 test


Code:

import timeit

def test_pass():
  return 'test 1 test'

def test_format():
  return 'test {0} test'.format(1)
 
def test_percent():
  return 'test %s test' % 1

def test_plus():
  return 'test ' + str(1) + ' test'

print("Test pass:", timeit.timeit(test_pass))
print("Test format:", timeit.timeit(test_format))
print("Test percent:", timeit.timeit(test_percent))
print("Test plus:", timeit.timeit(test_plus))
print('Self check')
print(test_pass())
print(test_format())
print(test_percent())
print(test_plus())


Conclusions:

% seems to be the best way to deal with this clearly. Other options are much slower. That's something you should keeping in mind, if doing something performance related. I've got bad habit of using + construction from older languages. Yet I hear that many C++, C# and Java programmers also use plus construction because it 'so clear'. But thats of course debatable.
kw: Plus vs Percent vs Format, Python string formatting speed, performance, Python, timing, timeit, format.