1. 1

    I have tried to get into Emacs several times, it agrees with me in many ways.

    However, each time I am driven away by the keyboard bindings system.

    I find it tedious to keep hitting Ctrl and all those multi-key shortcuts.

    I also find myself dead in the water, barely able to even open a file, let alone do things like:

    • Global file search for a term (ctrl+shift+f usually)
    • Switch between open buffers (ctrl+tab)

    I’ve also lately been spoiled by IntelliJ’s handling of all these things with keyboard bindings I’m familiar with since VB in the 90’s, not to mention it having GUI wrappers for Git.

    Any advice?

    1. 2

      You could try something like doom or spacemacs or even prelude + evil-mode if you don’t like hitting the control key. These are built atop evil-mode which gives you vim-like keybindings. I genuinely believe knowing Vim and Emacs keybindings is useful (for instance readline - and by extension most CLI tools use Emacs keybindings like C-a/C-e for begining/end of line and C-k/C-y for killing (cutting) and yanking (pasting).

      At the same time, why do you want to learn Emacs? If you are productive in IntelliJ, stick to it. You cannot grok the utility of Emacs unless you have been using it for a few months at least. I have been using it since 2005 and I still uncover features that I am unaware of that are older than me.

      YMMV, but I prefer the way emacs opens files to the Intellij/code way since it doesn’t open a file-open dialog box - I use ivy and that gives me fuzzy search on file opening.

      Global search is a different beast - Emacs doesn’t have a built-in notion of projects - but projectile-mode adds this in - and there are bindings in projectile to do global search in the current project. I also use swiper for searches and avy for on-screen jumps but as I said before - emacs is a gift that just keeps on giving - you could never have tried everything that is possible with it.

      C-Tab would be C-x <right> and C-S-Tab would be C-x <left> in Emacs by default Buffers are ubiquitous in emacs - as a newbie you might also want to C-x C-b and pick the buffer you want. I personally use C-x b remapped to ivy-switch-buffer which gives me fuzzy search on buffer names.

      1. 1

        BTW, https://github.com/bbatsov/guru-mode and https://github.com/justbur/emacs-which-key could also help a lot in discovering emacs keybindings

        1. 1

          Global search is a different beast - Emacs doesn’t have a built-in notion of projects

          Actually, this isn’t true anymore. Since Emacs 26 project.el has been bundled with Emacs, and depending on the version you’re using, C-x p f should be bound to project-find-file. If not, you can install project.el from ELPA. I’ve been using it for the last few months, and it does everything projectile used to do, just without the need for a minor mode and an external package.

          1. 1

            C-x p f doesn’t seem bound to anything in Emacs 26, perhaps that happened in Emacs 27? (I’m still on 26) I’ve been monitoring the development of project.el for a few years and it’s great that Emacs has some built-in project support these days, but there are still many things that Projectile does and project.el doesn’t. Of course, I’m obviously biased, being the author of Projectile. :D

            1. 1

              I’m not sure, but updating project includes

              ;;;###autoload (define-key ctl-x-map "p" project-prefix-map)
              

              so it will probably only be bound from 28 onwards :/

              there are still many things that Projectile does and project.el doesn’t. Of course, I’m obviously biased, being the author of Projectile. :D

              True, but it has been improving recently, with a lot of inspiration form Projectile. It would be interesting to see if projectile would evolve to become an “extension package” for project.el.

              1. 1

                The approaches of project.el and Projectile are somewhat different, so rebasing Projectile on top of project.el is not something I ever plan to do. I’m happy that Emacs users are getting something out-of-the-box, but I don’t plan to change my vision or goals for my project just because of that. Even if I’m the only Projectile user at the end of the day that’s be fine by me, as it covers my needs perfectly. :-)

          2. 1

            At the same time, why do you want to learn Emacs? If you are productive in IntelliJ, stick to it. You cannot grok the utility of Emacs unless you have been using it for a few months at least. I have been using it since 2005 and I still uncover features that I am unaware of that are older than me.

            Because it is FOSS, and because I’ll be able to have it work the way I want instead of being at the whim and mercy of JetBrains, as cool as they are. I don’t mind a learning curve to gain productivity, but so far it’s been more of a wall than a curve for me. Also, IntelliJ CE has missing features like CSS support.

            I also think there may be other features in Emacs which I have not even imagined yet, but would improve my productivity.

            I’m also enticed by Emacs’ console mode and universality.

            YMMV, but I prefer the way emacs opens files to the Intellij/code way since it doesn’t open a file-open dialog box - I use ivy and that gives me fuzzy search on file opening.

            I use Ctrl+Shift+N for opening files, which lets me type, e.g. “green css” to select ~/project/default/theme/green/style.css

            1. 1

              I also think there may be other features in Emacs which I have not even imagined yet, but would improve my productivity.

              Yes! There definitely is - welcome aboard. Org mode alone makes it worth it.

              Just don’t expect keybindings to work like they do elsewhere since emacs predates most of them and is significantly more powerful - Emacs has sub-maps For instance C-x is not the final shortcut - C-x C-s is. Similarly, when you use counsel, C-x p will still not execute anything - it will wait for the next keystroke. At this point p will switch project, f will fuzzy find files, d will find a directory, s would wait for a further keystroke to pick the search backend. And the best thing is most commands take a prefix C-u, For instance C-f goes forward one character but C-u 30 C-f goes forward 30 characters.

              There is no need to learn this all in one shot - you can simply pick things up as you need them.

              I use Ctrl+Shift+N for opening files, which lets me type, e.g. “green css” to select ~/project/default/theme/green/style.css

              That only works within the current project - what if I want to make a quick edit to my ~/.bashrc? If you want to search or files within the current project, C-x p f exactly that (including incremental filtering) if you use https://github.com/ericdanan/counsel-projectile which wraps around projectile which I mentioned before.

          3. 2

            not to mention it having GUI wrappers for Git.

            Emacs has either the built-in vc commands, that provide a generic UI for various version control systems, but that might be cumbersome to use in some cases. For Git specifically, there’s Magit, that’s often praised as a very flexible UI for working with Git.

            1. 1

              I’ve been using Emacs for, I don’t know, 20 or 25 years? I’ve never liked the default keybindings and that is the power of Emacs: you mold it to your likings.

              (For the longest time I had my own keybindings but since I was also familiar with Vim I’ve been using evil-mode for 8+ years now.)

              My suggestion for you: configure the keybindings to IntelliJ’s since that’s what you’re used to.

              1. 1

                They’re not really IntelliJ’s keyboard bindings, more like Windows-derived ones which I’ve grown used to since using VB3 also 20-25 years ago…

                I’m not even sure how to begin changingl the bindings.

                1. 1

                  I would just begin with the global-set-key command, although some modes can overwrite it.

                  Once you’ve used Emacs for a little longer you can start looking into mode-specific keybindings (local-set-key, but also the :bind option in use-package) but I would skip that for now.

                  1. 1

                    looking into mode-specific keybindings (local-set-key, but also the :bind option in use-package)

                    define-key would be the easier way to define mode-local keybindings, local-set-key would require invoking it in a hook.

              1. 3

                The Lobsters of Old, no?

                1. 0

                  Eh… sort of the Old Lobsters of old. I mean, the jcs Lobsters, before this current era of gentrification. Yeah, it was a splendid place. and doomed

                  1. 1

                    Hard disagree, the only associations I still have are “somehow pretentious” and “not technical enough”.

                    It’s one of the websites that got recommended all the time but I didn’t manage to even consume content there, much less participate. Maybe just a personal mis-fit though.

                2. 3

                  I do. It was great.

                1. 1

                  pCloud life-time subscription which I bought a couple of years ago instead of a NAS, so I’ve recovered the money by now. pCloud is OK, but not as solid as Dropbox (it’s still improving though!).

                  The pCloud is fully synced to several machines, so that’s my recovery mechanism.

                  1. 1

                    Interesting. Never heard of them before. Thanks for sharing!

                  1. 9

                    Sadly nobody has done a shot-for-shot remake of the CG for the contemporary (and better imho) Babylon 5.

                    1. 3

                      I haven’t watched it but hasn’t the Amiga-generated CGI got some of its own unique charm?

                      1. 1

                        Some, yes…

                        But hearing they planned for higher quality remasters in the future but lost the source materials makes me sad :-(

                    1. 9

                      XPath is a funny little technology. Along with XML Schema and XML itself, it comes from an era when JSON didn’t yet exist, web APIs were new, and we thought all web pages were going to become “valid” XML documents via XHTML. Funny, because, even though JSON largely replaced XML, it turned out that XPath and XML Schema were mostly YAGNI technologies, and so we hardly use alternatives to them when we work with JSON. And, nowadays, the idea of an HTML page being valid structured data against some schema seems quaint – what with the focus on “does it render across browsers?”, “is it responsive?”, “Is it fast?”, etc.

                      1. 12

                        And don’t forget XSLT! ;-) Dredging up these old technologies can feel like wandering into an alternate reality.

                        XPath is indispensable for quick-and-dirty web-scraping, and XSLT is, well, something—there isn’t really any direct replacement for it! I find myself writing XSLT about once a year. Most recently: rendering ALTO files as SVG overlays on scanned newspapers (to make the text selectable) completely on the client-side!

                        1. 5

                          XSLT is interesting for sure. I used it on a job for about 4 years. It was great for converting source documents into the specific format our system knew how to ingest.

                          I haven’t written any since I left that project and can’t say I miss it, even though it was really effective for our use case.

                          1. 1

                            Hi5 XSLT buddy!

                            I used it early in my career for more years than I’d like to remember but it was on point for that specific employer: It was a publisher that converted XML into a whole load of other formats and also added meta-data.

                            The ‘crown’ of my work was converting the XML into RTF.

                            1. 2

                              Ha ha ha! Yeah, it’s a good tool for those jobs. Sounds like we did the opposites. I took in lots of different XML sources and converted them all into our one XML format.

                        2. 10

                          And, nowadays, the idea of an HTML page being valid structured data against some schema seems quaint

                          I don’t think it’s surprising or necessarily bad that web pages aren’t, but the state of schema validation for JSON that does represent structured data makes me kinda sad. JSON Schema seems to have enough momentum that I’m not worried about its future, but the validator ecosystem doesn’t feel particularly healthy… and also, it’s just not as capable as XML schema.

                          As for the rest of the XML tooling, it still does get used in some areas, and for me personally it’s a massive relief when I need to analyse data from some random proprietary thing and it turns out to be backed by XML, because it means the tooling to let me write queries about it is just there. Despite how popular JSON is, it hasn’t really ever got there (jq is good but limited by design; jsoniq… exists, I guess).

                        1. 25

                          I’m glad I left the macOS-ecosystem in 2012 for good in favor of Gentoo. Apple as a company is just milking and babysitting their customers, even if they don’t want to.

                          I know many professionals that are locked within macOS due to software/habit, and I pity them.

                          I made the switch by replacing each program with an open source one, one after the other. The restrictions mentioned in the article will make this even harder to achieve unless open source developers shell out the 100$ per year, which is highly unlikely. It’s all about keeping up the walled garden.

                          Apple can screw themselves.

                          1. 14

                            I would be significantly less productive and make a ton less money if I went /back/ to Linux/BSD on the desktop.

                            1. 5

                              What is the productivity boost that macOS gives you compared to Linux/BSD?

                              1. 10

                                A quick list off the top of my head:

                                • The ability to use certain closed source software (Adobe, many electron apps built by startups).
                                • Alfred (rofi/dmenu/etc are not even close without significant effort to configure them)
                                • The “help” button at the top of the screen which allows you to search context menus. (This existed in an older version of Unity but now afaik no longer exists in any modern DE.)
                                • Separation of control/command (you can use command+C in terminal instead of control+shift+c or just copying everything that gets highlighted, no need to mentally context switch every time you go between the Terminal and other apps).
                                • nicer looking websites (look at how much better websites look in a default Ubuntu/Fedora/whatever install vs MacOS, I think it’s fonts but even after copying all my MacOS fonts to Fedora it’s still not the same).
                                • tight hardware integration (longer battery life, fingerprint reader to unlock)
                                • Integration with iOS (easily send files between my phone and laptop via AirDrop; start reading a lobste.rs article on my phone and finish on my laptop)
                                • Finder preview (press spacebar to preview a file quickly)

                                Many of the above can be done on Linux, but either require a bunch of manual configuration or are clunky to use even after configured.

                                1. 4

                                  Except maybe that first point, I really wouldn’t call that “a significant productivity boost”. Especially considering I’d have to walk into a vendor lock-in and buy overpriced baubles with weird keyboards etc.

                                  1. 6

                                    You’re right; it’s not one big thing, it’s a bunch of little things that make it more productive for me.

                                    1. 1

                                      If I believed hard enough that taking some pill would make me more productive, it might very well do so even if it didn’t contain any active substance. I’ve heard this “productivity talk” from Apple users multiple times and never got any reason to believe it’s actually something more than just a placebo effect taking place.

                                      It’d be very interesting to see a controlled study on this. We’d define productivity as solving programming tasks, replying to e-mails, writing articles etc and see what the differences really are.

                                      Like… OK. Everyone needs a different environment and I can imagine some people actually being more productive within Apple’s ecosystem, but it’s more about personal preferences than anything else. I’d expect all groups (Mac-, Windows-, Linux-with-GNOME-, Linux-with-KDE-, … users) to have roughly the same productivity, with some people being slightly more productive in certain environments, but probably not dramatically (assuming they’re motivated to actually try hard enough – so the study would probably have to be organized as a challenge with some neat prizes).

                                      Basically what I’m trying to say is that it comes to reaching some optimal setup and even though my setup isn’t optimal at all, by migrating to macOS I’d gain very little and lose a lot. That’s because I’ve spent quite some time reaching the setup that works at least this well for me. I suppose that might be the case with most power users and some productivity boost is most likely to be expected with people who tried using Windows or Ubuntu in default configuration, didn’t like it and then got a MacBook. But I’m still kind of skeptical about its magnitude.

                                    2. 2

                                      Maybe also integration with iOS, but the rest is just what one’s used to. OSX and Windows feel clunky and limiting to me because I’m used to Unix, especially wrt cross platform development.

                                      It’s all anecdotal.

                                    3. 3

                                      The hardware/software cohesion is nigh impossible to beat.

                                  2. 3

                                    You would be less productive at the beginning of the transition, yes. But you would eventually develop new workflows and then regain productivity.

                                    I used to be 100% on macOS until a few years ago. My last 2 jobs I’ve been 100% on Linux and haven’t had any problems. I can install all of the corporate software on my Linux machine. I also haven’t seen any cuts in my paycheck… still making a ton of money (I think). ^_^’

                                    I work on web services and most of our software runs on Linux. I got tired of learning 2 OSes. I personally didn’t find any value in running macOS to run Linux (in containers or via SSH). So I cut out the middleman. I also hated that macOS is Linux-like, but not actually. For example, you might end up learning the wrong nc or sed on macOS. Super annoying when debugging.

                                    I do get the appeal of macOS and still recommend it to my family, but as a developer, I value the simplicity of learning 1 set of tools over vanity features. Whenever I have to switch to macOS, my productivity takes a huge hit, but that’s because I’ve learned Linux workflows.

                                    1. 2

                                      Totally understandable, and I’m not arguing that. There are many people making a really good living working with Macs, and admittedly, Macs are probably the greatest machines for creative works and are superior in terms of color space handling and font rendering, to just name two things.

                                      Nevertheless, the price you pay for this advantage will grow further and further. If you only do it for work, that’s fine of course, godspeed to you! But if you look at it long-term, it looks rather bleak.

                                    2. 4

                                      If the best thing to happen to my computing career was learning Unix and the second best thing was finding Cygwin for Windows (a lifesaver), the worst decision was getting a MacBook at the end of 2019. Most frustrating keyboard and mouse (Magic Mouse) I have ever used in almost 50 years of using keyboards and X years of using mice. Just awful keyboard design, layout, touch & feel, disaster of a touchbar, no universality or standardization with anything but Macs.
                                      I use multiple machines at home/work and I want everything to be configured the same everywhere to ease transitions between machines. Linux and Windows, I can configure to be sufficiently similar, but it’s virtually impossible with a MacBook and MacOS.
                                      I figured that with 37 years to figure it out and with so many Linux devs using a Mac, Apple would have had to get their act together. Boy, was I wrong. Can’t wait to be done with it and get back to sanity.

                                      1. 5

                                        Mac hardware 10 years ago was the best on the market, and I loved using it. I am still using an old Apple USB Keyboard because I haven’t found anything matching its quality and feel. Apple changed under Tim Cook, and it will change even further.

                                        What they probably don’t realize is that developers might not make the biggest portion of their revenue, but they keep the ecosystem alive. I like to call this fallacy the “fallacy of the gaussian belly”, because they probably only aim their efforts on the consumers (iPhone, iPad, Apple Watch, etc.) and neglect the professional segment because it doesn’t make them as much money.

                                        I hope I’m not sounding like an armchair-CEO here, but in my opinion they shouldn’t even penny-squeeze the Mac customers that much. What the developers do in turn for the ecosystem is much more valuable than just mere stockholder-profits and market value.

                                        In the end, I see the problem in public trading and having a bean-counter at the top. The goals shift and the company goes down in the long-term. And now you might say “Why can you say that when Apple has just passed 2 billion market value?”. Just look at the market data of Apple before 1997. Before its demise under Sculley, Apple was at its most profitable, and just like Cook Sculley is a bean-counter. This degradation-process won’t be sudden and there were more factors at play in 1997, but it will happen in the long-term (10 years).

                                        1.  

                                          I joined the Apple ecosystem as the owner of a PowerMac G3 B&W that was given to my dad by a friend in 2007. I became a massive fanboy pretty quickly. 13 years later, and I’m embarrassed at how far my ‘sports team’ have fallen. The next 20 years are gonna be a rough ride and I don’t plan to stay for long.

                                    1. 24

                                      That headline is pretty confusing. It seems more likely twitter itself was compromised, than tons of individual users (billionaires, ex-leaders, etc)?

                                      1. 18

                                        You’re right. This is a case of Verge reporting what they’re seeing, but the scope has grown greatly since the initial posts. There have since been similar posts to several dozen prominent accounts, and Gemini replied that it has 2FA.

                                        Given the scope, this likely isn’t accounts being hacked. I suspect that either the platform or an elevated-rights Twitter content admin has been compromised.

                                        1. 12

                                          Twitter released a new API today (or was about to release it? Not entirely clear to me what the exact timeline is here), my money is on that being related.

                                          A ~$110k scam is a comparatively mild result considering the potential for such an attack, assuming there isn’t some 4D chess game going on as some are suggesting on HN (personally, I doubt there is). I don’t think it would be an exaggeration to say that in the hands of the wrong people, this could have the potential to tip election results or even get people killed (e.g. by encouraging the “Boogaloo” people and/or exploiting the unrest relating to racial tensions in the US from some strategic accounts or whatnot).

                                          As an aside, I wonder if this will contribute to the “mainstreaming” digital signing to verify the authenticity of what someone said.

                                          1. 13

                                            or even get people killed

                                            If the Donald Trump account had tweeted that an attack on China was imminent there could’ve been nuclear war.

                                            Sounds far-fetched, but this very nearly happened with Russia during the cold war when Reagan joked “My fellow Americans, I’m pleased to tell you today that I’ve signed legislation that will outlaw Russia forever. We begin bombing in five minutes.” into a microphone he didn’t realize was live.

                                            1. 10

                                              Wikipedia article about the incident: https://en.wikipedia.org/wiki/We_begin_bombing_in_five_minutes

                                              I don’t think things would have escalated to a nuclear war that quickly; there are some tensions between the US and China right now, but they don’t run that high, and a nuclear war is very much not in China’s (or anyone’s) interest. I wouldn’t care to run an experiment on this though 😬

                                              Even in the Reagan incident things didn’t seem to have escalated quite that badly (at least, in my reading of that Wikipedia article).

                                              1. 3

                                                Haha. Great tidbit of history here. Reminded me of this 80’s gem.

                                                1. 2

                                                  You’re right - it would probably have gone nowhere.

                                              2. 6

                                                I wonder if this will contribute to the “mainstreaming” digital signing to verify the authenticity of what someone said

                                                It’d be nice to think so.

                                                It would be somewhat humorous if an attack on the internet’s drive-by insult site led to such a thing, rather than the last two decades of phishing attacks targeting financial institutions and the like.

                                                1. 3

                                                  I wonder if this will contribute to the “mainstreaming” digital signing to verify the authenticity of what someone said.

                                                  A built-in system in the browser could create a 2FA system while being transparent to the users.

                                                  1. 5

                                                    2fa wouldn’t help here - the tweets were posted via user impersonation functionality, not direct account attacks.

                                                    1. 0

                                                      If you get access to twitter, or the twitter account, you still won’t have access to the person’s private key, so your tweet is not signed.

                                                      1. 9

                                                        Right, which is the basic concept of signed messages… and unrelated to 2 Factor Authentication.

                                                        1. 2

                                                          2FA, as I used it, means authenticating the message, via two factors, the first being access to twitter account, and the second, via cryptographically signing the message.

                                                          1. 3

                                                            Twitter won’t even implement the editing of published tweets. Assuming they’d add something that implicitely calls their competence in stewarding people’s tweets is a big ask.

                                                            1. 2

                                                              I’m not asking.

                                                  2. 2

                                                    A ~$110k scam

                                                    The attacker could just be sending coins to himself. I really doubt that anyone really falls for a scam where someone you don’t know says “give me some cash and I’ll give you double back”.

                                                    1. 15

                                                      I admire the confidence you have in your fellow human beings but I am somewhat surprised the scam only made so little money.

                                                      I mean, there’s talk about Twitter insiders being paid for this so I would not be surprised if the scammers actually lost money on this.

                                                      1. 10

                                                        Unfortunately people do. I’m pretty sure I must have mentioned this before a few months ago, but a few years ago a scammer managed to convince a notary to transfer almost €900k from his escrow account by impersonating the Dutch prime minister with a @gmail.com address and some outlandish story about secret agents, code-breaking savants, and national security (there’s no good write-up of the entire story in English AFAIK, I’ve been meaning to do one for ages).

                                                        Why do you think people still try to send “I am a prince in Nigeria” scam emails? If you check you spam folder you’ll see that’s literally what they’re still sending (also many other backstories, but I got 2 literal Nigerian ones: one from yesterday and one from the day before that). People fall for it, even though the “Nigerian Prince” is almost synonymous with “scam”.

                                                        Also, the 30 minute/1 hour time pressure is a good trick to make sure people don’t think too carefully and have to make a snap judgement.

                                                        As a side-note, Elon Musk doing this is almost believable. My friend sent me just an image overnight and when I woke up to it this morning I was genuinely thinking if it was true or not. Jeff Bezos? Well….

                                                        1. 12

                                                          People fall for it, even though the “Nigerian Prince” is almost synonymous with “scam”.

                                                          I’ve posted this research before but it’s too good to not post again.

                                                          Advance-fee scams are high touch operations. You typically talk with your victims over phone and email to build up trust as your monetary demands escalate. So anyone who realizes it’s a scam before they send money is a financial loss for the scammer. But the initial email is free.

                                                          So instead of more logical claims, like “I’m an inside trader who has a small sum of money to launder” you go with a stupidly bold claim that anyone with a tiny bit of common sense, experience, or even the ability to google would reject: foreign prince, huge sums of money, laughable claims. Because you are selecting for the most gullible people with the least amount of work.

                                                    2. 5

                                                      My understand is that Twitter has a tool to tweet as any user, and that tool was compromised.

                                                      Why this tool exists, I have no idea. I can’t think of any circumstance where an employee should have access to such a tool.

                                                      Twitter has been very tight-lipped about this incident and that’s not a good look for them. (I could go on for paragraphs about all of the fscked up things they’ve done)

                                                      1. 5

                                                        or an elevated-rights Twitter content admin

                                                        I don’t think content admins should be able to make posts on other people’s account. They should only be able to delete or hide stuff. There’s no reason they should be able to post for others, and the potential for abuse is far too high for no gain.

                                                        1. 6

                                                          Apparently some privileges allow internal Twitter employees to remove MDA and reset passwords. Not sure how it played out but I assume MFA had to be disabled in some way.

                                                        1. 5

                                                          That’s a good article! Vice has updated that headline since you posted to report that the listed accounts got hijacked, which is more accurate. Hacking an individual implies that the breach was in their control: phone, email, etc. This is a twitter operations failure which resulted in existing accounts being given to another party.

                                                      1. 5

                                                        An interesting take. Glad to see Linux is still an option and really surprising that perceived performance between KDE and Gnome have flipped.

                                                        • Surprising to hear that there isn’t a Google Drive client on Linux (as I recall there used to be one), don’t many engineers at Google use “Goobuntu”? Perhaps they don’t open source the client for public use.
                                                        • I know that Steam works on both, do you find that your OS dictates what games you play most, or no?
                                                        • OP didn’t mention the screen quality or eyesight issues, curious if there is a noticeable difference between the two? As I suspect there would be.
                                                        1. 9

                                                          Goobuntu (Ubuntu) was replaced by gLinux (Debian) a couple of years ago for maintainability reasons. They’re functionally the same though.

                                                          The machines that we develop on is about what we think gets the programming job done, not as an indication of the target platform.

                                                          My guess is that the numbers were crunched and found that Linux users would not have made up enough share to warrant a client. I’ve never missed it, I do all my office work directly in the browser, and we have company-wide disk snapshotting for backup purposes. On my laptop (which isn’t snapshotted) I use RSync.

                                                          1. 1

                                                            Ahh interesting, thanks for the update.

                                                            The machines that we develop on is about what we think gets the programming job done, not as an indication of the target platform.

                                                            Of course, but I’d imagine that some engineers would want to have native document sync with GDrive. I also use GDrive, but honestly found the syncing annoying when the usage flow is nearly always New tab > drive.google.com > search doc. But certainly someone on gLinux wanted to keep it? :shrug:

                                                            What exactly are you rsync’ing against?

                                                            1. 4

                                                              Laptop (not snapshotted) > Desktop (snapshotted)

                                                              But yeah, we just use the web interface for all docs writing stuff. For documentation (not documents), we have an internal Markdown renderer (think GitHub wiki with internal integrations). No one writes documents outside of a centralized system, and so has no need to back them up with a client.

                                                          2. 6

                                                            (I’m not OP) I recently started playing games on Linux via Steam. For reference, I’ve never been a Windows gamer – had been a console gamer up to that point. To answer your question:

                                                            do you find that your OS dictates what games you play most, or no

                                                            Pretty much. I play only what will work, so that means the game must either officially be supported under “Steam OS + Linux”, or work via Proton. But this is just me. Others are free to dual boot, which, of course, vastly broadens their spectrum of available games.

                                                            1. 5

                                                              I used to be a dual booter, but since Proton, so many games have been working on Linux that I stopped booting to Windows. Then at some point my windows installation broke and I never bothered to fix it.

                                                              1. 3

                                                                That’s cool. However, I think we’re a ways off from totally being on par with native Windows. Several anti-cheat systems are triggered by running under Linux. And protondb shows that there are still many games that don’t run.

                                                                That said, things are improving steadily month by month, so that’s encouraging.

                                                                1. 2

                                                                  That’s true, I didn’t mean to imply that all games I would like to play work on Proton now. But enough of them work now that instead of dealing with Windows for a game that doesn’t work on Proton, I usually just go and find something else that does.

                                                                  If you have a group of gaming buddies, that obviously won’t work, though. It won’t be long before they get hooked up to a Windows-only game.

                                                              2. 2

                                                                Same here, I find the biggest area where I need to switch back to windows is for multiplayer. I used to lan a lot and still have many of those contacts. I find a lot of games that have a host/client multiplayer, for example RTS games, have issues on linux even if the single-player works flawlessly. This means I have to keep dual boot available.

                                                                Even though linux does strongly influence which games I play, the range and variety is amazing and it is not reducing the quality or diversity of games I play at all. There are just a few windows only titles that I might play slightly more if they were available on linux.

                                                                While we are on the subject, what are people’s recommendations for a gaming distro? I am on Mint at the moment which is good, but I like to have options.

                                                                1. 1

                                                                  I don’t know if I’d call it a gaming distro, but I have been using Gentoo for many years, and it seems to be doing just fine with Steam (which I just installed a couple months ago).

                                                                  1. 1

                                                                    Frankly, I’m not sure you need a gaming distro. I’ve had little issues running Steam and Wine (using Lutris) games on Void Linux, Debian, etc. (Mind you: always using Nvidia.)

                                                                    1. 2

                                                                      I actually phrased that really badly, thanks for the correction. I tried out a dedicated gaming distro and it was rubbish. Mint is a variation on Ubuntu.I was looking at Debian to try next.

                                                                      It seems like the thing to look for is just something well supported with all the common libraries, so most big distros appear to be fine for gaming. The reason I am not entirely pleased with Mint is that they seem a bit too conservative in terms of adding new stuff to the package manager when it comes out. On the one hand that makes it more stable, but on the other games use a lot of weird stuff sometimes and it makes things a bit messy if you have to install things from outside the package manager.

                                                                2. 4

                                                                  perceived performance between KDE and Gnome have flipped

                                                                  Gnome Shell is huge and slow. A Canonical engineer (Ubuntu has switched from Unity to Gnome) has recently started to improve its performance with very good results but this also shows how terrible the performance was before: memory leaks, huge redraws all of the time and no clipping, … Now this needs to trickle down to users and the comments might change then.

                                                                  PS: KDE has not gotten a lot more bloat or slowness over the years and I don’t know if Gnome will be faster and lighter or if both will be similar.

                                                                  1. 2

                                                                    The lack of a Google Drive client is shameful, but I tried Insync and it’s the best money I’ve ever spent on a Linux app. Much better than the Mac version of Google Drive which was super buggy

                                                                  1. 20

                                                                    It boggles the mind that “when you make web sites, make sure they aren’t fundamentally broken” is a fringe, “hot take” kind of a message, but here we are.

                                                                    1. 2

                                                                      Another way to look at this is that a web browser comes with javascript enabled. So my website will work. Now you turn off javascript, and it breaks - then you complain.

                                                                      1. 9

                                                                        The most effective ad blocker, tracking blocker, and load speed enhancer, is blocking JavaScript.

                                                                        The web with JavaScript is half broken because of JS abuse, and only enabling it selectively on sites I trust is my best defense. There are things that light use improves, but they’re often not worth the downsides. On top of it, the sites that rely heavily on javascript often don’t implement the accessibility things that they should when they reinvent behavior.

                                                                        I wish JS prompted for permission the way that notifications, webcam access, and similarly intrusive things did.

                                                                        1. 8

                                                                          Is not that all sites should be no-JavaScript sites, but the very basic navigation and basic features should work without the need of JS. People disable JS in order to avoid tracking and ads, not because they want to bother developers. At least that is the way I see it.

                                                                          1. 7

                                                                            A lot of time it only stops working without JS is that it reinvents standard UI with a broken surrogate thereof. You (an abstract “you”, not you personally) break the back button, break scroll, make fake buttons. Then the result sucks real hard for people who disable JS and for people who use accessibility tools. But guess what? It sucks for everyone. I can’t search the page content for the interesting post I’ve seen 10 minutes ago. I can’t scroll to it without the JS messing up with that feed. I can’t go back to the previous page of search results. Some people refuse to accept it as the new normal—to few to make a difference for now.

                                                                            1. 2

                                                                              In many frameworks there are ways to accommodate this through routing and diligent use of anchors.

                                                                              If I can use a regular UI element with styling on my site, that will be where I go.

                                                                            2. 6

                                                                              That’s inaccurate; some browsers come with it enabled and others don’t.

                                                                              1. 3

                                                                                Perhaps I should clarify: when I say “a web browser comes with javascript enabled” I am referring to browsers whose usage is above a rounding error.

                                                                                1. 9

                                                                                  This is starting to sound exactly like the rhetoric people defended IE6, and then Flash with. ;)

                                                                                  1. 1

                                                                                    Don’t worry, the next one will probably be javascript vs webassembly.

                                                                                  2. 2

                                                                                    There are only three currently-maintained browsers that support Javascript, and two of the three are controlled by a megacorp with a long history of abusing their users rights. (the third one is arguably as well since that’s where the funding comes from, but that’s more of a grey area)

                                                                                    A web that can’t be used without Javascript is a web that tells anyone without billion-dollar-deep pockets that they aren’t welcome.

                                                                                    1. 1

                                                                                      I think there are technically four. I am not sure exactly which ones you are counting, but Microsoft’s Edge does have some differences from Chrome, and Apple has Safari.

                                                                                      I am not going to say that this is the ideal situation, but it is the situation we have. The effort to make a browser is not what it once was. I assume you are referring to the making a browser in the last bit. I think it does actually get worst because of the DRM on codecs.

                                                                                      I checked with a friend who is in network support and IT. He often browses with Javascript disabled as well.

                                                                                      I think the fundamental problem is that inclusiveness is expensive. The products I make at work are apps that just won’t work without javascript. That isn’t to say it couldn’t be made without javascript, but it would work like an application from 2000 and wouldn’t be particularly attractive to our customers.

                                                                                      My own sites, it isn’t about money but more about time. Most of what I plan on doing on my site are apps or very interactive pages, but there is a front end section that is more descriptive. Is there was any part that should work without javascript it is likely that. My preference would be for a framework to be able to generate those sections for me, so I can get the advantages of it without adding extra time to the effort.

                                                                                      This whole thread has gotten me thinking about the alternative to Javascript. It is like the tricks that people used to do for menus in javascript that eventually people figured out how to do in CSS. A real solution to the issue could be a declarative system that allows for advanced UI yet not arbitrary code. It might rely more on the backend for certain processing, but you could be sure that the front end couldn’t run arbitrary code.

                                                                                2. 3

                                                                                  Web browsers shouldn’t come with JavaScript enabled. Just as with Flash back in the day, it should be disabled and the user should have to enable it specifically for a site.

                                                                                  JavaScript is inimical to everything the Web stands for. It has destroyed the web of linked documents and replaced them with walled garden, unlinkable SPAs. It requires readers to run a heavyweight graphical browser when the lightweight lynx or eww. They have led to a world of dynamic applications performing the job of static pages, breaking caching.

                                                                                  There is absolutely no reason to grant every website execute permission when all it needs is to display text and images.

                                                                                  1. 2

                                                                                    Browsers come with a lot of stuff enabled, does your site then have to use all those bells and whistles?

                                                                                    1. 2

                                                                                      Interesting way to put it but seems specious, I wouldn’t exactly group javascript with “all the bells and whistles” it is a very basic feature on the modern web.

                                                                                1. 23

                                                                                  It boggles my mind that there are more and more websites that just contain text and images, but are completely broken, blank or even outright block you if you disable JavaScript. There can be great value in interactive demos and things like MathJax, but there is no excuse to ever use JavaScript for buttons, menus, text and images which should be done in HTML/CSS as mentioned in the blog post. Additionally, the website should degrade gracefully if JavaScript is missing, e.g. interactive examples revert to images or stop rendering, but the text and images remain in place.

                                                                                  I wonder how we can combat this “JavaScript for everything” trend. Maybe there should be a website that names and shames offending frameworks and websites (like https://plaintextoffenders.com/ but for bloat), but by now there would probably be more websites that belong on this list than websites that don’t. The web has basically become unbrowsable without JavaScript. Google CAPTCHAs make things even worse. Frankly, I doubt that the situation is even salvageable at this point.

                                                                                  I feel like we’re witnessing the Adobe Flash story all over again, but this time with HTML5/JS/Browser bloat and with the blessing of the major players like Apple. It’ll be interesting to see how the web evolves in the coming decades.

                                                                                  1. 5

                                                                                    Rendering math on the server/static site build host with KaTeX is much easier than one might have thought: https://soap.coffee/~lthms/cleopatra/soupault.html#org97bbcd3

                                                                                    Of course this won’t work for interactice demos, but most pages aren’t interactice demos.

                                                                                    1. 9

                                                                                      If I am making a website, there is virtually no incentive to care about people not allowing javascript.

                                                                                      The fact is the web runs on javascript. The extra effort does not really give any tangible benefits.

                                                                                      1. 21

                                                                                        You just proved my point. That is precisely the mechanism by which bloat finds its way into every crevice of software. It’s all about incentives, and the incentives are often stacked against the user’s best interest, particularly if minorities are affected. It is easier to write popular software than it is to write good software.

                                                                                        1. 7

                                                                                          Every advance in computers and UI has been called bloat at one time or another.

                                                                                          The fact of the matter is that web browsers “ship” with javascript enabled. A very small minority actually disable it. It is not worth the effort in time or expense to cater to a group that disables stuff and expects everything to still work.

                                                                                          Am I using a framework?

                                                                                          Most of the time, yes I am. To deliver what I need to deliver it is the most economical method.

                                                                                          The only thing I am willing to spend extra time on is reasonable accommodation for disabilities. But most of the solutions for web accessibility (like screenreaders) have javascript enabled anyhow.

                                                                                          You might get some of what you want with server side rendering.

                                                                                          Good software is software that serves the end user’s needs. If there is interactivity, such as an app, obviously it is going to have javascript. Most things I tend to make these days are web apps. So no, Good Software doesn’t always require javascript.

                                                                                          1. 10

                                                                                            I actually block javascript to help me filter bad sites. If you are writing a blog and I land there, and it doesn’t work with noscript on, I will check what domains are being blocked. If it is just the one I am accessing I will temp unblock and read on. If it is more than a couple of domains, or if any of them are unclear as to why they need to be loaded, you just lost a reader. It is not about privacy so much as keeping things neat and tidy and simple.

                                                                                            People like me are probably a small enough subset that you don’t need our business.

                                                                                            1. 4

                                                                                              Ah, the No-Script Index!

                                                                                              How many times does one have to click “Set all this page to temporarily trusted” to get a working website? (i.e. you get the content you came for)

                                                                                              Anything above zero, but definitely everything above one is too much.

                                                                                              1. 3

                                                                                                The absolute worst offender is microsoft. Not only is their average No-Script index around 3, but you also get multiple cross site scripting attack warnings. Additionally when it fails to load a site because of js not working it quite often redirects you to another page, so set temp trusted doesn’t even catch the one that caused the failure. Often you have to disable no-script altogether before you can log in and then once you are logged in you can re-enable it and set the domains to trusted for next time.

                                                                                                That is about 3% of my total rant about why microsoft websites are the worst. I cbf typing up the rest.

                                                                                              2. 3

                                                                                                i do this too, and i have no regrets, only gratitude. i’ve saved myself countless hours once i realized js-only correlates heavily with low quality content.

                                                                                                i’ve also stopped using medium, twitter, instagram, reddit. youtube and gmaps, i still allow for now. facebook has spectacular accessibility, ages ahead of others, and i still use it, after years away.

                                                                                                1. 1

                                                                                                  My guess is that a lot of people who use JS for everything, especially their personal blogs and other static projects, are either lazy or very new to web development and programming in general. You can expect such people to be less willing or less able to put the effort into making worthwhile content.

                                                                                                  1. 2

                                                                                                    that’s exactly how i think it work, and why i’m happy to skip the content on js-only sites.

                                                                                              3. 6

                                                                                                The only thing I am willing to spend extra time on is reasonable accommodation for disabilities.

                                                                                                Why do you care more about disabled people than the privacy conscious? What makes you willing to spend time for accommodations for one group, but not the other? What if privacy consciousness were a mental health issue, would you spend time on accommodations then?

                                                                                                1. 12

                                                                                                  Being blind is not a choice: disabling JavaScript is. And using JavaScript doesn’t mean it’s not privacy-friendly.

                                                                                                  1. 4

                                                                                                    It might be a “choice” if your ability to have a normal life, avoid prison, or not be executed depends on less surveillance. Increasingly, that choice is made for them if they want to use any digital device. It also stands out in many places to not use a digital device.

                                                                                                    1. 2

                                                                                                      This bears no relation at all to anything that’s being discussed here. This moving of goalposts from “a bit of unnecessary JavaScript on websites” to “you will be executed by a dictatorship” is just weird.

                                                                                                      1. 4

                                                                                                        You framed privacy as an optional choice people might not need as compared to the need for eyesight. I’d say people need sight more than privacy in most situations. It’s more critical. However, for many people, privacy is also a need that supports them having a normal, comfortable life by avoiding others causing them harm. The harm ranges from social ostracism upon learning specific facts about them to government action against them.

                                                                                                        So, I countered that privacy doesn’t seem like a meaningless choice for those people any more than wanting to see does. It is a necessity for their life not being miserable. In rarer cases, it’s necessary for them even be alive. Defaulting on privacy as a baseline increases the number of people that live with less suffering.

                                                                                                        1. 2

                                                                                                          You framed privacy as an optional choice

                                                                                                          No, I didn’t. Not even close. Not even remotely close. I just said “using JavaScript doesn’t mean it’s not privacy-friendly”. I don’t know what kind of assumptions you’re making here, but they’re just plain wrong.

                                                                                                          1. 3

                                                                                                            You also said:

                                                                                                            “Being blind is not a choice: disabling JavaScript is.”

                                                                                                            My impression was that you thought disabling Javascript was a meaningless choice vs accessibility instead of another type of necessity for many folks. I apologize if I misunderstood what you meant by that statement.

                                                                                                            My replies don’t apply to you then: just any other readers that believed no JS was a personal preference instead of a necessity for a lot of people.

                                                                                                    2. 3

                                                                                                      The question isn’t about whether it’s privacy-friendly, though. The question is about whether you can guarantee friendliness when visiting any arbitrary site.

                                                                                                      If JS is enabled then you can’t. Even most sites with no intention of harming users are equipped to do exactly that.

                                                                                                      1. -1

                                                                                                        disabling js on a slow device is not a choice, but required for functioning. you are basically saying fuck you to all the disadvantaged.

                                                                                                        and all because you are being lazy.

                                                                                                        1. 4

                                                                                                          When you can get a quad core raspberry pi for $30 and similar hardware in a $50 phone, I really doubt that there are devices that can’t run most JS sites and someone who has a device of some sort can’t afford.

                                                                                                          What devices do you see people using which can’t run JS?

                                                                                                          The bigger question in terms of people being disadvantaged is network speed, where some sites downloading 1MB of scripts makes them inaccessible - but that’s an entirely separate discussion.

                                                                                                          1. 1

                                                                                                            how is that a separate discussion? it’s just one more scenario when js reduces accessibility.

                                                                                                            as for devices, try any device over 5 years old.

                                                                                                          2. 2

                                                                                                            I literally have the cheapest phone you can buy in Indonesia (~€60) and I have the almost-cheapest laptop you can buy in Indonesia (~€250). So yeah, I’d say I’m “disadvantaged”.

                                                                                                            Turns out, that many JavaScript sites work just fine. Yeah, Slack and Twitter don’t always – I don’t know how they even manage to give their inputs such input latency – but Lobsters works just fine (which uses JavaScript), my site works just fine as well (which uses JavaScript), and my product works great on low-end devices (which requires JavaScript), etc. etc. etc.

                                                                                                            You know I actually tried very hard to make my product work 100% without JavaScript? It was a horrible experience for both JS and non-JS users and a lot more code. Guess I’m just too lazy to make it work correct 🤷‍♂️

                                                                                                            So yeah, please, knock it with this attitude. This isn’t bloody Reddit.

                                                                                                            1. 6

                                                                                                              “I literally have the cheapest phone you can buy in Indonesia (~€60) and I have the almost-cheapest laptop you can buy in Indonesia (~€250). So yeah, I’d say I’m “disadvantaged”. Turns out, that many JavaScript sites work just fine.”

                                                                                                              I’ve met lots of people in America who live dollar to dollar having to keep slow devices for a long time until better hand-me-downs show up on Craigslist or just clearance sales. Many folks in the poor or lower classes do have capable devices because they would rather spend money on that than other things. Don’t let anyone fool you that being poor always equals bad devices.

                                                                                                              That said, the ones taking care of their families, doing proper budgeting, not having a car for finding deals, living in rural areas, etc often get stuck with bad devices and/or connections. I don’t have survey data on how many are in the U.S.. I know poor and rural populations are huge, though. It makes sense that some people push for a baseline that includes them when the non-inclusive alternative isn’t actually even necessary in many cases. When it is, there were lighter alternatives not used because of apathy. I’ve rarely seen situations where what they couldn’t easily use was actually necessary.

                                                                                                              The real argument behind most of the sites is that they didn’t care. The ones that didn’t know often also didn’t care because they didn’t pay enough attention to people, esp low-income, to find out. If they say that, the conversations get more productive because we start out with their actual position. Then, strategies can be formed to address the issue in an environment where most suppliers don’t care. Much like we had to do in a lot of other sectors and situations where suppliers didn’t care about human cost of their actions. We got a lot of progress by starting with the truth. The web has many, dark truths to expose and address.

                                                                                                              1. 3

                                                                                                                thank you for writing this out. the cheapest new phone in indonesia is probably much faster than your typical “obamaphone” or 3-year-old average device.

                                                                                                                1. 1

                                                                                                                  The Obama phones are actually Android devices that also have pre-installed government malware that can’t be removed. They have Chrome and run JS fine.

                                                                                                                  1. 2

                                                                                                                    They have Chrome, and they run JS very slowly.

                                                                                                                    1. 1

                                                                                                                      Are you going to cite any devices here? Which JS do they run slowly?

                                                                                                                      My guess is that the issue is on specific documents. I’d think that the fact that JS is so often used in ways that don’t perform well is a much larger issue than this one. Sites using JS in ways that are slow is a completely different debate to be had in my opinion. Although giving someone a version of the page without JS seems a solution, it ignores the entire concept of progressive web apps and the history of the web that got us to them.

                                                                                                                      EG, would you prefer the 2008 style of having a separate m.somesite.com that works without JS but tends to be made for small devices which tends to let corporations be okay with removing necessary functionality to simplify the “mobile experience”? Generally, that’s what we got that solution.

                                                                                                                      The fact that even JS-enabled documents like https://m.uber.com allow you to view a JS map and get a car to come pick you up with reasonable performance on even the cheapest burner phones shows just how much bad programming plays into your opinion here instead of simply whether or not JS is the problem itself.

                                                                                                                      It’s also worth noting that I am strongly interested in people doing less JS and the web being JS-less, but this isn’t the hill to die on in that battle if you ask me. Not only are you going to generally find people that aren’t sympathetic to disadvantaged people (because most programmers tend to not give any fucks unfortunately) but also because the devices that run JS are generally not going to be slow enough that decent JS isn’t going to run. If we introduce some new standard that replaces HTML, it’ll likely still be read by browsers that still support HTML / JS - which means the issue still remains because people aren’t going to prioritize a separate markup for their entire site depending on devices which is the exact reason that most companies stopped doing m.example.com. The exception to this rule seems to be bank & travel companies in my experience.

                                                                                                                      1. 2

                                                                                                                        Here is an example device I test with regularly:

                                                                                                                        iPad 528LL/A, iOS 9.3.5

                                                                                                                        This iPad is less than 10 years old, and still works well on most sites with JS disabled. With JS enabled, even many text-based sites slow it down to the point of being unresponsive.

                                                                                                                        This version of iOS and Safari are gracious enough to include a JavaScript on/off toggle under Advanced, but no fine-grained control. This means that every time I want to toggle JS, I have to exit Safari, open Settings, scroll down to Safari, scroll down to Advanced, toggle JS, and then return to Safari.

                                                                                                                        Or are you going to tell me that my device is too old to visit your website? I’ll be on my way, then.

                                                                                                                        1. 2

                                                                                                                          It’s also worth noting that I am strongly interested in people doing less JS and the web being JS-less, but this isn’t the hill to die on in that battle if you ask me. Not only are you going to generally find people that aren’t sympathetic to disadvantaged people (because most programmers tend to not give any fucks unfortunately)

                                                                                                                          I think this is changing for the better, slowly but faster more recently.

                                                                                                                          but also because the devices that run JS are generally not going to be slow enough that decent JS isn’t going to run. If we introduce some new standard that replaces HTML, it’ll likely still be read by browsers that still support HTML / JS - which means the issue still remains because people aren’t going to prioritize a separate markup for their entire site depending on devices which is the exact reason that most companies stopped doing m.example.com.

                                                                                                                          I think with some feature checking and progressive enhancement, you can do a lot. For example, my demo offers basic forum functionality in Mosaic, Netscape, Opera 3.x, IE 3.x, and modern browsers with and without JS. If you have JS, you get some extra features like client-side encryption and voting buttons which update in-place instead of loading a new page.

                                                                                                                          I think it’s totally doable, with a little bit of effort, to live up to the original dream of HTML which works in any browser.

                                                                                                                          The exception to this rule seems to be bank & travel companies in my experience.

                                                                                                                          Facebook (ok, mbasic.facebook.com) MetaFilter Lobste.rs (for reading) old.reddit.com (for reading) Most blogs posted to lobsters and hn are actually nojs-friendly

                                                                                                                  2. 3

                                                                                                                    Aside from devices without a real browser, JavaScript should run fine on any device people are going to get in 2020 - even through hand-me-downs.

                                                                                                                    1. 3

                                                                                                                      I’m going to try to replace my grandmother’s laptop soon. I’ve verified it runs unbearably slow in general but especially on JS-heavy sites she uses. It’s a Toshiba Satellite with Sempron SI-42, 2GB of RAM and Windows 7. She got it from a friend as a gift presumably replacing her previous setup. Eventually, despite many reinstalls to clear malware, the web sites she uses were unbearably slow.

                                                                                                                      “When you can get a quad core raspberry pi for $30 and similar hardware in a $50 phone,”

                                                                                                                      She won’t use a geeky setup. She has a usable, Android phone. She leaves it in her office, occasionally checking the messages. In her case, she wants a nice-looking laptop she can set on her antique-looking desk. Big on appearances.

                                                                                                                      An inexpensive, decent-looking, Windows laptop seems like the best idea if I can’t get her on a Chromebook or something. I’ll probably scour eBay eventually like I did for my current one ($240 Thinkpad T420). If that’s $240, there’s gotta be some deals out there in the sub-Core i7 range. :)

                                                                                                                      1. 3

                                                                                                                        Sure, but just to clarify - we are talking about people who may need to save money to get the $30 for something like a raspberry pi. Not someone who can drop $240 on a new laptop.

                                                                                                                        1. 3

                                                                                                                          Oh yeah. I was just giving you the device example you asked for. She’s in the category of people who would need to save money: she’s on Social Security. These people still usually won’t go with a geeky rig even if their finances justify it. Psychology in action.

                                                                                                                          I do actually have a Pi 3 I could try to give her. I’d have to get her some kind of nice monitor, keyboard, and mouse for it. I’m predicting, esp with the monitor, the sum of the components might cost the same as or more than a refurbished laptop for web browsing. I mentioned my refurbished Core i7 for $240 on eBay as an example that might imply lower-end laptops with good performance might be much cheaper. I’ll find out soon.

                                                                                                                      2. 1

                                                                                                                        But what about a device people got in 2015 or 2010? Or, dare I say, older devices, which still work fine, and may be kept around for any number of reasons like nostalgia or sentimental attachment?

                                                                                                                        Sure, you can tell all these people to also stuff it, but don’t pretend they don’t exist.

                                                                                                              2. 12

                                                                                                                Why do you care more about disabled people than the privacy conscious?

                                                                                                                Oh that one is easy: Its the law.

                                                                                                                Being paranoid isn’t a protected class, it might be a mental health issue - but my website has nothing to do with its treatment.

                                                                                                                For the regular privacy, you have other extensions and cookie management you can do.

                                                                                                              3. 3

                                                                                                                You have some good points. One thing I didn’t see addressed is the number of people on dial-up, DSL, satellite, cheap mobile, or other bad connections. The HTML/CSS-type web pages usually load really fast on them. The Javascript-type sites often don’t. They can act pretty broken, too. Here’s some examples someone posted to HN showing impact of JavaScript loads.

                                                                                                                “If there is interactivity, such as an app, obviously it is going to have javascript. “

                                                                                                                I’ll add that this isn’t obvious. One of the old models was client sending something, server-side processing, and server returns modified HTML. With HTML/CSS and fast language on server, the loop can happen so fast that the user can barely perceive a difference vs a slow, bloated, JS setup. It would also work for vast majority of websites I use and see.

                                                                                                                The JS becomes necessary as the UI complexity, interactivity (esp latency requirements), and/or local computations increase past a certain point. Google Maps is an obvious example.

                                                                                                                1. 3

                                                                                                                  It is interesting to see people still using dialup. Professionally, I use typescript and angular. The bundle sizes on that are rather insane without much code. Probably unusable on dialup.

                                                                                                                  However, for my personal sites I am interested in looking at things like svelte mixed with dynamic loading. It might help to mitigate some of the issues that Angular itself has. But fundamentally, it is certainly hard to serve clients when you have apps like you mention - Google Maps. Perhaps a compromise is to try to be as thrifty as can be justified by the effort, and load most of the stuff up front, cache it as much as possible, and use smaller api requests so most of the usage of the app stays within the fast local interaction.

                                                                                                                  1. 2

                                                                                                                    <rant>

                                                                                                                    Google Maps used to have an accessibility mode which was just static pages with arrow buttons – the way most sites like MapQuest worked 15 years ago. I can only guess why they took it away, but now you just get a rather snarky message.

                                                                                                                    Not only that, but to add insult to injury, the message is cached, and doesn’t go away even when you reload with JS enabled again. Only when you Shift+reload do you get the actual maps page.

                                                                                                                    This kind of experience is what no-JS browsers have to put up with every fucking day, and it’s rather frustrating and demoralizing. Not only am I blocked from accessing the service, but I’m told that my way of accessing it itself invalid.

                                                                                                                    Sometimes I’m redirected to rather condescending “community” sites that tell me step by step how to re-enable JavaScript in my browser, which by some random, unfortunate circumstance beyond my control must have become disabled.

                                                                                                                    All I want to say to those web devs at times like that is: Go fuck yourself, you are all lazy fucking hacks, and you should be ashamed that you participated in allowing, through action or inaction, this kind of half-baked tripe to see the light of day.

                                                                                                                    My way of accessing the Web is just as valid as someone’s with JS enabled, and if you disagree, then I’m going to do everything in my power to never visit your shoddy establishment again.

                                                                                                                    </rant>

                                                                                                                    Edit: I just want to clarify, that this rant was precipitated by other discussions I’ve been involved in, my overall Web experience, and finally, parent comment’s mention of Google Maps. This is not aimed specifically at you, @zzing.

                                                                                                            2. 9

                                                                                                              It shouldn’t be extra effort, is the point. If you’re just writing some paragraphs of text, or maybe a contact form, or some page navigation, etc etc you should just create those directly instead of going through all the extra effort of reinventing your own broken versions.

                                                                                                              1. -2

                                                                                                                Often the stuff I am making has a lot more than that. I use front end web frameworks to help with it.

                                                                                                                Very few websites today have just text or a basic form.

                                                                                                                1. 10

                                                                                                                  Ok, well, that wasn’t at all clear since you were replying to this:

                                                                                                                  It boggles my mind that there are more and more websites that just contain text and images, but are completely broken, blank or even outright block you if you disable JavaScript.

                                                                                                                  Many websites I see fit this description. They’re not apps, they don’t have any “behaviour” (at least none that a user can notice), but they still have so much JS that it takes over 256MB of RAM to load them up and with JS turned off they show a blank white page. That’s the topic of this thread, at least by the OP.

                                                                                                                  1. 0

                                                                                                                    Very few websites today have just text or a basic form.

                                                                                                                    Uhh… Personal websites? Blogs? Many of the users here on Lobsters maintain sites like these. No need to state falsehoods to try and prove your point; there are plenty of better arguments you could be making.

                                                                                                                    As an aside, have you seen Sourcehut? That’s an entire freakin’ suite of web apps which don’t just function without JavaScript but work beautifully. Hell, Lobsters almost makes it into this category as well.

                                                                                                              2. 1

                                                                                                                Some types of buttons, menus, text and images aren’t implemented in plain HTML. These kinds should still be built in JS. For instance, 3-state buttons. There are CSS hacks to make a button appear 3-state, but no way to define behavior for them without JS. People can hack together radio inputs to look like a single multi-state button, but that’s a wild hack that most developers aren’t going to want to tackle.

                                                                                                                1. 1

                                                                                                                  I’m trying to learn more about accessibility, and recently came across a Twitter thread with this to say: “Until the platform improves, you need JS to properly implement keyboard navigation”, with a couple video examples.

                                                                                                                  1. 2

                                                                                                                    I think that people that want keyboard navigation will use a browser that supports that out of the box, they won’t rely on each site to implement it.

                                                                                                                    1. 2

                                                                                                                      The world needs more browsers like Qutebrowser.

                                                                                                                1. 2

                                                                                                                  Since he mentions gaming I find that Linux is quite sufficient for my gaming needs. I think on par with OS X although the games supported on each platform do not necessarily overlap. Also there will always be some AAA game that will not work right away or maybe not even work after years because of copy-protection (looking at you PlanetSide 2).

                                                                                                                  Either through native support, Steam+Proton or Lutris there’s a a lot of games available on Linux. Compared to Macs you generally also have a choice of good 3D graphics cards (although this is improving for Macs I think, I haven’t kept up).

                                                                                                                  1. 0

                                                                                                                    It mentions needing Google Play Services (for notifications?). Does anyone know if it works (perhaps with reduced functionality) without Google Play services? Contemplating a Pixel 3a running Graphene

                                                                                                                    1. 2

                                                                                                                      Not really what you’re asking but I’m running the latest version (5.600) from F-Droid on GrapheneOS without Google Play services. This one works at least.

                                                                                                                      I do have the most minimal microg installed for running a Gcam port.

                                                                                                                      1. 1

                                                                                                                        Huh? Where do you see that? It’s working fine for me without Google Play Services on my OnePlus 6T running LineageOS! I’m sure the same would be true for a Pixel 3a running Graphene.

                                                                                                                        1. 1

                                                                                                                          “So why did we not update the app? It’s a combination of things. A major factor was the API level requirement by Google Play. “

                                                                                                                          Did I mis-understand? Likely… :) Good to know though, thanks!

                                                                                                                          1. 3

                                                                                                                            I think that sentence is referring to a Google Play (store) requirement (last year) that apps bump their targetSdk versions in AndroidManifest.

                                                                                                                            The main breaking change this resulted in is you have to add explicit runtime requests for some permissions that used to be requested at install time through AndroidManifest.xml

                                                                                                                            1. 3

                                                                                                                              Ah, the “API target level” is an Android app configuration option that determines what Android APIs you can use in your app. Google Play now requires that all apps increase this to a new minimum version. It has nothing to do with Google Play Services.

                                                                                                                              1. 1

                                                                                                                                Additionally to this, when Google decide to make a non backwards compatible change, they always do so by having the change only take effect when the app’s declared targetSdk version is >= the version in which the being change was introduced.

                                                                                                                                The second half of this is that a while later the Google Play store starts rejecting new apps with older targetSdk, so app devs don’t get to just leave everything on the oldest targetSdk value forever

                                                                                                                              2. 1

                                                                                                                                Ah… Thanks all!

                                                                                                                          1. 23

                                                                                                                            Even more of a shame is that Apple doesn’t allow other browser engines. So there is little gain in using Firefox on iOS. That being said I also run Firefox on iOS and prefer its UI to Safari.

                                                                                                                            1. 14

                                                                                                                              While I certainly understand that this is annoying—and I think that Apple should allow other browser engines—it is also a somewhat natural consequence of the iOS security model. JavaScriptCore is one of the few processes that has the com.apple.security.cs.allow-jit entitlement, which allows process memory to be both writable and executable.

                                                                                                                              Now that V8 can function in pure interpreted mode (no JIT), it would be great if Apple allowed Blink to be the backend for Chrome on iOS, but it’s relatively unlikely that this will happen. The performance impact would be noticeable. I’m not sure if SpiderMonkey can work in a W^X situation yet or if it would be feasible for Mozilla to swap out WebKit for Gecko in the first place.

                                                                                                                              I would personally never be comfortable jailbreaking my phone—the security implications are significant and the entire community seems to have a relatively laissez-faire attitude about releasing source code and security in general. Checkra1n is not only closed-source but the binary is obfuscated to make reverse-engineering difficult. Luckily, unc0ver and checkra1n both support the newest versions of iOS (assuming the hardware is supported by checkra1n), so it’s not a requirement to lag behind on security updates anymore.

                                                                                                                              1. 22

                                                                                                                                In my opinion, a security model that cuts this deeply into the ecosystem and customisability deserves only criticism. I don’t want to have such a platform for my personal computing needs. Security is nice, but my needs on my own machine come first. A device that is secure but doesn’t do what I want is useless to me. I need root access to make my machine do what I want because that is the only purpose the machine has: To do what I and only I want. I don’t need a machine that does what someone else wants - they should buy and maintain that machine if it serves them! The von Neumann architecture contains a memory that stores data and instructions. I don’t want to go back into computing stone age before von Neumann just because Apple (or anyone else, for that matter) thinks only they know what’s okay to execute. Without these permissions, modern computing is less exciting than the computers that existed 40 years ago.

                                                                                                                                1. 14

                                                                                                                                  I don’t want to have such a platform for my personal computing needs

                                                                                                                                  Nobody is making you. Contrary to what you appear to be claiming, it’s okay if some people like stuff you don’t personally enjoy. It’s okay if things you don’t personally want exist.

                                                                                                                                  I already have a desktop that runs everything, but that comes with it’s downsides - notably, that it runs everything. I sure as hell don’t want production ssh keys or banking passwords on it.

                                                                                                                                  Personally, I quite like the option of a secure device. I know the iphone is more secure - not because I’ve read the source, but because exploit brokers are paying $2m USD for a zero-day that targets the latest version, and I’m not protecting anything worth much more than $2m.

                                                                                                                                  1. 12

                                                                                                                                    Nobody is making you.

                                                                                                                                    That is not entirely true. Due to your readiness to relinquish control of your devices, I have to put up with more and more locked down ecosystems. Rooting gets harder as time goes on, not only on iPhones but also on Android devices. Android now has a quite powerful API to detect root and many popular apps just refuse to work when you have rooted your phone. Additionally, you almost always lose your warranty if you root your device. Vendors only get away with this behaviour because you all tolerate it. I ordered a PinePhone because it seems to me like it is the last bastion of free mobile phone computing, but the situation is actually quite dire, the PinePhone software is in beta version and there really isn’t much choice in open mobile phones at all.

                                                                                                                                    Contrary to what you appear to be claiming, it’s okay if some people like stuff you don’t personally enjoy.

                                                                                                                                    I make no such claim. I don’t care if you like My Little Pony but I care if you like locked down foreign-controlled computing platforms. Think about the consequences of your actions. You vote with your wallet, and if you vote for more authoritarianism, I will get it too.

                                                                                                                                    I know the iphone is more secure

                                                                                                                                    Frankly, I don’t see the reason why iOS would be any more secure than a properly maintained Linux or OpenBSD installation. The lockdown is largely security theatre and in Apple’s own interest.

                                                                                                                                    1. 4

                                                                                                                                      I have to put up with more and more locked down ecosystems

                                                                                                                                      Or not - as you’ve ordered a pinephone (more power to you - I’m excited to see how that space plays out).

                                                                                                                                      Frankly, I don’t see the reason why iOS would be any more secure than a properly maintained Linux or OpenBSD installation.

                                                                                                                                      I’m not nearly expert enough in security to weigh in on that front; however, the relative prices for exploits seem like a pretty damn good proxy for how hard a target something is.

                                                                                                                                      Given exploits sell for much more on ios, I’m going to default to ‘they cost more to produce because it is more secure’.

                                                                                                                                      This appears (to be mildly uncharitable) to be wishful thinking based on your dislike of lockdown (eg “lockdown is bad, therefore it doesn’t increase security”).

                                                                                                                                      if you vote for more authoritarianism, I will get it too

                                                                                                                                      Honestly? This is actually quite a powerful argument, and I’ll need to dwell on it awhile. Some entities are centralizing power far too much (apple & cloudflare come to mind) - even if they aren’t evil today, who knows what next year will bring.

                                                                                                                                      1. 10

                                                                                                                                        Or not - as you’ve ordered a pinephone

                                                                                                                                        For many people, this isn’t an option. Some governments require you to use an app (iOS or Android only) to access government services. So do some banks. If you have money or pay taxes, you may actually be trapped in one of the vendor-control-over-user-freedom ecosystems.

                                                                                                                                        1. 6

                                                                                                                                          Given exploits sell for much more on ios, I’m going to default to ‘they cost more to produce because it is more secure’.

                                                                                                                                          iOS exploit prices recently fell beneath Android exploit prices.

                                                                                                                                          1. 1

                                                                                                                                            Thanks for pointing that out (well worth considering when I’m next buying a phone).

                                                                                                                                            However, this was in reply to

                                                                                                                                            Frankly, I don’t see the reason why iOS would be any more secure than a properly maintained Linux or OpenBSD installation.

                                                                                                                                            Both android (2.5m) and ios (2m) remain significantly higher than a properly maintained Linux or OpenBSD install - an OpenSSL RCE goes for 250k and a Chrome RCE+LPE goes for 500k (less for other browsers).

                                                                                                                                          2. 3

                                                                                                                                            Given exploits sell for much more on ios, I’m going to default to ‘they cost more to produce because it is more secure’.

                                                                                                                                            I doubt that is the only parameter for the price. Popularity almost certainly another factor as well.

                                                                                                                                            1. 2

                                                                                                                                              You seem to be reflecting on this possibility already, but for those who might read this later and need a concrete example of why the popularity of Cloudflare for example might not be the best for the web at large: https://blog.torproject.org/trouble-cloudflare

                                                                                                                                            2. 3

                                                                                                                                              Frankly, I don’t see the reason why iOS would be any more secure than a properly maintained Linux or OpenBSD installation.

                                                                                                                                              The fact that you have to qualify with “properly maintained” is evidence enough: the former offers a more practical form of security for most people than the latter.

                                                                                                                                              1. 2

                                                                                                                                                OpenBSD would drain your phone battery in about 20 minutes. Same with FreeBSD. They’re not designed to keep the CPU in low power states. Too many drivers and applications cause interrupts and wakeups.

                                                                                                                                              2. 1

                                                                                                                                                So where do you keep production SSH keys if not on a PC? Maybe a Chromebook or iPad?

                                                                                                                                                1. 1

                                                                                                                                                  In general I think that’s much safer against getting copied away, yeah.

                                                                                                                                                  Unfortunately it’s not quite as practical. The desktop has all sorts of advantages, like a good keyboard, a copy of the source code etc.

                                                                                                                                                  The security benefits have to be weighed against the risk of prolonging an outage.

                                                                                                                                              3. 13

                                                                                                                                                The issue that you are ignoring is that Apple is developing security to the lowest denominator. It’s not users like you they are trying to protect. It’s the end user that has no idea they need to be protected. Apple has chosen to deeply embed security to protect those users. If Apple gave us a way to turn off the security. That would be used by bad actors to disable these users, who would then accuse Apple of not protecting them.

                                                                                                                                                So while I do wish that I had more freedom, I do appreciate that I don’t have to deal with the trash ecosystem that is the Google Play store. And in this case I am willing to give up some freedom to not have to worry about getting owned by some random websites or store app.

                                                                                                                                                1. 10

                                                                                                                                                  The issue that you are ignoring is that Apple is developing security to the lowest denominator. It’s not users like you they are trying to protect. It’s the end user that has no idea they need to be protected. Apple has chosen to deeply embed security to protect those users. If Apple gave us a way to turn off the security. That would be used by bad actors to disable these users, who would then accuse Apple of not protecting them.

                                                                                                                                                  That literally is just Apple Apologist. And “We’re sorry, the user is too stupid to own their hardware that they paid for”. Really now?

                                                                                                                                                  Fine. If I had bought an Apple phone, I should be able to go into a Apple store and have them provide me root creds. And guess what? They’ll laugh you right out.

                                                                                                                                                  So while I do wish that I had more freedom, I do appreciate that I don’t have to deal with the trash ecosystem that is the Google Play store. And in this case I am willing to give up some freedom to not have to worry about getting owned by some random websites or store app.

                                                                                                                                                  And with Android, I can install other app store sources, namely FDroid. Others exist as well. Android devices are more mine… Still, with that pesky Google crap.

                                                                                                                                                  The one I’m watching is the Pinephone. Real Linux. I’m root, and end of story.

                                                                                                                                                  1. 6

                                                                                                                                                    That literally is just Apple Apologist.

                                                                                                                                                    Not the person your replying to, but from my experience interviewing with their security engineering and architecture team, that is their perspective. Any off-switch is an off-switch that can be socially engineered.

                                                                                                                                                    1. 9

                                                                                                                                                      Too true. But that social engineering can occur as complex as a callback from a scam banker on the call with your real banker, and MiTM’ing your conversation, to as something as banal as “can you give me your CC#, expir date, and cvv”

                                                                                                                                                      I’m not arguing that disabling protections should be easy. But Apple, with IOS, is saying “its impossible, its not your device, go away”. That’s the root of my argument, that keeping away my full and unfettered access is akin to a rental agreement, and not a proper sale.

                                                                                                                                                      1. 2

                                                                                                                                                        A genuine question, because the number of times this argument has been had on the internet probably is comparable to the number of devices Apple has sold:

                                                                                                                                                        Do you honestly believe, at this point, that there is anyone left who is persuadable – either to your viewpoint, or to the viewpoint you think you’re arguing with – and has not yet been persuaded?

                                                                                                                                                        And in a larger sense, do you believe that articles like the one at the top of this thread serve any useful purpose? I ask because it just strikes me as saying “It turns out that what Apple claims they do, and what we all knew they do, is in fact what they do”. As such it does not inform, and nor, it seems, does it persuade.

                                                                                                                                                        1. 1

                                                                                                                                                          Yes I honestly believe, even at this point, it is useful. Because “everyone knows” means “today’s lucky 10000”: see https://xkcd.com/1053/.

                                                                                                                                                          1. 1

                                                                                                                                                            I don’t buy it. Anything involving Apple on a tech forum has been guaranteed repetitive flamewar territory for decades at this point. So the idea that there are mass numbers of people on tech forums who would be encountering this for the very first time in any given thread is not plausible to me (except perhaps for the case where the forum in question is demonstrably growing on the order of hundreds of thousands to millions of new users per day or at most per week, which this site is not).

                                                                                                                                                            Or maybe to go with an analogy: I could believe that someone who’d been driving for years might not know what every single possible warning light on the instrument panel means. I would have a harder time believing a claim like “never heard of a steering wheel” or “no idea what a brake is”. Similarly, I could believe someone who frequents tech forums might encounter certain topics for the first time, and might even do so on a regular basis as well-known reposts make the rounds every so often. I have a very very hard time believing that someone who frequents tech forums would never have encountered a flamewar about Apple and thus would be genuinely naîve about them.

                                                                                                                                                        2. 2

                                                                                                                                                          Think of the phone like a Cisco switch/router: you own the hardware, but the firmware/OS is theirs and you cannot sell or redistribute it. They do not have to give you access or tools to replace the firmware/OS either.

                                                                                                                                                      2. 2

                                                                                                                                                        You are so deep in the minority of consumers it’s not even a blip on anyone’s radar

                                                                                                                                                      3. 2

                                                                                                                                                        I agree. So many people’s lives are on their phones now, it would be irresponsible not to enforce as rigorous as a security regime as possible.

                                                                                                                                                        1. 6

                                                                                                                                                          But that’s not Apple is selling. Apple is selling hardware. Keyword is “selling”.

                                                                                                                                                          If you want a dumb terminal or a managed end-user device, then it needs to be sold as a rental or managed device, and not a sale.

                                                                                                                                                          1. 10

                                                                                                                                                            If you want a dumb terminal or a managed end-user device, then it needs to be sold as a rental or managed device, and not a sale.

                                                                                                                                                            why? People seem to be happy to purchase the phones and not worry about the operating system at all. I’m sure people would also buy a iPhone subscription - but that’s in the hands of the business analysts from Apple.

                                                                                                                                                            To me it looks like you’re projecting your expectations from soft- and hardware vendors onto other people.

                                                                                                                                                            1. 19

                                                                                                                                                              Prior to software being incorporated into all sorts of things, things you bought were yours.

                                                                                                                                                              If I wanted to use a shovel to shovel dirt, thats my business. Same for cow manure. Same for scooping hot asphalt. And I can also use a shovel for ‘non-shovel-intended’ things, like using it as a prybar. And if the wooden handle broke, I could replace it. And I can sharpen the blade as I choose.

                                                                                                                                                              With software, the stuff we bought is controlled by someone else. Its no longer ours, but instead mediated by a 3rd party, whom usually isn’t in your interests. I look at Tesla cars, Apple phones (and creeping to their laptops), all ranges of IoT crap, John Deere, Sonos speakers and the drm timebomb, and more. InternetOfShit on twitter focuses on the IoT side of things… but this realm dwarfs IoT.

                                                                                                                                                              To me it looks like you’re projecting your expectations from soft- and hardware vendors onto other people.

                                                                                                                                                              No. I’m just tired of having ownership of my stuff being whittled away with software, API, and website lock-in. “Sorry, you bought it but you can’t do X because we didn’t approve it.”. And I would dare-say that most average (non-IT) people aren’t aware of it, UNTIL it bites them in a non-intuitive and terrible way.

                                                                                                                                                              1. 1

                                                                                                                                                                If I wanted to use a shovel to shovel dirt, thats my business. Same for cow manure. Same for scooping hot asphalt. And I can also use a shovel for ‘non-shovel-intended’ things, like using it as a prybar. And if the wooden handle broke, I could replace it. And I can sharpen the blade as I choose.

                                                                                                                                                                Shovels don’t exist in a world where people can use the design flaws in other peoples’ shovels to automate fraud.

                                                                                                                                                                1. 8

                                                                                                                                                                  You took the argument I was making in pretty bad faith there.

                                                                                                                                                                  The more that software takes over stuff, the less ownership we have in it. My repair-ability is nigh 0 with the further locked down platforms. I’m relegated to running cracks from shady sites in the hopes I can free my hardware/software.

                                                                                                                                                                  While fraud is a important thing to stop, locking down platforms only serves to further a monopoly at its root. Fraud is only a secondary effect - captive users locked into a platform is the primary goal. And its no wonder why they don’t want to ‘let’ users have the freedom they should have had.

                                                                                                                                                                  1. 2

                                                                                                                                                                    People also still fall for all kinds of fraud despite that security model, and malicious apps still get past the app stores review.

                                                                                                                                                  2. 7

                                                                                                                                                    Yes I know. I really miss my extensions. But having sync is a bliss and at least something, better than nothing.

                                                                                                                                                  1. 2

                                                                                                                                                    I wonder how hard it is to get this working on SailfishOS since that needs a good native browser.

                                                                                                                                                    1. 5

                                                                                                                                                      Note that while its HTML and CSS support is serviceable, its JavaScript support is not. Consider it equivalent to running other browsers with NoScript extension.

                                                                                                                                                      1. 6

                                                                                                                                                        This sounds more like a recommendation than a negative to me, since I do most of my browsing with NoScript enabled!

                                                                                                                                                        1. 3

                                                                                                                                                          There’s JS improvements on 3.10.

                                                                                                                                                          Have you tried it, or are you speaking from experience with previous versions?

                                                                                                                                                          1. 3

                                                                                                                                                            I haven’t tried 3.10 yet, so I am speaking from the past experience. But it also matches what they are saying themselves.

                                                                                                                                                        1. 4

                                                                                                                                                          Window Manager: i3

                                                                                                                                                          As an Emacs user, what’s the benefit of using i3 over EXWM?

                                                                                                                                                          This makes it not a great fit for trivial editing tasks, such as commenting out a line of configuration on a server via SSH.

                                                                                                                                                          Are you aware of TRAMP in Emacs? It makes Emacs perfect for this task.

                                                                                                                                                          1. 6

                                                                                                                                                            They’re the creator of i3, so I would guess they prefer its use case.

                                                                                                                                                            Additional does EXWM still run into the single thread model of emacs?

                                                                                                                                                            1. 1

                                                                                                                                                              Yes, but it has not been much of an issue for me.

                                                                                                                                                              Between i3, StumpWM and EXWM I’d say they’re all perfectly usable and come down to personal preference. Although i3 is the most polished and requires the least configuration.

                                                                                                                                                            2. 2

                                                                                                                                                              I haven’t used EXWM, so I can’t say. In general, I find Emacs Lisp code not very easy to debug, which may just be because I write very little of it (lack of practice), so I’m a bit hesitant to use it for anything so loadbearing to my workflow as window management.

                                                                                                                                                              I am aware of TRAMP and use it. However, in some scenarios, it is significant work to get the environment set up (think weird SSH tunneling setups, or bare-bones installations), so it’s faster bottom-line to just use another editor than to start TRAMP.

                                                                                                                                                              1. 3

                                                                                                                                                                I find Emacs Lisp code not very easy to debug, which may just be because I write very little of it (lack of practice),

                                                                                                                                                                Edebug makes Elisp debugging super comfortable. Basically you evaluate a function or top-level expression any using “C-u C-M-x”, and then every time it’s invoked you step through the evaluation visually.

                                                                                                                                                                But regarding EXWM, it’s afaik still considered experimental, and if you already have a window manager you’re familiar with (coincidentally), then I don’t think there’s much to gain.

                                                                                                                                                                What I would rather wonder is if you use i3 instead of the “built-in” Emacs window manager via packages like https://github.com/davidshepherd7/frames-only-mode or similar concepts?

                                                                                                                                                                1. 3

                                                                                                                                                                  Thanks for the explanation.

                                                                                                                                                                  I know there is e.g. https://github.com/vava/i3-emacs, but I’m not using it: for me, Emacs is just one window among others.

                                                                                                                                                            1. 3

                                                                                                                                                              This is one of my favorite Lisp features that is not often replicated (as well) in other languages / environments (and definitely not 20 years ago). It also makes it easy to diagnose and debug issues.

                                                                                                                                                              However it also makes it easy to screw up one’s production environment and it takes discipline to make sure the changes one does in the live environment are also reflected in the source code.

                                                                                                                                                              1. 2

                                                                                                                                                                it takes discipline to make sure the changes one does in the live environment are also reflected in the source code.

                                                                                                                                                                this is actually easy to do by not developing in the live environment.

                                                                                                                                                                I’d like to add that there is no “dive in or reject” choice here. One can use this when it makes sense, like to reload a user’s settings in my case, and in doubt, safely restart the app.

                                                                                                                                                              1. 2

                                                                                                                                                                I think I’m not much different from what other people have written, although I do fight my OS about Desktop, Music, etc., except Downloads, I’ve given up on that. So Downloads remains and I have the evergreens other people have: bin, projects, etc. For wildcards I have (besides Downloads): dump.

                                                                                                                                                                One thing I do have to offer is syncing services. I have been trying out a couple after starting with Dropbox years ago and I don’t fight them, since some are not very flexible about where they want their folder to be. Instead I have sync in my home folder which I symlink to whatever service I’m currently using. It makes it easy to switch without having to update scripts and other stuff.

                                                                                                                                                                1. 24

                                                                                                                                                                  I tried Spacemacs for a bit, but it broke almost every time I tried to update or install on a new system. I then tried DoomEmacs, which seemed like a step in the right direction, except that had it’s own suite of problems. Overall my general impression of Emacs is that it’s a bloated piece of legacy software that people keep tacking things on for reasons that I can’t understand. I see VSCode going the same route, just in JS instead of Lisp and C.

                                                                                                                                                                  1. 18

                                                                                                                                                                    Emacs is that it’s a bloated piece of legacy software that people keep tacking things on for reasons that I can’t understand.

                                                                                                                                                                    Because it has everything I need, except that one little thing, and I can tack that one on by just whipping up some Lisp functions. What’s so hard to understand?

                                                                                                                                                                    1. 3

                                                                                                                                                                      The idea that everything needs to be crammed into the text editor is the concept that I don’t understand and does not work for me. I don’t care if it works for you, but my experience with emacs has not been pleasant and I do not intend to go back.

                                                                                                                                                                      1. 5

                                                                                                                                                                        It helps if you think about it kind of the otherway around. It’s a highly flexible tool that also has a text editor.

                                                                                                                                                                        1. 4

                                                                                                                                                                          The idea that everything needs to be crammed into the text editor a single program is a concept that I don’t understand and does not work for me.

                                                                                                                                                                          1. 8

                                                                                                                                                                            You know how people make jokes like “Emacs is a great operating system; if only it had a good text editor”?

                                                                                                                                                                            It makes a lot more sense when you realize that’s not actually a joke.

                                                                                                                                                                            1. 6

                                                                                                                                                                              Did you ever try “vanilla” Emacs? (+EVIL if that’s your thing? Non-modal editing is half the reason why I use Emacs but that’s obviously just a personal preference)

                                                                                                                                                                              I’ve used Emacs for a very long time and a few years ago I thought I’d give Spacemacs a try, largely because I was thinking of declaring .emacs bankruptcy and having everything pre-configured looked like a good idea. My experience mostly matched yours – lots of things kept breaking, and since the whole thing is pretty complex, it broke in ways that I didn’t really want to debug. Figured I’m way better off just doing my own thing. Most things are pretty plug’n’play these days, I just (require some thing or another, and the rest is my personal configuration. My current emacs config files, which cover the (very substantial) subset of spacemacs that I use, are maybe 300 lines, at most? And I can’t remember the last time I “fixed” something in it.

                                                                                                                                                                              I tried mg and some uemacs flavours back when I was going down the suckless rabbithole and valiantly avoided bloat in the name of purity and Unix philosophy. Nowadays I kindda like emacs’ “bloat”. It’s not like I activate all of it and every piece of bloat is one less thing that I have to write myself when I need it.

                                                                                                                                                                              1. 1

                                                                                                                                                                                If I recall I tried a minimal setup with just a package manager and EVIL mode, but still didn’t really care for it. The default emacs keybindings don’t work for me, they make my hands hurt so I at least need EVIL mode.

                                                                                                                                                                                My comment about emacs bloat is also both about the plugin ecosystem and the codebase of emacs itself. Even the emacs developers are afraid to touch certain parts of the code (in particular, the rendering engine) because it’s overly complicated and brittle, and that’s also caused some issues for me.

                                                                                                                                                                                1. 2

                                                                                                                                                                                  Why the “plugin ecosystem” (by which I assume you mean packages)? Sure, you have comprehensive and extendable modes (Org, Gnus, SLIME, etc.) but most packages really aren’t “bloated” in any sense of the word.

                                                                                                                                                                                  And the issue with the rendering engine is historical/related to the fact that emacs has multiple front-ends. The reason it’s not experimented with too much is so that issues are avoided, so I’m not sure what you’re talking about?

                                                                                                                                                                          2. 3

                                                                                                                                                                            If you look at what one does on a computer, perhaps in the past more so than now, a lot of it is manipulating text.

                                                                                                                                                                          3. 1

                                                                                                                                                                            And why do you need a terminal emulator and a calendar in a text editor??

                                                                                                                                                                            1. 6

                                                                                                                                                                              In case you’re serious:

                                                                                                                                                                              A terminal emulator with editing abilities is actually quite nice. In Eshell, for example, I can search output, highlight certain patters (either manually or automatically) or “flush” the output of a previous command. Copying and editing is just as easy The same is true for any debugger or a repl.

                                                                                                                                                                              And I guess I could live without a calendar, but I still like to have it because it’s not part of a text editor to me, but an iterative computing environment, just like a DE to some and a shell to others. And having something like a calendar or a calculator integrated into a unified workflow is something I think even non-Emacs users can relate to.

                                                                                                                                                                          4. 3

                                                                                                                                                                            it’s own suite of problems

                                                                                                                                                                            Like what?

                                                                                                                                                                            1. 5

                                                                                                                                                                              The UI would randomly break (especially with Magit), EVIL mode would occasionally fail to switch modes properly and space (the default leader) couldn’t be typed, as it would activate the leader UI in all cases and never make it into the buffer as a character. That last issue was a problem with Spacemacs too.

                                                                                                                                                                              1. 3

                                                                                                                                                                                The UI would randomly break (especially with Magit)

                                                                                                                                                                                With or without Evil?

                                                                                                                                                                                1. 8

                                                                                                                                                                                  With Evil. I never ran without it, it’s whole reason I considered Emacs in the first place. It easily has the best vim emulation layer out there. Every other one I’ve used has had quirks that made them virtually unusable for me.

                                                                                                                                                                                  1. 3

                                                                                                                                                                                    magit was built without evil in mind, in fact, if it’s not because of vim, there’s no reason for evil at all

                                                                                                                                                                            2. 3

                                                                                                                                                                              Overall my general impression of Emacs is that it’s a bloated piece of legacy software that people keep tacking things on for reasons that I can’t understand.

                                                                                                                                                                              Its worth pointing out just how old Emacs is. Emacs was first release in 1976 making it 44 years old. So for comparison lets take another editor that was released the same year: vi. vi has had major re-implications and forks to add additional extensible. Emacs has been largely unchanged but changes the internal components that make up the editor.

                                                                                                                                                                              1. 4

                                                                                                                                                                                There have been many forks of Emacs over the years; that we have (basically) only one implementation now is just an artifact of history.

                                                                                                                                                                                1. 4

                                                                                                                                                                                  Yeah very true. I actually mentioned this in my original post, but I edited it out because I had 3 paragraphs of text where I said very little.

                                                                                                                                                                            1. 34

                                                                                                                                                                              My view when systemd first crossed my radar (around the time Debian was making it’s decision about supporting/adopting systemd or not), I of course saw a lot of commentary about the negative aspects of the project.

                                                                                                                                                                              I’d imagine those criticism are still true: it seems unlikely the people involved in this have softened their views or language.

                                                                                                                                                                              But what has changed is my appreciation for the technical benefits of systemd as an init manager (and a few related tasks, e.g. the timers stuff to replace cron). I’m not that thrilled about the ever-increasing scope of the project as a whole, but I don’t use Linux as a desktop OS, so I think I’m shielded from a lot of the impact it has on e.g. Gnome etc.

                                                                                                                                                                              I tried (and eventually succeeded, from memory) to write an init script for a process, using the Debian provided ‘start-stop-daemon’ and an existing init file as a guide. This was not a productive or enjoyable experience for me, at all. I’d say I’m quite comfortable with shell as a scripting language in general, but the idiosyncrasies of producing a reliable init script were confusing and non obvious to me at the time.

                                                                                                                                                                              These days, I don’t think twice about either creating new systemd units, or using drop-ins to customise existing ones - does everything always work the first time? No. Is it an order of magnitude easier than a sysvinit script (IMO) to identify why it doesn’t do what you expect, and find a solution that will do what you expect? Generally yes.

                                                                                                                                                                              Edit: typo

                                                                                                                                                                              1. 17

                                                                                                                                                                                This is the thing I’ve loved most about systemd. Writing an init script for one distribution is a PITA. Writing one that works on multiple different linux distros makes me tear my effing hair out. The complexity of writing a shell script that conforms to certain parameters with a wide variety of “helpers” seems out of whack with what I want to do: ie: fire up a process and leave it in the background.

                                                                                                                                                                                Also, an init system that cannot track what child processes it has started, and needs a complicated system of pidfile management to control the process that doesn’t even work in many cases (it breaks as soon as the machine or process crashes, or gets killed without the proper signal being sent beforehand), is barely able to call itself “an init system”. It’s just what we always had, so in the proper UNIX way, everyone just dealt with it and nobody pointed out the big elephant in the room, in that it sucked hard.

                                                                                                                                                                                Now. systemd has it’s problems, and over-reach is definitely in there. I can’t count the number of times that I’ve had to figure out the “new hotness” way of configuring a GD static network interface, and every time I look at it systemd has new capabilities that it probably shouldn’t have. ( Following jwz’s maxim, I can’t wait for the systemd mail client), but pretending sysvinit was all good was insanity.

                                                                                                                                                                                1. 12

                                                                                                                                                                                  It always bothers me a bit when systemd is compared to just init scripts, because those are not the only two options available (and never have been). I don’t really blame the casual Linux user like you, but on more than a few occasions the systemd people used “well, in init scripts it sucks even worse” as fallacious defence of their own shortcoming (you don’t need to rant, rave, and insult to be toxic).

                                                                                                                                                                                  1. 7

                                                                                                                                                                                    The only commonly used init system in Linux, used by all the major distros, was sysvinit. Yes, there was OpenRC, and upstart, and others, but none of them were ever widely adopted. Yes, Ubuntu developed upstart and it solved some of the problems in sysvinit, but was never widely adopted, so if you were writing a daemon for anything other than ubuntu, it was back to sysvinit, and all the pain that entailed. It’s great that there are other init systems that solve the problem, but if none of them are ever adopted, there’s really no value in it for people who write daemons.

                                                                                                                                                                                    1. 7

                                                                                                                                                                                      OpenRC is essentially just a continuation of sysV init, with all problems with it. I actually just have OpenRC start runit on my Alpine system, as that’s just easier than writing those scripts. I never looked at upstart.

                                                                                                                                                                                      daemontools and the various projects it inspired (runit, s6, freedt, a few others) always seemed like a good solution to me. It solves most of the issues from SysV init and gives 90% of systemd for most use cases, but in a much smaller package. I don’t know why it was never widely adopted; perhaps it was timing, lack of documentation, lack of advocacy, or something else.

                                                                                                                                                                                      1. 3

                                                                                                                                                                                        Ah, daemontools. I can answer that one. Daemontools started as a project by Dan J Bernstein (hereafter referred to as djb), who is a brilliant mathematician and cryptologist, but the license for some of his projects, including daemontools is … troubling to a lot of the distributions, and he can be, well, prickly, to put it politely.

                                                                                                                                                                                        Wikipedia has the license as Public Domain, but ISTR that if you didn’t distribute it precisely as was specified he would complain a lot. It meant that a lot of distributions that wanted to use his software shied away from it.

                                                                                                                                                                                        It’s pretty awesome, but it still doesn’t solve a lot of the pain points that systemd solves.

                                                                                                                                                                                        This is all vague rememberings from about 20 years ago, but having dealt with djb in the past, I can definitely understand the reticence on the part of distributions to package his software, or rely on it for critical functionality. He makes Lennart look like a softy in comparison.

                                                                                                                                                                                        1. 3

                                                                                                                                                                                          For daemontools, it’s likely the fact that djb has a tendency to release a project and then immediately stop maintaining it, so there becomes a slurry of patches with no canonical blessed set for distros to maintain, and no upstream merging them.

                                                                                                                                                                                          1. 2

                                                                                                                                                                                            Yeah, that partly explains daemontools; there’s also the whole license issue, which didn’t become clear until 2007 (when djb finally released his stuff as public domain; before that he rejected that a license was needed at all; also a problem with qmail, djbdns) which is why people needed to maintain patches instead of a “daemontools-maintianed” repo or whatnot.

                                                                                                                                                                                            But runit stems from 2004, and there are other daemontools-like systems from the same time period. So I don’t think that djb’s idiosyncrasy fully explain it.

                                                                                                                                                                                          2. 2

                                                                                                                                                                                            runit is used in Void Linux which is a somewhat popular non-SystemD distro. It’s straight-forward to use.

                                                                                                                                                                                            1. 1

                                                                                                                                                                                              Yeah, I use Void; it’s comparatively small though (although gaining in popularity a bit as an Arch alternative, partly thanks to runit).

                                                                                                                                                                                          3. 3

                                                                                                                                                                                            Even if you were just targeting Ubuntu, upstart was pretty buggy and feature deficient. You could wedge it so bad that you had to reboot while iterating on a job. I’m pretty happy that systemd takes a features-welcome approach. Every time I think that I’ll have to use a shell stub I can find what I need with some man page searching.

                                                                                                                                                                                          4. 2

                                                                                                                                                                                            Right, I’m aware there are other options out there, and you’re right they should be part of the conversation when a distro is making decisions about what init to support in its packages.

                                                                                                                                                                                            But, for someone using a distro, even someone writing packages for a distro, you need to support what the distro supports. Yes you could also support extra init systems but you need to support what the distro supports.

                                                                                                                                                                                            1. 2

                                                                                                                                                                                              Yeah, I’m not faulting you for not mentioning it in your previous comment, it’s more of a general commentary about the wider discussion 😅

                                                                                                                                                                                          5. 5

                                                                                                                                                                                            I’m genuinely curious how someone can downvote an opinion as “incorrect”.

                                                                                                                                                                                            Oh wait never mind I just remembered this is the internet and someone will always be there to say “you’re wrong”

                                                                                                                                                                                            1. 6

                                                                                                                                                                                              I’ve had all sorts of things -1’d as “incorrect” or “troll” where I really struggle seeing how either can apply. Write a lengthy reply going out of my way to make sure it’s nuanced: -2 troll… Great, thanks 😒 Like you said: welcome to the internet 🤷‍♂️

                                                                                                                                                                                              1. 3

                                                                                                                                                                                                I’ve noticed this as well. Lobsters has always had explicit downvote reasons to discourage downvoting for silly things like “I disagree” or “your opinion clashes with my worldview and I’m salty.” But as we’ve grown I see those kinds of downvotes more and more.

                                                                                                                                                                                            2. 1

                                                                                                                                                                                              Systemd definitely achieves several good things, but it has technical, social and political faults. It is an improvement over init scripts, but it is also many other things — and some of those are strict regressions (I am thinking specifically of how it wantonly breaks nohup). Is systemd-as-it-is an improvement over a better system which doesn’t exist? I really don’t know.

                                                                                                                                                                                              1. 1

                                                                                                                                                                                                The kill-user-processes-on logout thing is no doubt annoying the first time you encounter it, but I’d suggest that it’s at worst a case of incorrect defaults (I honestly don’t even know what the upstream or distro defaults are).

                                                                                                                                                                                                I’m certain it has technical/approach faults, but in the grand scheme of things that one is pretty easy to ‘solve’.