Threads for Irene

  1. 30

    People should be aware that alternate clients are disallowed by the Discord terms of service, and people have been banned from Discord for using them. One person banned was the author of Cordless, as detailed at https://github.com/Bios-Marcel/cordless

    I don’t think Slack has a problem with it, this is just for Discord.

    I entirely support people who decide to knowingly break the rules. Discord’s policy impinges on a really important freedom. I just wanted to make sure people are aware, so they can be deliberate about the risks they take.

    1. 4

      People should be aware that alternate clients are disallowed by the Discord terms of service

      As far as I know, they’re not disallowed in writing. The thing that is disallowed is doing things with the API that Discord’s client wouldn’t do.

      1. 2

        I don’t think the text has changed, and the text disallows all “self bots”, anything that isn’t an official client authenticating with a official client’s login token.

      2. 4

        People should be aware that alternate clients are disallowed by the Discord terms of service

        That’s a pretty solid reason to stay well away from Discord, IMO.

      1. 11

        I might use this if I weren’t worried about linux users other than my main having access to tailscale’s net interface.

        Someday I’ll get around to learning nftables. Today is not that day

        Actually now that I think about it, if I were to filter all outbound packets by user, how would I host services on the tailnet via a daemon user? Can I use conntrack with nftables? What about UDP? Would I even care about isolating tailnet internal services to another user? Maybe I should focus on not needing to worry about network access by other users so I can rely on loopback as a safe interface. Maybe I should go crazy with network namespaces

        1. 4

          I hope this style of posting isn’t too bothersome to others. I’m not used to interacting like this vs lurking here discussing/rambling on discord with friends

          1. 6

            Not at all! It’s on topic discussion and people do benefit from reading this kind of thought, in general.

            1. 1

              Absolutely your comments are 100% on point and not bothersome at all!

              I LOVE tailscale, but I’m a one man shop and just using it for my personal infrastructure so I wouldn’t even know to think about problems like the one you cite.

              1. 2

                I replaced self-managed wireguard with tailscale. Much easier to handle and runs on Linux (arm64 and amd64) and OSX.

            2. 2

              It’s been a long time since I played with nftables, but IIRC you can mark packets originating from different UIDs and then you can make decisions based on metainformation. Have not tested the theory though.

              1. 2

                My understanding is with this feature, the SSH connection is handled by tailscaled before the Linux kernel ever sees them, so nftables wouldn’t be helpful. It can do that because the userspace daemon terminates the WireGuard connection.

              1. 12

                The crucial part of this is how the password / master key and decrypted secrets are kept secure in memory. I hope the daemon at least stores secrets in pinned RAM and zeroes out memory when it’s freed. Are there mechanisms that keep other processes like debuggers from being able to inspect the daemon’s address space?

                (I’m not familiar with Unix key managers in general, just with Apple’s Keychain, which has pretty tight integration with the kernel and hardware trust module to keep it secure.)

                1. 23

                  there is a discussion on lwn about this between the author and mjg59. https://lwn.net/Articles/893327/

                  1. 36

                    Welp, that’s Drew in a nutshell. He’s a very productive and innovative programmer doing fascinating & crucial work, and also a dick. I keep hoping he’ll tone down his confrontational tone, because I’m a fan of his work, but his stuff won’t last or be widely adopted if he can’t build a strong community around it. Sadly his behavior never changes, and it’s always driving people away who might otherwise be receptive to his projects and messages.

                    Here it comes with the additional downside that he can’t process legitimate criticism, which will interfere with his project being as good as it could be.

                    For anyone who doesn’t feel like reading the thread, mjg59 points out that the security feature for storing keys securely (keeping them out of memory space) only works on Linux, yet Hare works on other operating systems (like BSD). Drew considers this a feature, not a bug, calling it opportunistic improvements in security. Various people suggest it would be better to refuse to do the thing if it isn’t secure, that opportunistic improvements allow adversaries to target systems that lack the security feature, and it’s very hard for end users to know if a programmer used the library correctly (in this case, only on Linux). The conversation doesn’t really proceed further, in part because Drew calls people asking him to engage with mjg59 and/or his criticisms “hero worship”.

                    1. 20

                      Thanks very much, I have the feeling you’ve just saved me half an hour of stressful reading. :)

                      1. 6

                        I think you are being far ruder by calling someone ‘a dick’ on a forum where they can’t defend themselves. Probably better to say nothing.

                        1. 9

                          In case there’s some variation of English slang causing confusion here, I meant “dick” as shorthand for “not careful with the feelings of others”. I think this is just objectively true, an accurate description of his actions, or the pattern of his actions over time.

                          But you raise a valid point: I could have used more polite language, which could improve clarity, and been more gentle with my tone, at the cost of some emotional content. I think often in communication there is a conflict between genuinely communicating your emotions as you’re feeling them, versus realizing that your current emotions may be unhelpful and taking time until you can communicate something else genuinely instead.

                          1. 2

                            Why can’t he defend himself here?

                            https://lobste.rs/u/ddevault oh

                          2. 5

                            I’m normally pretty biased against Drew for the same reasons, but it seems to me like mjg59 is the aggressor here.

                            Drew explained his rationale, and then more-or-less said “let’s agree to disagree on this.” However rather than letting it go, everyone just kept pushing, stating the same points over and over in an incredibly harsh and disrespectful tone.

                            They all obviously had some valid concerns (which I agree with), but in this context it’s borderline trolling, and Drew handled it fairly well given the circumstances.

                            1. 8

                              Maybe it’s ethically derelict to build and release a language which regresses the state of the art in memory safety.

                              1. 3

                                Everything’s a tradeoff. Rust’s borrow checker is one tool of many for helping programmers write correct code, not a moral imperative for all new systems languages. Plenty of thoughtful programmers are skeptical about the effectiveness of Rust’s approach to memory safety, and the cost of that approach with regard to other things that are important, like comprehensibility. For example, see this HN thread from Ron Pressler. Maybe he’s right; maybe he’s wrong. My point is that the question is by no means settled enough that a language designer rejecting Rust’s approach to memory safety should be considered ethically derelict.

                            2. 3

                              but his stuff won’t last or be widely adopted if he can’t build a strong community around it. Sadly his behavior never changes, and it’s always driving people away who might otherwise be receptive to his projects and messages.

                              And yet: https://drewdevault.com/2022/03/14/It-takes-a-village.html

                              I hope to one day be as successful at building a community.

                              1. 12

                                This is a fair point. Drew’s projects have communities built around them, bigger and more cohesive than anything I’ve built, for sure. Maybe that’s good enough, Drew has hit his goals, and he can afford to antagonize whoever comes across on the internet; perhaps his work has enough reach, and wouldn’t benefit from attracting more or different kinds of people.

                                I’m reminded of an old article about Usain Bolt, the fastest man in the world (still? Certainly when it was written), and how in one famous record-setting race, he turned around, saw that no one else was close to him, and coasted the rest of the way to the finish line. The piece suggested that this was representative of his approach to running in general. It then asked (as many have before and since) how fast could Usain Bolt run if he actually tried? https://www.esquire.com/sports/a7058/usain-bolt-bio-0410/

                                Well, how much community could Drew build if he, like, stepped away from the keyboard for a few minutes every time he was about to flame, insult, or even threaten people? Does it matter?

                                In actuality, we know that Drew has not hit all of his goals, and he is not entirely happy with the status quo. https://drewdevault.com/2022/05/30/bleh.html Drew has been so abrasive to so many people that now even members of his communities who are simply using his stuff get grief for being willing to work with him. He’s unhappy about that, he says he’s working to improve, and he asks for another chance. He recognizes a problem and claims to want to address it. But every time I look at new work from him, there’s new examples of him being a dick.

                                In other words, he’s already successful in building community, yes, but I think his abrasiveness is the biggest obstacle to further improvements, and Drew might even agree with that statement.

                                1. 7

                                  If people are harassing his users, perhaps blaming the harassers rather than the victims is in order.

                                  1. 2

                                    Harassing them isn’t good. But I get the point that you try to distance yourself from people which defend (or introduce) the project of a person you really don’t want to get involved with.

                              2. 1

                                Oh, it’s the Hare guy. I feel like he’s actively harmful to the image of whatever project will employ his aid and just having him there is detrimental regardless of his technical ability.

                                1. 1

                                  Do you know him?

                                  1. 5

                                    I know his opinions that get loudly posted on every message board such as here (before he was banned for his self-promotion) and reddit, in addition to his bad behavior such as what is showcased here.

                                    In short, I would never willingly use his products or work with him after these exposures 🤷🏽‍♂️

                                    1. 4

                                      I know his opinions that get loudly posted on every message board such as here (before he was banned for his self-promotion) and reddit, in addition to his bad behavior such as what is showcased here.

                                      And yet, Torvalds got a pass for many, many years. The man has a history of terrible public statements, E.G., referring to OpenBSD developers as masturbating monkeys. He has been downright abusive to many, including contributors to his projects. Examples are numerous. I’m more than happy to cite. I challenge anyone to show me just one example of where Drew Devault has displayed these levels of wanton cruelty.

                                      One could be forgiven for thinking that there might be some double standards in the free software community. Torvalds is a darling of the corporate types, and as another horrible, cruel person once said: when you’re a star, they let you do it. You can do anything…

                              3. 7

                                What a rude comment thread. The module that people are piling in on Drew about is clearly documented to do what it does (with the caveat that it doesn’t say which kernels it provides security on).

                                The readme is 4 paragraphs long and the code is like 50 low-density lines, it’s not like this info is hidden.

                                1. 16

                                  One shouldn’t be required to read the program’s source, and the docs of the APIs it calls, to know whether it’s fit for purpose. Especially when this is a security-related feature.

                                  1. 5

                                    Even more: If such security can’t be guaranteed I may as well store my secrets in plaintext, that way I don’t get a false sense of security. (At the end of the day I’ll be vulnerable every time I decrypt my secrets. And if they are ever flushed to disk I’m vulnerable forever.)

                                    1. 2

                                      The comment thread isn’t about the application himitsu, though. The starting post in that comment thread specifically asks about the API and links to it:

                                      https://git.sr.ht/~sircmpwn/hare/tree/master/item/crypto/keystore - as an app developer targeting the standard library, how do I know whether or not my keys are going to be stored securely or not?

                                      The API is specifically documented as being “low-level” and “not recommended for non-experts”. In the context of talking about this API, I think that:

                                      1. It is reasonable to expect the developer-users of this API to read the documentation and if it is not clear, the source code.
                                      2. mjg59’s comments are kind of overblown, and other people in the thread are worse. The API doesn’t do what mjg59 would prefer, and maybe mjg59’s core suggestion of refusing to store a value if it cannot be stored securely is better, but I think it is definitely arguable and either way the tone was very heavy handed from the beginning.

                                      Personally, I think that there should be an API for testing if values can be stored securely, but it doesn’t necessarily have to live in this module for this thing to be useful. Maybe it makes more sense to group those capability-reporting functions somewhere else.

                                      1. 1

                                        OK, that makes more sense; I didn’t know the comments were about the API.

                                    2. 21

                                      It’s really funny how different your impression of that thread is from mine. I think one comment summed it up well:

                                      You don’t have to keep engaging with mjg59 if you don’t want to, but belittling people who agree with them as mere hero worshipers is beyond the pale. Remember that in asking us to use your language, you’re asking us to also trust you in your stewardship of that language and how you’ll respond to our concerns and needs as the maintainer. Seeing you attack people so aggressively out of the gate is not a confidence boosting start.

                                      1. 4

                                        Yeah, obviously I disagree and I don’t think it’s worth talking about much further. I thought Drew was fairly courteous, and the comment he called out as hero worship certainly seems hyperbolic to me:

                                        Someone who does not feel intensely motivated to learn from mjg59’s freely offered expertise has no legitimate claim on anyone’s attention.

                                        Like, that’s a ridiculous claim. We can call attention to someone’s expertise without saying such silly things.

                                  2. 1

                                    Are there mechanisms that keep other processes like debuggers from being able to inspect the daemon’s address space?

                                    I was under the impression (from when I last did some game hacking) that you need root to read another process’s memory (Linux). So it should be fine? Now that you mention debuggers, I don’t remember having to escalate to root for gdb to work - I wonder what the reason is.

                                    1. 3

                                      This is true only for other users’ processes. You can gcore your own process just fine, and this is part of the problem - if you’re on an effectively single-user system, like many are, there’s no protection. All your programs are running as the same user anyway.

                                      1. 1

                                        Is gdb setuid to root, or does it use a helper tool that is?

                                        I know on MacOS you need to enter an admin password to authorize Xcode / lldb the first time you start a debugger after rebooting. And there are processes that cannot be attached to even if you run a debugger as root.

                                        1. 1

                                          The second constraint is imposed by processes protected by macOS System Integrity Protection. The first I believe has to do with entitlements to attach to another process, but that’s just off the top of my head and I could be wrong.

                                          Regardless, Linux has neither of these protections. Debuggers run as normal user programs and do not require special authorization.

                                    1. 5

                                      Yep, well, as a NixOS fan I’m of course in full agreement with all of this. (Not that NixOS or nixops deal with automated deployments as elegantly as I’d wish, or anything like that, but it’s the philosophy…)

                                      I think these things are often clearer from outside the relevant community. From inside it, it’s easy to see the way things have been, and harder to see how they might be.

                                      1. 7

                                        I agree for the case of provisioning a single machine; I have used Terraform to declare the state of a machine, and NixOS is preferable for a variety of reasons. At the same time, a Nix store includes a small database which records the state of the store, both because a scan of the store is expensive and also because it would otherwise be difficult to tell if a package were corrupt/missing or intentionally deleted. The database of a Nix store is analogous to the state file of a Terraform environment.

                                        1. 2

                                          Yes, that’s very true. (Sorry for the delay in responding!)

                                      1. 2

                                        A couple years ago I did a big reorganization. I got a bunch of Akro-Mils stacking bins and sorted everything into the bins. I’ve noticed that most people who run any sort of physical maker workshop use these same bins, and I can see why; they have a lot of affordances around how you stack them, how you can rearrange them, how you can combine different sizes, and so on, which nothing else on the market really does.

                                        It uses slightly more space than putting everything in one huge box would, but it’s a lot easier to find stuff when I want it.

                                        Unfortunately, the bins are quite expensive, especially here in Canada since there don’t seem to be any retail importers selling them in small quantities right now. I did find it worth it, but not everyone will.

                                        1. 26

                                          People love arguing against using ligatures in code. I don’t know why. People who enjoy ligatures in code are going to continue using them. If you don’t like them don’t use them. Fonts let you control whether to enable them on a case-by-case basis, so I enable ligatures (I use Victor Mono) in my text editor (vscode) but disable them in my terminal (kitty).

                                          I’ve been using ligatures in my editor for years and have never once found myself in the author’s prophesied “swamp of despair”. My code just looks nicer with things like nice mathematical symbols (≤ instead of <=) and it hasn’t once caused me a problem.

                                          Article is from 2019 btw.

                                          1. 14

                                            You wrote:

                                            If you don’t like them don’t use them.

                                            But you’re responding to an article which says:

                                            “What do you mean, it’s not a matter of taste? I like using ligatures when I code.” Great! In so many ways, I don’t care what you do in private. Although I predict you will eventually burn yourself on this hot mess, my main concern is typography that faces other human beings. So if you’re preparing your code for others to read—whether on screen or on paper—skip the ligatures.

                                            And I really don’t have a choice but to read code with ligatures from time to time. Sometimes it’s on a blog post with ligatures, sometimes it’s in a screen shot of someone’s code they sent while asking for help. I wish people would follow his advice.

                                            1. 5

                                              His “main concern” is in a footnote, that basically he doesn’t want to have to read other people’s code with ligatures, which is your main point too. That’s fair! For many purposes (github, stack overflow, a textbook, maybe not an algorithms book) I even agree with you. I’ve never had a coworker complain when screen-sharing that they had trouble reading code, but it’s trivial to disable temporarily if they were to ask.

                                              But if someone wants to post code on their site in a font with ligatures I’d go “ooh nice that code looks pretty” and maybe “what font is that”? Despite protests, arguments, and vague predictions of doom, it does come down to taste and to circumstances. That’s my main concern, acting like it’s a matter of right and wrong.


                                              I’ve already given reasons in the thread why ligatures can actually increase readability. Check out the Victor Mono homepage for yourself for some code examples https://rubjo.github.io/victor-mono/ I just noticed that triple equals (JS) is represented by three bars. I don’t usually code JavaScript but triple equals being so visually distinct from double thanks to the ligatures I imagine would make it harder to make a mistake with them. On the other hand I dislike the use of dull color italics for comments that the author uses in the code samples… Again, it’s primarily about taste.

                                              Of course, I’d be interested in any real-life examples of the author’s once-in-10-to-15-year occurrence prognostications of despair.

                                              1. 9

                                                Luckily because taste is a factor, my userContent.css contains

                                                code, kbd, pre, samp {
                                                   font-variant-ligatures: none !important;
                                                }
                                                
                                                1. 1

                                                  That’s awesome, thanks for sharing. I’ve been meaning to set up a userContent.css! (What stopped me is that it seems difficult to source control across computers because the profile folder name changes between machines.)

                                                  1. 1

                                                    I usually just update a snippet every once in a while. It’s not something where the world ends if I’m missing it. What I do want to see is NixOS having better control over building and managing Mozilla profiles.

                                              2. 3

                                                Sometimes it’s on a blog post with ligatures,

                                                I’ve never seen bad ligatures in a blog post code block. Usually the kind of people who want ligatures in their blog are sensitive enough to know when to turn them off. There are plenty of other ways to mess up code blocks, colored highlighting is a very common one. You don’t see anyone arguing against highlighting do you?

                                                sometimes it’s in a screen shot of someone’s code they sent while asking for help.

                                                So? My eyes burn when I help someone not using dark mode, it’s never stopped me from helping them.

                                                1. 2

                                                  And I really don’t have a choice but to read code with ligatures from time to time. Sometimes it’s on a blog post with ligatures, sometimes it’s in a screen shot of someone’s code they sent while asking for help. I wish people would follow his advice.

                                                  Sincere question: Do you really struggle if there’s ligatures? Does seeing them a few times in those scenarios really cause a hassle?

                                                  What about the inverse? What about people who struggle with “=” vs “==” vs “===”, for example? There are people who find “≡” preferable. Perhaps they wish people would not follow the author’s advice?

                                                  Anyway, I have ligatures on, and I’ve never had a problem in the scenarios you’ve mentioned, and more importantly, I’ve never had a problem when pairing. I regularly explicitly check too that a. is the font-size okay and b. are the ligatures okay.

                                                2. 7

                                                  I agree. I like the clean look; the ligatures make common symbols easier to recognize. I just started doing some HTML work yesterday, and was happily surprised to see that my current font has ligatures for HTML comments, which make them very recognizable even when the editor isn’t syntax-coloring them.

                                                  1. 6

                                                    the ligatures make common symbols easier to recognize

                                                    Totally. I want to piggy back on this to point out that ligatures don’t just “change symbols into other symbols” (like the OP is arguing WRT things like ≠). Ligatures can actually help make your code clearer even without substituting symbols. For example, Victor Mono, when it sees things like || or &&, replaces them with a bolder ligature version to make them stand out in code, but they’re still the same two symbols.

                                                    1. 2

                                                      why is that called a ligature? isn’t it just a font change?

                                                        1. 1

                                                          this explains my confusion

                                                        2. 1

                                                          At a technical level, fonts have several tables in them which define ligatures. The application code doesn’t even get involved, this all happens within the font rendering library (which on many platforms is part of the OS). That mechanism is used here, so that’s what it’s called.

                                                          1. 1

                                                            Thanks. I guess OP’s complaints are about ligatures in the layman’s sense.

                                                      1. 1

                                                        If the symbols are easier to recognize, then why not just use the Unicode symbols for them? Ask your language to adopt Unicode support.

                                                      2. 3

                                                        I’ve been using ligatures in my editor for years and have never once found myself in the author’s prophesied “swamp of despair”. My code just looks nicer with things like nice mathematical symbols (≤ instead of <=) and it hasn’t once caused me a problem.

                                                        Likewise. Has anyone burnt themselves on “this hot mess”?

                                                        I also usually have the opposite experience of what the author, and some commenters here, are saying. People usually ask me how to get the ligatures since they look nice and help with understanding by making it quick and obvious to parse things like logical operators.

                                                        1. 3

                                                          It’s like they’re afraid they’re going to be forced to use ligatures against their will

                                                          1. 1

                                                            The ≤ case is a selling point for me because I can never remember if it’s spelt <= or =< and the font disambiguates that for me.

                                                            Mind you, it’s the year 2022 now, and digraphs like >= or != should be regarded as crutches just like trigraphs are. It’s sad that we have to misuse font features instead.

                                                            1. 1

                                                              because I can never remember if it’s spelt <= or =< and the font disambiguates that for me.

                                                              Ha. That’s a really interesting point. I never mistake <= because it’s spelled like it’s read (“less than or equal to”), but I could never get straight ~= or =~ for using Perl regular expressions.

                                                              digraphs like >= or != should be regarded as crutches just like trigraphs are. It’s sad that we have to misuse font features instead.

                                                              Disagree on that. It’s great that I can see “if err ≠ nil” over “if err != nil” (the ≠ actually looks much nicer as a ligature in my programming font than the Unicode character does alone) without having to cut and paste unicode characters (as if using ≠ over != were even allowed). Fact is there are only so many keys on the keyboard. Programming-specific ligatures seems like a perfectly natural use-case, I don’t see it as a mis-use. Further, many Unicode “characters” are composed of multiple code-points, so Unicode does “ligatures” internally as well. Typing in Asian languages is often accomplished by combining multiple keystrokes to type one character. Text isn’t simple.

                                                          1. 50

                                                            I assume some people don’t like Facebook, so I reformatted the text and included it here:

                                                            This is written by Jon “maddog” Hall

                                                            This is the long-promised Christmas present to all those good little girls and
                                                            boys who love GNU/Linux.
                                                            
                                                            It was November of 1993 when I received my first CD of what was advertised as "A
                                                            complete Unix system with source code for 99 USD".   While I was dubious about
                                                            this claim (since the USL vs BSDi lawsuit was in full swing) I said "What the
                                                            heck" and sent away my 99 dollars, just to receive a thin booklet and a CD-ROM
                                                            in the mail.   Since I did not have an Intel "PC" to run it on, all I could do
                                                            was mount the CD on my MIPS/Ultrix workstation and read the man(1)ual pages.
                                                            
                                                            I was interested, but I put it away in my filing cabinet.
                                                            
                                                            About February of 1994 Kurt Reisler, Chair of the UNISIG of DECUS started
                                                            sending emails (and copying me for some reason) about wanting to bring this
                                                            person I had never heard about from FINLAND (of all places) to talk about a
                                                            project that did not even run on Ultrix OR DEC/OSF1 to DECUS in New Orleans in
                                                            May of 1994.
                                                            
                                                            After many emails and no luck in raising money for this trip I took mercy on
                                                            Kurt and asked my management to fund the trip.   There is much more to this
                                                            story, requiring me to also fund a stinking, weak, miserable Intel PC to run
                                                            this project on, but that has been described elsewhere.
                                                            
                                                            Now I was at DECUS.  I had found Kurt trying to install this "project" on this
                                                            stinking, weak, miserable Intel PC and not having much luck, when this nice
                                                            young man with sandy brown hair, wire-rim glasses, wool socks and sandals came
                                                            along.  In a lilting European accent, speaking perfect English he said "May I
                                                            help you?" and ten minutes later GNU/Linux was running on that stinking, weak,
                                                            miserable Intel PC.
                                                            
                                                            I sat down to use it, and was amazed. It was good. It was very, very good.
                                                            
                                                            I found out that later that day Linus (for of course it was Linus Torvalds) was
                                                            going to give two talks that day.  One was "An Introduction to Linux" and the
                                                            other was "Implementation Issues in Linux".
                                                            
                                                            Linus was very nervous about giving these talks.   This was the first time that
                                                            he was giving a talk at a major conference (19,000 people attended that DECUS)
                                                            to an English-speaking audience in English.   He kept feeling as if he was going
                                                            to vomit.   I told him that he would be fine.
                                                            
                                                            He gave the talks.  Only forty people showed up to each one, but there was great
                                                            applause.
                                                            
                                                            The rest of the story about steam driven river boats, strong alcoholic drinks
                                                            named "Hurricanes", massive amounts of equipment and funding as well as
                                                            engineering resources based only on good will and handshakes have been told
                                                            before and in other places.
                                                            
                                                            Unfortunately the talks that Linus gave were lost.
                                                            
                                                            Until now.
                                                            
                                                            As I was cleaning my office I found some audio tapes made of Linus' talk, and
                                                            which I purchased with my own money.  Now, to make your present, I had to buy a
                                                            good audio tape playback machine and capture the audio in Audacity, then produce
                                                            a digital copy of those tapes, which are listed here.  Unfortunately I do not
                                                            have a copy of the slides, but I am not sure how many slides Linus had.  I do
                                                            not think you will need them.
                                                            
                                                            Here is your Christmas present, from close to three decades ago.   Happy
                                                            Linuxing" to all, no matter what your religion or creed.
                                                            
                                                            And if you can not hear the talks, you are probably using the wrong browser:
                                                            

                                                            Introduction to Linux:

                                                            https://drive.google.com/file/d/1H64KSduYIqLAqnzT7Q4oNux4aB2-89VE/view?usp=sharing

                                                            Implementation Issues with Linux:

                                                            https://drive.google.com/file/d/1Y3EgT3bmUyfaeA_hKkv4KDwIBCjFo0DS/view?usp=sharing

                                                            1. 28

                                                              Thanks!

                                                              Also I mirrored this on archive.org so people can find this after google no doubt caps the downloads.

                                                              https://archive.org/details/199405-decusnew-orleans

                                                              1. 13

                                                                Thanks! I really appreciate you posting the text.

                                                                It’s not so much that I don’t like Facebook, as that I literally cannot read things that are posted there, because it requires login and I don’t have an account. In my professional opinion as a privacy expert, neither should anyone else, but I realize that most people feel there isn’t really a choice.

                                                                1. 3

                                                                  I don’t have a Facebook account either (and agree that neither should anyone else), but this post is actually publicly available so you should be able to read it without one. (I did, as I got to the post via the RSS feed, rather than the site so didn’t see the post.)

                                                                  1. 1

                                                                    That’s very interesting and good to know. I wonder whether it checks referrer or something? I do definitely get a hard login wall when I click it here.

                                                                    (Sorry for the delayed reply!)

                                                                2. 11

                                                                  Someone also linked the slides in the archive.org link :)

                                                                  http://blu.org/meetings/1994/08/

                                                                  1. 3

                                                                    Does anyone have links to the referenced anecdotes “described elsewhere”?

                                                                    1. 3

                                                                      This format on Lobsters is really bad on mobile with the x-overflow, weird.

                                                                      1. 5

                                                                        The parent put the quote in a code block instead of in a blockquote.

                                                                        1. 2

                                                                          The link that @neozeed posted to archive.org has the same text and is much easier to read on a mobile device.

                                                                        2. 2

                                                                          Thumbs up @Foxboron. I usually go out of my way to isolate facebook into a separate browser. I do have to say that this content was worth the facebook tax.

                                                                        1. 1

                                                                          So, a modern analog might be something like google’s protocol buffers? Both start from a type definition which gets “compiled” into auto-generated source code in your favorite language. Then there are other binary encoding formats like CBOR which start from your own source code and move towards a compatible serializer / deserializer by specifying numerical field IDs for each serialized property on a type / struct.

                                                                          Never surprises me when I find out something “new” is just a rewrite of something quite old :)

                                                                          1. 5

                                                                            Protocol buffers serve a similar function, but for cryptographic applications it’s important to keep in mind that they don’t provide a unique encoding. In particular, a lot of things under the hood in protos are variable-length integers, and these integers are not required to be represented minimally. ASN.1 DER, in contrast, guarantees that any permissible value will have a unique encoding.

                                                                            1. 2

                                                                              That is the thing - CBOR and ProtoBuffers are encodings that also offer some kind of IDL, while ASN.1 (that is why it is called Abstract Syntax One) is just IDL with multiple encodings. Technically it should be possible to use ASN.1 for defining ProtoBuffs, CBOR, or any other encoding you like. It already supports JSON (JER) and XML (XER).

                                                                              The reason why we now have a lot of different concepts like ASM.1 that use their own IDL is that ASN.1 grown in a lot of cruft and the spec is abysmal. It would be great to have something like “ASN.2” that would remove all the cruft and would start from mostly “clear slate”, but I do not think that it will become a thing any time near. Too many people focused on looking what Google will publish next.

                                                                                1. 2

                                                                                  CBOR is just “binary JSON”, it is a self-describing encoding. There is no IDL in CBOR. There is an external CDDL spec (or good old JSON Schema) but.. meh.

                                                                                  Protobuf and the performance focused alternatives are actually IDL-first. They just happen to have one standard encoding because there are benefits to developing IDL+encoding together as a cohesive system. You could use alternative encodings, but the only reason anyone actually does is to have a human-readable JSON representation for debugging.

                                                                                2. 1

                                                                                  a modern analog might be something like google’s protocol buffers?

                                                                                  No. protobuf is just another encoding. You can almost certainly define a protobuf-like encoding rule for ASN.1. This is the problem with all of these flavor-of-the-day formats. All they do is fracture this space.

                                                                                  1. 1

                                                                                    No! Stop! Where do all of you get that idea?!

                                                                                    Protobuf is IDL first, encoding second. The main part of protobuf is the proto(2/3) language for describing data structures with deep support for format evolution (backward/forward compatibility).

                                                                                    Also, “flavor of the day”? Really? Protobuf has been public / open source for 13 years now.

                                                                                    1. 1

                                                                                      As far as I can tell protobuf provides nothing that ASN.1 does not already provide. In my experience it’s worse. Try doing polymorphism in protobuf to see what I mean.

                                                                                      You could define a new wire format for it. But why do that when ASN.1 already has the infrastructure for all this?

                                                                                1. 8

                                                                                  I’m happy to see a story on this, but wish they would mention that there was a time when everything was “self-hosted”.

                                                                                  1. 9

                                                                                    Was there? In the early days of the Internet, the only things connected to it were time-sharing machines, so you’d have an account on one of those, which would host things. Prior to the Internet, you’d have BBSs. In both cases, you’d connect to someone else’s computer to do things. In the early days of the public Internet, ISPs provided web and email hosting and most people use those (Hotmail was disruptive in a large part because it was a way of getting an email address that wasn’t tied to your ISP). I’m not sure there was ever a time when everything was self-hosted.

                                                                                    1. 3

                                                                                      I think a lot of self-hosters run services that are used by family and friends. Calling it “self-hosting” might be a misnomer, but it’s close enough.

                                                                                      And that’s not too different from each site (e.g. university or company) providing time-sharing machines with mail and .plan files for their 100-1000 users or so.

                                                                                      1. 3

                                                                                        From roughly 1995 to 2005, I hosted my various sites and services on computers that were physically owned and configured by people I knew personally, administered by us jointly. Owning my own server hardware was too cost-prohibitive for me back then, but I think it still counts as self-hosting in every meaningful way.

                                                                                        I realize that I was far, far ahead of the curve, especially as compared to other penniless teenagers. My experience was a very rare one. Nonetheless, it was available for some people.

                                                                                        1. 2

                                                                                          Oh, I agree it was around for a long time - when I went to university the computer society had a machine (the successor to the one on which the Linux TCP stack was developed) that hosted email and web pages for everyone. I became an admin on that and used it to host most of my stuff until I could afford a colocated Mac Mini running OpenBSD, which I later replaced with a VPS and moved between a variety of different providers.

                                                                                          I was only disagreeing with the ‘there was a time when everything was “self-hosted”.’ in @emery’s post.

                                                                                          1. 2

                                                                                            Makes sense. Yeah, there used to be a lot more much smaller websites, and a lot more community around them, but that’s not the same as everything being self-hosted, and it’s worth keeping the distinction in mind.

                                                                                        2. 1

                                                                                          Prior to the Internet, you’d have BBSs. In both cases, you’d connect to someone else’s computer to do things.

                                                                                          “someone else’s computer”. not either A.) Google’s or B.) Facebook’s computers.

                                                                                          1. 6

                                                                                            Instead it was AOL and your ISP’s.

                                                                                            1. 1

                                                                                              What are you talking about? In the days of dial-up BBSs people were running the software on their home PCs…

                                                                                              1. 1

                                                                                                Even if you consider the established/notable BBS this is a very different picture than we have today, or even your alleged “AOL and your ISP’s [sic]” theory.

                                                                                                https://en.wikipedia.org/wiki/List_of_bulletin_board_systems

                                                                                                1. 2

                                                                                                  I think it’s very telling everyone abandoned BBSes immediately when something better came along.

                                                                                                  1. 1

                                                                                                    Okay, but that’s a different argument.

                                                                                                    1. 1

                                                                                                      Okay, but that’s a different argument.

                                                                                          2. 5

                                                                                            I only started “self-hosting” (debatable, since the host is a VPS on Digital Ocean) 5 years ago, when the friend who was hosting my stuff had to stop due to workplace changes. Before then I’ve always been running on other servers or hosts (I’ve had a web presence since 1994).

                                                                                            There is no freaking way I am gonna go through the hassle of actually hosting physical servers in my home with all the work that entails. Not for a web page and some measly CGI scripts.

                                                                                          1. 10

                                                                                            as the person who started the proposal I was wondering the same thing esp. since I was explicitely told to start a proposal by /u/Irene using the SysOp hat here https://lobste.rs/s/ypwgwp/tvix_we_are_rewriting_nix#c_cwjels

                                                                                            What’s the point of all this if there are 0 reactions? Looking at the moderation log it is clear that they see the discussions, they simply chose to not do anything which is a bit frustrating. At least saying “this is not conclusive, not doing it” is better than doing absolutely nothing.

                                                                                            In general, don’t get why this is so hard. tags are not a heavyweight concept. Why does it take so much effort to add one?

                                                                                            1. 5

                                                                                              In general, don’t get why this is so hard. tags are not a heavyweight concept. Why does it take so much effort to add one?

                                                                                              The mods already spend a considerable amount of their free time moderating. Maybe they do not have any time left for regular lobste.rs upkeep/improvements.

                                                                                              1. 3

                                                                                                Then don’t tell me to start a discussion wearing a SysOp hat if you are too busy doing anything about it anyway due to time constraints.

                                                                                                1. 18

                                                                                                  Perhaps something personal and unexpected happened and the mod who gave you advice about asking for a tag became unavailable? Or maybe creating a tag requires synchronization within the mod team and somebody on the critical path isn’t available?

                                                                                                  Creating a thread to ask for a tag is not a lot of effort so nothing happening isn’t that big of a deal in my opinion, but I can see how being recommended to do it and then not having an acknowledgement from the powers that be can be frustrating.

                                                                                                  1. 14

                                                                                                    Sorry about that. My fault, it was a communication failure between me and pushcx. I appreciate the effort you put into this thread; I’ll make sure we talk about it behind the scenes and get back to you.

                                                                                                    To people downvoting the comment I’m replying to: It’s okay to criticize the mods. Without criticism we can’t grow. The tone could have been better, but since, yeah, I did encourage the nix tag thread, I understand why there’s some anger and I am okay with that.

                                                                                                    1. 2

                                                                                                      Thank you for the reply and the clarification!

                                                                                                      1. 1

                                                                                                        Least I can do.

                                                                                              1. 22

                                                                                                I’m unsure if Peter has the spare time, or if it’s just the bare minimum to keep the site up and not go up in troll-flames. There was a we need a new moderator-post some time ago but as far as I know there are no nee moderators.

                                                                                                It might not be unwillingness, but rather a lack of time. Pure speculation of course, but that’s the first thing that comes to my mind.

                                                                                                1. 16

                                                                                                  We had a pretty responsive moderator back when @alynpost was around, but that is no longer the case. We had a remarkably interesting precedent of community-advised autocracy under @jcs and later @pushcx–that’s probably the most interesting/endearing part of Lobsters to me, and one that I think has mostly passed (much to my dismay). According to the mod log, we have been operating with only one mod for at least a few months.

                                                                                                  @pushcx has made oblique references (if my reading was correct) to some non-Lobsters circumstances drawing attention away (which is quite fine, since there is in fact a life outside the red site). Regrettably, the structure of governance for Lobsters is not robust when that happens.

                                                                                                  I have various critiques on how we get here, but I think it is sufficient to state that: Lobsters functions best with a very involved community, people focusing on tech instead of other things, and processes/mods engaged on a daily basis; but, I do not believe that we are currently in that operating regime.

                                                                                                  Sorry to all of the folks who’ve put such effort into writing up good tagging proposals. :(

                                                                                                  1. 17

                                                                                                    :(

                                                                                                    1. 9

                                                                                                      <3 we’re doing our best, and I do believe the site will be around for many years to come

                                                                                                    2. 16

                                                                                                      Yeah, I agree that the site does need attention from mods to be its best, and there isn’t as much of that to go around lately. With that said, I do think very highly of Lobste.rs users, and I think all y’all should give yourselves credit. The quality of discussions has largely remained high even during periods when mods have been busy elsewhere, and I think that’s the result of everyone’s hard work, not just the few of us with authority.

                                                                                                      My overall philosophy on things like this (but please understand that this is my personal view, not the view of the site) is that top-down moderation can only ever scale so far - but that’s okay, because when everyone in the community is committed to making it the best it can be, and feels empowered to gently guide things back on-track, that scales to any size.

                                                                                                      1. 3

                                                                                                        I can see how you’d get this impression from the mod log, but I’m certainly not alone. The mod channel on IRC also includes the chat mods (@355e3b and @aleph). We’re in different time zones on different schedules, so there’s pretty much always a running discussion as we talk through issues.

                                                                                                    1. 2

                                                                                                      it employed a strictly synchronous task model

                                                                                                      Not entirely certain how to interpret that – does that mean it’s cooperatively (as opposed to preemptively) scheduled?

                                                                                                      Edit: no, I see this page explicitly mentions preemptive multitasking. (So, still unsure what “strictly synchronous task model” means.)

                                                                                                      1. 8

                                                                                                        This seems to be a reference to Hubris’s IPC mechanism and the general execution model for tasks, which is discussed in more detail in the linked docs.

                                                                                                        Tasks have a single thread of execution, and cannot do anything asynchronous: if they send an RPC to another task, they’re suspended by the kernel until that other task responds (or the kernel synthesizes a response if that task crashes). They only receive asynchronous notifications from other tasks or hardware interrupts when they explicitly perform a receive (which suspends the task until something noteworthy happens).

                                                                                                        You can still do preemptive execution in this model - arguably easier, because there’s very few surprises for the kernel to deal with: a task is either runnable, or it took one of a small number of actions that are explicitly documented to suspend the task, until some future other small number of actions resume it.

                                                                                                        This makes for a very nice programming model: a task is single-threaded, runs an explicit event loop if it exposes an API to other tasks, and everything it does is synchronous and executes exactly like it says in the code. Even interaction with the rest of the OS looks like normal function calls that just execute in a roundabout way.

                                                                                                        1. 8

                                                                                                          Just to add to that, this is not just a very useful model, but it can also be tuned for surprisingly good performance. Just a few days ago, in another comment here, I mentioned QNX as one of the microkernels that figured our very early that building a fast message-passing system involves hooking the message-passing part to the scheduling part. One of the tricks it employed was that (roughly – the terminology isn’t exact and there were exceptions) if a process sent a message to another process and expected an answer, then that other process would be immediately scheduled to run. In a strictly synchronous task model, even a simple scheduler can get surprisingly good performance by leveraging the fact that tasks inherently “know” what they need and when.

                                                                                                          It’s also worth pointing out that this makes the whole system a lot easier to debug. I haven’t used Hubris so I don’t know how far they’ve taken it but one of my pet peeves with most async message-based systems is that literally 90% of the debugging is “why is this task in this state”, as in “who sent that stupid message and why?” If the execution model is strictly synchronous that’s very easy to figure out: you just look at the tasks that are in suspended state and see which one’s trying to talk to yours, and if you look on their stack, you also figure out why.

                                                                                                          It’s probably also worth pointing out that all these things – synchronous execution, tasks defined at compile-time, and (not used by Hubris, but alluded to in another comment) cooperative multitasking are very much common in embedded systems. I’ve worked on systems that were similar in this regard (strictly synchronous, all tasks defined at compile-time) twice so far. It doesn’t map so well to general-purpose execution but this isn’t a general-purpose system :-D.

                                                                                                        2. 2

                                                                                                          I’m not sure why they wrote “preemptive multitasking” there. I’ve read the documentation and briefly looked at the code — tasks are only switched on syscalls and interrupts.

                                                                                                          1. 8

                                                                                                            Isn’t an interrupt-triggered task switch (e.g. on a timer interrupt, say) kind of the definition of preemptive multitasking? If the interrupted task gets stopped and another task starts running on the CPU, the first task has been preempted, no?

                                                                                                            1. 1

                                                                                                              By “interrupts” I meant hardware interrupts that the tasks subscribe to. I guess it still is preemptive but I don’t think they use a timer specifically for preemption.

                                                                                                            2. 4

                                                                                                              “Preemptive” is a term that hasn’t been used in a long time because the thing it replaced, “cooperative multitasking”, is no longer in use. In cooperative multitasking, each program needed to explicitly call some OS-provided function to yield time to other programs. For example, on pre-OS X Macs it was WaitNextEvent().

                                                                                                              1. 10

                                                                                                                Strangely cooperative multitasking is in use, again. Just at the next level up in the stack. We’ve just renamed it to things like “green threads” or “async” or so on, and it’s multi-tasking at the “task inside a process level” instead of “process inside the OS” level.

                                                                                                                1. 2

                                                                                                                  I was just thinking that. As I understand it, JS sagas implemented using generator function*s and yield are basically doing cooperative multitasking within a JS single-threaded execution context, right? And isn’t this similar with generators in other languages?

                                                                                                                  1. 1

                                                                                                                    I’m not familiar with exactly what you mean when you say “saga”, but probably. Async in javascript is, so assuming they make use of that, yes.

                                                                                                                    Generators, in a way, but they’re mostly an even simpler form of control flow than co-operative multi-tasking in that there is no scheduler, just “multiple stacks” (though usually they emulate the extra stacks with compiler magic) which you explicitly switch between. Generator support at the language level is enough to make some pretty ergonomic co-operative multi-tasking libraries though. Rust, for example, does all it’s async stuff on top syntactic sugar on top of generators, using normal libraries with no special support from the language for the scheduling part.

                                                                                                                  2. 1

                                                                                                                    Huh. I guess that’s true. Fascinating!

                                                                                                            1. 73

                                                                                                              I think it is time for a nix tag, since unix is very broad for this article

                                                                                                              1. 4

                                                                                                                It’s been suggested many times hasn’t it? I do hope it’s considered this time round

                                                                                                                1. 3

                                                                                                                  The usual way to make the case for a new tag is to put together a list of existing articles that would fit under it. Feel free! It should be a new meta thread so it doesn’t get missed.

                                                                                                                  1. 11

                                                                                                                    Here is the last year’s suggestion: https://lobste.rs/s/i5fneg/add_tag_for_nix_nixos (there were more articles since then).

                                                                                                                    1. 8
                                                                                                                  1. 3

                                                                                                                    Ooh! Exciting stuff. I hope somebody figures out an open speech-to-text model in the near future, it would be really neat to have a fully open replacement for those corporate microphones.

                                                                                                                    1. 2

                                                                                                                      Ooh! Exciting stuff. I hope somebody figures out an open speech-to-text model in the near future, it would be really neat to have a fully open replacement for those corporate microphones.

                                                                                                                      There’s always Ada/Almond, as outlined in this (very) old release blog entry:

                                                                                                                      https://www.home-assistant.io/blog/2019/11/20/privacy-focused-voice-assistant/

                                                                                                                      1. 2

                                                                                                                        I agree. In general I’m not a big fan of voice controls, don’t really know why. But home automation is perhaps the one place where I find it very useful. Something open would be amazing, not just to maintain control, but the commercial options require a publicly available server (solved with Home Assistant Cloud, but still).

                                                                                                                        1. 1

                                                                                                                          I use kaldi-active-grammar on long days (think coding AND chatting with friends a lot). It works pretty well although I do still have to repeat stuff due to using a model that isn’t trained on this microphone and the microphone being pretty bad. It’s much better in the demo video in that README.

                                                                                                                          1. 1

                                                                                                                            Mozilla speech?

                                                                                                                            1. 1

                                                                                                                              I haven’t used it for years, but Sphinx worked very well for commands (limited grammar / vocabulary, versus dictation needing to recognise all of English).

                                                                                                                              1. 1

                                                                                                                                I think you meant to post this on the Amazon Echo thread?

                                                                                                                                1. 2

                                                                                                                                  No, I’m imagining Home Assistant as the back-end of an open voice assistant someday. Most of what things like the Echo are used for (at least, by me…) is controlling smart devices.

                                                                                                                                  1. 4

                                                                                                                                    I’d bet on talon, it comes with really really good speech models that you can use right now to write code hands-free, or automate your local machine. Automating a whole home should be a trivial step from there (the main issue I think is feedback), with the right scripts

                                                                                                                                    1. 2

                                                                                                                                      Oooh, I get it! Yeah, I’d love to ditch the software and keep the hardware of the Echo devices, so I interpreted it as how you would reuse the hardware with stock Linux, but it’s obvious that one wouldn’t need the hardware. :facepalm:

                                                                                                                                      1. 1

                                                                                                                                        Well, it’s… mathematicians would say “self-evident”. Obvious, but only once you hear it. Easy to miss otherwise. Don’t be too hard on yourself. <3

                                                                                                                                1. 3

                                                                                                                                  Very interesting. That does all sound very worrying for anyone relying on OpenSSL going forward.

                                                                                                                                  It’s frustrating that FIPS mode could be the deal-breaker, I hope they find a way to make that work.

                                                                                                                                  1. 3

                                                                                                                                    Kinda tangential, but is FIPS strictly a US thing? I’ve never heard of it outside of that, but then again I hadn’t heard about FIPS for a very long time in general.

                                                                                                                                    1. 3

                                                                                                                                      Yes, it’s “Federal Information Processing Standards” as in US Federal.

                                                                                                                                      1. 2

                                                                                                                                        My understanding is that FIPS requires some ciphersuites that the LibreSSL project deems weak or insecure and thus won’t include.

                                                                                                                                        I’m not part of the Alpine project, but I wonder how much would be “lost” by declaring Alpine non-FIPS compliant. It would suck for the poor saps required to use FIPS but surely there are alternatives.

                                                                                                                                        1. 10

                                                                                                                                          FIPS also, if I remember correctly, requires that the specific build be certified, so you can’t even just build your own version of OpenSSL and have it FIPS compliant, you need to ship a blob that has gone through the certification process. OpenSSL has some dynamic loading goo that lets you plug in a FIPS-complaint module, it doesn’t provide that module (it did briefly but now it’s purely a third-party thing). My understanding is that ‘FIPS Compliant’ is a synonym for ‘definitely insecure but not my liability when you’re compromised’ but I might be overly cynical.

                                                                                                                                          1. 5

                                                                                                                                            Correct. Here is a summary for it: https://www.openssl.org/docs/fips.html (with a link to the 3.0 version). It’s not so much insecure as “very conservative”. I’m not aware of the certified version being vulnerable and the public API gets updated/fixed with openssl.

                                                                                                                                            1. 1

                                                                                                                                              Thanks for the clarification!

                                                                                                                                        2. 0

                                                                                                                                          That is true and also useless information, because I probably wouldn’t have asked if I hadn’t known what it stands for.

                                                                                                                                          The NIST curves are also “from the US”, so is FIPS 10, and they have leaked into global usage (and the latter is a mess).

                                                                                                                                    1. 2

                                                                                                                                      Oh, this is brilliant. Amazing way to frame the explanation of Inform 7’s virtues. I am personally a huge fan of I7, and I think its success in the years since this was written makes a strong case that there’s something to all this.

                                                                                                                                      1. 2

                                                                                                                                        Oh, wait - the article was written this month. The game was written in 2008. Got it. :)

                                                                                                                                      1. 8

                                                                                                                                        Huh. Cute. I guess spending a single bit of entropy on that is no big deal in terms of overall security.

                                                                                                                                        1. 4

                                                                                                                                          I don’t think they spend any entropy at all.

                                                                                                                                          1. 5

                                                                                                                                            Well they could be adjusting the rate limit to account for these two checks. By some logic that is making the password 1 bit easier to guess.

                                                                                                                                            1. 4

                                                                                                                                              Yeah, most likely they specifically check if the first letter of the submitted password is lower case and try a second attempt to compare against the hash with that first letter capitalised.

                                                                                                                                              1. 1

                                                                                                                                                How would this not result in an effective loss of entropy?

                                                                                                                                                First character alpha is 52 possibilities, or ~6 bits. If it’s case insensitive, 26 characters, ~5 bits, which is half as entropic.

                                                                                                                                                1. 3

                                                                                                                                                  I see two ways to implement this:

                                                                                                                                                  • on registration lowercase/uppercase the first char and store it like this in the database (loss of entropy)
                                                                                                                                                  • on login first try login with the way the user typed it, if it does not work, retry with uppercased/lowercased first character (no loss of entropy in the database)

                                                                                                                                                  Second one is no loss of entropy, because the password in the database can still be uppercase or lowercase (of course hashed). Since the client has to submit the password twice it will go through the same protection that is setup for login security, e.g. slow hashing with PBKDF2.

                                                                                                                                                  1. 1

                                                                                                                                                    Yeah, you’re right. Your second implementation hadn’t occurred to me. I note that it’s the rate limit imposed by the web server which is the main protection in practice; the cost of the hash is only relevant for attackers who have already stolen the hashed passwords.

                                                                                                                                                    1. 1

                                                                                                                                                      “Hash/iterate/some sort of proof of work” to login is an interesting idea.

                                                                                                                                                      Since many passwords are already low entropy, I fear loosing any bits. I remain skeptical, but I also despise passwords in general.

                                                                                                                                                    2. 2

                                                                                                                                                      From what I understand, server only stores and accepts one version of the password. The trick is that client - after unsuccessful login - tries modified version of the password (pretty much like a human might try).

                                                                                                                                                  2. 1

                                                                                                                                                    200% the number of expected passwords work in this scheme.

                                                                                                                                                  1. 21

                                                                                                                                                    I’d like a much smaller version of the web platform, something focused on documents rather than apps. I’m aware of a few projects in that direction but none of them are in quite the design space I’d personally aim for.

                                                                                                                                                    1. 6

                                                                                                                                                      Well, “we” tried that with PDF and it still was infected with featureitis and Acrobat Reader is yet another web browser. Perhaps not unsurprising considering Adobe’s track record, but if you factor in their proprietary extensions (there’s javascript in there, 3D models, there used to be Flash and probably still is somewhere..) it followed the same general trajectory and timeline as the W3C soup. Luckily much of that failed to get traction (tooling, proprietary and web network effect all spoke against it) and thus is still more thought of “as a document”.

                                                                                                                                                      1. 20

                                                                                                                                                        This is another example of “it’s not the tech, it’s the economy, stupid!” The modern web isn’t a adware-infested cesspool because of HTML5, CSS, and JavaScript, it’s a cesspool because (mis)using these tools make people money.

                                                                                                                                                        1. 5

                                                                                                                                                          Yeah exactly, for some examples: Twitter stopped working without JS recently (what I assume must be a purposeful decision). Then I noticed Medium doesn’t – it no longer shows you the whole article without JS. And Reddit has absolutely awful JS that obscures the content.

                                                                                                                                                          All of this was done within the web platform. It could have been good, but they decided to make it bad on purpose. And at least in the case of Reddit, it used to be good!

                                                                                                                                                          Restricting or rewriting the platform doesn’t solve that problem – they are pushing people to use their mobile apps and sign in, etc. They will simply use a different platform.

                                                                                                                                                          (Also note that these platforms somehow make themselves available to crawlers, so I use https://archive.is/, ditto with the NYTimes and so forth. IMO search engines should not jump through special hoops to see this content; conversely, if they make their content visible to search engines, then it’s fair game for readers to see.)

                                                                                                                                                          1. 4

                                                                                                                                                            I’ll put it like this: I expect corporate interests to continue using the most full-featured platforms available, including the web platform as we know it today. After all, those features were mostly created for corporate interests.

                                                                                                                                                            That doesn’t mean everybody else has to build stuff the same way the corps do. I think we can and should aspire for something better - where by better in this case I mean less featureful.

                                                                                                                                                            1. 4

                                                                                                                                                              That doesn’t mean everybody else has to build stuff the same way the corps do. I think we can and should aspire for something better - where by better in this case I mean less featureful.

                                                                                                                                                              The trick here is to make sure people use it for a large value of people. I was pretty interested in Gemini from the beginning and wrote some stuff on the network (including an HN mirror) and I found that pushing back against markup languages, uploads, and some form of in-band signaling (compression etc) ends up creating a narrower community than I’d like. I fully acknowledge this might just be a “me thing” though.

                                                                                                                                                              EDIT: I also think you’ve touched upon something a lot of folks are interested in right now as evidenced by both the conversation here and the interest in Gemini as a whole.

                                                                                                                                                              1. 3

                                                                                                                                                                I appreciate those thoughts, for sure. Thank you.

                                                                                                                                                              2. 2

                                                                                                                                                                That doesn’t mean everybody else has to build stuff the same way the corps do.

                                                                                                                                                                I agree, and you can look at https://www.oilshell.org/ as a demonstration of that (both the site and the software). But all of that is perfectly possible with existing platforms and tools. In fact it’s greatly aided by many old and proven tools (shell, Python) and some new-ish ones (Ninja).

                                                                                                                                                                There is value in rebuilding alternatives to platforms for sure, but it can also be overestimated (e.g. fragmenting ecosystems, diluting efforts, what Jamie Zawinski calls CADT, etc.).


                                                                                                                                                                Similar to my “alternative shell challenges”, I thought of a “document publishing challenge” based on my comment today on a related story:

                                                                                                                                                                The challenge is if the platform can express a widely praised, commercial multimedia document:

                                                                                                                                                                https://ciechanow.ski/gears/

                                                                                                                                                                https://ciechanow.ski/js/gears.js (source code is instructive to look at)

                                                                                                                                                                https://news.ycombinator.com/item?id=22310813 (many appreciative comments)

                                                                                                                                                                1. 2

                                                                                                                                                                  Yeah, there are good reasons this is my answer to “if you could” and not “what are your current projects”. :)

                                                                                                                                                                  I like the idea of that challenge. I don’t actually know whether my ideal platform would make that possible or not, but situating it with respect to the challenge is definitely useful for thinking about it.

                                                                                                                                                                  1. 1

                                                                                                                                                                    Oops, I meant NON-commercial! that was of course the point

                                                                                                                                                                    There is non-commercial content that makes good use of recent features of the web

                                                                                                                                                              3. 4

                                                                                                                                                                Indeed - tech isn’t the blocker to fixing this problem. The tools gets misused from the economic incentives overpowering the ones from the intended use. Sure you can nudge development in a certain direction by providing references, templates, frameworks, documentation, what have you - but whatever replacement needs to also provide enough economic incentives to minimise the appeal of abuse. Worse still, deployed at a tipping point where the value added exceed the inertia and network effect of the current Web.

                                                                                                                                                                1. 2

                                                                                                                                                                  I absolutely believe that the most important part of any effort at improving the situation has to be making the stuff you just said clear to everyone. It’s important to make it explicit from the start that the project’s view is that corporate interests shouldn’t have a say in the direction of development, because the default is that they do.

                                                                                                                                                                  1. 2

                                                                                                                                                                    I think the interests of a corporation should be expressible and considered through some representative, but given the natural advantage an aggregate has in terms of resources, influence, “network effect”, … they should also be subject to scrutiny and transparency that match their relative advantage over other participants. Since that rarely happens, effect instead seem to be that the Pareto Principle sets in and the corporation becomes the authority in ‘appeal to authority’. They can then lean back and cash in with less effort than anyone else. Those points are moot though if the values of the intended tool/project/society aren’t even expressed, agreed upon or enforced.

                                                                                                                                                                    1. 1

                                                                                                                                                                      Yes, I agree with most of that, and the parts I don’t agree with are quite defensible. Well said.

                                                                                                                                                              4. 2

                                                                                                                                                                Yes, I agree. I do think that this is largely a result of PDF being a corporate-driven project rather than a grassroots one. As somebody else said in the side discussion about Gemini, that’s not the only source of feature creep, but I do think it’s the most important factor.

                                                                                                                                                              5. 5

                                                                                                                                                                I’m curious about what direction is that too. I’ve been using and enjoying the gemini protocol and I think it’s fantastic.

                                                                                                                                                                Even the TLS seems great since it would allow some some simple form of client authentication but in a very anonymous way

                                                                                                                                                                1. 7

                                                                                                                                                                  I do like the general idea of Gemini. I’m honestly still trying to put my thoughts together, but I’d like something where it’s guaranteed to be meaningful to interact with it offline, and ideally with an experience that looks, you know… more like 2005 than 1995 in terms of visual complexity, if you see what I mean. I don’t think we have to go all the way back to unformatted text, it just needs to be a stable target. The web as it exists right now seems like it’s on a path to keep growing in technical complexity forever, with no upper bound.

                                                                                                                                                                  1. 9

                                                                                                                                                                    I have some thoughts in this area:

                                                                                                                                                                    • TCP/IP/HTTP is fine (I disagree with Gemini there). It’s HTML/CSS/JS that are impossible to implement on a shoestring.

                                                                                                                                                                    • The web’s core value proposition is documents with inline hyperlinks. Load all resources atomically, without any privacy-leaking dependent loads.

                                                                                                                                                                    • Software delivery should be out of scope. It’s only needed because our computers are too complex to audit, and the programs we install keep exceeding their rights. Let’s solve that problem at the source.

                                                                                                                                                                    I’ve thought about this enough to make a little prototype.

                                                                                                                                                                    1. 5

                                                                                                                                                                      It’s of course totally fine to disagree, but I genuinely believe it will be impossible to ever avoid fingerprinting with HTTP. I’ve seen stuff, not all of which I’m at liberty to talk about. So from a privacy standpoint I am on board with a radically simpler protocol for that layer. TCP and IP are fine, of course.

                                                                                                                                                                      I agree wholeheartedly with your other points.

                                                                                                                                                                      That is a really cool project! Thank you for sharing it!

                                                                                                                                                                      1. 4

                                                                                                                                                                        Sorry, I neglected to expand on that bit. My understanding is that the bits of HTTP that can be used for fingerprinting require client (browser) support. I was implicitly assuming that we’d prune those bits from the browser while we’re reimplementing it from scratch anyway. Does that seem workable? I’m not an expert here.

                                                                                                                                                                        1. 6

                                                                                                                                                                          I’ve been involved with Gemini since the beginning (I wrote the very first Gemini server) and I was at first amazed at just how often people push to add HTTP features back into Gemini. A little feature here, a little feature there, and pretty soon it’s HTTP all over again. Prune all you want, but people will add those features back if it’s at all possible. I’m convinced of that.

                                                                                                                                                                          1. 4

                                                                                                                                                                            So you’re saying that a new protocol didn’t help either? :)

                                                                                                                                                                            1. 4

                                                                                                                                                                              Pretty much. At least Gemini drew a hard line in the sand and not try to prune an existing protocol. But people like their uploads and markup languages.

                                                                                                                                                                              1. 2

                                                                                                                                                                                Huh. I guess the right thing to do, then, is design the header format with attention to minimizing how many distinguishing bits it leaks.

                                                                                                                                                                          2. 1

                                                                                                                                                                            Absolutely. There is nothing very fingerprintable in minimal valid http requests.

                                                                                                                                                                      2. 5

                                                                                                                                                                        , but I’d like something where it’s guaranteed to be meaningful to interact with it offline

                                                                                                                                                                        This is where my interest in store-and-forward networks lie. I find that a lot of the stuff I do on the internet is pull down content (read threads, comments, articles, documentation) and I push content (respond to things, upload content, etc) much less frequently. For that situation (which I realize is fairly particular to me) I find that a store-and-forward network would make offline-first interaction a first-class citizen.

                                                                                                                                                                        I distinguish this from IM (like Matrix, IRC, Discord, etc) which is specifically about near instant interaction.

                                                                                                                                                                        1. 1

                                                                                                                                                                          I agree.

                                                                                                                                                                    2. 2

                                                                                                                                                                      Have you looked at the gemini protocol?

                                                                                                                                                                      1. 2

                                                                                                                                                                        I have, see my other reply.

                                                                                                                                                                    1. 38

                                                                                                                                                                      I would like a CalDav protocol which isn’t tied to WebDav.

                                                                                                                                                                      1. 3

                                                                                                                                                                        Same, now that you mention it.

                                                                                                                                                                        1. 2

                                                                                                                                                                          Please! This would be fantastic!

                                                                                                                                                                          1. 9

                                                                                                                                                                            Not exactly what you’re asking for, but have you seen the JMAP protocol?

                                                                                                                                                                            https://datatracker.ietf.org/doc/html/draft-ietf-jmap-calendars

                                                                                                                                                                          2. 1

                                                                                                                                                                            Without XML and one that everbody complies with too :)

                                                                                                                                                                          1. 4

                                                                                                                                                                            Thanks for posting this! Somebody asked me about termios recently and we lamented, together, that conceptual overview of it is hard to find because it’s old, even though it’s still in use.

                                                                                                                                                                            1. 3

                                                                                                                                                                              The chapter 18 of Stevens’s Advanced Programming in the UNIX® Environment is dedicated to Terminal I/O, or termios.

                                                                                                                                                                              That chapter, followed by chapter 19 (on pseudo terminals), should give one a complete and detailed view on how terminals work on UNIX systems.

                                                                                                                                                                              1. 2

                                                                                                                                                                                termio(7I) may be interesting to look at as well.