1. 4

In fact,

ɸⁿ + (-ɸ)⁻ⁿ = F(n + 1) + F(n - 1)

where F(n) is the Fibonacci sequence (F(0) = 0, F(1) = 1, F(n + 1) = F(n) + F(n - 1)).

So the closest integer to ɸⁿ is F(n + 1) + F(n - 1), and the distance between ɸⁿ and the closest integer is ɸ⁻ⁿ.

To prove this, you can first prove the following identities by induction on n:

ɸⁿ = F(n) ɸ + F(n - 1)

(-ɸ)⁻ⁿ = F(n + 1) - F(n) ɸ

1. 1

Great post. I’m sad that I’m the first (only?) one to upvote it.

1. 5

Perhaps worth mentioning that this article seems to be about the `time(1)` from BSD (presumably from opensource.apple.com/source/shell_cmds/shell_cmds-198/time/ specifically) whereas if you’re running Linux you probably have `time(1)` from savannah.gnu.org/projects/time. The GNU version uses `-v` instead of `-l`.

1. 6

What is budgie..? Doesn’t seem to say on the website…

1. 6

Another desktop environment. Very much like GNOME (because of GNOME integration), but lighter and simpler.

1. -2

Linux needs yet another desktop like Donald Trump needs more wigs.

1. 0

Would the person who downvoted my comment care to explain how an opinion can be incorrect?

Please prove the incorrectness of my opinion. Should be interesting.

1. 7

It’s not incorrect, it’s just needless trolling.

1. 1

Yes I think you’re right. I was just trying to be funny but ended up being offensive to folks who may have put their heart and soul into the project.

2. 6

(I’m not the one who downvoted you, but… maybe I can shed some light on why someone might have)

I don’t see there being anything wrong with having more options for desktop environments. There are loads of text editors, programming languages, and terminal emulators, so why not have a bunch of options for desktop environments? The Linux community will never settle down on a standard, since it’s Linux. The whole point is that you customize your environment however you want.

Budgie is really one of the better DEs I’ve seen recently. I don’t like GNOME’s bloatware and don’t care about integration, so I don’t use Budgie, but the developers put a lot of effort into making it a nice, modern environment that’s easy to use (from what I’ve seen and heard from people I know who use it). I use dwm personally, but I can see the appeal of Budgie for a less technical user.

What I’m driving at is that Budgie isn’t “yet another desktop environment”. It’s one of the higher quality one’s I’ve seen recently, and making a blanket statement about it probably didn’t agree with someone.

That’s just my two cents, though. Hopefully it helps clear things up :)

1. 2

I wondered how this worked but couldn’t find a link to the source. I think this is it: https://github.com/Nagasaki45/krihelinator/tree/master/lib. The starting point seems to be periodically scraping the GitHub trending page. I wonder if it would be feasible to use GitHub Archive as an alternative data source.

1. 1

Thanks for the reply. Your reference to the source code is correct.

Regarding “how it works”: There are two main background processes that gather and update the data.

• The 1st runs continuously, fetches repositories from https://api.github.com/repositories (all of the repositories on github, 100 per page, in a ~3 weeks loop), and pass them to scrapers that scrape the pulse page. The code for this process, which I term the “pipeline”, is here.

• The 2nd runs every 6 hours, and (1) keep only the 5K most active projects and removes the rest, (2) scrapes the trending page to make sure I’m not missing anything importent, (3) rescrape everything to update stats. The code for this “periodic” process is here.

I really need to start documenting the project properly…

Thanks for pointing me to GitHub Archive. Someone already suggested that in the past. The reason I didn’t use it is only my lack of awareness to its existance when I started the project. However, considering the current state of the project I’m not sure if refactoring it will be profitable compared to the amount of work it will require.

1. 10

Looks interesting but FWIW I think Magit is really nice for this (among other things) so I personally probably won’t switch, but maybe it’ll be useful for people who don’t use Emacs. It’s also good to know that there’s an equivalent for Mercurial, ‘cause I miss Magit when I work on Mercurial repositories.

1. 3

agree with @0, magit is much better :)

1. 2

Magit is good for Emacs users or people who prefer doing all things in their editor of choice. I prefer using my editor (which is vim, by the way) for editing things, and committing/diffing/etc from the command line.

There’s tig, but I personally find it much less intuitive than crecord.

1. 1

Aside from not fitting the site, acceptance at decent jobs is a numbers game. You need a lot of them for it to be worthwhile to more than a few people. Best to leave it on job sites or forums attracting large numbers of people on both sides of the equation. Hacker News is a good example outside job sites because it was designed to promote startups, has a ton of people representing companies, has readers interested in that, and so a good pile of jobs show up.

Whereas on Lobsters it would be four to five postings in a thread that takes up a spot for interesting tech that most of us come here for. Wouldn’t be good on quantity or culture fit.

1. 1

FWIW, this argument works against https://lobste.rs/t/job too.

1. 2

I stand by it. Barely enough jobs to amount to anything. There might be someone who benefits from one. Maybe a few someones. Still no loss for most of community if it stays a site on specific tech & practices.

1. 7

Maybe it would be better the other way around, like a “Who’s Looking for Work?” thread. Job postings tend to get pretty spammy, and an open policy would encourage recruiters to join and pollute the threads, as others have mentioned. If it were the other way around, where the high quality users of this board looking for work posted their own requirements, it might be a nice value-add to the community.

Just an idea. I’m not sure even that is a great idea, but I’d like to hear what others think.

1. 1

That was part of the suggestion :-)

1. 7

Perhaps there could be an “Interesting Projects” thread that isn’t about companies but specific technical projects and efforts (including open source) that could use attention and more people. There’d need to be strong ground rules to prevent it from becoming a Hacker News “Who’s Hiring?” thread.

One ground rule would be no listing of required qualifications. That makes it a job ad. Another would be to disallow non-technical cultural discussions. For example, “We’re rolling out Haskell at a bank” is OK; “We have free doughnuts on Fridays” is not. Listing an HR email address would be a banned practice.

The culture we want is one where the assumption is that we have hyper-competent professionals and that the onus is on the poster to prove that a project (or company) is interesting, and not that we have thousands of commodity Scrum programmers (think HN) who are just looking for a job.

1. 2

Perhaps there could be an “Interesting Projects” thread

I like that idea; maybe also/instead a ‘help wanted’ tag. I’ve found it difficult at times[*] to figure out which OSS projects want help that I can actually provide, and I don’t think I’ve seen anything for non-OSS projects. Though that might already be covered by show.

[edit: *admittedly the last time I was actively looking for OSS projects to contribute to was a few years ago, and before I found lobste.rs]

strong ground rules

Yes, I think this actually makes it difficult to implement as a lobste.rs thread because the moderation would have to be much stricter than usual.

1. 2

Recently I’ve done a lot of travelling to see family and friends over the holiday period. This week most of my uptime will be taken up by work-work. Apart from that I’ll continue trying to find a different job. Maybe I’ll finally get round to starting a thread about it.

When I have time, I’ll help out with GoshawkDB (“a distributed, transactional, fault-tolerant object store”). The DB only exposes a few operations, which makes it fairly easy (IMHO) to understand and reason about, but we want to build some higher-level structures on top of it to make it more practical.

1. 1

I poked around the website a bit and can’t find a description of the transaction protocol or high level descriptions of the implementation – short of reading the code, could you provide some pointers on where to find things like this for GoshawkDB?

1. 2

I think the best place to start is the CodeMesh talk; you can find links to the video and slides on the documentation page.

1. 3

I am not keen on this. You can’t mute/hide subthreads, so that would make it impossible to opt in to discussion of only some jobs. Further, as someone who has posted a few job ads here, I don’t want to feel compelled to sit on a role for two weeks until the thread comes around again–perhaps only to find out that nobody bothered to do it this month.

We already have the “job” tag for job postings. There’s no “for hire” tag, and I’m not entirly sure I think it’s a good idea to add it either. Perhaps that would be better as a flag on your profile, hooked into the search functionality? e.g. “Search for people for hire that have made insightful posts on this topic”. Does that make sense?

1. 1

You can’t mute/hide subthreads, so that would make it impossible to opt in to discussion of only some jobs.

Not sure what you mean. Doesn’t the `[-]` work for that?

I don’t want to feel compelled to sit on a role for two weeks until the thread comes around again

Fair point.

We already have the “job” tag for job postings.

I do check https://lobste.rs/t/job occasionally but it’s very low-traffic. I thought having a thread might prompt people to comment that their company is hiring.

There’s no “for hire” tag, and I’m not entirly sure I think it’s a good idea to add it either.

Probably not a good idea as there would have to be one thread per person.

Perhaps that would be better as a flag on your profile

Interesting idea. Github has something like that. I suppose you could already just mention in your profile that you’re looking, though.

1. 1

Not sure what you mean. Doesn’t the [-] work for that?

Does that persist across sessions? I’ve never noticed! Anyway, I don’t think that works if you’re reading discussions by email, as I often do :-)

1. 19

I don’t feel that this kind of content makes sense here. Tech recruitment has a negative connotation associated with it for a good reason and I would hate to see recruiters show up and pollute what is generally an interesting discussion forum. I also feel like hosting this would open us up to more “fire and forget blogspam” by companies who are only here to use this as a recruiting medium and who won’t participate in a discussion about their submission.

1. 1

I agree that attracting recruiters is undesirable; in fact the motivation for this is to avoid recruiters. It’s quite possibly not the right solution, so I’d be interested in alternative suggestions too.

1. 1

I like this title much better than the one it was originally posted under: “Why Clojure is better than C, Python,Ruby and java and why should you care”.

1. 8

Is this really the only evidence provided to support the claim?

1. 10

That’s all this article offers. Besides, that anecdote, there’s an actual study Microsoft did finding ClearType (their anti-aliased font feature) improved reading speed without increasing fatigue. I can’t immediately find a copy of it online, but one of the authors (Slattery) summarized in the academic anthology “Digital Fonts and Reading” by saying:

Slattery and Rayner [2010] included an analysis of blink rate in their examination of the ClearType anti-aliasing used by Microsoft. They showed that the benefits of anti-aliasing, in terms of reading rate, were not accompanied by any increase in eye fatigue, as measured by blink rate.

This article needs actual evidence before writing a scaremongering headline and recommendations that are the exact opposite of best known practice.

1. 4

Semi-related to this: In the limited amount I’ve been exposed to containers at my work, the suggested practice is to run everything in the container as `root` because you’re just going to run one thing in your container anyways, so giving it access to everything is just fine.

Does anyone with more experience have an opinion on this?

1. 11

Erk. There have been several vulnerabilities which have meant that if you have root inside a container, you can break out of it and get root on the host. All of them have been patched, but I wouldn’t mind betting there will be more in time. (My guess: the next one will involve user namespaces in some way.)

In general I recommend following the principle of least privilege.

1. 1

My prediction was wrong :) Here’s the latest one I’ve become aware of, and it doesn’t even require root: https://lobste.rs/s/kg6yf1/dirty_cow_cve_2016_5195_docker_container

2. 3

root usually has access to more parts of the kernel, no? Increasing attack surface.

There are also a number of scenarios in which a user outside a jail and root inside a jail can collude to become root outside.

1. 2

If your applications do not need to write to any files, then they do not need write access within the container, even if root does (to say, update files, etc). Dropping root means that remote execution may degrade but might not deny service.

If your application does not need to open new network connections, then it should not have the ability to do so, even if root has the ability. `iptables -m owner` can prevent a local vulnerability from spreading.

If your application does not execute, then you can drop this with ulimit. Keeping root means you can’t. This eliminates entire classes of problems

All of my programs run with very low privileges because while it is bad for my customers that service is denied, it is worse if someone can spin up a bunch of ec2 boxes with my credit card to run worthless cpu miners putting me in the poorhouse.

1. 2

On linux:

• The OOM killer prefers killing user processes to root ones
• I’ve been told (but cannot confirm) that root processes can misbehave more dangerously, by e.g. DOS-ing the local network (would be thrilled if anyone who knows linux networking could expand on this)
1. 2

The security ramifications aside of doing so (which are in my view serious), it’s just plain bad practice. Bugs in code can become far more serious due to having unrestricted access within the container (e.g. file system manipulation bugs), while similarly, other issues may be masked by having superuser access (e.g. insufficient permissions). If you’re designing your software to work without root privileges, which you almost always should, then why would you run it as root in the container just because you can? It should work fine without such privileges, and there are potential security and stability benefits in doing so.

Some may argue that because you’re running in a container that such bugs can be recovered from faster by just redeploying the container instance, and they’d be right, but that doesn’t make it a good mindset. That’s just using containers as a way to mask deeper problems with the quality of software.

1. 3

I’m glad you pointed out that there are classes of attacks made more difficult by e.g. using an app user without write access to the FS.

RE the rest of the post - I’m not sure “It’s bad practice / poor quality” is a super helpful answer when the question boils down to “Why is it bad practice”.

Juggling users and permissions on servers is a substantial time sink that doesn’t immediately improve my users lives and it’s not unreasonable to ask ‘why should I do it when things work fine anyway’.

2. 1

Thank you for the responses @0, @tedu, @geocar, @danielrheath, and @ralish. What you said matches my suspicion and it’s nice to hear some confirmation.

1. 1

If you believe your container infrastructure is more secure than linux user/root then that makes sense. Personally I don’t consider either of them reliable enough to constitute a security boundary; I would do least-privilige at the machine level (and within my application runtime) but assume that control of a running user process == root on that machine and design my security model around that. At that point using user accounts becomes something to do only if it’s super cheap.

1. 3

There is no single development, in either technology or in management technique, that by itself promises even one order-of-magnitude improvement in productivity, in reliability, in simplicity.

– Brooks, 1986

1. 1

I wonder what happened to Matasano. It used to be that you had to email them for the challenges, and I tried that once, but they never got back to me, and now they seem to have disappeared.

1. 3

They got acquired for IIRC about \$7 million. Don’t remember who acquired them. The founders are doing Starfighter now to use games to identify talent for for recruitment.

1. 5

Also, Starfighter is done. Patrick McKenzie is now at Stripe. He was their CEO.

1. 1

Thanks for the update!

1. 12

It’s great to see a job posting on here. I’ve been trying to figure out how to find jobs without going through a recruiter for a while but I’ve more or less come up with nothing, so seeing this gives me a spark of hope.

For this job specifically I’m sort of tempted to apply since I’m familiar with everything you mention, and I want to continue my current pattern of working remotely, but I’m put off a bit by the title ‘Infrastructure Engineer’. I don’t think you can effectively work on infrastructure without a good understanding of the application(s) using it, and vice versa, so for my whole career I’ve been involved in both, and my job titles have been correspondingly general. Perhaps you could expand a little on that…?

1. 5

TL;DR: Naming is hard - you should apply!

It’s the end of the day here, but I’ll get back to this tomorrow with an expanded answer.

1. 5

Seconding this, it’d be nice to see more job postings on here. The tag can be filtered depending on if you’re in the market.

1. 3

Definitely. Looking at history though, it seems the tag has not been used correctly for the most part. I guess we need to be more vigilant about flagging those that are tagged job but aren’t job postings?

1. 3

I guess we need to be more vigilant about flagging those that are tagged job but aren’t job postings?

Agreed! I’ve gone through and suggested removing the `job` tag from a few of the recent ones that are not actually job ads. If more do the same, I suppose they’ll be removed? It should help people who look at “prior art” to pick the right tag.

1. 6

I’ve gone through and suggested removing the job tag from a few of the recent ones that are not actually job ads. If more do the same, I suppose they’ll be removed?

Just did the same, most of the recent `job` stories are now properly tagged. We did it! :)

2. 3

I don’t think you can effectively work on infrastructure without a good understanding of the application(s) using it, and vice versa, so for my whole career I’ve been involved in both,

I absolutely agree. And there’s a good deal of overlap here. We are a company of about 30 people. Because we’re so small, we don’t have room for hyper-specialists. We don’t have a group of people who develop the software, and another group that operates the software. We have a degree of freedom and responsibility to do what we feel is right for the company to succeed.

As an example I recently needed to do some maintenance on a small service called from our main app. I first spent time investigating what would happen to our main app in this case, by reading the code and looking at New Relic during running the maintenance operation in our test environment. I found that our main app was meant to handle this case, but due to a bug it did not do so properly. I identified & implemented a fix, and waited until the next release of the app to do the maintenance on the auxiliary app.

and my job titles have been correspondingly general.

Personally (and I don’t speak for my boss who wrote the ad I linked to here) I think a job title is just a hook to hang the job description off of. I don’t think one is terribly meaningful without the other, and I wouldn’t worry too much about that label. For most of my career I too have been involved in both development, deployment and live support of applications, although my job titles have been all over the place.

1. 2

Personally (and I don’t speak for my boss who wrote the ad I linked to here) I think a job title is just a hook to hang the job description off of.

I agree though!

1. 1

Oh hai! ;-)

1. 1

Excellent points. Maybe the instance metadata service is there for the benefit of Windows? Not sure how you would use XenStore from Windows. Not that that’s a good reason to make it less secure for everyone else.

1. 1

Sure a windows driver could be created to expose a new M: drive, no?

1. 1

Or you could use WMI/a dedicated API and expose it via a PowerShell VFS or something like that.

1. 3

I don’t get it. First they say the term ‘messaging’ is ‘hopelessly broad’. That’s fine. Then they start giving oddly specific advice…?

You don’t need full text search. If you really do need full text search then use a DB that is built for this — its a major time-sink to hack it in later and get it right.

Huh?

Messaging is likely more important to your users than you (or they) think it is. The messages themselves are likely less important to your users than you (or they) think they are.

Wha?

If you can skip a feature, DO. YAGNI.

Fine advice in general I suppose…

You don’t need [AdvancedMessagingProtocol] (aka XMPP). If you really need XMPP it will be painfully obvious (and if you do chances are you certainly don’t need the extensions).

Can’t really argue with this bit…

It’s like the blog post(s) were originally about something specific but were then generalised to ‘messaging’.

Maybe it’s just me…

1. 4

Oh. They’re talking about communication between humans. I was thinking ‘messaging’, you know, like ØMQ or whatever.

1. 1

I was really confused until I realized the same thing. I guess that’s a case in point for his “Messaging is hopelessly broad” point.

1. 3

I don’t want to be a spoilsport but… what’s wrong with the current ‘branding’, such as it is?

1. 1

I guess if you arent meeting profit goals you will try anything.

1. 2

Mozilla has no profit goals?