1. 11

    I start my job this week. My first real adult job. So mostly bootcamp stuff at work. And I’ll be working more on my parser tutorial.

    1. 2

      Congrats and best of luck!

      1. 1

        Thank you!

    1. 8

      Working through the Cryptopals challenges! Currently finishing up set #2 and enjoying it immensely.

      1. 9

        If you don’t mind the tinfoil, this could well be a shakedown test to see how Russia might deal with partitioning of the network in a time of relative peace, before being surprised during some other time.

        Then again, that’s the sort of idle speculation I’d give back in my HN days.

        1. 3

          Maybe not the intention, but I can’t imagine the data point would go unnoticed.

          1. 3

            According to the time line, it may seem related to telegram.

            Here’s my tinfoil take :)

            Russia banned the telegram app at the beginning of the month[1]. They basically blacklisted their domains.

            Telegram started to use the google app engine as a domain front [2].

            I guess Russia is trying to prevent domain fronting for future ban cases. I guess it is easier for them to send a takedown notice to a Russian cloud provider than sending that to a American one.

            [1]: https://www.nytimes.com/2018/04/13/world/europe/russia-telegram-encryption.html

            [2]: https://en.wikipedia.org/wiki/Domain_fronting

            1. 2

              Probably not the intention, because running the blocklist updates in that mode means that an external party can easily force a block of something critical inside Russia at the moment than neither the blocklist operators not ISPs have spare capacity to react sanely. People who are qualified to understand your point also know that Roskomnadzor is not qualified to prevent the risk I describe.

              But some note-taking about unexpected dependency chains will be done anyway.

              1. 1

                If you were to pile some more tinfoil on, what else might we expect to see from Russian authorities?

              1. 13

                Still outweighs stress for commuting to office and sitting in noisy and uncomfortable environment. Offices are usually creepy and dirty in my city, sometimes out of reach of public transport routes. Bad lighting, constant noise of drill in neighboring rooms (where short-living companies come and go), cockroaches, sewerage smell, dirty overloaded toilets. Colleagues fighting for better place to sit, opening and closing windows and turning on and off air conditioner. Constant feeling of surveillance.

                After working remotely, I don’t want to work at office anymore.

                1. 2

                  Can I ask what city you’re working in?

                  1. 1

                    Saint Petersburg

                1. 1

                  I remember seeing this before, and I still have the same question: what are your requirements as a job search candidate to keep your solution to yourself? I can’t help thinking that the hiring company in question just lost a pretty solid security-related FizzBuzz.

                  1. 2

                    The only obligation there is whatever the employer asks for; companies that are concerned about it put the confidentiality requirement in writing.

                  1. 2

                    I agree with lots of points made, but here’s my central issue:

                    The period of 2001-2006, five years of stagnation, actually turned out to be a good thing.

                    and then:

                    That stagnation period is what gave Mozilla time to catch up with Firefox, it’s what led to the Ajax revolution, and it’s what ultimately unseated Microsoft as king of the web.

                    Why would someone that’s in Microsoft’s position voluntarily put itself in a place where they could be ousted, as happened in 2001-2006?

                    The author is right to be cynical regarding the large companies putting an actual moratorium in place.

                    1. 2

                      Yeah - I very much agree that the stagnation benefited JavaScript profoundly, as the language avoided picking up a lot of bad ideas. :) For example, PHP rose to popularity in that time period, and is one of the few cases where I’m willing to say it’s worse than most other languages.

                      I imagine the other points are true as well, but that’s the one I can speak to.

                      But you’re exactly right, this is not going to happen.

                    1. 2

                      Not for the first time, and certainly not for the last time, technical progress was stymied by collective thoughtlessness today.

                      Is there a specific incident he’s referring to that sparked this? Or is it just a general discussion?

                      1. 4

                        I am not aware of what he’s referring to. (figured I’d say that since I posted the link)

                        1. 2

                          Less informative than the graphic in the post, but a bit more visually interesting: https://www.youtube.com/watch?v=vvr9AMWEU-c

                          1. 11

                            Last year, I bought a Xeon Phi on an impulse. For those who are unfamiliar with the Xeon Phi, it is PCIe card that contains 57 1GHz Pentium (x86) cores, with some extensions for SIMD, 8GB of memory and running an embedded Linux on board. It’s great for highly parallel general purpose code that GPU’s aren’t suited for (lots of conditionals etc).

                            This weekend, I finally received the final parts of the system to house the Phi, and assembled it. I haven’t set up the software yet, and I still need to verify that the cooling is sufficient (these cards get ridiculously hot!).

                            The card was only $200, but after a lot of research, it turns out these babies require some pretty high-cost infrastructure to get running (motherboard with 64-bit PCIe addressing, which is rare and rarely advertised). The total setup has cost me around €800. I got a lot of help from Don Kinghorn from Puget Systems, a company that builds and sells specialized workstations and servers (Xeon Phi, Nvidia Tesla, …). They were very friendly and replied very quickly, despite the fact that I wasn’t a customer.

                            If anyone has an cool application for the Phi, or software that they want to port to the Phi, or something they want to test on a 57-core setup, feel free to let me know! I bought this card to experiment, but I can probably let someone else use it over SSH from time to time.

                            This week I’ll mostly be preparing to leave for Japan!

                            1. 2

                              Very interesting. Do you happen to know why they decided to put 57 cores on the machine, as opposed to something rounder?

                              1. 4

                                There are models with slightly more cores (60 or 61 cores), but I think this is a yield issue. My speculation is that they are building them as 64-cores per die, but they can’t get acceptable yields, so they release them as 57, 60 or 61 core versions depending on the quality of the specimen. These cards normally cost thousands of dollars a piece, so I’m guessing they’re pushing the limit to what they can physically fit onto a die/board.

                                I think this is also just where the thermals, performance and power consumption ended up being best for this kind of package (dual slot PCIe). Adding more cores likely would have meant dropping to lower clocks, and I think they didn’t want to settle for anything less than the symbolic 1GHz. As I mentioned, these cards get REALLY hot, even when idle.

                                That said, 57 cores with 4-way HyperThreading and 512bit SIMD (AVX-512) is a plenty of parallelism to play with.

                            1. 1

                              Does anyone know why Assange’s username was proff? Looks like he used it for his MIT email as well

                              1. 1

                                In the technical realm, trying to figure out how to modularize a 2k LOC behemoth of a D3 charting routine. What does good modularization look like in JS?

                                In the non-technical realm, realizing that yes, when I eat fatty foods for lunch my productivity drops like a rock, and no, just drinking coffee isn’t enough to overcome that. Since I started eating better, both my mental clarity and my productivity have skyrocketed!

                                Next step: establish a more rigorous gym routine.

                                  1. 3

                                    Looks very nice, but how do I type the Unicode? Would this just be for display?

                                    It seems to me that once you start getting fancy with the inputs, you may as well need an IDE to make those Unicode characters easily accessible, and then we’re just a hop, skip, and a jump away from visual programming languages.

                                    1. 4

                                      This isn’t an entirely serious project to begin with and the unicode-ification would probably be generated from the types if it were a serious thing.

                                      Just a (working) experiment in visualization of arrows in Haskell.

                                      We don’t even really use arrows that much, other things proved to be nicer abstractions most of the time.

                                      1. 2

                                        Fair! I actually end up drawing diagrams that look fairly similar to the ones you’ve generated when I need to reason about data streams. Maybe this could find more traction as a general data transformation visualization tool?

                                        1. 2

                                          Oh I didn’t write down the unicode version, kamatsu from the Reddit thread did. Sorry, should’ve said so.

                                          It could be useful I guess, but only if you’re using Haskell?

                                          1. 2

                                            True, I haven’t taken a very deep look at it. I’m working with Django right now and a tool like this could de-mystify some of the QuerySet API.

                                            1. 3

                                              You need types mate.

                                              I used to be primarily a Python and Clojure user. I’ve been teaching Haskell for a year now. This is how I teach Haskell: https://github.com/bitemyapp/learnhaskell

                                              1. 2

                                                I’ve always been a bit leery of trying to do webapps in FP. It seems to me like webapps are designed around mutable state, and Haskell needs a lot of workarounds to make it work.

                                                That being said, bookmarked. I need to bite the bullet and do more than Hello World in Haskell

                                                1. 3

                                                  It seems to me like webapps are designed around mutable state,

                                                  No computable problem is necessarily about mutable state.

                                                  Haskell needs a lot of workarounds to make it work.


                                                  Some cheap-n-cheerful examples:



                                  1. 2

                                    Other than the lineprof tool and the Rcpp comment, most of this applies directly to MATLAB code as well. I had the unfortunate pleasure of dealing with roughly 15k lines worth of MATLAB simulator code for a class I took in undergrad (no choice as to the language we used). Only tweak: Instead of lapply -> mclapply, switch for -> parfor. MATLAB complains about dependency stuff (which was nice to not have to reason about separately) but it provides decent error messages about what looks dependent.

                                    1. 5

                                      I wish this included a comparison with the MIT license, and why or why not the 2-clause BSD license would be preferable. It is also a bit confusing that there are so many variations of the BSD license, which are referenced somehwat similarly:

                                      • older 4-clause BSD license
                                      • 3-clause “new” BSD license
                                      • 2-clause “Simplified” BSD license

                                      I tend to prefer the ISC or MIT licenses, because they are (a) clear, (b) when you say “MIT License” or “ISC License”, people know which one you are talking about without confusion.

                                      1. 1

                                        For anyone who can elucidate: What is the difference between the MIT license and the BSD licence?

                                        1. 4

                                          Ok, that is cool.

                                          1. 3

                                            Any chance you read this year’s SIGBOVIK paper on this? Search for the proceedings and look for “Unit Test Based Programming.” (SIGBOVIK is a real conference that is more or less (and by design) a joke, but sometimes has real, albeit usually ridiculous, results. This paper is one such thing.

                                            Really interested to see where your implementation goes!

                                            1. 1

                                              Just found it. That paper was an entertaining read. Its approach is “purer,” I’d say, from a theoretical perspective as it generates complex functions from a small set of “ground” primitives, whereas inductive.js relies on the programmer explicitly listing the primitives for each function. This results in a trade-off. Solve attempts in inductive.js are generally faster; arbitrary operations like AJAX are easily represented; and it’s straightforward to compose programs of arbitrary size. On the other hand, utbp’s approach is simpler, and it’s definitely more convenient to be able to omit a list of operators. It’s an interesting field of study with a lot of thought-provoking papers out there, like utbp’s.

                                              1. 2

                                                Sorry – I would have linked, but was on my phone.

                                                Ah, interesting! I’ll have to look into your approach a bit more, but this is a great project!

                                            2. 2

                                              This is the thing that will get me to enjoy writing tests.

                                            1. 3

                                              Finally starting to write some tests for the web app that I’m working on. As a newbie to web app testing, does anyone have recommendations on how I should be approaching this? Thought processes/paradigms? I’m working with Python/Django.

                                              1. 1

                                                Glad to see definitive progress toward locking the language down. That’s all I’m waiting for before I start a deep dive into Rust.

                                                1. 1

                                                  I lost it at

                                                  Doesn’t it feel great to have generated so much metadata?

                                                  1. 8

                                                    The more I read about statically typed languages, the more I feel like Python isn’t giving me the guarantees it could. My issue is that I know a hell of a lot more Django than any other framework. Are there web frameworks in statically typed languages that have a similar (or better) level of framework maturity?

                                                    1. 7

                                                      I’ve worked in a large number of statically typed code bases. Static typing doesn’t help if you don’t take advantage of it. I’ve seen tons of statically typed code that operates just like the ruby code in the posting this is in response to. Here’s a basic problem. Most “OO” is just bad code. But it’s bad because its procedural spaghetti code with objects. OO in a dynamic language or a statically typed one provides you tons of ways to be safer than the aforementioned ruby example. I think there are core ideas that lead to good code. You can follow these ideas in ANY language. Each can provide you with different tools around those ideas.

                                                      My work is primarily a JVM shop and from that, a Java shop. Most Java developers write code that ages poorly and is hell to maintain. In order to try and counteract that, we have all our incoming developers do our variation on Object Calisthenics (https://github.com/TheLadders/object-calisthenics). Some of the particulars therein don’t apply to “FP” languages but the overarching principles do.

                                                      I’d stop thinking in terms of static/dynamic,fp/op and any other way you can break it down and start looking for the common larger ideas that lead to code that is easy to maintain no matter what the language. I see large amounts of Haskell code that reminds me of ideas from Smalltalk. Yet according to most, they are polar opposites. How is that? Because their core ideas of what makes a maintainable program is the same.

                                                      I know many people who poo-hoo tooling around a language, but it’s important. Static analysis, via the compiler or via something like dialyzer for erlang is an amazing tool to have. Take advantage of it. At this point, you’d be hard pressed to get me to give up static typing for day to day code I write however, I recognize its just a tool and in the end, its the principles I put into play that matter. Trust me, you can write impossible to maintain code in any language, including statically typed ones. Here’s an entire standard built around hard to maintain code:


                                                      All of this aside, if your only experience is with dynamically typed languages; reach out, see what static typing can provide you, but don’t stop with one language. Keep going, find language ecosystems that provide different tools. And after that, keep going some more. Never stop.

                                                      1. 2

                                                        Thanks for the great response; sounds like I just need to get my hands dirty! Only statically typed languages I’ve used are Java (for algs and infosec in undergrad) and C (for networking and OS in undergrad). Sounds like the web dev world is very different.

                                                        1. 1

                                                          Really, I’d just learn a new language like Haskell or F#, and then investigate web frameworks. I’d suggest Haskell first. And here’s the thing, take a guess at how much you needed to know to go from 0 to Django. You’ll need to learn roughly that much again. I think Haskell (and to a lesser extent F# and Scala) provides more safety than Python, but as you travel down the hierarchy you’ll get less and less compiler “help”. In that area, I’d wager: Haskell > F# > Typed Clojure > Scala >>>>>>>>> Java > Python. I found Java to only have the tinest bit more compiler “help” than PHP’s runtime errors. Pretty much all it can do is tell you if you are smashing a round peg into a square hole, but give no valuable other insights or warnings. It’ll be a breeze to pick up the lower languages if you understand the higher ones.

                                                          I started this year by saying “this year’s project will be rewriting my small Mint clone in Haskell”. I’ve yet to write a line on that, and I put in about 20 minutes a day. I am not trying to scare you, but letting you have realistic expectations. I am normally the guy who is a programming polymath, doing Python, PHP, Ruby, Java, C#, Clojure, and Racket in a single day, but the semantics of Haskell are pretty foreign, and will take effort to learn to read.

                                                          Good news is: I think it’s the most rewarding study I’ve undertaken. I’m just finishing bitemyapp’s tutorial, either this week or the next, and I’m feeling confident I could sit down now with yesod (the framework I picked) and knock out that app rewrite. Even better news, I think Haskell qualifies as a language that’ll “forever make you a better developer in every language[1]”, so it’s worth the journey regardless of if you use it or not in production (but you’ll want to!).

                                                          [1] http://norvig.com/21-days.html

                                                      2. 3

                                                        I’m a long time Python and Clojure user. I finally made the switch and now teach others.


                                                        Yesod is the most mature framework in Haskell, but it’s going to be the most alien. There are alternatives.

                                                        If by maturity you mean having a plugin for everything on the planet, you may be out of luck. Depends on where you think you stand the most to gain in your choice of tools. I find slapping together JS widgets or pagination aren’t the time-consuming part.

                                                        1. 3

                                                          I definitely recommend Scotty:


                                                          Supposedly it’s modelled a little after Ruby Sinatra. It’s very small and extensible.