1. 4

    It hurts me to see how much C++ neglects the problem of compile time reflection, even though it’s absolutely crucial in:

    • Entity component systems (ECS), e.g. for video games and 3D engines
    • Marshalling/unmarshalling of data packets
    • Serialization/deserialization of JSON, XML, etc.
    • Storing and loading objects to and from databases
    • Printing or dumping object contents, e.g. for debugging purposes

    And every nontrivial application will grow to do at least one of these things. It’s just such a pain… I ended up writing a set of C++98 (I need to support ancient compilers) compliant macros that are minimally obscure and give me a powerful reflection API. You have to wrap the class/struct member declarations into a macro but it’s rather painless. Since then I haven’t used anything else. But since I’ve learned Rust, the ugly kludges that are required all day every day to implement ordinary C++ applications give me headaches and I started pivoting away from C++ wherever possible.

    1. 3

      C++ hasn’t neglected compile-time reflection, it’s just really hard to get right and once you’ve defined the interfaces for it then you’re stuck with them basically forever. It’s likely to be part of C++23, the reflection TS has been gradually approaching convergence for the last few years.

      1. 1

        The first C++ standard was released in 1998. We now speculate that compile time reflection will be part of the standard in 2023. That’s a quarter century later than it should have been made part of the language. During this time, the C++ committee introduced a myriad of less useful language features. Yes, that is neglect. Do you know how long it will take for this feature to be supported on embedded devices whose compilers notoriously lag behind? Maybe in 2030 or 2040 I will be able to use compile time reflection in a real product.

        1. 1

          Looking forward to it. I love the kind of stuff you can do in Zig — like writing a “for” loop over the fields of a struct. So intuitive!

          Are there any articles that describe the C++ reflection proposals in layman’s terms?

          1. 1

            There is 4 year-old article with title: ‘Reflections on C++ reflection proposals

            I like the title quite a bit :-)

        2. 1

          You have to wrap the class/struct member declarations into a macro

          Yep, I have been doing the same. I am thinking to do ‘an upgrade’ (for my ’09 code) to, now, use const expressions (although, I also like the approach proposed in [1] with CMake).

          I would also add to your list of critical ‘capabilities’ of a modern programming language, where reflection is needed – is the support of declarative and reactive GUI.

          Without reflection feature, every GUI library developer – brings their own reflection feature.

          Mature languages, like C++ need something like –error-on-undefined-behavior-features compile time switch, such that when used the compiler will error out on usage of library calls, idioms, language features that do not have a well defined standard behavior.

          This switch should also affect if a given precompiled ‘module’ can be used or not.

          This way, may be we could the language standard and its implementation to evolve a little faster. And the community usage around new features will grow faster.

          [1] https://onqtam.com/programming/2017-09-02-simple-cpp-reflection-with-cmake/

        1. 11

          The meat of this article is pretty good, unfortunately it is halfway down after reading through what anyone outside the movement could only see at an anti-government borderline-covid-denying rant. I honestly feel that, your personal feelings on how the pandemic should be handled notwithstanding, the point would be clearer and more forceful if given the main spotlight of the article.

          1. 11

            The meat of this article is pretty good, unfortunately it is halfway down after reading through what anyone outside the movement could only see at an anti-government borderline-covid-denying rant.

            That “Unfortunately” represents an extremely politicized opinion. There are lots of good reasons to be opposed to (your particular) government, including actions that (your particular) government has undertaken in the name of managing the coronavirus pandemic. Similarly it is reasonable to be suspicious of people using “borderline-covid-denying” as a way of dismissing an argument - “borderline covid-denying” implies that the OP did not in fact deny the existence of the covid pandemic, and there are lots of statements that are semantically close to denying the existence of the covid pandemic - like “it’s bad if the government forces people to install closed-source software on their cell phones in the name of fighting pandemics” that constitute extremely reasonable political arguments.

            1. 4

              Again, I did not dismiss the argument or (necessarily) even disagree with the rant. This was meant as constructive criticism of the article to say that focussing on the point/meat would make the point punch harder with all audiences.

            2. 8

              The opening section is a bit of a waffle; I have trimmed it down. The “papers, please” section in particular was true but off-topic. The techno-authoritarianism remark remains true, but is hard to elaborate in an on-topic way, so it’s been removed too. (Aside: Population-level vaccine targets provide aligned incentives without compromising people’s medical privacy or bodily autonomy.)

              It is possible to build privacy-preserving check-in, and to legislate protections for the data; it is a travesty that Australia has pretty much done neither. (Small exceptions: Western Australia legislated protections after it was revealed that the police accessed contact tracing and border pass data, and the federal government’s failed COVIDSafe app has strong legal protections also.)

              I think you are being extremely rude and uncharitable to lump me in with some “movement” of nutters, and I’d like you to apologise. Like most Australians, I am waiting patiently for our vaccine rollout to crawl down the age brackets, increasingly frustrated that additional restrictions and surveillance are imposed on citizens because of the government’s failures.

              (Quote of the removed original text below, for reference):

              Over the past year, there have been incredible restrictions on people’s freedoms of movement, speech, and association, in the name of protecting public health. On a recent trip, I was required to carry travel papers for 14 days, and to show them on request to certain classes of authorised officers — something I never thought I’d be required to do in a first-world liberal democracy.

              In Australia, we are now required by law to pump our personal information into one or more “contact-tracing” platforms in order to visit the supermarket or have something like a normal social life. This all-but-forces people to own a smartphone, and to interact with an enormous pile of proprietary software just to participate in society. Despite earlier promises to only be used for contact tracing, these databases have been used by police. Because of course they have.

              Elsewhere, there are talks of “vaccine passports” on smartphones, which accelerates techno-authoritarianism and should therefore be resisted. (Search for “raise the more generalized version of this objection”.)

              1. 9

                I think you are being extremely rude and uncharitable to lump me in with some “movement” of nutters, and I’d like you to apologise. Like most Australians, I am waiting patiently for our vaccine rollout to crawl down the age brackets, increasingly frustrated that additional restrictions and surveillance are imposed on citizens because of the government’s failures.

                1. He meant the Free Software Movement, the one you’re advocating in the piece.
                2. That removed original text is pretty easily construed as an anti-government borderline-covid-denying rant.
                1. 5

                  I disagree with your claim #1: as it’s embedded in the sentence “anyone outside the movement could only see at an anti-government borderline-covid-denying rant”, it reads pretty clearly to me like it applies to the various covid-is-a-conspiracy “movements”.

                  I can back everything in #2 with links to mainstream (i.e. not Murdoch/fringe/conspiracy-tier) news articles or to the relevant health orders, but to do so would take us further off-topic. I still do not understand this reading that you and singpolyma seem to see in the original text. (The “borderline-covid-denying” part, in particular. Whatever; it’s off-topic and removed from the main post, anyway.)

                  1. 5

                    If you have been paying even a modicum of attention to news, you know that there are and for a long time have been people who, no matter what crisis or emergency occurs, immediately denounce it as either a complete fiction or at best having been blown out of proportion as a cover story for the “truth”, which always is that the (insert preferred evil conspiratorial one-world-government entity here) wants an excuse to finally confiscate all our guns, terminate our freedoms, and institute worldwide dictatorship, all of which is only held at bay by badly-formatted postings from lone heroes on the internet.

                    What people are telling you is that the quoted section of your post sounds like one of those paranoid rants, in that it can be read to imply that contract tracing and vaccination status are sham reasons being used to impose the real agenda of “techno-authoritarianism”.

                    1. 2

                      What people are telling you is that the quoted section of your post sounds like one of those paranoid rants, in that it can be read to imply that contract tracing and vaccination status are sham reasons being used to impose the real agenda of “techno-authoritarianism”.

                      They’re worse than sham reasons to impose the real agenda of techno-authoritarianism - they’re superficially good reasons to impose the real agenda of techno-authoritarianism. Techno-authoritarianism is advanced more by a broad social atmosphere where opposition to software authoritarianism is widely thought of as low-status and uncomfortably adjacent to people with heretical politics, than it is by genuine conspiracies.

                      1. 3

                        Your formulation appears to be a literally irrefutable claim, in that anything and everything could be described, via argumentative gymnastics, as advancing or supporting “techno-authoritarianism”.

                    2. -2

                      Ignore them, they’re robots.

                    3. 2

                      Thank you for reading me correctly and providing this good summary of my comment

                      I would like to further clarify that I in no way meant to assume the rant was in bad faith (as someone in the Free Software movement, I could see the intent) but only that it would be easy to read it that way and thus distract from the meat of the article.

                    4. 3

                      I don’t think those three paragraphs make you out as a crank. I think it is fine and good to ask for serious privacy protections in contact-tracing, vaccine passport, and identity systems.

                      I would like to point out that many liberal democracies require their citizens to carry ID with them at all times. I believe this is the law in Germany and France, where I understand it is mostly used for harassing ethnic minorities.

                      FWIW, I think this history could be used to strengthen your argument: “liberal” democracies are very comfortable with authoritarianism for some of the population and these illiberal mechanisms are rarely dismantled, so they will accumulate if not resisted.

                      1. -2

                        a first-world liberal democracy.

                        In Australia

                        I think king Murdoch would disagree.

                      2. 5

                        Being anti-government is not immoral per se. It depends on the government. For example, you would probably agree that it’s moral to be anti-government in North Korea. You don’t have to deny Covid, the respiratory disease, to see that some governments have massively overstepped their boundaries. For example, there is mounting evidence that dusk-to-dawn curfews have no impact on the pandemic situation whatsoever, yet they were broadly imposed, often violating the constitution of the respective country. I would appreciate if people like you would stop with the moralistic shaming and inspect the subject matter with more care and thought. Not everyone who criticises the measures or aspects thereof is a science-denying anarcho-terrorist.

                      1. 14

                        This is actually a significant development for people who write GUI code in Rust. Finally we have a solid release of Rust bindings for GTK 4. In addition to that, the libhandy Rust bindings [1] allow for better development of Linux phone apps like for the PinePhone or the Librem 5, so an update to that crate is welcome too [2]. While GTK is not perfect, is is one of the few ways to write robust and usable GUI programs in Rust. Let us thank the developers for all the hard work that went into this release. The gtk-rs people work tirelessly and helped me out numerous times when I asked questions on IRC.

                        [1] https://gitlab.gnome.org/World/Rust/libhandy-rs

                        [2] https://crates.io/crates/libhandy

                        1. 2

                          Note that libhandy is for GTK3; the GTK4 equivalent is now libadwaita.

                          1. 1

                            Have you built (or even used) anything that targets Mac OS or Windows using GTK bindings? How does the end result feel on those platforms, and how hairy is it to build?

                            1. 10

                              Yes, I build for Windows but not Mac OS. You can actually cross-compile on Linux targeting Windows. That works well out of the box, I’ve tried it. You can also compile on Windows for Windows. That requires MSYS2 and a bit of configuration, but it’s not the end of the world (I avoid Visual Studio if possible and go with GNU tooling). The entire thing, along with build instructions, can be found here: https://github.com/BenjaminRi/Sherlog

                              As for the end result. My Windows users install the application with a Nullsoft installer which I generate with NSIS script. The installer puts all the files and dlls in the proper places. All the GUI elements behave as expected. It could look prettier. But it supports styles, so you can do a lot with styling to make it look good. Qt would probably look better, but the C++ bindings are an obstacle for Rust programmers. I don’t really care about looks, my application is a developer tool. For some elements, I had to implement my own manually rendered GUI elements on a plain canvas because I require insane performance that no GUI toolkit will deliver (not just GTK’s fault). You can get a lot out of GTK if you use it correctly, it can absolutely produce programs that are daily drivers. But it will never look exactly native. I use GTK because I want to support both Linux and Windows.

                              1. 1

                                That looks much better on Windows than I expected it to. Certainly very serviceable for dev/admin tools. I like that the cross compiling works well out of the box. I’ve avoided exploring a GUI kit in any depth so far for Rust, but this clearly needs to go on the list for when that time comes.

                              2. 4

                                (Note: not OP). I haven’t tried running Rust on Windows, but GTK itself is pretty easy to build and use on Windows, see e.g. https://www.collabora.com/news-and-blog/blog/2021/03/18/build-and-run-gtk-4-applications-with-visual-studio/ , https://www.collabora.com/news-and-blog/blog/2021/04/29/build-your-own-application-with-gtk4-as-a-meson-subproject/ (no affiliation, Collabora is just a big contributor on this side).

                                That being said, it’s very much the Gnome toolkit these days. It’s a pretty bad choice for cross-platform development.

                                1. 5

                                  That being said, it’s very much the Gnome toolkit these days. It’s a pretty bad choice for cross-platform development.

                                  In particular, note that GTK doesn’t implement accessibility (e.g. for blind people using screen readers) on Windows. Not sure about Mac.

                                2. 4

                                  I have built an application using GTK via gtk-rs. gtk-rs is really nice for writing applications is you are targeting X11 or Wayland. I am not a big GTK fan (I strongly prefer Qt), but gtk-rs makes writing GTK applications quite pleasant.

                                  I also built the application for macOS and the result was… horrific? Rendering was awfully slow and there was virtually no platform integration, making the application stick out like a sore thumb.

                                  Since most of the application logic was not in the GUI and there is no good support for Qt in Rust, we ended up rewriting the application in PyQt and using the main logic through PyO3 (Rust <-> Python bridge). This worked like a charm and the application felt near-native on macOS.

                                  1. 2

                                    I’ve written a gtk3-rs app on macOS and it was “meh”. It is better integrated than an average Electron app or egui, but it’s still obviously not native. I’ve also run into some rendering performance problems on macOS that weren’t an issue on Elementary.

                                1. 2

                                  isn’t this like with c/c++/java/javascript previously ?

                                  1. 25

                                    No, it’s different. I know C++ for a long time and mainly write C++ in my full-time job for years, but with Rust, I’m about 5 times as productive as with C++. Since I learned Rust, I churned out various programs that I would’ve never been able to develop in C++, simply due to time and complexity. I can now write software that I previously couldn’t have developed as a single person. Say about the language what you will, to me personally, Rust is pure empowerment that manifests in real software that is used by real people daily and saves time, money and nerves. And trust me, in the years before I learned Rust, nothing annoyed me more than the Rust evangelists whose posts kept popping up in every forum.

                                    1. 4

                                      Is there anything you could share that you feel is a particularly good example of something you’ve been able to develop in Rust on your own that you couldn’t have otherwise?

                                      I’m asking because I am learning Rust for fun right now, and I’m hitting the wall a little bit. (By that I mean “the wall” in the same sense that people who run endurance races use the term. You hit a certain point in the race where you suspect you won’t be able to continue. If you can push past that, you can have a good long race. But it’s a challenge.) I can get things done and there’s a lot that I like about it, but I don’t feel very productive yet.

                                      I’ve mainly written C++ and python over the past 20 years, so if it’s something you could show, seeing some of the things you’ve churned out with Rust that you couldn’t previously would be really interesting to me as I’m deciding whether I can afford the energy/aggravation to “push through”.

                                      1. 8

                                        Is there anything you could share that you feel is a particularly good example of something you’ve been able to develop in Rust on your own that you couldn’t have otherwise?

                                        Sure, these are some of my spare time projects:

                                        Of course all the things that can be done with Rust can also be done with C++… It might just take a decade longer to implement and fix until it’s stable ;)

                                        The projects above are of a size that pushes the boundaries of what I as a single individual can create and maintain in my spare time. I can confidently say that Sherlog would have never happened with C++.

                                        1. 3

                                          Thanks! That’s exactly the kind of thing I wanted to look at.

                                          I’ve learned new languages/libraries/frameworks enough over the years that this part isn’t surprising. I’m at that miserable point where every time I try to do something new, I spot a way to maybe do it, then spend a while looking at documentation to get it right, and in some cases spend time casting around search engines, forums, chat, etc. to find out what’s best/idiomatic.

                                          Some of this feels a little harder with rust than other things, but probably isn’t really. This is just the slow part of learning something.

                                          So it’s helpful to see those projects that you consider the “payoff”. Plus Sherlog looks neat. Thanks for sharing it.

                                          1. 1

                                            Focused, hard work is the real key to success. Keep your eyes on the goal, and just keep taking the next step towards completing it. If you aren’t sure which way to do something, do it both ways and see which works better.

                                            John Carmack

                                            Also, the Rust Discord is frequented by super nice and helpful people. They helped me more than once when I got stuck. Same thing with the gnome IRC, they also have a dedicated Rust channel.

                                        2. 4

                                          Personally its: If it compiles, it’s nearly done. I don’t have to think about += vs append - which in python might just change a lot of what is happening (rust won’t just nest two lists without me realizing, because types..). Or that I don’t have to worry about using c dependencies and their quirks that much (if at all with some very good bindings). Other than that: Yes it takes some time to get really productive. Till you acquired your base of crates and “framework” to re-use for most things (in which you can look up some of your specific solutions).

                                          1. 2

                                            100% agree here. Not a major rust user, but when I do it is both annoying and really nice how the compiler checks what I would usually catch in manual testing and debugging.

                                      2. 7

                                        Well, it’s a wave, they come and go :)

                                        1. 1

                                          Hahaha nice one, I’ll chill on a sandy beach of C/Fortran/Python and mine some coins =)

                                      1. 5

                                        I wanted to do the same thing, but then I realized it isn’t worth it. My internet is slower than 1 Gbit/s, and the disks in my NAS are about 1 Gbit/s, so my bottleneck isn’t really Ethernet at the moment. Also, these 10 Gbit/s switches require way more power, which means a higher electricity bill.

                                        1. 5

                                          Put a 1T NVMe SSD as L2ARC for your NAS and 10Gbps can have a meaningful difference. Especially for SMB which doesn’t seem to have any local caching supported in either macOS or Windows. Seek and play will be much faster than 1Gbps connection because the content will be cached better on NVMe and it can be comfortably served faster from NVMe cache.

                                          My current problem is pretty stupid. zbackup seems not work well with sshfs and it cannot remotely reach any meaningful speed when doing the backup, not even mention 10Gbps …

                                          1. 3

                                            Which is true for 99% of lobsters, 10G is still an overkill unless you d bulk transfer daily or having access to a better uplink.

                                          1. 3

                                            The ESPRESSObin: https://espressobin.net/

                                            We used this board at work to evaluate the platform, we then built our own hardware based on this SoC. Linux worked out of the box like a charm. Was a real pleasure to develop for this.

                                            1. 64

                                              Except that, as far as I can tell, Firefox isn’t produced by a malicious actor with a history of all sorts of shenanigans, including a blatantly illegal conspiracy with other tech companies to suppress tech wages.

                                              Sure, if your personal threat model includes nation states and police departments, it may be worthwhile switching to Chromium for that bit of extra hardening.

                                              But for the vast majority of people, Firefox is a better choice.

                                              1. 13

                                                I don’t think we can meaningfully say that there is a “better” choice, web browsers are a depressing technical situation, that every decision has significant downsides. Google is obviously nefarious, but they have an undeniable steering position. Mozilla is more interested in privacy, but depends on Google, nor can they decide to break the systems that are created to track and control their users, because most non-technical users perceive the lack of DRM to mean something is broken (“Why won’t Netflix load”). Apple and Microsoft are suspicious for other reasons. Everything else doesn’t have the manpower to keep up with Google and/or the security situation.

                                                When I’m cynical, I like to imagine that Google will lead us into a web “middle age”, that might clean the web up. When I’m optimistic, I like to imagine that a web “renaissance” would manage to break off Google’s part in this redesign and result in a better web.

                                                1. 19

                                                  Mozilla also has a history of doing shady things and deliberately designed a compromised sync system because it is more convenient for the user.

                                                  Not to mention, a few years ago I clicked on a Google search result link and immediately had a malicious EXE running on my PC. At first I thought it was a popup, but no, it was a drive-by attack with me doing nothing other than opening a website. My computer was owned, only a clean wipe and reinstallation helped.

                                                  I’m still a Firefox fan for freedom reasons but unfortunately, the post has a point.

                                                  1. 12

                                                    a few years ago I clicked on a […] link and immediately had a malicious EXE

                                                    I find this comment disingenuous due to the fact that every browser on every OS had or still has issues with a similar blast radius. Some prominent examples include hacking game consoles or closed operating systems via the browser all of which ship some version of the Webkit engine. Sure, the hack was used to “open up” the system but it could have been (and usually is) abused in exactly the same way you described here.

                                                    Also, I’m personally frustrated by people holding Mozilla to a higher standard than Google when it really should be the absolute opposite due to how much Google knows about each individual compared to Mozilla. Yes, it would be best if some of the linked issues could be resolved such that Mozilla can’t intercept your bookmark sync but I gotta ask: really, is that a service people should really be worried about? Meanwhile, Google boasts left, right and center how your data is secure with them and we all know what that means. Priorities people! The parent comment is absolutely right: Firefox is a better choice for the vast majority of people because Mozilla as a company is much more concerned about all of our privacy than Google. Google’s goal always was and always will be to turn you into data points and make a buck of that.

                                                    1. 1

                                                      your bookmark sync

                                                      It’s not just bookmark sync. Firefox sync synchronizes:

                                                      • Bookmarks
                                                      • Browsing history
                                                      • Open tabs
                                                      • Logins and passwords
                                                      • Addresses
                                                      • Add-ons
                                                      • Firefox options

                                                      If you are using these features and your account is compromised, that’s a big deal. If we just look at information security, I trust Google more than Mozilla with keeping this data safe. Of course Google has access to the data and harvests it, but the likelihood that my Google data leaks to hackers is probably lower than the likelihood that my Firefox data leaks to hackers. If I have to choose between leaking my data to the government or to hackers, I’d still choose the government.

                                                      1. 1

                                                        If I have to choose between leaking my data to the government or to hackers, I’d still choose the government.

                                                        That narrows down where you live, a lot.

                                                        Secondly, I’d assume that any data leaked to hackers is also available to Governments. I mean, if I had spooks with black budgets, I’d be encouraging them to buy black market datasets on target populations.

                                                        1. 1

                                                          I’d assume that any data leaked to hackers is also available to Governments.

                                                          Exactly. My point is that governments occasionally make an effort not to be malicious actors, whereas hackers who exploit systems usually don’t.

                                                    2. 6

                                                      I clicked on a Google search result link

                                                      Yeah, FF is to blame for that, but also lol’d at the fact that Google presented that crap to you as a result.

                                                      1. 3

                                                        Which nicely sums up the qualitative difference between Firefox and Google. One has design issues and bugs; the other invades your privacy to sell the channel to serve up .EXEs to your children.

                                                        Whose browser would you rather use?

                                                      2. 3

                                                        Mozilla also has a history of doing shady things and deliberately designed a compromised sync system because it is more convenient for the user.

                                                        Sure, but I’d argue that’s a very different thing, qualitatively, from what Google has done and is doing.

                                                        I’d sum it up as “a few shady things” versus “a business model founded upon privacy violation, a track record of illegal industry-wide collusion, and outright hostility towards open standards”.

                                                        There is no perfect web browser vendor. But the perfect is the enemy of the good; Mozilla is a lot closer to perfect than Google, and deserves our support on that basis.

                                                      3. 8

                                                        These mitigations are not aimed at nation-state attackers, they are aimed at people buying ads that contain malicious data that can compromise your system. The lack of site isolation in FireFox means that, for example, someone who buys and ad on a random site that you happen to have open in one tab while another is looking at your Internet banking page can use spectre attacks from JavaScript in the ad to extract all of the information (account numbers, addresses, last transaction) that are displayed in the other tab. This is typically all that’s needed for telephone banking to do a password reset if you phone that bank and say you’ve lost your credentials. These attacks are not possible in any other mainstream browser (and are prevented by WebKit2 for any obscure ones that use that, because Apple implemented the sandboxing at the WebKit layer, whereas Google hacked it into Chrome).

                                                        1. 2

                                                          Hmmmm. Perhaps I’m missing something, but I thought Spectre was well mitigated these days. Or is it that the next Spectre, whatever it is, is the concern here?

                                                          1. 11

                                                            There are no good Spectre mitigations. There’s speculative load hardening, but that comes with around a 50% performance drop so no one uses it in production. There are mitigations on array access in JavaScript that are fairly fast (Chakra deployed these first, but I believe everyone else has caught up), but that’s just closing one exploit technique, not fixing the bug and there are a bunch of confused deputy operations you can do via DOM invocations to do the same thing. The Chrome team has basically given up and said that it is not possible to keep anything in a process secret from other parts of a process on current hardware and so have pushed more process-based isolation.

                                                      1. 5

                                                        Let us appreciate the dedication of the developer behind this repository, John Hodge. The first commit happened in November 2014. The repository now has 4287 commits, most of which are his. And now, this compiler fully bootstraps rustc on x86-64 Linux. I think that is really impressive and it’s also motivational for myself, to keep going with my (much smaller and less significant) projects.

                                                        1. 8

                                                          I’ve had the experience that whenever I created such a file where the name “doesn’t matter”, I ended up stumbling across it some time later and I had no clue what it did and why it was there. I then had to open it and think about why it was there. And don’t get in the habit of deleting files with weird names, next thing you know is you’ve got some data loss or outages on your hand. Give your files names, even if it’s just ThisFileCanSafelyBeDeleted.txt. You won’t regret the additional 2 seconds you spent, it will pay for itself even if you just prevent confusing yourself once in your entire life.

                                                          1. 3

                                                            This might speak to the hostility of the architecture I inherited more than anything, but if I saw a file named ‘ThisFileCanSafelyBeDeleted.txt’, the last thing I would do is delete the file.

                                                            That said, I do tend to name vmware snapshots something similar – usually something like ‘delete after DD-MON-YYYY - jgf’ so people know who made it, how long I needed it for, and whether it’s safe to delete. Your idea is similar and quite good, maybe if I can break through the gaslighting from my arch I’ll adopt it.

                                                            1. 1

                                                              I usually make tmp/ in my working directory if I need it, then name files in there whatever I want.

                                                              Unfortunately in college I thought it was funny to name my scratch files loldongs and the habit has stuck. I’m not proud.

                                                            1. 2

                                                              My strategy against this BS at the moment is to use temporary containers for every tab.

                                                              You open your tab, do your thing, when it closes everything gets wiped.

                                                              If you click on a link to another domain, it opens in a new container.

                                                              Then I just have an extension that auto-clicks ‘accept all cookies’ because they all disappear when I close the tab anyway.

                                                              Some of those dialogs where you choose what cookies you want are painful to use!

                                                              1. 2

                                                                Keeping the cookies at bay is easy. What measures do you take against more advanced tracking techniques like canvas render fingerprints? There are many such techniques that go far beyond just cookies. Do you use straight NoScript? The internet is woefully broken without JavaScript.

                                                                1. 2

                                                                  Nothing more than what ublock origin provides, plus some router level ad/tracker blocking. Blocking 3rd party trackers is an easy measure I can take that doesn’t break the internet, and this includes a lot of companies known to use fingerprinting. It’s not perfect, but then nothing is.

                                                                  Aside from that I don’t really want to go down the canvas blocking, noscript rabbit hole. I used to do it and found I was just spending too much time disabling noscript for sites I was never going to revisit. Places I frequent tend to have RSS so I just use that anyway.

                                                                2. 1

                                                                  This isn’t about cookies. The laws talk about personally identifiable information. Cookies are one way of collecting this, but they’re not the only way. With your approach, if the site uses some other mechanism (tied to IP address, for example), then it is completely legal. If you don’t permit it and the site is found to be violating the law then the information commissioner can impose huge fines.

                                                                  1. 1

                                                                    I do the same on my laptop. On my iPhone I’ve started strictly using private browsing mode. No problems accepting all cookies when I kill the tab in 3 minutes anyways.

                                                                  1. 30

                                                                    Not really a blog, but https://lwn.net/ by far. Some of the best reporting on current events regarding Linux. Also the only site where I pay to read articles, well worth it.

                                                                    1. 4

                                                                      only site where I pay to read articles

                                                                      ++

                                                                      1. 8

                                                                        It’s a really well written response to a rant, full of technical details, and it sums up nicely to: NetworkExtensions framework is a total mess, AppleStore model doesn’t help, and developing on Mac on a low level is not fun (last one is my interpretation).

                                                                        1. 2

                                                                          Apple doesn’t give us a lot of control over anything

                                                                          This is the point where every self-respecting hacker would uninstall this operating system and install something that gives them control, like Linux. It is a mystery to me how so many brilliant people let their machines be dominated by these bullies day in day out.

                                                                          1. 12

                                                                            This is the point where every self-respecting hacker would uninstall this operating system and install something that gives them control, like Linux.

                                                                            Are you suggesting that I uninstall Linux in order to install Linux?

                                                                            In order for WireGuard to be useful, people need to be able to use it. And that means porting it to other operating systems, even the ones that you find icky and make me tear my hair out. Perhaps you’re a man of principle and figure, “don’t stoop to Apple! Boycott the OS! Don’t spend your time on it! Don’t help that world!” But this still misses the point that I want to make things that are useful to people, even to people who haven’t made the same choices as you and me to use Linux. And on a more personal level, I’d like to be able to use WireGuard with friends and family who run other operating systems like macOS or Windows. “Convince them instead to drop their computers in the sink and get a Thinkpad W701ds to run Linux instead!” Please…

                                                                            1. 1

                                                                              Are you suggesting that I uninstall Linux in order to install Linux?

                                                                              Everyone knows that True Hackers™ install a new distro at least once every 127 days. They also have a cron job to recompile the kernel every night.

                                                                              At any rate, for me, personally, life is just too short to have to deal with this kind of stuff. I’m all for pragmatism and I can deal with less-than-idea (“broken”) APIs and all of that, but the whole “we approved your app yesterday but we’re rejecting today’s update to fix a critical error because of some obscure small donation link to a non-profit” is just … yeah nah, I can’t deal with that kind of dystopian insanity completely devoid of any reason. So kudos for putting up with that.

                                                                            2. 2

                                                                              Are you considering every laptop owner, a self-respecting hacker?!

                                                                              You certainly don’t need to be a “hacker” to use a VPN, if you target specifically the authors of the posts, then they probably have their reasons and it would be interesting to know about them.

                                                                              1. 2

                                                                                Are you considering every laptop owner, a self-respecting hacker?!

                                                                                Of course not.

                                                                                if you target specifically the authors of the posts, then they probably have their reasons and it would be interesting to know about them.

                                                                                Yes, I’m specifically talking about them. In addition, there are a lot of programmers who use macOS, some of which I know personally and hold in high esteem. The most common reasons I hear are the quality and software integration of the touchpad, music & media applications and the form factor & hardware of the laptops. I can respect the music & media argument (just like you would use Windows for games), the other points are a rather low price for your hacker soul.

                                                                                1. 2

                                                                                  I rarely “hack” my Linux system though; most of the times I want things to Just Work™.

                                                                                  My definition of “just works” is rather different than the average macOS user – to quote an ex-girlfriend: “why don’t you use your computer like a normal person?” – but that’s just a matter of taste.

                                                                          1. 10

                                                                            Fun fact, the Rust compiler does not have to arrange struct fields in the order they are defined, therefore it can pack for you without you having to do anything. If you want a stable ABI, you write #[repr(C)] on the line before the struct keyword, this gives you C-style control over the field order (https://doc.rust-lang.org/reference/type-layout.html#the-c-representation).

                                                                            1. 4

                                                                              What the user wanted here, when adding the last prop, was to set a top level property.

                                                                              But what really happens is that the property is added to the second item of the "chars" array.

                                                                              I have a hard time believing that anyone who has ever written or modified an INI file would be confused about this. Considering that this is the only illustrated criticism of TOML in this entire post, I’m puzzled as to why this person switched away from TOML.

                                                                              Now, I understand what they mean when they call the language alien and confusing. But so are YAML, XML, etc. when you first encounter them, it’s just that people are accustomed to these decades old languages. Is it possible to create a configuration language that is intuitive to inexperienced newcomers and covers all the use-cases of TOML? Time will tell.

                                                                              1. 5

                                                                                The problem isn’t with the software author. Being the author of broot, I wouldn’t have to change the format if I was the sole user. The problem is when people stop trying to configure your software because the changes they do have no effect.

                                                                                Adding a line to a configuration file is something that linux users do all the time.

                                                                                People who’ve been told that to achieve an effect they would have to add this line in their config.toml file won’t read the whole file to scan whether there’s a better location, they’re used to add it at the end as they do for example in their .bashrc file. Of course, coming back later they would probably try to organize everything but they won’t because their first reaction is that there’s a bug in the application since the added line did nothing.

                                                                                I don’t pretend that TOML is bad for everything but that such confusion makes it unsuitable for many programs as it has proven to be for broot.

                                                                                1. 4

                                                                                  I see. I wish you went into more detail about this in the blog post because it’s a good point.

                                                                                  I think the solution here is not to use the global scope at all in an INI/TOML file, such that it’s always clear what section an attribute belongs to. In addition, your application could throw warnings or even errors if unknown keys are detected (careful with backwards compatibility, though), or it could print the configuration back to the user so that they can check if everything is configured properly. It could also offer a dry run of configuration parsing.

                                                                                  Interestingly, I noticed that many Linux utilities have this configuration problem, and many just “swallow” any nonsensical configuration and exhibit default behaviour, something that has often cost me a lot of time. It’s even worse if they use their own configuration language that is often fraught with parser ambiguities and problems. It’s good to see developers like you caring about how users interact with the configuration file.

                                                                                  1. 2

                                                                                    Thanks, I’m editing my blog post to take this into account, and try to make it clearer.

                                                                                    1. 1

                                                                                      I think the solution here is not to use the global scope at all in an INI/TOML file

                                                                                      That seems the obvious solution to me as well, if this single confusion that users have is the only issue with the format. Generally speaking, I also think this is better than this proliferation of almost-but-not-quite JSON formats, each with their own “conveniences” added that might cause more confusion. Especially the unquoted string values and possibly the implicit comma on newline seem like footguns in disguise.

                                                                                      Comments, optional trailing commas and unquoted string keys seem like much more obvious advantages to me. Especially considering unquoted keys don’t have the ambiguity of “should the key be evaluated?” (which JS actually never does, but for example Python does) and “is this key a reserved JavaScript keyword?” like in JavaScript. But then, if you drop that it’s technically not eval() able anymore in a JS interpreter, which was arguably JSON’s biggest “advantage” (with all the security problems that entailed).

                                                                                1. 2

                                                                                  I don’t. I just use Notepad++. As long as the project is below 100k LoC and I wrote everything myself, I don’t need it. For larger projects at work, I use Eclipse CDT (for C/C++). I’ve also been looking into Visual Studio Code combined with Rust Language Server (RLS), that looks pretty promising and has helped me out a couple of times.

                                                                                    1. 3

                                                                                      The translation provided by Google is really good. I wanted to translate it for Lobste.rs, but I couldn’t have done it better myself. To be honest, I was surprised about the quality of the translation. This is on the level of a skilled native speaker (of both languages).

                                                                                      1. 3

                                                                                        I’m not sure I can agree with that assessment, the language used in the translation is very peculiar, it’s pretty clear to a native speaker that it’s an automatic translation.

                                                                                        1. 3

                                                                                          It’s certainly not perfect, but a lot of the time when a non-professional translator translates stuff, the results tend to be less-than-perfect too. I notice this myself too when I translate stuff from Dutch to English or vice versa – it seems the brain has to “context switch” all the time between the languages, leading to some rather curious results. For decent results I need to come back to it an hour later and copy-edit the lot extensively, and it’s not uncommon I find that I accidentally used words in the wrong language (especially words like “the”, “a”, etc.)

                                                                                        2. 0

                                                                                          Really?

                                                                                          Tutanota wants to file a complaint against the decision, but this has no suspensive effect. “We therefore had to start developing the monitoring function”, a spokeswoman told c’t in mid-November. If the complaint is successful, the function will not be activated or removed again.

                                                                                          (my emphasis).

                                                                                          I mean, the gist of this is that Tutanota plans to appeal, but they will have to abide with the court’s decision until the appeal is successful. I read the last sentence as “if the appeal is successful, the monitoring function will be removed”, but the machine translation is ambiguous.

                                                                                          1. 1

                                                                                            My crappy B1 German skills read the section in question more as

                                                                                            Tutanota wants to appeal the decision, however this has no suspending effect [on the judgement]. “We still had to develop the surveillance mechanism” explained a spokeswoman in the middle of November to c’t [the publication]. Should the appeal be successful, one would not activate the function [which must nevertheless be implemented in the mean time], or, more specifically, the function would be removed once again [if it is developed fully and deployed as required before the appeal decision].

                                                                                      1. 2

                                                                                        Let’s pretend that JPEG has finally died (again) and GIF and PNG are both gone.

                                                                                        To me, PNG hits the perfect sweet spot for lossless images. It has decent compression, speed and is supported everywhere. It’s also relatively low complexity. The format has grown on me, even though significantly better lossless compression exists. So I’d be sad about its disappearance.

                                                                                        1. 1

                                                                                          PNG is perfectly fine, as is JPEG. In fact, if we actually implemented the entire JPEG spec that would be pretty neat. Hierarchical coding is in there, which is key for coding large pictures efficiently. I am highly skeptical of introducing new formats when web people can’t even use JPEG correctly.

                                                                                          The only thing really missing is a format that can do lossy compression with transparency. You can kinda hack it with PNG, quantizing color values, but it’s not great.

                                                                                        1. 2

                                                                                          My biggest problem is slow linking. Even if I only change a single file, I have to wait 5-10 seconds just for the linker. I was excited to try out faster lld linking, but none of the recommended lines worked (on x86_64-pc-windows-gnu).

                                                                                          The RUSTFLAGS failed with

                                                                                          error: failed to run `rustc` to learn about target-specific information
                                                                                          
                                                                                          Caused by:
                                                                                            process didn't exit successfully: `rustc - --crate-name ___ --print=file-names "\"-C" "link-arg=-fuse-ld=lld\"" --crate-type bin --crate-type rlib --crate-type dylib --crate-type cdylib --crate-type staticlib --crate-type proc-macro --print=sysroot --print=cfg` (exit code: 1)
                                                                                            --- stderr
                                                                                            error: multiple input filenames provided (first two filenames are `-` and `"-C`)
                                                                                          

                                                                                          Looks like there’s some escaping stuff going on when you do it on Windows.

                                                                                          The Cargo.toml flags failed with unused manifest key warnings:

                                                                                          warning: unused manifest key: target.x86_64-pc-windows-gnu.linker
                                                                                          warning: unused manifest key: target.x86_64-unknown-linux-gnu.linker
                                                                                          

                                                                                          Not sure if I’m doing anything wrong or if the guide recommends things that weren’t tested at all.

                                                                                          (EDIT: The tutorial is wrong. These keys have to be added to config.toml, not Cargo.toml. Now it cannot find lld but that’s already progress.)

                                                                                          1. 3

                                                                                            I’m not happy about this. On embedded devices, you usually only have SSH but not SFTP. So then you need to build OpenSSL and enable that service. SCP always works out of the box. It’s silly to claim that SCP is insecure. Duh, you’ve got SSH access. That’s like saying it’s insecure to use the same key to open the trunk of the car and to start the engine.

                                                                                            1. 4

                                                                                              What SSHd comes with SCP but not SFTP? I think even Dropbear has SFTP, and OpenSSH comes with a simplistic internal sftp server if the full one is unavailable.

                                                                                              1. 2

                                                                                                https://tinyssh.org/, but it can make use of OpenSSH’s SFTP subsystem with ... tinysshd -x sftp=/usr/libexec/openssh/sftp-server /etc/tinyssh/sshkeydir https://tinyssh.org/faq.html

                                                                                                So it does not count.

                                                                                                1. 2

                                                                                                  Dropbear has optional SFTP, but only if you compile OpenSSL yourself and add the library and enable it. Vanilla Dropbear only has SCP.

                                                                                                2. 2

                                                                                                  It’s silly to claim that SCP is insecure. Duh, you’ve got SSH access.

                                                                                                  As is explained in the article, it’s context-dependent, because it’s not necessarily the case that “duh, you’ve got ssh access” – in scenarios where a user has been granted scp-only access with the intent of limiting them to simple file-transfer operations, the fact that scp allows arbitrary command injection is actually a pretty gaping vulnerability.

                                                                                                  1. 2

                                                                                                    I read the article too. People who give SCP-only access to untrusted third parties and expect it to be secure are making a mistake. That is simply not how SCP is supposed to be used. You have to assume that your SCP users have all the rights of the account whose SSH key SCP logs in with. This is the granularity with which access rights are enforced in the SCP model.

                                                                                                    1. 1

                                                                                                      …and yet it happens, and will in all likelihood continue to happen. We can blame users for not understanding all the ramifications of arcane implementation details, but it’s a very easy misunderstanding to fall into – man scp just says “secure file copy” after all, not “secure file copy and command execution”. Humans being what they are, making things hard(er) to misuse is an important side of designing for security.

                                                                                                1. 28

                                                                                                  Yyyyyyyep.

                                                                                                  Edit: To expand a little, now that I’ve had some coffee, let me repeat one of soc’s points a little more vigorously: C++ will not get better until they start taking things away as well as adding things. I still have vivid memories of reading through a C++ book in undergrad, back in 2004 or something, and thinking “ok, I can’t just entirely avoid pointers in favor of references… so what good are references besides making more ways of doing the same thing?”

                                                                                                  1. 10

                                                                                                    References serve an entirely different purpose than pointers. A pointer is a type that can be NULL, so it may represent an optional object, whereas references are (theoretically) never NULL and always valid. These are valuable safety features. However, you would find it extremely difficult to write C++ code that exclusively uses references and no pointers. So both have their place in the language, though I would replace almost all pointers with std::unique_ptr if C++11 is available.

                                                                                                    I agree with the sentiment that the relentless growth of C++ and the reluctance of the committee to deprecate features is the source of many problems. Even though I know and write C++ for many years, I still find C++ features that weren’t previously known to me on a daily (!) basis. In other words, for thousands of days, I am daily surprised by this language. The complexity is unfathomable.

                                                                                                    1. 5

                                                                                                      references are (theoretically) never NULL and always valid.

                                                                                                      They are never NULL and often invalid. Like when you saved a reference to something that either (a) went out of scope; (b) was the result of dereferencing a pointer to memory that was freed afterwards. You can also make a null reference if you try very hard, but that doesn’t happen in practice, whereas invalid references sure do.

                                                                                                      1. 3

                                                                                                        You can also make a null reference if you try very hard, but that doesn’t happen in practice

                                                                                                        That’s just not true.

                                                                                                        void foo(int& i);
                                                                                                        ...
                                                                                                        p = nullptr;
                                                                                                        ...
                                                                                                        foo(*p);
                                                                                                        

                                                                                                        is not at all hard, nor is it it even that uncommon.

                                                                                                        1. 3

                                                                                                          It has never shown up in my 4 years of commercial C++ experience + 5 years non-commercial before that.

                                                                                                          1. 1

                                                                                                            I’ve seen it in the wild; debugged a core dump that had it. The evil thing is that the program crashes at the point where the NULL-reference is used, not where NULL is dereferenced (in compiled assembly, dereferencing a pointer to store it in a reference is a no-op). These two points may be far apart.

                                                                                                          2. 1

                                                                                                            This is undefined behavior.

                                                                                                          3. 1

                                                                                                            They shouldn’t be invalid, but it’s not entirely enforced by the compiler. The idea is that by using references, a programmer signals to the reader of the code that the value is intended to be a non-NULL valid object, and if that is not the case, the error is at whatever line of code that creates this invalid reference, not the one that uses it. In the wild, even inexperienced C++ programmers rarely create invalid references simply because it is harder to do so, whereas they routinely create invalid pointers. In addition to that, invalid references are almost always a programmer error, but invalid pointers are a regular occurrence and often part of a design that allows and accounts for such states.

                                                                                                            1. 4

                                                                                                              The idea is that by using references, a programmer signals to the reader of the code that the value is intended to be a non-NULL valid object, and if that is not the case, the error is at whatever line of code that creates this invalid reference, not the one that uses it.

                                                                                                              Yes, nonetheless it happens. And it doesn’t matter that “somebody else” made the error. The error is still there and it’s your code that crashes. I feel much better using a language that doesn’t put me in such situations.

                                                                                                              In the wild, even inexperienced C++ programmers rarely create invalid references simply because it is harder to do so

                                                                                                              For some definition of “rarely”. I’ve often seen code that passed references to objects wrapped in std::shared_ptr (often to avoid ARC overhead) into function arguments where those functions captured those by reference in lambdas which were executed after the std::shared_ptr freed the memory. Similarly, this regardless of its type is in practice used like a reference. There’s a lot of code in the wild that does something like PostTask([this] { /* do smth */ });.

                                                                                                              At the end of the day it doesn’t matter that “the error is somewhere else”. If the language makes something remotely straightforward, I’m sure to have to deal with that in a shared codebase at one point no matter how few errors I make myself.

                                                                                                              1. 2

                                                                                                                Yes, whatever the compiler doesn’t prohibit is likely to end up in the codebase. However, I still think that references are valuable and provide better safety than pointers. Obviously it would be better if making mistakes was impossible. I’m not whitewashing C++’s serious shortcomings here.

                                                                                                                As for the discussion about invalid references, I’ll leave you with this short story: http://www.gotw.ca/conv/002.htm

                                                                                                          4. 3

                                                                                                            References serve an entirely different purpose than pointers.

                                                                                                            The official (D&E of C++) purpose of references is to enable operator overloading.

                                                                                                            1. 2