-
Open plan offices are great. That is, it’s terrible to work in them, but it helps you identify clueless and/or toxic management/companies. If any given company has an open plan office, you know not to work there.
-
-
Oracle’s real goal is to increase support revenue. The majority of companies will have little choice but to use the LTS releases, and since the free support between LTS releases no longer overlaps, they’ll have to buy support.
-
zpojqwfejwfhiunz
1 month ago
|
link
| on:
The open-plan office is a terrible, horrible, no good, very bad idea
The yet-another open-plan office blog post is a terrible, horrible, no good, very bad idea.
-
-
-
Yeah, is anyone ever arguing for those things? I don’t mind the one at my office, but we’re also a very small office with an average of six employees in it. I might like it better if we were even more isolated, but except for my coworkers’ typing, I hardly ever hear anything at all.
-
-
-
Modern software development is extremely fad-driven these days.
It sucks.
-
zge
edited
5 months ago
|
link
| on:
Facebook scraped call, text message data for years from Android phones
PeopleThe Media have been acting very suprised about all the news around Facebook which has been popping up for the last few weeks.But frankly, I find exactly
these reactionsthe coverage far more surprising.I mean, didn’t everyone already kind of know that this has been going on if you use Facebook?People don’t have to be told that something unusual is going on. Just look at their app permissions (or their business model). What probablyshocksirritates most people is the facts that they can’t go on telling themselves that everything is fine.Edit: I would like to clarify – my issue isn’t who knew what and who didn’t. I am talking about the popular reaction and the narrative in which tese events are being placed, which I belive to be wrong.
I don’t understand why people see this as trolling?-
I see this sort of comment a lot, and I think it’s wrong headed and counterproductive:
-
There’s a difference between a general believe that Facebook doesn’t respect your privacy and a very specific “they collected this data, unnecessarily and stored it in perpetuity”
-
Chastising people for not having been aware in the past doesn’t encourage them to be more proactive in the future, it pushes them to just stop caring entirely. If you want people to be more upset and take action, use this opportunity to push them forwards, not lecture them for having been late to the party.
-
I’m not blaming Facebook users or trying to act as if I were superior. I mean, I use WhatsApp on a (far too) regular basis, and have a pretty good feeling that it is going on there too And I understand why they are using it.
But in the end, what else were they supposed to be doing with the data? The people I am “concerned” with are those who are talking about this the most, acting as if nobody would have guessed that this could be happening in a million years. If anything, this seems to be the harmful thing to do, since it seems to neglect that Facebook isn’t doing this because they are evil or something, but anyone, any social network with a similar history, size and system of operation, would have to do the same. The crime is intrinsic in the form.
-
Personally, I don’t know specifically what Facebook or other companies are doing. However, I know that they are in the business of data collection so this is not shocking. What they do specifically depends on what they are able to do technically.*
If they were doing something outside their scope of business, like raise a great old one from the void, then I might be shocked.
** That something might be technically feasible might be shocking, but that’s another story.
E.g., “Facebook scraped call data from Android” vs. “Android leaks call data to third party apps.”
-
That is kind of what I am trying to say. It isn’t supprising, and this fact should be emphasized. Sadly, @alex_gaynor misunderstood me a bit, in that I want people to understand why this shouldn’t be surprising. It is their buisness model, and no matter who or what, something along these lines happening will have ultimately unavoidable.
What they do specifically depends on what they are able to do technically
And what they have to do as a business to always be a step ahead of their competition! And again, this isn’t anyones individual responsibility, just as nobody is to blame when a player is ahead in Mensch ärgere Dich nicht and others loose.
-
-
-
-
Maybe a bit snarky, but let me draw some parallels with this take:
“The Big Bang? Why are you interested in it now? It happened 13 billion years ago. It obviously happened, otherwise we wouldn’t be here at all. Why study it? Pretty much everybody knows about cosmology. Add some fundamental laws and, well the current state of the universe naturally follows.”
The point is: not even close to the number of people you think knew knew. Those who knew didn’t know details. Those who had some details didn’t have certainty. Those who knew, had details and certainty didn’t reach large enough numbers to have a public debate about this issue.
-
People see it as trolling because no one can be certain over the internet if anyone is actually surprised or not. A lot of people feign surprise to puff themselves up. An obnoxiously obvious version of this would be “Not only did I know about this breaking news before everyone else, I was so certain of it that I believed it was universal knowledge! I’m shocked, shocked that people did not understand this as well as me, a genius.” You didn’t write like this, but feigning surprise is common enough that any expression of surprise is received very skeptically.
-
Ok, I understand that, but I hope I clarified my position in my other responses. Looking back at my original phrasing, I understand the possibility for misunderstanding. “Media coverage” might have been a better word to use instead of “reactions”, which could be understood to be too general.
-
-
-
The network effects are so strong that competition is, for all intents and purposes, impossible. Google Plus is the canonical case study here, though I’m sure there’s an entire graveyard full of them. Facebook’s value is that it has all the people on it, and any competitor will by definition start without any people, which gives it no value proposition to pull people off Facebook.
-
Unfortunately it’s still the most viable platform for certain things. I use Facebook almost exclusively to buy and sell event tickets at the last minute. In the past 2 years I have bought tickets from the actual ticket vendor for only 2 out of 20+ shows. Facebook provides a web of trust that no other platform can match. I would hesitate to buy a ticket from “edmfan1337,” but some random person with years of photos, a job, a school, and hundreds of friends is way more trustworthy. Often I’ll even have a mutual friend or two for events that are local. I’d love if there were some other platform equally viable, but I am not really interested in technical solutions involving third party guarantees or other “secure” systems. It’s better to deal with real people who can come to agreements and make compromises.
-
-
I think there’s something far more sinister going on here. We don’t really have free media in today’s world. It looks free, but there are only a few major players and a lot of major advertisers controlling those outlets. At work we have a CNN feed in the entry way. 90% of the time the word Trump is on the screen. It’s all Trump all the time. Unlike 1984 with its 2 minute hate, for several decades we’ve been living in a 24/7 hate.
These types of stories are designed to keep us scared or to put the population down a certain path. I have a feeling Zuckerberg pissed off someone recently. Maybe it’s someone in the 1% trying to put him in his place after he talked about running for President. Maybe he pissed off some board members at Google. It doesn’t take much. Someone with the means just needs to get one or two publications to start down the path and soon the rest of the media follows because it’s what people want and it sells.
-
I don’t believe in sinister masterminds controlling things from behind the scenes. And the usage of the word “media” retrospectively didn’t help much to clarify what I intended to say. Maybe “popular discourse” would have been better?
Regarding the points you brought up, I just believe that Trump is a easy to report topic that a lot of people (in some perverse sense) enjoy to hear about. And why should a media network not talk about it, if there’s a “marketplace of attention”? And also, one should avoid falling into cognitive biases. Trump get’s mentioned a lot, one the one hand because his policies are controversial, but also because he is the president of the USA… It’s not like Obama or Bush were minor political actors. And a “1%” is really a void term. It means nothing, and just gives space for ones own imagination. Some things just happen, randomly, and there isn’t a overarching narrative one can coherently place it in.
-
-
-
And, of course, this means Java 9 is already end of life. No more updates. Not even security updates.
-
Wow, I didn’t realise this. I can see Oracle has documented it though. And Java 10 (18.3) is only supported until September 2018:
** Java SE 9 will be a short term release, and users should immediately transition to the next release (18.3) when available.
*** Oracle has proposed a new version scheme for Oracle based builds (YY.M) starting in March, 2018. Java SE 10 (18.3) will be a short term release and users should transition to the next release when available.
-
-
Hail_Spacecake
6 months ago
|
link
| on:
X's network transparency has wound up mostly being a failure
Yeah, it did. And that’s unfortunate, because the ability to interact with a remote computer graphically as easily as you can with ssh would have been very useful. “Most people only ever interact with remote machines with either text mode SSH or a browser talking to a web server on the remote machine.” says the article, and indeed a web browser talking to a server on the remote machine is basically how one interacts with a remote computer graphically nowadays. This is wildly popular, of course, but is it the best possible world? Probably not.
-
-
Teckla
7 months ago
|
link
| on:
Google Chrome and Mozilla Firefox are bringing back the browser wars
I recently switched from Chrome to Firefox, due to some annoyances and problems I’ve been encountering in Chrome. For example, the entire Chrome UI goes unresponsive frequently when I use the IRCCloud web application. And Chrome is woefully behind when it comes to stopping autoplay videos from playing. This should have been built-in functionality for a long time now - there’s just no excuse for it not being there. And using Ctrl+click to put individual Google Hangouts conversations into their own tabs is now causing problems too (after a while, the tab goes blank!). This is a brand new problem I’m seeing in Chrome 64.
Not sure what’s happening with the Chrome team. They seem to have lost their mojo.
The Firefox UI is now nice and smooth. And Firefox is fast. I can no longer perceive any performance differences between Chrome and Firefox. I think the two browsers are on par again – and I would even give Firefox the edge at the moment.
-
-
Can’t say that’s been my experience, sadly. I switched from Chrome to Firefox and was having a blast with Quantum, I never thought web pages could load that quickly! But the UI was still clunky and the whole browser froze several times while using it with more intensive apps (and it really makes me wonder what went wrong when with several web tools open the one to really bring my computer to its knees is Slack, an IM app).
I know a friend that’s using it and he’s not having my issues, wonder if it’s Windows (since he uses macOS), the fact that my PC is older (Thinkpad T430 vs MBP 2017) but Chrome just never skips a beat, even when the website is under heavy load, while Firefox just gives up when any of the pages get a little busy (this includes mundane tasks like opening and browsing the inspector).
I really think Mozilla is on the right track for once and I hope for the best to them, I just hope they don’t get blinded by trying to ace every benchmark and think of the overall experience more, otherwise they’ll end up doing the same things we hate Chrome for (like breaking the web)
-
-
Teckla
8 months ago
|
link
| on:
Lobste.rs scrolls up slightly whenever I type a character in a "reply" box. Anyone else have this?
I have trouble with lobste.rs in portrait mode on iOS. Can never seem to touch and hold the comments link, in order to open the comments in a new tab.
-
Teckla
9 months ago
|
link
| on:
[Post Mortem]: I thought I could ship at least 700 units to stay in business
I feel bad saying this (I really do), but I can’t help shake the feeling that the true motive of the author was to market his game via this story.
The world is filled to overflowing with failed business ventures. I’m not sure this one is particularly different or insightful or noteworthy.
-
I actually found this perspective pretty interesting – the bar for success seemed really low. 300 sales to survive, 700 to stay in business? That’s what, between $1500 and $3500 after Steam’s cut and before taxes? In that light it’s actually kind of depressing how hard it is to even make a splash.
-
the bar for success seemed really low. 300 sales to survive, 700 to stay in business?
For a single-person business that seems reasonable. Compare with the “Manabi line”.
In that light it’s actually kind of depressing how hard it is to even make a splash.
There are just so many games out there though. Average sales are always going to equal number of users * number of games per user / number of games on sale. And there are so many people who want to make games.
-
-
As I talked about above, I do think it’s worth talking about these kinds of situations. There are a lot of young people interested in games who would love to get into game development, there are a lot of colleges advertising their game-making programs and talking about how it’s such a great and fun career, and there’s a lot of attention given to the successful stories in indie development. Failure stories like these get told a lot less often, even though they’re likely the more typical scenario. If we don’t talk about them, we don’t give the people considering doing indie game development a clear picture of the risk involved.
As for the marketing aspect, I can’t say whether that was his primary motive, but well, hey, I’m sure it doesn’t hurt.
-
-
Teckla
10 months ago
|
link
| on:
Try quickly typing 1 + 2 + 3 into the iOS 11 Calculator. I bet you won't get 6
On iOS 11 and can confirm there’s a serious bug — I would guess it’s a multi-thread synchronization issue.
Seems like a pretty serious bug for a calculator to have! Everyone should definitely avoid the iOS 11 calculator until this is fixed.
-
It’s nothing so complicated. A UI element that’s animating (transitioning) can be configured to ignore further input until it’s done. The plus animation is long, and (probably oversight) ignores input until it’s done glowing. There’s no race, or lock up, or lag, or any of a dozen other explanations. The behavior is entirely deterministic, based solely on whether you tap + while glowing or not. (Still a stupid bug, but the fix is just changing a bit to allow more taps while animating.)
-
-
-
As a Java programmer, it frightens me how much companies depend on pulling hundreds of third party jars into their Java projects to speed up development. It’s pretty much a guarantee that at any given time a dozen of them have serious security flaws…
And if anyone thinks only Equifax has such lax and incompetent security, they’re crazy. The state of computer security in 2017 is astonishingly bad.
-
The solution to this is having scripts that continually go through your projects and show you outdated jars. It should be part of the CI. Trouble is you don’t often know if a jar update is security related or not like with traditional package management. But still on production projects, you really shouldn’t let your dependencies rot either.
-
I mean, the alternative is to write the code and security holes yourself. You’ll have the same security issues either way :P
-
The problem is that bundling dependencies prevents them from being updated in a timely fasion (ie, as part of system updates). Nobody’s saying third-party code is bad.
-
-
-
I’ve marveled at this very phenomenon for some time now – my operating system seemingly deciding to give me – the interactive user that purchased the hardware and operating system – seemingly less priority than things running in the background. An astonishing thing in 2017.
The author did an amazing job of troubleshooting this. Let’s hope Microsoft comes up with a patch soon – and learns a larger lesson about not causing serious performance regressions in their software. (Hey, one can dream…)
-
-
Is there any research about why users switch browsers? I think that reversing the trend for Firefox has two components (that should be considered separately for desktop and mobile):
- Why are users abandoning Firefox?
- What would make users switch to Firefox from another browser?
A quick search didn’t return anything meaningful so I’m curious whether you’re aware of any research in this area.
-
Speaking just for myself – thus this is just an anecdote – but I switched from Firefox to Chrome years ago because the Firefox UI would often become unresponsive for several seconds, which drove me crazy. Also, because of the (perhaps mistaken) perception that Chrome was more secure.
That being said, I recently switched back to Firefox at work, and it seems like they’ve fixed a lot of the UI latency issues in Firefox.
-
With Electrolysis most of these features should have been fixed. You can also turn on multiple content processes somewhere in the settings which means that one slow site won’t slow down all your tabs.
-
-
-
I have piped up on this subject before and can speak only for myself, but here goes:
Firefox annoys the shit out of me at times. It slows down randomly. Sometimes, after a restart, it forgets I use two windows. It updates so often I don’t know which issue goes with which version, so I give up caring. Sometimes it corrupts its sessions.
Then I look at the competition. No multi-row tabs. No tab groups, lile the FF add-on I like. The Community(tm) gently points me to sub-par alternatives like lists or tree views. Good for you, if that works for you. Not my thing.
I half-way upgraded to Debian Stretch. I know you shouldn’t do that, things break between distro versions. Naturally some dependency unknown to me broke Mozilla’s build. So I tried the ESR build and it was slow. Like a retarded sloth doped on ketamine and stuck in tar.
So I concluded the experiment by upgrading everything. Firefox is usually fast enough, again.
I also learned to live with the various backup methods.
The reason I care about this? I use tabs in tab groups a bit like bookmarks, so I can switch contexts by switching all tabs depending on what I feel like doing.
I estimate there are roughly zero people on the planet who do this like I do.
I also estimate there are less than five people who’d be convinced by a demo of the addons, but they’d have neither the patience nor desire to be convinced.
-
-
-
-
If all goes well, the first Servo-based components should be in Firefox by the end of the year. Not all of Servo, just bits of it (currently it’s the style system and rendering stack)
-
-
for desktop usage on linux, first it was lacking flash when it was common, then it was problems with H264 (which is patented), then EME/DRM, and now there’s still issues with netflix filtering it based on browser ID.
looking at windows machines, it took longer to adopt auto updates. users who installed firefox before auto updates and when chrome did update are possibly comparing firefox 20 to the latest chrome. they’re unaware it’s much better if updated.
the big numbers come from mobile. your phone already comes with a browser, and it’s never firefox. why would you get another (assuming you can)?
-
I have a modernish computer with SSD and 16 GB of RAM, every year or so I try to Firefox but it is sluggish with 2 windows with 50-80 tabs each or so (yes I’m a hoarder and probably in the 99 percentile for tabs, but I just can’t find anything that can cope with my usage except Opera, Chrome and Chromium).
-
dark_grimoire
1 year ago
|
link
| on:
Do I need swap space if I have more than enough amount of RAM?
Why is this debatable? What is the benefit of NOT having swap space? It’s better to have a cheap but reliable safety net, than not having it. It’s orders of magnitude cheaper to have 16GB of RAM and create 16GB of swap space if you know that sometimes you will get allocations for like 20GB of memory, than buying another 16GB of RAM and make them sit unused most of the time.
-
The benefit of not having swap is that if you hit swap with any force, you will have to hard reboot the machine. Without swap, you might have to reboot the machine depending on which process gets the short end of the OOM killer/failed malloc stick and, in the latter case, what it does with it.
-
Good question. I’m guessing some people may think there system will be faster if they don’t have swap (if it’s not there, it can’t be used!). But those are perhaps the same people who -O6 and unroll their loops… In the early days of SSDs there was the argument that paging could cause premature SSD death but those days are long behind us.
Of course, without swap most systems can’t write a crash dump. Perhaps not that relevant for most loop unrollers…
-
Years ago I had a work machine on which I’d minimize Eclipse, do something in another window for a minute or two, then come back to Eclipse. It took a painfully long time for it to restore as the hard drive thrashed.
I turned off swap, and it was like getting a new computer. The workflow above took milliseconds instead of 15, 20, 30+ seconds. It was a huge win.
So sometimes turning off swap really is a big win.
-
-
-
-
I find it super hard to disagree with these arguments (and all of the others that came before it), but simply can’t make peace with the idea that everyone should just abandon C in favor of languages like Rust, D, or even Go for that matter. These languages are far more complicated than C. Admittedly, the complication comes with enhanced expressivity, which can (but not always) be a win.
I’d much prefer the effort be spent on safer dialects of C, like say Cyclone, where there’s a chance that the trillions of lines of C can actually be made safe with fewer changes than via a complete rewrite. I’ll let someone more knowledgeable than me speak to the possibility of this.
-
I’ve admittedly never used Cyclone, but it looks similar in complexity to Rust: one of Cyclone’s big additions is region analysis including explicit lifetimes, which look pretty close to Rust’s lifetimes. I imagine this would also make retrofitting C codebases into Cyclone difficult since a lot of code would need to be fixed to be verifiably lifetime-correct.
Also I’ll point out that the Cyclone front page mentions it’s unsupported, and points interested readers towards Rust.
-
-
-
-
Depending on the exact requirements, you could spin up a lightweight embedded web server, and open the system default web browser navigated to the embedded web server.
-
Maybe this password strength checker might help?
-
I have my doubts – some serious concerns, actually – about the value of that password checker.
I put in five words, randomly chosen from a dictionary, with spaces between them. It generated a very mediocre score: 56%. I was under the (possibly mistaken?) impression that randomly selecting five words from a dictionary would be an excellent password. (Corrections welcome.)
In addition, I wouldn’t want anyone to be encouraged to enter any of their real passwords on a web site like this, as it could very well use that information maliciously. I’m not saying this particular web site does this, but I don’t think putting passwords into “password checker” web sites is something we generally want to encourage people to do.
-
How big was your dictionary? It’s actually fairly easy to compute how many passwords a given generation scheme can produce.
For example, my
/usr/share/dict/wordshas 99,171 words in it. Picking five at random (without replacement) withcat /usr/share/dict/words|sort -R|head -n 5|tr $'\n' ' 'allows for (99,171 choose 5) different passwords, which is 79,927,903,812,879,014,029,704, or about 76 bits or 13 case-sensitive alphanumeric characters. (Choosing with replacement makes for a significantly easier to calculate but only marginally bigger 83 bits/14 characters.)I generated a couple of 13-character alphanumeric passwords and got an average score between 80 and 90, and a couple of five-word passphrases, which mostly got 100, so that seems in line to me. However, it heavily penalizes passphrases that consist entirely of lowercase letters and space, and my dictionary has lots of proper nouns and possessives. Filtering those, the passphrase scores were much worse—50-60-ish. (Interestingly, a 5-word passphrase generated from this shorter dictionary—66,005 words—is still worth a 12-character password. This is why experts advise you to concentrate on length over alphabet/dictionary size.)
So it’s safe to say this checker isn’t consistent with the actual amount of entropy in a given password. But it looks like it’s trying to penalize the sorts of habits that result in bad passwords, even if that results in a very skewed “good” password space. It’s much more important to it that “password1” get a bad score than that “signals constriction punchy rejoinders titanic” get a good one. I’m not sure it’s biased in the best way (“signals constriction etc.” is far more likely to be remembered and used than the otherwise-equivalent “8inHpcw47jUdD”), and I don’t think I’d recommend it for that reason, but the premise is probably sound.
-
Well, let’s do the math. According to a quick search there are about 171,476 words in current usage–that’s about 2^17.387647.
So, assuming that you pick each word at random and allow duplicates, getting your password is:
P(5word_pass) = 1/171476 * 1/171476 * 1/171476 * 1/171476 * 1/171476 P(5word_pass) = ( 2^-17.387647 ) ^ 5 P(5word_pass) = ( 2^-86.938235 )So, we’ll setup the same trick using uppercase letters (26), lowecase letters (26), digits (10), and other characters (33). So, at random, we can choose a character from those sets, and that’s a 1/95 chance of any particular character being picked.
Let’s see how many characters we need to match the 5-word password!
P(5word_pass) = ( 2^-86.938235 ) ( 2^-86.938235 ) = (1/95)^N ( 2^-86.938235 ) = (2^- 6.569856)^N ( 2^-86.938235 ) = 2^(- 6.569856N) -86.938235 = -6.569856N N = 13.232898And to double check:
(1/95) ^ 13.232989 = 6.7422567e-27 2^(-86.948235) = 6.7422567e-27So, it looks like you’d have to use about 14 characters from that class defined above to get the same strength as 5 dictionary words.
-
Intriguing that 5 random words be roughly equivalent to a 14 character password. The space of 5 word memorable phrases that most people will choose is going to be quite small in practice so for my family I need to reinforce the idea that they should choose random words, e.g. by flipping through a book.
Of course, the search space become much bigger if they also include proper nouns.
-
-
That’s why it’s called “diceware” ;) The EFF recently created a list of words to use for creating passwords like this, and then you use dice to pick a word for you.
we recommend a generating a six-word passphrase with this list, for a strength of 77 bits of entropy.
https://www.eff.org/deeplinks/2016/07/new-wordlists-random-passphrases
-
-
-
-
-
-
The real underlying problem, not addressed in the WSJ article or the response to the WSJ article, is that companies are no longer willing to invest in their employees. Back in the old days, companies would train their employees in the “latest and greatest” technologies as required.
Don’t let The Powers That Be distract us and turn this into a “passionate self-taught vs. CS degree” battle.
IRC is great. It’s easy to implement a client for, simple enough to understand, and used pretty widely. It’s still the main protocol I use to keep in touch with people.
The only thing I wish that it would get is server side history, so I could scroll back in a channel without idling or setting up a bouncer.
Early this year I finally broke down and subscribed to IRCCloud. They handle all the details of staying connected so you have access to channel history. Admittedly it works out to about 14 cents per day. Well worth it, in my opinion.
I’ve been keeping an eye on IRCCloud – I currently keep a ZNC server running… playing with it has been quite fun and instructive so far, but I would be OK paying 5$/month for someone taking care of it all. I’m waiting for them to open up a bouncer service so we can connect with other clients than their official IRCCloud client… apparently it’s on their roadmap (see bottom).
There are people working on a revised spec called ircv3, that aims to address those issues. I haven’t been in touch with that group, so I can’t speak to their progress or success.
I’m aware of ircv3, but I’m not aware of any proposal to add server side history to it – at least not one that’s gone anywhere. I’m sure someone cares about the other features, but they don’t really make a difference for me.
Edit: And I found one: https://github.com/ircv3/ircv3-specifications/pull/292
Uh, that is interesting. Thanks for sharing! I wonder if there are already any clients and servers out there.
Also see this story: https://lobste.rs/s/zdkuil
the rust irc crate aims for ircv3 support ;) (I’m trying to contribute to it (but outside of the v3 things))
You mean this crate? https://crates.io/crates/irc
Yup.