1. 20

    The great thing about the Nix (and Guix) package manager is that fact that they unite these two worlds. You can install and configure software globally for your system, but in contrast to traditional “program managers” you can install different versions of the same package simultaneously. But you can also locally fetch development depedendencies, and while most “module managers” can only provide libraries written in their specific programming language, Nix can provide any library, compiler or build tool (or even graphical IDE, web server, database server, …) written in any language within your local development environment.

    [I also later posted this comment below the article]

    1. 7

      When they say “built on the same technologies as other popular chat apps,” what do they mean? The web page mentions “privacy” a lot but doesn’t say anything specific about it. Neither do the GitHub repos’ READMEs, unless I missed something.

      To me, “privacy” means my messages aren’t going to be stored on the admin’s server, given that a lot of the time I’d probably not have any particular trust in said admin or their competence at setting up e.g. a MongoDB server without public access open to the world.

      1. 11

        Looks like its not really private at all. There’s no encryption. Its just self hosted.

        So the privacy they’re talking about is the de facto gains of hosting it yourself or by a person you trust and not a big company like discord or guilded that sells your data

        If a malicious actor was watching your traffic somehow, like over coffeehouse WiFi or w/e then your messages being sent aren’t any less secret or safe. That’s no better than discord is today though.

        If you want encrypted rooms I guess you gotta stick with matrix but what appeals to me about revolt is my friends might actually try it because it feels like discord. Unlike matrix

        1. 11

          That’s no better than discord is today though.

          If I run discord from the browser it’s a https site, so plaintext should not be accessible from the wire.

          I can’t imagine the “native” app works any differently.

          There’s degrees of privacy. A self-hoster will probably not sell traffic/usage data to advertisers, but there’s absolutely not guarantees they won’t snoop on private messages/images. This can happen in a big org like Discord but there’s a higher chance that such behavior is monitored and caught - if nothing else for the massive reputational risk of it being exposed.

          1. 1

            It’s also a practical thing. Matrix per default also doesn’t doesn’t e2e encrypt everything at all, depending on some circumstances, same goes for IRC. And that’s fine, it allows for very performant full text search and sync (which is also certainly eco friendlier). Telegram (the chat program) didn’t win because of its encryption, it won because of its features, usability and speed. And if I look at day to day usage of discord I’m certain you don’t need e2e here, you may tell people upfront that for e2e worthy content they should choose something else than a glorified gaming slack with video + audio and nice icons, but that’s it.

            I’m currently adding some online sync to my own f-droid app, it also won’t have any e2e features. TLS it is, and if you’re distrusting me, you can host your own instance as easy as running some binary on your own VPS.

            1. 6

              Matrix per default also doesn’t e2e encrypt anything

              That’s wrong, Matrix (more specifically Element, the reference client implementation, previously called Riot) has been encrypting private chats by default for over a year now.

              1. 1

                Ok then my work instance simply doesn’t use E2E in their rooms. But we’re using it longer than matrix has e2e and we’ve not adopted it for that.

          2. 3

            Looks like its not really private at all. There’s no encryption. Its just self hosted.

            The roadmap at least does mention E2EE as a possibility in future, s. https://revolt.chat/roadmap#features-4, potentially scroll down to see:

            (draft) 0.6.0: E2EE Chat

            This is the drafted version for e2ee.

            1. 2

              I asked in the beta instance (devs are in there) and it looks like that e2ee roadmap item is for DMs and small group chats, not the discord-like ““servers”” within your instance

          3. 6

            To each their own but IMHO this can be okay depending on the circumstances.

            Example: I hang out a lot in a Slack where there’s ≈2000 persons in #general. So it’s basically as private as Twitter. To me that’s fine – but I would perhaps not tell all the secrets of my heart in that Slack. But having a discussion about Go or Python or whatever is cool with me, I don’t consider those topics private.

            Even if that chat room was end-to-end-encrypted I still would not consider it private. Anyone of those members could copy my messages or take screenshots and spread it to God-knows-where.

            1. 1

              Mostly WebSockets. Which is pretty much a given for any browser-based chat product. But I suppose with Rustaceans that might not be the case, since in theory you could create your own socket protocol and communicate over a Wasm client… :)

            1. 3

              Norway has e-licenses as well, as mentioned in the article. In Norway’s case, the e-license is explicitly not regarded as an ID. Its only use is when you’re stopped during a traffic control. The police has access to the central database themselves, and may thus double check that the e-license is valid before letting you drive further.

              1. 2

                What’s the purpose of such an e-license if it doesn’t prove anything?

                1. 3

                  I guess the government identified the shortcomings listed out in the article and decided they couldn’t make it safe and reliable enough for general use.

                  The motivation behind the e-license was that there is legislation mandating you always having your driver’s license with you when driving. A lot of people find that cumbersome, so they made it digital. Some people doesn’t have wallets any more as they can pay with their phone/watch and the license was the only physical card left.

                  In my opinion, they could have changed the legislation instead, so that it isn’t mandatory to present a license in the first place. It isn’t even a fine/criminal offence for not having it present either. You have to pay a ~$60 administrative fee for the trouble of locating your info on their laptop/tablet. The fee doesn’t show on your criminal record.

              1. 3

                I’m surprised that this is on GitHub. Is there a reason that Gittea isn’t self hosting?

                1. 2

                  They are working on making it possible to move the development to Gitea itself, seems like some features they need are still missing.

                  1. 1

                    I never understood this, when they forked from Gogs it was already a useful and reliable platform, they could have self-hosted from the beginning.

                    1. 1

                      The dual reasons the last time I talked with the devs were 1) not wanting to lose the ease of contributions from being on GitHub, and 2) concerns that Gitea’s code reviews lacked too many features (e.g., line comments). The former I’m very sympathetic to, but at this point, they really need to fix the latter.

                    1. 1

                      I think MySQL is still GPL, doesn’t that mean that FB has to publish their code changes/improvements?

                      1. 5

                        No, because they don’t distribute the software, they only provide a web service to the public. You would need AGPL for this to take effect. And even then I’m not sure if they would have to do it, since users don’t interact with the MySQL servers directly.

                        1. 1

                          Aha! This distinction has never been clear to me, until now.

                      1. 2

                        I would love to see a laptop that featues a minimal ergonomic keyboard, like the Gergoplex. With the Framework Laptop this seems to be much more in reach.

                        1. 7

                          Really? It seems like the Framework focusing on thin aesthetics at the expense of functionality precludes useful features like this (and makes repairability much more difficult than it needs to be!) The MNT Reform explicitly makes it a design goal to allow the keyboard to be swapped out with a more ergonomic design, and the chassis has room for something with decent switches.

                          1. 1

                            Thanks for the tip, yeah seems like it. I’m not that much into laptops at the moment, because I don’t intend to buy one soon.

                        1. 4

                          I’m gradually getting used to the proton tabs, and I like bits of it, like the fact that it will tell you which tabs are playing media etc. But I cannot fathom why they changed the borders of the tabs the way they did – indeed, it destroys the tabs visual metaphor itself, and the way the active tab is rendered looks like a button, which of course does nothing when you click on it because it’s already active.

                          1. 2

                            Before Proton there was an icon in every playing tab. That icon needed no additional vertical space and was very clear, so for me even this point is moot. And I wholeheartedly agree with your point about the border design.

                          1. 1

                            I have a hard time figuring out how to get matrix setup and working. Like what the backend and frontend are and how they work. Am I not understanding what it is?

                            1. 10

                              TL;DR: If you want to try it out, download the Element client and let it walk you through making an account.

                              You’ll have to choose a Matrix homeserver (like an email provider). If you won’t use it that frequently, the free matrix.org homeserver is good but slow. For more serious use, consider a subscription to Element Matrix Services, where they host a homeserver for you. Or you can try to self-host synapse. I wouldn’t.

                              Other homeservers are being developed right now (Conduit is pretty cool). But none are ready for production just yet. And unfortunately the choice of homeserver is still important because your account will be tied to it. In the future, the “multi-homed accounts” feature will make this initial choice less important (hopefully).


                              There are two basic components to understand if you’re just getting into Matrix, and the two components are best understood as an analog to email, which is really the only popular federated protocol today.

                              There’s the Matrix homeserver, which is like your email provider. It’s where the messages and account information are stored. It’s what actually takes care of sending and receiving your messages. It’s where you sign up. Multiple people can have an account on the same homeserver. Synapse is the most popular homeserver right now, it’s developed by the team that founded Matrix, and it’s considered to be slow (Python) and is slated to be replaced.

                              Then there’s Matrix clients. Just like email, Matrix is standardized. You can use any email client to get/send your Gmail, and you can use any Matrix client to get/send Matrix messages. Element is the most popular Matrix client (again made by the team that created Matrix). It’s the most feature-complete by far. It’s written in Electron, so it’s bloated. But it works fairly well.

                              1. 3

                                I wouldn’t.

                                Can you elaborate ? We use a synapse server at work and it works.

                                1. 1

                                  I should have been clearer. I meant that I don’t advise trying to self-host the homeserver at all. Self-hosting anything is a ton of work if done properly. Timely security updates, migrations, frequent (and tested) backups, and reliability all come to mind as things I personally don’t want to have to worry about. Element Matrix Services seems like a good deal for just a few people.

                                  1. 3

                                    But these challanges aren’t at all Synapse-specific, are they? Updates. migrations and proper backups are something you have to do with any server that you self-host. And after running a homeserver for a few years, the only migration I ever had to do is from an older to a newer PostgreSQL version by simply dumping the whole database and reading it back in. All schema migrations are done automatically by Synapse and I never had any problems with that. Hosting a Matrix server with Synapse is so easy if you compare it e.g. to hosting your own email server. And Synapse really is battle-tested because it’s dogfooded at the huge matrix.org homeserver instance.

                                    1. 1

                                      No they’re definitely not specific to Synapse. That was pretty much my point.

                                      And I know Synapse has put a ton of work into being easy to deploy. But I still won’t ever recommend managing infrastructure to anyone. It’s awesome that Synapse makes it as easy as possible for people like us to self-host it, but $5/month is probably well worth the lack of headache for most people.

                                2. 2

                                  As far as I can tell, none of the homeserver implementations are ready for self-hosting – unless you disable federation, and then what’s the point?

                                  1. 3

                                    I’m not sure where you’re getting that impression. I’m hosting two different Synapse instances myself. I just update them when new releases come out; it’s been relatively painless.

                                    1. 1

                                      Can you please give a reason why you don’t think Synapse is ready for self-hosting? I’ve been doing it for years with enabled federation and I never had any serious problems.

                                      1. 1

                                        Sure. I’ve heard again and again that if you enable federation on Synapse and someone joins a large room, the server bogs down and starts chewing through resources. Has that changed?

                                        Also note that I’d be running it on an old laptop or a raspberry pi, just like I would run any chat server – IRC, Jabber, etc.

                                  2. 1

                                    .. I mean, probably? What exactly are you struggling with?

                                    1. 2

                                      Uh oh, now I feel even dumber. The main website has information about something called Synapse and there is “element” which is a frontend I believe, but how do you install a matrix server and start using it?

                                      1. 13

                                        My attempt at clarification:

                                        • Matrix is a protocol for a federated database, currently primarily used for chat
                                        • Synapse is the reference home server (dendrite, conduit, construct etc. are other alternatives)
                                        • Element is the reference client (there are versions of element for the web (electron), android and ios)
                                        • A user account is (currently) local to a home server
                                        • A chat room is federated and not located on a specific home server. The state is shared across home servers of all users that have joined the room.
                                        • There are P2P tests where the client and home server are bundled together on e.g. a mobile phone
                                        • Spaces are a way to organize rooms. Spaces are just a special case of a room and can include other rooms and spaces.
                                        1. 4

                                          Thank you! That clarifies a lot. I was stuck thinking Matrix is the server. So, Matrix is a protocol for a federated database, that’s very interesting and cool.

                                          1. 1

                                            Is it legitimate for me, as a user rather than someone who’s interested in the infrastructure, to just think of Matrix being like a finer-grained version of IRC, where instead of (mainly) a few big networks there are more smaller networks and instead of joining e.g. #linux on freenode, I’d join e.g. #linux:somewhere …

                                            Would I now discover ‘rooms’ by starting from a project’s website, for example, rather than just joining some set of federated servers and looking for rooms with appropriate names?

                                            I just searched for ‘linux room matrix’ and the top hit was an Arch Linux room #archlinux:archlinux.org

                                            (I don’t really want to join a general Linux room - just using it as an example)

                                            1. 3

                                              Well, generally NO. Most all matrix home servers are all joined together via the federated protocol. So if you join #archlinux:archlinux.org on homeserver A, and your BFF uses homeserver B, you will still see each other and communicate with each other in that room like if you were both on homeserver A.

                                              One COULD create a non-federated home server, but that’s not the typical use case, and the reasons to do so would be odd. If you are doing for example a chat server for internal chat @ $WORK, using Matrix is probably a terrible idea. Zulip, Mattermost, etc are all better solutions for that use-case.

                                              1. 2

                                                Discovering rooms is currently a bit problematic, as room directories are per server. But a client can query room directories from any server (that allows public queries). Spaces will probably help a lot with room discovery, as they can form deep hierarchies.

                                            2. 8

                                              I did a video to try to explain it last year (which i should update, but it’s still usable, even if it calls Element by its old name of Riot): https://www.youtube.com/watch?v=dDddKmdLEdg

                                              1. 3

                                                I recommend starting off by just creating an account at app.element.io and using the default homeserver so you don’t have to host anything youself

                                                1. 2

                                                  Synapse is a server implementation and Element is one of the clients.

                                                  Installing Synapse: https://matrix.org/docs/guides/installing-synapse

                                                  1. 1

                                                    Uh oh, now I feel even dumber.

                                                    Don’t. The Matrix project is pretty terrible at both naming and the new user experience.

                                                    1. 2

                                                      Not trying to hate on them or anything. @ptman ‘s comment above really helped.

                                                      1. 1

                                                        Yeah, I wish them every success - but what I guess I’ll call the introductory surface of the system is fairly painful.

                                              1. 4

                                                Resisting the urge to rewrite my blog with Next.js

                                                Trying to find a good way to use my computers without my hands (occupied by baby) e.g. scrolling, focusing, writing

                                                (Maybe) creating a Hacker News comment graph (with comments linking to other comments counted as links) as a Roam Research(-esque) database

                                                1. 6

                                                  Do it. It’s worth experimenting with stuff. I’ve rewritten my blog site 4 times and I’ve learned so much each time.

                                                  1. 3

                                                    A foot pedal actually sounds perfect for such a scenario, maybe combined with eye tracking!

                                                    1. 2

                                                      I rewrote my website in Next.js and it was worth it

                                                      1. 1

                                                        Perhaps you are already aware of this, but did you look into baby slings? They can be very comforting for your child and they free your hands.

                                                      1. 2

                                                        I hope that more alternatives (not coming from riot) libraries/clients with pop-up (see for example https://invent.kde.org/network/neochat and https://github.com/quotient-im/libQuotient). I kinda don’t trust Riot guys.

                                                        1. 1

                                                          Riot is called Element now and there are a few solid alternatives presented in the post :)

                                                          1. 1

                                                            I still don’t see one that works on Linux and Windows. :/

                                                        1. 1

                                                          Great to see how many awesome things were archieved this year \o/ Looking forward to all the things coming in 2021 :)

                                                          1. 4

                                                            I worked a lot with PHP in the 5.6 era and it was often pretty painful because of all the warts and stupid language design decisions. And they never got fixed because of backward compatibility. That’s why I’m happy to see that the list of breaking changes is very long, they addressed quite a few long-standing problems with these release. This change especially caught my eye:

                                                            Nested ternaries now require explicit parentheses.

                                                            They got the associativity of the ternary operator wrong before. Always requiring parentheses is a clever way to fix this problem without unknowingly breaking old code :)

                                                            1. 30

                                                              Therefore, if after reading this post, you independently rediscover the algorithms presented here, that’s ok, but you must still license your “independent rediscovery” under the Gnu GPL-2.0 license, and cite the sources (for instance this post).

                                                              This sounds legally void to me. GPL covers code, not algorithms. Algorithms aren’t copyrightable anywhere, and patentable only in some countries.

                                                              1. 4

                                                                It was even stranger this morning.

                                                                Warning about licenses

                                                                This blog post contains documentation about Pijul. Pijul is licensed under the Gnu GPL-2.0 or any later version at your convenience.

                                                                Therefore, if after reading this post, you independently rediscover the algorithms presented here, that’s ok, but you must still license your “independent rediscovery” under the Gnu GPL-2.0 license, and cite the sources (for instance this post). This also applies if that rediscovery happens in the future, including in zero, one or more years.

                                                                1. 3

                                                                  Seems this has been removed?

                                                                  1. 1

                                                                    That depends on the meaning of derived works. The algorithm is not described there independently of the code, it’s hosted on the same website, as documentation of the code.

                                                                    But nobody forces you to read that post.

                                                                    1. 10

                                                                      The GPL is only about code as @dmbaturin said. The blogpost itself is on GFDL which do not prevent me from reading article and implementing the same algorithms. AFAIK this wouldn’t be considered as a derivative work in any jurisdiction that I am aware of. So for me it also sounds void.

                                                                      1. 3

                                                                        I would personally tend to agree with @dmbaturin on this one, although I am far from being a legal expert and in any circumstances, the final world would be to the potential court that would review the case.

                                                                        Licensing is hard @_@

                                                                      2. 1

                                                                        While I agree with you as far as us law goes, are we really sure that the same is true about every countries copyright law?

                                                                        I think I’ll just stay away from this one.

                                                                        1. 1

                                                                          There’s a dispute in the European legal sciences about the copyrightability of algorithms, but indeed, most people here agree that algorithms are not copyrightable. Those who do not, usually also think that code and algorithm is the same. For those without any background in IT, this difference is difficult to grasp.

                                                                          (I studied Law in Germany)

                                                                        1. 1

                                                                          The logo reminds me of the Greendale Community College flag.

                                                                          1. 3

                                                                            E pluribus Anu?

                                                                          1. 1

                                                                            One thing I want to continue doing this weeking is cleaning up my home. Reading “The Life-Changing Magic of Tidying Up” by Marie Kondo really gave me a new perspective on what I want my home to be, what things are important to me and how much of the stuff I own just clutters my life that should be discarded. I sincerly recommend this book (and the Netflix series) to anyone who, just like me, struggles with cleaning up and discarding stuff.

                                                                            1. 1

                                                                              Thanks for the rec. I think I will give it a try.

                                                                            1. 5

                                                                              This reminds me of the year-long issues Scala had with its range type(s) (which also tried to do way too much).

                                                                              Though

                                                                              Range::is_empty() could be written naturally instead of a a bizarre way just for NaNs

                                                                              seems to be more of an issue with Rust’s not-that-good Eq/Ord hierarchies that they lifted from Haskell (where it was already an issue).

                                                                              1. 2

                                                                                Can you give me a pointer to the problems of the Eq/Ord hierarachy in Haskell?

                                                                                1. 6

                                                                                  You basically have two different notions: A machine-level one based on identity of bit patterns, and one of a user-defined, domain-specific equality.

                                                                                  In most cases, it doesn’t matter because they are one and the same – e. g. for integers

                                                                                  But for things like floating point numbers, it really hurts. E. g. in languages like Rust and Haskell, you can’t check whether some data structure contains a NaN, or whether it really has 0.0, not the “sufficiently similar” -0.0.

                                                                                  This is because they put “partial” and “total” operations into a hierarchy, which means that if your “total operation” is not behaviorally a sub type of the “partial” operation, language designers decided that you simply don’t get to use the total one at all.

                                                                                  The problem is solved fairly easy though – simply use different types for different things.

                                                                                  I went with Equals/Identity and Comparable/Sortable (because “partial” vs. “total” is really not that interesting in describing the operations), and it works so exceedingly well that it’s painful to watch other languages getting it wrong.

                                                                              1. 1

                                                                                This is a good method and a great formal description of it. I like to do this informally in Haskell when there are many different cases to consider. Just match over a tuple of all inputs and write down all the different constructor combinations. You know that you don’t miss anything and you normally see simplifications pretty fast.

                                                                                1. 2

                                                                                  I was surprised when I discovered that terminusdb-server is completely written in Prolog. This is a super interesting project that I have to look into soon.

                                                                                  1. 1

                                                                                    Why would you represent lists as hash-maps? I’m getting PHP flashbacks 😱

                                                                                    1. 3

                                                                                      What’s the problem?

                                                                                      1. 2

                                                                                        Some drawbacks of using hash maps versus actual arrays:

                                                                                        • Lookups are slower, and likely not constant time (IIRC it’s usually more like O(log n))
                                                                                        • They need more memory
                                                                                        • Less cache-friendly
                                                                                        • Iterating them is less efficient compared to an array, as memory is not in a contiguous order. In my own experiments I found that iterating a Rust hash map is about 50 times slower compared to iterating a vector
                                                                                        • Insertions are slower if there are collisions
                                                                                        1. 3

                                                                                          The implementation of the language can decide to use arrays if it notices that your keys are a contiguous set of integers starting from some small integer. This is what Lua does for example. So that removes all of the implementation-dependent disadvantages you are talking about.

                                                                                          On the other hand, on the interface / usage side, it does make it so if you eg. want to remove an element and shift all the others down, you need to explicitly say that you want array / list behavior vs. map behavior.

                                                                                          1. 4

                                                                                            Yeah, I remember from reading one of the Lua papers that the runtime does a bunch of clever things to optimize for tables being used as arrays. What I didn’t get was why this is better than simply having actual arrays in the language, and removing the need for the clever runtime code.

                                                                                    1. 2

                                                                                      I’m currently on a very similar endeavor and we had a great discussion here on lobste.rs about that a few months ago with many good hints and prior work. I sent a somewhat longer email to the author’s public inbox with my current perpective on things in case anyone is interested.