Threads for awalton

  1. 9

    yeah, let’s use a name that is already used by something else, what could go wrong?!

    1. 8

      Well no this is GVFS and that’s GVfs, that’s totally different! Nobody will ever ever be confused by this!

      1. 7

        I didn’t know MS suddenly went full force into case-sensitive file systems ;)

        1. 2

          To be fair, we used to call it GVFS back when I worked on it…

        2. 3

          Let’s not forget MS also named their MVC framework, very imaginatively…. MVC.

          1. 3

            And their SQL server “SQL Server”. Microsoft has never been at the forefront of good product naming.

            1. 1

              Actually, that’s a brilliant name because it makes people conflate the product with the genre.

        1. 3

          I personally dislike errno. It might have made sense in the time when all code was single-threaded, but these days, you have to know what kind of system you have to use it in a thread-safe way. On most modern systems, errno is actually a thread-local variable so you’re fine, but that’s not a guarantee for all systems that exist. So it can hurt portability if your application is multithreaded.

          1. 5

            Posix requires that errno be thread local.

            http://pubs.opengroup.org/onlinepubs/007904875/functions/xsh_chap02_03.html

            I still think it’s a cruddy interface, but it isn’t quite that broken.

            1. 4

              What systems do not make errno thread-safe? I literally can’t think of one that doesn’t have thread-safe errno, as they all implement POSIX.1c for posix threads.

              If they don’t implement posix threads, I probably don’t write any C for them.

              1. 2

                What systems do not make errno thread-safe?

                Old and buggy ones, and bad libcs on embedded systems and Esoteric-OS (though altogether this is getting rarer and rarer as time marches forward; like said, the advent of TLS has largely reduced the pain of errno across the POSIX land). errno is probably my least favorite C programming wart, and the easiest way to teach young programmers the dangers of global variables.

            1. 7

              https://xkcd.com/927/ The only thing I could think of after reading this

              1. 4

                When it comes to storage, there will always be a billion different standards, however unfortunate it is. Everyone’s workload is different, everyone requires a lot of different features, which means there are lots and lots of niches to fill, and therefore lots of money to be made filling them.

              1. 7

                Could I propose a moratorium on all new security-related software written in C?

                1. 8

                  What language would you suggest? This library targets embedded platforms. Correct me if I’m wrong, but I haven’t heard much about embedded Rust.

                  1. 7

                    Coming, but we need LLVM targets and LLVM isn’t the best toolchain for a wide array small embedded targets currently.

                    There is usage of it, for example an operating system written for CortexM targets: https://github.com/helena-project/tock

                    1. 7

                      Check out the rust-embedded GitHub org for a bunch of stuff related to embedded rust. It’s still early days but there’s tons of smart and motivated people working on it.

                      1. 7

                        SPARK 2014 http://www.spark-2014.org/about

                        Rod Chapman at Altran/Praxis found an error in reference implementation of Skein just recoding it from C to SPARK. Ada and SPARK were invented for embedded systems. There’s also DSL’s like Galois' CRYPTOL, Ivory and Tower for embedded work that can generate correct, C code. Finally, COGENT is a functional, systems language that’s already been proven in a filesystem implementation with certified translation to imperative code. Dependently-typed languages like IDRIS and ATS are possible with ATS demo’d in device drivers and an 8-bit microcontroller.

                        1. 1

                          Sensible subsets of C++ :)

                          1. 4

                            The most sensible subset of which is actually C.

                            1. 2

                              Nah, it’s Ironclad C++ or SaferCPlusPlus if you’re talking a subset that’s actually immune to all kinds of memory-related attacks with little work + has C++’s benefits.

                              http://acg.cis.upenn.edu/papers/ironclad-oopsla.pdf

                              https://github.com/duneroadrunner/SaferCPlusPlus

                          2. 1

                            There is embedded OCaml, ready to use (if you have a supported embedded platform, but this approach can certainly be extended to other platforms).

                          3. 12

                            You could, but you would be silly to do so. There are tools that mitigate nearly all of the stupid of C…people just need the patience and discipline to use them.

                            1. 14

                              That’s precisely the attitude that continues the status quo: “users are to blame, they need to be more disciplined”.

                              1. 3

                                Those two comments are basically equivalent.

                                If somebody isn’t disciplined enough to follow best practices in C, they won’t be disciplined enough to follow best practices in any other language, either.

                                1. 6

                                  Compilers of more modern languages can be very disciplined and unforgiving of sloppy code.

                                  1. 7

                                    And so can C compilers, with the added benefit that there are tons of static analysis tools like Lint and Coverity, etc., and it’s portable to far more platforms than anything else, and can easily be called by every other language.

                                    If you want to nitpick other people’s language choice, at least make concrete complaints by pointing out the bugs in their code. “C can be unsafe, so this is bad,” doesn’t help anything and is just nitpicking for the sake of nitpicking.

                                    1. 7

                                      And so can C compilers

                                      Actually existing C compilers play an ad-hoc game of whack-a-mole with the most commonly exploited issues, that’s all. A C compiler that offers actual safety guarantees is vapourware. (There is principled tooling for languages that are supersets of subsets of C and are represented as C files subject to particular restrictions plus additional information, but these languages lack most of the advantages of C, e.g. they don’t tend to have a wide library or developer ecosystem).

                                      with the added benefit that there are tons of static analysis tools like Lint and Coverity, etc.

                                      They’re not a benefit, they’re a red flag that the language proper is inadequate. And again, all they offer is ad-hoc checks for the common cases. You can’t retrofit principled language design.

                                      “C can be unsafe, so this is bad,” doesn’t help anything and is just nitpicking for the sake of nitpicking.

                                      It’s not a nitpick. The language really is unsuitable for the project, and the project will fail as a result. I wish this weren’t so, but pretending it isn’t isn’t constructive.

                                      1. 5

                                        Difference being one mistake in a common construct can lead to full, code injection in C where that’s rarely the case in the safe languages. The mistakes will happen. They’re usually more severe with C when they do. It’s intrinsic to how it was designed (or more accurately wasn’t) to handle safety of primitive functions & structures.

                                        1. 1

                                          That’s just scare mongering, though. Mistakes can happen in any language.

                                          The safety issues of C are well known to anybody who’s paying any attention at all. If a person chooses it for a new project anyway it’s safe to assume they know the downsides but have other reasons for using it. If you want people to use other languages, focus on those other reasons rather than harping on how they may hypothetically make a security mistake one day.

                                          1. 10

                                            It really isnt scare mongering if even experts make these mistakes as regularly as they do. It means the average case will be much worse than it has to be. Putting an upper bound of damage from mistakes can prevent that. So it’s a good idea.

                                    2. 1

                                      I’m not patient or disciplined enough to follow best practices if not following them would silently succeed (and on the available evidence neither is anyone else, even C experts). So I use languages that enforce best practices.

                                  2. 9

                                    This position is undermined by that fact that I know of no security-sensitive C project in widespread use that is actually free of memory safety bugs. OpenSSL’s failures are well-known, but consider OpenSSH: it’s widely held as a high-quality security system, and yet had the roaming vulnerability earlier this year and several others before. If these were written in a safe language, there would still be bugs and crashes, but you would never run into the scenario where an attacker could leak arbitrary data out of a process, and you would never have to deal with with remote code execution vulnerabilities (barring things like web browsers where running attacker code is considered a feature).

                                    A common argument against not-C in libraries is interop, since one of C’s legitimate advantages is it serves as a simple way to describe interfaces. This argument doesn’t hold much water though: consider this library binding, which lets you slot in an OCaml TLS implementation for any program that links against libtls. The only difference you’ll notice is the lack of panicked key-switching when Heartbleed 2 rolls around :).

                                    1. 1

                                      thoughts on C-dialects like Low* and C-light?

                                  1. 3

                                    They did this a long time ago: https://github.com/Netflix/SimianArmy

                                    The new version is a standalone rewrite in Go.

                                    1. 1

                                      Are any chromebooks worth using as dev machines? I have never actually seen one in person, but I know of people doing it.

                                      1. 2

                                        You wouldn’t typically want to do local development on one, though things like this make it possible. It’s much more useful to use them to develop remotely via ssh. Any recent model is pretty usable in that modality. When buying one, you do want to look at benchmarks before you buy, since you can’t really tell which are last year’s models just from the price, and older ones will have significant trouble with current websites.

                                        1. 5

                                          The Pixel - what the article is discussing, otoh, is really an Ultrabook wearing Chromebook software and annoying firmware lock screw. It’s a far more competent developer machine, and its steep price reflects that.

                                        2. 2

                                          A coworker of mine calls it “the ultimate on call machine”, because it’s super lightweight, and he can ssh into whatever boxes he needs when on call.

                                          I used one for a little while in college for development, just because it was lighter than anything else I had, but the only programming was for data structures, which on the whole doesn’t really require a lot of computing power for.

                                          That said, today, if I were looking for a dev machine that I was going to run linux on, I’d probably go with the XPS 13. The only reason I’d consider getting a chromebook is weight. I’d rather be able to run things locally (even if it’s through containers or VMs) than offload that to the “cloud” like most chromebook-as-dev-machine people do.

                                          1. 2

                                            I’d probably go with the XPS 13. The only reason I’d consider getting a chromebook is weight

                                            The XPS 13 is lighter than the Chromebook Pixel fwiw (2.7 lbs vs. 3.3 lbs), so if that’s your main reason, I’d go with the XPS. :-) The real winner in that category though is the newish 12" Macbook (2.0 lbs), if its CPU is fast enough for your needs.

                                            1. 4

                                              Yeah but if you’ve used one of the newer Macbooks you’d know they’re disgusting - it’s surprising Apple even puts their name on them. They’re flimsy, the keyboards are horrid, they’re dog slow…it just screams cheaply made. The 2016s may be better - but I was so turned off by the model before them that I’d never go down that avenue again.

                                              I bought a Chromebook Pixel before going to DefCon and I’ve been decently surprised by it (though I’ve only used Debian Linux on the machine). I haven’t braved the “I solemnly swear I’m up to no good” screw yet, but that’s because in the entire time I’ve owned it I think I’ve only rebooted it half a dozen times (and most of those were in the first few hours) - otherwise it’s suspended (which thankfully has worked flawlessly on Linux). I had to build my own kernel since Google wasn’t so kind as to upstream their audio drivers for the machine, but that only took a few hours on the machine. Audio still doesn’t work perfectly - the driver exposes far too many of the implementation details of the audio chip and getting it configured correctly is wonky (and headphone jack sensing still does not work properly), but I’ve gotten it to where I can live with it… at least for a few hours at a time.

                                              The weight is similar to any other ultrabook, the keyboard is surprisingly a lot better than most ultrabooks in its class (but not having a dedicated “function” key on the keyboard to switch back and forth between the F# and media/screen functions is very annoying), but the real selling feature is the screen - the 3:2 screen is an absolute dream to use and makes me dearly miss 4:3 laptops. I’m a bit annoyed they bothered to make it a touchscreen since the only time I ever remember it is a touchscreen is when I’m trying to brush schmutz off the monitor and I end up selecting everything or closing windows or something else I never intended to happen. The screen also showcases the embarrassing state of HiDPI on Linux quite well to my dismay.

                                              I can’t quite say I’d recommend it at its current asking price - it’s very expensive for having so little local storage and needing so much handholding - it’s probably just not worth your time and you might be better off owning a machine with proper Linux support (sorry Google, you’ve failed on this one, and I have no idea how or why you’ve managed to let this happen given it was a device whose sole purpose is to run Linux…) But I’d consider it a fun toy/tertiary machine, and a decent developer’s travel laptop since it’ll eventually drive you nuts and you’ll do better things with your travel time than sit on the computer all day, but you won’t mind lugging all of its three pounds around. If I were to buy another one, and had time, I’d try to find one secondhand… but good luck. I tried for about a week before pulling the trigger on a new one and all I saw were Amazon resellers marking them up 10% arbitrarily, making it even less attractive than similarly priced ultrabooks. My roommate’s a fan of the Razer Blade Stealth - I’d give that a once over before treading here again.

                                              1. 3

                                                Yeah but if you’ve used one of the newer Macbooks you’d know they’re disgusting - it’s surprising Apple even puts their name on them. They’re flimsy, the keyboards are horrid, they’re dog slow…

                                                It’s funny that people can have the exact opposite experiences. I have owned many MacBooks (white polycarbonate, Pro, Air) and the MacBook 12" (2015) is the best MacBook I ever had (bought in December). The build quality is solid as usual (aluminium brick) and I like the keyboard (the keys feel much more stable than other MacBooks, but you have to like short travel). And even though I went from a Core i7 MacBook, I was surprised how fast it actually is. Of course, you’re not going to do machine learning on it, but we’re past that station anyway (I need a fast GPU or Tesla). Though the actual killer feature for me is the weight - it’s extremely light for what it offers. I cycle to work virtually every day, so not having to drag a 1.5-2kg laptop every day is a big win.

                                                They only thing that I dislike is the single USB-C port and the 80 Euro connectors this requires to hook it up to a screen or beamer.

                                                1. 3

                                                  They only thing that I dislike is the single USB-C port and the 80 Euro connectors this requires to hook it up to a screen or beamer.

                                                  Type C is a standard, so you can always buy cheap cables from someone else. Once other major makes start using it commonly, the prices will collapse.

                                                  1. 2

                                                    Type C is a standard, so you can always buy cheap cables from someone else. Once other major makes start using it commonly, the prices will collapse.

                                                    Just be careful buying el-cheapos - just ask Benson Leung, who’s been reviewing them for the past while now.

                                                    1. 2

                                                      Once other major makes start using it commonly, the prices will collapse.

                                                      Definitely. But I bought my MacBook in December, all other connectors where still unicorns back then.

                                                2. 2

                                                  Well, you’re discounting the weight of Dell’s 13" chromebook (I don’t actually know the weight, but I would hope they made it lighter than the XPS). I don’t think I’d ever go for the Chromebook Pixel.

                                                  On the macbook front, every time I’ve used one of the new ones I’ve never really wanted to use it again. Spec-wise it seems like a huge cop out, especially compared to the MBPr. But also, if I’m putting linux on a laptop, I’m not going to do it with a macbook. Dealing with the slightly different keyboard isn’t worth it to me, and takes a lot of cognitive overhead for me to adjust (speaking as someone who uses OS X almost exclusively at this point, and previously dual booted Arch).

                                                3. 2

                                                  I use an iPad Air 2 with a keyboard case for that. Prompt is one of the nicest ssh clients I’ve ever seen.

                                                  1. 1

                                                    But you’re still paying for server time, and maybe you’d be doing that regardless of what machine you’re physically using. but I’ve personally yet to hit the boundary where I think it’s worth it to do my personal development work on a server over locally.

                                                    1. 1

                                                      All comes down to what’s important to you and where the cost/value line sits. Yes, I’m paying $10/mo to Digital Ocean for a VPS.

                                                      No spinning disks at home to worry about and babysit? PRICELESS.

                                              1. 3

                                                Literally the definition of fear, uncertainty and doubt.

                                                1. 8

                                                  Great time to announce, right after their recent twitter rampage. Inspires lots of confidence.

                                                  1. 2

                                                    Careful or you might get blocked.

                                                  1. 6

                                                    Reilly Grant was talking about the possibility of doing this before he left VMware to help get around some of the issues with (“clientless”) remoting via the web browser - it was one of the pieces WSX was missing. It’s interesting but not surprising he’s continuing the work over at Google.

                                                    I’m still not convinced that the web browser needs to be the one and only platform, but apparently everyone else is, so why not?

                                                    1. 1

                                                      It’s fun to watch people continuing to work around the fact that Microsoft has decided to screw them, repeatedly. First everyone scrambling to turn off automatic Win 10 upgrades, now everyone trying to prevent their OS from being literally adware. (Then again, Canonical set the precedent for that with their “Amazon Ad Lens”, so, go them I guess.)

                                                      1. 3

                                                        When 4GB of ram became the minimum and 16GB or more is relatively common especially on servers and gaming computers. When languages became simpler and allowed the programmer to mostly forget about memory management. I think JavaScript is a prime example of this. Sure you can run into memory issues, but the vast majority of websites doing simple “is there valid data in this field?” queries is generally not going to run into them.

                                                        1. 16

                                                          Careful. This is how people spend five figures on heroku to support 100 users.

                                                          1. 9

                                                            Puts on my Heroku hat

                                                            I couldn’t agree more, though, I must point out (and I know it’s not your point), that it’s not just Heroku. People generally are over provisioned for the amount of work that their applications do, due to sloppiness, inefficient code, and general posture that “adding more hardware is cheaper than hiring more programmers and optimizing stuff.”

                                                            Despite the fact that I write a lot of Go, I don’t particularly like it, or think it’s a great language, but I’m glad it’s getting some mind share if only for the reason that suddenly (part of) the world is seeing sanely again. You shouldn’t need 50 app servers to serve 1,000 r/s. And posts like this are super refreshing as someone who has sighed at every “How to increase request concurrency by using Unicorn” and similar posts.

                                                            Furthermore, I encountered something today that was dragging down an application that I’m working on (in Go, running on Heroku). My co-developer introduced a library to handle “graceful” termination of our HTTP server. This added a bunch of complexity to the listenAndServe loop, but upon code review it didn’t seem to be doing all that much, so I +1’d its inclusion. Well, it turns out that for the last month we’ve been blaming another team for our capacity problems, when in fact, this library, which was apparently not adequately tested under the amount of load we’re seeing, really just crippled our application to the point where the kernel would accept connections and the Heroku router would time them out (30 seconds) before the socket was even passed off to read the request. The previous way we handled “graceful” termination was less than 10 lines and suffers no such issues. The point? Some of this inefficient code that leads to five figure spends on Heroku, could easily be avoided if a developer just spent a couple hours hacking out a simpler solution instead of adopting some half baked library that promises to solve all their problems.

                                                            1. 1

                                                              I blame “Agile”, open-plan offices, and the commodity-programmer culture (all of those kind of lump together), and not particular languages or tools, for the epidemic of five- and six-figure and seven-figure monthly AWS and Heroku bills. Sometimes, the right approach is to ignore memory management and get a simple prototype out quickly, and sometimes, it’s worthwhile to start profiling and optimizing and paying attention to the heap-usage graphs.

                                                              The problem isn’t that we’ve forgotten one level or another of focus and abstraction, but that our industry is flooded with people who don’t know how to tell the difference between the case for one and the case for the other. Commodity, line-of-business, ScrumDrones are always bad programmers, but they tend to be bad in different ways; I’ve met some who never leave the browser and I’ve met others who can optimize Java code and tune JVMs, but have no architectural sense.

                                                            2. 7

                                                              Hah, so, funny story…I actually had an intern implement manual typed-array memory management in Javascript, because reasons. Called it a colosseum, because it was a collection of arenas, har har.

                                                              The inability of JS to actually report memory usage for our use case drove us to that. We needed (similar to how games do) to have complete control of slabs of memory to make damned sure that future requests wouldn’t fail.

                                                              EDIT: The intern was and still is an absolutely brilliant programmer. I hope that they don’t waste their talents in either academia or the current app gold rush.

                                                              1. 5

                                                                People stopped caring about memory long before we got 4GB of RAM in our systems. I’d put it somewhere around the popularization of Java for servers and somewhere around jquery’s explosion in popularity for desktops. Once people are given languages that purport to do the memory management for you, they very quickly forget that the machine even has memory. Then when GCs pausing to collect start driving people mad, tuners lower the rate of GC and crank up the need for the system to have gobs and gobs of memory around.

                                                                It’s not that there isn’t a better way to do these things, it’s that for a long time now memory has been pretty fungible as a resource - you can practically always have more of it if you need it. What people have really been bad about though is realizing that going to memory actually has a pretty significant cost associated with it, and now that (solid state) disks are finally starting to catch up to memory in speed, that cost is starting to show up again in our software.

                                                                1. 2

                                                                  I think this is true for many people, but it ends with The Tragedy of the Commons.

                                                                1. 88

                                                                  Don’t continue reading if you’re a pussy, 9-year old boy or afraid of little bit “strong” writing.

                                                                  This is like standing at a podium as a huge banner unfurls behind you saying “I AM A JOKE” and a pantless marching band comes out on stage playing a off-key version of Yackety Sax.

                                                                  I definitely do not give a single solitary shit what the author thinks after that.

                                                                  1. 27

                                                                    There is very little quite so tiresome as the “I’m going to give it to you straight, and by straight I mean with lots of cuss words” sort of truth telling. It so rarely actually has any truths to tell.

                                                                    1. 6

                                                                      Skimming the article, the author seemed to have some good points with solid examples, particularly the bit about slice manipulation.

                                                                      But the writing was so intolerable I quit reading.

                                                                    2. 15

                                                                      It looks like he’s removed that line now. But the tone remains that way throughout… Public discourse has standards that are required if you expect to be engaged.

                                                                      1. 7

                                                                        Trolling and terrible writing aside, I’d be far more interested in the opinions of people who have been using the language for more than a whole 4 months, and who have actually used it in production.

                                                                        None of those seem particularly bad to me. In fact, the variable shadowing seems like people getting what they deserve for shadowing a variable in an inner scope like that ;-)

                                                                        On the other hand, maybe years of C++ has numbed me to it.

                                                                        1. 3

                                                                          I’ve been using Go for years, since before 1.0 was released. In side projects (that I count on and use every day, at home and at work). In academic research. And now in production. Several of the things the author mentions are benefits of the language. For example, I love go generate. Others might be reasonably considered warts or footguns, but they are warts that simply haven’t caused many (if any at all) problems for me personally.

                                                                        2. 3

                                                                          So, you have no opinion on the technical complaints presented in the article?

                                                                          1. 32

                                                                            If somebody announces “Hi, I’m trolling!” I think it’s a reasonable tradeoff to decide you’re not interested in reading the rest of the post to determine if that’s true or not.

                                                                            I probably could have put up with around half the intro, but at some point I grow tired of reading why I’m not going to like what comes next.

                                                                            1. 4

                                                                              That’s typically where the scroll keys come in handy. :)

                                                                              I’ve noticed (over the last year or two) that people seem to be increasingly reluctant to try and find the good with the bad when it comes to technology posts, often to the point of (as with your GP) proudly proclaiming their impatience. At least the author here had the decency to be up-front, even though the edginess was sorta tiring.

                                                                              1. 7

                                                                                Ah, so I don’t ordinarily complain about such things. I’m thankful the author has been so considerate as to tell me not to waste my time. :)

                                                                                I just don’t have any opinion about the rest, since I didn’t read it, which I only mention since there seemed to be a thread going.

                                                                                1. 2

                                                                                  Personally, I’m fine with anything in an article besides unwarranted swearing. I don’t enjoy reading it and have a hard time blocking it out.

                                                                                  1. 1

                                                                                    I’ve noticed (over the last year or two) that people seem to be increasingly reluctant to try and find the good with the bad when it comes to technology posts

                                                                                    My time is too precious to waste it reading poorly written content. If the ideas have merit they’ll be written up again by better authors.

                                                                                    I feel like poor language indicates lazy thought, and lazy thinkers often don’t have as deep and interesting insights as they think they do ;)

                                                                                  2. 1

                                                                                    While that is true, if you do that, you should not leave a comment about how you didn’t read the article and therefore have nothing interesting to say about it.

                                                                                    1. -3

                                                                                      If somebody announces “Hi, I’m trolling!” I think it’s a reasonable tradeoff to decide you’re not interested in reading the rest of the post…

                                                                                      Meanwhile, OpenBSD continues to produce “serious” presentations in Comic Sans, which doesn’t at all scream “Hi, I’m trolling!”

                                                                                      Pot, Kettle, it’s all the same in this kitchen. Now excuse me as my karma burns away for daring to point out the above hypocrisy.

                                                                                      1. 9

                                                                                        No, your karma will burn away for the tired old “I’ll lose karma for this”. It adds nothing to the discussion. Please don’t do it.

                                                                                        1. 6

                                                                                          Shrug. I don’t typically use comic sans. Anyway, I think complaints about comic sans say more about the reader than the presenter, where as calling the reader a pussy says more about the author.

                                                                                          1. 0

                                                                                            where as calling the reader a pussy says more about the author.

                                                                                            Nit, he didn’t call the reader a pussy.

                                                                                          2. 1

                                                                                            OpenBSD definitely gets justifiable criticism for that, and the pot being black doesn’t make the kettle not black.

                                                                                            (IMO, while the Comic Sans thing is stupid and unprofessional, the bigger issue is that they typically deliver these things in a complicated binary format for which decoders have already had serious vulnerabilities, which sort of flies in the face of their entire raison d'être of worrying about security first and foremost.)

                                                                                            1. 2

                                                                                              Their presentations are either presented as PDFs, which already integrate with screen readers & tools like pdf2text, or are presented as webpages with images - and those presentations have plain text or HTML slides as well:

                                                                                              (and c'mon, if you (not you specifically but y'all) can’t tell the difference between light ribbing directed at people who believe in form over function and starting your paper with GTFO PUSSIES then, uh.)

                                                                                              1. 2

                                                                                                Whenever I’ve seen them linked it’s been a page full'o jpegs, and I’ve certainly never bothered investigating further. Good that that’s not the only format they’re available in; bad that it’s the only one I’ve seen, and still stupid and unprofessional that they format it like a middle schooler in the 90s.

                                                                                                And yes, I don’t think the two are comparable. To take the pot-and-kettle metaphor way too far, OpenBSD is at worst lightly scorched here. Not perfect, but at least mostly not actively insulting their audience.

                                                                                        2. 15

                                                                                          Why the fuck would I wade through the rest of that shit just to find out what the author thinks?

                                                                                          Opinions about why Go is a poorly designed language are not so valuable or rare that I feel obliged to pick the peanuts out of the poop here.

                                                                                          1. 3

                                                                                            Precisely. It’s not like you’re obligated to read every word everywhere, even on a subject you might be interested in.

                                                                                            1. 2

                                                                                              “Peanuts out of the poop.” Thanks, that’s my new favorite phrase.

                                                                                          2. 2

                                                                                            That’s pretty much a classic Tone Argument… not saying it’s great writing, but maybe look through the writing to the arguments more?

                                                                                            1. 9

                                                                                              I’m pretty tone agnostic, actually, so I probably wouldn’t notice or care, except when the author goes out of their way to tell me how bad the tone is. If you know your tone is so bad that you have to warn people about it, but choose not to fix the tone, well… I think you have chosen poorly. It seems to reflect a desire to be more shocking than informative.

                                                                                              1. 9

                                                                                                It’s definitely not a tone argument. Me saying your tone is shitty is only a tone argument if I’m also saying that makes you wrong, in the same way that ad hominems aren’t actually just insults.

                                                                                                1. 3

                                                                                                  I don’t know if that’s strictly true. The typical example of a tone argument is an angry feminist being told “if you were less angry, people would be more receptive to your argument” (as a euphemism for “please make your point in a format I can more easily ignore”) with no reference to its truth value.

                                                                                                  Regardless, this author is (a) not underprivileged relative to the people criticizing his tone, and (b) not justifiably angry anyway, so I don’t see a problem here.

                                                                                                  1. 1

                                                                                                    You’re saying that the tone he is using is sufficient to invalidate what he is saying. I’m pretty comfortable calling that a Tone Argument.

                                                                                                    1. 3

                                                                                                      You’re saying that the tone he is using is sufficient to invalidate what he is saying

                                                                                                      Pretty sure what the parent was saying is that the tone the author is using, for him as a reader, is sufficient to ignore what the author is saying, without making any claims as to whether the author’s points about Go are correct or not.

                                                                                                      “This paper is so caked in stinky shit I refuse to read it” is different than “this paper is so caked in stinky shit that whatever is written on it must be wrong”.

                                                                                                    2. 1

                                                                                                      Me saying your tone is shitty is only a tone argument if I’m also saying that makes you wrong

                                                                                                      Eh … isn’t that exactly what you are doing? You don’t like him writing like you usually do, and use that to dismiss everything he has to say.

                                                                                                      1. 1

                                                                                                        Do I use gendered slurs? No. No, I don’t.

                                                                                                        1. 1

                                                                                                          Dick, pussy and asshole are all slurs. Gender doesn’t come into it (and it’s interesting that you would consider genitalia to be gendered).

                                                                                                          1. 0

                                                                                                            Are you trying to imply that if he used an inclusive she/he/they/xir/zhe/… you would have had no trouble reading the article?

                                                                                                    3. 2

                                                                                                      I don’t disagree with your point, or desire to point out your wrongness here. I do wish to share that I found it entertaining that you don’t like his tone, but use one like it for most of your own discussion. Again, I’m not criticizing (this is a different medium and you have different goals, for starters of why it doesn’t matter), I just found it causal of some chuckling.

                                                                                                      1. 3

                                                                                                        I don’t use gendered slurs, nor do I posture that cursing is some sort of bad-boy bullshit. If you think the author lost me because of his “strong” writing then you’re not paying attention.

                                                                                                    1. 1

                                                                                                      void MyFunction(const int myData[MYDATALEN]);

                                                                                                      Sure, that will be turned into a pointer at compile time, but surely it is useful for self documenting what should be passed in? The compiler can even type check it so you can’t pass a shorter or longer array. Ideally it would be wrapped in a struct/class and you would pass a const MyData&, but hey, we can’t always dictate how data is used or how our function is called.
                                                                                                      And yes, I know I used C++ specific keywords, I’m sure you can work it out.

                                                                                                      1. 35

                                                                                                        When the documentation makes it look like something it’s not, it’s not useful. It’s the opposite.

                                                                                                        I was burned by exactly this bug before. And for exactly the same reason. Refactored some code using an array into a new function, but left the sizeof() as before. And it looked right, because the letters on the screen were telling me it was an array, not a pointer.

                                                                                                        Never. Again.

                                                                                                        1. 14

                                                                                                          If you want to document the length of the array, just document the length of the array. Don’t write code that barely compiles because “it’s self documenting.”

                                                                                                          1. 6

                                                                                                            It really is very misleading, even if it can look “prettier”, and some people will argue that it’s “documentation” about how the pointer is a particular size. But it’s neither. It’s basically just lying about what is going on, and the only thing it documents is “I don’t know how to C”. Misleading documentation isn’t documentation, it’s a mistake.

                                                                                                            1. 2

                                                                                                              The compiler can even type check it so you can’t pass a shorter or longer array.

                                                                                                              I don’t think the compiler can meaningfully do this as, except for sizeof and &, an array decays to a point on any operation. This makes it pretty usefull to type check unless your usage of the array is always 1 function call deep.

                                                                                                              1. 1

                                                                                                                I don’t think the compiler can actually use it to type check, though, because the size of the array isn’t part of the type. As far as the compiler is concerned it’s just a pointer argument with different syntax.

                                                                                                                Here’s a small test case, and neither gcc or clang give a warning or error. Clang gives a warning about the sizeof() in my_function returning the sizeof(int*), though.

                                                                                                                1. 1

                                                                                                                  I should have said “The compiler could even type check it”.
                                                                                                                  I meant it could enforce this behaviour:
                                                                                                                  int* myIntPointer = GetSomething();
                                                                                                                  MyFunction(myIntPointer); // Error, passed a pointer to unknown quantity of int
                                                                                                                  int myArray[MYDATALEN];
                                                                                                                  MyFunction(myArray); // Yay, length known at compile time, go ahead buddy!

                                                                                                                  1. 3

                                                                                                                    And if you want to call the function on a pointer returned from GetSomething? This seems error prone and you’ll be fighting the compilers efforts to create pointers at every turn.

                                                                                                                    If you want to do this, no half measures.

                                                                                                                    struct etheraddr {
                                                                                                                        Unsigned char bytes[6];
                                                                                                                    };
                                                                                                                    

                                                                                                                    Pass around pointers to that and sizeof will always behave predictably, it’s type safe, even better self documenting.

                                                                                                                1. 4

                                                                                                                  I’m sure a little bit of C4 stuck on to the chip would work just as well. Though that’s not really viable for consumer electronics. ;)

                                                                                                                  1. 3

                                                                                                                    I’m with 12B here, C4 seems like a terrible idea, whereas sticking a simple blasting cap on die seems like a pretty sensible solution. With a bit of engineering you could even build the micro blasting cap on the chip - lay down a heavy layer of SiO2, then a heavy layer of lead, then etch away some depth of the lead, deposit your primary explosive, then cap with more lead and a really heavy layer of oxide to prevent ESD. It really wouldn’t take much explosive to completely destroy the incredibly delicate chip underneath, so it’d be safe to handle the chips, but you’d need to be even more excruciatingly careful of ESD accidentally triggering the primary and cratering your chip.

                                                                                                                    An engineer with some shape charge knowledge could design it to use even less explosive if someone were truly worried about the amount of lead styphnate you’re putting on the chip, but it would take a few more process steps when depositing that heavy lead layer to get it shaped right, which would make this already expensive endeavor even worse.

                                                                                                                    But I think there is definitely a market for such a device… every spy agency on the planet would quickly form a love-hate relationship with flash NAND chips with this kind of self destruction unit on board.

                                                                                                                  1. 8

                                                                                                                    How putting my keys in git cost me $6500 in a few hours.

                                                                                                                    Seriously now, when will people stop putting keys in git? This is only going to keep happening as long as they do, and the smallest violin maker doesn’t produce enough fiddles to keep up with demand already.

                                                                                                                    1. 6

                                                                                                                      Putting private keys in a private repo sounds safe enough on the surface.

                                                                                                                      Amazon could trivially offer a variety of features which would effectively mitigate this; they’ve chosen to keep putting the burden on their users.

                                                                                                                      A few things they could do:

                                                                                                                      • Add an IAM setting to automatically revoke compromised keys (after all, they detected it), and enable it by default for new accounts.
                                                                                                                      • Add a setting to require a positive balance before starting new instances.
                                                                                                                      1. 4

                                                                                                                        This could really easily be solved by a pre-payment scheme: for typical individual users, you put in a few dollars each month to run whatever you’ve got running for that month. If an attacker gets in, they can spend the rest of your balance, but not run up a multi-thousand-dollar bill.

                                                                                                                        This particular case is a whole cascade of failures:

                                                                                                                        • The user put credentials in source control
                                                                                                                        • Github’s Visual Studio plugin behaved unexpectedly and unsafely
                                                                                                                        • Amazon completely failed to mitigate the attack (even though they were able to detect it!)
                                                                                                                        1. 5

                                                                                                                          I strongly prefer that payment style also, for other reasons too— in academia money tends to come in bursts and requires bureaucracy to spend, so I’d prefer to put $500 into a cloud-computing account now and then, at a time of my own choosing, rather than receive an invoice every month. It also makes it safer to give students access to things with assurance that in the worst case all they can do is run down the budget, not spend over-budget.

                                                                                                                          I currently use a small Italian cloud provider that lets you pay that way. It doesn’t have AWS levels of services (or reliability), just a pretty standard Apache CloudStack install on a cluster of machines + NAS appliance. But for an individual user it has what I need, is quite a bit cheaper, and lets me recharge the account when I want. (Would be interested in hearing if there are other cloud providers people are happy with who allow this style of payment.)

                                                                                                                          1. 1

                                                                                                                            digitalocean.com provides a prepay option via PayPal only. DO provides VPS paid by the hour and has an API to manage them. Not sure of its feature parity with AWS but I’ve never had reliability problems with them.

                                                                                                                      2. 4

                                                                                                                        Perhaps git should throw an error if you try to add a directory named .ssh/? If you really did want to upload .ssh/, you could simply pass a parameter to git add, overriding this protection.

                                                                                                                        I’ve read at least three of these stories. And I’d say if it can be protected with technology it should be. Asking users to be safe should be a last resort :P

                                                                                                                        1. 12

                                                                                                                          The main draw of the device is that it’s got a fancier shell and way more antennas which means that it’s more able and likely to fill your room with WiFi than even current three antenna 3x3 devices. Having a dedicated congestion sensing antenna is a nice touch. The ZigBee and Bluetooth seem to be mostly non-features nobody will use, and the ambient lighting was just yet another way to make the total package seem sexier for the ridiculous price tag it carries. The design feels like they were taking a jab at Amazon’s Echo, and makes me wonder if Amazon won’t take this into account for their next iteration of the design (“Hey, it’s your WiFi router AND it responds to voice command, how nifty!”)

                                                                                                                          The other interesting bit is that the IPQ8064 chip is much more aggressive than most routers have; it’s similar to a chip you’d put into a cellphone (for comparison, see the APQ8064, which this chip was almost certainly derived from) with the SoC accessory hardware package jiggled around a bit to be more attractive for networking. Most of these boxes have 500-800MHz single core chips - this one has two 1.4GHz cores, and it’s almost certainly a much more expensive part when they could have used a much less expensive one… which leads to the natural questioning what Google’s motives are with this device.

                                                                                                                          I’d sit on this. The hardware is simply a better design from the current “flat box with antennas”, and everyone and their brother will be clamoring to build similar devices - within 6 months, there will be 10 devices with similar features (perhaps sans a number of the liberties and frills the Google device is shipping with), and most of us aren’t dying to upgrade our WiFi routers.

                                                                                                                          1. 3

                                                                                                                            He didn’t do as much homework as he should have. systemd was in no way inspired by MS Windows that I’m aware of. I’ve seen several remarks about OS X’s init.d by Lennart Poettering but I’ve never heard him say or seen him write anything about Windows being an inspiration.

                                                                                                                            Perhaps the Windows comment was just to draw on the ire of open source folks stereotypically have against the OS. A little psychology.

                                                                                                                            1. 6

                                                                                                                              Honestly, if anyone spent any time looking at the code instead of writing vitriolic comments on the internet, they’d realize that systemd is basically launchd for Linux - no, not the half-assed launchd port that people have tried to make, but a real, Linux software stack integrated version. It uses dbus to communicate with daemons instead of mach ports, since most of the system daemons it wants to talk to use dbus. It uses the same “don’t daemonize, just run from main()” principle. It has service configuration files that are plain and simple keyfiles similar to Apple’s plists. It even has a suite of replacement daemons for a very similar set of replacement daemons that Apple replaced when they switched to launchd.

                                                                                                                              Most people have nothing bad to say about launchd. It does its job significantly better than the SysV/SystemStart shit it replaced in Tiger. It’s fast. It’s unobtrusive. Most people literally don’t even know of its existence. Meanwhile systemd gets called “literally Hitler,” with most of the hate of systemd coming directly from the fact that they literally have no clue what systemd is or does, just that the internet told them to hate it, and they hate change. They hear things like “systemd replaces cron,” and they immediately think “wow, that thing’s one horrendously complicated PID1,” not “okay so systemd now includes a crond implementation in its source repo that is designed to work with systemd, exactly as launchd does.”

                                                                                                                              Yeah, it sucks that Lennart et. al. are making everyone have to get along by simplifying their daemons, making configuration incredibly simple albeit maybe not through a format they prefer, etc. Linux has rampantly been about freedom since very early on, and they have the instinctual fear of anything that limits their freedom - systemd appears to limit that freedom. But let’s grow up people: systems are complicated.

                                                                                                                              The number of services a typical Linux system has is growing very quickly, and the number of interactions between those systems are skyrocketing. Handwriting scripts is just too error prone of a process. They can’t properly account for the conditions the system can get into (we’ve tried for literally decades at this point and we still end up with broken systems), and worse, init scripts are code that attempts to encode policy instead of policy enforced by code - that’s a cart-in-front-of-horse problem you literally cannot solve; you’re building a system where the only way to understand the policy is to understand exactly every possible operating state of the code, instead of simply encoding the state you want the system to be in and having the init system solve for it.

                                                                                                                              We need smarter software, period. No matter how many anti-systemd trolls fud up the thread, they can’t change the fact that systemd has essentially solved this problem, which is why it’s so universally adopted. It’s over. Let’s move on already. I hear containers are still interesting to fight about, who’s up for a round of Docker vs Rkt articles?

                                                                                                                              1. 5

                                                                                                                                It uses dbus to communicate with daemons instead of mach ports, since most of the system daemons it wants to talk to use dbus.

                                                                                                                                Which they do because the crowd roughly associated with systemd either wrote these daemons or forced DBus down the authors' throats.

                                                                                                                                Meanwhile systemd gets called “literally Hitler,”

                                                                                                                                Is it? Funny.

                                                                                                                                with most of the hate of systemd coming directly from the fact that they literally have no clue what systemd is or does,

                                                                                                                                But how can we? It does more and more every week.

                                                                                                                                and they hate change

                                                                                                                                I, for one, hate change for no reason. I feel that every couple of years yet another incompatible Linux sound system is forced upon me, before the previous one has had any chance to achieve stability, and things don’t become better as the result, it’s just that the existing set of flaws is replaced by a new set of flaws. Now, if these changes were solving real problems, fine. And some of them do, to be fair: configuring network interfaces as a user is a need that profileration of laptops brought, and network manager solves it, however poorly. But in most cases I just see change for the sake of being all new, cool and cutting edge. See also: CADT.

                                                                                                                                by simplifying their daemons

                                                                                                                                Are you kidding me? Whatever one may say about systemd, it’s not simple.

                                                                                                                                But let’s grow up people: systems are complicated.

                                                                                                                                Therefore they should be modular, without opaque highly coupled systems that do everything.

                                                                                                                                The number of services a typical Linux system has is growing very quickly, and the number of interactions between those systems are skyrocketing.

                                                                                                                                Maybe we need less interaction and interdependency.

                                                                                                                                Handwriting scripts is just too error prone of a process.

                                                                                                                                This is true. On the other hand, it gives you flexibility and the ability to do the same operations from an interactive shell. But SysV-style scripts and systemd are not the only approaches, you know.

                                                                                                                                you’re building a system where the only way to understand the policy is to understand exactly every possible operating state of the code

                                                                                                                                So does Poettering, but without shell scripts.

                                                                                                                                We need smarter software, period.

                                                                                                                                You saying “period” doesn’t make it so. And smarter is not the same as more complex, often even the opposite.

                                                                                                                                No matter how many anti-systemd trolls fud up the thread

                                                                                                                                Thanks.

                                                                                                                                Edited to add: I understand that one of the complaints against Poettering and the systemd crowd was precisely this attitude: dismissing users' concerns, complaints and dissatisfaction as irrelevant at best and as trolling at worst, coupled with the “we know best what’s good for you, silly users, and for you, silly authors of other silly system services” approach. Look who’s trolling now.

                                                                                                                                systemd has essentially solved this problem, which is why it’s so universally adopted

                                                                                                                                The problem has been solved before, systemd solved it badly, and it was adopted for wholly different reasons. You’re not going to claim that anything popular is so because it’s good, are you?

                                                                                                                                1. 2

                                                                                                                                  I wouldn’t run OS X as a server either, though. As I said in another post, I can possibly buy systemd for desktop, but for a server I see very little benefit. I want simplicity.

                                                                                                                                  But let’s grow up people: systems are complicated.

                                                                                                                                  So let’s make them simpler.

                                                                                                                              1. 18

                                                                                                                                This is why HackerNews doesn’t like people modifying the titles of articles.

                                                                                                                                Reading comprehension test: Where does this email ever say “systemd requires kdbus”? Let’s break down the only parts of the email to mention kdbus.

                                                                                                                                   kdbus support is no longer compile-time optional. It is now always built-in.
                                                                                                                                

                                                                                                                                Okay, kdbus support is now wired in, so at best it’s enabled IFF my kernel supports it. Makes sense, we don’t want this stuff to bitrot waiting on kernel patches to go in.

                                                                                                                                However, it can still be disabled at runtime using the kdbus=0 kernel
                                                                                                                                command line setting, and that setting may be changed to default
                                                                                                                                to off, by specifying --disable-kdbus at build-time.
                                                                                                                                

                                                                                                                                Except we have two ways to explicitly disable the wired-in kdbus support, at runtime or at build-time. So distros and/or users still don’t have to use it, even if their kernel is kbdus-enabled.

                                                                                                                                Note though that the kernel command line setting has no effect if the
                                                                                                                                kdbus.ko kernel module is not installed, in which case kdbus is
                                                                                                                                (obviously) also disabled.
                                                                                                                                

                                                                                                                                …and if my kernel doesn’t load the kdbus kernel module, I also don’t get kdbus in systemd. (duh)

                                                                                                                                We encourage all downstream distributions to
                                                                                                                                begin testing kdbus by adding it to the kernel images in the
                                                                                                                                development distributions, and leaving kdbus support in
                                                                                                                                systemd enabled.
                                                                                                                                

                                                                                                                                “Please test our software under all configurations; we’d like kdbus to be default-on some day.”

                                                                                                                                How did we get to “systemd requires kdbus” again? systemd does NOT require kdbus, that is just straight up 100% wrong. The systemd FUD machine is still going strong I see.

                                                                                                                                1. 2

                                                                                                                                  systemd requires KDBUS to compile.

                                                                                                                                  It cannot be built without KDBUS.

                                                                                                                                  What is that if not a requirement?

                                                                                                                                  1. 4

                                                                                                                                    No, it does not require kdbus to compile. It compiles in support for kdbus, but the compiling system does not need to have kdbus available in any shape or form. Nor do you need it to run systemd.

                                                                                                                                    So no, kdbus is not required. Support for kdbus is always compiled in, but that’s not the same as kdbus being required.

                                                                                                                                    1. 2

                                                                                                                                      I can speak Spanish, but everyone I deal with on a daily basis speaks English; I rarely if ever actually get to use Spanish (a personal failing, especially since I live in California). What is the Spanish language to me?

                                                                                                                                      It’s the same with kdbus. It’s a capability of libsystemd that can be exercised at will. It’s not a requirement - if nothing uses it, it doesn’t do anything but waste a few kilobytes on your system you will not ever miss… you’re wasting more space supporting things like ancient binary formats and file system drivers for file systems nobody ever uses anymore.

                                                                                                                                  1. 4

                                                                                                                                    Smaller text increases information density. On devices with small screens, sure, information density isn’t an initial design goal. On a desktop? Density is king, hence the very fast adoption of high density displays.

                                                                                                                                    Headings? Meh. As long as you can distinguish the heading from the rest of the text, you’re probably fine doing whatever you want.

                                                                                                                                    System fonts? Sure, use a webfont because the overhead of downloading and rendering is worth the hit to battery life on mobile devices, and sheer annoyance of watching the text snap instantly from one font to the next. There’s absolutely nothing wrong with system fonts.

                                                                                                                                    Layout built on color. This is a tricky issue. Color is one indicator that designers can use to say “this thing is different, so you should pay a different kind of attention to it,” but it is not the only indicator, and it’s frequently misused because of this mixup. If you consistently use a different type of indicator for navigation, such as underlining, bolding, strikethrough, etc., then replacing color is fine. If you’re just trying to make a statement that monochrome websites are somehow mysteriously better for user experience, you’re dead wrong. (One of my favorite mis-designs on the web to heckle is “this thing changes when you hover over it, but otherwise has few/no distinguishing characteristics,” which this website loves to showcase with its use of unbolded typewriter fonts as link labels, while using the same font bolded as header text.)

                                                                                                                                    What’s also incredibly important that these visual designers forget about is the act of using the webpage. His redesign of Python’s documentation page is less usable, period. I now have to scroll or type-behind-find a vast distance to get back to the next reference. This is literally the exact problem that hypertext was invented to solve - how to better interlink documents such that this kind of “shuffling” behavior wasn’t necessary. This type of single-page layout is better for manpage-type information, where a single functionality is described on the page, and then has plenty of links to get you to related functionality. This might feel like it interacts poorly with information density, but it doesn’t: Irrelevant data isn’t information, it’s noise.

                                                                                                                                    A better design for that page wouldn’t just relayout the page, it’d also relayout the information. When I go to a page about Built-in types, I want to see a list of built in types, as links, that I can click and then get more information about primitive manipulation of that type. I then click the link and get that information, but still have all of the navigational markers to get to the other types. Subcategories of those types can be folded so I’m not immediately assaulted with all of that information at once. Verbiage can be trimmed down because you can assume a certain level of informedness in the readers, so “Boolean Operations, and, or, not” can just be “Boolean Operations”, which can happily include the information about truth-testing.

                                                                                                                                    What really needs to be abandoned as an obsolete habit is the “moving the furniture” approach to design and human interaction.