1. 38

    May Terry rest in peace. Hopefully he found the peace he could not find in his life.

    1. 14

      That could easily have been me. In fact, at one point during the years I spent expecting never to get enough control over my disabilities to escape financial abuse, I had started planning what project I wanted to leave to the world (it would have been a programming language with some novel ideas).

      I’m really impressed by how much of it he got done. I very much hope that this work brought him relief, and that he’s at peace now.

      1.  

        Thank you for saying this. It’s lovely and it means something to me.

      2. 10

        His story reminds me a lot of the folk artist Daniel Johnston, who I got to see preform years ago in Atlanta. Having know others close to me who’ve had to deal with serious mental illness, it’s really neat to see what these people put together and accomplished, as well as how difficult it was for them to live in this world and the world inside their heads. It’s a reminder of how dependent we are on our senses and our perception of reality.

        1.  

          Amen.

        1. 8

          yet in many respects, it is the most modern database management system there is

          It’s not though. No disrespect to PostgreSQL, but it just isn’t. In the world of free and open source databases it’s quite advanced, but commercial databases blow it out of the water.

          PostgreSQL shines by providing high quality implementations of relatively modest features, not highly advanced state of the art database tech. And it really does have loads of useful features, the author has only touched on a small fraction of them. Almost all those features exist in some other system. But not necessarily one single neatly integrated system.

          PostgreSQL isn’t great because it’s the most advanced database, it’s great because if you don’t need anything state of the art or extremely specialized, you can just use PostgreSQL for everything and it’ll do a solid job.

          1. 13

            but commercial databases blow it out of the water

            Can you provide some specific examples?

            1. 16

              Oracle has RAC, which is a basic install step for any Oracle DBA. Most Postgres users can’t implement something similar, and those that can appreciate it’s a significant undertaking that will lock you into a specific workflow so get it right.

              Oracle and MS-SQL also have clustered indexes. Not what Postgres has, but where updates are clustered as well. Getting Pg to perform sensibly in this situation is so painful, it’s worth spending a few grand to simply not worry about it.

              Ever run Postgres on a machine with over 100 cores? It’s not much faster than 2 cores without a lot of planning and partitioning, and even then, it’s got nothing on Oracle and MS-SQL: Open checkbook and it’s faster might sound like a lose, but programmers and sysadmins cost money too! Having them research how to get your “free” database to perform like a proper database isn’t cost effective for a lot of people.

              How about big tables. Try to update just one column, and Postgres still copies the whole row. Madness. This turns something that’s got to be a 100GB of IO into 10s of TBs of IO. Restructuring this into separate partitions would’ve been the smart thing to do if you’d remembered to do it a few months ago, but this is a surprise coming from commercial databases which haven’t had this problem for twenty years. Seriously! And don’t even try to VACUUM anything.

              MS-SQL also has some really great tools. Visual Studio actually understands the database, and its role in development and release. You can point it at two tables and it can build ALTER statements for you and help script up migrations that you can package up. Your autocomplete can recognise what version you’re pointing at. And so on.

              …and so on, and so on…

              1. 3

                Thanks for the detailed response. Not everyone has money to throw at a “real” enterprise DB solution, but (having never worked with Oracle and having only administered small MSSQL setups) I did wonder what some of the specific benefits that make a DBA’s life easier were.

                Of course, lots of the open source tools used for web development and such these days seem to prefer Postgres (and sometimes MySQL), and developers like Postgres’ APIs. With postgres-compatible databases like EnterpriseDB and redshift out there, my guess is we’ll see a Postgres-compatible Oracle offering at some point.

                1. 7

                  Not everyone has money to throw at a “real” enterprise DB solution

                  I work for a commercial database company, so I expect I see a lot more company-databases than you and most other crustaceans: Most companies have a strong preference to rely on an expert who will give them a fixed cost (even if it’s “money”) to implement their database, instead of trying to hire and build a team to do it open-source. Because it’s cheaper. Usually a lot cheaper.

                  Part of the reason why: An expert can give them an SLA and has PI insurance, and the solution generally includes all costs. Building a engineering+sysadmin team is a big unknown for every company, and they usually need some kind of business analyst too (often a contractor anyway; more £££) to get the right schemas figured out.

                  Professional opinion: Business logic may actually be some of the least logical stuff in the world.

                  lots of the open source tools used for web development and such these days seem to prefer Postgres

                  This is true, and if you’re building an application, I’d say Postgres wins big. Optimising queries for dbmail’s postgres queries was hands down much easier than any other database (including commercial ones!).

                  But databases are used for a lot more than just applications, and companies who use databases don’t always (or even often) build all (or even much) of the software that interacts with the database. This should not be surprising.

                  With postgres-compatible databases like EnterpriseDB and redshift out there, my guess is we’ll see a Postgres-compatible Oracle offering at some point.

                  I’m not sure I disagree, but I don’t think this is a good thing. EnterpriseDB isn’t Postgres. Neither is redshift. Queries that work fine in a local Pg installation run like shit in redshift, and queries that are built for EnterpriseDB won’t work at all if you ever try and leave. These kinds of “hybrid open source” offerings are an anathema, often sold below a sustainable price (and much less than what a proper expert would charge), leaving uncertainty in the SLA, and with none of the benefits of owning your own stack that doing it on plain postgres would give you. I just don’t see the point.

                  1. 3

                    Professional opinion: Business logic may actually be some of the least logical stuff in the world.

                    No kidding. Nice summary also.

                    1. 0

                      Queries that work fine in a local Pg installation run like shit in redshift

                      Not necessarily true, when building your redshift schema you optimize for certain queries (like your old pg queries).

                  2. 4

                    And yet the cost of putting your data into a proprietary database format is enough to make people find other solutions when limitations are reached.

                    Don’t forget great database conversion stories like WI Circuit Courts system or Yandex where the conversion to Postgres from proprietary databases saved millions of dollars and improved performance…

                    1. 2

                      Links to those stories?

                      1. 1

                        That Yandex can implement clickhouse doesn’t mean everyone else can (or should). How many $100k developers do they employ to save a few $10k database cores?

                        1. 2

                          ClickHouse has nothing to do with Postgres, it’s a custom column oriented database for analytics. Yandex Mail actually migrated to Postgres. Just Postgres.

                      2. 2

                        You’re right about RAC but over last couple of major releases Postgres has gotten alot better about using multiple cores and modifying big tables. Maybe not at the Oracle level yet bit its catching up quickly in my opinion.

                        1. 3

                          Not Oracle-related, but a friend of mine tried to replace a disk-based kdb+ with Postgres, and it was something like 1000x slower. This isn’t even a RAC situation, this is one kdb+ core, versus a 32-core server with Postgresql on it (no failover even!).

                          Postgres is getting better. It may even be closing the gap. But gosh, what a gap…

                          1. 1

                            Not to be that guy, but when tossing around claims of 1000x, please back that up with actual data/blogpost or something..

                            1. 6

                              You remember Mark’s benchmarks.

                              kdb doing 0.051sec what postgres was taking 152sec to complete.

                              1000x is nothing.

                              Nobody should be surprised by that. It just means you’re asking the computer to do the wrong thing.

                              Btw, starting a sentence with “not to be that guy” means you’re that guy. There’s a completely normal way to express curiosity in what my friend was doing (he’s also on lobsters), or to start a conversation about why it was so much easier to get right in kdb+. Both could be interesting, but I don’t owe you anything, and you owe me an apology.

                              1. 2

                                Thanks for sharing the source, that helps in understanding.

                                That’s a benchmark comparing a server grade setup vs essentially laptop grade hardware (quad-core i5), running the default configuration right out of the sample file from the Git repo, with a query that reads a single small column out of a very wide dataset without using an index. I don’t doubt these numbers, but they aren’t terribly exciting/relevant to compare.

                                Also, there was no disrespect intended, not being a native english speaker I may have come off clumsy though.

                                1. 1

                                  kdb doing 0.051sec what postgres was taking 152sec to complete.

                                  That benchmarks summary points to https://tech.marksblogg.com/billion-nyc-taxi-rides-postgresql.html which was testing first a pre-9.6 master and then a PG 9.5 with cstore_fdw. Seems to me that neither was fair and I’d like to do it myself, but I don’t have the resources.

                                  1. 1

                                    If you think a substantially different disk layout of Pg, and/or substantially different queries would be more appropriate, I think I’d find that interesting.

                                    I wouldn’t like to see a tuning exercise including a post-query exercise looking for the best indexes to install for these queries though: The real world rarely has an opportunity to do that outside of applications (i.e. Enterprise).

                              2. 1

                                Isn’t kdb+ really good at stuff that postgres (and other RDBMS) is bad at? So not that surprising.

                                1. 1

                                  Sort of? Kdb+ isn’t a big program, and most of what it does is the sort of thing you’d do in C anyway (if you liked writing databases in C): Got some tall skinny table? Try mmaping as much as possible. That’s basically what kdb does.

                                  What was surprising was just how difficult it was to get that in Pg. I think we expected, with more cores and more disks it’d be fast enough? But this was pretty demoralising! I think the fantasy was that by switching the application to Postgres it’d be possible to get access to the Pg tooling (which is much bigger than kdb!), and we massively underestimated how expensive Pg is/can be.

                                  1. 3

                                    Kdb+ isn’t a big program, and most of what it does is the sort of thing you’d do in C anyway (if you liked writing databases in C)

                                    Well, kdb+ is columnar, which is pretty different than how most people approach naive database implementation. That makes it very good for some things, but really rough for others. Notably, columnar storage is doesn’t deal with update statements very well at all (to the degree that some columnar DBs simply don’t allow them).

                                    Even on reads, though, I’ve definitely seen postgres beat it on a queries that work better on a row-based system.

                                    But, yes, if your primary use cases favor a columnar approach, kdb+ will outperform vanilla postgres (as will monetdb, clickhouse, and wrappers around parquet files).

                                    You can get the best of both worlds You can get decent chunks of both worlds by using either the cstore_fdw or imcs extensions to postgres.

                                    1. 1

                                      which is pretty different than how most people approach naive database implementation.

                                      I blame foolish CS professors emphasising linked lists and binary trees.

                                      If you simply count cycles, it’s exactly how you should approach database implementation.

                                      Notably, columnar storage is doesn’t deal with update statements very well at all (to the degree that some columnar DBs simply don’t allow them).

                                      So I haven’t done that kind of UPDATE in any production work, but I also don’t need it: Every customer always wants an audit trail which means my database builds are INSERT+some materialised view, so that’s exactly what kdb+ does. If you can build the view fast enough, you don’t need UPDATE.

                                      Even on reads, though, I’ve definitely seen postgres beat it on a queries that work better on a row-based system.

                                      If I have data that I need horizontal grabs from, I arrange it that way in memory. I don’t make my life harder by putting it on the disk in the wrong shape, and if I do run into an application like that, I don’t think gosh using postgres would really speed this part up.

                          2. 3

                            Spanner provides globally consistent transactions even across multiple data centers.

                            Disclosure: I work for Google. I am speaking only for myself in this matter and my views do not represent the views of Google. I have tried my best to make this description factually accurate. It’s a short description because doing that is hard. The disclosure is long because disclaimers are easier to write than useful information is. ;)

                            1. 2

                              @geocar covered most of what I wanted to say. I also have worked for a commercial database company, and same as @geocar I expect I have seen a lot more database use cases deployed at various companies.

                              The opinions stated here are my own, not those of my former or current company.

                              To put it bluntly, if you’re building a Rails app, PostgreSQL is a solid choice. But if you’ve just bought a petabyte of PCIe SSDs for your 2000 core rack of servers, you might want to buy a commercial database that’s a bit more heavy duty.

                              I worked at MemSQL, and nearly every deployment I worked with would have murdered PostgreSQL on performance requirements alone. Compared to PostgreSQL, MemSQL has more advanced query planning, query execution, replication, data storage, and so on and so forth. It has state of the art features like Pipelines. It has crucial-at-scale features like Workload Profiling. MemSQL’s competitors obviously have their own distinguishing features and qualities that make them worth money. @geocar mentioned some.

                              PostgreSQL works great at smaller scale. It has loads useful features for small scale application development. The original post talks about how Arcentry uses NOTIFY to great effect, facilitating their realtime collaboration functionality. This already tells us something about their scale: PostgreSQL uses a fairly heavyweight process-per-connection model, meaning they can’t have a huge number of concurrent connections participating in this notification layer. We can conclude Arcentry deployments using this strategy probably don’t have a massive number of concurrent users. Thus they probably don’t need a state of the art commercial database.

                              There are great counterexamples where specific applications need to scale in a very particular way, and some clever engineers made a free database work for them. One of my favorites is Expensify running 4 million queries per second on SQLite. SQLite can only perform nested loop joins using 1 index per table, making it a non-starter for applications that require any kind of sophisticated queries. But if you think about Expensify, its workload is mostly point look ups and simple joins on single indexes. Perfect for SQLite!

                              1. 1

                                But MemSQL is a distributed in-memory database? Aren’t you comparing apples and oranges?

                                I also highly recommend reading the post about Expensify usage of SQLite: it’s a great example of thinking out of the box.

                                1. 1

                                  No. The author’s claims “Postgres might just be the most advanced database yet.” MemSQL is a database. If you think they’re apples and oranges different, might that be because MemSQL is substantially more advanced? And I used MemSQL as one example of a commercial database. For a more apples-to-apples comparison, I also think MSSQL more advanced than PostgreSQL, which geocar covered.

                                  And MemSQL’s in-memory rowstore serves the same purpose as PostgreSQL’s native storage format. It stores rows. It’s persistent. It’s transactional. It’s indexed. It does all the same things PostgreSQL does.

                                  And MemSQL isn’t only in-memory, it also has an advanced on-disk column store.

                          1. 18

                            This is probably going to be an unpopular comment, but I’ll try it nevertheless

                            I recently unsubscribed, partially because I didn’t have the time to read new articles (or I had already seen them elsewhere, for example here), but what pushed me was this except from issue 102:

                            Cringiest articles of the year?

                            I don’t think I’ve read a more politically loaded articles this year, I’m not sure why but this is not a trend I’m found of and from the discussions on the forums and irc I know a lot agree that this is getting tiresome. Trying to paint a narrative over whatever is happening, especially a narrative that only applies in certain parts of the world. Keep away with your anti or pro capitalism talk from the 60s and let us enjoy the tech instead. Especially when it comes to the second article and the author nagging about Google being a corporate evil because their own product features are not supported in their pdf reader.

                            To me, you either think that political issues are serious and you mention them, or you just don’t (for whatever reason, there’s not reason it’s not legitimate) and ignore them – but think stance of saying “Cringiest articles of the year?”, and quasi proclaiming “I actively don’t care about issues others take seriously (and you shouldn’t either)” is just annoying and deterring.

                            And seriously, people mentioning the political dimensions of technical issues isn’t that omnipresent, that it’s preventing you from “enjoing the tech”.

                            1. 7

                              Valid point.
                              I usually avoid political news, and this is what this is about, but thought this time of putting a message in the newsletter because we had already discussed that week on the forums about that same topic. It was in the train of the moment.

                              There’s probably nothing else in the entire newsletter related to this topic, it was a reference to a forums discussion.

                              Thanks for the input, I appreciate it.

                              1. 15

                                The stance that politics, as a whole, should be ignored, has been a highly effective messaging strategy on the part of people whose views are aligned with the status quo.

                                Just to rephrase that in a way that makes the caveats in it a bit more obvious: I am not saying that everyone asking to curtail political discussion is doing so for political reasons; I am sure that many people say this for other reasons, such as sincerely finding politics stressful. I am saying that those requests end up serving the aim of preserving the status quo, and I am saying that a desire to preserve the status quo is itself a political position.

                                There are more remarks that I could make, relating an investment in the status quo to privilege theory, but I think that going into any depth on that analysis would be a distraction right now.

                                1. 1

                                  This is probably going to be an unpopular comment, but I’ll try it nevertheless

                                  The majority of Lobsters voted in the last meta for politics to be in every story and comment section here if they can achieve that. They also predominantly vote for a specific kind of leftist politics whose members say the same stuff as you. If anything, I predicted you’re the privileged in-group posting a comment to a pro-similar-politics, echo chamber that would reward you and anyone supporting your statement with high votes (popularity/support). That’s exactly what happened with your comment followed by @Irene’s. So, just chiming in to remind you your views are compatible with the dominant, most-voting people on the site with nothing for you to worry about. It’s people outside those views that have to worry they’ll get hit with strong, negative comments in threads on UNIX newsletters and stuff. So, whenever you feel anything like this, submit it without worries since you have a ton of support here.

                                  If anything, the people who say politics is so important are slacking off since Lobsters submissions and comments are still mostly technical, not politically beneficial. They should be submitting much more content on these issues like culture, technological methods to address this stuff (eg accessibility libraries/tips), content written by minority members underrepresented in tech, organizations that put money into this, and so on. Although a few submit some of that, the vast majority of political “work” on Lobsters are people in the political group(s) telling people in other groups that what they’re doing is wrong for (political explanation here) sometimes with lots of downvotes. On top of doing that, I strongly encourage all of you in the political activism group to reflect your stated beliefs in submissions, comments, and professional work to make stuff happen for real. Especially submissions: focus on politically-beneficial articles, esp written by minority members. I’ll believe all of you when 70+% of Lobsters submissions from all of you are advancing the goals for society that you claim is more important than tech write-ups.

                                  1. 2

                                    I of course can’t prove it, but from my experience I honestly excepted that people would shun me for leaving a “off-topic” comment. I was surprised to see that there was a positive reaction, possibly because I don’t know the lobste.rs community as well as you do – but even if that hadn’t been the case (and I’m sure I could post unrelated comments on my views that would provoke such a reaction) I would have left my complaint for @venam to see.

                                    And after all, I only mention “politics” because it was mentioned in a newsletter, I remembered. My point was (next to the one that I had no time to read all the articles) that I would have rather wanted the political submission to not be included (the secondary, deriving issue was the way it was talked about).

                                    1. 1

                                      The majority of Lobsters voted in the last meta for politics to be in every story and comment section here if they can achieve that.

                                      That recounting of the discussion is made of straw, and if it were true, I’d be confused about why you’re even still here. Most post comment sections do not go political (this is vacuously true, since 14/25 front page items have no comments at all, but even the remaining ones don’t seem very politically charged).

                                      Let’s be real here: @zge was responding to text within the article itself which clearly carries a political statement. If the article says something is “cringy”, it is not off-topic to respond with a justified “no it’s not”. Responding to a political sentiment with additional political sentiment does not mean you want to involve politics in every story and comment section here.

                                      Please get off your cross, so we can use the wood for something useful.

                                      1. 1

                                        If it’s straw, look at the comment section to see what the number of comments are here for the technical vs political aspects of the article plus their voting support. No surprise that it supports my assertion. The comments in the other threads were usually in support of people calling out authors or other commenters about the political ramifications, from a specific vantage point, of their claims with more support for that than the technical aspects. I think the consistent, higher-than-technical-stuff support for such comments further corroborates my claim they reward political claims seemingly every time it shows up and (by their other statements/vote) support much more of it. However, there’s statements in comment section and action towards stated goals. About that…

                                        “this is vacuously true, since 14/25 front page items have no comments at all, but even the remaining ones don’t seem very politically charged”

                                        That’s what I’m calling them out for. The highest-voted stuff from the political side was about promoting inclusion, fixing social problems, modifying speech/actions to conform to their politics, and so on. Yet, there’s hardly any comments or political submissions at all from the same people who value politics higher than technical content. It’s like, “Do you care about this stuff that much or don’t you?” I previously said they were virtue signaling since most of them don’t submit crap that achieves their stated goals. How hard is it to submit one a week from each of them on anything they discuss in the comments? They put lots of time into the comments doing accusations or defending the need for political action but about nothing into the main content on the site. Their failure to act consistently with their stated priorities, at least here, is why the data you mention doesn’t show it.

                                        “Please get off your cross, so we can use the wood for something useful.”

                                        There’s no cross. The site’s politics changed over time to reward specific views/practices and shun others. I was pointing out the person who appeared worried about their compatible politics having a negative reaction had nothing to worry about. Actually, that person was slamming someone else while saying that with a lot of upvotes. I then encouraged them and everyone else upvoting it believing political angles were so important to actually submit stuff benefiting same political goals to Lobsters. More submissions helping every issue they upvote in political debates. I see almost none as you indicated. So, they’re either hypocrites doing virtue signaling or extremely busy doing good things for such causes outside Lobsters to point they can’t spare even a submission a week (or day). I’ve adapted to the New Lobsters by both ending my most mention of views they collectively discourage and encouraging them to do better about views/practices they encourage: submit politically-beneficial, inclusive content that minimizes harm in its many forms while the rest of us just submit deep, technical stuff (which may or may not do some of the same public goods).

                                  1. 10

                                    What I really liked about this talk was how it focused on the delightfulness of code synthesis versus all of the other claims people make about static typing. It made it more approachable and meant Brady had to spend less time convincing us versus dazzling us.

                                    1. 8

                                      Yeah, massive respect for Edwin Brady. He has a lovely, humble presentation style.

                                      1. 3

                                        100% agreed.

                                    1. 3

                                      Great description of this stuff. I’m familiar with attribute grammars from a linguistics context, and it would never have occurred to me to use them as a practical data structure. But it does make a lot of sense and now I’m curious what software has done that.

                                      1. 72

                                        Ethics are inseparable from technology, since technology enables and inhibits actions, which are subject to ethical consideration; ergo, the creation of technology is an set of actions subject to ethical judgements.

                                        1. 34

                                          I’d go even further than that, attempting to exclude “ethics”, broadly construed, has helped to enable a social environment within technology circles that has legitimated a great deal of what people are now rightly reacting to, the surveillance, the effects the brain of using gambling machines as a design template for websites, the unwillingness of corporations to take any responsibility whatsoever for the effects that their products have on society at large, Uber (all of it), and on and on.

                                          1. 14

                                            I agree with both of you. On the other hand, I also kinda see the point of wanting a space that’s focused in technical aspects, and understand OP’s fear of ethical/political discourse dominating this forum. And in the other other hand, I also feel that not speaking about the ethics of technologies, and actively discouraging this kind of discussion, is, in and of itself, a way of speaking about it, agreeing with it.

                                            So, yeah, that’s hard. I got no solutions.

                                            1. 8

                                              Regarding the “fear of ethical/political discourse dominating this forum”—I understand, but we wouldn’t have to have all of these discussions if people would just stop being unethical :-) The more discussions we have now on this topic, the fewer we’ll need to have in the future. But if we don’t talk about it then, as you point out, things are only going to get worse.

                                              1. 13

                                                I think there’s a bit of a difference between discussing the ethics of a company and aggressively attacking a person.

                                                The main top comment raises some points and actually encourages discussion, which admittedly doesn’t really happen in that thread. A large portion of the top upvoted comments are people chiming in and (essentially) saying “me too”. The top comment responding to a maintainer is incredibly aggressive towards the maintainer who stepped forward, only tangentially relates to the parent comment, is arguably a personal attack against that person and discourages discussion through the tone. Yet it’s more upvoted than the technical comments below.

                                                In addition. it’s easy to forget that there are people on the other side of these usernames. It reminds me quite a bit of This is Phil Fish, a case study on how people can associate people with something larger, sometimes in damaging ways. It’s not quite the same, but I see similar parallels in how the community tends to treat employees of certain companies (yes, like Palantir… but Google also comes to mind).

                                                I’d like to see more comments that encourage discussion, like the most upvoted top-level comment, and less comments saying “me too”, “I agree with this”, or borderline attacking the poster, like the most upvoted response to the maintainer.

                                                1. 10

                                                  The more discussions we have now on this topic, the fewer we’ll need to have in the future. But if we don’t talk about it then, as you point out, things are only going to get worse.

                                                  That’s an interesting theory. I haven’t seen any evidence to support it on any of the other discussion forums I’ve used, but I suppose it might be true somewhere. I think friendlysock’s take is more accurate: by encouraging (tolerating? normalizing?) aggressive and reflexive positions on non-technical issues, we will get more of them here, not less. And eventually, the “bad money” will drive out the good, just like it does everywhere.

                                                  1. 6

                                                    Indeed - I think we have a plethora of examples of politics taking over, and few (none?) of political discussion settling debate so that everyone can move on.

                                                  2. 8

                                                    The more discussions we have no on this topic, the fewer we’ll need to have in the future.

                                                    I disagree with this in so many ways. We cannot possibly come to some end resolution where everyone agrees on a certain set of ethics, and even if that magically happened, we cannot all agree on the best way to act upon those ethics. Political conversation already permeates way too much of society. I don’t need to see it in a forum for technical discussion. If we’re going to try to think of ways for technology to be abused, we’re not going to produce anything. Further, I think we’re totally dismissing all the great things that same technology has done and can continue to do because it can be abused. If someone wants feedback on their submission, I don’t personally want to see politically-oriented discussion around it in this particular forum.

                                                    If the broader group of folks here wants this to become a political-friendly abyss, I’m fine with stepping away. But I don’t get that feeling right now.

                                                  3. 3

                                                    This is basically my opinion, too.

                                                    (I haven’t posted more in this an the other meta threads this week because I’ve been very busy starting a new job, but as I’m catching up today I’ve really appreciated all the thoughtful discussion exploring these questions that don’t have easy answers.)

                                                2. 36

                                                  I think you have a point here that is both truth and lacking utility, but may be getting upvotes because hey, who wouldn’t upvote ethics in technology?

                                                  Here are some of the practical issues with supporting debates about “ethics”.

                                                  First, what do we mean by “ethics”?

                                                  Are we just wanting to talk about right and wrong? That’s often a matter of aesthetics. When I was born, it was pretty commonly held that homosexual acts were Evil, that psychoactive drug usage was Corrupt, and that democracy was unquestionably Good. None of those things are unerringly true anymore.

                                                  You might say “But friendlysock, those are matters of morals, as opposed to organized systems of beliefs that are analyzed in the context of practicing agents!”, and I would agree. That being the case, what is the point of having discussions that end up going basically:

                                                  • “You’re immoral!”
                                                  • “No, you’re immoral!”
                                                  • “You both act in clear hypocrisy of your professed morals!”

                                                  That discussion leaves everybody angry, takes up a lot of space, and doesn’t teach anybody anything. Worse, it breaks the operating regime of the site, because people will inevitably just blindly upvote the folks whose aesthetic matches theirs, and downvote or flag those that don’t–or worse, devolve into namecalling.

                                                  Okay, well, what about big-E Ethics?

                                                  So, we skip out on thinly-veiled callout threads and we’re just gonna limit ourselves to talking about big-E Ethics. Academic/philosopher stuff like meta-ethics and normative ethics and subtopics like utilitarianism and virtue ethics and state consequentialism and so forth.

                                                  And those are really fun topics. We have problems with those as the basis for subthreads though:

                                                  • Hardcore philosophy (despite our having a tag by that name, since that usage is looser) is off-topic.
                                                  • Most users (myself included!) are completely underskilled to talk big-E Ethics without a lot of clarifying back-and-forth and education in threads. Even assuming we have the skill to do all of that in a subthread (we don’t) and that we avoid falling back into moralizing (we won’t), such conversations suck all of the air out of the room for the technical discussion. That Palantir thread had us scrolling to the very bottom to get anything involving code or tech.
                                                  • We’re gonna end up having the same discussions over and over again, as the big-E Ethics questions are, rather famously, undecidable.

                                                  Okay, fine, what about professional ethics?

                                                  Sure! If people want to talk about how a given thing violates professional ethics, then I think that is healthy. Here is the ACM Code of Ethics. Use that as a starting point in a subthread.

                                                  Note though that we still don’t have professional organizations in the sense of, say, Professional Engineers. Our profession isn’t organized enough for that. So, talking about “professional” ethics is kinda hard.

                                                  ~

                                                  Overall, I just don’t think that the “ethics” discussions are what people are actually after here. I think people want to callout and shit on other folks, and that they want to show to their friends solidarity in an aesthetic. This damages one of the only good venues for safe technical discussion on the ’net today.

                                                  And I won’t stand for that.

                                                  1. 30

                                                    I would, gently, point out that adjucating morals to aesthetics (the study of beauty, and of which the current post-Romantic admits a separate aesthetic for each individual) is not a stance that is particularly admirable.

                                                    Simply keeping “Lobsters about tech” is a big E ethics decision, with ramifications that ripple out.

                                                    If you want to demand that people treat other people well, that is a stable ethical choice that is supportable and relatively decidable.

                                                    ~

                                                    But to be clear, working for Palantir - or other major enabler of violence & repression that generates widespread sideeye, is both a technical and an ethical choice; pointing this out and pushing back against consuming technical material from such an enabler seems perfectly reasonable.

                                                    We can debate whether working for Palantir is ethical - it probably also enables benefits to LEOs working complex cases and addressing real social harm. Many times on other social media sites, employees of ethically tangled companies will comment and discuss the complexity and reality of working in these environments. There is a very real debate, it’s not an open and shut thing where some group of activists come in and screams.

                                                    I reiterate: technology and ethics are intertwingled. While some contexts are more neutral than others, very few are pure neutral.

                                                    1. 12

                                                      @pnathan I didn’t want to wade into this muck, but you seem genuine. In my mind is not whether debates about ethics is good or bad, but rather what is lobste.rs for? There are PLENTY of places on this big internet to get on a soapbox and yell about whatever gets your goat. I want a quiet corner where I can just read about technical things. Code, decisions behind code, some PLT, some math and the occasional bit of humor. Perhaps the people here saying, well Kaushik, its time to go away somewhere else because that’s not what lobste.rs is for any more, and I will join the stragglers as we exit out of yet another refuge inundated by the loud and obnoxious soap box crowd.

                                                      1. 10

                                                        I’m 100% with you here. I see way too much soap boxing and bickering pretty much everywhere else on the internet. This was a safe haven for technical discussion without the political theater. If it’s going to become that, I’ll be happy to leave and try to form yet another community where we are trying to avoid this kind of stuff.

                                                        1. -2

                                                          leave and try to form yet another community where we are trying to avoid this kind of stuff

                                                          I’ll wager that ethical questions will inevitably follow you there, as they are inextricably part of the human experience, whether or not the primary topic is tech.

                                                          1. 4

                                                            I’m not trying to avoid them entirely, I just want a forum for technical discussion. Not everything has to be polluted with other topics and agendas

                                                            1. 1

                                                              You might find the more focused discussion you seek in a special-interest forum. General-interest fora will attract general topics of conversation.

                                                              1. 11

                                                                Lobsters has been that forum for me until recently.

                                                                1. 0

                                                                  That’s interesting. I hear many voices in this thread expressing the same. I never saw this website as something like that, I just saw it as a place where some relatively niche computing topics are aggregated.

                                                                  1. 7

                                                                    You’re also relatively new here compared to some of us, so that probably feeds into it. The site has grown quite a bit since I joined.

                                                                    1. 1

                                                                      I was reading this website for a long while before I got an invitation, but it is fair to say my account history is relatively new. When I started reading, most posts seemed to get an average of 1 or 2 comments. It’s hard for me to reconcile this—some folks are lamenting that recent discussions are not in keeping with the historical tone of the site, but the site has been historically silent on most topics.

                                                                      1. 5

                                                                        Try looking at it from a different perspective. Perhaps the absolute level of good quality comments hasn’t moved too much, but perhaps the absolute level of low quality comments has increased. If that’s true, it increases the signal-to-noise ratio and can lead to the “we used to have more good quality content here” observation.

                                                                        1. 2

                                                                          I was being very generous with the comment count. Even today, when I posted that comment, half of the front page articles had zero comments. Perhaps the signal level is just too low to begin with. Maybe there’s no consensus on what the signal is.

                                                        2. 4

                                                          you seem genuine

                                                          That’s one of the nicest things someone not my wife has said to me for some time. :) Thank you.

                                                          My basic thought is that I also want a corner where we can seriously talk about highly technical things, but we should be aware and also talk about the broader ramifications of our work, because we have the technical background to get the implications of our work and be correct about how it works, and to talk about the ethical implications of how a specific capability works/doesn’t work (whereas I have deep suspicions of an arbitrary op-ed columnist whinging about tech and begging for regulation).

                                                          To ask for a soapbox free zone seems completely ok - to ask for an ethics-free zone is an ethical choice that selects for specific social choices (as non-obvious as that may seem). To be specific: I’m not sure discussing the ethics of a new compiler gets us anywhere, but if its produced by Dr. Evilheart Murder Enterprises, maybe we need to discuss if using it supports D.E.M.E., and if we can redeem the technology from its production in the context of D,E.M.E. I don’t think that this is some lefty social justice agenda I’m asking for…. Maybe I’m wrong.

                                                        3. 12

                                                          I acknowledge the intertwingling, abstractly. But it seems you’re not addressing friendlysock’s actual concern. Is an announcement thread by a new user who happens to be the maintainer of an open source project an appropriate place to have the “very real debate” about whether working for that person’s employer is an ethical choice? When a commenter on that post engages in a blatant personal attack and is rewarded with upvotes aplenty, is the “very real debate” being furthered?

                                                          1. 10

                                                            I would say so: it’s an opportunity for the software developers of Palatir to make a case that they are acting in an ethical fashion, that the world is complex and they are producing a net good. When I worked for a Famously Bad Reputation company, we were encouraged to defend the company. This would have definitely been a place where the maintainer could have defended themselves - if company policy allowed, of course.

                                                            One of the interesting bits of social psych is conformity matters. If the general community shuns X group, to the point where its a permanent black mark on the record generating firings/no-hirings and it’s not something anyone is comfortable around at church, marrying family members, etc, then the X group diminishes into the fringe. Whether you are conservative or liberal, you wind up having a conformity and a social order. I’m not personally sure where to draw that line and place the mark, but Palantir is a popular target for placing that mark.

                                                          2. 8

                                                            I would, gently, point out that adjucating morals to aesthetics (the study of beauty, and of which the current post-Romantic admits a separate aesthetic for each individual) is not a stance that is particularly admirable.

                                                            Why not? There’s a huge variation in morality within our own culture, let alone looking across cultures. You can find people that believe that it’s immoral for two people with the same groin-endianness to get married, and others who think that it’s immoral for to accumulate a large amount of money. You have people who think that allowing dictators to abuse their people is immoral, and others who think that intervention is a bigger evil. You have people who think that it’s important to protect the freedom of users with copyleft licenses, and people who think that copyleft immorally restricts commercial use of software. You have fights between which supposedly divinely inspired book written thousands of years ago by uneducated sheep herders/traders/warriors/… is the primary authority on how to live your life. The list goes on, and all of them have people who believe one thing or the other.

                                                            The shifting scene of prevailing ethical thought really does make it more like aesthetics than people are often comfortable admitting. Yes, it has longer term effects on people’s lives, and yes, it’s got some underlying principles, but it’s certainly not some sort of fixed beacon of truth.

                                                            Why do you think that there is a universal set of ethics that people subscribe to? And if you don’t, do you really want this site to be either the battleground for deciding this, or a community of yes-men who boringly signal that yes, they are indeed a part of the in-group?

                                                            There are lots of valid and interesting discussions to have on these topics, but to me, they detract from lobste.rs.

                                                          3. 2

                                                            The book that revived virtue ethics as a viable project, MacIntyre’s After Virtue, points out how (and explains why) contemporary ethical debates have a peculiarly shrill and interminable character.

                                                            1. 2

                                                              This is a weird use of “aesthetics”. I don’t really know what you’re trying to say.

                                                              1. 2

                                                                I read “aesthetics” as, roughly, “something that a group of people has decided to call ‘basic human decency’, with the various external trappings this entails”.

                                                            2. 21

                                                              Yet I somehow suspect if I ask “What are the ethical implications of creating a webassembly backend for ocaml?” that I won’t receive quite as many upvotes.

                                                              1. 6

                                                                If the answer to the question “What is it built for?” is “for missile guidance systems”, we are in a different territory pretty quickly, though! Nothing technology lives without context.

                                                                To turn this into something more tangible: when DARPA invested around 10 million for https://c2rust.com/, it definitely raised some eyebrows and sparked a couple of discussions.

                                                                1. 9

                                                                  ARPA/military were behind the Internet, GPS, Tor, and (via defense contractors) majority of contributions to Linux kernel. Yet, most people discuss them without warnings or ethical debates in threads.

                                                                  It’s just specific things that are also talking points in liberal media.

                                                                  1. 2

                                                                    You are making it seem like these things have not been discussed, which is definitely not the case. Also, we’re not liberal media, we’re a community.

                                                                    1. 2

                                                                      Most of the statements read like they were pulled out of the liberal media. Pop-culture politics. People that actually care about popular politics here, say inclusion of under-represented groups, would have people from those groups, esp women, in the main teams (eg Rust compiler/libraries), be submitting work from such underrepresented people here to Lobsters instead of white/asian males, linking to write-ups by the same in the comments, and so on. There’s just one or two people doing that consistently off the top of my head.

                                                                      Inclusive politics here mainly equals writing comments and language policing to such people, not actually highlighting work by or bringing in underrepresented. Aka what they’d do if it really mattered. Same with employers, eco-friendliness, etc where someone could call out an OP in the majority of threads every day about the ethical ramifications of what they’re submitting. They only do on specific, popular, talking points, though.

                                                                      I make an exception for you since your community work probably does a lot of good in inclusion. A lot of good period. On Lobsters, though, most people voting for prioritizing politics for social justice certainly aren’t boosting minorities or even ethical suppliers. So, I call BS on it really mattering to them past ego value from social signaling, virtue and shaming.

                                                                  2. 9

                                                                    So if somebody builds a webassembly backend for missile guidance and puts it on github, is it ethical to use it for protein folding research? Or is it forever tainted?

                                                                    1. 1

                                                                      That’s a different question, and yes, it’s an interesting one. It’s also not like things on Github are just there. They still have a maintainer, a hosting organisation, and a leadership.

                                                                  3. 2

                                                                    Thats a cute non-sequitur, given that no one is inserting ethical implications into things like that. Seeing as this thread was sparked by the discussion around the ethical implications of software labor being used to further the work of a surveillance contractor, its not just a worthless message-board retort, its actively muddying the waters around issues that are inseparable from ethical questions.

                                                                  4. 18

                                                                    You’ve got to go about asking these questions in a way that actually enables the OP to respond. Instead, we got a massively passive-aggressive jab at the OP’s company:

                                                                    I guess it may be possible to work at a seedy company and still do good stuff […] Regardless, thanks for releasing this as free software.

                                                                    After which, the top commenter is hailed as a hero, and, to no one’s surprise, the OP didn’t respond.

                                                                    A reword that might have actually elicited a response might have started with “Thanks for releasing this as free software!” rather than the “yeah, your company sucks, but thanks anyway” angle.

                                                                    1. 9

                                                                      the creation of technology is an set of actions subject to ethical judgements

                                                                      Assuming that it is true - is it possible to have a small place (e.g. lobste.rs) which is for discussing technology without ethical implications and all the rest of the net for discussing whatever you want (also ethical aspects of technology)? Is this something you can imagine being possible or do you think that such place can’t exist? (this is a serious question)

                                                                      1. 32

                                                                        That’s certainly an important question.

                                                                        I think that it’s certainly possible to mention technology without explicitly mentioning ethics. I also think that engaging in that way is an ethical position. You can separate them at the surface level of discussion, but not in the substance.

                                                                        That said, I can certainly imagine a community in which technology is discussed but ethics is never explicitly mentioned. I would not want to be part of such a community; I would find it deeply unsettling. I do think that some people might like it, and there are a variety of reasons for that and I wouldn’t want to make assumptions about any particular person’s reasons.

                                                                        1. 7

                                                                          I think the problem with ethical discussions on a technical forum is that there’s not really a shared basis for those discussions. We might have a bunch of members from various religions and cultures who subscribe to widely different ideological frameworks and ethical principles. These different backgrounds are likely to be incommensurate, incompatible, and irresolvable.

                                                                          In that way it’s similar to discussions like “Are static types good or evil?” or the famous editor wars—so called “religious flame wars” which are known to ruin communities if left to fester.

                                                                          So indeed it is a kind of ethical decision about the norms of the community—whether ethical claims and disagreements ought to be encouraged in comment threads. There are pretty good reasons against.

                                                                          Let’s say I’m a committed socialist or communist or anarchist. There are many such people who are programmers. Now I have very good reason to enter threads about commercial activity and ask the involved people to justify their clearly immoral participation in the tyrannical, plutocratic, deeply unjust system of capitalism. I would of course encounter a bunch of dirty capitalist apologists trying to argue against my ethical position… and we could go on for a long time… almost certainly to the detriment of the community.

                                                                          1. 5

                                                                            “I think the problem with ethical discussions on a technical forum is that there’s not really a shared basis for those discussions. We might have a bunch of members from various religions and cultures who subscribe to widely different ideological frameworks and ethical principles. These different backgrounds are likely to be incommensurate, incompatible, and irresolvable.”

                                                                            You nailed it. That isn’t hypothetical: it happens in every political thread. The ending, minus rare exceptions, is everyone ends up believing what they already believed with some shunning their opponents in some way. Lobsters doesn’t work for political discussion that’s about actually changing people’s mind.

                                                                            Of course, many of you are starting with the foundation that people wanting politics want a political discussion. They mostly don’t as evidenced by their comments in such threads. If you’re curious, I just described here the evolution of politics and behavioral patterns on this site from when I first came to where we’re at now. Given the same environment, political discussion is and will continue to be impossible because the dominant group intends for it to be. They want compliance and conversion, not discussion.

                                                                            1. 3

                                                                              I don’t necessarily know that changing people’s minds should be the goal, but I also don’t know that it’s impossible. I think you’re describing what happens when everyone reacts defensively. It’s indeed not possible to change someone’s mind if they aren’t willing to open up and have a real conversation, so I wish the world in general would be more open to interacting in ways that aren’t so resistant to real dialogue.

                                                                              I’m an optimist, and I believe that when people try, they can engage with the goal of at least leaving each other with something to think about.

                                                                        2. 6

                                                                          I’ll suggest this (mainly tongue-in-cheek) but it might be a good solution: for every submission provide another link next to ‘reply’ called ‘ethics-reply.’ The links go to two separate discussion areas. That way, people can dip into the tech or ethics discussions as they like.

                                                                          1. 6

                                                                            If such a place did exist, I think you’d have trouble finding a lot of people who would want to hang out there. I’ll just jump immediately to the most extreme possible example: if someone posted an article about the technology used by the Nazis to organize the Holocaust, but discussing the attendant ethics was strictly forbidden, would you be happy participating in that discussion? Would you want to spend a lot of time talking to other people who would be happy participating in that discussion?

                                                                            1. 14

                                                                              if someone posted an article about the technology used by the Nazis to organize the Holocaust, but discussing the attendant ethics was strictly forbidden, would you be happy participating in that discussion?

                                                                              I am a jew who was raised by holocaust survivors. My answer is yes. In fact, I think it’s the only way that one could have a discussion about the technology used by the Nazis that wasn’t immediately dragged off topic.

                                                                              And, honestly, an ethical discussion would either be abhorrent or boring, since a vibrant discussion implies a difference of opinion, and anyone who has significant differences in belief with me on the ethics of systematic mass murder is someone that I don’t expect to have a productive discussion with.

                                                                              1. 12

                                                                                Yes to both, to be honest. I did a bit of research for a point the other day, and something occurred to me.

                                                                                Technology, especially computing, is all about solving problems at scale and efficiently. For the most part of the 19th and 20th centuries, the domains that actually had the scale to justify theoretical work and practical development tended overwhelmingly towards things like military applications (standing armies tending to be some of the largest organized groups around) and demographics/census/taxcollecting work.

                                                                                For better or worse, note that IBM was really good at tabulating census data, something that the Nazis took advantage of. I personally would be happy talking about techniques for tabulating that data and managing it, in hopes that it could be applied to more positive uses. Similarly, I’d be happy to learn about rocketry from von Braun, even though most of what he learned he learned by dropping explosives on British civilians.

                                                                                1. 5

                                                                                  Let’s take the specifics. Is Palantir stuff that remarkable to be worth the inevitable fallout in the comments and personal ethical compromises? Is it really that seminal and groundbreaking?

                                                                                  It is a dilemma when we talk about say an SS officer who also happened to run the US Moon programme. But Palantir is adtech’s meaner sibling, what is there that makes it worth picking the turd pile?

                                                                                  1. 9

                                                                                    The drop in the level of technical discussion is the issue, not the company being discussed. I’d prefer to let posts on unethical companies die in silence, rather than make this site a worse place to discuss technology.

                                                                                    1. 2

                                                                                      Another reason is highlighting the bad gives you less time to create the good. Most people that care can look up a company to see if there’s anything messed up. The bad or at least going with the flow are also the majority. If we’re talking companies, I’d rather people put more effort into highlighting ethical ones with useful tech or products. Basically, anything that can be a fit here on technical grounds with them also mentioning in a comment that the person, company, product, etc is good/beneficial for (reasons here). Maybe they mention some bad examples with it if trying to shame companies. Just optimize to promote more tech and examples of public benefit over just calling out bad companies who are the perpetual default.

                                                                                      Easy example: Prgmr.com over Digital Ocean, AWS, Google, or Azure if fits use case due to ‘straight-forward offerings, great service, some nice people, and freely hosting an excellent site for deep, technical discussion.” The submission might even be about something else entirely that’s merely hosted on the ethical product/service. Then, they add a quick note about it that barely distracts from the focus on technical content. Just all flows together for the reader.

                                                                                    2. 8

                                                                                      the inevitable fallout in the comments

                                                                                      The fallout is not “inevitable” - it is not a force majeure. Actual, specific, individuals CHOOSE to make it about the “ethics”. You’re asking people to appease these individuals.

                                                                                    3. 2

                                                                                      Would you be also ok to discuss methods of performing deadly medical experiments on people with Nazi concentration camps staff? Would you be ok to advise them how to improve the scale and speed? Would you still want to keep such discussions ethics-free? How about diacussing effectiveness of guns with the Zodiac Killer? Or advising Ted Kaczynski on bombs?

                                                                                      edit: Please note my intention here is not to seed outrage; I’m sincerely interested in your answer, as I find it hard to imagine setting really no ethics limits, so I’m curious to gauge where would you actually set them? Or would you really want no limits?

                                                                                      1. 6

                                                                                        I’ll pick on your first example, because I don’t see benefit in addressing the others (I read you as making the same category of point, with those added for emphasis).

                                                                                        Would you be also ok to discuss methods of performing deadly medical experiments on people with Nazi concentration camps staff? Would you be ok to advise them how to improve the scale and speed?

                                                                                        Let me turn that around on you:

                                                                                        Would you prefer they do them inefficiently, if you knew they were going to do them regardless? Would you prefer that the innocent lives lost in the nominal science of these experiments be done in vain because somebody screwed up their data collection? Would you prefer that, for the same data, they use extra prisoners because they suck at statistical power analysis?

                                                                                        I don’t support immoral behavior, such as mass murder and torture. I do recognize that whether such things are legally or ethically permissible (again, not morally) is something that transcends individual opinion, and that where those acts fall is a function of the zeitgeist of the times. Sloppy engineering, science, and math will always be sloppy, aesthetics of the time be damned.

                                                                                        We can’t get to identifying and fixing/discouraging/pillorying that sloppy behavior if we can’t engage with it. We can’t even get close enough to try and reclaim those lost souls if we can’t engage with them on (nominally objective) material civilly.

                                                                                        1. 6

                                                                                          Thanks for the interesting reply! So, I think in shortest words I could express what I think about this the following way: I would indeed prefer for them to do this ineffectively - I’d say that is the principle behind sabotage. As far as I know, sabotage works. And that’s indeed what I’d hope to be able to say I’m doing against actions I believe to be significantly unethical. (Though trying to keep my own integrity in means employed to that end.)

                                                                                          1. 9

                                                                                            I’m not sure sabotage always works the way one hopes. When you destroy the results of human experimentation, the data is recreated by repeating the experiments on a new set of humans. That seems like a bad outcome for those involved.

                                                                                            I think the problem is we too often define success as hurting the bad people, and yes sabotage hurts them, but we too should consider the collateral damage of our actions.

                                                                                            1. 6

                                                                                              It’s not about hurting bad people. It’s about making their evil work harder and less efficient at actually hurting good people, while also trying to convince evildoers to not do the evil in the first place, and preferably do good instead and thus become good people. If doing evil is easy for them, it won’t make them do less of it, but rather more of it. They will always invent new experiments to do on a new set of humans anyway. Appeasement policy did not work on the onset of WW2. A bully must be stopped, not let continue the bullying. A child doing bad things must be reprimanded and informed/educated about bad consequences of their deeds, not spoiled.

                                                                                              1. 1

                                                                                                Well put.

                                                                                      2. 5

                                                                                        if someone posted an article about the technology used by the Nazis to organize the Holocaust, but discussing the attendant ethics was strictly forbidden, would you be happy participating in that discussion?

                                                                                        Interesting example - you are asking if I would be interested in (discussing) e.g. technological aspects of IBM products around Second World War. Yes, this might be very interesting. I can also imagine other Nazi tech related topics that I wouldn’t find interesting (but see no reason for others not to be interested in) and in such cases I would use the hide button. Hopefully such place wouldn’t be all war tech from Nazi Germany or modern day USA ;)

                                                                                        1. 4

                                                                                          I would absolutely be hanging out there. That was kind of how this place has been for the most part.

                                                                                          As to your question about Nazis, yes I would want to discuss the technology, and I’d be happy to discuss it with people in those threads. If it were completely neutral politically, there is the potential to have great technical discussion.

                                                                                          1. 3

                                                                                            I think you’d have trouble finding a lot of people who would want to hang out there

                                                                                            I agree, but that’s not a bad thing, is it? This is not some sort of mass movement.

                                                                                          2. 0

                                                                                            s it possible to have a small place (e.g. lobste.rs) which is for discussing technology without ethical implications and all the rest of the net for discussing whatever you want

                                                                                            No. Even if it were, this would not be it.

                                                                                            1. 1

                                                                                              Even if it were, this would not be it.

                                                                                              How do you know this?

                                                                                              1. 0

                                                                                                Because this site is full of intelligent people.

                                                                                                1. 9

                                                                                                  Ah. You’re implying that “discussing technology without ethical implications” is exclusive to stupid people. Do I understand you correctly?

                                                                                                  1. 2

                                                                                                    I’m chewing on my keyboard right now!

                                                                                                    1. 1

                                                                                                      Discussing technology without coming up against ethical issues is impossible. I don’t think intelligent people would just skirt around them when they come up.

                                                                                            2. 5

                                                                                              Do you have an example of an action that would not be subject to ethical judgements? In trying to understand your claim, but I don’t sufficiently understand the definitions you’re using to determine whether you’ve made a falsifiable statement or not. Will you spend a little time describing the limits of your statement or what empirical observations support it?

                                                                                              1. 6

                                                                                                I would argue that there is a class of actions, e.g., selecting one knife over another in the kitchen for cooking, that has neither inherent ethic or no ethical consequence. Now, the ethic selected for consideration will affect whether you consider something to be of consequence. If, e.g., there is an ethical judgment on the Proper Utensils To Use, then that becomes of ethical consequence. Generally, societies consider actions such as killing adult humans to have inherent ethics.

                                                                                                Suppose we choose gcc or clang - then you are supporting, ever so mildly, one development philosophy & license over another. Those licenses are widely considered to have ethical entailments. The FSF has very strong ethical stances about licensing.

                                                                                                Now, with respect to empirical observations, I suggest weapons systems: they are an obvious technology which carries ethical implications. Other technology might be: AirBNB (affects housing), Uber (affects taxi operators), factory robots (replaces factory workers). Each of those affects jobs and thus the ability of many members of society to be fed and housed, a clear ethical question.

                                                                                                I hope those presents samples that adequately points towards the answer you are looking for.

                                                                                                1. 7

                                                                                                  I would argue that there is a class of actions, e.g., selecting one knife over another in the kitchen for cooking, that has neither inherent ethic or no ethical consequence.

                                                                                                  Interesting. Why do you believe that the methods that knife companies use to exploit their workers and the labor conditions of their employees would not be something to discuss? Do you believe that the environmental implications of importing knives from China rather than buying them locally has no ethical impact? What about the historical implications of Western expansion and influence in Japan, and the resulting western style Gyuto knives supplanting Sujihiki style kitchen knives? In fact, not only are there ethical implications, there are deep historical forces involved in your selection of kitchen knives.

                                                                                                  Of course there are ethical considerations in picking kitchen knives. But you might not want someone to bring them up every time you try to discuss paring potatoes, because they may be considered to be off topic by some.

                                                                                                  1. 4

                                                                                                    Ah, this is the problem with language: I was contemplating grabbing one knife out of my kitchen bin versus another. “Selection” is a polymorphic verb over multiple objects dispatching… and yes, actual purchasing of knives exercises an ethical choice regarding the supply chain and who gets my infinitesimally small dollar choice.

                                                                                                    It’s a bit tiring, as a friend said to me once, there is no ethical consumption under capitalism(even if you disagree with my Lefty friend there, you can get the spirit of the statement) - sometimes you do just need to get the Thing done. One has to care the appropriate amount, and respond in the proportional manner.

                                                                                                    1. 10

                                                                                                      there is no ethical consumption under capitalism

                                                                                                      I’d go one step further: There’s no such thing as an unquestionably ethical action. The economic model doesn’t matter – everything is an ethical trade off. With that realization, it becomes clear that ethical debates can be shoehorned in anywhere, which is why a space where discussions on ethics are deemed off topic can be valuable.

                                                                                                      (Edit) High quality discussion on ethics would be interesting, but quality is subjective, and discussions are prone to turn into flame wars and shaming, especially in today’s internet climate, so I’d rather have them declared off topic, at least in this little corner.

                                                                                                      1. 8

                                                                                                        If politics is encouraged in every applicable thread (it is now) and I wanted to join that practice (I don’t), I could be calling folks out in many (sometimes most) threads here each day on ethics around employers, code maintenance, energy use, disposable products causing environmental harm, using tech that’s non-inclusive cuz few understand it or CPU/RAM requirements price out the poor, and so on. It would be ridiculous even when true since it distracts so much from the kinds of technical submissions that brought many people to Lobsters in the first place. Especially those actually building interesting stuff vs just submitting.

                                                                                                        It’s why I was for either ban on politics or a tag so it would be in specific threads folks could filter. Both got shot down. Here we are.

                                                                                              2. 6

                                                                                                You’re absolutely correct.

                                                                                                Hell, Portland State University’s CS program even has a requirement class “CS 305 Social, Ethical, and Legal Implications of Computing”[0]. I suspect this is not an anomoly..

                                                                                                1. https://www.pdx.edu/computer-science/cs305
                                                                                              1. 51

                                                                                                This is a personal update on somebody whose work, quite possibly, everyone reading this has used. By all means let’s normalize this. We should be thinking of our colleagues as people, not just in terms of what they can do for us right now.

                                                                                                (This is my personal opinion, not a site policy, as you can tell from the fact that I’m posting this without my hat. Since it’s an opinion about how the site should be used, I wanted to be extra-explicit about that.)

                                                                                                1. 5

                                                                                                  Who determines the threshold for being worthy of sharing personal updates on this site?

                                                                                                  1. 12

                                                                                                    The voters, I guess. 78% of the people who voted on this article voted it up, so it’s apparently worthwhile.

                                                                                                    1. 1

                                                                                                      Is this really correct way to interpret vote counts here? I think that in general it’s easier to vote something up than vote it down. In case of this site it is even more so - voting up is just one click, but to vote down you have to provide a reason. This likely skews counts in favour of upvotes.

                                                                                                      1. 4

                                                                                                        Actually, you’re right, looking at the percentage of votes which were upvotes is not a good way to analyze things here on lobste.rs. We do try to discourage downvotes, and that’s intentional.

                                                                                                        Instead, it would be more meaningful to compare the total count of upvotes to the rest of the front page. As I write this, this article has 48 upvotes, and there are only two other articles in the 40s. This is no substitute for a rigorous analysis, but I think it’s at least a good first pass.

                                                                                                        1. 4

                                                                                                          Actually, you’re right, looking at the percentage of votes which were upvotes is not a good way to analyze things here on lobste.rs. We do try to discourage downvotes, and that’s intentional.

                                                                                                          Instead, it would be more meaningful to compare the total count of upvotes to the rest of the front page. As I write this, this article has 48 upvotes, and there are only two other articles in the 40s. This is no substitute for a rigorous analysis, but I think it’s at least a good first pass.

                                                                                                          Understanding the bin, sbin, usr/bin, usr/sbin split has 30 upvotes and zero downvotes; at the time of writing this story has 75 upvotes and 26 ‘off-topic’ downvotes.

                                                                                                          That’s a good indication that there are stories which have unanimous ‘good for lobste.rs’ vibes, as well stories which are highly contentious like this one.

                                                                                                          1. 1

                                                                                                            Ah wow, I’d actually missed the downvote count until you pointed it out (the version of the header that I see is a bit verbose). Thanks for that.

                                                                                                            Yes, there are definitely some stories that are a lot more contentious than others. I don’t think that we should strive for everything to be uncontroversial; sometimes it’s precisely the contentious stuff that leads to the most interesting discussions. It would be surprising and upsetting if everyone agreed all the time.

                                                                                                  2. 7

                                                                                                    What do you think we should be normalizing?

                                                                                                    To be fair, I didn’t exactly explain in great detail either–just complained about an article that contains like two datapoints (so and so is leaving mozilla and is uncertain about future, curl is still being maintained by them) and that has no actionable information (it is highly, highly doubtful anybody here is in a position to change the outcome of the departure, and it is equally unlikely anybody is going to switch away from libcurl if they’re already using it) other than being an update on a colleague.

                                                                                                    My concern is that while I totally support the use of the person tag for honoring our dead and sharing historical figures, there are other uses I’m skeptical of.

                                                                                                    I’m not sure that it’s useful to let the person tag be used to backdoor in smear campaigns, no matter how richly deserved.

                                                                                                    I’m similarly unsure about its use to normalize breathless clickbait, or free advertising.

                                                                                                    Finally, though I do enjoy reading them, I think there is something to be had in perhaps separating interviews and just people’s own essays–and yes, I’ve benefited myself from this fuzziness.

                                                                                                    1. 5

                                                                                                      Personal updates from people who are significant to this community, whether they’re already well-known by name or not, and whether or not there’s anything actionable. I think it’s humanizing, and I think it’s important to make sure there’s space for that.

                                                                                                      Debating the merits of the person tag more generally is really a separate question, but I do think it’s a useful question, so here’s my opinions on the concerns you raised. Thank you for asking.

                                                                                                      I do generally dislike smear campaigns, but I also see the case that, when the allegations are true or at least credible and well-backed-up, they can be important warnings - as in the case of the Larry Ellison one you linked.

                                                                                                      I’m opposed to clickbait and advertising on lobste.rs.

                                                                                                      I think personal opinion pieces can be interesting sometimes. If anything, I think they’re more likely to be relevant to a highly technical audience than interviews are, since the journalist is usually trying to orient their piece towards a non-technical audience.

                                                                                                      All of these are judgement calls, and I trust the people here to make reasonable decisions on them and to vote accordingly.

                                                                                                      1. 3

                                                                                                        from people who are significant to this community,

                                                                                                        I think this is somewhat circular reasoning. I know of the people because of their work, it’s primarily their work that I’m interested in, and I’m tangentially interested in life changes that affect their work, say for example someone’s pet project got them hired by $WELL_FUNDED_CORP who wish to officialy back their pet project, and therefore I might be more likely to use their pet project because it now has a little more long-term security. But if it’s just life news (‘I am moving jobs, this won’t affect curl’), then I’m not really any more interested in that than I am in the life news of my dentist. Which is to say, I am interested in as far as any compassionate human would be, and I’d be polite and congratulatory in person, but it is absolutely not what I come to lobsters for. To be clear, there is absolutely tonnes of space for that already in other places.

                                                                                                        Other people may come to lobsters for that, of course, but they could just as easily get it from twitter or reddit or HN, and I quite like the fact that there’s usually something that improves me as an engineer (e.g. this site got me onto TLA+, mostly through seeing formal-methods related stuff on the front page several times a week), rather than just valley news. I would like it to remain that way, I’m not sure I agree with the ‘well if people upvote it then by definition it’s appropriate for lobsters’ line of thought, because we’d all just be watching gladiatorial combat on tv if that were true, and I fully support the idea that this can be a non ‘just let the market decide’ space for purer, more cerebral, mostly more CS things, even if others accuse me of policing or gate-keeping or whatever, and that’s why I’ve written this comment.

                                                                                                        1. 2

                                                                                                          Thank you for the good writeup! It’s obviously my position that civil public discussion on community norms like we’re having here is really important to keeping Lobsters functioning correctly. :)

                                                                                                          I agree with you on the humanizing aspect, but I’m a little worried that that sort of stuff will tend to clutter up the site–personal updates are, by definition, just another form of (humanitarian, people-focused) news. The fact that it would involve people we’re probably already predisposed to have some sort of emotional opinion on (good or bad) would seem to me to make the potential for abuse and spam even larger than for normal news.

                                                                                                          1. 4

                                                                                                            Yes, your point is taken. As always, I’m glad we’re talking about it.

                                                                                                    1. 96

                                                                                                      I’m sorry to bring this up, and it’s probably considered off-topic here on Lobsters, so feel free to flag this.

                                                                                                      I know that OpenBSD and SQLite and lots of great pieces of software have been funded by the US military, and computing and military have a long and complicated relationship, but where do we as developers draw the line as to whom we are willing to accept contributions from?

                                                                                                      This is from Palantir, the company providing the technology for Trump’s deportation machine. I don’t think that this is a black/white issue, and I guess it may be possible to work at a seedy company and still do good stuff. But the docs include a FlightSearch example; is that really appropriate given the context?

                                                                                                      Regardless, thanks for releasing this as free software.

                                                                                                      1. 37

                                                                                                        Thank you very much for saying it. I think making sure these ethical topics aren’t ignored is the very least we all have a responsibility to do. It’s also entirely possible that there are people here who didn’t know about it, so it’s always worth saying.

                                                                                                        1. 37

                                                                                                          Thank you for saying this. I’m troubled by the cavalier attitude of techies toward ethics lately, and it’s nice to know I’m not alone.

                                                                                                          1. 23

                                                                                                            I don’t think a forum where this response is off-topic is worth participating in. The tech industry spends too little time thinking about the ethical implications of it’s products.

                                                                                                            1. 25

                                                                                                              Even today, we debate the ethics of using the data gathered from unethical experiments in WW2.

                                                                                                              I agree that there is a massive ethical issue working for Palatir - and I am not sure it’s ethical to use the work they have produced. Particularly if it’s a Swagger-like clone not yielding substantive value to humanity.

                                                                                                              1. 10

                                                                                                                While we’re at it, you probably typed that on a machine made by highly-exploited workers in a corrupt country that does far worse, added to the lake in the process, probably paid a surveillance-enabling company in a police state to send it over the network, and possibly wearing clothes made by kids in a sweatshop. And you did all this to get online suggesting moral folks maybe shouldn’t contribute to a HTTP/JSON thing that’s open source since a bad company might misuse [more] open source. Seems hypocritical to me.

                                                                                                                Where to we draw the line on how our consumption and contribution harms or helps others? And do you regularly do that for every product and service you buy? Most of them? Have you been active in government on laws, treaties, court cases, etc? The stuff that stops things like you describe. Or just some quick, social signaling on Lobsters getting feel-good points? If you care, I encourage you to put time into legal reform or bootstrapping alternatives to each of the things I mentioned. Maybe make for better opportunities for immigrants in whatever your country is, too. Maybe host some coding bootcamps or something for those in the slums. What you’re doing here is adding to the noise but not helping Trump’s victims or your country’s immigrants in any way.

                                                                                                                1. 71

                                                                                                                  I feel like this is a great example of whataboutism.

                                                                                                                  I think that if this approach was applied to tech, we’d never fix a bug because “what about the other bugs that could crash the app, this is just virtue signaling because physical compromise means game over”. Why fix a bug when you can say “What about the terrible state of security education in general, why fix a security bug when developers are just adding more?”

                                                                                                                  It’s ok to make a judgement call and improve one thing in this messy world. It’s ok to try and reduce your footprint/total harm while hypocritically still participating in the system that feeds you. In fact that’s sort of core to improving those systems in a democracy.

                                                                                                                  Sorry if I misinterpreted your statement, I greatly enjoy your comments across the internet.

                                                                                                                  1. 11

                                                                                                                    Whataboutism is a common reply on HN or Lobsters when a popular group decries their outgroup’s activities, third party points out their actions are contrary to their own beliefs, adds that the biases indicate they’re scoring political points rather than really care, and someone pops in to say third party is whataboutism to silence those views. Thing is, whatever 3rd party brings up is almost never on these forums, getting crowd support, or whatever. Always absent. Rather than likely-intended purpose, the whataboutism claim just reinforces specific types of people supporting/rejecting specific activities by silencing dissenters. I mean, if commenter really cares about Trump’s horrors or not contributing to evil organizations, why the hell are they funding evil, slaving companies to buy toys to spend so much time on the programming projects? So, they probably don’t care or are acting like it now. Then, I do to them as they do to others.

                                                                                                                    Far as what I’m doing, I’ll tell you straight up. There’s been an increase over time of political comments that are about shaming people into behaving certain ways for a perceived, social good. Almost all of them are coming from hypocrits and/or slactivists. I mean, they’re talking on a forum no politician reads with low views. It’s not going to change Palantir’s or Trump’s practices. They know they avoiding stuff that can get results to spend time on Internet forums. So, they’re just getting an emotional high off attacking their opponents, looking like they’re responsible, or getting meaningless votes from people that agree with them. They also tie up our threads with that shit. So, as a real activist doing real-world work, I just call out their selfish, hypocritical bullshit to (a) deter more comments like that here and/or (b) encourage them to actually work on the causes they claim to work on.

                                                                                                                    Disclaimer: In fairness, people could (and do) call me out for not putting more time into actually building and deploying secure goods rather than high-level designs posted online. Although I defended my choice, I’m probably guilty of screwing up on a reasonable ratio between the two. Anything above zero code might be better. I plan to work on that more next year after I change circumstances.

                                                                                                                    Disclaimer 2: I say “almost all” cuz a few people here are legit activists or doing things at a loss to address the causes they’re talking about. I respect them a lot.

                                                                                                                    “It’s ok to make a judgement call and improve one thing in this messy world. It’s ok to try and reduce your footprint/total harm while hypocritically still participating in the system that feeds you. “

                                                                                                                    I totally agree with you. That’s not what the person was doing, though. It won’t stop Palantir’s contracts, it won’t stop the government’s activities, and proliferation of HTTP/JSON libraries will continue. The latter will even be FOSS so anyone, including Palantir, can use them. Maybe person complaining should start an alternative to Palantir that’s more ethical, organize boycotts of their products, get in a HR office poaching all their smartest talent (or delivering idiots), make enough money to pay off politicians to change government policies, and so on. Stuff that actually affects Palantir or Trump’s agencies.

                                                                                                                    “I greatly enjoy your comments across the internet.”

                                                                                                                    Thanks and same to you. :)

                                                                                                                    1. 25

                                                                                                                      Maybe person complaining should start an alternative to Palantir that’s more ethical, organize boycotts of their products, get in a HR office poaching all their smartest talent (or delivering idiots), make enough money to pay off politicians to change government policies, and so on.

                                                                                                                      This objection is absurd on its face. You can’t ethically compete in a market for unethical services. An ethical alternative to Palantir is an oxymoron, because Palantir’s ethical issues are fundamental to the things that Palantir sells. You also can’t “organize a boycott” of a defense contractor. Your final two points are literally “just have enough money to fix the problem”.

                                                                                                                      How does starting a company which sells the same thing as Palantir to the same customers Palantir sells to, hires the same people as Palantir, has the same wealth as Palantir, and bribes politicians the way Palantir does, stop the problem of companies that behave like Palantir? You’re objecting to someone criticizing the status quo by telling them they should instead… further reinforce the status quo?

                                                                                                                      1. 19

                                                                                                                        I think you misapprehend what is going on here. This is a forum for highly technical people; by raising the serious ethical space Palantir exists in, it directly bears on creating difficulty in recruiting, along with decreasing retention.

                                                                                                                        You, of all people, should understand the power of words on an internet screen to influence readers: you’ve been writing long & grammatically correct essays on security across multiple major internet fora for years. I’ve seen you on Schnier and HN, :) Communication, persuasion, and discussion are an essential activist activity. (And for my money, it is substantially more effective than picketing and marching 95% of the time…)

                                                                                                                        1. 7

                                                                                                                          (I suspect this was meant as a reply to the person I replied to.)

                                                                                                                          1. 2

                                                                                                                            “by raising the serious ethical space Palantir exists in, it directly bears on creating difficulty in recruiting, along with decreasing retention.”

                                                                                                                            I agree with you. I actively do that in real life every day for customers and coworkers wanting something better in a lot of areas. I have plenty of results to show for it. That’s because I put the time in where it gets results and consistently do it rather than one-off’s we sometimes see here. Companies like Palantir use recruiting practices that cast a wide net. Anyone wanting to disrupt their recruiting should be posting such comments on sites with massive numbers of page views that are mostly developers. Big, social media sites like Twitter, Facebook, Reddit, and Hacker News. LinkedIn, too, if you can do it that way but I haven’t been on in long time. That’s why I encourage them to put political efforts in front of literally millions of developers instead of a hundred or less participating here if aiming for a big wave of change.

                                                                                                                            “You, of all people, should understand the power of words on an internet screen to influence readers: you’ve been writing long & grammatically correct essays on security across multiple major internet fora for years. I’ve seen you on Schnier and HN, :) “

                                                                                                                            You said long and grammatically correct. You gotta be messing with me on second half lmao. I agree with the power of words and persuasion as stated above. Hell, you had to have seen me do it there, esp to “Skeptical” (troll or near-perfect DOD apologist) before I left. That’s why I tell them to use that power where it gets results instead of Lobsters. Then, we keep Lobsters focused on deep, technical stuff with low noise. Anyone wanting to achieve political action can ping Lobsters, via dedicated threads or private messages, to go where the action is to get actual, Palantir-scale results.

                                                                                                                            ““It is what it is”, which is what your comment & Nick’s comment promote, simply promotes apathy; history provides many examples of change taking place. I encourage people to shake off the belief that things will always stay the same.”

                                                                                                                            That’s not true at all. I’ve just followed something like several lifetimes worth of history on the U.S. military and government under both left- and right-leaning leaders finding the military-industrial-complex just got more powerful over time. The politicians of both sides support it. The right supports companies like Palantir overtly. The left’s politicians will support the defense contractors for both payouts and to bring jobs to their districts. So, to change the situation voronoipotato describes, you have to get millions of people to vote out scumbags that take money to improve chances of elections to combat defense industry or get an anti-war, pro-immigration President in office with Congress willing to roll-back legislation.

                                                                                                                            The last election surprised most lefter-than-I liberals that were trying to make people say the correct things on forums, etc in ways we see in some threads here. I doubt they’re capable of achieving that 180 directly if keeping same practices that failed before so hard they didn’t even see what was coming. Fingers crossed that we just get lucky that Trump does so much damage and embarrassment that a reversal happens in swing states after the Democrats get on top of their shit this time. Or we centrists get a President. Fat chance on that one since few listen to moderates. ;)

                                                                                                                          2. 5

                                                                                                                            The person you’re talking to likely doesn’t even think that Defense Contracting is unethical. Being said palantir is going to keep existing, boycotting doesn’t mean anything here because we don’t even buy their products. Even under a proper organized effort if we got a different defense contractor absolutely nothing would be different. The only tactics I’m aware we can do are mitigation tactics of not giving our labor to defense contractors, but this drives up the wages to the point where someone would. You can if you work there do a labor slowdown, but your ability to act in that way is limited, and useless if it’s not a group effort.

                                                                                                                            Palantir is a bad thing but our ability to affect it is extremely limited. Electoral politics is mostly useless here. Their lobbying power affects both parties pretty evenly. IMHO it’s better to put energy into mitigation tactics into problems where it’s easier to have traction. One group has been for example paying for bail bonds for refugees.

                                                                                                                            Defense contractor spending isn’t a symptom of capitalism but rather attached to the heart, a swollen vestigial organ from mercantilism and much like the appendix may kill you if you remove it unskillfully.

                                                                                                                            I think it’s natural to see the biggest problem and try and lock horns with it, but sometimes a smaller problem you can solve is genuinely better than a larger problem you can’t. Obviously don’t work for them, there’s plenty of other places that pay you well and you won’t even have to think about all the bodies when you go to sleep.

                                                                                                                            1. 7

                                                                                                                              The person you’re talking to likely doesn’t even think that Defense Contracting is unethical.

                                                                                                                              Yes, but the person they’re suggesting this in response to does, which was the context of nickpsecurity’s original suggestion to compete with Palantir.

                                                                                                                              The only tactics I’m aware we can do are mitigation tactics of not giving our labor to defense contractors, but this drives up the wages to the point where someone would.

                                                                                                                              I don’t know what your point is. Driving up wage costs for unethical corporations is the point of organizing an effort to boycott employment at specific corporations. The goal is making things like human rights violations untenable to corporations by making them unprofitable. Yes, this is a half measure - but it’s not nothing, either.

                                                                                                                              Defense contractor spending isn’t a symptom of capitalism but rather attached to the heart, a swollen vestigial organ from mercantilism and much like the appendix may kill you if you remove it unskillfully.

                                                                                                                              So your point is, we should leave it alone?

                                                                                                                              I think it’s natural to see the biggest problem and try and lock horns with it, but sometimes a smaller problem you can solve is genuinely better than a larger problem you can’t.

                                                                                                                              On the contrary - refusing to work for companies like Palantir and encouraging my fellow tech workers to do the same is one of my most fruitful opportunities to fight against systemic injustices at the moment. Each of us in the tech industry have far more influence on an our industry’s actions than on the actions of things like the federal government - there are less than four million programmers in the entire US, as opposed to the vastly higher number of voters. We should be adamant about using our privileged place as one of the few labor pools left with real negotiating power to prevent our industry from committing acts of evil, not conveniently defeatist whenever someone dares to suggest the small personal sacrifice of choosing not to directly build the tools of human misery.

                                                                                                                              1. 7

                                                                                                                                Fundamental changes are achieved by many people choosing to not accept what is, and coming together to push towards a major change in the status quo.

                                                                                                                                “It is what it is”, which is what your comment & Nick’s comment promote, simply promotes apathy; history provides many examples of change taking place. I encourage people to shake off the belief that things will always stay the same.

                                                                                                                                1. 1

                                                                                                                                  You said it even better than me.

                                                                                                                              2. 20

                                                                                                                                Whataboutism is a common reply on HN or Lobsters when a popular group decries their outgroup’s activities, third party points out their actions are contrary to their own beliefs, adds that the biases indicate they’re scoring political points rather than really care, and someone pops in to say third party is whataboutism to silence those views. Thing is, whatever 3rd party brings up is almost never on these forums, getting crowd support, or whatever.

                                                                                                                                No it’s a common reply when you distract from the discussion at hand to go ‘oh but what about these other unrelated issues?’ Your response is literally at the level of ‘capitalism made your iPhone you’re using to have this conversation so checkmate’ in a discussion about economic systems.

                                                                                                                                There is no ‘popular group’ here, there’s no ‘outgroup’, nobody is decrying anyone’s activities. You haven’t ‘pointed out’ any actions that are contrary to anyone’s beliefs or exposed any biases or virtue signalling. All you’ve done is responded to a post pointing out that Palantir might be an unethical company, accusing them of virtue signalling! They didn’t even say ‘Palantir is bad’. They suggested that it might be, and that it was worth thinking about and discussion. Did you then discuss it? Did you think about it? No, you just launched into an attack, said that their post was social signalling and accused them of hypocrisy.

                                                                                                                                Imagine for a moment the discussion was oil companies, and the person you were responding to had said ‘I think oil companies often act unethically and I think we should consider whether we want to be working with them and contributing to their open source software’. Your response was the equivalent of ‘you don’t have an electric car so you’re not allowed to discuss this’. I hope you can see that that is nonsense.

                                                                                                                                I totally agree with you. That’s not what the person was doing, though. It won’t stop Palantir’s contracts, it won’t stop the government’s activities, and proliferation of HTTP/JSON libraries will continue. The latter will even be FOSS so anyone, including Palantir, can use them. Maybe person complaining should start an alternative to Palantir that’s more ethical, organize boycotts of their products, get in a HR office poaching all their smartest talent (or delivering idiots), make enough money to pay off politicians to change government policies, and so on. Stuff that actually affects Palantir or Trump’s agencies.

                                                                                                                                When someone says ‘where do we as developers draw the line as to whom we are willing to accept contributions from?’ they are opening up a discussion. Maybe the result of that discussion would have been ‘anyone actually’. Suggesting that the first thing you should do is start boycotting companies before the issue has even been discussed is ridiculous. Discussions are fine. Discussions are not slacktivism. Posting ‘#stoppalantir #metoo #stoptrump’ at the end of your tweets and doing nothing else in your life is virtue signalling. Discussing issues is not.

                                                                                                                                1. 10

                                                                                                                                  There is no ‘popular group’ here, there’s no ‘outgroup’, nobody is decrying anyone’s activities.

                                                                                                                                  A person submitted a HTTP/JSON toolchain that they were open-sourcing. A versatile, general-purpose tool that can be used for good if someone wants to. The comment I replied to ignored the software submission entirely to tell them they’re unethical for working at Palantir since other parts of the company uses its tech to serve an unethical customer. That’s decrying activities. Such reasoning also applies to companies like Google (or other surveillance companies), Apple/Foxconn, VC-funded companies aiming for lock-in, and so on since buying their stuff or contributing to their FOSS might support all kinds of evil. Some people supporting the decrying comment even work at such companies despite other jobs being available for people with that kind of talent. Strange.

                                                                                                                                  The fact that this accusation and suggestion to quit their job got 60 votes vs 7 about the submission… on Lobsters with lower numbers of votes to begin with… definitely says it’s popular. The marked difference between the people who support or question that tangent supports the existence of an outgroup relationship. I can’t say as much about what it means here since the outgroup receives more support on a lot of political divides. Lots of folks here hate companies like Palantir regardless of other beliefs. That’s what I’m leaning toward.

                                                                                                                                  It’s been an interesting thread to observe, though.

                                                                                                                                  1. 2

                                                                                                                                    Wholeheartedly agree, there! I suspect I drew different conclusions than you, though.

                                                                                                                                2. 3

                                                                                                                                  People can disagree with you without being part of a conspiracy to silence or shame you. Maybe a less emotional response would be more informative.

                                                                                                                                3. 0

                                                                                                                                  One of nick’s pastimes seems to be railing against liberal “hypocrisy” on this website, mostly by deflecting into muddy tangential arguments just like so.

                                                                                                                                  1. 13

                                                                                                                                    Please don’t post ad-hominem attacks here. If you disagree with the argument, pick it apart politely.

                                                                                                                                    Lord knows you should have enough practice by now to do so.

                                                                                                                                    1. 5

                                                                                                                                      If you disagree with the argument, pick it apart politely.

                                                                                                                                      That only works if both sides are arguing in good faith though which definitely doesn’t appear to be the case with some commenters on here.

                                                                                                                                      1. 4

                                                                                                                                        If that’s the case, then arguing further with somebody in bad faith is just going to create noise and antagonize other lobsters. Best just to ignore the posts then.

                                                                                                                                        1. 3

                                                                                                                                          I do but it ruins the lobsters experience for me to see people arguing in bad faith without any censure. Some of them even seem to be encouraged as a kind of clickbait/outrage generator. It’s disheartening.

                                                                                                                                      2. 4

                                                                                                                                        Lord knows you should have enough practice by now to do so.

                                                                                                                                        This is an ad-hominem, friendly.

                                                                                                                                  2. 19

                                                                                                                                    Leaving whataboutism aside, I think you cannot conflate the (delusional) idea of ethical consumption with active usage and contribution of open source software.

                                                                                                                                    Ethical consumption doesn’t work for the structure of the market, where the contribution of the individual gives no perceivable feedback to the system.

                                                                                                                                    The Open Source world and software engineering are a much smaller world. It is a realistic goal to radicalize enough software engineers inside and outside of Palantir in order to halt their production. Your target audience has contract leverage, money and is highly connected and easily reachable.

                                                                                                                                    This is a much easier and realistic goal than convince the management of some big corporation to reduce their exploitation just because a small minority of consumers is unhappy. When they realize this, instead of reducing exploitation, they invest in more marketing to wash their brand, or they simply start a new one. Much cheaper.

                                                                                                                                    Don’t conflate your power as a consumer with your power as a producer, because they very different.

                                                                                                                                    1. 11

                                                                                                                                      I used to work for Nokia. They did everything in their power to ethically source all their materials. It was the only phone company that did that. Other companies don’t do that because nobody demands it from them. While there is no ethical consumption under capitalism, there is slightly less terrible consumption. So where do we draw the line? As deep into their pocket books as it can go.

                                                                                                                                      1. 1

                                                                                                                                        I didn’t know that about Nokia. That’s awesome! Thanks for the tip.

                                                                                                                                        1. 1

                                                                                                                                          Now, keep in mind the new Nokia phones are made by a different company that just licenses the brand. I’m not sure if care as much.

                                                                                                                                      2. 10

                                                                                                                                        […] the lake […]

                                                                                                                                        That is horrible.

                                                                                                                                        Seems hypocritical to me.

                                                                                                                                        Ok.

                                                                                                                                        Where would you draw the line personally? Do I understand your opinion correctly as suggesting that if you use a computer, then you shouldn’t be discussing unethical behaviour, e.g. racism? It is not my intention to judge here; just genuinely curious.

                                                                                                                                        Maybe make for better opportunities for immigrants in whatever your country is, too.

                                                                                                                                        I agree with this very much, and this is something that I aspire to do. Additionally I do have friends that have been deported, and worry a bit about my own not so distant post-Brexit situation in the UK.

                                                                                                                                        1. 2

                                                                                                                                          Im glad you’re doing real work on this issue. I commend that.

                                                                                                                                          Writing it here likely isn’t is the thrust of my point. Instead, it’s just adding noise to the forum plus sending a jab at one of only folks we know in Palantir doing something possibly beneficial (eg open-sourcing software for data analysis). The people here that would agree with your position already dont work for Palantir, use their services, or vote for folks that support horrible policies on immigration.

                                                                                                                                          Those that do these thing are (a) mostly not on Lobsters where your comments bave about lowest ROI you can get and (b) usually disagree with you with no intent to change their mind based on your comment that states the obvious. So, you’re not reaching them. Goes for similar comments aiming for political impact on government-level stuff in non-political, Lobsters threads. So, I push for people not to introduce them.

                                                                                                                                          Im at work now so responses might be delayed.

                                                                                                                                          1. 5

                                                                                                                                            mostly not on Lobsters where your comments bave about lowest ROI you can get

                                                                                                                                            Yes, you are probably correct in that observation.

                                                                                                                                            I wasn’t really sharing my thoughts here expecting any impact, but rather because I’m interested in hearing what other people think. And you are right that I’m being hypocritical here, because I doubt I’d react the same to an IBM project even though they have a shameful past; and even worse, I used to work on this phone app promoting some agrochem from DOW. At first I just kept my eyes on the code, but I couldn’t justify it to myself after reading about their role in the Vietnam War and the Bhopal Disaster and all that.

                                                                                                                                            So, it was intended more of an open question about where people here draw the line.

                                                                                                                                            1. 2

                                                                                                                                              Well, you seem to be speaking out of the heart on things you’ve been close to personally. I respect that. I still say low-ROI with better results elsewhere. You were bringing it up for good reasons, though. The community response also strongly favored your comment in a way consistent with prior threads on politics showing a shift in what Lobsters wants as a community. I’ll write on that in the future.

                                                                                                                                              And it’s still cool you’re another person reusing older computers with the LiveCD tests and such. Off-topic a bit, but I was wondering if the hardware vulnerabilities they probably won’t patch on 5-10 year old machines have you considering new stuff? I always knew they were there. Now, they’re coming quickly with many eyeballs on them. Might be best reason I ever heard to get the latest and greatest from Purism, Raptor, or whoever. And then most have backdoors for (insert group) but fewer hardware 0-days for (more groups). Wait, I thought this tangent-tangent could lighten things up with easier choices… Looks just as hard… ;)

                                                                                                                                              1. 1

                                                                                                                                                Off-topic a bit, but I was wondering if the hardware vulnerabilities they probably won’t patch on 5-10 year old machines have you considering new stuff?

                                                                                                                                                I don’t know enough about this; what hardware vulns are we talking about here, and how easy are they to exploit? Although it’s not really about hardware, there’s that whole Intel Management Engine issue that is avoided by using somewhat old WinXP-era 32-bit laptops, so newer is not always more secure.

                                                                                                                                                And it’s still cool you’re another person reusing older computers with the LiveCD tests and such.

                                                                                                                                                Oh yes that thread! At least it’s a bit less harmful if we can use computers for longer. A friend of mine has a Mac that can’t get more OS X updates now, so she’s stuck with insecure versions of Firefox and all that. Gonna put Debian on it later this week, hopefully!

                                                                                                                                                Do you know of any somewhat more ethical laptop producers?

                                                                                                                                                1. 2

                                                                                                                                                  re hardware attacks.

                                                                                                                                                  Essentially, the hardware has always been secure with only elite pro’s focusing on it. Now, due to Meltdown/Spectre, hardware attacks have gone really mainstream with all kinds of university research, private research, folks describing stuff on blogs, and so on. All the CPU’s that were highly optimized (esp Intel/AMD) are vulnerable to them needing patches. They’re doing the attacks over the network now. Older systems used to be safer but now they’re not since attacks will get more numerous and effective over time.

                                                                                                                                                  About the only things that are immune were simpler, embedded CPU’s. They’re not designed for security, though, with far less attention by defenders. So, that could reduce the hardware risk adding to the software risk. Simpler boards that can run modern, security-updated OS’s might help. I’m not sure. At lot of stuff is piling in.

                                                                                                                                                  re put Debian on it.

                                                                                                                                                  Ok, you’re already using that strategy. Good thinking and being helpful! :)

                                                                                                                                                  re ethical producers

                                                                                                                                                  I can’t remember since I was buying used ones like you. The one I see in media most with good things going for it is Purism. They try to disable the ME with software changes, too. Some folks pushing high freedom were using MiniFree to get ME-less, FOSS-firmware laptops. It had downsides. My own Core Duo 2 still handles stuff nicely outside games, highest-def content, and worst of web apps. Here’s a Guardian article I just found with some recommendations. Another said iFixit can help keep things going.

                                                                                                                                                  So, not a lot of options for new hardware minimizing harm to self and others. There are options in both reuse and new categories that help us reduce harm. We can at least do that. I stay dedicating slices of my research to solving this problem. Tracking whatever can help for whoever can do it. Maybe something will shake out eventually.

                                                                                                                                          2. 0

                                                                                                                                            Additionally I do have friends that have been deported

                                                                                                                                            Sorry but are we now living in a world where the ‘standard’ left-wing political view in the Anglosphere is that any kind of deportation is bad? Because that’s how I’m reading this comment.

                                                                                                                                            Immigration policy exists for very good reasons. The American political dichotomy that either there should be zero immigration or completely unchecked immigration is, for lack of a better word, moronic.

                                                                                                                                            1. 3

                                                                                                                                              I think it’s fair to assume that the poster could be criticising the particular immigration policy that led to these deportations, instead of all immigration policy.

                                                                                                                                              1. 1

                                                                                                                                                It could be fair, if the poster denounced similar and almost identical policies under the previous President. As it stands, the poster is mostly just criticizing immigration policies that seemed totally reasonable and main stream just eight short years ago.

                                                                                                                                          3. 5

                                                                                                                                            You can’t make perfect the enemy of good. Your argument essentially seems to be that if you can’t live perfectly you shouldn’t try living better at all.

                                                                                                                                            It’s virtually impossible to operate in the modern world without using the internet, without having and using a computer. If it were possible to, for a reasonable price that I can afford but knowing I’d have to pay somewhat of a premium, buy a computer that I knew wasn’t made using exploitation of those in the third world, then of course I would buy one. But I don’t know that it is. And there are other competing priorities too, like getting a computer that is free of binary blobs and proprietary software.

                                                                                                                                            I certainly don’t pay a ‘surveillance-enabling company in a police state’ to send anything over the internet. I pay an ISP for internet access, but I don’t live in a police state and as far as I know my ISP doesn’t enable surveillance.

                                                                                                                                            In the same way that I think it’s perfectly reasonable for someone to say ‘I can’t afford to be vegan’ even though being vegan is morally important, I think it’s perfectly acceptable to say ‘I can’t afford to buy ethically produced clothes’. Plus there’s significant evidence that manufacturing things in third world countries has improving their living standards and wages considerably.

                                                                                                                                            Where to we draw the line on how our consumption and contribution harms or helps others? And do you regularly do that for every product and service you buy? Most of them?

                                                                                                                                            I like to have an idea, at least, of what goes into the things I buy, yes. It’s hard to do it with absolutely everything though, because there’s just so much different stuff.

                                                                                                                                            Have you been active in government on laws, treaties, court cases, etc? The stuff that stops things like you describe.

                                                                                                                                            That’s absolutely ridiculous. You do not have to be a member of government to have a political view. You do not have to negotiate an international treaty to have a political view. You do not have to sue someone to have a political view. Your standards are ridiculous.

                                                                                                                                            Or just some quick, social signaling on Lobsters getting feel-good points?

                                                                                                                                            Discussing important issues is not ‘virtue signalling’.

                                                                                                                                            If you care, I encourage you to put time into legal reform or bootstrapping alternatives to each of the things I mentioned. Maybe make for better opportunities for immigrants in whatever your country is, too. Maybe host some coding bootcamps or something for those in the slums. What you’re doing here is adding to the noise but not helping Trump’s victims or your country’s immigrants in any way.

                                                                                                                                            This has nothing to do with immigrants and everything to do with Palantir being a company that operates in an unethical manner. It’s a surveillance company. There’s absolutely nothing problematic about a company producing software on contract for a government that has immigration policies. The issue is that Trump’s policies are violating human rights in how they’re enforcing those laws.

                                                                                                                                            You don’t solve this problem by creating ‘coding bootcamps’ for immigrants LOL.

                                                                                                                                          4. 4

                                                                                                                                            I guess it may be possible to work at a seedy company and still do good stuff.

                                                                                                                                            Regardless, thanks for releasing this as free software.

                                                                                                                                            Every field of endeavor is welcome here. Every field of endeavor is welcome here for technical discussion, free of (without expectation of) moralizing, guilt, or shame.

                                                                                                                                            1. 2

                                                                                                                                              I personally already draw the line at technology coming from uber for ethical reasons, so I will not touch palantir things at all. Thanks for bringing that up!

                                                                                                                                            1. 33

                                                                                                                                              I’ve run into this mentality myself a couple of times, people claim in 2018 that they can write safe C/C++, it’s only those other people that can’t.

                                                                                                                                              1. 7

                                                                                                                                                I would claim that 2018 is the best time (yet) for writing memory-safe C++. We have tooling and paradigms now where we don’t need to rely on raw pointers and can make use of things like shared_ptr and unique_ptr. We can utilize the vector class which gives us OOB write protection (via the vector::at method) . We can even look to the design decisions made in Rust and see they draw their roots from modern C++ (think RIAA). All the protections of Rust already exist in C++, and are distinct enough that tooling can catch when developers don’t use them.

                                                                                                                                                1. 20

                                                                                                                                                  I agree about it being best time to write safer C++. Ill add C, too, given all the analyzers. Empirical evidence Gaynor references show vast majority of C/C++ code fails to be safe anyway. So a safe-by-default option is better to use with unsafety turned on selectively when necessary.

                                                                                                                                                  Also, the key aspects of Rust’s memory safety come from Cyclone language. It was a safer C with some temporal safety among other things. Clay was another which had linear and singleton types.

                                                                                                                                                  1. 15

                                                                                                                                                    All the protections of Rust already exist in C++

                                                                                                                                                    Unless you are claiming C++ has a way to ensure data race freedom, this does not seem true.

                                                                                                                                                    1. 10

                                                                                                                                                      Smart pointers have been around for more than a decade (in Boost before they got into std::), and STL has been around for ages of course. From the memory safety perspective, the tools have been around for a long time. Perhaps the issue is that none of these things are mandatory.

                                                                                                                                                      1. 4

                                                                                                                                                        Halfway there: C++ was built on unsafe-by-default foundation, C, with good protections added that also aren’t mandatory. It evolved from there in a lot of ways I didnt keep up with. I just know that plus its parsing/semantic headaches gave C++ a brutal start if goal was safety on average or high assurance.

                                                                                                                                                      2. 9

                                                                                                                                                        (via the vector::at method)

                                                                                                                                                        Which you have to remember to use instead of the far easier nicer looking []. I’ve seen v.at in a C++ codebase exactly once in my life. As usual, the default C++ is unsafe.

                                                                                                                                                        We can even look to the design decisions made in Rust and see they draw their roots from modern C++ (think RIAA)

                                                                                                                                                        True but not sure of the relevance.

                                                                                                                                                        All the protections of Rust already exist in C++

                                                                                                                                                        They most certainly do not.

                                                                                                                                                        tooling can catch when developers don’t use them

                                                                                                                                                        There are no tools that I’m aware of that guarantee an absence of bugs in a C++ codebase. I’ve used most of them. Bugs still happen. Bugs that don’t happen in safer languages.

                                                                                                                                                        1. 8

                                                                                                                                                          All the protections of Rust already exist in C++

                                                                                                                                                          I’m not sure that’s entirely true, but I could be wrong. I agree with what you are saying about RIAA, but a few other things pop to mind:

                                                                                                                                                          • Rust tries really hard to ensure you have either only immutable references, or a sole mutable reference. This prevents the old “iterate over a collection and mutate it” problem.

                                                                                                                                                          • It also forces you to think about sharing semantics across threads (i.e. Sync trait).

                                                                                                                                                          • In Rust you can design APIs which “consume” their parameters. i.e. you pass ownership to a callee, and it never hands it back. This is useful for scenarios where you don’t want the user to try and re-use a conceptually finalized data structure. Perhaps reuse of the structure could be unsafe for example.

                                                                                                                                                          I’m sure there will be other examples. And I’m sure the proponents of Rust will provide those in more comments ;)

                                                                                                                                                          Maybe you can do these kinds of things in modern C++?

                                                                                                                                                          1. 6

                                                                                                                                                            Problem with C & C++ is not only about memory safety. Are you 100% sure you have absolutely no chance of a signed int overflow anywhere in your codebase?

                                                                                                                                                            1. 15

                                                                                                                                                              Compile with -fwrapv to instantly unlock the same behavior as rust.

                                                                                                                                                              1. 5

                                                                                                                                                                To get the K&R C behavior not the house-of-horrors C standard.

                                                                                                                                                                1. 3

                                                                                                                                                                  Or better, -ftrapv to trap even errors that Rust won’t catch. (I don’t understand why this wasn’t made the default behaviour in Rust, to be honest; the performance hit should ultimately be negligible, and they already make some choices for safety-over-performance).

                                                                                                                                                                  1. 4

                                                                                                                                                                    The reason it is not default in Rust is that performance hit was not negligible.

                                                                                                                                                                    1. 0

                                                                                                                                                                      Got some numbers? Part of the problem is probably that the code generator (LLVM) doesn’t handle it very well; but basing a language decision on a current limitation of the code generator doesn’t seem wise. (Especially if it’s a choice between “fail to detect some potentially critical code issue” and somewhat reduced performance).

                                                                                                                                                                      1. 5

                                                                                                                                                                        I don’t have the reference for Rust handy, but NIST Technical Note 1860 is one good reference. To quote the abstract:

                                                                                                                                                                        We performed an experiment to measure the application-level performance impact of seven defensive code options… Of the seven options, only one yielded clear evidence of a significant reduction in performance; the main effects of the other six were either materially or statistically insignificant.

                                                                                                                                                                        That one option is -ftrapv.

                                                                                                                                                                        1. 1

                                                                                                                                                                          That report is specific to GCC, though, which has worse overflow checking even that LLVM.

                                                                                                                                                                          “In practice, this means that the GCC compiler generates calls to existing library functions rather than generating assembler instructions to perform these arithmetic operations on signed integers.”

                                                                                                                                                                          Clang/LLVM doesn’t do that. Needless to say, it explains much of the performance hit, but not how it would affect Rust. I’m curious about what the real numbers do look like.

                                                                                                                                                                        2. 1

                                                                                                                                                                          (actually, having done some recent ad-hoc tests LLVM seems to do ok, mostly just inserting a jo instruction after operations that can overflow, which is probably about as good as you can do on x86-64. I’d still like to see some numbers of how this affects performance, though).

                                                                                                                                                                  2. 2

                                                                                                                                                                    I agree memory safety is not the only kind of security bug, but it is the focus of this article, which is why I focused on it in my comment.

                                                                                                                                                                2. 4

                                                                                                                                                                  And how do you know they’re wrong?

                                                                                                                                                                  We see evidence all the time. Easily preventable bugs in old software everybody used but nobody wanted to make good. Bugs that would’ve been obvious if people had looked at compiler warnings or run a static analyzer, but nobody did..

                                                                                                                                                                  1. 24

                                                                                                                                                                    And how do you know they’re wrong?

                                                                                                                                                                    I don’t know about @szbalint, but I know they’re wrong because of ample experience with people who think they can write safe C code and can’t. I literally have never met or have worked with an engineer I’d trust to write C code, myself obviously included.

                                                                                                                                                                    I’ve been compiling all C and C++ code with -Wall for at least the last 15 years, and the last 10 with -Wall -Wextra -Werror. I’ve used free and paid-for static analysers on production code. Tests, extensive code reviews, valgrind, clang sanitizers, the lot.

                                                                                                                                                                    The end result were bugs, bugs, and more bugs, many of them security vulnerabilities. This problem isn’t solvable with developer discipline and tools. We’ve tried. We’ve failed.

                                                                                                                                                                    1. 2

                                                                                                                                                                      Has your experience with D been much better? I’ve been able to segfault D because I didn’t realise that SomeClass c; generates a null pointer. I really wish the language were modified to make this impossible without some extra attributes like @trusted.

                                                                                                                                                                      That’s the only way I’ve managed to really “crash” D, though. The rest of the time I get pretty stack traces at runtime whenever I mess up, much more controlled and predictable error-handling.

                                                                                                                                                                      1. 1

                                                                                                                                                                        Has your experience with D been much better?

                                                                                                                                                                        Vastly so.

                                                                                                                                                                        I’ve been able to segfault D because I didn’t realise that SomeClass c; generates a null pointer.

                                                                                                                                                                        That’s not considered an issue in D. Variables are all default-initialised so you’ll get a crash at the point where you forgot to assign the reference to a new instance. Deterministic crashes in the face of bugs is a good thing.

                                                                                                                                                                        1. 1

                                                                                                                                                                          A segfault is a pretty obscure thing, and I’m not sure it’s even exactly “deterministic”. Are all arches guaranteed to react the same way to dereferencing a null pointer? It’s not like it’s raising a D NullPointerException, if such a thing even exists, so I don’t get a stack trace telling me where the problem is, unlike every other D “crash”.

                                                                                                                                                                          I still don’t understand why making this segfaulting easy is desirable. It feels like an obvious rake to step on.

                                                                                                                                                                          1. 1

                                                                                                                                                                            A segfault is a pretty obscure thing

                                                                                                                                                                            To a scripter, maybe, but not to a systems programmer.

                                                                                                                                                                            and I’m not sure it’s even exactly “deterministic”

                                                                                                                                                                            Some are, some aren’t. The deterministic ones are of the good variety. Always crashing because of an unitialised reference is ok. Getting a segfault somewhere else in your app isn’t.

                                                                                                                                                                            It’s not like it’s raising a D NullPointerException, if such a thing even exists

                                                                                                                                                                            It doesn’t exist, or rather, its version is to just segfault.

                                                                                                                                                                            so I don’t get a stack trace telling me where the problem is, unlike every other D “crash”.

                                                                                                                                                                            % coredumpctl gdb
                                                                                                                                                                            % bt
                                                                                                                                                                            

                                                                                                                                                                            If you’re not running systemd then run the program again under gdb. Since it always crashes in the same place you’ll get the same result. If you’re on Windows you open the debugger right there and then and look at the backtrace.

                                                                                                                                                                            It feels like an obvious rake to step on.

                                                                                                                                                                            It isn’t, it always takes me 30s to fix.

                                                                                                                                                                      2. 2

                                                                                                                                                                        I don’t know what your use involves, but sometimes using e.g. Coverity is not much better than never using it. All those things have to be done in the context of a comprehensive build and test system and always done on every checkin. And there is no substitute for good programmers with solid education. I have met a number of really excellent C programmer who produce solid, trustworthy code.

                                                                                                                                                                        And, as always in such discussions, none of these assertions make sense without a “compared to”. People write unsafe C code, compared to which people who write what?

                                                                                                                                                                        1. 2

                                                                                                                                                                          using e.g. Coverity is not much better than never using it

                                                                                                                                                                          Not in my experience.

                                                                                                                                                                          And there is no substitute for good programmers with solid education.

                                                                                                                                                                          Few and far between.

                                                                                                                                                                          I have met a number of really excellent C programmer who produce solid, trustworthy code.

                                                                                                                                                                          I have not. And that includes meeting compiler writers and C++ luminaries.

                                                                                                                                                                          People write unsafe C code, compared to which people who write what?

                                                                                                                                                                          To people who write code in Ada, Rust, …

                                                                                                                                                                        2. 1

                                                                                                                                                                          The end result were bugs, bugs, and more bugs, many of them security vulnerabilities. This problem isn’t solvable with developer discipline and tools. We’ve tried. We’ve failed.

                                                                                                                                                                          Then why is it that when the bugs that relate to language level issues are dissected in the public, they nearly always seem like they’d be prevented by discipline & disciplined application of tooling?

                                                                                                                                                                          1. 4

                                                                                                                                                                            Even the best programmers have an error rate. Much lower than novice programmers, but it’s still there.

                                                                                                                                                                            1. 1

                                                                                                                                                                              You are stating the obvious here.

                                                                                                                                                                              The question is, why aren’t these errors being caught when it is so easy to do?

                                                                                                                                                                              1. 6

                                                                                                                                                                                The nature of the tooling seems like a prime candidate answer to that question. In C and C++ you often need to opt into constructs and static analyses in order to guard against memory safety bugs. Just look at all the tortured defenses in this thread alone. It’s some combination of “oh just use this particular subset of C++” all the way to “get gud.”

                                                                                                                                                                                In memory safe languages the tooling generally demands that you opt out in order to write code that is susceptible to memory safety bugs.

                                                                                                                                                                                It’s just another instance of “defaults matter.”

                                                                                                                                                                                1. 0

                                                                                                                                                                                  I think we’re going in circles here. None of what you say is evidence that people can’t write safe code. You’re just saying they (most of them) won’t, which isn’t the contentious point.

                                                                                                                                                                                  1. 5

                                                                                                                                                                                    Seems like a distinction without a practical difference. You asked a question, “why aren’t these errors being caught when it is so easy to do,” and I answered with, essentially, “maybe it’s not as easy as you think.” I proposed a reason why it might not be easy.

                                                                                                                                                                                2. 4

                                                                                                                                                                                  The question is, why aren’t these errors being caught when it is so easy to do?

                                                                                                                                                                                  It isn’t easy. If it were, they’d be caught. The litany of security vulnerabilities everywhere shows us that we’re doing it wrong.

                                                                                                                                                                                  1. 1

                                                                                                                                                                                    Right. Why not?

                                                                                                                                                                                3. 2

                                                                                                                                                                                  Did I claim developer discipline wouldn’t prevent bugs? What I’m claiming is that it’s humanly impossible to manage that level of discipline in any large codebase. And I’m claiming that because we have decades of experience telling us that it’s the case.

                                                                                                                                                                              2. 3

                                                                                                                                                                                You raise a good point. I think anyone who thinks their own code is perfect is wrong, but I can’t prove it. I suppose, also, that it could be vacuously true in the sense that maybe their own code is perfect, but they haven’t written production systems entirely by themselves. Was that what you were suggesting?

                                                                                                                                                                                1. 2

                                                                                                                                                                                  You raise a good point. I think anyone who thinks their own code is perfect is wrong, but I can’t prove it.

                                                                                                                                                                                  Can you write one line of code that is perfect? Why not two? Why not ten? Why not a thousand?

                                                                                                                                                                                  Even then, there’s a continuum between perfect and unmitigated disaster. I’ll grant you that I don’t really believe in large scale software ever being perfect in a literal sense of the word. Not even bug free. However, I believe there are individuals who can produce safe software in C. And if given enough control over the platform the code runs on, they can lock things down to virtually guarantee that language level issues are not ever going to turn into full compromise (RCE) or secret leaks.

                                                                                                                                                                                  If you need something for a case study, why not take a look at qmail? The fun thing is that the papers and writeups about qmail’s security practices don’t really mention things such as extensive use of static analyzers, fuzzers, and formal verification. Despite that, it has an incredible track record. I think there is much more that could be done to raise the bar.

                                                                                                                                                                                  I suppose, also, that it could be vacuously true in the sense that maybe their own code is perfect, but they haven’t written production systems entirely by themselves. Was that what you were suggesting?

                                                                                                                                                                                  Security costs time and isn’t sexy. Worst of all, you can’t measure it like you can measure performance or the length of the list of features. So even if someone out there is producing “perfect” code, it’s likely that the project goes mostly unheard of. If one were to dig up and point out such a project, people would just call it a toy / academic exercise / “nobody uses it.” People might say they care about security but they really don’t, they just use whatever is convenient or popular. And when you point out the bugs in that, well, developers being developers, they just pat each other on the back. “Dude, bugs happen! Give ’em a break!”

                                                                                                                                                                                  It’s especially bad in any commercial setting, which is why I think it is indeed the case that the people who are capable of writing secure software are, in the end, not doing that, because they don’t get to write an entire production system on their own terms. I don’t think it’s a coincidence that the project I just mentioned is essentially a solo project by one person.

                                                                                                                                                                                  I’m in that boat too, sort of. At day job there’s so much code that’d get you kicked out if it were my personal project with a security guarantee. I’m not at liberty to rearchitect and rewrite the software. The markets opt out of security.

                                                                                                                                                                                  1. 6

                                                                                                                                                                                    Can you write one line of code that is perfect? Why not two? Why not ten? Why not a thousand?

                                                                                                                                                                                    It depends on the line. Perfection isn’t just about the semantics the code has to the compiler, but about how a future reader will interpret it. Even the shortest snippet of code can have subtleties that may not be obvious later, no matter how clear they seem to me today. Concretely, in the 90s, “everyone knew” that system() was a huge security vulnerability because of how it adds to the attack surface, and it wasn’t a big deal because code that was thought of as needing to be secure was hardened against it. But those very same semantics came as a very unwelcome surprise to “everyone” when Shellshock was publicized in 2014.

                                                                                                                                                                                    Lots of vulnerabilities can be traced to people misunderstanding single lines of code.

                                                                                                                                                                                    I very much agree with your point about it being hard to sell security. I think that’s by far the biggest factor in how horrible the current state of affairs is.

                                                                                                                                                                                    1. 3

                                                                                                                                                                                      Wasn’t the key shellshock problem that bash executed environment variables? 99% of these failures seem to come from parsing errors, eval, and convenience components. Why bash designers felt it was good to allow arbitrary functions to be passed in environment variables and then executed baffles me but probably came from feature creep. The same functionality could have been achieved more safely by include/load like mechanisms (not 100% safe either, but easier to lock down) or, better, running other programs.

                                                                                                                                                                                      BTW: Bash scripts are memory safe.

                                                                                                                                                                                      1. 2

                                                                                                                                                                                        It depends on what you see as the most unexpected part of it. The reason it was such an emergency to patch it was that bash was exposed to unauthenticated incoming network connections in the first place.

                                                                                                                                                                              3. -3

                                                                                                                                                                                Where are all the safe Rust based applications and operating systems?

                                                                                                                                                                                  1. 6

                                                                                                                                                                                    I mean, so what? The pool of talented systems programmers is vanishingly small, and also going to be dominated by people using C/C++, so its not that surprising that it hasn’t eradicated all the competition yet. And as a sibling commenter pointed out, its doing pretty well for being all of 3 years old.

                                                                                                                                                                                    1. 0

                                                                                                                                                                                      There is a big difference between “has not eradicated the competition yet” and “still can’t point to 5 widely used and superior applications”.

                                                                                                                                                                                      1. 10

                                                                                                                                                                                        how many did python have within 3 years? Or ruby for that matter. How about clojure? None of those had “5 widely used and superior applications” within 3 1/2 years. It was probably a decade before python had 5, maybe a little less for ruby. And you didn’t respond at all to my point about the quantity of systems programmers. Rust is a kind of weird language, attempting to fill a very tight ecological niche with few potential adoptees in terms of actual programmers. I’m not in the least surprised that its still very much in an embryonic state in regards to a community and the works that would flow from that. And, fwiw, Servo and Fuscia aren’t exactly small scale applications, not to mention all of the companies using it internally for whom we have no data/reports other than job board postings.

                                                                                                                                                                                        1. 1

                                                                                                                                                                                          I’m not at all saying Rust is a failure - I don’t find it appealing, but that doesn’t mean anything. But it’s still in the experiment stage. You can declare C obsolete when you have that body of large successful, less buggy, products to point at.

                                                                                                                                                                                          1. 9

                                                                                                                                                                                            The whole point of the article is that literally decades of experience have shown that it is effectively impossible to write safe secure code in C/C++. The goal in fact is to to declare C/C++ a security nightmare. Does that make it obsolete? Maybe, maybe not. There are options out there that give you far more safety guarantees than C/C++ will ever be able to do.

                                                                                                                                                                                            Knowing that it is quite possibly flat our irresponsible to use it for any new project where security is important. Oh, and security is nearly always an important concern for a software project.

                                                                                                                                                                                            1. 1

                                                                                                                                                                                              Let me try again: To make that claim be anything more than marketing, you’d need some (a) data and (b) some indication that C programs were WORSE than some alternative. In the absence of both, it’s just weak marketing. The evidence seems to show more that it is very difficult to develop large software systems that are safe and secure and, at the same time, find an appreciative audience - no matter what the language. As I pointed out before, until there are significant examples of safe/secure/successful Rust programs to compare with, such claims are just blowing smoke.

                                                                                                                                                                                              1. 2

                                                                                                                                                                                                While it’s not as strong a claim as you seem to want, I don’t think it’s incorrect to say that C and C++ in the hands of not superhuman developers tends to result in a whole class of bugs that Rust makes nearly impossible to create. Bugs that have appeared numerous times and continue to keep appearing in critical internet infrastructure.

                                                                                                                                                                                                It’s purely anecdotal but Rust has prevented multiple use after free, use before initialized, and buffer overrun errors in my own code multiple times just while playing around. It’s a bit disingenuous to suggest that C/C++ don’t have a problem and that Rust which provably prevents most of those problems isn’t a promising solution.

                                                                                                                                                                                                This isn’t blowing smoke it’s a recognition that there is a problem and possible solution to that problem that doesn’t involve cloning Dan Bernstein and firing all the other programmers.

                                                                                                                                                                                                1. 2

                                                                                                                                                                                                  I kind of like the idea of cloning Dan Bernstein and firing all the other programmers. It’s a big idea with some verve and panache.

                                                                                                                                                                                                1. 4

                                                                                                                                                                                                  I agree the comment overstated by saying “effectively impossible.” Really hard with higher failure rates than safe languages would be more accurate. Yet, it seems misleading for you to use Bernstein and Hipp since most people are nowhere near as good at QA as them. Bernstein is also a security genius.

                                                                                                                                                                                                  C defenders countering with the vulnerability results of security geniuses in minimalist apps instead of what average C coder achieves vs average user of safe language isnt a good comparison.

                                                                                                                                                                                                  1. 0

                                                                                                                                                                                                    Hence my quest for examples rather than handwaving. Examples of real applications that are not minimalist. Specific examples.

                                                                                                                                                                                                    1. 2

                                                                                                                                                                                                      Ripgrep? Firefox? The former is shipped and used for search in VS Code, the latter is pretty rapidly moving to using rust where it can to improve performance, and reduce security issues. Just two projects I can name off the top of my head as a non rust programmer.

                                                                                                                                                                                                      1. 0

                                                                                                                                                                                                        The same two projects everyone names and I’m not dismissing either of them. I’m just pointing out that the triumphal declarations of the obsolescense of C and dawn of the Reign of Rust lack sufficient backing. If we just got enthusiastic reports about what people wrote in Rust and how well it worked that would be interesting and impressive. But this overblown marketing stuff is just irritating.

                                                                                                                                                                                          2. 5

                                                                                                                                                                                            Well, I guess ripgrep qualifies? Hopefully there will be more such applications.

                                                                                                                                                                                            1. -1

                                                                                                                                                                                              Ripgrep is interesting. Is it considerably less bug ridden than ag ? Is it considerably less bug ridden than grep?

                                                                                                                                                                                              https://www.cvedetails.com/product/23804/GNU-Grep.html?vendor_id=72 Well grep doesn’t seem so bad.

                                                                                                                                                                                              Come on, people need to do better than this.

                                                                                                                                                                                              1. 7

                                                                                                                                                                                                Is it considerably less bug ridden than ag ?

                                                                                                                                                                                                Yes, by a very very large margin across at least a couple different spectrums.

                                                                                                                                                                                                Is it considerably less bug ridden than grep?

                                                                                                                                                                                                Unlikely.

                                                                                                                                                                                                Come on, people need to do better than this.

                                                                                                                                                                                                Right. Nothing will ever be good enough. This is a classic Internet debate tactic. No matter what example anyone gives you, there will always be a reason to dismiss it. I don’t say that flippantly necessarily. Satisfying your standard (mentioned in another comment) to a high degree is nearly impossible. There will always be differences and variables that cannot reasonably be controlled for.

                                                                                                                                                                                                It’s totally fine to have high standards that are impossible to satisfy (it’s your choice), but at least state that up front explicitly and don’t be coy about it. And don’t accuse people who are trying to hit a lower standard of evidence as just “blowing smoke,” because that’s a bunch of bullshit and you know it.

                                                                                                                                                                                                1. -2

                                                                                                                                                                                                  Oh come on: ripgrep is the example I’m given. Yet, grep, written in horrible pathetic C, has very few security bugs. Are there CVEs for ag even? I am ready to be persuaded and I don’t need ironclad proofs - I just want to see a number of examples of complex applications/systems written in XYZ that are significantly better than the standard C versions in terms of security. Until those are available it’s just marketing. Maybe Rust is a brilliant advance that will lead to the creation of highly reliable secure applications - maybe it is not. Without evidence, all this claim that C has been obsoleted by Rust or whatever is exactly that - just blowing smoke. Read software jewels by Parnas, this is not a new problem.

                                                                                                                                                                                                  I’ll give you a good example: the OP makes a big deal about security issues in ImageMagick! Of all things. I cannot imagine that anyone involved in the development of ImageMagick worried about security at all - it was a tool people could use to manipulate images. Now it is being dragged into service as an online utility exposed to the open internet or used on images that come from anywhere and - lo and behold - because of C it’s insecure! Great, let me see a Rust program designed without any attention to security employed similarly and we’ll compare.

                                                                                                                                                                                        2. 1

                                                                                                                                                                                          Quite a few swift based applications out there though, so it isn’t like new languages aren’t being used for things.
                                                                                                                                                                                          Go is quite popular in certain spaces too, for what it’s worth.

                                                                                                                                                                                      1. 4

                                                                                                                                                                                        I’ve heard a lot of people claiming that CEOs tend to be psychopathic or narcissistic. A lot this lines up with those two.

                                                                                                                                                                                        1. 1

                                                                                                                                                                                          I think the evidence is irrefutable in the general case if it’s a company whose CEO has to always make specific numbers go up or down instead of make ethical compromises. The Corporation is a great documentary that applies the diagnostic criteria for that condition on case studies of corporate behavior. They turn out to not only be psychopaths but like the prodigal psychopaths. That link has it in pieces to you can spread it out over time given it’s 3 hours.

                                                                                                                                                                                          Here’s one of my favorite segments showing what the media is really up to. Another one involving water and a big company that illustrates how far they’ll go with influence on government.

                                                                                                                                                                                          1. 1

                                                                                                                                                                                            I appreciate your support but I do want to also say, I generally discourage accusing powerful people of mental illness. It is extremely unlikely to cause any harm to the powerful people, and at the same time it does reinforce the societal idea that it’s okay to dehumanize people who have these diagnoses. Stigma kills.

                                                                                                                                                                                            1. 1

                                                                                                                                                                                              I think your over simplifying it. Being vigilant about mental health protects people. The Virginia Tech shooter was diagnosed several times as a danger to himself and others. Ignoring people’s mental health issues kills.

                                                                                                                                                                                              1. 2

                                                                                                                                                                                                Thank you for raising that. I do disagree. Mentally ill people are more likely to be victims than perpetrators of violence. This Vox article is the best overview of the available evidence that I’m familiar with, in part because it’s nice and short.

                                                                                                                                                                                          1. 15

                                                                                                                                                                                            Some historical perspective on the origins of our industry:

                                                                                                                                                                                            • Computers and tabulating machines prior to the 20th century were mainly concerned with generating tables of numbers (mostly useful for gunnery and navigation), census-taking, and accounting (naked capitalism).
                                                                                                                                                                                            • Analog and digital computers as we know them in the 20th century were developed and used for the first decades of their existence to do mostly military work: calculating ballistic tables, simulating physics of interest to fission, tracking and controlling anti-aircraft guns, targeting missles, and so forth.
                                                                                                                                                                                            • The first networked computing systems in common use were for Naval ships coordinating fire control and for ground anti-aircraft and missle systems.
                                                                                                                                                                                            • MIT via Lincoln Laboratory and Bells Labs did extensive defense work, dating back to the very founding of those institutions.
                                                                                                                                                                                            • Integrated circuits exist so we could make better missle warheads. Huge amount of defense funding.
                                                                                                                                                                                            • GPS exists to help deploy military units, mark artillery targets, and guide missles. The street found its own uses for these things.

                                                                                                                                                                                            We can point to visionaries like Vannevar Bush and their pure dreams for things like augmenting human intellect with hypermedia but those same people never ceased to work for their country on horrifically powerful weapons.

                                                                                                                                                                                            DARPA is probably one of the only reliable sources for decades-out basic research, arguably better than the NSF.

                                                                                                                                                                                            It is not popular in our circles to discuss such things, but then truth remains: military projects have been and continue to be sources of major innovation in our industry.

                                                                                                                                                                                            Further, there’s this bizarre political idea of globalization and open-borders I’ve often seen supported seemingly without thought by folks doing these protests.

                                                                                                                                                                                            Globalization can and does endanger workers by allowing companies to escape what a country might consider to be reasonable regulations.

                                                                                                                                                                                            Not all border-control and immigration enforcement is a bad thing–look no further than the experience of Ukraine in the last few years when faced with an influx of undocumented immigrants.

                                                                                                                                                                                            Frankly, while I support the desire for Labor to organize against Capital when they see their livelihoods and morals threatened, I really do wish they could do so with a bit more of an eye towards reality and strategy. It’s like nobody learned from the Occupy protests. :(

                                                                                                                                                                                            1. 24

                                                                                                                                                                                              I recognize all this history, believe me. What I can say, without getting into a detailed debate, is that the positions you mention are not taken thoughtlessly, and I would encourage everybody to have these conversations about what exactly right and wrong mean to the tech industry. There are certainly a lot of perspectives that deserve to be included, yours among them.

                                                                                                                                                                                              I’ve actually been very frustrated that I don’t see these conversations happening much in the public sphere. Or rather, everybody talks about the tech industry and its moral dilemmas, but I seldom see members of the industry engaging with it, other than CEOs, who therefore wind up representing all of us by default. That really needs to change, and the sooner the better.

                                                                                                                                                                                              I’m tempted to blame the lack of dialogue on the fact that most places where engineers come together are oriented towards technical discussion to the exclusion of politics. But that’s really not the root cause; the root cause is that, in some sense, anyone making an engineer’s salary is part of the establishment and benefits from the establishment, and that makes it a very frightening thing to question whether the establishment is good.

                                                                                                                                                                                              1. 4

                                                                                                                                                                                                I really appreciate your thoughtful input, and I think if everybody had your mindset then discussion would be much easier. Good for you for taking the time to contribute in this manner. Yet, I also find that there are lots of people who are intolerant of other’s perspectives if they differ from there own, which can make discussion unappetizing for people who’s primary goal at work is to get work done and not engage in public debate.

                                                                                                                                                                                                However, writing this comment has made me realise that if I want to help encourage a more thoughtful and nuanced debate within the industry (which I believe is vitally important), I have to be part of making it happen. I guess this involves taking the risk of people not liking me if my views differ from theirs, being honest about why I hold my own views, and open to changing them though constructive, respectful discourse and reflection.

                                                                                                                                                                                                1. 3

                                                                                                                                                                                                  Well, indeed. :) I couldn’t have said it better.

                                                                                                                                                                                                2. 4

                                                                                                                                                                                                  I’m tempted to blame the lack of dialogue on the fact that most places where engineers come together are oriented towards technical discussion to the exclusion of politics.

                                                                                                                                                                                                  There’s a reason for this. Most people’s political beliefs are held at least as strongly as their religious beliefs and they are just as difficult to change. When people talk about political and religious beliefs, they like to talk about why they think their own beliefs are right and occasionally why someone else’s might be wrong. This will almost always cause friction between the participants of the conversation unless they happen to have the same beliefs or unless the participants are unusually diplomatic with each other. Since most people are not always super diplomatic when discussing strongly held beliefs, and generally have a desire to get along with the people they work with and socialize with, it’s usually better for all involved to just avoid the big three volatile topics altogether: sex, religion, and politics.

                                                                                                                                                                                                  Of course, all of this goes out the window as soon as you login to twitter.

                                                                                                                                                                                                  1. 3

                                                                                                                                                                                                    Yes, absolutely understood. I would say that what you’re describing is that people are choosing to prioritize being part of their community over their desire to discuss political ideas. In general, I find this admirable; it takes a lot of maturity to stay off of the topic. But when our industry is at a cross-roads, I think that we have to discuss what comes next, even despite the good reasons not to.

                                                                                                                                                                                                    This is all true in a wide variety of contexts - lobste.rs, Twitter, at work, … In the specific case of conversations at work, staying off of politics is a particularly understandable choice because it might well be necessary for continued employment. This is what I was trying to get at with my mention of benefiting from the establishment.

                                                                                                                                                                                                3. 7

                                                                                                                                                                                                  How things were, how things are, how things should be, and how things will be are different things.

                                                                                                                                                                                                  It’s 100% true that the modern industry was bootstrapped by military investment and funding. But we shouldn’t forget that the funding is all coming from the same gov’t, and we can choose to have the investment and funding, without having it be in the purpose of blowing people up.

                                                                                                                                                                                                  Getting military contracts is a good tactic for a single company to get some success and revenue, and for research to fund itself. But we can also aspire to fund this research directly.

                                                                                                                                                                                                  There’s a spectrum of “reasonable military research” here, and it’s totally not black and white. But without guiding principles it’s hard to motivate strong political causes. The tea party did not feel the need to hold back on their principles and now control all three branches of gov’t

                                                                                                                                                                                                  1. 1

                                                                                                                                                                                                    and we can choose to have the investment and funding, without having it be in the purpose of blowing people up.

                                                                                                                                                                                                    It sounds true at first that you can separate from them. Then, looking at big picture, you can’t if you’re dependent on infrastructure, tech, and/or research designed by people fine with that for the purpose of doing that. The Net getting funded was one of those. INFOSEC was another that came from military with highest levels still classified as a munition far as I can tell. GPS was another where it’s constantly helping us find things and helping military kill things. It does both by design. The ISP’s are taking piles of money from NSA for spying on people per Snowden leaks but their opponents still pay for Internet from ISP’s. The major platforms, hardware and software, are often DOD suppliers who make money contributing to blowing people up which their buyers support indirectly. That includes Red Hat with its contributions to Linux.

                                                                                                                                                                                                    And yet, here your comment is via lots of tech developed and/or funded by the groups blowing people up. Hard to escape given all the companies trying to get at their money. I don’t know if there’s a single vendor of MCU’s/CPU’s that doesn’t sell to war industries. All we can do is reduce the damage. Then again, DARPA and NSF do the most funding of stuff that can protect people from lots of threats. Pissing them off might hurt a lot of people depending on what you’re working on even if they might hurt others with a weaponization of it. The morality isn’t clear. I guess my compromise so far is government/military work is worth supporting if it can do more good than harm with a decent chance of good being developed outside the government.

                                                                                                                                                                                                  2. 3

                                                                                                                                                                                                    The problem is that to organize, you need to class solidarity. If your allegiance to your class comes before allegiance to your nation-state, then you cannot arbitrarily decide that some workers have more rights to work inside the borders of your nation-start than others, even if this directly impacts your well-being and even if this means driving down salaries in your country.

                                                                                                                                                                                                    Renouncing these values means renouncing the values that should motivate you into the class struggle and give in to individualism, that is a tool to maintain the status quo.

                                                                                                                                                                                                    Globalization is a tool of the Capital to achieve profit but fighting it now will just lead to a worse alternative. Also defining what’s possible and realistic according to what the neoliberal paradigms dictates is a tool of the Capital but you seem to deal with it pretty fine.

                                                                                                                                                                                                    1. 4

                                                                                                                                                                                                      If your allegiance to your class comes before allegiance to your nation-state, then you cannot arbitrarily decide that some workers have more rights to work inside the borders of your nation-start than others, even if this directly impacts your well-being and even if this means driving down salaries in your country.

                                                                                                                                                                                                      I agree with your analysis here, and that is why I don’t use that ordering. I would wryly suggest that what is needed is some way of balancing class concerns in such a a way as to favor Labor with an eye towards political boundaries, but the natural English branding of such a thing–national socialism–has rather a lot of baggage.

                                                                                                                                                                                                    2. 2

                                                                                                                                                                                                      I’ll add that both INFOSEC that stops governments (more often) and Tor came out of military research. NSF, DARPA, and CIA continue to fund these types of things. Hell, such dual-use, protective projects are some of best reasons to continue funding these organizations. At least NSF and DARPA anyway.

                                                                                                                                                                                                      Military R&D are a necessity. We can’t control whether the techs will be abused. The U.S. can’t get behind on tech. So, my compromise is we keep investing, keep the ratio toward positive stuff, and get the crooks out of top of government and military. The latter are who abuse the military tools.

                                                                                                                                                                                                      1. 2

                                                                                                                                                                                                        bizarre political idea of globalization and open-borders I’ve often seen supported seemingly without thought by folks doing these protests

                                                                                                                                                                                                        “Globalization” is an overloaded term. The most popular, “negative” meaning is global capitalism. Protestors probably don’t support that kind of globalization. Open borders for individuals, that makes sense, I’m not sure how it’s bizzare.

                                                                                                                                                                                                        1. 2

                                                                                                                                                                                                          Open borders for individuals, that makes sense, I’m not sure how it’s bizzare.

                                                                                                                                                                                                          Why does it make sense? What answer would you give for that example of Ukraine, where a bunch of armed individual Russians decided to make use of inadequate border control.

                                                                                                                                                                                                          If you want to make the argument that we no longer use Westphalian sovereignty, that’s fine, but unless that’s the case a nation must have control over its borders to be considered a sovereign nation.

                                                                                                                                                                                                          1. 4

                                                                                                                                                                                                            Personally, I suppose, I’d say that we clearly need some level of border control for that specific, military purpose. I would also say that border control targeted at civilians is far more strict and intrusive than it needs to be for any policy objective I support.

                                                                                                                                                                                                        1. 14

                                                                                                                                                                                                          I do something like this as well, with the added layer of crazy that my dotfiles are a nix package which is installed and then linked into place.

                                                                                                                                                                                                          But really, all I want is unprivileged union mounts that work.

                                                                                                                                                                                                          1. 7

                                                                                                                                                                                                            But really, all I want is unprivileged union mounts that work.

                                                                                                                                                                                                            Plan 9, where art thou?

                                                                                                                                                                                                            I seriously don’t understand why Unix hasn’t evolved to be more like Plan 9 over the last few decades. It’s so clearly the right direction!

                                                                                                                                                                                                            1. 5

                                                                                                                                                                                                              Hey, do you have like a 10-second primer on plan 9? I always see people talking about it but have no idea how it differs from Unix.

                                                                                                                                                                                                              1. 7

                                                                                                                                                                                                                It’s sometimes said that in Unix, everything is a file. In Plan 9, everything is a filesystem, and they can be transparently or opaquely mounted on top of one another to customise the environment for each process.

                                                                                                                                                                                                                For example, where Unix has a special API for making network connections and configuring them, Plan9 has a particular filesystem path: write a description of the connection you want to make, read back a new path. Open that path, and the resulting file-descriptor is your TCP socket. If you want to forward your connections via another computer, you don’t need a special port-forwarding API or a VPN, you can just mount the remote computer’s network-connection filesystem over the top of your own, and everything that makes a network connection from then on will be talking to the TCP stack on the remote computer.

                                                                                                                                                                                                                1. 2

                                                                                                                                                                                                                  I think Redox’ “Everything is a URL” is a nice improvement on Pan 9’s idea.

                                                                                                                                                                                                                  1. 1

                                                                                                                                                                                                                    Very interesting. Thanks!

                                                                                                                                                                                                                  2. 1

                                                                                                                                                                                                                    That’s a great question!

                                                                                                                                                                                                                    I guess the big thing about Plan 9 is that it really tried to make everything a file. So using the network was just opening files, writing to the GUI was just writing to files &c. Really, the differences from Unix are mostly a result of that goal, e.g. in Plan 9 any user can create his own namespace of files & directories from other files & directories.

                                                                                                                                                                                                                    The longer version would go into detail about how that actually worked (short version: really well).

                                                                                                                                                                                                                2. 4

                                                                                                                                                                                                                  Do you have your Nix/dotfiles code somewhere?

                                                                                                                                                                                                                  1. 3

                                                                                                                                                                                                                    A more radical approach would be using rewritefs.

                                                                                                                                                                                                                    1. 2

                                                                                                                                                                                                                      I use home-manager, and mine looks as simple as:

                                                                                                                                                                                                                            home.file = {
                                                                                                                                                                                                                              ".stylish-haskell.yaml".source = ../stylish-haskell.yaml;
                                                                                                                                                                                                                              ".spacemacs".source = ../spacemacs;
                                                                                                                                                                                                                              ".ghci".text = ''
                                                                                                                                                                                                                                :set prompt "λ> "
                                                                                                                                                                                                                              '';
                                                                                                                                                                                                                            };
                                                                                                                                                                                                                      
                                                                                                                                                                                                                      1. 1

                                                                                                                                                                                                                        Me too! Some more stuff I do to manage simple scripts/aliases:

                                                                                                                                                                                                                        let
                                                                                                                                                                                                                          script = text: {
                                                                                                                                                                                                                            text = ''
                                                                                                                                                                                                                              #!/usr/bin/env bash
                                                                                                                                                                                                                              ${text}
                                                                                                                                                                                                                            '';
                                                                                                                                                                                                                            executable = true;
                                                                                                                                                                                                                          };
                                                                                                                                                                                                                        in {
                                                                                                                                                                                                                          # ...
                                                                                                                                                                                                                            home.file = {
                                                                                                                                                                                                                              "bin/gd" = script ''git diff "$@"'';
                                                                                                                                                                                                                              "bin/gds" = script ''git diff --staged "$@"'';
                                                                                                                                                                                                                              "bin/gf" = script ''git fetch --all "$@"'';
                                                                                                                                                                                                                              "bin/glg" = script ''git log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr %cd) %C(cyan)%an%Creset' --date=format:'%d.%m' --abbrev-commit "$@"'';
                                                                                                                                                                                                                              "bin/gl" = script ''glg --all "$@"'';
                                                                                                                                                                                                                              "bin/gs" = script ''git status "$@"'';
                                                                                                                                                                                                                              # Show git branches in ~ "most recently used" order
                                                                                                                                                                                                                              "bin/git-bs" = script ''git branch --sort=-committerdate "$@"'';
                                                                                                                                                                                                                            };
                                                                                                                                                                                                                          # ...
                                                                                                                                                                                                                        };
                                                                                                                                                                                                                        

                                                                                                                                                                                                                        What I especially like about home-manager, is that it allows me to try and gradually migrate stuff to Nix, but I still can do e.g. nix-env -iA nixpkgs.umlet for quick additions/tests, and still have an escape hatch of sudo apt-get install ... if something is not available (or broken for me) in nixpkgs.

                                                                                                                                                                                                                        1. 1

                                                                                                                                                                                                                          You don’t need that script function. viz.:

                                                                                                                                                                                                                                programs.bash = {
                                                                                                                                                                                                                                  ...
                                                                                                                                                                                                                                  shellAliases = {
                                                                                                                                                                                                                                    copy = "xclip -i -selection clipboard";
                                                                                                                                                                                                                                    g = "git";
                                                                                                                                                                                                                                    e = "emacs -nw";
                                                                                                                                                                                                                                    ee = "emacs -nw $(fzf)";
                                                                                                                                                                                                                                  };
                                                                                                                                                                                                                                };
                                                                                                                                                                                                                          
                                                                                                                                                                                                                                programs.git = {
                                                                                                                                                                                                                                  ...
                                                                                                                                                                                                                                  aliases = {
                                                                                                                                                                                                                                    co = "checkout";
                                                                                                                                                                                                                                    ci = "commit";
                                                                                                                                                                                                                                    s = "status";
                                                                                                                                                                                                                                    pr = "pull --rebase";
                                                                                                                                                                                                                                    l = "log --graph --pretty='%Cred%h%Creset - %C(bold blue)<%an>%Creset %s%C(yellow)%d%Creset %Cgreen(%cr)' --abbrev-commit --date=relative";
                                                                                                                                                                                                                                  };
                                                                                                                                                                                                                                };
                                                                                                                                                                                                                          
                                                                                                                                                                                                                        2. 1

                                                                                                                                                                                                                          I remember finding home-manager and was unsure if it worked or was testing on a not-NixOS system, so I kept using my Rube Goldberg setup :/

                                                                                                                                                                                                                          1. 1

                                                                                                                                                                                                                            I can confirm that home-manager works on OSX. The home.nix file I linked to above is used both on my Thinkpad running NixOS and my Macbook running macOS (via nix-darwin).

                                                                                                                                                                                                                            1. 1

                                                                                                                                                                                                                              I’m using it succesfully on Ubuntu 16.04.

                                                                                                                                                                                                                          2. 1

                                                                                                                                                                                                                            Oh, hey, I’ve been meaning to do that. Would you be willing to share your config?

                                                                                                                                                                                                                            1. 4

                                                                                                                                                                                                                              Here’s my nix expression which, in true FP style, is completely inscrutable:

                                                                                                                                                                                                                              { stdenvNoCC, stow, src ? ./. }:
                                                                                                                                                                                                                                
                                                                                                                                                                                                                              stdenvNoCC.mkDerivation {
                                                                                                                                                                                                                                inherit src;
                                                                                                                                                                                                                                name = "common-configs";
                                                                                                                                                                                                                                propagatedBuildInputs = [ stow ];
                                                                                                                                                                                                                                propagatedUserEnvPkgs = [ stow ];
                                                                                                                                                                                                                                buildPhase = ''
                                                                                                                                                                                                                                  wd=$(pwd)
                                                                                                                                                                                                                                  mkdir $wd/live
                                                                                                                                                                                                                                  find . -maxdepth 1 -mindepth 1 -type d | \
                                                                                                                                                                                                                                    grep -v 'work\|scripts\|nix' | \
                                                                                                                                                                                                                                    while read d; do
                                                                                                                                                                                                                                      stow --dir=$wd --target=$wd/live --stow $(basename $d)
                                                                                                                                                                                                                                  done
                                                                                                                                                                                                                                  echo $out > $wd/live/.config/store-address
                                                                                                                                                                                                                                '';
                                                                                                                                                                                                                                installPhase = ''
                                                                                                                                                                                                                                  mkdir -p $out/etc/profile.d $out/cfg
                                                                                                                                                                                                                                  cp -Lr . $out/cfg
                                                                                                                                                                                                                                  mv $out/cfg/live $out/live
                                                                                                                                                                                                                                  cat <<'EOF' >$out/etc/profile.d/stow-configs.sh
                                                                                                                                                                                                                                  export PARALLEL_SHELL=/bin/sh
                                                                                                                                                                                                                                  [ -e "$HOME/.config/store-address" ] && stow --dir=$(cat $HOME/.config/store-address) --target=$HOME --delete live
                                                                                                                                                                                                                                  stow --dir=$(dirname $(realpath $HOME/.nix-profile/live)) --target=$HOME --stow live
                                                                                                                                                                                                                                  # need to make sure systemd is using the latest unit files
                                                                                                                                                                                                                                  systemctl --user daemon-reload
                                                                                                                                                                                                                                  test -f $HOME/.nix-profile/live/.Xresources && xrdb -merge $HOME/.nix-profile/live/.Xresources
                                                                                                                                                                                                                                  EOF
                                                                                                                                                                                                                                '';
                                                                                                                                                                                                                              }
                                                                                                                                                                                                                              

                                                                                                                                                                                                                              The src argument is a directory arranged like “programname/.dotfile”.

                                                                                                                                                                                                                              And this is called from a script I call nix-up:

                                                                                                                                                                                                                              #!/bin/sh
                                                                                                                                                                                                                              nix-channel --update
                                                                                                                                                                                                                              test -f "$HOME/lib/$(hostname).nix" &&
                                                                                                                                                                                                                              	nix-env --no-build-output --keep-going \
                                                                                                                                                                                                                              		--remove-all --install --file "$HOME/lib/$(hostname).nix"
                                                                                                                                                                                                                              if test -f "$HOME/.nix-profile/etc/profile.d/stow-configs.sh"; then
                                                                                                                                                                                                                              	echo swapping configs...
                                                                                                                                                                                                                              	. "$HOME/.nix-profile/etc/profile.d/stow-configs.sh"
                                                                                                                                                                                                                              fi
                                                                                                                                                                                                                              

                                                                                                                                                                                                                              That $(hostname).nix file has a list of packages and hooks the overlay that contains the above expression.

                                                                                                                                                                                                                              1. 1

                                                                                                                                                                                                                                Thanks! I’m excited to set it up.

                                                                                                                                                                                                                          1. 2

                                                                                                                                                                                                                            I don’t think articles with paywalls should be posted. I cannot read this article without purchasing a subscription.

                                                                                                                                                                                                                            1. 4

                                                                                                                                                                                                                              There are 3 workarounds to the paywall in the comments, one of which was posted by one of the authors of the piece simultaneously with submitting it.

                                                                                                                                                                                                                              1. 2

                                                                                                                                                                                                                                Feedback taken, all the same, and thank you for raising it.

                                                                                                                                                                                                                                1. 1

                                                                                                                                                                                                                                  Hi, sorry – didn’t see that it had already been posted across the comments. I appreciate you posting the article. It’s good content.

                                                                                                                                                                                                                                  1. 2

                                                                                                                                                                                                                                    Not a problem, it was still good to point out. Glad you liked the article!

                                                                                                                                                                                                                            1. 6

                                                                                                                                                                                                                              Sorry about the pay wall; it should work if this is the first article from the site you’ve read recently, and in an incognito window.

                                                                                                                                                                                                                              1. 8

                                                                                                                                                                                                                                A route around the pay wall: https://outline.com/5TP6J3

                                                                                                                                                                                                                                1. 2

                                                                                                                                                                                                                                  @pushcx can we just set the URL to this for the submission instead?

                                                                                                                                                                                                                                2. 6

                                                                                                                                                                                                                                  The archive link works as well.

                                                                                                                                                                                                                                1. 14

                                                                                                                                                                                                                                  Liz Fong-Jones. Her activism within and outside Google has been a constant inspiration. If you’re in tech and you haven’t heard of her, you’re probably cis. ;)

                                                                                                                                                                                                                                  1. 0

                                                                                                                                                                                                                                    role model in your capacity as technologists?

                                                                                                                                                                                                                                    Could you be more specific on how Liz Fong-Jones answer the OP question?

                                                                                                                                                                                                                                    I noticed Fong-Jones is a site-reliability engineer.

                                                                                                                                                                                                                                    1. 2

                                                                                                                                                                                                                                      I don’t notice anybody else being asked this question. You’ll forgive me for assuming it’s because I named a woman.

                                                                                                                                                                                                                                      1. 4

                                                                                                                                                                                                                                        Actually I was about to ask a similar question…

                                                                                                                                                                                                                                        Perhaps let me phrase it differently….

                                                                                                                                                                                                                                        I haven’t heard of, or come across, Liz before. Whereas I have heard of most of the names mentioned in this thread and could tell you something about them.

                                                                                                                                                                                                                                        Possibly, because I do not operate in the realm of site reliability. Possibly, as you suggest, because I’m male cis. ;-) Quite likely it is (yet another) symptom of the bias in the industry.

                                                                                                                                                                                                                                        However, if you say she is worth listening to… I’m more than willing to believe that she is.

                                                                                                                                                                                                                                        A casual google pointed me at site reliability stuff… not my field.

                                                                                                                                                                                                                                        Could you point us at stuff she has done / said / written that you feel would be a good introduction to her?

                                                                                                                                                                                                                                        I’d appreciate that.

                                                                                                                                                                                                                                        1. 5

                                                                                                                                                                                                                                          Thank you for your question. I’d like to note that, while it might seem superficially similar to the parent comment, you’re asking for information, whereas that comment is kind of half-seriously challenging whether I have the right to post here. Even though the details I’d provide in response are the same, answering your question makes sense, whereas nothing I could possibly say to the parent comment would result in anything but escalating frustration.

                                                                                                                                                                                                                                          Liz has done a great deal of work to make the tech industry a safe place for trans people to exist, and more broadly to remind everyone that being a technologist is not just about building things, it’s also about considering the consequences. Some of that work has been behind closed doors; some of it has been outreach to the public; some of it has involved educating the press on the human challenges our industry faces. When I gave this speech it was Liz’s example that convinced me it was worth doing.

                                                                                                                                                                                                                                          I don’t know how to provide a fast introduction to that kind of thing. It’s not like if I’d said Donald Knuth, and then I could link you to his books. I’d note that even for somebody like Knuth, his impact was first and foremost on people - inspiring them, in his case, to follow a path of rigorous mathematical analysis of computing. Different leaders inspire people along different paths, and it’s never truly possible to capture everything.

                                                                                                                                                                                                                                          1. 6

                                                                                                                                                                                                                                            Thanks!

                                                                                                                                                                                                                                            Liz has done a great deal of work to make the tech industry a safe place for trans people to exist

                                                                                                                                                                                                                                            Let me tell you some ancient history…..

                                                                                                                                                                                                                                            I was conscripted into a very aggressive, very macho military, as young man deeply part of a very aggressive very homophobic culture.

                                                                                                                                                                                                                                            When I reported for duty… a beautiful young lady was ahead on me in the queue.

                                                                                                                                                                                                                                            Strange.

                                                                                                                                                                                                                                            When she reached the head of the queue and presented her papers….

                                                                                                                                                                                                                                            …I’m deeply ashamed that I witnessed all the humiliation and hurt dealt to her… but didn’t speak up at the time.

                                                                                                                                                                                                                                            I was still part of the culture that believe she was the wrong one.

                                                                                                                                                                                                                                            After a time, and witnessing the cruelty and viciousness, she and folk like her were exposed to…

                                                                                                                                                                                                                                            I realized I had been lied to.

                                                                                                                                                                                                                                            The LGBT folk were simply not the evil ones in this picture, not even close, they were bright sparks of beauty and kindness and mercy in comparison.

                                                                                                                                                                                                                                            So I’m glad people like Liz (and you) are speaking up… like I wish I had done years ago.

                                                                                                                                                                                                                                            1. 4

                                                                                                                                                                                                                                              As somebody else said about a very different set of role models elsewhere in this thread, most people do what they’re told. Your response was perfectly normal, and I think you should be kind to yourself about it.

                                                                                                                                                                                                                                              Thank you very much for the kind words.

                                                                                                                                                                                                                                              1. 4

                                                                                                                                                                                                                                                Actually I hope the pain of that memory will always sting and make me smell the disconnect between words and actions sooner, and then not be silent.

                                                                                                                                                                                                                                                1. 2

                                                                                                                                                                                                                                                  Then, I’ll hope that too. Pain can be important sometimes.

                                                                                                                                                                                                                                        2. 4

                                                                                                                                                                                                                                          Most people included links for us to follow to learn about their role models. They were also often IT celebrities. Your name is unknown to most of us with no link. A follow-up question asking what she did and/or links to her work is the most inclusive thing a person could do in that situationto give her equal attention to other linked people inthis thread. There was also a follow-up questions to a male in this thread who similarly provided no info and someone was curious.

                                                                                                                                                                                                                                          So, I assumed the person just wanted to learn more about her and/or thought you might have links to her great work. I didnt see it as a challenge. Thanks for giving us more information in the other comment since she sounds like a highly-effective activist.

                                                                                                                                                                                                                                          1. 3

                                                                                                                                                                                                                                            I understand why it wouldn’t be perceived as a challenge if you aren’t used to everything you say in public being challenged in similar fashion. That’s why I’m taking the time to highlight that it was one.

                                                                                                                                                                                                                                            1. 3

                                                                                                                                                                                                                                              I experience that all day at work. We’re set up to fail, almost all results or responses get a negative interpretation, our customers continue to demand more every year, and so on. Tiring as it is, I still try to practice presumption of innocence and principle of charity facing uncertain situations. I slip up for sure but I still try.

                                                                                                                                                                                                                                              In your case, I just was wanting someone to show dissenting opinion that one of two follow-ups might just be a follow-up. Plus, an opportunity to bring attention to a woman’s work regardless of intention behind the question. If good, they get some info. If aiming at suppression, their question is fliped into promotion opportunity.

                                                                                                                                                                                                                                              Just doing a benefit of doubt thing rather than starting something. If anything, you’re typically way less likely to read negative things in or overreact to people’s screwups. So, I was surprises more than anything. My guess (all I can do cuz no data) is activism work you referenced has gotten you much more negative/discriminating responses than usual, you’re kind of in fight mode with mind optimized to counter it quicky, and you just reacted to the statement like that. I wasnt really holding it against you since I do that on occasion when I have more shit coming at me than normal (esp non-stop).

                                                                                                                                                                                                                                              So, I dont think less of you or want a war. Just saw 3 downvotes on a comment that might have been well-intended. Had to point out it might. That was all.

                                                                                                                                                                                                                                              1. 3

                                                                                                                                                                                                                                                While we’re making meta comments about other people’s comments, can I point out you’re spending paragraphs dissecting another user’s single-sentence comments and speculating on psychological motivations behind them? It has nothing to do with the topic. Give it a rest.

                                                                                                                                                                                                                                                1. 3

                                                                                                                                                                                                                                                  One person asked for information about a person, they were accused of discrimination, then others attempted to censor the accused, and then using the benefit of the doubt got me accused of something.

                                                                                                                                                                                                                                                  You’re saying people should be able to make negative accusations about others but other side shouldnt speak or receive a defense. You also didnt tell them they were off topic which means saying it now is you likely censoring folks you disagree with instead of caring about what’s on-topic. A recurring theme in these tangents.

                                                                                                                                                                                                                                                  Far as paragraphs, Im known to be wordy. Double true whem Im trying to be careful criticizing a comment by someone I respect with some care and context. Dismissive snipes like yours are good for fights but not civil discourse. I mean, I was done with the thread but you couldnt resist prodding at me, eh? I’ll try again.

                                                                                                                                                                                                                                                2. 3

                                                                                                                                                                                                                                                  I respect your position and appreciate your weighing in.

                                                                                                                                                                                                                                                  1. 1

                                                                                                                                                                                                                                                    Thank you.

                                                                                                                                                                                                                                            2. 3

                                                                                                                                                                                                                                              I am sad to read that your interpretation was quite negative. My question was sincere and based on the imprecision of your statement.

                                                                                                                                                                                                                                              Your comment was pretty ambiguous to me: you hinted about Fong-Jones’s activism in gender identity (which I will classify as political), but vouched her citing her employer’s name, which make me look in her website to find out it is full of talks on SRE topics (which I classify as technical).

                                                                                                                                                                                                                                              If you’ve chosen to cite Fong-Jones for political reasons, I think it is as valid as people citing Stallman for his political position on FOSS.

                                                                                                                                                                                                                                              But if you’ve chosen her for technical reasons, I would be curious on the reasons because I haven’t seen many citing SRE people in here.

                                                                                                                                                                                                                                              About me, I come from a blunt culture, so I am pretty straight forward with my questions and answers; however, I dislike when people use it against me with prejudice about my motivations or beliefs: it isn’t cool.

                                                                                                                                                                                                                                              But if you would have said Ada Lovelace, Grace Hopper, Barbara Liskov or Julia Evans (as few did) as your role models, which are all women, I wouldn’t have asked you the reasons: they are pretty obvious. :)

                                                                                                                                                                                                                                        1. 8

                                                                                                                                                                                                                                          Linus Torvalds, Richard Stallman, Steve Jobs, Bill Gates

                                                                                                                                                                                                                                          I look up to these guys because they were all doers / visionaries in their various fields, I could elaborate how but I think it’s fairly obvious.

                                                                                                                                                                                                                                          1. 5

                                                                                                                                                                                                                                            That’s funny, you’d usually see people either list

                                                                                                                                                                                                                                            Linus Torvalds, Richard Stallman

                                                                                                                                                                                                                                            or

                                                                                                                                                                                                                                            Steve Jobs, Bill Gates

                                                                                                                                                                                                                                            but not both? I get that they all do things, but isn’t there more to being a role model than just doing in general?

                                                                                                                                                                                                                                            1. 5

                                                                                                                                                                                                                                              I don’t think so, being able to realize your own vision is pretty rare. In my experience, for whatever reason, most people are incapable of doing anything substantial they aren’t told to do. So I look to these guys as success stories of forging your own path.

                                                                                                                                                                                                                                              1. 5

                                                                                                                                                                                                                                                I tend to disagree. I mean, Hitler realized his vision for many years, but (hopefully) not many folks would list him as a role model. What the vision is, and how they attain it is, IMHO, more important than them just accomplishing a big vision they have.

                                                                                                                                                                                                                                                1. 2

                                                                                                                                                                                                                                                  Lots of people have visions of great features or great things. I have regular discussions with a friend on ideas which could bring bags of pure gold with not much work from our part. Or discussions with colleagues at work about some revolutionary features that nobody wants to take responsibility of and nobody wants to push those ideas to management. Or I myself have lots of ideas what to change in my life to make it a few times better than currently. What’s the worth of those “visions” without a skill to execute them? Those guys @rian pasted had the ability to influence their environment so much that they’ve started to stand out from the crowd. I’d say that’s a pretty good skill to have, and a good trait to look into in others.

                                                                                                                                                                                                                                                  1. 1

                                                                                                                                                                                                                                                    I don’t disagree that what they did was impressive, but I believe there’s a moral aspect to what they do, and how they do it, that should be accounted for. History is full of people who were ‘game changers’ that did horrific things to accomplish their vision. If you just judge based on ‘did they do the big, impossible thing they wanted to do?’ then you also rope in folks who horrific things. That seems wrong to me.

                                                                                                                                                                                                                                                    1. 1

                                                                                                                                                                                                                                                      We talk goals and techniques to achieve them a lot here. They’re a bit different. I think comments mentioning even folks doing evil are just giving them credit for their focus, technique, and will that made stuff happen. That these might be worth emulating for better causes. We don’t have to say they’re great, human beings or anything. They can even be monsters.

                                                                                                                                                                                                                                                      However, many monsters know people so well they can get them to do about anything. It’s worth remembering. Hell, given their effectiveness vs their “good” opponents, it might even be worth copying what techniques worked with focus on results that aren’t so damaging. The bad folks keep copying what works for sure. So, why good folks gonna handicap themselves in such an environment? Worth at least considering even if not adopting due to one’s ethics.

                                                                                                                                                                                                                                                2. 3

                                                                                                                                                                                                                                                  That’s a really interesting connection. I certainly agree that you’ve named four people who found their own paths, and that’s an ideal I share as well. I would not have put these four together but that’s my own bias, and I feel like seeing your list caused me to question it a bit, and I appreciate that.

                                                                                                                                                                                                                                            1. 18

                                                                                                                                                                                                                                              Depends on 36 crates, 1.9M output binary (after stripping it manually)

                                                                                                                                                                                                                                              For some value of “minimal”, I guess.

                                                                                                                                                                                                                                              1. 11

                                                                                                                                                                                                                                                I feel like this is a bit of cheap shot, considering that this follows defaults and the defaults of rustc might differ from your expectations (e.g. debug symbols, stdlib, jemalloc, which is easily 2 megs). The crates situation is also debatable - it does use a concurrency framework under the hood that is well-factored into pieces.

                                                                                                                                                                                                                                                Most of the size comes from just one pair of crates, btw: regex and regex_syntax. Most of the crates are indeed lightweight, providing such things as a reusable parking lot reimplementation.

                                                                                                                                                                                                                                                The tool is rather small (a bit over 100 lines). If it were implemented in Go, for example, you’d pull all that in through a runtime, if it were in C, I’d be interested to see how much code you need to pull in (or write yourself) to get to an equivalent level.

                                                                                                                                                                                                                                                If you’d want to trim this, there’s certainly ways, but yes, I think you can definitely say this is rather minimal.

                                                                                                                                                                                                                                                1. 18

                                                                                                                                                                                                                                                  A stubborn focus on the absolute number of crates is indeed a bit weird from the perspective of “minimalism.” It would be “easy” to reduce that count if only everybody built monolithic crates and never factored things out into reusable components. For example, in regex’s case, the parser, aho-corasick, thread locals and UTF-8 automata construction tools could all legitimately be rolled directly into the regex crate itself, thereby decreasing the absolute number of crates and trivially satisfying “minimalists” such as @pcy everywhere. But that’s basically where the benefits stop, because now nobody can reuse any of those crates. The same goes for parking_lot or crossbeam. You could reduce the number of absolute crates by building more monolithic crates, and forcing anyone with a more refined use case to either copy and paste or depend on more than they need.

                                                                                                                                                                                                                                                  With that said, one might question why regex is being depended on at all in the first place, and I think that might be a valid criticism. e.g., It does look like dup is not using the ignore crate for its filtering support, but rather, for its parallel directory iterator. The only reason why these two things are coupled in the same crate is because I haven’t devoted any resources to de-coupling them. Ironically, decoupling them will (probably) just increase the absolute number of crates that one brings in when depending on ignore, but also simultaneously enabling tools like this to depend on fewer crates.

                                                                                                                                                                                                                                                  To play the devil’s advocate, an absolute number of crates can increase maintenance burden for folks. I tend to like to keep an eye on every dependency I use, transitively or otherwise, to make sure I’m up to date on what’s going on there. This becomes intractable as the number of crates grows. However, when the count balloons because one logical crate starts splitting itself apart internally, that tends to be OK because I’m only dealing with the higher level crate.

                                                                                                                                                                                                                                                  Lobsters does love their pithy one-line zingers, even when they lack substance, just like reddit. This is one of the reasons why I’m steadily growing to hate this place.

                                                                                                                                                                                                                                                  1. 5

                                                                                                                                                                                                                                                    The one-liners seem to be a consequence of showing karma, which I plan to avoid in my upcoming site.

                                                                                                                                                                                                                                                    Also, howdy. I was that fool on HN who challenged you to the xsv coding duel. It was a pleasant surprise to see you here, as well as minimaxer and a few other HN hats.

                                                                                                                                                                                                                                                    Would you write up a few thoughts on what you’d like to see out of a new site? (Or, alternatively, a few reasons why you are steadily growing to hate the present one.)

                                                                                                                                                                                                                                                    It will be a few years before things are significantly different, but the plan is basically to bring HN’s mod tools to the masses. Everyone can make their own HN front page (called a lambda) and moderate/curate in the ways that have proven effective on HN: changing titles, hiding karma, re-ranking stories regardless of upvotes, muzzling individual users, and so on. I’m particularly motivated to avoid the mistakes that plague the current batch of sites (including some of HNs), so your perspective would help.

                                                                                                                                                                                                                                                    1. 6

                                                                                                                                                                                                                                                      Hiya. :-)

                                                                                                                                                                                                                                                      This is kind of a bit of a tangent for this thread, so I’ll just keep it brief. Basically, I would like to see a technical forum that is heavily moderated. I don’t necessarily mean moderation from the perspective of “let’s have a strong CoC,” but rather, moderation in the sense that “discourse should be high quality.” It’s an explicit intent to increase the barrier of contribution by demanding higher quality discussion.

                                                                                                                                                                                                                                                      The forum that comes to mind is r/AskHistorians. They have a very heavy handed approach to moderation, and as a result, I can go read discussions in that forum with virtually zero noise. It’s excellent.

                                                                                                                                                                                                                                                      There are serious downsides to this. For one, it requires someone willing to do the moderation work. Speaking from experience, this is freaking hard. Secondly, I don’t know how many people would be willing to participate in such a forum. There would be really hard questions about who gets to judge quality. r/AskHistorians generally gauges quality, from what I can tell, based on citations/sources and, to some extent, pedigree. I don’t know whether that would carry over nicely to a tech-focused forum, but it feels possible. Basically, stop blabbing shitty/low-effort opinions and start grounding them in experience (or others experiences) that others can learn from.

                                                                                                                                                                                                                                                      1. 10

                                                                                                                                                                                                                                                        Hi,

                                                                                                                                                                                                                                                        I would personally encourage anyone who wants to build a community like what burntsushi describes to try it. I can’t speak for pushcx or alynpost in this, but I don’t think Lobsters should regard new communities as a threat to its own prominence; rather, I think every community should understand that different places serve different purposes and every community benefits from the presence of the others.

                                                                                                                                                                                                                                                        I do, also, call on crustaceans to continue working towards the ideal of high-quality conversation. I don’t think this has to mean there are never jokes; we shouldn’t ask people to stop being people just because the subject matter is technical. I think you all do an astonishing job of it, when we consider what technical forums which don’t prioritize depth and nuance look like.

                                                                                                                                                                                                                                                        I wish I could volunteer to be part of burntsushi’s proposed effort; I do think it would be an interesting experiment. Unfortunately, in all honesty, the attention I’ve been able to give to Lobsters lately has already been suffering due to me prioritizing support and activism communities that I’m also a part of. I don’t think it would be fair to anyone to further divide my attention.

                                                                                                                                                                                                                                                        Good luck!

                                                                                                                                                                                                                                                        1. 2

                                                                                                                                                                                                                                                          <3

                                                                                                                                                                                                                                                        2. 1

                                                                                                                                                                                                                                                          Personally I’m not completely against this kind of comment because they can (not always) spark interesting discussion (e.g. @pcy latest response). I also think discussion risks becoming very artificial/unnatural without them and I imagine an environment like you’re suggesting would be intimidating to a number of people who might otherwise have valuable input but lack self confidence.

                                                                                                                                                                                                                                                          1. 3

                                                                                                                                                                                                                                                            I mean, yeah. Clearly a lot of people like those sort of low substance pithy one liners. They get upvoted all the time here. That pattern is what I don’t like.

                                                                                                                                                                                                                                                            Lobsters is what it is. I’m not out to change it. I was asked my thoughts on what a different community might look like, so I answered. And yes, I explicitly acknowledged that it raises the barrier to contribution. There is no free lunch. I’m sure there are ways to inspire confidence, but at the end of day, you still wind up excluding low quality content.

                                                                                                                                                                                                                                                            r/AskHistorians proves it’s possible. The experiment is carrying it over to a tech focused forum.

                                                                                                                                                                                                                                                            1. 1

                                                                                                                                                                                                                                                              I would say that the experiment is really whether your moderation team have the good judgement, time, and persistence to be the ones to do it. I’ve no doubt it’s possible, for the right people.

                                                                                                                                                                                                                                                        3. 1

                                                                                                                                                                                                                                                          [edit: Oops, replied to wrong post. LOL, confused by nesting!]

                                                                                                                                                                                                                                                          1. 1

                                                                                                                                                                                                                                                            minimaxer and a few other HN hats

                                                                                                                                                                                                                                                            Hi shawn. Welcome to Lobsters!

                                                                                                                                                                                                                                                            I have never seen that HN user, don’t use HN at all myself, and haven’t for years. Even back then, I didn’t have an account. Just to be clear. Clever name, though :-)

                                                                                                                                                                                                                                                            Your new site sounds interesting. I’ll look out for it. I wish I had time to help out. I think that if you give everybody effective mod tools and ownership of their personal spaces, you can probably do without “karma” or similar gamification schemes altogether. Lobsters’ public invite tree does a great job at mitigating spammers and bots, and it’s such a simple thing. Public mod log is a very good feature as well.

                                                                                                                                                                                                                                                          2. 4

                                                                                                                                                                                                                                                            Thank you for writing this insightful and informative reply to the pithy one-liner.

                                                                                                                                                                                                                                                          3. 6

                                                                                                                                                                                                                                                            I feel like this is a bit of cheap shot

                                                                                                                                                                                                                                                            Yes, mea culpa, sorry. (Although I’m currently writing something for a system that has 4 megabytes of RAM, and seeing that that amount of code is needed to do something relatively simple feels a bit weird.)

                                                                                                                                                                                                                                                            and the defaults of rustc might differ from your expectations (e.g. debug symbols, stdlib, jemalloc, which is easily 2 megs).

                                                                                                                                                                                                                                                            I actually compiled with the --release flag, and with LTO turned on (which I’d expect to eliminate unused code).

                                                                                                                                                                                                                                                            I am aware of the fact that some people do use Rust and emit small binaries. For example, the tools made by the demogroup Logicoma are all written in Rust (except for their synthesizer), and yet the output is around 64 kilobytes.

                                                                                                                                                                                                                                                            if it were in C, I’d be interested to see how much code you need to pull in (or write yourself) to get to an equivalent level.

                                                                                                                                                                                                                                                            Hold my beer. :)

                                                                                                                                                                                                                                                            1. 4

                                                                                                                                                                                                                                                              Thanks for the reply :).

                                                                                                                                                                                                                                                              Well, I deployed full tokio/serde applications on 8MB, so this is definitely feasible even with the large frameworks. libstd and alloc do have an undeniable base cost. It’s interesting how the growth of a Rust application is very much “steep, and then quickly getting smaller”.

                                                                                                                                                                                                                                                              Hold my beer. :)

                                                                                                                                                                                                                                                              I’ll also buy you the next one, feel welcome!

                                                                                                                                                                                                                                                              1. 7

                                                                                                                                                                                                                                                                I delivered: mdu.c. 221 lines (as counted by cloc). I used only libc, and even went as far as trying to use syscalls only. The result isn’t very “industry-grade”, but that wasn’t really my goal to begin with.

                                                                                                                                                                                                                                                                It spawns new ‘threads’ using fork(2), and communication is done using pipes (read(2), write(2) etc. are atomic). The main thread tells a worker thread which directory to (non-recursively) look at, these worker threads send newly discovered directories back to the main thread, which puts them in a queue. The worker thread signals it has done counting the file sizes of a single directory by letting the main thread know how large that dir is. The main thread then looks at the queue, and assigns one new directory to each idle threads. (Or just read the source.)

                                                                                                                                                                                                                                                                But how big is it, and does it work?

                                                                                                                                                                                                                                                                $ ll . # Including all the comments, of course.
                                                                                                                                                                                                                                                                -rw-r--r-- 1 9946  mdu.c
                                                                                                                                                                                                                                                                $ gcc -O3 -omdu mdu.c && wc -c mdu
                                                                                                                                                                                                                                                                17744 mdu
                                                                                                                                                                                                                                                                $ strip -s mdu && wc -c mdu
                                                                                                                                                                                                                                                                14536 mdu
                                                                                                                                                                                                                                                                $ git clone https://github.com/sharkdp/diskus # Let's download some testing material (looks like they changed the name)
                                                                                                                                                                                                                                                                $ ./mdu
                                                                                                                                                                                                                                                                28578
                                                                                                                                                                                                                                                                

                                                                                                                                                                                                                                                                14k is still a bit much, don’t you think? Let’s try cheating a little:

                                                                                                                                                                                                                                                                $ sstrip -z mdu && wc -c mdu
                                                                                                                                                                                                                                                                12533
                                                                                                                                                                                                                                                                

                                                                                                                                                                                                                                                                (sstrip)

                                                                                                                                                                                                                                                                Hmm, not bad. But let’s try something better/cheatier: executable compression. I’m using my own unpacker, as UPX etc. wouldn’t do much good, as the input binary is already quite small.

                                                                                                                                                                                                                                                                $ xz -9 --extreme --keep --stdout mdu > mdu.xz && cat $foo/vondehi mdu.xz > mdu.vndh && chmod +x mdu.vndh && wc -c mdu.vndh
                                                                                                                                                                                                                                                                3590 mdu.vndh
                                                                                                                                                                                                                                                                $ ./mdu.vndh # Including the .xz file etc.
                                                                                                                                                                                                                                                                32136
                                                                                                                                                                                                                                                                

                                                                                                                                                                                                                                                                And now it’s less than a single page :).

                                                                                                                                                                                                                                                                In the large comment at the top of the file, I explained how to make it even smaller (it’s probably not that hard to cut the size in half), but I’m too lazy to do it.

                                                                                                                                                                                                                                                                EDIT: Of course, it’s linking dynamically to libc. The actual thing must be multiple megabytes, right?

                                                                                                                                                                                                                                                                $ musl-gcc -static -O3 -omdu.musl mdu.c && wc -c mdu.musl
                                                                                                                                                                                                                                                                34320 mdu.musl
                                                                                                                                                                                                                                                                

                                                                                                                                                                                                                                                                And if you get rid of all the syscalls, you can make a much smaller static binary anyway.

                                                                                                                                                                                                                                                                EDIT2:

                                                                                                                                                                                                                                                                I’ll also buy you the next one, feel welcome!

                                                                                                                                                                                                                                                                I actually don’t drink anything containing alcohol, but thanks anyway.

                                                                                                                                                                                                                                                                About the “trolly oneliner” conversation: I’m actually surprised that silly comment got that many votes in the first place.

                                                                                                                                                                                                                                                                1. 2

                                                                                                                                                                                                                                                                  I must admit that I didn’t have time to read through it yet (was sick over the weekend), but thanks for writing it already. I’ll have a check :)

                                                                                                                                                                                                                                                                  I actually don’t drink anything containing alcohol, but thanks anyway.

                                                                                                                                                                                                                                                                  Any other beverage will do ;).

                                                                                                                                                                                                                                                                  About the “trolly oneliner” conversation: I’m actually surprised that silly comment got that many votes in the first place.

                                                                                                                                                                                                                                                                  I’m not, sadly. That thing flies so well on the internet, because it triggers the “cool, agree” emotion, even without looking at the subject of the comment in detail.

                                                                                                                                                                                                                                                        1. 1

                                                                                                                                                                                                                                                          I didn’t expect 4chan would be alive, much less relevant in 2018. I suppose to an extent it’s still not.

                                                                                                                                                                                                                                                          1. 1

                                                                                                                                                                                                                                                            It’s extremely relevant today as a hub for radical-right planning and coordination, as well as being part of the radicalization pipeline.

                                                                                                                                                                                                                                                            I know this post is about math, but it’s hard for me to see discussion that doesn’t mention that fact.

                                                                                                                                                                                                                                                            1. 1

                                                                                                                                                                                                                                                              Sorry for my lack of clarity, I meant to say positively relevant.

                                                                                                                                                                                                                                                              1. 1

                                                                                                                                                                                                                                                                Totally fair, and understood.

                                                                                                                                                                                                                                                          1. 27

                                                                                                                                                                                                                                                            Takes us back to the days when we had more trust that the NSA and other institutions were genuinely working to keep America safe. We don’t seem to have that anymore. Were they always doing creepily over-broad surveillance? Are they actually worse now than they were then? Or is it just our trust that’s changed, and they’re still mostly the good guys? Maybe all three are true, I don’t know.

                                                                                                                                                                                                                                                            1. 17

                                                                                                                                                                                                                                                              I mean, yes, they always were doing creepily over-broad surveillance. Many of the old allegations about them have since been confirmed by declassified documents. Long after anyone would care, of course…

                                                                                                                                                                                                                                                              When there’s an alleged abuse of power, though, in general I don’t think it’s all that useful to ask, did this specific set of events happen. Instead, a much better question is: What would stop that from happening? What controls are built into the system to make those actions difficult or impossible? Very often, the answer turns out to be that people are nice and wouldn’t do that. When that’s the answer, I think there’s a problem that needs to be addressed, regardless of what can proximately be proven.

                                                                                                                                                                                                                                                              1. 11

                                                                                                                                                                                                                                                                the “good old days” of trusting the intelligence community were artificially extended because watergate dominated the new cycles when COINTELPRO came out.

                                                                                                                                                                                                                                                                1. 13

                                                                                                                                                                                                                                                                  Were they always doing creepily over-broad surveillance?

                                                                                                                                                                                                                                                                  They also installed brutal dictators throughout the world.

                                                                                                                                                                                                                                                                  1. 2

                                                                                                                                                                                                                                                                    To be fair, that’s mostly been the CIA’s wheelhouse. Different office.

                                                                                                                                                                                                                                                                  2. 6

                                                                                                                                                                                                                                                                    Takes us back to the days

                                                                                                                                                                                                                                                                    The good old days fallacy; longing for a better time that never really existed.

                                                                                                                                                                                                                                                                    1. 1

                                                                                                                                                                                                                                                                      I’d strongly suggest (re-)watching “The Good American” documentary to understand the impact that 9/11 had on ethics and priorities at the NSA.

                                                                                                                                                                                                                                                                    1. 12

                                                                                                                                                                                                                                                                      I’m going to start reading William Gibson’s “Neuromancer” novel. If I can find the time, I also want to begin reading Katsuhiro Otomo’s “Akira” manga series, published back in 1988.

                                                                                                                                                                                                                                                                      1. 3

                                                                                                                                                                                                                                                                        If you make it through Neuromancer, you might want to check out his anthology Burning Chrome. Probably my favorite works of his.

                                                                                                                                                                                                                                                                        1. 1

                                                                                                                                                                                                                                                                          That’s certainly the plan, going through all of Gibson’s work. Thanks for the recommendation.

                                                                                                                                                                                                                                                                          1. 2

                                                                                                                                                                                                                                                                            Oh no, don’t read all his work. The gems are:

                                                                                                                                                                                                                                                                            • Burning Chrome (short story collection, 1982)
                                                                                                                                                                                                                                                                            • Sprawl trilogy
                                                                                                                                                                                                                                                                              • Neuromancer (1984)
                                                                                                                                                                                                                                                                              • Count Zero (1986)
                                                                                                                                                                                                                                                                              • Mona Lisa Overdrive (1988)
                                                                                                                                                                                                                                                                            • The Difference Engine (1990), an alternative history novel Gibson wrote with Bruce Sterling

                                                                                                                                                                                                                                                                            Personally, when I do a re-read, I stop there. If you’re still really keen, go on to:

                                                                                                                                                                                                                                                                            • Bridge trilogy
                                                                                                                                                                                                                                                                              • Virtual Light (1993)
                                                                                                                                                                                                                                                                              • Idoru (1996)
                                                                                                                                                                                                                                                                              • All Tomorrow’s Parties (1999)

                                                                                                                                                                                                                                                                            Just beware that they totally lack the lyrical writing that people find so gripping in the Sprawl trilogy. All of his works after 2000 take place in the very-near-future or the present and have straightforward stories and themes. I don’t find them compelling whatsoever and they generally get mixed reviews (in contrast with the universal acclaim of his earlier work).

                                                                                                                                                                                                                                                                            1. 2

                                                                                                                                                                                                                                                                              That makes depressing sense - cyberpunk dystopia is no longer fiction, nor is it in the future. Though I haven’t read his work so that’s easy for me to say.

                                                                                                                                                                                                                                                                              Thank you for the recommendations, it’s good to know where to start!

                                                                                                                                                                                                                                                                              1. 2

                                                                                                                                                                                                                                                                                Thank you. I’m gonna do what you suggest, and will dive into his other stuff in case I feel curious.

                                                                                                                                                                                                                                                                                1. 2

                                                                                                                                                                                                                                                                                  I agree with your summary but I’d like to add that I really enjoyed one of his modern books as well: ‘Pattern Recognition’

                                                                                                                                                                                                                                                                                  1. 1

                                                                                                                                                                                                                                                                                    Heh. Horses for courses I suppose! It’s been a while since I read them now but I remember liking the bridge trilogy (though not as much as the sprawl ones) but I hated Difference Engine and found it a dreary slog that I struggled to get through.

                                                                                                                                                                                                                                                                              2. 2

                                                                                                                                                                                                                                                                                great choices, Akira is epic. I want to finish reading Snowcrash at some point!

                                                                                                                                                                                                                                                                                1. 2

                                                                                                                                                                                                                                                                                  I am amazed you could put Snowcrash down.

                                                                                                                                                                                                                                                                                2. 1

                                                                                                                                                                                                                                                                                  SUCH a good set of books!

                                                                                                                                                                                                                                                                                  1. 2

                                                                                                                                                                                                                                                                                    Thank you. I’m really excited by Gibson’s. Considering the fact it was the first time the term “cyberspace” was used.

                                                                                                                                                                                                                                                                                  2. 1

                                                                                                                                                                                                                                                                                    Neuromancer is amazing. Enjoy :-)

                                                                                                                                                                                                                                                                                    1. 1

                                                                                                                                                                                                                                                                                      Great! I’m even more excited about it.

                                                                                                                                                                                                                                                                                    2. 1

                                                                                                                                                                                                                                                                                      I am so jealous you have not read Gibson yet.

                                                                                                                                                                                                                                                                                      1. 1

                                                                                                                                                                                                                                                                                        I know that feeling to experience great things for the first time. It’s certainly a grateful experience.