1. 23

    Typical Google using 90s Microsoft style strategies.

    I’ll bet they’re blocked because they’re not allowing some of the more dastardly ReCAPTCHA v3 nonsense that is a massive privacy risk.

    1. 3

      Embrace, Extend, Lock-in. The SaaS equivalent of EEE.

    1. 4

      Bash. I never have to guess if it’ll be there. I work with lots of systems that I don’t have direct control over, so it makes sense to use the default. At least on Linux.

      I’ll suffer through tsch on FreeBSD for root, but my users will use bash.

      1. 4
        • os: gentoo
        • terminal: rxvt-unicode
        • shell: bash
        • wm: dwm
        • editor: vim
        • browser: firefox
        • music: mpd + ncmpcpp
        • email: mutt
        • irc: irssi

        Other chat protocols are handled by bitlbee (including twitter). My work and home setups are mostly the same, but at work I use weechat and wee-slack since we use slack (ugh) and I have chromium around to deal with hangouts for work reasons.

        After that just a smattering of the usual suspects like various interpreted languages languages (mostly perl), compilers, ssh, mpv, and other things that I touch less frequently.

        1. 34

          This seems like a massive boondoggle and a potential security issue.

          1. 35

            That’s systemd for you.

            1. 6
              From The Collaborative International Dictionary of English v.0.48 [gcide]:
              
                boondoggle \boon"dog*gle\ v.
                  [...]
                   2. a useless, wasteful, or impractical project; -- especially
                      one authorized by a government agency as a favor to
                      partisans, to employ unemployed people, or in return for
                      corrupt payments.
                      [PJC]
              

              Today’s new word :)

            1. 12

              I’m curious what Perl (either version) is used for these days.

              In the past I saw it used as a glue language for things like ad-hoc build/test pipelines, or a shell replacement when shell scripts became unwieldy. Nowadays CI tools or Python usually fill those roles.

              Personally I have no interest in working with Perl6. They doubled-down on everything I disliked in Perl5, and I think the language tries to be too clever. Too much “magic” and too many ways to do things for my liking. I’ve got better things to do than memorize a hundred special variable.

              1. 7

                Booking.com and DuckDuckGo run on Perl. (5, which is the only Perl.) I worked at Booking for two years, used Perl in anger, and grew to like it. It’s still and has always been a perfectly good Python/PhP/Ruby alternative.

                I wouldn’t write anything new in Perl, but more because of the difficulty of finding people who could work on it than any fault of the language. Fashion is a cruel top.

                1. 3

                  I got in charge for a large Perl5 codebase by forking an abandoned project and we still consider Perl5 its original sin. I don’t think it’s an adequate alternative to anything but AWK one-liners (I still use it in that role and not going to give up—but that’s about it).

                  Even with strict and warnings, so many things just pass silently. Sure, you can unit test it, but other languages that aren’t untyped can just detect it on their own, and produce an informative exception trace. The difference is especially noticeable in glue code that is hard to unit test. Its garbage collector still can leak memory in situations everyone else’s could handle a decade ago. The context thing (with default context almost never being documented) is still a minefield.

                  The community part is important too. A lot of people had been telling us they would be happy to contribute, if it wasn’t for Perl. We’ve been steadily replacing it with Python, and it’s been an improvement all around. Code is easier to read, problems are detected earlier, and contributor activity is much higher.

                  1. 4

                    on the other hand the old farts who know perl might be more competent than the young hipster python programmers. that’s a heuristic i often use when evaluating projects: if the community is older they are less likely to do dumb shit.

                  2. 7

                    I use it for personal projects, mostly because I’ve invested the time to learn it well.

                    I don’t think much new stuff is being written in Perl, but there’s plenty of maintenance.

                    1. 6

                      Currently gainfully employed and writing perl is part of my job, yes some of it is maintenance, but I also write new things in it as well. I also write go, python (grudgingly), shell, and some C++ here and there too.

                      I, personally, would be very happy to see this change. Perl6 has some neat ideas that I’d love to flex some day, but Perl5 needs to move on. No reason they both can’t co-exist.

                      The notion that Perl is dead dead dead dead is a tiresome one at this point.

                      1. 5

                        I do it for a living in webdev (backend) and deployment automation.

                        1. 4

                          I’ve never used perl5, but I discovered perl6 recently and am in love. Good for: desktop applications (assuming they don’t get too big), scripts, web applications. It essentially obviates metaprogramming because anything you could possibly want to metaprogram is already in the language (including metaprogramming, in case you want that for some reason). That means that you have less to memorize than with any other language, because once you know it, you know it. There are no codebase-specific bespoke constructs you have to learn; it’s pretty much all straight perl6 because straight perl6 is already good enough.

                          1. 1

                            desktop applications web applications That’s interesting! What do you use?

                            1. 4

                              For desktop, there are various bindings to GTK and SDL; for web, cro is the current state of the art.

                        1. 7

                          The end of controlling what you see on the Web is coming.

                          1. 27

                            Not if you switch to Firefox :)

                            I really hope Google is shooting themselves (and Chrome’s market share) in the foot with this move… but somehow I doubt it.

                            1. 7

                              Firefox development is mostly funded by Google. I can’t imagine them doing much to piss Google off.

                                1. 13

                                  This actually sounds reassuring:

                                  Regardless of what happens with Chrome’s manifest v3 proposals, we want to ensure that ad-blockers and other similarly powerful extensions that contribute to user safety and privacy remain part of Mozilla’s add-ons ecosystem while also making sure that users are not being exposed to extreme risks via malicious use of powerful APIs.

                                  1. 8

                                    making sure that users are not being exposed to extreme risks via malicious use of powerful APIs.

                                    This part is scary.

                                    1. 1

                                      Yeah, but …

                                      We have those APIs now isn’t it ? And the world isn’t collapsing.

                                      1. 4

                                        The scary part is that Firefox thinks it’s their job to decide how users use their own computers.

                                        1. 18

                                          It’s kind of impossible not to if you’re creating consumer facing software, isn’t it?

                                          1. 4

                                            It’s one thing to provide safe defaults, and another thing entirely to ensure that those defaults can’t be overridden.

                                            1. 12

                                              If it’s about the signed extension thing, please read about the history of that feature It is not based on threat models and predictions. It was done this way to get rid of adware that was auto-installing itself and making real-world people’s lives worse. It has to be hard-coded into the EXE, because it’s only the EXE that Windows performs signature checks on and that Mozilla can sue adware developers for impersonating.

                                              1. 2

                                                Alright. If it doesn’t affect people building from source, I guess it doesn’t matter.

                                                1. 2

                                                  So… block it on Windows?

                                              2. 3

                                                It’s one thing to provide safe defaults, and another thing entirely to ensure that those defaults can’t be overridden.

                                              3. 3

                                                I never understand this sort of rhetoric.

                                                I maintain quite a few open-source projects, and contribute to others. They all make choices about what they support and what they don’t. Is it sinister of them to do so? Many of them don’t provide any sort of toggle to make them support things the developers have chosen not to support, which is what you seem to object to. Is that really controlling behavior, or just developers disagreeing about what should be supported?

                                                1. 1

                                                  My issue is that it’s user-hostile to prevent users from doing what they want with their computers. Firefox runs on my computer; I as an end user — and my grandparents as end-users — should be free to determine which extensions I run within Firefox. It’s not Mozilla’s computer to control. The ability to choose how to use one’s computer shouldn’t be reserved to developers: it should be available to everyone.

                                                  1. 0

                                                    Mozilla is free to develop the software they want to develop. You’re free to not use it.

                                                    You don’t have the right to force them to develop something they don’t want to, but you seem to be trying to assert such a right.

                                        2. 2

                                          Or, rely on blocklists: https://firebog.net/ I’ve got a little side project to automate it: https://gitlab.com/dacav/myofb

                                          If you want something more complex, more popular, more user-friendlly: pi-hole

                                          1. 3

                                            Until they fully control DNS as well with something like DoH.

                                            1. 1

                                              Ah, this cat-and-mouse thing! :) Let’s try. You play adversary :)

                                              My next move is to use the blacklist to place a filter at firewall level instead of using it at dns level.

                                              Your move

                                              1. 1

                                                Or use /etc/hosts

                                                1. 1

                                                  That’s actually one of the options of my scripts: populating /etc/hosts. :)

                                                2. 1

                                                  Proxying ads through the website you want to see, so the ad urls are http://destination.com/double click/ad/1234

                                                  1. 1

                                                    Definitely. But the website gets a performance penalisation, I think.

                                                    Plus, I’m wondering, will it be as effective for the trackers to deal with the tracked browser with a proxy server in between? (maybe, maybe not).

                                                  2. 1

                                                    I place Ads and DoH on the same IP address as the CDN that millions of websites use.

                                                    1. 1

                                                      Wait what? I don’t get this one. How many millions of websites are passing through the same IP address? Can you elaborate?

                                                      1. 1

                                                        Many of the ones that sit behind CloudFlare and Fastly.

                                        1. 1

                                          Not every technical document begins with multiple quotations, I don’t know if that’s a good thing.

                                          I once impressed a coworker by telling them how to rm a file beginning with a hyphen (I had just read about it 2 weeks previously).

                                          1. 2

                                            That was an interview question we used for a while. One guy said his preferred method was to cd up and nuke the whole directory.

                                            1. 2

                                              (This is a rewritten version of my original reply, as I cannot any longer edit it).

                                              One guy said his preferred method was to cd up and nuke the whole directory.

                                              Wow.

                                              The method I learned, and used when helping my coworker, was the -- option to rm.

                                              Nowadays rm seems to detect this and gives a help text:

                                              $ rm -testfile
                                              rm: invalid option -- 't'
                                              Try 'rm ./-testfile' to remove the file '-testfile'.
                                              Try 'rm --help' for more information.
                                              

                                              This option is included in this article https://kb.iu.edu/d/abao, which is high up on the search result for “linux remove file starting with dash”.

                                              Then there’s this “creative” solution:

                                              There are some characters that you cannot remove using any of the above methods, such as forward slashes, interpreted by Unix as directory separators. To remove a file with such meta-characters, you may have to FTP into the account containing the file from a separate account and enter the command:

                                              mdel

                                              You will be asked if you really wish to delete each file in the directory. Be sure to answer n (for no) for each file except the file containing the difficult character that you wish to delete.

                                          1. 11

                                            you’ll only be disappointed by this if you trusted slack in the first place

                                            1. 12

                                              For many of us I assume this isn’t so much of a choice because it’s mandated by our employer.

                                              1. 2

                                                unionize!

                                                1. 7

                                                  then the union is on slack too

                                                  1. 1

                                                    yours is?

                                                    1. 7

                                                      Slack often is desired by users, sometimes even set up as clandestine shadow IT uncontrolled by corporate sysadmins. If organized labour is made of these people, it seems logical to assume those people would want Slack there too.

                                                      1. 1

                                                        it’s logical that they would want some form of communication, if that’s what you mean. but i don’t see where you get to slack being the obvious choice.

                                                        1. 1

                                                          What makes you think that a union wouldn’t choose Slack?

                                                          1. 1

                                                            union members are likely to care about freedom

                                                      2. 2

                                                        Yup.

                                                        1. 1

                                                          :(

                                                    2. 9

                                                      Regrettably, in the US, most software professionals are opposed to unionization; and outspokenly supporting them is hazardous to one’s employment. Furthermore, unionization presents a path to removing Slack from the workplace, but certainly does not guarantee it.

                                                      1. 2

                                                        supporting them is hazardous to one’s employment

                                                        it’s illegal to fire someone for organizing a union

                                                        1. 3

                                                          It’s illegal but it happens all the time.

                                                        2. 2

                                                          Regrettably, in the US, most software professionals are opposed to unionization

                                                          They are?

                                                  1. 4

                                                    Does it even matter at this point? That brand is incredibly tainted after the recent actions of sourceforge in particular.

                                                    1. 1

                                                      It matters to us in Octave. I know everyone is just screaming GET OFF SOURCEFORGE ALREADY, but honestly, it’s a lot of work and Sourceforge has not done anything evil to us. And there has been a lot of misreporting about what it actually has done.

                                                      1. 2

                                                        Yet. Sourceforge has not done anything evil to you… yet.

                                                        Bundling malware with installers is pretty much indefensible in my eyes…

                                                    1. 4

                                                      Really well written article that highlights some realities about the over application of Docker and the ignorance of older containerization technologies such as LXC in this case.

                                                      1. 1

                                                        Work: Auditing some services for another team.

                                                        Away from work: Volunteer work for the WRCCDC and attempting to hack on some Julia stuff in my scant spare time.